public override bool TryExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <byte> passwordBytes,
PbeParameters pbeParameters,
Span <byte> destination,
out int bytesWritten)
{
if (pbeParameters == null)
{
throw new ArgumentNullException(nameof(pbeParameters));
}
PasswordBasedEncryption.ValidatePbeParameters(
pbeParameters,
ReadOnlySpan <char> .Empty,
passwordBytes);
AsnWriter pkcs8PrivateKey = WritePkcs8PrivateKey();
AsnWriter writer = KeyFormatHelper.WriteEncryptedPkcs8(
passwordBytes,
pkcs8PrivateKey,
pbeParameters);
return(writer.TryEncode(destination, out bytesWritten));
}
/// <summary>
/// Attempts to export the current key in the PKCS#8 EncryptedPrivateKeyInfo
/// format into a provided buffer, using a char-based password.
/// </summary>
/// <param name="password">
/// The password to use when encrypting the key material.
/// </param>
/// <param name="pbeParameters">
/// The password-based encryption (PBE) parameters to use when encrypting
/// the key material.
/// </param>
/// <param name="destination">
/// The byte span to receive the PKCS#8 EncryptedPrivateKeyInfo data.
/// </param>
/// <param name="bytesWritten">
/// When this method returns, contains a value that indicates the number
/// of bytes written to <paramref name="destination" />. This parameter
/// is treated as uninitialized.
/// </param>
/// <returns>
/// <see langword="true" /> if <paramref name="destination" /> is big enough
/// to receive the output; otherwise, <see langword="false" />.
/// </returns>
/// <exception cref="ArgumentNullException">
/// <paramref name="pbeParameters" /> is <see langword="null" />.
/// </exception>
/// <exception cref="NotSupportedException">
/// A derived class has not provided an implementation for <see cref="ExportParameters" />.
/// </exception>
/// <exception cref="CryptographicException">
/// The key could not be exported.
/// </exception>
/// <remarks>
/// When <paramref name="pbeParameters" /> indicates an algorithm that uses PBKDF2
/// (Password-Based Key Derivation Function 2), the password is converted
/// to bytes via the UTF-8 encoding.
/// </remarks>
public override unsafe bool TryExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <char> password,
PbeParameters pbeParameters,
Span <byte> destination,
out int bytesWritten)
{
ArgumentNullException.ThrowIfNull(pbeParameters);
PasswordBasedEncryption.ValidatePbeParameters(
pbeParameters,
password,
ReadOnlySpan <byte> .Empty);
ECParameters ecParameters = ExportParameters(true);
fixed(byte *privPtr = ecParameters.D)
{
try
{
AsnWriter pkcs8PrivateKey = EccKeyFormatHelper.WritePkcs8PrivateKey(ecParameters);
AsnWriter writer = KeyFormatHelper.WriteEncryptedPkcs8(
password,
pkcs8PrivateKey,
pbeParameters);
return(writer.TryEncode(destination, out bytesWritten));
}
finally
{
CryptographicOperations.ZeroMemory(ecParameters.D);
}
}
}
public override unsafe bool TryExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <byte> passwordBytes,
PbeParameters pbeParameters,
Span <byte> destination,
out int bytesWritten)
{
if (pbeParameters == null)
{
throw new ArgumentNullException(nameof(pbeParameters));
}
PasswordBasedEncryption.ValidatePbeParameters(
pbeParameters,
ReadOnlySpan <char> .Empty,
passwordBytes);
ECParameters ecParameters = ExportParameters(true);
fixed(byte *privPtr = ecParameters.D)
{
try
{
using (AsnWriter pkcs8PrivateKey = ecParameters.WritePkcs8PrivateKey())
using (AsnWriter writer = KeyFormatHelper.WriteEncryptedPkcs8(
passwordBytes,
pkcs8PrivateKey,
pbeParameters))
{
return(writer.TryEncode(destination, out bytesWritten));
}
}
finally
{
CryptographicOperations.ZeroMemory(ecParameters.D);
}
}
}
