forked from osmocom/wireshark
Add support for SRVName SAN extension for TLS certificates
Closes #17256
This commit is contained in:
parent
e2ee14ae03
commit
8ccbdb786a
|
@ -16,6 +16,8 @@ set( EXT_ASN_FILE_LIST
|
|||
|
||||
set( ASN_FILE_LIST
|
||||
PKIXqualified.asn
|
||||
PKIXServiceNameSAN88.asn
|
||||
PKIXServiceNameSAN93.asn
|
||||
)
|
||||
|
||||
set( EXTRA_DIST
|
||||
|
|
|
@ -0,0 +1,32 @@
|
|||
-- Extracted from RFC 4985 Appendix A.1. 1988 ASN.1 Module
|
||||
--
|
||||
PKIXServiceNameSAN88 {iso(1) identified-organization(3) dod(6)
|
||||
internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
|
||||
id-mod-dns-srv-name-88(39) }
|
||||
|
||||
DEFINITIONS EXPLICIT TAGS ::=
|
||||
|
||||
BEGIN
|
||||
|
||||
-- EXPORTS ALL --
|
||||
|
||||
IMPORTS
|
||||
|
||||
-- UTF8String, / move hyphens before slash if UTF8String does not
|
||||
-- resolve with your compiler
|
||||
|
||||
id-pkix
|
||||
FROM PKIX1Explicit88 { iso(1) identified-organization(3)
|
||||
dod(6) internet(1) security(5) mechanisms(5) pkix(7)
|
||||
id-mod(0) id-pkix1-explicit(18) } ;
|
||||
-- from RFC3280 [N2]
|
||||
-- Service Name Object Identifier and Syntax
|
||||
-- id-pkix OBJECT IDENTIFIER ::= {1 3 6 1 5 5 7}
|
||||
|
||||
id-on OBJECT IDENTIFIER ::= { id-pkix 8 }
|
||||
|
||||
id-on-dnsSRV OBJECT IDENTIFIER ::= { id-on 7 }
|
||||
|
||||
SRVName ::= IA5String (SIZE (1..MAX))
|
||||
|
||||
END
|
|
@ -0,0 +1,39 @@
|
|||
-- Extracted from RFC 4985 Appendix A.2. 1993 ASN.1 Module
|
||||
--
|
||||
PKIXServiceNameSAN93 {iso(1) identified-organization(3) dod(6)
|
||||
internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
|
||||
id-mod-dns-srv-name-93(40) }
|
||||
|
||||
DEFINITIONS EXPLICIT TAGS ::=
|
||||
|
||||
BEGIN
|
||||
|
||||
-- EXPORTS ALL --
|
||||
|
||||
IMPORTS
|
||||
|
||||
id-pkix
|
||||
FROM PKIX1Explicit88 { iso(1) identified-organization(3)
|
||||
dod(6) internet(1) security(5) mechanisms(5) pkix(7)
|
||||
id-mod(0) id-pkix1-explicit(18) } ;
|
||||
-- from RFC 3280 [N2]
|
||||
|
||||
|
||||
-- In the GeneralName definition using the 1993 ASN.1 syntax
|
||||
-- includes:
|
||||
|
||||
OTHER-NAME ::= TYPE-IDENTIFIER
|
||||
|
||||
|
||||
-- Service Name Object Identifier
|
||||
|
||||
-- id-on OBJECT IDENTIFIER ::= { id-pkix 8 }
|
||||
|
||||
-- id-on-dnsSRV OBJECT IDENTIFIER ::= { id-on 7 }
|
||||
-- Service Name
|
||||
|
||||
srvName OTHER-NAME ::= { SRVName IDENTIFIED BY { id-on-dnsSRV }}
|
||||
|
||||
-- SRVName ::= IA5String (SIZE (1..MAX))
|
||||
|
||||
END
|
|
@ -18,6 +18,7 @@ Directorystring B "1.3.6.1.5.5.7.9.2" "id-pda-placeOfBirth"
|
|||
Printablestring B "1.3.6.1.5.5.7.9.3" "id-pda-gender"
|
||||
Printablestring B "1.3.6.1.5.5.7.9.4" "id-pda-countryOfCitizenship"
|
||||
Printablestring B "1.3.6.1.5.5.7.9.5" "id-pda-countryOfResidence"
|
||||
SRVName B "1.3.6.1.5.5.7.8.7" "id-on-dnsSRV"
|
||||
|
||||
#.NO_EMIT
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Do not modify this file. Changes will be overwritten. */
|
||||
/* Generated automatically by the ASN.1 to Wireshark dissector compiler */
|
||||
/* packet-pkixqualified.c */
|
||||
/* asn2wrs.py -b -p pkixqualified -c ./pkixqualified.cnf -s ./packet-pkixqualified-template -D . -O ../.. PKIXqualified.asn */
|
||||
/* asn2wrs.py -b -p pkixqualified -c ./pkixqualified.cnf -s ./packet-pkixqualified-template -D . -O ../.. PKIXqualified.asn PKIXServiceNameSAN88.asn PKIXServiceNameSAN93.asn */
|
||||
|
||||
/* Input file: packet-pkixqualified-template.c */
|
||||
|
||||
|
@ -48,6 +48,7 @@ static int hf_pkixqualified_BiometricSyntax_PDU = -1; /* BiometricSyntax */
|
|||
static int hf_pkixqualified_QCStatements_PDU = -1; /* QCStatements */
|
||||
static int hf_pkixqualified_SemanticsInformation_PDU = -1; /* SemanticsInformation */
|
||||
static int hf_pkixqualified_XmppAddr_PDU = -1; /* XmppAddr */
|
||||
static int hf_pkixqualified_SRVName_PDU = -1; /* SRVName */
|
||||
static int hf_pkixqualified_BiometricSyntax_item = -1; /* BiometricData */
|
||||
static int hf_pkixqualified_typeOfBiometricData = -1; /* TypeOfBiometricData */
|
||||
static int hf_pkixqualified_hashAlgorithm = -1; /* AlgorithmIdentifier */
|
||||
|
@ -225,7 +226,7 @@ dissect_pkixqualified_T_statementId(gboolean implicit_tag _U_, tvbuff_t *tvb _U_
|
|||
|
||||
static int
|
||||
dissect_pkixqualified_T_statementInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
|
||||
#line 32 "./asn1/pkixqualified/pkixqualified.cnf"
|
||||
#line 33 "./asn1/pkixqualified/pkixqualified.cnf"
|
||||
offset=call_ber_oid_callback(object_identifier_id, tvb, offset, actx->pinfo, tree, NULL);
|
||||
|
||||
|
||||
|
@ -300,6 +301,17 @@ dissect_pkixqualified_XmppAddr(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int
|
|||
return offset;
|
||||
}
|
||||
|
||||
|
||||
|
||||
static int
|
||||
dissect_pkixqualified_SRVName(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) {
|
||||
offset = dissect_ber_restricted_string(implicit_tag, BER_UNI_TAG_IA5String,
|
||||
actx, tree, tvb, offset, hf_index,
|
||||
NULL);
|
||||
|
||||
return offset;
|
||||
}
|
||||
|
||||
/*--- PDUs ---*/
|
||||
|
||||
static int dissect_Generalizedtime_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
|
||||
|
@ -351,6 +363,13 @@ static int dissect_XmppAddr_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto
|
|||
offset = dissect_pkixqualified_XmppAddr(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkixqualified_XmppAddr_PDU);
|
||||
return offset;
|
||||
}
|
||||
static int dissect_SRVName_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) {
|
||||
int offset = 0;
|
||||
asn1_ctx_t asn1_ctx;
|
||||
asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
|
||||
offset = dissect_pkixqualified_SRVName(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkixqualified_SRVName_PDU);
|
||||
return offset;
|
||||
}
|
||||
|
||||
|
||||
/*--- End of included file: packet-pkixqualified-fn.c ---*/
|
||||
|
@ -393,6 +412,10 @@ void proto_register_pkixqualified(void) {
|
|||
{ "XmppAddr", "pkixqualified.XmppAddr",
|
||||
FT_STRING, BASE_NONE, NULL, 0,
|
||||
NULL, HFILL }},
|
||||
{ &hf_pkixqualified_SRVName_PDU,
|
||||
{ "SRVName", "pkixqualified.SRVName",
|
||||
FT_STRING, BASE_NONE, NULL, 0,
|
||||
NULL, HFILL }},
|
||||
{ &hf_pkixqualified_BiometricSyntax_item,
|
||||
{ "BiometricData", "pkixqualified.BiometricData_element",
|
||||
FT_NONE, BASE_NONE, NULL, 0,
|
||||
|
@ -492,6 +515,7 @@ void proto_reg_handoff_pkixqualified(void) {
|
|||
register_ber_oid_dissector("1.3.6.1.5.5.7.9.3", dissect_Printablestring_PDU, proto_pkixqualified, "id-pda-gender");
|
||||
register_ber_oid_dissector("1.3.6.1.5.5.7.9.4", dissect_Printablestring_PDU, proto_pkixqualified, "id-pda-countryOfCitizenship");
|
||||
register_ber_oid_dissector("1.3.6.1.5.5.7.9.5", dissect_Printablestring_PDU, proto_pkixqualified, "id-pda-countryOfResidence");
|
||||
register_ber_oid_dissector("1.3.6.1.5.5.7.8.7", dissect_SRVName_PDU, proto_pkixqualified, "id-on-dnsSRV");
|
||||
|
||||
|
||||
/*--- End of included file: packet-pkixqualified-dis-tab.c ---*/
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Do not modify this file. Changes will be overwritten. */
|
||||
/* Generated automatically by the ASN.1 to Wireshark dissector compiler */
|
||||
/* packet-pkixqualified.h */
|
||||
/* asn2wrs.py -b -p pkixqualified -c ./pkixqualified.cnf -s ./packet-pkixqualified-template -D . -O ../.. PKIXqualified.asn */
|
||||
/* asn2wrs.py -b -p pkixqualified -c ./pkixqualified.cnf -s ./packet-pkixqualified-template -D . -O ../.. PKIXqualified.asn PKIXServiceNameSAN88.asn PKIXServiceNameSAN93.asn */
|
||||
|
||||
/* Input file: packet-pkixqualified-template.h */
|
||||
|
||||
|
|
Loading…
Reference in New Issue