using FluentAssertions; using StellaOps.Cryptography; using StellaOps.Cryptography.Plugin.BouncyCastle; using Xunit; namespace StellaOps.Cryptography.Tests; public sealed partial class BouncyCastleCapabilityDetectionTests { [Fact] public void GetSigner_UnregisteredKey_ThrowsKeyNotFound() { var keyReference = new CryptoKeyReference("unregistered-key", _provider.Name); Action act = () => _provider.GetSigner(SignatureAlgorithms.Ed25519, keyReference); act.Should().Throw() .WithMessage("*not registered*"); _output.WriteLine("✓ GetSigner throws KeyNotFoundException for unregistered key"); } [Fact] public void GetSigner_UnsupportedAlgorithm_ThrowsInvalidOperation() { var provider = new BouncyCastleEd25519CryptoProvider(); var keyId = "test-key"; var privateKeyBytes = Enumerable.Range(0, 32).Select(i => (byte)i).ToArray(); var keyReference = new CryptoKeyReference(keyId, provider.Name); var signingKey = new CryptoSigningKey( keyReference, SignatureAlgorithms.Ed25519, privateKeyBytes, createdAt: FixedNow); provider.UpsertSigningKey(signingKey); Action act = () => provider.GetSigner(SignatureAlgorithms.Es256, keyReference); act.Should().Throw() .WithMessage("*not supported*"); _output.WriteLine("✓ GetSigner throws InvalidOperationException for unsupported algorithm"); } [Fact] public void GetSigner_NullAlgorithm_ThrowsArgumentException() { var keyReference = new CryptoKeyReference("test-key", _provider.Name); Action act = () => _provider.GetSigner(null!, keyReference); act.Should().Throw(); _output.WriteLine("✓ GetSigner throws ArgumentException for null algorithm"); } [Fact] public void GetSigner_NullKeyReference_ThrowsArgumentNullException() { Action act = () => _provider.GetSigner(SignatureAlgorithms.Ed25519, null!); act.Should().Throw(); _output.WriteLine("✓ GetSigner throws ArgumentNullException for null key reference"); } }