refactor get certificate async function to use get cert chain operati…

…on (#740)
dotnet · Jul 15, 2024 · edfa5ef · edfa5ef
1 parent 820aa9c
commit edfa5ef
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/Directory.Packages.props b/Directory.Packages.props
@@ -5,7 +5,7 @@
   </PropertyGroup>
   <ItemGroup>
     <PackageVersion Include="Azure.Core" Version="1.38.0" />
-    <PackageVersion Include="Azure.CodeSigning.Sdk" Version="0.1.96" />
+    <PackageVersion Include="Azure.CodeSigning.Sdk" Version="0.1.106" />
     <PackageVersion Include="Azure.Identity" Version="1.11.4" />
     <PackageVersion Include="Azure.Security.KeyVault.Certificates" Version="4.6.0" />
     <PackageVersion Include="AzureSign.Core" Version="4.0.1" />

diff --git a/src/Sign.SignatureProviders.TrustedSigning/TrustedSigningService.cs b/src/Sign.SignatureProviders.TrustedSigning/TrustedSigningService.cs
@@ -5,7 +5,6 @@
 using System.Diagnostics;
 using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
-using System.Text;
 using Azure;
 using Azure.CodeSigning;
 using Azure.CodeSigning.Models;
@@ -61,6 +60,7 @@ public async Task<X509Certificate2> GetCertificateAsync(CancellationToken cancel
             }
 
             await _mutex.WaitAsync(cancellationToken);
+
             try
             {
                 if (_certificate is null)
@@ -69,17 +69,19 @@ public async Task<X509Certificate2> GetCertificateAsync(CancellationToken cancel
 
                     _logger.LogTrace(Resources.FetchingCertificate);
 
-                    CertificateProfileSignOperation operation = await _client.StartSignAsync(_accountName, _certificateProfileName, _emptyRequest, cancellationToken: cancellationToken);
-                    Response<SignStatus> response = await operation.WaitForCompletionAsync(cancellationToken);
+                    Response<Stream> response = await _client.GetSignCertificateChainAsync(_accountName, _certificateProfileName, cancellationToken: cancellationToken);
+
+                    byte[] rawData = new byte[response.Value.Length];
+                    response.Value.Read(rawData, 0, rawData.Length);
 
-                    byte[] rawData = Convert.FromBase64String(Encoding.UTF8.GetString(response.Value.SigningCertificate));
                     X509Certificate2Collection collection = [];
                     collection.Import(rawData);
 
                     // This should contain the certificate chain in root->leaf order.
                     _certificate = collection[collection.Count - 1];
 
                     _logger.LogTrace(Resources.FetchedCertificate, stopwatch.Elapsed.TotalMilliseconds);
+                    response.Value.Dispose();
                 }
             }
             finally