From 2d8e3939616afbcf1a8adc300b2e3e334a0bd768 Mon Sep 17 00:00:00 2001 From: Martin Peylo Date: Wed, 3 Oct 2018 09:53:43 +0300 Subject: [PATCH] New PKCS#10 CertificationRequest dissector Specified in RFC2986 PEM header from RFC 7468 MIME type and .p10 file extension from RFC 5967 .csr file extension from common practice Change-Id: I7dfe0a19b70eaf3352af2463759a342277d53db6 Reviewed-on: https://code.wireshark.org/review/29994 Reviewed-by: Anders Broman --- epan/dissectors/CMakeLists.txt | 1 + epan/dissectors/asn1/CMakeLists.txt | 1 + epan/dissectors/asn1/pkcs10/CMakeLists.txt | 47 ++++ epan/dissectors/asn1/pkcs10/PKCS10.asn | 110 ++++++++ .../asn1/pkcs10/packet-pkcs10-template.c | 86 ++++++ .../asn1/pkcs10/packet-pkcs10-template.h | 32 +++ epan/dissectors/asn1/pkcs10/pkcs10.cnf | 21 ++ epan/dissectors/packet-pkcs10.c | 252 ++++++++++++++++++ epan/dissectors/packet-pkcs10.h | 46 ++++ 9 files changed, 596 insertions(+) create mode 100644 epan/dissectors/asn1/pkcs10/CMakeLists.txt create mode 100644 epan/dissectors/asn1/pkcs10/PKCS10.asn create mode 100644 epan/dissectors/asn1/pkcs10/packet-pkcs10-template.c create mode 100644 epan/dissectors/asn1/pkcs10/packet-pkcs10-template.h create mode 100644 epan/dissectors/asn1/pkcs10/pkcs10.cnf create mode 100644 epan/dissectors/packet-pkcs10.c create mode 100644 epan/dissectors/packet-pkcs10.h diff --git a/epan/dissectors/CMakeLists.txt b/epan/dissectors/CMakeLists.txt index 996020e568..adb3104779 100644 --- a/epan/dissectors/CMakeLists.txt +++ b/epan/dissectors/CMakeLists.txt @@ -145,6 +145,7 @@ set(CLEAN_ASN1_DISSECTOR_SRC ${CMAKE_CURRENT_SOURCE_DIR}/packet-p772.c ${CMAKE_CURRENT_SOURCE_DIR}/packet-pcap.c ${CMAKE_CURRENT_SOURCE_DIR}/packet-pkcs1.c + ${CMAKE_CURRENT_SOURCE_DIR}/packet-pkcs10.c ${CMAKE_CURRENT_SOURCE_DIR}/packet-pkcs12.c ${CMAKE_CURRENT_SOURCE_DIR}/packet-pkinit.c ${CMAKE_CURRENT_SOURCE_DIR}/packet-pkix1explicit.c diff --git a/epan/dissectors/asn1/CMakeLists.txt b/epan/dissectors/asn1/CMakeLists.txt index 77423273c0..b57225d853 100644 --- a/epan/dissectors/asn1/CMakeLists.txt +++ b/epan/dissectors/asn1/CMakeLists.txt @@ -83,6 +83,7 @@ set(ASN1_SRC_DIRS p772 pcap pkcs1 + pkcs10 pkcs12 pkinit pkix1explicit diff --git a/epan/dissectors/asn1/pkcs10/CMakeLists.txt b/epan/dissectors/asn1/pkcs10/CMakeLists.txt new file mode 100644 index 0000000000..b4dec715b1 --- /dev/null +++ b/epan/dissectors/asn1/pkcs10/CMakeLists.txt @@ -0,0 +1,47 @@ +# CMakeLists.txt +# +# Wireshark - Network traffic analyzer +# By Gerald Combs +# Copyright 1998 Gerald Combs +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# + +set( PROTOCOL_NAME pkcs10 ) + +set( PROTO_OPT ) + +set( EXT_ASN_FILE_LIST +) + +set( ASN_FILE_LIST + PKCS10.asn +) + +set( EXTRA_DIST + ${ASN_FILE_LIST} + packet-${PROTOCOL_NAME}-template.c + packet-${PROTOCOL_NAME}-template.h + ${PROTOCOL_NAME}.cnf +) + +set( SRC_FILES + ${EXTRA_DIST} + ${EXT_ASN_FILE_LIST} +) + +set( A2W_FLAGS -b ) + +ASN2WRS() diff --git a/epan/dissectors/asn1/pkcs10/PKCS10.asn b/epan/dissectors/asn1/pkcs10/PKCS10.asn new file mode 100644 index 0000000000..06dd133755 --- /dev/null +++ b/epan/dissectors/asn1/pkcs10/PKCS10.asn @@ -0,0 +1,110 @@ +-- Extracted from RFC2986 +-- by Martin Peylo 2018 +-- +-- Changes to the original ASN.1 source: +-- - commented out import from InformationFramework +-- - commented out AlgorithmIdentifier +-- - commented out SubjectPublicKeyInfo +-- - commented out Attribute +-- - added out import the above from PKIX1Explicit88 +-- +-- The copyright statement from the original description in RFC2986 +-- follows below: +-- +-- Full Copyright Statement +-- +-- Copyright (C) The Internet Society 2000. All Rights Reserved. +-- +-- This document and translations of it may be copied and furnished to +-- others provided that the above copyright notice and this paragraph +-- are included on all such copies. However, this document itself may +-- not be modified in any way, such as by removing the copyright notice +-- or references to the Internet Society or other Internet +-- organizations, except as required to translate it into languages +-- other than English. +-- +-- The limited permissions granted above are perpetual and will not be +-- revoked by the Internet Society or its successors or assigns. +-- +-- This document and the information contained herein is provided on an +-- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +-- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +-- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +-- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +-- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + + PKCS-10 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) + pkcs-10(10) modules(1) pkcs-10(1)} + + DEFINITIONS IMPLICIT TAGS ::= + + BEGIN + + -- EXPORTS All -- + + -- All types and values defined in this module are exported for use + -- in other ASN.1 modules. + + IMPORTS + + informationFramework, authenticationFramework + FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1) + usefulDefinitions(0) 3} + +-- COMMENTED OUT as PKIX1Explicit88 provides this +-- ATTRIBUTE, Name +-- FROM InformationFramework informationFramework + +-- ADDED to avoid that it needs to be implemented here, and to have Name +-- Directory Authentication Framework (X.509) + AlgorithmIdentifier, Name, SubjectPublicKeyInfo, Attribute + FROM PKIX1Explicit88 {iso(1) identified-organization(3) dod(6) + internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit(18)} + + ALGORITHM + FROM AuthenticationFramework authenticationFramework; + + -- Certificate requests + CertificationRequestInfo ::= SEQUENCE { + version INTEGER { v1(0) } (v1,...), + subject Name, + subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }}, + attributes [0] Attributes{{ CRIAttributes }} + } + +-- COMMENTED OUT as not needed as imported from PKIX1Explicit88 +-- SubjectPublicKeyInfo {ALGORITHM: IOSet} ::= SEQUENCE { +-- algorithm AlgorithmIdentifier {{IOSet}}, +-- subjectPublicKey BIT STRING +-- } + + PKInfoAlgorithms ALGORITHM ::= { + ... -- add any locally defined algorithms here -- } + + Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }} + + CRIAttributes ATTRIBUTE ::= { + ... -- add any locally defined attributes here -- } + +-- COMMENTED OUT as not needed as imported from PKIX1Explicit88 +-- Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE { +-- type ATTRIBUTE.&id({IOSet}), +-- values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type}) +-- } + + CertificationRequest ::= SEQUENCE { + certificationRequestInfo CertificationRequestInfo, + signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }}, + signature BIT STRING + } + +-- COMMENTED OUT as not needed as imported from PKIX1Explicit88 +-- AlgorithmIdentifier {ALGORITHM:IOSet } ::= SEQUENCE { +-- algorithm ALGORITHM.&id({IOSet}), +-- parameters ALGORITHM.&Type({IOSet}{@algorithm}) OPTIONAL +-- } + + SignatureAlgorithms ALGORITHM ::= { + ... -- add any locally defined algorithms here -- } + + END diff --git a/epan/dissectors/asn1/pkcs10/packet-pkcs10-template.c b/epan/dissectors/asn1/pkcs10/packet-pkcs10-template.c new file mode 100644 index 0000000000..bfc89eb14b --- /dev/null +++ b/epan/dissectors/asn1/pkcs10/packet-pkcs10-template.c @@ -0,0 +1,86 @@ +/* packet-p10.c + * + * Routines for PKCS10 packet dissection + * Martin Peylo 2018 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#include + +#include +#include +#include "packet-ber.h" +#include "packet-pkcs10.h" +#include "packet-pkix1explicit.h" +#include "packet-pkix1implicit.h" +#include + +#define PNAME "PKCS10 Certification Request" +#define PSNAME "PKCS10" +#define PFNAME "pkcs10" + +void proto_register_pkcs10(void); + +/* Initialize the protocol and registered fields */ +static int proto_pkcs10 = -1; +#include "packet-pkcs10-hf.c" + +/* Initialize the subtree pointers */ +#include "packet-pkcs10-ett.c" +#include "packet-pkcs10-fn.c" + +/*--- proto_register_pkcs10 ----------------------------------------------*/ +void proto_register_pkcs10(void) { + + /* List of fields */ + static hf_register_info hf[] = { +#include "packet-pkcs10-hfarr.c" + }; + + /* List of subtrees */ + static gint *ett[] = { +#include "packet-pkcs10-ettarr.c" + }; + /* Register protocol */ + proto_pkcs10 = proto_register_protocol(PNAME, PSNAME, PFNAME); + + /* Register fields and subtrees */ + proto_register_field_array(proto_pkcs10, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + + register_ber_syntax_dissector("CertificationRequest", proto_pkcs10, dissect_CertificationRequest_PDU); + register_ber_oid_syntax(".p10", NULL, "CertificationRequest"); + register_ber_oid_syntax(".csr", NULL, "CertificationRequest"); +} + + +/*--- proto_reg_handoff_pkcs10 -------------------------------------------*/ +void proto_reg_handoff_pkcs10(void) { + dissector_handle_t csr_handle; + +/* #include "packet-pkcs10-dis-tab.c" */ + + csr_handle = create_dissector_handle(dissect_CertificationRequest_PDU, proto_pkcs10); + dissector_add_string("media_type", "application/pkcs10", csr_handle); /* RFC 5967 */ + dissector_add_string("rfc7468.preeb_label", "CERTIFICATE REQUEST", csr_handle); /* RFC 7468 */ + dissector_add_string("rfc7468.preeb_label", "NEW CERTIFICATE REQUEST", csr_handle); /* RFC 7468 Appendix A. Non-conforming expample*/ +} diff --git a/epan/dissectors/asn1/pkcs10/packet-pkcs10-template.h b/epan/dissectors/asn1/pkcs10/packet-pkcs10-template.h new file mode 100644 index 0000000000..9ca10ee986 --- /dev/null +++ b/epan/dissectors/asn1/pkcs10/packet-pkcs10-template.h @@ -0,0 +1,32 @@ +/* packet-pkcs10.h + * + * Routines for PKCS10 dissection + * Martin Peylo 2017 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef PACKET_PKCS10_H +#define PACKET_PKCS10_H + +void proto_reg_handoff_pkcs10(void); + +#include "packet-pkcs10-exp.h" + +#endif /* PACKET_PKCS10_H */ diff --git a/epan/dissectors/asn1/pkcs10/pkcs10.cnf b/epan/dissectors/asn1/pkcs10/pkcs10.cnf new file mode 100644 index 0000000000..d0f7ff54a8 --- /dev/null +++ b/epan/dissectors/asn1/pkcs10/pkcs10.cnf @@ -0,0 +1,21 @@ +# pkcs10.cnf +# PKCS10 conformation file + +#.MODULE_IMPORT +PKIX1Explicit88 pkix1explicit + +#.INCLUDE ../pkix1explicit/pkix1explicit_exp.cnf + +#.EXPORTS +CertificationRequest + +#.PDU +CertificationRequest + +#.NO_EMIT + +#.TYPE_RENAME + +#.FIELD_RENAME + +#.END_OF_CNF diff --git a/epan/dissectors/packet-pkcs10.c b/epan/dissectors/packet-pkcs10.c new file mode 100644 index 0000000000..5e85fc58a0 --- /dev/null +++ b/epan/dissectors/packet-pkcs10.c @@ -0,0 +1,252 @@ +/* Do not modify this file. Changes will be overwritten. */ +/* Generated automatically by the ASN.1 to Wireshark dissector compiler */ +/* packet-pkcs10.c */ +/* asn2wrs.py -b -p pkcs10 -c ./pkcs10.cnf -s ./packet-pkcs10-template -D . -O ../.. PKCS10.asn */ + +/* Input file: packet-pkcs10-template.c */ + +#line 1 "./asn1/pkcs10/packet-pkcs10-template.c" +/* packet-p10.c + * + * Routines for PKCS10 packet dissection + * Martin Peylo 2018 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#include + +#include +#include +#include "packet-ber.h" +#include "packet-pkcs10.h" +#include "packet-pkix1explicit.h" +#include "packet-pkix1implicit.h" +#include + +#define PNAME "PKCS10 Certification Request" +#define PSNAME "PKCS10" +#define PFNAME "pkcs10" + +void proto_register_pkcs10(void); + +/* Initialize the protocol and registered fields */ +static int proto_pkcs10 = -1; + +/*--- Included file: packet-pkcs10-hf.c ---*/ +#line 1 "./asn1/pkcs10/packet-pkcs10-hf.c" +static int hf_pkcs10_CertificationRequest_PDU = -1; /* CertificationRequest */ +static int hf_pkcs10_version = -1; /* T_version */ +static int hf_pkcs10_subject = -1; /* Name */ +static int hf_pkcs10_subjectPKInfo = -1; /* SubjectPublicKeyInfo */ +static int hf_pkcs10_attributes = -1; /* Attributes */ +static int hf_pkcs10_Attributes_item = -1; /* Attribute */ +static int hf_pkcs10_certificationRequestInfo = -1; /* CertificationRequestInfo */ +static int hf_pkcs10_signatureAlgorithm = -1; /* AlgorithmIdentifier */ +static int hf_pkcs10_signature = -1; /* BIT_STRING */ + +/*--- End of included file: packet-pkcs10-hf.c ---*/ +#line 46 "./asn1/pkcs10/packet-pkcs10-template.c" + +/* Initialize the subtree pointers */ + +/*--- Included file: packet-pkcs10-ett.c ---*/ +#line 1 "./asn1/pkcs10/packet-pkcs10-ett.c" +static gint ett_pkcs10_CertificationRequestInfo = -1; +static gint ett_pkcs10_Attributes = -1; +static gint ett_pkcs10_CertificationRequest = -1; + +/*--- End of included file: packet-pkcs10-ett.c ---*/ +#line 49 "./asn1/pkcs10/packet-pkcs10-template.c" + +/*--- Included file: packet-pkcs10-fn.c ---*/ +#line 1 "./asn1/pkcs10/packet-pkcs10-fn.c" + +static const value_string pkcs10_T_version_vals[] = { + { 0, "v1" }, + { 0, NULL } +}; + + +static int +dissect_pkcs10_T_version(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_integer(implicit_tag, actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + + +static const ber_sequence_t Attributes_set_of[1] = { + { &hf_pkcs10_Attributes_item, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkix1explicit_Attribute }, +}; + +static int +dissect_pkcs10_Attributes(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_set_of(implicit_tag, actx, tree, tvb, offset, + Attributes_set_of, hf_index, ett_pkcs10_Attributes); + + return offset; +} + + +static const ber_sequence_t CertificationRequestInfo_sequence[] = { + { &hf_pkcs10_version , BER_CLASS_UNI, BER_UNI_TAG_INTEGER, BER_FLAGS_NOOWNTAG, dissect_pkcs10_T_version }, + { &hf_pkcs10_subject , BER_CLASS_ANY, -1, BER_FLAGS_NOOWNTAG, dissect_pkix1explicit_Name }, + { &hf_pkcs10_subjectPKInfo, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkix1explicit_SubjectPublicKeyInfo }, + { &hf_pkcs10_attributes , BER_CLASS_CON, 0, BER_FLAGS_IMPLTAG, dissect_pkcs10_Attributes }, + { NULL, 0, 0, 0, NULL } +}; + +static int +dissect_pkcs10_CertificationRequestInfo(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + CertificationRequestInfo_sequence, hf_index, ett_pkcs10_CertificationRequestInfo); + + return offset; +} + + + +static int +dissect_pkcs10_BIT_STRING(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_bitstring(implicit_tag, actx, tree, tvb, offset, + NULL, hf_index, -1, + NULL); + + return offset; +} + + +static const ber_sequence_t CertificationRequest_sequence[] = { + { &hf_pkcs10_certificationRequestInfo, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkcs10_CertificationRequestInfo }, + { &hf_pkcs10_signatureAlgorithm, BER_CLASS_UNI, BER_UNI_TAG_SEQUENCE, BER_FLAGS_NOOWNTAG, dissect_pkix1explicit_AlgorithmIdentifier }, + { &hf_pkcs10_signature , BER_CLASS_UNI, BER_UNI_TAG_BITSTRING, BER_FLAGS_NOOWNTAG, dissect_pkcs10_BIT_STRING }, + { NULL, 0, 0, 0, NULL } +}; + +int +dissect_pkcs10_CertificationRequest(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_sequence(implicit_tag, actx, tree, tvb, offset, + CertificationRequest_sequence, hf_index, ett_pkcs10_CertificationRequest); + + return offset; +} + +/*--- PDUs ---*/ + +static int dissect_CertificationRequest_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, void *data _U_) { + int offset = 0; + asn1_ctx_t asn1_ctx; + asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); + offset = dissect_pkcs10_CertificationRequest(FALSE, tvb, offset, &asn1_ctx, tree, hf_pkcs10_CertificationRequest_PDU); + return offset; +} + + +/*--- End of included file: packet-pkcs10-fn.c ---*/ +#line 50 "./asn1/pkcs10/packet-pkcs10-template.c" + +/*--- proto_register_pkcs10 ----------------------------------------------*/ +void proto_register_pkcs10(void) { + + /* List of fields */ + static hf_register_info hf[] = { + +/*--- Included file: packet-pkcs10-hfarr.c ---*/ +#line 1 "./asn1/pkcs10/packet-pkcs10-hfarr.c" + { &hf_pkcs10_CertificationRequest_PDU, + { "CertificationRequest", "pkcs10.CertificationRequest_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_pkcs10_version, + { "version", "pkcs10.version", + FT_UINT32, BASE_DEC, VALS(pkcs10_T_version_vals), 0, + NULL, HFILL }}, + { &hf_pkcs10_subject, + { "subject", "pkcs10.subject", + FT_UINT32, BASE_DEC, NULL, 0, + "Name", HFILL }}, + { &hf_pkcs10_subjectPKInfo, + { "subjectPKInfo", "pkcs10.subjectPKInfo_element", + FT_NONE, BASE_NONE, NULL, 0, + "SubjectPublicKeyInfo", HFILL }}, + { &hf_pkcs10_attributes, + { "attributes", "pkcs10.attributes", + FT_UINT32, BASE_DEC, NULL, 0, + NULL, HFILL }}, + { &hf_pkcs10_Attributes_item, + { "Attribute", "pkcs10.Attribute_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_pkcs10_certificationRequestInfo, + { "certificationRequestInfo", "pkcs10.certificationRequestInfo_element", + FT_NONE, BASE_NONE, NULL, 0, + NULL, HFILL }}, + { &hf_pkcs10_signatureAlgorithm, + { "signatureAlgorithm", "pkcs10.signatureAlgorithm_element", + FT_NONE, BASE_NONE, NULL, 0, + "AlgorithmIdentifier", HFILL }}, + { &hf_pkcs10_signature, + { "signature", "pkcs10.signature", + FT_BYTES, BASE_NONE, NULL, 0, + "BIT_STRING", HFILL }}, + +/*--- End of included file: packet-pkcs10-hfarr.c ---*/ +#line 57 "./asn1/pkcs10/packet-pkcs10-template.c" + }; + + /* List of subtrees */ + static gint *ett[] = { + +/*--- Included file: packet-pkcs10-ettarr.c ---*/ +#line 1 "./asn1/pkcs10/packet-pkcs10-ettarr.c" + &ett_pkcs10_CertificationRequestInfo, + &ett_pkcs10_Attributes, + &ett_pkcs10_CertificationRequest, + +/*--- End of included file: packet-pkcs10-ettarr.c ---*/ +#line 62 "./asn1/pkcs10/packet-pkcs10-template.c" + }; + /* Register protocol */ + proto_pkcs10 = proto_register_protocol(PNAME, PSNAME, PFNAME); + + /* Register fields and subtrees */ + proto_register_field_array(proto_pkcs10, hf, array_length(hf)); + proto_register_subtree_array(ett, array_length(ett)); + + register_ber_syntax_dissector("CertificationRequest", proto_pkcs10, dissect_CertificationRequest_PDU); + register_ber_oid_syntax(".p10", NULL, "CertificationRequest"); + register_ber_oid_syntax(".csr", NULL, "CertificationRequest"); +} + + +/*--- proto_reg_handoff_pkcs10 -------------------------------------------*/ +void proto_reg_handoff_pkcs10(void) { + dissector_handle_t csr_handle; + +/* #include "packet-pkcs10-dis-tab.c" */ + + csr_handle = create_dissector_handle(dissect_CertificationRequest_PDU, proto_pkcs10); + dissector_add_string("media_type", "application/pkcs10", csr_handle); /* RFC 5967 */ + dissector_add_string("rfc7468.preeb_label", "CERTIFICATE REQUEST", csr_handle); /* RFC 7468 */ + dissector_add_string("rfc7468.preeb_label", "NEW CERTIFICATE REQUEST", csr_handle); /* RFC 7468 Appendix A. Non-conforming expample*/ +} diff --git a/epan/dissectors/packet-pkcs10.h b/epan/dissectors/packet-pkcs10.h new file mode 100644 index 0000000000..baa849c067 --- /dev/null +++ b/epan/dissectors/packet-pkcs10.h @@ -0,0 +1,46 @@ +/* Do not modify this file. Changes will be overwritten. */ +/* Generated automatically by the ASN.1 to Wireshark dissector compiler */ +/* packet-pkcs10.h */ +/* asn2wrs.py -b -p pkcs10 -c ./pkcs10.cnf -s ./packet-pkcs10-template -D . -O ../.. PKCS10.asn */ + +/* Input file: packet-pkcs10-template.h */ + +#line 1 "./asn1/pkcs10/packet-pkcs10-template.h" +/* packet-pkcs10.h + * + * Routines for PKCS10 dissection + * Martin Peylo 2017 + * + * Wireshark - Network traffic analyzer + * By Gerald Combs + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef PACKET_PKCS10_H +#define PACKET_PKCS10_H + +void proto_reg_handoff_pkcs10(void); + + +/*--- Included file: packet-pkcs10-exp.h ---*/ +#line 1 "./asn1/pkcs10/packet-pkcs10-exp.h" +int dissect_pkcs10_CertificationRequest(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_); + +/*--- End of included file: packet-pkcs10-exp.h ---*/ +#line 31 "./asn1/pkcs10/packet-pkcs10-template.h" + +#endif /* PACKET_PKCS10_H */