summary refs log tree commit diff
path: root/crypto/src/mozilla/SignedPublicKeyAndChallenge.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/mozilla/SignedPublicKeyAndChallenge.cs')
-rw-r--r--crypto/src/mozilla/SignedPublicKeyAndChallenge.cs48
1 files changed, 48 insertions, 0 deletions
diff --git a/crypto/src/mozilla/SignedPublicKeyAndChallenge.cs b/crypto/src/mozilla/SignedPublicKeyAndChallenge.cs
new file mode 100644
index 000000000..03b8e90ac
--- /dev/null
+++ b/crypto/src/mozilla/SignedPublicKeyAndChallenge.cs
@@ -0,0 +1,48 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Mozilla
+{
+    public sealed class SignedPublicKeyAndChallenge
+    {
+        private readonly Asn1.Mozilla.SignedPublicKeyAndChallenge m_spkac;
+
+        public SignedPublicKeyAndChallenge(byte[] encoding)
+            : this(Asn1.Mozilla.SignedPublicKeyAndChallenge.GetInstance(encoding))
+        {
+        }
+
+        public SignedPublicKeyAndChallenge(Asn1.Mozilla.SignedPublicKeyAndChallenge spkac)
+        {
+            m_spkac = spkac ?? throw new ArgumentNullException(nameof(spkac));
+        }
+
+        public AsymmetricKeyParameter GetPublicKey() => PublicKeyFactory.CreateKey(m_spkac.PublicKeyAndChallenge.Spki);
+
+        public bool IsSignatureValid(AsymmetricKeyParameter publicKey) =>
+            CheckSignatureValid(new Asn1VerifierFactory(m_spkac.SignatureAlgorithm, publicKey));
+
+        public bool IsSignatureValid(IVerifierFactoryProvider verifierProvider) =>
+            CheckSignatureValid(verifierProvider.CreateVerifierFactory(m_spkac.SignatureAlgorithm));
+
+        public Asn1.Mozilla.SignedPublicKeyAndChallenge ToAsn1Structure() => m_spkac;
+
+        public void Verify(AsymmetricKeyParameter publicKey) =>
+            CheckSignature(new Asn1VerifierFactory(m_spkac.SignatureAlgorithm, publicKey));
+
+        public void Verify(IVerifierFactoryProvider verifierProvider) =>
+            CheckSignature(verifierProvider.CreateVerifierFactory(m_spkac.SignatureAlgorithm));
+
+        private void CheckSignature(IVerifierFactory verifier)
+        {
+            if (!CheckSignatureValid(verifier))
+                throw new InvalidKeyException("Public key presented not for SPKAC signature");
+        }
+
+        private bool CheckSignatureValid(IVerifierFactory verifier) =>
+            X509.X509Utilities.VerifySignature(verifier, m_spkac.PublicKeyAndChallenge, m_spkac.Signature);
+    }
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-09 16:23:12 +0000