public IEnumerable <PackageVerifierIssue> Validate(IPackageRepository packageRepo, IPackage package, IPackageVerifierLogger logger)
{
string packagePath = packageRepo.Source + "\\" + package.Id + "." + package.Version.ToString() + ".nupkg";
string nupkgWithoutExt = Path.Combine(Path.GetDirectoryName(packagePath), Path.GetFileNameWithoutExtension(packagePath));
try
{
UnzipPackage(nupkgWithoutExt);
foreach (IPackageFile current in package.GetFiles())
{
//string packagePath = package.FileSystem.Root + "\\" + Id + "." + Version + ".nupkg"
string extension = Path.GetExtension(current.Path);
// TODO: Need to add more extensions?
if (extension.Equals(".dll", StringComparison.OrdinalIgnoreCase) ||
extension.Equals(".exe", StringComparison.OrdinalIgnoreCase))
{
string pathOfFileToScan = Path.Combine(nupkgWithoutExt, current.Path);
var realAssemblyPath = pathOfFileToScan;
if (!File.Exists(realAssemblyPath))
{
realAssemblyPath = pathOfFileToScan.Replace("+", "%2B").Replace("#", "%23");
if (!File.Exists(realAssemblyPath))
{
logger.LogError("The assembly '{0}' in this package can't be found (a bug in this tool, most likely).", current.Path);
continue;
}
}
bool isAuthenticodeSigned = WinTrust.IsAuthenticodeSigned(realAssemblyPath);
if (!isAuthenticodeSigned)
{
yield return(PackageIssueFactory.PEFileNotAuthenticodeSigned(current.Path));
}
}
}
}
finally
{
CleanUpFolder(nupkgWithoutExt, logger);
}
yield break;
}
public IEnumerable <PackageVerifierIssue> Validate(PackageAnalysisContext context)
{
var extractPath = Path.Combine(Path.GetTempPath(), Path.GetRandomFileName());
try
{
UnzipPackage(context.PackageFileInfo, extractPath);
foreach (var current in context.PackageReader.GetFiles())
{
//string packagePath = package.FileSystem.Root + "\\" + Id + "." + Version + ".nupkg"
var extension = Path.GetExtension(current);
// TODO: Need to add more extensions?
if (extension.Equals(".dll", StringComparison.OrdinalIgnoreCase) ||
extension.Equals(".exe", StringComparison.OrdinalIgnoreCase))
{
var pathOfFileToScan = Path.Combine(extractPath, current);
var realAssemblyPath = pathOfFileToScan;
if (!File.Exists(realAssemblyPath))
{
realAssemblyPath = pathOfFileToScan.Replace("+", "%2B").Replace("#", "%23");
if (!File.Exists(realAssemblyPath))
{
context.Logger.LogError(
"The assembly '{0}' in this package can't be found (a bug in this tool, most likely).",
current);
continue;
}
}
var isAuthenticodeSigned = WinTrust.IsAuthenticodeSigned(realAssemblyPath);
if (!isAuthenticodeSigned)
{
yield return(PackageIssueFactory.PEFileNotAuthenticodeSigned(current));
}
}
}
}
finally
{
CleanUpFolder(extractPath, context.Logger);
}
}
