private static async Task <X509Certificate2> GetCertificateAsync(SignArgs signArgs)
{
var certFindOptions = new CertificateSourceOptions()
{
CertificatePath = signArgs.CertificatePath,
CertificatePassword = signArgs.CertificatePassword,
Fingerprint = signArgs.CertificateFingerprint,
StoreLocation = signArgs.CertificateStoreLocation,
StoreName = signArgs.CertificateStoreName,
SubjectName = signArgs.CertificateSubjectName,
NonInteractive = signArgs.NonInteractive,
PasswordProvider = signArgs.PasswordProvider,
Token = signArgs.Token
};
// get matching certificates
var matchingCertCollection = await CertificateProvider.GetCertificatesAsync(certFindOptions);
if (matchingCertCollection.Count > 1)
{
#if IS_DESKTOP
if (signArgs.NonInteractive || !RuntimeEnvironmentHelper.IsWindows)
{
// if on non-windows os or in non interactive mode - display the certs and error out
signArgs.Logger.LogInformation(CertificateUtility.X509Certificate2CollectionToString(matchingCertCollection, HashAlgorithmName.SHA256));
throw new SignCommandException(
LogMessage.CreateError(NuGetLogCode.NU3001,
string.Format(Strings.SignCommandMultipleCertException,
nameof(SignArgs.CertificateFingerprint))));
}
else
{
// Else launch UI to select
matchingCertCollection = X509Certificate2UI.SelectFromCollection(
FilterCodeSigningCertificates(matchingCertCollection),
Strings.SignCommandDialogTitle,
Strings.SignCommandDialogMessage,
X509SelectionFlag.SingleSelection);
}
#else
// if on non-windows os or in non interactive mode - display and error out
signArgs.Logger.LogError(CertificateUtility.X509Certificate2CollectionToString(matchingCertCollection, HashAlgorithmName.SHA256));
throw new SignCommandException(
LogMessage.CreateError(NuGetLogCode.NU3001,
string.Format(Strings.SignCommandMultipleCertException,
nameof(SignArgs.CertificateFingerprint))));
#endif
}
if (matchingCertCollection.Count == 0)
{
throw new SignCommandException(
LogMessage.CreateError(NuGetLogCode.NU3001,
Strings.SignCommandNoCertException));
}
return(matchingCertCollection[0]);
}
public async Task <int> ExecuteCommandAsync(SignArgs signArgs)
{
// resolve path into multiple packages if needed.
IEnumerable <string> packagesToSign = signArgs.PackagePaths.SelectMany(packagePath =>
{
IEnumerable <string> packages = LocalFolderUtility.ResolvePackageFromPath(packagePath);
LocalFolderUtility.EnsurePackageFileExists(packagePath, packages);
return(packages);
});
var success = true;
X509Certificate2 cert = null;
try
{
cert = await GetCertificateAsync(signArgs);
}
catch (Exception e)
{
success = false;
ExceptionUtilities.LogException(e, signArgs.Logger);
}
if (success)
{
signArgs.Logger.LogInformation(Environment.NewLine);
signArgs.Logger.LogInformation(Strings.SignCommandDisplayCertificate);
signArgs.Logger.LogInformation(CertificateUtility.X509Certificate2ToString(cert, HashAlgorithmName.SHA256));
if (!string.IsNullOrEmpty(signArgs.Timestamper))
{
signArgs.Logger.LogInformation(Strings.SignCommandDisplayTimestamper);
signArgs.Logger.LogInformation(signArgs.Timestamper);
}
if (!string.IsNullOrEmpty(signArgs.OutputDirectory))
{
signArgs.Logger.LogInformation(Strings.SignCommandOutputPath);
signArgs.Logger.LogInformation(signArgs.OutputDirectory);
}
using (var signRequest = new AuthorSignPackageRequest(cert, signArgs.SignatureHashAlgorithm, signArgs.TimestampHashAlgorithm))
{
return(await ExecuteCommandAsync(
packagesToSign,
signRequest,
signArgs.Timestamper,
signArgs.Logger,
signArgs.OutputDirectory,
signArgs.Overwrite,
signArgs.Token));
}
}
return(success ? 0 : 1);
}
public async Task <int> ExecuteCommandAsync(SignArgs signArgs)
{
// resolve path into multiple packages if needed.
var packagesToSign = LocalFolderUtility.ResolvePackageFromPath(signArgs.PackagePath);
LocalFolderUtility.EnsurePackageFileExists(signArgs.PackagePath, packagesToSign);
var cert = await GetCertificateAsync(signArgs);
signArgs.Logger.LogInformation(Environment.NewLine);
signArgs.Logger.LogInformation(Strings.SignCommandDisplayCertificate);
signArgs.Logger.LogInformation(CertificateUtility.X509Certificate2ToString(cert, HashAlgorithmName.SHA256));
if (!string.IsNullOrEmpty(signArgs.Timestamper))
{
signArgs.Logger.LogInformation(Strings.SignCommandDisplayTimestamper);
signArgs.Logger.LogInformation(signArgs.Timestamper);
}
if (!string.IsNullOrEmpty(signArgs.OutputDirectory))
{
signArgs.Logger.LogInformation(Strings.SignCommandOutputPath);
signArgs.Logger.LogInformation(signArgs.OutputDirectory);
}
using (var signRequest = GenerateSignPackageRequest(signArgs, cert))
{
return(await ExecuteCommandAsync(
packagesToSign,
signRequest,
signArgs.Timestamper,
signArgs.Logger,
signArgs.OutputDirectory,
signArgs.Overwrite,
signArgs.Token));
}
}
private AuthorSignPackageRequest GenerateSignPackageRequest(SignArgs signArgs, X509Certificate2 certificate)
{
return(new AuthorSignPackageRequest(certificate, signArgs.SignatureHashAlgorithm, signArgs.TimestampHashAlgorithm));
}
