/// <summary> /// Verifies whether or not the JAR file is signed. /// </summary> /// <returns>True if the JAR file is signed, false otherwise.</returns> public bool IsSigned() { // If there are no signature files or a manifest then don't bother doing anything further. if (!(HasSignatureFile && HasManifestFile)) { JarError.AddError(JarResources.MissingSignatureOrManifestFile); return(false); } // Verify the file based on the spec at https://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html // // STEP 1: Verify the signature over the signature file when the manifest is first parsed. For // efficiency, this verification can be remembered. Note that this verification only validates // the signature directions themselves, not the actual archive files. // // Note: There can be multiple signature (.SF) files, e.g. as new files are added to the archive after it was signed. if (!SignatureFiles.All(sf => sf.VerifySignature())) { return(false); } // STEP 2: If an x-Digest-Manifest attribute exists in the signature file, verify the value against a digest calculated // over the entire manifest. If more than one x-Digest-Manifest attribute exists in the signature file, // verify that at least one of them matches the calculated digest value. // Get all the signature files that failed to verify the x-Digest-Manifest attributes IEnumerable <JarSignatureFile> signatureFilesFailedVerifyDigestManifest = from sf in SignatureFiles where !sf.VerifyDigestManifest(Manifest) select sf; if (signatureFilesFailedVerifyDigestManifest.Count() > 0) { // STEP 3: If an x-Digest-Manifest attribute does not exist in the signature file or none of the digest values calculated // in the previous step match, then a less optimized verification is performed: // * If an x-Digest-Manifest-Main-Attributes entry exists in the signature file, verify the value against // a digest calculated over the main attributes in the manifest file. If this calculation fails, then JAR // file verification fails. This decision can be remembered for efficiency. If an x-Digest-Manifest-Main-Attributes // entry does not exist in the signature file, its nonexistence does not affect JAR file verification and the // manifest main attributes are not verified. // * Verify the digest value in each source file information section in the signature file against a digest value // calculated against the corresponding entry in the manifest file. If any of the digest values don't match, then // JAR file verification fails. if (!signatureFilesFailedVerifyDigestManifest.All(sf => sf.VerifyDigestManifestMain(Manifest))) { return(false); } } // STEP 4: For each entry in the manifest, verify the digest value in the manifest file against // a digest calculated over the actual data referenced in the "Name:" attribute, which // specifies either a relative file path or URL. If any of the digest values don't match, // then JAR file verification fails. if (!Manifest.VerifyManifestEntries()) { return(false); } return(true); }
public void BrowseForSignatureFile() { var openFileDialog = new OpenFileDialog() { DefaultExt = ".p7s", Filter = "CADES signature files (.p7s)|*.p7s", Multiselect = true }; if (openFileDialog.ShowDialog() == true) { foreach (var file in openFileDialog.FileNames) { if (!SignatureFiles.Contains(file)) { SignatureFiles.Add(file); } } } }
public void ClearSignatureFiles() { SignatureFiles.Clear(); }