From f23292ee5ecb9a36acc4f3e34a5b1609e08a54da Mon Sep 17 00:00:00 2001
From: Archie Miller <62433534+Archie-Miller@users.noreply.github.com>
Date: Wed, 27 Mar 2024 11:36:44 -0600
Subject: [PATCH] Provide a signing solution that does not create digests for
 origin.psdor files

---
 src/OpenVsixSignTool.Core/OpcPackage.cs       |  8 +++++
 .../OpcPackageSignatureBuilder.cs             | 32 ++++++++++++++++---
 2 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/src/OpenVsixSignTool.Core/OpcPackage.cs b/src/OpenVsixSignTool.Core/OpcPackage.cs
index 995b3c9..94bb2d0 100644
--- a/src/OpenVsixSignTool.Core/OpcPackage.cs
+++ b/src/OpenVsixSignTool.Core/OpcPackage.cs
@@ -240,6 +240,14 @@ private void SaveRelationships(OpcRelationships relationships)
         /// <returns>A builder instance for configuring and applying a signature.</returns>
         public OpcPackageSignatureBuilder CreateSignatureBuilder() => new OpcPackageSignatureBuilder(this);
 
+        /// <summary>
+        /// Creates a signature builder for applying a digital signature to the package, while ignoring 
+        /// origin.psdor files
+        /// </summary>
+        /// <returns>A builder instance for configuring and applying a signature.</returns>
+        public OpcPackageSignatureBuilder CreateSignatureBuilderIgnoreOrigin() => 
+            new OpcPackageSignatureBuilder( this, ignoreOrigin: true );
+
         /// <summary>
         /// Enumerates over all of the signatures in the package.
         /// </summary>
diff --git a/src/OpenVsixSignTool.Core/OpcPackageSignatureBuilder.cs b/src/OpenVsixSignTool.Core/OpcPackageSignatureBuilder.cs
index 0eaec4c..5f69fa8 100644
--- a/src/OpenVsixSignTool.Core/OpcPackageSignatureBuilder.cs
+++ b/src/OpenVsixSignTool.Core/OpcPackageSignatureBuilder.cs
@@ -12,11 +12,20 @@ public class OpcPackageSignatureBuilder
     {
         private readonly OpcPackage _package;
         private readonly List<OpcPart> _enqueuedParts;
+        private readonly bool _ignoreOriginParts;
 
         internal OpcPackageSignatureBuilder(OpcPackage package)
         {
             _enqueuedParts = new List<OpcPart>();
             _package = package;
+            _ignoreOriginParts = false;
+        }
+
+        internal OpcPackageSignatureBuilder( OpcPackage package, bool ignoreOrigin )
+        {
+            _enqueuedParts = new List<OpcPart>();
+            _package = package;
+            _ignoreOriginParts = ignoreOrigin;
         }
 
         /// <summary>
@@ -106,12 +115,25 @@ private static void PublishSignature(XmlDocument document, OpcPart signatureFile
             }
 
             _package.Flush();
-            var allParts = new HashSet<OpcPart>(_enqueuedParts)
+            HashSet<OpcPart> allParts = new HashSet<OpcPart>( _enqueuedParts );
+
+            if ( _ignoreOriginParts )
             {
-                originFile,
-                _package.GetPart(_package.Relationships.DocumentUri),
-                _package.GetPart(originFile.Relationships.DocumentUri)
-            };
+                allParts = new HashSet<OpcPart>( _enqueuedParts )
+                {
+                    _package.GetPart(_package.Relationships.DocumentUri)
+                };
+            }
+            else
+            {
+                allParts = new HashSet<OpcPart>( _enqueuedParts )
+                {
+                    originFile,
+                    _package.GetPart(_package.Relationships.DocumentUri),
+                    _package.GetPart(originFile.Relationships.DocumentUri)
+                };
+            }
+            
             return (allParts, signatureFile);
         }
     }