blob: 4df7e0cf5f67e2d94a4bbce63a84e08d328fb3d8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
using System;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Operators.Utilities;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Cmp
{
public class CertificateStatus
{
private readonly IDigestAlgorithmFinder m_digestAlgorithmFinder;
private readonly CertStatus m_certStatus;
[Obsolete("Use constructor taking 'IDigestAlgorithmFinder' instead")]
public CertificateStatus(Org.BouncyCastle.Cms.DefaultDigestAlgorithmIdentifierFinder digestAlgFinder,
CertStatus certStatus)
: this((IDigestAlgorithmFinder)digestAlgFinder, certStatus)
{
}
public CertificateStatus(IDigestAlgorithmFinder digestAlgorithmFinder, CertStatus certStatus)
{
m_digestAlgorithmFinder = digestAlgorithmFinder;
m_certStatus = certStatus;
}
public virtual PkiStatusInfo StatusInfo => m_certStatus.StatusInfo;
public virtual BigInteger CertRequestID => m_certStatus.CertReqID.Value;
public virtual bool IsVerified(X509Certificate cert) =>
IsVerified(new CmpCertificate(cert.CertificateStructure), cert.SignatureAlgorithm);
public virtual bool IsVerified(CmpCertificate cmpCertificate, AlgorithmIdentifier signatureAlgorithm)
{
AlgorithmIdentifier digestAlgorithm = m_digestAlgorithmFinder.Find(signatureAlgorithm)
?? throw new CmpException("cannot find algorithm for digest from signature");
byte[] digest = DigestUtilities.CalculateDigest(digestAlgorithm.Algorithm,
cmpCertificate.GetEncoded(Asn1Encodable.Der));
return Arrays.FixedTimeEquals(m_certStatus.CertHash.GetOctets(), digest);
}
}
}
|
