Make SignatureProcessor strip repository signatures (#390)

Progress on NuGet/Engineering#1207

Author: joelverhagen

src/Validation.Common.Job/JsonConfigurationJob.cs

@@ -31,6 +31,7 @@ public abstract class JsonConfigurationJob : JobBase
         private const string GalleryDbConfigurationSectionName = "GalleryDb";
         private const string ValidationDbConfigurationSectionName = "ValidationDb";
         private const string ServiceBusConfigurationSectionName = "ServiceBus";
+        private const string ValidationStorageConfigurationSectionName = "ValidationStorage";
         private const string PackageDownloadTimeoutName = "PackageDownloadTimeout";
 
         /// <summary>
@@ -108,7 +109,7 @@ private void ConfigureDefaultJobServices(IServiceCollection services, IConfigura
             services.Configure<GalleryDbConfiguration>(configurationRoot.GetSection(GalleryDbConfigurationSectionName));
             services.Configure<ValidationDbConfiguration>(configurationRoot.GetSection(ValidationDbConfigurationSectionName));
             services.Configure<ServiceBusConfiguration>(configurationRoot.GetSection(ServiceBusConfigurationSectionName));
-            services.Configure<ValidationStorageConfiguration>(configurationRoot.GetSection(ServiceBusConfigurationSectionName));
+            services.Configure<ValidationStorageConfiguration>(configurationRoot.GetSection(ValidationStorageConfigurationSectionName));
 
             services.AddSingleton(new TelemetryClient());
             services.AddTransient<ITelemetryClient, TelemetryClientWrapper>();

src/Validation.PackageSigning.ProcessSignature/ISignaturePartsExtractor.cs

@@ -18,8 +18,8 @@ public interface ISignaturePartsExtractor
         /// </summary>
         /// <exception cref="ArgumentException">Thrown if the provided package is not signed.</exception>
         /// <param name="packageKey">The key of the package in the gallery database.</param>
-        /// <param name="signedPackageReader">The reader of the signed package.</param>
+        /// <param name="signature">The primary signature of the signed package.</param>
         /// <param name="token">The cancellation token.</param>
-        Task ExtractAsync(int packageKey, ISignedPackageReader signedPackageReader, CancellationToken token);
+        Task ExtractAsync(int packageKey, PrimarySignature signature, CancellationToken token);
     }
 }

src/Validation.PackageSigning.ProcessSignature/ISignatureValidator.cs

@@ -1,18 +1,18 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
+using System.IO;
 using System.Threading;
 using System.Threading.Tasks;
 using NuGet.Jobs.Validation.PackageSigning.Messages;
-using NuGet.Packaging.Signing;
 
 namespace NuGet.Jobs.Validation.PackageSigning.ProcessSignature
 {
     public interface ISignatureValidator
     {
         Task<SignatureValidatorResult> ValidateAsync(
             int packageKey,
-            ISignedPackage signedPackage,
+            Stream packageStream,
             SignatureValidationMessage message,
             CancellationToken cancellationToken);
     }

src/Validation.PackageSigning.ProcessSignature/Job.cs

@@ -11,9 +11,9 @@
 using NuGet.Jobs.Validation.PackageSigning.Configuration;
 using NuGet.Jobs.Validation.PackageSigning.Messages;
 using NuGet.Jobs.Validation.PackageSigning.Storage;
+using NuGet.Jobs.Validation.Storage;
 using NuGet.Services.ServiceBus;
 using NuGet.Services.Storage;
-using NuGet.Services.Validation.PackageSigning;
 using NuGet.Services.Validation.PackageSigning.ProcessSignature;
 using NuGetGallery;
 
@@ -42,6 +42,11 @@ protected override void ConfigureJobServices(IServiceCollection services, IConfi
                 return new CertificateStore(storage, LoggerFactory.CreateLogger<CertificateStore>());
             });
 
+            services.AddTransient<IProcessorPackageFileService, ProcessorPackageFileService>(p => new ProcessorPackageFileService(
+                p.GetRequiredService<ICoreFileStorageService>(),
+                typeof(PackageSigningValidator),
+                p.GetRequiredService<ILogger<ProcessorPackageFileService>>()));
+
             services.AddTransient<IBrokeredMessageSerializer<SignatureValidationMessage>, SignatureValidationMessageSerializer>();
             services.AddTransient<IMessageHandler<SignatureValidationMessage>, SignatureValidationMessageHandler>();
             services.AddTransient<IPackageSigningStateService, PackageSigningStateService>();
@@ -52,6 +57,7 @@ protected override void ConfigureJobServices(IServiceCollection services, IConfi
                 PackageSignatureVerifierFactory.CreateMinimal(),
                 PackageSignatureVerifierFactory.CreateFull(),
                 p.GetRequiredService<ISignaturePartsExtractor>(),
+                p.GetRequiredService<IProcessorPackageFileService>(),
                 p.GetRequiredService<IEntityRepository<Certificate>>(),
                 p.GetRequiredService<ILogger<SignatureValidator>>()));
         }

src/Validation.PackageSigning.ProcessSignature/SignaturePartsExtractor.cs

@@ -30,16 +30,8 @@ public SignaturePartsExtractor(
             _logger = logger ?? throw new ArgumentNullException(nameof(logger));
         }
 
-        public async Task ExtractAsync(int packageKey, ISignedPackageReader signedPackageReader, CancellationToken token)
+        public async Task ExtractAsync(int packageKey, PrimarySignature signature, CancellationToken token)
         {
-            if (!await signedPackageReader.IsSignedAsync(token))
-            {
-                throw new ArgumentException("The provided package reader must refer to a signed package.", nameof(signedPackageReader));
-            }
-
-            // Read the package signature.
-            var signature = await signedPackageReader.GetPrimarySignatureAsync(token);
-
             // Extract the certificates found in the package signatures.
             var extractedCertificates = ExtractCertificates(signature);
 

src/Validation.PackageSigning.ProcessSignature/SignatureValidationMessageHandler.cs

@@ -64,7 +64,7 @@ public async Task<bool> HandleAsync(SignatureValidationMessage message)
 
         private async Task<bool> HandleAsync(SignatureValidationMessage message, CancellationToken cancellationToken)
         {
-            using (_logger.BeginScope("Handling signature validation message for package {PackageId} {PackageVersion}, validation set {ValidationSetId}",
+            using (_logger.BeginScope("Handling signature validation message for package {PackageId} {PackageVersion}, validation {ValidationId}",
                 message.PackageId,
                 message.PackageVersion,
                 message.ValidationId))
@@ -111,12 +111,10 @@ private async Task<bool> HandleAsync(SignatureValidationMessage message, Cancell
 
                 // Validate package
                 using (var packageStream = await _packageDownloader.DownloadAsync(message.NupkgUri, cancellationToken))
-                using (var packageWriteStream = new MemoryStream()) // Unused, but to be careful we don't pass the original stream.
-                using (var package = new SignedPackageArchive(packageStream, packageWriteStream))
                 {
                     var result = await _signatureValidator.ValidateAsync(
                         validation.PackageKey,
-                        package,
+                        packageStream,
                         message,
                         cancellationToken);
 
@@ -136,6 +134,13 @@ private async Task<bool> HandleAsync(SignatureValidationMessage message, Cancell
                             });
                         }
                     }
+
+                    // Save the .nupkg URL if the resulting state is successful.
+                    if (validation.State == ValidationStatus.Succeeded
+                        && result.NupkgUri != null)
+                    {
+                        validation.NupkgUrl = result.NupkgUri.AbsoluteUri;
+                    }
                 }
 
                 // The signature validator should do all of the work to bring this validation to its completion.