[prev] [up] [next]

ASN1/GDMO Parser & Support Classes



This package consists of a Parser which reads ISO-x208 ASN.1 module specifications plus ISO x722-GDMO Managed Object definitions and a set of support classes to represent ASN types and GDMO objects.

Encoding/Decoding support is (currently) provided for BER encoded data packets. The framework provides the required hooks and flexibility for other coders (DER, PER, ...) to be plugged in easily.

ASN.1 Parser

The parser reads standard ASN.1 definitions from a file or string and returns an asn.1 module instance which is effectively a namespace (Dictionary) for its definitions. Typically, ASN.1 definitions are provided by a class method (which either returns the definitions as a constant string or returns a file's contents). This is the most flexible scheme, as ASN.1 definitions are parsed just in time, and the program is able to adjust its operation on the most up-to-date definitions automatically. However, it is also possibly to parse the definitions at compile time, and provide generated and statically compiled definition classes. However, in such a static scheme, any definition change will require a recompilation of the application.

ASN1 Sample Usage

Assuming that the class method provides the ASN.1 source, a typical definition may look like:
       {iso(1) member-body(2) us(840) rsadsi(113549)}

   digestAlgorithm   OBJECT IDENTIFIER ::= {rsadsi 2}

   id-hmacWithSHA224 OBJECT IDENTIFIER ::= {digestAlgorithm 8}
   id-hmacWithSHA256 OBJECT IDENTIFIER ::= {digestAlgorithm 9}
   id-hmacWithSHA384 OBJECT IDENTIFIER ::= {digestAlgorithm 10}
   id-hmacWithSHA512 OBJECT IDENTIFIER ::= {digestAlgorithm 11}
(the above is a real world example, copy-pasted from RFC4231).

Then, the classes initialize-method could be:

    Module isNil ifTrue:[
	Module := OSI::ASN1Parser parseModuleDefinition:self asn1Definitions.
    ^ Module
assuming that Module is a local class variable.

Then, within the class, defined entities are accessible like:

    Module at:'hmacWithSHA512'

If the module contains data structures, as in the X509 definition:

    TBSCertificate ::= SEQUENCE {
	version          [ 0 ]  Version DEFAULT v1,
	serialNumber            CertificateSerialNumber,
	signature               AlgorithmIdentifier,
	issuer                  Name,
	validity                Validity,
	subject                 Name,
	subjectPublicKeyInfo    SubjectPublicKeyInfo,
	issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
	subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
	extensions        [ 3 ] Extensions OPTIONAL
those can be instantiated as:
    cert := (Module at:'TBSCertificate') new.
    cert issuer:'fooBar'.
    cert subjectPublicKeyInfo:((Module at:'SubjectPublicKeyInfo') new.
i.e. the returned objects behave like classes which can be instantiated, and those instances can be accessed via getter- and setter methods.

By putting those definitions into a shared pool or class variables, the code can further be simplified to:

    cert := TBSCertificate new.
    cert issuer:'fooBar'.
    cert subjectPublicKeyInfo:SubjectPublicKeyInfo new.
and eventually encoded using the BER-coder:
    bytes := OSI::BERCoder encode:cert.
or decode a BER-encoded stream, using the ASN.1 type:
    cert := OSI::BERCoder decode:bztes withType:TBSCertificate.

Compiling ASN.1 Defnitions

--- to be documented ---


This document is available upon request.


This addOn package is licensed separately from the base ST/X system.
Please contact eXept for license information & pricing.

Copyright © 1999 eXept Software AG


Doc $Revision: 1.11 $