Пример #1
0
        public X509ContentType GetCertContentType(ReadOnlySpan <byte> rawData)
        {
            {
                ICertificatePal?certPal;

                if (OpenSslX509CertificateReader.TryReadX509Der(rawData, out certPal) ||
                    OpenSslX509CertificateReader.TryReadX509Pem(rawData, out certPal))
                {
                    certPal.Dispose();

                    return(X509ContentType.Cert);
                }
            }

            if (OpenSslPkcsFormatReader.IsPkcs7(rawData))
            {
                return(X509ContentType.Pkcs7);
            }

            {
                OpenSslPkcs12Reader?pfx;

                if (OpenSslPkcs12Reader.TryRead(rawData, out pfx))
                {
                    pfx.Dispose();
                    return(X509ContentType.Pkcs12);
                }
            }

            // Unsupported format.
            // Windows throws new CryptographicException(CRYPT_E_NO_MATCH)
            throw new CryptographicException();
        }
Пример #2
0
        private static bool TryReadPkcs12(
            OpenSslPkcs12Reader pfx,
            SafePasswordHandle password,
            bool single,
            bool ephemeralSpecified,
            out ICertificatePal?readPal,
            out List <ICertificatePal>?readCerts)
        {
            pfx.Decrypt(password, ephemeralSpecified);

            if (single)
            {
                UnixPkcs12Reader.CertAndKey  certAndKey = pfx.GetSingleCert();
                OpenSslX509CertificateReader pal        = (OpenSslX509CertificateReader)certAndKey.Cert !;

                if (certAndKey.Key != null)
                {
                    pal.SetPrivateKey(OpenSslPkcs12Reader.GetPrivateKey(certAndKey.Key));
                }

                readPal   = pal;
                readCerts = null;
                return(true);
            }

            readPal = null;
            List <ICertificatePal> certs = new List <ICertificatePal>(pfx.GetCertCount());

            foreach (UnixPkcs12Reader.CertAndKey certAndKey in pfx.EnumerateAll())
            {
                OpenSslX509CertificateReader pal = (OpenSslX509CertificateReader)certAndKey.Cert !;

                if (certAndKey.Key != null)
                {
                    pal.SetPrivateKey(OpenSslPkcs12Reader.GetPrivateKey(certAndKey.Key));
                }

                certs.Add(pal);
            }

            readCerts = certs;
            return(true);
        }
Пример #3
0
        private static bool TryReadPkcs12(
            ReadOnlySpan <byte> rawData,
            SafePasswordHandle password,
            bool single,
            bool ephemeralSpecified,
            out ICertificatePal?readPal,
            out List <ICertificatePal>?readCerts,
            out Exception?openSslException)
        {
            // DER-PKCS12
            OpenSslPkcs12Reader?pfx;

            if (!OpenSslPkcs12Reader.TryRead(rawData, out pfx, out openSslException))
            {
                readPal   = null;
                readCerts = null;
                return(false);
            }

            using (pfx)
            {
                return(TryReadPkcs12(pfx, password, single, ephemeralSpecified, out readPal, out readCerts));
            }
        }
Пример #4
0
        public X509ContentType GetCertContentType(string fileName)
        {
            // If we can't open the file, fail right away.
            using (SafeBioHandle fileBio = Interop.Crypto.BioNewFile(fileName, "rb"))
            {
                Interop.Crypto.CheckValidOpenSslHandle(fileBio);

                int bioPosition = Interop.Crypto.BioTell(fileBio);
                Debug.Assert(bioPosition >= 0);

                // X509ContentType.Cert
                {
                    ICertificatePal?certPal;

                    if (OpenSslX509CertificateReader.TryReadX509Der(fileBio, out certPal))
                    {
                        certPal.Dispose();

                        return(X509ContentType.Cert);
                    }

                    OpenSslX509CertificateReader.RewindBio(fileBio, bioPosition);

                    if (OpenSslX509CertificateReader.TryReadX509Pem(fileBio, out certPal))
                    {
                        certPal.Dispose();

                        return(X509ContentType.Cert);
                    }

                    OpenSslX509CertificateReader.RewindBio(fileBio, bioPosition);
                }

                // X509ContentType.Pkcs7
                {
                    if (OpenSslPkcsFormatReader.IsPkcs7Der(fileBio))
                    {
                        return(X509ContentType.Pkcs7);
                    }

                    OpenSslX509CertificateReader.RewindBio(fileBio, bioPosition);

                    if (OpenSslPkcsFormatReader.IsPkcs7Pem(fileBio))
                    {
                        return(X509ContentType.Pkcs7);
                    }

                    OpenSslX509CertificateReader.RewindBio(fileBio, bioPosition);
                }
            }

            // X509ContentType.Pkcs12 (aka PFX)
            {
                OpenSslPkcs12Reader?pkcs12Reader;

                if (OpenSslPkcs12Reader.TryRead(File.ReadAllBytes(fileName), out pkcs12Reader))
                {
                    pkcs12Reader.Dispose();

                    return(X509ContentType.Pkcs12);
                }
            }

            // Unsupported format.
            // Windows throws new CryptographicException(CRYPT_E_NO_MATCH)
            throw new CryptographicException();
        }