consolidation of some of the modules, localization fixes, product advisories work, qa work
This commit is contained in:
@@ -0,0 +1,49 @@
|
||||
using System.Text;
|
||||
using FluentAssertions;
|
||||
using System.Threading.Tasks;
|
||||
using StellaOps.Provenance.Attestation;
|
||||
using StellaOps.Cryptography;
|
||||
using Xunit;
|
||||
|
||||
using StellaOps.TestKit;
|
||||
namespace StellaOps.Provenance.Attestation.Tests;
|
||||
|
||||
public class VerificationTests
|
||||
{
|
||||
private const string Payload = "{\"hello\":\"world\"}";
|
||||
private const string ContentType = "application/json";
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public async Task Verifier_accepts_valid_signature()
|
||||
{
|
||||
var key = new InMemoryKeyProvider("test-key", Encoding.UTF8.GetBytes("secret"));
|
||||
var signer = new HmacSigner(key, DefaultCryptoHmac.CreateForTests());
|
||||
var verifier = new HmacVerifier(key);
|
||||
|
||||
var request = new SignRequest(Encoding.UTF8.GetBytes(Payload), ContentType);
|
||||
var signature = await signer.SignAsync(request);
|
||||
|
||||
var result = await verifier.VerifyAsync(request, signature);
|
||||
result.IsValid.Should().BeTrue();
|
||||
result.Reason.Should().Be("verified");
|
||||
}
|
||||
|
||||
[Trait("Category", TestCategories.Unit)]
|
||||
[Fact]
|
||||
public async Task Verifier_rejects_tampered_payload()
|
||||
{
|
||||
var key = new InMemoryKeyProvider("test-key", Encoding.UTF8.GetBytes("secret"));
|
||||
var signer = new HmacSigner(key, DefaultCryptoHmac.CreateForTests());
|
||||
var verifier = new HmacVerifier(key);
|
||||
|
||||
var request = new SignRequest(Encoding.UTF8.GetBytes(Payload), ContentType);
|
||||
var signature = await signer.SignAsync(request);
|
||||
|
||||
var tampered = new SignRequest(Encoding.UTF8.GetBytes(Payload + "-tampered"), ContentType);
|
||||
var result = await verifier.VerifyAsync(tampered, signature);
|
||||
|
||||
result.IsValid.Should().BeFalse();
|
||||
result.Reason.Should().Be("signature or time invalid");
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user