Many systems need to be able to transport a bundle (a set of files) over unsecure media. In order to protect these files, bundles are sometimes digitally signed. To sign a bundle, a secure hash of each file in the bundle is calculated and recorded in a catalog file. Different secure hashes may be used such as, for example, Message Digest 5 (MD5) algorithms or Secure Hash Algorithms (SHA) such as SHA-1. Once the hash has been calculated for all of the files, the catalog file is digitally signed. The signing of the catalog file may comprise signing the catalog file using asymmetric cryptography techniques such as Digital Signature Algorithm (DSA). The catalog file signature is then stored in a catalog signature file that is added to the bundle as the bundle signature. The public key of the key pair and possibly a certificate for verifying the owner of the private key may be included in the signed bundle to facilitate verification of the bundle signature. Public Key Cryptography Standards 7 (PKCS7) is one example of digital signature format that includes a signer certificate.
A person skilled in the art can appreciate that the bundle signature cannot be modified without knowledge of the correct private key. It is therefore possible, assuming the bundle signature is verified, to trust that the catalog file has not been modified, and so the hashes of the files stored in the catalog file will match the calculated hash of the files delivered in the bundle as long as the bundle has not been modified, (e.g., files have not been added or removed) and to trust that the files of the bundle have not been modified, such as by adding, removing or modifying data of the individual files.
For example, Java archive (JAR) file signatures work as described above. The JAR file includes the individual files, as well as a signature file that comprises a list of the files in the JAR file as well as a hash of each file. A signed JAR file also comprises a signature block file, which is the signed signature file.