private void BuildBags(
ICertificatePalCore certPal,
ReadOnlySpan <char> passwordSpan,
AsnWriter tmpWriter,
CertBagAsn[] certBags,
AttributeAsn[] certAttrs,
SafeBagAsn[] keyBags,
ref int certIdx,
ref int keyIdx)
{
tmpWriter.WriteOctetString(certPal.RawData);
certBags[certIdx] = new CertBagAsn
{
CertId = Oids.Pkcs12X509CertBagType,
CertValue = tmpWriter.Encode(),
};
tmpWriter.Reset();
if (certPal.HasPrivateKey)
{
byte[] attrBytes = new byte[6];
attrBytes[0] = (byte)UniversalTagNumber.OctetString;
attrBytes[1] = sizeof(int);
MemoryMarshal.Write(attrBytes.AsSpan(2), ref keyIdx);
keyBags[keyIdx] = new SafeBagAsn
{
BagId = Oids.Pkcs12ShroudedKeyBag,
BagValue = ExportPkcs8(certPal, passwordSpan),
BagAttributes = new[]
{
new AttributeAsn
{
AttrType = new Oid(Oids.LocalKeyId, null),
AttrValues = new ReadOnlyMemory <byte>[]
{
attrBytes,
}
}
}
};
// Reuse the attribute between the cert and the key.
certAttrs[certIdx] = keyBags[keyIdx].BagAttributes[0];
keyIdx++;
}
certIdx++;
}
private static List <Pkcs12SafeBag> ReadBags(ReadOnlyMemory <byte> serialized)
{
List <SafeBagAsn> serializedBags = new List <SafeBagAsn>();
AsnReader reader = new AsnReader(serialized, AsnEncodingRules.BER);
AsnReader sequenceReader = reader.ReadSequence();
reader.ThrowIfNotEmpty();
while (sequenceReader.HasData)
{
SafeBagAsn.Decode(sequenceReader, out SafeBagAsn serializedBag);
serializedBags.Add(serializedBag);
}
if (serializedBags.Count == 0)
{
return(new List <Pkcs12SafeBag>(0));
}
List <Pkcs12SafeBag> bags = new List <Pkcs12SafeBag>(serializedBags.Count);
for (int i = 0; i < serializedBags.Count; i++)
{
ReadOnlyMemory <byte> bagValue = serializedBags[i].BagValue;
Pkcs12SafeBag bag = null;
try
{
switch (serializedBags[i].BagId)
{
case Oids.Pkcs12KeyBag:
bag = new Pkcs12KeyBag(bagValue);
break;
case Oids.Pkcs12ShroudedKeyBag:
bag = new Pkcs12ShroudedKeyBag(bagValue);
break;
case Oids.Pkcs12CertBag:
bag = Pkcs12CertBag.DecodeValue(bagValue);
break;
case Oids.Pkcs12CrlBag:
// Known, but no first-class support currently.
break;
case Oids.Pkcs12SecretBag:
bag = Pkcs12SecretBag.DecodeValue(bagValue);
break;
case Oids.Pkcs12SafeContentsBag:
bag = Pkcs12SafeContentsBag.Decode(bagValue);
break;
}
}
catch (CryptographicException)
{
}
if (bag == null)
{
bag = new Pkcs12SafeBag.UnknownBag(serializedBags[i].BagId, bagValue);
}
bag.Attributes = SignerInfo.MakeAttributeCollection(serializedBags[i].BagAttributes);
bags.Add(bag);
}
return(bags);
}
