BIT-1343: factor common ASN.1 code from RDP and SNMP analyzer.

src/analyzer/protocol/rdp/rdp-protocol.pac

@@ -1,3 +1,4 @@
+%include ../asn1/asn1.pac
 
 type TPKT(is_orig: bool) = record {
 	version:  uint8;
@@ -326,64 +327,6 @@ type X509_Cert_Data = record {
 	cert: bytestring &length=cert_len;
 } &byteorder=littleendian;
 
-######################################################################
-# ASN.1 Encodings
-######################################################################
-
-type ASN1Encoding = record {
-	meta:    ASN1EncodingMeta;
-	content: bytestring &length = meta.length;
-};
-
-type ASN1EncodingMeta = record {
-	tag:      uint8;
-	len:      uint8;
-	more_len: bytestring &length = long_len ? len & 0x7f : 0;
-} &let {
-	long_len: bool = (len & 0x80) > 0;
-	length:   uint64 = long_len ? binary_to_int64(more_len) : len & 0x7f;
-};
-
-type ASN1SequenceMeta = record {
-	encoding: ASN1EncodingMeta;
-};
-
-type ASN1Integer = record {
-	encoding: ASN1Encoding;
-};
-
-type ASN1OctetString = record {
-	encoding: ASN1Encoding;
-};
-
-type ASN1ObjectIdentifier = record {
-	encoding: ASN1Encoding;
-};
-
-type ASN1Boolean = record {
-	encoding: ASN1Encoding;
-};
-
-type ASN1Enumerated = record {
-	encoding: ASN1Encoding;
-};
-
-######################################################################
-# ASN.1 Conversion Functions
-######################################################################
-
-function binary_to_int64(bs: bytestring): int64
-	%{
-	int64 rval = 0;
-	for ( int i = 0; i < bs.length(); ++i )
-		{
-		uint64 byte = bs[i];
-		rval |= byte << (8 * (bs.length() - (i + 1)));
-		}
-
-	return rval;
-	%}
-
 refine connection RDP_Conn += {
 
 	%member{
@@ -420,4 +363,4 @@ refine connection RDP_Conn += {
 		%{
 		return encryption_method_;
 		%}
-};
+};