Port PR !9243820 from ADO

CoseSignTool/CoseSign1.Abstractions/CoseSign1.Abstractions.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>netstandard2.1</TargetFramework>
+    <TargetFramework>netstandard2.0</TargetFramework>
     <Nullable>enable</Nullable>
     <LangVersion>latest</LangVersion>
     <NuspecFile>../CoseSign1.Nuspec/CoseSign1.Abstractions.nuspec</NuspecFile>

CoseSignTool/CoseSign1.Certificates/CoseSign1.Certificates.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>netstandard2.1</TargetFramework>
+    <TargetFramework>netstandard2.0</TargetFramework>
     <Nullable>enable</Nullable>
     <LangVersion>latest</LangVersion>
     <NuspecFile>../CoseSign1.Nuspec/CoseSign1.Certificates.nuspec</NuspecFile>

CoseSignTool/CoseSign1.Certificates/Extensions/CborReaderExtensions.cs

@@ -1,4 +1,4 @@
-// Copyright (c) Microsoft Corporation.
+// Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
 namespace CoseSign1.Certificates.Extensions;
@@ -18,7 +18,7 @@ public static class CborReaderExtensions
     public static bool TryReadCertificateSet(
         this CborReader reader,
         ref List<X509Certificate2> certificates,
-        [NotNullWhen(returnValue: false)] out CoseX509FormatException? ex)
+        out CoseX509FormatException? ex)
     {
         ex = null;
         try

CoseSignTool/CoseSign1.Certificates/Extensions/CoseSign1MessageExtensions.cs

@@ -1,4 +1,4 @@
-// Copyright (c) Microsoft Corporation.
+// Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
 namespace CoseSign1.Certificates.Extensions;
@@ -19,7 +19,7 @@ public static class CoseSign1MessageExtensions
     /// <exception cref="CoseX509FormatException">The certificates could not be read from the header.</exception>
     public static bool TryGetSigningCertificate(
         this CoseSign1Message msg,
-        [NotNullWhen(returnValue: true)] out X509Certificate2? signingCert,
+        out X509Certificate2? signingCert,
         bool allowUnprotected = false)
     {
         signingCert = null;
@@ -45,11 +45,11 @@ public static bool TryGetSigningCertificate(
                 ? msg.ProtectedHeaders.Union(msg.UnprotectedHeaders)
                 : msg.ProtectedHeaders;
 
-            foreach ((CoseHeaderLabel label, CoseHeaderValue value) in searchableHeaders)
+            foreach (KeyValuePair<CoseHeaderLabel, CoseHeaderValue> kvp in searchableHeaders)
             {
-                reader = new CborReader(value.EncodedValue);
+                reader = new CborReader(kvp.Value.EncodedValue);
 
-                if (label == CertificateCoseHeaderLabels.X5T)
+                if (kvp.Key == CertificateCoseHeaderLabels.X5T)
                 {
                     thumbprint = CoseX509Thumprint.Deserialize(reader);
                     break;
@@ -84,7 +84,7 @@ public static bool TryGetSigningCertificate(
     /// <returns>True if the header was found and extracted, False if the header was not found, or the contents were not a proper cert list.</returns>
     public static bool TryGetCertificateChain(
         this CoseSign1Message msg,
-        [NotNullWhen(returnValue: true)] out List<X509Certificate2>? certChain,
+        out List<X509Certificate2>? certChain,
         bool allowUnprotected = false,
         ICoseSigningKeyProvider? keyProvider = null) =>
             msg.TryGetCertificateList(CertificateCoseHeaderLabels.X5Chain, out certChain, allowUnprotected);
@@ -98,7 +98,7 @@ public static bool TryGetCertificateChain(
     /// <returns>True if the header was found and extracted, False if the header was not found, or the contents were not a proper cert list.</returns>
     public static bool TryGetExtraCertificates(
         this CoseSign1Message msg,
-        [NotNullWhen(returnValue: true)] out List<X509Certificate2>? certChain,
+        out List<X509Certificate2>? certChain,
         bool allowUnprotected = false) =>
             msg.TryGetCertificateList(CertificateCoseHeaderLabels.X5Bag, out certChain, allowUnprotected);
 
@@ -113,7 +113,7 @@ public static bool TryGetExtraCertificates(
     private static bool TryGetCertificateList(
         this CoseSign1Message msg,
         CoseHeaderLabel labelForCertList,
-        [NotNullWhen(returnValue: true)] out List<X509Certificate2>? certList,
+        out List<X509Certificate2>? certList,
         bool allowUnprotected = false)
     {
         certList = null;
@@ -133,11 +133,11 @@ private static bool TryGetCertificateList(
                 : msg.ProtectedHeaders;
 
             DateTimeOffset expiry = DateTimeOffset.UtcNow.AddMinutes(5);
-            foreach ((CoseHeaderLabel label, CoseHeaderValue value) in searchableHeaders)
+            foreach (KeyValuePair<CoseHeaderLabel, CoseHeaderValue> kvp in searchableHeaders)
             {
-                reader = new CborReader(value.EncodedValue);
+                reader = new CborReader(kvp.Value.EncodedValue);
 
-                if (label == labelForCertList)
+                if (kvp.Key == labelForCertList)
                 {
                     certList = new List<X509Certificate2>();
                     bool certificatesRead = reader.TryReadCertificateSet(ref certList, out _);

CoseSignTool/CoseSign1.Nuspec/CoseSign1.Abstractions.nuspec

@@ -9,17 +9,17 @@
 Abstractions required to extend or enhance Create CoseSign1 functionality.
     </description>
     <dependencies>
-      <group targetFramework=".NETStandard2.1">
+      <group targetFramework=".NETStandard2.0">
         <dependency id="System.Security.Cryptography.Cose" version="7.0.0" />
       </group>
     </dependencies>
   </metadata>
   <files>
-    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.1\CoseSign1.Abstractions.dll" target="lib\netstandard2.1" />
-    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.1\CoseSign1.Abstractions.pdb" target="Build\symbols" />
-    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.1\_manifest\manifest.json" target="Build\sbom" />
-    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.1\_manifest\manifest.json.sha256" target="Build\sbom" />
-    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.1\_manifest\spdx_2.2\manifest.spdx.json" target="Build\sbom\spdx_2.2" />
-    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.1\_manifest\spdx_2.2\manifest.spdx.json.sha256" target="Build\sbom\spdx_2.2" />
+    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.0\CoseSign1.Abstractions.dll" target="lib\netstandard2.0" />
+    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.0\CoseSign1.Abstractions.pdb" target="Build\symbols" />
+    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.0\_manifest\manifest.json" target="Build\sbom" />
+    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.0\_manifest\manifest.json.sha256" target="Build\sbom" />
+    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.0\_manifest\spdx_2.2\manifest.spdx.json" target="Build\sbom\spdx_2.2" />
+    <file src="..\CoseSign1.Abstractions\bin\Release\netstandard2.0\_manifest\spdx_2.2\manifest.spdx.json.sha256" target="Build\sbom\spdx_2.2" />
 </files>
 </package>

CoseSignTool/CoseSign1.Nuspec/CoseSign1.Certificates.nuspec

@@ -9,18 +9,18 @@
 Abstractions and classes required to extend or enhance Microsoft.CoseSign1.Abstractions for all certificate based signing.
     </description>
     <dependencies>
-      <group targetFramework=".NETStandard2.1">
+      <group targetFramework=".NETStandard2.0">
         <dependency id="System.Runtime.Caching" version="7.0.0" />
         <dependency id="CoseSign1.Abstractions" version="$VersionNgt$" />
       </group>
     </dependencies>
   </metadata>
   <files>
-    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.1\CoseSign1.Certificates.dll" target="lib\netstandard2.1" />
-    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.1\CoseSign1.Certificates.pdb" target="Build\symbols" />
-    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.1\_manifest\manifest.json" target="Build\sbom" />
-    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.1\_manifest\manifest.json.sha256" target="Build\sbom" />
-    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.1\_manifest\spdx_2.2\manifest.spdx.json" target="Build\sbom\spdx_2.2" />
-    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.1\_manifest\spdx_2.2\manifest.spdx.json.sha256" target="Build\sbom\spdx_2.2" />
+    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.0\CoseSign1.Certificates.dll" target="lib\netstandard2.0" />
+    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.0\CoseSign1.Certificates.pdb" target="Build\symbols" />
+    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.0\_manifest\manifest.json" target="Build\sbom" />
+    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.0\_manifest\manifest.json.sha256" target="Build\sbom" />
+    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.0\_manifest\spdx_2.2\manifest.spdx.json" target="Build\sbom\spdx_2.2" />
+    <file src="..\CoseSign1.Certificates\bin\Release\netstandard2.0\_manifest\spdx_2.2\manifest.spdx.json.sha256" target="Build\sbom\spdx_2.2" />
   </files>
 </package>

CoseSignTool/CoseSign1.Nuspec/CoseSign1.nuspec

@@ -9,17 +9,17 @@
 Factory Implementations required to Create CoseSign1 Message.
     </description>
     <dependencies>
-      <group targetFramework=".NETStandard2.1">
+      <group targetFramework=".NETStandard2.0">
         <dependency id="CoseSign1.Abstractions" version="$VersionNgt$" />
       </group>
     </dependencies>
   </metadata>
   <files>
-    <file src="..\CoseSign1\bin\Release\netstandard2.1\CoseSign1.dll" target="lib\netstandard2.1" />
-    <file src="..\CoseSign1\bin\Release\netstandard2.1\CoseSign1.pdb" target="Build\symbols" />
-    <file src="..\CoseSign1\bin\Release\netstandard2.1\_manifest\manifest.json" target="Build\sbom" />
-    <file src="..\CoseSign1\bin\Release\netstandard2.1\_manifest\manifest.json.sha256" target="Build\sbom" />
-    <file src="..\CoseSign1\bin\Release\netstandard2.1\_manifest\spdx_2.2\manifest.spdx.json" target="Build\sbom\spdx_2.2" />
-    <file src="..\CoseSign1\bin\Release\netstandard2.1\_manifest\spdx_2.2\manifest.spdx.json.sha256" target="Build\sbom\spdx_2.2" />
+    <file src="..\CoseSign1\bin\Release\netstandard2.0\CoseSign1.dll" target="lib\netstandard2.0" />
+    <file src="..\CoseSign1\bin\Release\netstandard2.0\CoseSign1.pdb" target="Build\symbols" />
+    <file src="..\CoseSign1\bin\Release\netstandard2.0\_manifest\manifest.json" target="Build\sbom" />
+    <file src="..\CoseSign1\bin\Release\netstandard2.0\_manifest\manifest.json.sha256" target="Build\sbom" />
+    <file src="..\CoseSign1\bin\Release\netstandard2.0\_manifest\spdx_2.2\manifest.spdx.json" target="Build\sbom\spdx_2.2" />
+    <file src="..\CoseSign1\bin\Release\netstandard2.0\_manifest\spdx_2.2\manifest.spdx.json.sha256" target="Build\sbom\spdx_2.2" />
    </files>
 </package>

CoseSignTool/CoseSign1/CoseSign1.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>netstandard2.1</TargetFramework>
+    <TargetFramework>netstandard2.0</TargetFramework>
     <Nullable>enable</Nullable>
     <LangVersion>latest</LangVersion>
     <NuspecFile>../CoseSign1.Nuspec/CoseSign1.nuspec</NuspecFile>

CoseSignTool/CoseSign1/Interfaces/Constants.cs

@@ -0,0 +1,15 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+namespace CoseSign1.Interfaces;
+/// <summary>
+/// A list of constant strings for the CoseSign1.Interfaces namespace.
+/// </summary>
+public static class Constants
+
+{
+    /// <summary>
+    /// The mime type added to Protected Headers when ContentType is not specified.
+    /// </summary>
+    public const string DEFAULT_CONTENT_TYPE = "application/cose";
+}

CoseSignTool/CoseSign1/Interfaces/ICoseSign1MessageFactory.cs

@@ -1,4 +1,4 @@
-// Copyright (c) Microsoft Corporation.
+// Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
 namespace CoseSign1.Interfaces;
@@ -8,11 +8,6 @@ namespace CoseSign1.Interfaces;
 /// </summary>
 public interface ICoseSign1MessageFactory
 {
-    /// <summary>
-    /// The mime type added to Protected Headers when ContentType is not specified.
-    /// </summary>
-    public const string DEFAULT_CONTENT_TYPE = "application/cose";
-
     /// <summary>
     /// Creates a CoseSign1Message object that represents a COSE signature.
     /// </summary>
@@ -30,7 +25,7 @@ public CoseSign1Message CreateCoseSign1Message(
            ReadOnlyMemory<byte> payload,
            ICoseSigningKeyProvider signingKeyProvider,
            bool embedPayload = false,
-           string contentType = DEFAULT_CONTENT_TYPE,
+           string contentType = Constants.DEFAULT_CONTENT_TYPE,
            ICoseHeaderExtender? headerExtender = null
            );
 
@@ -52,7 +47,7 @@ public CoseSign1Message CreateCoseSign1Message(
            Stream payload,
            ICoseSigningKeyProvider signingKeyProvider,
            bool embedPayload = false,
-           string contentType = DEFAULT_CONTENT_TYPE,
+           string contentType = Constants.DEFAULT_CONTENT_TYPE,
            ICoseHeaderExtender? headerExtender = null
            );
 
@@ -74,7 +69,7 @@ public ReadOnlyMemory<byte> CreateCoseSign1MessageBytes(
            ReadOnlyMemory<byte> payload,
            ICoseSigningKeyProvider signingKeyProvider,
            bool embedPayload = false,
-           string contentType = DEFAULT_CONTENT_TYPE,
+           string contentType = Constants.DEFAULT_CONTENT_TYPE,
            ICoseHeaderExtender? headerExtender = null
            );
 
@@ -96,7 +91,7 @@ public ReadOnlyMemory<byte> CreateCoseSign1MessageBytes(
            Stream payload,
            ICoseSigningKeyProvider signingKeyProvider,
            bool embedPayload = false,
-           string contentType = DEFAULT_CONTENT_TYPE,
+           string contentType = Constants.DEFAULT_CONTENT_TYPE,
            ICoseHeaderExtender? headerExtender = null
            );
 }

CoseSignTool/CoseSignTool.sln

@@ -25,6 +25,13 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "CoseSign1.Tests.Common", "C
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "CoseSignTool.tests", "CoseSignTool.tests\CoseSignTool.tests.csproj", "{FA48F9DF-CB88-48BC-8594-EC496E193659}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "NuSpec", "NuSpec", "{CFF2CCBD-F459-46AB-8DB9-ADD03AAF1B44}"
+	ProjectSection(SolutionItems) = preProject
+		CoseSign1.Nuspec\CoseSign1.Abstractions.nuspec = CoseSign1.Nuspec\CoseSign1.Abstractions.nuspec
+		CoseSign1.Nuspec\CoseSign1.Certificates.nuspec = CoseSign1.Nuspec\CoseSign1.Certificates.nuspec
+		CoseSign1.Nuspec\CoseSign1.nuspec = CoseSign1.Nuspec\CoseSign1.nuspec
+	EndProjectSection
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -117,6 +124,9 @@ Global
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{CFF2CCBD-F459-46AB-8DB9-ADD03AAF1B44} = {0EBBE2F9-CCAE-4129-BCD6-C59647AF9EB8}
+	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {7A47A7E7-CC2B-48CE-9D97-3629EF8AC140}
 	EndGlobalSection