From 152e97ccf0f21e648f05b0c1f5e7b602bc1157c8 Mon Sep 17 00:00:00 2001
From: Will Godbe <wigodbe@microsoft.com>
Date: Sun, 1 Oct 2023 01:27:17 +0000
Subject: [PATCH] Merged PR 34158: Update NuGet certificate thumbprints

Update NuGet certificate thumbprints
---
 .../FirstPartyNuGetPackageSigningVerifier.cs             | 9 +++++++--
 .../NuGetPackageInstallerTests.cs                        | 2 ++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/Cli/dotnet/NugetPackageDownloader/FirstPartyNuGetPackageSigningVerifier.cs b/src/Cli/dotnet/NugetPackageDownloader/FirstPartyNuGetPackageSigningVerifier.cs
index 39da77bdfa81..01730dc750c3 100644
--- a/src/Cli/dotnet/NugetPackageDownloader/FirstPartyNuGetPackageSigningVerifier.cs
+++ b/src/Cli/dotnet/NugetPackageDownloader/FirstPartyNuGetPackageSigningVerifier.cs
@@ -20,11 +20,16 @@ internal class FirstPartyNuGetPackageSigningVerifier : IFirstPartyNuGetPackageSi
             new(StringComparer.OrdinalIgnoreCase)
             {
                 "3F9001EA83C560D712C24CF213C3D312CB3BFF51EE89435D3430BD06B5D0EECE",
-                "AA12DA22A49BCE7D5C1AE64CC1F3D892F150DA76140F210ABD2CBFFCA2C18A27"
+                "AA12DA22A49BCE7D5C1AE64CC1F3D892F150DA76140F210ABD2CBFFCA2C18A27",
+                "566A31882BE208BE4422F7CFD66ED09F5D4524A5994F50CCC8B05EC0528C1353"
             };
 
         private readonly HashSet<string> _upperFirstPartyCertificateThumbprints =
-            new(StringComparer.OrdinalIgnoreCase) {"51044706BD237B91B89B781337E6D62656C69F0FCFFBE8E43741367948127862"};
+            new(StringComparer.OrdinalIgnoreCase)
+            {
+                "51044706BD237B91B89B781337E6D62656C69F0FCFFBE8E43741367948127862",
+                "46011EDE1C147EB2BC731A539B7C047B7EE93E48B9D3C3BA710CE132BBDFAC6B"
+            };
 
         private const string FirstPartyCertificateSubject =
             "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US";
diff --git a/src/Tests/Microsoft.DotNet.PackageInstall.Tests/NuGetPackageInstallerTests.cs b/src/Tests/Microsoft.DotNet.PackageInstall.Tests/NuGetPackageInstallerTests.cs
index 07c1daf07424..bfb5727694ea 100644
--- a/src/Tests/Microsoft.DotNet.PackageInstall.Tests/NuGetPackageInstallerTests.cs
+++ b/src/Tests/Microsoft.DotNet.PackageInstall.Tests/NuGetPackageInstallerTests.cs
@@ -300,10 +300,12 @@ public void GivenFirstPartyPackageItShouldReturnTrue()
         {
             var iosSamplePackage = DownloadSamplePackage(new PackageId("Microsoft.iOS.Ref"));
             var androidSamplePackage = DownloadSamplePackage(new PackageId("Microsoft.Android.Ref"));
+            var mauiSamplePackage = DownloadSamplePackage(new PackageId("Microsoft.NET.Sdk.Maui.Manifest-8.0.100-rc.1.Msi.x64"));
 
             var package = new FirstPartyNuGetPackageSigningVerifier();
             package.IsFirstParty(new FilePath(iosSamplePackage)).Should().BeTrue();
             package.IsFirstParty(new FilePath(androidSamplePackage)).Should().BeTrue();
+            package.IsFirstParty(new FilePath(mauiSamplePackage)).Should().BeTrue();
         }
 
         private string GetShaFromSamplePackage(string samplePackage)