Wireshark-commits: [Wireshark-commits] master a6360b6: SSL: bugfix for raw public keys in certifica
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a6360b6cc0dd60fbe250a7e3359b17858f15625f
Submitter: Peter Wu (peter@xxxxxxxxxxxxx)
Changed: branch: master
Repository: wireshark
Commits:
a6360b6 by Olaf Bergmann (bergmann@xxxxxxx):
SSL: bugfix for raw public keys in certificate message
RFC 7250 has changed the format of the Certificate structure from
RFC 5246 to the following:
opaque ASN.1Cert<1..2^24-1>;
struct {
select(certificate_type) {
// certificate type defined in RFC 7250
case RawPublicKey:
opaque ASN.1_subjectPublicKeyInfo<1..2^24-1>;
// X.509 certificate defined in RFC 5246
case X.509:
ASN.1Cert certificate_list<0..2^24-1>;
};
} Certificate;
Thus, ssl_dissect_hnd_cert() must parse subjectPublicKeyInfo
immediately when the message's certificate type is
SSL_HND_CERT_TYPE_RAW_PUBLIC_KEY. Otherwise, the message will
contain a certificate_list.
This modification first determines the certificate type and then
handles both cases independently. For raw public keys, no subtree
is created to reflect the flat structure of the certificate
message.
Bug: 11480
Change-Id: I1c55eca361c4e40fcbff5bc32bfc8de3576bdfbf
Reviewed-on: https://code.wireshark.org/review/10272
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
Actions performed:
from 4496fde Enable the display filter arrow tooltip.
adds a6360b6 SSL: bugfix for raw public keys in certificate message
Summary of changes:
epan/dissectors/packet-ssl-utils.c | 96 ++++++++++++++++++++++++------------
1 file changed, 65 insertions(+), 31 deletions(-)