private SignatureVerificationStatus VerifyRepositorySignature( Signature signature, X509Certificate2Collection certificates) { var settings = new SignatureVerifySettings( treatIssuesAsErrors: !_settings.AllowIllegal, allowUntrustedRoot: _settings.AllowUntrusted, allowUnknownRevocation: _settings.AllowUnknownRevocation, logOnSignatureExpired: false); var issues = new List <SignatureLog>(); Timestamp timestamp = null; if (!_settings.AllowIgnoreTimestamp && !signature.TryGetValidTimestamp( _settings, _fingerprintAlgorithm, issues, out var verificationFlags, out timestamp)) { return(VerificationUtility.GetSignatureVerificationStatus(verificationFlags)); } var summary = signature.Verify( timestamp, settings, _fingerprintAlgorithm, certificates, issues); return(summary.Status); }
private SignatureVerificationSummary VerifyValidityAndTrust( Signature signature, SignedPackageVerifierSettings verifierSettings, SignatureVerifySettings settings, X509Certificate2Collection certificateExtraStore) { Timestamp timestamp; var timestampSummary = GetTimestamp(signature, verifierSettings, out timestamp); var status = signature.Verify( timestamp, settings, _fingerprintAlgorithm, certificateExtraStore); if (timestampSummary.Status != SignatureVerificationStatus.Valid && !verifierSettings.AllowIgnoreTimestamp) { return(new SignatureVerificationSummary( signature.Type, SignatureVerificationStatus.Disallowed, SignatureVerificationStatusFlags.NoValidTimestamp, status.Issues.Concat(timestampSummary.Issues))); } return(new SignatureVerificationSummary( status.SignatureType, status.Status, status.Flags, status.Timestamp, status.ExpirationTime, status.Issues.Concat(timestampSummary.Issues))); }
private SignatureVerificationSummary VerifyValidityAndTrust( Signature signature, SignedPackageVerifierSettings verifierSettings, SignatureVerifySettings settings, X509Certificate2Collection certificateExtraStore, List <SignatureLog> issues) { var timestampIssues = new List <SignatureLog>(); if (!signature.TryGetValidTimestamp(verifierSettings, _fingerprintAlgorithm, timestampIssues, out var verificationFlags, out var validTimestamp) && !verifierSettings.AllowIgnoreTimestamp) { issues.AddRange(timestampIssues); return(null); } var status = signature.Verify( validTimestamp, settings, _fingerprintAlgorithm, certificateExtraStore, issues); issues.AddRange(timestampIssues); return(status); }