internal static byte[][] SegmentedEncodeSubjectPublicKeyInfo(this PublicKey publicKey) { if (publicKey == null) { throw new ArgumentNullException(nameof(publicKey)); } if (publicKey.Oid == null || string.IsNullOrEmpty(publicKey.Oid.Value) || publicKey.EncodedKeyValue == null) { throw new CryptographicException(SR.GetString(SR.Cryptography_InvalidPublicKey_Object)); } // SubjectPublicKeyInfo::= SEQUENCE { // algorithm AlgorithmIdentifier, // subjectPublicKey BIT STRING // } // // AlgorithmIdentifier::= SEQUENCE { // algorithm OBJECT IDENTIFIER, // parameters ANY DEFINED BY algorithm OPTIONAL // } byte[][] algorithmIdentifier; if (publicKey.EncodedParameters == null) { algorithmIdentifier = DerEncoder.ConstructSegmentedSequence( DerEncoder.SegmentedEncodeOid(publicKey.Oid)); } else { DerSequenceReader validator = DerSequenceReader.CreateForPayload(publicKey.EncodedParameters.RawData); validator.ValidateAndSkipDerValue(); if (validator.HasData) { throw new CryptographicException(SR.GetString(SR.Cryptography_Der_Invalid_Encoding)); } algorithmIdentifier = DerEncoder.ConstructSegmentedSequence( DerEncoder.SegmentedEncodeOid(publicKey.Oid), publicKey.EncodedParameters.RawData.WrapAsSegmentedForSequence()); } return(DerEncoder.ConstructSegmentedSequence( algorithmIdentifier, DerEncoder.SegmentedEncodeBitString( publicKey.EncodedKeyValue.RawData))); }
internal byte[] Sign(X509SignatureGenerator signatureGenerator, HashAlgorithmName hashAlgorithm) { if (signatureGenerator == null) { throw new ArgumentNullException(nameof(signatureGenerator)); } byte[] encoded = Encode(signatureGenerator, hashAlgorithm); byte[] signature = signatureGenerator.SignData(encoded, hashAlgorithm); return(DerEncoder.ConstructSequence( encoded.WrapAsSegmentedForSequence(), signatureGenerator.GetSignatureAlgorithmIdentifier(hashAlgorithm).WrapAsSegmentedForSequence(), DerEncoder.SegmentedEncodeBitString(signature))); }
internal byte[] ToPkcs10Request(X509SignatureGenerator signatureGenerator, HashAlgorithmName hashAlgorithm) { // State validation should be runtime checks if/when this becomes public API Debug.Assert(signatureGenerator != null); Debug.Assert(Subject != null); Debug.Assert(PublicKey != null); // CertificationRequest ::= SEQUENCE { // certificationRequestInfo CertificationRequestInfo, // signatureAlgorithm AlgorithmIdentifier{ { SignatureAlgorithms } }, // signature BIT STRING // } byte[] encoded = Encode(); byte[] signature = signatureGenerator.SignData(encoded, hashAlgorithm); return(DerEncoder.ConstructSequence( encoded.WrapAsSegmentedForSequence(), signatureGenerator.GetSignatureAlgorithmIdentifier(hashAlgorithm).WrapAsSegmentedForSequence(), DerEncoder.SegmentedEncodeBitString(signature))); }