public void SignFile(string inputFileName, X509Certificate2 certificate, string timestampServer,
SignFileRequest signFileRequest, SignFileResponse signFileResponse)
{
SignFileResponseResult successResult = SignFileResponseResult.FileSigned;
if (IsFileSigned(inputFileName))
{
if (signFileRequest.OverwriteSignature)
{
UnsignFile(inputFileName);
successResult = SignFileResponseResult.FileResigned;
}
else
{
signFileResponse.Result = SignFileResponseResult.FileAlreadySigned;
return;
}
}
SecurityUtilities.SignFile(certificate, new Uri(timestampServer), inputFileName);
signFileResponse.Result = successResult;
signFileResponse.FileContent = new FileStream(inputFileName, FileMode.Open, FileAccess.Read);
signFileResponse.FileSize = signFileResponse.FileContent.Length;
}
public void SignFile(string inputFileName, X509Certificate2 certificate, string timestampServer,
SignFileRequest signFileRequest, SignFileResponse signFileResponse)
{
SignFileResponseResult successResult = SignFileResponseResult.FileSigned;
if (IsFileSigned(inputFileName))
{
if (signFileRequest.OverwriteSignature)
{
successResult = SignFileResponseResult.FileResigned;
}
else
{
signFileResponse.Result = SignFileResponseResult.FileAlreadySigned;
return;
}
}
var outputFileName = inputFileName + ".signed";
try
{
if (string.IsNullOrEmpty(signFileRequest.HashAlgorithm) || !ApkSupportedHashAlgorithms.TryGetValue(signFileRequest.HashAlgorithm, out var digestAlgorithm))
{
digestAlgorithm = null;
}
var isV2SigningEnabled =
".apk".Equals(Path.GetExtension(inputFileName), StringComparison.InvariantCultureIgnoreCase) && // v2 only for APKs not for JARs
(digestAlgorithm == null || !digestAlgorithm.Equals(DigestAlgorithm.SHA1)) // v2 signing requires SHA256 or SHA512
;
var apkSigner = new ApkSigner(certificate, inputFileName, outputFileName)
{
V1SigningEnabled = true,
V2SigningEnabled = isV2SigningEnabled,
DigestAlgorithm = digestAlgorithm
};
apkSigner.Sign();
File.Delete(inputFileName);
File.Move(outputFileName, inputFileName);
signFileResponse.Result = successResult;
signFileResponse.FileContent = new FileStream(inputFileName, FileMode.Open, FileAccess.Read);
signFileResponse.FileSize = signFileResponse.FileContent.Length;
}
catch
{
if (File.Exists(outputFileName))
{
File.Delete(outputFileName);
}
throw;
}
}
public void SignFile(string inputFileName, X509Certificate2 certificate, string timestampServer,
SignFileRequest signFileRequest, SignFileResponse signFileResponse)
{
SignFileResponseResult successResult = SignFileResponseResult.FileSigned;
if (IsFileSigned(inputFileName))
{
if (signFileRequest.OverwriteSignature)
{
UnsignFile(inputFileName);
successResult = SignFileResponseResult.FileResigned;
}
else
{
signFileResponse.Result = SignFileResponseResult.FileAlreadySigned;
signFileResponse.FileContent = null;
return;
}
}
var outputFileName = inputFileName + ".signed";
try
{
HashAlgorithmInfo hashAlgorithmInfo;
if (!ApkSupportedHashAlgorithms.TryGetValue(signFileRequest.HashAlgorithm ?? DefaultHashAlgorithm, out hashAlgorithmInfo))
{
hashAlgorithmInfo = ApkSupportedHashAlgorithms[DefaultHashAlgorithm];
}
using (var inputJar = new ZipFile(inputFileName))
{
using (var outputJar = ZipFile.Create(outputFileName))
{
outputJar.BeginUpdate();
var manifest = CreateSignedManifest(inputJar, outputJar, hashAlgorithmInfo);
var signatureFile = CreateSignatureFile(outputJar, manifest, hashAlgorithmInfo);
CreateSignatureBlockFile(outputJar, certificate, signatureFile, timestampServer);
outputJar.CommitUpdate();
outputJar.BeginUpdate();
foreach (var entry in inputJar.OfType <ZipEntry>())
{
if (entry.IsDirectory)
{
outputJar.AddDirectory(entry.Name);
}
else if (outputJar.FindEntry(entry.Name, true) == -1)
{
Log.Trace($"Cloning file ${entry.Name} into new zip");
outputJar.Add(new ZipEntryDataSource(inputJar, entry), entry.Name);
}
}
outputJar.CommitUpdate();
outputJar.Close();
}
}
File.Delete(inputFileName);
File.Move(outputFileName, inputFileName);
signFileResponse.Result = successResult;
signFileResponse.FileContent = new FileStream(inputFileName, FileMode.Open, FileAccess.Read);
signFileResponse.FileSize = signFileResponse.FileContent.Length;
}
catch
{
if (File.Exists(outputFileName))
{
File.Delete(outputFileName);
}
throw;
}
}
