Exemplo n.º 1
0
        public void VerifyCommand_VerifySignedPackageSucceeds()
        {
            // Arrange
            using (var dir = TestDirectory.Create())
                using (var zipStream = new SimpleTestPackageContext().CreateAsStream())
                {
                    var packagePath = Path.Combine(dir, Guid.NewGuid().ToString());

                    zipStream.Seek(offset: 0, loc: SeekOrigin.Begin);

                    using (var fileStream = File.OpenWrite(packagePath))
                    {
                        zipStream.CopyTo(fileStream);
                    }

                    var signResult = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"sign {packagePath} -CertificateFingerprint {_trustedTestCert.Source.Cert.Thumbprint} -CertificateStoreName {_trustedTestCert.StoreName} -CertificateStoreLocation {_trustedTestCert.StoreLocation}",
                        waitForExit: true);

                    signResult.Success.Should().BeTrue();

                    // Act
                    var verifyResult = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"verify {packagePath} -Signatures",
                        waitForExit: true);

                    // Assert
                    verifyResult.Success.Should().BeTrue();
                    verifyResult.AllOutput.Should().Contain(_noTimestamperWarningCode);
                }
        }
Exemplo n.º 2
0
        public void SignCommand_SignPackageWithInvalidEkuFails()
        {
            // Arrange
            var invalidEkuCert = _testFixture.TrustedTestCertificateWithInvalidEku;

            using (var dir = TestDirectory.Create())
                using (var zipStream = new SimpleTestPackageContext().CreateAsStream())
                {
                    var packagePath = Path.Combine(dir, Guid.NewGuid().ToString());

                    zipStream.Seek(offset: 0, loc: SeekOrigin.Begin);

                    using (var fileStream = File.OpenWrite(packagePath))
                    {
                        zipStream.CopyTo(fileStream);
                    }

                    // Act
                    var result = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"sign {packagePath} -CertificateFingerprint {invalidEkuCert.Source.Cert.Thumbprint} -CertificateStoreName {invalidEkuCert.StoreName} -CertificateStoreLocation {invalidEkuCert.StoreLocation}",
                        waitForExit: true);

                    // Assert
                    result.Success.Should().BeFalse();
                    result.AllOutput.Should().Contain(_noTimestamperWarningCode);
                    result.AllOutput.Should().Contain(_chainBuildFailureErrorCode);
                    result.AllOutput.Should().Contain("The certificate is not valid for the requested usage");
                }
        }
Exemplo n.º 3
0
        public void SignCommand_ResignPackageWithoutOverwriteFails()
        {
            // Arrange
            using (var dir = TestDirectory.Create())
                using (var zipStream = new SimpleTestPackageContext().CreateAsStream())
                {
                    var packagePath = Path.Combine(dir, Guid.NewGuid().ToString());

                    zipStream.Seek(offset: 0, loc: SeekOrigin.Begin);

                    using (var fileStream = File.OpenWrite(packagePath))
                    {
                        zipStream.CopyTo(fileStream);
                    }

                    var firstResult = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"sign {packagePath} -CertificateFingerprint {_trustedTestCert.Source.Cert.Thumbprint}  -CertificateStoreName {_trustedTestCert.StoreName} -CertificateStoreLocation {_trustedTestCert.StoreLocation}",
                        waitForExit: true);

                    // Act
                    var secondResult = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"sign {packagePath} -CertificateFingerprint {_trustedTestCert.Source.Cert.Thumbprint}  -CertificateStoreName {_trustedTestCert.StoreName} -CertificateStoreLocation {_trustedTestCert.StoreLocation}",
                        waitForExit: true);

                    // Assert
                    firstResult.Success.Should().BeTrue();
                    firstResult.AllOutput.Should().Contain(_noTimestamperWarningCode);
                    secondResult.Success.Should().BeFalse();
                    secondResult.Errors.Should().Contain(_packageAlreadySignedError);
                }
        }
Exemplo n.º 4
0
        public void SignCommand_SignPackageWithOutputDirectory()
        {
            // Arrange
            using (var dir = TestDirectory.Create())
                using (var outputDir = TestDirectory.Create())
                    using (var zipStream = new SimpleTestPackageContext().CreateAsStream())
                    {
                        var packageFileName   = Guid.NewGuid().ToString();
                        var packagePath       = Path.Combine(dir, packageFileName);
                        var signedPackagePath = Path.Combine(outputDir, packageFileName);

                        zipStream.Seek(offset: 0, loc: SeekOrigin.Begin);

                        using (var fileStream = File.OpenWrite(packagePath))
                        {
                            zipStream.CopyTo(fileStream);
                        }

                        // Act
                        var result = CommandRunner.Run(
                            _nugetExePath,
                            dir,
                            $"sign {packagePath} -CertificateFingerprint {_trustedTestCert.Source.Cert.Thumbprint}  -CertificateStoreName {_trustedTestCert.StoreName} -CertificateStoreLocation {_trustedTestCert.StoreLocation} -OutputDirectory {outputDir}",
                            waitForExit: true);

                        // Assert
                        result.Success.Should().BeTrue();
                        result.AllOutput.Should().Contain(_noTimestamperWarningCode);
                        File.Exists(signedPackagePath).Should().BeTrue();
                    }
        }
Exemplo n.º 5
0
        public async Task SignCommand_SignPackageWithTimestamping()
        {
            // Arrange
            var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync();

            using (var dir = TestDirectory.Create())
                using (var zipStream = new SimpleTestPackageContext().CreateAsStream())
                {
                    var packagePath = Path.Combine(dir, Guid.NewGuid().ToString());

                    zipStream.Seek(offset: 0, loc: SeekOrigin.Begin);

                    using (var fileStream = File.OpenWrite(packagePath))
                    {
                        zipStream.CopyTo(fileStream);
                    }

                    // Act
                    var result = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"sign {packagePath} -CertificateFingerprint {_trustedTestCert.Source.Cert.Thumbprint}  -CertificateStoreName {_trustedTestCert.StoreName} -CertificateStoreLocation {_trustedTestCert.StoreLocation} -Timestamper {timestampService.Url.OriginalString}",
                        waitForExit: true);

                    // Assert
                    result.Success.Should().BeTrue();
                    result.AllOutput.Should().NotContain(_noTimestamperWarningCode);
                }
        }
Exemplo n.º 6
0
        public void SignCommand_SignPackageWithPfxFileWithNonInteractiveAndStdInPasswordFails()
        {
            // Arrange
            var testLogger = new TestLogger();

            using (var dir = TestDirectory.Create())
                using (var zipStream = new SimpleTestPackageContext().CreateAsStream())
                {
                    var packagePath = Path.Combine(dir, Guid.NewGuid().ToString());
                    var pfxPath     = Path.Combine(dir, Guid.NewGuid().ToString());

                    var password = Guid.NewGuid().ToString();
                    var pfxBytes = _trustedTestCert.Source.Cert.Export(X509ContentType.Pfx, password);

                    using (var fileStream = File.OpenWrite(pfxPath))
                        using (var pfxStream = new MemoryStream(pfxBytes))
                        {
                            pfxStream.CopyTo(fileStream);
                        }

                    zipStream.Seek(offset: 0, loc: SeekOrigin.Begin);

                    using (var fileStream = File.OpenWrite(packagePath))
                    {
                        zipStream.CopyTo(fileStream);
                    }

                    // Act
                    var firstResult = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"sign {packagePath} -CertificatePath {pfxPath} -NonInteractive",
                        waitForExit: true,
                        inputAction: (w) =>
                    {
                        w.WriteLine(Guid.NewGuid().ToString());
                    });

                    // Assert
                    firstResult.Success.Should().BeFalse();
                    firstResult.AllOutput.Should().Contain(string.Format(_invalidPasswordErrorCode, pfxPath));
                }
        }
Exemplo n.º 7
0
        public void VerifyCommand_VerifyOnPackageSignedWithAllowedCertificateSucceeds()
        {
            // Arrange
            var cert = _testFixture.TrustedTestCertificateChain.Leaf;

            using (var dir = TestDirectory.Create())
                using (var zipStream = new SimpleTestPackageContext().CreateAsStream())
                {
                    var packagePath = Path.Combine(dir, Guid.NewGuid().ToString());

                    zipStream.Seek(offset: 0, loc: SeekOrigin.Begin);

                    using (var fileStream = File.OpenWrite(packagePath))
                    {
                        zipStream.CopyTo(fileStream);
                    }

                    var signResult = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"sign {packagePath} -CertificateFingerprint {cert.Source.Cert.Thumbprint} -CertificateStoreName {cert.StoreName} -CertificateStoreLocation {cert.StoreLocation}",
                        waitForExit: true);

                    signResult.Success.Should().BeTrue();

                    var certificateFingerprint       = CertificateUtility.GetHash(cert.Source.Cert, HashAlgorithmName.SHA256);
                    var certificateFingerprintString = BitConverter.ToString(certificateFingerprint).Replace("-", "");

                    // Act
                    var verifyResult = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"verify {packagePath} -Signatures -CertificateFingerprint {certificateFingerprintString};abc;def",
                        waitForExit: true);

                    // Assert
                    verifyResult.Success.Should().BeTrue();
                    verifyResult.AllOutput.Should().Contain(_noTimestamperWarningCode);
                }
        }
Exemplo n.º 8
0
        public void SignCommand_SignPackageWithPfxFileSuccess()
        {
            // Arrange
            var testLogger = new TestLogger();

            using (var dir = TestDirectory.Create())
                using (var zipStream = new SimpleTestPackageContext().CreateAsStream())
                {
                    var packagePath = Path.Combine(dir, Guid.NewGuid().ToString());
                    var pfxPath     = Path.Combine(dir, Guid.NewGuid().ToString());

                    var password = Guid.NewGuid().ToString();
                    var pfxBytes = _trustedTestCert.Source.Cert.Export(X509ContentType.Pfx, password);

                    using (var fileStream = File.OpenWrite(pfxPath))
                        using (var pfxStream = new MemoryStream(pfxBytes))
                        {
                            pfxStream.CopyTo(fileStream);
                        }

                    zipStream.Seek(offset: 0, loc: SeekOrigin.Begin);

                    using (var fileStream = File.OpenWrite(packagePath))
                    {
                        zipStream.CopyTo(fileStream);
                    }

                    // Act
                    var firstResult = CommandRunner.Run(
                        _nugetExePath,
                        dir,
                        $"sign {packagePath} -CertificatePath {pfxPath} -CertificatePassword {password}",
                        waitForExit: true);

                    // Assert
                    firstResult.Success.Should().BeTrue();
                    firstResult.AllOutput.Should().Contain(_noTimestamperWarningCode);
                }
        }