using System; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto.IO; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cmp { public class CertificateStatus { private static readonly DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; private readonly CertStatus certStatus; public CertificateStatus(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus) { this.digestAlgFinder = digestAlgFinder; this.certStatus = certStatus; } public PkiStatusInfo PkiStatusInfo { get { return certStatus.StatusInfo; } } public BigInteger CertRequestId { get { return certStatus.CertReqID.Value; } } public bool IsVerified(X509Certificate cert) { AlgorithmIdentifier digAlg = digestAlgFinder.Find(sigAlgFinder.Find(cert.SigAlgName)); if (null == digAlg) throw new CmpException("cannot find algorithm for digest from signature " + cert.SigAlgName); byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded()); return Arrays.ConstantTimeAreEqual(certStatus.CertHash.GetOctets(), digest); } } }