/// <summary>
/// Validate the signature on the Pkcs10 certification request in this holder.
/// </summary>
/// <param name="verifierProvider">A ContentVerifierProvider that can generate a verifier for the signature.</param>
/// <returns>true if the signature is valid, false otherwise.</returns>
public bool IsSignatureValid(IVerifierFactoryProvider <AlgorithmIdentifier> verifierProvider)
{
CertificationRequestInfo requestInfo = certificationRequest.GetCertificationRequestInfo();
IStreamCalculator <IVerifier> calculator;
try
{
IVerifierFactory <AlgorithmIdentifier> verifier = verifierProvider.CreateVerifierFactory(certificationRequest.SignatureAlgorithm);
calculator = verifier.CreateCalculator();
Stream sOut = calculator.Stream;
byte[] data = requestInfo.GetEncoded(Asn1Encodable.Der);
sOut.Write(data, 0, data.Length);
sOut.Close();
return(calculator.GetResult().IsVerified(this.GetSignature()));
}
catch (Exception e)
{
throw new PkcsException("unable to process signature: " + e.Message, e);
}
}
private bool verifySignature(IVerifierFactoryProvider verifierFactoryProvider, PopoSigningKey signKey)
{
IVerifierFactory verifer;
IStreamCalculator calculator;
try
{
verifer = verifierFactoryProvider.CreateVerifierFactory(signKey.AlgorithmIdentifier);
calculator = verifer.CreateCalculator();
}
catch (Exception ex)
{
throw new CrmfException("unable to create verifier: " + ex.Message, ex);
}
if (signKey.PoposkInput != null)
{
byte[] b = signKey.GetDerEncoded();
calculator.Stream.Write(b, 0, b.Length);
}
else
{
byte[] b = certReqMsg.CertReq.GetDerEncoded();
calculator.Stream.Write(b, 0, b.Length);
}
DefaultVerifierResult result = (DefaultVerifierResult)calculator.GetResult();
return(result.IsVerified(signKey.Signature.GetBytes()));
}
/**
* Initialise the signature object for verification.
*
* @param verifierBuilderProvider provider for a content verifier builder for the signature type of interest.
* @param pubKey the public key to use for verification
* @throws PgpException if there's an issue with creating the verifier.
*/
public void InitVerify(IVerifierFactoryProvider <PgpSignatureTypeIdentifier> verifierFactoryProvider)
{
IVerifierFactory <PgpSignatureTypeIdentifier> verifierFactory = verifierFactoryProvider.CreateVerifierFactory(new PgpSignatureTypeIdentifier(sigPack.KeyAlgorithm, sigPack.HashAlgorithm));
lastb = 0;
sigOut = verifierFactory.CreateCalculator();
}
/// <summary>
/// Verify the certificate's signature using a verifier created using the passed in verifier provider.
/// </summary>
/// <param name="verifierProvider">An appropriate provider for verifying the certificate's signature.</param>
/// <returns>True if the signature is valid.</returns>
/// <exception cref="Exception">If verifier provider is not appropriate or the certificate algorithm is invalid.</exception>
public virtual void Verify(
IVerifierFactoryProvider verifierProvider)
{
CheckSignature(verifierProvider.CreateVerifierFactory(c.SignatureAlgorithm));
}
public bool Verify(
IVerifierFactoryProvider verifierProvider)
{
return(Verify(verifierProvider.CreateVerifierFactory(sigAlgId)));
}
/// <summary>
/// Verify the CRL's signature using a verifier created using the passed in verifier provider.
/// </summary>
/// <param name="verifierProvider">An appropriate provider for verifying the CRL's signature.</param>
/// <returns>True if the signature is valid.</returns>
/// <exception cref="Exception">If verifier provider is not appropriate or the CRL algorithm is invalid.</exception>
public virtual void Verify(
IVerifierFactoryProvider verifierProvider)
{
CheckSignature(verifierProvider.CreateVerifierFactory(c.SignatureAlgorithm));
}
public bool Verify(
IVerifierFactoryProvider verifierProvider)
{
return Verify(verifierProvider.CreateVerifierFactory(sigAlgId));
}