Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RSASSA-PSS (bug #6541)

From: Anders Broman <anders.broman () ericsson com>
Date: Thu, 10 Nov 2011 13:57:47 +0100
Hi,
Some quick comments


Should all of this go into asn1/pkcs1? I guess so as other definitions from
RFC5912 are in the same file.


Yes probably, (haven't looked at the RFC:s)



It looks like the default values are ignored. There's no errors from asn2wrs
but the defaults never show up anywhere, e.g. when a field is absent. It this
the expected behaviour or is something going wrong?


I would think this is to be expected or a current limitation. If defaults are used there is nothing in the packet
For Wireshark to show = no code generated. One coud argue that Wireshark should put in generated fields with the 
defaults
But that's currently not the case.


I can't get the following definition to compile

   sha1Identifier AlgorithmIdentifier ::= {
      algorithmId id-sha1,
      parameters NULL
   }
asn2wrs complains about the comma after id-sha1 (removing it doesn't help). I
commented this out as it's used for defining a default value which in turn
seems to be ignored.


I would guess that asn2wrs expects an Uppercase after algorithmId and can't do the translation of the symbol (id-sha1) 
to an OID
As the construct isn't needed I would say that commenting it out is the right thing to do.

Best regards
Anders



 

-----Original Message-----
From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Martin Kaiser
Sent: den 10 november 2011 13:32
To: wireshark-dev () wireshark org
Subject: [Wireshark-dev] RSASSA-PSS (bug #6541)

Dear all,

I'm trying to add support for RSASSA-PSS signatures in X.509 certificates. It's in a state where things are working for 
me, but I'm not sure that I understood the ASN.1 handling in wireshark well enough.

Could anybody who's familiar with ANS.1 dissection spare some minutes and look at #6541 in the bugtracker? I'd 
appreciate feedback about what's required to make this contribution ready for checkin.

The reason I'd like to have this included is that the certificates used by CI+ (about 100 mio are in use now) have PSS 
signatures. The DVB-CI dissector could then make use of the x509 dissection...

Thanks for your help,

   Martin
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: