Skip to content

Commit

Permalink
Add tests for more coverage of Keys, Secrets clients (Azure#8364)
Browse files Browse the repository at this point in the history 
* Add JWK tests for missing private keys

Fixes Azure#7844

* Add coverage to make sure we don't zero out tags

Fixes Azure#8167
  • Loading branch information
@heaths
heaths authored Oct 24, 2019
1 parent 796fb05 commit 298477f
Show file tree
Hide file tree
Showing 11 changed files with 2,168 additions and 12 deletions.
59 changes: 58 additions & 1 deletion sdk/keyvault/Azure.Security.KeyVault.Keys/tests/JsonWebKeyTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@
using System.Security.Cryptography;
using Azure.Core;
using NUnit.Framework;
using NUnit.Framework.Constraints;

namespace Azure.Security.KeyVault.Keys.Tests
{
Expand Down Expand Up @@ -123,6 +122,39 @@ public void SerializeECDsa(string oid, string friendlyName, bool includePrivateP
#endif
}

[Test]
public void FromECDsaNoPrivateKey()
{
#if NET461
Assert.Ignore("Creating ECDsa with JsonWebKey is not supported on net461.");
#else
using ECDsa ecdsa = ECDsa.Create();
ECParameters ecParameters = ecdsa.ExportParameters(false);
ecdsa.ImportParameters(ecParameters);

Assert.That(() => new JsonWebKey(ecdsa, includePrivateParameters: true), Throws.InstanceOf<CryptographicException>());
#endif
}

[Test]
public void ToECDsaNoPrivateKey()
{
#if NET461
Assert.Ignore("Creating ECDsa with JsonWebKey is not supported on net461.");
#else
JsonWebKey jwk;
using (ECDsa ecdsa = ECDsa.Create())
{
jwk = new JsonWebKey(ecdsa, includePrivateParameters: false);
}

using (ECDsa ecdsa = jwk.ToECDsa(includePrivateParameters: true))
{
Assert.That(() => ecdsa.ExportParameters(includePrivateParameters: true), Throws.InstanceOf<CryptographicException>());
}
#endif
}

[TestCaseSource(nameof(GetECDSaTestData))]
public void ToECDsa(string oid, string friendlyName, bool includePrivateParameters)
{
Expand Down Expand Up @@ -209,6 +241,31 @@ public void SerializeRSA(bool includePrivateParameters)
Assert.That(deserialized, Is.EqualTo(jwk).Using(JsonWebKeyComparer.s_instance));
}

[Test]
public void FromRSANoPrivateKey()
{
using RSA rsa = RSA.Create();
RSAParameters rsaParameters = rsa.ExportParameters(false);
rsa.ImportParameters(rsaParameters);

Assert.That(() => new JsonWebKey(rsa, includePrivateParameters: true), Throws.InstanceOf<CryptographicException>());
}

[Test]
public void ToRSANoPrivateKey()
{
JsonWebKey jwk;
using (RSA rsa = RSA.Create())
{
jwk = new JsonWebKey(rsa, includePrivateParameters: false);
}

using (RSA rsa = jwk.ToRSA(includePrivateParameters: true))
{
Assert.That(() => rsa.ExportParameters(includePrivateParameters: true), Throws.InstanceOf<CryptographicException>());
}
}

[TestCase(false)]
[TestCase(true)]
public void ToRSA(bool includePrivateParameters)
Expand Down
80 changes: 79 additions & 1 deletion sdk/keyvault/Azure.Security.KeyVault.Keys/tests/KeyClientLiveTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Reflection;
using System.Text;
using System.Threading.Tasks;
using Azure.Core.Testing;
Expand Down Expand Up @@ -173,6 +172,85 @@ public async Task UpdateEnabled()
AssertKeyVaultKeysEqual(keyReturned, updateResult);
}

[Test]
public async Task UpdateOps()
{
string keyName = Recording.GenerateId();

CreateEcKeyOptions options = new CreateEcKeyOptions(keyName)
{
KeyOperations =
{
KeyOperation.Verify,
},
};

KeyVaultKey key = await Client.CreateEcKeyAsync(options);
RegisterForCleanup(key.Name);

AssertAreEqual(new[] { KeyOperation.Verify }, key.KeyOperations);

key.Properties.ExpiresOn = DateTimeOffset.Now.AddDays(1);

key = await Client.UpdateKeyPropertiesAsync(key.Properties);
AssertAreEqual(new[] { KeyOperation.Verify }, key.KeyOperations);

key = await Client.UpdateKeyPropertiesAsync(key.Properties, new[] { KeyOperation.Sign, KeyOperation.Verify });
AssertAreEqual(new[] { KeyOperation.Sign, KeyOperation.Verify }, key.KeyOperations);
}

[Test]
public async Task UpdateTags()
{
string keyName = Recording.GenerateId();

CreateEcKeyOptions options = new CreateEcKeyOptions(keyName)
{
Tags =
{
["A"] = "1",
["B"] = "2",
},
};

KeyVaultKey key = await Client.CreateEcKeyAsync(options);
RegisterForCleanup(key.Name);

IDictionary<string, string> expectedTags = new Dictionary<string, string>
{
["A"] = "1",
["B"] = "2",
};

AssertAreEqual(expectedTags, key.Properties.Tags);

key.Properties.Tags["B"] = "3";
key.Properties.Tags["C"] = "4";

key = await Client.UpdateKeyPropertiesAsync(key.Properties);

expectedTags = new Dictionary<string, string>
{
["A"] = "1",
["B"] = "3",
["C"] = "4",
};

AssertAreEqual(expectedTags, key.Properties.Tags);

key.Properties.Tags.Clear();
key.Properties.Tags["D"] = "5";

key = await Client.UpdateKeyPropertiesAsync(key.Properties);

expectedTags = new Dictionary<string, string>
{
["D"] = "5",
};

AssertAreEqual(expectedTags, key.Properties.Tags);
}

[Test]
public async Task GetKey()
{
Expand Down
21 changes: 11 additions & 10 deletions sdk/keyvault/Azure.Security.KeyVault.Keys/tests/KeysTestBase.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ private void AssertKeysEqual(JsonWebKey exp, JsonWebKey act)
{
Assert.AreEqual(exp.Id, act.Id);
Assert.AreEqual(exp.KeyType, act.KeyType);
AreEqual(exp.KeyOps, act.KeyOps);
AssertAreEqual(exp.KeyOps, act.KeyOps);
Assert.AreEqual(exp.CurveName, act.CurveName);
Assert.AreEqual(exp.K, act.K);
Assert.AreEqual(exp.N, act.N);
Expand All @@ -114,31 +114,32 @@ protected void AssertKeyPropertiesEqual(KeyProperties exp, KeyProperties act)
Assert.AreEqual(exp.RecoveryLevel, act.RecoveryLevel);
Assert.AreEqual(exp.ExpiresOn, act.ExpiresOn);
Assert.AreEqual(exp.NotBefore, act.NotBefore);
Assert.IsTrue(AreEqual(exp.Tags, act.Tags));
AssertAreEqual(exp.Tags, act.Tags);
}

private static void AreEqual(IReadOnlyCollection<KeyOperation> exp, IReadOnlyCollection<KeyOperation> act)
protected static void AssertAreEqual<T>(IReadOnlyCollection<T> exp, IReadOnlyCollection<T> act)
{
if (exp is null && act is null)
return;

CollectionAssert.AreEqual(exp, act);
}

private static bool AreEqual(IDictionary<string, string> exp, IDictionary<string, string> act)
protected static void AssertAreEqual<TKey, TValue>(IDictionary<TKey, TValue> exp, IDictionary<TKey, TValue> act)
{
if (exp == null && act == null)
return true;
return;

if (exp?.Count != act?.Count)
return false;
Assert.Fail("Actual count {0} does not match expected count {1}", act?.Count, exp?.Count);

foreach (KeyValuePair<string, string> pair in exp)
foreach (KeyValuePair<TKey, TValue> pair in exp)
{
if (!act.TryGetValue(pair.Key, out string value)) return false;
if (!string.Equals(value, pair.Value)) return false;
if (!act.TryGetValue(pair.Key, out TValue value))
Assert.Fail("Actual dictionary does not contain expected key '{0}'", pair.Key);

Assert.AreEqual(pair.Value, value);
}
return true;
}

protected Task WaitForDeletedKey(string name)
Expand Down
Loading

0 comments on commit 298477f

Please sign in to comment.