示例#1
0
        public X509Crl(
            CertificateList c)
        {
            this.c = c;

            try
            {
                this.sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);

                if (c.SignatureAlgorithm.Parameters != null)
                {
                    this.sigAlgParams = ((Asn1Encodable)c.SignatureAlgorithm.Parameters).GetDerEncoded();
                }
                else
                {
                    this.sigAlgParams = null;
                }

                this.isIndirect = IsIndirectCrl;
            }
            catch (Exception e)
            {
                throw new CrlException("CRL contents invalid: " + e);
            }
        }
示例#2
0
        /// <summary>
        /// Verify the certificate's signature using the nominated public key.
        /// </summary>
        /// <param name="key">An appropriate public key parameter object, RsaPublicKeyParameters, DsaPublicKeyParameters or ECDsaPublicKeyParameters</param>
        /// <returns>True if the signature is valid.</returns>
        /// <exception cref="Exception">If key submitted is not of the above nominated types.</exception>
        public virtual void Verify(
            AsymmetricKeyParameter key)
        {
            string  sigName   = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);
            ISigner signature = SignerUtilities.GetSigner(sigName);

            CheckSignature(key, signature);
        }
示例#3
0
        protected virtual void CheckSignature(
            AsymmetricKeyParameter publicKey,
            ISigner signature)
        {
            if (!IsAlgIDEqual(c.SignatureAlgorithm, c.TbsCertificate.Signature))
            {
                throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
            }

            Asn1Encodable parameters = c.SignatureAlgorithm.Parameters;

            X509SignatureUtilities.SetSignatureParameters(signature, parameters);

            signature.Init(false, publicKey);

            byte[] b = this.GetTbsCertificate();
            signature.BlockUpdate(b, 0, b.Length);

            byte[] sig = this.GetSignature();
            if (!signature.VerifySignature(sig))
            {
                throw new InvalidKeyException("Public key presented not for certificate signature");
            }
        }