[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

v1.3 R10 Enhanced SNACC Freeware Now Available



All,

Getronics Government Solutions has delivered the v1.3 R10 Enhanced
SNACC (eSNACC) Abstract Syntax Notation One (ASN.1) Compiler,
C++ library and C library source code and binaries tested on the 
Linux, Sun Solaris 2.8 and Microsoft Windows NT/98/2000/XP operating
systems.  The eSNACC software is freely available to everyone from:
<http://www.getronicsgov.com/hot/snacc_home.htm>.  The v1.3 R10
eSNACC release fixes significant bugs present in the previous
releases.

The eSNACC ASN.1 software can be used to ASN.1 encode and decode
objects.  In past releases, Getronics improved the eSNACC C++ 
library to implement the Distinguished Encoding Rules (DER), 
support large ASN.1 INTEGERs, and improve memory usage.    


v1.3 R10 eSNACC enhancements (compared to v1.3 R8 and R9 releases):

1) We corrected the eSNACC ASN.1 C and C++ libraries to properly
implement the sorting of SET OF components as specified in the 1997
X.690 DER requirements.  The eSNACC ASN.1 C++ library was incorrectly 
ignoring the tag and length of each component when determining 
their order.  The bug was present in the v1.3 R7, v1.3 R8, and 
v1.3 R9 releases of the eSNACC ASN.1 C++ library.  This bug caused
interoperability problems with correct DER implementations.  For 
example, this bug caused the S/MIME Freeware Library (SFL) (that
uses the eSNACC ASN.1 C++ library) to report signature verification 
problems when attempting to verify valid signed S/MIME messages.   

2) We corrected several bugs in the eSNACC ASN.1 C++ and C  
libraries that we discovered when testing them using the Simple
Network Management Protocol (SNMP) v1 test suite developed by the
University of Oulu.  The bugs were all error handling problems that
occurred when each ASN.1 library attempted to decode invalidly 
encoded indefinite lengths on primitive types.  These were all bugs
in the original SNACC code.  We used the v1.3 R10 eSNACC ASN.1 C++ 
and C libraries to successfully process all 18,000 test cases in 
the SNMPv1 Oulu test suite.  

3) We fixed a bug in CSM_Buffer::Write(...) (sm_buffer.cpp file)
that resulted in a significant decrease in the time required to
ASN.1 decode objects greater than 1MB in size.


We tested the v1.3 R10 eSNACC release with the v2.0.1 S/MIME
Freeware Library (SFL) (with patch files applied) available 
from <http://www.getronicsgov.com/hot/sfl_home.htm> that 
uses the eSNACC ASN.1 software to encode and decode the IETF 
S/MIME v3 Cryptographic Message Syntax (RFC 2630) and Enhanced
Security Services for S/MIME (RFC 2634) security protocol.  

We tested the v1.3 R10 eSNACC release with the freeware v2.0.1
Certificate Management Library (CML) (no patch files required) 
available from  <http://www.getronicsgov.com/hot/cml_home.htm> 
that uses the eSNACC ASN.1 software to encode and decode X.509 
certificates, attribute certificates and Certificate Revocation 
Lists as specified in the 2000 X.509 Recommendation.

We tested the v1.3 R10 eSNACC release with the freeware v2.0.1
Access Control Library (ACL) (no patch files required to use
v1.3 R10 eSNACC release) available from
<http://www.getronicsgov.com/hot/acl_home.htm>.  The ACL uses
the eSNACC ASN.1 software to encode and decode security
labels and other objects (such as Security Policy Information 
Files) required to provide rule based access control as 
specified in SDN.801.

The eSNACC ASN.1 software implements the majority of the 
ASN.1 encoding/decoding rules as specified in the 1988 X.209 
Recommendation.  It implements the DER as specified in the 1997 
X.690 Recommendation.  It does not support all of the latest ASN.1
features, but there are strategies that allow it to be used to 
produce ASN.1 hex encodings that are identical to those produced by
ASN.1 libraries that do support the latest ASN.1 features.  Also note
that many of the PKIX specs, such as RFC 2459 and RFC 2630, include 
1988-compliant ASN.1 syntax modules which can be compiled using the
eSNACC compiler.

The eSNACC ASN.1 library is totally unencumbered as stated 
in the Enhanced SNACC Software Public License.  All source code
for the eSNACC software is being provided at no cost and with no
financial limitations regarding its use and distribution.  
Organizations can use the eSNACC software without paying
any royalties or licensing fees.  

The Internet Mail Consortium (IMC) has established an eSNACC
web page <http://www.imc.org/imc-snacc/>.  The IMC has established 
an eSNACC mail list which is used to: distribute information 
regarding eSNACC releases; discuss related issues; and 
provide a means for integrators to provide feedback, comments,
bug reports, etc.  Subscription information for the imc-snacc
mail list is at the IMC web site listed above.

We welcome all feedback regarding the eSNACC software.
If bugs are reported, then we will investigate each reported
bug and, if required, will produce a patch or an updated
release of the software to repair the bug. 

This release announcement was sent to several mail lists,
but please send all messages regarding the eSNACC 
software to the imc-snacc mail list ONLY.  Please do not send 
messages regarding the eSNACC software to any of the 
IETF mail lists.  We will respond to all messages sent to the
imc-snacc mail list.

===========================================
John Pawling, John.Pawling@xxxxxxxxxxxxxxxx
Getronics Government Solutions, LLC
===========================================