public void Build(int keyCount, int seed)
        {
            //Arrange
            var lf = new LoggerFactory();
            var certProviderLogger = new EmbeddedCertProviderLoggingExtensions(lf.CreateLogger <EmbeddedCertProviderLoggingExtensions>());
            var eksBuilderV1Logger = new EksBuilderV1LoggingExtensions(lf.CreateLogger <EksBuilderV1LoggingExtensions>());
            var dtp = new StandardUtcDateTimeProvider();

            var cmsCertLoc = new Mock <IEmbeddedResourceCertificateConfig>();

            cmsCertLoc.Setup(x => x.Path).Returns("TestRSA.p12");
            cmsCertLoc.Setup(x => x.Password).Returns("Covid-19!"); //Not a secret.

            var cmsCertChainLoc = new Mock <IEmbeddedResourceCertificateConfig>();

            cmsCertChainLoc.Setup(x => x.Path).Returns("StaatDerNLChain-Expires2020-08-28.p7b");
            cmsCertChainLoc.Setup(x => x.Password).Returns(string.Empty); //Not a secret.

            //resign some
            var cmsSigner = new CmsSignerEnhanced(
                new EmbeddedResourceCertificateProvider(cmsCertLoc.Object, certProviderLogger),
                new EmbeddedResourcesCertificateChainProvider(cmsCertChainLoc.Object),
                new StandardUtcDateTimeProvider()
                );

            var gaCertLoc = new Mock <IEmbeddedResourceCertificateConfig>();

            gaCertLoc.Setup(x => x.Path).Returns("TestECDSA.p12");
            gaCertLoc.Setup(x => x.Password).Returns(string.Empty); //Not a secret.

            var sut = new EksBuilderV1(
                new FakeEksHeaderInfoConfig(),
                new EcdSaSigner(
                    new EmbeddedResourceCertificateProvider(
                        gaCertLoc.Object,
                        certProviderLogger)),
                cmsSigner,
                dtp,
                new GeneratedProtobufEksContentFormatter(),
                eksBuilderV1Logger
                );

            //Act
            var result = sut.BuildAsync(GetRandomKeys(keyCount, seed)).GetAwaiter().GetResult();

            Trace.WriteLine($"{keyCount} keys = {result.Length} bytes.");

            //Assert
            Assert.True(result.Length > 0);

            using (var fs = new FileStream("EKS.zip", FileMode.Create, FileAccess.Write))
            {
                fs.Write(result, 0, result.Length);
            }
        }
        public static EcdSaSigner CreateEcdsaSigner(ILoggerFactory lf)
        {
            var certProviderLogger = new EmbeddedCertProviderLoggingExtensions(
                lf.CreateLogger <EmbeddedCertProviderLoggingExtensions>());

            var gaCertLoc = new Mock <IEmbeddedResourceCertificateConfig>();

            gaCertLoc.Setup(x => x.Path).Returns("TestECDSA.p12");
            gaCertLoc.Setup(x => x.Password).Returns(string.Empty); //Not a secret.

            return(new EcdSaSigner(
                       new EmbeddedResourceCertificateProvider(
                           gaCertLoc.Object,
                           certProviderLogger)));
        }
        public static CmsSignerEnhanced CreateCmsSignerEnhanced(ILoggerFactory lf)
        {
            var certProviderLogger = new EmbeddedCertProviderLoggingExtensions(
                lf.CreateLogger <EmbeddedCertProviderLoggingExtensions>());

            var cmsCertMock = new Mock <IEmbeddedResourceCertificateConfig>();

            cmsCertMock.Setup(x => x.Path).Returns("TestRSA.p12");
            cmsCertMock.Setup(x => x.Password).Returns("Covid-19!"); //Not a secret.

            var cmsCertChainMock = new Mock <IEmbeddedResourceCertificateConfig>();

            cmsCertChainMock.Setup(x => x.Path).Returns("StaatDerNLChain-EV-Expires-2022-12-05.p7b");
            cmsCertChainMock.Setup(x => x.Password).Returns(string.Empty); //Not password-protected

            return(new CmsSignerEnhanced(
                       new EmbeddedResourceCertificateProvider(cmsCertMock.Object, certProviderLogger),
                       new EmbeddedResourcesCertificateChainProvider(cmsCertChainMock.Object),
                       new StandardUtcDateTimeProvider()));
        }
        public void EksBuilderV1WithDummy_NLSigHasDummyText()
        {
            //Arrange
            var KeyCount           = 500;
            var lf                 = new LoggerFactory();
            var certProviderLogger = new EmbeddedCertProviderLoggingExtensions(lf.CreateLogger <EmbeddedCertProviderLoggingExtensions>());
            var eksBuilderV1Logger = new EksBuilderV1LoggingExtensions(lf.CreateLogger <EksBuilderV1LoggingExtensions>());
            var dtp                = new StandardUtcDateTimeProvider();
            var dummySigner        = new DummyCmsSigner();

            var gaCertLoc = new Mock <IEmbeddedResourceCertificateConfig>();

            gaCertLoc.Setup(x => x.Path).Returns("TestECDSA.p12");
            gaCertLoc.Setup(x => x.Password).Returns(string.Empty); //Not a secret.

            var sut = new EksBuilderV1(
                new FakeEksHeaderInfoConfig(),
                new EcdSaSigner(
                    new EmbeddedResourceCertificateProvider(
                        gaCertLoc.Object,
                        certProviderLogger)
                    ),
                dummySigner,
                dtp,
                new GeneratedProtobufEksContentFormatter(),
                eksBuilderV1Logger
                );

            //Act
            var result = sut.BuildAsync(GetRandomKeys(KeyCount, 123)).GetAwaiter().GetResult();

            //Assert
            using var zipFileInMemory = new MemoryStream();
            zipFileInMemory.Write(result, 0, result.Length);
            using (var zipFileContent = new ZipArchive(zipFileInMemory, ZipArchiveMode.Read, false))
            {
                var NlSignature = zipFileContent.ReadEntry(ZippedContentEntryNames.NLSignature);
                Assert.NotNull(NlSignature);
                Assert.Equal(NlSignature, dummySigner.DummyContent);
            }
        }
Exemplo n.º 5
0
        public void Re_sign_content_that_does_not_already_have_an_equivalent_resigned_entry()
        {
            var lf = new LoggerFactory();
            var certProviderLogger = new EmbeddedCertProviderLoggingExtensions(lf.CreateLogger <EmbeddedCertProviderLoggingExtensions>());
            var resignerLogger     = new ResignerLoggingExtensions(lf.CreateLogger <ResignerLoggingExtensions>());

            //Add some db rows to Content
            var dbc = _contentDbProvider.CreateNew();

            var d            = DateTime.Now;
            var laterDate    = d.AddDays(1);
            var publishingId = "1";

            using var testContentStream = ResourcesHook.GetManifestResourceStream("Resources.ResignAppConfig.zip");
            using var m = new MemoryStream();
            testContentStream.CopyTo(m);
            var zipContent = m.ToArray();

            //Adding identical content items
            var sourceAppConfigContent1 = new ContentEntity {
                Content = zipContent, PublishingId = publishingId, ContentTypeName = ".", Type = ContentTypes.AppConfig, Created = d, Release = laterDate
            };
            var sourceAppConfigContent2 = new ContentEntity {
                Content = zipContent, PublishingId = publishingId, ContentTypeName = ".", Type = ContentTypes.AppConfig, Created = d, Release = laterDate
            };
            var sourceAppConfigContent3 = new ContentEntity {
                Content = zipContent, PublishingId = publishingId, ContentTypeName = ".", Type = ContentTypes.AppConfig, Created = d, Release = laterDate
            };

            dbc.Content.AddRange(
                sourceAppConfigContent1,
                sourceAppConfigContent2,
                sourceAppConfigContent3
                );

            dbc.SaveChanges();

            Assert.Equal(3, dbc.Content.Count());

            var resigner = new NlContentResignCommand(_contentDbProvider.CreateNew, TestSignerHelpers.CreateCmsSignerEnhanced(lf), resignerLogger);

            resigner.ExecuteAsync(ContentTypes.AppConfig, ContentTypes.AppConfigV2, ZippedContentEntryNames.Content).GetAwaiter().GetResult();

            //check the numbers
            Assert.Equal(4, dbc.Content.Count());

            var resignedAppConfigContent = dbc.Content.Where(x => x.PublishingId == publishingId && x.Type == ContentTypes.AppConfigV2);

            var originalContentStream = new MemoryStream(zipContent);

            using var originalZipArchive = new ZipArchive(originalContentStream);
            foreach (var i in resignedAppConfigContent)
            {
                Assert.Equal(sourceAppConfigContent1.Created, i.Created);
                Assert.Equal(sourceAppConfigContent1.Release, i.Release);

                var s = new MemoryStream(i.Content);
                using var z = new ZipArchive(s);

                Assert.True(Enumerable.SequenceEqual(originalZipArchive.ReadEntry(ZippedContentEntryNames.Content), z.ReadEntry(ZippedContentEntryNames.Content)));
                Assert.NotEqual(originalZipArchive.GetEntry(ZippedContentEntryNames.NlSignature), z.GetEntry(ZippedContentEntryNames.NlSignature));
            }

            //Repeating should have no effect
            resigner.ExecuteAsync(ContentTypes.AppConfig, ContentTypes.AppConfigV2, ZippedContentEntryNames.Content).GetAwaiter().GetResult();
            Assert.Equal(4, dbc.Content.Count());
        }