本周計(jì)劃完成任務(wù)

本人所負(fù)責(zé)的不可否認(rèn)性模塊全部代碼的初步編寫(xiě)

本周實(shí)際完成情況

通過(guò)解析數(shù)據(jù)，獲取證書(shū)信息

相關(guān)代碼

local version_str = string.match(_VERSION, "%d+[.]%d*")
local version_num = version_str and tonumber(version_str) or 5.1
local bit = (version_num >= 5.2) and require("bit32") or require("bit")

-- create a new dissector to decode rtp private payload
local NAME1          = "undeny"
local PORT           = 5004
local RTP_PROTO_TYPE = 106


local undeny            = Proto(NAME1, "undeny Protocol")

-- create fields of undeny
fields_M             = ProtoField.uint8 (NAME1 .. ".M", "M", base.HEX,Payload_type,0x80)
fields_pt            = ProtoField.uint8 (NAME1 .. ".PT", "PT", base.DEC,Payload_type,0x7F)
fields_seqno         = ProtoField.uint16(NAME1 .. ".seqno", "Sequence number")
fields_h264bytes     = ProtoField.bytes(NAME1 .. ".bytes", "H264Data")
fields_fec           = ProtoField.bytes(NAME1 .. ".fec", "FEC Payload")

undeny.fields           = { fields_M, fields_pt, fields_seqno, fields_h264bytes,fields_fec }

local RTP_dis        = Dissector.get("rtp")
local H264_dis       = Dissector.get("h264")
local Data_dis       = Dissector.get("data")


-- dissect packet
function undeny.dissector(tvb, pinfo, tree)
	length = tvb:len()
	if length == 0 then return end
    -- decode private header
    local subtree = tree:add(undeny, tvb(0,3))
	subtree:add(fields_M, tvb(0,1))
	subtree:add(fields_pt, tvb(0,1))
    subtree:add(fields_seqno, tvb(1,2))

    -- show protocol name in protocol column
    pinfo.cols.protocol = undeny.name
   	
	local fec_id = tvb(0,1):uint()
	local fec_type = bit.band(fec_id,0x7F)
	if fec_type == 109 then 
		tree:add(fields_fec,tvb(3))
	else 
		H264_dis:call(tvb(3):tvb(), pinfo, tree)
	end 
end


--decode first layer  as rtp
local udp_dissector_table = DissectorTable.get("udp.port")
udp_dissector_table:set(PORT,RTP_dis)

-- register this dissector
-- DissectorTable.get("rtp.pt"):add(PORT, undeny)
--decode private protocol layer  3-bytes private datas + standard h264
local rtp_dissector_table = DissectorTable.get("rtp.pt")
rtp_dissector_table:set(RTP_PROTO_TYPE,undeny)

do
    local undeny_proto = Proto("undeny", "Undeny Protocol")
    
    local f_user_certificate = ProtoField.bytes("undeny.certificate", "User Certificate")
    
    undeny_proto.fields = { f_user_certificate }
    
    function undeny_proto.dissector(buffer, pinfo, tree)
        local length = buffer:len()
        if length == 0 then return end
    
        local subtree = tree:add(undeny_proto, buffer(), "User Certificate")
    
        local x509_dissector = Dissector.get("x509")  -- 獲取X.509解析器
        x509_dissector:call(buffer, pinfo, tree)  -- 調(diào)用X.509解析器來(lái)解析證書(shū)
    
        local cert_data = buffer:string()  -- 獲取證書(shū)數(shù)據(jù)
        if is_rsa_2048_certificate(cert_data) then
            subtree:add(f_user_certificate, buffer(0, length))  -- 將證書(shū)添加到協(xié)議樹(shù)中
            subtree:append_text(" (RSA-2048)")  -- 添加證書(shū)類型描述
        else
            subtree:add(f_user_certificate, buffer(0, length))
        end
    end
    
    local tcp_port = DissectorTable.get("tcp.port")
    tcp_port:add(443, undeny_proto)  -- 將端口號(hào)改為443
end

未完成原因：感覺(jué)有點(diǎn)難，邁出第一步有點(diǎn)艱難，熟悉上手后會(huì)好很多

本周遇到的問(wèn)題

代碼載入wireshark后，出現(xiàn)如下報(bào)錯(cuò)：

Lua: Error during loading:C:\Program Files Wireshark\undeny1.lua:83: attempt toindex local tls dissector tab' (a nil value)stack traceback:
C: Program Files Wireshark undeny1.lua:83: inmain chunk[C]: in function 'dofile'C:\Program Files Wireshark init.lua:669: in main
chunk
詢問(wèn)GPT解答：

目前版本的插件載入后報(bào)錯(cuò)，過(guò)濾不到相應(yīng)的包