public void GetSignedPackageVerifierSettings_RepoSignatureInfoCertificateListWithMultipleEntriesCorrectlyPassedToSetting()
{
// Arrange
var target = VerificationTarget.Repository;
var placement = SignaturePlacement.PrimarySignature | SignaturePlacement.Countersignature;
var allSigned = true;
var firstCertFingerprints = new Dictionary <string, string>()
{
{ HashAlgorithmName.SHA256.ConvertToOidString(), $"{HashAlgorithmName.SHA256.ToString()}_first" },
{ HashAlgorithmName.SHA384.ConvertToOidString(), $"{HashAlgorithmName.SHA384.ToString()}_first" },
{ HashAlgorithmName.SHA512.ConvertToOidString(), $"{HashAlgorithmName.SHA512.ToString()}_first" }
};
var secondCertFingerprints = new Dictionary <string, string>()
{
{ HashAlgorithmName.SHA256.ConvertToOidString(), $"{HashAlgorithmName.SHA256.ToString()}_second" },
};
var repoCertificateInfo = new List <IRepositoryCertificateInfo>()
{
new TestRepositoryCertificateInfo()
{
ContentUrl = @"https://unit.test/1",
Fingerprints = new Fingerprints(firstCertFingerprints),
Issuer = "CN=Issuer1",
Subject = "CN=Subject1",
NotBefore = DateTimeOffset.UtcNow,
NotAfter = DateTimeOffset.UtcNow
},
new TestRepositoryCertificateInfo()
{
ContentUrl = @"https://unit.test/2",
Fingerprints = new Fingerprints(secondCertFingerprints),
Issuer = "CN=Issuer2",
Subject = "CN=Subject2",
NotBefore = DateTimeOffset.UtcNow,
NotAfter = DateTimeOffset.UtcNow
}
};
var expectedAllowList = new List <CertificateHashAllowListEntry>()
{
new CertificateHashAllowListEntry(target, placement, $"{HashAlgorithmName.SHA256.ToString()}_first", HashAlgorithmName.SHA256),
new CertificateHashAllowListEntry(target, placement, $"{HashAlgorithmName.SHA384.ToString()}_first", HashAlgorithmName.SHA384),
new CertificateHashAllowListEntry(target, placement, $"{HashAlgorithmName.SHA512.ToString()}_first", HashAlgorithmName.SHA512),
new CertificateHashAllowListEntry(target, placement, $"{HashAlgorithmName.SHA256.ToString()}_second", HashAlgorithmName.SHA256)
};
var repoSignatureInfo = new RepositorySignatureInfo(allSigned, repoCertificateInfo);
// Act
var settings = RepositorySignatureInfoUtility.GetSignedPackageVerifierSettings(repoSignatureInfo, _defaultSettings);
// Assert
settings.AllowUnsigned.Should().BeFalse();
settings.AllowNoClientCertificateList.Should().BeTrue();
settings.AllowNoRepositoryCertificateList.Should().BeFalse();
settings.RepositoryCertificateList.Should().NotBeNull();
settings.RepositoryCertificateList.ShouldBeEquivalentTo(expectedAllowList);
}
public void GetSignedPackageVerifierSettings_RepoSignatureInfoFalseAllSignedDoesNotSetAllowUnsigned()
{
// Arrange
var repoSignatureInfo = new RepositorySignatureInfo(allRepositorySigned: false, repositoryCertificateInfos: null);
// Act
var settings = RepositorySignatureInfoUtility.GetSignedPackageVerifierSettings(repoSignatureInfo, _defaultSettings);
// Assert
settings.ShouldBeEquivalentTo(_defaultSettings);
}
public void GetSignedPackageVerifierSettings_RepoSignatureInfoCertificateListWithOneEntryCorrectlyPassedToSetting()
{
// Arrange
var target = VerificationTarget.Repository;
var allSigned = true;
var certFingerprints = new Dictionary <string, string>()
{
{ HashAlgorithmName.SHA256.ConvertToOidString(), HashAlgorithmName.SHA256.ToString() },
{ HashAlgorithmName.SHA384.ConvertToOidString(), HashAlgorithmName.SHA384.ToString() },
{ HashAlgorithmName.SHA512.ConvertToOidString(), HashAlgorithmName.SHA512.ToString() },
{ "1.3.14.3.2.26", "SHA1" },
};
var testCertInfo = new TestRepositoryCertificateInfo()
{
ContentUrl = @"https://unit.test",
Fingerprints = new Fingerprints(certFingerprints),
Issuer = "CN=Issuer",
Subject = "CN=Subject",
NotBefore = DateTimeOffset.UtcNow,
NotAfter = DateTimeOffset.UtcNow
};
var repoCertificateInfo = new List <IRepositoryCertificateInfo>()
{
testCertInfo
};
var expectedAllowList = new List <CertificateHashAllowListEntry>()
{
new CertificateHashAllowListEntry(target, HashAlgorithmName.SHA256.ToString(), HashAlgorithmName.SHA256),
new CertificateHashAllowListEntry(target, HashAlgorithmName.SHA384.ToString(), HashAlgorithmName.SHA384),
new CertificateHashAllowListEntry(target, HashAlgorithmName.SHA512.ToString(), HashAlgorithmName.SHA512)
};
var repoSignatureInfo = new RepositorySignatureInfo(allSigned, repoCertificateInfo);
// Act
var settings = RepositorySignatureInfoUtility.GetSignedPackageVerifierSettings(repoSignatureInfo, _defaultSettings);
// Assert
settings.AllowUnsigned.Should().BeFalse();
settings.AllowNoClientCertificateList.Should().BeTrue();
settings.AllowNoRepositoryCertificateList.Should().BeFalse();
settings.RepositoryCertificateList.Should().NotBeNull();
settings.RepositoryCertificateList.ShouldBeEquivalentTo(expectedAllowList);
}
/// <summary>
/// Gets SignedPackageVerifierSettings from a given RepositorySignatureInfo.
/// </summary>
/// <param name="repoSignatureInfo">RepositorySignatureInfo to be used.</param>
/// <param name="fallbackSettings">SignedPackageVerifierSettings to be used if RepositorySignatureInfo is unavailable.</param>
/// <returns>SignedPackageVerifierSettings based on the RepositorySignatureInfo and SignedPackageVerifierSettings.</returns>
public static SignedPackageVerifierSettings GetSignedPackageVerifierSettings(
RepositorySignatureInfo repoSignatureInfo,
SignedPackageVerifierSettings fallbackSettings)
{
if (fallbackSettings == null)
{
throw new ArgumentNullException(nameof(fallbackSettings));
}
if (repoSignatureInfo == null)
{
return(fallbackSettings);
}
else
{
var repositoryAllowList = GetRepositoryAllowList(repoSignatureInfo.RepositoryCertificateInfos);
// Allow unsigned only if the common settings allow it and repository does not have all packages signed
var allowUnsigned = fallbackSettings.AllowUnsigned && !repoSignatureInfo.AllRepositorySigned;
// Allow an empty repository certificate list only if the repository does not have all packages signed
var allowNoRepositoryCertificateList = !repoSignatureInfo.AllRepositorySigned;
// Allow untrusted only if the common settings allow it and repository does not have all packages signed
var allowUntrusted = fallbackSettings.AllowUntrusted && !repoSignatureInfo.AllRepositorySigned;
return(new SignedPackageVerifierSettings(
allowUnsigned,
fallbackSettings.AllowIllegal,
allowUntrusted,
fallbackSettings.AllowIgnoreTimestamp,
fallbackSettings.AllowMultipleTimestamps,
fallbackSettings.AllowNoTimestamp,
fallbackSettings.AllowUnknownRevocation,
fallbackSettings.ReportUnknownRevocation,
allowNoRepositoryCertificateList,
fallbackSettings.AllowNoClientCertificateList,
fallbackSettings.VerificationTarget,
fallbackSettings.SignaturePlacement,
fallbackSettings.RepositoryCountersignatureVerificationBehavior,
fallbackSettings.RevocationMode,
repositoryAllowList?.AsReadOnly(),
fallbackSettings.ClientCertificateList));
}
}
public void GetSignedPackageVerifierSettings_RepoSignatureInfoTrueAllSignedClearsAllowUnsignedIfSet()
{
// Arrange
var allSigned = true;
var repoSignatureInfo = new RepositorySignatureInfo(allSigned, repositoryCertificateInfos: null);
// Act
var settings = RepositorySignatureInfoUtility.GetSignedPackageVerifierSettings(repoSignatureInfo, _defaultSettings);
// Assert
settings.AllowUnsigned.Should().BeFalse();
settings.AllowIllegal.Should().BeTrue();
settings.AllowUntrusted.Should().BeTrue();
settings.AllowUntrustedSelfIssuedCertificate.Should().BeTrue();
settings.AllowIgnoreTimestamp.Should().BeTrue();
settings.AllowNoTimestamp.Should().BeTrue();
settings.AllowMultipleTimestamps.Should().BeTrue();
settings.AllowUnknownRevocation.Should().BeTrue();
}
public void GetSignedPackageVerifierSettings_RepoSignatureInfoAllSignedTrue_ClearsAllowUnsignedIfSet()
{
// Arrange
var allSigned = true;
var repoSignatureInfo = new RepositorySignatureInfo(allSigned, repositoryCertificateInfos: null);
// Act
var settings = RepositorySignatureInfoUtility.GetSignedPackageVerifierSettings(repoSignatureInfo, _defaultSettings);
// Assert
settings.AllowUnsigned.Should().BeFalse();
settings.AllowIllegal.Should().BeTrue();
settings.AllowUntrusted.Should().BeFalse();
settings.AllowIgnoreTimestamp.Should().BeTrue();
settings.AllowNoTimestamp.Should().BeTrue();
settings.AllowMultipleTimestamps.Should().BeTrue();
settings.AllowUnknownRevocation.Should().BeTrue();
settings.ReportUnknownRevocation.Should().BeFalse();
settings.VerificationTarget.Should().Be(VerificationTarget.All);
settings.SignaturePlacement.Should().Be(SignaturePlacement.Any);
settings.RepositoryCountersignatureVerificationBehavior.Should().Be(SignatureVerificationBehavior.IfExistsAndIsNecessary);
}
/// <summary>
/// Gets SignedPackageVerifierSettings from a given RepositorySignatureInfo.
/// </summary>
/// <param name="repoSignatureInfo">RepositorySignatureInfo to be used.</param>
/// <param name="fallbackSettings">SignedPackageVerifierSettings to be used if RepositorySignatureInfo is unavailable.</param>
/// <returns>SignedPackageVerifierSettings based on the RepositorySignatureInfo and SignedPackageVerifierSettings.</returns>
public static SignedPackageVerifierSettings GetSignedPackageVerifierSettings(
RepositorySignatureInfo repoSignatureInfo,
SignedPackageVerifierSettings fallbackSettings)
{
if (fallbackSettings == null)
{
throw new ArgumentNullException(nameof(fallbackSettings));
}
if (repoSignatureInfo == null)
{
return(fallbackSettings);
}
else
{
var repositoryAllowList = GetRepositoryAllowList(repoSignatureInfo.RepositoryCertificateInfos);
// Allow unsigned only if the common settings allow it and repository does not have all packages signed
var allowUnsigned = fallbackSettings.AllowUnsigned && !repoSignatureInfo.AllRepositorySigned;
// Allow an empty repository certificate list only if the repository does not have all packages signed
var allowNoRepositoryCertificateList = !repoSignatureInfo.AllRepositorySigned;
return(new SignedPackageVerifierSettings(
allowUnsigned: allowUnsigned,
allowIllegal: fallbackSettings.AllowIllegal,
allowUntrusted: fallbackSettings.AllowUntrusted,
allowUntrustedSelfIssuedCertificate: fallbackSettings.AllowUntrustedSelfIssuedCertificate,
allowIgnoreTimestamp: fallbackSettings.AllowIgnoreTimestamp,
allowMultipleTimestamps: fallbackSettings.AllowMultipleTimestamps,
allowNoTimestamp: fallbackSettings.AllowNoTimestamp,
allowUnknownRevocation: fallbackSettings.AllowUnknownRevocation,
allowNoRepositoryCertificateList: allowNoRepositoryCertificateList,
allowNoClientCertificateList: fallbackSettings.AllowNoClientCertificateList,
repoAllowListEntries: repositoryAllowList?.AsReadOnly(),
clientAllowListEntries: fallbackSettings.ClientCertificateList));
}
}
public void GetSignedPackageVerifierSettings_ClientAllowListInfoPassedToSetting()
{
// Arrange
var target = VerificationTarget.Repository;
var allSigned = true;
var certFingerprints = new Dictionary <string, string>()
{
{ HashAlgorithmName.SHA256.ConvertToOidString(), HashAlgorithmName.SHA256.ToString() },
{ HashAlgorithmName.SHA384.ConvertToOidString(), HashAlgorithmName.SHA384.ToString() },
{ HashAlgorithmName.SHA512.ConvertToOidString(), HashAlgorithmName.SHA512.ToString() },
{ "1.3.14.3.2.26", "SHA1" },
};
var testCertInfo = new TestRepositoryCertificateInfo()
{
ContentUrl = @"https://unit.test",
Fingerprints = new Fingerprints(certFingerprints),
Issuer = "CN=Issuer",
Subject = "CN=Subject",
NotBefore = DateTimeOffset.UtcNow,
NotAfter = DateTimeOffset.UtcNow
};
var repoCertificateInfo = new List <IRepositoryCertificateInfo>()
{
testCertInfo
};
var expectedClientAllowList = new List <CertificateHashAllowListEntry>()
{
new CertificateHashAllowListEntry(target, HashAlgorithmName.SHA256.ToString(), HashAlgorithmName.SHA256)
};
var expectedRepoAllowList = new List <CertificateHashAllowListEntry>()
{
new CertificateHashAllowListEntry(target, HashAlgorithmName.SHA256.ToString(), HashAlgorithmName.SHA256),
new CertificateHashAllowListEntry(target, HashAlgorithmName.SHA384.ToString(), HashAlgorithmName.SHA384),
new CertificateHashAllowListEntry(target, HashAlgorithmName.SHA512.ToString(), HashAlgorithmName.SHA512)
};
var repoSignatureInfo = new RepositorySignatureInfo(allSigned, repoCertificateInfo);
var fallbackSettings = new SignedPackageVerifierSettings(
allowUnsigned: true,
allowIllegal: true,
allowUntrusted: true,
allowUntrustedSelfIssuedCertificate: true,
allowIgnoreTimestamp: true,
allowMultipleTimestamps: true,
allowNoTimestamp: true,
allowUnknownRevocation: true,
allowNoRepositoryCertificateList: true,
allowNoClientCertificateList: false,
repoAllowListEntries: null,
clientAllowListEntries: expectedClientAllowList);
// Act
var settings = RepositorySignatureInfoUtility.GetSignedPackageVerifierSettings(repoSignatureInfo, fallbackSettings);
// Assert
settings.AllowUnsigned.Should().BeFalse();
settings.AllowNoClientCertificateList.Should().BeFalse();
settings.AllowNoRepositoryCertificateList.Should().BeFalse();
settings.ClientCertificateList.Should().NotBeNull();
settings.ClientCertificateList.ShouldBeEquivalentTo(expectedClientAllowList);
settings.RepositoryCertificateList.Should().NotBeNull();
settings.RepositoryCertificateList.ShouldBeEquivalentTo(expectedRepoAllowList);
}
