public X509Crl(
CertificateList c)
{
this.c = c;
try
{
this.sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);
if (c.SignatureAlgorithm.Parameters != null)
{
this.sigAlgParams = ((Asn1Encodable)c.SignatureAlgorithm.Parameters).GetDerEncoded();
}
else
{
this.sigAlgParams = null;
}
this.isIndirect = IsIndirectCrl;
}
catch (Exception e)
{
throw new CrlException("CRL contents invalid: " + e);
}
}
/// <summary>
/// Verify the certificate's signature using the nominated public key.
/// </summary>
/// <param name="key">An appropriate public key parameter object, RsaPublicKeyParameters, DsaPublicKeyParameters or ECDsaPublicKeyParameters</param>
/// <returns>True if the signature is valid.</returns>
/// <exception cref="Exception">If key submitted is not of the above nominated types.</exception>
public virtual void Verify(
AsymmetricKeyParameter key)
{
string sigName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);
ISigner signature = SignerUtilities.GetSigner(sigName);
CheckSignature(key, signature);
}
protected virtual void CheckSignature(
AsymmetricKeyParameter publicKey,
ISigner signature)
{
if (!IsAlgIDEqual(c.SignatureAlgorithm, c.TbsCertificate.Signature))
{
throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
}
Asn1Encodable parameters = c.SignatureAlgorithm.Parameters;
X509SignatureUtilities.SetSignatureParameters(signature, parameters);
signature.Init(false, publicKey);
byte[] b = this.GetTbsCertificate();
signature.BlockUpdate(b, 0, b.Length);
byte[] sig = this.GetSignature();
if (!signature.VerifySignature(sig))
{
throw new InvalidKeyException("Public key presented not for certificate signature");
}
}
