Imported Upstream version 5.18.0.142

Former-commit-id: 7467d4b717762eeaf652d77f1486dd11ffb1ff1f

mcs/class/Mono.Security/Mono.Security.X509/PKCS12.cs

@@ -741,22 +741,26 @@ namespace Mono.Security.X509 {
 		private void AddPrivateKey (PKCS8.PrivateKeyInfo pki) 
 		{
 			byte[] privateKey = pki.PrivateKey;
-			switch (privateKey [0]) {
-				case 0x02:
+			try {
+				switch (pki.Algorithm) {
+				case X509Certificate.OID_RSA:
+					_keyBags.Add (PKCS8.PrivateKeyInfo.DecodeRSA (privateKey));
+					break;
+				case X509Certificate.OID_DSA:
 					bool found;
 					DSAParameters p = GetExistingParameters (out found);
 					if (found) {
 						_keyBags.Add (PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p));
 					}
 					break;
-				case 0x30:
-					_keyBags.Add (PKCS8.PrivateKeyInfo.DecodeRSA (privateKey));
-					break;
+				case X509Certificate.OID_ECC: // TODO
 				default:
-					Array.Clear (privateKey, 0, privateKey.Length);
 					throw new CryptographicException ("Unknown private key format");
+				}
+			}
+			finally {
+				Array.Clear (privateKey, 0, privateKey.Length);
 			}
-			Array.Clear (privateKey, 0, privateKey.Length);
 		}
 
 		private void ReadSafeBag (ASN1 safeBag) 

mcs/class/Mono.Security/Mono.Security.X509/X501Name.cs

@@ -63,7 +63,7 @@ namespace Mono.Security.X509 {
 		static byte[] localityName = { 0x55, 0x04, 0x07 };
 		static byte[] stateOrProvinceName = { 0x55, 0x04, 0x08 };
 		static byte[] streetAddress = { 0x55, 0x04, 0x09 };
-		//static byte[] serialNumber = { 0x55, 0x04, 0x05 };
+		static byte[] serialNumber = { 0x55, 0x04, 0x05 };
 		static byte[] domainComponent = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19 };
 		static byte[] userid = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01 };
 		static byte[] email = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01 };
@@ -160,6 +160,8 @@ namespace Mono.Security.X509 {
 					sb.Append ("G=");
 				else if (poid.CompareValue (initial))
 					sb.Append ("I=");
+				else if (poid.CompareValue (serialNumber))
+					sb.Append ("SERIALNUMBER=");					
 				else {
 					// unknown OID
 					sb.Append ("OID.");	// NOTE: Not present as RFC2253
@@ -180,14 +182,17 @@ namespace Mono.Security.X509 {
 						sValue = Encoding.UTF7.GetString (s.Value);
 					else
 						sValue = Encoding.UTF8.GetString (s.Value);
-					// in some cases we must quote (") the value
-					// Note: this doesn't seems to conform to RFC2253
-					char[] specials = { ',', '+', '"', '\\', '<', '>', ';' };
-					if (quotes) {
-						if ((sValue.IndexOfAny (specials, 0, sValue.Length) > 0) ||
-						    sValue.StartsWith (" ") || (sValue.EndsWith (" ")))
-							sValue = "\"" + sValue + "\"";
-					}
+				}
+
+				// in some cases we must quote (") the value
+				// Note: this doesn't seems to conform to RFC2253
+				// Set of characters that need quoting is taken from s_quoteNeedingChars
+				// in corefx/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.cs
+				char[] specials = { ',', '+', '"', '=', '<', '>', ';', '#', '\n' };
+				if (quotes) {
+					if ((sValue.IndexOfAny (specials, 0, sValue.Length) > 0) ||
+					    sValue.StartsWith (" ") || (sValue.EndsWith (" ")))
+						sValue = "\"" + sValue.Replace ("\"", "") + "\"";
 				}
 
 				sb.Append (sValue);
@@ -231,6 +236,8 @@ namespace Mono.Security.X509 {
 					return new X520.GivenName ();
 				case "I":
 					return new X520.Initial ();
+				case "SERIALNUMBER":
+					return new X520.SerialNumber ();
 				default:
 					if (s.StartsWith ("OID.")) {
 						// MUST support it but it OID may be without it

mcs/class/Mono.Security/Mono.Security.X509/X509Certificate.cs

@@ -70,9 +70,10 @@ namespace Mono.Security.X509 {
 		private DSA _dsa;
 
 		// from http://msdn.microsoft.com/en-gb/library/ff635835.aspx
-		private const string OID_DSA = "1.2.840.10040.4.1";
-		private const string OID_RSA = "1.2.840.113549.1.1.1";
-		
+		internal const string OID_DSA = "1.2.840.10040.4.1";
+		internal const string OID_RSA = "1.2.840.113549.1.1.1";
+		internal const string OID_ECC = "1.2.840.10045.2.1";
+
 		// from http://www.ietf.org/rfc/rfc2459.txt
 		//
 		//Certificate  ::=  SEQUENCE  {