public async Task GetTrustResultAsync_WithInvalidSignature_Throws() { var package = new SimpleTestPackageContext(); var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync(); using (var directory = TestDirectory.Create()) using (var testCertificate = new X509Certificate2(_trustedTestCert.Source.Cert)) { var packageFilePath = await SignedArchiveTestUtility.CreateSignedAndTimeStampedPackageAsync( testCertificate, package, directory, timestampService.Url); using (var packageReader = new PackageArchiveReader(packageFilePath)) { var signature = await packageReader.GetSignatureAsync(CancellationToken.None); var invalidSignature = SignedArchiveTestUtility.GenerateInvalidSignature(signature); var provider = new SignatureTrustAndValidityVerificationProvider(); var result = await provider.GetTrustResultAsync( packageReader, invalidSignature, SignedPackageVerifierSettings.Default, CancellationToken.None); var issue = result.Issues.FirstOrDefault(log => log.Code == NuGetLogCode.NU3012); Assert.NotNull(issue); Assert.Equal("Primary signature validation failed.", issue.Message); } } }