DerToXmlDoc (String function)
Convert DER encoded data to XML (String class)
[Introduced in Sirius Mods 8.0]
DER (Distinguished Encoding Rules), a subset of BER (Basic Encoding Rules, provide a way to uniquely encode an Abstract Syntax Notation One (ASN.1) type value as a string of eight-bit octets. DerToXmlDoc converts such a string to a generically-formatted XmlDoc. This generic formatting lets you load and access ASN.1 data from any source, for example, LDAP and SNMP, as well as any X509 certificate-related fields that might not be included in the other more specific DER-to-XmlDoc methods.
Syntax
%doc = string:DerToXmlDoc Throws InvalidBerData
Syntax terms
%doc | An XmlDoc object variable to contain the decoded value of the method object, string. |
---|---|
string | A DER encoded string. Note: This method fails if the XML representation of string is longer than 650 characters. |
Exceptions
DerToXmlDoc can throw the following exception:
- InvalidBerData
- If the method encounters non-BER-conforming data, properties of the exception object may indicate the position and description of the error.
Usage notes
- DerToXmlDoc does the same work as X509CertificateToXmlDoc, X509CrlToXmlDoc, and
RSAPrivateKeyToXmlDoc, except that those methods understand the semantics of the standard tags for those items, so they provide more meaningful XML element names. Contrast the DerToXmlDoc examples below with the examples for those more specific methods in their respective "Examples" sections.
For all four of these xxxToXmlDoc methods, there was a restriction, prior to version 7.7 of Model 204, which required that the input not create any element in the result XmlDoc with a text child whose length exceeded 650 characters. That restriction has been removed; there is no length restriction on the lengths of the created text nodes.
- Currently, no method is available to produce a DER stream from an XmlDoc.
Examples
- The PemToString example loads a Longstring with the contents of the base64 encoded CRL (Certificate Revocation List). If that Longstring is
%ls
below, the following statement converts that string to the XmlDoc whose contents are printed thereafter:%ls:derToXmlDoc:print
The result is shown in part below:
<Sequence> <Sequence> <Sequence> <ObjectIdentifier>1.2.840.113549.1.1.4</ObjectIdentifier> <Null/> </Sequence> <Sequence> ... <Set> <Sequence> <ObjectIdentifier>2.5.4.8</ObjectIdentifier> <PrintableString>QLD</PrintableString> </Sequence> </Set> ... <UTCTime>20010115162657.000Z</UTCTime> <UTCTime>20010214162657.000Z</UTCTime> <Sequence> <Sequence> <Integer>1</Integer> <UTCTime>19951009233205.000Z</UTCTime> </Sequence> <Sequence> <Integer>3</Integer> <UTCTime>19951201010000.000Z</UTCTime> </Sequence> ...
The ellipses indicate snipped content and are not part of the XmlDoc.
- In the RSAPrivateKeyToXmlDoc example, the PemToString method loads a Longstring with the contents of an RSA private key. If that Longstring is also
%ls
below, the following statement converts that string to the XmlDoc whose contents are printed below. Compare the XML tags in these results with the tags produced by RSAPrivateKeyToXmlDoc:%ls:derToXmlDoc:print
The result is shown in part below:
<Sequence> <Integer>0</Integer> <Integer>196482721346 ... ...685825059547</Integer> <Integer>3</Integer> <Integer>327471202244 ... ...832238758867</Integer> <Integer>163032211406 ... ...063864355897</Integer> <Integer>120517730607 ... ...628528150451</Integer> <Integer>108688140937 ... ...709242903931</Integer> <Integer>803451537383 ... ...419018766967</Integer> <Integer>104154110092 ... ...977615354780</Integer> </Sequence>
See also
String methods:
- CertificateRequest
- ClientCertificateRequest
- SignedCertificate
- DerToXmlDoc
- RSAPrivateKeyToXmlDoc
- X509CertificateToXmlDoc
- X509CrlToXmlDoc
- Multiple cryptographic cipher methods
Stringlist methods:
- AppendCertificateInfo
- AppendCertificateRequest
- AppendCertificateRequestInfo
- AppendClientCertificateRequest
- AppendEncryptedSecurityData
- AppendGeneratedPrivateKey
- AppendPemData
- AppendPrivateKeyInfo
- AppendSignedCertificate
- AppendSignedClientCertificate
- CheckCertificate
- CheckCertificateRequest
- PemToString
System methods:
Socket methods:
Background information: