1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.common.crypto;
21
22 import java.math.BigInteger;
23
24 import org.apache.wss4j.common.ext.WSSecurityException;
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39 public class DERDecoder {
40 private static final org.slf4j.Logger LOG = org.slf4j.LoggerFactory.getLogger(DERDecoder.class);
41
42
43 public static final byte TYPE_BIT_STRING = 0x03;
44
45 public static final byte TYPE_OCTET_STRING = 0x04;
46
47 public static final byte TYPE_SEQUENCE = 0x30;
48
49 private byte[] arr;
50 private int pos;
51
52
53
54
55
56
57
58 public DERDecoder(byte[] derEncoded) throws WSSecurityException {
59 if (derEncoded == null) {
60 throw new WSSecurityException(
61 WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
62 "noSKIHandling",
63 new Object[] {"Invalid DER string"}
64 );
65 }
66 arr = derEncoded;
67 reset();
68 }
69
70
71
72
73
74 public void reset() {
75 pos = 0;
76 }
77
78
79
80
81
82
83
84 public void skip(int length) throws WSSecurityException {
85 if (length < 0) {
86 throw new WSSecurityException(
87 WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
88 "noSKIHandling",
89 new Object[] {"Unsupported DER format"}
90 );
91 }
92 pos += length;
93 }
94
95
96
97
98
99
100
101
102
103 public void expect(int val) throws WSSecurityException {
104 expect((byte)(val & 0xFF));
105 }
106
107
108
109
110
111
112
113
114
115 public void expect(byte val) throws WSSecurityException {
116 if (!test(val)) {
117 LOG.debug("DER mismatch: expected " + val + ", got " + arr[pos]);
118 throw new WSSecurityException(
119 WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
120 "noSKIHandling",
121 new Object[] {"Invalid DER format"}
122 );
123 }
124 pos++;
125 }
126
127
128
129
130
131
132
133
134
135 public boolean test(byte val) throws WSSecurityException {
136 if (pos >= arr.length) {
137 throw new WSSecurityException(
138 WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
139 "noSKIHandling",
140 new Object[] {"Invalid DER format"}
141 );
142 }
143 return arr[pos] == val;
144 }
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163 public int getLength() throws WSSecurityException {
164 if (pos >= arr.length) {
165 throw new WSSecurityException(
166 WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
167 "noSKIHandling",
168 new Object[] {"Invalid DER format"}
169 );
170 }
171 int len;
172 if ((arr[pos] & 0xFF) <= 0x7F) {
173 len = arr[pos++];
174 } else {
175 int nbytes = arr[pos++] & 0x7F;
176 if (pos + nbytes > arr.length) {
177 throw new WSSecurityException(
178 WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
179 "noSKIHandling",
180 new Object[] {"Invalid DER format"}
181 );
182 }
183 byte[] lenBytes = new byte[nbytes];
184 System.arraycopy(arr, pos, lenBytes, 0, lenBytes.length);
185 len = new BigInteger(1, lenBytes).intValue();
186 pos += nbytes;
187 }
188 return len;
189 }
190
191
192
193
194
195
196
197
198
199
200
201 public byte[] getBytes(int length) throws WSSecurityException {
202 if (pos + length > arr.length) {
203 throw new WSSecurityException(
204 WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
205 "noSKIHandling",
206 new Object[] {"Invalid DER format"}
207 );
208 } else if (length < 0) {
209 throw new WSSecurityException(
210 WSSecurityException.ErrorCode.UNSUPPORTED_SECURITY_TOKEN,
211 "noSKIHandling",
212 new Object[] {"Unsupported DER format"}
213 );
214 }
215 byte[] value = new byte[length];
216 System.arraycopy(arr, pos, value, 0, length);
217 pos += length;
218 return value;
219 }
220
221 }