Az.codesigning - fix regressions (Azure#26801)

* fix: regression failure using azure codesigning crypto provider

By migrating to the rebranded Azure.Developer.TrustedSigning.CryptoProvider

* docs: added changelog.md entries

* fix: Polly dependency is still used on this version

* fix: package of Polly should be on version 7.2.4

src/CodeSigning/CodeSigning/Az.CodeSigning.psd1

@@ -54,10 +54,8 @@ DotNetFrameworkVersion = '4.7.2'
 RequiredModules = @(@{ModuleName = 'Az.Accounts'; ModuleVersion = '3.0.3'; })
 
 # Assemblies that must be loaded prior to importing this module
-RequiredAssemblies = 'Azure.CodeSigning.Client.CryptoProvider.dll', 
-               'Azure.CodeSigning.Client.CryptoProvider.Models.dll', 
-               'Azure.CodeSigning.Client.CryptoProvider.Utilities.dll', 
-               'Azure.CodeSigning.dll', 'Polly.dll'
+RequiredAssemblies = 'Azure.Developer.TrustedSigning.CryptoProvider.dll',
+               'Azure.CodeSigning.dll'
 
 # Script files (.ps1) that are run in the caller's environment prior to importing this module.
 # ScriptsToProcess = @()
@@ -75,7 +73,7 @@ NestedModules = @('Microsoft.Azure.PowerShell.Cmdlets.CodeSigning.dll')
 FunctionsToExport = @()
 
 # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
-CmdletsToExport = 'Get-AzCodeSigningCustomerEku', 'Get-AzCodeSigningRootCert', 
+CmdletsToExport = 'Get-AzCodeSigningCustomerEku', 'Get-AzCodeSigningRootCert',
                'Get-AzCodeSigningCertChain', 'Invoke-AzCodeSigningCIPolicySigning'
 
 # Variables to export from this module

src/CodeSigning/CodeSigning/ChangeLog.md

@@ -19,6 +19,8 @@
 -->
 ## Upcoming Release
 * Upgraded Azure.Core to 1.44.1.
+* Upgraded to rebranded package Azure.Developer.TrustedSigning.CryptoProvider.
+* Upgraded to updated Azure.Codesigning.Sdk.
 
 ## Version 0.2.0
 * Added `Get-AzCodeSigningCertChain` cmdlet to retrieve the certificate chain for a certificate profile.

src/CodeSigning/CodeSigning/CodeSigning.csproj

@@ -23,8 +23,8 @@
 
   <ItemGroup>
     <PackageReference Include="Polly" Version="7.2.4" />
-    <PackageReference Include="Azure.CodeSigning.Client.CryptoProvider" Version="0.1.16" />
-    <PackageReference Include="Azure.CodeSigning.Sdk" Version="0.1.106" />
+    <PackageReference Include="Azure.Developer.TrustedSigning.CryptoProvider" Version="0.1.38" />
+    <PackageReference Include="Azure.CodeSigning.Sdk" Version="0.1.127" />
     <PackageReference Include="System.Formats.Asn1" Version="6.0.1" />
     <PackageReference Include="System.Security.Cryptography.Pkcs" Version="6.0.3" />
   </ItemGroup>

src/CodeSigning/CodeSigning/Commands/InvokeCIPolicySigning.cs

@@ -140,7 +140,7 @@ private void WriteMessage(string message)
 
         private void ValidateFileType(string fullInPath)
         {
-            if (System.IO.Path.GetExtension(fullInPath).ToLower() == ".bin")
+            if (string.Equals(System.IO.Path.GetExtension(fullInPath), ".bin", StringComparison.OrdinalIgnoreCase))
             {
                 WriteMessage(Environment.NewLine);
                 WriteMessage("CI Policy file submitted");

src/CodeSigning/CodeSigning/Helpers/CmsSigner.cs

@@ -12,7 +12,7 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
-using Azure.CodeSigning.Client.CryptoProvider;
+using Azure.Developer.TrustedSigning.CryptoProvider;
 using Azure.Core;
 using System;
 using System.IO;
@@ -33,10 +33,10 @@ public void SignCIPolicy(TokenCredential tokenCred, string accountName, string c
             {
                 try
                 {
-                    var context = new AzCodeSignContext(tokenCred, accountName, certProfile, endpointUrl);
+                    var context = new AzSignContext(tokenCred, accountName, certProfile, new Uri(endpointUrl));
 
-                    var cert = context.InitializeChainAsync().Result;
-                    RSA rsa = new RSAAzCodeSign(context);
+                    var cert = context.GetSigningCertificate();
+                    RSA rsa = new RSAAzSign(context);
 
                     var cipolicy = File.ReadAllBytes(unsignedCIFilePath);
                     var cmscontent = new ContentInfo(new Oid("1.3.6.1.4.1.311.79.1"), cipolicy);
@@ -84,7 +84,7 @@ public void SignCIPolicy(TokenCredential tokenCred, string accountName, string c
                     retry--;
                     if (retry == 0 || ex.Message == "Input TimeStamperUrl is not valid Uri. Please check.")
                     {
-                        throw ex;
+                        throw;
                     }
                 }
             }

src/CodeSigning/CodeSigning/Models/CodeSigningServiceClient.cs

@@ -78,7 +78,8 @@ public string[] GetCodeSigningEku(string accountName, string profileName, string
             GetCertificateProfileClient(endpoint);
 
             var eku = CertificateProfileClient.GetSignEku(accountName, profileName);
-            return eku.Value?.ToArray();
+
+            return eku.Value?.Distinct().ToArray();
         }
         public string[] GetCodeSigningEku(string metadataPath)
         {