/// <summary> /// Imports an RFC 7468 PEM-encoded key, replacing the keys for this object. /// </summary> /// <param name="input">The PEM text of the key to import.</param> /// <exception cref="ArgumentException"> /// <para> /// <paramref name="input"/> does not contain a PEM-encoded key with a recognized label. /// </para> /// <para> /// -or- /// </para> /// <para> /// <paramref name="input"/> contains multiple PEM-encoded keys with a recognized label. /// </para> /// <para> /// -or- /// </para> /// <para> /// <paramref name="input"/> contains an encrypted PEM-encoded key. /// </para> /// </exception> /// <remarks> /// <para> /// Unsupported or malformed PEM-encoded objects will be ignored. If multiple supported PEM labels /// are found, an exception is raised to prevent importing a key when /// the key is ambiguous. /// </para> /// <para> /// This method supports the following PEM labels: /// <list type="bullet"> /// <item><description>PUBLIC KEY</description></item> /// <item><description>PRIVATE KEY</description></item> /// <item><description>RSA PRIVATE KEY</description></item> /// <item><description>RSA PUBLIC KEY</description></item> /// </list> /// </para> /// </remarks> public override void ImportFromPem(ReadOnlySpan <char> input) { PemKeyImportHelpers.ImportPem(input, label => { if (label.SequenceEqual(PemLabels.RsaPrivateKey)) { return(ImportRSAPrivateKey); } else if (label.SequenceEqual(PemLabels.Pkcs8PrivateKey)) { return(ImportPkcs8PrivateKey); } else if (label.SequenceEqual(PemLabels.RsaPublicKey)) { return(ImportRSAPublicKey); } else if (label.SequenceEqual(PemLabels.SpkiPublicKey)) { return(ImportSubjectPublicKeyInfo); } else { return(null); } }); }
/// <summary> /// Imports an encrypted RFC 7468 PEM-encoded private key, replacing the keys for this object. /// </summary> /// <param name="input">The PEM text of the encrypted key to import.</param> /// <param name="passwordBytes"> /// The bytes to use as a password when decrypting the key material. /// </param> /// <exception cref="ArgumentException"> /// <para> /// <paramref name="input"/> does not contain a PEM-encoded key with a recognized label. /// </para> /// <para> /// -or- /// </para> /// <para> /// <paramref name="input"/> contains multiple PEM-encoded keys with a recognized label. /// </para> /// </exception> /// <exception cref="CryptographicException"> /// <para> /// The password is incorrect. /// </para> /// <para> /// -or- /// </para> /// <para> /// The base-64 decoded contents of the PEM text from <paramref name="input" /> /// do not represent an ASN.1-BER-encoded PKCS#8 EncryptedPrivateKeyInfo structure. /// </para> /// <para> /// -or- /// </para> /// <para> /// The base-64 decoded contents of the PEM text from <paramref name="input" /> /// indicate the key is for an algorithm other than the algorithm /// represented by this instance. /// </para> /// <para> /// -or- /// </para> /// <para> /// The base-64 decoded contents of the PEM text from <paramref name="input" /> /// represent the key in a format that is not supported. /// </para> /// <para> /// -or- /// </para> /// <para> /// The algorithm-specific key import failed. /// </para> /// </exception> /// <remarks> /// <para> /// The password bytes are passed directly into the Key Derivation Function (KDF) /// used by the algorithm indicated by <c>pbeParameters</c>. This enables compatibility /// with other systems which use a text encoding other than UTF-8 when processing /// passwords with PBKDF2 (Password-Based Key Derivation Function 2). /// </para> /// <para> /// Unsupported or malformed PEM-encoded objects will be ignored. If multiple supported PEM labels /// are found, an exception is thrown to prevent importing a key when /// the key is ambiguous. /// </para> /// <para>This method supports the <c>ENCRYPTED PRIVATE KEY</c> PEM label.</para> /// </remarks> public override void ImportFromEncryptedPem(ReadOnlySpan <char> input, ReadOnlySpan <byte> passwordBytes) { PemKeyImportHelpers.ImportEncryptedPem <byte>(input, passwordBytes, ImportEncryptedPkcs8PrivateKey); }