Open HoneyryderChuck opened 2 months ago
I think the tests outside test_basic_asn1data
are still using the C implementation because #to_der
is redefined on Primitive
and Constructive
.
Currently, the whole of
#to_der
is implemented in the ASN1Data class. The reason is, one can build a primitive or constructive object "manually" (if tag and/or tag_class is known), or can just use arrays directly. It would benefit from moving specific implementations into the respective child classes, but then it'd be a breaking change because of what I said. Any suggestions?
ossl_asn1_get_asn1type()
in the C impl can definitely be broken down and moved to each class. It's currently done this way just because it's simpler to do so in C.
What breaking change do you expect?
@rhenium made a few adjustments to the ruby code. I believe it got cleaner. The same point stands regarding ASN1Data
class having to own to_der implementations for cons and prim though, not much one can do (?).
I broke down ossl_asn1_get_asn1type()
, but not completely, as I didn't manage to port OID / UTCTime / GeneralizedTime impls to ruby. Not sure if worth pursuing.
Didn't start cutting C code just yet.
The same point stands regarding
ASN1Data
class having to own to_der implementations for cons and prim though, not much one can do (?).
I think so, unfortunately.
OpenSSL::ASN1.decode
produces an instance of OpenSSL::ASN1::ASN1Data
when the data doesn't have a known universal class tag number, so ASN1Data#to_der
has to be able to handle both. It would have been simpler if .decode
produced Primitive
/Constructed
instance, and ASN1Data#to_der
didn't exist, but I feel it's too late to make such an API change.
OID
Encoding the value should be trivial. I added in an inline comment.
UTCTime / GeneralizedTime
Please check X.690 for exact details, but encoding these types should be relatively simple too, since they are just encoded into ISO 8601 (except UTCTime uses 2-digit years).
@rhenium did UTCTime and GeneralizedTime, lmk what you think.
@rhenium anything still pending?
This is a draft request-for-comment proposal for implementing
OpenSSL::ASN1::ASN1Data#to_der
in ruby, as per suggestion on the previous MR. It already passes the test, although there is a part which hasn't been ported yet, and seems not be covered in the tests. I guess that the ruby code can benefit from being broke down in multiple files, but I'll keep it here just for easy of review, ,for now. I also didn't delete C code, not yet.Currently, the whole of
#to_der
is implemented in the ASN1Data class. The reason is, one can build a primitive or constructive object "manually" (if tag and/or tag_class is known), or can just use arrays directly. It would benefit from moving specific implementations into the respective child classes, but then it'd be a breaking change because of what I said. Any suggestions?I also didn't do any benchmarks yet. Is it relevant?
LMK what you think.