/// <summary>
/// Creates new instance of Pkcs11RsaProvider class
/// </summary>
/// <param name="certContext">Internal context for Pkcs11X509Certificate2 class</param>
internal Pkcs11RsaProvider(Pkcs11X509CertificateContext certContext)
{
_certContext = certContext ?? throw new ArgumentNullException(nameof(certContext));
base.KeySizeValue = _certContext.CertificateInfo.ParsedCertificate.GetRSAPublicKey().KeySize;
base.LegalKeySizesValue = new KeySizes[] { new KeySizes(base.KeySizeValue, base.KeySizeValue, 0) };
// Load csp blob from public key RSACryptoServiceProvider
X509Certificate2 cert = new X509Certificate2(certContext.CertificateInfo.RawData);
RSACryptoServiceProvider RSApubkey = (RSACryptoServiceProvider)cert.PublicKey.Key;
this._cspBlob = RSApubkey.ExportCspBlob(false);
}
/// <summary>
/// Creates new instance of Pkcs11X509Certificate2 class
/// </summary>
/// <param name="certHandle">High level PKCS#11 object handle of certificate object</param>
/// <param name="tokenContext">Internal context for Pkcs11Token class</param>
internal Pkcs11X509Certificate(IObjectHandle certHandle, Pkcs11TokenContext tokenContext)
{
if (certHandle == null)
{
throw new ArgumentNullException(nameof(certHandle));
}
if (tokenContext == null)
{
throw new ArgumentNullException(nameof(tokenContext));
}
_certContext = GetCertificateContext(certHandle, tokenContext);
}
/// <summary>
/// Requests PIN code for private key stored on PKCS#11 token
/// </summary>
/// <param name="certificateContext">Internal context for Pkcs11X509Certificate2 class</param>
/// <returns>PIN code</returns>
public static byte[] GetKeyPin(Pkcs11X509CertificateContext certificateContext)
{
IPinProvider pinProvider = certificateContext.TokenContext.SlotContext.StoreContext.PinProvider;
Pkcs11X509StoreInfo storeInfo = certificateContext.TokenContext.SlotContext.StoreContext.StoreInfo;
Pkcs11SlotInfo slotInfo = certificateContext.TokenContext.SlotContext.SlotInfo;
Pkcs11TokenInfo tokenInfo = certificateContext.TokenContext.TokenInfo;
Pkcs11X509CertificateInfo certificateInfo = certificateContext.CertificateInfo;
GetPinResult getPinResult = pinProvider.GetKeyPin(storeInfo, slotInfo, tokenInfo, certificateInfo);
if (getPinResult == null)
{
throw new Exception("Invalid response from IPinProvider");
}
if (getPinResult.Cancel)
{
throw new LoginCancelledException("Login with key pin was cancelled");
}
return(getPinResult.Pin);
}
/// <summary>
/// Creates new instance of Pkcs11RsaProvider class
/// </summary>
/// <param name="certContext">Internal context for Pkcs11X509Certificate2 class</param>
internal Pkcs11RsaProvider(Pkcs11X509CertificateContext certContext)
{
_certContext = certContext ?? throw new ArgumentNullException(nameof(certContext));
base.KeySizeValue = _certContext.CertificateInfo.ParsedCertificate.GetRSAPublicKey().KeySize;
base.LegalKeySizesValue = new KeySizes[] { new KeySizes(base.KeySizeValue, base.KeySizeValue, 0) };
}