|
|
@@ -185,15 +185,17 @@ begin
|
|
|
the same key produces a totally different signature each time. To avoid
|
|
|
unnecessary alterations to the "sig-r" and "sig-s" values when a file is
|
|
|
being re-signed but its contents haven't changed, we attempt to load and
|
|
|
- verify the existing .issig file. If the key, file size, and file hash are
|
|
|
- all up to date, then we skip creation of a new .issig file. }
|
|
|
+ verify the existing .issig file. If the existing values exactly match
|
|
|
+ what we would have written, then we skip creation of a new .issig file.
|
|
|
+ Note that "file-name" is compared case-sensitively here because we don't
|
|
|
+ want to impede the user's ability to correct case mistakes. }
|
|
|
var ExistingFileName: String;
|
|
|
var ExistingFileSize: Int64;
|
|
|
var ExistingFileHash: TSHA256Digest;
|
|
|
const Verified = ISSigVerifySignature(AFilename, [AKey],
|
|
|
ExistingFileName, ExistingFileSize, ExistingFileHash, nil, nil, nil);
|
|
|
|
|
|
- if Verified and PathSame(FileName, ExistingFileName) and (FileSize = ExistingFileSize) and
|
|
|
+ if Verified and (FileName = ExistingFileName) and (FileSize = ExistingFileSize) and
|
|
|
SHA256DigestsEqual(FileHash, ExistingFileHash) then begin
|
|
|
PrintUnlessQuiet('signature unchanged');
|
|
|
Exit;
|
Jordan Russell