[Cryptography] Is ASN.1 still the thing?

Florian Weimer fw at deneb.enyo.de
Mon Nov 27 14:17:49 EST 2017 

* Nico Williams:

>> This is not what puzzled me.  It is how to get from the ASN.1 syntax,
>> with the [0], the EXPLICIT, the DEFAULT (or the [3] and the IMPLICIT
>> further down) to the on-the-wire representation, with the
>> CONTEXT_SPECIFIC wrapper around the actual version field and all that.
>> 
>> And I wonder if ASN.1 compilers actually ensure that the serialized
>> data and be deserialized in an unambiguous fashion, and what the rules
>> are for *that*.
>
> Well, we do interop, so, "yes".  We have a large variety of
> implementations of PKIX, after all.  Some use ASN.1 compilers, and some
> use hand-coded codecs.

You can only do interop testing with real data and a concrete ASN.1
specification.  I'm more interested in the theory, i.e. how this is
*supposed* to work at the design level.

I have no doubt that you can get almost anything to work with
sufficient interop testing, at least for a brief period of time, but
the point of something like ASN.1 and associated tools is that if both
ends use the same schema of data types, then you can at least
understand each other to the degree that each side sees the same data.
(Whether it reacts to it in the expected way is a different matter.)

My hunch is that the criticism of ASN.1 (as opposed to direct wire
format specification using ASCII diagrams or whatever) is that how you
get from ASN.1 syntax, to the internal data model, via some specific
encoding rules, to the actual bytes, is far from obvious, and the
specifications do not really help unless you have been taught a
particular mental framework for reading those specifications.  The XML
stack (whether XML Schema or RelaxNG doesn't matter) is much clearer
in this regard, for example, so I'm not sure if this issue of apparent
disconnect is inherent to the problem domain.

The fact that fully-featured ASN.1 tools used to be proprietary, with
closely guarded test suites, probably did not help, either, because it
resulted in a proliferation of concrete, manually written parsers and
substantial divergence even between automatically generated parsers.

More information about the cryptography mailing list