From 3c508655db514af6702bb51be63dc0b3d176e11b Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Wed, 21 Dec 2022 12:34:49 +0700
Subject: Span-based alternatives to char[]

---
 crypto/src/cms/CMSPBEKey.cs | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

(limited to 'crypto/src/cms/CMSPBEKey.cs')

diff --git a/crypto/src/cms/CMSPBEKey.cs b/crypto/src/cms/CMSPBEKey.cs
index 78360c2cd..4b3e542ee 100644
--- a/crypto/src/cms/CMSPBEKey.cs
+++ b/crypto/src/cms/CMSPBEKey.cs
@@ -45,7 +45,29 @@ namespace Org.BouncyCastle.Cms
 			this.iterationCount = kdfParams.IterationCount.IntValue;
 		}
 
-		~CmsPbeKey()
+#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+        public CmsPbeKey(ReadOnlySpan<char> password, ReadOnlySpan<byte> salt, int iterationCount)
+        {
+			this.password = password.ToArray();
+			this.salt = salt.ToArray();
+            this.iterationCount = iterationCount;
+        }
+
+        public CmsPbeKey(ReadOnlySpan<char> password, AlgorithmIdentifier keyDerivationAlgorithm)
+        {
+            if (!keyDerivationAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdPbkdf2))
+                throw new ArgumentException("Unsupported key derivation algorithm: "
+                    + keyDerivationAlgorithm.Algorithm);
+
+            Pbkdf2Params kdfParams = Pbkdf2Params.GetInstance(keyDerivationAlgorithm.Parameters.ToAsn1Object());
+
+			this.password = password.ToArray();
+            this.salt = kdfParams.GetSalt();
+            this.iterationCount = kdfParams.IterationCount.IntValue;
+        }
+#endif
+
+        ~CmsPbeKey()
 		{
 			Array.Clear(this.password, 0, this.password.Length);
 		}
-- 
cgit 1.4.1