示例#1
0
        public async Task SignAsync_WhenChainBuildingFails_ThrowsAsync()
        {
            using (var packageStream = new SimpleTestPackageContext().CreateAsStream())
                using (var test = SignTest.Create(
                           _fixture.GetExpiredCertificate(),
                           HashAlgorithmName.SHA256,
                           packageStream.ToArray(),
                           new X509SignatureProvider(timestampProvider: null)))
                {
                    var exception = await Assert.ThrowsAsync <SignatureException>(
                        () => SigningUtility.SignAsync(test.Options, test.Request, CancellationToken.None));

                    Assert.Equal(NuGetLogCode.NU3018, exception.Code);
                    Assert.Equal("Certificate chain validation failed.", exception.Message);

                    Assert.Equal(1, test.Logger.Errors);
                    Assert.Equal(1, test.Logger.Warnings);
                    Assert.Contains(test.Logger.LogMessages, message =>
                                    message.Code == NuGetLogCode.NU3018 &&
                                    message.Level == LogLevel.Error &&
                                    message.Message == "A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.");
                    Assert.Contains(test.Logger.LogMessages, message =>
                                    message.Code == NuGetLogCode.NU3018 &&
                                    message.Level == LogLevel.Warning &&
                                    message.Message == "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.");
                }
        }
示例#2
0
        public async Task SignAsync_WhenChainBuildingFails_Throws()
        {
            using (var packageStream = new SimpleTestPackageContext().CreateAsStream())
                using (var test = SignTest.Create(
                           _fixture.GetDefaultCertificate(),
                           HashAlgorithmName.SHA256,
                           packageStream.ToArray(),
                           new X509SignatureProvider(timestampProvider: null)))
                {
                    var exception = await Assert.ThrowsAsync <SignatureException>(
                        () => test.Signer.SignAsync(
                            test.Request,
                            Mock.Of <ILogger>(),
                            CancellationToken.None));

                    Assert.Equal(NuGetLogCode.NU3018, exception.AsLogMessage().Code);
                    Assert.Equal("Certificate chain validation failed with error: UntrustedRoot", exception.Message);
                }
        }
示例#3
0
        public async Task SignAsync_WithUntrustedSelfSignedCertificate_SucceedsAsync()
        {
            using (var packageStream = new SimpleTestPackageContext().CreateAsStream())
                using (var test = SignTest.Create(
                           _fixture.GetDefaultCertificate(),
                           HashAlgorithmName.SHA256,
                           packageStream.ToArray(),
                           new X509SignatureProvider(timestampProvider: null)))
                {
                    await SigningUtility.SignAsync(test.Options, test.Request, CancellationToken.None);

                    Assert.True(await SignedArchiveTestUtility.IsSignedAsync(test.Options.OutputPackageStream));

                    Assert.Equal(0, test.Logger.Errors);
                    Assert.Equal(1, test.Logger.Warnings);
                    Assert.Equal(1, test.Logger.Messages.Count());
                    Assert.True(test.Logger.Messages.Contains("A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider."));
                }
        }