public bool VerifyMac(ReadOnlySpan <char> password)
{
if (IntegrityMode != Pkcs12IntegrityMode.Password)
{
throw new InvalidOperationException(
SR.Format(
SR.Cryptography_Pkcs12_WrongModeForVerify,
Pkcs12IntegrityMode.Password,
IntegrityMode));
}
return(_decoded.VerifyMac(password, _authSafeContents.Span));
}
private void VerifyAndDecrypt(ReadOnlySpan <char> password, ReadOnlyMemory <byte> authSafeContents)
{
Debug.Assert(_pfxAsn.MacData.HasValue);
ReadOnlySpan <byte> authSafeSpan = authSafeContents.Span;
if (password.Length == 0)
{
// VerifyMac produces different answers for the empty string and the null string,
// when the length is 0 try empty first (more common), then null.
if (_pfxAsn.VerifyMac("", authSafeSpan))
{
Decrypt("", authSafeContents);
return;
}
if (_pfxAsn.VerifyMac(default, authSafeSpan))