checkCsrSignature static method

bool checkCsrSignature(String pem)

Checks the signature of the given CSR if it matches the content of the CSR.

Implementation

static bool checkCsrSignature(String pem) {
  var data = csrFromPem(pem);
  var result = false;
  var algorithm = _getAlgorithmFromOi(data.signatureAlgorithmReadableName!);
  if (algorithm.contains('PSS')) {
    var publicKey = CryptoUtils.rsaPublicKeyFromDERBytes(
        _stringAsBytes(data.certificationRequestInfo!.publicKeyInfo!.bytes!));
    result = CryptoUtils.rsaPssVerify(
      publicKey,
      base64.decode(data.certificationRequestInfoSeq!),
      _stringAsBytes(data.signature!),
      data.saltLength!,
      algorithm: data.pssDigest! + '/PSS',
    );
  } else if (algorithm.contains('RSA')) {
    var publicKey = CryptoUtils.rsaPublicKeyFromDERBytes(
        _stringAsBytes(data.certificationRequestInfo!.publicKeyInfo!.bytes!));
    result = CryptoUtils.rsaVerify(
      publicKey,
      base64.decode(data.certificationRequestInfoSeq!),
      _stringAsBytes(data.signature!),
      algorithm: algorithm,
    );
  } else {
    var publicKey = CryptoUtils.ecPublicKeyFromDerBytes(
        _stringAsBytes(data.certificationRequestInfo!.publicKeyInfo!.bytes!));
    var sigBytes = _stringAsBytes(data.signature!);
    if (sigBytes.first == 0) {
      sigBytes = sigBytes.sublist(1);
    }
    result = CryptoUtils.ecVerify(
      publicKey,
      base64.decode(data.certificationRequestInfoSeq!),
      CryptoUtils.ecSignatureFromDerBytes(
        sigBytes,
      ),
      algorithm: algorithm,
    );
  }
  return result;
}