public async Task <bool> VerifyAsync(string file, StringBuilder buffer) { if (file == null) { throw new ArgumentNullException(nameof(file)); } if (buffer == null) { throw new ArgumentNullException(nameof(buffer)); } var trustProviders = new ISignatureVerificationProvider[] { new IntegrityVerificationProvider(), new SignatureTrustAndValidityVerificationProvider() }; var verifier = new PackageSignatureVerifier(trustProviders); try { var result = 0; using (var package = new PackageArchiveReader(file)) { var verificationResult = await verifier.VerifySignaturesAsync(package, SignedPackageVerifierSettings.GetVerifyCommandDefaultPolicy(), CancellationToken.None); if (verificationResult.IsValid) { return(verificationResult.IsValid); } else { var logMessages = verificationResult.Results.SelectMany(p => p.Issues).Select(p => p.AsRestoreLogMessage()).ToList(); foreach (var msg in logMessages) { buffer.AppendLine(msg.Message); } if (logMessages.Any(m => m.Level >= NuGet.Common.LogLevel.Warning)) { var errors = logMessages.Where(m => m.Level == NuGet.Common.LogLevel.Error).Count(); var warnings = logMessages.Where(m => m.Level == NuGet.Common.LogLevel.Warning).Count(); buffer.AppendLine($"Finished with {errors} errors and {warnings} warnings."); result = errors; } return(false); } } } catch (Exception e) { logger.LogError(e, e.Message); return(false); } }
public async Task VerifySignatureAsync() { using (var reader = new PackageArchiveReader(_streamFactory(), false)) { var signed = await reader.IsSignedAsync(CancellationToken.None); if (signed) { // Check verification var trustProviders = new ISignatureVerificationProvider[] { new IntegrityVerificationProvider(), new SignatureTrustAndValidityVerificationProvider() }; var verifier = new PackageSignatureVerifier(trustProviders); VerificationResult = await verifier.VerifySignaturesAsync(reader, SignedPackageVerifierSettings.GetVerifyCommandDefaultPolicy(), CancellationToken.None); } } }
/// <summary> /// Initializes a verifier that performs all integrity and trust checks required by the server. /// </summary> public static IPackageSignatureVerifier CreateFull() { var verificationProviders = new ISignatureVerificationProvider[] { new IntegrityVerificationProvider(), new SignatureTrustAndValidityVerificationProvider(), }; var settings = new SignedPackageVerifierSettings( allowUnsigned: false, allowIllegal: false, allowUntrusted: false, allowUntrustedSelfIssuedCertificate: false, allowIgnoreTimestamp: false, allowMultipleTimestamps: false, allowNoTimestamp: false, allowUnknownRevocation: true); return(new PackageSignatureVerifier( verificationProviders, settings)); }