47 lines
1.8 KiB
C#
47 lines
1.8 KiB
C#
#if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
|
|
#pragma warning disable
|
|
using System;
|
|
|
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.Cmp;
|
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.X509;
|
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.Cms;
|
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.IO;
|
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.Math;
|
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.Security;
|
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities;
|
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.X509;
|
|
|
|
namespace BestHTTP.SecureProtocol.Org.BouncyCastle.Cmp
|
|
{
|
|
public class CertificateStatus
|
|
{
|
|
private static readonly DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
|
|
|
|
private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder;
|
|
private readonly CertStatus certStatus;
|
|
|
|
public CertificateStatus(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus)
|
|
{
|
|
this.digestAlgFinder = digestAlgFinder;
|
|
this.certStatus = certStatus;
|
|
}
|
|
|
|
public virtual PkiStatusInfo StatusInfo => certStatus.StatusInfo;
|
|
|
|
public virtual BigInteger CertRequestID => certStatus.CertReqID.Value;
|
|
|
|
public virtual bool IsVerified(X509Certificate cert)
|
|
{
|
|
AlgorithmIdentifier digAlg = digestAlgFinder.Find(sigAlgFinder.Find(cert.SigAlgName));
|
|
if (null == digAlg)
|
|
throw new CmpException("cannot find algorithm for digest from signature " + cert.SigAlgName);
|
|
|
|
byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded());
|
|
|
|
return Arrays.ConstantTimeAreEqual(certStatus.CertHash.GetOctets(), digest);
|
|
}
|
|
}
|
|
}
|
|
#pragma warning restore
|
|
#endif
|