public final void verify(publickey key, string sigprovider)
throws certificateexception, nosuchalgorithmexception, invalidkeyexception,
nosuchproviderexception, signatureexception {
string signame = x509signatureutil.getsignaturename(c.getsignaturealgorithm());
signature signature = signature.getinstance(signame, sigprovider);
checksignature(key, signature);
}
public final void verify(publickey key)
throws certificateexception, nosuchalgorithmexception, invalidkeyexception,
nosuchproviderexception, signatureexception {
signature signature;
string signame = x509signatureutil.getsignaturename(c.getsignaturealgorithm());
try {
signature = signature.getinstance(signame, bouncycastleprovider.provider_name);
} catch (exception e) {
signature = signature.getinstance(signame);
}
checksignature(key, signature);
}
private void checksignature(publickey key, signature signature)
throws certificateexception, nosuchalgorithmexception, signatureexception,
invalidkeyexception {
if (!isalgidequal(c.getsignaturealgorithm(), c.gettbscertificate().getsignature())) {
throw new certificateexception("signature algorithm in tbs cert not same as outer cert");
}
asn1encodable params = c.getsignaturealgorithm().getparameters();
// todo this should go after the initverify?
x509signatureutil.setsignatureparameters(signature, params);
signature.initverify(key);
signature.update(this.gettbscertificate());
if (!signature.verify(this.getsignature())) {
throw new signatureexception("certificate does not verify with supplied key");
}
}
