private string HashEntry(ZipFile inputJar, ZipEntry entry, HashAlgorithmInfo hashAlgorithmInfo)
{
using (var s = inputJar.GetInputStream(entry))
{
using (var hasher = hashAlgorithmInfo.HashAlgorithmFactory())
{
hasher.Initialize();
return(Convert.ToBase64String(hasher.ComputeHash(s)));
}
}
}
public static Task <(TimestampResult, byte[])> RequestTimestamp(Uri timestampUri, HashAlgorithmName timestampAlgorithm, TimestampNonce nonce, TimeSpan timeout, byte[] content)
{
var info = new HashAlgorithmInfo(timestampAlgorithm);
byte[] digest;
using (var hash = info.Create())
{
digest = hash.ComputeHash(content);
}
return(SubmitTimestampRequest(timestampUri, info.Oid, nonce, timeout, digest));
}
internal static string ComputeHash(ContentSecurityPolicyInlineExecution hashAlgorithm, string elementContent)
{
HashAlgorithmInfo hashAlgorithmInfo = _hashAlgorithmsInfos[hashAlgorithm];
byte[] elementHashBytes = null;
using (HashAlgorithm hashAlgorithmImplementation = hashAlgorithmInfo.AlgorithmImplementationCreator())
{
elementContent = elementContent.Replace("\r\n", "\n");
elementHashBytes = hashAlgorithmImplementation.ComputeHash(Encoding.UTF8.GetBytes(elementContent));
}
return(hashAlgorithmInfo.SourcePrefix + Convert.ToBase64String(elementHashBytes));
}
private byte[] CreateSignatureFile(ZipFile outputJar, Manifest manifest, HashAlgorithmInfo hashAlgorithmInfo)
{
try
{
Log.Trace("Creating CERT.SF");
var signatureFile = new Manifest();
signatureFile.MainSection.Name = "Signature-Version";
signatureFile.MainSection.Value = "1.0";
signatureFile.MainSection.Add(new ManifestEntry(hashAlgorithmInfo.DigestName + "-Manifest-Main-Attributes", manifest.MainSection.Digest));
signatureFile.MainSection.Add(new ManifestEntry(hashAlgorithmInfo.DigestName + "-Manifest", manifest.Digest));
signatureFile.MainSection.Add(new ManifestEntry("Created-By", CreatedBy));
foreach (var additionalSection in manifest.AdditionalSections)
{
Log.Trace($"creating entry for ${additionalSection.Value.Value}");
var signatureSection = new ManifestSection
{
Name = additionalSection.Value.Name,
Value = additionalSection.Value.Value
};
signatureSection.Add(new ManifestEntry(hashAlgorithmInfo.DigestName, additionalSection.Value.Digest));
signatureFile.AdditionalSections[signatureSection.Value] = signatureSection;
}
var signatureData = new MemoryStream();
signatureFile.Write(signatureData, hashAlgorithmInfo);
var signatureDataRaw = signatureData.ToArray();
outputJar.Add(new StreamDataSource(new MemoryStream(signatureDataRaw)), SignatureName);
Log.Trace("CERT.SF created");
return(signatureDataRaw);
}
catch (Exception e)
{
Log.Error(e, "CERT.SF creation failed");
throw;
}
}
private Manifest CreateSignedManifest(ZipFile inputJar, ZipFile outputJar, HashAlgorithmInfo hashAlgorithmInfo)
{
Log.Trace("Creating MANIFEST.MF");
try
{
var newManifest = new Manifest();
var existingManifest = inputJar.GetEntry(ManifestName);
if (existingManifest != null)
{
Log.Trace("Found existing manifest, importing it");
using (var s = inputJar.GetInputStream(existingManifest))
{
newManifest.Read(s);
}
}
else
{
Log.Trace("No manifest found in jar, create a new one");
newManifest.MainSection.Name = "Manifest-Version";
newManifest.MainSection.Value = "1.0";
newManifest.MainSection.Add(new ManifestEntry("Created-By", CreatedBy));
}
// compute file digests for manifest
foreach (var entry in inputJar.OfType <ZipEntry>())
{
if (IsSignatureRelated(entry))
{
Log.Trace($"creating manifest entry for {entry.Name}");
ManifestSection section;
if (!newManifest.AdditionalSections.TryGetValue(entry.Name, out section))
{
section = new ManifestSection
{
Name = "Name",
Value = entry.Name
};
newManifest.AdditionalSections[section.Value] = section;
}
else
{
// remove existing digest
section.RemoveAll(e => e.Key.EndsWith("-Digest"));
}
section.Add(new ManifestEntry(hashAlgorithmInfo.DigestName, HashEntry(inputJar, entry, hashAlgorithmInfo)));
}
}
var manifestData = new MemoryStream();
newManifest.Write(manifestData, hashAlgorithmInfo);
manifestData.Seek(0, SeekOrigin.Begin);
outputJar.Add(new StreamDataSource(manifestData), ManifestName);
Log.Trace("manifest created");
return(newManifest);
}
catch (Exception e)
{
Log.Error(e, "Manifest creation failed");
throw;
}
}