diff --git a/test/NuGet.Clients.Tests/NuGet.CommandLine.Test/NuGetClientCertCommandTests.cs b/test/NuGet.Clients.Tests/NuGet.CommandLine.Test/NuGetClientCertCommandTests.cs index 78c9ce648ad..45a4ad7606b 100644 --- a/test/NuGet.Clients.Tests/NuGet.CommandLine.Test/NuGetClientCertCommandTests.cs +++ b/test/NuGet.Clients.Tests/NuGet.CommandLine.Test/NuGetClientCertCommandTests.cs @@ -826,6 +826,8 @@ public TestInfo(ITestOutputHelper testOutputHelper) "); } + public X509Certificate2 Certificate { get; private set; } + public string CertificateAbsoluteFilePath { get; } public string CertificateFileName { get; } public X509FindType CertificateFindBy { get; } @@ -854,7 +856,6 @@ public void RunNuGetExpectSuccess(string[] args, string expectedOutput = null) LogInstalledCertificates(); - Util.VerifyResultSuccess(result, expectedOutput); } @@ -862,6 +863,7 @@ public void Dispose() { WorkingPath.Dispose(); RemoveCertificateFromStorage(); + Certificate?.Dispose(); } public void SetupCertificateFile() @@ -874,19 +876,28 @@ public void SetupCertificateFile() public void SetupCertificateInStorage() { + if (Certificate is not null) + { + return; + } + using (var store = new X509Store(CertificateStoreName, CertificateStoreLocation)) { store.Open(OpenFlags.ReadWrite); - var password = new SecureString(); - foreach (var symbol in CertificatePassword) + + using (var password = new SecureString()) { - password.AppendChar(symbol); - } + foreach (var symbol in CertificatePassword) + { + password.AppendChar(symbol); + } + + Certificate = new X509Certificate2(CreateCertificate(), password, X509KeyStorageFlags.Exportable); - var cert = new X509Certificate2(CreateCertificate(), password, X509KeyStorageFlags.Exportable); - store.Add(cert); + store.Add(Certificate); - _testOutputHelper.WriteLine("Added certificate {0} to store {1}\\{2}", cert.Subject, CertificateStoreLocation, CertificateStoreName); + _testOutputHelper.WriteLine("Added certificate {0} to store {1}\\{2}", Certificate.Subject, CertificateStoreLocation, CertificateStoreName); + } } LogInstalledCertificates(); @@ -955,16 +966,19 @@ private void LogInstalledCertificates() private byte[] CreateCertificate() { - var rsa = RSA.Create(2048); - var request = new CertificateRequest("cn=" + CertificateFindValue, rsa, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1); - var start = DateTime.UtcNow.AddDays(-1); - var end = start.AddYears(1); - - var cert = request.CreateSelfSigned(start, end); + using (RSA rsa = RSA.Create(2048)) + { + var request = new CertificateRequest("cn=" + CertificateFindValue, rsa, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1); + var start = DateTime.UtcNow.AddMinutes(-1); + var end = start.AddMinutes(10); - _testOutputHelper.WriteLine("Created certificate {0}", request.SubjectName.Name); + using (X509Certificate2 cert = request.CreateSelfSigned(start, end)) + { + _testOutputHelper.WriteLine("Created certificate {0}", request.SubjectName.Name); - return cert.Export(X509ContentType.Pfx, CertificatePassword); + return cert.Export(X509ContentType.Pfx, CertificatePassword); + } + } } private Configuration.ISettings LoadSettingsFromConfigFile() @@ -976,20 +990,32 @@ private Configuration.ISettings LoadSettingsFromConfigFile() private void RemoveCertificateFromStorage() { + if (Certificate is null) + { + return; + } + bool certificateRemoved = false; using (var store = new X509Store(CertificateStoreName, CertificateStoreLocation)) { store.Open(OpenFlags.ReadWrite); - var resultCertificates = store.Certificates.Find(CertificateFindBy, CertificateFindValue, false); - foreach (var certificate in resultCertificates) + + X509Certificate2Collection resultCertificates = store.Certificates.Find( + X509FindType.FindByIssuerDistinguishedName, + Certificate.Issuer, + validOnly: false); + + foreach (X509Certificate2 resultCertificate in resultCertificates) { - _testOutputHelper.WriteLine("Removing certificate {0} from store {1}\\{2}", certificate.Subject, CertificateStoreLocation, CertificateStoreName); - store.Remove(certificate); + _testOutputHelper.WriteLine("Removing certificate {0} from store {1}\\{2}", Certificate.Subject, CertificateStoreLocation, CertificateStoreName); + + store.Remove(resultCertificate); certificateRemoved = true; } } + if (certificateRemoved) { LogInstalledCertificates(); diff --git a/test/NuGet.Core.FuncTests/NuGet.XPlat.FuncTest/XPlatClientCertTests.cs b/test/NuGet.Core.FuncTests/NuGet.XPlat.FuncTest/XPlatClientCertTests.cs index 9634f7b0048..94642e7ac9b 100644 --- a/test/NuGet.Core.FuncTests/NuGet.XPlat.FuncTest/XPlatClientCertTests.cs +++ b/test/NuGet.Core.FuncTests/NuGet.XPlat.FuncTest/XPlatClientCertTests.cs @@ -891,6 +891,8 @@ public TestInfo() "); } + public X509Certificate2 Certificate { get; private set; } + public string CertificateAbsoluteFilePath { get; } public string CertificateFileName { get; } public X509FindType CertificateFindBy { get; } @@ -910,6 +912,7 @@ public void Dispose() { WorkingPath.Dispose(); RemoveCertificateFromStorage(); + Certificate?.Dispose(); } public void SetupCertificateFile() @@ -920,16 +923,26 @@ public void SetupCertificateFile() public void SetupCertificateInStorage() { + if (Certificate is not null) + { + return; + } + using (var store = new X509Store(CertificateStoreName, CertificateStoreLocation)) { store.Open(OpenFlags.ReadWrite); - var password = new SecureString(); - foreach (var symbol in CertificatePassword) + + using (var password = new SecureString()) { - password.AppendChar(symbol); - } + foreach (var symbol in CertificatePassword) + { + password.AppendChar(symbol); + } + + Certificate = new X509Certificate2(CreateCertificate(), password, X509KeyStorageFlags.Exportable); - store.Add(new X509Certificate2(CreateCertificate(), password, X509KeyStorageFlags.Exportable)); + store.Add(Certificate); + } } } @@ -982,13 +995,17 @@ public void ValidateSettings(params ClientCertItem[] expectedItems) private byte[] CreateCertificate() { - var rsa = RSA.Create(2048); - var request = new CertificateRequest("cn=" + CertificateFindValue, rsa, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1); - var start = DateTime.UtcNow.AddDays(-1); - var end = start.AddYears(1); + using (RSA rsa = RSA.Create(2048)) + { + var request = new CertificateRequest("cn=" + CertificateFindValue, rsa, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1); + var start = DateTime.UtcNow.AddMinutes(-1); + var end = start.AddMinutes(10); - var cert = request.CreateSelfSigned(start, end); - return cert.Export(X509ContentType.Pfx, CertificatePassword); + using (X509Certificate2 cert = request.CreateSelfSigned(start, end)) + { + return cert.Export(X509ContentType.Pfx, CertificatePassword); + } + } } private ISettings LoadSettingsFromConfigFile() @@ -1000,13 +1017,23 @@ private ISettings LoadSettingsFromConfigFile() private void RemoveCertificateFromStorage() { + if (Certificate is null) + { + return; + } + using (var store = new X509Store(CertificateStoreName, CertificateStoreLocation)) { store.Open(OpenFlags.ReadWrite); - var resultCertificates = store.Certificates.Find(CertificateFindBy, CertificateFindValue, false); - foreach (var certificate in resultCertificates) + + X509Certificate2Collection resultCertificates = store.Certificates.Find( + X509FindType.FindByIssuerDistinguishedName, + Certificate.Issuer, + validOnly: false); + + foreach (X509Certificate2 resultCertificate in resultCertificates) { - store.Remove(certificate); + store.Remove(resultCertificate); } } } diff --git a/test/NuGet.Core.Tests/NuGet.Configuration.Test/ClientCertificateProviderTests.cs b/test/NuGet.Core.Tests/NuGet.Configuration.Test/ClientCertificateProviderTests.cs index 7c383a3dc77..de89ab2ccaa 100644 --- a/test/NuGet.Core.Tests/NuGet.Configuration.Test/ClientCertificateProviderTests.cs +++ b/test/NuGet.Core.Tests/NuGet.Configuration.Test/ClientCertificateProviderTests.cs @@ -111,6 +111,7 @@ public void Dispose() { WorkingPath.Dispose(); RemoveCertificateFromStorage(); + Certificate.Dispose(); } public ISettings LoadSettingsFromConfigFile() @@ -136,13 +137,17 @@ public void SetupCertificateInStorage() private byte[] CreateCertificate() { - var rsa = RSA.Create(2048); - var request = new CertificateRequest("cn=" + CertificateFindValue, rsa, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1); - var start = DateTime.UtcNow.AddDays(-1); - var end = start.AddYears(1); + using (RSA rsa = RSA.Create(2048)) + { + var request = new CertificateRequest("cn=" + CertificateFindValue, rsa, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1); + var start = DateTime.UtcNow.AddMinutes(-1); + var end = start.AddMinutes(10); - var cert = request.CreateSelfSigned(start, end); - return cert.Export(X509ContentType.Pfx, CertificatePassword); + using (X509Certificate2 cert = request.CreateSelfSigned(start, end)) + { + return cert.Export(X509ContentType.Pfx, CertificatePassword); + } + } } private X509Certificate2 GetCertificate() @@ -159,8 +164,13 @@ private void RemoveCertificateFromStorage() using (var store = new X509Store(CertificateStoreName, CertificateStoreLocation)) { store.Open(OpenFlags.ReadWrite); - var resultCertificates = store.Certificates.Find(CertificateFindBy, CertificateFindValue, false); - foreach (var certificate in resultCertificates) + + X509Certificate2Collection resultCertificates = store.Certificates.Find( + X509FindType.FindByIssuerDistinguishedName, + Certificate.Issuer, + validOnly: false); + + foreach (X509Certificate2 certificate in resultCertificates) { store.Remove(certificate); }