internal static bool Parse(byte[] data, out KerberosAuthorizationDataApOptions entry)
        {
            KerberosApOptionsFlags flags = KerberosApOptionsFlags.None;

            if (data.Length != 4)
            {
                entry = null;
                return(false);
            }
            flags = (KerberosApOptionsFlags)BitConverter.ToUInt32(data, 0);
            entry = new KerberosAuthorizationDataApOptions(data, flags);
            return(true);
        }
        internal static IEnumerable <KerberosAuthorizationData> Parse(DERValue value)
        {
            if (!value.CheckSequence())
            {
                throw new InvalidDataException();
            }
            KerberosAuthorizationDataType type = 0;

            byte[] data = null;
            foreach (var next in value.Children)
            {
                if (next.Type != DERTagType.ContextSpecific)
                {
                    throw new InvalidDataException();
                }
                switch (next.Tag)
                {
                case 0:
                    type = (KerberosAuthorizationDataType)next.ReadChildInteger();
                    break;

                case 1:
                    data = next.ReadChildOctetString();
                    break;

                default:
                    throw new InvalidDataException();
                }
            }

            if (type == 0 || data == null)
            {
                throw new InvalidDataException();
            }

            List <KerberosAuthorizationData> ret = new List <KerberosAuthorizationData>();

            if (type == KerberosAuthorizationDataType.AD_IF_RELEVANT)
            {
                DERValue[] values = DERParser.ParseData(data, 0);
                if (values.Length != 1 || !values[0].CheckSequence() || !values[0].HasChildren())
                {
                    throw new InvalidDataException();
                }

                ret.AddRange(values[0].Children.SelectMany(c => Parse(c)));
            }
            else if (type == KerberosAuthorizationDataType.KERB_AD_RESTRICTION_ENTRY)
            {
                if (KerberosAuthorizationDataRestrictionEntry.Parse(data,
                                                                    out KerberosAuthorizationDataRestrictionEntry entry))
                {
                    ret.Add(entry);
                }
            }
            else if (type == KerberosAuthorizationDataType.AD_ETYPE_NEGOTIATION)
            {
                if (KerberosAuthorizationDataEncryptionNegotiation.Parse(data,
                                                                         out KerberosAuthorizationDataEncryptionNegotiation entry))
                {
                    ret.Add(entry);
                }
            }
            else if (type == KerberosAuthorizationDataType.AD_WIN2K_PAC)
            {
                if (KerberosAuthorizationDataPAC.Parse(data,
                                                       out KerberosAuthorizationDataPAC entry))
                {
                    ret.Add(entry);
                }
            }
            else if (type == KerberosAuthorizationDataType.AD_AUTH_DATA_AP_OPTIONS)
            {
                if (KerberosAuthorizationDataApOptions.Parse(data,
                                                             out KerberosAuthorizationDataApOptions entry))
                {
                    ret.Add(entry);
                }
            }
            else if (type == KerberosAuthorizationDataType.AD_AUTH_DATA_TARGET_NAME)
            {
                if (KerberosAuthorizationDataTargetName.Parse(data,
                                                              out KerberosAuthorizationDataTargetName entry))
                {
                    ret.Add(entry);
                }
            }
            else if (type == KerberosAuthorizationDataType.KERB_LOCAL)
            {
                if (KerberosAuthorizationDataKerbLocal.Parse(data,
                                                             out KerberosAuthorizationDataKerbLocal entry))
                {
                    ret.Add(entry);
                }
            }

            if (ret.Count == 0)
            {
                ret.Add(new KerberosAuthorizationData(type, data));
            }
            return(ret);
        }