stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

up
Some checks failed
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Policy Simulation / policy-simulate (push) Has been cancelled
Details
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Details
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Details
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Details

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-13 09:37:15 +02:00
parent e00f6365da
commit 6e45066e37
349 changed files with 17160 additions and 1867 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/Scanner/__Tests/StellaOps.Scanner.Reachability.Tests/RichGraphPublisherTests.cs
View File

@@ -1,3 +1,5 @@
using System;
using System.Text.Json;
using System.Threading.Tasks;
using StellaOps.Cryptography;
using StellaOps.Scanner.Reachability;
@@ -24,6 +26,46 @@ public class RichGraphPublisherTests
Assert.Contains(":", result.GraphHash); // hash format: algorithm:digest
Assert.StartsWith("cas://reachability/graphs/", result.CasUri);
Assert.StartsWith("cas://reachability/graphs/", result.DsseCasUri);
Assert.EndsWith(".dsse", result.DsseCasUri, StringComparison.Ordinal);
Assert.StartsWith("sha256:", result.DsseDigest, StringComparison.Ordinal);
Assert.Equal(1, result.NodeCount);
var casKey = result.CasUri[(result.CasUri.LastIndexOf('/') + 1)..];
var dsseKey = $"{casKey}.dsse";
var dsseBytes = cas.GetBytes(dsseKey);
Assert.NotNull(dsseBytes);
using var dsseDoc = JsonDocument.Parse(dsseBytes!);
Assert.Equal(
"application/vnd.stellaops.graph.predicate+json",
dsseDoc.RootElement.GetProperty("payloadType").GetString());
var payloadBase64Url = dsseDoc.RootElement.GetProperty("payload").GetString();
Assert.False(string.IsNullOrWhiteSpace(payloadBase64Url));
var payloadBytes = Base64UrlDecode(payloadBase64Url!);
using var payloadDoc = JsonDocument.Parse(payloadBytes);
Assert.Equal(
result.GraphHash,
payloadDoc.RootElement.GetProperty("hashes").GetProperty("graphHash").GetString());
Assert.Equal(
result.CasUri,
payloadDoc.RootElement.GetProperty("cas").GetProperty("location").GetString());
var signature = dsseDoc.RootElement.GetProperty("signatures")[0];
Assert.Equal("scanner-deterministic", signature.GetProperty("keyid").GetString());
}
private static byte[] Base64UrlDecode(string value)
{
var normalized = value.Replace('-', '+').Replace('_', '/');
var remainder = normalized.Length % 4;
if (remainder != 0)
{
normalized = normalized.PadRight(normalized.Length + (4 - remainder), '=');
}
return Convert.FromBase64String(normalized);
}
}