Re: Several issues concerning ASN1 in OpenSSL

Tue, 22 Aug 2000 08:54:27 -0700 

Peter Sylvester wrote:
> 
> >
> > It is my understanding that an i2d function should return the length of the
> > identifier, length and content octets, and that in the case described below
> > i2d_ASN1_OBJECT did not. That's all.
> >
> > Based on Steve's message (which I read after sending my message), this has
> > been fixed.
> >
> Right, it seems that the other functions behave like that.
> 
> Anyway this reminds me to some functionality that I have seen some
> tern years ago other asn1 implementations:
> 
> The equivalent of the length function actually does not get the
> correct encoding but just make an estimation, giving 5 length octets
> or other hints for integers for example. This allows for a faster code
> especially when lot's of structures are involved. Note that the
> actual put routines do the length stuff twice.
> The implemenation was beating xdr encoders by a factor of almost 2.
> 

Yes thats something I'm considering for the ASN1 revision. Something
like saving the lengths when the length is calculated and then using
them when the stuff is written out.

However that's currently tricky because you'd have to add something like
a 'ASN1_CTX' parameter with the cached lengths somewhere. Painful with
the current spaghetti ASN1. Much easier when it all goes through a
common routine.

> I also remember another encoder that encoding in an inverted way
> from the end of the buffer after estimation of the length. No
> performance figures here.
> 

Yes I believe SNACC does that? The only difficulty with that is it makes
in much harder to write the encoded ASN1 to a stream if you use
indefinite length encoding. 

Not that OpenSSL currently does that...

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to