Further work of signature/verification calculators.

Added IBlockResult and IVerifier Added verifier provider verify methods to X.509 PKCS#10 classes.
author: David Hook <dgh@bouncycastle.org> 2015-10-16 09:30:29 +1100
committer: David Hook <dgh@bouncycastle.org> 2015-10-16 09:30:29 +1100
commit: b18da3a6bc82e3b0119edb7184db15ba3bc12c8a (patch)
tree: a0e0850341d707010999a6b5317a37eb9ac40242 /crypto/src/x509/X509V2AttributeCertificate.cs
parent: Close files after reading (diff)
download: BouncyCastle.NET-ed25519-b18da3a6bc82e3b0119edb7184db15ba3bc12c8a.tar.xz
1 files changed, 31 insertions, 11 deletions
diff --git a/crypto/src/x509/X509V2AttributeCertificate.cs b/crypto/src/x509/X509V2AttributeCertificate.cs
index 117ac4cc2..cc72c23bb 100644
--- a/crypto/src/x509/X509V2AttributeCertificate.cs
+++ b/crypto/src/x509/X509V2AttributeCertificate.cs
@@ -9,6 +9,7 @@ using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Security.Certificates;
 using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Crypto.Operators;
 
 namespace Org.BouncyCastle.X509
 {
@@ -151,29 +152,48 @@ namespace Org.BouncyCastle.X509
 			return cert.SignatureValue.GetBytes();
 		}
 
-		public virtual void Verify(
-			AsymmetricKeyParameter publicKey)
-		{
-			if (!cert.SignatureAlgorithm.Equals(cert.ACInfo.Signature))
+        public virtual void Verify(
+            AsymmetricKeyParameter key)
+        {
+            CheckSignature(new Asn1SignatureVerifier(cert.SignatureAlgorithm, key));
+        }
+
+        /// <summary>
+        /// Verify the certificate's signature using a verifier created using the passed in verifier provider.
+        /// </summary>
+        /// <param name="verifierProvider">An appropriate provider for verifying the certificate's signature.</param>
+        /// <returns>True if the signature is valid.</returns>
+        /// <exception cref="Exception">If verifier provider is not appropriate or the certificate algorithm is invalid.</exception>
+        public virtual void Verify(
+            ISignatureVerifierProvider verifierProvider)
+        {
+            CheckSignature(verifierProvider.CreateSignatureVerifier(cert.SignatureAlgorithm));
+        }
+
+        protected virtual void CheckSignature(
+            ISignatureVerifier verifier)
+        {
+            if (!cert.SignatureAlgorithm.Equals(cert.ACInfo.Signature))
 			{
 				throw new CertificateException("Signature algorithm in certificate info not same as outer certificate");
 			}
 
-			ISigner signature = SignerUtilities.GetSigner(cert.SignatureAlgorithm.ObjectID.Id);
-
-			signature.Init(false, publicKey);
+            IStreamCalculator streamCalculator = verifier.CreateCalculator();
 
 			try
 			{
-				byte[] b = cert.ACInfo.GetEncoded();
-				signature.BlockUpdate(b, 0, b.Length);
-			}
+                byte[] b = this.cert.ACInfo.GetEncoded();
+
+                streamCalculator.Stream.Write(b, 0, b.Length);
+
+                streamCalculator.Stream.Close();
+            }
 			catch (IOException e)
 			{
 				throw new SignatureException("Exception encoding certificate info object", e);
 			}
 
-			if (!signature.VerifySignature(this.GetSignature()))
+			if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature()))
 			{
 				throw new InvalidKeyException("Public key presented not for certificate signature");
 			}
author	David Hook <dgh@bouncycastle.org>	2015-10-16 09:30:29 +1100
committer	David Hook <dgh@bouncycastle.org>	2015-10-16 09:30:29 +1100
commit	b18da3a6bc82e3b0119edb7184db15ba3bc12c8a (patch)
tree	a0e0850341d707010999a6b5317a37eb9ac40242 /crypto/src/x509/X509V2AttributeCertificate.cs
parent	Close files after reading (diff)
download	BouncyCastle.NET-ed25519-b18da3a6bc82e3b0119edb7184db15ba3bc12c8a.tar.xz