diff --git a/crypto/src/asn1/DerBitString.cs b/crypto/src/asn1/DerBitString.cs
index d5cb872bc..a3c2cee01 100644
--- a/crypto/src/asn1/DerBitString.cs
+++ b/crypto/src/asn1/DerBitString.cs
@@ -1,6 +1,8 @@
using System;
+using System.Diagnostics;
using System.Text;
+using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1
@@ -11,83 +13,10 @@ namespace Org.BouncyCastle.Asn1
private static readonly char[] table
= { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
- private readonly byte[] data;
- private readonly int padBits;
+ protected readonly byte[] mData;
+ protected readonly int mPadBits;
- /**
- * return the correct number of pad bits for a bit string defined in
- * a 32 bit constant
- */
- static internal int GetPadBits(
- int bitString)
- {
- int val = 0;
- for (int i = 3; i >= 0; i--)
- {
- //
- // this may look a little odd, but if it isn't done like this pre jdk1.2
- // JVM's break!
- //
- if (i != 0)
- {
- if ((bitString >> (i * 8)) != 0)
- {
- val = (bitString >> (i * 8)) & 0xFF;
- break;
- }
- }
- else
- {
- if (bitString != 0)
- {
- val = bitString & 0xFF;
- break;
- }
- }
- }
-
- if (val == 0)
- {
- return 7;
- }
-
- int bits = 1;
-
- while (((val <<= 1) & 0xFF) != 0)
- {
- bits++;
- }
-
- return 8 - bits;
- }
-
- /**
- * return the correct number of bytes for a bit string defined in
- * a 32 bit constant
- */
- static internal byte[] GetBytes(
- int bitString)
- {
- int bytes = 4;
- for (int i = 3; i >= 1; i--)
- {
- if ((bitString & (0xFF << (i * 8))) != 0)
- {
- break;
- }
- bytes--;
- }
-
- byte[] result = new byte[bytes];
- for (int i = 0; i < bytes; i++)
- {
- result[i] = (byte) ((bitString >> (i * 8)) & 0xFF);
- }
-
- return result;
- }
-
- /**
+ /**
* return a Bit string from the passed in object
*
* @exception ArgumentException if the object cannot be converted.
@@ -100,7 +29,7 @@ namespace Org.BouncyCastle.Asn1
return (DerBitString) obj;
}
- throw new ArgumentException("illegal object in GetInstance: " + obj.GetType().Name);
+ throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
}
/**
@@ -126,15 +55,7 @@ namespace Org.BouncyCastle.Asn1
return FromAsn1Octets(((Asn1OctetString)o).GetOctets());
}
- internal DerBitString(
- byte data,
- int padBits)
- {
- this.data = new byte[]{ data };
- this.padBits = padBits;
- }
-
- /**
+ /**
* @param data the octets making up the bit string.
* @param padBits the number of extra bits at the end of the string.
*/
@@ -142,67 +63,152 @@ namespace Org.BouncyCastle.Asn1
byte[] data,
int padBits)
{
- // TODO Deep copy?
- this.data = data;
- this.padBits = padBits;
+ if (data == null)
+ throw new ArgumentNullException("data");
+ if (padBits < 0 || padBits > 7)
+ throw new ArgumentException("must be in the range 0 to 7", "padBits");
+ if (data.Length == 0 && padBits != 0)
+ throw new ArgumentException("if 'data' is empty, 'padBits' must be 0");
+
+ this.mData = Arrays.Clone(data);
+ this.mPadBits = padBits;
}
public DerBitString(
byte[] data)
+ : this(data, 0)
{
- // TODO Deep copy?
- this.data = data;
}
- public DerBitString(
+ public DerBitString(
+ int namedBits)
+ {
+ if (namedBits == 0)
+ {
+ this.mData = new byte[0];
+ this.mPadBits = 0;
+ return;
+ }
+
+ int bits = BigInteger.BitLen(namedBits);
+ int bytes = (bits + 7) / 8;
+
+ Debug.Assert(0 < bytes && bytes <= 4);
+
+ byte[] data = new byte[bytes];
+ --bytes;
+
+ for (int i = 0; i < bytes; i++)
+ {
+ data[i] = (byte)namedBits;
+ namedBits >>= 8;
+ }
+
+ Debug.Assert((namedBits & 0xFF) != 0);
+
+ data[bytes] = (byte)namedBits;
+
+ int padBits = 0;
+ while ((namedBits & (1 << padBits)) == 0)
+ {
+ ++padBits;
+ }
+
+ Debug.Assert(padBits < 8);
+
+ this.mData = data;
+ this.mPadBits = padBits;
+ }
+
+ public DerBitString(
Asn1Encodable obj)
+ : this(obj.GetDerEncoded())
{
- this.data = obj.GetDerEncoded();
- //this.padBits = 0;
}
- public byte[] GetBytes()
+ /**
+ * Return the octets contained in this BIT STRING, checking that this BIT STRING really
+ * does represent an octet aligned string. Only use this method when the standard you are
+ * following dictates that the BIT STRING will be octet aligned.
+ *
+ * @return a copy of the octet aligned data.
+ */
+ public virtual byte[] GetOctets()
+ {
+ if (mPadBits != 0)
+ throw new InvalidOperationException("attempt to get non-octet aligned data from BIT STRING");
+
+ return Arrays.Clone(mData);
+ }
+
+ public virtual byte[] GetBytes()
{
- return data;
+ byte[] data = Arrays.Clone(mData);
+
+ // DER requires pad bits be zero
+ if (mPadBits > 0)
+ {
+ data[data.Length - 1] &= (byte)(0xFF << mPadBits);
+ }
+
+ return data;
}
- public int PadBits
+ public virtual int PadBits
{
- get { return padBits; }
+ get { return mPadBits; }
}
/**
* @return the value of the bit string as an int (truncating if necessary)
*/
- public int IntValue
+ public virtual int IntValue
{
get
{
- int value = 0;
-
- for (int i = 0; i != data.Length && i != 4; i++)
- {
- value |= (data[i] & 0xff) << (8 * i);
- }
-
- return value;
+ int value = 0, length = System.Math.Min(4, mData.Length);
+ for (int i = 0; i < length; ++i)
+ {
+ value |= (int)mData[i] << (8 * i);
+ }
+ if (mPadBits > 0 && length == mData.Length)
+ {
+ int mask = (1 << mPadBits) - 1;
+ value &= ~(mask << (8 * (length - 1)));
+ }
+ return value;
}
}
- internal override void Encode(
+ internal override void Encode(
DerOutputStream derOut)
{
- byte[] bytes = new byte[GetBytes().Length + 1];
-
- bytes[0] = (byte) PadBits;
- Array.Copy(GetBytes(), 0, bytes, 1, bytes.Length - 1);
-
- derOut.WriteEncoded(Asn1Tags.BitString, bytes);
+ if (mPadBits > 0)
+ {
+ int last = mData[mData.Length - 1];
+ int mask = (1 << mPadBits) - 1;
+ int unusedBits = last & mask;
+
+ if (unusedBits != 0)
+ {
+ byte[] contents = Arrays.Prepend(mData, (byte)mPadBits);
+
+ /*
+ * X.690-0207 11.2.1: Each unused bit in the final octet of the encoding of a bit string value shall be set to zero.
+ */
+ contents[contents.Length - 1] = (byte)(last ^ unusedBits);
+
+ derOut.WriteEncoded(Asn1Tags.BitString, contents);
+ return;
+ }
+ }
+
+ derOut.WriteEncoded(Asn1Tags.BitString, (byte)mPadBits, mData);
}
- protected override int Asn1GetHashCode()
+ protected override int Asn1GetHashCode()
{
- return padBits.GetHashCode() ^ Arrays.GetHashCode(data);
+ return mPadBits.GetHashCode() ^ Arrays.GetHashCode(mData);
}
protected override bool Asn1Equals(
@@ -213,8 +219,8 @@ namespace Org.BouncyCastle.Asn1
if (other == null)
return false;
- return this.padBits == other.padBits
- && Arrays.AreEqual(this.data, other.data);
+ return this.mPadBits == other.mPadBits
+ && Arrays.AreEqual(this.mData, other.mData);
}
public override string GetString()
@@ -236,12 +242,23 @@ namespace Org.BouncyCastle.Asn1
internal static DerBitString FromAsn1Octets(byte[] octets)
{
if (octets.Length < 1)
- throw new ArgumentException("truncated BIT STRING detected");
+ throw new ArgumentException("truncated BIT STRING detected", "octets");
+
+ int padBits = octets[0];
+ byte[] data = Arrays.CopyOfRange(octets, 1, octets.Length);
+
+ if (padBits > 0 && padBits < 8 && data.Length > 0)
+ {
+ int last = data[data.Length - 1];
+ int mask = (1 << padBits) - 1;
+
+ if ((last & mask) != 0)
+ {
+ return new BerBitString(data, padBits);
+ }
+ }
- int padBits = octets[0];
- byte[] data = new byte[octets.Length - 1];
- Array.Copy(octets, 1, data, 0, data.Length);
- return new DerBitString(data, padBits);
+ return new DerBitString(data, padBits);
}
}
}
|
