Example #1
0
        public void VerifySignOneFileSha1()
        {
            var input = new PgpVerifySignatureInput
            {
                InputFile     = _signature,
                PublicKeyFile = _publicKeyPath,
            };

            PgpVerifySignatureResult resultObject = PgpTasks.VerifyFileSignature(input);

            Assert.That(resultObject.Verified);
        }
        /// <summary>
        /// Verifies a PGP signature. See documentation at https://github.com/CommunityHiQ/Frends.Community.PgpVerifySignature Returns: Object {string FilePath, Boolean Verified}
        /// </summary>
        public static PgpVerifySignatureResult VerifyFileSignature(PgpVerifySignatureInput input)
        {
            using (var inputStream = PgpUtilities.GetDecoderStream(File.OpenRead(input.InputFile)))
                using (var keyStream = PgpUtilities.GetDecoderStream(File.OpenRead(input.PublicKeyFile)))
                {
                    var pgpFact       = new PgpObjectFactory(inputStream);
                    var signatureList = (PgpOnePassSignatureList)pgpFact.NextPgpObject();

                    if (signatureList == null)
                    {
                        throw new Exception("Can't find signature in file.");
                    }

                    var onePassSignature = signatureList[0];



                    var p2      = (PgpLiteralData)pgpFact.NextPgpObject();
                    var dataIn  = p2.GetInputStream();
                    var pgpRing = new PgpPublicKeyRingBundle(keyStream);
                    var key     = pgpRing.GetPublicKey(onePassSignature.KeyId);

                    string outputPath;
                    if (string.IsNullOrWhiteSpace(input.OutputFolder))
                    {
                        outputPath = Path.Combine(Path.GetDirectoryName(input.InputFile) ?? throw new ArgumentNullException(input.InputFile), p2.FileName);
                    }
                    else
                    {
                        outputPath = Path.Combine(input.OutputFolder, p2.FileName);
                    }
                    using (var outputStream = File.Create(outputPath))
                    {
                        onePassSignature.InitVerify(key);

                        int ch;
                        while ((ch = dataIn.ReadByte()) >= 0)
                        {
                            onePassSignature.Update((byte)ch);
                            outputStream.WriteByte((byte)ch);
                        }
                        outputStream.Close();
                    }

                    bool verified;
                    // Will throw Exception if file is altered
                    try
                    {
                        var p3       = (PgpSignatureList)pgpFact.NextPgpObject();
                        var firstSig = p3[0];
                        verified = onePassSignature.Verify(firstSig);
                    }
                    catch (Exception)
                    {
                        var retError = new PgpVerifySignatureResult
                        {
                            FilePath = input.OutputFolder,
                            Verified = false
                        };

                        return(retError);
                    }

                    var ret = new PgpVerifySignatureResult
                    {
                        FilePath = outputPath,
                        Verified = verified
                    };

                    return(ret);
                }
        }