private SignatureVerificationStatus VerifyRepositorySignature(
            Signature signature,
            X509Certificate2Collection certificates)
        {
            var settings = new SignatureVerifySettings(
                treatIssuesAsErrors: !_settings.AllowIllegal,
                allowUntrustedRoot: _settings.AllowUntrusted,
                allowUnknownRevocation: _settings.AllowUnknownRevocation,
                logOnSignatureExpired: false);

            var       issues    = new List <SignatureLog>();
            Timestamp timestamp = null;

            if (!_settings.AllowIgnoreTimestamp &&
                !signature.TryGetValidTimestamp(
                    _settings,
                    _fingerprintAlgorithm,
                    issues,
                    out var verificationFlags,
                    out timestamp))
            {
                return(VerificationUtility.GetSignatureVerificationStatus(verificationFlags));
            }

            var summary = signature.Verify(
                timestamp,
                settings,
                _fingerprintAlgorithm,
                certificates,
                issues);

            return(summary.Status);
        }
        private SignatureVerificationSummary VerifyValidityAndTrust(
            Signature signature,
            SignedPackageVerifierSettings verifierSettings,
            SignatureVerifySettings settings,
            X509Certificate2Collection certificateExtraStore)
        {
            Timestamp timestamp;
            var       timestampSummary = GetTimestamp(signature, verifierSettings, out timestamp);

            var status = signature.Verify(
                timestamp,
                settings,
                _fingerprintAlgorithm,
                certificateExtraStore);

            if (timestampSummary.Status != SignatureVerificationStatus.Valid && !verifierSettings.AllowIgnoreTimestamp)
            {
                return(new SignatureVerificationSummary(
                           signature.Type,
                           SignatureVerificationStatus.Disallowed,
                           SignatureVerificationStatusFlags.NoValidTimestamp,
                           status.Issues.Concat(timestampSummary.Issues)));
            }

            return(new SignatureVerificationSummary(
                       status.SignatureType,
                       status.Status,
                       status.Flags,
                       status.Timestamp,
                       status.ExpirationTime,
                       status.Issues.Concat(timestampSummary.Issues)));
        }
Пример #3
0
        private SignatureVerificationSummary VerifyValidityAndTrust(
            Signature signature,
            SignedPackageVerifierSettings verifierSettings,
            SignatureVerifySettings settings,
            X509Certificate2Collection certificateExtraStore,
            List <SignatureLog> issues)
        {
            var timestampIssues = new List <SignatureLog>();

            if (!signature.TryGetValidTimestamp(verifierSettings, _fingerprintAlgorithm, timestampIssues, out var verificationFlags, out var validTimestamp) && !verifierSettings.AllowIgnoreTimestamp)
            {
                issues.AddRange(timestampIssues);

                return(null);
            }

            var status = signature.Verify(
                validTimestamp,
                settings,
                _fingerprintAlgorithm,
                certificateExtraStore,
                issues);

            issues.AddRange(timestampIssues);

            return(status);
        }