summary refs log tree commit diff
path: root/crypto/src/crmf/CertificateRequestMessage.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/crmf/CertificateRequestMessage.cs')
-rw-r--r--crypto/src/crmf/CertificateRequestMessage.cs34
1 files changed, 8 insertions, 26 deletions
diff --git a/crypto/src/crmf/CertificateRequestMessage.cs b/crypto/src/crmf/CertificateRequestMessage.cs
index 0a246aaa4..36149c791 100644
--- a/crypto/src/crmf/CertificateRequestMessage.cs
+++ b/crypto/src/crmf/CertificateRequestMessage.cs
@@ -178,43 +178,25 @@ namespace Org.BouncyCastle.Crmf
             {
                 PopoSigningKey popoSign = PopoSigningKey.GetInstance(pop.Object);
                 if (popoSign.PoposkInput != null && popoSign.PoposkInput.PublicKeyMac != null)
-                {
                     throw new InvalidOperationException("verification requires password check");
-                }
-                return verifySignature(verifierProvider, popoSign);
+
+                return VerifySignature(verifierProvider, popoSign);
             }
 
             throw new InvalidOperationException("not Signing Key type of proof of possession");
         }
 
-        private bool verifySignature(IVerifierFactoryProvider verifierFactoryProvider, PopoSigningKey signKey)
+        private bool VerifySignature(IVerifierFactoryProvider verifierFactoryProvider, PopoSigningKey signKey)
         {
-            IVerifierFactory verifer;
-            IStreamCalculator<IVerifier> calculator;
-            try
-            {
-                verifer = verifierFactoryProvider.CreateVerifierFactory(signKey.AlgorithmIdentifier);
-                calculator = verifer.CreateCalculator();
-            }
-            catch (Exception ex)
-            {
-                throw new CrmfException("unable to create verifier: " + ex.Message, ex);
-            }
+            var verifierFactory = verifierFactoryProvider.CreateVerifierFactory(signKey.AlgorithmIdentifier);
 
-            if (signKey.PoposkInput != null)
+            Asn1Encodable asn1Encodable = signKey.PoposkInput;
+            if (asn1Encodable == null)
             {
-                byte[] b = signKey.GetDerEncoded();
-                calculator.Stream.Write(b, 0, b.Length);
+                asn1Encodable = certReqMsg.CertReq;
             }
-            else
-            {
-                byte[] b = certReqMsg.CertReq.GetDerEncoded();
-                calculator.Stream.Write(b, 0, b.Length);
-            }
-
-            IVerifier result = calculator.GetResult();
 
-            return result.IsVerified(signKey.Signature.GetBytes());
+            return X509.X509Utilities.VerifySignature(verifierFactory, asn1Encodable, signKey.Signature);
         }
 
         /// <summary>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 16:58:48 +0000