Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 11480] New: SSL: RFC 7250 format for encoding raw public keys in certificate m

Wireshark-bugs: [Wireshark-bugs] [Bug 11480] New: SSL: RFC 7250 format for encoding raw public k

Date: Fri, 28 Aug 2015 11:49:41 +0000

Bug ID	11480
Summary	SSL: RFC 7250 format for encoding raw public keys in certificate message
Product	Wireshark
Version	Git
Hardware	All
OS	All
Status	UNCONFIRMED
Severity	Minor
Priority	Low
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Created attachment 13829 [details]
DTLS handshake using RPK in Certificate message

Build Information:
Wireshark 1.99.9 (v1.99.9rc0-403-g8b4ff24 from unknown)

Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>Wireshark 1.99.9
(v1.99.9rc0-403-g8b4ff24 from unknown)

Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 4.8.6, with libpcap, without POSIX capabilities,
without libnl, with libz 1.2.8, with GLib 2.42.1, without SMI, without c-ares,
without ADNS, with Lua 5.2, with GnuTLS 3.3.8, without Gcrypt, without
Kerberos,
without GeoIP, without PortAudio, without AirPcap.

Running on Linux 4.1.5, with locale C, with libpcap version 1.6.2, with libz
1.2.8, with GnuTLS 3.3.8.
Intel(R) Core(TM)2 Duo CPU     P9700  @ 2.80GHz

Built using gcc 4.9.2.

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 4.8.6, with libpcap, without POSIX capabilities,
without libnl, with libz 1.2.8, with GLib 2.42.1, without SMI, without c-ares,
without ADNS, with Lua 5.2, with GnuTLS 3.3.8, without Gcrypt, without
Kerberos,
without GeoIP, without PortAudio, without AirPcap.

Running on Linux 4.1.5, with locale C, with libpcap version 1.6.2, with libz
1.2.8, with GnuTLS 3.3.8.
Intel(R) Core(TM)2 Duo CPU     P9700  @ 2.80GHz

Built using gcc 4.9.2.

--
This bugtracker entry contains additional information for the change suggested
in 
https://code.wireshark.org/review/10272.

In short: 

ssl_dissect_hnd_cert() in epan/dissectors/packet-ssl-utils.c tries to parse the
raw public key conveyed in a Certificate Message as a list of certificates. RFC
7250 instead defines the data structure to consist of only a singe
subjectPublicKeyInfo entry without an additional length field for a
certificate_list. A trace showing a DTLS-1.2-handshake using raw public keys is
attached.

You are receiving this mail because:

You are watching all bug changes.

Prev by Date: [Wireshark-bugs] [Bug 11479] LUA: Read preferences of other/existing protocols
Next by Date: [Wireshark-bugs] [Bug 11476] GSM_MAP answers decoded as Camel
Previous by thread: [Wireshark-bugs] [Bug 11479] LUA: Read preferences of other/existing protocols
Next by thread: [Wireshark-bugs] [Bug 11481] New: v1.12.x will not reassemble some tcp packets
Index(es):
- Date
- Thread