/**
* verify that the given certificate successfully handles and confirms
* the signature associated with this signer and, if a signingTime
* attribute is available, that the certificate was valid at the time the
* signature was generated.
*/
public bool Verify(
X509Certificate cert)
{
Asn1.Cms.Time signingTime = GetSigningTime();
if (signingTime != null)
{
cert.CheckValidity(signingTime.Date);
}
return(DoVerify(cert.GetPublicKey()));
}
/**
* verify that the given certificate succesfully handles and confirms
* the signature associated with this signer and, if a signingTime
* attribute is available, that the certificate was valid at the time the
* signature was generated.
*/
public bool Verify(
X509Certificate cert)
{
Asn1.Cms.AttributeTable attr = this.SignedAttributes;
if (attr != null)
{
Asn1.Cms.Attribute t = attr[CmsAttributes.SigningTime];
if (t != null)
{
Asn1.Cms.Time time = Asn1.Cms.Time.GetInstance(
t.AttrValues[0].ToAsn1Object());
cert.CheckValidity(time.Date);
}
}
return(DoVerify(cert.GetPublicKey(), attr));
}
/*
* verify that the given public key successfully handles and confirms the
* signature associated with this signer.
*/
public bool Verify(
ISignerInformationVerifierProvider verifierProvider)
{
IVerifierFactory <AlgorithmIdentifier> verifierFact = verifierProvider.CreateVerifierFactory(this.SignatureAlgorithmID, this.DigestAlgorithmID);
// Optional, but still need to validate if present
Asn1.Cms.Time signingTime = GetSigningTime();
if (signingTime != null)
{
IDatedVerifierFactory <AlgorithmIdentifier> datedFact = verifierFact as IDatedVerifierFactory <AlgorithmIdentifier>;
if (datedFact != null)
{
if (!datedFact.IsValidAt(signingTime.Date))
{
throw new CmsDatedVerifierNotValidException("verifier not valid at signingTime");
}
}
}
return(doVerify(verifierProvider.IsRawSigner, verifierFact, verifierProvider.CreateDigestFactory(this.DigestAlgorithmID)));
}
/**
* verify that the given certificate successfully handles and confirms
* the signature associated with this signer and, if a signingTime
* attribute is available, that the certificate was valid at the time the
* signature was generated.
*/
public bool Verify(
X509Certificate cert)
{
Asn1.Cms.AttributeTable attr = this.SignedAttributes;
if (attr != null)
{
Asn1EncodableVector v = attr.GetAll(CmsAttributes.SigningTime);
switch (v.Count)
{
case 0:
break;
case 1:
{
Asn1.Cms.Attribute t = (Asn1.Cms.Attribute)v[0];
Debug.Assert(t != null);
Asn1Set attrValues = t.AttrValues;
if (attrValues.Count != 1)
{
throw new CmsException("A signing-time attribute MUST have a single attribute value");
}
Asn1.Cms.Time time = Asn1.Cms.Time.GetInstance(attrValues[0].ToAsn1Object());
cert.CheckValidity(time.Date);
break;
}
default:
throw new CmsException("The SignedAttributes in a signerInfo MUST NOT include multiple instances of the signing-time attribute");
}
}
return(DoVerify(cert.GetPublicKey(), attr));
}
