private SignatureVerificationStatus VerifyRepositorySignature(
Signature signature,
X509Certificate2Collection certificates)
{
var settings = new SignatureVerifySettings(
treatIssuesAsErrors: !_settings.AllowIllegal,
allowUntrustedRoot: _settings.AllowUntrusted,
allowUnknownRevocation: _settings.AllowUnknownRevocation,
logOnSignatureExpired: false);
var issues = new List <SignatureLog>();
Timestamp timestamp = null;
if (!_settings.AllowIgnoreTimestamp &&
!signature.TryGetValidTimestamp(
_settings,
_fingerprintAlgorithm,
issues,
out var verificationFlags,
out timestamp))
{
return(VerificationUtility.GetSignatureVerificationStatus(verificationFlags));
}
var summary = signature.Verify(
timestamp,
settings,
_fingerprintAlgorithm,
certificates,
issues);
return(summary.Status);
}
private SignatureVerificationSummary VerifyValidityAndTrust(
Signature signature,
SignedPackageVerifierSettings verifierSettings,
SignatureVerifySettings settings,
X509Certificate2Collection certificateExtraStore)
{
Timestamp timestamp;
var timestampSummary = GetTimestamp(signature, verifierSettings, out timestamp);
var status = signature.Verify(
timestamp,
settings,
_fingerprintAlgorithm,
certificateExtraStore);
if (timestampSummary.Status != SignatureVerificationStatus.Valid && !verifierSettings.AllowIgnoreTimestamp)
{
return(new SignatureVerificationSummary(
signature.Type,
SignatureVerificationStatus.Disallowed,
SignatureVerificationStatusFlags.NoValidTimestamp,
status.Issues.Concat(timestampSummary.Issues)));
}
return(new SignatureVerificationSummary(
status.SignatureType,
status.Status,
status.Flags,
status.Timestamp,
status.ExpirationTime,
status.Issues.Concat(timestampSummary.Issues)));
}
private SignatureVerificationSummary VerifyValidityAndTrust(
Signature signature,
SignedPackageVerifierSettings verifierSettings,
SignatureVerifySettings settings,
X509Certificate2Collection certificateExtraStore,
List <SignatureLog> issues)
{
var timestampIssues = new List <SignatureLog>();
if (!signature.TryGetValidTimestamp(verifierSettings, _fingerprintAlgorithm, timestampIssues, out var verificationFlags, out var validTimestamp) && !verifierSettings.AllowIgnoreTimestamp)
{
issues.AddRange(timestampIssues);
return(null);
}
var status = signature.Verify(
validTimestamp,
settings,
_fingerprintAlgorithm,
certificateExtraStore,
issues);
issues.AddRange(timestampIssues);
return(status);
}