OpensshCertificate ReadCertificate(BlobBuilder builder) { var serial = ReadUInt64(); builder.AddUInt64(serial); var type = (Ssh2CertType)ReadUInt32(); builder.AddUInt32((uint)type); var keyId = ReadString(); builder.AddStringBlob(keyId); var validPrincipals = ReadBlob(); builder.AddBlob(validPrincipals); var validAfter = ReadUInt64(); builder.AddUInt64(validAfter); var validBefore = ReadUInt64(); builder.AddUInt64(validBefore); var criticalOptions = ReadBlob(); builder.AddBlob(criticalOptions); var extensions = ReadBlob(); builder.AddBlob(extensions); var reserved = ReadBlob(); builder.AddBlob(reserved); var signatureKey = ReadBlob(); builder.AddBlob(signatureKey); var signature = ReadBlob(); builder.AddBlob(signature); var principalsParser = new BlobParser(validPrincipals); var principalsList = new List <string>(); while (principalsParser.Stream.Position < principalsParser.Stream.Length) { principalsList.Add(principalsParser.ReadString()); } var validAfterDateTime = validAfter == ulong.MaxValue ? DateTime.MaxValue : epoch.AddSeconds(validAfter); var validBeforeDateTime = validBefore == ulong.MaxValue ? DateTime.MaxValue : epoch.AddSeconds(validBefore); var signatureKeyParser = new BlobParser(signatureKey); OpensshCertificate unused; var sigKey = signatureKeyParser.ReadSsh2PublicKeyData(out unused); return(new OpensshCertificate(builder.GetBlob(), type, serial, keyId, principalsList, validAfterDateTime, validBeforeDateTime, criticalOptions, extensions, sigKey)); }