--- /dev/null
+# Ideas about Python Quick DER
+
+> *It should be reasonably straightforward to map Quick DER to Python.*
+
+We may create an object that invokes the parser, and returns the output as a
+list, whose length matches the number of `DER_PACK_STORE` instructions. This
+is a single run of the parser; we may run it again for parts of what we find.
+
+The delivered list is mirrorred in Python instructions for packing it into a
+dictionary format. This includes labels from the ASN.1 syntax for both the
+`DER_PACK_STORE` and `DER_PACK_ENTER` stages, although `None` may at some
+points be used to suggest skipping the action (notable not entering a new
+dictionary level). This list can be derived along with the parser bytecodes.
+
+Some of the entries need further parsing. The `SEQUENCE OF` and `SET OF` types
+should be mapped to a list and set, respectively. Things typed as `ANY` remain
+as they are, namely unparsed DER content (that may however cause a user program
+to invoke the parser again).
+
+Building DER is the reverse process, and it can follow the same process.
+
+It may be interesting to create a class for the parser, so as to enable it
+to `pack()` and `unpack()` based on contained instructions. These classes,
+and certainly their descriptions, could be automatically generated by an
+ASN.1 compiler (such as `asn2quickder` which would be modified for generation
+of Python code) and the methods would be defined in an abstract class
+imported into the generated classes.
+
+What we'd end up with is a concept where we generate a class like
+`quick-der.rfc4120-Ticket` and can use it as follows:
+
+ import quick_der.rfc4120_Ticket as Ticket
+
+ def show_ticket (der):
+ """Access individual parts of the Ticket, and print them.
+ Then compose the owner's name from its constituent parts.
+ """
+ tkt = Ticket (der)
+ print 'Ticket for Realm', tkt.realm
+ print ' has name-type', tkt.sname.name_type
+ for nm in tkt.sname.name_string:
+ print ' has name-string component', nm
+ owner = '/'.join (tkt.sname.name_string) + '@' + tkt.realm
+ print 'In short, it is for', owner
+
+ def rebase_ticket (der, newrealm):
+ """This violates RFC 4120, but is still a nice demo of modifying
+ DER data in Python. The violation is caused by the mismatch
+ of the realm with the encrypted copy in tkt.enc_part
+ """
+ tkt = Ticket (der)
+ tkt.realm = newrealm
+ return tkt.pack ()
+
* **More testing.** The current `test` directory is far too small; we can take a PKIX certificate apart and re-compose it, so we're definately doing something good, but this is nowhere near thorough testing. If you run into a problem case, then *please* share it so we can solve it and extend our test base.
* **Compiler output testing.** The compiler output is currently compiled to see if there are C syntactical problems, but that is all. They have been visually compared to manually crafted code, too. More exhaustive tests, including a full application, would be in order.
- * **Python embedding.** This would be useful for many protocol applications that need to modify a few things. It also greatly helps to get more protocols within the reach of Python. See our [ideas about Python of Quick DER](PYTHON.MD) for a plan that greatly simplifies ASN.1 processing with Python.
+ * **Python embedding.** This would be useful for many protocol applications that need to modify a few things. It also greatly helps to get more protocols within the reach of Python. See our [ideas about Python Quick DER](PYTHON.MD) for a plan that greatly simplifies ASN.1 processing with Python.
And of course, there are many useful things we may do with this library:
projects / quick-der / commitdiff