internal static GeneralName Read(DerSequenceReader reader) { var tag = reader.PeekTag(); // Per RFC 2634 section 5.4.1 (https://tools.ietf.org/html/rfc2634#section-5.4.1) // only the directory name choice (#4) is allowed. if (tag == DerSequenceReader.ContextSpecificConstructedTag4) { var value = reader.ReadValue((DerSequenceReader.DerTag)DerSequenceReader.ContextSpecificConstructedTag4); if (reader.HasData) { throw new SignatureException(Strings.InvalidAsn1); } var directoryName = new X500DistinguishedName(value); return(new GeneralName(directoryName)); } while (reader.HasData) { reader.ValidateAndSkipDerValue(); } throw new SignatureException(Strings.UnsupportedAsn1); }
internal static byte[][] SegmentedEncodeSubjectPublicKeyInfo(this PublicKey publicKey) { if (publicKey == null) { throw new ArgumentNullException(nameof(publicKey)); } if (publicKey.Oid == null || string.IsNullOrEmpty(publicKey.Oid.Value) || publicKey.EncodedKeyValue == null) { throw new CryptographicException(SR.Cryptography_InvalidPublicKey_Object); } // SubjectPublicKeyInfo::= SEQUENCE { // algorithm AlgorithmIdentifier, // subjectPublicKey BIT STRING // } // // AlgorithmIdentifier::= SEQUENCE { // algorithm OBJECT IDENTIFIER, // parameters ANY DEFINED BY algorithm OPTIONAL // } byte[][] algorithmIdentifier; if (publicKey.EncodedParameters == null) { algorithmIdentifier = DerEncoder.ConstructSegmentedSequence( DerEncoder.SegmentedEncodeOid(publicKey.Oid)); } else { DerSequenceReader validator = DerSequenceReader.CreateForPayload(publicKey.EncodedParameters.RawData); validator.ValidateAndSkipDerValue(); if (validator.HasData) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } algorithmIdentifier = DerEncoder.ConstructSegmentedSequence( DerEncoder.SegmentedEncodeOid(publicKey.Oid), publicKey.EncodedParameters.RawData.WrapAsSegmentedForSequence()); } return(DerEncoder.ConstructSegmentedSequence( algorithmIdentifier, DerEncoder.SegmentedEncodeBitString( publicKey.EncodedKeyValue.RawData))); }
internal static void ValidateSignatureAlgorithm(byte[] signatureAlgorithm) { Debug.Assert(signatureAlgorithm != null); // AlgorithmIdentifier ::= SEQUENCE { OBJECT IDENTIFIER, ANY } DerSequenceReader validator = new DerSequenceReader(signatureAlgorithm); validator.ReadOidAsString(); if (validator.HasData) { validator.ValidateAndSkipDerValue(); } if (validator.HasData) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } }