}
else
{
- using (RSA rsa = cert.GetRSAPrivateKey())
+ Debug.Assert(cert != null);
+ using (RSA? rsa = cert.GetRSAPrivateKey())
{
return DecryptKey(rsa, encryptionPadding, encryptedKey, out exception);
}
throw new CryptographicException(SR.Cryptography_Cms_UnknownAlgorithm);
}
- using (RSA rsa = recipient.Certificate.GetRSAPublicKey())
+ using (RSA rsa = recipient.Certificate.GetRSAPublicKey()!)
{
ktri.EncryptedKey = rsa.Encrypt(cek, padding);
}
}
private static byte[]? DecryptKey(
- RSA privateKey,
+ RSA? privateKey,
RSAEncryptionPadding encryptionPadding,
ReadOnlySpan<byte> encryptedKey,
out Exception? exception)
using System;
using System.Diagnostics;
+using System.Diagnostics.CodeAnalysis;
using System.Security.Cryptography;
using System.Security.Cryptography.Asn1;
using System.Security.Cryptography.Pkcs;
{
Debug.Assert(certificate != null);
- X509Extension extension = certificate.Extensions[Oids.SubjectKeyIdentifier];
+ X509Extension? extension = certificate.Extensions[Oids.SubjectKeyIdentifier];
if (extension == null)
{
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
}
+ [return: MaybeNull]
public override T GetPrivateKeyForSigning<T>(X509Certificate2 certificate, bool silent)
{
return GetPrivateKey<T>(certificate);
}
+ [return: MaybeNull]
public override T GetPrivateKeyForDecryption<T>(X509Certificate2 certificate, bool silent)
{
return GetPrivateKey<T>(certificate);
}
- private T GetPrivateKey<T>(X509Certificate2 certificate) where T : AsymmetricAlgorithm
+ private T? GetPrivateKey<T>(X509Certificate2 certificate) where T : AsymmetricAlgorithm
{
if (typeof(T) == typeof(RSA))
- return (T)(object)certificate.GetRSAPrivateKey();
+ return (T?)(object?)certificate.GetRSAPrivateKey();
if (typeof(T) == typeof(ECDsa))
- return (T)(object)certificate.GetECDsaPrivateKey();
+ return (T?)(object?)certificate.GetECDsaPrivateKey();
#if NETCOREAPP || NETSTANDARD2_1
if (typeof(T) == typeof(DSA))
- return (T)(object)certificate.GetDSAPrivateKey();
+ return (T?)(object?)certificate.GetDSAPrivateKey();
#endif
Debug.Fail($"Unknown key type requested: {typeof(T).FullName}");
<UsePackageTargetRuntimeDefaults Condition="'$(IsPartialFacadeAssembly)' != 'true'">true</UsePackageTargetRuntimeDefaults>
<IncludeDllSafeSearchPathAttribute>true</IncludeDllSafeSearchPathAttribute>
<NoWarn>$(NoWarn);CS1574;CS3016;CA5379;CA5384</NoWarn>
- <Nullable>annotations</Nullable>
+ <Nullable>enable</Nullable>
<TargetFrameworks>$(NetCoreAppCurrent)-Windows_NT;$(NetCoreAppCurrent);netstandard2.0;netstandard2.0-Windows_NT;netstandard2.1;netstandard2.1-Windows_NT;netcoreapp3.0-Windows_NT;netcoreapp3.0;net461-Windows_NT;$(NetFrameworkCurrent)-Windows_NT</TargetFrameworks>
<ExcludeCurrentNetCoreAppFromPackage>true</ExcludeCurrentNetCoreAppFromPackage>
<ExcludeCurrentFullFrameworkFromPackage>true</ExcludeCurrentFullFrameworkFromPackage>
_signatureAlgorithm));
}
- DSA dsa = certificate.GetDSAPublicKey();
+ DSA? dsa = certificate.GetDSAPublicKey();
if (dsa == null)
{
[NotNullWhen(true)] out byte[]? signatureValue)
{
// If there's no private key, fall back to the public key for a "no private key" exception.
- DSA dsa = key as DSA ??
+ DSA? dsa = key as DSA ??
PkcsPal.Instance.GetPrivateKeyForSigning<DSA>(certificate, silent) ??
certificate.GetDSAPublicKey();
{
var signature = new ReadOnlySpan<byte>(rented, 0, bytesWritten);
- if (key != null && !certificate.GetDSAPublicKey().VerifySignature(dataHash, signature))
+ if (key != null && !certificate.GetDSAPublicKey()!.VerifySignature(dataHash, signature))
{
// key did not match certificate
signatureValue = null;
_signatureAlgorithm));
}
- ECDsa key = certificate.GetECDsaPublicKey();
+ ECDsa? key = certificate.GetECDsaPublicKey();
if (key == null)
{
[NotNullWhen(true)] out byte[]? signatureValue)
{
// If there's no private key, fall back to the public key for a "no private key" exception.
- ECDsa key = certKey as ECDsa ??
+ ECDsa? key = certKey as ECDsa ??
PkcsPal.Instance.GetPrivateKeyForSigning<ECDsa>(certificate, silent) ??
certificate.GetECDsaPublicKey();
{
var signedHash = new ReadOnlySpan<byte>(rented, 0, bytesWritten);
- if (key != null && !certificate.GetECDsaPublicKey().VerifyHash(dataHash, signedHash))
+ if (key != null && !certificate.GetECDsaPublicKey()!.VerifyHash(dataHash, signedHash))
{
// key did not match certificate
signatureValue = null;
digestAlgorithmName,
valueHash.Length);
- RSA publicKey = certificate.GetRSAPublicKey();
+ RSA? publicKey = certificate.GetRSAPublicKey();
if (publicKey == null)
{
[NotNullWhen(true)] out Oid? signatureAlgorithm,
[NotNullWhen(true)] out byte[]? signatureValue)
{
- RSA certPublicKey = certificate.GetRSAPublicKey();
+ RSA certPublicKey = certificate.GetRSAPublicKey()!;
// If there's no private key, fall back to the public key for a "no private key" exception.
- RSA privateKey = key as RSA ??
+ RSA? privateKey = key as RSA ??
PkcsPal.Instance.GetPrivateKeyForSigning<RSA>(certificate, silent) ??
certPublicKey;
{
if (IncludeOption == X509IncludeOption.EndCertOnly)
{
- certs.Add(Certificate);
+ certs.Add(Certificate!);
}
else if (IncludeOption != X509IncludeOption.None)
{
chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags;
- if (!chain.Build(Certificate))
+ if (!chain.Build(Certificate!))
{
foreach (X509ChainStatus status in chain.ChainStatus)
{
}
case SubjectIdentifierType.SubjectKeyIdentifier:
{
- filtered = extraStore.Find(X509FindType.FindBySubjectKeyIdentifier, signerIdentifier.Value, false);
+ filtered = extraStore.Find(X509FindType.FindBySubjectKeyIdentifier, signerIdentifier.Value!, false);
if (filtered.Count > 0)
{
projects / platform / upstream / dotnet / runtime.git / commitdiff