[cryptography] preventing protocol failings
pgut001 at cs.auckland.ac.nz
Thu Jul 7 02:01:35 EDT 2011
Sampo Syreeni <decoy at iki.fi> writes:
>To my mind the difference seemed to be about shallow versus deep parsing. You
>can't really deep parse anything in BER with implicit tagging,
You can deep-parse, you just need to apply some basic heuristics (e.g. "if
it's an octet string and the first byte is a standard tag that's used with
octet-string holes and the following bytes are a length that's the same as the
octet-string content then it's an octet string hole, continue drilling down").
>In this sense I would agree: to me parsing an input means parsing it right
>down to the last bit. If there's anything you have to skip, or munge, or
>skirt/skip over, that's not parsing proper, but shallow parsing.
Right, and that's quite possible with ASN.1. As I've already mentioned, run
dumpasn1 on certs or S/MIME data or whatever and see for yourself.
The problem with the non-ASN.1 approaches is that they're all PER, unless you
know every detail of what to expect at every point of the encoded data you
can't even get past the first byte. In addition you're forced to use
handcoded parsers for everything, there isn't even scope for something like an
ASN.1 compiler. SSH, which freely mixes binary data and comma-delimited ASCII
text is the worst of the lot, that's just a nightmare to parse safely.
More information about the cryptography