Examples of sun.security.util.DerInputStream

• sun.security.util.DerInputStream
  A DER input stream, used for parsing ASN.1 DER-encoded data such as that found in X.509 certificates. DER is a subset of BER/1, which has the advantage that it allows only a single encoding of primitive data. (High level data such as dates still support many encodings.) That is, it uses the "Definite" Encoding Rules (DER) not the "Basic" ones (BER).

  Note that, like BER/1, DER streams are streams of explicitly tagged data values. Accordingly, this programming interface does not expose any variant of the java.io.InputStream interface, since that kind of input stream holds untagged data values and using that I/O model could prevent correct parsing of the DER data.

  At this time, this class supports only a subset of the types of DER data encodings which are defined. That subset is sufficient for parsing most X.509 certificates. @author David Brownell @author Amit Kapoor @author Hemma Prafullchandra

        }
        byte[] rawExtVal = cert.getExtensionValue(EXTENSION_OIDS[extId]);
        if (rawExtVal == null) {
            return null;
        }
        DerInputStream in = new DerInputStream(rawExtVal);
        byte[] encoded = in.getOctetString();
        switch (extId) {
        case PRIVATE_KEY_USAGE_ID:
            try {
                return new PrivateKeyUsageExtension(FALSE, encoded);
            } catch (CertificateException ex) {

                    debug.println("X509CertSelector.match: "
                        + "no subject key ID extension");
                }
                return false;
            }
            DerInputStream in = new DerInputStream(extVal);
            byte[] certSubjectKeyID = in.getOctetString();
            if (certSubjectKeyID == null ||
                    !Arrays.equals(subjectKeyID, certSubjectKeyID)) {
                if (debug != null) {
                    debug.println("X509CertSelector.match: "
                        + "subject key IDs don't match");

                    debug.println("X509CertSelector.match: "
                        + "no authority key ID extension");
                }
                return false;
            }
            DerInputStream in = new DerInputStream(extVal);
            byte[] certAuthKeyID = in.getOctetString();
            if (certAuthKeyID == null ||
                    !Arrays.equals(authorityKeyID, certAuthKeyID)) {
                if (debug != null) {
                    debug.println("X509CertSelector.match: "
                        + "authority key IDs don't match");

                    debug.println("X509CRLSelector.match: no CRLNumber");
                }
            }
            BigInteger crlNum;
            try {
                DerInputStream in = new DerInputStream(crlNumExtVal);
                byte[] encoded = in.getOctetString();
                CRLNumberExtension crlNumExt =
                    new CRLNumberExtension(Boolean.FALSE, encoded);
                crlNum = (BigInteger)crlNumExt.get(CRLNumberExtension.NUMBER);
            } catch (IOException ex) {
                if (debug != null) {

     */

     public static ObjectIdentifier getOID(byte[] derOID)
         throws IOException
     {
         DerInputStream dis = new DerInputStream(derOID);
         ObjectIdentifier oid = dis.getOID();

         /* Note: getOID() method call generates an IOException
          *       if derOID contains any malformed data
          */
         return oid;

                /* Extract DER encoding */
                derenc = X509CertificateChainHelper.extract(any);
            }

            DerInputStream din = new DerInputStream(derenc);

            /**
             * Size specified for getSequence() is 1 and is just
             * used as a guess by the method getSequence().
             */
            DerValue[] derval = din.getSequence(1);
            X509Certificate[] certchain =
                        new X509CertImpl[derval.length];
            /**
             * X509Certificate does not have a constructor which can
             * be used to instantiate objects from DER encodings. So

        if (is == null) {
            throw new CertificateException("input stream is null");
        }

        try {
            DerInputStream dis = new DerInputStream(readAllBytes(is));
            DerValue[] seq = dis.getSequence(3);
            if (seq.length == 0) {
                return Collections.<X509Certificate>emptyList();
            }

            certFac = CertificateFactory.getInstance("X.509");

            } else {
                byte[] extVal = cert.getExtensionValue(OID_NETSCAPE_CERT_TYPE);
                if (extVal == null) {
                    return true;
                }
                DerInputStream in = new DerInputStream(extVal);
                byte[] encoded = in.getOctetString();
                encoded = new DerValue(encoded).getUnalignedBitString()
                                                                .toByteArray();
                ext = new NetscapeCertTypeExtension(encoded);
            }
            Boolean val = (Boolean)ext.get(type);

            + "\n  y:\n" + Debug.toHexString(y) + "\n";
    }

    protected void parseKeyBits() throws InvalidKeyException {
        try {
            DerInputStream in = new DerInputStream(key);
            y = in.getBigInteger();
        } catch (IOException e) {
            throw new InvalidKeyException("Invalid key: y value\n" +
                                          e.getMessage());
        }
    }

        int mechOidLen  = (((0xFF & nameVal[pos++]) << 8) |
                           (0xFF & nameVal[pos++]));
        ObjectIdentifier temp = null;
        try {
            DerInputStream din = new DerInputStream(nameVal, pos,
                                                    mechOidLen);
            temp = new ObjectIdentifier(din);
        } catch (IOException e) {
            throw new GSSExceptionImpl(GSSException.BAD_NAME, e);
        }