dotnet · dtivel · Apr 18, 2025 · Apr 2, 2025 · Apr 18, 2025
@@ -15,7 +15,7 @@ internal sealed class AzureSignToolSigner : IAzureSignToolDataFormatSigner
         private readonly ICertificateProvider _certificateProvider;
         private readonly ISignatureAlgorithmProvider _signatureAlgorithmProvider;
         private readonly ILogger<IDataFormatSigner> _logger;
-        private readonly HashSet<string> _supportedFileExtensions;
+        private readonly IReadOnlyList<ISignableFileType> _signableFileTypes;
         private readonly IToolConfigurationProvider _toolConfigurationProvider;
 
         // Dependency injection requires a public constructor.
@@ -36,45 +36,55 @@ public AzureSignToolSigner(
             _logger = logger;
             _toolConfigurationProvider = toolConfigurationProvider;
 
-            // For PowerShell file extensions, see https://github.com/PowerShell/PowerShell/blob/2f4f585e7fe075f5c1669397ae738c554fa18391/src/System.Management.Automation/security/SecurityManager.cs#L97C1-L106C10
-            _supportedFileExtensions = new HashSet<string>(StringComparer.OrdinalIgnoreCase)
+            _signableFileTypes = new List<ISignableFileType>()
             {
-                ".app",
-                ".appx",
-                ".appxbundle",
-                ".cab",
-                ".cat",
-                ".cdxml",       // PowerShell cmdlet definition XML
-                ".dll",
-                ".eappx",
-                ".eappxbundle",
-                ".emsix",
-                ".emsixbundle",
-                ".exe",
-                ".msi",
-                ".msix",
-                ".msixbundle",
-                ".msm",
-                ".msp",
-                ".mst",
-                ".ocx",
-                ".ps1",         // PowerShell script files
-                ".ps1xml",      // PowerShell display configuration files
-                ".psd1",        // PowerShell data files
-                ".psm1",        // PowerShell module files
-                ".stl",
-                ".sys",
-                ".vbs",
-                ".vxd",
-                ".winmd"
+                // For PowerShell file extensions, see https://github.com/PowerShell/PowerShell/blob/2f4f585e7fe075f5c1669397ae738c554fa18391/src/System.Management.Automation/security/SecurityManager.cs#L97C1-L106C10
+                new SignableFileTypeByExtension(
+                    ".appx",
+                    ".appxbundle",
+                    ".cab",
+                    ".cat",
+                    ".cdxml",       // PowerShell cmdlet definition XML
+                    ".dll",
+                    ".eappx",
+                    ".eappxbundle",
+                    ".emsix",
+                    ".emsixbundle",
+                    ".exe",
+                    ".msi",
+                    ".msix",
+                    ".msixbundle",
+                    ".msm",
+                    ".msp",
+                    ".mst",
+                    ".ocx",
+                    ".ps1",         // PowerShell script files
+                    ".ps1xml",      // PowerShell display configuration files
+                    ".psd1",        // PowerShell data files
+                    ".psm1",        // PowerShell module files
+                    ".stl",
+                    ".sys",
+                    ".vbs",
+                    ".vxd",
+                    ".winmd"
+                ),
+                new DynamicsBusinessCentralAppFileType()
             };
         }
 
         public bool CanSign(FileInfo file)
         {
             ArgumentNullException.ThrowIfNull(file, nameof(file));
 
-            return _supportedFileExtensions.Contains(file.Extension);
+            foreach (ISignableFileType signableFileType in _signableFileTypes)
+            {
+                if (signableFileType.IsMatch(file))
+                {
+                    return true;
+                }
+            }
+
+            return false;
         }
 
         public async Task SignAsync(IEnumerable<FileInfo> files, SignOptions options)

@@ -0,0 +1,40 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE.txt file in the project root for more information.
+
+namespace Sign.Core
+{
+    internal sealed class DynamicsBusinessCentralAppFileType : ISignableFileType
+    {
+        private const string FileExtension = ".app";
+
+        private readonly byte[] _expectedHeader;
+
+        internal DynamicsBusinessCentralAppFileType()
+        {
+            _expectedHeader = new byte[] { 0x4e, 0x41, 0x56, 0x58 }; // NAVX
+        }
+
+        public bool IsMatch(FileInfo file)
+        {
+            ArgumentNullException.ThrowIfNull(file, nameof(file));
+
+            if (!FileExtension.Equals(file.Extension, StringComparison.OrdinalIgnoreCase))
+            {
+                return false;
+            }
+
+            using (FileStream stream = file.OpenRead())
+            {
+                var header = new byte[_expectedHeader.Length];
+
+                if (stream.Read(header, offset: 0, header.Length) != header.Length)
+                {
+                    return false;
+                }
+
+                return header.SequenceEqual(_expectedHeader);
+            }
+        }
+    }
+}
@@ -0,0 +1,11 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE.txt file in the project root for more information.
+
+namespace Sign.Core
+{
+    internal interface ISignableFileType
+    {
+        bool IsMatch(FileInfo file);
+    }
+}
@@ -0,0 +1,30 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE.txt file in the project root for more information.
+
+namespace Sign.Core
+{
+    internal sealed class SignableFileTypeByExtension : ISignableFileType
+    {
+        private readonly HashSet<string> _fileExtensions;
+
+        internal SignableFileTypeByExtension(params string[] fileExtensions)
+        {
+            ArgumentNullException.ThrowIfNull(fileExtensions, nameof(fileExtensions));
+
+            if (fileExtensions.Length == 0)
+            {
+                throw new ArgumentException(Resources.ArgumentCannotBeEmpty, nameof(fileExtensions));
+            }
+
+            _fileExtensions = new HashSet<string>(fileExtensions, StringComparer.OrdinalIgnoreCase);
+        }
+
+        public bool IsMatch(FileInfo file)
+        {
+            ArgumentNullException.ThrowIfNull(file, nameof(file));
+
+            return _fileExtensions.Contains(file.Extension);
+        }
+    }
+}
@@ -117,6 +117,9 @@
   <resheader name="writer">
     <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
   </resheader>
+  <data name="ArgumentCannotBeEmpty" xml:space="preserve">
+    <value>The argument cannot be empty.</value>
+  </data>
   <data name="AzureSignToolSignatureProviderSigning" xml:space="preserve">
     <value>Signing SignTool job with {count} files.</value>
     <comment>{Placeholder="{count}"} is the number of files to be signed.</comment>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="cs" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">Podepisování úlohy SignTool s tímto počtem souborů: {count}.</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="de" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">Der SignTool-Auftrag wird mit {count} Dateien signiert.</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="es" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">Firmando el trabajo de SignTool con {count} archivos.</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="fr" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">Signature du travail SignTool avec {count} fichiers.</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="it" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">Firma del processo SignTool con {count} file.</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="ja" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">{count} 個のファイルを使用して SignTool ジョブに署名しています。</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="ko" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">{count} 파일로 SignTool 작업에 서명하는 중입니다.</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="pl" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">Podpisywanie zadania SignTool przy użyciu {count} plików.</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="pt-BR" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">Autenticando o trabalho SignTool com {count} arquivos.</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="ru" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">Задание подписывания SignTool с несколькими файлами ({count}).</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="tr" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">SignTool işi {count} dosya ile imzalanıyor.</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="zh-Hans" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">正在对包含 {count} 个文件的 SignTool 作业进行签名。</target>

@@ -2,6 +2,11 @@
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="1.2" xsi:schemaLocation="urn:oasis:names:tc:xliff:document:1.2 xliff-core-1.2-transitional.xsd">
   <file datatype="xml" source-language="en" target-language="zh-Hant" original="../Resources.resx">
     <body>
+      <trans-unit id="ArgumentCannotBeEmpty">
+        <source>The argument cannot be empty.</source>
+        <target state="new">The argument cannot be empty.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="AzureSignToolSignatureProviderSigning">
         <source>Signing SignTool job with {count} files.</source>
         <target state="translated">正在簽署具有 {count} 個檔案的 SignTool 工作。</target>