Merge pull request #13 from lemccomb/patch-1

Add publish step

.github/workflows/codeql.yml

@@ -20,7 +20,8 @@ on:
 jobs:
   analyze:
     name: Analyze
-    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    # needs: build-${{matrix.os}}
+    runs-on: ${{ matrix.os }}
     permissions:
       actions: read
       contents: read
@@ -29,12 +30,12 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'csharp', 'javascript' ]
+        language: [ 'csharp' ]
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
         # Use only 'java' to analyze code written in Java, Kotlin or both
         # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
         # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
+        os: [windows-latest] #, ubuntu-latest, macOS-latest]
     steps:
     - name: Checkout repository
       uses: actions/checkout@v3

.github/workflows/dotnet.yml

@@ -1,8 +1,7 @@
 # This workflow will build a .NET project
 # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net
 
-name: build
-
+name: Pull Request and Continuous Integration Build
 on:
   push:
     branches: [ "main" ]
@@ -15,21 +14,53 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [windows-latest]  # Restore the others once it's working on Windows
-        #os: [windows-latest, ubuntu-latest, macOS-latest]
+        os: [windows-latest, ubuntu-latest, macOS-latest] # macOS-latest and ubuntu-latest are broken at the moment. Add it back in when fixed.
 
     steps:
     - uses: actions/checkout@v3
     - name: Setup .NET
       uses: actions/setup-dotnet@v3
       with:
         dotnet-version: 7.0.x
-    #- name: Restore dependencies
-    #  run: dotnet restore CoseSignTool/CoseSignTool.sln
-    #- name: Build
-      # run: dotnet build --no-restore CoseSignTool/CoseSignTool.sln
-      # run: dotnet build CoseSignTool/CoseSignTool.sln
-    - name: Test
-      # run: dotnet test --no-build --verbosity normal CoseSignTool/CoseSignTool.sln
+
+    - name: Build and Test debug
+      # Use dotnet test to run Restore, Build, and Test, all in one sweep.
       run: dotnet test --verbosity normal CoseSignTool/CoseSignTool.sln
       shell: bash
+
+    - name: List working directory Windows
+      if: runner.os == 'Windows'
+      run: dir /b /a /s
+      shell: cmd
+
+    - name: List working directory non-Windows
+      if: runner.os != 'Windows'  # TODO: Figure out how to set this in an environment variable so we only don't need separate steps.
+      run: ls -a -R
+      shell: bash
+
+  # The remaining steps run only when changes are pushed to Main, i.e., when a pull request completes.
+  # While we could run the publish steps in a parallel job, having them here forces them to wait until the unit tests pass.
+  # Another option to explore is to run them in a separate job that depands on ALL of the other jobs passing first.
+  # Eventually we might want to tweak the CodeQL job to run on what we already built above so it isn't using resources to autobuild.
+
+    - name: Publish debug
+      #if: ${{ github.event_name == 'push' }}
+      # Publish all of the non-test projects to published/release. We have to use the solution file to get the right output paths.
+      run: dotnet publish --no-build --configuration Debug --output published/debug CoseSignTool/CoseSignTool.sln
+
+    - name: Publish release
+      #if: ${{ github.event_name == 'push' }}
+      # Publish CoseSignTool.exe and it's dependencies (all of the non-test projects) to published/release. 
+      run: dotnet publish --configuration Release --output published/release CoseSignTool/CoseSignTool/CoseSignTool.csproj
+
+    - name: List published directory Windows
+      if: ${{ github.event_name == 'push' && runner.os == 'Windows' }} 
+      run: dir /b /a /s
+      shell: cmd      
+      working-directory: ./published
+
+    - name: List published directory non-Windows
+      if: ${{ github.event_name == 'push' && runner.os != 'Windows' }}
+      run: ls -a -R
+      shell: bash
+      working-directory: ./published

CoseParser.md

@@ -1,5 +1,6 @@
 # CoseParser library
 The CoseParser library provides a static CoseParser object with a broad selection of methods to sign and validate, and to retrieve content from COSE-signed files. It also provides some supporting objects and extension methods for working with COSE signatures.
+NOTE: This document refers to a previous version of the CoseParser API, which has been replaced with CoseHandler.
 ## CoseParser class
 Provides static methods to sign, validate, and retrieve content from COSE-signed files.
 ### Sign

CoseSignTool/CoseSign1.Certificates.Tests/CoseSign1.Certificates.Tests.csproj

@@ -4,6 +4,7 @@
         <TargetFramework>net7.0</TargetFramework>
         <Nullable>enable</Nullable>
         <IsPackable>false</IsPackable>
+        <IsPublishable>false</IsPublishable>
         <LangVersion>latest</LangVersion>
         <SignAssembly>True</SignAssembly>
         <DelaySign>True</DelaySign>

CoseSignTool/CoseSign1.Tests.Common/CoseSign1.Tests.Common.csproj

@@ -2,6 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>net7.0</TargetFramework>
+    <IsPublishable>false</IsPublishable>
     <LangVersion>latest</LangVersion>
     <Nullable>enable</Nullable>
     <SignAssembly>True</SignAssembly>

CoseSignTool/CoseSign1.Tests.Common/TestCertificateUtils.cs

@@ -61,7 +61,8 @@ public static X509Certificate2 CreateCertificate(
             // support, so it needs to be copied from the Subject Key
             // Identifier of the signing certificate and massaged slightly.
             // AuthorityKeyIdentifier is "KeyID=<subject key identifier>"
-            byte[] issuerSubjectKey = issuingCa.Extensions?["Subject Key Identifier"]?.RawData ?? throw new ArgumentOutOfRangeException(nameof(issuingCa), @"Issuing CA did not a ""Subject Key Identifier"" extension present");
+            // byte[] issuerSubjectKey = issuingCa.Extensions?["Subject Key Identifier"]?.RawData ?? throw new ArgumentOutOfRangeException(nameof(issuingCa), @"Issuing CA did not a ""Subject Key Identifier"" extension present");
+            byte[] issuerSubjectKey = issuingCa.Extensions.First(x => x is X509SubjectKeyIdentifierExtension)?.RawData ?? throw new ArgumentOutOfRangeException(nameof(issuingCa), @"Issuing CA did not a ""Subject Key Identifier"" extension present");
             ArraySegment<byte> segment = new(issuerSubjectKey, 2, issuerSubjectKey.Length - 2);
             byte[] authorityKeyIdentifier = new byte[segment.Count + 4];
             // these bytes define the "KeyID" part of the AuthorityKeyIdentifer

CoseSignTool/CoseSign1.Tests.Common/Usings.cs

@@ -6,5 +6,6 @@
 
 global using System;
 global using System.IO;
+global using System.Linq;
 global using System.Security.Cryptography;
 global using System.Security.Cryptography.X509Certificates;

CoseSignTool/CoseSign1.Tests/CoseSign1.Tests.csproj

@@ -4,6 +4,7 @@
     <TargetFramework>net7.0</TargetFramework>
     <Nullable>enable</Nullable>
     <IsPackable>false</IsPackable>
+    <IsPublishable>false</IsPublishable>
     <LangVersion>latest</LangVersion>
     <SignAssembly>True</SignAssembly>
     <DelaySign>True</DelaySign>

CoseSignTool/CoseSignTool.tests/CoseCommandTests.cs

@@ -1,19 +1,41 @@
-// ---------------------------------------------------------------------------
+// ---------------------------------------------------------------------------
 // <copyright file="CoseCommandTests.cs" company="Microsoft">
 //     Copyright (c) Microsoft Corporation. All rights reserved.
 // </copyright>
 // ---------------------------------------------------------------------------
 
 namespace CoseSignUnitTests;
 
+using System;
+
 [TestClass]
 public class CoseCommandTests
 {
+    private static readonly string WindowsFilePath1 = @"c:\some.file";
+    private static readonly string WindowsFilePath2 = @"c:\another.file";
+    private static readonly string LinuxFilePath1 = @"/home/some.file";
+    private static readonly string LinuxFilePath2 = @"/home/another.file";
+    private static string FilePath1;
+    private static string FilePath2;
+
+    public CoseCommandTests()
+    {
+        if (OperatingSystem.IsWindows())
+        {
+            FilePath1 = WindowsFilePath1;
+            FilePath2 = WindowsFilePath2;
+        }
+        else
+        {
+            FilePath1 = LinuxFilePath1;
+            FilePath2 = LinuxFilePath2;
+        }
+    }
 
     [TestMethod]
     public void SetAllOptionTypesDashSpace()
     {
-        string[] args = { "-PfxCertificate", "fake.pfx", "-Payload", @"c:\some.file", "-EmbedPayload", "-sf", @"c:\another.file" };
+        string[] args = { "-PfxCertificate", "fake.pfx", "-Payload", FilePath1, "-EmbedPayload", "-sf", FilePath2 };
 
         var provider = CoseCommand.LoadCommandLineArgs(args, SignCommand.Options, out string badArg);
         badArg.Should().BeNull("badArg should be null.");
@@ -22,11 +44,11 @@ public void SetAllOptionTypesDashSpace()
         cmd1.ApplyOptions(provider);
 
         cmd1.PfxCertificate.Should().Be("fake.pfx");
-        cmd1.PayloadFile.FullName.Should().Be(@"c:\some.file");
+        cmd1.PayloadFile.FullName.Should().Be(FilePath1);
         cmd1.EmbedPayload.Should().BeTrue();
 
 
-        string[] args2 = { "-Payload", @"c:\some.file", "-roots", "asd.cer, wer.cer, rtg.cer, xcv.cer, 234.cer", "-sf", @"c:\another.file" };
+        string[] args2 = { "-Payload", FilePath1, "-roots", "asd.cer, wer.cer, rtg.cer, xcv.cer, 234.cer", "-sf", FilePath2 };
         var provider2 = CoseCommand.LoadCommandLineArgs(args2, ValidateCommand.Options, out badArg);
         badArg.Should().BeNull("badArg should be null.");
 
@@ -38,38 +60,38 @@ public void SetAllOptionTypesDashSpace()
     [TestMethod]
     public void LoadFromAliases()
     {
-        string[] args = { "-p", @"c:\some.file", "-rt", "asd.cer, wer.cer, rtg.cer, xcv.cer, 234.cer", "-sf", @"c:\another.file" };
+        string[] args = { "-p", FilePath1, "-rt", "asd.cer, wer.cer, rtg.cer, xcv.cer, 234.cer", "-sf", FilePath2 };
 
         var provider = CoseCommand.LoadCommandLineArgs(args, ValidateCommand.Options, out string badArg);
         badArg.Should().BeNull("badArg should be null.");
 
         var cmd1 = new ValidateCommand();
         cmd1.ApplyOptions(provider);
 
-        cmd1.PayloadFile.FullName.Should().Be(@"c:\some.file");
-        cmd1.SignatureFile.FullName.Should().Be(@"c:\another.file");
+        cmd1.PayloadFile.FullName.Should().Be(FilePath1);
+        cmd1.SignatureFile.FullName.Should().Be(FilePath2);
 
         cmd1.Roots.Should().BeEquivalentTo(new string[] { "asd.cer", "wer.cer", "rtg.cer", "xcv.cer", "234.cer" }, options => options.WithStrictOrdering());
     }
 
     [TestMethod]
     public void SlashAndDash()
     {
-        string[] args = { "/PfxCertificate", "fake.pfx", "-Payload", @"c:\some.file", "/EmbedPayload", "-sf", @"c:\another.file" };
+        string[] args = { "/PfxCertificate", "fake.pfx", "-Payload", FilePath1, "/EmbedPayload", "-sf", FilePath2 };
         var provider = CoseCommand.LoadCommandLineArgs(args, SignCommand.Options, out _);
         var cmd1 = new SignCommand();
 
         cmd1.ApplyOptions(provider);
 
-        cmd1.PayloadFile.FullName.Should().Be(@"c:\some.file");
+        cmd1.PayloadFile.FullName.Should().Be(FilePath1);
         cmd1.EmbedPayload.Should().Be(true);
         cmd1.PfxCertificate.Should().Be("fake.pfx");
     }
 
     [TestMethod]
     public void LoadCommandLineArgs()
     {
-        string[] args = { "-PfxCertificate", "fake.pfx", "-Payload", @"c:\some.file", "-embedpayload", "-sf", @"c:\another.file" };
+        string[] args = { "-PfxCertificate", "fake.pfx", "-Payload", FilePath1 , "-embedpayload", "-sf", FilePath2 };
 
         var provider = CoseCommand.LoadCommandLineArgs(args, SignCommand.Options, out string badArg);
 

CoseSignTool/CoseSignTool.tests/CoseSignTool.tests.csproj

@@ -3,6 +3,7 @@
 		<TargetFramework>net7.0</TargetFramework>
 		<Platforms>x64</Platforms>
 		<IsPackable>false</IsPackable>
+        <IsPublishable>false</IsPublishable>
 	</PropertyGroup>
 
 	<PropertyGroup>

CoseSignTool/CoseSignTool/CoseCommand.cs

@@ -237,7 +237,8 @@ private static string[] CleanArgs(string[] args, StringDictionary options)
     private static bool IsSwitch(string s, StringDictionary options)
     {
         // replace '/' with '-', and remove ':*' for easy dict lookup
-        return options.ContainsKey(s.Replace("/", "-").Split(":")[0]);
+        // return options.ContainsKey(s.Replace("/", "-").Split(":")[0]);
+        return options.ContainsKey(Regex.Replace(s,"^/", "-").Split(":")[0]);
     }
 
 

CoseSignTool/CoseSignUnitTests/CoseHandler.Tests.csproj

@@ -4,6 +4,7 @@
     <TargetFramework>net7.0</TargetFramework>
     <Platforms>x64</Platforms>
     <IsPackable>false</IsPackable>
+    <IsPublishable>false</IsPublishable>
   </PropertyGroup>
 
   <PropertyGroup>

CoseSignTool/CoseSignUnitTests/CoseSignValidateTests.cs

@@ -61,9 +61,6 @@ public class CoseHandlerSignValidateTests
                 allowUnprotected: true,
                 allowUntrusted: true);
 
-    private static readonly bool ElevatedTests = false;
-    private static readonly string SName = "My";
-    private static readonly StoreLocation SLoc = StoreLocation.CurrentUser;
     private static readonly X509RevocationMode RevMode = X509RevocationMode.NoCheck;
 
     public CoseHandlerSignValidateTests()
@@ -345,4 +342,4 @@ public void SignAllOverloadsAndValidate()
         // Note: Thumbprint cases area excluded to avoid cert store calls.
     }
     #endregion
-}
+}