示例#1
0
        public async Task GetTrustResultAsync_SettingsRequireExactlyOneTimestamp_MultipleTimestamps_Fails()
        {
            // Arrange
            var nupkg            = new SimpleTestPackageContext();
            var testLogger       = new TestLogger();
            var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync();

            var setting = new SignedPackageVerifierSettings(
                allowUnsigned: false,
                allowUntrusted: false,
                allowUntrustedSelfIssuedCertificate: false,
                allowIgnoreTimestamp: false,
                allowMultipleTimestamps: false,
                allowNoTimestamp: false,
                allowUnknownRevocation: false);
            var signatureProvider    = new X509SignatureProvider(timestampProvider: null);
            var timestampProvider    = new Rfc3161TimestampProvider(timestampService.Url);
            var verificationProvider = new SignatureTrustAndValidityVerificationProvider();

            using (var package = new PackageArchiveReader(nupkg.CreateAsStream(), leaveStreamOpen: false))
                using (var testCertificate = new X509Certificate2(_trustedTestCert.Source.Cert))
                    using (var signatureRequest = new AuthorSignPackageRequest(testCertificate, HashAlgorithmName.SHA256))
                    {
                        var signature = await SignedArchiveTestUtility.CreatePrimarySignatureForPackageAsync(signatureProvider, package, signatureRequest, testLogger);

                        var timestampedSignature = await SignedArchiveTestUtility.TimestampPrimarySignature(timestampProvider, signatureRequest, signature, testLogger);

                        var reTimestampedSignature = await SignedArchiveTestUtility.TimestampPrimarySignature(timestampProvider, signatureRequest, timestampedSignature, testLogger);

                        timestampedSignature.Timestamps.Count.Should().Be(1);
                        reTimestampedSignature.Timestamps.Count.Should().Be(2);

                        // Act
                        var result = await verificationProvider.GetTrustResultAsync(package, reTimestampedSignature, setting, CancellationToken.None);

                        var totalErrorIssues = result.GetErrorIssues();

                        // Assert
                        result.Trust.Should().Be(SignatureVerificationStatus.Invalid);
                        totalErrorIssues.Count().Should().Be(1);
                        totalErrorIssues.First().Code.Should().Be(NuGetLogCode.NU3000);
                    }
        }