Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: asn2wrs documentation?

From: Kukosa Tomáš <Tomas.Kukosa () ixperta com>
Date: Tue, 15 Sep 2015 14:29:02 +0000
Hi Peter,

Unfortunately asn2wrs can not help with it.
Changing  TYPE_ATTR does not change called dissection function. It 
changes just field type.
The field ber.64bit_uint_as_bytes comes from function 
dissect_ber_integer64() of packet-ber.c.

Maybe the dissect_ber_integer64() should check whether the field has the 
FT_BYTES type and then it could use the original field instead of the 
ber.64bit_uint_as_bytes.

Another possibility would be to define own dissector function for the 
RSAPublicKey fields instead of calling default dissect_ber_integer(). 
E.g. something like this:

#.FN_BODY  RSAPublicKey/modulus
   gint8 ber_class;
   gboolean pc, ind;
   gint32 tag;
   guint32 len;

   offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset, 
&ber_class, &pc, &tag);
   offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, &ind);
  /* integer octets are at the offset */
   offset += len;
#.END

There is not better asn2wrs document available. The best documentation 
are examples in the asn1 directory.

Best regards,
   Tomas


On 15.9.2015 13:46, Peter Wu wrote:

Hi,

I am working on improving dissection support of the subjectPublicKey
field in X.509 Certificates[1]. Right now these opaque BIT STRING types
are shown as a sequence of bytes, but I would like to dissect the other
fields (like modulus and exponent for RSA and public key y for DSA).
(This work is a prerequisite for a new method of specifying RSA private
key files in the SSL preferences without having to list address+port.)

These numbers (RSA modulus, DSA y, DSS-Params p, q, g) are larger than
64-bit and therefore are forced to be displayed as FT_BYTES. The problem
that now occurs is that the original field is lost
(ber.64bit_uint_as_bytes is used instead).

To tackle that problem, I started using TYPE_ATTR, but since the fields
are still dissected as ber_integer, it does not help. I think I can use
"IMPORT_TAG", but it is not documented on the wiki[2].

Those who are familiar with the asn2wrs script, is it possible to update
the wiki? Are there other documentation resources available?

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: