Le 18/12/15 10:34, Zheng, Kai a écrit :
> Got it, thank for the clarifying.
>
> Would you point to the main RFC spec that contains the ASN1 definition the
> library implements? I would take a look and see what kerby-asn1 still lacks
> for it.
There is no such RFC. The only place where something related to ASN.1 is
explicited is in RFC 4511 :
4. Elements of Protocol
The protocol is described using Abstract Syntax Notation One
([ASN.1]) and is transferred using a subset of ASN.1 Basic Encoding
Rules ([BER]). Section 5 specifies how the protocol elements are
encoded and transferred.
and specifically :
5.1. Protocol Encoding
The protocol elements of LDAP SHALL be encoded for exchange using the
Basic Encoding Rules [BER] of [ASN.1] with the following
restrictions:
- Only the definite form of length encoding is used.
- OCTET STRING values are encoded in the primitive form only.
- If the value of a BOOLEAN type is true, the encoding of the value
octet is set to hex "FF".
- If a value of a type is its default value, it is absent. Only some
BOOLEAN and INTEGER types have default values in this protocol
definition.
These restrictions are meant to ease the overhead of encoding and
decoding certain elements in BER.
These restrictions do not apply to ASN.1 types encapsulated inside of
OCTET STRING values, such as attribute values, unless otherwise
stated.
So to speak, this is just a subset of the BER encoding. Note that
Kerberos uses a slightly different encoding : DER.
