maxmustermann/PowerShell
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fix a CMS test that fails in nightly build.

Browse source 
Add a certificate that cannot be used to encrypt data to verify an error condition.
This commit is contained in:
Dongbo Wang 2017-03-06 23:01:45 -08:00 committed by Mike Richmond
parent 6198b9b943
commit 60583b1b73
1 changed files with 48 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
test/powershell/Modules/Microsoft.PowerShell.Security/CmsMessage.Tests.ps1
View file

@ -1,5 +1,5 @@
Function Create-TestCertificate Function Create-GoodCertificate
{ {
$dataEnciphermentCert = " $dataEnciphermentCert = "
MIIKYAIBAzCCCiAGCSqGSIb3DQEHAaCCChEEggoNMIIKCTCCBgoGCSqGSIb3DQEHAaCCBfsEggX3 MIIKYAIBAzCCCiAGCSqGSIb3DQEHAaCCChEEggoNMIIKCTCCBgoGCSqGSIb3DQEHAaCCBfsEggX3
@ -59,11 +59,38 @@ OksttXT1kXf+aez9EzDlsgQU4ck78h0WTy01zHLwSKNWK4wFFQM=
return $certLocation return $certLocation
} }
Function Create-BadCertificate
{
$codeSigningCert = "
MIIDAjCCAeqgAwIBAgIQW/oHcNaftoFGOYb4w5A0JTANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQD
DA5DTVNUZXN0QmFkQ2VydDAeFw0xNzAzMDcwNjEyMDNaFw0xODAzMDcwNjMyMDNaMBkxFzAVBgNV
BAMMDkNNU1Rlc3RCYWRDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogOnCBPp
xCQXvCJOe4KUXrTL5hwzKSV/mA4pF/kWCVLseWkeTzll+02S0SzMR1oqyxGZOU+KiakmH8sIxDpS
pBpYi3R+JtaUYeK7IwvM7yMgxzYbVUFupNXDIdFcgd7FwX4R9wJGwd/hEw5fe+ua96G6bBlfQC8j
I8iHfqHZ2GmssIuSt72WhT6tKZhPJIMjwmKaB8j/gm6EC7eH83wNmVW/ss2AsG5cMT0Zmk2vkXPd
7rVYbAh9WcvxYzTYZLsPkXx/s6uanLo7pBPMqQ8fgImSXiD5EBO9d6SzqoagoAkH/l3oKCUztsqU
PAfTu1aTAYRW5O26AcICTbIYOMkDMQIDAQABo0YwRDAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAww
CgYIKwYBBQUHAwMwHQYDVR0OBBYEFLSLHDqLWoDBj0j/UavIf0hAHZ2YMA0GCSqGSIb3DQEBCwUA
A4IBAQB7GJ3ykI07k2D1mfiQ10+Xse4b6KXylbzYfJ1k3K0NEBwT7H/lhMu4yz95A7pXU41yKKVE
OzmpX8QGyczRM269+WpUvVOXwudQL7s/JFeZyEhxPYRP0JC8U9rur1iJeULvsPZJU2kGeLceTl7k
psuZeHouYeNuFeeKR66GcHKzqm+5odAJBxjQ/iGP+CVfNVX56Abhu8mXX6sFiorrBSV/NzPThqja
mtsMC3Fq53xANMjFT4kUqMtK+oehPf0+0jHHra4hpCVZ2KoPLLPxpJPko8hUO5LxATLU+UII7w3c
nMbw+XY4C8xdDnHfS6mF+Hol98dURB/MC/x3sZ3gSjKo
"
$codeSigningCert = $codeSigningCert -replace '\s',''
$certBytes = [Convert]::FromBase64String($codeSigningCert)
$certLocation = Join-Path $TestDrive "CMSTestBadCert"
[IO.File]::WriteAllBytes($certLocation, $certBytes)
return $certLocation
}
Describe "CmsMessage cmdlets and Get-PfxCertificate basic tests" -Tags "CI" { Describe "CmsMessage cmdlets and Get-PfxCertificate basic tests" -Tags "CI" {
BeforeAll { BeforeAll {
$certLocation = Create-TestCertificate $certLocation = Create-GoodCertificate
$certLocation | Should Not BeNullOrEmpty | Out-Null $certLocation | Should Not BeNullOrEmpty | Out-Null
} }
@ -124,9 +151,12 @@ Describe "CmsMessage cmdlets thorough tests" -Tags "Feature" {
BeforeAll { BeforeAll {
if ($IsWindows) if ($IsWindows)
{ {
$certLocation = Create-TestCertificate $certLocation = Create-GoodCertificate
$certLocation | Should Not BeNullOrEmpty | Out-Null $certLocation | Should Not BeNullOrEmpty | Out-Null
$badCertLocation = Create-BadCertificate
$badCertLocation | Should Not BeNullOrEmpty | Out-Null
if ($IsCoreCLR) if ($IsCoreCLR)
{ {
# PKI module is not available for PowerShell Core, so we need to use Windows PowerShell to import the cert # PKI module is not available for PowerShell Core, so we need to use Windows PowerShell to import the cert
@ -136,9 +166,15 @@ Describe "CmsMessage cmdlets thorough tests" -Tags "Feature" {
$modulePathCopy = $env:PSMODULEPATH $modulePathCopy = $env:PSMODULEPATH
$env:PSMODULEPATH = $null $env:PSMODULEPATH = $null
$importedCertPath = & $fullPowerShell -NoProfile -NonInteractive ` $command = @"
-Command "Import-PfxCertificate $certLocation -CertStoreLocation cert:\CurrentUser\My | % PSPath" Import-PfxCertificate $certLocation -CertStoreLocation cert:\CurrentUser\My | % PSPath
$importedCert = Get-ChildItem $importedCertPath Import-Certificate $badCertLocation -CertStoreLocation Cert:\CurrentUser\My | % PSPath
"@
$certPaths = & $fullPowerShell -NoProfile -NonInteractive -Command $command
$certPaths.Count | Should Be 2 | Out-Null
$importedCert = Get-ChildItem $certPaths[0]
$testBadCert = Get-ChildItem $certPaths[1]
} finally { } finally {
$env:PSMODULEPATH = $modulePathCopy $env:PSMODULEPATH = $modulePathCopy
} }
@ -146,6 +182,7 @@ Describe "CmsMessage cmdlets thorough tests" -Tags "Feature" {
else else
{ {
$importedCert = Import-PfxCertificate $certLocation -CertStoreLocation cert:\CurrentUser\My $importedCert = Import-PfxCertificate $certLocation -CertStoreLocation cert:\CurrentUser\My
$testBadCert = Import-Certificate $badCertLocation -CertStoreLocation Cert:\CurrentUser\My
} }
} }
else else
@ -163,6 +200,10 @@ Describe "CmsMessage cmdlets thorough tests" -Tags "Feature" {
{ {
Remove-Item (Join-Path Cert:\CurrentUser\My $importedCert.Thumbprint) -Force -ErrorAction SilentlyContinue Remove-Item (Join-Path Cert:\CurrentUser\My $importedCert.Thumbprint) -Force -ErrorAction SilentlyContinue
} }
if ($testBadCert)
{
Remove-Item (Join-Path Cert:\CurrentUser\My $testBadCert.Thumbprint) -Force -ErrorAction SilentlyContinue
}
} }
else else
{ {
@ -273,10 +314,7 @@ Describe "CmsMessage cmdlets thorough tests" -Tags "Feature" {
It "Verify error when encrypting to wrong cert" { It "Verify error when encrypting to wrong cert" {
$errors = $null $errors = $null
$goodCerts = @(Get-ChildItem Cert:\currentuser\My -DocumentEncryptionCert | ForEach-Object Thumbprint) $recipient = [System.Management.Automation.CmsMessageRecipient] $testBadCert.Thumbprint
$badCert = Get-ChildItem Cert:\currentuser\My | ? { $_.Thumbprint -notin $goodCerts } | Select -First 1
$recipient = [System.Management.Automation.CmsMessageRecipient] $badCert.Thumbprint
$recipient.Resolve($ExecutionContext.SessionState, "Encryption", [ref] $errors) $recipient.Resolve($ExecutionContext.SessionState, "Encryption", [ref] $errors)
$errors.Count | Should Be 1 $errors.Count | Should Be 1