public async Task VerifyAsync_WithRevokedCountersignatureCertificate_ReturnsSuspect()
{
var testServer = await _fixture.GetSigningTestServerAsync();
var certificateAuthority = await _fixture.GetDefaultTrustedCertificateAuthorityAsync();
var issueCertificateOptions = IssueCertificateOptions.CreateDefaultForEndCertificate();
var bcCertificate = certificateAuthority.IssueCertificate(issueCertificateOptions);
var timestampService = await _fixture.GetDefaultTrustedTimestampServiceAsync();
using (var certificate = new X509Certificate2(bcCertificate.GetEncoded()))
{
certificate.PrivateKey = DotNetUtilities.ToRSA(issueCertificateOptions.KeyPair.Private as RsaPrivateCrtKeyParameters);
using (var test = await Test.CreateAuthorSignedRepositoryCountersignedPackageAsync(
_fixture.TrustedTestCertificate.Source.Cert,
certificate,
timestampService.Url,
timestampService.Url))
using (var packageReader = new PackageArchiveReader(test.PackageFile.FullName))
{
await certificateAuthority.OcspResponder.WaitForResponseExpirationAsync(bcCertificate);
certificateAuthority.Revoke(
bcCertificate,
RevocationReason.KeyCompromise,
DateTimeOffset.UtcNow.AddHours(-1));
var status = await _verifier.VerifyAsync(packageReader, CancellationToken.None);
Assert.Equal(SignatureVerificationStatus.Suspect, status);
}
}
}
