In esecuzione su ambienti Linux (Docker, nello specifico), viene sollevata l'eccezione in oggetto in fase di deserializzazione del certificato presente nella response SAML. Di seguito il dettaglio dell'eccezione.
ASN1 corrupted data. The provided data is tagged with 'Universal' class value '13', but it should have been 'Universal' class value '16'.
System.Security.Cryptography.CryptographicException:
at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromBlob (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
at CIE.AspNetCore.Authentication.Saml.SamlHandler.ValidateAuthnResponse (CIE.AspNetCore.Authentication, Version=1.1.3.0, Culture=neutral, PublicKeyToken=null)
at CIE.AspNetCore.Authentication.CieHandler+d14.MoveNext (CIE.AspNetCore.Authentication, Version=1.1.3.0, Culture=neutral, PublicKeyToken=null)
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw (System.Private.CoreLib, Version=5.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Private.CoreLib, Version=5.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Private.CoreLib, Version=5.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult (System.Private.CoreLib, Version=5.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
at CIE.AspNetCore.Authentication.CieHandler+d11.MoveNext (CIE.AspNetCore.Authentication, Version=1.1.3.0, Culture=neutral, PublicKeyToken=null)
Inner exception System.Formats.Asn1.AsnContentException handled at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromBlob:
at System.Formats.Asn1.AsnDecoder.CheckExpectedTag (System.Formats.Asn1, Version=5.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51)
at System.Formats.Asn1.AsnDecoder.ReadSequence (System.Formats.Asn1, Version=5.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51)
at System.Formats.Asn1.AsnValueReader.ReadSequence (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
at System.Security.Cryptography.Asn1.Pkcs12.PfxAsn.DecodeCore (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
at System.Security.Cryptography.Asn1.Pkcs12.PfxAsn.Decode (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
In esecuzione su ambienti Linux (Docker, nello specifico), viene sollevata l'eccezione in oggetto in fase di deserializzazione del certificato presente nella response SAML. Di seguito il dettaglio dell'eccezione.
ASN1 corrupted data. The provided data is tagged with 'Universal' class value '13', but it should have been 'Universal' class value '16'.
System.Security.Cryptography.CryptographicException: at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromBlob (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a) at System.Security.Cryptography.X509Certificates.X509Certificate..ctor (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a) at CIE.AspNetCore.Authentication.Saml.SamlHandler.ValidateAuthnResponse (CIE.AspNetCore.Authentication, Version=1.1.3.0, Culture=neutral, PublicKeyToken=null) at CIE.AspNetCore.Authentication.CieHandler+d14.MoveNext (CIE.AspNetCore.Authentication, Version=1.1.3.0, Culture=neutral, PublicKeyToken=null)
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw (System.Private.CoreLib, Version=5.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Private.CoreLib, Version=5.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Private.CoreLib, Version=5.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult (System.Private.CoreLib, Version=5.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
at CIE.AspNetCore.Authentication.CieHandler+d 11.MoveNext (CIE.AspNetCore.Authentication, Version=1.1.3.0, Culture=neutral, PublicKeyToken=null)
Inner exception System.Formats.Asn1.AsnContentException handled at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromBlob:
at System.Formats.Asn1.AsnDecoder.CheckExpectedTag (System.Formats.Asn1, Version=5.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51)
at System.Formats.Asn1.AsnDecoder.ReadSequence (System.Formats.Asn1, Version=5.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51)
at System.Formats.Asn1.AsnValueReader.ReadSequence (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
at System.Security.Cryptography.Asn1.Pkcs12.PfxAsn.DecodeCore (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
at System.Security.Cryptography.Asn1.Pkcs12.PfxAsn.Decode (System.Security.Cryptography.X509Certificates, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a)
L'errore ha già una risoluzione nota: https://github.com/dotnet/runtime/issues/47005