Wireshark mailing list archives
Re: asn2wrs documentation?
From: Kukosa Tomáš <Tomas.Kukosa () ixperta com>
Date: Wed, 16 Sep 2015 10:37:31 +0000
Hi Peter,
Another possibility would be to define own dissector function for the RSAPublicKey fields instead of calling default dissect_ber_integer(). E.g. something like this: #.FN_BODY RSAPublicKey/modulus gint8 ber_class; gboolean pc, ind; gint32 tag; guint32 len; offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset, &ber_class, &pc, &tag); offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, &ind); /* integer octets are at the offset */ offset += len; #.ENDYes, this is something I will use, thanks! For integers I think that the "ind" part is not needed (can be NULL) as integers are not using the indefinite length encoding?
Yes, as the INTEGER can be neither composite not indefinite the 'pc' and 'ind' variables are not necesary.
There is not better asn2wrs document available. The best documentation are examples in the asn1 directory.Those examples unfortunately have no explanation either. For example, there is a FIELD_ATTR member that is used in some places, how does it differ from TYPE_ATTR? Any idea what the IMPORT_TAG is used for (it is only used in one place)?
The #.TYPE_ATTR changes attributes for the type, i.e. for all fields of that type and the #.FIELD_ATTR changes attributes just for one field. The #.IMPORT_TAG directive is primarily used when some type exported from one ASN.1 module (protoA) is imported in another one (protoB). Those directives are generated into protoA-exp.cnf and then included into protoB.cnf using the #.INCLUDE directive. The #.IMPORT_TAG directive contains information about ASN.1 BER tag which is necessary to distinguish the exported type in the module importing it.
Thanks, PeterBest regards, Tomas On 15.9.2015 13:46, Peter Wu wrote:Hi, I am working on improving dissection support of the subjectPublicKey field in X.509 Certificates[1]. Right now these opaque BIT STRING types are shown as a sequence of bytes, but I would like to dissect the other fields (like modulus and exponent for RSA and public key y for DSA). (This work is a prerequisite for a new method of specifying RSA private key files in the SSL preferences without having to list address+port.) These numbers (RSA modulus, DSA y, DSS-Params p, q, g) are larger than 64-bit and therefore are forced to be displayed as FT_BYTES. The problem that now occurs is that the original field is lost (ber.64bit_uint_as_bytes is used instead). To tackle that problem, I started using TYPE_ATTR, but since the fields are still dissected as ber_integer, it does not help. I think I can use "IMPORT_TAG", but it is not documented on the wiki[2]. Those who are familiar with the asn2wrs script, is it possible to update the wiki? Are there other documentation resources available?___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- asn2wrs documentation? Peter Wu (Sep 15)
- Re: asn2wrs documentation? Kukosa Tomáš (Sep 15)
- Re: asn2wrs documentation? Peter Wu (Sep 16)
- Re: asn2wrs documentation? Kukosa Tomáš (Sep 16)
- Re: asn2wrs documentation? Peter Wu (Sep 16)
- Re: asn2wrs documentation? Kukosa Tomáš (Sep 15)