• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 1996, 2009, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.  Oracle designates this
8  * particular file as subject to the "Classpath" exception as provided
9  * by Oracle in the LICENSE file that accompanied this code.
10  *
11  * This code is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14  * version 2 for more details (a copy is included in the LICENSE file that
15  * accompanied this code).
16  *
17  * You should have received a copy of the GNU General Public License version
18  * 2 along with this work; if not, write to the Free Software Foundation,
19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20  *
21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22  * or visit www.oracle.com if you need additional information or have any
23  * questions.
24  */
25 
26 package sun.security.util;
27 
28 import java.io.*;
29 import java.math.BigInteger;
30 import java.util.Date;
31 import sun.misc.IOUtils;
32 
33 /**
34  * Represents a single DER-encoded value.  DER encoding rules are a subset
35  * of the "Basic" Encoding Rules (BER), but they only support a single way
36  * ("Definite" encoding) to encode any given value.
37  *
38  * <P>All DER-encoded data are triples <em>{type, length, data}</em>.  This
39  * class represents such tagged values as they have been read (or constructed),
40  * and provides structured access to the encoded data.
41  *
42  * <P>At this time, this class supports only a subset of the types of DER
43  * data encodings which are defined.  That subset is sufficient for parsing
44  * most X.509 certificates, and working with selected additional formats
45  * (such as PKCS #10 certificate requests, and some kinds of PKCS #7 data).
46  *
47  * A note with respect to T61/Teletex strings: From RFC 1617, section 4.1.3
48  * and RFC 3280, section 4.1.2.4., we assume that this kind of string will
49  * contain ISO-8859-1 characters only.
50  *
51  *
52  * @author David Brownell
53  * @author Amit Kapoor
54  * @author Hemma Prafullchandra
55  */
56 public class DerValue {
57     /** The tag class types */
58     public static final byte TAG_UNIVERSAL = (byte)0x000;
59     public static final byte TAG_APPLICATION = (byte)0x040;
60     public static final byte TAG_CONTEXT = (byte)0x080;
61     public static final byte TAG_PRIVATE = (byte)0x0c0;
62 
63     /** The DER tag of the value; one of the tag_ constants. */
64     public byte                 tag;
65 
66     protected DerInputBuffer    buffer;
67 
68     /**
69      * The DER-encoded data of the value, never null
70      */
71     public final DerInputStream data;
72 
73     private int                 length;
74 
75     /**
76      * The original encoded form of the whole value (tag, length, and value)
77      * or null if the form was not provided or was not retained during parsing.
78      */
79     private byte[]              originalEncodedForm;
80 
81     /*
82      * The type starts at the first byte of the encoding, and
83      * is one of these tag_* values.  That may be all the type
84      * data that is needed.
85      */
86 
87     /*
88      * These tags are the "universal" tags ... they mean the same
89      * in all contexts.  (Mask with 0x1f -- five bits.)
90      */
91 
92     /** Tag value indicating an ASN.1 "BOOLEAN" value. */
93     public final static byte    tag_Boolean = 0x01;
94 
95     /** Tag value indicating an ASN.1 "INTEGER" value. */
96     public final static byte    tag_Integer = 0x02;
97 
98     /** Tag value indicating an ASN.1 "BIT STRING" value. */
99     public final static byte    tag_BitString = 0x03;
100 
101     /** Tag value indicating an ASN.1 "OCTET STRING" value. */
102     public final static byte    tag_OctetString = 0x04;
103 
104     /** Tag value indicating an ASN.1 "NULL" value. */
105     public final static byte    tag_Null = 0x05;
106 
107     /** Tag value indicating an ASN.1 "OBJECT IDENTIFIER" value. */
108     public final static byte    tag_ObjectId = 0x06;
109 
110     /** Tag value including an ASN.1 "ENUMERATED" value */
111     public final static byte    tag_Enumerated = 0x0A;
112 
113     /** Tag value indicating an ASN.1 "UTF8String" value. */
114     public final static byte    tag_UTF8String = 0x0C;
115 
116     /** Tag value including a "printable" string */
117     public final static byte    tag_PrintableString = 0x13;
118 
119     /** Tag value including a "teletype" string */
120     public final static byte    tag_T61String = 0x14;
121 
122     /** Tag value including an ASCII string */
123     public final static byte    tag_IA5String = 0x16;
124 
125     /** Tag value indicating an ASN.1 "UTCTime" value. */
126     public final static byte    tag_UtcTime = 0x17;
127 
128     /** Tag value indicating an ASN.1 "GeneralizedTime" value. */
129     public final static byte    tag_GeneralizedTime = 0x18;
130 
131     /** Tag value indicating an ASN.1 "GenerallString" value. */
132     public final static byte    tag_GeneralString = 0x1B;
133 
134     /** Tag value indicating an ASN.1 "UniversalString" value. */
135     public final static byte    tag_UniversalString = 0x1C;
136 
137     /** Tag value indicating an ASN.1 "BMPString" value. */
138     public final static byte    tag_BMPString = 0x1E;
139 
140     // CONSTRUCTED seq/set
141 
142     /**
143      * Tag value indicating an ASN.1
144      * "SEQUENCE" (zero to N elements, order is significant).
145      */
146     public final static byte    tag_Sequence = 0x30;
147 
148     /**
149      * Tag value indicating an ASN.1
150      * "SEQUENCE OF" (one to N elements, order is significant).
151      */
152     public final static byte    tag_SequenceOf = 0x30;
153 
154     /**
155      * Tag value indicating an ASN.1
156      * "SET" (zero to N members, order does not matter).
157      */
158     public final static byte    tag_Set = 0x31;
159 
160     /**
161      * Tag value indicating an ASN.1
162      * "SET OF" (one to N members, order does not matter).
163      */
164     public final static byte    tag_SetOf = 0x31;
165 
166     /*
167      * These values are the high order bits for the other kinds of tags.
168      */
169 
170     /**
171      * Returns true if the tag class is UNIVERSAL.
172      */
isUniversal()173     public boolean isUniversal()      { return ((tag & 0x0c0) == 0x000); }
174 
175     /**
176      * Returns true if the tag class is APPLICATION.
177      */
isApplication()178     public boolean isApplication()    { return ((tag & 0x0c0) == 0x040); }
179 
180     /**
181      * Returns true iff the CONTEXT SPECIFIC bit is set in the type tag.
182      * This is associated with the ASN.1 "DEFINED BY" syntax.
183      */
isContextSpecific()184     public boolean isContextSpecific() { return ((tag & 0x0c0) == 0x080); }
185 
186     /**
187      * Returns true iff the CONTEXT SPECIFIC TAG matches the passed tag.
188      */
isContextSpecific(byte cntxtTag)189     public boolean isContextSpecific(byte cntxtTag) {
190         if (!isContextSpecific()) {
191             return false;
192         }
193         return ((tag & 0x01f) == cntxtTag);
194     }
195 
isPrivate()196     boolean isPrivate()        { return ((tag & 0x0c0) == 0x0c0); }
197 
198     /** Returns true iff the CONSTRUCTED bit is set in the type tag. */
isConstructed()199     public boolean isConstructed()    { return ((tag & 0x020) == 0x020); }
200 
201     /**
202      * Returns true iff the CONSTRUCTED TAG matches the passed tag.
203      */
isConstructed(byte constructedTag)204     public boolean isConstructed(byte constructedTag) {
205         if (!isConstructed()) {
206             return false;
207         }
208         return ((tag & 0x01f) == constructedTag);
209     }
210 
211     /**
212      * Creates a PrintableString or UTF8string DER value from a string
213      */
DerValue(String value)214     public DerValue(String value) throws IOException {
215         boolean isPrintableString = true;
216         for (int i = 0; i < value.length(); i++) {
217             if (!isPrintableStringChar(value.charAt(i))) {
218                 isPrintableString = false;
219                 break;
220             }
221         }
222 
223         data = init(isPrintableString ? tag_PrintableString : tag_UTF8String, value);
224     }
225 
226     /**
227      * Creates a string type DER value from a String object
228      * @param stringTag the tag for the DER value to create
229      * @param value the String object to use for the DER value
230      */
DerValue(byte stringTag, String value)231     public DerValue(byte stringTag, String value) throws IOException {
232         data = init(stringTag, value);
233     }
234 
235     /**
236      * Creates a DerValue from a tag and some DER-encoded data.
237      *
238      * @param tag the DER type tag
239      * @param data the DER-encoded data
240      */
DerValue(byte tag, byte[] data)241     public DerValue(byte tag, byte[] data) {
242         this.tag = tag;
243         buffer = new DerInputBuffer(data.clone());
244         length = data.length;
245         this.data = new DerInputStream(buffer);
246         this.data.mark(Integer.MAX_VALUE);
247     }
248 
249     /*
250      * package private
251      */
DerValue(DerInputBuffer in, boolean originalEncodedFormRetained)252     DerValue(DerInputBuffer in, boolean originalEncodedFormRetained)
253             throws IOException {
254         // XXX must also parse BER-encoded constructed
255         // values such as sequences, sets...
256 
257         int startPosInInput = in.getPos();
258         tag = (byte)in.read();
259         byte lenByte = (byte)in.read();
260         length = DerInputStream.getLength((lenByte & 0xff), in);
261         if (length == -1) {  // indefinite length encoding found
262             DerInputBuffer inbuf = in.dup();
263             int readLen = inbuf.available();
264             int offset = 2;     // for tag and length bytes
265             byte[] indefData = new byte[readLen + offset];
266             indefData[0] = tag;
267             indefData[1] = lenByte;
268             DataInputStream dis = new DataInputStream(inbuf);
269             dis.readFully(indefData, offset, readLen);
270             dis.close();
271             DerIndefLenConverter derIn = new DerIndefLenConverter();
272             inbuf = new DerInputBuffer(derIn.convert(indefData));
273             if (tag != inbuf.read())
274                 throw new IOException
275                         ("Indefinite length encoding not supported");
276             length = DerInputStream.getLength(inbuf);
277             buffer = inbuf.dup();
278             buffer.truncate(length);
279             data = new DerInputStream(buffer);
280             // indefinite form is encoded by sending a length field with a
281             // length of 0. - i.e. [1000|0000].
282             // the object is ended by sending two zero bytes.
283             in.skip(length + offset);
284         } else {
285 
286             buffer = in.dup();
287             buffer.truncate(length);
288             data = new DerInputStream(buffer);
289 
290             in.skip(length);
291         }
292 
293         if (originalEncodedFormRetained) {
294             int consumed = in.getPos() - startPosInInput;
295             originalEncodedForm = in.getSlice(startPosInInput, consumed);
296         }
297     }
298 
299     /**
300      * Get an ASN.1/DER encoded datum from a buffer.  The
301      * entire buffer must hold exactly one datum, including
302      * its tag and length.
303      *
304      * @param buf buffer holding a single DER-encoded datum.
305      */
DerValue(byte[] buf)306     public DerValue(byte[] buf) throws IOException {
307         data = init(true, new ByteArrayInputStream(buf));
308     }
309 
310     /**
311      * Get an ASN.1/DER encoded datum from part of a buffer.
312      * That part of the buffer must hold exactly one datum, including
313      * its tag and length.
314      *
315      * @param buf the buffer
316      * @param offset start point of the single DER-encoded dataum
317      * @param length how many bytes are in the encoded datum
318      */
DerValue(byte[] buf, int offset, int len)319     public DerValue(byte[] buf, int offset, int len) throws IOException {
320         data = init(true, new ByteArrayInputStream(buf, offset, len));
321     }
322 
323     /**
324      * Get an ASN1/DER encoded datum from an input stream.  The
325      * stream may have additional data following the encoded datum.
326      * In case of indefinite length encoded datum, the input stream
327      * must hold only one datum.
328      *
329      * @param in the input stream holding a single DER datum,
330      *  which may be followed by additional data
331      */
DerValue(InputStream in)332     public DerValue(InputStream in) throws IOException {
333         data = init(false, in);
334     }
335 
init(byte stringTag, String value)336     private DerInputStream init(byte stringTag, String value) throws IOException {
337         String enc = null;
338 
339         tag = stringTag;
340 
341         switch (stringTag) {
342         case tag_PrintableString:
343         case tag_IA5String:
344         case tag_GeneralString:
345             enc = "ASCII";
346             break;
347         case tag_T61String:
348             enc = "ISO-8859-1";
349             break;
350         case tag_BMPString:
351             enc = "UnicodeBigUnmarked";
352             break;
353         case tag_UTF8String:
354             enc = "UTF8";
355             break;
356             // TBD: Need encoder for UniversalString before it can
357             // be handled.
358         default:
359             throw new IllegalArgumentException("Unsupported DER string type");
360         }
361 
362         byte[] buf = value.getBytes(enc);
363         length = buf.length;
364         buffer = new DerInputBuffer(buf);
365         DerInputStream result = new DerInputStream(buffer);
366         result.mark(Integer.MAX_VALUE);
367         return result;
368     }
369 
370     /*
371      * helper routine
372      */
init(boolean fullyBuffered, InputStream in)373     private DerInputStream init(boolean fullyBuffered, InputStream in)
374             throws IOException {
375 
376         tag = (byte)in.read();
377         byte lenByte = (byte)in.read();
378         length = DerInputStream.getLength((lenByte & 0xff), in);
379         if (length == -1) { // indefinite length encoding found
380             int readLen = in.available();
381             int offset = 2;     // for tag and length bytes
382             byte[] indefData = new byte[readLen + offset];
383             indefData[0] = tag;
384             indefData[1] = lenByte;
385             DataInputStream dis = new DataInputStream(in);
386             dis.readFully(indefData, offset, readLen);
387             dis.close();
388             DerIndefLenConverter derIn = new DerIndefLenConverter();
389             in = new ByteArrayInputStream(derIn.convert(indefData));
390             if (tag != in.read())
391                 throw new IOException
392                         ("Indefinite length encoding not supported");
393             length = DerInputStream.getLength(in);
394         }
395 
396         if (fullyBuffered && in.available() != length)
397             throw new IOException("extra data given to DerValue constructor");
398 
399         byte[] bytes = IOUtils.readFully(in, length, true);
400 
401         buffer = new DerInputBuffer(bytes);
402         return new DerInputStream(buffer);
403     }
404 
405     /**
406      * Encode an ASN1/DER encoded datum onto a DER output stream.
407      */
encode(DerOutputStream out)408     public void encode(DerOutputStream out)
409     throws IOException {
410         out.write(tag);
411         out.putLength(length);
412         // XXX yeech, excess copies ... DerInputBuffer.write(OutStream)
413         if (length > 0) {
414             byte[] value = new byte[length];
415             // always synchronized on data
416             synchronized (data) {
417                 buffer.reset();
418                 if (buffer.read(value) != length) {
419                     throw new IOException("short DER value read (encode)");
420                 }
421                 out.write(value);
422             }
423         }
424     }
425 
getData()426     public final DerInputStream getData() {
427         return data;
428     }
429 
getTag()430     public final byte getTag() {
431         return tag;
432     }
433 
434     /**
435      * Returns an ASN.1 BOOLEAN
436      *
437      * @return the boolean held in this DER value
438      */
getBoolean()439     public boolean getBoolean() throws IOException {
440         if (tag != tag_Boolean) {
441             throw new IOException("DerValue.getBoolean, not a BOOLEAN " + tag);
442         }
443         if (length != 1) {
444             throw new IOException("DerValue.getBoolean, invalid length "
445                                         + length);
446         }
447         if (buffer.read() != 0) {
448             return true;
449         }
450         return false;
451     }
452 
453     /**
454      * Returns an ASN.1 OBJECT IDENTIFIER.
455      *
456      * @return the OID held in this DER value
457      */
getOID()458     public ObjectIdentifier getOID() throws IOException {
459         if (tag != tag_ObjectId)
460             throw new IOException("DerValue.getOID, not an OID " + tag);
461         return new ObjectIdentifier(buffer);
462     }
463 
append(byte[] a, byte[] b)464     private byte[] append(byte[] a, byte[] b) {
465         if (a == null)
466             return b;
467 
468         byte[] ret = new byte[a.length + b.length];
469         System.arraycopy(a, 0, ret, 0, a.length);
470         System.arraycopy(b, 0, ret, a.length, b.length);
471 
472         return ret;
473     }
474 
475     /**
476      * Returns an ASN.1 OCTET STRING
477      *
478      * @return the octet string held in this DER value
479      */
getOctetString()480     public byte[] getOctetString() throws IOException {
481         byte[] bytes;
482 
483         if (tag != tag_OctetString && !isConstructed(tag_OctetString)) {
484             throw new IOException(
485                 "DerValue.getOctetString, not an Octet String: " + tag);
486         }
487         bytes = new byte[length];
488         // Note: do not tempt to call buffer.read(bytes) at all. There's a
489         // known bug that it returns -1 instead of 0.
490         if (length == 0) {
491             return bytes;
492         }
493         if (buffer.read(bytes) != length)
494             throw new IOException("short read on DerValue buffer");
495         if (isConstructed()) {
496             DerInputStream in = new DerInputStream(bytes);
497             bytes = null;
498             while (in.available() != 0) {
499                 bytes = append(bytes, in.getOctetString());
500             }
501         }
502         return bytes;
503     }
504 
505     /**
506      * Returns an ASN.1 INTEGER value as an integer.
507      *
508      * @return the integer held in this DER value.
509      */
getInteger()510     public int getInteger() throws IOException {
511         if (tag != tag_Integer) {
512             throw new IOException("DerValue.getInteger, not an int " + tag);
513         }
514         return buffer.getInteger(data.available());
515     }
516 
517     /**
518      * Returns an ASN.1 INTEGER value as a BigInteger.
519      *
520      * @return the integer held in this DER value as a BigInteger.
521      */
getBigInteger()522     public BigInteger getBigInteger() throws IOException {
523         if (tag != tag_Integer)
524             throw new IOException("DerValue.getBigInteger, not an int " + tag);
525         return buffer.getBigInteger(data.available(), false);
526     }
527 
528     /**
529      * Returns an ASN.1 INTEGER value as a positive BigInteger.
530      * This is just to deal with implementations that incorrectly encode
531      * some values as negative.
532      *
533      * @return the integer held in this DER value as a BigInteger.
534      */
getPositiveBigInteger()535     public BigInteger getPositiveBigInteger() throws IOException {
536         if (tag != tag_Integer)
537             throw new IOException("DerValue.getBigInteger, not an int " + tag);
538         return buffer.getBigInteger(data.available(), true);
539     }
540 
541     /**
542      * Returns an ASN.1 ENUMERATED value.
543      *
544      * @return the integer held in this DER value.
545      */
getEnumerated()546     public int getEnumerated() throws IOException {
547         if (tag != tag_Enumerated) {
548             throw new IOException("DerValue.getEnumerated, incorrect tag: "
549                                   + tag);
550         }
551         return buffer.getInteger(data.available());
552     }
553 
554     /**
555      * Returns an ASN.1 BIT STRING value.  The bit string must be byte-aligned.
556      *
557      * @return the bit string held in this value
558      */
getBitString()559     public byte[] getBitString() throws IOException {
560         if (tag != tag_BitString)
561             throw new IOException(
562                 "DerValue.getBitString, not a bit string " + tag);
563 
564         return buffer.getBitString();
565     }
566 
567     /**
568      * Returns an ASN.1 BIT STRING value that need not be byte-aligned.
569      *
570      * @return a BitArray representing the bit string held in this value
571      */
getUnalignedBitString()572     public BitArray getUnalignedBitString() throws IOException {
573         if (tag != tag_BitString)
574             throw new IOException(
575                 "DerValue.getBitString, not a bit string " + tag);
576 
577         return buffer.getUnalignedBitString();
578     }
579 
580     /**
581      * Returns the name component as a Java string, regardless of its
582      * encoding restrictions (ASCII, T61, Printable, IA5, BMP, UTF8).
583      */
584     // TBD: Need encoder for UniversalString before it can be handled.
getAsString()585     public String getAsString() throws IOException {
586         if (tag == tag_UTF8String)
587             return getUTF8String();
588         else if (tag == tag_PrintableString)
589             return getPrintableString();
590         else if (tag == tag_T61String)
591             return getT61String();
592         else if (tag == tag_IA5String)
593             return getIA5String();
594         /*
595           else if (tag == tag_UniversalString)
596           return getUniversalString();
597         */
598         else if (tag == tag_BMPString)
599             return getBMPString();
600         else if (tag == tag_GeneralString)
601             return getGeneralString();
602         else
603             return null;
604     }
605 
606     /**
607      * Returns an ASN.1 BIT STRING value, with the tag assumed implicit
608      * based on the parameter.  The bit string must be byte-aligned.
609      *
610      * @params tagImplicit if true, the tag is assumed implicit.
611      * @return the bit string held in this value
612      */
getBitString(boolean tagImplicit)613     public byte[] getBitString(boolean tagImplicit) throws IOException {
614         if (!tagImplicit) {
615             if (tag != tag_BitString)
616                 throw new IOException("DerValue.getBitString, not a bit string "
617                                        + tag);
618             }
619         return buffer.getBitString();
620     }
621 
622     /**
623      * Returns an ASN.1 BIT STRING value, with the tag assumed implicit
624      * based on the parameter.  The bit string need not be byte-aligned.
625      *
626      * @params tagImplicit if true, the tag is assumed implicit.
627      * @return the bit string held in this value
628      */
getUnalignedBitString(boolean tagImplicit)629     public BitArray getUnalignedBitString(boolean tagImplicit)
630     throws IOException {
631         if (!tagImplicit) {
632             if (tag != tag_BitString)
633                 throw new IOException("DerValue.getBitString, not a bit string "
634                                        + tag);
635             }
636         return buffer.getUnalignedBitString();
637     }
638 
639     /**
640      * Helper routine to return all the bytes contained in the
641      * DerInputStream associated with this object.
642      */
getDataBytes()643     public byte[] getDataBytes() throws IOException {
644         byte[] retVal = new byte[length];
645         synchronized (data) {
646             data.reset();
647             data.getBytes(retVal);
648         }
649         return retVal;
650     }
651 
652     /**
653      * Returns an ASN.1 STRING value
654      *
655      * @return the printable string held in this value
656      */
getPrintableString()657     public String getPrintableString()
658     throws IOException {
659         if (tag != tag_PrintableString)
660             throw new IOException(
661                 "DerValue.getPrintableString, not a string " + tag);
662 
663         return new String(getDataBytes(), "ASCII");
664     }
665 
666     /**
667      * Returns an ASN.1 T61 (Teletype) STRING value
668      *
669      * @return the teletype string held in this value
670      */
getT61String()671     public String getT61String() throws IOException {
672         if (tag != tag_T61String)
673             throw new IOException(
674                 "DerValue.getT61String, not T61 " + tag);
675 
676         return new String(getDataBytes(), "ISO-8859-1");
677     }
678 
679     /**
680      * Returns an ASN.1 IA5 (ASCII) STRING value
681      *
682      * @return the ASCII string held in this value
683      */
getIA5String()684     public String getIA5String() throws IOException {
685         if (tag != tag_IA5String)
686             throw new IOException(
687                 "DerValue.getIA5String, not IA5 " + tag);
688 
689         return new String(getDataBytes(), "ASCII");
690     }
691 
692     /**
693      * Returns the ASN.1 BMP (Unicode) STRING value as a Java string.
694      *
695      * @return a string corresponding to the encoded BMPString held in
696      * this value
697      */
getBMPString()698     public String getBMPString() throws IOException {
699         if (tag != tag_BMPString)
700             throw new IOException(
701                 "DerValue.getBMPString, not BMP " + tag);
702 
703         // BMPString is the same as Unicode in big endian, unmarked
704         // format.
705         return new String(getDataBytes(), "UnicodeBigUnmarked");
706     }
707 
708     /**
709      * Returns the ASN.1 UTF-8 STRING value as a Java String.
710      *
711      * @return a string corresponding to the encoded UTF8String held in
712      * this value
713      */
getUTF8String()714     public String getUTF8String() throws IOException {
715         if (tag != tag_UTF8String)
716             throw new IOException(
717                 "DerValue.getUTF8String, not UTF-8 " + tag);
718 
719         return new String(getDataBytes(), "UTF8");
720     }
721 
722     /**
723      * Returns the ASN.1 GENERAL STRING value as a Java String.
724      *
725      * @return a string corresponding to the encoded GeneralString held in
726      * this value
727      */
getGeneralString()728     public String getGeneralString() throws IOException {
729         if (tag != tag_GeneralString)
730             throw new IOException(
731                 "DerValue.getGeneralString, not GeneralString " + tag);
732 
733         return new String(getDataBytes(), "ASCII");
734     }
735 
736     /**
737      * Returns a Date if the DerValue is UtcTime.
738      *
739      * @return the Date held in this DER value
740      */
getUTCTime()741     public Date getUTCTime() throws IOException {
742         if (tag != tag_UtcTime) {
743             throw new IOException("DerValue.getUTCTime, not a UtcTime: " + tag);
744         }
745         return buffer.getUTCTime(data.available());
746     }
747 
748     /**
749      * Returns a Date if the DerValue is GeneralizedTime.
750      *
751      * @return the Date held in this DER value
752      */
getGeneralizedTime()753     public Date getGeneralizedTime() throws IOException {
754         if (tag != tag_GeneralizedTime) {
755             throw new IOException(
756                 "DerValue.getGeneralizedTime, not a GeneralizedTime: " + tag);
757         }
758         return buffer.getGeneralizedTime(data.available());
759     }
760 
761     /**
762      * Returns true iff the other object is a DER value which
763      * is bitwise equal to this one.
764      *
765      * @param other the object being compared with this one
766      */
equals(Object other)767     public boolean equals(Object other) {
768         if (other instanceof DerValue)
769             return equals((DerValue)other);
770         else
771             return false;
772     }
773 
774     /**
775      * Bitwise equality comparison.  DER encoded values have a single
776      * encoding, so that bitwise equality of the encoded values is an
777      * efficient way to establish equivalence of the unencoded values.
778      *
779      * @param other the object being compared with this one
780      */
equals(DerValue other)781     public boolean equals(DerValue other) {
782         if (this == other) {
783             return true;
784         }
785         if (tag != other.tag) {
786             return false;
787         }
788         if (data == other.data) {
789             return true;
790         }
791 
792         // make sure the order of lock is always consistent to avoid a deadlock
793         return (System.identityHashCode(this.data)
794                 > System.identityHashCode(other.data)) ?
795                 doEquals(this, other):
796                 doEquals(other, this);
797     }
798 
799     /**
800      * Helper for public method equals()
801      */
doEquals(DerValue d1, DerValue d2)802     private static boolean doEquals(DerValue d1, DerValue d2) {
803         synchronized (d1.data) {
804             synchronized (d2.data) {
805                 d1.data.reset();
806                 d2.data.reset();
807                 return d1.buffer.equals(d2.buffer);
808             }
809         }
810     }
811 
812     /**
813      * Returns a printable representation of the value.
814      *
815      * @return printable representation of the value
816      */
toString()817     public String toString() {
818         try {
819 
820             String str = getAsString();
821             if (str != null)
822                 return "\"" + str + "\"";
823             if (tag == tag_Null)
824                 return "[DerValue, null]";
825             if (tag == tag_ObjectId)
826                 return "OID." + getOID();
827 
828             // integers
829             else
830                 return "[DerValue, tag = " + tag
831                         + ", length = " + length + "]";
832         } catch (IOException e) {
833             throw new IllegalArgumentException("misformatted DER value");
834         }
835     }
836 
837     /**
838      * Returns the original encoded form or {@code null} if the form was not
839      * retained or is not available.
840      */
getOriginalEncodedForm()841     public byte[] getOriginalEncodedForm() {
842         return (originalEncodedForm != null)
843                 ? originalEncodedForm.clone() : null;
844     }
845 
846     /**
847      * Returns a DER-encoded value, such that if it's passed to the
848      * DerValue constructor, a value equivalent to "this" is returned.
849      *
850      * @return DER-encoded value, including tag and length.
851      */
toByteArray()852     public byte[] toByteArray() throws IOException {
853         DerOutputStream out = new DerOutputStream();
854 
855         encode(out);
856         data.reset();
857         return out.toByteArray();
858     }
859 
860     /**
861      * For "set" and "sequence" types, this function may be used
862      * to return a DER stream of the members of the set or sequence.
863      * This operation is not supported for primitive types such as
864      * integers or bit strings.
865      */
toDerInputStream()866     public DerInputStream toDerInputStream() throws IOException {
867         if (tag == tag_Sequence || tag == tag_Set)
868             return new DerInputStream(buffer);
869         throw new IOException("toDerInputStream rejects tag type " + tag);
870     }
871 
872     /**
873      * Get the length of the encoded value.
874      */
length()875     public int length() {
876         return length;
877     }
878 
879     /**
880      * Determine if a character is one of the permissible characters for
881      * PrintableString:
882      * A-Z, a-z, 0-9, space, apostrophe (39), left and right parentheses,
883      * plus sign, comma, hyphen, period, slash, colon, equals sign,
884      * and question mark.
885      *
886      * Characters that are *not* allowed in PrintableString include
887      * exclamation point, quotation mark, number sign, dollar sign,
888      * percent sign, ampersand, asterisk, semicolon, less than sign,
889      * greater than sign, at sign, left and right square brackets,
890      * backslash, circumflex (94), underscore, back quote (96),
891      * left and right curly brackets, vertical line, tilde,
892      * and the control codes (0-31 and 127).
893      *
894      * This list is based on X.680 (the ASN.1 spec).
895      */
isPrintableStringChar(char ch)896     public static boolean isPrintableStringChar(char ch) {
897         if ((ch >= 'a' && ch <= 'z') || (ch >= 'A' && ch <= 'Z') ||
898             (ch >= '0' && ch <= '9')) {
899             return true;
900         } else {
901             switch (ch) {
902                 case ' ':       /* space */
903                 case '\'':      /* apostrophe */
904                 case '(':       /* left paren */
905                 case ')':       /* right paren */
906                 case '+':       /* plus */
907                 case ',':       /* comma */
908                 case '-':       /* hyphen */
909                 case '.':       /* period */
910                 case '/':       /* slash */
911                 case ':':       /* colon */
912                 case '=':       /* equals */
913                 case '?':       /* question mark */
914                     return true;
915                 default:
916                     return false;
917             }
918         }
919     }
920 
921     /**
922      * Create the tag of the attribute.
923      *
924      * @params class the tag class type, one of UNIVERSAL, CONTEXT,
925      *               APPLICATION or PRIVATE
926      * @params form if true, the value is constructed, otherwise it
927      * is primitive.
928      * @params val the tag value
929      */
createTag(byte tagClass, boolean form, byte val)930     public static byte createTag(byte tagClass, boolean form, byte val) {
931         byte tag = (byte)(tagClass | val);
932         if (form) {
933             tag |= (byte)0x20;
934         }
935         return (tag);
936     }
937 
938     /**
939      * Set the tag of the attribute. Commonly used to reset the
940      * tag value used for IMPLICIT encodings.
941      *
942      * @params tag the tag value
943      */
resetTag(byte tag)944     public void resetTag(byte tag) {
945         this.tag = tag;
946     }
947 
948     /**
949      * Returns a hashcode for this DerValue.
950      *
951      * @return a hashcode for this DerValue.
952      */
hashCode()953     public int hashCode() {
954         return toString().hashCode();
955     }
956 }
957