/// <summary>
/// Verifies each individual entry's x-Digest against the computed digest of the individual section of the entry in
/// the manifest.
/// </summary>
/// <param name="manifestFile">The manifest file to use when computing individual digests.</param>
/// <returns>true if verifications was successful, false otherwise.</returns>
public bool VerifySignatureSourceFileDigests(JarManifestFile manifestFile)
{
foreach (JarIndividualEntry signatureFileEntry in IndividualSection)
{
JarIndividualEntry manifestFileEntry = manifestFile.IndividualSection.FirstOrDefault(
i => String.Equals(i.Name, signatureFileEntry.Name));
if (manifestFileEntry != null)
{
string computedDigest = JarUtils.GetHashDigest(manifestFileEntry.RawText, signatureFileEntry.HashAlgorithmName);
if (!String.Equals(computedDigest, signatureFileEntry.DigestValue))
{
JarError.AddError(String.Format(JarResources.SignatureFileEntryDigestMismatch, signatureFileEntry.Name, SignatureFilePath, computedDigest, signatureFileEntry.DigestValue));
return(false);
}
}
else
{
// Signature file contains an entry that's not present in the MANIFEST.MF file
JarError.AddError(String.Format(JarResources.MissingManifestEntry, signatureFileEntry.Name, SignatureFilePath));
return(false);
}
}
// If we make it out of the loop we're all good
return(true);
}
private bool Verify(JarIndividualEntry entry, ZipArchiveEntry archiveEntry)
{
using (Stream stream = archiveEntry.Open())
{
HashAlgorithm ha = HashAlgorithm.Create(entry.HashAlgorithmName);
byte[] computedHash = ha.ComputeHash(stream);
string hashDigest = Convert.ToBase64String(computedHash);
// Compare the computed hash digest against the value provided in the manifest file.
if (!String.Equals(entry.DigestValue, hashDigest))
{
JarError.AddError(String.Format(JarResources.ManifestEntryDigestMismatch, entry.Name, entry.DigestValue, hashDigest));
return(false);
}
return(true);
}
}