Re: iSCSI: BASE64 and numerical values

To: Julian Satran <Julian_Satran@il.ibm.com>
Subject: Re: iSCSI: BASE64 and numerical values
From: Bill Studenmund <wrstuden@wasabisystems.com>
Date: Mon, 20 May 2002 14:54:05 -0700 (PDT)
Cc: <ips@ece.cmu.edu>
Content-Type: TEXT/PLAIN; charset=US-ASCII
In-Reply-To: <OFE9412CA6.5969ED04-ONC2256BBD.002DAD47@telaviv.ibm.com>
Sender: owner-ips@ece.cmu.edu

On Sat, 18 May 2002, Julian Satran wrote:

> Yes for regular numerical values it makes sense. We will have to keep it
> for large numerical values used for cryptography.  Julo

I realize I'm driving a semantic nit, but I don't think we should use
BASE64 for any "numeric" values, only "binary" ones. I believe we probably
agree on what we want, I'm just worried that if the wording isn't 100%
tight, the decode path can become a real mess (since we're supposed to be
liberal in what we accept :-).

I'd like to suggest we drop BASE64 from the text that mentions numerical
values. I really don't look forward to byteswapping a 256 or 512 bit
number as part of BASE64 decode. :-)

I'd also like to suggest that for encoding large binary values using
hexadecimal, we state that the hexadecimal representation is that of the
number in network byte order. i.e. if I have the five octets 02 45 78 ab
de, the hex constant is 0x024578abde. That makes the decode logic REAL
easy; grab two hex characters & convert to one octet. Repeat as needed.
Please note that this is not the output you'd get with something like
printf("0x%x", number) on a little-endian machine.

Thirdly, I'd like to suggest we drop decimal support from binary objects.
It too has the cumbersome byte-swapping issue that I started this thread
about, just in reverse. :-)

I realize that's a lot for one EMail. :-)

To try and be proactive about this, I'd like to suggest revised text for
section 4.1 (of course needs word-wrapping). For the definitions:

     hex-constant: hexadecimal constant encoded as a string start-
       ing with "0x" or "0X" followed by 1 or more digits or the
       letters a, b, c, d, e, f, A, B, C, D, E and F. Hex-constants
       are used to encode numerical values or binary strings. When
       used to encode numerical values the excessive use of leading
       0 digits is discouraged. When used to encode binary strings
       hexadecimal constants must have an even number of digits,
       and have an implicit byte-length that
       includes 4 bits for every hexadecimal digit of the constant,
       including leading zeroes (i.e., a hex-constant of n hexadeci-
       mal digits has a byte-length of n/2). Additionally, when used
       to encode binary strings, hexadecimal constants shall be
       expressed in network byte order (i.e., the octet stream 02
       45 78 ab de would be expressed as "0x024578abde").

     decimal-constant: an unsigned decimal number - the digit 0 or a
       string of 1 or more digits starting with a non-zero digit.
       This encoding is not used for numerical values equal or
       greater than 2**64.

     base64-constant: base64 constant encoded as a string starting
       with "0b" or "0B" followed by 1 or more digits or letters or
       plus or slash or equal. The encoding is done according to
       [RFC2045]. base64-constants are used to encode binary strings.
       Base64-constants have an implicit byte-length that includes 6
       bits for every character of the constant excluding trailing
       equals (i.e., a base64-constant of n base64 characters
       excluding the trailing equals and m trailing equals has a
       byte-length of ((the integer part of) ((n+3)*3/4) - m).

       regular-numerical-value :  an unsigned integer less than 2**64
         encoded as a decimal-constant, or hex constant.

       large-numerical-value :  an unsigned integer larger than or
         equal to 2**64 encoded as a hex constant.

[no change for numerical-value or numerical-range]

       binary-value :  a binary string encoded as a hex-con-
         stant or base64-constant.  The length of the string is either
         specified by the key definition or is implicit byte-length of
         the encoded string.

[delete regualar-binary-value and large-binary-value since the distinction
is gone]

I don't see it explicitly mentioned anywhere, but I think all of the CHAP
(and SRP, but not sure) keys are large numericalal values, and the
kerberos and SPKM keys are binary values.

Also, I think the CHAP keys need the field length features of hexadecimal
binary strings, but they are numbers, not binary strings. Not sure how to
word that.

Take care,

Bill

References:
- iSCSI: BASE64 and numerical values
  - From: "Julian Satran" <Julian_Satran@il.ibm.com>

Prev by Date: RE: iSCSI: BASE64 and numerical values
Next by Date: Re: iSCSI: Login Request error
Prev by thread: RE: iSCSI: BASE64 and numerical values
Next by thread: RE: iSCSI: BASE64 and numerical values
Index(es):
- Date
- Thread

Home

Last updated: Mon May 20 22:18:32 2002
10156 messages in chronological order