Wireshark-bugs: [Wireshark-bugs] [Bug 2834] OID 2.5.29.3 not recognized by BER dissector.
Date: Mon, 15 Jun 2009 13:04:40 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2834


Graeme Lunt <graeme@xxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |graeme@xxxxxxxxxxx




--- Comment #3 from Graeme Lunt <graeme@xxxxxxxxxxx>  2009-06-15 13:04:39 PDT ---
(In reply to comment #2)
> Created an attachment (id=2199)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2199) [details]
> Captured packet bearing the cert in question.
> 
> I didn't save all frames which made up the cert; this capture file should fix
> that.
> 

Hi,

I have looked at this bug and it would appear that either the definition you
suggest, or your example capture, are incorrect.

As I decode the certificate extension 2.5.29.3, it appears to contain three
nested SEQUENCES and not two before the OID of the certPolicyId. See below:

SEQUENCE
    OID: 2.5.29.3 (id-ce-certificatePolicies)
    OCTETSTRING [BER encoded]
        SEQUENCE
            SEQUENCE
                SEQUENCE
                    OID: 2.16.840.1.113733.1.7.1.1
(joint-iso-itu-t.16.840.1.113733.1.7.1.1)
                    SEQUENCE
                        IA5String [truncated]: This certificate incorporates by
reference, and its use is strictly subject to, the VeriSign Certification
Practice Statement (CPS), available at: https://www.verisign.com/CPS; by E-mail
at CPS-requests@xxxxxxxxxxxx;
                        [CONTEXT 0]
                            OID: 2.16.840.1.113733.1.7.1.1.1
(joint-iso-itu-t.16.840.1.113733.1.7.1.1.1)
                        [CONTEXT 1]
                            OID: 2.16.840.1.113733.1.7.1.1.2
(joint-iso-itu-t.16.840.1.113733.1.7.1.1.2)
                        SEQUENCE
                            SEQUENCE
                                IA5String:
https://www.verisign.com/repository/CPS 

Consequently it doesn't decode.

Can you shed any light?

Thanks,

Graeme


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.