DER: Encoding higher tag number

[xaqq]

Hello,

I have an use case where I need to DER-encode ASN.1 message using greater than 30 for tag number. I noticed in some comments that "This library deliberately does not support this: tag numbers greater than 30 are disallowed.".

I realize that TagNumber are an enumeration in this library, which makes arbitrarily high tag number problematic. I am curious if you would consider lifting this limitation and willing to accept patches.

I can imagine 2 approaches:

• Increase max tag number to 127, and support 2-bytes encoding of tags. Since 127 is still reasonable number it sounds like it would acceptable to have tag number up to TagNumber::N127.
• Accept large number by using u64 or u128. This might be a too big impact the library API.

Thank you,

[tarcieri]

I have an use case where I need to DER-encode ASN.1 message using greater than 30 for tag number.

Can you provide more information on what you're implementing which uses a combination of DER and the high tag number form?

I am curious if you would consider lifting this limitation and willing to accept patches.

We're making breaking changes right now, so it's something that can be considered. As it's something that's not needed for @RustCrypto-related use cases, it's not something I'd personally be interested in implementing, but a PR for it could be considered.

It would be helpful if it were motivated by a published specification that uses the combination of DER and high tag number form.

[xaqq]

Hello, I can't provide much information, but this is basically to support (proprietary) existing protocols. I can't link to a public spec using that.

As it's something that's not needed for @RustCrypto-related use cases, it's not something I'd personally be interested in implementing, but a PR for it could be considered.

Yeah that sounds fair enough.

[kamulos]

I also stumbled on this issue. For my company I am working on der encoded files in a proprietary format. The der crate is perfect for us except for the fact, that we have PRIVATE declared members, that go up to 255.

This project is time-critical and in general critical for us. So I would try to put this in a PR as fast as possible. If I manage to get to a working solution I would love to get feedback. Especially concerning the fact if this approach has the chance to be merged at some point.

@xaqq did you work on this in the meantime?

I think I will try to accomplish two things:

• allow the long form of tag numbers (>30). I think it makes sense to have high numbers represented by a normal number. Having 255 constants is quite strange.
• allowing PRIVATE tags be annotated like context specific ones in der_derive

[tarcieri]

I should note that while PRs are welcome, there are various places in the codebase that assume a tag is always equivalent to u8, so this change might be a little bit tricky. If anyone attempts it, let me know if you run into problems.

[kamulos]

Last week I hacked together a proof-of-concept, which seems to be already working :+1: So currently I do not expect run into any problems. I also think the crate's code is really nice to work with.

I think pretty soon I will find the time to clean it up and post an initial draft for some early feedback.

[kamulos]

I opened #1416 to get some initial feedback on my approach