Exemplo n.º 1
0
        /// <exception cref="Exception">Thrown when verification fails for any reason</exception>>
        public void VerifySignature()
        {
            using (var certificate = new X509Certificate2(RawCertificate))
            {
                if (!certificate.Verify())
                {
                    throw new Exception(Messages.CERTIFICATE_IS_INVALID);
                }

                // Get the package signature from the certificate file.
                // This is the digest of the first file listed in the certificate file,
                // hence we only need to read the first line
                FileDigest fileDigest;

                using (Stream stream = new MemoryStream(RawCertificate))
                    using (StreamReader reader = new StreamReader(stream))
                    {
                        fileDigest = new FileDigest(reader.ReadLine());
                    }

                // Verify the stored signature against the computed signature using the certificate's public key.
                // Do this independently to minimize the number of files opened concurrently.
                using (Stream stream = new MemoryStream(RawManifest))
                {
                    if (!StreamUtilities.VerifyAgainstDigest(stream, stream.Length, fileDigest.AlgorithmName, fileDigest.Digest, certificate))
                    {
                        throw new Exception(string.Format(Messages.SECURITY_SIGNATURE_FAILED, fileDigest.Name));
                    }
                }
            }
        }
Exemplo n.º 2
0
        public override void VerifyManifest()
        {
            // Verify the presence of a manifest.
            var manifest = Manifest;

            // For a folder package, it is efficient to iterate by the order of files in the manifest.
            foreach (FileDigest fileDigest in manifest)
            {
                using (var stream = File.OpenRead(Path.Combine(_Folder, fileDigest.Name)))
                {
                    if (!StreamUtilities.VerifyAgainstDigest(stream, stream.Length, fileDigest.AlgorithmName, fileDigest.Digest))
                    {
                        throw new Exception(string.Format(Messages.SECURITY_SIGNATURE_FAILED, fileDigest.Name));
                    }
                }
            }
        }
Exemplo n.º 3
0
 public override bool VerifyCurrentFileAgainstDigest(string algorithmName, byte[] digest)
 {
     return(StreamUtilities.VerifyAgainstDigest(tarStream, CurrentFileSize(), algorithmName, digest));
 }