verify method Null safety

Pkcs7SignerInfo verify(
  1. List<X509> trusted
)

Verify the Pkcs7 validity against a list of trusted certificates and returns the validated signature

Implementation

Pkcs7SignerInfo verify(List<X509> trusted) {
  if (contentType.objectIdentifierAsString != Pkcs.signedData) {
    throw Exception(
        'Invalid Pkcs7 message type: ${contentType.objectIdentifierAsString}');
  }

  final certs = certificates.toList();

  // One signature should match
  for (final si in signerInfo) {
    if (si.signatureAlgorithmID.objectIdentifierAsString != Pkcs.RsaesPkcs1) {
      continue;
    }

    try {
      final algo = si.digestAlgorithm;
      final sign = si.signature;
      final message = ASN1Set(
              elements: si.signedAttributes
                  .map((e) => ASN1Sequence(
                        elements: [
                          e.key,
                          ASN1Set(elements: e.value),
                        ],
                      ))
                  .toList())
          .encode();

      for (final cert in certs) {
        if (cert.verifySignature(sign, message, algo)) {
          cert.verifyChain(certs, trusted);
          return si;
        }
      }
    } catch (e) {
      print('Error: $e');
    }
  }

  throw Exception('Unable to validate the message signature');
}