Re: asn2wrs documentation?

[Peter Wu <peter () lekensteyn nl>]

Hi Tomáš,

On Tue, Sep 15, 2015 at 02:29:02PM +0000, Kukosa Tomáš wrote:
> Unfortunately asn2wrs can not help with it.
> Changing  TYPE_ATTR does not change called dissection function. It 
> changes just field type.
> The field ber.64bit_uint_as_bytes comes from function 
> dissect_ber_integer64() of packet-ber.c.
>
> Maybe the dissect_ber_integer64() should check whether the field has the 
> FT_BYTES type and then it could use the original field instead of the 
> ber.64bit_uint_as_bytes.

This is done now since yesterday
(https://code.wireshark.org/review/10539), now it suffices to use this
for INTEGER types:

    #.TYPE_ATTR
    RSAPublicKey/modulus TYPE = FT_BYTES  DISPLAY = BASE_NONE

> Another possibility would be to define own dissector function for the 
> RSAPublicKey fields instead of calling default dissect_ber_integer(). 
> E.g. something like this:
>
> #.FN_BODY  RSAPublicKey/modulus
>    gint8 ber_class;
>    gboolean pc, ind;
>    gint32 tag;
>    guint32 len;
>
>    offset = dissect_ber_identifier(actx->pinfo, tree, tvb, offset, 
> &ber_class, &pc, &tag);
>    offset = dissect_ber_length(actx->pinfo, tree, tvb, offset, &len, &ind);
>   /* integer octets are at the offset */
>    offset += len;
> #.END

Yes, this is something I will use, thanks! For integers I think that the
"ind" part is not needed (can be NULL) as integers are not using the
indefinite length encoding?

> There is not better asn2wrs document available. The best documentation 
> are examples in the asn1 directory.

Those examples unfortunately have no explanation either. For example,
there is a FIELD_ATTR member that is used in some places, how does it
differ from TYPE_ATTR? Any idea what the IMPORT_TAG is used for (it is
only used in one place)?

Thanks,
Peter

> Best regards,
>    Tomas
>
>
> On 15.9.2015 13:46, Peter Wu wrote:
> > Hi,
> >
> > I am working on improving dissection support of the subjectPublicKey
> > field in X.509 Certificates[1]. Right now these opaque BIT STRING types
> > are shown as a sequence of bytes, but I would like to dissect the other
> > fields (like modulus and exponent for RSA and public key y for DSA).
> > (This work is a prerequisite for a new method of specifying RSA private
> > key files in the SSL preferences without having to list address+port.)
> >
> > These numbers (RSA modulus, DSA y, DSS-Params p, q, g) are larger than
> > 64-bit and therefore are forced to be displayed as FT_BYTES. The problem
> > that now occurs is that the original field is lost
> > (ber.64bit_uint_as_bytes is used instead).
> >
> > To tackle that problem, I started using TYPE_ATTR, but since the fields
> > are still dissected as ber_integer, it does not help. I think I can use
> > "IMPORT_TAG", but it is not documented on the wiki[2].
> >
> > Those who are familiar with the asn2wrs script, is it possible to update
> > the wiki? Are there other documentation resources available?
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe