diff options
Diffstat (limited to 'win/CS/HandBrakeWPF/Services/UpdateService.cs')
-rw-r--r-- | win/CS/HandBrakeWPF/Services/UpdateService.cs | 79 |
1 files changed, 54 insertions, 25 deletions
diff --git a/win/CS/HandBrakeWPF/Services/UpdateService.cs b/win/CS/HandBrakeWPF/Services/UpdateService.cs index 732193ac4..e5c97126f 100644 --- a/win/CS/HandBrakeWPF/Services/UpdateService.cs +++ b/win/CS/HandBrakeWPF/Services/UpdateService.cs @@ -10,8 +10,10 @@ namespace HandBrakeWPF.Services
{
using System;
+ using System.Diagnostics;
using System.IO;
using System.Net;
+ using System.Reflection;
using System.Security.Cryptography;
using System.Text;
using System.Threading;
@@ -127,7 +129,7 @@ namespace HandBrakeWPF.Services DownloadFile = reader.DownloadFile,
Build = reader.Build,
Version = reader.Version,
- ExpectedSHA1Hash = reader.Hash
+ Signature = reader.Hash
};
callback(info2);
@@ -145,8 +147,8 @@ namespace HandBrakeWPF.Services /// <param name="url">
/// The url.
/// </param>
- /// <param name="expectedSha1Hash">
- /// The expected Sha 1 Hash.
+ /// <param name="expectedSignature">
+ /// The expected DSA SHA265 Signature
/// </param>
/// <param name="completed">
/// The complete.
@@ -154,7 +156,7 @@ namespace HandBrakeWPF.Services /// <param name="progress">
/// The progress.
/// </param>
- public void DownloadFile(string url, string expectedSha1Hash, Action<DownloadStatus> completed, Action<DownloadStatus> progress)
+ public void DownloadFile(string url, string expectedSignature, Action<DownloadStatus> completed, Action<DownloadStatus> progress)
{
ThreadPool.QueueUserWorkItem(
delegate
@@ -188,13 +190,13 @@ namespace HandBrakeWPF.Services localStream.Close();
completed(
- GetSHA1(tempPath) != expectedSha1Hash
- ? new DownloadStatus
+ this.VerifyDownload(expectedSignature, tempPath)
+ ? new DownloadStatus { WasSuccessful = true, Message = "Download Complete." } :
+ new DownloadStatus
{
WasSuccessful = false,
- Message = "Download Failed. SHA1 Checksum Failed. Please visit the website to download this update."
- }
- : new DownloadStatus { WasSuccessful = true, Message = "Download Complete." });
+ Message = "Download Failed. Checksum Failed. Please visit the website to download this update."
+ });
}
catch (Exception exc)
{
@@ -204,27 +206,54 @@ namespace HandBrakeWPF.Services }
/// <summary>
- /// The get sh a 1.
+ /// Verify the HandBrake download is Valid.
/// </summary>
- /// <param name="fileName">
- /// The file name.
- /// </param>
- /// <returns>
- /// The <see cref="string"/>.
- /// </returns>
- public static String GetSHA1(String fileName)
+ /// <param name="signature">The DSA SHA256 Signature from the appcast</param>
+ /// <param name="updateFile">Path to the downloaded update file</param>
+ /// <returns>True if the file is valid, false otherwise.</returns>
+ public bool VerifyDownload(string signature, string updateFile)
{
- FileStream file = new FileStream(fileName, FileMode.Open);
- SHA1 sha1 = new SHA1CryptoServiceProvider();
- byte[] retVal = sha1.ComputeHash(file);
- file.Close();
+ // Sanity Checks
+ if (!File.Exists(updateFile))
+ {
+ return false;
+ }
- StringBuilder sb = new StringBuilder();
- for (int i = 0; i < retVal.Length; i++)
+ if (string.IsNullOrEmpty(signature))
+ {
+ return false;
+ }
+
+ // Fetch our Public Key
+ string publicKey;
+ using (Stream stream = Assembly.GetExecutingAssembly().GetManifestResourceStream("HandBrakeWPF.public.key"))
+ {
+ if (stream == null)
+ {
+ return false;
+ }
+
+ using (StreamReader reader = new StreamReader(stream))
+ {
+ publicKey = reader.ReadToEnd();
+ }
+ }
+
+ // Verify the file against the Signature.
+ try
+ {
+ byte[] file = File.ReadAllBytes(updateFile);
+ using (RSACryptoServiceProvider verifyProfider = new RSACryptoServiceProvider())
+ {
+ verifyProfider.FromXmlString(publicKey);
+ return verifyProfider.VerifyData(file, "SHA256", Convert.FromBase64String(signature));
+ }
+ }
+ catch (Exception e)
{
- sb.Append(retVal[i].ToString("x2"));
+ Debug.WriteLine(e);
+ return false;
}
- return sb.ToString();
}
#endregion
|