Package com.github.toolarium.security.pki.impl.rsa.der

Class DERInputStream

java.lang.Object
com.github.toolarium.security.pki.impl.rsa.der.DERInputStream
public class DERInputStream extends Object
A DER input stream, used for parsing ASN.1 DER-encoded data such as that found in X.509 certificates. DER is a subset of BER/1, which has the advantage that it allows only a single encoding of primitive data. (High level data such as dates still support many encodings.) That is, it uses the "Definite" Encoding Rules (DER) not the "Basic" ones (BER).

Note that, like BER/1, DER streams are streams of explicitly tagged data values. Accordingly, this programming interface does not expose any variant of the java.io.InputStream interface, since that kind of input stream holds untagged data values and using that I/O model could prevent correct parsing of the DER data.

At this time, this class supports only a subset of the types of DER data encodings which are defined. That subset is sufficient for parsing most X.509 certificates.

  • Constructor Details

    • DERInputStream

      public DERInputStream(byte[] data)
      Create a DER input stream from a data buffer. The buffer is not copied, it is shared. Accordingly, the buffer should be treated as read-only.
      Parameters:
      data - the buffer from which to create the string (CONSUMED)

    • DERInputStream

      public DERInputStream(byte[] data, int offset, int len)
      Create a DER input stream from part of a data buffer. The buffer is not copied, it is shared. Accordingly, the buffer should be treated as read-only.
      Parameters:
      data - the buffer from which to create the string (CONSUMED)
      offset - the first index of data which will be read as DER input in the new stream
      len - how long a chunk of the buffer to use, starting at "offset"

    • DERInputStream

      public DERInputStream(DERInputBuffer buf)
      Constructor for DERInputStream
      Parameters:
      buf - the buffer

  • Method Details

    • subStream

      public DERInputStream subStream(int len, boolean doSkip) throws IOException
      Creates a new DER input stream from part of this input stream.
      Parameters:
      len - how long a chunk of the current input stream to use, starting at the current position.
      doSkip - true if the existing data in the input stream should be skipped. If this value is false, the next data read on this stream and the newly created stream will be the same.
      Returns:
      the stream
      Throws:
      IOException - in case of error

    • toByteArray

      public byte[] toByteArray()
      Return what has been written to this DERInputStream as a byte array. Useful for debugging.
      Returns:
      the array

    • getInteger

      public BigInt getInteger() throws IOException
      Get an (unsigned) integer from the input stream.
      Returns:
      the integer
      Throws:
      IOException - in case of error

    • getEnumerated

      public BigInt getEnumerated() throws IOException
      Get an enumerated from the input stream.
      Returns:
      the integer
      Throws:
      IOException - in case of error

    • getBitString

      public byte[] getBitString() throws IOException
      Get a bit string from the input stream. Only octet-aligned bitstrings (multiples of eight bits in length) are handled by this method.
      Returns:
      the array
      Throws:
      IOException - in case of error

    • getUnalignedBitString

      public BitArray getUnalignedBitString() throws IOException
      Get a bit string from the input stream. The bit string need not be byte-aligned.
      Returns:
      the array
      Throws:
      IOException - in case of error

    • getOctetString

      public byte[] getOctetString() throws IOException
      Returns an ASN.1 OCTET STRING from the input stream.
      Returns:
      the array
      Throws:
      IOException - in case of error

    • getBytes

      public void getBytes(byte[] val) throws IOException
      Returns the asked number of bytes from the input stream.
      Parameters:
      val - the array
      Throws:
      IOException - in case of error

    • getNull

      public void getNull() throws IOException
      Reads an encoded null value from the input stream.
      Throws:
      IOException - in case of error

    • getOID

      public ObjectIdentifier getOID() throws IOException
      Reads an X.200 style Object Identifier from the stream.
      Returns:
      the id
      Throws:
      IOException - in case of error

    • getSequence

      public DERValue[] getSequence(int startLen) throws IOException
      Return a sequence of encoded entities. ASN.1 sequences are ordered, and they are often used, like a "struct" in C or C++, to group data values. They may have optional or context specific values.
      Parameters:
      startLen - guess about how long the sequence will be (used to initialize an auto-growing data structure)
      Returns:
      array of the values in the sequence
      Throws:
      IOException - in case of error

    • getSet

      public DERValue[] getSet(int startLen) throws IOException
      Return a set of encoded entities. ASN.1 sets are unordered, though DER may specify an order for some kinds of sets (such as the attributes in an X.500 relative distinguished name) to facilitate binary comparisons of encoded values.
      Parameters:
      startLen - guess about how large the set will be (used to initialize an auto-growing data structure)
      Returns:
      array of the values in the sequence
      Throws:
      IOException - in case of error

    • getSet

      public DERValue[] getSet(int startLen, boolean implicit) throws IOException
      Return a set of encoded entities. ASN.1 sets are unordered, though DER may specify an order for some kinds of sets (such as the attributes in an X.500 relative distinguished name) to facilitate binary comparisons of encoded values.
      Parameters:
      startLen - guess about how large the set will be (used to initialize an auto-growing data structure)
      implicit - if true tag is assumed implicit.
      Returns:
      array of the values in the sequence
      Throws:
      IOException - in case of error

    • readVector

      protected DERValue[] readVector(int startLen) throws IOException
      Read a "vector" of values ... set or sequence have the same encoding, except for the initial tag, so both use this same helper routine.
      Parameters:
      startLen - the start length
      Returns:
      the DERValue's
      Throws:
      IOException - In case of a data error

    • getDERValue

      public DERValue getDERValue() throws IOException
      Get a single DER-encoded value from the input stream. It can often be useful to pull a value from the stream and defer parsing it. For example, you can pull a nested sequence out with one call, and only examine its elements later when you really need to.
      Returns:
      the value
      Throws:
      IOException - in case of error

    • getUTF8String

      public String getUTF8String() throws IOException
      Read a string that was encoded as a UTF8String DER value.
      Returns:
      the string
      Throws:
      IOException - in case of error

    • getPrintableString

      public String getPrintableString() throws IOException
      Read a string that was encoded as a PrintableString DER value.
      Returns:
      the string
      Throws:
      IOException - in case of error

    • getT61String

      public String getT61String() throws IOException
      Read a string that was encoded as a T61String DER value.
      Returns:
      the string
      Throws:
      IOException - in case of error

    • getIA5String

      public String getIA5String() throws IOException
      Read a string that was encoded as a IA5tring DER value.
      Returns:
      the string
      Throws:
      IOException - in case of error

    • getBMPString

      public String getBMPString() throws IOException
      Read a string that was encoded as a BMPString DER value.
      Returns:
      the string
      Throws:
      IOException - in case of error

    • getUTCTime

      public Date getUTCTime() throws IOException
      Get a UTC encoded time value from the input stream.
      Returns:
      the date
      Throws:
      IOException - in case of error

    • getGeneralizedTime

      public Date getGeneralizedTime() throws IOException
      Get a generalized encoded time value from the input stream.
      Returns:
      the date
      Throws:
      IOException - in case of error

    • mark

      public void mark(int value)
      Mark the current position in the buffer, so that a later call to reset will return here.
      Parameters:
      value - the value

    • reset

      public void reset()
      Return to the position of the last mark call. A mark is implicitly set at the beginning of the stream when it is created.

    • available

      public int available()
      Returns the number of bytes available for reading. This is most useful for testing whether the stream is empty.
      Returns:
      the available bytes

    • peekByte

      public int peekByte() throws IOException
      Peek a byte
      Returns:
      the byte
      Throws:
      IOException - in case of error

    • getByte

      public int getByte()
      Get a byte from the input stream.
      Returns:
      a byte

    • getLength

      public int getLength() throws IOException
      Gets the length
      Returns:
      the length
      Throws:
      IOException - in case of error

    • getLength

      public static int getLength(InputStream in) throws IOException
      Get a length from the input stream, allowing for at most 32 bits of encoding to be used. (Not the same as getting a tagged integer!)
      Parameters:
      in - the input stream
      Returns:
      the length or -1 if indefinite length found.
      Throws:
      IOException - on parsing error or unsupported lengths.

    • getLength

      public static int getLength(int lenByte, InputStream in) throws IOException
      Get a length from the input stream, allowing for at most 32 bits of encoding to be used. (Not the same as getting a tagged integer!)
      Parameters:
      lenByte - the length
      in - the input stream
      Returns:
      the length or -1 if indefinite length found.
      Throws:
      IOException - on parsing error or unsupported lengths.