You are viewing a plain text version of this content. The canonical link for it is here.
Posted to kerby@directory.apache.org by "Zheng, Kai" <ka...@intel.com> on 2015/12/08 11:14:22 UTC
FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Any comment? Your feedbacks are welcome. Thanks.
Regards,
Kai
-----Original Message-----
From: Kai Zheng (JIRA) [mailto:jira@apache.org]
Sent: Tuesday, December 08, 2015 6:11 PM
To: dev@directory.apache.org
Subject: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Kai Zheng created DIRKRB-490:
--------------------------------
Summary: Separate ASN1 parser
Key: DIRKRB-490
URL: https://issues.apache.org/jira/browse/DIRKRB-490
Project: Directory Kerberos
Issue Type: New Feature
Reporter: Kai Zheng
Assignee: Kai Zheng
*Kerby-asn1* is mainly a user model/type driven or oriented framework. The ASN1 parsing procedure is tightly coupled with the model value binding process. Recent changes made good progress, and this would decouple the two aspects totally and provide separate ASN1 parser to cover use cases supported by other libraries as well. In other words, users can use this facility to parse data stream to emit ASN1 built-in type objects without having to define their models or types. This is very handy for small tasks or tools.
With this separating, the codes for user model type support and value binding will also be cleaner and easy to understand, since the part won't care parsing logics. With the new parser added, the library will be more complete.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
RE: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Posted by "Zheng, Kai" <ka...@intel.com>.
CMS/X509 are not Kerberos things and the types mostly use BER encoding, which can exercise the framework extensively.
I hope when all this work done, the framework will be good enough for the LDAP side.
-----Original Message-----
From: Emmanuel Lécharny [mailto:elecharny@gmail.com]
Sent: Tuesday, December 08, 2015 9:52 PM
To: kerby@directory.apache.org
Subject: Re: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Le 08/12/15 12:18, Zheng, Kai a écrit :
> Ah, right. Thanks. Will update when the job is all done. This time the overall goal is to support BER encoding/decoding, indefinitive lenghth encoding, primitive but constructed encoding/decoding and etc. The codes are almost done, but I'm still refining them along with adding more tests. When the newly added CMS/X509 models/types (100+) in kerby-pkix module are passed to tests then the library will be much proven strong. The rational is, with all the complex types involved in Kerberos, CMS and X509 are well supported, the library should be of good quality.
There are some very slight difference between LDAP and Kerberos ASN.1 encoding. Typically, the support of BOLEAN can be different (BER vs DER
encoding) : "Kerberos explicitly specifies the use of the Distinguished Encoding Rules (DER)", when LDAP uses BER.
RE: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Posted by "Zheng, Kai" <ka...@intel.com>.
CMS/X509 are not Kerberos things and the types mostly use BER encoding, which can exercise the framework extensively.
I hope when all this work done, the framework will be good enough for the LDAP side.
-----Original Message-----
From: Emmanuel Lécharny [mailto:elecharny@gmail.com]
Sent: Tuesday, December 08, 2015 9:52 PM
To: kerby@directory.apache.org
Subject: Re: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Le 08/12/15 12:18, Zheng, Kai a écrit :
> Ah, right. Thanks. Will update when the job is all done. This time the overall goal is to support BER encoding/decoding, indefinitive lenghth encoding, primitive but constructed encoding/decoding and etc. The codes are almost done, but I'm still refining them along with adding more tests. When the newly added CMS/X509 models/types (100+) in kerby-pkix module are passed to tests then the library will be much proven strong. The rational is, with all the complex types involved in Kerberos, CMS and X509 are well supported, the library should be of good quality.
There are some very slight difference between LDAP and Kerberos ASN.1 encoding. Typically, the support of BOLEAN can be different (BER vs DER
encoding) : "Kerberos explicitly specifies the use of the Distinguished Encoding Rules (DER)", when LDAP uses BER.
Re: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 08/12/15 12:18, Zheng, Kai a écrit :
> Ah, right. Thanks. Will update when the job is all done. This time the overall goal is to support BER encoding/decoding, indefinitive lenghth encoding, primitive but constructed encoding/decoding and etc. The codes are almost done, but I'm still refining them along with adding more tests. When the newly added CMS/X509 models/types (100+) in kerby-pkix module are passed to tests then the library will be much proven strong. The rational is, with all the complex types involved in Kerberos, CMS and X509 are well supported, the library should be of good quality.
There are some very slight difference between LDAP and Kerberos ASN.1
encoding. Typically, the support of BOLEAN can be different (BER vs DER
encoding) : "Kerberos explicitly specifies the use of the Distinguished
Encoding Rules (DER)", when LDAP uses BER.
RE: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Posted by "Zheng, Kai" <ka...@intel.com>.
Ah, right. Thanks. Will update when the job is all done. This time the overall goal is to support BER encoding/decoding, indefinitive lenghth encoding, primitive but constructed encoding/decoding and etc. The codes are almost done, but I'm still refining them along with adding more tests. When the newly added CMS/X509 models/types (100+) in kerby-pkix module are passed to tests then the library will be much proven strong. The rational is, with all the complex types involved in Kerberos, CMS and X509 are well supported, the library should be of good quality.
With above said, to move forward, we can experiment to apply it to the LDAP field. I believe the codes will be much simplified but let evaluate it then after all above done.
Please stay tuned. Thanks.
Regards,
Kai
-----Original Message-----
From: Emmanuel Lécharny [mailto:elecharny@gmail.com]
Sent: Tuesday, December 08, 2015 6:54 PM
To: Apache Directory Developers List <de...@directory.apache.org>
Subject: Re: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Le 08/12/15 11:14, Zheng, Kai a écrit :
> Any comment? Your feedbacks are welcome. Thanks.
Interesting progress !
I think we could test the lib on the LDAP API, to see if we can use it safely.
That might take a bit of time, but a simple experiment could be fast enough to validate the approach.
Definitively worthly !
RE: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Posted by "Zheng, Kai" <ka...@intel.com>.
Ah, right. Thanks. Will update when the job is all done. This time the overall goal is to support BER encoding/decoding, indefinitive lenghth encoding, primitive but constructed encoding/decoding and etc. The codes are almost done, but I'm still refining them along with adding more tests. When the newly added CMS/X509 models/types (100+) in kerby-pkix module are passed to tests then the library will be much proven strong. The rational is, with all the complex types involved in Kerberos, CMS and X509 are well supported, the library should be of good quality.
With above said, to move forward, we can experiment to apply it to the LDAP field. I believe the codes will be much simplified but let evaluate it then after all above done.
Please stay tuned. Thanks.
Regards,
Kai
-----Original Message-----
From: Emmanuel Lécharny [mailto:elecharny@gmail.com]
Sent: Tuesday, December 08, 2015 6:54 PM
To: Apache Directory Developers List <de...@directory.apache.org>
Subject: Re: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Le 08/12/15 11:14, Zheng, Kai a écrit :
> Any comment? Your feedbacks are welcome. Thanks.
Interesting progress !
I think we could test the lib on the LDAP API, to see if we can use it safely.
That might take a bit of time, but a simple experiment could be fast enough to validate the approach.
Definitively worthly !
Re: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 08/12/15 11:14, Zheng, Kai a écrit :
> Any comment? Your feedbacks are welcome. Thanks.
Interesting progress !
I think we could test the lib on the LDAP API, to see if we can use it
safely.
That might take a bit of time, but a simple experiment could be fast
enough to validate the approach.
Definitively worthly !