public void LookupCurveByOidWindowsFriendlyName(string friendlyName)
        {
            ECDsaOpenSsl ec    = new ECDsaOpenSsl(ECCurve.CreateFromFriendlyName(friendlyName));
            ECParameters param = ec.ExportParameters(false);

            param.Validate();
        }
        public MessageClientIdentity(string systemName, string clientName, ECDiffieHellmanCurve curve)
        {
            ECDiffieHellman dh;

            var dhCurve = curve switch
            {
                ECDiffieHellmanCurve.P256 => ECCurve.NamedCurves.nistP256,
                ECDiffieHellmanCurve.P384 => ECCurve.NamedCurves.nistP384,
                ECDiffieHellmanCurve.P521 => ECCurve.NamedCurves.nistP521,
                _ => throw new ArgumentOutOfRangeException(nameof(curve))
            };

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
            {
                dh    = new ECDiffieHellmanCng(dhCurve);
                ECDsa = new ECDsaCng();
            }
            else
            {
#if (!NET48)
                dh = new ECDiffieHellmanOpenSsl();
#else
                throw new NotSupportedException("ECDiffieHellmanOpenSsl is not supported in .NET 4.8");
#endif

                ECDsa = new ECDsaOpenSsl();
            }

            SystemName      = systemName;
            Name            = clientName;
            ECDiffieHellman = dh;

            ECDsa.ImportParameters(dh.ExportExplicitParameters(true));
        }
Beispiel #3
0
 public static void VerifyDuplicateKey_ECDsaHandle()
 {
     using (ECDsaOpenSsl ecdsa = new ECDsaOpenSsl())
         using (SafeEvpPKeyHandle pkey = ecdsa.DuplicateKeyHandle())
         {
             Assert.ThrowsAny <CryptographicException>(() => new DSAOpenSsl(pkey));
         }
 }
 public static void DefaultCtor()
 {
     using (ECDsaOpenSsl e = new ECDsaOpenSsl())
     {
         int keySize = e.KeySize;
         Assert.Equal(521, keySize);
         e.Exercise();
     }
 }
Beispiel #5
0
 public static void VerifyDuplicateKey_DistinctHandles()
 {
     using (ECDsaOpenSsl first = new ECDsaOpenSsl())
         using (SafeEvpPKeyHandle firstHandle = first.DuplicateKeyHandle())
             using (SafeEvpPKeyHandle firstHandle2 = first.DuplicateKeyHandle())
             {
                 Assert.NotSame(firstHandle, firstHandle2);
             }
 }
Beispiel #6
0
 public static void DefaultCtor()
 {
     using (ECDsaOpenSsl e = new ECDsaOpenSsl())
     {
         int keySize = e.KeySize;
         Assert.Equal(521, keySize);
         e.Exercise();
     }
 }
 public static void Ctor384()
 {
     int expectedKeySize = 384;
     using (ECDsaOpenSsl e = new ECDsaOpenSsl(expectedKeySize))
     {
         int keySize = e.KeySize;
         Assert.Equal(expectedKeySize, keySize);
         e.Exercise();
     }
 }
Beispiel #8
0
        public static void Ctor521()
        {
            int expectedKeySize = 521;

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(expectedKeySize))
            {
                int keySize = e.KeySize;
                Assert.Equal(expectedKeySize, keySize);
                e.Exercise();
            }
        }
Beispiel #9
0
        public void LookupCurveByOidValue()
        {
            ECDsaOpenSsl ec = null;

            ec = new ECDsaOpenSsl(ECCurve.CreateFromValue(ECDSA_P256_OID_VALUE)); // Same as nistP256
            ECParameters param = ec.ExportParameters(false);

            param.Validate();
            Assert.Equal(256, ec.KeySize);
            Assert.True(param.Curve.IsNamed);
            Assert.Equal("ECDSA_P256", param.Curve.Oid.FriendlyName);
            Assert.Equal(ECDSA_P256_OID_VALUE, param.Curve.Oid.Value);
        }
Beispiel #10
0
        [ConditionalFact("ECDsa224Available")] // Issue #4337
        public static void KeySizeProp()
        {
            using (ECDsaOpenSsl e = new ECDsaOpenSsl())
            {
                e.KeySize = 384;
                Assert.Equal(384, e.KeySize);
                e.Exercise();

                e.KeySize = 224;
                Assert.Equal(224, e.KeySize);
                e.Exercise();
            }
        }
Beispiel #11
0
        public static void VerifyDuplicateKey_InvalidHandle()
        {
            using (ECDsaOpenSsl ecdsa = new ECDsaOpenSsl())
            {
                SafeEvpPKeyHandle pkey = ecdsa.DuplicateKeyHandle();

                using (pkey)
                {
                }

                Assert.Throws <ArgumentException>(() => new ECDsaOpenSsl(pkey));
            }
        }
        public void NoncompliantGenerateKey()
        {
            var ec1 = new ECDiffieHellmanCng();

            ec1.GenerateKey(ECCurve.NamedCurves.brainpoolP160r1); // Noncompliant {{Use a key length of at least 224 bits for EC cipher algorithm.}}

            var ec2 = new ECDsaCng();

            ec2.GenerateKey(ECCurve.NamedCurves.brainpoolP160t1); // Noncompliant {{Use a key length of at least 224 bits for EC cipher algorithm.}}

            var ec3 = new ECDsaOpenSsl();

            ec3.GenerateKey(ECCurve.NamedCurves.brainpoolP192t1); // Noncompliant {{Use a key length of at least 224 bits for EC cipher algorithm.}}
        }
Beispiel #13
0
        public static void VerifyDuplicateKey_ValidHandle()
        {
            byte[] data = ByteUtils.RepeatByte(0x71, 11);

            using (ECDsaOpenSsl first = new ECDsaOpenSsl())
                using (SafeEvpPKeyHandle firstHandle = first.DuplicateKeyHandle())
                {
                    using (ECDsa second = new ECDsaOpenSsl(firstHandle))
                    {
                        byte[] signed = second.SignData(data, HashAlgorithmName.SHA512);
                        Assert.True(first.VerifyData(data, signed, HashAlgorithmName.SHA512));
                    }
                }
        }
Beispiel #14
0
        /// <summary>
        /// Creates an instance of the platform specific implementation of the cref="ECDsa" algorithm.
        /// </summary>
        /// <param name="parameters">
        /// The <see cref="ECParameters"/> representing the elliptic curve parameters.
        /// </param>
        public static partial ECDsa Create(ECParameters parameters)
        {
            ECDsa ec = new ECDsaOpenSsl();

            try
            {
                ec.ImportParameters(parameters);
                return(new ECDsaWrapper(ec));
            }
            catch
            {
                ec.Dispose();
                throw;
            }
        }
Beispiel #15
0
        private static void Exercise(this ECDsaOpenSsl e)
        {
            // Make a few calls on this to ensure we aren't broken due to bad/prematurely released handles.

            int keySize = e.KeySize;

            byte[] data     = new byte[0x10];
            byte[] sig      = e.SignData(data, 0, data.Length, HashAlgorithmName.SHA1);
            bool   verified = e.VerifyData(data, sig, HashAlgorithmName.SHA1);

            Assert.True(verified);
            sig[sig.Length - 1]++;
            verified = e.VerifyData(data, sig, HashAlgorithmName.SHA1);
            Assert.False(verified);
        }
        /// <summary>Constructor</summary>
        /// <param name="eaa">EnumDigitalSignAlgorithm</param>
        /// <param name="hashAlgorithm">HashAlgorithm</param>
        public DigitalSignECDsaOpenSsl(EnumDigitalSignAlgorithm eaa, HashAlgorithm hashAlgorithm)
        {
            AsymmetricAlgorithm aa = null;
            HashAlgorithm       ha = null;

            AsymmetricAlgorithmCmnFunc.CreateDigitalSignSP(eaa, out aa, out ha);

            ECDsaOpenSsl ecdsa = (ECDsaOpenSsl)aa;

            this._privateKey = ecdsa.ExportParameters(true);
            this._publicKey  = ecdsa.ExportParameters(false);

            this.AsymmetricAlgorithm = aa;
            this.HashAlgorithm       = hashAlgorithm;
        }
        public void CompliantConstructors()
        {
            var ec1 = new ECDiffieHellmanCng(); // Compliant - default EC key size is 521
            var ec2 = new ECDsaCng();           // Compliant - default EC key size is 521
            var ec3 = new ECDsaOpenSsl();       // Compliant - default EC key size is 521

            // Valid key sizes are 256, 384, and 521 bits.
            var ec4 = new ECDiffieHellmanCng(256);
            var ec5 = new ECDsaCng(384);
            var ec6 = new ECDsaOpenSsl(521);
            var ec7 = new ECDsaOpenSsl((IntPtr)128);

            var ec8  = new ECDiffieHellmanCng(ECCurve.NamedCurves.brainpoolP384r1);
            var ec9  = new ECDsaCng(ECCurve.NamedCurves.brainpoolP384t1);
            var ec10 = new ECDsaOpenSsl(ECCurve.NamedCurves.brainpoolP512r1);
        }
Beispiel #18
0
        public void CtorHandle224()
        {
            IntPtr ecKey = Interop.Crypto.EcKeyCreateByOid(ECDSA_P224_OID_VALUE);
            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = Interop.Crypto.EcKeyGenerateKey(ecKey);
            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                int keySize = e.KeySize;
                Assert.Equal(224, keySize);
                e.Exercise();
            }

            Interop.Crypto.EcKeyDestroy(ecKey);
        }
Beispiel #19
0
        public static void CtorHandle384()
        {
            IntPtr ecKey = Interop.Crypto.EcKeyCreateByCurveName(NID_secp384r1);
            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = Interop.Crypto.EcKeyGenerateKey(ecKey);
            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                int keySize = e.KeySize;
                Assert.Equal(384, keySize);
                e.Exercise();
            }

            Interop.Crypto.EcKeyDestroy(ecKey);
        }
Beispiel #20
0
        public static void CtorHandle384()
        {
            IntPtr ecKey = EC_KEY_new_by_curve_name(NID_secp384r1);
            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = EC_KEY_generate_key(ecKey);
            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                int keySize = e.KeySize;
                Assert.Equal(384, keySize);
                e.Exercise();
            }

            EC_KEY_free(ecKey);
        }
        /// <summary>Constructor</summary>
        /// <param name="eCParameters">ECParameters(任意)</param>
        /// <param name="hashAlgorithm">HashAlgorithm</param>
        public DigitalSignECDsaOpenSsl(ECParameters eCParameters, HashAlgorithm hashAlgorithm)
        {
            ECDsaOpenSsl ecdsa = new ECDsaOpenSsl(eCParameters.Curve);

            ecdsa.ImportParameters(eCParameters);
            if (eCParameters.D != null)
            {
                this._privateKey = ecdsa.ExportParameters(true);
            }
            this._publicKey = ecdsa.ExportParameters(false);

            this.AsymmetricAlgorithm = ecdsa;

            this.AsymmetricAlgorithm = ecdsa;
            this.HashAlgorithm       = hashAlgorithm;
        }
        public void CompliantGenerateKey()
        {
            var ec1 = new ECDiffieHellmanCng();

            ec1.GenerateKey(ECCurve.NamedCurves.brainpoolP224r1);
            ec1.GenerateKey(ECCurve.NamedCurves.nistP256);

            var ec2 = new ECDsaCng();

            ec2.GenerateKey(ECCurve.NamedCurves.brainpoolP256r1);
            ec2.GenerateKey(ECCurve.NamedCurves.nistP384);

            var ec3 = new ECDsaOpenSsl();

            ec3.GenerateKey(ECCurve.NamedCurves.brainpoolP384t1);
            ec3.GenerateKey(ECCurve.NamedCurves.nistP521);
        }
        internal MessageClientIdentity(string systemName, string clientName, ECDiffieHellman dh, bool isPrivateIdentity)
        {
            SystemName      = systemName;
            Name            = clientName;
            ECDiffieHellman = dh;

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
            {
                ECDsa = new ECDsaCng();
            }
            else
            {
                ECDsa = new ECDsaOpenSsl();
            }

            ECDsa.ImportParameters(dh.ExportExplicitParameters(isPrivateIdentity));
        }
        public void CompliantKeySizeSet()
        {
            var ec1 = new ECDiffieHellmanCng();

            ec1.KeySize = 512;
            ec1.KeySize = 128; // OK - because this is not a valid key size for this object

            var ec2 = new ECDsaCng();

            ec2.KeySize = 512;
            ec2.KeySize = 64; // OK - because this is not a valid key size for this object

            var ec3 = new ECDsaOpenSsl();

            ec3.KeySize = 512;
            ec3.KeySize = 12; // OK - because this is not a valid key size for this object
        }
Beispiel #25
0
        public SafeFreeCredentials(X509Certificate certificate, SslProtocols protocols, EncryptionPolicy policy)
            : base(IntPtr.Zero, true)
        {
            Debug.Assert(
                certificate == null || certificate is X509Certificate2,
                "Only X509Certificate2 certificates are supported at this time");

            X509Certificate2 cert = (X509Certificate2)certificate;

            if (cert != null)
            {
                Debug.Assert(cert.HasPrivateKey, "cert.HasPrivateKey");

                using (RSAOpenSsl rsa = (RSAOpenSsl)cert.GetRSAPrivateKey())
                {
                    if (rsa != null)
                    {
                        _certKeyHandle = rsa.DuplicateKeyHandle();
                        Interop.Crypto.CheckValidOpenSslHandle(_certKeyHandle);
                    }
                }

                if (_certKeyHandle == null)
                {
                    using (ECDsaOpenSsl ecdsa = (ECDsaOpenSsl)cert.GetECDsaPrivateKey())
                    {
                        if (ecdsa != null)
                        {
                            _certKeyHandle = ecdsa.DuplicateKeyHandle();
                            Interop.Crypto.CheckValidOpenSslHandle(_certKeyHandle);
                        }
                    }
                }

                if (_certKeyHandle == null)
                {
                    throw new NotSupportedException(SR.net_ssl_io_no_server_cert);
                }

                _certHandle = Interop.Crypto.X509Duplicate(cert.Handle);
                Interop.Crypto.CheckValidOpenSslHandle(_certHandle);
            }

            _protocols = protocols;
            _policy    = policy;
        }
Beispiel #26
0
        public static void CtorHandle384()
        {
            IntPtr ecKey = EC_KEY_new_by_curve_name(NID_secp384r1);

            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = EC_KEY_generate_key(ecKey);

            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                int keySize = e.KeySize;
                Assert.Equal(384, keySize);
                e.Exercise();
            }

            EC_KEY_free(ecKey);
        }
Beispiel #27
0
        public void CtorHandle384()
        {
            IntPtr ecKey = Interop.Crypto.EcKeyCreateByOid(ECDSA_P384_OID_VALUE);

            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = Interop.Crypto.EcKeyGenerateKey(ecKey);

            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                int keySize = e.KeySize;
                Assert.Equal(384, keySize);
                e.Exercise();
            }

            Interop.Crypto.EcKeyDestroy(ecKey);
        }
Beispiel #28
0
        [ConditionalFact("ECDsa224Available")] // Issue #4337
        public static void CtorHandle224()
        {
            IntPtr ecKey = Interop.Crypto.EcKeyCreateByCurveName(NID_secp224r1);

            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = Interop.Crypto.EcKeyGenerateKey(ecKey);

            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                int keySize = e.KeySize;
                Assert.Equal(224, keySize);
                e.Exercise();
            }

            Interop.Crypto.EcKeyDestroy(ecKey);
        }
Beispiel #29
0
        public static void VerifyDuplicateKey_RefCounts()
        {
            byte[] data = ByteUtils.RepeatByte(0x74, 11);
            byte[] signature;
            ECDsa  second;

            using (ECDsaOpenSsl first = new ECDsaOpenSsl())
                using (SafeEvpPKeyHandle firstHandle = first.DuplicateKeyHandle())
                {
                    signature = first.SignData(data, HashAlgorithmName.SHA384);
                    second    = new ECDsaOpenSsl(firstHandle);
                }

            // Now show that second still works, despite first and firstHandle being Disposed.
            using (second)
            {
                Assert.True(second.VerifyData(data, signature, HashAlgorithmName.SHA384));
            }
        }
Beispiel #30
0
        public ICertificatePal CopyWithPrivateKey(ECDsa privateKey)
        {
            ECDsaOpenSsl typedKey = privateKey as ECDsaOpenSsl;

            if (typedKey != null)
            {
                return(CopyWithPrivateKey((SafeEvpPKeyHandle)typedKey.DuplicateKeyHandle()));
            }

            ECParameters ecParameters = privateKey.ExportParameters(true);

            using (PinAndClear.Track(ecParameters.D))
                using (typedKey = new ECDsaOpenSsl())
                {
                    typedKey.ImportParameters(ecParameters);

                    return(CopyWithPrivateKey((SafeEvpPKeyHandle)typedKey.DuplicateKeyHandle()));
                }
        }
        public void CtorHandleDuplicate()
        {
            IntPtr ecKey = Interop.Crypto.EcKeyCreateByOid(ECDSA_P521_OID_VALUE);

            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = Interop.Crypto.EcKeyGenerateKey(ecKey);

            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                // Make sure ECDsaOpenSsl did its own ref-count bump.
                Interop.Crypto.EcKeyDestroy(ecKey);

                int keySize = e.KeySize;
                Assert.Equal(521, keySize);
                e.Exercise();
            }
        }
Beispiel #32
0
        public static void CtorHandleDuplicate()
        {
            IntPtr ecKey = Interop.Crypto.EcKeyCreateByCurveName(NID_secp521r1);

            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = Interop.Crypto.EcKeyGenerateKey(ecKey);

            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                // Make sure ECDsaOpenSsl did his own ref-count bump.
                Interop.Crypto.EcKeyDestroy(ecKey);

                int keySize = e.KeySize;
                Assert.Equal(521, keySize);
                e.Exercise();
            }
        }
Beispiel #33
0
        public static void CtorHandleDuplicate()
        {
            IntPtr ecKey = EC_KEY_new_by_curve_name(NID_secp521r1);

            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = EC_KEY_generate_key(ecKey);

            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                // Make sure ECDsaOpenSsl did his own ref-count bump.
                EC_KEY_free(ecKey);

                int keySize = e.KeySize;
                Assert.Equal(521, keySize);
                e.Exercise();
            }
        }
Beispiel #34
0
        public void KeySizePropWithExercise()
        {
            using (ECDsaOpenSsl e = new ECDsaOpenSsl())
            {
                e.KeySize = 384;
                Assert.Equal(384, e.KeySize);
                e.Exercise();
                ECParameters p384 = e.ExportParameters(false);
                Assert.Equal(ECCurve.ECCurveType.Named, p384.Curve.CurveType);

                e.KeySize = 521;
                Assert.Equal(521, e.KeySize);
                e.Exercise();
                ECParameters p521 = e.ExportParameters(false);
                Assert.Equal(ECCurve.ECCurveType.Named, p521.Curve.CurveType);

                // ensure the key was regenerated
                Assert.NotEqual(p384.Curve.Oid.Value, p521.Curve.Oid.Value);
            }
        }
Beispiel #35
0
        protected override byte[] ExportPkcs8(
            ICertificatePalCore certificatePal,
            ReadOnlySpan <char> password)
        {
            AsymmetricAlgorithm alg        = null;
            SafeEvpPKeyHandle   privateKey = ((OpenSslX509CertificateReader)certificatePal).PrivateKeyHandle;

            try
            {
                alg = new RSAOpenSsl(privateKey);
            }
            catch (CryptographicException)
            {
            }

            if (alg == null)
            {
                try
                {
                    alg = new ECDsaOpenSsl(privateKey);
                }
                catch (CryptographicException)
                {
                }
            }

            if (alg == null)
            {
                try
                {
                    alg = new DSAOpenSsl(privateKey);
                }
                catch (CryptographicException)
                {
                }
            }

            Debug.Assert(alg != null);
            return(alg.ExportEncryptedPkcs8PrivateKey(password, s_windowsPbe));
        }
Beispiel #36
0
 public static void VerifyDuplicateKey_ECDsaHandle()
 {
     using (ECDsaOpenSsl ecdsa = new ECDsaOpenSsl())
     using (SafeEvpPKeyHandle pkey = ecdsa.DuplicateKeyHandle())
     {
         Assert.ThrowsAny<CryptographicException>(() => new DSAOpenSsl(pkey));
     }
 }
Beispiel #37
0
        public static void CtorHandleDuplicate()
        {
            IntPtr ecKey = EC_KEY_new_by_curve_name(NID_secp521r1);
            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = EC_KEY_generate_key(ecKey);
            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                // Make sure ECDsaOpenSsl did his own ref-count bump.
                EC_KEY_free(ecKey);

                int keySize = e.KeySize;
                Assert.Equal(521, keySize);
                e.Exercise();
            }
        }
Beispiel #38
0
        public void KeySizePropWithExercise()
        {
            using (ECDsaOpenSsl e = new ECDsaOpenSsl())
            {
                e.KeySize = 384;
                Assert.Equal(384, e.KeySize);
                e.Exercise();
                ECParameters p384 = e.ExportParameters(false);
                Assert.Equal(ECCurve.ECCurveType.Named, p384.Curve.CurveType);

                e.KeySize = 521;
                Assert.Equal(521, e.KeySize);
                e.Exercise();
                ECParameters p521 = e.ExportParameters(false);
                Assert.Equal(ECCurve.ECCurveType.Named, p521.Curve.CurveType);

                // ensure the key was regenerated
                Assert.NotEqual(p384.Curve.Oid.Value, p521.Curve.Oid.Value);
            }
        }
Beispiel #39
0
 public void LookupCurveByOidValue()
 {
     ECDsaOpenSsl ec = null;
     ec = new ECDsaOpenSsl(ECCurve.CreateFromValue(ECDSA_P256_OID_VALUE)); // Same as nistP256
     ECParameters param = ec.ExportParameters(false);
     param.Validate();
     Assert.Equal(256, ec.KeySize);
     Assert.True(param.Curve.IsNamed);
     Assert.Equal("ECDSA_P256", param.Curve.Oid.FriendlyName);
     Assert.Equal(ECDSA_P256_OID_VALUE, param.Curve.Oid.Value);
 }
        public static void VerifyDuplicateKey_InvalidHandle()
        {
            using (ECDsaOpenSsl ecdsa = new ECDsaOpenSsl())
            {
                SafeEvpPKeyHandle pkey = ecdsa.DuplicateKeyHandle();

                using (pkey)
                {
                }

                Assert.Throws<ArgumentException>(() => new ECDsaOpenSsl(pkey));
            }
        }
        public static void VerifyDuplicateKey_RefCounts()
        {
            byte[] data = ByteUtils.RepeatByte(0x74, 11);
            byte[] signature;
            ECDsa second;

            using (ECDsaOpenSsl first = new ECDsaOpenSsl())
            using (SafeEvpPKeyHandle firstHandle = first.DuplicateKeyHandle())
            {
                signature = first.SignData(data, HashAlgorithmName.SHA384);
                second = new ECDsaOpenSsl(firstHandle);
            }

            // Now show that second still works, despite first and firstHandle being Disposed.
            using (second)
            {
                Assert.True(second.VerifyData(data, signature, HashAlgorithmName.SHA384));
            }
        }
 public static void VerifyDuplicateKey_DistinctHandles()
 {
     using (ECDsaOpenSsl first = new ECDsaOpenSsl())
     using (SafeEvpPKeyHandle firstHandle = first.DuplicateKeyHandle())
     using (SafeEvpPKeyHandle firstHandle2 = first.DuplicateKeyHandle())
     {
         Assert.NotSame(firstHandle, firstHandle2);
     }
 }
        public static void VerifyDuplicateKey_ValidHandle()
        {
            byte[] data = ByteUtils.RepeatByte(0x71, 11);

            using (ECDsaOpenSsl first = new ECDsaOpenSsl())
            using (SafeEvpPKeyHandle firstHandle = first.DuplicateKeyHandle())
            {
                using (ECDsa second = new ECDsaOpenSsl(firstHandle))
                {
                    byte[] signed = second.SignData(data, HashAlgorithmName.SHA512);
                    Assert.True(first.VerifyData(data, signed, HashAlgorithmName.SHA512));
                }
            }
        }
        public static void KeySizeProp()
        {
            using (ECDsaOpenSsl e = new ECDsaOpenSsl())
            {
                e.KeySize = 384;
                Assert.Equal(384, e.KeySize);
                e.Exercise();

                e.KeySize = 224;
                Assert.Equal(224, e.KeySize);
                e.Exercise();
            }
        }
        public static void CtorHandleDuplicate()
        {
            IntPtr ecKey = Interop.Crypto.EcKeyCreateByCurveName(NID_secp521r1);
            Assert.NotEqual(IntPtr.Zero, ecKey);
            int success = Interop.Crypto.EcKeyGenerateKey(ecKey);
            Assert.NotEqual(0, success);

            using (ECDsaOpenSsl e = new ECDsaOpenSsl(ecKey))
            {
                // Make sure ECDsaOpenSsl did his own ref-count bump.
                Interop.Crypto.EcKeyDestroy(ecKey);

                int keySize = e.KeySize;
                Assert.Equal(521, keySize);
                e.Exercise();
            }
        }
Beispiel #46
0
        public void LookupCurveByOidFriendlyName()
        {
            ECDsaOpenSsl ec = null;

            // prime256v1 is alias for nistP256 for OpenSsl
            ec = new ECDsaOpenSsl(ECCurve.CreateFromFriendlyName("prime256v1"));
            ECParameters param = ec.ExportParameters(false);
            param.Validate();
            Assert.Equal(256, ec.KeySize);
            Assert.True(param.Curve.IsNamed);
            Assert.Equal("ECDSA_P256", param.Curve.Oid.FriendlyName); // OpenSsl maps prime256v1 to ECDSA_P256
            Assert.Equal(ECDSA_P256_OID_VALUE, param.Curve.Oid.Value);

            // secp521r1 is same as nistP521; note Windows uses secP521r1 (uppercase P)
            ec = new ECDsaOpenSsl(ECCurve.CreateFromFriendlyName("secp521r1"));
            param = ec.ExportParameters(false);
            param.Validate();
            Assert.Equal(521, ec.KeySize);
            Assert.True(param.Curve.IsNamed);
            Assert.Equal("ECDSA_P521", param.Curve.Oid.FriendlyName); // OpenSsl maps secp521r1 to ECDSA_P521
            Assert.Equal(ECDSA_P521_OID_VALUE, param.Curve.Oid.Value);
        }