PKCS10: Enabling own dissection function for Attributes

The one in pkix1explicit might be broken, while it might have unexpected side-effects to mess with that. Anyway, RFC 2986 defines the Attribute sequence for PKCS10 directly. Change-Id: I854b5b5fb83322a1302d011c9cd6f2d5c9fc2b78 Reviewed-on: https://code.wireshark.org/review/30585 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
2018-11-12 19:46:09 +02:00 · 2018-11-12 19:46:09 +02:00 · 684d4c11a2
commit 684d4c11a2
parent 8cd89b3bac
3 changed files with 82 additions and 4 deletions
--- a/epan/dissectors/asn1/pkcs10/PKCS10.asn
+++ b/epan/dissectors/asn1/pkcs10/PKCS10.asn
@ -5,7 +5,7 @@
 --   - commented out import from InformationFramework
 --   - commented out AlgorithmIdentifier
 --   - commented out SubjectPublicKeyInfo
--   - commented out Attribute
+--   - simplified Attribute
 --   - added out import the above from PKIX1Explicit88
 --
 -- The copyright statement from the original description in RFC2986
@ -57,7 +57,7 @@

 -- ADDED to avoid that it needs to be implemented here, and to have Name
 -- Directory Authentication Framework (X.509)
-    AlgorithmIdentifier, Name, SubjectPublicKeyInfo, Attribute
+    AlgorithmIdentifier, Name, SubjectPublicKeyInfo
        FROM PKIX1Explicit88 {iso(1) identified-organization(3) dod(6)
        internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit(18)}

@ -86,11 +86,15 @@
   CRIAttributes  ATTRIBUTE  ::= {
        ... -- add any locally defined attributes here -- }

-- COMMENTED OUT as not needed as imported from PKIX1Explicit88
+-- Simplified to make it easier to digest
 --    Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
 --       type   ATTRIBUTE.&id({IOSet}),
 --       values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type})
 --    }
+    Attribute       ::=     SEQUENCE {
+      type            OBJECT IDENTIFIER,
+      values  SET SIZE (1 .. MAX) OF ANY
+    }

   CertificationRequest ::= SEQUENCE {
        certificationRequestInfo CertificationRequestInfo,
--- a/epan/dissectors/asn1/pkcs10/pkcs10.cnf
+++ b/epan/dissectors/asn1/pkcs10/pkcs10.cnf
@ -18,4 +18,10 @@ CertificationRequest

 #.FIELD_RENAME

+#.FN_PARS Attribute/type
+  FN_VARIANT = _str  HF_INDEX = hf_pkcs10_type  VAL_PTR = &actx->external.direct_reference
+
+#.FN_BODY Attribute/values/_item
+    offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL);
+
 #.END_OF_CNF
--- a/epan/dissectors/packet-pkcs10.c
+++ b/epan/dissectors/packet-pkcs10.c
@ -59,6 +59,9 @@ static int hf_pkcs10_subject = -1;                /* Name */
 static int hf_pkcs10_subjectPKInfo = -1;          /* SubjectPublicKeyInfo */
 static int hf_pkcs10_attributes = -1;             /* Attributes */
 static int hf_pkcs10_Attributes_item = -1;        /* Attribute */
+static int hf_pkcs10_type = -1;                   /* T_type */
+static int hf_pkcs10_values = -1;                 /* T_values */
+static int hf_pkcs10_values_item = -1;            /* T_values_item */
 static int hf_pkcs10_certificationRequestInfo = -1;  /* CertificationRequestInfo */
 static int hf_pkcs10_signatureAlgorithm = -1;     /* AlgorithmIdentifier */
 static int hf_pkcs10_signature = -1;              /* BIT_STRING */
@ -72,6 +75,8 @@ static int hf_pkcs10_signature = -1;              /* BIT_STRING */
 #line 1 "./asn1/pkcs10/packet-pkcs10-ett.c"
 static gint ett_pkcs10_CertificationRequestInfo = -1;
 static gint ett_pkcs10_Attributes = -1;
+static gint ett_pkcs10_Attribute = -1;
+static gint ett_pkcs10_T_values = -1;
 static gint ett_pkcs10_CertificationRequest = -1;

 /*--- End of included file: packet-pkcs10-ett.c ---*/
@ -95,8 +100,57 @@ dissect_pkcs10_T_version(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offse
 }


+
+static int
+dissect_pkcs10_T_type(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
+  offset = dissect_ber_object_identifier_str(implicit_tag, actx, tree, tvb, offset, hf_pkcs10_type, &actx->external.direct_reference);
+
+  return offset;
+}
+
+
+
+static int
+dissect_pkcs10_T_values_item(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
+#line 25 "./asn1/pkcs10/pkcs10.cnf"
+    offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL);
+
+
+
+  return offset;
+}
+
+
+static const ber_sequence_t T_values_set_of[1] = {
+  { &hf_pkcs10_values_item  , BER_CLASS_ANY, 0, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_values_item },
+};
+
+static int
+dissect_pkcs10_T_values(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
+  offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset,
+                                 T_values_set_of, hf_index, ett_pkcs10_T_values);
+
+  return offset;
+}
+
+
+static const ber_sequence_t Attribute_sequence[] = {
+  { &hf_pkcs10_type         , BER_CLASS_UNI, BER_UNI_TAG_OID, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_type },
+  { &hf_pkcs10_values       , BER_CLASS_UNI, BER_UNI_TAG_SET, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_values },
+  { NULL, 0, 0, 0, NULL }
+};
+
+static int
+dissect_pkcs10_Attribute(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
+  offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset,
+                                   Attribute_sequence, hf_index, ett_pkcs10_Attribute);
+
+  return offset;
+}
+
+
 static const ber_sequence_t Attributes_set_of[1] = {
-  { &hf_pkcs10_Attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkix1explicit_Attribute },
+  { &hf_pkcs10_Attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkcs10_Attribute },
 };

 static int
@ -197,6 +251,18 @@ void proto_register_pkcs10(void) {
      { "Attribute", "pkcs10.Attribute_element",
        FT_NONE, BASE_NONE, NULL, 0,
        NULL, HFILL }},
+    { &hf_pkcs10_type,
+      { "type", "pkcs10.type",
+        FT_OID, BASE_NONE, NULL, 0,
+        NULL, HFILL }},
+    { &hf_pkcs10_values,
+      { "values", "pkcs10.values",
+        FT_UINT32, BASE_DEC, NULL, 0,
+        NULL, HFILL }},
+    { &hf_pkcs10_values_item,
+      { "values item", "pkcs10.values_item_element",
+        FT_NONE, BASE_NONE, NULL, 0,
+        NULL, HFILL }},
    { &hf_pkcs10_certificationRequestInfo,
      { "certificationRequestInfo", "pkcs10.certificationRequestInfo_element",
        FT_NONE, BASE_NONE, NULL, 0,
@ -221,6 +287,8 @@ void proto_register_pkcs10(void) {
 #line 1 "./asn1/pkcs10/packet-pkcs10-ettarr.c"
    &ett_pkcs10_CertificationRequestInfo,
    &ett_pkcs10_Attributes,
+    &ett_pkcs10_Attribute,
+    &ett_pkcs10_T_values,
    &ett_pkcs10_CertificationRequest,

 /*--- End of included file: packet-pkcs10-ettarr.c ---*/