Example #1
0
/// Check if signing certificate was issued by trusted party.
/// @throws SignatureException on a problem with signing certificate
void digidoc::SignatureBES::checkSigningCertificate() const throw(SignatureException)
{
    try
    {
        X509Cert signingCert = getSigningCertificate();
        std::vector<digidoc::X509Cert::KeyUsage> usage = signingCert.getKeyUsage();
        if( find( usage.begin(), usage.end(), digidoc::X509Cert::NonRepudiation ) == usage.end() )
            THROW_SIGNATUREEXCEPTION("Signing certificate does not contain NonRepudiation key usage flag %s", signingCert.getSubject().c_str());
        if( signingCert.verify() <= 0 )
            THROW_SIGNATUREEXCEPTION("Unable to verify signing certificate %s", signingCert.getSubject().c_str());
    }
    catch( const IOException &e )
    {
        THROW_SIGNATUREEXCEPTION_CAUSE( e, "Unable to verify signing certificate" );
    }
}
Example #2
0
/// Check if signing certificate was issued by trusted party.
/// @throws SignatureException on a problem with signing certificate
void digidoc::SignatureBES::checkSigningCertificate() const throw(SignatureException)
{
    X509Cert signingCert = getSigningCertificate();

    bool valid = false;
    try
    {
        valid = signingCert.verify();
    }
    catch( const IOException &e )
    {
        THROW_SIGNATUREEXCEPTION_CAUSE( e, "Unable to verify signing certificate" );
    }
    if(!valid)
    {
        THROW_SIGNATUREEXCEPTION("Unable to verify signing certificate %s", signingCert.getSubject().c_str());
    }
}
Example #3
0
void bdoc::Signature::checkSigningCertificate(bdoc::X509CertStore *store) const
{
    X509Cert signingCert = getSigningCertificate();

    if (store == NULL) {
        THROW_STACK_EXCEPTION(
            "Unable to verify signing certificate %s",
            signingCert.getSubject().c_str());
    }
    X509_STORE *st = NULL;
    st = store->getCertStore();

    int res = signingCert.verify(st);

    X509_STORE_free(st);
    st = NULL;

    if (!res) {
        THROW_STACK_EXCEPTION(
            "Unable to verify signing certificate %s",
            signingCert.getSubject().c_str());
    }

}