public void DenyUpdateIfMissingFileHashButSignatureIsOK() { const string NauUpdateFeed = @"<?xml version=""1.0"" encoding=""utf-8""?> <Feed RSASignature=""hR07W9TZjOQjx4U8FPRIzifGubDvGXmOjVII6+0LGpw1FrIa71ZpcAz//5+8ntHXwErngZn9dvYg0MzkSNPlVOn9lAcU0n2Axqbn9lQcw7RWLQsuvlQR+UqQMa02Qv807MfqupxER4X0Buf/psPN2EHxr2fvUXy5tjryt1FO2J4=""> <Title>My application</Title> <Link>http://myapp.com/</Link> <Tasks> <FileUpdateTask localPath=""test.dll"" updateTo=""remoteFile.dll"" hotswap=""true""> <Description>update details</Description> </FileUpdateTask> </Tasks> </Feed>"; var reader = new NAppUpdate.Framework.FeedReaders.NauXmlFeedReaderSigned(); reader.PublicKeys = new string[] { "<RSAKeyValue><Modulus>vFdzuQ3iuR606jKt2UrP4QIKY+w6lsnKtbBDiYstFQy9PxrOAOeVyGBThrrrtc3Hyq2F47P+0y1GRT81LiFdL1O1S/82Lw8F5s49/SDEF87SYJZHLgeGKHWipGurIgeKrSuWHvil1iDI2dZpu6LExjRUsXyRjKDqVOhri+HcLEc=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>" }; IList <IUpdateTask> updates = reader.Read(NauUpdateFeed); Assert.IsTrue(updates != null || updates.Count == 0); }
public void DenyUpdateIfNoValidSignature() { const string NauUpdateFeed = @"<?xml version=""1.0"" encoding=""utf-8""?> <Feed signature2048=""asdf""> <Title>My application</Title> <Link>http://myapp.com/</Link> <Tasks> <FileUpdateTask localPath=""test.dll"" updateTo=""remoteFile.dll"" hotswap=""true""> <Description>update details</Description> </FileUpdateTask> </Tasks> </Feed>"; var reader = new NAppUpdate.Framework.FeedReaders.NauXmlFeedReaderSigned(); reader.PublicKeys = new string[] { "<RSAKeyValue><Modulus>w+T4nWr2hZS4oo2BAJx66NbbGQAQQgxNYWOw+Tl2cICbX2W1kmoWah/wdF2qG4pxEcgOlbsi06Pel1dUI0PSWMSvQq4xsjkHnPoauY/h0Ydb+0dLlocJcbYYCq1iCJSDK3u86tDhhqtb61cvLketFpIUhnnGE6Z6cO6rLouFk18=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>" }; IList <IUpdateTask> updates = reader.Read(NauUpdateFeed); Assert.IsTrue(updates != null || updates.Count == 0); }
public void AllowUpdateForUnsignedRegistryTask() { const string NauUpdateFeed = @"<?xml version=""1.0"" encoding=""utf-8""?> <Feed RSASignature=""SIGNATURE""> <Title>My application</Title> <Link>http://myapp.com/</Link> <Tasks> <FileUpdateTask sha256-checksum=""invalidhashButWeCanNotKnowThatNow"" localPath=""test.dll"" updateTo=""remoteFile.dll"" hotswap=""true""> <Description>update details</Description> </FileUpdateTask> <RegistryTask keyName=""asdf"" keyValue=""zsdfgafsdg"" valueKind=""String""> </RegistryTask> </Tasks> </Feed>"; XmlDocument doc = new XmlDocument(); doc.LoadXml(NauUpdateFeed); // Support for different feed versions XmlNode root = doc.SelectSingleNode(@"/Feed[version=""1.0""] | /Feed") ?? doc; SHA512Managed sha = new SHA512Managed(); var hash = sha.ComputeHash(Encoding.UTF8.GetBytes(root.InnerXml)); RSACryptoServiceProvider provider = new RSACryptoServiceProvider(1024); provider.PersistKeyInCsp = false; var pubKey = provider.ToXmlString(false); var sigBytes = provider.SignHash(hash, "sha512"); var sig = Convert.ToBase64String(sigBytes); var update = NauUpdateFeed.Replace("SIGNATURE", sig); bool isVerified = provider.VerifyHash(hash, "sha512", Convert.FromBase64String(sig)); Assert.IsTrue(isVerified); var reader = new NAppUpdate.Framework.FeedReaders.NauXmlFeedReaderSigned(); reader.PublicKeys = new string[] { pubKey }; IList <IUpdateTask> updates = reader.Read(update); Assert.IsTrue(updates != null && updates.Count == 2); }
public void AllowUpdateIfIDontRequireChecksum() { const string NauUpdateFeed = @"<?xml version=""1.0"" encoding=""utf-8""?> <Feed RSASignature=""SIGNATURE""> <Title>My application</Title> <Link>http://myapp.com/</Link> <Tasks> <FileUpdateTask sha256-checksum=""invalidhashButWeCanNotKnowThatNow"" localPath=""test.dll"" updateTo=""remoteFile.dll"" hotswap=""true""> <Description>update details</Description> </FileUpdateTask> <RegistryTask keyName=""asdf"" keyValue=""zsdfgafsdg"" valueKind=""String""> </RegistryTask> </Tasks> </Feed>"; XmlDocument doc = new XmlDocument(); doc.LoadXml(NauUpdateFeed); // Support for different feed versions XmlNode root = doc.SelectSingleNode(@"/Feed[version=""1.0""] | /Feed") ?? doc; SHA512Managed sha = new SHA512Managed(); var hash = sha.ComputeHash(Encoding.UTF8.GetBytes(root.InnerXml)); RSACryptoServiceProvider provider = new RSACryptoServiceProvider(1024); provider.PersistKeyInCsp = false; var pubKey = provider.ToXmlString(false); var sigBytes = provider.SignHash(hash, "sha512"); var sig = Convert.ToBase64String(sigBytes); var update = NauUpdateFeed.Replace("SIGNATURE", sig); bool isVerified = provider.VerifyHash(hash, "sha512", Convert.FromBase64String(sig)); Assert.IsTrue(isVerified); var reader = new NAppUpdate.Framework.FeedReaders.NauXmlFeedReaderSigned(); reader.PublicKeys = new string[] { pubKey }; IList<IUpdateTask> updates = reader.Read(update); Assert.IsTrue(updates != null && updates.Count == 2); }
public void DenyUpdateIfNoValidSignature() { const string NauUpdateFeed = @"<?xml version=""1.0"" encoding=""utf-8""?> <Feed signature2048=""asdf""> <Title>My application</Title> <Link>http://myapp.com/</Link> <Tasks> <FileUpdateTask localPath=""test.dll"" updateTo=""remoteFile.dll"" hotswap=""true""> <Description>update details</Description> </FileUpdateTask> </Tasks> </Feed>"; var reader = new NAppUpdate.Framework.FeedReaders.NauXmlFeedReaderSigned(); reader.PublicKeys = new string[] { "<RSAKeyValue><Modulus>w+T4nWr2hZS4oo2BAJx66NbbGQAQQgxNYWOw+Tl2cICbX2W1kmoWah/wdF2qG4pxEcgOlbsi06Pel1dUI0PSWMSvQq4xsjkHnPoauY/h0Ydb+0dLlocJcbYYCq1iCJSDK3u86tDhhqtb61cvLketFpIUhnnGE6Z6cO6rLouFk18=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>" }; IList<IUpdateTask> updates = reader.Read(NauUpdateFeed); Assert.IsTrue(updates != null || updates.Count == 0); }
public void DenyUpdateIfMissingHashButSignatureIsOK() { const string NauUpdateFeed = @"<?xml version=""1.0"" encoding=""utf-8""?> <Feed RSASignature=""hR07W9TZjOQjx4U8FPRIzifGubDvGXmOjVII6+0LGpw1FrIa71ZpcAz//5+8ntHXwErngZn9dvYg0MzkSNPlVOn9lAcU0n2Axqbn9lQcw7RWLQsuvlQR+UqQMa02Qv807MfqupxER4X0Buf/psPN2EHxr2fvUXy5tjryt1FO2J4=""> <Title>My application</Title> <Link>http://myapp.com/</Link> <Tasks> <FileUpdateTask localPath=""test.dll"" updateTo=""remoteFile.dll"" hotswap=""true""> <Description>update details</Description> </FileUpdateTask> </Tasks> </Feed>"; //XmlDocument doc = new XmlDocument(); //doc.LoadXml(NauUpdateFeed); //// Support for different feed versions //XmlNode root = doc.SelectSingleNode(@"/Feed[version=""1.0""] | /Feed") ?? doc; //SHA512Managed sha = new SHA512Managed(); //var hash = sha.ComputeHash(Encoding.UTF8.GetBytes(root.InnerXml)); //RSACryptoServiceProvider provider = new RSACryptoServiceProvider(1024); //provider.PersistKeyInCsp = false; //var pubKey = provider.ToXmlString(false); //var sigBytes = provider.SignHash(hash, "sha512"); //var sig = Convert.ToBase64String(sigBytes); //bool isVerified = provider.VerifyHash(hash, "sha512", Convert.FromBase64String(sig)); var reader = new NAppUpdate.Framework.FeedReaders.NauXmlFeedReaderSigned(); reader.PublicKeys = new string[] { "<RSAKeyValue><Modulus>vFdzuQ3iuR606jKt2UrP4QIKY+w6lsnKtbBDiYstFQy9PxrOAOeVyGBThrrrtc3Hyq2F47P+0y1GRT81LiFdL1O1S/82Lw8F5s49/SDEF87SYJZHLgeGKHWipGurIgeKrSuWHvil1iDI2dZpu6LExjRUsXyRjKDqVOhri+HcLEc=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>" }; IList<IUpdateTask> updates = reader.Read(NauUpdateFeed); Assert.IsTrue(updates != null || updates.Count == 0); }