Amazon Modifications: Copyright 2014 Amazon.com, Inc. or its affiliates.
All Rights Reserved.
Copyright (c) 1998-2010 AOL Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
A bare-minimum ASN.1 DER decoder, just having enough functions to decode
PKCS#1 private keys. Especially, it doesn't handle explicitly tagged types
with an outer tag.
This parser can only handle one layer. To parse nested constructs, get a new
parser for each layer using
There are many DER decoders in JRE but using them will tie this program to a
public final static int CONTEXT = 0x80;
public final static int PRIVATE = 0xC0;
public final static int ANY = 0x00;
public final static int BOOLEAN = 0x01;
public final static int INTEGER = 0x02;
public final static int NULL = 0x05;
public final static int REAL = 0x09;
public final static int SEQUENCE = 0x10;
public final static int SET = 0x11;
public final static int UTC_TIME = 0x17;
Create a new DER decoder from an input stream.
The DER encoded stream
Create a new DER decoder from a byte array.
the encoded bytes
Read next object. If it's constructed, the value holds encoded content
and it should be parsed by a new parser from
throw new IOException("Invalid DER: stream too short, missing tag");
byte value = new byte[length];
"Invalid DER: stream too short, missing value");
Decode the length of the field. Can only support length encoding up to 4
In BER/DER encoding, length can be encoded in 2 forms,
- Short form. One octet. Bit 8 has value "0" and bits 7-1 give the
- Long form. Two to 127 octets (only 4 is supported here). Bit 8 of
first octet has value "1" and bits 7-1 give the number of additional
length octets. Second and following octets give the length, base 256,
most significant digit first.
- The length as integer
if (i >= 0xFF || num > 4)
throw new IOException("Invalid DER: length field too big ("
byte bytes = new byte[num];
throw new IOException("Invalid DER: length too short");