fix: update test

Signed-off-by: Junjie Gao <[email protected]>
Azure · Aug 16, 2023 · dc7ac8d · dc7ac8d
1 parent 75a1d0b
commit dc7ac8d
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 3 deletions.
diff --git a/Notation.Plugin.AzureKeyVault.Tests/Certificate/Pkcs12Tests.cs b/Notation.Plugin.AzureKeyVault.Tests/Certificate/Pkcs12Tests.cs
@@ -1,5 +1,8 @@
+using System;
 using System.IO;
 using System.Security.Cryptography.Pkcs;
+using System.Text;
+using Notation.Plugin.Protocol;
 using Xunit;
 
 namespace Notation.Plugin.AzureKeyVault.Certificate.Tests
@@ -14,10 +17,36 @@ public void RemoveMac()
             Pkcs12Info originPfx = Pkcs12Info.Decode(data, out _);
             Assert.True(originPfx.IntegrityMode == Pkcs12IntegrityMode.Password);
 
+            // remove MAC for the pfx file
+            byte[] newData = Pkcs12.RemoveMac(data);
+            Pkcs12Info pfxWithoutMac = Pkcs12Info.Decode(newData, out _);
+            Assert.True(pfxWithoutMac.IntegrityMode == Pkcs12IntegrityMode.None);
+        }
+
+        [Fact]
+        public void RemoveMac_WithInvalidMac()
+        {
+            // read the pfx file
+            byte[] data = File.ReadAllBytes(Path.Combine(Directory.GetCurrentDirectory(), "TestData", "cert_invalid_mac.pfx"));
+            Pkcs12Info originPfx = Pkcs12Info.Decode(data, out _);
+            Assert.True(originPfx.IntegrityMode == Pkcs12IntegrityMode.Password);
+
             // decrypt the pfx file
-            byte[] decryptedData = Pkcs12.RemoveMac(data);
-            Pkcs12Info decryptedPfx = Pkcs12Info.Decode(decryptedData, out _);
-            Assert.True(decryptedPfx.IntegrityMode == Pkcs12IntegrityMode.None);
+            Assert.Throws<ValidationException>(() => Pkcs12.RemoveMac(data));
+        }
+
+        [Fact]
+        public void RemoveMac_withoutMac(){
+            // read the pfx file
+            byte[] data = File.ReadAllBytes(Path.Combine(Directory.GetCurrentDirectory(), "TestData", "cert_without_mac.pfx"));
+            Pkcs12Info originPfx = Pkcs12Info.Decode(data, out _);
+            Assert.True(originPfx.IntegrityMode == Pkcs12IntegrityMode.None);
+
+            // remove MAC for the pfx file
+            byte[] newData = Pkcs12.RemoveMac(data);
+            Pkcs12Info pfxWithoutMac = Pkcs12Info.Decode(newData, out _);
+            Assert.True(pfxWithoutMac.IntegrityMode == Pkcs12IntegrityMode.None);
+
         }
     }
 }
diff --git a/Notation.Plugin.AzureKeyVault.Tests/TestData/cert_invalid_mac.pfx b/Notation.Plugin.AzureKeyVault.Tests/TestData/cert_invalid_mac.pfx
diff --git a/Notation.Plugin.AzureKeyVault.Tests/TestData/cert_without_mac.pfx b/Notation.Plugin.AzureKeyVault.Tests/TestData/cert_without_mac.pfx