Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

get TimestampTests working again #3218

Merged
merged 4 commits into from
Jun 18, 2020
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -81,17 +81,14 @@ public async Task Timestamp_Verify_WithOfflineRevocation_ReturnsCorrectFlagsAndL
result.HasFlag(SignatureVerificationStatusFlags.UnknownRevocation).Should().BeTrue();

var errors = logs.Where(l => l.Level == LogLevel.Error);
errors.Count().Should().Be(RuntimeEnvironmentHelper.IsWindows ? 2 : 1);

if (RuntimeEnvironmentHelper.IsWindows)
{
errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation because the revocation server could not be reached."));
errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation for the certificate."));
}
else
errors.Count().Should().Be(RuntimeEnvironmentHelper.IsMacOSX ? 1 : 2);
SigningTestUtility.AssertRevocationStatusUnknown(errors, LogLevel.Error, NuGetLogCode.NU3028);

if (!RuntimeEnvironmentHelper.IsMacOSX)
{
errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("unable to get certificate CRL"));
}
SigningTestUtility.AssertOfflineRevocationOnlineMode(errors, LogLevel.Error, NuGetLogCode.NU3028);
}
heng-liu marked this conversation as resolved.
Show resolved Hide resolved
}
}
}
Expand Down
16 changes: 13 additions & 3 deletions test/TestUtilities/Test.Utility/Signing/SigningTestUtility.cs
Original file line number Diff line number Diff line change
Expand Up @@ -678,18 +678,28 @@ public static void AssertOfflineRevocation(IEnumerable<ILogMessage> issues, LogL
//We will change the original X509ChainStatus.StatusInformation of OfflineRevocation to VerifyCertTrustOfflineWhileRevocationModeOffline or VerifyCertTrustOfflineWhileRevocationModeOnline in Signature.cs and Timestamp.cs
//So if we use APIs above to verify the results of chain.build, we should use assert AssertOfflineRevocationOnlineMode and AssertOfflineRevocationOfflineMode
public static void AssertOfflineRevocationOnlineMode(IEnumerable<SignatureLog> issues, LogLevel logLevel)
{
AssertOfflineRevocationOnlineMode(issues, logLevel, NuGetLogCode.NU3018);
}

public static void AssertOfflineRevocationOnlineMode(IEnumerable<SignatureLog> issues, LogLevel logLevel, NuGetLogCode code)
{
Assert.Contains(issues, issue =>
issue.Code == NuGetLogCode.NU3018 &&
issue.Code == code &&
issue.Level == logLevel &&
issue.Message.Contains("The revocation function was unable to check revocation because the revocation server could not be reached. For more information, visit https://aka.ms/certificateRevocationMode."));
dominoFire marked this conversation as resolved.
Show resolved Hide resolved
}

public static void AssertOfflineRevocationOfflineMode(IEnumerable<SignatureLog> issues)
{
AssertOfflineRevocationOfflineMode(issues, LogLevel.Information, NuGetLogCode.Undefined);
}

public static void AssertOfflineRevocationOfflineMode(IEnumerable<SignatureLog> issues, LogLevel logLevel, NuGetLogCode code)
{
Assert.Contains(issues, issue =>
issue.Code == NuGetLogCode.Undefined &&
issue.Level == LogLevel.Information &&
issue.Code == code &&
issue.Level == logLevel &&
issue.Message.Contains("The revocation function was unable to check revocation because the certificate is not available in the cached certificate revocation list and NUGET_CERT_REVOCATION_MODE environment variable has been set to offline. For more information, visit https://aka.ms/certificateRevocationMode."));
dominoFire marked this conversation as resolved.
Show resolved Hide resolved
}

Expand Down