From 83210d0616825c45883eeeb65bd7580ca07701f4 Mon Sep 17 00:00:00 2001
From: Matthew John Cheetham <mjcheetham@outlook.com>
Date: Mon, 14 Dec 2020 16:46:26 +0000
Subject: [PATCH] upgrade: add new Microsoft certificate thumbprint

There is a new certificate thumbprint for the Microsoft signing
certificates used to sign NuGet packages.
---
 GVFS/GVFS.Common/NuGetUpgrade/NuGetFeed.cs | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/GVFS/GVFS.Common/NuGetUpgrade/NuGetFeed.cs b/GVFS/GVFS.Common/NuGetUpgrade/NuGetFeed.cs
index e1289e7fa2..ccfffa6542 100644
--- a/GVFS/GVFS.Common/NuGetUpgrade/NuGetFeed.cs
+++ b/GVFS/GVFS.Common/NuGetUpgrade/NuGetFeed.cs
@@ -20,7 +20,8 @@ namespace GVFS.Common.NuGetUpgrade
     public class NuGetFeed : IDisposable
     {
         // This is the SHA256 Certificate Thumbrint we expect packages from Microsoft to be signed with
-        private const string TrustedMicrosoftCertFingerprint = "3F9001EA83C560D712C24CF213C3D312CB3BFF51EE89435D3430BD06B5D0EECE";
+        private const string TrustedMicrosoftCertFingerprintOld = "3F9001EA83C560D712C24CF213C3D312CB3BFF51EE89435D3430BD06B5D0EECE";
+        private const string TrustedMicrosoftCertFingerprintNew = "AA12DA22A49BCE7D5C1AE64CC1F3D892F150DA76140F210ABD2CBFFCA2C18A27";
 
         private readonly ITracer tracer;
         private readonly string feedUrl;
@@ -134,7 +135,11 @@ public virtual bool VerifyPackage(string packagePath)
             {
                 Verifications = new VerifyArgs.Verification[] { VerifyArgs.Verification.All },
                 PackagePath = packagePath,
-                CertificateFingerprint = new List<string>() { TrustedMicrosoftCertFingerprint },
+                CertificateFingerprint = new List<string>
+                {
+                    TrustedMicrosoftCertFingerprintOld,
+                    TrustedMicrosoftCertFingerprintNew,
+                },
                 Logger = this.nuGetLogger
             };