private KeyTransRecipientInfoAsn MakeKtri( byte[] cek, CmsRecipient recipient, out bool v0Recipient) { KeyTransRecipientInfoAsn ktri = new KeyTransRecipientInfoAsn(); if (recipient.RecipientIdentifierType == SubjectIdentifierType.SubjectKeyIdentifier) { ktri.Version = 2; ktri.Rid.SubjectKeyIdentifier = GetSubjectKeyIdentifier(recipient.Certificate); } else if (recipient.RecipientIdentifierType == SubjectIdentifierType.IssuerAndSerialNumber) { byte[] serial = recipient.Certificate.GetSerialNumber(); Array.Reverse(serial); IssuerAndSerialNumberAsn iasn = new IssuerAndSerialNumberAsn { Issuer = recipient.Certificate.IssuerName.RawData, SerialNumber = serial, }; ktri.Rid.IssuerAndSerialNumber = iasn; } else { throw new CryptographicException( SR.Cryptography_Cms_Invalid_Subject_Identifier_Type, recipient.RecipientIdentifierType.ToString()); } RSAEncryptionPadding padding; switch (recipient.Certificate.GetKeyAlgorithm()) { case Oids.RsaOaep: padding = RSAEncryptionPadding.OaepSHA1; ktri.KeyEncryptionAlgorithm.Algorithm = new Oid(Oids.RsaOaep, Oids.RsaOaep); ktri.KeyEncryptionAlgorithm.Parameters = s_rsaOaepSha1Parameters; break; default: padding = RSAEncryptionPadding.Pkcs1; ktri.KeyEncryptionAlgorithm.Algorithm = new Oid(Oids.Rsa, Oids.Rsa); ktri.KeyEncryptionAlgorithm.Parameters = s_rsaPkcsParameters; break; } using (RSA rsa = recipient.Certificate.GetRSAPublicKey()) { ktri.EncryptedKey = rsa.Encrypt(cek, padding); } v0Recipient = (ktri.Version == 0); return(ktri); }
internal ManagedKeyTransPal(KeyTransRecipientInfoAsn asn) { _asn = asn; }
private KeyTransRecipientInfoAsn MakeKtri( byte[] cek, CmsRecipient recipient, out bool v0Recipient) { KeyTransRecipientInfoAsn ktri = default; if (recipient.RecipientIdentifierType == SubjectIdentifierType.SubjectKeyIdentifier) { ktri.Version = 2; ktri.Rid.SubjectKeyIdentifier = GetSubjectKeyIdentifier(recipient.Certificate); } else if (recipient.RecipientIdentifierType == SubjectIdentifierType.IssuerAndSerialNumber) { byte[] serial = recipient.Certificate.GetSerialNumber(); Array.Reverse(serial); IssuerAndSerialNumberAsn iasn = new IssuerAndSerialNumberAsn { Issuer = recipient.Certificate.IssuerName.RawData, SerialNumber = serial, }; ktri.Rid.IssuerAndSerialNumber = iasn; } else { throw new CryptographicException( SR.Cryptography_Cms_Invalid_Subject_Identifier_Type, recipient.RecipientIdentifierType.ToString()); } RSAEncryptionPadding padding = recipient.RSAEncryptionPadding ?? RSAEncryptionPadding.Pkcs1; if (padding == RSAEncryptionPadding.Pkcs1) { ktri.KeyEncryptionAlgorithm.Algorithm = Oids.Rsa; ktri.KeyEncryptionAlgorithm.Parameters = s_rsaPkcsParameters; } else if (padding == RSAEncryptionPadding.OaepSHA1) { ktri.KeyEncryptionAlgorithm.Algorithm = Oids.RsaOaep; ktri.KeyEncryptionAlgorithm.Parameters = s_rsaOaepSha1Parameters; } else if (padding == RSAEncryptionPadding.OaepSHA256) { ktri.KeyEncryptionAlgorithm.Algorithm = Oids.RsaOaep; ktri.KeyEncryptionAlgorithm.Parameters = s_rsaOaepSha256Parameters; } else if (padding == RSAEncryptionPadding.OaepSHA384) { ktri.KeyEncryptionAlgorithm.Algorithm = Oids.RsaOaep; ktri.KeyEncryptionAlgorithm.Parameters = s_rsaOaepSha384Parameters; } else if (padding == RSAEncryptionPadding.OaepSHA512) { ktri.KeyEncryptionAlgorithm.Algorithm = Oids.RsaOaep; ktri.KeyEncryptionAlgorithm.Parameters = s_rsaOaepSha512Parameters; } else { throw new CryptographicException(SR.Cryptography_Cms_UnknownAlgorithm); } using (RSA rsa = recipient.Certificate.GetRSAPublicKey() !) { ktri.EncryptedKey = rsa.Encrypt(cek, padding); } v0Recipient = (ktri.Version == 0); return(ktri); }