converted fixed OID encoding to static context.

PKISolutions · Apr 17, 2023 · 359a0d7 · 359a0d7
1 parent 999d1aa
commit 359a0d7
Showing 1 changed file with 5 additions and 35 deletions.
diff --git a/src/ADCS.SidExtension.PolicyModule/AsnUtils.cs b/src/ADCS.SidExtension.PolicyModule/AsnUtils.cs
@@ -1,23 +1,23 @@
 using System;
 using System.Collections.Generic;
-using System.Linq;
 using System.Security.Cryptography.X509Certificates;
 using System.Text;
 
 namespace ADCS.SidExtension.PolicyModule;
 
 class AsnUtils {
+    static readonly Byte[] _nestedOidBytes = { 6, 10, 43, 6, 1, 4, 1, 130, 55, 25, 2, 1 };
     /// <summary>
     /// Encodes NTDS CA Security extension from a SID string.
     /// </summary>
     /// <param name="sid">A string that represents security identifier (SID).</param>
     /// <returns>Encoded extension</returns>
     public static X509Extension EncodeSidExtension(String sid) {
-        var nestedOidBytes = encodeOid("1.3.6.1.4.1.311.25.2.1".Split('.').Select(x => Convert.ToInt64(x)).ToList()).ToList();
+        var data = new List<Byte>(_nestedOidBytes);
         Byte[] bytes = encode(Encoding.ASCII.GetBytes(sid), 4);
         bytes = encode(bytes, 160);
-        nestedOidBytes.AddRange(bytes);
-        bytes = encode(nestedOidBytes.ToArray(), 160);
+        data.AddRange(bytes);
+        bytes = encode(data.ToArray(), 160);
         Byte[] rawData = encode(bytes, 48);
 
         return new X509Extension("1.3.6.1.4.1.311.25.2", rawData, false);
@@ -27,7 +27,7 @@ public static X509Extension EncodeSidExtension(String sid) {
     /// </summary>
     /// <remarks>This method do not check whether the data in <strong>rawData</strong> is valid data for specified enclosing type.</remarks>
     /// <param name="rawData">A byte array to wrap.</param>
-    /// <param name="enclosingTag">An enumeration of <see cref="Asn1Type"/>.</param>
+    /// <param name="enclosingTag">Tag number to wrap data into.</param>
     /// <returns>Wrapped encoded byte array.</returns>
     /// <remarks>If <strong>rawData</strong> is null, an empty tag is encoded.</remarks>
     static Byte[] encode(Byte[] rawData, Byte enclosingTag) {
@@ -63,34 +63,4 @@ static Byte[] encode(Byte[] rawData, Byte enclosingTag) {
         }
         return retValue;
     }
-    static Byte[] encodeOid(IList<Int64> tokens) {
-        List<Byte> rawOid = new List<Byte>();
-        for (Int32 token = 0; token < tokens.Count; token++) {
-            // first two arcs are encoded in a single byte
-            switch (token) {
-                case 0:
-                    rawOid.Add((Byte)(40 * tokens[token] + tokens[token + 1]));
-                    continue;
-                case 1:
-                    continue;
-            }
-            Int16 bitLength = 0;
-            Int64 temp = tokens[token];
-            // calculate how many bits are occupied by the current integer value
-            do {
-                temp = (Int64)Math.Floor((Double)temp / 2);
-                bitLength++;
-            } while (temp > 0);
-            // calculate how many additional bytes are required and encode each integer in a 7 bit.
-            // 8th bit of the integer is shifted to the left and 8th bit is set to 1 to indicate that
-            // additional bytes are related to the current OID arc. Details:
-            // http://msdn.microsoft.com/en-us/library/bb540809(v=vs.85).aspx
-            // loop may not execute if arc value is less than 128.
-            for (Int32 index = (bitLength - 1) / 7; index > 0; index--) {
-                rawOid.Add((Byte)(0x80 | ((tokens[token] >> (index * 7)) & 0x7f)));
-            }
-            rawOid.Add((Byte)(tokens[token] & 0x7f));
-        }
-        return rawOid.ToArray();
-    }
 }