private ASN1 KeyBagSafeBag (AsymmetricAlgorithm aa, IDictionary attributes)
{
PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo ();
if (aa is RSA) {
pki.Algorithm = "1.2.840.113549.1.1.1";
pki.PrivateKey = PKCS8.PrivateKeyInfo.Encode ((RSA)aa);
}
else if (aa is DSA) {
pki.Algorithm = null;
pki.PrivateKey = PKCS8.PrivateKeyInfo.Encode ((DSA)aa);
}
else
throw new CryptographicException ("Unknown asymmetric algorithm {0}", aa.ToString ());
ASN1 safeBag = new ASN1 (0x30);
safeBag.Add (ASN1Convert.FromOid (keyBag));
ASN1 bagValue = new ASN1 (0xA0);
bagValue.Add (new ASN1 (pki.GetBytes ()));
safeBag.Add (bagValue);
if (attributes != null) {
ASN1 bagAttributes = new ASN1 (0x31);
IDictionaryEnumerator de = attributes.GetEnumerator ();
while (de.MoveNext ()) {
string oid = (string)de.Key;
switch (oid) {
case PKCS9.friendlyName:
ArrayList names = (ArrayList)de.Value;
if (names.Count > 0) {
ASN1 pkcs12Attribute = new ASN1 (0x30);
pkcs12Attribute.Add (ASN1Convert.FromOid (PKCS9.friendlyName));
ASN1 attrValues = new ASN1 (0x31);
foreach (byte[] name in names) {
ASN1 attrValue = new ASN1 (0x1e);
attrValue.Value = name;
attrValues.Add (attrValue);
}
pkcs12Attribute.Add (attrValues);
bagAttributes.Add (pkcs12Attribute);
}
break;
case PKCS9.localKeyId:
ArrayList keys = (ArrayList)de.Value;
if (keys.Count > 0) {
ASN1 pkcs12Attribute = new ASN1 (0x30);
pkcs12Attribute.Add (ASN1Convert.FromOid (PKCS9.localKeyId));
ASN1 attrValues = new ASN1 (0x31);
foreach (byte[] key in keys) {
ASN1 attrValue = new ASN1 (0x04);
attrValue.Value = key;
attrValues.Add (attrValue);
}
pkcs12Attribute.Add (attrValues);
bagAttributes.Add (pkcs12Attribute);
}
break;
default:
break;
}
}
if (bagAttributes.Count > 0) {
safeBag.Add (bagAttributes);
}
}
return safeBag;
}
public IDictionary GetAttributes (AsymmetricAlgorithm aa)
{
IDictionary result = new Hashtable ();
foreach (SafeBag sb in _safeBags) {
if (sb.BagOID.Equals (keyBag) || sb.BagOID.Equals (pkcs8ShroudedKeyBag)) {
ASN1 safeBag = sb.ASN1;
ASN1 bagValue = safeBag [1];
AsymmetricAlgorithm saa = null;
if (sb.BagOID.Equals (keyBag)) {
PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value);
byte[] privateKey = pki.PrivateKey;
switch (privateKey [0]) {
case 0x02:
DSAParameters p = new DSAParameters (); // FIXME
saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p);
break;
case 0x30:
saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey);
break;
default:
break;
}
Array.Clear (privateKey, 0, privateKey.Length);
} else if (sb.BagOID.Equals (pkcs8ShroudedKeyBag)) {
PKCS8.EncryptedPrivateKeyInfo epki = new PKCS8.EncryptedPrivateKeyInfo (bagValue.Value);
byte[] decrypted = Decrypt (epki.Algorithm, epki.Salt, epki.IterationCount, epki.EncryptedData);
PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (decrypted);
byte[] privateKey = pki.PrivateKey;
switch (privateKey [0]) {
case 0x02:
DSAParameters p = new DSAParameters (); // FIXME
saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p);
break;
case 0x30:
saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey);
break;
default:
break;
}
Array.Clear (privateKey, 0, privateKey.Length);
Array.Clear (decrypted, 0, decrypted.Length);
}
if (saa != null && CompareAsymmetricAlgorithm (saa, aa)) {
if (safeBag.Count == 3) {
ASN1 bagAttributes = safeBag [2];
for (int i = 0; i < bagAttributes.Count; i++) {
ASN1 pkcs12Attribute = bagAttributes [i];
ASN1 attrId = pkcs12Attribute [0];
string aOid = ASN1Convert.ToOid (attrId);
ArrayList aValues = new ArrayList ();
ASN1 attrValues = pkcs12Attribute [1];
for (int j = 0; j < attrValues.Count; j++) {
ASN1 attrValue = attrValues [j];
aValues.Add (attrValue.Value);
}
result.Add (aOid, aValues);
}
}
}
}
}
return result;
}
public void RemoveKeyBag (AsymmetricAlgorithm aa)
{
int aaIndex = -1;
for (int i = 0; aaIndex == -1 && i < _safeBags.Count; i++) {
SafeBag sb = (SafeBag)_safeBags [i];
if (sb.BagOID.Equals (keyBag)) {
ASN1 bagValue = sb.ASN1 [1];
PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value);
byte[] privateKey = pki.PrivateKey;
AsymmetricAlgorithm saa = null;
switch (privateKey [0]) {
case 0x02:
DSAParameters p = new DSAParameters (); // FIXME
saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p);
break;
case 0x30:
saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey);
break;
default:
Array.Clear (privateKey, 0, privateKey.Length);
throw new CryptographicException ("Unknown private key format");
}
Array.Clear (privateKey, 0, privateKey.Length);
if (CompareAsymmetricAlgorithm (aa, saa)) {
aaIndex = i;
}
}
}
if (aaIndex != -1) {
_safeBags.RemoveAt (aaIndex);
_keyBagsChanged = true;
}
}
public AsymmetricAlgorithm GetAsymmetricAlgorithm (IDictionary attrs)
{
foreach (SafeBag sb in _safeBags) {
if (sb.BagOID.Equals (keyBag) || sb.BagOID.Equals (pkcs8ShroudedKeyBag)) {
ASN1 safeBag = sb.ASN1;
if (safeBag.Count == 3) {
ASN1 bagAttributes = safeBag [2];
int bagAttributesFound = 0;
for (int i = 0; i < bagAttributes.Count; i++) {
ASN1 pkcs12Attribute = bagAttributes [i];
ASN1 attrId = pkcs12Attribute [0];
string ao = ASN1Convert.ToOid (attrId);
ArrayList dattrValues = (ArrayList)attrs [ao];
if (dattrValues != null) {
ASN1 attrValues = pkcs12Attribute [1];
if (dattrValues.Count == attrValues.Count) {
int attrValuesFound = 0;
for (int j = 0; j < attrValues.Count; j++) {
ASN1 attrValue = attrValues [j];
byte[] value = (byte[])dattrValues [j];
if (Compare (value, attrValue.Value)) {
attrValuesFound += 1;
}
}
if (attrValuesFound == attrValues.Count) {
bagAttributesFound += 1;
}
}
}
}
if (bagAttributesFound == bagAttributes.Count) {
ASN1 bagValue = safeBag [1];
AsymmetricAlgorithm aa = null;
if (sb.BagOID.Equals (keyBag)) {
PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value);
byte[] privateKey = pki.PrivateKey;
switch (privateKey [0]) {
case 0x02:
DSAParameters p = new DSAParameters (); // FIXME
aa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p);
break;
case 0x30:
aa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey);
break;
default:
break;
}
Array.Clear (privateKey, 0, privateKey.Length);
} else if (sb.BagOID.Equals (pkcs8ShroudedKeyBag)) {
PKCS8.EncryptedPrivateKeyInfo epki = new PKCS8.EncryptedPrivateKeyInfo (bagValue.Value);
byte[] decrypted = Decrypt (epki.Algorithm, epki.Salt, epki.IterationCount, epki.EncryptedData);
PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (decrypted);
byte[] privateKey = pki.PrivateKey;
switch (privateKey [0]) {
case 0x02:
DSAParameters p = new DSAParameters (); // FIXME
aa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p);
break;
case 0x30:
aa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey);
break;
default:
break;
}
Array.Clear (privateKey, 0, privateKey.Length);
Array.Clear (decrypted, 0, decrypted.Length);
}
return aa;
}
}
}
}
return null;
}
public void AddKeyBag (AsymmetricAlgorithm aa, IDictionary attributes)
{
bool found = false;
for (int i = 0; !found && i < _safeBags.Count; i++) {
SafeBag sb = (SafeBag)_safeBags [i];
if (sb.BagOID.Equals (keyBag)) {
ASN1 bagValue = sb.ASN1 [1];
PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value);
byte[] privateKey = pki.PrivateKey;
AsymmetricAlgorithm saa = null;
switch (privateKey [0]) {
case 0x02:
DSAParameters p = new DSAParameters (); // FIXME
saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p);
break;
case 0x30:
saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey);
break;
default:
Array.Clear (privateKey, 0, privateKey.Length);
throw new CryptographicException ("Unknown private key format");
}
Array.Clear (privateKey, 0, privateKey.Length);
if (CompareAsymmetricAlgorithm (aa, saa)) {
found = true;
}
}
}
if (!found) {
_safeBags.Add (new SafeBag (keyBag, KeyBagSafeBag (aa, attributes)));
_keyBagsChanged = true;
}
}