diff options
Diffstat (limited to 'crypto/src/cmp/CertificateStatus.cs')
| -rw-r--r-- | crypto/src/cmp/CertificateStatus.cs | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/crypto/src/cmp/CertificateStatus.cs b/crypto/src/cmp/CertificateStatus.cs new file mode 100644 index 000000000..e8c3546dd --- /dev/null +++ b/crypto/src/cmp/CertificateStatus.cs @@ -0,0 +1,55 @@ +using System; +using System.Collections.Generic; +using System.Text; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cmp +{ + public class CertificateStatus + { + private DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); + private DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private CertStatus certStatus; + + public CertificateStatus(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus) + { + this.digestAlgFinder = digestAlgFinder; + this.certStatus = certStatus; + } + + public PkiStatusInfo PkiStatusInfo + { + get { return certStatus.StatusInfo; } + } + + public BigInteger CertRequestId + { + get { return certStatus.CertReqID.Value; } + } + + public bool IsVerified(X509Certificate cert) + { + + AlgorithmIdentifier digAlg = digestAlgFinder.find( sigAlgFinder.Find(cert.SigAlgName)); + if (digAlg == null) + { + throw new CmpException("cannot find algorithm for digest from signature "+cert.SigAlgName); + } + + DigestSink digestSink = new DigestSink(DigestUtilities.GetDigest(digAlg.Algorithm)); + + digestSink.Write(cert.GetEncoded()); + + byte[] digest = new byte[digestSink.Digest.GetDigestSize()]; + digestSink.Digest.DoFinal(digest, 0); + return Arrays.ConstantTimeAreEqual(certStatus.CertHash.GetOctets(), digest); + } + } +} |