Fix SegFault due to calling X509_check_purpose after d2i_X509 failed.

CoreFX X509Certificates on Unix currently only support DER-encoded public certificates (".cer"). Any of the other binary constructor tests resulted in an invalid pointer, because d2i failed to decode.

Author: bartonjs

src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/OpenSslX509CertificateReader.cs

@@ -30,6 +30,11 @@ internal unsafe OpenSslX509CertificateReader(byte[] data)
 
                 _cert = Interop.libcrypto.d2i_X509(IntPtr.Zero, ppData, data.Length);
 
+                if (_cert.IsInvalid)
+                {
+                    throw new CryptographicException();
+                }
+
                 // X509_check_purpose has the effect of populating the sha1_hash value,
                 // and other "initialize" type things.
                 bool init = Interop.libcrypto.X509_check_purpose(_cert, -1, 0);