public bool CheckSignatureReturningKey(out AsymmetricKeyParameter signingKey) { SignedXmlDebugLog.LogBeginSignatureVerification(this, _context); int count = 0; signingKey = null; bool bRet = false; AsymmetricKeyParameter key = null; if (!CheckSignatureFormat()) { return(false); } do { key = GetPublicKey(); if (key != null) { if (count++ > 0) { _bCacheValid = false; } bRet = CheckSignature(key); SignedXmlDebugLog.LogVerificationResult(this, key, bRet); } } while (key != null && bRet == false); signingKey = key; return(bRet); }
public bool CheckSignature(X509Certificate certificate, bool verifySignatureOnly) { if (!verifySignatureOnly) { // Check key usages to make sure it is good for signing. var exts = certificate.CertificateStructure.TbsCertificate.Extensions; foreach (DerObjectIdentifier extension in exts.ExtensionOids) { if (extension.Equals(X509Extensions.KeyUsage)) { var keyUsage = certificate.GetKeyUsage(); bool validKeyUsage = (keyUsage[0 /* DigitalSignature */] || keyUsage[0 /* NonRepudiation */]); if (!validKeyUsage) { SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_X509KeyUsage); return(false); } break; } } // Do the chain verification to make sure the certificate is valid. /*X509Chain chain = new X509Chain(); * chain.ChainPolicy.ExtraStore.AddRange(BuildBagOfCerts()); * bool chainVerified = chain.Build(certificate); * SignedXmlDebugLog.LogVerifyX509Chain(this, chain, certificate); * * if (!chainVerified) * { * SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_X509Chain); * return false; * }*/ } AsymmetricKeyParameter publicKey = certificate.GetPublicKey(); if (!CheckSignature(publicKey)) { return(false); } SignedXmlDebugLog.LogVerificationResult(this, certificate, true); return(true); }
public bool CheckSignature(IMac macAlg) { if (!CheckSignatureFormat()) { return(false); } if (!CheckSignedInfo(macAlg)) { SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_SignedInfo); return(false); } if (!CheckDigestedReferences()) { SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_References); return(false); } SignedXmlDebugLog.LogVerificationResult(this, macAlg, true); return(true); }
public bool CheckSignature(AsymmetricKeyParameter key) { if (!CheckSignatureFormat()) { return(false); } if (!CheckSignedInfo(key)) { SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_SignedInfo); return(false); } // Now is the time to go through all the references and see if their DigestValues are good if (!CheckDigestedReferences()) { SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_References); return(false); } SignedXmlDebugLog.LogVerificationResult(this, key, true); return(true); }