part #2
This commit is contained in:
master
@@ -0,0 +1,26 @@
|
||||
// SPDX-License-Identifier: BUSL-1.1
|
||||
// Sprint: SPRINT_4100_0006_0002 - eIDAS Crypto Plugin Tests
|
||||
using StellaOps.Cryptography;
|
||||
using StellaOps.TestKit;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Cryptography.Plugin.EIDAS.Tests;
|
||||
|
||||
public partial class EidasCryptoProviderTests
|
||||
{
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void ExportPublicJsonWebKey_ReturnsStubJwk()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-key-local");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
var jwk = signer.ExportPublicJsonWebKey();
|
||||
|
||||
Assert.NotNull(jwk);
|
||||
Assert.Equal("EC", jwk.Kty);
|
||||
Assert.Equal("P-256", jwk.Crv);
|
||||
Assert.Equal("sig", jwk.Use);
|
||||
Assert.Equal("test-key-local", jwk.Kid);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,68 @@
|
||||
// SPDX-License-Identifier: BUSL-1.1
|
||||
// Sprint: SPRINT_4100_0006_0002 - eIDAS Crypto Plugin Tests
|
||||
using StellaOps.Cryptography;
|
||||
using StellaOps.TestKit;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Cryptography.Plugin.EIDAS.Tests;
|
||||
|
||||
public partial class EidasCryptoProviderTests
|
||||
{
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void GetSigner_ReturnsEidasSigner()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-key-local");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
Assert.NotNull(signer);
|
||||
Assert.Equal("test-key-local", signer.KeyId);
|
||||
Assert.Equal("ECDSA-P256", signer.AlgorithmId);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void UpsertSigningKey_AddsKey()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-upsert");
|
||||
var signingKey = new CryptoSigningKey(
|
||||
keyRef,
|
||||
"ECDSA-P256",
|
||||
new byte[] { 1, 2, 3, 4 },
|
||||
FixedUtcNow);
|
||||
|
||||
_provider.UpsertSigningKey(signingKey);
|
||||
|
||||
var keys = _provider.GetSigningKeys();
|
||||
Assert.Contains(keys, k => k.Reference.KeyId == "test-upsert");
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void RemoveSigningKey_RemovesKey()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-remove");
|
||||
var signingKey = new CryptoSigningKey(
|
||||
keyRef,
|
||||
"ECDSA-P256",
|
||||
new byte[] { 1, 2, 3, 4 },
|
||||
FixedUtcNow);
|
||||
|
||||
_provider.UpsertSigningKey(signingKey);
|
||||
Assert.Contains(_provider.GetSigningKeys(), k => k.Reference.KeyId == "test-remove");
|
||||
|
||||
var removed = _provider.RemoveSigningKey("test-remove");
|
||||
|
||||
Assert.True(removed);
|
||||
Assert.DoesNotContain(_provider.GetSigningKeys(), k => k.Reference.KeyId == "test-remove");
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void RemoveSigningKey_ReturnsFalseForNonExistentKey()
|
||||
{
|
||||
var removed = _provider.RemoveSigningKey("non-existent-key");
|
||||
|
||||
Assert.False(removed);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,40 @@
|
||||
// SPDX-License-Identifier: BUSL-1.1
|
||||
// Sprint: SPRINT_4100_0006_0002 - eIDAS Crypto Plugin Tests
|
||||
using StellaOps.Cryptography;
|
||||
using StellaOps.TestKit;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Cryptography.Plugin.EIDAS.Tests;
|
||||
|
||||
public partial class EidasCryptoProviderTests
|
||||
{
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void Provider_Name_IsEidas()
|
||||
{
|
||||
Assert.Equal("eidas", _provider.Name);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Theory]
|
||||
[InlineData(CryptoCapability.Signing, "ECDSA-P256", true)]
|
||||
[InlineData(CryptoCapability.Signing, "ECDSA-P384", true)]
|
||||
[InlineData(CryptoCapability.Signing, "ECDSA-P521", true)]
|
||||
[InlineData(CryptoCapability.Signing, "RSA-PSS-2048", true)]
|
||||
[InlineData(CryptoCapability.Signing, "RSA-PSS-4096", true)]
|
||||
[InlineData(CryptoCapability.Signing, "EdDSA-Ed25519", true)]
|
||||
[InlineData(CryptoCapability.Signing, "EdDSA-Ed448", true)]
|
||||
[InlineData(CryptoCapability.Verification, "ECDSA-P256", true)]
|
||||
[InlineData(CryptoCapability.Signing, "UNKNOWN-ALGO", false)]
|
||||
[InlineData(CryptoCapability.ContentHashing, "ECDSA-P256", false)]
|
||||
[InlineData(CryptoCapability.PasswordHashing, "ECDSA-P256", false)]
|
||||
public void Supports_ReturnsExpectedResults(
|
||||
CryptoCapability capability,
|
||||
string algorithmId,
|
||||
bool expected)
|
||||
{
|
||||
var result = _provider.Supports(capability, algorithmId);
|
||||
|
||||
Assert.Equal(expected, result);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,65 @@
|
||||
// SPDX-License-Identifier: BUSL-1.1
|
||||
// Sprint: SPRINT_4100_0006_0002 - eIDAS Crypto Plugin Tests
|
||||
using System.Collections.Generic;
|
||||
using StellaOps.Cryptography;
|
||||
using StellaOps.TestKit;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Cryptography.Plugin.EIDAS.Tests;
|
||||
|
||||
public partial class EidasCryptoProviderTests
|
||||
{
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public async Task SignWithLocalKey_ReturnsSignatureAsync()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-key-local");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
var data = "Test data for signing"u8.ToArray();
|
||||
var signature = await signer.SignAsync(data);
|
||||
|
||||
Assert.NotNull(signature);
|
||||
Assert.NotEmpty(signature);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public async Task VerifyWithLocalKey_ReturnsTrueAsync()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-key-local");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
var data = "Test data for verification"u8.ToArray();
|
||||
var signature = await signer.SignAsync(data);
|
||||
var isValid = await signer.VerifyAsync(data, signature);
|
||||
|
||||
Assert.True(isValid);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public async Task SignWithTspKey_ReturnsSignatureAsync()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-key-tsp");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
var data = "Test data for TSP signing"u8.ToArray();
|
||||
var signature = await signer.SignAsync(data);
|
||||
|
||||
Assert.NotNull(signature);
|
||||
Assert.NotEmpty(signature);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public async Task SignWithUnknownKey_ThrowsKeyNotFoundExceptionAsync()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-key-missing");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
var data = "Test data for missing key"u8.ToArray();
|
||||
|
||||
await Assert.ThrowsAsync<KeyNotFoundException>(() => signer.SignAsync(data).AsTask());
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,23 @@
|
||||
// SPDX-License-Identifier: BUSL-1.1
|
||||
// Sprint: SPRINT_4100_0006_0002 - eIDAS Crypto Plugin Tests
|
||||
using StellaOps.TestKit;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Cryptography.Plugin.EIDAS.Tests;
|
||||
|
||||
public partial class EidasCryptoProviderTests
|
||||
{
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void GetPasswordHasher_ThrowsNotSupported()
|
||||
{
|
||||
Assert.Throws<NotSupportedException>(() => _provider.GetPasswordHasher("PBKDF2"));
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void GetHasher_ThrowsNotSupported()
|
||||
{
|
||||
Assert.Throws<NotSupportedException>(() => _provider.GetHasher("SHA256"));
|
||||
}
|
||||
}
|
||||
@@ -1,85 +1,51 @@
|
||||
// SPDX-License-Identifier: BUSL-1.1
|
||||
// Sprint: SPRINT_4100_0006_0002 - eIDAS Crypto Plugin Tests
|
||||
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Microsoft.Extensions.Options;
|
||||
using System;
|
||||
using System.IO;
|
||||
using System.Net.Http;
|
||||
using System.Security.Cryptography;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using StellaOps.Cryptography;
|
||||
using Microsoft.Extensions.Logging.Abstractions;
|
||||
using Microsoft.Extensions.Options;
|
||||
using StellaOps.Cryptography.Plugin.EIDAS;
|
||||
using StellaOps.Cryptography.Plugin.EIDAS.Configuration;
|
||||
using StellaOps.Cryptography.Plugin.EIDAS.DependencyInjection;
|
||||
using StellaOps.Cryptography.Plugin.EIDAS.Models;
|
||||
using Xunit;
|
||||
|
||||
using StellaOps.TestKit;
|
||||
namespace StellaOps.Cryptography.Plugin.EIDAS.Tests;
|
||||
|
||||
public class EidasCryptoProviderTests : IDisposable
|
||||
public partial class EidasCryptoProviderTests : IDisposable
|
||||
{
|
||||
private readonly ServiceProvider _serviceProvider;
|
||||
private static readonly DateTimeOffset FixedUtcNow = new(2026, 1, 1, 0, 0, 0, TimeSpan.Zero);
|
||||
private const string KeystorePassword = "test-password";
|
||||
|
||||
private readonly HttpClient _httpClient;
|
||||
private readonly EidasCryptoProvider _provider;
|
||||
private readonly string _keystorePath;
|
||||
private const string KeystorePassword = "test-password";
|
||||
|
||||
public EidasCryptoProviderTests()
|
||||
{
|
||||
_keystorePath = CreateTestKeystore();
|
||||
var services = new ServiceCollection();
|
||||
var options = CreateOptions(_keystorePath);
|
||||
|
||||
// Configure eIDAS options
|
||||
services.Configure<EidasOptions>(options =>
|
||||
{
|
||||
options.SignatureLevel = SignatureLevel.AdES;
|
||||
options.SignatureFormat = SignatureFormat.CAdES;
|
||||
options.DefaultAlgorithm = "ECDSA-P256";
|
||||
options.DigestAlgorithm = "SHA256";
|
||||
_httpClient = new HttpClient();
|
||||
var tspClient = new TrustServiceProviderClient(
|
||||
NullLogger<TrustServiceProviderClient>.Instance,
|
||||
_httpClient,
|
||||
options);
|
||||
var localProvider = new LocalEidasProvider(
|
||||
NullLogger<LocalEidasProvider>.Instance,
|
||||
options);
|
||||
|
||||
// Add test key configuration
|
||||
options.Keys.Add(new EidasKeyConfig
|
||||
{
|
||||
KeyId = "test-key-local",
|
||||
Source = "local"
|
||||
});
|
||||
|
||||
options.Keys.Add(new EidasKeyConfig
|
||||
{
|
||||
KeyId = "test-key-tsp",
|
||||
Source = "tsp"
|
||||
});
|
||||
|
||||
// Configure local signing (stub)
|
||||
options.Local = new LocalSigningOptions
|
||||
{
|
||||
Type = "PKCS12",
|
||||
Path = _keystorePath,
|
||||
Password = KeystorePassword
|
||||
};
|
||||
|
||||
// Configure TSP (stub)
|
||||
options.Tsp = new TspOptions
|
||||
{
|
||||
Endpoint = "https://tsp.example.com",
|
||||
ApiKey = "test-api-key"
|
||||
};
|
||||
});
|
||||
|
||||
services.AddLogging(builder => builder.AddConsole().SetMinimumLevel(LogLevel.Debug));
|
||||
services.AddHttpClient<TrustServiceProviderClient>();
|
||||
services.AddSingleton<LocalEidasProvider>();
|
||||
services.AddSingleton<ICryptoProvider, EidasCryptoProvider>();
|
||||
|
||||
_serviceProvider = services.BuildServiceProvider();
|
||||
_provider = _serviceProvider.GetRequiredService<ICryptoProvider>() as EidasCryptoProvider
|
||||
?? throw new InvalidOperationException("Failed to resolve EidasCryptoProvider");
|
||||
_provider = new EidasCryptoProvider(
|
||||
NullLogger<EidasCryptoProvider>.Instance,
|
||||
options,
|
||||
tspClient,
|
||||
localProvider);
|
||||
}
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
_serviceProvider.Dispose();
|
||||
_httpClient.Dispose();
|
||||
|
||||
if (File.Exists(_keystorePath))
|
||||
{
|
||||
@@ -87,6 +53,43 @@ public class EidasCryptoProviderTests : IDisposable
|
||||
}
|
||||
}
|
||||
|
||||
private static IOptions<EidasOptions> CreateOptions(string keystorePath)
|
||||
{
|
||||
var options = new EidasOptions
|
||||
{
|
||||
SignatureLevel = SignatureLevel.AdES,
|
||||
SignatureFormat = SignatureFormat.CAdES,
|
||||
DefaultAlgorithm = "ECDSA-P256",
|
||||
DigestAlgorithm = "SHA256",
|
||||
Local = new LocalSigningOptions
|
||||
{
|
||||
Type = "PKCS12",
|
||||
Path = keystorePath,
|
||||
Password = KeystorePassword
|
||||
},
|
||||
Tsp = new TspOptions
|
||||
{
|
||||
Endpoint = "https://tsp.example.com",
|
||||
ApiKey = "test-api-key",
|
||||
TimeoutSeconds = 30
|
||||
}
|
||||
};
|
||||
|
||||
options.Keys.Add(new EidasKeyConfig
|
||||
{
|
||||
KeyId = "test-key-local",
|
||||
Source = "local"
|
||||
});
|
||||
|
||||
options.Keys.Add(new EidasKeyConfig
|
||||
{
|
||||
KeyId = "test-key-tsp",
|
||||
Source = "tsp"
|
||||
});
|
||||
|
||||
return Options.Create(options);
|
||||
}
|
||||
|
||||
private static string CreateTestKeystore()
|
||||
{
|
||||
var path = Path.Combine(Path.GetTempPath(), $"eidas-test-{Guid.NewGuid():N}.p12");
|
||||
@@ -106,229 +109,4 @@ public class EidasCryptoProviderTests : IDisposable
|
||||
|
||||
return path;
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void Provider_Name_IsEidas()
|
||||
{
|
||||
Assert.Equal("eidas", _provider.Name);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Theory]
|
||||
[InlineData(CryptoCapability.Signing, "ECDSA-P256", true)]
|
||||
[InlineData(CryptoCapability.Signing, "ECDSA-P384", true)]
|
||||
[InlineData(CryptoCapability.Signing, "ECDSA-P521", true)]
|
||||
[InlineData(CryptoCapability.Signing, "RSA-PSS-2048", true)]
|
||||
[InlineData(CryptoCapability.Signing, "RSA-PSS-4096", true)]
|
||||
[InlineData(CryptoCapability.Signing, "EdDSA-Ed25519", true)]
|
||||
[InlineData(CryptoCapability.Signing, "EdDSA-Ed448", true)]
|
||||
[InlineData(CryptoCapability.Verification, "ECDSA-P256", true)]
|
||||
[InlineData(CryptoCapability.Signing, "UNKNOWN-ALGO", false)]
|
||||
[InlineData(CryptoCapability.ContentHashing, "ECDSA-P256", false)]
|
||||
[InlineData(CryptoCapability.PasswordHashing, "ECDSA-P256", false)]
|
||||
public void Supports_ReturnsExpectedResults(CryptoCapability capability, string algorithmId, bool expected)
|
||||
{
|
||||
var result = _provider.Supports(capability, algorithmId);
|
||||
Assert.Equal(expected, result);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void GetPasswordHasher_ThrowsNotSupported()
|
||||
{
|
||||
Assert.Throws<NotSupportedException>(() => _provider.GetPasswordHasher("PBKDF2"));
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void GetHasher_ThrowsNotSupported()
|
||||
{
|
||||
Assert.Throws<NotSupportedException>(() => _provider.GetHasher("SHA256"));
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void GetSigner_ReturnsEidasSigner()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-key-local");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
Assert.NotNull(signer);
|
||||
Assert.Equal("test-key-local", signer.KeyId);
|
||||
Assert.Equal("ECDSA-P256", signer.AlgorithmId);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void UpsertSigningKey_AddsKey()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-upsert");
|
||||
var signingKey = new CryptoSigningKey(
|
||||
keyRef,
|
||||
"ECDSA-P256",
|
||||
new byte[] { 1, 2, 3, 4 },
|
||||
DateTimeOffset.UtcNow
|
||||
);
|
||||
|
||||
_provider.UpsertSigningKey(signingKey);
|
||||
|
||||
var keys = _provider.GetSigningKeys();
|
||||
Assert.Contains(keys, k => k.Reference.KeyId == "test-upsert");
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void RemoveSigningKey_RemovesKey()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-remove");
|
||||
var signingKey = new CryptoSigningKey(
|
||||
keyRef,
|
||||
"ECDSA-P256",
|
||||
new byte[] { 1, 2, 3, 4 },
|
||||
DateTimeOffset.UtcNow
|
||||
);
|
||||
|
||||
_provider.UpsertSigningKey(signingKey);
|
||||
Assert.Contains(_provider.GetSigningKeys(), k => k.Reference.KeyId == "test-remove");
|
||||
|
||||
var removed = _provider.RemoveSigningKey("test-remove");
|
||||
Assert.True(removed);
|
||||
Assert.DoesNotContain(_provider.GetSigningKeys(), k => k.Reference.KeyId == "test-remove");
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void RemoveSigningKey_ReturnsFalseForNonExistentKey()
|
||||
{
|
||||
var removed = _provider.RemoveSigningKey("non-existent-key");
|
||||
Assert.False(removed);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public async Task SignAsync_WithLocalKey_ReturnsSignature()
|
||||
{
|
||||
// Note: This test will use the stub implementation
|
||||
// In production, would require actual PKCS#12 keystore
|
||||
|
||||
var keyRef = new CryptoKeyReference("test-key-local");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
var data = "Test data for signing"u8.ToArray();
|
||||
var signature = await signer.SignAsync(data);
|
||||
|
||||
Assert.NotNull(signature);
|
||||
Assert.NotEmpty(signature);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public async Task VerifyAsync_WithLocalKey_ReturnsTrue()
|
||||
{
|
||||
// Note: This test will use the stub implementation
|
||||
// In production, would require actual PKCS#12 keystore
|
||||
|
||||
var keyRef = new CryptoKeyReference("test-key-local");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
var data = "Test data for verification"u8.ToArray();
|
||||
var signature = await signer.SignAsync(data);
|
||||
var isValid = await signer.VerifyAsync(data, signature);
|
||||
|
||||
Assert.True(isValid);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public async Task SignAsync_WithTspKey_ReturnsSignature()
|
||||
{
|
||||
// Note: This test will use the stub TSP implementation
|
||||
// In production, would call actual TSP API
|
||||
|
||||
var keyRef = new CryptoKeyReference("test-key-tsp");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
var data = "Test data for TSP signing"u8.ToArray();
|
||||
var signature = await signer.SignAsync(data);
|
||||
|
||||
Assert.NotNull(signature);
|
||||
Assert.NotEmpty(signature);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void ExportPublicJsonWebKey_ReturnsStubJwk()
|
||||
{
|
||||
var keyRef = new CryptoKeyReference("test-key-local");
|
||||
var signer = _provider.GetSigner("ECDSA-P256", keyRef);
|
||||
|
||||
var jwk = signer.ExportPublicJsonWebKey();
|
||||
|
||||
Assert.NotNull(jwk);
|
||||
Assert.Equal("EC", jwk.Kty);
|
||||
Assert.Equal("P-256", jwk.Crv);
|
||||
Assert.Equal("sig", jwk.Use);
|
||||
Assert.Equal("test-key-local", jwk.Kid);
|
||||
}
|
||||
}
|
||||
|
||||
public class EidasDependencyInjectionTests
|
||||
{
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void AddEidasCryptoProviders_RegistersServices()
|
||||
{
|
||||
var services = new ServiceCollection();
|
||||
var configuration = new ConfigurationBuilder()
|
||||
.AddInMemoryCollection(new Dictionary<string, string?>
|
||||
{
|
||||
["StellaOps:Crypto:Profiles:eidas:SignatureLevel"] = "AdES",
|
||||
["StellaOps:Crypto:Profiles:eidas:SignatureFormat"] = "CAdES",
|
||||
["StellaOps:Crypto:Profiles:eidas:DefaultAlgorithm"] = "ECDSA-P256",
|
||||
["StellaOps:Crypto:Profiles:eidas:Tsp:Endpoint"] = "https://tsp.example.com",
|
||||
["StellaOps:Crypto:Profiles:eidas:Tsp:ApiKey"] = "test-api-key"
|
||||
})
|
||||
.Build();
|
||||
|
||||
services.AddLogging();
|
||||
services.AddEidasCryptoProviders(configuration);
|
||||
|
||||
var serviceProvider = services.BuildServiceProvider();
|
||||
|
||||
var provider = serviceProvider.GetService<ICryptoProvider>();
|
||||
Assert.NotNull(provider);
|
||||
Assert.IsType<EidasCryptoProvider>(provider);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void AddEidasCryptoProviders_WithAction_RegistersServices()
|
||||
{
|
||||
var services = new ServiceCollection();
|
||||
|
||||
services.AddLogging();
|
||||
services.AddEidasCryptoProviders(options =>
|
||||
{
|
||||
options.SignatureLevel = SignatureLevel.QES;
|
||||
options.SignatureFormat = SignatureFormat.XAdES;
|
||||
options.DefaultAlgorithm = "RSA-PSS-4096";
|
||||
options.Tsp = new TspOptions
|
||||
{
|
||||
Endpoint = "https://tsp.example.com",
|
||||
ApiKey = "test-api-key"
|
||||
};
|
||||
});
|
||||
|
||||
var serviceProvider = services.BuildServiceProvider();
|
||||
|
||||
var provider = serviceProvider.GetService<ICryptoProvider>();
|
||||
Assert.NotNull(provider);
|
||||
Assert.IsType<EidasCryptoProvider>(provider);
|
||||
|
||||
var eidasOptions = serviceProvider.GetRequiredService<IOptions<EidasOptions>>().Value;
|
||||
Assert.Equal(SignatureLevel.QES, eidasOptions.SignatureLevel);
|
||||
Assert.Equal(SignatureFormat.XAdES, eidasOptions.SignatureFormat);
|
||||
Assert.Equal("RSA-PSS-4096", eidasOptions.DefaultAlgorithm);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,85 @@
|
||||
// SPDX-License-Identifier: BUSL-1.1
|
||||
// Sprint: SPRINT_4100_0006_0002 - eIDAS Crypto Plugin Tests
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Options;
|
||||
using StellaOps.Cryptography;
|
||||
using StellaOps.Cryptography.Plugin.EIDAS;
|
||||
using StellaOps.Cryptography.Plugin.EIDAS.Configuration;
|
||||
using StellaOps.Cryptography.Plugin.EIDAS.DependencyInjection;
|
||||
using StellaOps.Cryptography.Plugin.EIDAS.Models;
|
||||
using StellaOps.TestKit;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Cryptography.Plugin.EIDAS.Tests;
|
||||
|
||||
public class EidasDependencyInjectionTests
|
||||
{
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void AddEidasCryptoProviders_RegistersServices()
|
||||
{
|
||||
var services = new ServiceCollection();
|
||||
var configuration = new ConfigurationBuilder()
|
||||
.AddInMemoryCollection(new Dictionary<string, string?>
|
||||
{
|
||||
["StellaOps:Crypto:Profiles:eidas:SignatureLevel"] = "AdES",
|
||||
["StellaOps:Crypto:Profiles:eidas:SignatureFormat"] = "CAdES",
|
||||
["StellaOps:Crypto:Profiles:eidas:DefaultAlgorithm"] = "ECDSA-P256",
|
||||
["StellaOps:Crypto:Profiles:eidas:Tsp:Endpoint"] = "https://tsp.example.com",
|
||||
["StellaOps:Crypto:Profiles:eidas:Tsp:ApiKey"] = "test-api-key"
|
||||
})
|
||||
.Build();
|
||||
|
||||
services.AddEidasCryptoProviders(configuration);
|
||||
|
||||
AssertServiceRegistered<ICryptoProvider, EidasCryptoProvider>(services, ServiceLifetime.Singleton);
|
||||
AssertServiceRegistered<LocalEidasProvider, LocalEidasProvider>(services, ServiceLifetime.Singleton);
|
||||
AssertServiceRegistered<TrustServiceProviderClient>(services);
|
||||
AssertServiceRegistered<IConfigureOptions<EidasOptions>>(services);
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public void AddEidasCryptoProviders_WithAction_RegistersServices()
|
||||
{
|
||||
var services = new ServiceCollection();
|
||||
|
||||
services.AddEidasCryptoProviders(options =>
|
||||
{
|
||||
options.SignatureLevel = SignatureLevel.QES;
|
||||
options.SignatureFormat = SignatureFormat.XAdES;
|
||||
options.DefaultAlgorithm = "RSA-PSS-4096";
|
||||
options.Tsp = new TspOptions
|
||||
{
|
||||
Endpoint = "https://tsp.example.com",
|
||||
ApiKey = "test-api-key"
|
||||
};
|
||||
});
|
||||
|
||||
AssertServiceRegistered<ICryptoProvider, EidasCryptoProvider>(services, ServiceLifetime.Singleton);
|
||||
AssertServiceRegistered<LocalEidasProvider, LocalEidasProvider>(services, ServiceLifetime.Singleton);
|
||||
AssertServiceRegistered<TrustServiceProviderClient>(services);
|
||||
AssertServiceRegistered<IConfigureOptions<EidasOptions>>(services);
|
||||
}
|
||||
|
||||
private static void AssertServiceRegistered<TService, TImplementation>(
|
||||
IServiceCollection services,
|
||||
ServiceLifetime lifetime)
|
||||
{
|
||||
var descriptor = services.LastOrDefault(service => service.ServiceType == typeof(TService));
|
||||
|
||||
Assert.NotNull(descriptor);
|
||||
Assert.Equal(typeof(TImplementation), descriptor.ImplementationType);
|
||||
Assert.Equal(lifetime, descriptor.Lifetime);
|
||||
}
|
||||
|
||||
private static void AssertServiceRegistered<TService>(IServiceCollection services)
|
||||
{
|
||||
var hasService = services.Any(service => service.ServiceType == typeof(TService));
|
||||
|
||||
Assert.True(hasService, $"Missing service registration for {typeof(TService).Name}.");
|
||||
}
|
||||
}
|
||||
@@ -9,3 +9,4 @@ Source of truth: `docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229
|
||||
| AUDIT-0056-T | DONE | Revalidated 2026-01-08; open findings tracked in audit report. |
|
||||
| AUDIT-0056-A | DONE | Waived (test project; revalidated 2026-01-08). |
|
||||
| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
|
||||
| REMED-05 | DONE | Split tests into <=100-line partials, removed service locator, added missing key test; `dotnet test src/__Libraries/StellaOps.Cryptography.Plugin.EIDAS.Tests/StellaOps.Cryptography.Plugin.EIDAS.Tests.csproj -p:BuildInParallel=false -p:UseSharedCompilation=false` passed (25 tests). |
|
||||
|
||||
Reference in New Issue
Block a user