Beispiel #1
0
        public override bool VerifySignedAssembly(Stream assemblyStream)
        {
            // The assembly won't verify by design when doing test signing.
            if (TestSign)
            {
                return(true);
            }

            return(ContentUtil.IsAssemblyStrongNameSigned(assemblyStream));
        }
Beispiel #2
0
        private SignInfo ExtractSignInfo(string fileFullPath)
        {
            if (FileName.IsPEFile(fileFullPath))
            {
                using (var stream = File.OpenRead(fileFullPath))
                {
                    if (ContentUtil.IsAssemblyStrongNameSigned(stream))
                    {
                        return(SignInfo.AlreadySigned);
                    }
                }

                if (!IsManaged(fileFullPath))
                {
                    return(new SignInfo(SignToolConstants.Certificate_MicrosoftSHA2, null));
                }
                else
                {
                    var fileAsm         = System.Reflection.AssemblyName.GetAssemblyName(fileFullPath);
                    var pktBytes        = fileAsm.GetPublicKeyToken();
                    var publicKeyToken  = (pktBytes == null || pktBytes.Length == 0) ? string.Empty : string.Join("", pktBytes.Select(b => b.ToString("x2")));
                    var targetFramework = GetTargetFrameworkName(fileFullPath).FullName;
                    var fileName        = Path.GetFileName(fileFullPath);

                    var keyForAllTargets     = new ExplicitCertificateKey(fileName, publicKeyToken, SignToolConstants.AllTargetFrameworksSentinel);
                    var keyForSpecificTarget = new ExplicitCertificateKey(fileName, publicKeyToken, targetFramework);

                    // Do we need to override the default certificate this file ?
                    if (_explicitCertificates.TryGetValue(keyForSpecificTarget, out var overridingCertificate) ||
                        _explicitCertificates.TryGetValue(keyForAllTargets, out overridingCertificate))
                    {
                        // If has overriding info, is it for ignoring the file?
                        if (overridingCertificate != null && overridingCertificate.Equals(SignToolConstants.IgnoreFileCertificateSentinel))
                        {
                            return(SignInfo.Ignore); // should ignore this file
                        }
                        // Otherwise, just use the overriding info if present
                    }

                    if (publicKeyToken == string.Empty)
                    {
                        if (string.IsNullOrEmpty(overridingCertificate))
                        {
                            _log.LogError($"SignInfo for file ({fileFullPath}) and empty PKT not found. Expected it to be informed in overriding infos.");
                            return(SignInfo.Empty);
                        }

                        return(new SignInfo(overridingCertificate, string.Empty));
                    }

                    if (_defaultSignInfoForPublicKeyToken.ContainsKey(publicKeyToken))
                    {
                        var signInfo = _defaultSignInfoForPublicKeyToken[publicKeyToken];

                        var certificate = overridingCertificate ?? signInfo.Certificate;

                        return(new SignInfo(certificate, signInfo.StrongName, signInfo.ShouldIgnore, signInfo.IsEmpty, signInfo.IsAlreadySigned));
                    }

                    _log.LogError($"SignInfo for file ({fileFullPath}) with Public Key Token {publicKeyToken} not found.");
                    return(SignInfo.Empty);
                }
            }
            else if (FileName.IsZipContainer(fileFullPath))
            {
                return(new SignInfo(FileName.IsNupkg(fileFullPath) ? SignToolConstants.Certificate_NuGet : SignToolConstants.Certificate_VsixSHA2, null));
            }
            else
            {
                _log.LogWarning($"Unidentified artifact type: {fileFullPath}");
                return(SignInfo.Ignore);
            }
        }