public async Task StripsAndAcceptsPackagesWithRepositorySignatures(
string resourceName,
string packageId,
string packageVersion,
PackageSigningStatus signingStatus,
bool allowSignedPackage)
{
// Arrange
_packageStream = TestResources.GetResourceStream(resourceName);
if (allowSignedPackage)
{
TestUtility.RequireSignedPackage(_corePackageService, packageId, packageVersion, TestResources.Leaf1Thumbprint);
}
else
{
TestUtility.RequireUnsignedPackage(_corePackageService, packageId, packageVersion);
}
_message = new SignatureValidationMessage(
packageId,
packageVersion,
new Uri($"https://unit.test/{resourceName.ToLowerInvariant()}"),
Guid.NewGuid());
Stream uploadedStream = null;
_packageFileService
.Setup(x => x.SaveAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <Guid>(), It.IsAny <Stream>()))
.Returns(Task.CompletedTask)
.Callback <string, string, Guid, Stream>((_, __, ___, s) => uploadedStream = s);
// Act
var result = await _target.ValidateAsync(
_packageKey,
_packageStream,
_message,
_cancellationToken);
// Assert
Validate(result, ValidationStatus.Succeeded, signingStatus, _nupkgUri);
Assert.Empty(result.Issues);
_packageFileService.Verify(
x => x.SaveAsync(_message.PackageId, _message.PackageVersion, _message.ValidationId, It.IsAny <Stream>()),
Times.Once);
_packageFileService.Verify(
x => x.GetReadAndDeleteUriAsync(_message.PackageId, _message.PackageVersion, _message.ValidationId, _sasDefinitionConfiguration.SignatureValidatorSasDefinition),
Times.Once);
Assert.IsType <FileStream>(uploadedStream);
Assert.Throws <ObjectDisposedException>(() => uploadedStream.Length);
if (signingStatus == PackageSigningStatus.Valid)
{
_formatValidator.Verify(
x => x.ValidateAllSignaturesAsync(It.IsAny <ISignedPackageReader>(), false, It.IsAny <CancellationToken>()),
Times.Once);
}
else
{
_formatValidator.Verify(
x => x.ValidateAllSignaturesAsync(It.IsAny <ISignedPackageReader>(), It.IsAny <bool>(), It.IsAny <CancellationToken>()),
Times.Never);
}
}
public async Task WhenPackageSupportsButDoesNotRequireSigning_AcceptsUnsignedPackages()
{
// Arrange
var user1 = new User
{
Key = 1
};
var user2 = new User
{
Key = 2
};
var packageRegistration = new PackageRegistration
{
Key = 3,
Id = TestResources.UnsignedPackageId
};
var package = new Package
{
PackageStatusKey = PackageStatus.Validating,
};
var certificate = new Certificate
{
Key = 4,
Thumbprint = TestResources.Leaf1Thumbprint
};
var userCertificate = new UserCertificate
{
Key = 5,
CertificateKey = certificate.Key,
Certificate = certificate,
UserKey = user1.Key,
User = user1
};
user1.UserCertificates.Add(userCertificate);
certificate.UserCertificates.Add(userCertificate);
packageRegistration.Owners.Add(user1);
packageRegistration.Owners.Add(user2);
_message = new SignatureValidationMessage(
TestResources.UnsignedPackageId,
TestResources.UnsignedPackageVersion,
new Uri($"https://unit.test/{TestResources.UnsignedPackage.ToLowerInvariant()}"),
Guid.NewGuid());
_packageStream = TestResources.GetResourceStream(TestResources.UnsignedPackage);
_corePackageService
.Setup(x => x.FindPackageRegistrationById(_message.PackageId))
.Returns(packageRegistration);
_corePackageService
.Setup(x => x.FindPackageByIdAndVersionStrict(_message.PackageId, _message.PackageVersion))
.Returns(package);
// Act
var result = await _target.ValidateAsync(
_packageKey,
_packageStream,
_message,
_cancellationToken);
// Assert
Validate(result, ValidationStatus.Succeeded, PackageSigningStatus.Unsigned);
Assert.Empty(result.Issues);
}
public ValidateAsync(ITestOutputHelper output)
{
_packageStream = TestResources.GetResourceStream(TestResources.UnsignedPackage);
_packageKey = 42;
_message = new SignatureValidationMessage(
"NuGet.Versioning",
"4.3.0",
new Uri("https://example/nuget.versioning.4.3.0.nupkg"),
new Guid("b777135f-1aac-4ec2-a3eb-1f64fe1880d5"));
_cancellationToken = CancellationToken.None;
_packageSigningStateService = new Mock <IPackageSigningStateService>();
_formatValidator = new Mock <ISignatureFormatValidator>();
_minimalVerifyResult = new VerifySignaturesResult(isValid: true, isSigned: true);
_formatValidator
.Setup(x => x.ValidateMinimalAsync(It.IsAny <ISignedPackageReader>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(() => _minimalVerifyResult);
_fullVerifyResult = new VerifySignaturesResult(isValid: true, isSigned: true);
_formatValidator
.Setup(x => x.ValidateAllSignaturesAsync(It.IsAny <ISignedPackageReader>(), It.IsAny <bool>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(() => _fullVerifyResult);
_authorSignatureVerifyResult = new VerifySignaturesResult(isValid: true, isSigned: true);
_formatValidator
.Setup(x => x.ValidateAuthorSignatureAsync(It.IsAny <ISignedPackageReader>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(() => _authorSignatureVerifyResult);
_repositorySignatureVerifyResult = new VerifySignaturesResult(isValid: true, isSigned: true);
_formatValidator
.Setup(x => x.ValidateRepositorySignatureAsync(It.IsAny <ISignedPackageReader>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(() => _repositorySignatureVerifyResult);
_signaturePartsExtractor = new Mock <ISignaturePartsExtractor>();
_corePackageService = new Mock <ICorePackageService>();
var loggerFactory = new LoggerFactory().AddXunit(output);
_logger = loggerFactory.CreateLogger <SignatureValidator>();
_packageFileService = new Mock <IProcessorPackageFileService>();
_nupkgUri = new Uri("https://example-storage/TestProcessor/b777135f-1aac-4ec2-a3eb-1f64fe1880d5/nuget.versioning.4.3.0.nupkg");
_packageFileService
.Setup(x => x.GetReadAndDeleteUriAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <Guid>(), It.IsAny <string>()))
.ReturnsAsync(() => _nupkgUri);
_optionsSnapshot = new Mock <IOptionsSnapshot <ProcessSignatureConfiguration> >();
_configuration = new ProcessSignatureConfiguration
{
AllowedRepositorySigningCertificates = new List <string> {
"fake-thumbprint"
},
V3ServiceIndexUrl = TestResources.V3ServiceIndexUrl,
StripValidRepositorySignatures = false,
};
_optionsSnapshot.Setup(x => x.Value).Returns(() => _configuration);
_sasDefinitionConfiguration = new SasDefinitionConfiguration();
_sasDefinitionConfigurationMock = new Mock <IOptionsSnapshot <SasDefinitionConfiguration> >();
_sasDefinitionConfigurationMock.Setup(x => x.Value).Returns(() => _sasDefinitionConfiguration);
_telemetryService = new Mock <ITelemetryService>();
_target = new SignatureValidator(
_packageSigningStateService.Object,
_formatValidator.Object,
_signaturePartsExtractor.Object,
_packageFileService.Object,
_corePackageService.Object,
_optionsSnapshot.Object,
_sasDefinitionConfigurationMock.Object,
_telemetryService.Object,
_logger);
}
