linux-packaging-mono/mcs/class/referencesource/System.IdentityModel/System/IdentityModel/Tokens/X509SubjectKeyIdentifierClause.cs

//------------------------------------------------------------
// Copyright (c) Microsoft Corporation.  All rights reserved.
//------------------------------------------------------------

namespace System.IdentityModel.Tokens
{
    using System.Globalization;
    using System.Security.Cryptography.X509Certificates;

    public class X509SubjectKeyIdentifierClause : BinaryKeyIdentifierClause
    {
        const string SubjectKeyIdentifierOid = "2.5.29.14";
        const int SkiDataOffset = 2;

        public X509SubjectKeyIdentifierClause(byte[] ski)
            : this(ski, true)
        {
        }

        internal X509SubjectKeyIdentifierClause(byte[] ski, bool cloneBuffer)
            : base(null, ski, cloneBuffer)
        {
        }

        static byte[] GetSkiRawData(X509Certificate2 certificate)
        {
            if (certificate == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate");

            X509SubjectKeyIdentifierExtension skiExtension =
                certificate.Extensions[SubjectKeyIdentifierOid] as X509SubjectKeyIdentifierExtension;
            if (skiExtension != null)
            {
                return skiExtension.RawData;
            }
            else
            {
                return null;
            }
        }

        public byte[] GetX509SubjectKeyIdentifier()
        {
            return GetBuffer();
        }

        public bool Matches(X509Certificate2 certificate)
        {
            if (certificate == null)
                return false;

            byte[] data = GetSkiRawData(certificate);
            return data != null && Matches(data, SkiDataOffset);
        }

        public static bool TryCreateFrom(X509Certificate2 certificate, out X509SubjectKeyIdentifierClause keyIdentifierClause)
        {
            byte[] data = GetSkiRawData(certificate);
            keyIdentifierClause = null;
            if (data != null)
            {
                byte[] ski = SecurityUtils.CloneBuffer(data, SkiDataOffset, data.Length - SkiDataOffset);
                keyIdentifierClause = new X509SubjectKeyIdentifierClause(ski, false);
            }
            return keyIdentifierClause != null;
        }

        public static bool CanCreateFrom(X509Certificate2 certificate)
        {
            return null != GetSkiRawData(certificate);
        }

        public override string ToString()
        {
            return string.Format(CultureInfo.InvariantCulture, "X509SubjectKeyIdentifierClause(SKI = 0x{0})", ToHexString());
        }
    }
}