/// <summary>
/// Check the type of signature and use the publicKeyDer to verify the
/// signedBlob using the appropriate signature algorithm.
/// </summary>
///
/// <param name="signature"></param>
/// <param name="signedBlob">the SignedBlob with the signed portion to verify.</param>
/// <param name="publicKeyDer"></param>
/// <returns>True if the signature is verified, false if failed.</returns>
/// <exception cref="System.Security.SecurityException">if the signature type is not recognized or ifpublicKeyDer can't be decoded.</exception>
protected static internal bool verifySignature(
net.named_data.jndn.Signature signature, SignedBlob signedBlob,
Blob publicKeyDer)
{
if (signature is Sha256WithRsaSignature)
{
if (publicKeyDer.isNull())
{
return(false);
}
return(verifySha256WithRsaSignature(signature.getSignature(),
signedBlob, publicKeyDer));
}
else if (signature is Sha256WithEcdsaSignature)
{
if (publicKeyDer.isNull())
{
return(false);
}
return(verifySha256WithEcdsaSignature(signature.getSignature(),
signedBlob, publicKeyDer));
}
else if (signature is DigestSha256Signature)
{
return(verifyDigestSha256Signature(signature.getSignature(),
signedBlob));
}
else
{
// We don't expect this to happen.
throw new SecurityException(
"PolicyManager.verify: Signature type is unknown");
}
}
/// <summary>
/// Check the type of signature and use the publicKeyDer to verify the
/// signedBlob using the appropriate signature algorithm.
/// </summary>
///
/// <param name="signature"></param>
/// <param name="signedBlob">the SignedBlob with the signed portion to verify.</param>
/// <param name="publicKeyDer"></param>
/// <returns>True if the signature is verified, false if failed.</returns>
/// <exception cref="System.Security.SecurityException">if the signature type is not recognized or ifpublicKeyDer can't be decoded.</exception>
protected static internal bool verifySignature(
net.named_data.jndn.Signature signature, SignedBlob signedBlob,
Blob publicKeyDer)
{
if (signature is Sha256WithRsaSignature ||
signature is Sha256WithEcdsaSignature)
{
if (publicKeyDer.isNull())
{
return(false);
}
return(net.named_data.jndn.security.VerificationHelpers.verifySignature(signedBlob.signedBuf(),
signature.getSignature(), new PublicKey(publicKeyDer),
net.named_data.jndn.security.DigestAlgorithm.SHA256));
}
else if (signature is DigestSha256Signature)
{
return(net.named_data.jndn.security.VerificationHelpers.verifyDigest(signedBlob.signedBuf(),
signature.getSignature(), net.named_data.jndn.security.DigestAlgorithm.SHA256));
}
else
{
// We don't expect this to happen.
throw new SecurityException(
"PolicyManager.verify: Signature type is unknown");
}
}
/// <summary>
/// Check the type of signatureInfo to get the KeyLocator. Look in the
/// IdentityStorage for the public key with the name in the KeyLocator (if
/// available) and use it to verify the signedBlob. If the public key can't be
/// found, return false. (This is a generalized method which can verify both a
/// Data packet and an interest.)
/// </summary>
///
/// <param name="signatureInfo"></param>
/// <param name="signedBlob">the SignedBlob with the signed portion to verify.</param>
/// <returns>True if the signature is verified, false if failed.</returns>
private bool verify(net.named_data.jndn.Signature signatureInfo,
SignedBlob signedBlob)
{
Blob publicKeyDer = null;
if (net.named_data.jndn.KeyLocator.canGetFromSignature(signatureInfo))
{
publicKeyDer = getPublicKeyDer(net.named_data.jndn.KeyLocator
.getFromSignature(signatureInfo));
if (publicKeyDer.isNull())
{
return(false);
}
}
return(net.named_data.jndn.security.policy.PolicyManager.verifySignature(signatureInfo, signedBlob, publicKeyDer));
}
