Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error codes regression for validating signatures #7492

Closed
shishirx34 opened this issue Nov 9, 2018 · 1 comment
Closed

Error codes regression for validating signatures #7492

shishirx34 opened this issue Nov 9, 2018 · 1 comment
Assignees
@PatoBeltran
Labels
Area:ErrorHandling warnings and errors/log messages & related error codes. Functionality:Signing RegressionFromPreviousRTM A regression from the last RTM. Example: worked in 6.2, doesn't work in 6.3 Type:Bug
Milestone
4.9.1

Comments

@shishirx34
Copy link

shishirx34 commented Nov 9, 2018
edited

It looks like the change: https://github.com/NuGet/NuGet.Client/pull/2391/files#diff-c6fa634239b1e7654fa549386f77ed3cL206 introduced regressions. The earlier route would return NU3028, however, this change is returning NU3018 error codes.

@PatoBeltran knows the context.

This change has broken NuGet/NuGet.Jobs SignatureValidatorIntegrationTests It expects the logged messages to contain

NU3028: The author primary signature's timestamp found a chain building issue: The revocation function was unable to check revocation because the revocation server was offline.

However, actual logged messages are something like:

Signed package TestSigned.leaf 1.1.0 passed format verification for validation 2eb974b0-8103-48b4-892e-d805052da1a0. Errors: Warnings: \r\nNo repository signatures needed removal from package TestSigned.leaf 1.1.0 for validation 2eb974b0-8103-48b4-892e-d805052da1a0.\r\nSigned package TestSigned.leaf 1.1.0 passed full signature integrity and trust verification for validation 2eb974b0-8103-48b4-892e-d805052da1a0. Errors: Warnings: NU3018: The author primary signature's timestamp found a chain building issue: The revocation function was unable to check revocation because the revocation server could not be reached. For more information, visit ., NU3018: The author primary signature's timestamp found a chain building issue: The revocation function was unable to check revocation for the certificate.\r\nAuthor signed package TestSigned.leaf 1.1.0 for validation 2eb974b0-8103-48b4-892e-d805052da1a0 is valid with certificate fingerprint:

Also, following tests are broken due to same issues:
https://github.com/NuGet/NuGet.Jobs/blob/352ce8d5a2306ce735703e2fa2bc48ebe82ce24b/tests/Validation.PackageSigning.ProcessSignature.Tests/SignatureValidatorIntegrationTests.cs#L363
https://github.com/NuGet/NuGet.Jobs/blob/352ce8d5a2306ce735703e2fa2bc48ebe82ce24b/tests/Validation.PackageSigning.ProcessSignature.Tests/SignatureValidatorIntegrationTests.cs#L1452
https://github.com/NuGet/NuGet.Jobs/blob/352ce8d5a2306ce735703e2fa2bc48ebe82ce24b/tests/Validation.PackageSigning.ProcessSignature.Tests/SignatureValidatorIntegrationTests.cs#L1511
@PatoBeltran PatoBeltran added this to the 5.0 milestone Nov 9, 2018
@PatoBeltran PatoBeltran added Type:Bug Area:ErrorHandling warnings and errors/log messages & related error codes. Functionality:Signing labels Nov 9, 2018
@shishirx34 shishirx34 mentioned this issue Nov 9, 2018
Closed
@PatoBeltran PatoBeltran added the RegressionFromPreviousRTM A regression from the last RTM. Example: worked in 6.2, doesn't work in 6.3 label Nov 9, 2018
@PatoBeltran PatoBeltran modified the milestones: 5.0, 4.9 Nov 9, 2018
@PatoBeltran PatoBeltran mentioned this issue Nov 9, 2018
Merged
@PatoBeltran
Copy link

Merged in 4.9.0-rtm and dev

@rrelyea rrelyea modified the milestones: 4.9, 4.9.x Nov 20, 2018
@rrelyea rrelyea modified the milestones: 4.9.x, 4.9.1 Nov 27, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@PatoBeltran PatoBeltran

Labels
Area:ErrorHandling warnings and errors/log messages & related error codes. Functionality:Signing RegressionFromPreviousRTM A regression from the last RTM. Example: worked in 6.2, doesn't work in 6.3 Type:Bug
Projects
None yet
Milestone
4.9.1
Development

No branches or pull requests
3 participants
@shishirx34 @PatoBeltran @rrelyea