summary refs log tree commit diff
path: root/crypto/src/cmp/ProtectedPkiMessage.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/cmp/ProtectedPkiMessage.cs')
-rw-r--r--crypto/src/cmp/ProtectedPkiMessage.cs16
1 files changed, 16 insertions, 0 deletions
diff --git a/crypto/src/cmp/ProtectedPkiMessage.cs b/crypto/src/cmp/ProtectedPkiMessage.cs
index 8c9a4b152..df4c45143 100644
--- a/crypto/src/cmp/ProtectedPkiMessage.cs
+++ b/crypto/src/cmp/ProtectedPkiMessage.cs
@@ -119,6 +119,22 @@ namespace Org.BouncyCastle.Cmp
             return Arrays.FixedTimeEquals(result.Collect(), m_pkiMessage.Protection.GetBytes());
         }
 
+#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+        public virtual bool Verify(PKMacBuilder pkMacBuilder, ReadOnlySpan<char> password)
+        {
+            if (!CmpObjectIdentifiers.passwordBasedMac.Equals(m_pkiMessage.Header.ProtectionAlg.Algorithm))
+                throw new InvalidOperationException("protection algorithm is not mac based");
+
+            PbmParameter parameter = PbmParameter.GetInstance(m_pkiMessage.Header.ProtectionAlg.Parameters);
+
+            pkMacBuilder.SetParameters(parameter);
+
+            IBlockResult result = Process(pkMacBuilder.Build(password).CreateCalculator());
+
+            return Arrays.FixedTimeEquals(result.Collect(), m_pkiMessage.Protection.GetBytes());
+        }
+#endif
+
         private TResult Process<TResult>(IStreamCalculator<TResult> streamCalculator)
         {
             Asn1EncodableVector avec = new Asn1EncodableVector();
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-09 17:22:01 +0000