public async Task ShouldSignABlobOfDataWithEcdsaP256Sha256(string pfxPath)
{
var certificate = new X509Certificate2(pfxPath, "test");
var config = new CertificateSignConfigurationSet
{
SigningCertificate = certificate,
PkcsDigestAlgorithm = HashAlgorithmName.SHA256,
FileDigestAlgorithm = HashAlgorithmName.SHA256
};
using (var context = new CertificateSigningContext(config))
{
using (var hash = SHA256.Create())
{
var digest = hash.ComputeHash(new byte[] { 1, 2, 3 });
var signature = await context.SignDigestAsync(digest);
Assert.Equal(OpcKnownUris.SignatureAlgorithms.ecdsaSHA256, context.XmlDSigIdentifier);
Assert.Equal(SigningAlgorithm.ECDSA, context.SignatureAlgorithm);
var roundtrips = await context.VerifyDigestAsync(digest, signature);
Assert.True(roundtrips);
}
}
}
private async Task <int> PerformSignOnVsixAsync(string vsixPath, bool force,
Uri timestampUri, HashAlgorithmName fileDigestAlgorithm, HashAlgorithmName timestampDigestAlgorithm,
X509Certificate2 certificate
)
{
using (var package = OpcPackage.Open(vsixPath, OpcPackageFileMode.ReadWrite))
{
if (package.GetSignatures().Any() && !force)
{
_signCommandApplication.Out.WriteLine("The VSIX is already signed.");
return(EXIT_CODES.FAILED);
}
var signBuilder = package.CreateSignatureBuilder();
signBuilder.EnqueueNamedPreset <VSIXSignatureBuilderPreset>();
var signingConfiguration = new CertificateSignConfigurationSet
{
FileDigestAlgorithm = fileDigestAlgorithm,
PkcsDigestAlgorithm = fileDigestAlgorithm,
SigningCertificate = certificate
};
var signature = await signBuilder.SignAsync(signingConfiguration);
if (timestampUri != null)
{
var timestampBuilder = signature.CreateTimestampBuilder();
var result = await timestampBuilder.SignAsync(timestampUri, timestampDigestAlgorithm);
if (result == TimestampResult.Failed)
{
return(EXIT_CODES.FAILED);
}
}
_signCommandApplication.Out.WriteLine("The signing operation is complete.");
return(EXIT_CODES.SUCCESS);
}
}
