Beispiel #1
0
        public void SetEncodedValue_KnownHeaders_ThrowIf_IncorrectValue(SetValueMethod method)
        {
            if (method == SetValueMethod.AddShortcut)
            {
                return;
            }

            var writer = new CborWriter();

            writer.WriteNull();
            byte[] encodedNullValue = writer.Encode();

            var map = new CoseHeaderMap();

            // only accepts int or tstr
            Assert.Throws <ArgumentException>("value", () => SetEncodedValue(map, CoseHeaderLabel.Algorithm, encodedNullValue, method));
            // [ +label ] (non-empty array)
            Assert.Throws <ArgumentException>("value", () => SetEncodedValue(map, CoseHeaderLabel.CriticalHeaders, encodedNullValue, method));
            writer.Reset();
            writer.WriteStartArray(0);
            writer.WriteEndArray();
            Assert.Throws <ArgumentException>("value", () => SetEncodedValue(map, CoseHeaderLabel.CriticalHeaders, writer.Encode(), method));
            // tstr / uint
            Assert.Throws <ArgumentException>("value", () => SetEncodedValue(map, CoseHeaderLabel.ContentType, encodedNullValue, method));
            // bstr
            Assert.Throws <ArgumentException>("value", () => SetEncodedValue(map, CoseHeaderLabel.KeyIdentifier, encodedNullValue, method));
        }
Beispiel #2
0
        public void Enumerate()
        {
            var map = new CoseHeaderMap();

            map.SetValue(CoseHeaderLabel.Algorithm, (int)ECDsaAlgorithm.ES256);
            map.SetEncodedValue(CoseHeaderLabel.Critical, GetDummyCritHeaderValue());
            map.SetValue(CoseHeaderLabel.ContentType, ContentTypeDummyValue);
            map.SetValue(CoseHeaderLabel.KeyIdentifier, s_sampleContent);
            map.SetValue(CoseHeaderLabel.IV, ReadOnlySpan <byte> .Empty);
            map.SetValue(CoseHeaderLabel.PartialIV, ReadOnlySpan <byte> .Empty);
            map.SetValue(CoseHeaderLabel.CounterSignature, ReadOnlySpan <byte> .Empty);

            var writer        = new CborWriter();
            int currentHeader = KnownHeaderAlg;

            foreach ((CoseHeaderLabel label, ReadOnlyMemory <byte> encodedValue) in map)
            {
                Assert.Equal(new CoseHeaderLabel(currentHeader), label);
                ReadOnlyMemory <byte> expectedValue = currentHeader switch
                {
                    KnownHeaderAlg => EncodeInt32((int)ECDsaAlgorithm.ES256, writer),
                    KnownHeaderCrit => GetDummyCritHeaderValue(),
                    KnownHeaderContentType => EncodeString(ContentTypeDummyValue, writer),
                    KnownHeaderKid => EncodeBytes(s_sampleContent, writer),
                    KnownHeaderIV or KnownHeaderPartialIV or KnownHeaderCounterSignature => EncodeBytes(ReadOnlySpan <byte> .Empty, writer),
                    _ => throw new InvalidOperationException()
                };
                AssertExtensions.SequenceEqual(expectedValue.Span, encodedValue.Span);
                currentHeader++;
            }
            Assert.Equal(KnownHeaderCounterSignature + 1, currentHeader);
Beispiel #3
0
        internal static CoseHeaderMap GetHeaderMapWithAlgorithm(CoseAlgorithm algorithm = CoseAlgorithm.ES256)
        {
            var protectedHeaders = new CoseHeaderMap();

            protectedHeaders.SetValue(CoseHeaderLabel.Algorithm, (int)algorithm);
            return(protectedHeaders);
        }
Beispiel #4
0
        public void Enumerate()
        {
            var map = new CoseHeaderMap();

            SetValue(map, CoseHeaderLabel.Algorithm, (int)ECDsaAlgorithm.ES256, default(SetValueMethod));
            SetEncodedValue(map, CoseHeaderLabel.CriticalHeaders, GetDummyCritHeaderValue(), default(SetValueMethod));
            SetValue(map, CoseHeaderLabel.ContentType, ContentTypeDummyValue, default(SetValueMethod));
            SetValue(map, CoseHeaderLabel.KeyIdentifier, s_sampleContent, default(SetValueMethod));

            var writer        = new CborWriter();
            int currentHeader = KnownHeaderAlg;

            foreach (KeyValuePair <CoseHeaderLabel, CoseHeaderValue> kvp in map)
            {
                CoseHeaderLabel label = kvp.Key;
                CoseHeaderValue value = kvp.Value;

                Assert.Equal(new CoseHeaderLabel(currentHeader), label);
                ReadOnlyMemory <byte> expectedValue = currentHeader switch
                {
                    KnownHeaderAlg => EncodeInt32((int)ECDsaAlgorithm.ES256, writer),
                    KnownHeaderCrit => GetDummyCritHeaderValue(),
                    KnownHeaderContentType => EncodeString(ContentTypeDummyValue, writer),
                    KnownHeaderKid => EncodeBytes(s_sampleContent, writer),
                    _ => throw new InvalidOperationException()
                };
                AssertExtensions.SequenceEqual(expectedValue.Span, value.EncodedValue.Span);
                currentHeader++;
            }
            Assert.Equal(KnownHeaderKid + 1, currentHeader);
Beispiel #5
0
        public void SignWith_EmptyProtectedHeaderMap_UnprotectedHeaderMapWithAlgorithm()
        {
            CoseHeaderMap protectedHeaders   = GetEmptyHeaderMap();
            CoseHeaderMap unprotectedHeaders = GetHeaderMapWithAlgorithm(DefaultAlgorithm);

            Assert.Throws <CryptographicException>(() => Sign(s_sampleContent, DefaultKey, DefaultHash, protectedHeaders, unprotectedHeaders));
        }
Beispiel #6
0
        public void SignWithNullProtectedHeaderMap()
        {
            CoseHeaderMap unprotectedHeaders = GetEmptyHeaderMap();

            ReadOnlySpan <byte> encodedMsg = Sign(s_sampleContent, DefaultKey, DefaultHash, null, unprotectedHeaders);

            AssertCoseSignMessage(encodedMsg, s_sampleContent, DefaultKey, DefaultAlgorithm);
        }
Beispiel #7
0
        public void SignWithNullUnprotectedHeaderMap()
        {
            CoseHeaderMap protectedHeaders = GetHeaderMapWithAlgorithm(DefaultAlgorithm);

            ReadOnlySpan <byte> encodedMsg = Sign(s_sampleContent, DefaultKey, DefaultHash, protectedHeaders, null);

            AssertCoseSignMessage(encodedMsg, s_sampleContent, DefaultKey, DefaultAlgorithm);
        }
Beispiel #8
0
        public void SignWith_ProtectedHeaderMapWithAlgorithm_EmptyUnprotectedHeaderMap()
        {
            CoseHeaderMap protectedHeaders   = GetHeaderMapWithAlgorithm(DefaultAlgorithm);
            CoseHeaderMap unprotectedHeaders = GetEmptyHeaderMap();

            ReadOnlySpan <byte> encodedMsg = Sign(s_sampleContent, DefaultKey, DefaultHash, protectedHeaders, unprotectedHeaders);

            AssertSign1Message(encodedMsg, s_sampleContent, DefaultKey, DefaultAlgorithm);
        }
Beispiel #9
0
        public void SignWithCriticalHeaders_NotTransportingTheSpecifiedCriticalHeaderThrows()
        {
            CoseHeaderMap protectedHeaders = GetHeaderMapWithAlgorithm(DefaultAlgorithm);

            AddCriticalHeaders(protectedHeaders, null, includeSpecifiedCritHeader: false);

            CoseSigner signer = GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders);

            Assert.Throws <CryptographicException>(() => Sign(s_sampleContent, signer));
        }
Beispiel #10
0
        public void SetEncodedValue_GetEncodedValue_KnownCoseHeaderLabel(int knownHeader, byte[] encodedValue, SetValueMethod setMethod, GetValueMethod getMethod)
        {
            var map   = new CoseHeaderMap();
            var label = new CoseHeaderLabel(knownHeader);

            SetEncodedValue(map, label, encodedValue, setMethod);

            ReadOnlySpan <byte> returnedEncocedValue = GetEncodedValue(map, label, getMethod);

            AssertExtensions.SequenceEqual(encodedValue, returnedEncocedValue);
        }
Beispiel #11
0
        public void SignWithEmptyHeaderMaps()
        {
            CoseHeaderMap protectedHeaders   = GetEmptyHeaderMap();
            CoseHeaderMap unprotectedHeaders = GetEmptyHeaderMap();

            ReadOnlySpan <byte> encodedMsg = Sign(s_sampleContent, DefaultKey, DefaultHash, protectedHeaders, unprotectedHeaders);

            AssertCoseSignMessage(encodedMsg, s_sampleContent, DefaultKey, DefaultAlgorithm);

            Assert.Equal(0, protectedHeaders.Count());
            Assert.Equal(0, unprotectedHeaders.Count());
        }
Beispiel #12
0
        public void SignWithCriticalHeaders()
        {
            CoseHeaderMap protectedHeaders = GetHeaderMapWithAlgorithm(DefaultAlgorithm);
            List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedProtectedHeaders = GetExpectedProtectedHeaders(DefaultAlgorithm);

            AddCriticalHeaders(protectedHeaders, expectedProtectedHeaders, includeSpecifiedCritHeader: true);

            CoseSigner          signer         = GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders);
            ReadOnlySpan <byte> encodedMessage = Sign(s_sampleContent, signer);

            AssertCoseSignMessage(encodedMessage, s_sampleContent, DefaultKey, DefaultAlgorithm, expectedProtectedHeaders);
        }
Beispiel #13
0
        public void SignWithCborNegativeIntegerRepresentationAlgorithmHeaderValue(ulong value)
        {
            var writer = new CborWriter();

            writer.WriteCborNegativeIntegerRepresentation(value);
            ReadOnlySpan <byte> encodedValue = writer.Encode();

            CoseHeaderMap protectedHeaders = new CoseHeaderMap();

            protectedHeaders[CoseHeaderLabel.Algorithm] = CoseHeaderValue.FromEncodedValue(encodedValue);

            Assert.Throws <CryptographicException>(() => Sign(s_sampleContent, DefaultKey, DefaultHash, protectedHeaders));
        }
Beispiel #14
0
        public void SetValue_KnownHeaders_ThrowIf_IncorrectValue(SetValueMethod method)
        {
            var map = new CoseHeaderMap();

            // only accepts int or tstr
            Assert.Throws <ArgumentException>("value", () => SetValue(map, CoseHeaderLabel.Algorithm, ReadOnlySpan <byte> .Empty, method));
            // [ +label ] (non-empty array)
            Assert.Throws <ArgumentException>("value", () => SetValue(map, CoseHeaderLabel.CriticalHeaders, ReadOnlySpan <byte> .Empty, method));
            // tstr / uint
            Assert.Throws <ArgumentException>("value", () => SetValue(map, CoseHeaderLabel.ContentType, -1, method));
            // bstr
            Assert.Throws <ArgumentException>("value", () => SetValue(map, CoseHeaderLabel.KeyIdentifier, "foo", method));
        }
Beispiel #15
0
        public void SetEncodedValue_GetEncodedValue_KnownCoseHeaderLabel(int knownHeader, byte[] encodedValue)
        {
            var map   = new CoseHeaderMap();
            var label = new CoseHeaderLabel(knownHeader);

            map.SetEncodedValue(label, encodedValue);

            ReadOnlyMemory <byte> returnedEncocedValue = map.GetEncodedValue(label);

            AssertExtensions.SequenceEqual(encodedValue, returnedEncocedValue.Span);

            map.TryGetEncodedValue(label, out returnedEncocedValue);
            AssertExtensions.SequenceEqual(encodedValue, returnedEncocedValue.Span);
        }
Beispiel #16
0
        public void MultiSign_SignWithCriticalHeaders_NotTransportingTheSpecifiedCriticalHeaderThrows_BodyHeaders()
        {
            if (MessageKind != CoseMessageKind.MultiSign)
            {
                return;
            }

            CoseHeaderMap bodyProtectedHeaders = GetEmptyHeaderMap();

            AddCriticalHeaders(bodyProtectedHeaders, null, includeSpecifiedCritHeader: false);

            CoseSigner signer = GetCoseSigner(DefaultKey, DefaultHash);

            Assert.Throws <CryptographicException>(() => Sign(s_sampleContent, signer, bodyProtectedHeaders));
        }
Beispiel #17
0
        public void SignVerifyWithCustomHeaders(ECDsaAlgorithm algorithm)
        {
            var protectedHeaders = new CoseHeaderMap();

            protectedHeaders.SetValue(CoseHeaderLabel.Algorithm, (int)algorithm);

            CoseHeaderMap unprotectedHeaders = new CoseHeaderMap();

            unprotectedHeaders.SetValue(CoseHeaderLabel.ContentType, ContentTypeDummyValue);

            ECDsa             key           = ECDsaKeys[algorithm];
            HashAlgorithmName hashAlgorithm = GetHashAlgorithmNameFromCoseAlgorithm((int)algorithm);

            byte[] message = CoseSign1Message.Sign(s_sampleContent, key, hashAlgorithm, protectedHeaders, unprotectedHeaders);
            Assert.True(CoseMessage.DecodeSign1(message).Verify(key));
        }
Beispiel #18
0
        public void MultiSign_SignWithCriticalHeaders_BodyHeaders()
        {
            if (MessageKind != CoseMessageKind.MultiSign)
            {
                return;
            }

            CoseHeaderMap bodyProtectedHeaders = GetEmptyHeaderMap();
            List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedBodyProtected = GetEmptyExpectedHeaders();

            AddCriticalHeaders(bodyProtectedHeaders, expectedBodyProtected, includeSpecifiedCritHeader: true);

            CoseSigner          signer         = GetCoseSigner(DefaultKey, DefaultHash);
            ReadOnlySpan <byte> encodedMessage = Sign(s_sampleContent, signer, bodyProtectedHeaders);

            AssertCoseSignMessage(encodedMessage, s_sampleContent, DefaultKey, DefaultAlgorithm, expectedMultiSignBodyProtectedHeaders: expectedBodyProtected);
        }
Beispiel #19
0
        public void SetValue_KnownHeaders_ThrowIf_IncorrectValue()
        {
            var map = new CoseHeaderMap();

            // only accepts int or tstr
            Assert.Throws <InvalidOperationException>(() => map.SetValue(CoseHeaderLabel.Algorithm, ReadOnlySpan <byte> .Empty));
            // [ +label ] (non-empty array) Not yet properly supported.
            //Assert.Throws<NotSupportedException>(() => map.SetValue(CoseHeaderLabel.Critical, ReadOnlySpan<byte>.Empty));
            // tstr / uint
            Assert.Throws <InvalidOperationException>(() => map.SetValue(CoseHeaderLabel.ContentType, -1));
            // bstr
            Assert.Throws <InvalidOperationException>(() => map.SetValue(CoseHeaderLabel.KeyIdentifier, "foo"));
            // bstr
            Assert.Throws <InvalidOperationException>(() => map.SetValue(CoseHeaderLabel.IV, "foo"));
            // bstr
            Assert.Throws <InvalidOperationException>(() => map.SetValue(CoseHeaderLabel.PartialIV, "foo"));
        }
Beispiel #20
0
        public void MultiSign_SignWithAllCborTypesAsHeaderValue_BodyHeaders(bool useProtectedMap, byte[] encodedValue)
        {
            if (MessageKind != CoseMessageKind.MultiSign)
            {
                return;
            }

            var myLabel = new CoseHeaderLabel(42);

            CoseHeaderMap signProtectedHeaders   = GetHeaderMapWithAlgorithm(DefaultAlgorithm);
            CoseHeaderMap signUnprotectedHeaders = GetEmptyHeaderMap();

            CoseHeaderMap bodyProtectedHeaders   = GetEmptyHeaderMap();
            CoseHeaderMap bodyUnprotectedHeaders = GetEmptyHeaderMap();

            (useProtectedMap ? bodyProtectedHeaders : bodyUnprotectedHeaders)[myLabel] = CoseHeaderValue.FromEncodedValue(encodedValue);

            List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedSignProtectedHeaders   = GetExpectedProtectedHeaders(DefaultAlgorithm);
            List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedSignUnprotectedHeaders = GetEmptyExpectedHeaders();

            List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedProtectedHeaders   = GetEmptyExpectedHeaders();
            List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedUnprotectedHeaders = GetEmptyExpectedHeaders();

            (useProtectedMap ? expectedProtectedHeaders : expectedUnprotectedHeaders).Add((myLabel, encodedValue));

            CoseSigner          signer         = GetCoseSigner(DefaultKey, DefaultHash, signProtectedHeaders, signUnprotectedHeaders);
            ReadOnlySpan <byte> encodedMessage = Sign(s_sampleContent, signer, bodyProtectedHeaders, bodyUnprotectedHeaders);

            AssertCoseSignMessage(
                encodedMessage,
                s_sampleContent,
                DefaultKey,
                DefaultAlgorithm,
                expectedSignProtectedHeaders,
                expectedSignUnprotectedHeaders,
                null,
                expectedProtectedHeaders,
                expectedUnprotectedHeaders);

            // Verify it is transported correctly.
            CoseMessage           message           = Decode(encodedMessage);
            ReadOnlyMemory <byte> roundtrippedValue = (useProtectedMap ? message.ProtectedHeaders : message.UnprotectedHeaders)[myLabel].EncodedValue;

            AssertExtensions.SequenceEqual(encodedValue, roundtrippedValue.Span);
        }
Beispiel #21
0
        public void ReEncodeWithDuplicateHeaderBetweenProtectedAndUnprotected()
        {
            // Algorithm header is duplicated. It is a special case because it is mandatory that the header exists in the protected map.
            CoseSigner  signer = GetCoseSigner(DefaultKey, DefaultHash);
            CoseMessage msg    = Decode(Sign(s_sampleContent, signer));

            GetSigningHeaderMap(msg, getProtectedMap: false).Add(CoseHeaderLabel.Algorithm, (int)DefaultAlgorithm);
            AllEncodeOverloadsShouldThrow(msg);

            // other known header is duplicate.
            CoseHeaderMap protectedHeaders = GetEmptyHeaderMap();

            protectedHeaders.Add(CoseHeaderLabel.ContentType, ContentTypeDummyValue);

            signer = GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders);
            msg    = Decode(Sign(s_sampleContent, signer));

            GetSigningHeaderMap(msg, getProtectedMap: false).Add(CoseHeaderLabel.ContentType, ContentTypeDummyValue);
            AllEncodeOverloadsShouldThrow(msg);

            // not-known int header is duplicate.
            var myLabel = new CoseHeaderLabel(42);

            protectedHeaders = GetEmptyHeaderMap();
            protectedHeaders.Add(myLabel, 42);

            signer = GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders);
            msg    = Decode(Sign(s_sampleContent, signer));

            GetSigningHeaderMap(msg, getProtectedMap: false).Add(myLabel, 42);
            AllEncodeOverloadsShouldThrow(msg);

            // not-known tstr header is duplicate.
            myLabel          = new CoseHeaderLabel("42");
            protectedHeaders = GetEmptyHeaderMap();
            protectedHeaders.Add(myLabel, 42);

            signer = GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders);
            msg    = Decode(Sign(s_sampleContent, signer));

            GetSigningHeaderMap(msg, getProtectedMap: false).Add(myLabel, 42);
            AllEncodeOverloadsShouldThrow(msg);
        }
Beispiel #22
0
        public void SetValue_GetValue_KnownCoseHeaderLabel()
        {
            var map = new CoseHeaderMap();

            map.SetValue(CoseHeaderLabel.Algorithm, (int)ECDsaAlgorithm.ES256);
            map.SetValue(CoseHeaderLabel.Critical, GetDummyCritHeaderValue());
            map.SetValue(CoseHeaderLabel.ContentType, ContentTypeDummyValue);
            map.SetValue(CoseHeaderLabel.KeyIdentifier, s_sampleContent);
            map.SetValue(CoseHeaderLabel.IV, ReadOnlySpan <byte> .Empty);
            map.SetValue(CoseHeaderLabel.PartialIV, ReadOnlySpan <byte> .Empty);
            map.SetValue(CoseHeaderLabel.CounterSignature, ReadOnlySpan <byte> .Empty);

            Assert.Equal((int)ECDsaAlgorithm.ES256, map.GetValueAsInt32(CoseHeaderLabel.Algorithm));
            AssertExtensions.SequenceEqual(GetDummyCritHeaderValue(), map.GetValueAsBytes(CoseHeaderLabel.Critical));
            Assert.Equal(ContentTypeDummyValue, map.GetValueAsString(CoseHeaderLabel.ContentType));
            AssertExtensions.SequenceEqual(s_sampleContent, map.GetValueAsBytes(CoseHeaderLabel.KeyIdentifier));
            AssertExtensions.SequenceEqual(ReadOnlySpan <byte> .Empty, map.GetValueAsBytes(CoseHeaderLabel.IV));
            AssertExtensions.SequenceEqual(ReadOnlySpan <byte> .Empty, map.GetValueAsBytes(CoseHeaderLabel.PartialIV));
            AssertExtensions.SequenceEqual(ReadOnlySpan <byte> .Empty, map.GetValueAsBytes(CoseHeaderLabel.CounterSignature));
        }
Beispiel #23
0
        public void MultiSign_SignWithCriticalHeaders_NotTransportingTheSpecifiedCriticalHeaderThrows_AddSignature()
        {
            if (MessageKind != CoseMessageKind.MultiSign)
            {
                return;
            }

            ReadOnlySpan <byte>  encodedMsg   = Sign(s_sampleContent, GetCoseSigner(DefaultKey, DefaultHash));
            CoseMultiSignMessage multiSignMsg = Assert.IsType <CoseMultiSignMessage>(Decode(encodedMsg));

            multiSignMsg.RemoveSignature(0);

            CoseHeaderMap signProtectedHeaders = GetHeaderMapWithAlgorithm(DefaultAlgorithm);

            AddCriticalHeaders(signProtectedHeaders, null, includeSpecifiedCritHeader: false);

            CoseSigner signer = GetCoseSigner(DefaultKey, DefaultHash, signProtectedHeaders);

            Assert.Throws <CryptographicException>(() => AddSignature(multiSignMsg, s_sampleContent, signer));
        }
Beispiel #24
0
        public void MultiSign_ReEncodeWithDuplicateHeaderBetweenProtectedAndUnprotected_BodyProtected()
        {
            if (MessageKind != CoseMessageKind.MultiSign)
            {
                return;
            }

            // known header is duplicate.
            CoseSigner    signer           = GetCoseSigner(DefaultKey, DefaultHash);
            CoseHeaderMap protectedHeaders = GetEmptyHeaderMap();

            protectedHeaders.Add(CoseHeaderLabel.ContentType, ContentTypeDummyValue);

            CoseMessage msg = Decode(Sign(s_sampleContent, signer, protectedHeaders));

            msg.UnprotectedHeaders.Add(CoseHeaderLabel.ContentType, ContentTypeDummyValue);
            AllEncodeOverloadsShouldThrow(msg);

            // not-known int header is duplicate.
            var myLabel = new CoseHeaderLabel(42);

            protectedHeaders = GetEmptyHeaderMap();
            protectedHeaders.Add(myLabel, 42);

            signer = GetCoseSigner(DefaultKey, DefaultHash);
            msg    = Decode(Sign(s_sampleContent, signer, protectedHeaders));

            msg.UnprotectedHeaders.Add(myLabel, 42);
            AllEncodeOverloadsShouldThrow(msg);

            // not-known tstr header is duplicate.
            myLabel          = new CoseHeaderLabel("42");
            protectedHeaders = GetEmptyHeaderMap();
            protectedHeaders.Add(myLabel, 42);

            signer = GetCoseSigner(DefaultKey, DefaultHash);
            msg    = Decode(Sign(s_sampleContent, signer, protectedHeaders));

            msg.UnprotectedHeaders.Add(myLabel, 42);
            AllEncodeOverloadsShouldThrow(msg);
        }
Beispiel #25
0
        public void SetEncodedValue_KnownHeaders_ThrowIf_IncorrectValue()
        {
            var writer = new CborWriter();

            writer.WriteNull();
            byte[] encodedNullValue = writer.Encode();

            var map = new CoseHeaderMap();

            // only accepts int or tstr
            Assert.Throws <InvalidOperationException>(() => map.SetEncodedValue(CoseHeaderLabel.Algorithm, encodedNullValue));
            // [ +label ] (non-empty array) Not yet properly supported.
            //Assert.Throws<NotSupportedException>(() => map.SetEncodedValue(CoseHeaderLabel.Critical, encodedNullValue));
            // tstr / uint
            Assert.Throws <InvalidOperationException>(() => map.SetEncodedValue(CoseHeaderLabel.ContentType, encodedNullValue));
            // bstr
            Assert.Throws <InvalidOperationException>(() => map.SetEncodedValue(CoseHeaderLabel.KeyIdentifier, encodedNullValue));
            // bstr
            Assert.Throws <InvalidOperationException>(() => map.SetEncodedValue(CoseHeaderLabel.IV, encodedNullValue));
            // bstr
            Assert.Throws <InvalidOperationException>(() => map.SetEncodedValue(CoseHeaderLabel.PartialIV, encodedNullValue));
        }
Beispiel #26
0
        public void SignVerifyWithCustomCoseHeaderMaps()
        {
            foreach ((AsymmetricAlgorithm key, HashAlgorithmName hashAlgorithm, CoseAlgorithm algorithm) in GetKeyHashAlgorithmTriplet())
            {
                var protectedHeaders = new CoseHeaderMap();
                protectedHeaders.SetValue(CoseHeaderLabel.Algorithm, (int)algorithm);

                CoseHeaderMap unprotectedHeaders = new CoseHeaderMap();
                unprotectedHeaders.SetValue(CoseHeaderLabel.ContentType, ContentTypeDummyValue);

                ReadOnlySpan <byte> encodedMsg = Sign(s_sampleContent, key, hashAlgorithm, protectedHeaders, unprotectedHeaders);

                List <(CoseHeaderLabel, ReadOnlyMemory <byte>)>?expectedProtectedHeaders   = GetExpectedProtectedHeaders(algorithm);
                List <(CoseHeaderLabel, ReadOnlyMemory <byte>)>?expectedUnprotectedHeaders = GetEmptyExpectedHeaders();
                AddEncoded(expectedUnprotectedHeaders, CoseHeaderLabel.ContentType, ContentTypeDummyValue);

                AssertSign1Message(encodedMsg, s_sampleContent, key, algorithm, expectedProtectedHeaders, expectedUnprotectedHeaders);

                CoseSign1Message decodedMsg = CoseMessage.DecodeSign1(encodedMsg);
                Assert.True(Verify(decodedMsg, key, s_sampleContent));
            }
        }
Beispiel #27
0
        public void SetValue_InvalidCoseHeaderValue()
        {
            CoseHeaderLabel[] labelsToTest =
            {
                new CoseHeaderLabel("foo"),
                new CoseHeaderLabel(42),
                CoseHeaderLabel.Algorithm,
                CoseHeaderLabel.ContentType,
                CoseHeaderLabel.CriticalHeaders,
                CoseHeaderLabel.KeyIdentifier
            };

            foreach (CoseHeaderLabel label in labelsToTest)
            {
                var map = new CoseHeaderMap();

                Assert.Throws <ArgumentException>("value", () => map.Add(label, new CoseHeaderValue()));
                Assert.Throws <ArgumentException>("value", () => map[label] = new CoseHeaderValue());

                Assert.Throws <ArgumentException>("value", () => map.Add(label, default(CoseHeaderValue)));
                Assert.Throws <ArgumentException>("value", () => map[label] = default(CoseHeaderValue));
            }
        }
Beispiel #28
0
        public void MultiSign_SignWithCriticalHeaders_AddSignature()
        {
            if (MessageKind != CoseMessageKind.MultiSign)
            {
                return;
            }

            ReadOnlySpan <byte>  encodedMsg   = Sign(s_sampleContent, GetCoseSigner(DefaultKey, DefaultHash));
            CoseMultiSignMessage multiSignMsg = Assert.IsType <CoseMultiSignMessage>(Decode(encodedMsg));

            multiSignMsg.RemoveSignature(0);

            CoseHeaderMap signProtectedHeaders = GetHeaderMapWithAlgorithm(DefaultAlgorithm);
            List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedSignProtected = GetExpectedProtectedHeaders(DefaultAlgorithm);

            AddCriticalHeaders(signProtectedHeaders, expectedSignProtected, includeSpecifiedCritHeader: true);

            CoseSigner signer = GetCoseSigner(DefaultKey, DefaultHash, signProtectedHeaders);

            AddSignature(multiSignMsg, s_sampleContent, signer);

            AssertCoseSignMessage(multiSignMsg.Encode(), s_sampleContent, DefaultKey, DefaultAlgorithm, expectedProtectedHeaders: expectedSignProtected);
        }
Beispiel #29
0
        public void SetValue_GetValue_KnownCoseHeaderLabel(SetValueMethod setMethod, GetValueMethod getMethod)
        {
            var map = new CoseHeaderMap();

            SetValue(map, CoseHeaderLabel.Algorithm, (int)ECDsaAlgorithm.ES256, setMethod);

            if (setMethod != SetValueMethod.AddShortcut)
            {
                SetEncodedValue(map, CoseHeaderLabel.CriticalHeaders, GetDummyCritHeaderValue(), setMethod);
            }

            SetValue(map, CoseHeaderLabel.ContentType, ContentTypeDummyValue, setMethod);
            SetValue(map, CoseHeaderLabel.KeyIdentifier, s_sampleContent, setMethod);

            Assert.Equal((int)ECDsaAlgorithm.ES256, GetValue <int>(map, CoseHeaderLabel.Algorithm, getMethod));

            if (getMethod != GetValueMethod.GetValueShortcut)
            {
                AssertExtensions.SequenceEqual(GetDummyCritHeaderValue(), GetEncodedValue(map, CoseHeaderLabel.CriticalHeaders, getMethod));
            }

            Assert.Equal(ContentTypeDummyValue, GetValue <string>(map, CoseHeaderLabel.ContentType, getMethod));
            AssertExtensions.SequenceEqual(s_sampleContent, GetValue <byte[]>(map, CoseHeaderLabel.KeyIdentifier, getMethod));
        }
Beispiel #30
0
        public void SignWithAllCborTypesAsHeaderValue(bool useProtectedMap, byte[] encodedValue)
        {
            var myLabel = new CoseHeaderLabel(42);

            CoseHeaderMap protectedHeaders   = GetHeaderMapWithAlgorithm(DefaultAlgorithm);
            CoseHeaderMap unprotectedHeaders = GetEmptyHeaderMap();

            (useProtectedMap ? protectedHeaders : unprotectedHeaders)[myLabel] = CoseHeaderValue.FromEncodedValue(encodedValue);

            List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedProtectedHeaders   = GetExpectedProtectedHeaders(DefaultAlgorithm);
            List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedUnprotectedHeaders = GetEmptyExpectedHeaders();

            (useProtectedMap ? expectedProtectedHeaders : expectedUnprotectedHeaders).Add((myLabel, encodedValue));

            ReadOnlySpan <byte> encodedMessage = Sign(s_sampleContent, DefaultKey, DefaultHash, protectedHeaders, unprotectedHeaders);

            AssertCoseSignMessage(encodedMessage, s_sampleContent, DefaultKey, DefaultAlgorithm, expectedProtectedHeaders, expectedUnprotectedHeaders);

            // Verify it is transported correctly.
            CoseMessage           message           = Decode(encodedMessage);
            ReadOnlyMemory <byte> roundtrippedValue = GetSigningHeaderMap(message, useProtectedMap)[myLabel].EncodedValue;

            AssertExtensions.SequenceEqual(encodedValue, roundtrippedValue.Span);
        }