private ASN1 KeyBagSafeBag (AsymmetricAlgorithm aa, IDictionary attributes) { PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (); if (aa is RSA) { pki.Algorithm = "1.2.840.113549.1.1.1"; pki.PrivateKey = PKCS8.PrivateKeyInfo.Encode ((RSA)aa); } else if (aa is DSA) { pki.Algorithm = null; pki.PrivateKey = PKCS8.PrivateKeyInfo.Encode ((DSA)aa); } else throw new CryptographicException ("Unknown asymmetric algorithm {0}", aa.ToString ()); ASN1 safeBag = new ASN1 (0x30); safeBag.Add (ASN1Convert.FromOid (keyBag)); ASN1 bagValue = new ASN1 (0xA0); bagValue.Add (new ASN1 (pki.GetBytes ())); safeBag.Add (bagValue); if (attributes != null) { ASN1 bagAttributes = new ASN1 (0x31); IDictionaryEnumerator de = attributes.GetEnumerator (); while (de.MoveNext ()) { string oid = (string)de.Key; switch (oid) { case PKCS9.friendlyName: ArrayList names = (ArrayList)de.Value; if (names.Count > 0) { ASN1 pkcs12Attribute = new ASN1 (0x30); pkcs12Attribute.Add (ASN1Convert.FromOid (PKCS9.friendlyName)); ASN1 attrValues = new ASN1 (0x31); foreach (byte[] name in names) { ASN1 attrValue = new ASN1 (0x1e); attrValue.Value = name; attrValues.Add (attrValue); } pkcs12Attribute.Add (attrValues); bagAttributes.Add (pkcs12Attribute); } break; case PKCS9.localKeyId: ArrayList keys = (ArrayList)de.Value; if (keys.Count > 0) { ASN1 pkcs12Attribute = new ASN1 (0x30); pkcs12Attribute.Add (ASN1Convert.FromOid (PKCS9.localKeyId)); ASN1 attrValues = new ASN1 (0x31); foreach (byte[] key in keys) { ASN1 attrValue = new ASN1 (0x04); attrValue.Value = key; attrValues.Add (attrValue); } pkcs12Attribute.Add (attrValues); bagAttributes.Add (pkcs12Attribute); } break; default: break; } } if (bagAttributes.Count > 0) { safeBag.Add (bagAttributes); } } return safeBag; }
public IDictionary GetAttributes (AsymmetricAlgorithm aa) { IDictionary result = new Hashtable (); foreach (SafeBag sb in _safeBags) { if (sb.BagOID.Equals (keyBag) || sb.BagOID.Equals (pkcs8ShroudedKeyBag)) { ASN1 safeBag = sb.ASN1; ASN1 bagValue = safeBag [1]; AsymmetricAlgorithm saa = null; if (sb.BagOID.Equals (keyBag)) { PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value); byte[] privateKey = pki.PrivateKey; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: break; } Array.Clear (privateKey, 0, privateKey.Length); } else if (sb.BagOID.Equals (pkcs8ShroudedKeyBag)) { PKCS8.EncryptedPrivateKeyInfo epki = new PKCS8.EncryptedPrivateKeyInfo (bagValue.Value); byte[] decrypted = Decrypt (epki.Algorithm, epki.Salt, epki.IterationCount, epki.EncryptedData); PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (decrypted); byte[] privateKey = pki.PrivateKey; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: break; } Array.Clear (privateKey, 0, privateKey.Length); Array.Clear (decrypted, 0, decrypted.Length); } if (saa != null && CompareAsymmetricAlgorithm (saa, aa)) { if (safeBag.Count == 3) { ASN1 bagAttributes = safeBag [2]; for (int i = 0; i < bagAttributes.Count; i++) { ASN1 pkcs12Attribute = bagAttributes [i]; ASN1 attrId = pkcs12Attribute [0]; string aOid = ASN1Convert.ToOid (attrId); ArrayList aValues = new ArrayList (); ASN1 attrValues = pkcs12Attribute [1]; for (int j = 0; j < attrValues.Count; j++) { ASN1 attrValue = attrValues [j]; aValues.Add (attrValue.Value); } result.Add (aOid, aValues); } } } } } return result; }
public void RemoveKeyBag (AsymmetricAlgorithm aa) { int aaIndex = -1; for (int i = 0; aaIndex == -1 && i < _safeBags.Count; i++) { SafeBag sb = (SafeBag)_safeBags [i]; if (sb.BagOID.Equals (keyBag)) { ASN1 bagValue = sb.ASN1 [1]; PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value); byte[] privateKey = pki.PrivateKey; AsymmetricAlgorithm saa = null; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: Array.Clear (privateKey, 0, privateKey.Length); throw new CryptographicException ("Unknown private key format"); } Array.Clear (privateKey, 0, privateKey.Length); if (CompareAsymmetricAlgorithm (aa, saa)) { aaIndex = i; } } } if (aaIndex != -1) { _safeBags.RemoveAt (aaIndex); _keyBagsChanged = true; } }
public AsymmetricAlgorithm GetAsymmetricAlgorithm (IDictionary attrs) { foreach (SafeBag sb in _safeBags) { if (sb.BagOID.Equals (keyBag) || sb.BagOID.Equals (pkcs8ShroudedKeyBag)) { ASN1 safeBag = sb.ASN1; if (safeBag.Count == 3) { ASN1 bagAttributes = safeBag [2]; int bagAttributesFound = 0; for (int i = 0; i < bagAttributes.Count; i++) { ASN1 pkcs12Attribute = bagAttributes [i]; ASN1 attrId = pkcs12Attribute [0]; string ao = ASN1Convert.ToOid (attrId); ArrayList dattrValues = (ArrayList)attrs [ao]; if (dattrValues != null) { ASN1 attrValues = pkcs12Attribute [1]; if (dattrValues.Count == attrValues.Count) { int attrValuesFound = 0; for (int j = 0; j < attrValues.Count; j++) { ASN1 attrValue = attrValues [j]; byte[] value = (byte[])dattrValues [j]; if (Compare (value, attrValue.Value)) { attrValuesFound += 1; } } if (attrValuesFound == attrValues.Count) { bagAttributesFound += 1; } } } } if (bagAttributesFound == bagAttributes.Count) { ASN1 bagValue = safeBag [1]; AsymmetricAlgorithm aa = null; if (sb.BagOID.Equals (keyBag)) { PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value); byte[] privateKey = pki.PrivateKey; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME aa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: aa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: break; } Array.Clear (privateKey, 0, privateKey.Length); } else if (sb.BagOID.Equals (pkcs8ShroudedKeyBag)) { PKCS8.EncryptedPrivateKeyInfo epki = new PKCS8.EncryptedPrivateKeyInfo (bagValue.Value); byte[] decrypted = Decrypt (epki.Algorithm, epki.Salt, epki.IterationCount, epki.EncryptedData); PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (decrypted); byte[] privateKey = pki.PrivateKey; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME aa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: aa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: break; } Array.Clear (privateKey, 0, privateKey.Length); Array.Clear (decrypted, 0, decrypted.Length); } return aa; } } } } return null; }
public void AddKeyBag (AsymmetricAlgorithm aa, IDictionary attributes) { bool found = false; for (int i = 0; !found && i < _safeBags.Count; i++) { SafeBag sb = (SafeBag)_safeBags [i]; if (sb.BagOID.Equals (keyBag)) { ASN1 bagValue = sb.ASN1 [1]; PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (bagValue.Value); byte[] privateKey = pki.PrivateKey; AsymmetricAlgorithm saa = null; switch (privateKey [0]) { case 0x02: DSAParameters p = new DSAParameters (); // FIXME saa = PKCS8.PrivateKeyInfo.DecodeDSA (privateKey, p); break; case 0x30: saa = PKCS8.PrivateKeyInfo.DecodeRSA (privateKey); break; default: Array.Clear (privateKey, 0, privateKey.Length); throw new CryptographicException ("Unknown private key format"); } Array.Clear (privateKey, 0, privateKey.Length); if (CompareAsymmetricAlgorithm (aa, saa)) { found = true; } } } if (!found) { _safeBags.Add (new SafeBag (keyBag, KeyBagSafeBag (aa, attributes))); _keyBagsChanged = true; } }