[Cryptography] Is ASN.1 still the thing?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Nov 13 02:52:00 EST 2017

James A. Donald <jamesd at echeque.com> writes:

>ASN.1 provides canonical format so that you can hash it or checksum it, 

Canonicalisation doesn't work in any format, even ASN.1.  Having said that, it
works vastly less in something like XML than it does in ASN.1.  In either case
though, "there is only one encoding rule and that is memcpy()" (me, years
ago).  In other words whoever produces the data decides how it's encoded, and
everything else memcpy()s the encoded blob around without trying to do any
canonicalisation or re-encoding.  Anything else and you're setting yourself up
for a lifetime of patching to handling every new mis-encoding that turns up.


More information about the cryptography mailing list