private void BuildBags( ICertificatePalCore certPal, ReadOnlySpan <char> passwordSpan, AsnWriter tmpWriter, CertBagAsn[] certBags, AttributeAsn[] certAttrs, SafeBagAsn[] keyBags, ref int certIdx, ref int keyIdx) { tmpWriter.WriteOctetString(certPal.RawData); certBags[certIdx] = new CertBagAsn { CertId = Oids.Pkcs12X509CertBagType, CertValue = tmpWriter.Encode(), }; tmpWriter.Reset(); if (certPal.HasPrivateKey) { byte[] attrBytes = new byte[6]; attrBytes[0] = (byte)UniversalTagNumber.OctetString; attrBytes[1] = sizeof(int); MemoryMarshal.Write(attrBytes.AsSpan(2), ref keyIdx); keyBags[keyIdx] = new SafeBagAsn { BagId = Oids.Pkcs12ShroudedKeyBag, BagValue = ExportPkcs8(certPal, passwordSpan), BagAttributes = new[] { new AttributeAsn { AttrType = new Oid(Oids.LocalKeyId, null), AttrValues = new ReadOnlyMemory <byte>[] { attrBytes, } } } }; // Reuse the attribute between the cert and the key. certAttrs[certIdx] = keyBags[keyIdx].BagAttributes[0]; keyIdx++; } certIdx++; }
private static List <Pkcs12SafeBag> ReadBags(ReadOnlyMemory <byte> serialized) { List <SafeBagAsn> serializedBags = new List <SafeBagAsn>(); AsnReader reader = new AsnReader(serialized, AsnEncodingRules.BER); AsnReader sequenceReader = reader.ReadSequence(); reader.ThrowIfNotEmpty(); while (sequenceReader.HasData) { SafeBagAsn.Decode(sequenceReader, out SafeBagAsn serializedBag); serializedBags.Add(serializedBag); } if (serializedBags.Count == 0) { return(new List <Pkcs12SafeBag>(0)); } List <Pkcs12SafeBag> bags = new List <Pkcs12SafeBag>(serializedBags.Count); for (int i = 0; i < serializedBags.Count; i++) { ReadOnlyMemory <byte> bagValue = serializedBags[i].BagValue; Pkcs12SafeBag bag = null; try { switch (serializedBags[i].BagId) { case Oids.Pkcs12KeyBag: bag = new Pkcs12KeyBag(bagValue); break; case Oids.Pkcs12ShroudedKeyBag: bag = new Pkcs12ShroudedKeyBag(bagValue); break; case Oids.Pkcs12CertBag: bag = Pkcs12CertBag.DecodeValue(bagValue); break; case Oids.Pkcs12CrlBag: // Known, but no first-class support currently. break; case Oids.Pkcs12SecretBag: bag = Pkcs12SecretBag.DecodeValue(bagValue); break; case Oids.Pkcs12SafeContentsBag: bag = Pkcs12SafeContentsBag.Decode(bagValue); break; } } catch (CryptographicException) { } if (bag == null) { bag = new Pkcs12SafeBag.UnknownBag(serializedBags[i].BagId, bagValue); } bag.Attributes = SignerInfo.MakeAttributeCollection(serializedBags[i].BagAttributes); bags.Add(bag); } return(bags); }