feat(api): Implement Console Export Client and Models
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Findings Ledger CI / build-test (push) Has been cancelled
Findings Ledger CI / migration-validation (push) Has been cancelled
Findings Ledger CI / generate-manifest (push) Has been cancelled
mock-dev-release / package-mock-release (push) Has been cancelled
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Findings Ledger CI / build-test (push) Has been cancelled
Findings Ledger CI / migration-validation (push) Has been cancelled
Findings Ledger CI / generate-manifest (push) Has been cancelled
mock-dev-release / package-mock-release (push) Has been cancelled
- Added ConsoleExportClient for managing export requests and responses. - Introduced ConsoleExportRequest and ConsoleExportResponse models. - Implemented methods for creating and retrieving exports with appropriate headers. feat(crypto): Add Software SM2/SM3 Cryptography Provider - Implemented SmSoftCryptoProvider for software-only SM2/SM3 cryptography. - Added support for signing and verification using SM2 algorithm. - Included hashing functionality with SM3 algorithm. - Configured options for loading keys from files and environment gate checks. test(crypto): Add unit tests for SmSoftCryptoProvider - Created comprehensive tests for signing, verifying, and hashing functionalities. - Ensured correct behavior for key management and error handling. feat(api): Enhance Console Export Models - Expanded ConsoleExport models to include detailed status and event types. - Added support for various export formats and notification options. test(time): Implement TimeAnchorPolicyService tests - Developed tests for TimeAnchorPolicyService to validate time anchors. - Covered scenarios for anchor validation, drift calculation, and policy enforcement.
This commit is contained in:
StellaOps Bot
@@ -0,0 +1,77 @@
|
||||
using System;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using Org.BouncyCastle.Asn1.GM;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.Crypto.Generators;
|
||||
using Org.BouncyCastle.Crypto.Parameters;
|
||||
using Org.BouncyCastle.Crypto.Prng;
|
||||
using Org.BouncyCastle.Security;
|
||||
using Org.BouncyCastle.Asn1.Pkcs;
|
||||
using StellaOps.Cryptography;
|
||||
using StellaOps.Cryptography.Plugin.SmSoft;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Cryptography.Tests;
|
||||
|
||||
public class SmSoftCryptoProviderTests : IDisposable
|
||||
{
|
||||
private readonly string? _originalGate;
|
||||
|
||||
public SmSoftCryptoProviderTests()
|
||||
{
|
||||
_originalGate = Environment.GetEnvironmentVariable("SM_SOFT_ALLOWED");
|
||||
Environment.SetEnvironmentVariable("SM_SOFT_ALLOWED", "1");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task SignAndVerify_Sm2_Works()
|
||||
{
|
||||
var provider = new SmSoftCryptoProvider();
|
||||
var key = GenerateSm2Key();
|
||||
|
||||
provider.UpsertSigningKey(key);
|
||||
|
||||
var signer = provider.GetSigner(SignatureAlgorithms.Sm2, key.Reference);
|
||||
var payload = Encoding.UTF8.GetBytes("sm2-payload");
|
||||
|
||||
var signature = await signer.SignAsync(payload);
|
||||
Assert.True(await signer.VerifyAsync(payload, signature));
|
||||
|
||||
var jwk = signer.ExportPublicJsonWebKey();
|
||||
Assert.Equal(SignatureAlgorithms.Sm2, jwk.Alg);
|
||||
Assert.Equal("SM2", jwk.Crv);
|
||||
Assert.Equal(key.Reference.KeyId, jwk.Kid);
|
||||
Assert.False(string.IsNullOrEmpty(jwk.X));
|
||||
Assert.False(string.IsNullOrEmpty(jwk.Y));
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void Hash_Sm3_Works()
|
||||
{
|
||||
var provider = new SmSoftCryptoProvider();
|
||||
var hasher = provider.GetHasher(HashAlgorithms.Sm3);
|
||||
|
||||
var digest = hasher.ComputeHashHex(Encoding.UTF8.GetBytes("abc"));
|
||||
// Known SM3("abc") = 66c7f0f462eeedd9d1f2d46bdc10e4e2 4167c4875cf2f7a2 297da02b8f4ba8e0
|
||||
Assert.Equal("66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0", digest);
|
||||
}
|
||||
|
||||
private static CryptoSigningKey GenerateSm2Key()
|
||||
{
|
||||
var generator = new ECKeyPairGenerator("EC");
|
||||
var curve = GMNamedCurves.GetByName("SM2P256V1");
|
||||
var domain = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
|
||||
generator.Init(new ECKeyGenerationParameters(domain, new SecureRandom(new CryptoApiRandomGenerator())));
|
||||
var pair = generator.GenerateKeyPair();
|
||||
var privateDer = PrivateKeyInfoFactory.CreatePrivateKeyInfo(pair.Private).ToAsn1Object().GetDerEncoded();
|
||||
|
||||
var keyRef = new CryptoKeyReference("sm-soft-test");
|
||||
return new CryptoSigningKey(keyRef, SignatureAlgorithms.Sm2, privateDer, DateTimeOffset.UtcNow);
|
||||
}
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
Environment.SetEnvironmentVariable("SM_SOFT_ALLOWED", _originalGate);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user