C# (CSharp) StringUtil.AreHashesEqual示例

示例#1

文件： SelfUpdater.cs 项目： fadnavistanmay/azure-pipelines-agent

        private bool HashValidation(string archiveFile)
        {
            if (_hashValidationDisabled)
            {
                Trace.Info($"Agent package hash validation disabled, so skipping it");
                return(true);
            }

            // DownloadUrl for offline agent update is started from Url of ADO On-Premises
            // DownloadUrl for online agent update is started from Url of feed with agent packages
            bool isOfflineUpdate = _targetPackage.DownloadUrl.StartsWith(_serverUrl);

            if (isOfflineUpdate)
            {
                Trace.Info($"Skipping checksum validation for offline agent update");
                return(true);
            }

            if (string.IsNullOrEmpty(_targetPackage.HashValue))
            {
                Trace.Warning($"Unable to perform the necessary checksum validation since the target package hash is missed");
                return(false);
            }

            string expectedHash = _targetPackage.HashValue;
            string actualHash   = IOUtil.GetFileHash(archiveFile);
            bool   hashesMatch  = StringUtil.AreHashesEqual(actualHash, expectedHash);

            if (hashesMatch)
            {
                Trace.Info($"Checksum validation succeeded");
                return(true);
            }

            // A hash mismatch can occur in two cases:
            // 1) The archive is compromised
            // 2) The archive was not fully downloaded or was damaged during downloading
            // There is no way to determine the case so we just return false in both cases (without throwing an exception)
            Trace.Warning($"Checksum validation failed\n  Expected hash: '{expectedHash}'\n  Actual hash: '{actualHash}'");
            return(false);
        }

示例#2

文件： SelfUpdater.cs 项目： mjroghelia/azure-pipelines-agent

        private async Task <bool> HashValidation(string archiveFile)
        {
            if (_hashValidationDisabled)
            {
                Trace.Info($"Agent package hash validation disabled, so skipping it");
                return(true);
            }

            bool isHostedServer = await _serverUtil.IsDeploymentTypeHosted(_serverUrl, _creds, _locationServer);

            if (!isHostedServer)
            {
                Trace.Info($"Skipping checksum validation for On-Premises solution");
                return(true);
            }

            if (string.IsNullOrEmpty(_targetPackage.HashValue))
            {
                Trace.Warning($"Unable to perform the necessary checksum validation since the target package hash is missed");
                return(false);
            }

            string expectedHash = _targetPackage.HashValue;
            string actualHash   = IOUtil.GetFileHash(archiveFile);
            bool   hashesMatch  = StringUtil.AreHashesEqual(actualHash, expectedHash);

            if (hashesMatch)
            {
                Trace.Info($"Checksum validation succeeded");
                return(true);
            }

            // A hash mismatch can occur in two cases:
            // 1) The archive is compromised
            // 2) The archive was not fully downloaded or was damaged during downloading
            // There is no way to determine the case so we just return false in both cases (without throwing an exception)
            Trace.Warning($"Checksum validation failed\n  Expected hash: '{expectedHash}'\n  Actual hash: '{actualHash}'");
            return(false);
        }