diff options
author | Peter Wu <peter@lekensteyn.nl> | 2015-07-03 19:47:00 +0200 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2015-07-03 20:01:08 +0200 |
commit | a17875824df9b1cf76826cc5be300d9d6d3a61a3 (patch) | |
tree | 7c1a824c5ade66ad267356f76668ca29031c5eca /asn1/x509af/x509af.cnf | |
parent | bd6065f13f41a53ea4b3290500e6ce3462524eac (diff) | |
download | wireshark-a17875824df9b1cf76826cc5be300d9d6d3a61a3.tar.gz |
[WIP] x509af: dissect subjectPublicKeyx509-subjectpublickey
The subjectPublicKey field of a Certificate (TBSCertificate) is defined
as type BIT STRING. The actual contents depend on the Algorithm
Identifier which is preceding the subjectPublicKey field.
This patch (aims to) add(s) support for dissection of the public key.
Notes:
Currently only RSA is "half-working" and dissected as:
subjectPublicKeyInfo
algorithm (rsaEncryption)
Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption)
subjectPublicKey: 3082010a0282010100b7c769e2d0eacaeb929fc08238a9ff...
modulus : 0x00b7c769e2d0eacaeb929fc08238a9ffc59cab39c28a2e26...
publicExponent: 65537
It should probably become:
subjectPublicKeyInfo
algorithm (rsaEncryption)
Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption)
subjectPublicKey
RSAPublicKey
modulus : ...
publicExponent: 65537
Right now DSA and DH keys are displayed instead of subjectPublicKey
due to the hf_id reuse. These should get a new hf ID instead.
TODO:
- Add public key dissections below the BIT STRING subtree. This might
require API changes to dissect_ber_bitstring.
- Import PKIX1Algorithms2008 module from RFC 5480 (Elliptic Curve
Cryptography Subject Public Key Information) which is based on the
PKIX1Algorithms88 module from RFC 3279). Then import DSA, DH and
others from it. This is more correct than exporting it from the
PKCS#1 module.
- Check field names, right now these are displayed as a rather
useless/generic BER integer field (for the DH and DSA params).
Change-Id: Ib92645433b0a0078a947ff0ac26c5e6a64877b93
Diffstat (limited to 'asn1/x509af/x509af.cnf')
-rw-r--r-- | asn1/x509af/x509af.cnf | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/asn1/x509af/x509af.cnf b/asn1/x509af/x509af.cnf index e0e6a82166..1b173f0513 100644 --- a/asn1/x509af/x509af.cnf +++ b/asn1/x509af/x509af.cnf @@ -81,6 +81,35 @@ CertificateList/signedCertificateList/revokedCertificates/_item/userCertificate #.FN_BODY AlgorithmIdentifier/parameters offset=call_ber_oid_callback(actx->external.direct_reference, tvb, offset, actx->pinfo, tree, NULL); +#.FN_BODY SubjectPublicKeyInfo/subjectPublicKey + tvbuff_t *bs_tvb; + + /* subjectPublicKey is a BIT STRING with an explicit tag. It is DER-encoded, + * meaning that the length field consists of hex 8n followed by n octets. */ + /* TODO: drop dissect_ber_bitstring and use above assumptions? */ + /* -1 for hf_index and NULL for tree as this only attempts to parse the + * bitstring without creating a tree, */ + dissect_ber_bitstring(FALSE, actx, NULL, tvb, offset, + NULL, -1, -1, &bs_tvb); + + /* See RFC 3279 for possible subjectPublicKey values given an Algorithm ID. + * The contents of subjectPublicKey are always explicitly tagged. */ + + if (!strcmp(algorithm_id, "1.2.840.113549.1.1.1")) { /* id-rsa */ + offset += dissect_pkcs1_RSAPublicKey(FALSE, bs_tvb, 0, actx, tree, hf_index); + + } else if (!strcmp(algorithm_id, "1.2.840.10040.4.1")) { /* id-dsa */ + offset += dissect_pkcs1_DSAPublicKey(FALSE, bs_tvb, 0, actx, tree, hf_index); + + } else if (!strcmp(algorithm_id, "1.2.840.10046.2.1")) { /* dhpublicnumber */ + offset += dissect_pkcs1_DHPublicKey(FALSE, bs_tvb, 0, actx, tree, hf_index); + + } else { + /* unknown key type, display raw contents. */ + offset = dissect_ber_bitstring(FALSE, actx, tree, tvb, offset, + NULL, hf_index, -1, NULL); + } + #.FN_PARS Extension/extnId FN_VARIANT = _str HF_INDEX = hf_x509af_extension_id VAL_PTR = &actx->external.direct_reference |