2362N/A * Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * A DER input stream, used for parsing ASN.1 DER-encoded data such as 0N/A * that found in X.509 certificates. DER is a subset of BER/1, which has 0N/A * the advantage that it allows only a single encoding of primitive data. 0N/A * (High level data such as dates still support many encodings.) That is, 0N/A * it uses the "Definite" Encoding Rules (DER) not the "Basic" ones (BER). 0N/A * <P>Note that, like BER/1, DER streams are streams of explicitly 0N/A * tagged data values. Accordingly, this programming interface does 0N/A * not expose any variant of the java.io.InputStream interface, since 0N/A * that kind of input stream holds untagged data values and using that 0N/A * I/O model could prevent correct parsing of the DER data. 0N/A * <P>At this time, this class supports only a subset of the types of DER 0N/A * data encodings which are defined. That subset is sufficient for parsing 0N/A * most X.509 certificates. 0N/A * @author David Brownell 0N/A * @author Amit Kapoor 0N/A * @author Hemma Prafullchandra 0N/A * This version only supports fully buffered DER. This is easy to 0N/A * work with, though if large objects are manipulated DER becomes 0N/A * awkward to deal with. That's where BER is useful, since BER 0N/A * handles streaming data relatively well. 0N/A /** The DER tag of the value; one of the tag_ constants. */ 0N/A * Create a DER input stream from a data buffer. The buffer is not 0N/A * copied, it is shared. Accordingly, the buffer should be treated 0N/A * @param data the buffer from which to create the string (CONSUMED) 0N/A * Create a DER input stream from part of a data buffer. 0N/A * The buffer is not copied, it is shared. Accordingly, the 0N/A * buffer should be treated as read-only. 0N/A * @param data the buffer from which to create the string (CONSUMED) 0N/A * @param offset the first index of <em>data</em> which will 0N/A * be read as DER input in the new stream 0N/A * @param len how long a chunk of the buffer to use, 0N/A * starting at "offset" 0N/A * private helper routine 0N/A // check for indefinite length encoding 0N/A * Creates a new DER input stream from part of this input stream. 0N/A * @param len how long a chunk of the current input stream to use, 0N/A * starting at the current position. 0N/A * @param do_skip true if the existing data in the input stream should 0N/A * be skipped. If this value is false, the next data read 0N/A * on this stream and the newly created stream will be the 0N/A * Return what has been written to this DerInputStream 0N/A * as a byte array. Useful for debugging. 0N/A * PRIMITIVES -- these are "universal" ASN.1 simple types. 0N/A * INTEGER, ENUMERATED, BIT STRING, OCTET STRING, NULL 0N/A * OBJECT IDENTIFIER, SEQUENCE (OF), SET (OF) 0N/A * UTF8String, PrintableString, T61String, IA5String, UTCTime, 0N/A * GeneralizedTime, BMPString. 0N/A * Note: UniversalString not supported till encoder is available. 0N/A * Get an integer from the input stream as an integer. 0N/A * @return the integer held in this DER input stream. 0N/A * Get a integer from the input stream as a BigInteger object. 0N/A * @return the integer held in this DER input stream. 0N/A * Returns an ASN.1 INTEGER value as a positive BigInteger. 0N/A * This is just to deal with implementations that incorrectly encode 0N/A * some values as negative. 0N/A * @return the integer held in this DER value as a BigInteger. 0N/A * Get an enumerated from the input stream. 0N/A * @return the integer held in this DER input stream. 0N/A * Get a bit string from the input stream. Padded bits (if any) 0N/A * will be stripped off before the bit string is returned. 0N/A * Get a bit string from the input stream. The bit string need 0N/A * not be byte-aligned. 0N/A * First byte = number of excess bits in the last octet of the 0N/A * Returns an ASN.1 OCTET STRING from the input stream. 0N/A * Returns the asked number of bytes from the input stream. 0N/A * Reads an encoded null value from the input stream. 0N/A * Reads an X.200 style Object Identifier from the stream. 0N/A * Return a sequence of encoded entities. ASN.1 sequences are 0N/A * ordered, and they are often used, like a "struct" in C or C++, 0N/A * to group data values. They may have optional or context 0N/A * @param startLen guess about how long the sequence will be 0N/A * (used to initialize an auto-growing data structure) 0N/A * @return array of the values in the sequence 0N/A * Return a set of encoded entities. ASN.1 sets are unordered, 0N/A * though DER may specify an order for some kinds of sets (such 0N/A * as the attributes in an X.500 relative distinguished name) 0N/A * to facilitate binary comparisons of encoded values. 0N/A * @param startLen guess about how large the set will be 0N/A * (used to initialize an auto-growing data structure) 0N/A * @return array of the values in the sequence 0N/A * Return a set of encoded entities. ASN.1 sets are unordered, 0N/A * though DER may specify an order for some kinds of sets (such 0N/A * as the attributes in an X.500 relative distinguished name) 0N/A * to facilitate binary comparisons of encoded values. 0N/A * @param startLen guess about how large the set will be 0N/A * (used to initialize an auto-growing data structure) 0N/A * @param implicit if true tag is assumed implicit. 0N/A * @return array of the values in the sequence 0N/A * Read a "vector" of values ... set or sequence have the 0N/A * same encoding, except for the initial tag, so both use 0N/A * this same helper routine. 0N/A // indefinite length encoding found 0N/A // return empty array instead of null, which should be 0N/A // used only for missing optionals 0N/A * Create a temporary stream from which to read the data, 0N/A * unless it's not really needed. 0N/A * Pull values out of the stream. 0N/A * Now stick them into the array we're returning. 0N/A * Get a single DER-encoded value from the input stream. 0N/A * It can often be useful to pull a value from the stream 0N/A * and defer parsing it. For example, you can pull a nested 0N/A * sequence out with one call, and only examine its elements 0N/A * later when you really need to. 0N/A * Read a string that was encoded as a UTF8String DER value. 0N/A * Read a string that was encoded as a PrintableString DER value. 0N/A * Read a string that was encoded as a T61String DER value. 0N/A * Works for common characters between T61 and ASCII. 0N/A * Read a string that was encoded as a IA5tring DER value. 0N/A * Read a string that was encoded as a BMPString DER value. 0N/A "UnicodeBigUnmarked");
0N/A * Read a string that was encoded as a GeneralString DER value. 0N/A * Private helper routine to read an encoded string from the input 0N/A * @param stringTag the tag for the type of string to read 0N/A * @param stringName a name to display in error messages 0N/A * @param enc the encoder to use to interpret the data. Should 0N/A * correspond to the stringTag above. 0N/A * Get a UTC encoded time value from the input stream. 0N/A * Get a Generalized encoded time value from the input stream. 0N/A * Get a byte from the input stream. 0N/A * Get a length from the input stream, allowing for at most 32 bits of 0N/A * encoding to be used. (Not the same as getting a tagged integer!) 0N/A * @return the length or -1 if indefinite length found. 0N/A * @exception IOException on parsing error or unsupported lengths. 0N/A * Get a length from the input stream, allowing for at most 32 bits of 0N/A * encoding to be used. (Not the same as getting a tagged integer!) 0N/A * @return the length or -1 if indefinite length found. 0N/A * @exception IOException on parsing error or unsupported lengths. 0N/A if ((
tmp &
0x080) ==
0x00) {
// short form, 1 byte datum 0N/A }
else {
// long form or indefinite 0N/A * NOTE: tmp == 0 indicates indefinite length encoded data. 0N/A * tmp > 4 indicates more than 4Gb of data. 0N/A + ((
tmp <
0) ?
"incorrect DER encoding." :
"too big."));
0N/A * Mark the current position in the buffer, so that 0N/A * a later call to <code>reset</code> will return here. 0N/A * Return to the position of the last <code>mark</code> 0N/A * call. A mark is implicitly set at the beginning of 0N/A * the stream when it is created. 0N/A * Returns the number of bytes available for reading. 0N/A * This is most useful for testing whether the stream is