VerifySignature() public method

public VerifySignature ( HashAlgorithm hash, byte rgbSignature ) : bool
hash HashAlgorithm
rgbSignature byte
return bool
示例#1
0
        void VerifySignature(HashAlgorithm hash, AsymmetricSignatureDeformatter deformatter, string signatureMethod)
        {
            this.Signature.SignedInfo.ComputeHash(hash);
            bool result;

            if (SecurityUtils.RequiresFipsCompliance && signatureMethod == SecurityAlgorithms.RsaSha256Signature)
            {
                // This is to avoid the RSAPKCS1SignatureFormatter.VerifySignature from using SHA256Managed (non-FIPS-Compliant).
                // Hence we precompute the hash using SHA256CSP (FIPS compliant) and pass it to method.
                // NOTE: RSAPKCS1SignatureFormatter does not understand SHA256CSP inherently and hence this workaround. 
                deformatter.SetHashAlgorithm("SHA256");
                result = deformatter.VerifySignature(hash.Hash, GetSignatureValue());
            }
            else
            {
                result = deformatter.VerifySignature(hash, GetSignatureValue());
            }

            if (!result)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(SR.GetString(SR.SignatureVerificationFailed)));
            }
        }
 /// <summary>
 /// Wrapper that verifies the signature for SHA256 taking into consideration the special logic for FIPS compliance
 /// </summary>
 /// <param name="deformatter">the signature deformatter</param>
 /// <param name="hash">the hash algorithm</param>
 /// <param name="signatureValue">the byte array for the signature value</param>
 /// <returns>true/false indicating if signature was verified or not</returns>
 internal static bool VerifySignatureForSha256( AsymmetricSignatureDeformatter deformatter, HashAlgorithm hash, byte[] signatureValue )
 {
     if ( SecurityUtils.RequiresFipsCompliance )
     {
         //
         // When FIPS is turned ON. We need to set the hash algorithm specifically 
         // else for SHA256 and FIPS turned ON, the underlying deformatter does not understand the 
         // OID for the hashing algorithm.
         //
         deformatter.SetHashAlgorithm( "SHA256" );
         return deformatter.VerifySignature( hash.Hash, signatureValue );
     }
     else
     {
         return deformatter.VerifySignature( hash, signatureValue );
     }
 }
 private void VerifySignature(HashAlgorithm hash, AsymmetricSignatureDeformatter deformatter, string signatureMethod)
 {
     bool flag;
     this.Signature.SignedInfo.ComputeHash(hash);
     if (System.IdentityModel.SecurityUtils.RequiresFipsCompliance && (signatureMethod == "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"))
     {
         deformatter.SetHashAlgorithm("SHA256");
         flag = deformatter.VerifySignature(hash.Hash, this.GetSignatureValue());
     }
     else
     {
         flag = deformatter.VerifySignature(hash, this.GetSignatureValue());
     }
     if (!flag)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(System.IdentityModel.SR.GetString("SignatureVerificationFailed")));
     }
 }