Wireshark-commits: [Wireshark-commits] master aaad273: pkcs1: recognize explicit curve parameters
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Thu, 30 Jan 2020 05:52:12 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=aaad273ec1ead7e2203e66536b0c80fce8c72e49
Submitter: "Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark

Commits:

aaad273 by Peter Wu (peter@xxxxxxxxxxxxx):

    pkcs1: recognize explicit curve parameters
    
    Add support for explicit curve parameters according to RFC 3279. This
    allows an exploitation attempt of CVE-2020-0601 to be detected through
    the pkcs1.specifiedCurve_element filter name. Be aware though that the
    certificate is encrypted in TLS 1.3, so a negative match does not imply
    that no exploitation has happened.
    
    While these definitions are technically not part of PKCS #1, the
    PKIXAlgs module is part of the pkcs1 dissector for historical reasons.
    It probably makes sense splitting it into a separate pkixalgs dissector,
    but that would result in field name changes. Defer that for now.
    
    Bug: 16340
    Change-Id: Ia9d47a8337d6246f52983460580310b12e5709cf
    Reviewed-on: https://code.wireshark.org/review/35986
    Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
    

Actions performed:

    from  530e243   CMake: look for libcap on Linux only
     add  aaad273   pkcs1: recognize explicit curve parameters


Summary of changes:
 epan/dissectors/asn1/pkcs1/PKIXAlgs-2009.asn |  57 ++++++--
 epan/dissectors/asn1/pkcs1/pkcs1.cnf         |   8 +-
 epan/dissectors/packet-pkcs1.c               | 195 ++++++++++++++++++++++++++-
 3 files changed, 245 insertions(+), 15 deletions(-)