diff options
Diffstat (limited to 'crypto/src/cmp')
| -rw-r--r-- | crypto/src/cmp/CertificateConfirmationContentBuilder.cs | 15 | ||||
| -rw-r--r-- | crypto/src/cmp/CertificateStatus.cs | 10 | ||||
| -rw-r--r-- | crypto/src/cmp/CmpUtilities.cs | 18 |
3 files changed, 24 insertions, 19 deletions
diff --git a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs index faf0cf998..873b58b2e 100644 --- a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs +++ b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs @@ -6,7 +6,6 @@ using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Math; using Org.BouncyCastle.Operators.Utilities; -using Org.BouncyCastle.Security; using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cmp @@ -62,17 +61,11 @@ namespace Org.BouncyCastle.Cmp Asn1EncodableVector v = new Asn1EncodableVector(m_acceptedCerts.Count); for (int i = 0; i != m_acceptedCerts.Count; i++) { - CmpCertificate cmpCertificate = m_acceptedCerts[i]; - AlgorithmIdentifier signatureAlgorithm = m_acceptedSignatureAlgorithms[i]; - DerInteger reqID = m_acceptedReqIDs[i]; + var certHash = CmpUtilities.CalculateCertHash(m_acceptedCerts[i], m_acceptedSignatureAlgorithms[i], + m_digestAlgorithmFinder); + var reqID = m_acceptedReqIDs[i]; - var digestAlgorithm = m_digestAlgorithmFinder.Find(signatureAlgorithm) - ?? throw new CmpException("cannot find algorithm for digest from signature"); - - byte[] digest = DigestUtilities.CalculateDigest(digestAlgorithm.Algorithm, - cmpCertificate.GetEncoded(Asn1Encodable.Der)); - - v.Add(new CertStatus(digest, reqID)); + v.Add(new CertStatus(certHash, reqID)); } var content = CertConfirmContent.GetInstance(new DerSequence(v)); diff --git a/crypto/src/cmp/CertificateStatus.cs b/crypto/src/cmp/CertificateStatus.cs index 482e9f7f3..4c45a3cb8 100644 --- a/crypto/src/cmp/CertificateStatus.cs +++ b/crypto/src/cmp/CertificateStatus.cs @@ -1,11 +1,9 @@ using System; -using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Math; using Org.BouncyCastle.Operators.Utilities; -using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.X509; @@ -38,13 +36,9 @@ namespace Org.BouncyCastle.Cmp public virtual bool IsVerified(CmpCertificate cmpCertificate, AlgorithmIdentifier signatureAlgorithm) { - AlgorithmIdentifier digestAlgorithm = m_digestAlgorithmFinder.Find(signatureAlgorithm) - ?? throw new CmpException("cannot find algorithm for digest from signature"); + var certHash = CmpUtilities.CalculateCertHash(cmpCertificate, signatureAlgorithm, m_digestAlgorithmFinder); - byte[] digest = DigestUtilities.CalculateDigest(digestAlgorithm.Algorithm, - cmpCertificate.GetEncoded(Asn1Encodable.Der)); - - return Arrays.FixedTimeEquals(m_certStatus.CertHash.GetOctets(), digest); + return Arrays.FixedTimeEquals(m_certStatus.CertHash.GetOctets(), certHash); } } } diff --git a/crypto/src/cmp/CmpUtilities.cs b/crypto/src/cmp/CmpUtilities.cs new file mode 100644 index 000000000..d4e2c89bf --- /dev/null +++ b/crypto/src/cmp/CmpUtilities.cs @@ -0,0 +1,18 @@ +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Operators.Utilities; + +namespace Org.BouncyCastle.Cmp +{ + internal static class CmpUtilities + { + internal static byte[] CalculateCertHash(Asn1Encodable asn1Encodable, AlgorithmIdentifier signatureAlgorithm, + IDigestAlgorithmFinder digestAlgorithmFinder) + { + var digestAlgorithm = digestAlgorithmFinder.Find(signatureAlgorithm) + ?? throw new CmpException("cannot find digest algorithm from signature algorithm"); + + return X509.X509Utilities.CalculateDigest(digestAlgorithm.Algorithm, asn1Encodable); + } + } +} |