[OPENDJ-7193] Consider splitting out ASN.1 and ByteString APIs to separate libasn1 commons library Created: 13/May/20  Updated: 13/Nov/20

Status: Dev backlog
Project: OpenDJ
Component/s: core apis
Affects Version/s: 7.0.0
Fix Version/s: 7.1.0

Type: Task Priority: Blocker
Reporter: Matthew Swift Assignee: Unassigned
Resolution: Unresolved Votes: 1
Labels: None

Attachments: Java Source File DerInputStream.java     Java Source File DerOutputStream.java    
Issue Links:
depends on OPENDJ-6956 Replace Grizzly LDAP transport with R... Dev in Progress
relates to OPENDJ-6174 Make X509CertificateBuilder a public ... Dev backlog
Epic Link: Replace Grizzly


Commons secrets frequently needs to manipulate ASN1 and certificate encodings, as well as perform common byte sequence manipulations such as concat/append. As an example, see https://stash.forgerock.org/projects/COMMONS/repos/forgerock-commons/pull-requests/1378

It would be nice if Neil didn't have to re-implement this functionality. Note that LDAP uses DER encoding, which is compatible with security use-cases.

This issue can be closed once the following conditions have been met:

  • created a separate module containing our ASN1 reader/writer implementations and their dependencies such as ByteString classes
  • collapsed the ASN1Reader/Writer class hierarchies, including merging in the X509CertificateBuilder class. This depends on removal of Grizzly which has a specialized implementation of these classes at the moment
  • aligned the ASN1Reader/Writer classes so that they have equivalent read/write methods
  • enhanced the APIs to take advantage of JDK8 features such as lambdas. For example, we could implement lambdarized methods for reading and writing sequences and sets which would automatically take care of end sequences and also have the nice property of increasing the indentation level which aids readability.

Comment by Matthew Swift [ 14/May/20 ]

I've attached copies of the DER input/output streams that Neil implemented, so that the new commons ASN1 library can benefit from any nice techniques that Neil has used.

Comment by Matthew Swift [ 14/May/20 ]

Note Neil's input stream includes support for reading bit strings and OIDs.

Comment by Matthew Swift [ 29/Jul/20 ]

This issue depends on OPENDJ-6956 which simplifies the ASN.1 hierarchy to a single reader/writer implementation.

Comment by Jean-Noël Rouvignac [ 13/Nov/20 ]

When this issue gets resolved, there are two TODOs to remove in the (yet-to-be-commited) LdapRxSocket.

Generated at Fri Nov 27 05:54:22 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.