replacing MIT's ASN.1 code
Ezra Peisach
epeisach at MIT.EDU
Mon Oct 15 19:39:03 EDT 2007
While I do not really have a say in any of this I see the following
concerns:
a) There are some issues of signed/unsigned that are present in the krb5
specs and implementations... For instance the nonce is supposed to be
unsigned - and we are encoding as a signed integer... If the high bit is
set - this is encoded as a five byte integer - which heimdal cannot handle.
There is one other discrepancy in signed/unsigned handling - but I
cannot remember what it is. I think it might be kvno.
This means we will need to be careful in how things are encoded in terms
of interop.
b) We are generous is decoding "incorrect" implementations for backwards
compatibility. For instance, see
KRB5_GENEROUS_LR_TYPE, KRB5_MSGTYPE_STRICT, and
KRB5_ENCKRB5KDCREPPART_COMPAT... The generous_lr_type is a
signed/unsigned work around...
c) We do have a test suite for asn1 encodings/decodings - so we will
test some edge cases - like indefinite encodings, etc. If these work w/o
memory leaks, etc - that would help validate the ASN.1 implementation.
d) Structure compatibility w/ ABI compat... As Ken indicated some
wrappers would be necessary... It might be nice to have a real string
type instead
of krb5_data... It would probably clean up some internal warnings...
Just my two cents...
Ezra
More information about the krbdev
mailing list