stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Refactor code structure and optimize performance across multiple modules

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-26 20:03:22 +02:00
parent c786faae84
commit f10d83c444
1385 changed files with 69732 additions and 10280 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
src/Attestor/__Tests/StellaOps.Attestor.Offline.Tests/FileSystemRootStoreTests.cs
View File

@@ -37,7 +37,8 @@ public class FileSystemRootStoreTests : IDisposable
}
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task GetFulcioRootsAsync_WithNoCertificates_ReturnsEmptyCollection()
{
// Arrange
@@ -51,7 +52,8 @@ public class FileSystemRootStoreTests : IDisposable
roots.Should().BeEmpty();
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task GetFulcioRootsAsync_WithPemFile_ReturnsCertificates()
{
// Arrange
@@ -70,7 +72,8 @@ public class FileSystemRootStoreTests : IDisposable
roots[0].Subject.Should().Be("CN=Test Fulcio Root");
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task GetFulcioRootsAsync_WithDirectory_LoadsAllPemFiles()
{
// Arrange
@@ -93,7 +96,8 @@ public class FileSystemRootStoreTests : IDisposable
roots.Should().HaveCount(2);
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task GetFulcioRootsAsync_CachesCertificates_OnSecondCall()
{
// Arrange
@@ -115,7 +119,8 @@ public class FileSystemRootStoreTests : IDisposable
roots1[0].Subject.Should().Be(roots2[0].Subject);
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task ImportRootsAsync_WithValidPem_SavesCertificates()
{
// Arrange
@@ -136,7 +141,8 @@ public class FileSystemRootStoreTests : IDisposable
Directory.EnumerateFiles(targetDir, "*.pem").Should().HaveCount(1);
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task ImportRootsAsync_WithMissingFile_ThrowsFileNotFoundException()
{
// Arrange
@@ -148,7 +154,8 @@ public class FileSystemRootStoreTests : IDisposable
() => store.ImportRootsAsync("/nonexistent/path.pem", RootType.Fulcio));
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task ImportRootsAsync_InvalidatesCacheAfterImport()
{
// Arrange
@@ -178,7 +185,8 @@ public class FileSystemRootStoreTests : IDisposable
updatedRoots.Should().HaveCount(2);
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task ListRootsAsync_ReturnsCorrectInfo()
{
// Arrange
@@ -200,7 +208,8 @@ public class FileSystemRootStoreTests : IDisposable
roots[0].Thumbprint.Should().NotBeNullOrEmpty();
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task GetOrgKeyByIdAsync_WithMatchingThumbprint_ReturnsCertificate()
{
// Arrange
@@ -227,7 +236,8 @@ public class FileSystemRootStoreTests : IDisposable
found!.Subject.Should().Be("CN=Org Signing Key");
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task GetOrgKeyByIdAsync_WithNoMatch_ReturnsNull()
{
// Arrange
@@ -246,7 +256,8 @@ public class FileSystemRootStoreTests : IDisposable
found.Should().BeNull();
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task GetRekorKeysAsync_WithPemFile_ReturnsCertificates()
{
// Arrange
@@ -265,7 +276,8 @@ public class FileSystemRootStoreTests : IDisposable
keys[0].Subject.Should().Be("CN=Rekor Key");
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task LoadPem_WithMultipleCertificates_ReturnsAll()
{
// Arrange
@@ -286,7 +298,8 @@ public class FileSystemRootStoreTests : IDisposable
roots.Should().HaveCount(3);
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task GetFulcioRootsAsync_WithOfflineKitPath_LoadsFromKit()
{
// Arrange
@@ -335,6 +348,7 @@ public class FileSystemRootStoreTests : IDisposable
private static X509Certificate2 CreateTestCertificate(string subject)
{
using var rsa = RSA.Create(2048);
using StellaOps.TestKit;
var request = new CertificateRequest(
subject,
rsa,

28
src/Attestor/__Tests/StellaOps.Attestor.Offline.Tests/OfflineCertChainValidatorTests.cs
View File

@@ -32,7 +32,8 @@ public class OfflineCertChainValidatorTests
_config = Options.Create(new OfflineVerificationConfig());
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestation_WithValidCertChain_ChainIsValid()
{
// Arrange
@@ -55,7 +56,8 @@ public class OfflineCertChainValidatorTests
result.Issues.Should().NotContain(i => i.Code.Contains("CERT"));
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestation_WithUntrustedRoot_ChainIsInvalid()
{
// Arrange
@@ -80,7 +82,8 @@ public class OfflineCertChainValidatorTests
result.Issues.Should().Contain(i => i.Code.StartsWith("CERT"));
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestation_WithMissingCertChain_ReturnsIssue()
{
// Arrange
@@ -102,7 +105,8 @@ public class OfflineCertChainValidatorTests
result.Issues.Should().Contain(i => i.Code.StartsWith("CERT") || i.Code.Contains("CHAIN"));
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestation_WithExpiredCert_ChainIsInvalid()
{
// Arrange
@@ -126,7 +130,8 @@ public class OfflineCertChainValidatorTests
result.Issues.Should().Contain(i => i.Code.StartsWith("CERT"));
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestation_WithNotYetValidCert_ChainIsInvalid()
{
// Arrange
@@ -150,7 +155,8 @@ public class OfflineCertChainValidatorTests
result.Issues.Should().Contain(i => i.Code.StartsWith("CERT"));
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyBundle_WithMultipleAttestations_ValidatesCertChainsForAll()
{
// Arrange
@@ -176,7 +182,8 @@ public class OfflineCertChainValidatorTests
result.CertificateChainValid.Should().BeTrue();
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestation_CertChainValidationSkipped_WhenDisabled()
{
// Arrange
@@ -197,7 +204,8 @@ public class OfflineCertChainValidatorTests
result.Issues.Should().NotContain(i => i.Code.Contains("CERT_CHAIN"));
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestation_WithSelfSignedLeaf_ChainIsInvalid()
{
// Arrange
@@ -220,7 +228,8 @@ public class OfflineCertChainValidatorTests
result.CertificateChainValid.Should().BeFalse();
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestation_WithEmptyRootStore_ChainIsInvalid()
{
// Arrange
@@ -338,6 +347,7 @@ public class OfflineCertChainValidatorTests
private static X509Certificate2 CreateFutureCertificate(string subject)
{
using var rsa = RSA.Create(2048);
using StellaOps.TestKit;
var request = new CertificateRequest(
subject,
rsa,

28
src/Attestor/__Tests/StellaOps.Attestor.Offline.Tests/OfflineVerifierTests.cs
View File

@@ -20,6 +20,7 @@ using StellaOps.Attestor.ProofChain.Merkle;
// Alias to resolve ambiguity
using Severity = StellaOps.Attestor.Offline.Models.VerificationIssueSeverity;
using StellaOps.TestKit;
namespace StellaOps.Attestor.Offline.Tests;
public class OfflineVerifierTests
@@ -44,7 +45,8 @@ public class OfflineVerifierTests
.ReturnsAsync(new X509Certificate2Collection());
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyBundleAsync_ValidBundle_ReturnsValid()
{
// Arrange
@@ -66,7 +68,8 @@ public class OfflineVerifierTests
result.Issues.Should().BeEmpty();
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyBundleAsync_TamperedMerkleRoot_ReturnsInvalid()
{
// Arrange
@@ -99,7 +102,8 @@ public class OfflineVerifierTests
result.Issues.Should().Contain(i => i.Code == "MERKLE_ROOT_MISMATCH");
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyBundleAsync_MissingOrgSignature_WhenRequired_ReturnsInvalid()
{
// Arrange
@@ -122,7 +126,8 @@ public class OfflineVerifierTests
result.Issues.Should().Contain(i => i.Code == "ORG_SIG_MISSING");
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyBundleAsync_WithValidOrgSignature_ReturnsValid()
{
// Arrange
@@ -159,7 +164,8 @@ public class OfflineVerifierTests
result.OrgSignatureKeyId.Should().Be("org-key-2025");
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestationAsync_ValidAttestation_ReturnsValid()
{
// Arrange
@@ -179,7 +185,8 @@ public class OfflineVerifierTests
result.SignaturesValid.Should().BeTrue();
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyAttestationAsync_EmptySignature_ReturnsInvalid()
{
// Arrange
@@ -210,7 +217,8 @@ public class OfflineVerifierTests
result.Issues.Should().Contain(i => i.Code == "DSSE_NO_SIGNATURES");
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task GetVerificationSummariesAsync_ReturnsAllAttestations()
{
// Arrange
@@ -230,7 +238,8 @@ public class OfflineVerifierTests
summaries.Should().OnlyContain(s => s.VerificationStatus == AttestationVerificationStatus.Valid);
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyBundleAsync_StrictMode_FailsOnWarnings()
{
// Arrange
@@ -269,7 +278,8 @@ public class OfflineVerifierTests
result.Issues.Should().Contain(i => i.Severity == Severity.Warning);
}
[Fact]
[Trait("Category", TestCategories.Unit)]
[Fact]
public async Task VerifyBundleAsync_DeterministicOrdering_SameMerkleValidation()
{
// Arrange