52 lines
1.7 KiB
C#
52 lines
1.7 KiB
C#
#if STELLAOPS_CRYPTO_PRO
|
|
using System;
|
|
using System.Security.Cryptography;
|
|
using System.Security.Cryptography.X509Certificates;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
using StellaOps.Cryptography;
|
|
using StellaOps.Cryptography.Plugin.CryptoPro;
|
|
using Xunit;
|
|
|
|
namespace StellaOps.Cryptography.Tests;
|
|
|
|
public class CryptoProGostSignerTests
|
|
{
|
|
[Fact]
|
|
public void ExportPublicJsonWebKey_ContainsCertificateChain()
|
|
{
|
|
if (!OperatingSystem.IsWindows())
|
|
{
|
|
return; // CryptoPro CSP is Windows-only; skip on other platforms
|
|
}
|
|
|
|
if (!string.Equals(Environment.GetEnvironmentVariable("STELLAOPS_CRYPTO_PRO_ENABLED"), "1", StringComparison.Ordinal))
|
|
{
|
|
return; // opt-in only when a Windows agent has CryptoPro CSP installed
|
|
}
|
|
|
|
using var ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP256);
|
|
var request = new CertificateRequest("CN=stellaops.test", ecdsa, HashAlgorithmName.SHA256);
|
|
using var cert = request.CreateSelfSigned(DateTimeOffset.UtcNow.AddDays(-1), DateTimeOffset.UtcNow.AddDays(1));
|
|
|
|
var entry = new CryptoProGostKeyEntry(
|
|
"test-key",
|
|
SignatureAlgorithms.GostR3410_2012_256,
|
|
cert,
|
|
"provider",
|
|
containerName: null,
|
|
useMachineKeyStore: false,
|
|
signatureFormat: GostSignatureFormat.Der);
|
|
|
|
var signer = new CryptoProGostSigner(entry);
|
|
|
|
var jwk = signer.ExportPublicJsonWebKey();
|
|
|
|
Assert.Equal("test-key", jwk.Kid);
|
|
Assert.Equal(SignatureAlgorithms.GostR3410_2012_256, jwk.Alg);
|
|
Assert.Equal(JsonWebKeyUseNames.Sig, jwk.Use);
|
|
Assert.Single(jwk.X5c);
|
|
Assert.Equal("EC", jwk.Kty);
|
|
}
|
|
}
|
|
#endif
|