public void CreateNuGetV3ServiceIndexUrl_WhenV3ServiceIndexUrlNull_Throws()
{
var exception = Assert.Throws <ArgumentNullException>(
() => AttributeUtility.CreateNuGetV3ServiceIndexUrl(v3ServiceIndexUrl: null));
Assert.Equal("v3ServiceIndexUrl", exception.ParamName);
}
public void GetRepositoryCountersignature_WithRepositoryPrimarySignature_Throws()
{
using (var test = new Test(_fixture))
{
test.CreateValidRepositoryPrimarySignature();
// Generate valid countersignature
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateCommitmentTypeIndication(SignatureType.Repository));
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateNuGetV3ServiceIndexUrl(new Uri("https://api.nuget.org/v3/index.json")));
test.CounterCmsSigner.SignedAttributes.Add(
new Pkcs9SigningTime());
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateSigningCertificateV2(test.Certificate, HashAlgorithmName.SHA256));
// Create counter signature
test.PrimarySignedCms.SignerInfos[0].ComputeCounterSignature(test.CounterCmsSigner);
// Load primary signature
var primarySignature = PrimarySignature.Load(test.PrimarySignedCms.Encode());
// Validate countersignature
var exception = Assert.Throws <SignatureException>(
() => RepositoryCountersignature.GetRepositoryCountersignature(primarySignature));
Assert.Equal(NuGetLogCode.NU3033, exception.Code);
Assert.Equal("A repository primary signature must not have a repository countersignature.", exception.Message);
}
}
public void GetRepositoryCountersignature_WithNonRepositoryCountersignature_ReturnsNull()
{
using (var test = new Test(_fixture))
{
test.CreateValidAuthorPrimarySignature();
// Generate valid countersignature
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateNuGetV3ServiceIndexUrl(new Uri("https://api.nuget.org/v3/index.json")));
test.CounterCmsSigner.SignedAttributes.Add(
new Pkcs9SigningTime());
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateSigningCertificateV2(test.Certificate, HashAlgorithmName.SHA256));
// Create counter signature
test.PrimarySignedCms.SignerInfos[0].ComputeCounterSignature(test.CounterCmsSigner);
// Load primary signature
var primarySignature = PrimarySignature.Load(test.PrimarySignedCms.Encode());
// Validate countersignature
var countersignature = RepositoryCountersignature.GetRepositoryCountersignature(primarySignature);
Assert.Null(countersignature);
}
}
public void GetRepositoryCountersignature_WithValidRepositoryCountersignature_ReturnsRepositoryCountersignature()
{
using (var test = new Test(_fixture))
{
test.CreateValidAuthorPrimarySignature();
// Generate valid countersignature
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateCommitmentTypeIndication(SignatureType.Repository));
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateNuGetV3ServiceIndexUrl(new Uri("https://api.nuget.org/v3/index.json")));
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateNuGetPackageOwners(new List <string> {
"microsoft", "nuget"
}));
test.CounterCmsSigner.SignedAttributes.Add(
new Pkcs9SigningTime());
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateSigningCertificateV2(test.Certificate, HashAlgorithmName.SHA256));
// Create counter signature
test.PrimarySignedCms.SignerInfos[0].ComputeCounterSignature(test.CounterCmsSigner);
// Load primary signature
var primarySignature = PrimarySignature.Load(test.PrimarySignedCms.Encode());
// Validate countersignature
var countersignature = RepositoryCountersignature.GetRepositoryCountersignature(primarySignature);
Assert.Equal(SignatureType.Repository, countersignature.Type);
}
}
public void CreateNuGetV3ServiceIndexUrl_WhenV3ServiceIndexSchemeIsNotHttps_Throws()
{
var url = new Uri("http://test.test", UriKind.Absolute);
var exception = Assert.Throws <ArgumentException>(() => AttributeUtility.CreateNuGetV3ServiceIndexUrl(url));
Assert.Equal("v3ServiceIndexUrl", exception.ParamName);
Assert.StartsWith("The URL value is invalid.", exception.Message);
}
public void GetNuGetV3ServiceIndexUrl_WithValidInput_ReturnsUrl()
{
var url = new Uri("https://test.test");
var attribute = AttributeUtility.CreateNuGetV3ServiceIndexUrl(url);
var attributes = new CryptographicAttributeObjectCollection(attribute);
var v3ServiceIndexUrl = AttributeUtility.GetNuGetV3ServiceIndexUrl(attributes);
Assert.True(v3ServiceIndexUrl.IsAbsoluteUri);
Assert.Equal(url.OriginalString, v3ServiceIndexUrl.OriginalString);
}
public void CreateNuGetV3ServiceIndexUrl_WithValidInput_ReturnsAttribute()
{
var url = new Uri("https://test.test", UriKind.Absolute);
var attribute = AttributeUtility.CreateNuGetV3ServiceIndexUrl(url);
Assert.Equal(Oids.NuGetV3ServiceIndexUrl, attribute.Oid.Value);
Assert.Equal(1, attribute.Values.Count);
var nugetV3ServiceIndexUrl = NuGetV3ServiceIndexUrl.Read(attribute.Values[0].RawData);
Assert.True(nugetV3ServiceIndexUrl.V3ServiceIndexUrl.IsAbsoluteUri);
Assert.Equal(url.OriginalString, nugetV3ServiceIndexUrl.V3ServiceIndexUrl.OriginalString);
}
internal void CreateValidRepositoryPrimarySignature()
{
var PrimaryCmsSigner = new CmsSigner(Certificate);
// Generate valid primary signature
PrimaryCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateCommitmentTypeIndication(SignatureType.Repository));
PrimaryCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateNuGetV3ServiceIndexUrl(new Uri("https://api.nuget.org/v3/index.json")));
PrimaryCmsSigner.SignedAttributes.Add(
new Pkcs9SigningTime());
PrimaryCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateSigningCertificateV2(Certificate, HashAlgorithmName.SHA256));
// Create primary signature
PrimarySignedCms.ComputeSignature(PrimaryCmsSigner);
}
public void GetRepositoryCountersignature_WithRepositoryCountersignatureWithInvalidPackageOwners_Throws()
{
using (var test = new Test(_fixture))
{
test.CreateValidAuthorPrimarySignature();
// Generate countersignature
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateCommitmentTypeIndication(SignatureType.Repository));
var invalidPackageOwnersBytes = DerEncoder.ConstructSequence(
(new List <string> {
"", " "
}).Select(packageOwner => DerEncoder.SegmentedEncodeUtf8String(packageOwner.ToCharArray())));
var invalidPackageOwners = new System.Security.Cryptography.CryptographicAttributeObject(
new System.Security.Cryptography.Oid(Oids.NuGetPackageOwners),
new System.Security.Cryptography.AsnEncodedDataCollection(new System.Security.Cryptography.AsnEncodedData(Oids.NuGetPackageOwners, invalidPackageOwnersBytes)));
test.CounterCmsSigner.SignedAttributes.Add(
invalidPackageOwners);
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateNuGetV3ServiceIndexUrl(new Uri("https://api.nuget.org/v3/index.json")));
test.CounterCmsSigner.SignedAttributes.Add(
new Pkcs9SigningTime());
test.CounterCmsSigner.SignedAttributes.Add(
AttributeUtility.CreateSigningCertificateV2(test.Certificate, HashAlgorithmName.SHA256));
// Create counter signature
test.PrimarySignedCms.SignerInfos[0].ComputeCounterSignature(test.CounterCmsSigner);
// Load primary signature
var primarySignature = PrimarySignature.Load(test.PrimarySignedCms.Encode());
// Validate countersignature
var exception = Assert.Throws <SignatureException>(
() => RepositoryCountersignature.GetRepositoryCountersignature(primarySignature));
Assert.Equal(NuGetLogCode.NU3000, exception.Code);
Assert.Equal("The nuget-package-owners attribute is invalid.", exception.Message);
}
}