private Pkcs12CertBag(ReadOnlyMemory <byte> encodedBagValue, CertBagAsn decoded) : base(Oids.Pkcs12CertBag, encodedBagValue) { _decoded = decoded; IsX509Certificate = _decoded.CertId == Oids.Pkcs12X509CertBagType; }
private static byte[] EncodeBagValue(string certificateType, ReadOnlyMemory <byte> encodedCertificate) { // Read to ensure that there is precisely one legally encoded value. if (!AsnDecoder.TryReadEncodedValue( encodedCertificate.Span, AsnEncodingRules.BER, out _, out _, out _, out int consumed) || consumed != encodedCertificate.Length) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } // No need to copy encodedCertificate here, because it will be copied into the // return value. CertBagAsn certBagAsn = new CertBagAsn { CertId = certificateType, CertValue = encodedCertificate, }; AsnWriter writer = new AsnWriter(AsnEncodingRules.BER); certBagAsn.Encode(writer); return(writer.Encode()); }
internal Pkcs12CertBag(X509Certificate2 cert) : base( Oids.Pkcs12CertBag, EncodeBagValue( Oids.Pkcs12X509CertBagType, PkcsHelpers.EncodeOctetString(cert.RawData)), skipCopy: true) { _decoded = CertBagAsn.Decode(EncodedBagValue, AsnEncodingRules.BER); IsX509Certificate = true; }
/// <summary> /// Create a CertBag for a specified certificate type and encoding. /// </summary> /// <param name="certificateType">The identifier for the certificate type</param> /// <param name="encodedCertificate">The encoded value</param> /// <remarks> /// No validation is done to ensure that the <paramref name="encodedCertificate"/> value is /// correct for the indicated <paramref name="certificateType"/>. Note that for X.509 /// public-key certificates the correct encoding for a CertBag value is to wrap the /// DER-encoded certificate in an OCTET STRING. /// </remarks> public Pkcs12CertBag(Oid certificateType, ReadOnlyMemory <byte> encodedCertificate) : base( Oids.Pkcs12CertBag, EncodeBagValue(certificateType, encodedCertificate), skipCopy: true) { _certTypeOid = certificateType.CopyOid(); _decoded = CertBagAsn.Decode(EncodedBagValue, AsnEncodingRules.BER); IsX509Certificate = _decoded.CertId == Oids.Pkcs12X509CertBagType; }
private void BuildBags( ICertificatePalCore certPal, ReadOnlySpan <char> passwordSpan, AsnWriter tmpWriter, CertBagAsn[] certBags, AttributeAsn[] certAttrs, SafeBagAsn[] keyBags, ref int certIdx, ref int keyIdx) { tmpWriter.WriteOctetString(certPal.RawData); certBags[certIdx] = new CertBagAsn { CertId = Oids.Pkcs12X509CertBagType, CertValue = tmpWriter.Encode(), }; tmpWriter.Reset(); if (certPal.HasPrivateKey) { byte[] attrBytes = new byte[6]; attrBytes[0] = (byte)UniversalTagNumber.OctetString; attrBytes[1] = sizeof(int); MemoryMarshal.Write(attrBytes.AsSpan(2), ref keyIdx); keyBags[keyIdx] = new SafeBagAsn { BagId = Oids.Pkcs12ShroudedKeyBag, BagValue = ExportPkcs8(certPal, passwordSpan), BagAttributes = new[] { new AttributeAsn { AttrType = new Oid(Oids.LocalKeyId, null), AttrValues = new ReadOnlyMemory <byte>[] { attrBytes, } } } }; // Reuse the attribute between the cert and the key. certAttrs[certIdx] = keyBags[keyIdx].BagAttributes[0]; keyIdx++; } certIdx++; }
internal Pkcs12CertBag(X509Certificate2 cert) : base( Oids.Pkcs12CertBag, EncodeBagValue( Oids.Pkcs12X509CertBagType, PkcsPal.Instance.EncodeOctetString(cert.RawData)), skipCopy: true) { _decoded = AsnSerializer.Deserialize <CertBagAsn>( EncodedBagValue, AsnEncodingRules.BER); IsX509Certificate = true; }
/// <summary> /// Create a CertBag for a specified certificate type and encoding. /// </summary> /// <param name="certificateType">The identifier for the certificate type</param> /// <param name="encodedCertificate">The encoded value</param> /// <remarks> /// No validation is done to ensure that the <paramref name="encodedCertificate"/> value is /// correct for the indicated <paramref name="certificateType"/>. Note that for X.509 /// public-key certificates the correct encoding for a CertBag value is to wrap the /// DER-encoded certificate in an OCTET STRING. /// </remarks> public Pkcs12CertBag(Oid certificateType, ReadOnlyMemory <byte> encodedCertificate) : base( Oids.Pkcs12CertBag, EncodeBagValue(certificateType, encodedCertificate), skipCopy: true) { _certTypeOid = new Oid(certificateType); _decoded = AsnSerializer.Deserialize <CertBagAsn>( EncodedBagValue, AsnEncodingRules.BER); IsX509Certificate = _decoded.CertId == Oids.Pkcs12X509CertBagType; }
private static byte[] EncodeBagValue(string certificateType, ReadOnlyMemory <byte> encodedCertificate) { // Read to ensure that there is precisely one legally encoded value. AsnReader reader = new AsnReader(encodedCertificate, AsnEncodingRules.BER); reader.GetEncodedValue(); reader.ThrowIfNotEmpty(); // No need to copy encodedCertificate here, because it will be copied into the // return value. CertBagAsn certBagAsn = new CertBagAsn { CertId = certificateType, CertValue = encodedCertificate, }; using (AsnWriter writer = AsnSerializer.Serialize(certBagAsn, AsnEncodingRules.BER)) { return(writer.Encode()); } }
internal static Pkcs12CertBag DecodeValue(ReadOnlyMemory <byte> bagValue) { CertBagAsn decoded = CertBagAsn.Decode(bagValue, AsnEncodingRules.BER); return(new Pkcs12CertBag(bagValue, decoded)); }