public string X500DistinguishedNameDecode(byte[] encodedDistinguishedName, X500DistinguishedNameFlags flag)
{
CertNameStrTypeAndFlags dwStrType = CertNameStrTypeAndFlags.CERT_X500_NAME_STR | MapNameToStrFlag(flag);
unsafe
{
fixed(byte *pbEncoded = encodedDistinguishedName)
{
CRYPTOAPI_BLOB nameBlob;
nameBlob.cbData = encodedDistinguishedName.Length;
nameBlob.pbData = pbEncoded;
int cchDecoded = Interop.crypt32.CertNameToStr(CertEncodingType.All, ref nameBlob, dwStrType, null, 0);
if (cchDecoded == 0)
{
throw ErrorCode.CERT_E_INVALID_NAME.ToCryptographicException();
}
StringBuilder sb = new StringBuilder(cchDecoded);
if (Interop.crypt32.CertNameToStr(CertEncodingType.All, ref nameBlob, dwStrType, sb, cchDecoded) == 0)
{
throw ErrorCode.CERT_E_INVALID_NAME.ToCryptographicException();
}
return(sb.ToString());
}
}
}
public string X500DistinguishedNameDecode(byte[] encodedDistinguishedName, X500DistinguishedNameFlags flag)
{
CertNameStrTypeAndFlags dwStrType = CertNameStrTypeAndFlags.CERT_X500_NAME_STR | MapNameToStrFlag(flag);
unsafe
{
fixed(byte *pbEncoded = encodedDistinguishedName)
{
CRYPTOAPI_BLOB nameBlob;
nameBlob.cbData = encodedDistinguishedName.Length;
nameBlob.pbData = pbEncoded;
int cchDecoded = Interop.crypt32.CertNameToStr(CertEncodingType.All, ref nameBlob, dwStrType, null, 0);
if (cchDecoded == 0)
{
throw ErrorCode.CERT_E_INVALID_NAME.ToCryptographicException();
}
Span <char> buffer = cchDecoded <= 256 ? stackalloc char[cchDecoded] : new char[cchDecoded];
fixed(char *ptr = &MemoryMarshal.GetReference(buffer))
{
if (Interop.crypt32.CertNameToStr(CertEncodingType.All, ref nameBlob, dwStrType, ptr, cchDecoded) == 0)
{
throw ErrorCode.CERT_E_INVALID_NAME.ToCryptographicException();
}
}
return(new string(buffer.Slice(0, cchDecoded - 1)));
}
}
}
public static SubjectIdentifier ToSubjectIdentifier(this CERT_ID certId)
{
switch (certId.dwIdChoice)
{
case CertIdChoice.CERT_ID_ISSUER_SERIAL_NUMBER:
{
const CertNameStrTypeAndFlags dwStrType = CertNameStrTypeAndFlags.CERT_X500_NAME_STR | CertNameStrTypeAndFlags.CERT_NAME_STR_REVERSE_FLAG;
string issuer = Interop.Crypt32.CertNameToStr(ref certId.u.IssuerSerialNumber.Issuer, dwStrType);
byte[] serial = certId.u.IssuerSerialNumber.SerialNumber.ToByteArray();
StringBuilder serialString = new StringBuilder(serial.Length * 2);
for (int i = serial.Length; i > 0; i--)
{
serialString.Append(serial[i - 1].ToString("X2"));
}
return(new SubjectIdentifier(SubjectIdentifierType.IssuerAndSerialNumber, new X509IssuerSerial(issuer, serialString.ToString())));
}
case CertIdChoice.CERT_ID_KEY_IDENTIFIER:
{
byte[] ski = certId.u.KeyId.ToByteArray();
StringBuilder sb = new StringBuilder(ski.Length * 2);
foreach (byte b in ski)
{
sb.Append(b.ToString("X2"));
}
return(new SubjectIdentifier(SubjectIdentifierType.SubjectKeyIdentifier, sb.ToString()));
}
default:
throw new CryptographicException(SR.Format(SR.Cryptography_Cms_Invalid_Subject_Identifier_Type, certId.dwIdChoice));
}
}
public byte[] X500DistinguishedNameEncode(string distinguishedName, X500DistinguishedNameFlags flag)
{
Debug.Assert(distinguishedName != null);
CertNameStrTypeAndFlags dwStrType =
CertNameStrTypeAndFlags.CERT_X500_NAME_STR |
MapNameToStrFlag(flag);
var distinguishedNameBytes = Encoding.UTF32.GetBytes(distinguishedName);
unsafe
{
fixed(byte *pszX500 = distinguishedNameBytes)
{
int cbEncoded = 0;
if (!Interop.crypt32.CertStrToName(CertEncodingType.All, (IntPtr)pszX500, dwStrType, IntPtr.Zero, null, ref cbEncoded, IntPtr.Zero))
{
throw Interop.CPError.GetLastWin32Error().ToCryptographicException();
}
byte[] encodedName = new byte[cbEncoded];
if (!Interop.crypt32.CertStrToName(CertEncodingType.All, (IntPtr)pszX500, dwStrType, IntPtr.Zero, encodedName, ref cbEncoded, IntPtr.Zero))
{
throw Interop.CPError.GetLastWin32Error().ToCryptographicException();
}
return(encodedName);
}
}
}
private static CertNameStrTypeAndFlags MapNameToStrFlag(X500DistinguishedNameFlags flag)
{
// All values or'ed together. Change this if you add values to the enumeration.
uint allFlags = 0x71F1;
uint dwFlags = (uint)flag;
Debug.Assert((dwFlags & ~allFlags) == 0);
CertNameStrTypeAndFlags dwStrType = 0;
if (dwFlags != 0)
{
if ((flag & X500DistinguishedNameFlags.Reversed) == X500DistinguishedNameFlags.Reversed)
{
dwStrType |= CertNameStrTypeAndFlags.CERT_NAME_STR_REVERSE_FLAG;
}
if ((flag & X500DistinguishedNameFlags.UseSemicolons) == X500DistinguishedNameFlags.UseSemicolons)
{
dwStrType |= CertNameStrTypeAndFlags.CERT_NAME_STR_SEMICOLON_FLAG;
}
else if ((flag & X500DistinguishedNameFlags.UseCommas) == X500DistinguishedNameFlags.UseCommas)
{
dwStrType |= CertNameStrTypeAndFlags.CERT_NAME_STR_COMMA_FLAG;
}
else if ((flag & X500DistinguishedNameFlags.UseNewLines) == X500DistinguishedNameFlags.UseNewLines)
{
dwStrType |= CertNameStrTypeAndFlags.CERT_NAME_STR_CRLF_FLAG;
}
if ((flag & X500DistinguishedNameFlags.DoNotUsePlusSign) == X500DistinguishedNameFlags.DoNotUsePlusSign)
{
dwStrType |= CertNameStrTypeAndFlags.CERT_NAME_STR_NO_PLUS_FLAG;
}
if ((flag & X500DistinguishedNameFlags.DoNotUseQuotes) == X500DistinguishedNameFlags.DoNotUseQuotes)
{
dwStrType |= CertNameStrTypeAndFlags.CERT_NAME_STR_NO_QUOTING_FLAG;
}
if ((flag & X500DistinguishedNameFlags.ForceUTF8Encoding) == X500DistinguishedNameFlags.ForceUTF8Encoding)
{
dwStrType |= CertNameStrTypeAndFlags.CERT_NAME_STR_FORCE_UTF8_DIR_STR_FLAG;
}
if ((flag & X500DistinguishedNameFlags.UseUTF8Encoding) == X500DistinguishedNameFlags.UseUTF8Encoding)
{
dwStrType |= CertNameStrTypeAndFlags.CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG;
}
else if ((flag & X500DistinguishedNameFlags.UseT61Encoding) == X500DistinguishedNameFlags.UseT61Encoding)
{
dwStrType |= CertNameStrTypeAndFlags.CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG;
}
}
return(dwStrType);
}
internal static string CertNameToStr([In] ref DATA_BLOB pName, CertNameStrTypeAndFlags dwStrType)
{
int nc = CertNameToStr(MsgEncodingType.All, ref pName, dwStrType, null, 0);
if (nc <= 1) // The API actually return 1 when it fails; which is not what the documentation says.
throw Marshal.GetLastWin32Error().ToCryptographicException();
StringBuilder name = new StringBuilder(nc);
nc = CertNameToStr(MsgEncodingType.All, ref pName, dwStrType, name, nc);
if (nc <= 1) // The API actually return 1 when it fails; which is not what the documentation says.
throw Marshal.GetLastWin32Error().ToCryptographicException();
return name.ToString();
}
internal static string CertNameToStr([In] ref DATA_BLOB pName, CertNameStrTypeAndFlags dwStrType)
{
int nc = CertNameToStr(MsgEncodingType.All, ref pName, dwStrType, null, 0);
if (nc <= 1) // The API actually return 1 when it fails; which is not what the documentation says.
{
throw Marshal.GetLastWin32Error().ToCryptographicException();
}
StringBuilder name = new StringBuilder(nc);
nc = CertNameToStr(MsgEncodingType.All, ref pName, dwStrType, name, nc);
if (nc <= 1) // The API actually return 1 when it fails; which is not what the documentation says.
{
throw Marshal.GetLastWin32Error().ToCryptographicException();
}
return(name.ToString());
}
public byte[] X500DistinguishedNameEncode(string distinguishedName, X500DistinguishedNameFlags flag)
{
Debug.Assert(distinguishedName != null);
CertNameStrTypeAndFlags dwStrType = CertNameStrTypeAndFlags.CERT_X500_NAME_STR | MapNameToStrFlag(flag);
int cbEncoded = 0;
if (!Interop.crypt32.CertStrToName(CertEncodingType.All, distinguishedName, dwStrType, IntPtr.Zero, null, ref cbEncoded, IntPtr.Zero))
{
throw Marshal.GetLastWin32Error().ToCryptographicException();
}
byte[] encodedName = new byte[cbEncoded];
if (!Interop.crypt32.CertStrToName(CertEncodingType.All, distinguishedName, dwStrType, IntPtr.Zero, encodedName, ref cbEncoded, IntPtr.Zero))
{
throw Marshal.GetLastWin32Error().ToCryptographicException();
}
return(encodedName);
}
public string GetNameInfo(X509NameType nameType, bool forIssuer)
{
CertNameType certNameType = MapNameType(nameType);
CertNameFlags certNameFlags = forIssuer ? CertNameFlags.CERT_NAME_ISSUER_FLAG : CertNameFlags.None;
CertNameStrTypeAndFlags strType = CertNameStrTypeAndFlags.CERT_X500_NAME_STR | CertNameStrTypeAndFlags.CERT_NAME_STR_REVERSE_FLAG;
int cchCount = Interop.crypt32.CertGetNameString(_certContext, certNameType, certNameFlags, ref strType, null, 0);
if (cchCount == 0)
{
throw Marshal.GetLastWin32Error().ToCryptographicException();
}
StringBuilder sb = new StringBuilder(cchCount);
if (Interop.crypt32.CertGetNameString(_certContext, certNameType, certNameFlags, ref strType, sb, cchCount) == 0)
{
throw Marshal.GetLastWin32Error().ToCryptographicException();
}
return(sb.ToString());
}
public static SubjectIdentifier ToSubjectIdentifier(this CERT_ID certId)
{
switch (certId.dwIdChoice)
{
case CertIdChoice.CERT_ID_ISSUER_SERIAL_NUMBER:
{
const CertNameStrTypeAndFlags dwStrType = CertNameStrTypeAndFlags.CERT_X500_NAME_STR | CertNameStrTypeAndFlags.CERT_NAME_STR_REVERSE_FLAG;
string issuer = Interop.Crypt32.CertNameToStr(ref certId.u.IssuerSerialNumber.Issuer, dwStrType);
byte[] serial = certId.u.IssuerSerialNumber.SerialNumber.ToByteArray();
X509IssuerSerial issuerSerial = new X509IssuerSerial(issuer, serial.ToSerialString());
return(new SubjectIdentifier(SubjectIdentifierType.IssuerAndSerialNumber, issuerSerial));
}
case CertIdChoice.CERT_ID_KEY_IDENTIFIER:
{
byte[] ski = certId.u.KeyId.ToByteArray();
return(new SubjectIdentifier(SubjectIdentifierType.SubjectKeyIdentifier, ski.ToSkiString()));
}
default:
throw new CryptographicException(SR.Format(SR.Cryptography_Cms_Invalid_Subject_Identifier_Type, certId.dwIdChoice));
}
}
public static partial bool CertStrToName(CertEncodingType dwCertEncodingType, string pszX500, CertNameStrTypeAndFlags dwStrType, IntPtr pvReserved, byte[]?pbEncoded, ref int pcbEncoded, IntPtr ppszError);
public static extern bool CertStrToName(CertEncodingType dwCertEncodingType, string pszX500, CertNameStrTypeAndFlags dwStrType, IntPtr pvReserved, [Out] byte[] pbEncoded, [In, Out] ref int pcbEncoded, IntPtr ppszError);
public static extern unsafe int CertNameToStr(CertEncodingType dwCertEncodingType, [In] ref CRYPTOAPI_BLOB pName, CertNameStrTypeAndFlags dwStrType, char *psz, int csz);
internal static extern int CertNameToStr(MsgEncodingType dwCertEncodingType, [In] ref DATA_BLOB pName, CertNameStrTypeAndFlags dwStrType, StringBuilder psz, int csz);
public static extern int CertGetNameString(SafeCertContextHandle pCertContext, CertNameType dwType, CertNameFlags dwFlags, [In] ref CertNameStrTypeAndFlags pvPara, [Out] StringBuilder pszNameString, int cchNameString);
public static extern int CertNameToStr(CertEncodingType dwCertEncodingType, [In] ref CRYPTOAPI_BLOB pName, CertNameStrTypeAndFlags dwStrType, StringBuilder psz, int csz);
internal static extern int CertNameToStr(MsgEncodingType dwCertEncodingType, [In] ref DATA_BLOB pName, CertNameStrTypeAndFlags dwStrType, StringBuilder psz, int csz);
public static extern bool CertStrToName(CertEncodingType dwCertEncodingType, String pszX500, CertNameStrTypeAndFlags dwStrType, IntPtr pvReserved, [Out] byte[] pbEncoded, [In, Out] ref int pcbEncoded, IntPtr ppszError);
public static extern int CertNameToStr(CertEncodingType dwCertEncodingType, [In] ref CRYPTOAPI_BLOB pName, CertNameStrTypeAndFlags dwStrType, StringBuilder psz, int csz);
