public void ShouldFailIfTimestampUsesWeakSignatureAlgorithm() { var signatures = GetGraphForFile("../../inputs/timestampedweaksig.ex_"); var rule = new TimestampedRule(); var logger = new MemorySignatureLogger(); var result = rule.Validate(signatures, logger, Configuration); Assert.Equal(RuleResult.Fail, result); Assert.Collection(logger.Messages, s => s.EndsWith("Signature is not timestamped with the expected hash algorithm SHA256.")); }
public void ShouldPassIfTimestampedAlgorithmIsValid() { var signatures = GetGraphForFile("../../inputs/timestampedvalid.ex_"); var rule = new TimestampedRule(); var logger = new MemorySignatureLogger(); var result = rule.Validate(signatures, logger, Configuration); Assert.Equal(RuleResult.Pass, result); Assert.Empty(logger.Messages); }
public void ShouldFailIfNoTimestamp(string file) { var signatures = GetGraphForFile(file); var rule = new TimestampedRule(); var logger = new MemorySignatureLogger(); var result = rule.Validate(signatures, logger, Configuration); Assert.Equal(RuleResult.Fail, result); Assert.Collection(logger.Messages, s => s.EndsWith("Signature is not timestamped.")); }