summary refs log tree commit diff
path: root/crypto/src/cmp/CertificateStatus.cs
blob: 92a94ea05e9b47f33dabc03b911d99326ce2ec1d (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Cms;
using Org.BouncyCastle.Crypto.IO;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.X509;

namespace Org.BouncyCastle.Cmp
{
    public class CertificateStatus
    {
        private DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
        private DefaultDigestAlgorithmIdentifierFinder digestAlgFinder;
        private CertStatus certStatus;

        public CertificateStatus(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus)
        {
            this.digestAlgFinder = digestAlgFinder;
            this.certStatus = certStatus;
        }

         public PkiStatusInfo PkiStatusInfo
         {
             get { return certStatus.StatusInfo; }
         }

        public BigInteger CertRequestId
        {
            get { return certStatus.CertReqID.Value; }
        }

        public bool IsVerified(X509Certificate cert)
        {

            AlgorithmIdentifier digAlg = digestAlgFinder.find( sigAlgFinder.Find(cert.SigAlgName));
            if (digAlg == null)
            {
                throw new CmpException("cannot find algorithm for digest from signature "+cert.SigAlgName);
            }

            DigestSink digestSink = new DigestSink(DigestUtilities.GetDigest(digAlg.Algorithm));

            digestSink.Write(cert.GetEncoded());

            byte[] digest = new byte[digestSink.Digest.GetDigestSize()];
            digestSink.Digest.DoFinal(digest, 0);
            return Arrays.ConstantTimeAreEqual(certStatus.CertHash.GetOctets(), digest);
        }
    }
}