Add comprehensive tests for Go and Python version conflict detection and licensing normalization

- Implemented GoVersionConflictDetectorTests to validate pseudo-version detection, conflict analysis, and conflict retrieval for Go modules. - Created VersionConflictDetectorTests for Python to assess conflict detection across various version scenarios, including major, minor, and patch differences. - Added SpdxLicenseNormalizerTests to ensure accurate normalization of SPDX license strings and classifiers. - Developed VendoredPackageDetectorTests to identify vendored packages and extract embedded packages from Python packages, including handling of vendor directories and known vendored packages.
2025-12-07 01:51:37 +02:00
parent 98934170ca
commit e0f6efecce
66 changed files with 7591 additions and 451 deletions
--- a/src/Authority/StellaOps.Authority/StellaOps.Authority/Signing/FileAuthoritySigningKeySource.cs
+++ b/src/Authority/StellaOps.Authority/StellaOps.Authority/Signing/FileAuthoritySigningKeySource.cs
@@ -29,20 +29,7 @@ internal sealed class FileAuthoritySigningKeySource : IAuthoritySigningKeySource
            throw new FileNotFoundException($"Authority signing key '{request.KeyId}' not found.", path);
        }

-        var pem = File.ReadAllText(path);
-
-        using var ecdsa = ECDsa.Create();
-        try
-        {
-            ecdsa.ImportFromPem(pem);
-        }
-        catch (CryptographicException ex)
-        {
-            logger.LogError(ex, "Failed to load Authority signing key {KeyId} from {Path}.", request.KeyId, path);
-            throw new InvalidOperationException("Failed to import Authority signing key. Ensure the PEM is an unencrypted EC private key.", ex);
-        }
-
-        var parameters = ecdsa.ExportParameters(includePrivateParameters: true);
+        var algorithm = request.Algorithm ?? SignatureAlgorithms.Es256;

        var metadata = new Dictionary<string, string?>(StringComparer.OrdinalIgnoreCase)
        {
@@ -66,15 +53,48 @@ internal sealed class FileAuthoritySigningKeySource : IAuthoritySigningKeySource

        metadata["status"] = request.Status;

+        CryptoSigningKey signingKey;
+
+        if (string.Equals(algorithm, SignatureAlgorithms.Sm2, StringComparison.OrdinalIgnoreCase))
+        {
+            var keyBytes = ReadKeyBytes(path);
+            signingKey = new CryptoSigningKey(
+                new CryptoKeyReference(request.KeyId, request.Provider),
+                algorithm,
+                keyBytes,
+                request.CreatedAt ?? DateTimeOffset.UtcNow,
+                request.ExpiresAt,
+                metadata: metadata);
+        }
+        else
+        {
+            var pem = File.ReadAllText(path);
+
+            using var ecdsa = ECDsa.Create();
+            try
+            {
+                ecdsa.ImportFromPem(pem);
+            }
+            catch (CryptographicException ex)
+            {
+                logger.LogError(ex, "Failed to load Authority signing key {KeyId} from {Path}.", request.KeyId, path);
+                throw new InvalidOperationException("Failed to import Authority signing key. Ensure the PEM is an unencrypted EC private key.", ex);
+            }
+
+            var parameters = ecdsa.ExportParameters(includePrivateParameters: true);
+
+            signingKey = new CryptoSigningKey(
+                new CryptoKeyReference(request.KeyId, request.Provider),
+                algorithm,
+                in parameters,
+                request.CreatedAt ?? DateTimeOffset.UtcNow,
+                request.ExpiresAt,
+                metadata);
+        }
+
        logger.LogInformation("Loaded Authority signing key {KeyId} from {Path}.", request.KeyId, path);

-        return new CryptoSigningKey(
-            new CryptoKeyReference(request.KeyId, request.Provider),
-            request.Algorithm,
-            in parameters,
-            request.CreatedAt ?? DateTimeOffset.UtcNow,
-            request.ExpiresAt,
-            metadata);
+        return signingKey;
    }

    private static string ResolvePath(string basePath, string location)
@@ -96,4 +116,25 @@ internal sealed class FileAuthoritySigningKeySource : IAuthoritySigningKeySource

        return Path.GetFullPath(Path.Combine(basePath, location));
    }
+
+    private static ReadOnlyMemory<byte> ReadKeyBytes(string path)
+    {
+        var text = File.ReadAllText(path);
+        if (text.Contains("BEGIN", StringComparison.OrdinalIgnoreCase))
+        {
+            var lines = text.Split(new[] { '\r', '\n' }, StringSplitOptions.RemoveEmptyEntries);
+            var builder = new System.Text.StringBuilder();
+            foreach (var line in lines)
+            {
+                if (line.StartsWith("-----", StringComparison.Ordinal))
+                {
+                    continue;
+                }
+                builder.Append(line.Trim());
+            }
+            return Convert.FromBase64String(builder.ToString());
+        }
+
+        return File.ReadAllBytes(path);
+    }
 }