Changed self signed certificate handling

8f21d2a6 · Klaus Fischer · 88cb71f3 · 8f21d2a6 · 8f21d2a6
Commit 8f21d2a6 authored 2 years ago by Klaus Fischer
--- a/SenderTest/SenderEncryptionWithCertificateTest.cs
+++ b/SenderTest/SenderEncryptionWithCertificateTest.cs
@@ -9,22 +9,35 @@ using NUnit.Framework;

 namespace SenderTest;

-public class SenderEncryptionWithCertificateTest {
+public class SenderEncryptionWithSelfSignedCertificateTest {
    private Sender _sender = null!;
-    private ILogger<SenderEncryptionWithCertificateTest> _logger = null!;
+    private ILogger<SenderEncryptionWithSelfSignedCertificateTest> _logger = null!;
+    private X509Certificate2 _certificate = null!;

    /*
     * Encryption test must be changed for production to only allow extern signed certificates
     * and forbid self-signed certificates.
     */

+    [OneTimeSetUp]
+    public void OneTimeSetup() {
+        _certificate = CreateSelfSignedCertificate("./");
+    }
+
+    [OneTimeTearDown]
+    public void OneTimeTearDown() {
+        _certificate.Dispose();
+        File.Delete("./certificate.pfx");
+    }
+
    [SetUp]
    public void Setup() {
        _logger = LoggerFactory.Create(cfg => cfg.AddConsole())
-            .CreateLogger<SenderEncryptionWithCertificateTest>();
+            .CreateLogger<SenderEncryptionWithSelfSignedCertificateTest>();
        _sender = new Sender(_logger,
            FitConnectEndpoints.Create(FitConnectEndpoints.EndpointType.Development));
-        var certificate = CreateSelfSignedCertificate(null);
+
+        var certificate = new X509Certificate2("./certificate.pfx");
        _sender.ImportCertificate(certificate);
    }

@@ -37,17 +50,6 @@ public class SenderEncryptionWithCertificateTest {
    }


-    [Test]
-    [Ignore("Not applicable for production")]
-    public void CryptWithPublicKeyImport() {
-        var publicKey = Convert.FromBase64String(
-            "MIIBCgKCAQEAzu/ek6A5AMuROs+12pncbYNteGkd6ReU28ZY5gCM4hNFI0h1E+0+OST+Yxw7zhvbFhZbYdVt8LmzonMAtENituLxzZj7MsWom/ZzxTdp4Cx5zlx8x6Qx/ZPoSS2T2Sf0ttymaMc6ZadpWsDhg/Mnf6beF1W/QoGH/bHBa8U4rhkUa+OKf3wyo08km8oyUJaj6kkB0VdhRp5rSyvXJtUMZ5A0LcYFygnkHTSQlQhdrAK+6nTo//mfNfPtqta2wBb9ONpVwN0V7I5PSdH2WxZMZsYFicLOGbNeF08gibmL+7TeBTssYtrNVM88cG0v+aWeBun0WVrpCntDIA9HIujWowIDAQAB");
-
-        var cypher = _sender.EncryptData(Encoding.UTF8.GetBytes("test"), publicKey);
-
-        _logger.LogInformation("Cypher: {}", Convert.ToBase64String(cypher));
-    }
-
    [Test]
    public void ExportPrivateKey() {
        var privateKey = _sender.ExportPrivateKey();
@@ -55,9 +57,16 @@ public class SenderEncryptionWithCertificateTest {
    }


-    #region Static helpers
+    #region Static helpers - Certificates

-    private X509Certificate2 CreateSelfSignedCertificate(string? exportPath = "../../../") {
+    /// <summary>
+    /// 
+    /// </summary>
+    /// <param name="exportPath">The path to export the certificate.
+    /// <para>"../../../" matches the development path of the project</para></param>
+    /// <returns></returns>
+    /// <exception cref="Exception"></exception>
+    private X509Certificate2 CreateSelfSignedCertificate(string? exportPath = null) {
        var req = new CertificateRequest("cn=foobar", ECDsa.Create(), HashAlgorithmName.SHA256);
        var cert = req.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now.AddYears(5));

@@ -91,6 +100,6 @@ public class SenderEncryptionWithCertificateTest {
        _logger?.LogInformation("Exporting {}",
            Convert.ToBase64String(cert.Export(X509ContentType.Cert, "")));
    }
-}

-#endregion
+    #endregion
+}
--- a/SenderTest/SenderEncryptionWithoutCertificateTest.cs
+++ b/SenderTest/SenderEncryptionWithoutCertificateTest.cs
 using System;
 using System.Text;
 using FitConnect;
+using FluentAssertions;
 using Microsoft.Extensions.Logging;
 using NUnit.Framework;

 namespace SenderTest;

-
 public class SenderEncryptionWithoutCertificateTest {
    private Sender _sender = null!;
    private ILogger<SenderEncryptionWithoutCertificateTest> _logger = null!;
+    private const string ToEncrypt = "Hello World";
+    private string _cypherText = null!;

    /*
     * Encryption test must be changed for production to only allow extern signed certificates
     * and forbid self-signed certificates.
     */

-    [SetUp]
-    public void Setup() {
+    [OneTimeSetUp]
+    public void OneTimeSetUp() {
        _logger = LoggerFactory.Create(cfg => cfg.AddConsole())
            .CreateLogger<SenderEncryptionWithoutCertificateTest>();
        _sender = new Sender(_logger,
@@ -26,19 +28,27 @@ public class SenderEncryptionWithoutCertificateTest {


    [Test]
+    [Order(10)]
    public void EncryptData_ShouldNotThrowAnyException() {
-        var cypher = _sender.EncryptData(Encoding.UTF8.GetBytes("test"));
+        var cypher = _sender.EncryptData(Encoding.UTF8.GetBytes(ToEncrypt));

-        _logger.LogInformation("Cypher: {}", Convert.ToBase64String(cypher));
+        _cypherText = Convert.ToBase64String(cypher);
+        _logger.LogInformation("Cypher: {}", _cypherText);
+    }
+
+
+    [Test]
+    [Order(20)]
+    public void DecryptData_ShouldMatchToEncrypt() {
+        var cypher = Convert.FromBase64String(_cypherText);
+        var plain = _sender.DecryptDataAsync(cypher);
+
+        Encoding.UTF8.GetString(plain).Should().Be(ToEncrypt);
    }

-    
    [Test]
    public void ExportPrivateKey_ShouldNotThrowAnyException() {
        var privateKey = _sender.ExportPrivateKey();
        _logger.LogInformation("Private key: {}", Convert.ToBase64String(privateKey));
    }
-    
-    
-
 }