feat(transport): BundleSerializer ZIP packer/reader

2026-05-24 04:11:11 -04:00
parent ee76b84b0f
commit 550ab0e034
2 changed files with 304 additions and 0 deletions
--- a/tests/ScadaLink.Transport.Tests/Serialization/BundleSerializerTests.cs
+++ b/tests/ScadaLink.Transport.Tests/Serialization/BundleSerializerTests.cs
@@ -0,0 +1,126 @@
+using System.IO.Compression;
+using System.Security.Cryptography;
+using ScadaLink.Commons.Types.Transport;
+using ScadaLink.Transport.Encryption;
+using ScadaLink.Transport.Serialization;
+
+namespace ScadaLink.Transport.Tests.Serialization;
+
+public sealed class BundleSerializerTests
+{
+    private const int TestIterations = 10_000;
+
+    private static BundleContentDto SampleContent() => new(
+        TemplateFolders: new[] { new TemplateFolderDto("Root", ParentName: null, SortOrder: 0) },
+        Templates: Array.Empty<TemplateDto>(),
+        SharedScripts: new[] { new SharedScriptDto("util", "return 42;", ParameterDefinitions: null, ReturnDefinition: null) },
+        ExternalSystems: Array.Empty<ExternalSystemDto>(),
+        DatabaseConnections: Array.Empty<DatabaseConnectionDto>(),
+        NotificationLists: Array.Empty<NotificationListDto>(),
+        SmtpConfigs: Array.Empty<SmtpConfigDto>(),
+        ApiKeys: Array.Empty<ApiKeyDto>(),
+        ApiMethods: Array.Empty<ApiMethodDto>());
+
+    private static BundleManifest BuildManifestFor(byte[] contentBytes, EncryptionMetadata? encryption = null) =>
+        new ManifestBuilder().Build(
+            sourceEnvironment: "test-env",
+            exportedBy: "tester",
+            scadaLinkVersion: "1.0.0",
+            encryption: encryption,
+            summary: new BundleSummary(0, 1, 1, 0, 0, 0, 0, 0, 0),
+            contents: Array.Empty<ManifestContentEntry>(),
+            contentBytes: contentBytes);
+
+    [Fact]
+    public void Pack_emits_manifest_and_content_json_when_no_passphrase()
+    {
+        var sut = new BundleSerializer();
+        var content = SampleContent();
+        var contentJson = sut.SerializeContentBytes(content);
+        var manifest = BuildManifestFor(contentJson);
+
+        using var stream = sut.Pack(content, manifest, passphrase: null, encryptor: null);
+
+        using var archive = new ZipArchive(stream, ZipArchiveMode.Read, leaveOpen: true);
+        Assert.NotNull(archive.GetEntry("manifest.json"));
+        Assert.NotNull(archive.GetEntry("content.json"));
+        Assert.Null(archive.GetEntry("content.enc"));
+    }
+
+    [Fact]
+    public void Pack_emits_manifest_and_content_enc_when_passphrase_supplied()
+    {
+        var sut = new BundleSerializer();
+        var encryptor = new BundleSecretEncryptor();
+        var content = SampleContent();
+        var contentJson = sut.SerializeContentBytes(content);
+        var (cipher, meta) = encryptor.Encrypt(contentJson, "pass", TestIterations);
+        var manifest = BuildManifestFor(cipher, encryption: meta);
+
+        using var stream = sut.Pack(content, manifest, passphrase: "pass", encryptor: encryptor);
+
+        using var archive = new ZipArchive(stream, ZipArchiveMode.Read, leaveOpen: true);
+        Assert.NotNull(archive.GetEntry("manifest.json"));
+        Assert.Null(archive.GetEntry("content.json"));
+        Assert.NotNull(archive.GetEntry("content.enc"));
+    }
+
+    [Fact]
+    public void Roundtrip_through_temp_stream_recovers_identical_content()
+    {
+        var sut = new BundleSerializer();
+        var content = SampleContent();
+        var contentJson = sut.SerializeContentBytes(content);
+        var manifest = BuildManifestFor(contentJson);
+
+        using var stream = sut.Pack(content, manifest, passphrase: null, encryptor: null);
+
+        stream.Position = 0;
+        var readManifest = sut.ReadManifest(stream);
+        stream.Position = 0;
+        var contentBytes = sut.ReadContentBytes(stream, readManifest);
+        var unpacked = sut.UnpackContent(contentBytes, readManifest, passphrase: null, encryptor: null);
+
+        Assert.Equal(manifest.ContentHash, readManifest.ContentHash);
+        Assert.Single(unpacked.TemplateFolders);
+        Assert.Equal("Root", unpacked.TemplateFolders[0].Name);
+        var shared = Assert.Single(unpacked.SharedScripts);
+        Assert.Equal("util", shared.Name);
+        Assert.Equal("return 42;", shared.Code);
+    }
+
+    [Fact]
+    public void ReadManifest_throws_when_zip_missing_manifest_json()
+    {
+        var sut = new BundleSerializer();
+        using var ms = new MemoryStream();
+        using (var archive = new ZipArchive(ms, ZipArchiveMode.Create, leaveOpen: true))
+        {
+            var entry = archive.CreateEntry("garbage.txt");
+            using var es = entry.Open();
+            es.Write(new byte[] { 1, 2, 3 });
+        }
+        ms.Position = 0;
+
+        Assert.Throws<InvalidDataException>(() => sut.ReadManifest(ms));
+    }
+
+    [Fact]
+    public void UnpackContent_throws_CryptographicException_on_wrong_passphrase()
+    {
+        var sut = new BundleSerializer();
+        var encryptor = new BundleSecretEncryptor();
+        var content = SampleContent();
+        var contentJson = sut.SerializeContentBytes(content);
+        var (cipher, meta) = encryptor.Encrypt(contentJson, "right", TestIterations);
+        var manifest = BuildManifestFor(cipher, encryption: meta);
+
+        using var stream = sut.Pack(content, manifest, passphrase: "right", encryptor: encryptor);
+        stream.Position = 0;
+        var readManifest = sut.ReadManifest(stream);
+        stream.Position = 0;
+        var contentBytes = sut.ReadContentBytes(stream, readManifest);
+
+        Assert.ThrowsAny<CryptographicException>(() => sut.UnpackContent(contentBytes, readManifest, "wrong", encryptor));
+    }
+}