[Cryptography] [FORGED] Re: Is ASN.1 still the thing?

Nico Williams nico at cryptonector.com
Tue Nov 14 18:37:25 EST 2017


On Tue, Nov 14, 2017 at 03:49:41PM +0000, Jason Cooper wrote:
> On Tue, Nov 14, 2017 at 04:42:37AM +0000, Peter Gutmann wrote:
> > What experience did you have that makes you say that?  My code runs on a ton
> > of embedded stuff and there's no problems with parsing it, as a stream or
> > otherwise.
> 
> From the perspective of attempting to decode an x509 cert as it streams
> in.  We found one attempt at decoding while streaming:
> 
>   http://lionet.info/asn1c/blog/2010/09/22/question-how-to-use-streaming/
> 
> Specifically:
> 
> > You can't encode the length of the structure before you know all the
> > lengths of its components, and in the streaming mode the components
> > lengths may not be easily available.

*En*coding in DER is not streaming.  And only in DER.

*De*coding is.

And ASN.1 != DER.

Nico
-- 


More information about the cryptography mailing list