/// <summary> /// Verify all signatures in the JAR /// </summary> /// <param name="jar">JAR to verify</param> /// <param name="centralManifest">the main MANIFEST.MF</param> /// <param name="signatures">the set of signatures to verify</param> /// <param name="certificates">the set of permitted certificates we verify against</param> /// <returns>true if all signatures verify as valid - otherwise false</returns> public bool Verify( IJar jar, ManifestData centralManifest, List <Signature> signatures, IVerificationCertificates certificates) { if (jar == null) { throw new ArgumentNullException(nameof(jar)); } if (centralManifest == null) { throw new ArgumentNullException(nameof(centralManifest)); } if (certificates == null) { throw new ArgumentNullException(nameof(certificates)); } if (!signatures.Any()) { return(false); } foreach (Signature sig in signatures) { ManifestData signFile = _loader.Load(jar, sig.ManifestPath); Log.Message($"Signature {sig.BaseName} @ {sig.ManifestPath} with block {sig.Block.Path} type {sig.Block.Type}"); // Sign file hash mismatch if (!VerifyManifestHashes(centralManifest, signFile)) { return(false); } // Ensure we actually have a certificate to verify against if (!certificates.Contains(sig.BaseName)) { throw new MissingCertificateException($"Signature with base name {sig.BaseName} must have a matching certificate " + $"supplied in order to verify"); } } return(signatures.All(s => VerifyPKCS7(jar, s, certificates.Get(s.BaseName)))); }
public void Init(FmsOptions options) { string manifestUrl = ""; if (options.JSONParser == null) { throw new CMSException("JSON parser implementation is required."); } Debug.Log("JSON parser: " + options.JSONParser.GetDescription()); switch (options.Mode) { case FmsMode.Versioned: manifestUrl = $"{options.BaseURL}manifest/{options.CodeName}/{options.Env.ToString().ToLower()}/{options.ManifestVersion}.json"; manifestLoader = new VersionedFileManifestLoader(options); break; case FmsMode.Passthrough: manifestLoader = new PassthroughFileManifestLoader(); break; } manifestLoader.Load(options, manifestUrl); }