it was hard to review code in an overlooked module, with no test cases. I think too that cryptography code has often been on the nuclear power plant side of the bike shed effect: people think only geniuses work on it and it must be great.
I wonder if while that's good theory, whether in practice there are much more robust (and efficient) parsers already for protobufs and CBOR. In more languages too.
-
-
That would not surprise me. The ASN.1 spec is hard to read and full of legacy cruft. It is similar to SGML and no one has profiled it to create something analogous to XML. To parse ASN.1, you still need to handle the "change typewriter ball" byte sequence.
-
1. mozilla::pkix's ASN.1 parser was built w/o consulting ASN.1 specs at all; IMO that's the best way to do it. 2. I've written a few ASN.1 parsers & none parse the "change typewriter ball" stuff. 3. The useful subset of DER is very easy to parse, from my personal experience.
- 21 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.