X509: generation/validation of alternative signatures for certs and CRLs.

author: Peter Dettman <peter.dettman@bouncycastle.org> 2023-04-04 21:20:26 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2023-04-04 21:20:26 +0700
commit: aa027f072fe8f7871950cd256b2e04f12c1d4551 (patch)
tree: 47c4bb1a5b813f7cb82a68ed6b87f431d075a97a /crypto/src/x509/X509Utilities.cs
parent: Add constructor from template CRL (diff)
download: BouncyCastle.NET-ed25519-aa027f072fe8f7871950cd256b2e04f12c1d4551.tar.xz
1 files changed, 42 insertions, 1 deletions
diff --git a/crypto/src/x509/X509Utilities.cs b/crypto/src/x509/X509Utilities.cs
index 30ca0b080..bb9b7155f 100644
--- a/crypto/src/x509/X509Utilities.cs
+++ b/crypto/src/x509/X509Utilities.cs
@@ -9,6 +9,7 @@ using Org.BouncyCastle.Asn1.Pkcs;
 using Org.BouncyCastle.Asn1.TeleTrust;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Utilities.Collections;
 
 namespace Org.BouncyCastle.X509
@@ -159,5 +160,45 @@ namespace Org.BouncyCastle.X509
 		{
 			return CollectionUtilities.Proxy(m_algorithms.Keys);
 		}
-	}
+
+        internal static DerBitString GenerateSignature(ISignatureFactory signatureFactory, Asn1Encodable asn1Encodable)
+        {
+			var result = CalculateResult(signatureFactory.CreateCalculator(), asn1Encodable);
+            return new DerBitString(result.Collect());
+        }
+
+        internal static bool VerifySignature(IVerifierFactory verifierFactory, Asn1Encodable asn1Encodable,
+			DerBitString signature)
+        {
+            var result = CalculateResult(verifierFactory.CreateCalculator(), asn1Encodable);
+			return result.IsVerified(signature.GetOctets());
+        }
+
+        internal static Asn1TaggedObject TrimExtensions(int tagNo, X509Extensions exts)
+        {
+            Asn1Sequence extSeq = Asn1Sequence.GetInstance(exts.ToAsn1Object());
+            Asn1EncodableVector extV = new Asn1EncodableVector();
+			foreach (var extEntry in extSeq)
+			{
+				Asn1Sequence ext = Asn1Sequence.GetInstance(extEntry);
+
+                if (!X509Extensions.AltSignatureValue.Equals(ext[0]))
+                {
+                    extV.Add(ext);
+                }
+            }
+
+            return new DerTaggedObject(true, tagNo, new DerSequence(extV));
+        }
+
+		private static TResult CalculateResult<TResult>(IStreamCalculator<TResult> streamCalculator,
+			Asn1Encodable asn1Encodable)
+		{
+            using (var stream = streamCalculator.Stream)
+            {
+                asn1Encodable.EncodeTo(stream, Asn1Encodable.Der);
+            }
+            return streamCalculator.GetResult();
+        }
+    }
 }
author	Peter Dettman <peter.dettman@bouncycastle.org>	2023-04-04 21:20:26 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2023-04-04 21:20:26 +0700
commit	aa027f072fe8f7871950cd256b2e04f12c1d4551 (patch)
tree	47c4bb1a5b813f7cb82a68ed6b87f431d075a97a /crypto/src/x509/X509Utilities.cs
parent	Add constructor from template CRL (diff)
download	BouncyCastle.NET-ed25519-aa027f072fe8f7871950cd256b2e04f12c1d4551.tar.xz