public static GetCertContentType ( byte rawData ) : System.Security.Cryptography.X509Certificates.X509ContentType | ||
rawData | byte | |
return | System.Security.Cryptography.X509Certificates.X509ContentType |
public X509Certificate2ImplMono(byte[] rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) { switch (X509Certificate2.GetCertContentType(rawData)) { case X509ContentType.Pkcs12: _cert = ImportPkcs12(rawData, password); break; case X509ContentType.Cert: case X509ContentType.Pkcs7: _cert = new MX.X509Certificate(rawData); break; #if !MONOTOUCH_WATCH case X509ContentType.Authenticode: AuthenticodeDeformatter ad = new AuthenticodeDeformatter(rawData); _cert = ad.SigningCertificate; if (_cert == null) { goto default; } break; #endif default: string msg = Locale.GetText("Unable to decode certificate."); throw new CryptographicException(msg); } }
internal static partial ILoaderPal FromBlob(ReadOnlySpan <byte> rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) { Debug.Assert(password != null); X509ContentType contentType = X509Certificate2.GetCertContentType(rawData); if (contentType == X509ContentType.Pkcs12) { if ((keyStorageFlags & X509KeyStorageFlags.EphemeralKeySet) == X509KeyStorageFlags.EphemeralKeySet) { throw new PlatformNotSupportedException(SR.Cryptography_X509_NoEphemeralPfx); } bool exportable = (keyStorageFlags & X509KeyStorageFlags.Exportable) == X509KeyStorageFlags.Exportable; bool persist = (keyStorageFlags & X509KeyStorageFlags.PersistKeySet) == X509KeyStorageFlags.PersistKeySet; SafeKeychainHandle keychain = persist ? Interop.AppleCrypto.SecKeychainCopyDefault() : Interop.AppleCrypto.CreateTemporaryKeychain(); return(ImportPkcs12(rawData, password, exportable, ephemeralSpecified: false, keychain)); } SafeCFArrayHandle certs = Interop.AppleCrypto.X509ImportCollection( rawData, contentType, password, SafeTemporaryKeychainHandle.InvalidHandle, exportable: true); return(new AppleCertLoader(certs, null)); }
public static X509ContentType GetCertContentType(string fileName) { if (fileName == null) { throw new ArgumentNullException("fileName"); } if (fileName.Length == 0) { throw new ArgumentException("fileName"); } byte[] rawData = X509Certificate2.Load(fileName); return(X509Certificate2.GetCertContentType(rawData)); }
public X509Certificate2ImplMono(byte[] rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) { switch (X509Certificate2.GetCertContentType(rawData)) { case X509ContentType.Pkcs12: _cert = ImportPkcs12(rawData, password); break; case X509ContentType.Cert: case X509ContentType.Pkcs7: _cert = new MX.X509Certificate(rawData); break; default: string msg = Locale.GetText("Unable to decode certificate."); throw new CryptographicException(msg); } }
internal static partial ILoaderPal FromBlob(ReadOnlySpan <byte> rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) { Debug.Assert(password != null); X509ContentType contentType = X509Certificate2.GetCertContentType(rawData); bool ephemeralSpecified = keyStorageFlags.HasFlag(X509KeyStorageFlags.EphemeralKeySet); if (contentType == X509ContentType.Pkcs12) { ICertificatePal[] certPals = ReadPkcs12Collection(rawData, password, ephemeralSpecified); return(new AndroidCertLoader(certPals)); } else { SafeX509Handle[] certs = Interop.AndroidCrypto.X509DecodeCollection(rawData); return(new AndroidCertLoader(certs)); } }
public static ICertificatePal FromBlob(ReadOnlySpan <byte> rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) { Debug.Assert(password != null); bool ephemeralSpecified = keyStorageFlags.HasFlag(X509KeyStorageFlags.EphemeralKeySet); X509ContentType contentType = X509Certificate2.GetCertContentType(rawData); switch (contentType) { case X509ContentType.Pkcs7: // In single mode for a PKCS#7 signed or signed-and-enveloped file we're supposed to return // the certificate which signed the PKCS#7 file. // We don't support determining this on Android right now, so we throw. throw new CryptographicException(SR.Cryptography_X509_PKCS7_NoSigner); case X509ContentType.Pkcs12: if ((keyStorageFlags & X509KeyStorageFlags.PersistKeySet) == X509KeyStorageFlags.PersistKeySet) { throw new PlatformNotSupportedException(SR.Cryptography_X509_PKCS12_PersistKeySetNotSupported); } return(ReadPkcs12(rawData, password, ephemeralSpecified)); case X509ContentType.Cert: default: { ICertificatePal?cert; if (TryReadX509(rawData, out cert)) { return(cert); } break; } } // Unsupported throw new CryptographicException(); }
public static ICertificatePal FromBlob( ReadOnlySpan <byte> rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) { Debug.Assert(password != null); X509ContentType contentType = X509Certificate2.GetCertContentType(rawData); if (contentType == X509ContentType.Pkcs7) { // In single mode for a PKCS#7 signed or signed-and-enveloped file we're supposed to return // the certificate which signed the PKCS#7 file. // // X509Certificate2Collection::Export(X509ContentType.Pkcs7) claims to be a signed PKCS#7, // but doesn't emit a signature block. So this is hard to test. // // TODO(2910): Figure out how to extract the signing certificate, when it's present. throw new CryptographicException(SR.Cryptography_X509_PKCS7_NoSigner); } if (contentType == X509ContentType.Pkcs12) { if ((keyStorageFlags & X509KeyStorageFlags.EphemeralKeySet) == X509KeyStorageFlags.EphemeralKeySet) { throw new PlatformNotSupportedException(SR.Cryptography_X509_NoEphemeralPfx); } bool exportable = (keyStorageFlags & X509KeyStorageFlags.Exportable) == X509KeyStorageFlags.Exportable; bool persist = (keyStorageFlags & X509KeyStorageFlags.PersistKeySet) == X509KeyStorageFlags.PersistKeySet; SafeKeychainHandle keychain = persist ? Interop.AppleCrypto.SecKeychainCopyDefault() : Interop.AppleCrypto.CreateTemporaryKeychain(); using (keychain) { AppleCertificatePal ret = ImportPkcs12(rawData, password, exportable, keychain); if (!persist) { // If we used temporary keychain we need to prevent deletion. // on 10.15+ if keychain is unlinked, certain certificate operations may fail. bool success = false; keychain.DangerousAddRef(ref success); if (success) { ret._tempKeychain = keychain; } } return(ret); } } SafeSecIdentityHandle identityHandle; SafeSecCertificateHandle certHandle = Interop.AppleCrypto.X509ImportCertificate( rawData, contentType, SafePasswordHandle.InvalidHandle, SafeTemporaryKeychainHandle.InvalidHandle, exportable: true, out identityHandle); if (identityHandle.IsInvalid) { identityHandle.Dispose(); return(new AppleCertificatePal(certHandle)); } Debug.Fail("Non-PKCS12 import produced an identity handle"); identityHandle.Dispose(); certHandle.Dispose(); throw new CryptographicException(); }