[Cryptography] [FORGED] Re: Is ASN.1 still the thing?
Howard Chu
hyc at symas.com
Tue Nov 14 15:16:19 EST 2017
Jason Cooper wrote:
> Hi Peter,
>
> On Tue, Nov 14, 2017 at 04:42:37AM +0000, Peter Gutmann wrote:
>> Jason Cooper <cryptography at lakedaemon.net> writes:
>>
>>> [ASN.1]
>>> Above and beyond the complexities of parsing it, there's also the difficulty
>>> of parsing it on embedded systems. From my experience, it's extraordinarily
>>> difficult to parse as a stream.
>>
>> What experience did you have that makes you say that? My code runs on a ton
>> of embedded stuff and there's no problems with parsing it, as a stream or
>> otherwise.
>
> From the perspective of attempting to decode an x509 cert as it streams
> in. We found one attempt at decoding while streaming:
>
> http://lionet.info/asn1c/blog/2010/09/22/question-how-to-use-streaming/
>
> Specifically:
>
>> You can't encode the length of the structure before you know all the
>> lengths of its components, and in the streaming mode the components
>> lengths may not be easily available.
>>
>> In the DER encoding, the length of the message being encoded needs to be
>> known in advance. Therefore, der_encode() won't be able to generate the
>> proper output.
>>
>> However, in the more broad BER encoding, there's a possibility to encode
>> a so-called “indefinite length” component size. Unlike the
>> Tag-Length-Value component encoding when its length is available, the
>> “indefinite length” in BER acts as an opening brace in a programming
>> language: you have to terminate the encoding after all the components of
>> the structure are encoded. The termination is done using two consecutive
>> zero-data octets.
>>
>> Essentially what is it all about is that you encode the components of a
>> particular ASN.1 structure yourself, using DER encoding, but wrap it all
>> up with a framing of “indefinite length”.
>
> So, in blunt terms, a "hack".
This sounds like you want to concurrently decode and re-encode, which is a
slightly more unusual requirement. But yes, while it's possible to do a
streaming decode, you can't really do a streaming encode.
> Thanks to Howard, we now have a second example, liblber which has a long
> history, plenty of use, and is open source. So we'll see how that
> progresses.
>
> But the fact is, DER was never intended for stream parsing/encoding.
Btw, as an example, here's our X.509 cert handling in slapd. It's quite lax,
in terms of actually looking for malformed certs, but you'll get the idea.
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=servers/slapd/schema_init.c;h=16c4d1ce5d7804bb952331bdbc94de564b51b225;hb=HEAD#l320
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=servers/slapd/schema_init.c;h=16c4d1ce5d7804bb952331bdbc94de564b51b225;hb=HEAD#l3683
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the cryptography
mailing list