/// <summary>
/// Return whether or not a signing key proof-of-possession (POP) is valid.
/// </summary>
/// <param name="verifierProvider">a provider that can produce content verifiers for the signature contained in this POP.</param>
/// <returns>true if the POP is valid, false otherwise.</returns>
/// <exception cref="InvalidOperationException">if there is a problem in verification or content verifier creation.</exception>
/// <exception cref="InvalidOperationException">if POP not appropriate.</exception>
public bool IsValidSigningKeyPop(IVerifierFactoryProvider verifierProvider)
{
ProofOfPossession pop = certReqMsg.Popo;
if (pop.Type == popSigningKey)
{
PopoSigningKey popoSign = PopoSigningKey.GetInstance(pop.Object);
if (popoSign.PoposkInput != null && popoSign.PoposkInput.PublicKeyMac != null)
{
throw new InvalidOperationException("verification requires password check");
}
return(verifySignature(verifierProvider, popoSign));
}
throw new InvalidOperationException("not Signing Key type of proof of possession");
}
private ProofOfPossession(Asn1TaggedObject tagged)
{
tagNo = tagged.TagNo;
switch (tagNo)
{
case 0:
obj = DerNull.Instance;
break;
case 1:
obj = PopoSigningKey.GetInstance(tagged, isExplicit: false);
break;
case 2:
case 3:
obj = PopoPrivKey.GetInstance(tagged, isExplicit: false);
break;
default:
throw new ArgumentException("unknown tag: " + tagNo, "tagged");
}
}