public void Constructor_InitializesProperties(
bool boolValue,
VerificationTarget verificationTarget,
SignaturePlacement signaturePlacement,
SignatureVerificationBehavior signatureVerificationBehavior,
RevocationMode revocationMode)
{
// Arrange & Act
var settings = new SignedPackageVerifierSettings(
allowUnsigned: boolValue,
allowIllegal: boolValue,
allowUntrusted: boolValue,
allowIgnoreTimestamp: boolValue,
allowMultipleTimestamps: boolValue,
allowNoTimestamp: boolValue,
allowUnknownRevocation: boolValue,
reportUnknownRevocation: boolValue,
verificationTarget: verificationTarget,
signaturePlacement: signaturePlacement,
repositoryCountersignatureVerificationBehavior: signatureVerificationBehavior,
revocationMode: revocationMode);
// Assert
settings.AllowUnsigned.Should().Be(boolValue);
settings.AllowIllegal.Should().Be(boolValue);
settings.AllowUntrusted.Should().Be(boolValue);
settings.AllowIgnoreTimestamp.Should().Be(boolValue);
settings.AllowMultipleTimestamps.Should().Be(boolValue);
settings.AllowNoTimestamp.Should().Be(boolValue);
settings.AllowUnknownRevocation.Should().Be(boolValue);
settings.ReportUnknownRevocation.Should().Be(boolValue);
settings.RepositoryCountersignatureVerificationBehavior.Should().Be(signatureVerificationBehavior);
settings.RevocationMode.Should().Be(revocationMode);
}
public SignedPackageVerifierSettings(
bool allowUnsigned,
bool allowIllegal,
bool allowUntrusted,
bool allowIgnoreTimestamp,
bool allowMultipleTimestamps,
bool allowNoTimestamp,
bool allowUnknownRevocation,
bool reportUnknownRevocation,
bool allowNoRepositoryCertificateList,
bool allowNoClientCertificateList,
VerificationTarget verificationTarget,
SignaturePlacement signaturePlacement,
SignatureVerificationBehavior repositoryCountersignatureVerificationBehavior,
RevocationMode revocationMode)
: this(
allowUnsigned,
allowIllegal,
allowUntrusted,
allowIgnoreTimestamp,
allowMultipleTimestamps,
allowNoTimestamp,
allowUnknownRevocation,
reportUnknownRevocation,
allowNoRepositoryCertificateList,
allowNoClientCertificateList,
verificationTarget,
signaturePlacement,
repositoryCountersignatureVerificationBehavior,
revocationMode,
repoAllowListEntries : null,
clientAllowListEntries : null)
{
}
public void GetDefault_InitializesProperties(string revocationModeEnvVar, RevocationMode expectedRevocationMode)
{
// Arrange
var repoList = new List <CertificateHashAllowListEntry>();
var clientList = new List <CertificateHashAllowListEntry>();
var defaultValue = true;
if (revocationModeEnvVar != null)
{
Environment.SetEnvironmentVariable(RevocationModeEnvVar, revocationModeEnvVar);
}
// Act
var settings = SignedPackageVerifierSettings.GetDefault(repoList, clientList);
// Assert
settings.AllowUnsigned.Should().Be(defaultValue);
settings.AllowIllegal.Should().Be(defaultValue);
settings.AllowUntrusted.Should().Be(defaultValue);
settings.AllowIgnoreTimestamp.Should().Be(defaultValue);
settings.AllowMultipleTimestamps.Should().Be(defaultValue);
settings.AllowNoTimestamp.Should().Be(defaultValue);
settings.AllowUnknownRevocation.Should().Be(defaultValue);
settings.ReportUnknownRevocation.Should().Be(false);
settings.AllowNoRepositoryCertificateList.Should().Be(defaultValue);
settings.AllowNoClientCertificateList.Should().Be(defaultValue);
settings.VerificationTarget.Should().Be(VerificationTarget.All);
settings.SignaturePlacement.Should().Be(SignaturePlacement.Any);
settings.RepositoryCountersignatureVerificationBehavior.Should().Be(SignatureVerificationBehavior.IfExistsAndIsNecessary);
settings.RevocationMode.Should().Be(expectedRevocationMode);
settings.RepositoryCertificateList.Should().BeSameAs(repoList);
settings.ClientCertificateList.Should().BeSameAs(clientList);
Environment.SetEnvironmentVariable(RevocationModeEnvVar, string.Empty);
}
public SignatureVerifySettings(
bool allowIllegal,
bool allowUntrusted,
bool allowUnknownRevocation,
bool reportUnknownRevocation,
RevocationMode revocationMode)
{
AllowIllegal = allowIllegal;
AllowUntrusted = allowUntrusted;
AllowUnknownRevocation = allowUnknownRevocation;
ReportUnknownRevocation = reportUnknownRevocation;
RevocationMode = revocationMode;
}
public void ConstructorWithLists_InitializesProperties(
bool boolValue,
VerificationTarget verificationTarget,
SignaturePlacement signaturePlacement,
SignatureVerificationBehavior signatureVerificationBehavior,
RevocationMode revocationMode)
{
// Arrange
var repoList = new List <CertificateHashAllowListEntry>();
var clientList = new List <CertificateHashAllowListEntry>();
// Act
var settings = new SignedPackageVerifierSettings(
allowUnsigned: boolValue,
allowIllegal: boolValue,
allowUntrusted: boolValue,
allowIgnoreTimestamp: boolValue,
allowMultipleTimestamps: boolValue,
allowNoTimestamp: boolValue,
allowUnknownRevocation: boolValue,
reportUnknownRevocation: boolValue,
allowNoRepositoryCertificateList: boolValue,
allowNoClientCertificateList: boolValue,
verificationTarget: verificationTarget,
signaturePlacement: signaturePlacement,
repositoryCountersignatureVerificationBehavior: signatureVerificationBehavior,
revocationMode: revocationMode,
repoAllowListEntries: repoList,
clientAllowListEntries: clientList);
// Assert
settings.AllowUnsigned.Should().Be(boolValue);
settings.AllowIllegal.Should().Be(boolValue);
settings.AllowUntrusted.Should().Be(boolValue);
settings.AllowIgnoreTimestamp.Should().Be(boolValue);
settings.AllowMultipleTimestamps.Should().Be(boolValue);
settings.AllowNoTimestamp.Should().Be(boolValue);
settings.AllowUnknownRevocation.Should().Be(boolValue);
settings.AllowNoRepositoryCertificateList.Should().Be(boolValue);
settings.AllowNoClientCertificateList.Should().Be(boolValue);
settings.RepositoryCountersignatureVerificationBehavior.Should().Be(signatureVerificationBehavior);
settings.RevocationMode.Should().Be(revocationMode);
settings.RepositoryCertificateList.Should().BeSameAs(repoList);
settings.ClientCertificateList.Should().BeSameAs(clientList);
}
public void GetDefault_InitializesProperties(string revocationModeEnvVar, RevocationMode expectedRevocationMode)
{
// Arrange
var defaultValue = true;
IEnvironmentVariableReader environmentVariableReader = GetEnvironmentVariableReader(revocationModeEnvVar);
// Act
var settings = SignedPackageVerifierSettings.GetDefault(environmentVariableReader);
// Assert
settings.AllowUnsigned.Should().Be(defaultValue);
settings.AllowIllegal.Should().Be(defaultValue);
settings.AllowUntrusted.Should().Be(defaultValue);
settings.AllowIgnoreTimestamp.Should().Be(defaultValue);
settings.AllowMultipleTimestamps.Should().Be(defaultValue);
settings.AllowNoTimestamp.Should().Be(defaultValue);
settings.AllowUnknownRevocation.Should().Be(defaultValue);
settings.ReportUnknownRevocation.Should().Be(false);
settings.VerificationTarget.Should().Be(VerificationTarget.All);
settings.SignaturePlacement.Should().Be(SignaturePlacement.Any);
settings.RepositoryCountersignatureVerificationBehavior.Should().Be(SignatureVerificationBehavior.IfExistsAndIsNecessary);
settings.RevocationMode.Should().Be(expectedRevocationMode);
}
public SignedPackageVerifierSettings(
bool allowUnsigned,
bool allowIllegal,
bool allowUntrusted,
bool allowIgnoreTimestamp,
bool allowMultipleTimestamps,
bool allowNoTimestamp,
bool allowUnknownRevocation,
bool reportUnknownRevocation,
VerificationTarget verificationTarget,
SignaturePlacement signaturePlacement,
SignatureVerificationBehavior repositoryCountersignatureVerificationBehavior,
RevocationMode revocationMode)
{
if (!Enum.IsDefined(typeof(VerificationTarget), verificationTarget))
{
throw new ArgumentException(
string.Format(
CultureInfo.CurrentCulture,
Strings.UnrecognizedEnumValue,
verificationTarget),
nameof(verificationTarget));
}
if (!Enum.IsDefined(typeof(SignaturePlacement), signaturePlacement))
{
throw new ArgumentException(
string.Format(
CultureInfo.CurrentCulture,
Strings.UnrecognizedEnumValue,
signaturePlacement),
nameof(signaturePlacement));
}
if (!Enum.IsDefined(typeof(SignatureVerificationBehavior), repositoryCountersignatureVerificationBehavior))
{
throw new ArgumentException(
string.Format(
CultureInfo.CurrentCulture,
Strings.UnrecognizedEnumValue,
repositoryCountersignatureVerificationBehavior),
nameof(repositoryCountersignatureVerificationBehavior));
}
if ((signaturePlacement.HasFlag(SignaturePlacement.Countersignature) && !verificationTarget.HasFlag(VerificationTarget.Repository)) ||
(signaturePlacement == SignaturePlacement.Countersignature && verificationTarget != VerificationTarget.Repository))
{
throw new ArgumentException(
string.Format(
CultureInfo.CurrentCulture,
Strings.InvalidArgumentCombination,
nameof(verificationTarget),
nameof(signaturePlacement)),
nameof(signaturePlacement));
}
if ((repositoryCountersignatureVerificationBehavior == SignatureVerificationBehavior.Never) ==
signaturePlacement.HasFlag(SignaturePlacement.Countersignature) ||
((repositoryCountersignatureVerificationBehavior == SignatureVerificationBehavior.Always) &&
!signaturePlacement.HasFlag(SignaturePlacement.Countersignature)))
{
throw new ArgumentException(
string.Format(
CultureInfo.CurrentCulture,
Strings.InvalidArgumentCombination,
nameof(signaturePlacement),
nameof(repositoryCountersignatureVerificationBehavior)),
nameof(repositoryCountersignatureVerificationBehavior));
}
AllowUnsigned = allowUnsigned;
AllowIllegal = allowIllegal;
AllowUntrusted = allowUntrusted;
AllowIgnoreTimestamp = allowIgnoreTimestamp;
AllowMultipleTimestamps = allowMultipleTimestamps;
AllowNoTimestamp = allowNoTimestamp;
AllowUnknownRevocation = allowUnknownRevocation;
ReportUnknownRevocation = reportUnknownRevocation;
VerificationTarget = verificationTarget;
SignaturePlacement = signaturePlacement;
RepositoryCountersignatureVerificationBehavior = repositoryCountersignatureVerificationBehavior;
RevocationMode = revocationMode;
}
public void GetVerifyCommandDefaultPolicy_InitializesProperties(string revocationModeEnvVar, RevocationMode expectedRevocationMode)
{
// Arrange
if (revocationModeEnvVar != null)
{
Environment.SetEnvironmentVariable(RevocationModeEnvVar, revocationModeEnvVar);
}
// Act
var settings = SignedPackageVerifierSettings.GetVerifyCommandDefaultPolicy();
// Assert
settings.AllowUnsigned.Should().Be(false);
settings.AllowIllegal.Should().Be(false);
settings.AllowUntrusted.Should().Be(false);
settings.AllowIgnoreTimestamp.Should().Be(false);
settings.AllowMultipleTimestamps.Should().Be(true);
settings.AllowNoTimestamp.Should().Be(true);
settings.AllowUnknownRevocation.Should().Be(true);
settings.ReportUnknownRevocation.Should().Be(true);
settings.VerificationTarget.Should().Be(VerificationTarget.All);
settings.SignaturePlacement.Should().Be(SignaturePlacement.Any);
settings.RepositoryCountersignatureVerificationBehavior.Should().Be(SignatureVerificationBehavior.IfExists);
settings.RevocationMode.Should().Be(expectedRevocationMode);
Environment.SetEnvironmentVariable(RevocationModeEnvVar, string.Empty);
}
