java Bouncycastle DER 长度 IO 错误:
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/27427993/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Bouncycastle DER length IO error:
提问by Martin Clemens Bloch
This is my method:
这是我的方法:
import org.bouncycastle.asn1.ASN1InputStream;
import java.io.ByteArrayInputStream;
...
public static byte[] toDERBytes(byte[] data) throws IOException
{
ByteArrayInputStream inStream = new ByteArrayInputStream(data);
//Uses imported bouncy castle library:
ASN1InputStream asnInputStream = new ASN1InputStream(inStream);
byte[] derArray = asnInputStream.readObject().getEncoded();
asnInputStream.close();
return derArray;
}
According to the BouncyCastle documentation I have seenASN1InputStream.readobject() should actually get a DER object and not ASN1. (To my understanding DER is a subtype of ASN1)
根据BouncyCastle 文档,我看到ASN1InputStream.readobject() 实际上应该得到一个 DER 对象而不是 ASN1。(据我所知,DER 是 ASN1 的一个子类型)
I then return the bytes.
然后我返回字节。
This works half the time, but the other half I get this error:
这有一半时间有效,但另一半我收到此错误:
java.io.IOException: DER length more than 4 bytes: XXX
My questions are:
我的问题是:
- Why do I only get the error SOMETIMES? (I always give it 65 bytes of data)
- How do I fix it?
- Am I DER encoding the right way?
- 为什么我只收到错误消息?(我总是给它 65 字节的数据)
- 我如何解决它?
- 我的编码方式正确吗?
回答by Martin Clemens Bloch
The method I call expects encoded data, not the data to be encoded. I'm an idiot.
我调用的方法需要编码数据,而不是要编码的数据。我是个白痴。
Idiocy nr. 2: I thought DER was a kind of compression algorithm, but its for encoding objects with well defined types, fields and data. Similar to JSON or XML I guess.
白痴 nr。2:我认为DER是一种压缩算法,但它用于编码具有明确定义的类型、字段和数据的对象。我猜类似于 JSON 或 XML。
As it turns out the framework I'm going to use this for/in also just uses DER by mistake because it was provided by OpenSSL - it adds no value to that framework as all bytes are already well defined.
事实证明,我将在 for/in 中使用的框架也只是错误地使用了 DER,因为它是由 OpenSSL 提供的——它没有给该框架增加任何价值,因为所有字节都已经明确定义。
It makes no sense to say something like DER(random_byte_string_data) because the result would be something like this, [type;length;data] or in actual bytes: 04 10 <10 bytes of data> (04 is the type used for octet_string = byte arrays)
说 DER(random_byte_string_data) 这样的东西是没有意义的,因为结果将是这样的,[type;length;data] 或实际字节:04 10 <10 字节数据>(04 是用于 octet_string =字节数组)
Personally now that I understand it I don't get the value of DER at all - its not human readable and if you're dealing with bytes at the computers level anyway then why the extra padding? You can only really MAP the DER data if you know what it IS (which DER doesn't tell you unlike XML/JSON) - which means to USE DER you MUST have a pre-established scheme/protocol.
就我个人而言,现在我明白了,我根本没有得到 DER 的价值——它不是人类可读的,如果你在计算机级别处理字节,那么为什么要额外填充?如果您知道它是什么(与 XML/JSON 不同,DER 不会告诉您),您只能真正映射 DER 数据——这意味着要使用 DER,您必须有一个预先建立的方案/协议。
Which leads me back to: If you're dealing with bytes in a predefined environment/protocol, why this gradeschool kind of silly padding and waste of bandwidth/space?
这让我回过头来:如果你在预定义的环境/协议中处理字节,为什么这种低年级的愚蠢填充和带宽/空间浪费?
Why not a format that adds checksums and compresses data instead of DER...
为什么不是添加校验和并压缩数据的格式而不是 DER...
