Open duskmoon314 opened 1 year ago
Most of the binary-encoded data structures aren't ASN.1, they're... whatever you want to call TLS' ideosyncratic packed encoding. Point a DER parser at the base64-decoded leaf_input
, for instance, and it won't have the foggiest idea what to do.
In my understanding, DER is a part of ASN.1. The original thought is to use some crates instead of a self-maintained structure of the TLS certificate.
Though currently I don't have much time on this.
Yes, DER is a standardised encoding of ASN.1, which is itself an abstract notation for structured data.
From what I can see, you're already using a DER parser for the parts that can benefit from one -- specifically, turning the X.509 certificates (leaf and poisoned precert) into a useful structure, using x509_parser
. The other data structures that are currently using deku
are not DER-encoded, and are instead either JSON or the packed-value format specified in the TLS RFCs.
Many responses of ct log are base64 encoded ASN.1. Thus, using
rasn
is more meaningful.