Beispiel #1
0
 /// <summary>
 /// Set the public key that this certificate identifies.
 /// </summary>
 /// <param name="publicKey"/>
 public void SetPublicKey(
     AsymmetricKeyParameter publicKey)
 {
     tbsGen.SetSubjectPublicKeyInfo(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey));
 }
        public bool Match(
//			Certificate cert)
            X509Certificate x509Cert)
        {
//			if (!(cert is X509Certificate))
//			{
//				return false;
//			}
//
//			X509Certificate x509Cert = (X509Certificate)cert;

            try
            {
                if (holder.BaseCertificateID != null)
                {
                    return(holder.BaseCertificateID.Serial.Value.Equals(x509Cert.SerialNumber) &&
                           MatchesDN(PrincipalUtilities.GetIssuerX509Principal(x509Cert), holder.BaseCertificateID.Issuer));
                }

                if (holder.EntityName != null)
                {
                    if (MatchesDN(PrincipalUtilities.GetSubjectX509Principal(x509Cert), holder.EntityName))
                    {
                        return(true);
                    }
                }

                if (holder.ObjectDigestInfo != null)
                {
                    IDigest md = null;
                    try
                    {
                        md = DigestUtilities.GetDigest(DigestAlgorithm);
                    }
                    catch (Exception)
                    {
                        return(false);
                    }

                    switch (DigestedObjectType)
                    {
                    case ObjectDigestInfo.PublicKey:
                    {
                        // TODO: DSA Dss-parms

                        //byte[] b = x509Cert.GetPublicKey().getEncoded();
                        // TODO Is this the right way to encode?
                        byte[] b = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(
                            x509Cert.GetPublicKey()).GetEncoded();
                        md.BlockUpdate(b, 0, b.Length);
                        break;
                    }

                    case ObjectDigestInfo.PublicKeyCert:
                    {
                        byte[] b = x509Cert.GetEncoded();
                        md.BlockUpdate(b, 0, b.Length);
                        break;
                    }

                        // TODO Default handler?
                    }

                    // TODO Shouldn't this be the other way around?
                    if (!Arrays.AreEqual(DigestUtilities.DoFinal(md), GetObjectDigest()))
                    {
                        return(false);
                    }
                }
            }
            catch (CertificateEncodingException)
            {
                return(false);
            }

            return(false);
        }