Hi Tomáš,
On Tue, Sep 15, 2015 at 02:29:02PM +0000, Kukosa Tomáš wrote:
> Unfortunately asn2wrs can not help with it.
> Changing TYPE_ATTR does not change called dissection function. It
> changes just field type.
> The field ber.64bit_uint_as_bytes comes from function
> dissect_ber_integer64() of packet-ber.c.
>
> Maybe the dissect_ber_integer64() should check whether the field has the
> FT_BYTES type and then it could use the original field instead of the
> ber.64bit_uint_as_bytes.
This is done now since yesterday
(https://code.wireshark.org/review/10539), now it suffices to use this
for INTEGER types:
#.TYPE_ATTR
RSAPublicKey/modulus TYPE = FT_BYTES DISPLAY = BASE_NONE
> Another possibility would be to define own dissector function for the
> RSAPublicKey fields instead of calling default dissect_ber_integer().
> E.g. something like this:
>
> #.FN_BODY RSAPublicKey/modulus
> gint8 ber_class;
> gboolean pc, ind;
> gint32 tag;
> guint32 len;
>
> offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset,
> &ber_class, &pc, &tag);
> offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, &ind);
> /* integer octets are at the offset */
> offset += len;
> #.END
Yes, this is something I will use, thanks! For integers I think that the
"ind" part is not needed (can be NULL) as integers are not using the
indefinite length encoding?
> There is not better asn2wrs document available. The best documentation
> are examples in the asn1 directory.
Those examples unfortunately have no explanation either. For example,
there is a FIELD_ATTR member that is used in some places, how does it
differ from TYPE_ATTR? Any idea what the IMPORT_TAG is used for (it is
only used in one place)?
Thanks,
Peter
> Best regards,
> Tomas
>
>
> On 15.9.2015 13:46, Peter Wu wrote:
> > Hi,
> >
> > I am working on improving dissection support of the subjectPublicKey
> > field in X.509 Certificates[1]. Right now these opaque BIT STRING types
> > are shown as a sequence of bytes, but I would like to dissect the other
> > fields (like modulus and exponent for RSA and public key y for DSA).
> > (This work is a prerequisite for a new method of specifying RSA private
> > key files in the SSL preferences without having to list address+port.)
> >
> > These numbers (RSA modulus, DSA y, DSS-Params p, q, g) are larger than
> > 64-bit and therefore are forced to be displayed as FT_BYTES. The problem
> > that now occurs is that the original field is lost
> > (ber.64bit_uint_as_bytes is used instead).
> >
> > To tackle that problem, I started using TYPE_ATTR, but since the fields
> > are still dissected as ber_integer, it does not help. I think I can use
> > "IMPORT_TAG", but it is not documented on the wiki[2].
> >
> > Those who are familiar with the asn2wrs script, is it possible to update
> > the wiki? Are there other documentation resources available?
