git.stella-ops.org/src/__Libraries/__Tests/StellaOps.Cryptography.Kms.Tests/CloudKmsClientTests.Fixture.Gcp.cs

using System.Text;
using StellaOps.Cryptography.Kms;

namespace StellaOps.Cryptography.Kms.Tests;

public sealed partial class CloudKmsClientTests
{
    private sealed class TestGcpFacade : IGcpKmsFacade
    {
        private readonly EcdsaFixture _fixture;
        private readonly DateTimeOffset _now;

        public TestGcpFacade(EcdsaFixture fixture, DateTimeOffset now)
        {
            _fixture = fixture;
            _now = now;
        }

        public string KeyName { get; } = "projects/demo/locations/global/keyRings/sample/cryptoKeys/attestor";
        public string PrimaryVersion { get; } = "projects/demo/locations/global/keyRings/sample/cryptoKeys/attestor/cryptoKeyVersions/1";
        public string SecondaryVersion { get; } = "projects/demo/locations/global/keyRings/sample/cryptoKeys/attestor/cryptoKeyVersions/2";

        public byte[] LastDigest { get; private set; } = Array.Empty<byte>();

        public Task<GcpCryptoKeyMetadata> GetCryptoKeyMetadataAsync(string keyName, CancellationToken cancellationToken)
            => Task.FromResult(new GcpCryptoKeyMetadata(KeyName, PrimaryVersion, _now));

        public Task<IReadOnlyList<GcpCryptoKeyVersionMetadata>> ListKeyVersionsAsync(string keyName, CancellationToken cancellationToken)
        {
            IReadOnlyList<GcpCryptoKeyVersionMetadata> versions = new[]
            {
                new GcpCryptoKeyVersionMetadata(PrimaryVersion, GcpCryptoKeyVersionState.Enabled, _now.AddDays(-2), null),
                new GcpCryptoKeyVersionMetadata(SecondaryVersion, GcpCryptoKeyVersionState.Disabled, _now.AddDays(-10), _now.AddDays(-1)),
            };

            return Task.FromResult(versions);
        }

        public Task<GcpPublicKeyMaterial> GetPublicKeyAsync(string versionName, CancellationToken cancellationToken)
        {
            var pem = ToPem(_fixture.PublicSubjectInfo);
            return Task.FromResult(new GcpPublicKeyMaterial(versionName, "EC_SIGN_P256_SHA256", pem));
        }

        public Task<GcpSignResult> SignAsync(string versionName, ReadOnlyMemory<byte> digest, CancellationToken cancellationToken)
        {
            LastDigest = digest.ToArray();
            var signature = _fixture.SignDigest(digest.Span);
            return Task.FromResult(new GcpSignResult(versionName, signature));
        }

        public void Dispose()
        {
        }

        internal static string ToPem(byte[] subjectPublicKeyInfo)
        {
            var builder = new StringBuilder();
            builder.AppendLine("-----BEGIN PUBLIC KEY-----");
            builder.AppendLine(Convert.ToBase64String(subjectPublicKeyInfo, Base64FormattingOptions.InsertLineBreaks));
            builder.AppendLine("-----END PUBLIC KEY-----");
            return builder.ToString();
        }
    }
}