X509: Signature checks that return bool

author: Peter Dettman <peter.dettman@bouncycastle.org> 2023-04-05 12:22:26 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2023-04-05 12:22:26 +0700
commit: 2ba60e27a977781625f7e84360a9a6225a49cf28 (patch)
tree: 85e8d65fc407937a8fa67c1fdee475e0ff3dccf0 /crypto/src/x509/X509V2AttributeCertificate.cs
parent: X509: generation/validation of alternative signatures for certs and CRLs. (diff)
download: BouncyCastle.NET-ed25519-2ba60e27a977781625f7e84360a9a6225a49cf28.tar.xz
1 files changed, 21 insertions, 6 deletions
diff --git a/crypto/src/x509/X509V2AttributeCertificate.cs b/crypto/src/x509/X509V2AttributeCertificate.cs
index 963f1ea4f..980b9f3d5 100644
--- a/crypto/src/x509/X509V2AttributeCertificate.cs
+++ b/crypto/src/x509/X509V2AttributeCertificate.cs
@@ -161,6 +161,16 @@ namespace Org.BouncyCastle.X509
             return cert.GetSignatureOctets();
 		}
 
+        public virtual bool IsSignatureValid(AsymmetricKeyParameter key)
+        {
+            return CheckSignatureValid(new Asn1VerifierFactory(cert.SignatureAlgorithm, key));
+        }
+
+        public virtual bool IsSignatureValid(IVerifierFactoryProvider verifierProvider)
+        {
+            return CheckSignatureValid(verifierProvider.CreateVerifierFactory(cert.SignatureAlgorithm));
+        }
+
         public virtual void Verify(AsymmetricKeyParameter key)
         {
             CheckSignature(new Asn1VerifierFactory(cert.SignatureAlgorithm, key));
@@ -179,17 +189,22 @@ namespace Org.BouncyCastle.X509
 
         protected virtual void CheckSignature(IVerifierFactory verifier)
         {
-			var acInfo = cert.ACInfo;
+			if (!CheckSignatureValid(verifier))
+				throw new InvalidKeyException("Public key presented not for certificate signature");
+		}
+
+        protected virtual bool CheckSignatureValid(IVerifierFactory verifier)
+        {
+            var acInfo = cert.ACInfo;
 
             // TODO Compare IsAlgIDEqual in X509Certificate.CheckSignature
             if (!cert.SignatureAlgorithm.Equals(acInfo.Signature))
-				throw new CertificateException("Signature algorithm in certificate info not same as outer certificate");
+                throw new CertificateException("Signature algorithm in certificate info not same as outer certificate");
 
-			if (!X509Utilities.VerifySignature(verifier, acInfo, cert.SignatureValue))
-				throw new InvalidKeyException("Public key presented not for certificate signature");
-		}
+			return X509Utilities.VerifySignature(verifier, acInfo, cert.SignatureValue);
+        }
 
-		public virtual byte[] GetEncoded()
+        public virtual byte[] GetEncoded()
 		{
 			return cert.GetEncoded();
 		}
author	Peter Dettman <peter.dettman@bouncycastle.org>	2023-04-05 12:22:26 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2023-04-05 12:22:26 +0700
commit	2ba60e27a977781625f7e84360a9a6225a49cf28 (patch)
tree	85e8d65fc407937a8fa67c1fdee475e0ff3dccf0 /crypto/src/x509/X509V2AttributeCertificate.cs
parent	X509: generation/validation of alternative signatures for certs and CRLs. (diff)
download	BouncyCastle.NET-ed25519-2ba60e27a977781625f7e84360a9a6225a49cf28.tar.xz