public async Task VerifySignaturesAsync_ValidCertificateAndTimestamp_SuccessAsync()
{
// Arrange
var nupkg = new SimpleTestPackageContext();
TimestampService timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync();
using (TestDirectory dir = TestDirectory.Create())
using (var testCertificate = new X509Certificate2(_trustedTestCert.Source.Cert))
{
string signedPackagePath = await SignedArchiveTestUtility.AuthorSignPackageAsync(
testCertificate,
nupkg,
dir,
timestampService.Url);
var verifier = new PackageSignatureVerifier(_trustProviders);
using (var packageReader = new PackageArchiveReader(signedPackagePath))
{
// Act
VerifySignaturesResult result = await verifier.VerifySignaturesAsync(packageReader, _verifyCommandSettings, CancellationToken.None);
IEnumerable <PackageVerificationResult> resultsWithErrors = result.Results.Where(r => r.GetErrorIssues().Any());
// Assert
result.IsValid.Should().BeTrue();
resultsWithErrors.Count().Should().Be(0);
}
}
}
public async Task TimestampData_WithValidInput_ReturnsTimestamp()
{
var logger = new TestLogger();
var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync();
var timestampProvider = new Rfc3161TimestampProvider(timestampService.Url);
var data = "Test data to be signed and timestamped";
using (var authorCert = new X509Certificate2(_trustedTestCert.Source.Cert))
{
var signedCms = SigningTestUtility.GenerateSignedCms(authorCert, Encoding.ASCII.GetBytes(data));
var signatureValue = signedCms.Encode();
var request = new TimestampRequest
{
SigningSpec = SigningSpecifications.V1,
TimestampHashAlgorithm = Common.HashAlgorithmName.SHA256,
Signature = signatureValue
};
// Act
var timestampedData = timestampProvider.TimestampData(request, logger, CancellationToken.None);
var timestampedCms = new SignedCms();
timestampedCms.Decode(timestampedData);
// Assert
timestampedData.Should().NotBeNull();
timestampedCms.Should().NotBeNull();
timestampedCms.Detached.Should().BeFalse();
timestampedCms.ContentInfo.Should().NotBeNull();
timestampedCms.SignerInfos.Count.Should().Be(1);
timestampedCms.SignerInfos[0].UnsignedAttributes.Count.Should().Be(1);
timestampedCms.SignerInfos[0].UnsignedAttributes[0].Oid.Value.Should().Be(Oids.SignatureTimeStampTokenAttribute);
}
}
public async Task VerifyAsync_WithValidSignature_ReturnsValid()
{
var timestampService = await _fixture.GetDefaultTrustedTimestampServiceAsync();
using (var test = await Test.CreateRepositoryPrimarySignedPackageAsync(
_fixture.TrustedRepositoryCertificate.Source.Cert,
timestampService.Url))
using (var packageReader = new PackageArchiveReader(test.PackageFile.FullName))
{
var status = await _verifier.VerifyAsync(packageReader, CancellationToken.None);
Assert.Equal(SignatureVerificationStatus.Valid, status);
}
}
public async Task Signature_HasTimestampAsync()
{
// Arrange
var nupkg = new SimpleTestPackageContext();
var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync();
using (var cert = new X509Certificate2(_trustedTestCert.Source.Cert))
using (var dir = TestDirectory.Create())
{
// Act
var signedPackagePath = await SignedArchiveTestUtility.AuthorSignPackageAsync(
cert,
nupkg,
dir,
timestampService.Url);
// Assert
using (var stream = File.OpenRead(signedPackagePath))
using (var reader = new PackageArchiveReader(stream))
{
var signature = await reader.GetPrimarySignatureAsync(CancellationToken.None);
signature.Should().NotBeNull();
signature.Timestamps.Should().NotBeEmpty();
}
}
}
public async Task GetTimestamp_WithValidInput_ReturnsTimestamp()
{
var logger = new TestLogger();
var timestampService = await _testFixture.GetDefaultTrustedTimestampServiceAsync();
var timestampProvider = new Rfc3161TimestampProvider(timestampService.Url);
var content = new SignatureContent(SigningSpecifications.V1, Common.HashAlgorithmName.SHA256, "Test data to be signed and timestamped");
using (var authorCert = new X509Certificate2(_trustedTestCert.Source.Cert))
{
var signedCms = SigningTestUtility.GenerateSignedCms(authorCert, content.GetBytes());
var primarySignature = PrimarySignature.Load(signedCms.Encode());
var timestampHashAlgorithm = Common.HashAlgorithmName.SHA256;
var signatureValue = primarySignature.GetSignatureValue();
var messageHash = timestampHashAlgorithm.ComputeHash(signatureValue);
var request = new TimestampRequest(
signingSpecifications: SigningSpecifications.V1,
hashedMessage: messageHash,
hashAlgorithm: timestampHashAlgorithm,
target: SignaturePlacement.PrimarySignature
);
// Act
var timestampedCms = timestampProvider.GetTimestamp(request, logger, CancellationToken.None);
// Assert
timestampedCms.Should().NotBeNull();
timestampedCms.Detached.Should().BeFalse();
timestampedCms.ContentInfo.Should().NotBeNull();
timestampedCms.SignerInfos.Count.Should().Be(1);
}
}
