DerUtils (formcycle: bom 8.5.4-RC.2 API)

java.lang.Object

de.xima.fc.model.encoding.DerUtils

public class DerUtils extends Object

Since:: 8.5.4
Author:: Norman Lorenz

Method Summary

Modifier and Type

Method

Description

static String

decodeDerStringValue(byte[] derBytes)

Decodes a DER-encoded (Distinguished Encoding Rules per ITU-T X.690) ASN.1 string value into a plain Java String.

Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details
- decodeDerStringValue
  public static String decodeDerStringValue(byte[] derBytes)
  
  Decodes a DER-encoded (Distinguished Encoding Rules per ITU-T X.690) ASN.1 string value into a plain Java String.
  This method expects the input byte array to contain a complete TLV (Tag-Length-Value) structure as used in ASN.1 DER encoding:
  
  Tag (1 byte): ASN.1 type identifier (e.g., 0x16 for IA5String)
  Length (1+ bytes): Short form (0x00–0x7F) or long form (0x80–0xFF)
  Value (n bytes): The actual string content
  
  Charset selection:
  
  Tag 0x16 (IA5String): US-ASCII
  All other tags: UTF-8
  
  Common use case: Decoding RFC 2253 hex-encoded DN attributes. When Java's X500Principal outputs a DN with email attributes (e.g., 1.2.840.113549.1.9.1=#1623...), the hex part after # represents the DER-encoded value. This method decodes such values.
  
  Parameters:
  
  derBytes - the complete DER-encoded TLV byte array (must not be null or empty)
  
  Returns:
  
  the decoded string value
  
  Throws:
  
  IllegalArgumentException - if:
  
  derBytes is null or shorter than 2 bytes
  the length field is malformed or inconsistent with the actual payload
  the DER structure violates basic format rules
  
  Since:
  
  8.5.4
  
  See Also:
  
  ITU-T X.690 – DER encoding
  
  RFC 2253 – LDAP DN String Representation
  
  RFC 5280 – X.509 Certificates