/// <summary> /// Decodes the specified Certificate Revocation List (CRL) and produces /// a <see cref="CertificateRevocationListBuilder" /> with all of the revocation /// entries from the decoded CRL. /// </summary> /// <param name="currentCrl"> /// The PEM-encoded CRL to decode. /// </param> /// <param name="currentCrlNumber"> /// When this method returns, contains the CRL sequence number from the decoded CRL. /// This parameter is treated as uninitialized. /// </param> /// <returns> /// A new builder that has the same revocation entries as the decoded CRL. /// </returns> /// <remarks> /// This loads the first well-formed PEM found with an <c>X509 CRL</c> label. /// </remarks> /// <exception cref="CryptographicException"> /// <para> /// <paramref name="currentCrl" /> did not contain a well-formed PEM payload with /// an <c>X509 CRL</c> label. /// </para> /// <para>- or -</para> /// <para> /// <paramref name="currentCrl" /> could not be decoded. /// </para> /// </exception> public static CertificateRevocationListBuilder LoadPem(ReadOnlySpan <char> currentCrl, out BigInteger currentCrlNumber) { foreach ((ReadOnlySpan <char> contents, PemFields fields) in new PemEnumerator(currentCrl)) { if (contents[fields.Label].SequenceEqual(PemLabels.X509CertificateRevocationList)) { byte[] rented = ArrayPool <byte> .Shared.Rent(fields.DecodedDataLength); if (!Convert.TryFromBase64Chars(contents[fields.Base64Data], rented, out int bytesWritten)) { Debug.Fail("Base64Decode failed, but PemEncoding said it was legal"); throw new UnreachableException(); } CertificateRevocationListBuilder ret = Load( rented.AsSpan(0, bytesWritten), out currentCrlNumber, out int bytesConsumed); Debug.Assert(bytesConsumed == bytesWritten); ArrayPool <byte> .Shared.Return(rented); return(ret); } } throw new CryptographicException(SR.Cryptography_NoPemOfLabel, PemLabels.X509CertificateRevocationList); }
/// <summary> /// Decodes the specified Certificate Revocation List (CRL) and produces /// a <see cref="CertificateRevocationListBuilder" /> with all of the revocation /// entries from the decoded CRL. /// </summary> /// <param name="currentCrl"> /// The DER-encoded CRL to decode. /// </param> /// <param name="currentCrlNumber"> /// When this method returns, contains the CRL sequence number from the decoded CRL. /// This parameter is treated as uninitialized. /// </param> /// <returns> /// A new builder that has the same revocation entries as the decoded CRL. /// </returns> /// <exception cref="ArgumentNullException"> /// <paramref name="currentCrl" /> is <see langword="null" />. /// </exception> /// <exception cref="CryptographicException"> /// <para> /// <paramref name="currentCrl" /> could not be decoded. /// </para> /// <para>- or -</para> /// <para> /// <paramref name="currentCrl" /> decoded successfully, but decoding did not /// need all of the bytes provided in the array. /// </para> /// </exception> public static CertificateRevocationListBuilder Load(byte[] currentCrl, out BigInteger currentCrlNumber) { ArgumentNullException.ThrowIfNull(currentCrl); CertificateRevocationListBuilder ret = Load( new ReadOnlySpan <byte>(currentCrl), out BigInteger crlNumber, out int bytesConsumed); if (bytesConsumed != currentCrl.Length) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } currentCrlNumber = crlNumber; return(ret); }