az.codesigning initial version (#23908)

* adding codesigning module

* added azure codesigning sdk for debugging

* added CI signing

* fixed token error

* fixed ACS SDK version issue

* added retry

* fixed retry and added metadata json file supports

* added signed version dlls

* added missing dll

* removed DLLs from the library folder

* changed to use newtonjson instead of system.text for Windows PowerShell

* fixed provider version

* remove polly

* Revert "Upadte NewtonSoft.Json to 13.0.2 (#21479)"

This reverts commit 402e27a.

* changes as per feedback - cmdlet name and output

* fixed cmdlets format and output, and added help files

* removed sdk

* chore: fixes and package updates for dependencies

* docs: update changelog with preview information

* chore: added licensing header information to source files missing it

* chore: modify psd1 to same version as changelog doc

* chore: remove unused project

* fix: reverting files that shouldnt have been modified

* style: remove whitespaces

* chore: removed moq from src

* chore: remove unneeded markdown file

* fix: corrected parameter order per review feedback

* fix: removed dependency on Azure.Core and Msal

* style: remove whitespaces

* refactor: removed unused dependency

* style : remove unused referenced namespaces & whitespaces

* style: removel of unused namespaces

* refactor: moving from internal libs to nuget

* refactor: minor simplification of code

* fix: test definition for Get-AzCodeSigningCustomerEku

* refactor: removing unit tests from codebase since they dont use TestFx

* chore: bump to Polly version 7.2.4

* fix: remove unused props

* chore: Adding Common tasks to ps1

* feat: added code sign root cert test

refactor: modified testing properties

* fix: Assert logic for CodeSigning Eku test

* chore: removing UX since its for resource management

* fix: removing unneeded directories

* refactor: modified tests category to LiveOnly

* fix: remove unneeded files from copied repo

* Update src/CodeSigning/CodeSigning/help/Invoke-AzCodeSigningCIPolicySigning.md

* Update src/CodeSigning/CodeSigning/help/Get-AzCodeSigningRootCert.md

* Update src/CodeSigning/CodeSigning/help/Get-AzCodeSigningCustomerEku.md

* Update src/CodeSigning/CodeSigning/help/Invoke-AzCodeSigningCIPolicySigning.md

* Update src/CodeSigning/CodeSigning/help/Get-AzCodeSigningCustomerEku.md

* Update src/CodeSigning/CodeSigning/help/Get-AzCodeSigningRootCert.md

* Update Get-AzCodeSigningRootCert.md

* Update Invoke-AzCodeSigningCIPolicySigning.md

* Update Get-AzCodeSigningCustomerEku.md

* Update Get-AzCodeSigningRootCert.md

* Update Invoke-AzCodeSigningCIPolicySigning.md

* Update Get-AzCodeSigningCustomerEku.md

* docs: fix help command markdowns

* fix: modified code signing customer eku operation to return string array

* docs: corrected examples per guidance.

* chore: remove unused constants

* refactor: simplified object creation

* style: remove unused namespace, added space between props

* refactor: removed positions 4 and 5 from invoke ci policy signing

* chore: bump Azure.CodeSigning.Client.CryptoProvider to version 0.1.16

* chore: added module exception for static analysis

* Update src/CodeSigning/CodeSigning/ChangeLog.md

Co-authored-by: Jin Lei <[email protected]>

* fix: per PR feedback, removing unused ps1

* chore: remove unused classes

---------

Co-authored-by: Dawn Wang <[email protected]>
Co-authored-by: Yunchi Wang <[email protected]>
Co-authored-by: Jin Lei <[email protected]>

src/CodeSigning/CodeSigning.Test/CodeSigning.Test.csproj

@@ -0,0 +1,35 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <PsModuleName>CodeSigning</PsModuleName>
+  </PropertyGroup>
+
+  <Import Project="$(MSBuildThisFileDirectory)..\..\Az.Test.props" />
+
+  <PropertyGroup>
+    <RootNamespace>$(LegacyAssemblyPrefix)$(PsModuleName)$(AzTestAssemblySuffix)</RootNamespace>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <Compile Remove="Models\**" />
+    <Compile Remove="Resources\**" />
+    <Compile Remove="Scripts\**" />
+    <Compile Remove="SessionRecords\**" />
+    <EmbeddedResource Remove="Models\**" />
+    <EmbeddedResource Remove="Resources\**" />
+    <EmbeddedResource Remove="Scripts\**" />
+    <EmbeddedResource Remove="SessionRecords\**" />
+    <None Remove="Models\**" />
+    <None Remove="Resources\**" />
+    <None Remove="Scripts\**" />
+    <None Remove="SessionRecords\**" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\CodeSigning\CodeSigning.csproj" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <Folder Include="ScenarioTests\" />
+  </ItemGroup>
+</Project>

src/CodeSigning/CodeSigning.Test/Resource.resx

@@ -0,0 +1,121 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+    
+    Version 2.0
+    
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+    
+    Example:
+    
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+                
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+    
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+    
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+    
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+    
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+    
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <assembly alias="System.Windows.Forms" name="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
+</root>

src/CodeSigning/CodeSigning.Test/ScenarioTests/CodeSigningTestRunner.cs

@@ -0,0 +1,41 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.TestFx;
+using Xunit.Abstractions;
+
+namespace Microsoft.Azure.Commands.CodeSigning.Test.ScenarioTests
+{
+    public class CodeSigningTestRunner
+    {
+        protected readonly ITestRunner TestRunner;
+
+        protected CodeSigningTestRunner(ITestOutputHelper output)
+        {
+            TestRunner = TestManager.CreateInstance(output)
+                .WithNewPsScriptFilename($"{GetType().Name}.ps1")
+                .WithProjectSubfolderForTests("ScenarioTests")
+                .WithCommonPsScripts(new[]
+                {
+                    @"../AzureRM.Resources.ps1"
+                })
+                .WithNewRmModules(helper => new[]
+                {
+                    helper.RMProfileModule,
+                    helper.GetRMModulePath("Az.CodeSigning.psd1"),
+                })
+                .Build();
+        }
+    }
+}

src/CodeSigning/CodeSigning.Test/ScenarioTests/CodeSigningTests.cs

@@ -0,0 +1,40 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.WindowsAzure.Commands.ScenarioTest;
+using Xunit;
+
+namespace Microsoft.Azure.Commands.CodeSigning.Test.ScenarioTests
+{
+    public class CodeSigningTests: CodeSigningTestRunner
+    {
+        public CodeSigningTests(Xunit.Abstractions.ITestOutputHelper output) : base(output)
+        {
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.LiveOnly)]
+        public void TestCodeSigningEku()
+        {
+            TestRunner.RunTestScript("Test-CodeSigningEku");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.LiveOnly)]
+        public void TestGetSigningRootCertificate()
+        {
+            TestRunner.RunTestScript("Test-GetCodeSigningRootCert");
+        }
+    }
+}

src/CodeSigning/CodeSigning.Test/ScenarioTests/CodeSigningTests.ps1

@@ -0,0 +1,56 @@
+# ----------------------------------------------------------------------------------
+#
+# Copyright Microsoft Corporation
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ----------------------------------------------------------------------------------
+
+<#
+.SYNOPSIS
+Test codesigning command to get extended key usage from the certificate profile
+#>
+function Test-CodeSigningEku {
+
+    $accountName = "acs-test-account"
+    $profileName = "acs-test-account-ci"
+    $endPointUrl = "https://scus.codesigning.azure.net/"
+    $expectedEku = "1.3.6.1.4.1.311.97.1.3.1.29433.35007.34545.16815.37291.11644.53265.56135,1.3.6.1.4.1.311.97.1.4.1.29433.35007.34545.16815.37291.11644.53265.56135"
+
+    try {
+        # Test Get CodeSigning Eku
+        $eku = Get-AzCodeSigningCustomerEku -AccountName $accountName -ProfileName $profileName -EndpointUrl $endPointUrl
+        Assert-AreEqual $eku $expectedEku
+    }
+
+    finally {
+
+    }
+}
+
+<#
+.SYNOPSIS
+Test codesigning command to get the root certificate from the certificate profile
+#>
+function Test-GetCodeSigningRootCert {
+    $accountName = "acs-test-account"
+    $profileName = "acs-test-account-ci"
+    $endPointUrl = "https://scus.codesigning.azure.net/"
+    $destination = "C:\temp"
+
+    try {
+        # Test Get CodeSigning Root Cert
+        $cert = Get-AzCodeSigningRootCert -AccountName $accountName -ProfileName $profileName -EndpointUrl $endPointUrl -Destination $destination
+        Assert-NotNullOrEmpty $cert
+    }
+
+    finally {
+
+    }
+}