audit, advisories and doctors/setup work

devops/services/crypto/sim-crypto-service/__Tests/SimCryptoService.Tests/GlobalUsings.cs

@@ -0,0 +1 @@
+global using Xunit;

devops/services/crypto/sim-crypto-service/__Tests/SimCryptoService.Tests/SimCryptoService.Tests.csproj

@@ -0,0 +1,20 @@
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <TargetFramework>net10.0</TargetFramework>
+    <IsTestProject>true</IsTestProject>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <LangVersion>preview</LangVersion>
+    <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
+  </PropertyGroup>
+  <ItemGroup>
+    <PackageReference Include="FluentAssertions" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" />
+    <PackageReference Include="xunit" />
+    <PackageReference Include="xunit.runner.visualstudio" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\..\SimCryptoService.csproj" />
+  </ItemGroup>
+</Project>

devops/services/crypto/sim-crypto-service/__Tests/SimCryptoService.Tests/SimCryptoServiceTests.cs

@@ -0,0 +1,68 @@
+using System.Net.Http.Json;
+using System.Text.Json.Serialization;
+using FluentAssertions;
+using Microsoft.AspNetCore.Mvc.Testing;
+
+namespace SimCryptoService.Tests;
+
+public sealed class SimCryptoServiceTests : IClassFixture<WebApplicationFactory<Program>>
+{
+    private readonly WebApplicationFactory<Program> _factory;
+
+    public SimCryptoServiceTests(WebApplicationFactory<Program> factory)
+    {
+        _factory = factory;
+    }
+
+    [Fact]
+    public async Task SignThenVerify_ReturnsOk()
+    {
+        using var client = _factory.CreateClient();
+        var signResponse = await client.PostAsJsonAsync("/sign", new SignRequest("hello", "SM2"));
+        signResponse.IsSuccessStatusCode.Should().BeTrue();
+
+        var signPayload = await signResponse.Content.ReadFromJsonAsync<SignResponse>();
+        signPayload.Should().NotBeNull();
+        signPayload!.SignatureBase64.Should().NotBeNullOrWhiteSpace();
+
+        var verifyResponse = await client.PostAsJsonAsync("/verify", new VerifyRequest("hello", signPayload.SignatureBase64, "SM2"));
+        verifyResponse.IsSuccessStatusCode.Should().BeTrue();
+
+        var verifyPayload = await verifyResponse.Content.ReadFromJsonAsync<VerifyResponse>();
+        verifyPayload.Should().NotBeNull();
+        verifyPayload!.Ok.Should().BeTrue();
+    }
+
+    [Fact]
+    public async Task Keys_ReturnsAlgorithmsAndKey()
+    {
+        using var client = _factory.CreateClient();
+        var response = await client.GetFromJsonAsync<KeysResponse>("/keys");
+        response.Should().NotBeNull();
+        response!.PublicKeyBase64.Should().NotBeNullOrWhiteSpace();
+        response.SimulatedProviders.Should().Contain("SM2");
+        response.SimulatedProviders.Should().Contain("GOST12-256");
+    }
+
+    private sealed record SignRequest(
+        [property: JsonPropertyName("message")] string Message,
+        [property: JsonPropertyName("algorithm")] string Algorithm);
+
+    private sealed record SignResponse(
+        [property: JsonPropertyName("signature_b64")] string SignatureBase64,
+        [property: JsonPropertyName("algorithm")] string Algorithm);
+
+    private sealed record VerifyRequest(
+        [property: JsonPropertyName("message")] string Message,
+        [property: JsonPropertyName("signature_b64")] string SignatureBase64,
+        [property: JsonPropertyName("algorithm")] string Algorithm);
+
+    private sealed record VerifyResponse(
+        [property: JsonPropertyName("ok")] bool Ok,
+        [property: JsonPropertyName("algorithm")] string Algorithm);
+
+    private sealed record KeysResponse(
+        [property: JsonPropertyName("public_key_b64")] string PublicKeyBase64,
+        [property: JsonPropertyName("curve")] string Curve,
+        [property: JsonPropertyName("simulated_providers")] string[] SimulatedProviders);
+}