internal Pkcs12SafeContents(ContentInfoAsn contentInfoAsn)
{
IsReadOnly = true;
switch (contentInfoAsn.ContentType)
{
case Oids.Pkcs7Encrypted:
ConfidentialityMode = Pkcs12ConfidentialityMode.Password;
_encrypted = contentInfoAsn.Content;
break;
case Oids.Pkcs7Enveloped:
ConfidentialityMode = Pkcs12ConfidentialityMode.PublicKey;
_encrypted = contentInfoAsn.Content;
break;
case Oids.Pkcs7Data:
ConfidentialityMode = Pkcs12ConfidentialityMode.None;
_bags = ReadBags(PkcsHelpers.DecodeOctetStringAsMemory(contentInfoAsn.Content));
break;
default:
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
}
public static Pkcs12Info Decode(
ReadOnlyMemory <byte> encodedBytes,
out int bytesConsumed,
bool skipCopy = false)
{
AsnReader reader = new AsnReader(encodedBytes, AsnEncodingRules.BER);
// Trim it to the first value
encodedBytes = reader.PeekEncodedValue();
ReadOnlyMemory <byte> maybeCopy = skipCopy ? encodedBytes : encodedBytes.ToArray();
PfxAsn pfx = PfxAsn.Decode(maybeCopy, AsnEncodingRules.BER);
// https://tools.ietf.org/html/rfc7292#section-4 only defines version 3.
if (pfx.Version != 3)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
ReadOnlyMemory <byte> authSafeBytes = ReadOnlyMemory <byte> .Empty;
Pkcs12IntegrityMode mode = Pkcs12IntegrityMode.Unknown;
if (pfx.AuthSafe.ContentType == Oids.Pkcs7Data)
{
authSafeBytes = PkcsHelpers.DecodeOctetStringAsMemory(pfx.AuthSafe.Content);
if (pfx.MacData.HasValue)
{
mode = Pkcs12IntegrityMode.Password;
}
else
{
mode = Pkcs12IntegrityMode.None;
}
}
else if (pfx.AuthSafe.ContentType == Oids.Pkcs7Signed)
{
SignedDataAsn signedData = SignedDataAsn.Decode(pfx.AuthSafe.Content, AsnEncodingRules.BER);
mode = Pkcs12IntegrityMode.PublicKey;
if (signedData.EncapContentInfo.ContentType == Oids.Pkcs7Data)
{
authSafeBytes = signedData.EncapContentInfo.Content.GetValueOrDefault();
}
if (pfx.MacData.HasValue)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
}
if (mode == Pkcs12IntegrityMode.Unknown)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
List <ContentInfoAsn> authSafeData = new List <ContentInfoAsn>();
AsnReader authSafeReader = new AsnReader(authSafeBytes, AsnEncodingRules.BER);
AsnReader sequenceReader = authSafeReader.ReadSequence();
authSafeReader.ThrowIfNotEmpty();
while (sequenceReader.HasData)
{
ContentInfoAsn.Decode(sequenceReader, out ContentInfoAsn contentInfo);
authSafeData.Add(contentInfo);
}
ReadOnlyCollection <Pkcs12SafeContents> authSafe;
if (authSafeData.Count == 0)
{
authSafe = new ReadOnlyCollection <Pkcs12SafeContents>(Array.Empty <Pkcs12SafeContents>());
}
else
{
Pkcs12SafeContents[] contentsArray = new Pkcs12SafeContents[authSafeData.Count];
for (int i = 0; i < contentsArray.Length; i++)
{
contentsArray[i] = new Pkcs12SafeContents(authSafeData[i]);
}
authSafe = new ReadOnlyCollection <Pkcs12SafeContents>(contentsArray);
}
bytesConsumed = encodedBytes.Length;
return(new Pkcs12Info
{
AuthenticatedSafe = authSafe,
IntegrityMode = mode,
_decoded = pfx,
_authSafeContents = authSafeBytes,
});
}
