diff options
author | Martin Kaiser <wireshark@kaiser.cx> | 2013-09-12 21:29:50 +0000 |
---|---|---|
committer | Martin Kaiser <wireshark@kaiser.cx> | 2013-09-12 21:29:50 +0000 |
commit | fd50ee16e8b595c9bdc2cdc7e7236c75586d6a9a (patch) | |
tree | a6079a5f420c6186b9a32fa2f89c3d92623ea96f | |
parent | c7f22db4d2bddaba5ef9973c2dc0d7a5c23643b6 (diff) | |
download | wireshark-fd50ee16e8b595c9bdc2cdc7e7236c75586d6a9a.tar.gz |
dissect OCSP nonce extension
some minor reformatting of the ASN.1 imports
svn path=/trunk/; revision=51987
-rw-r--r-- | asn1/ocsp/OCSP.asn | 44 | ||||
-rw-r--r-- | asn1/ocsp/ocsp.cnf | 1 | ||||
-rw-r--r-- | epan/dissectors/packet-ocsp.c | 23 |
3 files changed, 51 insertions, 17 deletions
diff --git a/asn1/ocsp/OCSP.asn b/asn1/ocsp/OCSP.asn index 7ce61f95ec..c2e17297f9 100644 --- a/asn1/ocsp/OCSP.asn +++ b/asn1/ocsp/OCSP.asn @@ -39,26 +39,31 @@ BEGIN IMPORTS - -- Directory Authentication Framework (X.509) - Certificate, AlgorithmIdentifier - FROM AuthenticationFramework { joint-iso-itu-t ds(5) - module(1) authenticationFramework(7) 3 } + authenticationFramework + FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) + usefulDefinitions(0) 5} - CRLReason - FROM CertificateExtensions + EXTENSION + FROM AuthenticationFramework authenticationFramework --- PKIX Certificate Extensions - AuthorityInfoAccessSyntax - FROM PKIX1Implicit88 {iso(1) identified-organization(3) - dod(6) internet(1) security(5) mechanisms(5) pkix(7) - id-mod(0) id-pkix1-implicit-88(2)} + -- Directory Authentication Framework (X.509) + Certificate, AlgorithmIdentifier + FROM AuthenticationFramework { joint-iso-itu-t ds(5) + module(1) authenticationFramework(7) 3 } + CRLReason + FROM CertificateExtensions - Name, GeneralName, CertificateSerialNumber, Extensions, - id-kp, id-ad-ocsp - FROM PKIX1Explicit88 {iso(1) identified-organization(3) - dod(6) internet(1) security(5) mechanisms(5) pkix(7) - id-mod(0) id-pkix1-explicit-88(1)}; + -- PKIX Certificate Extensions + AuthorityInfoAccessSyntax + FROM PKIX1Implicit88 {iso(1) identified-organization(3) + dod(6) internet(1) security(5) mechanisms(5) pkix(7) + id-mod(0) id-pkix1-implicit-88(2)} + + Name, GeneralName, CertificateSerialNumber, Extensions, id-kp, id-ad-ocsp + FROM PKIX1Explicit88 {iso(1) identified-organization(3) + dod(6) internet(1) security(5) mechanisms(5) pkix(7) + id-mod(0) id-pkix1-explicit-88(1)}; OCSPRequest ::= SEQUENCE { tbsRequest TBSRequest, @@ -156,6 +161,13 @@ CrlID ::= SEQUENCE { crlNum [1] EXPLICIT INTEGER OPTIONAL, crlTime [2] EXPLICIT GeneralizedTime OPTIONAL } +re-ocsp-nonce EXTENSION ::= { + SYNTAX ReOcspNonce + IDENTIFIED BY id-pkix-ocsp-nonce +} + +ReOcspNonce ::= OCTET STRING + -- Object Identifiers diff --git a/asn1/ocsp/ocsp.cnf b/asn1/ocsp/ocsp.cnf index 3245d4be6b..2e8dbb8fd5 100644 --- a/asn1/ocsp/ocsp.cnf +++ b/asn1/ocsp/ocsp.cnf @@ -24,6 +24,7 @@ OCSPResponse #.REGISTER BasicOCSPResponse B "1.3.6.1.5.5.7.48.1.1" "id-pkix-ocsp-basic" +ReOcspNonce B "1.3.6.1.5.5.7.48.1.2" "id-pkix-ocsp-nonce" CrlID B "1.3.6.1.5.5.7.48.1.3" "id-pkix-ocsp-crl" AcceptableResponses B "1.3.6.1.5.5.7.48.1.4" "id-pkix-ocsp-response" NULL B "1.3.6.1.5.5.7.48.1.5" "id-pkix-ocsp-nocheck" diff --git a/epan/dissectors/packet-ocsp.c b/epan/dissectors/packet-ocsp.c index a576adaf1f..428e62d0aa 100644 --- a/epan/dissectors/packet-ocsp.c +++ b/epan/dissectors/packet-ocsp.c @@ -60,6 +60,7 @@ static int hf_ocsp_ArchiveCutoff_PDU = -1; /* ArchiveCutoff */ static int hf_ocsp_AcceptableResponses_PDU = -1; /* AcceptableResponses */ static int hf_ocsp_ServiceLocator_PDU = -1; /* ServiceLocator */ static int hf_ocsp_CrlID_PDU = -1; /* CrlID */ +static int hf_ocsp_ReOcspNonce_PDU = -1; /* ReOcspNonce */ static int hf_ocsp_NULL_PDU = -1; /* NULL */ static int hf_ocsp_tbsRequest = -1; /* TBSRequest */ static int hf_ocsp_optionalSignature = -1; /* Signature */ @@ -319,7 +320,7 @@ dissect_ocsp_T_responseType(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int of static int dissect_ocsp_T_response(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 43 "../../asn1/ocsp/ocsp.cnf" +#line 44 "../../asn1/ocsp/ocsp.cnf" gint8 appclass; gboolean pc, ind; gint32 tag; @@ -611,6 +612,16 @@ dissect_ocsp_CrlID(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, return offset; } + + +static int +dissect_ocsp_ReOcspNonce(gboolean implicit_tag _U_, tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { + offset = dissect_ber_octet_string(implicit_tag, actx, tree, tvb, offset, hf_index, + NULL); + + return offset; +} + /*--- PDUs ---*/ static void dissect_BasicOCSPResponse_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) { @@ -638,6 +649,11 @@ static void dissect_CrlID_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_t asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); dissect_ocsp_CrlID(FALSE, tvb, 0, &asn1_ctx, tree, hf_ocsp_CrlID_PDU); } +static void dissect_ReOcspNonce_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) { + asn1_ctx_t asn1_ctx; + asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); + dissect_ocsp_ReOcspNonce(FALSE, tvb, 0, &asn1_ctx, tree, hf_ocsp_ReOcspNonce_PDU); +} static void dissect_NULL_PDU(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_) { asn1_ctx_t asn1_ctx; asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo); @@ -724,6 +740,10 @@ void proto_register_ocsp(void) { { "CrlID", "ocsp.CrlID_element", FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL }}, + { &hf_ocsp_ReOcspNonce_PDU, + { "ReOcspNonce", "ocsp.ReOcspNonce", + FT_BYTES, BASE_NONE, NULL, 0, + NULL, HFILL }}, { &hf_ocsp_NULL_PDU, { "NULL", "ocsp.NULL_element", FT_NONE, BASE_NONE, NULL, 0, @@ -967,6 +987,7 @@ void proto_reg_handoff_ocsp(void) { /*--- Included file: packet-ocsp-dis-tab.c ---*/ #line 1 "../../asn1/ocsp/packet-ocsp-dis-tab.c" register_ber_oid_dissector("1.3.6.1.5.5.7.48.1.1", dissect_BasicOCSPResponse_PDU, proto_ocsp, "id-pkix-ocsp-basic"); + register_ber_oid_dissector("1.3.6.1.5.5.7.48.1.2", dissect_ReOcspNonce_PDU, proto_ocsp, "id-pkix-ocsp-nonce"); register_ber_oid_dissector("1.3.6.1.5.5.7.48.1.3", dissect_CrlID_PDU, proto_ocsp, "id-pkix-ocsp-crl"); register_ber_oid_dissector("1.3.6.1.5.5.7.48.1.4", dissect_AcceptableResponses_PDU, proto_ocsp, "id-pkix-ocsp-response"); register_ber_oid_dissector("1.3.6.1.5.5.7.48.1.5", dissect_NULL_PDU, proto_ocsp, "id-pkix-ocsp-nocheck"); |