On another thread (“Grails”), Tor Iver Wilhelmsen
[email protected]
wrote:
[M] Built-in support for ASN.1 would be nice as well. Admittedly,
ASN.1 has apparently been relegated to “just for SNMP traps”,
despite the fact that ASN.1 can in theory replace RMI entirely, much
like SOAP. Watch this space.
ASN.1 is one of those binary formats that grew out of ISO. It’s lack
of popularity can perhaps be attributed to the lack of popularity for
other ISO things like X.400 (ISO MOTIS) mail.
<<<<<<<<<<<
Is anyone actually interested in ASN.1 support for Ruby? I implemented
enough of it for LDAP in the Net::LDAP library, in a reasonably
encapsulated
way so it could be abstracted into its own package. I’d be happy to do
this
if anyone has a use for it.
Francis C. wrote:
Is anyone actually interested in ASN.1 support for Ruby? I implemented
enough of it for LDAP in the Net::LDAP library, in a reasonably
encapsulated way so it could be abstracted into its own package. I’d
be happy to do this if anyone has a use for it.
OpenSSL comes with an awful lot of ASN.1 code, though I don’t know how
extensive this is compared to your requirements or your implementation.
Extracting the ASN.1 part of your LDAP library sounds reasonable.
However, would it be worth instead (or also) extending the Ruby
interface to OpenSSL to expose its ASN.1 features?
Sadly documentation on both sides of the fence is pretty poor which
might not help. Ruby OpenSSL doesn’t have much at all; as a starting
point see:
http://raa.ruby-lang.org/project/openssl/
That said there are people using it. It seems to give straightforward
code from the little bits that I’ve seen used so far, such as here:
http://technoweenie.stikipad.com/plugins/show/Reversible+Encrypted+Passwords
Although a lot of the crypto library is now documented, the OpenSSL
project hasn’t described the ASN.1 API yet:
http://www.openssl.org/docs/crypto/crypto.html
The distribution does come with a few relevant .pod files that don’t
seem to be online but they only cover a tiny fraction of the interface
visible in <crypto/asn1/asn1.h>. Meanwhile, Google returns nothing but
security advisories for “openssl ‘asn.1’”… Is it me, or have I just
spent the last few minutes arguing against myself?
The SSL/TLS wire protocol is a binary format, but it’s not based on
ASN.1.
You may be thinking of the X.509 and PKCS standards, which are full of
ASN.1stuff (and of course they’re implemented in the crypto libraries
that come
with OpenSSL). For all those applications, I’d say the less the users
know
about the data-representation, the better.
I was wondering about plain old ASN.1 with BER/DER/CER as a transport
protocol. My guess is that it’s not very interesting these days.
Francis C. wrote:
You may be thinking of the X.509 and PKCS standards, which are full of
ASN.1stuff (and of course they’re implemented in the crypto libraries
that come with OpenSSL). For all those applications, I’d say the less
the users know about the data-representation, the better.
Yes, I was thinking of this ASN.1 code. The crypto library is highly
modular; it includes what looks like a generic ASN.1 support library.
The X.509 etc. code calls into it, but although the asn1.h public header
file does contain some items that are specfic to OpenSSL operations, it
gives the impression that it could be used for a much wider range of
applications. Of course, I could be wrong. I’ve uploaded the header from
openssl-0.9.8b at the URL below in case you’re interested, to save you
having to get the whole tarball just for that one file:
http://pond.org.uk/misc/asn1.h
Francis C. wrote:
ASN.1 is one of those binary formats that grew out of ISO. It’s lack
of popularity can perhaps be attributed to the lack of popularity for
other ISO things like X.400 (ISO MOTIS) mail.
JS: Several of the biological and chemical databases compiled by NCBI
use ASN.1 format. For backward compatibility, they also provide flat
files. However, for newer software, ASN.1 format is recommended.
Is anyone actually interested in ASN.1 support for Ruby? I implemented
enough of it for LDAP in the Net::LDAP library, in a reasonably
encapsulated
way so it could be abstracted into its own package. I’d be happy to do this
if anyone has a use for it.
JS: It would be great to have a Ruby library to parse and search such
biological and chemical databases in ASN.1 format. For now, since I
do not have the time to develop one, I am using their flat file
format.
You could take a look at
http://www.ncbi.nih.gov/Sitemap/samplerecord.html to see a sample of the
data in flat format.
Please send an e-mail to me offline, should you feel that you could
extract and complete your library.
Best regards,
JS
Thanks for sending the library, Andrew, but as it turns out I’m already
quite familiar with the inside of OpenSSL ;-). Part of the point of
doing
the Net::LDAP library (and an eventual Net::ASN1 library should there be
a
need for it) is to have everything be in pure Ruby.
The thing about ASN.1 is that it’s not a grammar. It’s actually a
grammar-grammar, so it always makes use of an context-specific data
definition for each domain. Has NCBI published one for theirs?
On Jul 7, 2006, at 11:26 PM, Srinivas JONNALAGADDA wrote:
JS: Several of the biological and chemical databases compiled by NCBI
use ASN.1 format. For backward compatibility, they also provide
flat
files. However, for newer software, ASN.1 format is recommended.
People who offer data like this usually regret it when they discover
how few ASN.1 tools there are. I’ve never found a decently-
performing free general-purpose ASN.1 reader; there are a few that
you can find, but they’re typically buggy, slow, and usually fail on
the dataset that you’re interested in. -Tim
“Francis C.” [email protected] writes:
The thing about ASN.1 is that it’s not a grammar. It’s actually a
grammar-grammar, so it always makes use of an context-specific data
definition for each domain. Has NCBI published one for theirs?
There are a whole load of *.asn files (in ASN.1 format) inside
ftp://ftp.ncbi.nih.gov/toolbox/ncbi_tools/CURRENT/ncbi.tar.gz
Tim B. wrote:
you’re interested in. -Tim
That is probably why NCBI, in this case, also provides a set of tools to
deal with their data.
However, if I could quickly write a few lines of Ruby to parse some data
in my own way, I would rather avoid doing that in C. And that is how I
was asking Francis about a Ruby ASN.1 library.
Best regards,
JS
I’d be happy to do this if anyone has a use for it.
I don’t know yet but you could always make a small Gitweb project for it
and upload it there. And request for others to send modification
requests to you via git too.
I recently stumbled upon this article and it was of interest to me.
I wonder: did somebody decide to start this project at some future time,
or the idea was silently dropped?
Nobody here said: “No I will not do it” or “Yes I will do it”.
Marc H. wrote in post #1006085:
I’d be happy to do this if anyone has a use for it.
I don’t know yet but you could always make a small Gitweb project for it
and upload it there. And request for others to send modification
requests to you via git too.
The ruby OpenSSL library already provides code for parsing and
generating BER data, although the API isn’t particularly rubyesque, and
you’re dealing at a pretty low level.
Example from ruby-ldapserver:
def send_LDAPResult(tag, resultCode, opt={}) # :nodoc:
seq = [
OpenSSL::ASN1::Enumerated(resultCode),
OpenSSL::ASN1::OctetString(opt[:matchedDN] || ""),
OpenSSL::ASN1::OctetString(opt[:errorMessage] || ""),
]
if opt[:referral]
rs = opt[:referral].collect { |r| OpenSSL::ASN1::OctetString(r)
}
seq << OpenSSL::ASN1::Sequence(rs, 3, :IMPLICIT, :APPLICATION)
end
yield seq if block_given? # opportunity to add more elements
send_LDAPMessage(OpenSSL::ASN1::Sequence(seq, tag, :IMPLICIT,
:APPLICATION), opt)
end