CMS/X509 are not Kerberos things and the types mostly use BER encoding, which can exercise the framework extensively.
I hope when all this work done, the framework will be good enough for the LDAP side. -----Original Message----- From: Emmanuel Lécharny [mailto:elecha...@gmail.com] Sent: Tuesday, December 08, 2015 9:52 PM To: ke...@directory.apache.org Subject: Re: FW: [jira] [Created] (DIRKRB-490) Separate ASN1 parser Le 08/12/15 12:18, Zheng, Kai a écrit : > Ah, right. Thanks. Will update when the job is all done. This time the > overall goal is to support BER encoding/decoding, indefinitive lenghth > encoding, primitive but constructed encoding/decoding and etc. The codes are > almost done, but I'm still refining them along with adding more tests. When > the newly added CMS/X509 models/types (100+) in kerby-pkix module are passed > to tests then the library will be much proven strong. The rational is, with > all the complex types involved in Kerberos, CMS and X509 are well supported, > the library should be of good quality. There are some very slight difference between LDAP and Kerberos ASN.1 encoding. Typically, the support of BOLEAN can be different (BER vs DER encoding) : "Kerberos explicitly specifies the use of the Distinguished Encoding Rules (DER)", when LDAP uses BER.
