Great stuff.
Any news about the updated h235 machinegenerated dissector?
If not, I can hack up a temporary fix to dissect those missing constructs in
the current handwritten one
so that Michael Oliveras can run his captures through ethereal.
----- Original Message -----
From: "Tomas Kukosa"
Sent: Monday, May 03, 2004 6:25 PM
Subject: Re: [Ethereal-dev] Question for packet-ber.c gurus
> The EXPLICIT tags do not need any special handling as it is 'default'
behaviour for the
> BER dissector (the BER dissector was created for Kerberos and it contains
all values
> tagged explicitly). But values tagged implicitly and without tag need
special handling.
>
> See below or into attached files for recommended structures.
> (Attached files are only uncompileable code fragments from ASN2ETH
compiler but it could
> help you.)
>
> Regards,
> Tom
>
> static ber_sequence Certificate_sequence[] = {
> { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_tbsCertificate },
> { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_signatureAlgorithm },
> { BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_signatureValue },
> { 0, 0, 0, NULL }
> };
>
> static ber_sequence TBSCertificate_sequence[] = {
> { BER_CLASS_CON, 0, BER_FLAGS_OPTIONAL, dissect_hf_rfc3280_version },
> { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_serialNumber },
> { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
dissect_hf_rfc3280_signature },
> { -1 , -1, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG,
dissect_hf_rfc3280_issuer },
> { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
dissect_hf_rfc3280_validity },
> { -1 , -1, BER_FLAGS_NOOWNTAG|BER_FLAGS_NOTCHKTAG,
dissect_hf_rfc3280_subject },
> { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG,
> dissect_hf_rfc3280_subjectPublicKeyInfo },
> { BER_CLASS_CON, 1, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG,
> dissect_hf_rfc3280_issuerUniqueID_impl },
> { BER_CLASS_CON, 2, BER_FLAGS_OPTIONAL|BER_FLAGS_IMPLTAG,
> dissect_hf_rfc3280_subjectUniqueID_impl },
> { BER_CLASS_CON, 3, BER_FLAGS_OPTIONAL,
dissect_hf_rfc3280_extensions },
> { 0, 0, 0, NULL }
> };
>
>
> Yaniv Kaul wrote:
> > I'm trying to add support for dissecting X.509 certificates to Ethereal
> > (which can then be used in IKE, SSL, anything else that uses them).
> > (I know it's DER, not BER, but still).
> > I'm having a bit of a trouble with it, I suspect it's due to EXPLICIT
tags.
> > From RFC 3280:
> > Certificate ::= SEQUENCE {
> > tbsCertificate TBSCertificate,
> > signatureAlgorithm AlgorithmIdentifier,
> > signatureValue BIT STRING }
> >
> > TBSCertificate ::= SEQUENCE {
> > version [0] EXPLICIT Version DEFAULT v1,
> > serialNumber CertificateSerialNumber,
> >
> >
> > I tried creating and dissecting it through the following structures:
> > static ber_sequence Certificate_sequence[] = {
> > { BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, 0, dissect_tbsCertificate },
> > { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, 0,
> > dissect_TBSCertificate_serialNumber },
> > ...
> >
> > and
> > static ber_sequence TBSCertificate_sequence[1] = {
> > { BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG,
> > dissect_TBSCertificate_version }
> > };
> >
> > and it seems to work - up to the point that it does not dissect the
> > serial number - it hops over it.
> > Any ideas?
> >
> > Do we have anything special for dissecting EXPLICIT tags?
> >
> > Attached is my effort thus far.
> >
> > TIA,
> > Y.
> >
> >
>
----------------------------------------------------------------------------
----
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>
