dbis_core-lite/tests/integration/transport

Transport Layer Test Suite

Comprehensive test suite for all aspects of transaction sending via raw TLS S2S connection.

Test Coverage

1. TLS Connection Tests (tls-connection.test.ts)

Tests raw TLS S2S connection establishment:

• ✅ Receiver IP configuration (172.67.157.88)
• ✅ Receiver port configuration (443, 8443)
• ✅ SNI (Server Name Indication) handling (devmindgroup.com)
• ✅ TLS version negotiation (TLSv1.2, TLSv1.3)
• ✅ Connection reuse and lifecycle
• ✅ Error handling and timeouts
• ✅ Mutual TLS (mTLS) support

2. Message Framing Tests (message-framing.test.ts)

Tests length-prefix-4be framing:

• ✅ 4-byte big-endian length prefix framing
• ✅ Message unframing and parsing
• ✅ Multiple messages in buffer
• ✅ Edge cases (empty, large, Unicode, binary)
• ✅ ISO 20022 message framing

3. ACK/NACK Handling Tests (ack-nack-handling.test.ts)

Tests ACK/NACK response parsing:

• ✅ ACK XML parsing (various formats)
• ✅ NACK XML parsing with reasons
• ✅ Validation of parsed responses
• ✅ Error handling for malformed XML
• ✅ ISO 20022 pacs.002 format support

4. Idempotency Tests (idempotency.test.ts)

Tests exactly-once delivery guarantee:

• ✅ UETR generation and validation
• ✅ MsgId generation and validation
• ✅ Duplicate transmission prevention
• ✅ ACK/NACK matching by UETR/MsgId
• ✅ Message state transitions
• ✅ Retry idempotency

5. Certificate Verification Tests (certificate-verification.test.ts)

Tests certificate validation:

• ✅ SHA256 fingerprint verification
• ✅ Certificate chain validation
• ✅ SNI matching
• ✅ TLS version and cipher suite
• ✅ Certificate expiration checks

6. End-to-End Transmission Tests (end-to-end-transmission.test.ts)

Tests complete transaction flow:

• ✅ Connection → Message → Transmission → Response
• ✅ Message validation before transmission
• ✅ Error handling in transmission
• ✅ Session management
• ✅ Receiver configuration validation

7. Retry and Error Handling Tests (retry-error-handling.test.ts)

Tests retry logic and error recovery:

• ✅ Retry configuration
• ✅ Connection retry logic
• ✅ Timeout handling
• ✅ Error recovery
• ✅ Idempotency in retries
• ✅ Error classification
• ✅ Circuit breaker pattern

8. Session Management and Audit Tests (session-audit.test.ts)

Tests session tracking and audit logging:

• ✅ TLS session tracking
• ✅ Session lifecycle management
• ✅ Audit logging (establishment, transmission, ACK/NACK)
• ✅ Session metadata recording
• ✅ Monitoring and metrics
• ✅ Security audit trail

Running Tests

Run All Transport Tests

npm test -- tests/integration/transport

Run Specific Test Suite

npm test -- tests/integration/transport/tls-connection.test.ts

Run with Coverage

npm test -- tests/integration/transport --coverage

Run Test Runner Script

chmod +x tests/integration/transport/run-transport-tests.sh
./tests/integration/transport/run-transport-tests.sh

Test Configuration

Environment Variables

Tests use the following receiver configuration:

• IP: 172.67.157.88
• Port: 443 (primary), 8443 (alternate)
• SNI: devmindgroup.com
• SHA256 Fingerprint: b19f2a94eab4cd3b92f1e3e0dce9d5e41c8b7aa3fdbe6e2f4ac3c91a5fbb2f44
• TLS Version: TLSv1.2 minimum, TLSv1.3 preferred
• Framing: length-prefix-4be

Test Timeouts

• Connection tests: 60 seconds
• End-to-end tests: 120 seconds
• Other tests: 30-60 seconds

Test Requirements

Database

Tests require a database connection for:

• Message storage
• Delivery status tracking
• Session management
• Audit logging

Network Access

Some tests require network access to:

• Receiver endpoint (172.67.157.88:443)
• DNS resolution for SNI

Note: Tests that require actual network connectivity may be skipped or fail if the receiver is unavailable. This is expected behavior for integration tests.

Test Data

Tests use the ISO 20022 pacs.008 template from:

• docs/examples/pacs008-template-a.xml

Expected Test Results

Passing Tests

• ✅ All unit tests (framing, parsing, validation)
• ✅ Configuration validation tests
• ✅ Message format tests

Conditional Tests

• ⚠️ Network-dependent tests (may fail if receiver unavailable)
  • TLS connection tests
  • End-to-end transmission tests
  • Certificate verification tests

Skipped Tests

• Tests that require specific environment setup
• Tests that depend on external services

Troubleshooting

Connection Timeouts

If tests timeout connecting to receiver:

1. Verify network connectivity to 172.67.157.88
2. Check firewall rules
3. Verify receiver is accepting connections on port 443
4. Check DNS resolution for devmindgroup.com

Certificate Errors

If certificate verification fails:

1. Verify SHA256 fingerprint matches expected value
2. Check certificate expiration
3. Verify SNI is correctly set
4. Check CA certificate bundle if using custom CA

Database Errors

If database-related tests fail:

1. Verify database is running
2. Check DATABASE_URL environment variable
3. Verify database schema is up to date
4. Check database permissions

Next Steps

After running tests:

1. Review test results and fix any failures
2. Check test coverage report
3. Verify all critical paths are tested
4. Update tests as requirements change