If the date is before 1950-01-01, use a four-digit year
If the self-delimiting object identifer exceeds the enclosing object's
size, fail.
If a nested object exceeds its enclosing object's size, fail.
* Add limits to what length values DerReader supports
With this change DerReader doesn't support reading values with a length
greater than Long.MAX_VALUE. That shouldn't be a problem in practice.
* Make DerReader check length is encoded in shortest form possible
* Spotless and IntelliJ disagree on import order
Co-authored-by: Jesse Wilson <jesse@swank.ca>
This gets us to the point where the byte-for-byte encoding is equiavalent
to what bouncycastle was producing.
This shook out some bugs:
- We weren't boxing the version
- We weren't clearing the constructed bit on boxed extensions
- We weren't encoding null when we needed to be
Previously the caller was responsible for decoding the tag on the
adapter it called. This was easy for basic tags, but proved problematic
for tags like CHOICE and ANY and typehint-dependent tags, because the
caller didn't have enough information.
This moves the tag reading and writing into the DerAdapter itself. If
it encounters a tag it can't understand, it assumes it's own value has
been skipped and returns a default.
This turns out to be a bit easier to reason about, and hopefully will
make it easier to implement AlgorithmIdentifier.parameters, which has
values that are optional or not depending on what the type hint is.
* Early implementation of an ASN.1 DER decoder
My goal is to finish the implementation to support an ASN.1 DER encoder
and then to change okhttp-tls to no longer depend on BouncyCastle.
* Update okhttp-tls/src/main/kotlin/okhttp3/tls/internal/der/DerReader.kt
Co-authored-by: Benoît Quenaudon <bquenaudon@squareup.com>
Co-authored-by: Benoît Quenaudon <bquenaudon@squareup.com>
