public byte[] Export(PkiArchiveFormat format, PkiKey privateKey = null,
IEnumerable <PkiCertificate> chain = null,
char[] password = null)
{
// Based on:
// https://stackoverflow.com/a/44798441/5428506
switch (format)
{
case PkiArchiveFormat.Pem:
using (var buff = new MemoryStream())
{
byte[] bytes = privateKey?.Export(PkiEncodingFormat.Pem, password);
if (bytes != null)
{
buff.Write(bytes, 0, bytes.Length);
}
bytes = Export(PkiEncodingFormat.Pem);
buff.Write(bytes, 0, bytes.Length);
if (chain != null)
{
foreach (var c in chain)
{
bytes = c.Export(PkiEncodingFormat.Pem);
buff.Write(bytes, 0, bytes.Length);
}
}
return(buff.ToArray());
}
case PkiArchiveFormat.Pkcs12:
var alias = AliasOf(this);
var store = new Pkcs12StoreBuilder().Build();
if (privateKey != null)
{
store.SetKeyEntry(alias, new AsymmetricKeyEntry(privateKey.NativeKey),
new[] { new X509CertificateEntry(NativeCertificate) });
}
else
{
store.SetCertificateEntry(alias, new X509CertificateEntry(NativeCertificate));
}
if (chain != null)
{
foreach (var c in chain)
{
store.SetCertificateEntry(AliasOf(c),
new X509CertificateEntry(c.NativeCertificate));
}
}
using (var buff = new MemoryStream())
{
store.Save(buff, password ?? new char[0], new SecureRandom());
return(buff.ToArray());
}
default:
throw new NotSupportedException();
}
}
public RecoverableSerialForm(PkiKey key)
{
_algorithm = key.Algorithm;
_key = key.Export(PkiEncodingFormat.Der);
_isPrivate = key.IsPrivate;
}
