public void GetAuthorSignRequest_InvalidCertificateFile() { var mockConsole = new Mock <IConsole>(); var timestampUri = "http://timestamp.test/url"; // Arrange using (var dir = TestDirectory.Create()) using (var test = new MSSignCommandTestContext(_trustedTestCertWithPrivateKey.TrustedCert)) { var signCommand = new MSSignCommand { Console = mockConsole.Object, Timestamper = timestampUri, CertificateFile = Path.Combine(dir, "non-existant-cert.pfx"), CSPName = test.CertificateCSPName, KeyContainer = test.CertificateKeyContainer, CertificateFingerprint = test.Cert.Thumbprint, }; signCommand.Arguments.Add(Path.Combine(dir, "package.nupkg")); // Act & Assert var ex = Assert.Throws <CryptographicException>(() => signCommand.GetAuthorSignRequest()); Assert.Contains("The system cannot find the file specified.", ex.Message); } }
public void GetAuthorSignRequest_InvalidKeyContainer() { var mockConsole = new Mock <IConsole>(); var timestampUri = "http://timestamp.test/url"; // Arrange using (var dir = TestDirectory.Create()) using (var test = new MSSignCommandTestContext(_trustedTestCertWithoutPrivateKey.TrustedCert, exportPfx: false)) { var signCommand = new MSSignCommand { Console = mockConsole.Object, Timestamper = timestampUri, CertificateFile = test.CertificatePath, CSPName = test.CertificateCSPName, KeyContainer = "invalid-key-container", CertificateFingerprint = test.Cert.Thumbprint, }; signCommand.Arguments.Add(Path.Combine(dir, "package.nupkg")); // Act & Assert var ex = Assert.Throws <InvalidOperationException>(() => signCommand.GetAuthorSignRequest()); Assert.Equal("Can't find cng key.", ex.Message); } }
public async Task MSSignCommand_ResignPackageWithoutOverwriteFailsAsync() { var package = new SimpleTestPackageContext(); // Arrange using (var test = new MSSignCommandTestContext(_trustedTestCertWithPrivateKey.TrustedCert)) { var unsignedPackageFile = await package.CreateAsFileAsync(test.Directory, Guid.NewGuid().ToString()); var command = $"mssign {unsignedPackageFile} -CertificateFile {test.CertificatePath} -CSPName \"{test.CertificateCSPName}\" -KeyContainer \"{test.CertificateKeyContainer}\" -CertificateFingerprint {test.Cert.Thumbprint}"; var result = CommandRunner.Run( _nugetExePath, test.Directory, command, waitForExit: true); result.Success.Should().BeTrue(); result.AllOutput.Should().Contain(_noTimestamperWarningCode); result = CommandRunner.Run( _nugetExePath, test.Directory, command, waitForExit: true); result.Success.Should().BeFalse(); result.AllOutput.Should().Contain(_noTimestamperWarningCode); result.Errors.Should().Contain("NU3001: The package already contains a signature. Please remove the existing signature before adding a new signature."); } }
public async Task MSSignCommand_ResignPackageWithOverwriteSuccessAsync() { var package = new SimpleTestPackageContext(); // Arrange using (var test = new MSSignCommandTestContext(_trustedTestCertWithPrivateKey.TrustedCert)) { var unsignedPackageFile = await package.CreateAsFileAsync(test.Directory, Guid.NewGuid().ToString()); var command = $"mssign {unsignedPackageFile} -CertificateFile {test.CertificatePath} -CSPName \"{test.CertificateCSPName}\" -KeyContainer \"{test.CertificateKeyContainer}\" -CertificateFingerprint {test.Cert.Thumbprint}"; var commandWithOverwrite = $"mssign {unsignedPackageFile} -CertificateFile {test.CertificatePath} -CSPName \"{test.CertificateCSPName}\" -KeyContainer \"{test.CertificateKeyContainer}\" -CertificateFingerprint {test.Cert.Thumbprint} -Overwrite"; var result = CommandRunner.Run( _nugetExePath, test.Directory, command, waitForExit: true); result.Success.Should().BeTrue(); result.AllOutput.Should().Contain(_noTimestamperWarningCode); result = CommandRunner.Run( _nugetExePath, test.Directory, commandWithOverwrite, waitForExit: true); result.Success.Should().BeTrue(); result.AllOutput.Should().Contain(_noTimestamperWarningCode); } }
public void GetAuthorSignRequest_Success() { var mockConsole = new Mock <IConsole>(); var timestampUri = "http://timestamp.test/url"; // Arrange using (var dir = TestDirectory.Create()) using (var test = new MSSignCommandTestContext(_trustedTestCertWithPrivateKey.TrustedCert)) { var signCommand = new MSSignCommand { Console = mockConsole.Object, Timestamper = timestampUri, CertificateFile = test.CertificatePath, CSPName = test.CertificateCSPName, KeyContainer = test.CertificateKeyContainer, CertificateFingerprint = test.Cert.Thumbprint, }; signCommand.Arguments.Add(Path.Combine(dir, "package.nupkg")); // Act var signRequest = signCommand.GetAuthorSignRequest(); // Assert Assert.Equal(SignatureType.Author, signRequest.SignatureType); Assert.NotNull(signRequest.Certificate); Assert.Equal(signRequest.Certificate.Thumbprint, test.Cert.Thumbprint, StringComparer.Ordinal); Assert.NotNull(signRequest.PrivateKey); } }
public void GetRepositorySignRequest_InvalidCSPName() { var mockConsole = new Mock <IConsole>(); var v3serviceIndex = "https://v3serviceindex.test/api/index.json"; var timestampUri = "http://timestamp.test/url"; // Arrange using (var dir = TestDirectory.Create()) using (var test = new MSSignCommandTestContext(_trustedTestCertWithoutPrivateKey.TrustedCert, exportPfx: false)) { var reposignCommand = new RepoSignCommand { Console = mockConsole.Object, Timestamper = timestampUri, CertificateFile = test.CertificatePath, CSPName = "random nonexistant csp name", KeyContainer = test.CertificateKeyContainer, CertificateFingerprint = test.Cert.Thumbprint, V3ServiceIndexUrl = v3serviceIndex, }; reposignCommand.Arguments.Add(Path.Combine(dir, "package.nupkg")); // Act & Assert var ex = Assert.Throws <InvalidOperationException>(() => reposignCommand.GetRepositorySignRequest()); Assert.Equal("Can't find cng key.", ex.Message); } }
public async Task ReposignCommand_Countersign_AuthorSignedPackage_WithTimestampAsync() { var package = new SimpleTestPackageContext(); var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync(); // Arrange using (var test = new MSSignCommandTestContext(_trustedTestCertWithPrivateKey.TrustedCert)) { var unsignedPackageFile = await package.CreateAsFileAsync(test.Directory, Guid.NewGuid().ToString()); var authorSignCommand = $"mssign {unsignedPackageFile} -Timestamper {timestampService.Url} -CertificateFile {test.CertificatePath} -CSPName \"{test.CertificateCSPName}\" -KeyContainer \"{test.CertificateKeyContainer}\" -CertificateFingerprint {test.Cert.Thumbprint}"; var repoSignCommand = $"reposign {unsignedPackageFile} -Timestamper {timestampService.Url} -CertificateFile {test.CertificatePath} -CSPName \"{test.CertificateCSPName}\" -KeyContainer \"{test.CertificateKeyContainer}\" -CertificateFingerprint {test.Cert.Thumbprint} -V3ServiceIndexUrl https://v3serviceIndex.test/api/index.json"; var result = CommandRunner.Run( _nugetExePath, test.Directory, authorSignCommand, waitForExit: true); result.Success.Should().BeTrue(); result.AllOutput.Should().NotContain(_noTimestamperWarningCode); result = CommandRunner.Run( _nugetExePath, test.Directory, repoSignCommand, waitForExit: true); result.Success.Should().BeTrue(); result.AllOutput.Should().NotContain(_noTimestamperWarningCode); } }
public async Task ReposignCommand_Countersign_RepositorySignedPackage_FailAsync() { var package = new SimpleTestPackageContext(); // Arrange using (var test = new MSSignCommandTestContext(_trustedTestCertWithPrivateKey.TrustedCert)) { var unsignedPackageFile = await package.CreateAsFileAsync(test.Directory, Guid.NewGuid().ToString()); var command = $"reposign {unsignedPackageFile} -CertificateFile {test.CertificatePath} -CSPName \"{test.CertificateCSPName}\" -KeyContainer \"{test.CertificateKeyContainer}\" -CertificateFingerprint {test.Cert.Thumbprint} -V3ServiceIndexUrl https://v3serviceIndex.test/api/index.json"; var result = CommandRunner.Run( _nugetExePath, test.Directory, command, waitForExit: true); result.Success.Should().BeTrue(); result.AllOutput.Should().Contain(_noTimestamperWarningCode); result = CommandRunner.Run( _nugetExePath, test.Directory, command, waitForExit: true); result.Success.Should().BeFalse(); result.AllOutput.Should().Contain(_noTimestamperWarningCode); result.Errors.Should().Contain("NU3033: A repository primary signature must not have a repository countersignature."); } }
public void GetRepositorySignRequest_Success() { var mockConsole = new Mock <IConsole>(); var v3serviceIndex = "https://v3serviceindex.test/api/index.json"; var timestampUri = "http://timestamp.test/url"; // Arrange using (var dir = TestDirectory.Create()) using (var test = new MSSignCommandTestContext(_trustedTestCertWithPrivateKey.TrustedCert)) { var reposignCommand = new RepoSignCommand { Console = mockConsole.Object, Timestamper = timestampUri, CertificateFile = test.CertificatePath, CSPName = test.CertificateCSPName, KeyContainer = test.CertificateKeyContainer, CertificateFingerprint = test.Cert.Thumbprint, V3ServiceIndexUrl = v3serviceIndex, }; reposignCommand.Arguments.Add(Path.Combine(dir, "package.nupkg")); // Act var signRequest = reposignCommand.GetRepositorySignRequest(); // Assert Assert.Equal(v3serviceIndex, signRequest.V3ServiceIndexUrl.AbsoluteUri, StringComparer.Ordinal); Assert.Equal(SignatureType.Repository, signRequest.SignatureType); Assert.NotNull(signRequest.Certificate); Assert.Equal(signRequest.Certificate.Thumbprint, test.Cert.Thumbprint, StringComparer.Ordinal); Assert.NotNull(signRequest.PrivateKey); } }