internal static unsafe ECParameters FromECPrivateKey(ReadOnlySpan <byte> key, out int bytesRead)
{
try
{
AsnDecoder.ReadEncodedValue(
key,
AsnEncodingRules.BER,
out _,
out _,
out int firstValueLength);
fixed(byte *ptr = &MemoryMarshal.GetReference(key))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, firstValueLength))
{
AlgorithmIdentifierAsn algId = default;
FromECPrivateKey(manager.Memory, algId, out ECParameters ret);
bytesRead = firstValueLength;
return(ret);
}
}
}
catch (AsnContentException e)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding, e);
}
}
public virtual unsafe void ImportRSAPrivateKey(ReadOnlySpan <byte> source, out int bytesRead)
{
fixed(byte *ptr = &MemoryMarshal.GetReference(source))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, source.Length))
{
AsnReader reader = new AsnReader(manager.Memory, AsnEncodingRules.BER);
ReadOnlyMemory <byte> firstValue = reader.PeekEncodedValue();
int localRead = firstValue.Length;
AlgorithmIdentifierAsn ignored = default;
RSAKeyFormatHelper.FromPkcs1PrivateKey(firstValue, ignored, out RSAParameters rsaParameters);
fixed(byte *dPin = rsaParameters.D)
fixed(byte *pPin = rsaParameters.P)
fixed(byte *qPin = rsaParameters.Q)
fixed(byte *dpPin = rsaParameters.DP)
fixed(byte *dqPin = rsaParameters.DQ)
fixed(byte *qInvPin = rsaParameters.InverseQ)
{
try
{
ImportParameters(rsaParameters);
}
finally
{
ClearPrivateParameters(rsaParameters);
}
}
bytesRead = localRead;
}
}
}
public static unsafe ContentInfo?TryDecryptCore(
byte[] cek,
string contentType,
ReadOnlyMemory <byte>?content,
AlgorithmIdentifierAsn contentEncryptionAlgorithm,
out Exception?exception)
{
if (content == null)
{
exception = null;
return(new ContentInfo(
new Oid(contentType),
Array.Empty <byte>()));
}
byte[]? decrypted = DecryptContent(content.Value, cek, contentEncryptionAlgorithm, out exception);
if (exception != null)
{
return(null);
}
if (contentType != Oids.Pkcs7Data)
{
decrypted = GetAsnSequenceWithContentNoValidation(decrypted);
}
exception = null;
return(new ContentInfo(
new Oid(contentType),
decrypted !));
}
public virtual unsafe void ImportRSAPublicKey(ReadOnlySpan <byte> source, out int bytesRead)
{
try
{
AsnDecoder.ReadEncodedValue(
source,
AsnEncodingRules.BER,
out _,
out _,
out int localRead);
fixed(byte *ptr = &MemoryMarshal.GetReference(source))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, localRead))
{
AlgorithmIdentifierAsn ignored = default;
RSAKeyFormatHelper.ReadRsaPublicKey(manager.Memory, ignored, out RSAParameters rsaParameters);
ImportParameters(rsaParameters);
bytesRead = localRead;
}
}
}
catch (AsnContentException e)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding, e);
}
}
private static unsafe AsnWriter?RewritePkcs8ECPrivateKeyWithZeroPublicKey(ReadOnlySpan <byte> source)
{
fixed(byte *ptr = &MemoryMarshal.GetReference(source))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, source.Length))
{
PrivateKeyInfoAsn privateKeyInfo = PrivateKeyInfoAsn.Decode(manager.Memory, AsnEncodingRules.BER);
AlgorithmIdentifierAsn privateAlgorithm = privateKeyInfo.PrivateKeyAlgorithm;
if (privateAlgorithm.Algorithm.Value != Oids.EcPublicKey)
{
return(null);
}
ECPrivateKey privateKey = ECPrivateKey.Decode(privateKeyInfo.PrivateKey, AsnEncodingRules.BER);
EccKeyFormatHelper.FromECPrivateKey(privateKey, privateAlgorithm, out ECParameters ecParameters);
fixed(byte *pD = ecParameters.D)
{
try
{
if (!ecParameters.Curve.IsExplicit || ecParameters.Q.X != null || ecParameters.Q.Y != null)
{
return(null);
}
byte[] zero = new byte[ecParameters.D !.Length];
internal static void Decode(ref AsnValueReader reader, Asn1Tag expectedTag, ReadOnlyMemory <byte> rebind, out KeyTransRecipientInfoAsn decoded)
{
decoded = default;
AsnValueReader sequenceReader = reader.ReadSequence(expectedTag);
ReadOnlySpan <byte> rebindSpan = rebind.Span;
int offset;
ReadOnlySpan <byte> tmpSpan;
if (!sequenceReader.TryReadInt32(out decoded.Version))
{
sequenceReader.ThrowIfNotEmpty();
}
RecipientIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.Rid);
AlgorithmIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.KeyEncryptionAlgorithm);
if (sequenceReader.TryReadPrimitiveOctetStringBytes(out tmpSpan))
{
decoded.EncryptedKey = rebindSpan.Overlaps(tmpSpan, out offset) ? rebind.Slice(offset, tmpSpan.Length) : tmpSpan.ToArray();
}
else
{
decoded.EncryptedKey = sequenceReader.ReadOctetString();
}
sequenceReader.ThrowIfNotEmpty();
}
internal static void Decode(ref AsnValueReader reader, Asn1Tag expectedTag, ReadOnlyMemory <byte> rebind, out SignerInfoAsn decoded)
{
decoded = default;
AsnValueReader sequenceReader = reader.ReadSequence(expectedTag);
AsnValueReader collectionReader;
ReadOnlySpan <byte> rebindSpan = rebind.Span;
int offset;
ReadOnlySpan <byte> tmpSpan;
if (!sequenceReader.TryReadInt32(out decoded.Version))
{
sequenceReader.ThrowIfNotEmpty();
}
SignerIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.Sid);
AlgorithmIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.DigestAlgorithm);
if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 0)))
{
tmpSpan = sequenceReader.ReadEncodedValue();
decoded.SignedAttributes = rebindSpan.Overlaps(tmpSpan, out offset) ? rebind.Slice(offset, tmpSpan.Length) : tmpSpan.ToArray();
decoded.SignedAttributesSet = SignedAttributesSet.Decode(decoded.SignedAttributes.Value, AsnEncodingRules.BER);
}
AlgorithmIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.SignatureAlgorithm);
if (sequenceReader.TryReadPrimitiveOctetStringBytes(out tmpSpan))
{
decoded.SignatureValue = rebindSpan.Overlaps(tmpSpan, out offset) ? rebind.Slice(offset, tmpSpan.Length) : tmpSpan.ToArray();
}
else
{
decoded.SignatureValue = sequenceReader.ReadOctetString();
}
if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 1)))
{
// Decode SEQUENCE OF for UnsignedAttributes
{
collectionReader = sequenceReader.ReadSetOf(new Asn1Tag(TagClass.ContextSpecific, 1));
var tmpList = new List <AttributeAsn>();
AttributeAsn tmpItem;
while (collectionReader.HasData)
{
AttributeAsn.Decode(ref collectionReader, rebind, out tmpItem);
tmpList.Add(tmpItem);
}
decoded.UnsignedAttributes = tmpList.ToArray();
}
}
sequenceReader.ThrowIfNotEmpty();
}
internal static void Decode(ref AsnValueReader reader, Asn1Tag expectedTag, ReadOnlyMemory <byte> rebind, out KeyAgreeRecipientInfoAsn decoded)
{
decoded = default;
AsnValueReader sequenceReader = reader.ReadSequence(expectedTag);
AsnValueReader explicitReader;
AsnValueReader collectionReader;
ReadOnlySpan <byte> rebindSpan = rebind.Span;
int offset;
ReadOnlySpan <byte> tmpSpan;
if (!sequenceReader.TryReadInt32(out decoded.Version))
{
sequenceReader.ThrowIfNotEmpty();
}
explicitReader = sequenceReader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 0));
OriginatorIdentifierOrKeyAsn.Decode(ref explicitReader, rebind, out decoded.Originator);
explicitReader.ThrowIfNotEmpty();
if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 1)))
{
explicitReader = sequenceReader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 1));
if (explicitReader.TryReadPrimitiveOctetStringBytes(out tmpSpan))
{
decoded.Ukm = rebindSpan.Overlaps(tmpSpan, out offset) ? rebind.Slice(offset, tmpSpan.Length) : tmpSpan.ToArray();
}
else
{
decoded.Ukm = explicitReader.ReadOctetString();
}
explicitReader.ThrowIfNotEmpty();
}
AlgorithmIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.KeyEncryptionAlgorithm);
// Decode SEQUENCE OF for RecipientEncryptedKeys
{
collectionReader = sequenceReader.ReadSequence();
var tmpList = new List <RecipientEncryptedKeyAsn>();
RecipientEncryptedKeyAsn tmpItem;
while (collectionReader.HasData)
{
RecipientEncryptedKeyAsn.Decode(ref collectionReader, rebind, out tmpItem);
tmpList.Add(tmpItem);
}
decoded.RecipientEncryptedKeys = tmpList.ToArray();
}
sequenceReader.ThrowIfNotEmpty();
}
private DecryptorPalWindows(
SafeCryptMsgHandle hCryptMsg,
RecipientInfoCollection recipientInfos,
AlgorithmIdentifierAsn contentEncryptionAlgorithm)
: base(recipientInfos)
{
_hCryptMsg = hCryptMsg;
_contentEncryptionAlgorithm = contentEncryptionAlgorithm;
}
internal byte[] ToPkcs10Request(X509SignatureGenerator signatureGenerator, HashAlgorithmName hashAlgorithm)
{
// State validation should be runtime checks if/when this becomes public API
Debug.Assert(signatureGenerator != null);
Debug.Assert(Subject != null);
Debug.Assert(PublicKey != null);
byte[] signatureAlgorithm = signatureGenerator.GetSignatureAlgorithmIdentifier(hashAlgorithm);
AlgorithmIdentifierAsn signatureAlgorithmAsn;
// Deserialization also does validation of the value (except for Parameters, which have to be validated separately).
signatureAlgorithmAsn = AlgorithmIdentifierAsn.Decode(signatureAlgorithm, AsnEncodingRules.DER);
if (signatureAlgorithmAsn.Parameters.HasValue)
{
Helpers.ValidateDer(signatureAlgorithmAsn.Parameters.Value.Span);
}
SubjectPublicKeyInfoAsn spki = default;
spki.Algorithm = new AlgorithmIdentifierAsn {
Algorithm = PublicKey.Oid !.Value !, Parameters = PublicKey.EncodedParameters.RawData
};
spki.SubjectPublicKey = PublicKey.EncodedKeyValue.RawData;
var attributes = new AttributeAsn[Attributes.Count];
for (int i = 0; i < attributes.Length; i++)
{
attributes[i] = new AttributeAsn(Attributes[i]);
}
CertificationRequestInfoAsn requestInfo = new CertificationRequestInfoAsn
{
Version = 0,
Subject = this.Subject.RawData,
SubjectPublicKeyInfo = spki,
Attributes = attributes
};
AsnWriter writer = new AsnWriter(AsnEncodingRules.DER);
requestInfo.Encode(writer);
byte[] encodedRequestInfo = writer.Encode();
writer.Reset();
CertificationRequestAsn certificationRequest = new CertificationRequestAsn
{
CertificationRequestInfo = requestInfo,
SignatureAlgorithm = signatureAlgorithmAsn,
SignatureValue = signatureGenerator.SignData(encodedRequestInfo, hashAlgorithm),
};
certificationRequest.Encode(writer);
return(writer.Encode());
}
}
public override RSAParameters ExportParameters(bool includePrivateParameters)
{
SecKeyPair keys = GetKeys();
if (includePrivateParameters && keys.PrivateKey == null)
{
throw new CryptographicException(SR.Cryptography_OpenInvalidHandle);
}
byte[] keyBlob = Interop.AppleCrypto.SecKeyCopyExternalRepresentation(
includePrivateParameters ? keys.PrivateKey ! : keys.PublicKey);
try
{
if (!includePrivateParameters)
{
// When exporting a key handle opened from a certificate, it seems to
// export as a PKCS#1 blob instead of an X509 SubjectPublicKeyInfo blob.
// So, check for that.
// NOTE: It doesn't affect macOS Mojave when SecCertificateCopyKey API
// is used.
RSAParameters key;
AsnReader reader = new AsnReader(keyBlob, AsnEncodingRules.BER);
AsnReader sequenceReader = reader.ReadSequence();
if (sequenceReader.PeekTag().Equals(Asn1Tag.Integer))
{
AlgorithmIdentifierAsn ignored = default;
RSAKeyFormatHelper.ReadRsaPublicKey(keyBlob, ignored, out key);
}
else
{
RSAKeyFormatHelper.ReadSubjectPublicKeyInfo(
keyBlob,
out int localRead,
out key);
Debug.Assert(localRead == keyBlob.Length);
}
return(key);
}
else
{
AlgorithmIdentifierAsn ignored = default;
RSAKeyFormatHelper.FromPkcs1PrivateKey(
keyBlob,
ignored,
out RSAParameters key);
return(key);
}
}
finally
{
CryptographicOperations.ZeroMemory(keyBlob);
}
}
static EssCertIdV2()
{
EssCertIdV2 decoded = default;
ReadOnlyMemory <byte> rebind = default;
AsnValueReader reader;
reader = new AsnValueReader(DefaultHashAlgorithm, AsnEncodingRules.DER);
AlgorithmIdentifierAsn.Decode(ref reader, rebind, out decoded.HashAlgorithm);
reader.ThrowIfNotEmpty();
}
private static RSAParameters ExportParametersFromLegacyKey(SecKeyPair keys, bool includePrivateParameters)
{
// Apple requires all private keys to be exported encrypted, but since we're trying to export
// as parsed structures we will need to decrypt it for the user.
const string ExportPassword = "******";
byte[] keyBlob = Interop.AppleCrypto.SecKeyExport(
includePrivateParameters ? keys.PrivateKey : keys.PublicKey,
exportPrivate: includePrivateParameters,
password: ExportPassword);
try
{
if (!includePrivateParameters)
{
// When exporting a key handle opened from a certificate, it seems to
// export as a PKCS#1 blob instead of an X509 SubjectPublicKeyInfo blob.
// So, check for that.
// NOTE: It doesn't affect macOS Mojave when SecCertificateCopyKey API
// is used.
RSAParameters key;
AsnReader reader = new AsnReader(keyBlob, AsnEncodingRules.BER);
AsnReader sequenceReader = reader.ReadSequence();
if (sequenceReader.PeekTag().Equals(Asn1Tag.Integer))
{
AlgorithmIdentifierAsn ignored = default;
RSAKeyFormatHelper.ReadRsaPublicKey(keyBlob, ignored, out key);
}
else
{
RSAKeyFormatHelper.ReadSubjectPublicKeyInfo(
keyBlob,
out int localRead,
out key);
Debug.Assert(localRead == keyBlob.Length);
}
return(key);
}
else
{
RSAKeyFormatHelper.ReadEncryptedPkcs8(
keyBlob,
ExportPassword,
out int localRead,
out RSAParameters key);
return(key);
}
}
finally
{
CryptographicOperations.ZeroMemory(keyBlob);
}
}
public static void SerializeNullAlgorithmIdentifier()
{
AlgorithmIdentifierAsn identifier = new AlgorithmIdentifierAsn
{
Algorithm = new Oid(null, "SHA-2-256"),
Parameters = new byte[] { 5, 0 },
};
Assert.Throws <CryptographicException>(
() => AsnSerializer.Serialize(identifier, AsnEncodingRules.DER));
}
private static byte[]? DecryptContent(
ReadOnlyMemory <byte> encryptedContent,
byte[] cek,
AlgorithmIdentifierAsn contentEncryptionAlgorithm,
out Exception?exception)
{
exception = null;
int encryptedContentLength = encryptedContent.Length;
byte[]? encryptedContentArray = CryptoPool.Rent(encryptedContentLength);
try
{
encryptedContent.CopyTo(encryptedContentArray);
using (SymmetricAlgorithm alg = OpenAlgorithm(contentEncryptionAlgorithm))
{
ICryptoTransform decryptor;
try
{
decryptor = alg.CreateDecryptor(cek, alg.IV);
}
catch (ArgumentException ae)
{
// Decrypting or deriving the symmetric key with the wrong key may still succeed
// but produce a symmetric key that is not the correct length.
throw new CryptographicException(SR.Cryptography_Cms_InvalidSymmetricKey, ae);
}
using (decryptor)
{
// If we extend this library to accept additional algorithm providers
// then a different array pool needs to be used.
Debug.Assert(alg.GetType().Assembly == typeof(Aes).Assembly);
return(decryptor.OneShot(
encryptedContentArray,
0,
encryptedContentLength));
}
}
}
catch (CryptographicException e)
{
exception = e;
return(null);
}
finally
{
CryptoPool.Return(encryptedContentArray, encryptedContentLength);
encryptedContentArray = null;
}
}
private void ConsiderDigestAddition(AlgorithmIdentifierAsn candidate)
{
int curLength = _signedData.DigestAlgorithms.Length;
for (int i = 0; i < curLength; i++)
{
ref AlgorithmIdentifierAsn alg = ref _signedData.DigestAlgorithms[i];
if (candidate.Equals(ref alg))
{
return;
}
}
private static SymmetricAlgorithm OpenAlgorithm(AlgorithmIdentifierAsn contentEncryptionAlgorithm)
{
SymmetricAlgorithm alg = OpenAlgorithm(contentEncryptionAlgorithm.Algorithm);
if (alg is RC2)
{
if (contentEncryptionAlgorithm.Parameters == null)
{
// Windows issues CRYPT_E_BAD_DECODE
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
Rc2CbcParameters rc2Params = Rc2CbcParameters.Decode(
contentEncryptionAlgorithm.Parameters.Value,
AsnEncodingRules.BER);
alg.KeySize = rc2Params.GetEffectiveKeyBits();
alg.IV = rc2Params.Iv.ToArray();
}
else
{
if (contentEncryptionAlgorithm.Parameters == null)
{
// Windows issues CRYPT_E_BAD_DECODE
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
AsnReader reader = new AsnReader(contentEncryptionAlgorithm.Parameters.Value, AsnEncodingRules.BER);
if (reader.TryReadPrimitiveOctetStringBytes(out ReadOnlyMemory <byte> primitiveBytes))
{
alg.IV = primitiveBytes.ToArray();
}
else
{
byte[] iv = new byte[alg.BlockSize / 8];
if (!reader.TryCopyOctetStringBytes(iv, out int bytesWritten) ||
bytesWritten != iv.Length)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
alg.IV = iv;
}
}
return(alg);
}
public static unsafe ContentInfo?TryDecryptCore(
byte[] cek,
string contentType,
ReadOnlyMemory <byte>?content,
AlgorithmIdentifierAsn contentEncryptionAlgorithm,
out Exception?exception)
{
if (content == null)
{
exception = null;
return(new ContentInfo(
new Oid(contentType),
Array.Empty <byte>()));
}
byte[]? decrypted = DecryptContent(content.Value, cek, contentEncryptionAlgorithm, out exception);
if (exception != null)
{
return(null);
}
// Compat: Previous versions of the managed PAL encryptor would wrap the contents in an octet stream
// which is not correct and is incompatible with other CMS readers. To maintain compatibility with
// existing CMS that have the incorrect wrapping, we attempt to remove it.
if (contentType == Oids.Pkcs7Data)
{
if (decrypted?.Length > 0 && decrypted[0] == 0x04)
{
try
{
decrypted = AsnDecoder.ReadOctetString(decrypted, AsnEncodingRules.BER, out _);
}
catch (AsnContentException)
{
}
}
}
else
{
decrypted = GetAsnSequenceWithContentNoValidation(decrypted);
}
exception = null;
return(new ContentInfo(
new Oid(contentType),
decrypted !));
}
internal byte[] ToPkcs10Request(X509SignatureGenerator signatureGenerator, HashAlgorithmName hashAlgorithm)
{
// State validation should be runtime checks if/when this becomes public API
Debug.Assert(signatureGenerator != null);
Debug.Assert(Subject != null);
Debug.Assert(PublicKey != null);
byte[] signatureAlgorithm = signatureGenerator.GetSignatureAlgorithmIdentifier(hashAlgorithm);
AlgorithmIdentifierAsn signatureAlgorithmAsn;
// Deserialization also does validation of the value (except for Parameters, which have to be validated separately).
signatureAlgorithmAsn = AlgorithmIdentifierAsn.Decode(signatureAlgorithm, AsnEncodingRules.DER);
if (signatureAlgorithmAsn.Parameters.HasValue)
{
Helpers.ValidateDer(signatureAlgorithmAsn.Parameters.Value);
}
SubjectPublicKeyInfoAsn spki = new SubjectPublicKeyInfoAsn();
spki.Algorithm = new AlgorithmIdentifierAsn {
Algorithm = PublicKey.Oid, Parameters = PublicKey.EncodedParameters.RawData
};
spki.SubjectPublicKey = PublicKey.EncodedKeyValue.RawData;
CertificationRequestInfoAsn requestInfo = new CertificationRequestInfoAsn
{
Version = 0,
Subject = this.Subject.RawData,
SubjectPublicKeyInfo = spki,
Attributes = Attributes.Select(a => new AttributeAsn(a)).ToArray(),
};
using (AsnWriter writer = new AsnWriter(AsnEncodingRules.DER))
using (AsnWriter signedWriter = new AsnWriter(AsnEncodingRules.DER))
{
requestInfo.Encode(writer);
byte[] encodedRequestInfo = writer.Encode();
CertificationRequestAsn certificationRequest = new CertificationRequestAsn
{
CertificationRequestInfo = requestInfo,
SignatureAlgorithm = signatureAlgorithmAsn,
SignatureValue = signatureGenerator.SignData(encodedRequestInfo, hashAlgorithm),
};
certificationRequest.Encode(signedWriter);
return(signedWriter.Encode());
}
}
/// <summary>
/// Sign the current certificate request to create a chain-signed or self-signed certificate.
/// </summary>
/// <param name="issuerName">The X500DistinguishedName for the Issuer</param>
/// <param name="generator">
/// An <see cref="X509SignatureGenerator"/> representing the issuing certificate authority.
/// </param>
/// <param name="notBefore">
/// The oldest date and time where this certificate is considered valid.
/// Typically <see cref="DateTimeOffset.UtcNow"/>, plus or minus a few seconds.
/// </param>
/// <param name="notAfter">
/// The date and time where this certificate is no longer considered valid.
/// </param>
/// <param name="serialNumber">
/// The serial number to use for the new certificate. This value should be unique per issuer.
/// The value is interpreted as an unsigned (big) integer in big endian byte ordering.
/// </param>
/// <returns>
/// An <see cref="X509Certificate2"/> with the specified values. The returned object will
/// not assert <see cref="X509Certificate2.HasPrivateKey" />.
/// </returns>
/// <exception cref="ArgumentNullException"><paramref name="issuerName"/> is null.</exception>
/// <exception cref="ArgumentNullException"><paramref name="generator"/> is null.</exception>
/// <exception cref="ArgumentException">
/// <paramref name="notAfter"/> represents a date and time before <paramref name="notBefore"/>.
/// </exception>
/// <exception cref="ArgumentException"><paramref name="serialNumber"/> has length 0.</exception>
/// <exception cref="CryptographicException">Any error occurs during the signing operation.</exception>
public X509Certificate2 Create(
X500DistinguishedName issuerName,
X509SignatureGenerator generator,
DateTimeOffset notBefore,
DateTimeOffset notAfter,
ReadOnlySpan <byte> serialNumber)
{
if (issuerName == null)
{
throw new ArgumentNullException(nameof(issuerName));
}
if (generator == null)
{
throw new ArgumentNullException(nameof(generator));
}
if (notAfter < notBefore)
{
throw new ArgumentException(SR.Cryptography_CertReq_DatesReversed);
}
if (serialNumber == null || serialNumber.Length < 1)
{
throw new ArgumentException(SR.Arg_EmptyOrNullArray, nameof(serialNumber));
}
byte[] signatureAlgorithm = generator.GetSignatureAlgorithmIdentifier(HashAlgorithm);
AlgorithmIdentifierAsn signatureAlgorithmAsn;
// Deserialization also does validation of the value (except for Parameters, which have to be validated separately).
signatureAlgorithmAsn = AlgorithmIdentifierAsn.Decode(signatureAlgorithm, AsnEncodingRules.DER);
if (signatureAlgorithmAsn.Parameters.HasValue)
{
Helpers.ValidateDer(signatureAlgorithmAsn.Parameters.Value);
}
ArraySegment <byte> normalizedSerial = NormalizeSerialNumber(serialNumber);
TbsCertificateAsn tbsCertificate = new TbsCertificateAsn
{
Version = 2,
SerialNumber = normalizedSerial,
SignatureAlgorithm = signatureAlgorithmAsn,
Issuer = issuerName.RawData,
SubjectPublicKeyInfo = new SubjectPublicKeyInfoAsn
{
Algorithm = new AlgorithmIdentifierAsn
{
Algorithm = PublicKey.Oid !.Value !,
Parameters = PublicKey.EncodedParameters.RawData,
},
internal static unsafe ECParameters FromECPrivateKey(ReadOnlySpan <byte> key, out int bytesRead)
{
fixed(byte *ptr = &MemoryMarshal.GetReference(key))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, key.Length))
{
AsnReader reader = new AsnReader(manager.Memory, AsnEncodingRules.BER);
AlgorithmIdentifierAsn algId = default;
ReadOnlyMemory <byte> firstValue = reader.PeekEncodedValue();
FromECPrivateKey(firstValue, algId, out ECParameters ret);
bytesRead = firstValue.Length;
return(ret);
}
}
}
internal static unsafe ECParameters FromECPrivateKey(ReadOnlySpan <byte> key, out int bytesRead)
{
fixed(byte *ptr = &MemoryMarshal.GetReference(key))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, key.Length))
{
ECPrivateKey parsedKey =
AsnSerializer.Deserialize <ECPrivateKey>(manager.Memory, AsnEncodingRules.BER, out bytesRead);
ECParameters ret;
AlgorithmIdentifierAsn algId = default;
FromECPrivateKey(parsedKey, algId, out ret);
return(ret);
}
}
}
public virtual unsafe void ImportRSAPrivateKey(ReadOnlySpan <byte> source, out int bytesRead)
{
try
{
AsnDecoder.ReadEncodedValue(
source,
AsnEncodingRules.BER,
out _,
out _,
out int firstValueLength);
fixed(byte *ptr = &MemoryMarshal.GetReference(source))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, firstValueLength))
{
ReadOnlyMemory <byte> firstValue = manager.Memory;
int localRead = firstValue.Length;
AlgorithmIdentifierAsn ignored = default;
RSAKeyFormatHelper.FromPkcs1PrivateKey(firstValue, ignored, out RSAParameters rsaParameters);
fixed(byte *dPin = rsaParameters.D)
fixed(byte *pPin = rsaParameters.P)
fixed(byte *qPin = rsaParameters.Q)
fixed(byte *dpPin = rsaParameters.DP)
fixed(byte *dqPin = rsaParameters.DQ)
fixed(byte *qInvPin = rsaParameters.InverseQ)
{
try
{
ImportParameters(rsaParameters);
}
finally
{
ClearPrivateParameters(rsaParameters);
}
}
bytesRead = localRead;
}
}
}
catch (AsnContentException e)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding, e);
}
}
private static SymmetricAlgorithm OpenAlgorithm(AlgorithmIdentifierAsn contentEncryptionAlgorithm)
{
SymmetricAlgorithm alg = OpenAlgorithm(contentEncryptionAlgorithm.Algorithm);
if (alg is RC2)
{
if (contentEncryptionAlgorithm.Parameters == null)
{
// Windows issues CRYPT_E_BAD_DECODE
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
Rc2CbcParameters rc2Params = Rc2CbcParameters.Decode(
contentEncryptionAlgorithm.Parameters.Value,
AsnEncodingRules.BER);
alg.KeySize = rc2Params.GetEffectiveKeyBits();
alg.IV = rc2Params.Iv.ToArray();
}
else
{
if (contentEncryptionAlgorithm.Parameters == null)
{
// Windows issues CRYPT_E_BAD_DECODE
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
try
{
AsnReader reader = new AsnReader(contentEncryptionAlgorithm.Parameters.Value, AsnEncodingRules.BER);
alg.IV = reader.ReadOctetString();
if (alg.IV.Length != alg.BlockSize / 8)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
}
catch (AsnContentException e)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding, e);
}
}
return(alg);
}
public static void SerializeAlgorithmIdentifier()
{
AlgorithmIdentifierAsn identifier = new AlgorithmIdentifierAsn
{
Algorithm = new Oid("2.16.840.1.101.3.4.2.1", "SHA-2-256"),
Parameters = new byte[] { 5, 0 },
};
using (AsnWriter writer = AsnSerializer.Serialize(identifier, AsnEncodingRules.DER))
{
const string ExpectedHex =
"300D" +
"0609608648016503040201" +
"0500";
Assert.Equal(ExpectedHex, writer.Encode().ByteArrayToHex());
}
}
public void RemoveSignature(int index)
{
if (!_hasData)
{
throw new InvalidOperationException(SR.Cryptography_Cms_MessageNotSigned);
}
if (index < 0 || index >= _signedData.SignerInfos.Length)
{
throw new ArgumentOutOfRangeException(nameof(index), SR.ArgumentOutOfRange_Index);
}
AlgorithmIdentifierAsn signerAlgorithm = _signedData.SignerInfos[index].DigestAlgorithm;
PkcsHelpers.RemoveAt(ref _signedData.SignerInfos, index);
ConsiderDigestRemoval(signerAlgorithm);
UpdateMetadata();
}
public virtual unsafe void ImportRSAPublicKey(ReadOnlySpan <byte> source, out int bytesRead)
{
fixed(byte *ptr = &MemoryMarshal.GetReference(source))
{
using (MemoryManager <byte> manager = new PointerMemoryManager <byte>(ptr, source.Length))
{
AsnReader reader = new AsnReader(manager.Memory, AsnEncodingRules.BER);
ReadOnlyMemory <byte> firstValue = reader.PeekEncodedValue();
int localRead = firstValue.Length;
AlgorithmIdentifierAsn ignored = default;
RSAKeyFormatHelper.ReadRsaPublicKey(firstValue, ignored, out RSAParameters rsaParameters);
ImportParameters(rsaParameters);
bytesRead = localRead;
}
}
}
internal static void Decode(ref AsnValueReader reader, Asn1Tag expectedTag, ReadOnlyMemory <byte> rebind, out EssCertIdV2 decoded)
{
decoded = default;
AsnValueReader sequenceReader = reader.ReadSequence(expectedTag);
AsnValueReader defaultReader;
ReadOnlySpan <byte> rebindSpan = rebind.Span;
int offset;
ReadOnlySpan <byte> tmpSpan;
if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(Asn1Tag.Sequence))
{
AlgorithmIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.HashAlgorithm);
}
else
{
defaultReader = new AsnValueReader(DefaultHashAlgorithm, AsnEncodingRules.DER);
AlgorithmIdentifierAsn.Decode(ref defaultReader, rebind, out decoded.HashAlgorithm);
}
if (sequenceReader.TryReadPrimitiveOctetStringBytes(out tmpSpan))
{
decoded.Hash = rebindSpan.Overlaps(tmpSpan, out offset) ? rebind.Slice(offset, tmpSpan.Length) : tmpSpan.ToArray();
}
else
{
decoded.Hash = sequenceReader.ReadOctetString();
}
if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(Asn1Tag.Sequence))
{
CadesIssuerSerial tmpIssuerSerial;
CadesIssuerSerial.Decode(ref sequenceReader, rebind, out tmpIssuerSerial);
decoded.IssuerSerial = tmpIssuerSerial;
}
sequenceReader.ThrowIfNotEmpty();
}
internal static void Decode(ref AsnValueReader reader, Asn1Tag expectedTag, ReadOnlyMemory <byte> rebind, out KEKRecipientInfoAsn decoded)
{
decoded = default;
KEKIdentifierAsn kekIdentifier;
AlgorithmIdentifierAsn algIdentifier;
AsnValueReader sequenceReader = reader.ReadSequence(expectedTag);
int version;
if (sequenceReader.TryReadInt32(out version))
{
decoded.Version = version;
}
KEKIdentifierAsn.Decode(ref sequenceReader, Asn1Tag.Sequence, rebind, out kekIdentifier);
AlgorithmIdentifierAsn.Decode(ref sequenceReader, Asn1Tag.Sequence, rebind, out algIdentifier);
var encryptedKey = sequenceReader.ReadOctetString();
decoded.KEKId = kekIdentifier;
decoded.KeyEncryptionAlg = algIdentifier;
decoded.EncryptedKey = encryptedKey;
}
private static byte[]? DecryptContent(
ReadOnlyMemory <byte> encryptedContent,
byte[] cek,
AlgorithmIdentifierAsn contentEncryptionAlgorithm,
out Exception?exception)
{
exception = null;
int encryptedContentLength = encryptedContent.Length;
byte[]? encryptedContentArray = CryptoPool.Rent(encryptedContentLength);
try
{
encryptedContent.CopyTo(encryptedContentArray);
using (SymmetricAlgorithm alg = OpenAlgorithm(contentEncryptionAlgorithm))
using (ICryptoTransform decryptor = alg.CreateDecryptor(cek, alg.IV))
{
// If we extend this library to accept additional algorithm providers
// then a different array pool needs to be used.
Debug.Assert(alg.GetType().Assembly == typeof(Aes).Assembly);
return(decryptor.OneShot(
encryptedContentArray,
0,
encryptedContentLength));
}
}
catch (CryptographicException e)
{
exception = e;
return(null);
}
finally
{
CryptoPool.Return(encryptedContentArray, encryptedContentLength);
encryptedContentArray = null;
}
}
