/// <summary>
/// Validates that the given stream is marked as signed, the signature matches
/// the public key, and the header checksum is correct.
/// </summary>
public static bool IsStreamFullSigned(Stream moduleContents)
{
var savedPosition = moduleContents.Position;
try
{
moduleContents.Position = 0;
var peHeaders = new PEHeaders(moduleContents);
moduleContents.Position = 0;
using (var metadata = ModuleMetadata.CreateFromStream(moduleContents, leaveOpen: true))
{
var metadataReader = metadata.MetadataReader;
var peReader = metadata.Module.PEReaderOpt;
var flags = peHeaders.CorHeader.Flags;
if (CorFlags.StrongNameSigned != (flags & CorFlags.StrongNameSigned))
{
return(false);
}
var snDirectory = peReader.PEHeaders.CorHeader.StrongNameSignatureDirectory;
if (!peHeaders.TryGetDirectoryOffset(snDirectory, out int snOffset))
{
return(false);
}
moduleContents.Position = 0;
int peSize;
try
{
peSize = checked ((int)moduleContents.Length);
}
catch
{
return(false);
}
var peImage = new BlobBuilder(peSize);
if (peSize != peImage.TryWriteBytes(moduleContents, peSize))
{
return(false);
}
byte[] buffer = GetBlobBuffer(peImage.GetBlobs().Single());
uint expectedChecksum = peHeaders.PEHeader.CheckSum;
Blob checksumBlob = MakeBlob(buffer, peHeaders.PEHeaderStartOffset + ChecksumOffset, sizeof(uint));
if (expectedChecksum != PeWriter.CalculateChecksum(peImage, checksumBlob))
{
return(false);
}
int snSize = snDirectory.Size;
byte[] hash = ComputeSigningHash(peImage, peHeaders, checksumBlob, snOffset, snSize);
ImmutableArray <byte> publicKeyBlob = metadataReader.GetBlobContent(metadataReader.GetAssemblyDefinition().PublicKey);
// RSA parameters start after the public key offset
byte[] publicKeyParams = new byte[publicKeyBlob.Length - CryptoBlobParser.s_publicKeyHeaderSize];
publicKeyBlob.CopyTo(CryptoBlobParser.s_publicKeyHeaderSize, publicKeyParams, 0, publicKeyParams.Length);
var snKey = publicKeyParams.ToRSAParameters(includePrivateParameters: false);
using (var rsa = RSA.Create())
{
rsa.ImportParameters(snKey);
var reversedSignature = peReader.GetSectionData(snDirectory.RelativeVirtualAddress).GetContent(0, snSize).ToArray();
// Unknown why the signature is reversed, but this matches the behavior of the CLR
// signing implementation.
Array.Reverse(reversedSignature);
if (!rsa.VerifyHash(hash, reversedSignature, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1))
{
return(false);
}
}
return(true);
}
}
finally
{
moduleContents.Position = savedPosition;
}
}