public IEnumerable <PackageVerifierIssue> Validate(PackageAnalysisContext context)
{
if (context.Metadata.IsDotNetToolPackage())
{
yield break;
}
foreach (var currentFile in context.PackageReader.GetFiles())
{
var extension = Path.GetExtension(currentFile);
if (extension.Equals(".dll", StringComparison.OrdinalIgnoreCase) ||
extension.Equals(".exe", StringComparison.OrdinalIgnoreCase))
{
string assemblyPath;
do
{
assemblyPath = Path.ChangeExtension(
Path.Combine(Path.GetTempPath(), Path.GetRandomFileName()), extension);
} while (File.Exists(assemblyPath));
var isManagedCode = false;
var isStrongNameSigned = false;
var hasCorrectPublicKeyToken = false;
var hresult = 0;
try
{
using (var packageFileStream = context.PackageReader.GetStream(currentFile))
using (var fileStream = new FileStream(assemblyPath, FileMode.Create))
{
packageFileStream.CopyTo(fileStream);
}
if (AssemblyHelpers.IsAssemblyManaged(assemblyPath))
{
isManagedCode = true;
using (var assembly = AssemblyDefinition.ReadAssembly(assemblyPath))
{
if (assembly.Modules.Any())
{
isStrongNameSigned = assembly.Modules.All(
module => module.Attributes.HasFlag(ModuleAttributes.StrongNameSigned));
}
else
{
throw new InvalidOperationException("The managed assembly does not contain any modules.");
}
var tokenHexString = BitConverter.ToString(assembly.Name.PublicKeyToken).Replace("-", "");
if (_publicKeyToken.Equals(tokenHexString, StringComparison.OrdinalIgnoreCase))
{
hasCorrectPublicKeyToken = true;
}
}
}
}
catch (Exception ex)
{
context.Logger.LogError(
"Error while verifying strong name signature for {0}: {1}", currentFile, ex.Message);
}
finally
{
if (File.Exists(assemblyPath))
{
File.Delete(assemblyPath);
}
}
if (isManagedCode && !isStrongNameSigned)
{
yield return(PackageIssueFactory.AssemblyNotStrongNameSigned(currentFile, hresult));
}
if (isManagedCode && !hasCorrectPublicKeyToken)
{
yield return(PackageIssueFactory.AssemblyHasWrongPublicKeyToken(currentFile, _publicKeyToken));
}
}
}
}
