public string Decode(X500DistinguishedNameFlags flag) { uint dwStrType = CAPI.CERT_X500_NAME_STR | MapNameToStrFlag(flag); unsafe { byte[] encodedDistinguishedName = this.m_rawData; fixed(byte *pbEncoded = encodedDistinguishedName) { CAPI.CRYPTOAPI_BLOB nameBlob; IntPtr pNameBlob = new IntPtr(&nameBlob); nameBlob.cbData = (uint)encodedDistinguishedName.Length; nameBlob.pbData = new IntPtr(pbEncoded); uint cchDecoded = CAPI.CertNameToStrW(CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING, pNameBlob, dwStrType, SafeLocalAllocHandle.InvalidHandle, 0); if (cchDecoded == 0) { throw new CryptographicException(CAPI.CERT_E_INVALID_NAME); } using (SafeLocalAllocHandle pwszDecodeName = CAPI.LocalAlloc(CAPI.LPTR, new IntPtr(2 * cchDecoded))) { if (CAPI.CertNameToStrW(CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING, pNameBlob, dwStrType, pwszDecodeName, cchDecoded) == 0) { throw new CryptographicException(CAPI.CERT_E_INVALID_NAME); } return(Marshal.PtrToStringUni(pwszDecodeName.DangerousGetHandle())); } } } }