You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -10,7 +10,7 @@
10
10
11
11
## The problem it solves
12
12
13
-
If you have ever written PKI tooling, you know the drill: encoding a Subject Distinguished Name, a Subject Alternative Name extension, or an X.509 Validity block means either reaching for a heavy framework that makes all the structural decisions for you, or writing low-level ASN.1 code that is brittle, hard to review, and even harder to reuse.
13
+
Whenever an application needs to produce structured binary data — network protocols, smart-card commands, certificate fields, device provisioning payloads — the choices are usually the same: reach for a heavy framework that makes all the structural decisions for you, or write low-level encoding code that is brittle, hard to review, and even harder to reuse across projects.
14
14
15
15
eNot takes a different approach. The binary structure is described as a plain JSON template:
16
16
@@ -38,9 +38,9 @@ That's it. The engine resolves `${common_name}`, encodes the UTF-8 string as DER
38
38
39
39
## Going further — loops, conditions, and composition
40
40
41
-
Real certificate structures are not flat. eNot handles this with built-in control-flow elements.
41
+
Binary structures are rarely flat. eNot handles this with built-in control-flow elements.
42
42
43
-
**Loops** iterate over an array of parameters and produce one encoded element per entry — useful for multi-valued SANs or Organizational Unit lists:
43
+
**Loops** iterate over an array of parameters and produce one encoded element per entry — any repeated structure maps directly to a loop:
44
44
45
45
```json
46
46
{
@@ -58,7 +58,7 @@ Real certificate structures are not flat. eNot handles this with built-in contro
58
58
}
59
59
```
60
60
61
-
**Conditions** encode a body only when an expression evaluates to `true` — for example, choosing between `UTCTime` and `GeneralizedTime` based on whether a date falls before or after 2050 (exactly as RFC 5280 requires):
61
+
**Conditions** encode a body only when an expression evaluates to `true`. The body is simply skipped when the expression is false, so a single template can cover multiple encoding variants depending on the input. One example is encoding a date in a different format depending on its value (as RFC 5280 requires for X.509 validity dates):
62
62
63
63
```json
64
64
{
@@ -75,7 +75,7 @@ Real certificate structures are not flat. eNot handles this with built-in contro
75
75
}
76
76
```
77
77
78
-
**References** let one template include another by identifier at parse time, so large structures (like a full SAN extension) are assembled from smaller, independently testable pieces rather than one monolithic file.
78
+
**References** let one template include another by identifier at parse time, so large or complex structures are assembled from smaller, independently testable pieces rather than one monolithic file — the same composability principle that makes software maintainable applies directly to binary templates.
0 commit comments