/// <summary>
/// Verify a message with password based MAC protection.
/// </summary>
/// <param name="pkMacBuilder">MAC builder that can be used to construct the appropriate MacCalculator</param>
/// <param name="password">the MAC password</param>
/// <returns>true if the passed in password and MAC builder verify the message, false otherwise.</returns>
/// <exception cref="InvalidOperationException">if algorithm not MAC based, or an exception is thrown verifying the MAC.</exception>
public bool Verify(PKMacBuilder pkMacBuilder, char[] password)
{
if (!CmpObjectIdentifiers.passwordBasedMac.Equals(pkiMessage.Header.ProtectionAlg.Algorithm))
{
throw new InvalidOperationException("protection algorithm is not mac based");
}
PbmParameter parameter = PbmParameter.GetInstance(pkiMessage.Header.ProtectionAlg.Parameters);
pkMacBuilder.SetParameters(parameter);
IBlockResult result = (IBlockResult)Process(pkMacBuilder.Build(password).CreateCalculator());
return(Arrays.ConstantTimeAreEqual(result.Collect(), this.pkiMessage.Protection.GetBytes()));
}
public void TestVerifyBCJavaGeneratedMessage()
{
//
// Test with content generated by BC-JAVA version.
//
ICipherParameters publicKey = PublicKeyFactory.CreateKey(Hex.Decode(
"305c300d06092a864886f70d0101010500034b003048024100ac1e59ba5f96" +
"ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af365d05b26970cbd2" +
"6e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87f683774502030100" +
"01"));
ICipherParameters privateKey = PrivateKeyFactory.CreateKey(Hex.Decode(
"30820155020100300d06092a864886f70d01010105000482013f3082013b02" +
"0100024100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb32038" +
"8b58af365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e" +
"464b87f68377450203010001024046f3f208570c735349bfe00fdaa1fbcc00" +
"c0f2eebe42279876a168ac43fa74a8cdf9a1bb49066c07cfcfa7196f69f2b9" +
"419d378109db967891428c50273dcc37022100d488dc3fb86f404d726a8166" +
"b2a9aba9bee12fdbf38470a62403a2a20bad0977022100cf51874e479b141f" +
"9915533bf54d68f1940f84d7fe6130538ff01a23e3493423022100986f94f1" +
"0afa9837341219bfabf32fd16ebb9a94fa630a5ccf45e036b383275f02201b" +
"6dff07f563684b31f6e757548254733a12bf91d05f4d8490d3c4b1a0ddcb9f" +
"02210087c3b2049e9a3edfc4cb40a3a275dabf7ffff80b467157e384603042" +
"3fe91d68"));
byte[] ind = Hex.Decode(
"308201ac306e020102a4133011310f300d06035504030c0653656e646572a4" +
"123010310e300c06035504030c055265636970a140303e06092a864886f67d" +
"07420d30310414fdccb4ffd7848e6a697bee36cbe0f3722ed7fe2f30070605" +
"2b0e03021a020203e8300c06082b060105050801020500a10430023000a017" +
"031500c131c357441daa78eb538bfd9c24870e220fdafaa182011930820115" +
"308201113081bca003020102020601684a515d5b300d06092a864886f70d01" +
"01050500300f310d300b06035504030c0454657374301e170d313930313134" +
"3033303433325a170d3139303432343033303433325a300f310d300b060355" +
"04030c0454657374305c300d06092a864886f70d0101010500034b00304802" +
"4100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af" +
"365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87" +
"f68377450203010001300d06092a864886f70d0101050500034100264b5b76" +
"f268e2a992f05ad83783b091ce806a6726912c6200d06b33375ae58fe3c474" +
"c3a42ad6e572a2c48ae3bf914a7510bb995c3474829cfe71ab679a3db0");
ProtectedPkiMessage pkiMsg = new ProtectedPkiMessage(PkiMessage.GetInstance(ind));
PbmParameter pbmParameters = PbmParameter.GetInstance(pkiMsg.Header.ProtectionAlg.Parameters);
IsTrue(pkiMsg.Verify(new PKMacBuilder().SetParameters(pbmParameters), "secret".ToCharArray()));
}