public X509ContentType GetCertContentType(byte[] rawData) { const int errSecUnknownFormat = -25257; if (rawData == null || rawData.Length == 0) { // Throw to match Windows and Unix behavior. throw Interop.AppleCrypto.CreateExceptionForOSStatus(errSecUnknownFormat); } X509ContentType contentType = Interop.AppleCrypto.X509GetContentType(rawData, rawData.Length); // Apple doesn't seem to recognize PFX files with no MAC, so try a quick maybe-it's-a-PFX test if (contentType == X509ContentType.Unknown) { try { PfxAsn.Decode(rawData, AsnEncodingRules.BER); contentType = X509ContentType.Pkcs12; } catch (CryptographicException) { } } if (contentType == X509ContentType.Unknown) { // Throw to match Windows and Unix behavior. throw Interop.AppleCrypto.CreateExceptionForOSStatus(errSecUnknownFormat); } return(contentType); }
public X509ContentType GetCertContentType(ReadOnlySpan <byte> rawData) { const int errSecUnknownFormat = -25257; if (rawData == null || rawData.Length == 0) { // Throw to match Windows and Unix behavior. throw Interop.AppleCrypto.CreateExceptionForOSStatus(errSecUnknownFormat); } X509ContentType contentType = Interop.AppleCrypto.X509GetContentType(rawData); // Apple doesn't seem to recognize PFX files with no MAC, so try a quick maybe-it's-a-PFX test if (contentType == X509ContentType.Unknown) { try { unsafe { fixed(byte *pin = rawData) { using (var manager = new PointerMemoryManager <byte>(pin, rawData.Length)) { PfxAsn.Decode(manager.Memory, AsnEncodingRules.BER); } contentType = X509ContentType.Pkcs12; } } } catch (CryptographicException) { } } if (contentType == X509ContentType.Unknown) { // Throw to match Windows and Unix behavior. throw Interop.AppleCrypto.CreateExceptionForOSStatus(errSecUnknownFormat); } return(contentType); }
protected void ParsePkcs12(byte[] data) { // RFC7292 specifies BER instead of DER AsnReader reader = new AsnReader(data, AsnEncodingRules.BER); ReadOnlyMemory <byte> encodedData = reader.PeekEncodedValue(); // Windows compatibility: Ignore trailing data. if (encodedData.Length != data.Length) { reader = new AsnReader(encodedData, AsnEncodingRules.BER); } PfxAsn.Decode(reader, out PfxAsn pfxAsn); if (pfxAsn.AuthSafe.ContentType != Oids.Pkcs7Data) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } _pfxAsn = pfxAsn; }
private static bool IsPkcs12(ReadOnlySpan <byte> rawData) { try { unsafe { fixed(byte *pin = rawData) { using (var manager = new PointerMemoryManager <byte>(pin, rawData.Length)) { PfxAsn.Decode(manager.Memory, AsnEncodingRules.BER); } return(true); } } } catch (CryptographicException) { } return(false); }
public static Pkcs12Info Decode( ReadOnlyMemory <byte> encodedBytes, out int bytesConsumed, bool skipCopy = false) { AsnReader reader = new AsnReader(encodedBytes, AsnEncodingRules.BER); // Trim it to the first value encodedBytes = reader.PeekEncodedValue(); ReadOnlyMemory <byte> maybeCopy = skipCopy ? encodedBytes : encodedBytes.ToArray(); PfxAsn pfx = PfxAsn.Decode(maybeCopy, AsnEncodingRules.BER); // https://tools.ietf.org/html/rfc7292#section-4 only defines version 3. if (pfx.Version != 3) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } ReadOnlyMemory <byte> authSafeBytes = ReadOnlyMemory <byte> .Empty; Pkcs12IntegrityMode mode = Pkcs12IntegrityMode.Unknown; if (pfx.AuthSafe.ContentType == Oids.Pkcs7Data) { authSafeBytes = PkcsHelpers.DecodeOctetStringAsMemory(pfx.AuthSafe.Content); if (pfx.MacData.HasValue) { mode = Pkcs12IntegrityMode.Password; } else { mode = Pkcs12IntegrityMode.None; } } else if (pfx.AuthSafe.ContentType == Oids.Pkcs7Signed) { SignedDataAsn signedData = SignedDataAsn.Decode(pfx.AuthSafe.Content, AsnEncodingRules.BER); mode = Pkcs12IntegrityMode.PublicKey; if (signedData.EncapContentInfo.ContentType == Oids.Pkcs7Data) { authSafeBytes = signedData.EncapContentInfo.Content.GetValueOrDefault(); } if (pfx.MacData.HasValue) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } } if (mode == Pkcs12IntegrityMode.Unknown) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } List <ContentInfoAsn> authSafeData = new List <ContentInfoAsn>(); AsnReader authSafeReader = new AsnReader(authSafeBytes, AsnEncodingRules.BER); AsnReader sequenceReader = authSafeReader.ReadSequence(); authSafeReader.ThrowIfNotEmpty(); while (sequenceReader.HasData) { ContentInfoAsn.Decode(sequenceReader, out ContentInfoAsn contentInfo); authSafeData.Add(contentInfo); } ReadOnlyCollection <Pkcs12SafeContents> authSafe; if (authSafeData.Count == 0) { authSafe = new ReadOnlyCollection <Pkcs12SafeContents>(Array.Empty <Pkcs12SafeContents>()); } else { Pkcs12SafeContents[] contentsArray = new Pkcs12SafeContents[authSafeData.Count]; for (int i = 0; i < contentsArray.Length; i++) { contentsArray[i] = new Pkcs12SafeContents(authSafeData[i]); } authSafe = new ReadOnlyCollection <Pkcs12SafeContents>(contentsArray); } bytesConsumed = encodedBytes.Length; return(new Pkcs12Info { AuthenticatedSafe = authSafe, IntegrityMode = mode, _decoded = pfx, _authSafeContents = authSafeBytes, }); }