git.stella-ops.org/devops/services/crypto/sim-crypto-smoke/SmokeLogic.cs

using System.Net.Http.Json;
using System.Text.Json.Serialization;

public static class SmokeLogic
{
    public static IReadOnlyList<string> ResolveAlgorithms(string profile, string? overrideList)
    {
        if (!string.IsNullOrWhiteSpace(overrideList))
        {
            return overrideList.Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries);
        }

        return profile switch
        {
            "ru-free" or "ru-paid" or "gost" or "ru" => new[] { "GOST12-256", "ru.magma.sim", "ru.kuznyechik.sim" },
            "sm" or "cn" => new[] { "SM2" },
            "eidas" => new[] { "ES256" },
            "fips" => new[] { "ES256" },
            "kcmvp" => new[] { "ES256" },
            "pq" => new[] { "pq.sim", "DILITHIUM3", "FALCON512" },
            _ => new[] { "ES256", "SM2", "pq.sim" }
        };
    }

    public static async Task<(bool Ok, string Error)> SignAndVerifyAsync(HttpClient client, string algorithm, string message, CancellationToken ct)
    {
        var signPayload = new SignRequest(message, algorithm);
        var signResponse = await client.PostAsJsonAsync("/sign", signPayload, ct).ConfigureAwait(false);
        if (!signResponse.IsSuccessStatusCode)
        {
            return (false, $"sign failed: {(int)signResponse.StatusCode} {signResponse.ReasonPhrase}");
        }

        var signResult = await signResponse.Content.ReadFromJsonAsync<SignResponse>(cancellationToken: ct).ConfigureAwait(false);
        if (signResult is null || string.IsNullOrWhiteSpace(signResult.SignatureBase64))
        {
            return (false, "sign returned empty payload");
        }

        var verifyPayload = new VerifyRequest(message, signResult.SignatureBase64, algorithm);
        var verifyResponse = await client.PostAsJsonAsync("/verify", verifyPayload, ct).ConfigureAwait(false);
        if (!verifyResponse.IsSuccessStatusCode)
        {
            return (false, $"verify failed: {(int)verifyResponse.StatusCode} {verifyResponse.ReasonPhrase}");
        }

        var verifyResult = await verifyResponse.Content.ReadFromJsonAsync<VerifyResponse>(cancellationToken: ct).ConfigureAwait(false);
        if (verifyResult?.Ok is not true)
        {
            return (false, "verify returned false");
        }

        return (true, "");
    }

    private sealed record SignRequest(
        [property: JsonPropertyName("message")] string Message,
        [property: JsonPropertyName("algorithm")] string Algorithm);

    private sealed record SignResponse(
        [property: JsonPropertyName("signature_b64")] string SignatureBase64,
        [property: JsonPropertyName("algorithm")] string Algorithm);

    private sealed record VerifyRequest(
        [property: JsonPropertyName("message")] string Message,
        [property: JsonPropertyName("signature_b64")] string SignatureBase64,
        [property: JsonPropertyName("algorithm")] string Algorithm);

    private sealed record VerifyResponse(
        [property: JsonPropertyName("ok")] bool Ok,
        [property: JsonPropertyName("algorithm")] string Algorithm);
}