internal static void Decode <T>(AsnReader reader, Asn1Tag expectedTag, out T decoded)
where T : KrbDiffieHellmanDomainParameters, new()
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = new T();
AsnReader sequenceReader = reader.ReadSequence(expectedTag);
decoded.P = sequenceReader.ReadEncodedValue();
decoded.G = sequenceReader.ReadEncodedValue();
decoded.Q = sequenceReader.ReadEncodedValue();
if (sequenceReader.HasData)
{
decoded.J = sequenceReader.ReadEncodedValue();
}
if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(Asn1Tag.Sequence))
{
KrbDiffieHellmanValidationParameters.Decode <KrbDiffieHellmanValidationParameters>(sequenceReader, out KrbDiffieHellmanValidationParameters tmpValidationParameters);
decoded.ValidationParameters = tmpValidationParameters;
}
sequenceReader.ThrowIfNotEmpty();
}
internal static unsafe Pkcs8Response ImportPkcs8PrivateKey(ReadOnlySpan <byte> source, out int bytesRead)
{
int len;
fixed(byte *ptr = &MemoryMarshal.GetReference(source))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, source.Length))
{
AsnReader reader = new AsnReader(manager.Memory, AsnEncodingRules.BER);
len = reader.ReadEncodedValue().Length;
}
}
bytesRead = len;
ReadOnlySpan <byte> pkcs8Source = source.Slice(0, len);
try
{
return(ImportPkcs8(pkcs8Source));
}
catch (CryptographicException)
{
AsnWriter?pkcs8ZeroPublicKey = RewritePkcs8ECPrivateKeyWithZeroPublicKey(pkcs8Source);
if (pkcs8ZeroPublicKey == null)
{
throw;
}
return(ImportPkcs8(pkcs8ZeroPublicKey.EncodeAsSpan()));
}
}
internal static void Decode(AsnReader reader, Asn1Tag expectedTag, out PkiStatusInfo decoded)
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = default;
AsnReader sequenceReader = reader.ReadSequence(expectedTag);
if (!sequenceReader.TryReadInt32(out decoded.Status))
{
sequenceReader.ThrowIfNotEmpty();
}
if (sequenceReader.HasData)
{
decoded.StatusString = sequenceReader.ReadEncodedValue();
}
if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(Asn1Tag.PrimitiveBitString))
{
decoded.FailInfo = sequenceReader.ReadNamedBitListValue <System.Security.Cryptography.Pkcs.Asn1.PkiFailureInfo>();
}
sequenceReader.ThrowIfNotEmpty();
}
public static void TagMustBeCorrect_Custom_Indefinite(PublicEncodingRules ruleSet)
{
byte[] inputData = "A58005000000".HexToByteArray();
AsnReader reader = new AsnReader(inputData, (AsnEncodingRules)ruleSet);
AssertExtensions.Throws <ArgumentException>(
"expectedTag",
() => reader.ReadSequence(Asn1Tag.Null));
Assert.True(reader.HasData, "HasData after bad universal tag");
Assert.Throws <CryptographicException>(() => reader.ReadSequence());
Assert.True(reader.HasData, "HasData after default tag");
Assert.Throws <CryptographicException>(
() => reader.ReadSequence(new Asn1Tag(TagClass.Application, 5)));
Assert.True(reader.HasData, "HasData after wrong custom class");
Assert.Throws <CryptographicException>(
() => reader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 7)));
Assert.True(reader.HasData, "HasData after wrong custom tag value");
AsnReader seq = reader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 5));
Assert.Equal("0500", seq.ReadEncodedValue().ByteArrayToHex());
Assert.False(reader.HasData, "HasData after reading value");
}
internal static void Decode(AsnReader reader, Asn1Tag expectedTag, out SignerInfoAsn decoded)
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = default;
AsnReader sequenceReader = reader.ReadSequence(expectedTag);
AsnReader collectionReader;
if (!sequenceReader.TryReadInt32(out decoded.Version))
{
sequenceReader.ThrowIfNotEmpty();
}
System.Security.Cryptography.Pkcs.Asn1.SignerIdentifierAsn.Decode(sequenceReader, out decoded.Sid);
System.Security.Cryptography.Asn1.AlgorithmIdentifierAsn.Decode(sequenceReader, out decoded.DigestAlgorithm);
if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 0)))
{
decoded.SignedAttributes = sequenceReader.ReadEncodedValue();
}
System.Security.Cryptography.Asn1.AlgorithmIdentifierAsn.Decode(sequenceReader, out decoded.SignatureAlgorithm);
if (sequenceReader.TryReadPrimitiveOctetStringBytes(out ReadOnlyMemory <byte> tmpSignatureValue))
{
decoded.SignatureValue = tmpSignatureValue;
}
else
{
decoded.SignatureValue = sequenceReader.ReadOctetString();
}
if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 1)))
{
// Decode SEQUENCE OF for UnsignedAttributes
{
collectionReader = sequenceReader.ReadSetOf(new Asn1Tag(TagClass.ContextSpecific, 1));
var tmpList = new List <System.Security.Cryptography.Asn1.AttributeAsn>();
System.Security.Cryptography.Asn1.AttributeAsn tmpItem;
while (collectionReader.HasData)
{
System.Security.Cryptography.Asn1.AttributeAsn.Decode(collectionReader, out tmpItem);
tmpList.Add(tmpItem);
}
decoded.UnsignedAttributes = tmpList.ToArray();
}
}
sequenceReader.ThrowIfNotEmpty();
}
public static void ValidateDer(ReadOnlyMemory <byte> encodedValue)
{
try
{
Asn1Tag tag;
AsnReader reader = new AsnReader(encodedValue, AsnEncodingRules.DER);
while (reader.HasData)
{
tag = reader.PeekTag();
// If the tag is in the UNIVERSAL class
//
// DER limits the constructed encoding to SEQUENCE and SET, as well as anything which gets
// a defined encoding as being an IMPLICIT SEQUENCE.
if (tag.TagClass == TagClass.Universal)
{
switch ((UniversalTagNumber)tag.TagValue)
{
case UniversalTagNumber.External:
case UniversalTagNumber.Embedded:
case UniversalTagNumber.Sequence:
case UniversalTagNumber.Set:
case UniversalTagNumber.UnrestrictedCharacterString:
if (!tag.IsConstructed)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
break;
default:
if (tag.IsConstructed)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
break;
}
}
if (tag.IsConstructed)
{
ValidateDer(reader.PeekContentBytes());
}
// Skip past the current value.
reader.ReadEncodedValue();
}
}
catch (AsnContentException e)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding, e);
}
}
internal static unsafe Pkcs8Response ImportEncryptedPkcs8PrivateKey(
ReadOnlySpan <char> password,
ReadOnlySpan <byte> source,
out int bytesRead)
{
fixed(byte *ptr = &MemoryMarshal.GetReference(source))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, source.Length))
{
AsnReader reader = new AsnReader(manager.Memory, AsnEncodingRules.BER);
int len = reader.ReadEncodedValue().Length;
source = source.Slice(0, len);
try
{
bytesRead = len;
return(ImportPkcs8(source, password));
}
catch (CryptographicException)
{
}
ArraySegment <byte> decrypted = KeyFormatHelper.DecryptPkcs8(
password,
manager.Memory.Slice(0, len),
out int innerRead);
Span <byte> decryptedSpan = decrypted;
try
{
if (innerRead != len)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
bytesRead = len;
return(ImportPkcs8(decryptedSpan));
}
catch (CryptographicException e)
{
throw new CryptographicException(SR.Cryptography_Pkcs8_EncryptedReadFailed, e);
}
finally
{
CryptographicOperations.ZeroMemory(decryptedSpan);
CryptoPool.Return(decrypted.Array !, clearSize: 0);
}
}
}
}
public static void HasDataAndThrowIfNotEmpty()
{
AsnReader reader = new AsnReader(new byte[] { 0x01, 0x01, 0x00 }, AsnEncodingRules.BER);
Assert.True(reader.HasData);
Assert.Throws <AsnContentException>(() => reader.ThrowIfNotEmpty());
// Consume the current value and move on.
reader.ReadEncodedValue();
Assert.False(reader.HasData);
// Assert.NoThrow
reader.ThrowIfNotEmpty();
}
/// <summary>
/// Reads the next value as a SET-OF with the specified tag
/// and returns the result as an <see cref="AsnReader"/> positioned at the first
/// value in the set-of (or with <see cref="HasData"/> == <c>false</c>).
/// </summary>
/// <param name="expectedTag">The tag to check for before reading.</param>
/// <param name="skipSortOrderValidation">
/// <c>true</c> to always accept the data in the order it is presented,
/// <c>false</c> to verify that the data is sorted correctly when the
/// encoding rules say sorting was required (CER and DER).
/// </param>
/// <returns>
/// an <see cref="AsnReader"/> positioned at the first
/// value in the set-of (or with <see cref="HasData"/> == <c>false</c>).
/// </returns>
/// <remarks>
/// the nested content is not evaluated by this method (aside from sort order, when
/// required), and may contain data which is not valid under the current encoding rules.
/// </remarks>
/// <exception cref="CryptographicException">
/// the next value does not have the correct tag --OR--
/// the length encoding is not valid under the current encoding rules --OR--
/// the contents are not valid under the current encoding rules
/// </exception>
/// <exception cref="ArgumentException">
/// <paramref name="expectedTag"/>.<see cref="Asn1Tag.TagClass"/> is
/// <see cref="TagClass.Universal"/>, but
/// <paramref name="expectedTag"/>.<see cref="Asn1Tag.TagValue"/> is not correct for
/// the method
/// </exception>
public AsnReader ReadSetOf(Asn1Tag expectedTag, bool skipSortOrderValidation = false)
{
Asn1Tag tag = ReadTagAndLength(out int?length, out int headerLength);
CheckExpectedTag(tag, expectedTag, UniversalTagNumber.SetOf);
// T-REC-X.690-201508 sec 8.12.1
if (!tag.IsConstructed)
{
throw new CryptographicException(SR.Resource("Cryptography_Der_Invalid_Encoding"));
}
int suffix = 0;
if (length == null)
{
length = SeekEndOfContents(_data.Slice(headerLength));
suffix = EndOfContentsEncodedLength;
}
ReadOnlyMemory <byte> contents = Slice(_data, headerLength, length.Value);
if (!skipSortOrderValidation)
{
// T-REC-X.690-201508 sec 11.6
// BER data is not required to be sorted.
if (RuleSet == AsnEncodingRules.DER ||
RuleSet == AsnEncodingRules.CER)
{
AsnReader reader = new AsnReader(contents, RuleSet);
ReadOnlyMemory <byte> current = ReadOnlyMemory <byte> .Empty;
SetOfValueComparer comparer = SetOfValueComparer.Instance;
while (reader.HasData)
{
ReadOnlyMemory <byte> previous = current;
current = reader.ReadEncodedValue();
if (comparer.Compare(current, previous) < 0)
{
throw new CryptographicException(SR.Resource("Cryptography_Der_Invalid_Encoding"));
}
}
}
}
_data = _data.Slice(headerLength + contents.Length + suffix);
return(new AsnReader(contents, RuleSet));
}
internal static void Decode(AsnReader reader, Asn1Tag expectedTag, out PolicyQualifierInfo decoded)
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = default;
AsnReader sequenceReader = reader.ReadSequence(expectedTag);
decoded.PolicyQualifierId = sequenceReader.ReadObjectIdentifierAsString();
decoded.Qualifier = sequenceReader.ReadEncodedValue();
sequenceReader.ThrowIfNotEmpty();
}
public static AlgorithmIdentifier Decode(AsnReader reader)
{
/* AlgorithmIdentifier ::= SEQUENCE {
* algorithm OBJECT IDENTIFIER,
* parameters ANY DEFINED BY algorithm OPTIONAL }*/
var sequence = reader.ReadSequence();
var algorithm = sequence.ReadObjectIdentifier();
var parameters = sequence.ReadOptional(null, (r, _) => r, reader => reader.ReadEncodedValue());
sequence.ThrowIfNotEmpty();
return(new()
{
Algorithm = algorithm,
Parameters = parameters,
});
}
public DigestAlgorithmIdentifier(AsnReader asnReader)
{
asnReader = asnReader.ReadSequence();
this.algorithm = asnReader.ReadObjectIdentifier();
if (asnReader.PeekTag() == Asn1Tag.Null)
{
asnReader.ReadNull();
this.parameters = null;
}
else
{
this.parameters = asnReader.ReadEncodedValue().ToArray();
};
asnReader.ThrowIfNotEmpty();
}
protected Pkcs12SafeBag(string bagIdValue, ReadOnlyMemory <byte> encodedBagValue, bool skipCopy = false)
{
if (string.IsNullOrEmpty(bagIdValue))
{
throw new ArgumentNullException(nameof(bagIdValue));
}
// Read to ensure that there is precisely one legally encoded value.
AsnReader reader = new AsnReader(encodedBagValue, AsnEncodingRules.BER);
reader.ReadEncodedValue();
reader.ThrowIfNotEmpty();
_bagIdValue = bagIdValue;
EncodedBagValue = skipCopy ? encodedBagValue : encodedBagValue.ToArray();
}
internal static unsafe Pkcs8Response ImportPkcs8PrivateKey(ReadOnlySpan <byte> source, out int bytesRead)
{
int len;
fixed(byte *ptr = &MemoryMarshal.GetReference(source))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, source.Length))
{
AsnReader reader = new AsnReader(manager.Memory, AsnEncodingRules.BER);
len = reader.ReadEncodedValue().Length;
}
}
bytesRead = len;
return(ImportPkcs8(source.Slice(0, len)));
}
public Pkcs12SecretBag AddSecret(Oid secretType, ReadOnlyMemory <byte> secretValue)
{
if (secretType == null)
{
throw new ArgumentNullException(nameof(secretType));
}
// Read to ensure that there is precisely one legally encoded value.
AsnReader reader = new AsnReader(secretValue, AsnEncodingRules.BER);
reader.ReadEncodedValue();
reader.ThrowIfNotEmpty();
Pkcs12SecretBag bag = new Pkcs12SecretBag(secretType, secretValue);
AddSafeBag(bag);
return(bag);
}
internal static void Decode(AsnReader reader, out CertificateChoiceAsn decoded)
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = default;
Asn1Tag tag = reader.PeekTag();
if (tag.HasSameClassAndValue(new Asn1Tag((UniversalTagNumber)16)))
{
decoded.Certificate = reader.ReadEncodedValue();
}
else
{
throw new CryptographicException();
}
}
internal static void Decode(AsnReader reader, Asn1Tag expectedTag, out IssuerAndSerialNumberAsn decoded)
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = default;
AsnReader sequenceReader = reader.ReadSequence(expectedTag);
if (!sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag((UniversalTagNumber)16)))
{
throw new CryptographicException();
}
decoded.Issuer = sequenceReader.ReadEncodedValue();
decoded.SerialNumber = sequenceReader.ReadIntegerBytes();
sequenceReader.ThrowIfNotEmpty();
}
internal static void Decode(AsnReader reader, Asn1Tag expectedTag, out Rfc3161TimeStampResp decoded)
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = default;
AsnReader sequenceReader = reader.ReadSequence(expectedTag);
System.Security.Cryptography.Pkcs.Asn1.PkiStatusInfo.Decode(sequenceReader, out decoded.Status);
if (sequenceReader.HasData)
{
decoded.TimeStampToken = sequenceReader.ReadEncodedValue();
}
sequenceReader.ThrowIfNotEmpty();
}
internal static void Decode(AsnReader reader, Asn1Tag expectedTag, out OtherKeyAttributeAsn decoded)
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = default;
AsnReader sequenceReader = reader.ReadSequence(expectedTag);
decoded.KeyAttrId = sequenceReader.ReadObjectIdentifierAsString();
if (sequenceReader.HasData)
{
decoded.KeyAttr = sequenceReader.ReadEncodedValue();
}
sequenceReader.ThrowIfNotEmpty();
}
public static void ExpectedTag_IgnoresConstructed(
PublicEncodingRules ruleSet,
string inputHex,
PublicTagClass tagClass,
int tagValue)
{
byte[] inputData = inputHex.HexToByteArray();
AsnReader reader = new AsnReader(inputData, (AsnEncodingRules)ruleSet);
AsnReader val1 = reader.ReadSequence(new Asn1Tag((TagClass)tagClass, tagValue, true));
Assert.False(reader.HasData);
reader = new AsnReader(inputData, (AsnEncodingRules)ruleSet);
AsnReader val2 = reader.ReadSequence(new Asn1Tag((TagClass)tagClass, tagValue, false));
Assert.False(reader.HasData);
Assert.Equal(val1.ReadEncodedValue().ByteArrayToHex(), val2.ReadEncodedValue().ByteArrayToHex());
}
internal static void Decode <T>(AsnReader reader, Asn1Tag expectedTag, out T decoded)
where T : KrbAlgorithmIdentifier, new()
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = new T();
AsnReader sequenceReader = reader.ReadSequence(expectedTag);
decoded.Algorithm = sequenceReader.ReadObjectIdentifier();
if (sequenceReader.HasData)
{
decoded.Parameters = sequenceReader.ReadEncodedValue();
}
sequenceReader.ThrowIfNotEmpty();
}
public static void PeekEncodedValue_InvalidLength()
{
byte[] badLength = "04040203".HexToByteArray();
AsnReader reader = new AsnReader(badLength, AsnEncodingRules.BER);
Assert.Throws <CryptographicException>(() => reader.PeekEncodedValue());
Assert.Throws <CryptographicException>(() => reader.ReadEncodedValue());
Assert.Throws <CryptographicException>(
() =>
{
AsnValueReader valueReader = new AsnValueReader(badLength, AsnEncodingRules.BER);
valueReader.PeekEncodedValue();
});
Assert.Throws <CryptographicException>(
() =>
{
AsnValueReader valueReader = new AsnValueReader(badLength, AsnEncodingRules.BER);
valueReader.ReadEncodedValue();
});
}
private static byte[] EncodeBagValue(string certificateType, ReadOnlyMemory <byte> encodedCertificate)
{
// Read to ensure that there is precisely one legally encoded value.
AsnReader reader = new AsnReader(encodedCertificate, AsnEncodingRules.BER);
reader.ReadEncodedValue();
reader.ThrowIfNotEmpty();
// No need to copy encodedCertificate here, because it will be copied into the
// return value.
CertBagAsn certBagAsn = new CertBagAsn
{
CertId = certificateType,
CertValue = encodedCertificate,
};
using (AsnWriter writer = new AsnWriter(AsnEncodingRules.BER))
{
certBagAsn.Encode(writer);
return(writer.Encode());
}
}
public static void TagMustBeCorrect_Universal_Indefinite(AsnEncodingRules ruleSet)
{
byte[] inputData = "308005000000".HexToByteArray();
AsnReader reader = new AsnReader(inputData, ruleSet);
AssertExtensions.Throws <ArgumentException>(
"expectedTag",
() => reader.ReadSequence(Asn1Tag.Null));
Assert.True(reader.HasData, "HasData after bad universal tag");
Assert.Throws <AsnContentException>(
() => reader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 0)));
Assert.True(reader.HasData, "HasData after wrong tag");
AsnReader seq = reader.ReadSequence();
Assert.Equal("0500", seq.ReadEncodedValue().ByteArrayToHex());
Assert.False(reader.HasData, "HasData after read");
}
internal static void Decode(AsnReader reader, Asn1Tag expectedTag, out CertificationRequestInfoAsn decoded)
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = default;
AsnReader sequenceReader = reader.ReadSequence(expectedTag);
AsnReader collectionReader;
decoded.Version = sequenceReader.ReadInteger();
if (!sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag((UniversalTagNumber)16)))
{
throw new CryptographicException();
}
decoded.Subject = sequenceReader.ReadEncodedValue();
System.Security.Cryptography.Asn1.SubjectPublicKeyInfoAsn.Decode(sequenceReader, out decoded.SubjectPublicKeyInfo);
// Decode SEQUENCE OF for Attributes
{
collectionReader = sequenceReader.ReadSetOf(new Asn1Tag(TagClass.ContextSpecific, 0));
var tmpList = new List <System.Security.Cryptography.Asn1.AttributeAsn>();
System.Security.Cryptography.Asn1.AttributeAsn tmpItem;
while (collectionReader.HasData)
{
System.Security.Cryptography.Asn1.AttributeAsn.Decode(collectionReader, out tmpItem);
tmpList.Add(tmpItem);
}
decoded.Attributes = tmpList.ToArray();
}
sequenceReader.ThrowIfNotEmpty();
}
public static Pkcs8PrivateKeyInfo Decode(
ReadOnlyMemory <byte> source,
out int bytesRead,
bool skipCopy = false)
{
AsnReader reader = new AsnReader(source, AsnEncodingRules.BER);
if (!skipCopy)
{
reader = new AsnReader(reader.ReadEncodedValue().ToArray(), AsnEncodingRules.BER);
}
int localRead = reader.PeekEncodedValue().Length;
PrivateKeyInfoAsn.Decode(reader, out PrivateKeyInfoAsn privateKeyInfo);
bytesRead = localRead;
return(new Pkcs8PrivateKeyInfo(
privateKeyInfo.PrivateKeyAlgorithm.Algorithm,
privateKeyInfo.PrivateKeyAlgorithm.Parameters,
privateKeyInfo.PrivateKey,
SignerInfo.MakeAttributeCollection(privateKeyInfo.Attributes)));
}
public static void PeekEncodedValue_InvalidLength()
{
byte[] badLength = "04040203".HexToByteArray();
AsnReader reader = new AsnReader(badLength, AsnEncodingRules.BER);
Assert.Throws <AsnContentException>(() => reader.PeekEncodedValue());
Assert.Throws <AsnContentException>(() => reader.ReadEncodedValue());
Assert.False(
AsnDecoder.TryReadEncodedValue(
badLength,
AsnEncodingRules.BER,
out Asn1Tag tag,
out int contentOffset,
out int contentLength,
out int bytesConsumed));
Assert.Equal(0, contentOffset);
Assert.Equal(0, contentLength);
Assert.Equal(0, bytesConsumed);
Assert.Equal(default(Asn1Tag), tag);
}
internal static void Decode(AsnReader reader, out DistributionPointNameAsn decoded)
{
if (reader == null)
{
throw new ArgumentNullException(nameof(reader));
}
decoded = default;
Asn1Tag tag = reader.PeekTag();
AsnReader collectionReader;
if (tag.HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 0)))
{
// Decode SEQUENCE OF for FullName
{
collectionReader = reader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 0));
var tmpList = new List <System.Security.Cryptography.Asn1.GeneralNameAsn>();
System.Security.Cryptography.Asn1.GeneralNameAsn tmpItem;
while (collectionReader.HasData)
{
System.Security.Cryptography.Asn1.GeneralNameAsn.Decode(collectionReader, out tmpItem);
tmpList.Add(tmpItem);
}
decoded.FullName = tmpList.ToArray();
}
}
else if (tag.HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 1)))
{
decoded.NameRelativeToCRLIssuer = reader.ReadEncodedValue();
}
else
{
throw new CryptographicException();
}
}
private static void AssertRdn(
AsnReader reader,
string atvOid,
int offset,
Asn1Tag valueTag,
byte[] bytes,
string label,
string stringValue = null)
{
AsnReader rdn = reader.ReadSetOf();
AsnReader attributeTypeAndValue = rdn.ReadSequence();
Assert.Equal(atvOid, attributeTypeAndValue.ReadObjectIdentifier());
ReadOnlyMemory <byte> value = attributeTypeAndValue.ReadEncodedValue();
ReadOnlySpan <byte> valueSpan = value.Span;
Assert.True(Asn1Tag.TryDecode(valueSpan, out Asn1Tag actualTag, out int bytesRead));
Assert.Equal(1, bytesRead);
Assert.Equal(valueTag, actualTag);
AssertRefSame(
ref MemoryMarshal.GetReference(valueSpan),
ref bytes[offset],
$"{label} is at bytes[{offset}]");
if (stringValue != null)
{
AsnReader valueReader = new AsnReader(value, AsnEncodingRules.DER);
Assert.Equal(stringValue, valueReader.ReadCharacterString((UniversalTagNumber)valueTag.TagValue));
Assert.False(valueReader.HasData, "valueReader.HasData");
}
Assert.False(attributeTypeAndValue.HasData, $"attributeTypeAndValue.HasData ({label})");
Assert.False(rdn.HasData, $"rdn.HasData ({label})");
}
public Pkcs8PrivateKeyInfo(
Oid algorithmId,
ReadOnlyMemory <byte>?algorithmParameters,
ReadOnlyMemory <byte> privateKey,
bool skipCopies = false)
{
if (algorithmId == null)
{
throw new ArgumentNullException(nameof(algorithmId));
}
if (algorithmParameters?.Length > 0)
{
// Read to ensure that there is precisely one legally encoded value.
AsnReader reader = new AsnReader(algorithmParameters.Value, AsnEncodingRules.BER);
reader.ReadEncodedValue();
reader.ThrowIfNotEmpty();
}
AlgorithmId = algorithmId;
AlgorithmParameters = skipCopies ? algorithmParameters : algorithmParameters?.ToArray();
PrivateKeyBytes = skipCopies ? privateKey : privateKey.ToArray();
Attributes = new CryptographicAttributeObjectCollection();
}
