Ethereal-dev: Re: [Ethereal-dev] Question for packet-ber.c gurus

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Tomas Kukosa <tomas.kukosa@xxxxxxxxxxx>
Date: Mon, 03 May 2004 10:25:09 +0200
The EXPLICIT tags do not need any special handling as it is 'default' behaviour for the BER dissector (the BER dissector was created for Kerberos and it contains all values tagged explicitly). But values tagged implicitly and without tag need special handling. 

See below or into attached files for recommended structures.
(Attached files are only uncompileable code fragments from ASN2ETH compiler but it could help you.) 

  Regards,
    Tom

static ber_sequence Certificate_sequence[] = {
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_hf_rfc3280_tbsCertificate }, { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_hf_rfc3280_signatureAlgorithm }, { BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_hf_rfc3280_signatureValue }, 
  { 0, 0, 0, NULL }
};

static ber_sequence TBSCertificate_sequence[] = {
  { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_hf_rfc3280_version },
{ BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_hf_rfc3280_serialNumber }, 
  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_hf_rfc3280_signature },
  { -1           , -1, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_hf_rfc3280_issuer },
  { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_hf_rfc3280_validity },
  { -1           , -1, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG, dissect_hf_rfc3280_subject },
{ BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_hf_rfc3280_subjectPublicKeyInfo }, { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG, dissect_hf_rfc3280_issuerUniqueID_impl }, { BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG, dissect_hf_rfc3280_subjectUniqueID_impl }, 
  { BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL, dissect_hf_rfc3280_extensions },
  { 0, 0, 0, NULL }
};


Yaniv Kaul wrote:
I'm trying to add support for dissecting X.509 certificates to Ethereal (which can then be used in IKE, SSL, anything else that uses them). 
(I know it's DER, not BER, but still).
I'm having a bit of a trouble with it, I suspect it's due to EXPLICIT tags.
 From RFC 3280:
Certificate  ::=  SEQUENCE  {
       tbsCertificate       TBSCertificate,
       signatureAlgorithm   AlgorithmIdentifier,
       signatureValue       BIT STRING  }

  TBSCertificate  ::=  SEQUENCE  {
       version         [0]  EXPLICIT Version DEFAULT v1,
       serialNumber         CertificateSerialNumber,


I tried creating and dissecting it through the following structures:
static ber_sequence Certificate_sequence[] = {
   { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, 0, dissect_tbsCertificate },
{ BER_CLASS_UNI, BER_UNI_TAG_INTEGER, 0, dissect_TBSCertificate_serialNumber }, 
...

and
static ber_sequence TBSCertificate_sequence[1] = {
{ BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_TBSCertificate_version } 
};
and it seems to work - up to the point that it does not dissect the serial number - it hops over it. 
Any ideas?

Do we have anything special for dissecting EXPLICIT tags?

Attached is my effort thus far.

TIA,
Y.

Attachment: rfc3280.ZIP
Description: Zip compressed data