private static bool TestChecksumAndAuthenticodeSignature(Stream peStream, byte[] privateKeyOpt = null)
{
var peHeaders = new PEHeaders(peStream);
bool is32bit = peHeaders.PEHeader.Magic == PEMagic.PE32;
uint expectedChecksum = peHeaders.PEHeader.CheckSum;
int peHeadersSize = peHeaders.PEHeaderStartOffset + PEHeader.Size(is32bit) + SectionHeader.Size * peHeaders.SectionHeaders.Length;
peStream.Position = 0;
if (expectedChecksum == 0)
{
// not signed
return false;
}
int peSize = (int)peStream.Length;
var peImage = new BlobBuilder(peSize);
Assert.Equal(peSize, peImage.TryWriteBytes(peStream, peSize));
var buffer = peImage.GetBlobs().Single().Buffer;
var checksumBlob = new Blob(buffer, peHeaders.PEHeaderStartOffset + PEHeader.OffsetOfChecksum, sizeof(uint));
uint checksum = PEBuilder.CalculateChecksum(peImage, checksumBlob);
Assert.Equal(expectedChecksum, checksum);
// validate signature:
if (privateKeyOpt != null)
{
// signature is calculated with checksum zeroed:
new BlobWriter(checksumBlob).WriteUInt32(0);
int snOffset;
Assert.True(peHeaders.TryGetDirectoryOffset(peHeaders.CorHeader.StrongNameSignatureDirectory, out snOffset));
var snBlob = new Blob(buffer, snOffset, peHeaders.CorHeader.StrongNameSignatureDirectory.Size);
var expectedSignature = snBlob.GetBytes().ToArray();
var signature = SigningUtilities.CalculateRsaSignature(PEBuilder.GetContentToSign(peImage, peHeadersSize, peHeaders.PEHeader.FileAlignment, snBlob), privateKeyOpt);
AssertEx.Equal(expectedSignature, signature);
}
return true;
}
