Пример #1
0
        internal static SignOptions FromOptions(string fileName, IEnumerable <CommandOption> options)
        {
            var opts = new SignOptions()
            {
                FileName = fileName
            };

            foreach (var option in options)
            {
                Action <CommandOption, SignOptions> binder;
                if (_bindings.TryGetValue(option.LongName ?? option.ShortName, out binder))
                {
                    binder(option, opts);
                }
            }
            if (string.IsNullOrEmpty(opts.Output))
            {
                var extension = Path.GetExtension(fileName);

                // If the file is a signature request, change the extension
                if (string.Equals(extension, ".req", StringComparison.OrdinalIgnoreCase))
                {
                    opts.Output = Path.ChangeExtension(fileName, ".sig");
                }
                // Sometimes, we save signatures requests as ".sig" files, in those cases we replace the file in-place
                else if (string.Equals(extension, ".sig", StringComparison.OrdinalIgnoreCase))
                {
                    opts.Output = fileName;
                }
                // Otherwise, tack on ".sig" for the signature file
                else
                {
                    opts.Output = fileName + ".sig";
                }
            }
            return(opts);
        }
Пример #2
0
        internal static SignOptions FromOptions(string fileName, IEnumerable<CommandOption> options)
        {
            var opts = new SignOptions()
            {
                FileName = fileName
            };
            foreach (var option in options)
            {
                Action<CommandOption, SignOptions> binder;
                if (_bindings.TryGetValue(option.LongName ?? option.ShortName, out binder))
                {
                    binder(option, opts);
                }
            }
            if (string.IsNullOrEmpty(opts.Output))
            {
                var extension = Path.GetExtension(fileName);

                // If the file is a signature request, change the extension
                if (string.Equals(extension, ".req", StringComparison.OrdinalIgnoreCase))
                {
                    opts.Output = Path.ChangeExtension(fileName, ".sig");
                }
                // Sometimes, we save signatures requests as ".sig" files, in those cases we replace the file in-place
                else if (string.Equals(extension, ".sig", StringComparison.OrdinalIgnoreCase))
                {
                    opts.Output = fileName;
                }
                // Otherwise, tack on ".sig" for the signature file
                else
                {
                    opts.Output = fileName + ".sig";
                }
            }
            return opts;
        }
Пример #3
0
        public static async Task <int> Sign(string fileName, IEnumerable <CommandOption> options)
        {
            var signOptions = SignOptions.FromOptions(fileName, options);

            X509Certificate2Collection includedCerts;
            var signingCert = signOptions.FindCert(out includedCerts);

            if (signingCert == null)
            {
                AnsiConsole.Error.WriteLine("Unable to find certificate that meets the specified criteria");
                return(1);
            }
            AnsiConsole.Output.WriteLine("Signing file with: " + signingCert.SubjectName.CommonName());

            // Load the private key if provided
            if (!string.IsNullOrEmpty(signOptions.CspName) && !string.IsNullOrEmpty(signOptions.KeyContainer))
            {
                var parameters = new CspParameters()
                {
                    ProviderType     = 1, // PROV_RSA_FULL
                    KeyNumber        = (int)KeyNumber.Signature,
                    ProviderName     = signOptions.CspName,
                    KeyContainerName = signOptions.KeyContainer
                };
                signingCert.PrivateKey = new RSACryptoServiceProvider(parameters);
            }

            if (!signingCert.HasPrivateKey)
            {
                AnsiConsole.Error.WriteLine("Unable to find private key for certificate: " + signingCert.SubjectName.CommonName());
                return(1);
            }

            // If the input file didn't provide any additional certs, set up a new collection
            var additionalCerts = new X509Certificate2Collection();

            // Load any additional certs requested by the user
            if (!string.IsNullOrEmpty(signOptions.AddCertificatesFile))
            {
                additionalCerts.Import(signOptions.AddCertificatesFile);
            }

            // Determine if we are signing a request or a file
            Signature sig = await Signature.TryDecodeAsync(fileName);

            if (sig == null)
            {
                sig = new Signature(SignaturePayload.Compute(fileName, Signature.DefaultDigestAlgorithmName));
            }

            // Verify that the content is unsigned
            if (sig.IsSigned)
            {
                AnsiConsole.Error.WriteLine("File already signed: " + fileName);
                return(1);
            }

            // Sign the file
            sig.Sign(signingCert, includedCerts, additionalCerts);

            AnsiConsole.Output.WriteLine("Successfully signed.");

            if (!string.IsNullOrEmpty(signOptions.Timestamper))
            {
                // Timestamp the signature
                AnsiConsole.Output.WriteLine("Transmitting signature to timestamping authority...");
                sig.Timestamp(new Uri(signOptions.Timestamper), signOptions.TimestamperAlgorithm ?? Signature.DefaultDigestAlgorithmName);
                AnsiConsole.Output.WriteLine("Trusted timestamp applied to signature.");
            }

            // Write the signature
            AnsiConsole.Output.WriteLine("Signature saved to " + signOptions.Output);
            await sig.WriteAsync(signOptions.Output);

            return(0);
        }