public override unsafe void ImportEncryptedPkcs8PrivateKey(
ReadOnlySpan <char> password,
ReadOnlySpan <byte> source,
out int bytesRead)
{
DSAKeyFormatHelper.ReadEncryptedPkcs8(
source,
password,
out int localRead,
out DSAParameters ret);
fixed(byte *privPin = ret.X)
{
try
{
ImportParameters(ret);
}
finally
{
CryptographicOperations.ZeroMemory(ret.X);
}
}
bytesRead = localRead;
}
public override DSAParameters ExportParameters(bool includePrivateParameters)
{
// Apple requires all private keys to be exported encrypted, but since we're trying to export
// as parsed structures we will need to decrypt it for the user.
const string ExportPassword = "******";
SecKeyPair keys = GetKeys();
if (keys.PublicKey == null ||
(includePrivateParameters && keys.PrivateKey == null))
{
throw new CryptographicException(SR.Cryptography_OpenInvalidHandle);
}
byte[] keyBlob = Interop.AppleCrypto.SecKeyExport(
includePrivateParameters ? keys.PrivateKey : keys.PublicKey,
exportPrivate: includePrivateParameters,
password: ExportPassword);
try
{
if (!includePrivateParameters)
{
DSAKeyFormatHelper.ReadSubjectPublicKeyInfo(
keyBlob,
out int localRead,
out DSAParameters key);
Debug.Assert(localRead == keyBlob.Length);
return(key);
}
else
{
DSAKeyFormatHelper.ReadEncryptedPkcs8(
keyBlob,
ExportPassword,
out int localRead,
out DSAParameters key);
Debug.Assert(localRead == keyBlob.Length);
return(key);
}
}
finally
{
CryptographicOperations.ZeroMemory(keyBlob);
}
}
