|
private SetPrivateKey ( |
||
| privateKey | ||
| return | void | |
private ICertificatePal CopyWithPrivateKey(SafeEvpPKeyHandle privateKey)
{
// This could be X509Duplicate for a full clone, but since OpenSSL certificates
// are functionally immutable (unlike Windows ones) an UpRef is sufficient.
SafeX509Handle certHandle = Interop.Crypto.X509UpRef(_cert);
OpenSslX509CertificateReader duplicate = new OpenSslX509CertificateReader(certHandle);
duplicate.SetPrivateKey(privateKey);
return(duplicate);
}
internal OpenSslX509CertificateReader DuplicateHandles()
{
SafeX509Handle certHandle = Interop.libcrypto.X509_dup(_cert);
OpenSslX509CertificateReader duplicate = new OpenSslX509CertificateReader(certHandle);
if (_privateKey != null)
{
SafeEvpPkeyHandle keyHandle = SafeEvpPkeyHandle.DuplicateHandle(_privateKey);
duplicate.SetPrivateKey(keyHandle);
}
return(duplicate);
}
private static bool TryReadPkcs12(
OpenSslPkcs12Reader pfx,
SafePasswordHandle password,
bool single,
bool ephemeralSpecified,
out ICertificatePal?readPal,
out List <ICertificatePal>?readCerts)
{
pfx.Decrypt(password, ephemeralSpecified);
if (single)
{
UnixPkcs12Reader.CertAndKey certAndKey = pfx.GetSingleCert();
OpenSslX509CertificateReader pal = (OpenSslX509CertificateReader)certAndKey.Cert !;
if (certAndKey.Key != null)
{
pal.SetPrivateKey(OpenSslPkcs12Reader.GetPrivateKey(certAndKey.Key));
}
readPal = pal;
readCerts = null;
return(true);
}
readPal = null;
List <ICertificatePal> certs = new List <ICertificatePal>(pfx.GetCertCount());
foreach (UnixPkcs12Reader.CertAndKey certAndKey in pfx.EnumerateAll())
{
OpenSslX509CertificateReader pal = (OpenSslX509CertificateReader)certAndKey.Cert !;
if (certAndKey.Key != null)
{
pal.SetPrivateKey(OpenSslPkcs12Reader.GetPrivateKey(certAndKey.Key));
}
certs.Add(pal);
}
readCerts = certs;
return(true);
}
public List <OpenSslX509CertificateReader> ReadCertificates()
{
var certs = new List <OpenSslX509CertificateReader>();
if (_caStackHandle != null && !_caStackHandle.IsInvalid)
{
int caCertCount = Interop.Crypto.GetX509StackFieldCount(_caStackHandle);
for (int i = 0; i < caCertCount; i++)
{
IntPtr certPtr = Interop.Crypto.GetX509StackField(_caStackHandle, i);
if (certPtr != IntPtr.Zero)
{
// The STACK_OF(X509) still needs to be cleaned up, so upref the handle out of it.
certs.Add(new OpenSslX509CertificateReader(Interop.Crypto.X509UpRef(certPtr)));
}
}
}
if (_x509Handle != null && !_x509Handle.IsInvalid)
{
// The certificate and (if applicable) private key handles will be given over
// to the OpenSslX509CertificateReader, and the fields here are thus nulled out to
// prevent double-Dispose.
OpenSslX509CertificateReader reader = new OpenSslX509CertificateReader(_x509Handle);
_x509Handle = null;
if (_evpPkeyHandle != null && !_evpPkeyHandle.IsInvalid)
{
reader.SetPrivateKey(_evpPkeyHandle);
_evpPkeyHandle = null;
}
certs.Add(reader);
}
return(certs);
}
internal OpenSslX509CertificateReader DuplicateHandles()
{
SafeX509Handle certHandle = Interop.Crypto.X509Duplicate(_cert);
OpenSslX509CertificateReader duplicate = new OpenSslX509CertificateReader(certHandle);
if (_privateKey != null)
{
SafeEvpPKeyHandle keyHandle = _privateKey.DuplicateHandle();
duplicate.SetPrivateKey(keyHandle);
}
return duplicate;
}
public List<OpenSslX509CertificateReader> ReadCertificates()
{
var certs = new List<OpenSslX509CertificateReader>();
if (_caStackHandle != null && !_caStackHandle.IsInvalid)
{
int caCertCount = Interop.Crypto.GetX509StackFieldCount(_caStackHandle);
for (int i = 0; i < caCertCount; i++)
{
IntPtr certPtr = Interop.Crypto.GetX509StackField(_caStackHandle, i);
if (certPtr != IntPtr.Zero)
{
// The STACK_OF(X509) still needs to be cleaned up, so upref the handle out of it.
certs.Add(new OpenSslX509CertificateReader(Interop.Crypto.X509UpRef(certPtr)));
}
}
}
if (_x509Handle != null && !_x509Handle.IsInvalid)
{
// The certificate and (if applicable) private key handles will be given over
// to the OpenSslX509CertificateReader, and the fields here are thus nulled out to
// prevent double-Dispose.
OpenSslX509CertificateReader reader = new OpenSslX509CertificateReader(_x509Handle);
_x509Handle = null;
if (_evpPkeyHandle != null && !_evpPkeyHandle.IsInvalid)
{
reader.SetPrivateKey(_evpPkeyHandle);
_evpPkeyHandle = null;
}
certs.Add(reader);
}
return certs;
}
