示例#1
0
        public async Task GetCertificateChain_WithUnknownSignature_ReturnsCertificatesAsync()
        {
            using (var directory = TestDirectory.Create())
                using (var certificate = _fixture.GetDefaultCertificate())
                {
                    var packageContext      = new SimpleTestPackageContext();
                    var unsignedPackageFile = await packageContext.CreateAsFileAsync(directory, "Package.nupkg");

                    var signedPackageFile = await SignedArchiveTestUtility.SignPackageFileWithBasicSignedCmsAsync(
                        directory,
                        unsignedPackageFile,
                        certificate);

                    using (var packageReader = new PackageArchiveReader(signedPackageFile.FullName))
                    {
                        var signature = await packageReader.GetPrimarySignatureAsync(CancellationToken.None);

                        using (var certificates = SignatureUtility.GetCertificateChain(signature))
                        {
                            Assert.Equal(1, certificates.Count);
                            Assert.Equal(certificate.RawData, certificates[0].RawData);
                        }
                    }
                }
        }
            public async Task VerifySignaturesAsync_WithBasicSignedCms_SucceedsAsync()
            {
                var settings = new SignedPackageVerifierSettings(
                    allowUnsigned: false,
                    allowIllegal: false,
                    allowUntrusted: false,
                    allowIgnoreTimestamp: false,
                    allowMultipleTimestamps: true,
                    allowNoTimestamp: true,
                    allowUnknownRevocation: false,
                    reportUnknownRevocation: true,
                    verificationTarget: VerificationTarget.All,
                    signaturePlacement: SignaturePlacement.Any,
                    repositoryCountersignatureVerificationBehavior: SignatureVerificationBehavior.IfExistsAndIsNecessary,
                    revocationMode: RevocationMode.Online);

                using (TestDirectory directory = TestDirectory.Create())
                    using (var certificate = new X509Certificate2(_trustedTestCert.Source.Cert))
                    {
                        var      packageContext      = new SimpleTestPackageContext();
                        FileInfo unsignedPackageFile = await packageContext.CreateAsFileAsync(directory, "Package.nupkg");

                        FileInfo signedPackageFile = await SignedArchiveTestUtility.SignPackageFileWithBasicSignedCmsAsync(
                            directory,
                            unsignedPackageFile,
                            certificate);

                        var verifier = new PackageSignatureVerifier(_trustProviders);

                        using (var packageReader = new PackageArchiveReader(signedPackageFile.FullName))
                        {
                            VerifySignaturesResult result = await verifier.VerifySignaturesAsync(packageReader, settings, CancellationToken.None);

                            IEnumerable <PackageVerificationResult> resultsWithErrors = result.Results.Where(r => r.GetErrorIssues().Any());
                            IEnumerable <ILogMessage> totalErrorIssues = resultsWithErrors.SelectMany(r => r.GetErrorIssues());

                            Assert.Equal(1, result.Results.Count);

                            var        signedPackageVerificationResult = (SignedPackageVerificationResult)result.Results[0];
                            SignerInfo signer = signedPackageVerificationResult.Signature.SignedCms.SignerInfos[0];

                            Assert.Equal(0, signer.SignedAttributes.Count);
                            Assert.Equal(0, signer.UnsignedAttributes.Count);

                            Assert.Equal(0, resultsWithErrors.Count());
                            Assert.Equal(0, totalErrorIssues.Count());
                        }
                    }
            }
        public async Task VerifySignaturesAsync_WithBasicSignedCms_SucceedsAsync()
        {
            var settings = new SignedPackageVerifierSettings(
                allowUnsigned: false,
                allowIllegal: false,
                allowUntrusted: false,
                allowIgnoreTimestamp: false,
                allowMultipleTimestamps: true,
                allowNoTimestamp: true,
                allowUnknownRevocation: false,
                allowNoClientCertificateList: true,
                allowNoRepositoryCertificateList: true,
                alwaysVerifyCountersignature: false);

            using (var directory = TestDirectory.Create())
                using (var certificate = new X509Certificate2(_trustedTestCert.Source.Cert))
                {
                    var packageContext      = new SimpleTestPackageContext();
                    var unsignedPackageFile = await packageContext.CreateAsFileAsync(directory, "Package.nupkg");

                    var signedPackageFile = await SignedArchiveTestUtility.SignPackageFileWithBasicSignedCmsAsync(
                        directory,
                        unsignedPackageFile,
                        certificate);

                    var verifier = new PackageSignatureVerifier(_trustProviders);

                    using (var packageReader = new PackageArchiveReader(signedPackageFile.FullName))
                    {
                        var result = await verifier.VerifySignaturesAsync(packageReader, settings, CancellationToken.None);

                        var resultsWithErrors = result.Results.Where(r => r.GetErrorIssues().Any());
                        var totalErrorIssues  = resultsWithErrors.SelectMany(r => r.GetErrorIssues());

                        Assert.Equal(1, result.Results.Count);

                        var signedPackageVerificationResult = (SignedPackageVerificationResult)result.Results[0];
                        var signer = signedPackageVerificationResult.Signature.SignedCms.SignerInfos[0];

                        Assert.Equal(0, signer.SignedAttributes.Count);
                        Assert.Equal(0, signer.UnsignedAttributes.Count);

                        Assert.Equal(0, resultsWithErrors.Count());
                        Assert.Equal(0, totalErrorIssues.Count());
                    }
                }
        }
            internal static async Task <GetTrustResultAsyncTest> CreateAsync(SignedPackageVerifierSettings settings, X509Certificate2 certificate)
            {
                using (var certificateClone = new X509Certificate2(certificate))
                {
                    var directory           = TestDirectory.Create();
                    var packageContext      = new SimpleTestPackageContext();
                    var unsignedPackageFile = packageContext.CreateAsFile(directory, "package.nupkg");
                    var signedPackageFile   = await SignedArchiveTestUtility.SignPackageFileWithBasicSignedCmsAsync(
                        directory,
                        unsignedPackageFile,
                        certificateClone);

                    var package   = new SignedPackageArchive(signedPackageFile.OpenRead(), new MemoryStream());
                    var signature = await package.GetSignatureAsync(CancellationToken.None);

                    return(new GetTrustResultAsyncTest(directory, package, signature, settings));
                }
            }