public void TestNoCertificatesThrowsError()
{
var emptyConfig = new SigningServerConfiguration();
var error = Assert.ThrowsException <InvalidConfigurationException>(() => new Server.SigningServer(emptyConfig, CreateEmptySigningToolProvider()));
Assert.AreEqual(InvalidConfigurationException.NoValidCertificatesMessage, error.Message);
}
public static void Setup(TestContext _)
{
_certificateHelper = new CertificateStoreHelper(CertificatePath, StoreName.My,
StoreLocation.LocalMachine);
var configuration = new SigningServerConfiguration
{
Port = 4711,
TimestampServer = ConfigurationManager.AppSettings["TimestampServer"],
Certificates = new[]
{
new CertificateConfiguration
{
Thumbprint = _certificateHelper.Certificate.Thumbprint,
StoreName = (StoreName)Enum.Parse(typeof(StoreName), _certificateHelper.Store.Name),
StoreLocation = _certificateHelper.Store.Location
}
},
WorkingDirectory = "WorkingDirectory"
};
File.WriteAllText("config.json", JsonConvert.SerializeObject(configuration));
_service = new SigningServerService();
_service.ConsoleStart();
}
public void SignFile_NoAnonymousSigning_Fails()
{
var configuration = new SigningServerConfiguration
{
Certificates = new[]
{
new CertificateConfiguration
{
Username = "******",
Password = "******",
Thumbprint = _certificateHelper.Certificate.Thumbprint,
StoreName = (StoreName)Enum.Parse(typeof(StoreName), _certificateHelper.Store.Name),
StoreLocation = _certificateHelper.Store.Location
}
},
WorkingDirectory = "WorkingDirectory"
};
var server = new Server.SigningServer(configuration, _emptySigningToolProvider);
var testData = new MemoryStream(File.ReadAllBytes(Path.Combine(ExecutionDirectory, "TestFiles/unsigned/unsigned.exe")));
var request = new SignFileRequest
{
FileName = "unsigned.exe",
FileSize = testData.Length,
FileContent = testData
};
var response = server.SignFile(request);
Assert.AreEqual(SignFileResponseResult.FileNotSignedUnauthorized, response.Result);
}
public SigningServer(SigningServerConfiguration configuration, ISigningToolProvider signingToolProvider)
{
if (configuration == null)
{
throw new ArgumentNullException(nameof(configuration));
}
SigningToolProvider = signingToolProvider;
Initialize(configuration);
}
public void InvalidWorkingDirectoryThrowsError()
{
var emptyConfig = new SigningServerConfiguration
{
Certificates = new[]
{
new CertificateConfiguration
{
Certificate = new X509Certificate2("Certificates/SigningServer.Test.pfx")
}
},
WorkingDirectory = "T:\\NotExisting"
};
var server = new Server.SigningServer(emptyConfig, CreateEmptySigningToolProvider());
server.GetSupportedFileExtensions();
}
public void RelativeWorkingDirectoryGetsCreated()
{
var config = new SigningServerConfiguration
{
Certificates = new[]
{
new CertificateConfiguration
{
Certificate = new X509Certificate2("Certificates/SigningServer.Test.pfx")
}
},
WorkingDirectory = "WorkingDirectory"
};
var server = new Server.SigningServer(config, CreateEmptySigningToolProvider());
Assert.IsTrue(Directory.Exists(Path.Combine(Environment.CurrentDirectory, config.WorkingDirectory)));
Directory.Delete(Path.Combine(Environment.CurrentDirectory, config.WorkingDirectory), true);
}
public void InvalidWorkingDirectoryThrowsError()
{
var emptyConfig = new SigningServerConfiguration
{
Certificates = new[]
{
new CertificateConfiguration
{
Certificate = new X509Certificate2(CertificatePath, CertificatePassword)
}
},
WorkingDirectory = "T:\\NotExisting"
};
var exception = Assert.ThrowsException <InvalidConfigurationException>(() => new Server.SigningServer(emptyConfig, CreateEmptySigningToolProvider()));
Assert.AreEqual(InvalidConfigurationException.CreateWorkingDirectoryFailedMessage, exception.Message);
}
public void AbsoluteWorkingDirectoryGetsCreated()
{
var temp = Path.Combine(Path.GetTempPath(), "WorkingDirectory");
var config = new SigningServerConfiguration
{
Certificates = new[]
{
new CertificateConfiguration
{
Certificate = new X509Certificate2("Certificates/SigningServer.Test.pfx")
}
},
WorkingDirectory = temp
};
var server = new Server.SigningServer(config, CreateEmptySigningToolProvider());
Assert.IsTrue(Directory.Exists(temp));
Directory.Delete(temp, true);
}
public static void Setup(TestContext _)
{
_certificateHelper = new CertificateStoreHelper(CertificatePath, StoreName.My,
StoreLocation.LocalMachine);
_configuration = new SigningServerConfiguration
{
Certificates = new[]
{
new CertificateConfiguration
{
Thumbprint = _certificateHelper.Certificate.Thumbprint,
StoreName = (StoreName)Enum.Parse(typeof(StoreName), _certificateHelper.Store.Name),
StoreLocation = _certificateHelper.Store.Location
}
},
WorkingDirectory = "WorkingDirectory"
};
_emptySigningToolProvider = new EnumerableSigningToolProvider(Enumerable.Empty <ISigningTool>());
var simulateSigningTool = new Mock <ISigningTool>();
simulateSigningTool.Setup(t => t.SupportedFileExtensions).Returns(new[] { "*" });
simulateSigningTool.Setup(t => t.SupportedHashAlgorithms).Returns(new[] { "*" });
simulateSigningTool.Setup(t => t.IsFileSigned(It.IsAny <string>())).Returns(true);
simulateSigningTool.Setup(t => t.IsFileSupported(It.IsAny <string>())).Returns(true);
simulateSigningTool.Setup(t => t.SignFile(It.IsAny <string>(), It.IsAny <X509Certificate2>(), It.IsAny <string>(), It.IsAny <SignFileRequest>(), It.IsAny <SignFileResponse>())).Callback(
(string file, X509Certificate2 cert, string timestampserver, SignFileRequest request, SignFileResponse response) =>
{
response.Result = SignFileResponseResult.FileSigned;
var fs = new FileStream(file, FileMode.Open, FileAccess.Read);
response.FileContent = fs;
response.FileSize = fs.Length;
});
_simultateSigningToolProvider = new EnumerableSigningToolProvider(new[] { simulateSigningTool.Object });
}
public void LoadCertificateFromStoreWorks()
{
using (var cert = new CertificateStoreHelper("Certificates/SigningServer.Test.pfx", StoreName.My,
StoreLocation.LocalMachine))
{
var emptyConfig = new SigningServerConfiguration
{
Certificates = new[]
{
new CertificateConfiguration
{
Thumbprint = cert.Certificate.Thumbprint,
StoreName = (StoreName)Enum.Parse(typeof(StoreName), cert.Store.Name),
StoreLocation = cert.Store.Location,
}
},
WorkingDirectory = "WorkingDirectory"
};
var server = new Server.SigningServer(emptyConfig, CreateEmptySigningToolProvider());
Assert.AreEqual(1, server.Configuration.Certificates.Length);
Assert.AreEqual(emptyConfig.Certificates[0].Thumbprint, server.Configuration.Certificates[0].Certificate.Thumbprint);
}
}
public void RelativeWorkingDirectoryGetsCleaned()
{
var config = new SigningServerConfiguration
{
Certificates = new[]
{
new CertificateConfiguration
{
Certificate = new X509Certificate2("Certificates/SigningServer.Test.pfx")
}
},
WorkingDirectory = "WorkingDirectory"
};
Directory.CreateDirectory("WorkingDirectory");
File.WriteAllText("WorkingDirectory/test.txt", "test");
var server = new Server.SigningServer(config, CreateEmptySigningToolProvider());
Assert.IsTrue(Directory.Exists(Path.Combine(Environment.CurrentDirectory, config.WorkingDirectory)));
Assert.AreEqual(0, Directory.GetFiles("WorkingDirectory").Length);
Directory.Delete(Path.Combine(Environment.CurrentDirectory, config.WorkingDirectory), true);
}
public void TestNoCertificatesThrowsError()
{
var emptyConfig = new SigningServerConfiguration();
var server = new Server.SigningServer(emptyConfig, CreateEmptySigningToolProvider());
}
private void Initialize(SigningServerConfiguration configuration)
{
Configuration = configuration;
Log.Info("Validating configuration");
Configuration = new SigningServerConfiguration
{
LegacyPort = configuration.LegacyPort,
Port = configuration.Port,
TimestampServer = configuration.TimestampServer ?? "",
WorkingDirectory = configuration.WorkingDirectory ?? "",
HardwareCertificateUnlockIntervalInSeconds =
configuration.HardwareCertificateUnlockIntervalInSeconds > 0
? configuration.HardwareCertificateUnlockIntervalInSeconds
: 60 * 60
};
_hardwareCertificateUnlocker =
new HardwareCertificateUnlocker(
TimeSpan.FromSeconds(Configuration.HardwareCertificateUnlockIntervalInSeconds));
var list = new List <CertificateConfiguration>();
if (configuration.Certificates != null)
{
foreach (var certificateConfiguration in configuration.Certificates)
{
if (certificateConfiguration.Certificate != null)
{
list.Add(certificateConfiguration);
continue;
}
try
{
Log.Info("Loading certificate '{0}'", certificateConfiguration.Thumbprint);
certificateConfiguration.LoadCertificate(_hardwareCertificateUnlocker);
list.Add(certificateConfiguration);
}
catch (CryptographicException e)
{
Log.Error(e, $"Certificate for thumbprint {certificateConfiguration.Thumbprint} in {certificateConfiguration.StoreLocation}/{certificateConfiguration.StoreName} coult not be loaded: 0x{e.HResult:X}");
}
catch (Exception e)
{
Log.Error(e, $"Certificate loading failed: {e.Message}");
}
}
}
if (list.Count == 0)
{
throw new InvalidConfigurationException(InvalidConfigurationException.NoValidCertificatesMessage);
}
Configuration.Certificates = list.ToArray();
try
{
if (Directory.Exists(Configuration.WorkingDirectory))
{
Log.Info("Working directory exists, cleaning");
Directory.Delete(Configuration.WorkingDirectory, true);
}
Directory.CreateDirectory(Configuration.WorkingDirectory);
Log.Info("Working directory created");
}
catch (Exception e)
{
throw new InvalidConfigurationException(InvalidConfigurationException.CreateWorkingDirectoryFailedMessage, e);
}
Log.Info("Working directory: {0}", Configuration.WorkingDirectory);
Log.Info("Certificates loaded: {0}", list.Count);
}
