[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Specification languages


Assuming that a specification language is required (and I'm not implying that
  it would be), I percieve that it would need to encode the following "Types".

simple integers - uint8, uint16, uint32, and uint64

         Represented in IETF network byte order directly--no length byte

variable length integers - uintv

         A single 16[32?] bit length field, representing the appropriate
         number of significant bits in the octets that follow. The octets
         represent the integer in IETF network byte order.

strings - octets

         A single 16[32?] bit length field (in network byte order)
         followed by the specified number of octets.  Comments in the

array - A single 16[32?] bit field indicating that an array of compound
        objects of the specified type follow.

The simple integer types could be followed by a qualifier indicating that
  they have some special purpose in relation to another object:

selects - used to indicate a "branch" in the encoding/decoding based on the
          value of the integer.  Could be used to select among codings for
          different public key types, for example (RSA, DSS, ElGamal, D-H etc).

So-called compound objects could be defined that are composed of lists of
   elements of the fundamental types.  Note that this isn't full-bore type
   synthesis, but a syntactic convenience.

Here is a simple certificate specification in this hypothetical language.

# Object description for a simple certificate
typedef RSAKeyInfo
        rsaExponent     uintv
    rsaModulus      uintv

typedef DSSKeyInfo
     dssP           uintv
     dssQ           uintv
     dssG           uintv
     dssY           uintv

typedef RSASignature
     sig            uintv

typedef DSSSignature
     sig_a          uintv
     sig_b          uintv

typedef Signature
     KeyId          uint64
     OtherIdent     octets
     OthIdType      uint8
     SigType        uint8  selects(SigBytes)
       SigBytes[0]    RSASignature
       SigBytes[1]    DSSSignature

object simple-certificate
    Version         uint8
# 0x01 for this version

    KeyId           uint64

    OtherIdent      octets

    OthIdType       uint8
# 0x00 - 7 BIT ASCII
# 0x01 - UNICODE

    Created         uint64
    Expires         uint64

    KeyType         uint8  selects(Key)
      Key[0]          RSAKeyInfo
      Key[1]          DSSKeyInfo

    Signatures      array(Signature)

Version: 2.6.2


Marcus Leech                   Mail: Dept 4C16, MS 238, CAR
Systems Security Architect     Phone   : (ESN) 395-4901  (613) 763-9145
Systems Security Services      Fax     : (ESN) 393-7679  (613) 763-7679
Nortel Technologies            mleech@bnr.ca
-----------------Expressed opinions are my own, not my employers------