Are we working on a general purpose ASN.1 compiler / BER codec or just enough ASN.1 to parse certs and PKCS blobs?

I might recommend we design an interface for the former but simply implement the latter. BER / DER encoding can be a little ugly at times. I've written several "highly-focused" BER / DER decoders in Java, and can tell you that scope creep is NOT your friend. ("Highly focused" in this context means specific to the ASN.1 for a particular application.)

I think someone mentioned Dubuisson's book on ASN.1, the PDF of which is available for free download. While I believe that Dubuisson's book is an excellent read, there's more to ASN.1 than BER/DER encoding, and you might wind up wasting a little bit of time by trying to implement _everything_. You might want to check out Burt Kaliski's "Layman's guide to a subset of ASN.1, BER, and DER". Available in text format at ftp://ftp.rsa.com/pub/pkcs/ascii/layman.asc .

-Matt H.

On Nov 15, 2005, at 7:18 PM, Ron Teitelbaum wrote:

Also once the relationship is settled we will again approach Cincom about a port of their cryptography code.  (Sean have you heard any new comments from James?)  In the mean time I am still working through ASN.1.


We have a new official Team Member: Paul Davidowitz.  Paul and I have worked before he is a very solid programmer.  We have discussed ASN.1 and Paul is working through some possible designs.  Please welcome Paul to the team!