Example usage for org.bouncycastle.pkcs PKCS10CertificationRequest getSignatureAlgorithm

List of usage examples for org.bouncycastle.pkcs PKCS10CertificationRequest getSignatureAlgorithm

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.pkcs.*
  5. PKCS10CertificationRequest
  6. getSignatureAlgorithm

Introduction

In this page you can find the example usage for org.bouncycastle.pkcs PKCS10CertificationRequest getSignatureAlgorithm.

Prototype

public AlgorithmIdentifier getSignatureAlgorithm()

Source Link

Document

Return the details of the signature algorithm used to create this request.

Usage

From source file:org.xipki.commons.security.SecurityFactoryImpl.java

License:Open Source License

@Override
public boolean verifyPopo(final PKCS10CertificationRequest csr, final AlgorithmValidator algoValidator) {
    if (algoValidator != null) {
        AlgorithmIdentifier algId = csr.getSignatureAlgorithm();
        if (!algoValidator.isAlgorithmPermitted(algId)) {
            String algoName;/*w ww .j  a  v a2s.co  m*/
            try {
                algoName = AlgorithmUtil.getSignatureAlgoName(algId);
            } catch (NoSuchAlgorithmException ex) {
                algoName = algId.getAlgorithm().getId();
            }

            LOG.error("POPO signature algorithm {} not permitted", algoName);
            return false;
        }
    }

    try {
        SubjectPublicKeyInfo pkInfo = csr.getSubjectPublicKeyInfo();
        PublicKey pk = KeyUtil.generatePublicKey(pkInfo);
        ContentVerifierProvider cvp = getContentVerifierProvider(pk);
        return csr.isSignatureValid(cvp);
    } catch (InvalidKeyException | PKCSException | NoSuchAlgorithmException | InvalidKeySpecException ex) {
        LogUtil.error(LOG, ex, "could not validate POPO of CSR");
        return false;
    }
}