public async Task RejectsPackagesWithFullVerificationErrors() { // Arrange _packageStream = TestResources.GetResourceStream(TestResources.SignedPackageLeaf1); TestUtility.RequireSignedPackage( _corePackageService, TestResources.SignedPackageLeafId, TestResources.SignedPackageLeaf1Version, TestResources.Leaf1Thumbprint); _fullVerifyResult = new VerifySignaturesResult( valid: false, signed: true, results: new[] { new InvalidSignaturePackageVerificationResult( SignatureVerificationStatus.Suspect, new[] { SignatureLog.Issue( fatal: true, code: NuGetLogCode.NU3008, message: "The package integrity check failed."), SignatureLog.Issue( fatal: false, code: NuGetLogCode.NU3016, message: "The package hash uses an unsupported hash algorithm."), SignatureLog.Issue( fatal: true, code: NuGetLogCode.NU3000, message: "Some other thing happened."), }) }); _message = new SignatureValidationMessage( TestResources.SignedPackageLeafId, TestResources.SignedPackageLeaf1Version, new Uri($"https://unit.test/{TestResources.SignedPackageLeaf1.ToLowerInvariant()}"), Guid.NewGuid()); // Act var result = await _target.ValidateAsync( _packageKey, _packageStream, _message, _cancellationToken); // Assert Validate(result, ValidationStatus.Failed, PackageSigningStatus.Invalid); Assert.Equal(2, result.Issues.Count); var issue1 = Assert.IsType <ClientSigningVerificationFailure>(result.Issues[0]); Assert.Equal("NU3008", issue1.ClientCode); Assert.Equal("The package integrity check failed.", issue1.ClientMessage); var issue2 = Assert.IsType <ClientSigningVerificationFailure>(result.Issues[1]); Assert.Equal("NU3000", issue2.ClientCode); Assert.Equal("Some other thing happened.", issue2.ClientMessage); }
private static object[] GenerateSignatureLogWithMetadata() { var log = SignatureLog.Issue(true, NuGetLogCode.NU3000, string.Empty); log.ProjectPath = Guid.NewGuid().ToString(); log.LibraryId = Guid.NewGuid().ToString(); return(new object[] { log }); }
public void Issue_InitializesProperties(bool fatal, NuGetLogCode code, string message) { // Arrange var expectedLevel = fatal ? LogLevel.Error : LogLevel.Warning; // Act var log = SignatureLog.Issue(fatal, code, message); // Assert log.Message.Should().Be(message); log.Code.Should().Be(code); log.Level.Should().Be(expectedLevel); }
public async Task RejectsPackagesWithMimimalVerificationErrors() { // Arrange _packageStream = TestResources.GetResourceStream(TestResources.SignedPackageLeaf1); _minimalVerifyResult = new VerifySignaturesResult( valid: false, signed: true, results: new[] { new InvalidSignaturePackageVerificationResult( SignatureVerificationStatus.Suspect, new[] { SignatureLog.Issue( fatal: true, code: NuGetLogCode.NU3000, message: "The package signature is invalid."), }) }); _message = new SignatureValidationMessage( TestResources.SignedPackageLeafId, TestResources.SignedPackageLeaf1Version, new Uri($"https://unit.test/{TestResources.SignedPackageLeaf1.ToLowerInvariant()}"), Guid.NewGuid()); // Act var result = await _target.ValidateAsync( _packageKey, _packageStream, _message, _cancellationToken); // Assert Validate(result, ValidationStatus.Failed, PackageSigningStatus.Invalid); Assert.Single(result.Issues); var issue = Assert.IsType <ClientSigningVerificationFailure>(result.Issues[0]); Assert.Equal("NU3000", issue.ClientCode); Assert.Equal("The package signature is invalid.", issue.ClientMessage); }
public static IEnumerable <object[]> SignatureLogCombinations() { yield return(new object[] { SignatureLog.DebugLog(string.Empty) }); yield return(new object[] { SignatureLog.InformationLog(string.Empty) }); yield return(new object[] { SignatureLog.DetailedLog(string.Empty) }); yield return(new object[] { SignatureLog.Issue(false, NuGetLogCode.NU1000, string.Empty) }); yield return(new object[] { SignatureLog.Issue(true, NuGetLogCode.NU1000, string.Empty) }); yield return(new object[] { SignatureLog.Issue(true, NuGetLogCode.NU3000, string.Empty) }); yield return(GenerateSignatureLogWithMetadata()); }