public void SignaturesAtZeroDoNotVerify_IEEEP1363(CurveDef curveDef) { using (ECDsa ec = ECDsaFactory.Create(curveDef.Curve)) { byte[] data = new byte[] { 1, 2, 3, 4 }; byte[] signature = ec.SignData(data, HashAlgorithmName.SHA256, DSASignatureFormat.IeeeP1363FixedFieldConcatenation); // Verify it now. bool verified = ec.VerifyData( data, signature, HashAlgorithmName.SHA256, DSASignatureFormat.IeeeP1363FixedFieldConcatenation); Assert.True(verified, nameof(ec.VerifyData)); // Since the signature is fixed field, create a zero signature just by zeroing it out. // The important thing is that it is the right length. Array.Clear(signature); verified = ec.VerifyData( data, signature, HashAlgorithmName.SHA256, DSASignatureFormat.IeeeP1363FixedFieldConcatenation); Assert.False(verified, nameof(ec.VerifyData)); } }
public void TestChangeFromNamedCurveToKeySize(CurveDef curveDef) { if (!curveDef.Curve.IsNamed) { return; } using (ECDsa ec = ECDsaFactory.Create(curveDef.Curve)) { ECParameters param = ec.ExportParameters(false); // Avoid comparing against same key as in curveDef if (ec.KeySize != 384 && ec.KeySize != 521) { ec.KeySize = 384; ECParameters param384 = ec.ExportParameters(false); Assert.NotEqual(param.Curve.Oid.FriendlyName, param384.Curve.Oid.FriendlyName); Assert.Equal(384, ec.KeySize); ec.KeySize = 521; ECParameters param521 = ec.ExportParameters(false); Assert.NotEqual(param384.Curve.Oid.FriendlyName, param521.Curve.Oid.FriendlyName); Assert.Equal(521, ec.KeySize); } } }
public static void TestNamedCurvesNegative(CurveDef curveDef) { if (!curveDef.Curve.IsNamed) { return; } // An exception may be thrown during Create() if the Oid is bad, or later during native calls Assert.Throws <PlatformNotSupportedException>( () => ECDiffieHellmanFactory.Create(curveDef.Curve).ExportParameters(false)); }
public static void TestKeyPropertyFromNamedCurve(CurveDef curveDef) { ECDsaCng e = new ECDsaCng(curveDef.Curve); CngKey key1 = e.Key; VerifyKey(key1); e.Exercise(); CngKey key2 = e.Key; Assert.Same(key1, key2); }
public static void TestExplicitCurvesKeyAgree(CurveDef curveDef) { if (!ECDiffieHellmanFactory.ExplicitCurvesSupported) { return; } using (ECDiffieHellman ecdh1Named = ECDiffieHellmanFactory.Create(curveDef.Curve)) { ECParameters ecdh1ExplicitParameters = ecdh1Named.ExportExplicitParameters(true); using (ECDiffieHellman ecdh1Explicit = ECDiffieHellmanFactory.Create()) using (ECDiffieHellman ecdh2 = ECDiffieHellmanFactory.Create(ecdh1ExplicitParameters.Curve)) { ecdh1Explicit.ImportParameters(ecdh1ExplicitParameters); using (ECDiffieHellmanPublicKey ecdh1NamedPub = ecdh1Named.PublicKey) using (ECDiffieHellmanPublicKey ecdh1ExplicitPub = ecdh1Explicit.PublicKey) using (ECDiffieHellmanPublicKey ecdh2Pub = ecdh2.PublicKey) { HashAlgorithmName hash = HashAlgorithmName.SHA256; byte[] ech1Named_ecdh1Named = ecdh1Named.DeriveKeyFromHash(ecdh1NamedPub, hash); byte[] ech1Named_ecdh1Named2 = ecdh1Named.DeriveKeyFromHash(ecdh1NamedPub, hash); byte[] ech1Named_ecdh1Explicit = ecdh1Named.DeriveKeyFromHash(ecdh1ExplicitPub, hash); byte[] ech1Named_ecdh2Explicit = ecdh1Named.DeriveKeyFromHash(ecdh2Pub, hash); byte[] ecdh1Explicit_ecdh1Named = ecdh1Explicit.DeriveKeyFromHash(ecdh1NamedPub, hash); byte[] ecdh1Explicit_ecdh1Explicit = ecdh1Explicit.DeriveKeyFromHash(ecdh1ExplicitPub, hash); byte[] ecdh1Explicit_ecdh1Explicit2 = ecdh1Explicit.DeriveKeyFromHash(ecdh1ExplicitPub, hash); byte[] ecdh1Explicit_ecdh2Explicit = ecdh1Explicit.DeriveKeyFromHash(ecdh2Pub, hash); byte[] ecdh2_ecdh1Named = ecdh2.DeriveKeyFromHash(ecdh1NamedPub, hash); byte[] ecdh2_ecdh1Explicit = ecdh2.DeriveKeyFromHash(ecdh1ExplicitPub, hash); byte[] ecdh2_ecdh2Explicit = ecdh2.DeriveKeyFromHash(ecdh2Pub, hash); byte[] ecdh2_ecdh2Explicit2 = ecdh2.DeriveKeyFromHash(ecdh2Pub, hash); Assert.Equal(ech1Named_ecdh1Named, ech1Named_ecdh1Named2); Assert.Equal(ech1Named_ecdh1Explicit, ecdh1Explicit_ecdh1Named); Assert.Equal(ech1Named_ecdh2Explicit, ecdh2_ecdh1Named); Assert.Equal(ecdh1Explicit_ecdh1Explicit, ecdh1Explicit_ecdh1Explicit2); Assert.Equal(ecdh1Explicit_ecdh2Explicit, ecdh2_ecdh1Explicit); Assert.Equal(ecdh2_ecdh2Explicit, ecdh2_ecdh2Explicit2); } } } }
public void TestRegenKeyNamed(CurveDef curveDef) { ECParameters param, param2; ECDsa ec; using (ec = ECDsaFactory.Create(curveDef.Curve)) { param = ec.ExportParameters(true); Assert.NotNull(param.D); param.Validate(); ec.GenerateKey(param.Curve); param2 = ec.ExportParameters(true); param2.Validate(); // Only curve should match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); CompareCurve(param.Curve, param2.Curve); } }
public static void TestExplicitCurves(CurveDef curveDef) { if (!ECDiffieHellmanFactory.ExplicitCurvesSupported) { return; } using (ECDiffieHellman ec1 = ECDiffieHellmanFactory.Create(curveDef.Curve)) { ECParameters param1 = ec1.ExportExplicitParameters(curveDef.IncludePrivate); VerifyExplicitCurve(param1, ec1, curveDef); using (ECDiffieHellman ec2 = ECDiffieHellmanFactory.Create()) { ec2.ImportParameters(param1); ECParameters param2 = ec2.ExportExplicitParameters(curveDef.IncludePrivate); VerifyExplicitCurve(param1, ec1, curveDef); AssertEqual(param1, param2); } } }
public static void TestHashRoundTrip(CurveDef curveDef) { // This test is in the cng only tests because OpenSsl does not provide the hash algorithm using (var cng = new ECDsaCng(curveDef.Curve)) { ECParameters param = cng.ExportExplicitParameters(false); // Add some dummy values and import Assert.True(param.Curve.IsExplicit); var curve = param.Curve; curve.Hash = HashAlgorithmName.SHA1; curve.Seed = new byte[1] { 0xFF }; // Hash should have a seed param.Curve = curve; cng.ImportParameters(param); // Export to see if the hash is there ECParameters param2 = cng.ExportExplicitParameters(false); Assert.Equal(HashAlgorithmName.SHA1.Name.ToUpper(), param2.Curve.Hash.Value.Name.ToUpper()); Assert.Equal(0xFF, param2.Curve.Seed[0]); } }
public void SignaturesAtZeroDoNotVerify_DER(CurveDef curveDef) { using (ECDsa ec = ECDsaFactory.Create(curveDef.Curve)) { byte[] data = new byte[] { 1, 2, 3, 4 }; // ASN.1: // SEQUENCE { // INTEGER 0, // INTEGER 0 // } byte[] zeroSignature = new byte[] { 0x30, 0x06, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00 }; bool verified = ec.VerifyData( data, zeroSignature, HashAlgorithmName.SHA256, DSASignatureFormat.Rfc3279DerSequence); Assert.False(verified, nameof(ec.VerifyData)); } }
private static void VerifyExplicitCurve(ECParameters parameters, ECDiffieHellman ec, CurveDef curveDef) { Assert.True(parameters.Curve.IsExplicit); ECCurve curve = parameters.Curve; Assert.True(curveDef.IsCurveTypeEqual(curve.CurveType)); Assert.True( curveDef.IncludePrivate && parameters.D.Length > 0 || !curveDef.IncludePrivate && parameters.D == null); Assert.Equal(curveDef.KeySize, ec.KeySize); Assert.Equal(curve.A.Length, parameters.Q.X.Length); Assert.Equal(curve.A.Length, parameters.Q.Y.Length); Assert.Equal(curve.A.Length, curve.B.Length); Assert.Equal(curve.A.Length, curve.G.X.Length); Assert.Equal(curve.A.Length, curve.G.Y.Length); Assert.True(curve.Seed == null || curve.Seed.Length > 0); Assert.True(curve.Order == null || curve.Order.Length > 0); if (curve.IsPrime) { Assert.Equal(curve.A.Length, curve.Prime.Length); } if (curveDef.IncludePrivate) { ec.Exercise(); } // Ensure the key doesn't get regenerated after export ECParameters paramSecondExport = ec.ExportExplicitParameters(curveDef.IncludePrivate); AssertEqual(parameters, paramSecondExport); }
public void TestRegenKeyExplicit(CurveDef curveDef) { ECParameters param, param2; ECDsa ec, newEc; using (ec = ECDsaFactory.Create(curveDef.Curve)) { param = ec.ExportExplicitParameters(true); Assert.NotNull(param.D); using (newEc = ECDsaFactory.Create()) { newEc.ImportParameters(param); // The curve name is not flowed on explicit export\import (by design) so this exercises logic // that regenerates based on current curve values newEc.GenerateKey(param.Curve); param2 = newEc.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); CompareCurve(param.Curve, param2.Curve); // Specify same curve name newEc.GenerateKey(curveDef.Curve); Assert.Equal(curveDef.KeySize, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); CompareCurve(param.Curve, param2.Curve); // Specify different curve than current if (param.Curve.IsPrime) { if (curveDef.Curve.IsNamed && curveDef.Curve.Oid.FriendlyName != ECCurve.NamedCurves.nistP256.Oid.FriendlyName) { // Specify different curve (nistP256) by explicit value newEc.GenerateKey(ECCurve.NamedCurves.nistP256); Assert.Equal(256, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Keys should not match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); // P,X,Y (and others) should not match Assert.True(param2.Curve.IsPrime); Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime); Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X); Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y); // Reset back to original newEc.GenerateKey(param.Curve); Assert.Equal(curveDef.KeySize, newEc.KeySize); ECParameters copyOfParam1 = newEc.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, copyOfParam1, false); ComparePublicKey(param.Q, copyOfParam1.Q, false); CompareCurve(param.Curve, copyOfParam1.Curve); // Set back to nistP256 newEc.GenerateKey(param2.Curve); Assert.Equal(256, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Keys should not match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); // P,X,Y (and others) should not match Assert.True(param2.Curve.IsPrime); Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime); Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X); Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y); } } else if (param.Curve.IsCharacteristic2) { if (curveDef.Curve.Oid.Value != ECDSA_Sect193r1_OID_VALUE) { if (ECDsaFactory.IsCurveValid(new Oid(ECDSA_Sect193r1_OID_VALUE))) { // Specify different curve by name newEc.GenerateKey(ECCurve.CreateFromValue(ECDSA_Sect193r1_OID_VALUE)); Assert.Equal(193, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Keys should not match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); // Polynomial,X,Y (and others) should not match Assert.True(param2.Curve.IsCharacteristic2); Assert.NotEqual(param.Curve.Polynomial, param2.Curve.Polynomial); Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X); Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y); } } } } } }
public static void TestCreateKeyFromCngAlgorithmNegative(CurveDef curveDef) { CngAlgorithm alg = CngAlgorithm.ECDsa; Assert.ThrowsAny <Exception>(() => CngKey.Create(alg)); }