[Cryptography] [FORGED] Re: Is ASN.1 still the thing?

Howard Chu hyc at symas.com
Tue Nov 14 15:16:19 EST 2017 

Jason Cooper wrote:
> Hi Peter,
> 
> On Tue, Nov 14, 2017 at 04:42:37AM +0000, Peter Gutmann wrote:
>> Jason Cooper <cryptography at lakedaemon.net> writes:
>>
>>> [ASN.1]
>>> Above and beyond the complexities of parsing it, there's also the difficulty
>>> of parsing it on embedded systems.  From my experience, it's extraordinarily
>>> difficult to parse as a stream.
>>
>> What experience did you have that makes you say that?  My code runs on a ton
>> of embedded stuff and there's no problems with parsing it, as a stream or
>> otherwise.
> 
>  From the perspective of attempting to decode an x509 cert as it streams
> in.  We found one attempt at decoding while streaming:
> 
>    http://lionet.info/asn1c/blog/2010/09/22/question-how-to-use-streaming/
> 
> Specifically:
> 
>> You can't encode the length of the structure before you know all the
>> lengths of its components, and in the streaming mode the components
>> lengths may not be easily available.
>>
>> In the DER encoding, the length of the message being encoded needs to be
>> known in advance. Therefore, der_encode() won't be able to generate the
>> proper output.
>>
>> However, in the more broad BER encoding, there's a possibility to encode
>> a so-called “indefinite length” component size. Unlike the
>> Tag-Length-Value component encoding when its length is available, the
>> “indefinite length” in BER acts as an opening brace in a programming
>> language: you have to terminate the encoding after all the components of
>> the structure are encoded. The termination is done using two consecutive
>> zero-data octets.
>>
>> Essentially what is it all about is that you encode the components of a
>> particular ASN.1 structure yourself, using DER encoding, but wrap it all
>> up with a framing of “indefinite length”.
> 
> So, in blunt terms, a "hack".

This sounds like you want to concurrently decode and re-encode, which is a 
slightly more unusual requirement. But yes, while it's possible to do a 
streaming decode, you can't really do a streaming encode.

> Thanks to Howard, we now have a second example, liblber which has a long
> history, plenty of use, and is open source.  So we'll see how that
> progresses.
> 
> But the fact is, DER was never intended for stream parsing/encoding.

Btw, as an example, here's our X.509 cert handling in slapd. It's quite lax, 
in terms of actually looking for malformed certs, but you'll get the idea.

http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=servers/slapd/schema_init.c;h=16c4d1ce5d7804bb952331bdbc94de564b51b225;hb=HEAD#l320

http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=servers/slapd/schema_init.c;h=16c4d1ce5d7804bb952331bdbc94de564b51b225;hb=HEAD#l3683


-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

More information about the cryptography mailing list