dohertj2/ScadaBridge
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
5c190885da99b10eb9b2e9f7782e110c7aaf25ea
ScadaBridge/tests/ZB.MOM.WW.ScadaBridge.Transport.Tests/Encryption/BundleSecretEncryptorTests.cs
T
Joseph Doherty 7b0b9c7365 refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces) 
Solution + 23 src projects + 26 test projects renamed; folders, csproj,
namespaces, and ScadaLinkDbContext/ScadaBridgeDbContext class updated.
ActorSystem "scadalink" → "scadabridge", Akka seed-node URLs migrated.
SQL roles/logins, LDAP domains, CLI command name, and CLI config dir
(~/.scadalink → ~/.scadabridge) also renamed.

Build green; 5 Host.Tests fail awaiting SQL login rename in next commit.
Pre-existing StaleTagMonitor timing flakes unchanged.

Rename script committed at tools/rename-to-scadabridge.sh.
2026-05-28 09:37:45 -04:00

114 lines
4.6 KiB
C#
Raw Blame History

using System.Security.Cryptography;
using System.Text;
using ZB.MOM.WW.ScadaBridge.Commons.Types.Transport;
using ZB.MOM.WW.ScadaBridge.Transport.Encryption;
namespace ZB.MOM.WW.ScadaBridge.Transport.Tests.Encryption;
public sealed class BundleSecretEncryptorTests
{
// Commons-015 sets the documented PBKDF2 floor to 100_000 (OWASP minimum);
// the production value is 600_000. Using the floor keeps the test fast while
// remaining a valid EncryptionMetadata.Iterations.
private const int TestIterations = EncryptionMetadata.MinPbkdf2Iterations;
[Fact]
public void Encrypt_then_Decrypt_roundtrips_arbitrary_bytes()
{
var sut = new BundleSecretEncryptor();
var plaintext = Encoding.UTF8.GetBytes("the quick brown fox jumps over the lazy dog");
var (ciphertext, metadata) = sut.Encrypt(plaintext, "correct-horse-battery-staple", TestIterations);
var recovered = sut.Decrypt(ciphertext, metadata, "correct-horse-battery-staple");
Assert.Equal(plaintext, recovered);
}
[Fact]
public void Decrypt_with_wrong_passphrase_throws_CryptographicException()
{
var sut = new BundleSecretEncryptor();
var plaintext = Encoding.UTF8.GetBytes("secret payload");
var (ciphertext, metadata) = sut.Encrypt(plaintext, "right-pass", TestIterations);
Assert.ThrowsAny<CryptographicException>(() => sut.Decrypt(ciphertext, metadata, "wrong-pass"));
}
[Fact]
public void Decrypt_with_tampered_ciphertext_throws_CryptographicException()
{
var sut = new BundleSecretEncryptor();
var plaintext = Encoding.UTF8.GetBytes("secret payload");
var (ciphertext, metadata) = sut.Encrypt(plaintext, "pass", TestIterations);
ciphertext[0] ^= 0xFF; // Flip every bit in the first ciphertext byte.
Assert.ThrowsAny<CryptographicException>(() => sut.Decrypt(ciphertext, metadata, "pass"));
}
[Fact]
public void Encrypt_produces_distinct_ciphertext_for_same_input_due_to_random_iv()
{
var sut = new BundleSecretEncryptor();
var plaintext = Encoding.UTF8.GetBytes("same input");
var (ct1, meta1) = sut.Encrypt(plaintext, "pass", TestIterations);
var (ct2, meta2) = sut.Encrypt(plaintext, "pass", TestIterations);
Assert.NotEqual(ct1, ct2);
Assert.NotEqual(meta1.IvB64, meta2.IvB64);
Assert.NotEqual(meta1.SaltB64, meta2.SaltB64);
}
[Fact]
public void Decrypt_with_mismatched_AAD_throws_CryptographicException()
{
// T-005: AES-GCM AAD binds extra context (e.g. manifest non-derivative fields)
// into the auth tag. Decrypting with different AAD yields a tag mismatch even
// when the passphrase and ciphertext are correct.
var sut = new BundleSecretEncryptor();
var plaintext = Encoding.UTF8.GetBytes("secret payload");
var aadOnEncrypt = Encoding.UTF8.GetBytes("manifest-canonical-hash-A");
var aadOnDecrypt = Encoding.UTF8.GetBytes("manifest-canonical-hash-B");
var (ciphertext, metadata) = sut.Encrypt(plaintext, "pass", TestIterations, aadOnEncrypt);
Assert.ThrowsAny<CryptographicException>(
() => sut.Decrypt(ciphertext, metadata, "pass", aadOnDecrypt));
}
[Fact]
public void Decrypt_with_matching_AAD_recovers_plaintext()
{
// T-005: round-trip with non-empty AAD must succeed when both sides match.
var sut = new BundleSecretEncryptor();
var plaintext = Encoding.UTF8.GetBytes("secret payload");
var aad = Encoding.UTF8.GetBytes("manifest-canonical-hash");
var (ciphertext, metadata) = sut.Encrypt(plaintext, "pass", TestIterations, aad);
var recovered = sut.Decrypt(ciphertext, metadata, "pass", aad);
Assert.Equal(plaintext, recovered);
}
[Fact]
public void Encrypt_emits_metadata_matching_decryption_inputs()
{
var sut = new BundleSecretEncryptor();
var plaintext = Encoding.UTF8.GetBytes("payload");
var (ciphertext, metadata) = sut.Encrypt(plaintext, "pass", TestIterations);
Assert.Equal("AES-256-GCM", metadata.Algorithm);
Assert.Equal("PBKDF2-SHA256", metadata.Kdf);
Assert.Equal(TestIterations, metadata.Iterations);
// Salt is 16 bytes (24 chars b64 incl padding), Iv is 12 bytes (16 chars b64 incl padding).
Assert.Equal(16, Convert.FromBase64String(metadata.SaltB64).Length);
Assert.Equal(12, Convert.FromBase64String(metadata.IvB64).Length);
var recovered = sut.Decrypt(ciphertext, metadata, "pass");
Assert.Equal(plaintext, recovered);
}
}
Reference in New Issue View Git Blame Copy Permalink