public static TryRead ( Microsoft.Win32.SafeHandles.SafeBioHandle fileBio, |
||
fileBio | Microsoft.Win32.SafeHandles.SafeBioHandle | |
pkcs12Reader | ||
return | bool |
public X509ContentType GetCertContentType(byte[] rawData) { { ICertificatePal certPal; if (OpenSslX509CertificateReader.TryReadX509Der(rawData, out certPal) || OpenSslX509CertificateReader.TryReadX509Pem(rawData, out certPal)) { certPal.Dispose(); return(X509ContentType.Cert); } } if (PkcsFormatReader.IsPkcs7(rawData)) { return(X509ContentType.Pkcs7); } { OpenSslPkcs12Reader pfx; if (OpenSslPkcs12Reader.TryRead(rawData, out pfx)) { pfx.Dispose(); return(X509ContentType.Pkcs12); } } // Unsupported format. // Windows throws new CryptographicException(CRYPT_E_NO_MATCH) throw new CryptographicException(); }
public static IStorePal FromBlob(byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags) { OpenSslPkcs12Reader pfx; if (OpenSslPkcs12Reader.TryRead(rawData, out pfx)) { using (pfx) { return(PfxToCollection(pfx, password)); } } return(null); }
public static IStorePal FromFile(string fileName, string password, X509KeyStorageFlags keyStorageFlags) { using (SafeBioHandle fileBio = Interop.libcrypto.BIO_new_file(fileName, "rb")) { Interop.libcrypto.CheckValidOpenSslHandle(fileBio); OpenSslPkcs12Reader pfx; if (OpenSslPkcs12Reader.TryRead(fileBio, out pfx)) { using (pfx) { return(PfxToCollection(pfx, password)); } } } return(null); }
private static bool TryReadPkcs12( SafeBioHandle bio, string password, bool single, out ICertificatePal readPal, out List <ICertificatePal> readCerts) { // DER-PKCS12 OpenSslPkcs12Reader pfx; if (!OpenSslPkcs12Reader.TryRead(bio, out pfx)) { readPal = null; readCerts = null; return(false); } using (pfx) { return(TryReadPkcs12(pfx, password, single, out readPal, out readCerts)); } }
private static bool TryReadPkcs12( byte[] rawData, SafePasswordHandle password, bool single, out ICertificatePal readPal, out List <ICertificatePal> readCerts) { // DER-PKCS12 OpenSslPkcs12Reader pfx; if (!OpenSslPkcs12Reader.TryRead(rawData, out pfx)) { readPal = null; readCerts = null; return(false); } using (pfx) { return(TryReadPkcs12(pfx, password, single, out readPal, out readCerts)); } }
private static bool TryReadPkcs12( ReadOnlySpan <byte> rawData, SafePasswordHandle password, bool single, out ICertificatePal?readPal, out List <ICertificatePal>?readCerts, out Exception?openSslException) { // DER-PKCS12 OpenSslPkcs12Reader?pfx; if (!OpenSslPkcs12Reader.TryRead(rawData, out pfx, out openSslException)) { readPal = null; readCerts = null; return(false); } using (pfx) { return(TryReadPkcs12(pfx, password, single, out readPal, out readCerts)); } }
internal static ICertificatePal FromBio(SafeBioHandle bio, string password) { // Try reading the value as: PEM-X509, DER-X509, DER-PKCS12. int bioPosition = Interop.NativeCrypto.BioTell(bio); Debug.Assert(bioPosition >= 0); SafeX509Handle cert = Interop.libcrypto.PEM_read_bio_X509_AUX(bio, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero); if (cert != null && !cert.IsInvalid) { return(new OpenSslX509CertificateReader(cert)); } // Rewind, try again. Interop.NativeCrypto.BioSeek(bio, bioPosition); cert = Interop.NativeCrypto.ReadX509AsDerFromBio(bio); if (cert != null && !cert.IsInvalid) { return(new OpenSslX509CertificateReader(cert)); } // Rewind, try again. Interop.NativeCrypto.BioSeek(bio, bioPosition); OpenSslPkcs12Reader pfx; if (OpenSslPkcs12Reader.TryRead(bio, out pfx)) { using (pfx) { pfx.Decrypt(password); ICertificatePal first = null; foreach (OpenSslX509CertificateReader certPal in pfx.ReadCertificates()) { // When requesting an X509Certificate2 from a PFX only the first entry is // returned. Other entries should be disposed. if (first == null) { first = certPal; } else { certPal.Dispose(); } } return(first); } } // Since we aren't going to finish reading, leaving the buffer where it was when we got // it seems better than leaving it in some arbitrary other position. // // But, before seeking back to start, save the Exception representing the last reported // OpenSSL error in case the last BioSeek would change it. Exception openSslException = Interop.libcrypto.CreateOpenSslCryptographicException(); Interop.NativeCrypto.BioSeek(bio, bioPosition); throw openSslException; }
public X509ContentType GetCertContentType(string fileName) { // If we can't open the file, fail right away. using (SafeBioHandle fileBio = Interop.Crypto.BioNewFile(fileName, "rb")) { Interop.Crypto.CheckValidOpenSslHandle(fileBio); int bioPosition = Interop.Crypto.BioTell(fileBio); Debug.Assert(bioPosition >= 0); // X509ContentType.Cert { ICertificatePal certPal; if (OpenSslX509CertificateReader.TryReadX509Der(fileBio, out certPal)) { certPal.Dispose(); return(X509ContentType.Cert); } OpenSslX509CertificateReader.RewindBio(fileBio, bioPosition); if (OpenSslX509CertificateReader.TryReadX509Pem(fileBio, out certPal)) { certPal.Dispose(); return(X509ContentType.Cert); } OpenSslX509CertificateReader.RewindBio(fileBio, bioPosition); } // X509ContentType.Pkcs7 { if (PkcsFormatReader.IsPkcs7Der(fileBio)) { return(X509ContentType.Pkcs7); } OpenSslX509CertificateReader.RewindBio(fileBio, bioPosition); if (PkcsFormatReader.IsPkcs7Pem(fileBio)) { return(X509ContentType.Pkcs7); } OpenSslX509CertificateReader.RewindBio(fileBio, bioPosition); } // X509ContentType.Pkcs12 (aka PFX) { OpenSslPkcs12Reader pkcs12Reader; if (OpenSslPkcs12Reader.TryRead(fileBio, out pkcs12Reader)) { pkcs12Reader.Dispose(); return(X509ContentType.Pkcs12); } OpenSslX509CertificateReader.RewindBio(fileBio, bioPosition); } } // Unsupported format. // Windows throws new CryptographicException(CRYPT_E_NO_MATCH) throw new CryptographicException(); }
public static unsafe ICertificatePal FromBlob(byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags) { // If we can see a hyphen, assume it's PEM. Otherwise try DER-X509, then fall back to DER-PKCS12. SafeX509Handle cert; // PEM if (rawData[0] == '-') { using (SafeBioHandle bio = Interop.libcrypto.BIO_new(Interop.libcrypto.BIO_s_mem())) { Interop.libcrypto.CheckValidOpenSslHandle(bio); Interop.libcrypto.BIO_write(bio, rawData, rawData.Length); cert = Interop.libcrypto.PEM_read_bio_X509_AUX(bio, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero); } Interop.libcrypto.CheckValidOpenSslHandle(cert); return(new OpenSslX509CertificateReader(cert)); } // DER-X509 cert = Interop.libcrypto.OpenSslD2I((ptr, b, i) => Interop.libcrypto.d2i_X509(ptr, b, i), rawData, checkHandle: false); if (!cert.IsInvalid) { return(new OpenSslX509CertificateReader(cert)); } // DER-PKCS12 OpenSslPkcs12Reader pfx; if (OpenSslPkcs12Reader.TryRead(rawData, out pfx)) { using (pfx) { pfx.Decrypt(password); ICertificatePal first = null; foreach (OpenSslX509CertificateReader certPal in pfx.ReadCertificates()) { // When requesting an X509Certificate2 from a PFX only the first entry is // returned. Other entries should be disposed. if (first == null) { first = certPal; } else { certPal.Dispose(); } } if (first == null) { throw new CryptographicException(); } return(first); } } // Unsupported throw Interop.libcrypto.CreateOpenSslCryptographicException(); }