stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
95d5898650beb7a00ae9934c2426904a70045af2
git.stella-ops.org/src/Cryptography/__Tests/StellaOps.Cryptography.Tests/CryptographyModelTests.cs

318 lines
8.9 KiB
C#
Raw Blame History

using StellaOps.Cryptography;
using StellaOps.Cryptography.Models;
using Xunit;
namespace StellaOps.Cryptography.Tests;
/// <summary>
/// Tests for SignatureProfile enum.
/// </summary>
public sealed class SignatureProfileTests
{
[Theory]
[InlineData(SignatureProfile.EdDsa)]
[InlineData(SignatureProfile.EcdsaP256)]
[InlineData(SignatureProfile.RsaPss)]
[InlineData(SignatureProfile.Gost2012)]
[InlineData(SignatureProfile.SM2)]
[InlineData(SignatureProfile.Eidas)]
public void SignatureProfile_AllStandardValues_AreValid(SignatureProfile profile)
{
Assert.True(Enum.IsDefined(profile));
}
[Fact]
public void SignatureProfile_EdDsa_IsDefault()
{
// EdDsa should be 0 - the default/baseline profile
Assert.Equal(0, (int)SignatureProfile.EdDsa);
}
[Fact]
public void SignatureProfile_AllValues_AreCounted()
{
var values = Enum.GetValues<SignatureProfile>();
Assert.True(values.Length >= 6, "Should have at least 6 standard profiles");
}
}
/// <summary>
/// Tests for Signature record.
/// </summary>
public sealed class SignatureTests
{
[Fact]
public void Signature_RequiredProperties_MustBeSet()
{
var signatureBytes = new byte[] { 0x01, 0x02, 0x03, 0x04 };
var signature = new Signature
{
KeyId = "stella-ed25519-2024",
Profile = SignatureProfile.EdDsa,
Algorithm = "Ed25519",
SignatureBytes = signatureBytes
};
Assert.Equal("stella-ed25519-2024", signature.KeyId);
Assert.Equal(SignatureProfile.EdDsa, signature.Profile);
Assert.Equal("Ed25519", signature.Algorithm);
Assert.Equal(signatureBytes, signature.SignatureBytes);
}
[Fact]
public void Signature_WithTimestamp_ContainsValue()
{
var signedAt = DateTimeOffset.UtcNow;
var signature = new Signature
{
KeyId = "key-001",
Profile = SignatureProfile.EcdsaP256,
Algorithm = "ES256",
SignatureBytes = new byte[64],
SignedAt = signedAt
};
Assert.Equal(signedAt, signature.SignedAt);
}
[Fact]
public void Signature_WithCertificateChain_ContainsValue()
{
var certChain = new byte[] { 0x30, 0x82, 0x01, 0x00 }; // Mock DER cert header
var signature = new Signature
{
KeyId = "eidas-key",
Profile = SignatureProfile.Eidas,
Algorithm = "RS256",
SignatureBytes = new byte[256],
CertificateChain = certChain
};
Assert.NotNull(signature.CertificateChain);
Assert.Equal(certChain, signature.CertificateChain);
}
[Fact]
public void Signature_WithTimestampToken_ContainsValue()
{
var timestampToken = new byte[] { 0x30, 0x82, 0x02, 0x00 }; // Mock RFC 3161 token
var signature = new Signature
{
KeyId = "tsa-key",
Profile = SignatureProfile.RsaPss,
Algorithm = "PS256",
SignatureBytes = new byte[256],
TimestampToken = timestampToken
};
Assert.NotNull(signature.TimestampToken);
}
[Fact]
public void Signature_WithPublicKey_ContainsValue()
{
var publicKey = new byte[32]; // Ed25519 public key size
var signature = new Signature
{
KeyId = "ephemeral-ed25519",
Profile = SignatureProfile.EdDsa,
Algorithm = "Ed25519",
SignatureBytes = new byte[64],
PublicKey = publicKey
};
Assert.NotNull(signature.PublicKey);
Assert.Equal(32, signature.PublicKey.Length);
}
[Fact]
public void Signature_OptionalProperties_AreNullByDefault()
{
var signature = new Signature
{
KeyId = "key",
Profile = SignatureProfile.EdDsa,
Algorithm = "Ed25519",
SignatureBytes = new byte[64]
};
Assert.Null(signature.CertificateChain);
Assert.Null(signature.TimestampToken);
Assert.Null(signature.PublicKey);
}
}
/// <summary>
/// Tests for SignatureResult record.
/// </summary>
public sealed class SignatureResultTests
{
[Fact]
public void SignatureResult_RequiredProperties_MustBeSet()
{
var signedAt = DateTimeOffset.UtcNow;
var result = new SignatureResult
{
KeyId = "stella-ed25519-2024",
Profile = SignatureProfile.EdDsa,
Algorithm = "Ed25519",
Signature = new byte[64],
SignedAt = signedAt
};
Assert.Equal("stella-ed25519-2024", result.KeyId);
Assert.Equal(SignatureProfile.EdDsa, result.Profile);
Assert.Equal("Ed25519", result.Algorithm);
Assert.Equal(signedAt, result.SignedAt);
}
[Fact]
public void SignatureResult_WithMetadata_ContainsValues()
{
var metadata = new Dictionary<string, object>
{
["kms_request_id"] = "req-12345",
["certificate_serial"] = "ABC123"
};
var result = new SignatureResult
{
KeyId = "kms-key",
Profile = SignatureProfile.RsaPss,
Algorithm = "PS256",
Signature = new byte[256],
SignedAt = DateTimeOffset.UtcNow,
Metadata = metadata
};
Assert.NotNull(result.Metadata);
Assert.Equal("req-12345", result.Metadata["kms_request_id"]);
}
[Theory]
[InlineData("Ed25519", SignatureProfile.EdDsa)]
[InlineData("ES256", SignatureProfile.EcdsaP256)]
[InlineData("PS256", SignatureProfile.RsaPss)]
[InlineData("GOST3410-2012-256", SignatureProfile.Gost2012)]
[InlineData("SM2DSA", SignatureProfile.SM2)]
public void SignatureResult_ProfileAlgorithmPairs_AreValid(string algorithm, SignatureProfile profile)
{
var result = new SignatureResult
{
KeyId = $"key-{profile}",
Profile = profile,
Algorithm = algorithm,
Signature = new byte[64],
SignedAt = DateTimeOffset.UtcNow
};
Assert.Equal(algorithm, result.Algorithm);
Assert.Equal(profile, result.Profile);
}
}
/// <summary>
/// Tests for VerificationResult record.
/// </summary>
public sealed class VerificationResultTests
{
[Fact]
public void VerificationResult_Valid_HasNoFailureReason()
{
var result = new VerificationResult
{
IsValid = true,
Profile = SignatureProfile.EdDsa,
Algorithm = "Ed25519",
KeyId = "key-001"
};
Assert.True(result.IsValid);
Assert.Null(result.FailureReason);
}
[Fact]
public void VerificationResult_Invalid_HasFailureReason()
{
var result = new VerificationResult
{
IsValid = false,
Profile = SignatureProfile.EdDsa,
Algorithm = "Ed25519",
KeyId = "key-001",
FailureReason = "Signature mismatch"
};
Assert.False(result.IsValid);
Assert.Equal("Signature mismatch", result.FailureReason);
}
[Fact]
public void VerificationResult_WithCertificateValidation_ContainsValue()
{
var certValidation = new CertificateValidationResult
{
IsValid = true,
ValidFrom = DateTimeOffset.UtcNow.AddYears(-1),
ValidTo = DateTimeOffset.UtcNow.AddYears(1),
CertificateThumbprints = new[] { "ABC123", "DEF456" }
};
var result = new VerificationResult
{
IsValid = true,
Profile = SignatureProfile.Eidas,
Algorithm = "RS256",
KeyId = "eidas-key",
CertificateValidation = certValidation
};
Assert.NotNull(result.CertificateValidation);
Assert.True(result.CertificateValidation.IsValid);
Assert.Equal(2, result.CertificateValidation.CertificateThumbprints!.Count);
}
}
/// <summary>
/// Tests for CertificateValidationResult record.
/// </summary>
public sealed class CertificateValidationResultTests
{
[Fact]
public void CertificateValidationResult_Valid_HasValidityPeriod()
{
var validFrom = DateTimeOffset.UtcNow.AddYears(-1);
var validTo = DateTimeOffset.UtcNow.AddYears(2);
var result = new CertificateValidationResult
{
IsValid = true,
ValidFrom = validFrom,
ValidTo = validTo
};
Assert.True(result.IsValid);
Assert.Equal(validFrom, result.ValidFrom);
Assert.Equal(validTo, result.ValidTo);
}
[Fact]
public void CertificateValidationResult_Invalid_HasFailureReason()
{
var result = new CertificateValidationResult
{
IsValid = false,
FailureReason = "Certificate expired"
};
Assert.False(result.IsValid);
Assert.Equal("Certificate expired", result.FailureReason);
}
}
Reference in New Issue View Git Blame Copy Permalink