/// <summary>
/// Digital Signature from a WordprocessingML document package
/// </summary>
/// <param name="digitalCertificate"></param>
public void Insert(string digitalCertificate)
{
X509Certificate x509Certificate = X509Certificate2.CreateFromCertFile(digitalCertificate);
System.IO.Packaging.PackageDigitalSignatureManager digitalSigntaureManager = new System.IO.Packaging.PackageDigitalSignatureManager(parentDocument.Document.Package);
digitalSigntaureManager.CertificateOption = System.IO.Packaging.CertificateEmbeddingOption.InSignaturePart;
System.Collections.Generic.List <Uri> partsToSign = new System.Collections.Generic.List <Uri>();
//Adds each part to the list, except relationships parts.
foreach (System.IO.Packaging.PackagePart openPackagePart in parentDocument.Document.Package.GetParts())
{
if (!System.IO.Packaging.PackUriHelper.IsRelationshipPartUri(openPackagePart.Uri))
{
partsToSign.Add(openPackagePart.Uri);
}
}
List <System.IO.Packaging.PackageRelationshipSelector> relationshipSelectors = new List <System.IO.Packaging.PackageRelationshipSelector>();
//Creates one selector for each package-level relationship, based on id
foreach (System.IO.Packaging.PackageRelationship relationship in parentDocument.Document.Package.GetRelationships())
{
System.IO.Packaging.PackageRelationshipSelector relationshipSelector =
new System.IO.Packaging.PackageRelationshipSelector(relationship.SourceUri, System.IO.Packaging.PackageRelationshipSelectorType.Id, relationship.Id);
relationshipSelectors.Add(relationshipSelector);
}
digitalSigntaureManager.Sign(partsToSign, x509Certificate, relationshipSelectors);
}
/// <summary>
/// Tests a Digital Signature from a package
/// </summary>
/// <returns>Digital signatures list</returns>
public Collection <string> GetList()
{
// Creates the PackageDigitalSignatureManager
System.IO.Packaging.PackageDigitalSignatureManager digitalSignatureManager = new System.IO.Packaging.PackageDigitalSignatureManager(parentDocument.Document.Package);
// Verifies the collection of certificates in the package
Collection <string> digitalSignatureDescriptions = new Collection <string>();
ReadOnlyCollection <System.IO.Packaging.PackageDigitalSignature> digitalSignatures = digitalSignatureManager.Signatures;
if (digitalSignatures.Count > 0)
{
foreach (System.IO.Packaging.PackageDigitalSignature signature in digitalSignatures)
{
if (System.IO.Packaging.PackageDigitalSignatureManager.VerifyCertificate(signature.Signer) != X509ChainStatusFlags.NoError)
{
digitalSignatureDescriptions.Add(string.Format(System.Globalization.CultureInfo.InvariantCulture, "Signature: {0} ({1})", signature.Signer.Subject, System.IO.Packaging.PackageDigitalSignatureManager.VerifyCertificate(signature.Signer)));
}
else
{
digitalSignatureDescriptions.Add("Signature: " + signature.Signer.Subject);
}
}
}
else
{
digitalSignatureDescriptions.Add("No digital signatures found");
}
return(digitalSignatureDescriptions);
}
public static void Main(string[] args)
{
// Output information on how to use the command line tool if not given enough arguments.
if (args.Length < 3)
{
System.Console.WriteLine("Visual Studio Extension Signer");
System.Console.WriteLine("This tool is used to digitally sign a vsix file with a pfx certificate.");
System.Console.WriteLine();
System.Console.WriteLine("Usage: VsixSigner <PfxFilePath> <PfxPassword> <VsixFilePath>");
System.Console.WriteLine(" PfxFilePath Path to the PFX certificate file to sign with.");
System.Console.WriteLine(" PfxPassword The password assigned to the PFX file.");
System.Console.WriteLine(" VsixFilePath Path to the VSIX file to digitally sign.");
return;
}
// Fetch and validate the PFX file path.
string pfxFilePath = args[0];
if (string.IsNullOrEmpty(pfxFilePath))
{
System.Console.WriteLine("You must provide a valid path to a PFX file.");
System.Environment.ExitCode = -1;
return;
}
if (System.IO.File.Exists(pfxFilePath) == false)
{
System.Console.WriteLine("PFX file not found: " + pfxFilePath);
System.Environment.ExitCode = -1;
return;
}
// Fetch the PFX password.
string pfxPassword = args[1];
if (pfxPassword == null)
{
pfxPassword = string.Empty;
}
// Fetch and validate the path to the VSIX file.
string vsixFilePath = args[2];
if (string.IsNullOrEmpty(vsixFilePath))
{
System.Console.WriteLine("You must provide a valid path to the VSIX file to digitally sign.");
System.Environment.ExitCode = -1;
return;
}
if (System.IO.File.Exists(vsixFilePath) == false)
{
System.Console.WriteLine("VSIX file not found: " + pfxFilePath);
System.Environment.ExitCode = -1;
return;
}
// Digitally sign the VSIX file's contents.
bool wasSigned = false;
System.IO.Packaging.Package vsixPackage = null;
try
{
// Set up the signature manager.
vsixPackage = System.IO.Packaging.Package.Open(vsixFilePath, System.IO.FileMode.Open);
var signatureManager = new System.IO.Packaging.PackageDigitalSignatureManager(vsixPackage);
signatureManager.CertificateOption = System.IO.Packaging.CertificateEmbeddingOption.InSignaturePart;
// Create a collection of paths to all of VSIX file's internal files to be signed.
var vsixPartPaths = new System.Collections.Generic.List <System.Uri>();
foreach (var packagePart in vsixPackage.GetParts())
{
vsixPartPaths.Add(packagePart.Uri);
}
vsixPartPaths.Add(
System.IO.Packaging.PackUriHelper.GetRelationshipPartUri(signatureManager.SignatureOrigin));
vsixPartPaths.Add(signatureManager.SignatureOrigin);
vsixPartPaths.Add(
System.IO.Packaging.PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));
// Create digital signatures for all of the VSIX's internal files/parts.
var certificate = new System.Security.Cryptography.X509Certificates.X509Certificate2(pfxFilePath, pfxPassword);
signatureManager.Sign(vsixPartPaths, certificate);
// Verify that the VSIX file was correctly signed.
if (signatureManager.IsSigned &&
(signatureManager.VerifySignatures(true) == System.IO.Packaging.VerifyResult.Success))
{
wasSigned = true;
}
}
catch (Exception ex)
{
System.Console.WriteLine(ex.Message);
System.Environment.ExitCode = -1;
return;
}
finally
{
if (vsixPackage != null)
{
try { vsixPackage.Close(); }
catch (Exception) { }
}
}
// If the digital signatures applied to the VSIX are invalid, then notify the user.
if (wasSigned == false)
{
System.Console.WriteLine("The digital signatures applied to the VSIX file are invalid.");
System.Environment.ExitCode = -1;
return;
}
// Signing was successful.
System.Console.WriteLine("Successfully signed the VSIX file.");
}
/// <summary>
/// RemoveAll
/// </summary>
public void RemoveAll()
{
// Creates the PackageDigitalSignatureManager
System.IO.Packaging.PackageDigitalSignatureManager digitalSignatureManager = new System.IO.Packaging.PackageDigitalSignatureManager(parentDocument.Document.Package);
digitalSignatureManager.RemoveAllSignatures();
}
