public static TheoryData <RsaKeyWrapTestParams> RsaWrapUnwrapTheoryData()
{
var theoryData = new TheoryData <RsaKeyWrapTestParams>();
// round trip positive tests
AddWrapUnwrapTheoryData(
"Test1",
SecurityAlgorithms.RsaPKCS1,
KeyingMaterial.RsaSecurityKey_2048_Public,
KeyingMaterial.RsaSecurityKey_2048,
theoryData);
AddWrapUnwrapTheoryData(
"Test2",
SecurityAlgorithms.RsaOAEP,
KeyingMaterial.RsaSecurityKey_2048_Public,
KeyingMaterial.RsaSecurityKey_2048,
theoryData);
// Wrap parameter checking
AddWrapParameterCheckTheoryData(
"Test3",
SecurityAlgorithms.RsaPKCS1,
KeyingMaterial.RsaSecurityKey_2048_Public,
KeyingMaterial.RsaSecurityKey_2048,
null,
ExpectedException.ArgumentNullException(),
theoryData);
return(theoryData);
}
public static TheoryData <EncryptingCredentialsTheoryData> ConstructorBTheoryData()
{
return(new TheoryData <EncryptingCredentialsTheoryData>
{
new EncryptingCredentialsTheoryData
{
Key = null,
Enc = SecurityAlgorithms.Aes128CbcHmacSha256,
ExpectedException = ExpectedException.ArgumentNullException("IDX10000: The parameter 'key'"),
TestId = "NullKey"
},
new EncryptingCredentialsTheoryData
{
Key = Default.SymmetricEncryptionKey128,
Enc = String.Empty,
ExpectedException = ExpectedException.ArgumentNullException("IDX10000: The parameter 'enc'"),
TestId = "EmptyEncString"
},
new EncryptingCredentialsTheoryData
{
Key = Default.SymmetricEncryptionKey128,
Enc = null,
ExpectedException = ExpectedException.ArgumentNullException("IDX10000: The parameter 'enc'"),
TestId = "NullEncString"
},
new EncryptingCredentialsTheoryData
{
Key = Default.SymmetricEncryptionKey128,
Enc = SecurityAlgorithms.Aes128CbcHmacSha256,
TestId = "ValidTest"
}
});
}
public static TheoryData <AuthenticatedEncryptionTheoryData> GetKeyBytesTheoryData()
{
return(new TheoryData <AuthenticatedEncryptionTheoryData>
{
new AuthenticatedEncryptionTheoryData
{
Bytes = Default.SymmetricEncryptionKey256.Key,
DecryptKey = Default.SymmetricEncryptionKey256,
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test1"
},
new AuthenticatedEncryptionTheoryData
{
DecryptKey = null,
ExpectedException = ExpectedException.ArgumentNullException(),
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test2"
},
new AuthenticatedEncryptionTheoryData
{
DecryptKey = Default.AsymmetricSigningKey,
ExpectedException = ExpectedException.ArgumentException("IDX10667:"),
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test3"
},
new AuthenticatedEncryptionTheoryData
{
Bytes = KeyingMaterial.JsonWebKeySymmetricBytes256,
DecryptKey = KeyingMaterial.JsonWebKeySymmetric256,
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test4"
}
});
}
public static TheoryData <string, SecurityKey, string, ExpectedException> AEPConstructorTheoryData()
{
var theoryData = new TheoryData <string, SecurityKey, string, ExpectedException>();
theoryData.Add("Test1", null, null, ExpectedException.ArgumentNullException());
theoryData.Add("Test2", Default.SymmetricEncryptionKey256, null, ExpectedException.ArgumentNullException());
theoryData.Add("Test3", Default.SymmetricEncryptionKey256, SecurityAlgorithms.Aes128CbcHmacSha256, ExpectedException.NoExceptionExpected);
theoryData.Add("Test4", Default.SymmetricEncryptionKey512, SecurityAlgorithms.Aes128CbcHmacSha256, ExpectedException.NoExceptionExpected);
theoryData.Add("Test5", Default.SymmetricEncryptionKey512, SecurityAlgorithms.Aes256CbcHmacSha512, ExpectedException.NoExceptionExpected);
theoryData.Add("Test6", Default.SymmetricEncryptionKey256, SecurityAlgorithms.Aes128Encryption, ExpectedException.ArgumentException("IDX10659:"));
theoryData.Add("Test7", Default.SymmetricEncryptionKey128, SecurityAlgorithms.Aes128CbcHmacSha256, ExpectedException.ArgumentOutOfRangeException("IDX10653:"));
theoryData.Add("Test8", Default.SymmetricEncryptionKey256, SecurityAlgorithms.Aes256CbcHmacSha512, ExpectedException.ArgumentOutOfRangeException("IDX10653:"));
// set key.CryptoProviderFactory that return null when creating SignatureProvider
var key = Default.SymmetricEncryptionKey256;
key.CryptoProviderFactory = new DerivedCryptoProviderFactory
{
SymmetricSignatureProviderForSigning = null,
SymmetricSignatureProviderForVerifying = null
};
theoryData.Add("Test9", key, SecurityAlgorithms.Aes128CbcHmacSha256, ExpectedException.ArgumentException("IDX10649:"));
return(theoryData);
}
public static TheoryData <string, SecurityKey, string, ExpectedException> KeyWrapConstructorTheoryData()
{
var theoryData = new TheoryData <string, SecurityKey, string, ExpectedException>();
theoryData.Add("Test1", null, null, ExpectedException.ArgumentNullException());
theoryData.Add("Test2", Default.SymmetricEncryptionKey128, null, ExpectedException.ArgumentNullException());
theoryData.Add("Test3", Default.SymmetricEncryptionKey128, SecurityAlgorithms.Aes128Encryption, ExpectedException.ArgumentException("IDX10661:"));
theoryData.Add("Test4", Default.SymmetricEncryptionKey128, SecurityAlgorithms.Aes128KW, ExpectedException.NoExceptionExpected);
theoryData.Add("Test5", Default.SymmetricEncryptionKey256, SecurityAlgorithms.Aes256KW, ExpectedException.NoExceptionExpected);
theoryData.Add("Test6", Default.SymmetricEncryptionKey128, SecurityAlgorithms.Aes256KW, ExpectedException.ArgumentOutOfRangeException("IDX10662:"));
theoryData.Add("Test7", Default.SymmetricEncryptionKey256, SecurityAlgorithms.Aes128KW, ExpectedException.ArgumentOutOfRangeException("IDX10662:"));
JsonWebKey key = new JsonWebKey()
{
Kty = JsonWebAlgorithmsKeyTypes.Octet
};
theoryData.Add("Test8", key, SecurityAlgorithms.Aes256KW, ExpectedException.ArgumentException("IDX10661:"));
key = new JsonWebKey()
{
Kty = JsonWebAlgorithmsKeyTypes.RSA, K = KeyingMaterial.JsonWebKeySymmetric128.K
};
theoryData.Add("Test9", key, SecurityAlgorithms.Aes256KW, ExpectedException.ArgumentException("IDX10661:"));
theoryData.Add("Test10", KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.Aes256KW, ExpectedException.ArgumentException("IDX10661:"));
theoryData.Add("Test11", KeyingMaterial.JsonWebKeySymmetric128, SecurityAlgorithms.Aes128KW, ExpectedException.NoExceptionExpected);
theoryData.Add("Test12", KeyingMaterial.JsonWebKeySymmetric256, SecurityAlgorithms.Aes256KW, ExpectedException.NoExceptionExpected);
return(theoryData);
}
public void Constructor()
{
// testing constructor that takes ECDsa instance
ECDsaSecurityKeyConstructorWithEcdsa(null, ExpectedException.ArgumentNullException("ecdsa"));
ECDsaSecurityKeyConstructorWithEcdsa(new ECDsaCng(), ExpectedException.NoExceptionExpected);
var ecdsaSecurityKey = new ECDsaSecurityKey(new ECDsaCng());
Assert.True(ecdsaSecurityKey.PrivateKeyStatus == PrivateKeyStatus.Unknown, "ecdsaSecurityKey.FoundPrivateKey is unknown");
}
public void Constructor()
{
// testing constructor that takes ECDsa instance
ECDsaSecurityKeyConstructorWithEcdsa(null, ExpectedException.ArgumentNullException("ecdsa"));
ECDsaSecurityKeyConstructorWithEcdsa(new ECDsaCng(), ExpectedException.NoExceptionExpected);
var ecdsaSecurityKey = new ECDsaSecurityKey(new ECDsaCng());
Assert.True(ecdsaSecurityKey.HasPrivateKey, "ecdsaSecurityKey.HasPrivate is false");
}
public static TheoryData <X509EncryptingCredentialsTheoryData> ConstructorsTheoryData()
{
return(new TheoryData <X509EncryptingCredentialsTheoryData>
{
new X509EncryptingCredentialsTheoryData
{
Certificate = null,
Alg = SecurityAlgorithms.RsaOaepKeyWrap,
Enc = SecurityAlgorithms.Aes128CbcHmacSha256,
ExpectedException = ExpectedException.ArgumentNullException("IDX10000: The parameter 'certificate'"),
TestId = "NullCertificate"
},
new X509EncryptingCredentialsTheoryData
{
Certificate = Default.Certificate,
Alg = String.Empty,
Enc = SecurityAlgorithms.Aes128CbcHmacSha256,
ExpectedException = ExpectedException.ArgumentNullException("IDX10000: The parameter 'alg'"),
TestId = "EmptyAlgString"
},
new X509EncryptingCredentialsTheoryData
{
Certificate = Default.Certificate,
Alg = SecurityAlgorithms.RsaOaepKeyWrap,
Enc = String.Empty,
ExpectedException = ExpectedException.ArgumentNullException("IDX10000: The parameter 'enc'"),
TestId = "EmptyEncString"
},
new X509EncryptingCredentialsTheoryData
{
Certificate = Default.Certificate,
Alg = null,
Enc = SecurityAlgorithms.Aes128CbcHmacSha256,
ExpectedException = ExpectedException.ArgumentNullException("IDX10000: The parameter 'alg'"),
TestId = "NullAlgString"
},
new X509EncryptingCredentialsTheoryData
{
Certificate = Default.Certificate,
Alg = SecurityAlgorithms.RsaOaepKeyWrap,
Enc = null,
ExpectedException = ExpectedException.ArgumentNullException("IDX10000: The parameter 'enc'"),
TestId = "NullEncString"
},
new X509EncryptingCredentialsTheoryData
{
Certificate = Default.Certificate,
Alg = SecurityAlgorithms.RsaOaepKeyWrap,
Enc = SecurityAlgorithms.Aes128CbcHmacSha256,
TestId = "ValidTest"
}
});
}
private static void AddDecryptParameterCheckTheoryData(string testId, byte[] authenticatedData, byte[] authenticationTag, byte[] cipherText, byte[] iv, TheoryData <AuthenticatedEncryptionTestParams> theoryData)
{
var provider = new AuthenticatedEncryptionProvider(Default.SymmetricEncryptionKey256, SecurityAlgorithms.Aes128CbcHmacSha256);
theoryData.Add(new AuthenticatedEncryptionTestParams
{
AuthenticatedData = authenticatedData,
EE = ExpectedException.ArgumentNullException(),
EncryptionResults = new AuthenticatedEncryptionResult(Default.SymmetricEncryptionKey256, cipherText, iv, authenticationTag),
Provider = provider,
TestId = testId
});
}
private static void AddEncryptParameterCheckTheoryData(string testId, byte[] authenticatedData, byte[] plainText, TheoryData <AuthenticatedEncryptionTheoryData> theoryData)
{
var provider = new AuthenticatedEncryptionProvider(Default.SymmetricEncryptionKey256, SecurityAlgorithms.Aes128CbcHmacSha256);
theoryData.Add(new AuthenticatedEncryptionTheoryData
{
AuthenticatedData = authenticatedData,
ExpectedException = ExpectedException.ArgumentNullException(),
EncryptionResults = new AuthenticatedEncryptionResult(Default.SymmetricEncryptionKey256, new byte[1], new byte[1], new byte[1]),
Plaintext = plainText,
Provider = provider,
TestId = testId
});
}
public static TheoryData <AuthenticatedEncryptionTestParams> ValidateKeySizeTheoryData()
{
var theoryData = new TheoryData <AuthenticatedEncryptionTestParams>();
theoryData.Add(new AuthenticatedEncryptionTestParams
{
DecryptAlgorithm = SecurityAlgorithms.Aes128CbcHmacSha256,
DecryptKey = null,
EE = ExpectedException.ArgumentNullException(),
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test1"
});
theoryData.Add(new AuthenticatedEncryptionTestParams
{
DecryptAlgorithm = null,
DecryptKey = Default.SymmetricEncryptionKey256,
EE = ExpectedException.ArgumentNullException(),
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test2"
});
theoryData.Add(new AuthenticatedEncryptionTestParams
{
DecryptAlgorithm = string.Empty,
DecryptKey = Default.SymmetricEncryptionKey256,
EE = ExpectedException.ArgumentNullException(),
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test3"
});
theoryData.Add(new AuthenticatedEncryptionTestParams
{
DecryptAlgorithm = SecurityAlgorithms.Aes192KeyWrap,
DecryptKey = Default.SymmetricEncryptionKey256,
EE = ExpectedException.ArgumentException("IDX10652:"),
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test4"
});
return(theoryData);
}
public static TheoryData <AuthenticatedEncryptionTestParams> GetKeyBytesTheoryData()
{
var theoryData = new TheoryData <AuthenticatedEncryptionTestParams>();
theoryData.Add(new AuthenticatedEncryptionTestParams
{
Bytes = Default.SymmetricEncryptionKey256.Key,
DecryptKey = Default.SymmetricEncryptionKey256,
EE = ExpectedException.NoExceptionExpected,
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test1"
});
theoryData.Add(new AuthenticatedEncryptionTestParams
{
DecryptKey = null,
EE = ExpectedException.ArgumentNullException(),
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test2"
});
theoryData.Add(new AuthenticatedEncryptionTestParams
{
DecryptKey = Default.AsymmetricSigningKey,
EE = ExpectedException.ArgumentException("IDX10667:"),
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test3"
});
theoryData.Add(new AuthenticatedEncryptionTestParams
{
Bytes = KeyingMaterial.JsonWebKeySymmetricBytes256,
DecryptKey = KeyingMaterial.JsonWebKeySymmetric256,
EE = ExpectedException.NoExceptionExpected,
Provider = new DerivedAuthenticatedEncryptionProvider(),
TestId = "Test1"
});
return(theoryData);
}
public static TheoryData <KeyWrapTheoryData> RsaUnwrapTheoryData()
{
return(new TheoryData <KeyWrapTheoryData>
{
new KeyWrapTheoryData
{
ExpectedException = ExpectedException.ArgumentNullException(),
TestId = "NullKey",
UnwrapAlgorithm = SecurityAlgorithms.RsaPKCS1,
UnwrapKey = KeyingMaterial.RsaSecurityKey_2048,
WrappedKey = null
},
new KeyWrapTheoryData
{
ExpectedException = ExpectedException.ArgumentNullException(),
TestId = "ZeroByteLength",
UnwrapAlgorithm = SecurityAlgorithms.RsaPKCS1,
UnwrapKey = KeyingMaterial.RsaSecurityKey_2048,
WrappedKey = new byte[0]
}
});
}
public void Constructor()
{
// testing constructor that takes rsa parameters
RsaSecurityKeyConstructor(KeyingMaterial.RsaParameters_1024, ExpectedException.NoExceptionExpected);
RsaSecurityKeyConstructor(KeyingMaterial.RsaParameters_1024_Public, ExpectedException.NoExceptionExpected);
// missing modulus or exponent
RsaSecurityKeyConstructor(KeyingMaterial.RsaParameters_2048_MissingExponent, ExpectedException.ArgumentException("IDX10700"));
RsaSecurityKeyConstructor(KeyingMaterial.RsaParameters_2048_MissingModulus, ExpectedException.ArgumentException("IDX10700"));
// testing constructor that takes Rsa instance
RsaSecurityKeyConstructorWithRsa(null, ExpectedException.ArgumentNullException("rsa"));
#if NET452
RSA rsaCsp_2048 = new RSACryptoServiceProvider();
rsaCsp_2048.ImportParameters(KeyingMaterial.RsaParameters_2048);
RSA rsaCsp_2048_Public = new RSACryptoServiceProvider();
rsaCsp_2048_Public.ImportParameters(KeyingMaterial.RsaParameters_2048_Public);
RsaSecurityKeyConstructorWithRsa(rsaCsp_2048, ExpectedException.NoExceptionExpected);
RsaSecurityKeyConstructorWithRsa(rsaCsp_2048_Public, ExpectedException.NoExceptionExpected);
#endif
}
public static TheoryData <RsaKeyWrapTestParams> RsaUnwrapTheoryData()
{
var theoryData = new TheoryData <RsaKeyWrapTestParams>();
theoryData.Add(new RsaKeyWrapTestParams
{
DecryptAlgorithm = SecurityAlgorithms.RsaPKCS1,
DecryptKey = KeyingMaterial.RsaSecurityKey_2048,
WrappedKey = null,
EE = ExpectedException.ArgumentNullException(),
TestId = "NullKey"
});
theoryData.Add(new RsaKeyWrapTestParams
{
DecryptAlgorithm = SecurityAlgorithms.RsaPKCS1,
DecryptKey = KeyingMaterial.RsaSecurityKey_2048,
WrappedKey = new byte[0],
EE = ExpectedException.ArgumentNullException(),
TestId = "ZeroByteLength"
});
return(theoryData);
}
public void SignatureProviders_Sign()
{
List <string> errors = new List <string>();
byte[] rawBytes = new byte[8192];
(new Random()).NextBytes(rawBytes);
// Asymmetric
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha256Signature, null, ExpectedException.ArgumentNullException(), errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha256Signature, new byte[0], ExpectedException.ArgumentException("IDX10624:"), errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.RsaSecurityKey_1024, SecurityAlgorithms.RsaSha256Signature, rawBytes, ExpectedException.ArgumentOutOfRangeException("IDX10630:"), errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha256Signature, rawBytes, ExpectedException.NoExceptionExpected, errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.RsaSecurityKeyWithCspProvider_2048, SecurityAlgorithms.RsaSha256Signature, rawBytes, ExpectedException.NoExceptionExpected, errors);
#if NETCOREAPP1_0
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.RsaSecurityKeyWithCngProvider_2048, SecurityAlgorithms.RsaSha256Signature, rawBytes, ExpectedException.NoExceptionExpected, errors);
Assert.ThrowsAny <CryptographicException>(() =>
{
AsymmetricSignatureProvider provider = new AsymmetricSignatureProvider(KeyingMaterial.RsaSecurityKeyWithCngProvider_2048_Public, SecurityAlgorithms.RsaSha256Signature);
provider.Sign(rawBytes);
});
#endif
// since the actual exception thrown is private - WindowsCryptographicException, using this pattern to match the derived exception
Assert.ThrowsAny <CryptographicException>(() =>
{
AsymmetricSignatureProvider provider = new AsymmetricSignatureProvider(KeyingMaterial.RsaSecurityKeyWithCspProvider_2048_Public, SecurityAlgorithms.RsaSha256Signature);
provider.Sign(rawBytes);
});
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.RsaSecurityKey_2048_Public, SecurityAlgorithms.RsaSha256Signature, rawBytes, ExpectedException.InvalidOperationException("IDX10638:"), errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.RsaSecurityKey_2048, "NOT_SUPPORTED", rawBytes, ExpectedException.ArgumentException("IDX10634:"), errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.ECDsa256Key, SecurityAlgorithms.EcdsaSha256, rawBytes, ExpectedException.NoExceptionExpected, errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.ECDsa256Key_Public, SecurityAlgorithms.EcdsaSha256, rawBytes, ExpectedException.InvalidOperationException("IDX10638:"), errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.JsonWebKeyRsa256, SecurityAlgorithms.RsaSha256Signature, rawBytes, ExpectedException.NoExceptionExpected, errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.JsonWebKeyRsa256Public, SecurityAlgorithms.RsaSha256Signature, rawBytes, ExpectedException.InvalidOperationException("IDX10638:"), errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.JsonWebKeyEcdsa256, SecurityAlgorithms.EcdsaSha256, rawBytes, ExpectedException.NoExceptionExpected, errors);
AsymmetricSignatureProvidersSignVariation(KeyingMaterial.JsonWebKeyEcdsa256Public, SecurityAlgorithms.EcdsaSha256, rawBytes, ExpectedException.InvalidOperationException("IDX10638:"), errors);
// Symmetric
SymmetricSignatureProvidersSignVariation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, null, ExpectedException.ArgumentNullException(), errors);
SymmetricSignatureProvidersSignVariation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, new byte[0], ExpectedException.ArgumentException("IDX10624:"), errors);
SymmetricSignatureProvidersSignVariation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, rawBytes, ExpectedException.NoExceptionExpected, errors);
SymmetricSignatureProvidersSignVariation(KeyingMaterial.SymmetricSecurityKey_56, SecurityAlgorithms.HmacSha256Signature, rawBytes, ExpectedException.ArgumentOutOfRangeException("IDX10603:"), errors);
SymmetricSignatureProvidersSignVariation(KeyingMaterial.JsonWebKeySymmetric256, SecurityAlgorithms.HmacSha256Signature, rawBytes, ExpectedException.NoExceptionExpected, errors);
TestUtilities.AssertFailIfErrors("SignatureProviders_Sign", errors);
}
public void AsymmetricSignatureProviders_Verify()
{
List <string> errors = new List <string>();
byte[] rawBytes = new byte[8192];
(new Random()).NextBytes(rawBytes);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha256Signature, null, null, ExpectedException.ArgumentNullException(), errors, false);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha256Signature, new byte[1], null, ExpectedException.ArgumentNullException(), errors, false);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha256Signature, new byte[0], new byte[1], ExpectedException.ArgumentException("IDX10625:"), errors, false);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha256Signature, new byte[1], new byte[0], ExpectedException.ArgumentException("IDX10626:"), errors, false);
var signature = GetSignature(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha256Signature, rawBytes);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048_Public, SecurityAlgorithms.RsaSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKeyWithCspProvider_2048_Public, SecurityAlgorithms.RsaSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
#if NETCOREAPP1_0
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKeyWithCngProvider_2048_Public, SecurityAlgorithms.RsaSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
#endif
// wrong hash
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048_Public, SecurityAlgorithms.RsaSha384Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048_Public, SecurityAlgorithms.RsaSha512Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
// wrong key
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_4096_Public, SecurityAlgorithms.RsaSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
signature = GetSignature(KeyingMaterial.RsaSecurityKey_4096, SecurityAlgorithms.RsaSha256Signature, rawBytes);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_4096, SecurityAlgorithms.RsaSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_4096_Public, SecurityAlgorithms.RsaSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
// wrong hash
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_4096_Public, SecurityAlgorithms.RsaSha384Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_4096_Public, SecurityAlgorithms.RsaSha512Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
// wrong key
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048_Public, SecurityAlgorithms.RsaSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
// sha384, 512
signature = GetSignature(KeyingMaterial.RsaSecurityKeyWithCspProvider_2048, SecurityAlgorithms.RsaSha384Signature, rawBytes);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048_Public, SecurityAlgorithms.RsaSha384Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
signature = GetSignature(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaSha512Signature, rawBytes);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.RsaSecurityKey_2048_Public, SecurityAlgorithms.RsaSha512Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
//ecdsa
signature = GetSignature(KeyingMaterial.ECDsa256Key, SecurityAlgorithms.EcdsaSha256, rawBytes);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.ECDsa256Key, SecurityAlgorithms.EcdsaSha256, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.ECDsa256Key_Public, SecurityAlgorithms.EcdsaSha256, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
// wrong key
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.ECDsa256Key, SecurityAlgorithms.EcdsaSha384, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
#if NETCOREAPP1_0
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.ECDsa384Key, SecurityAlgorithms.EcdsaSha384, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
#else
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.ECDsa384Key, SecurityAlgorithms.EcdsaSha384, rawBytes, signature, new ExpectedException(typeof(CryptographicException)), errors, false);
#endif
signature = GetSignature(KeyingMaterial.ECDsa384Key, SecurityAlgorithms.EcdsaSha384, rawBytes);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.ECDsa384Key, SecurityAlgorithms.EcdsaSha384, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
signature = GetSignature(KeyingMaterial.JsonWebKeyEcdsa256, SecurityAlgorithms.EcdsaSha256, rawBytes);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.JsonWebKeyEcdsa256, SecurityAlgorithms.EcdsaSha256, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.JsonWebKeyEcdsa256Public, SecurityAlgorithms.EcdsaSha256, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
signature = GetSignature(KeyingMaterial.JsonWebKeyRsa256, SecurityAlgorithms.RsaSha256, rawBytes);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.JsonWebKeyRsa256, SecurityAlgorithms.RsaSha256, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
AsymmetricSignatureProviders_Verify_Variation(KeyingMaterial.JsonWebKeyRsa256Public, SecurityAlgorithms.RsaSha256, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
TestUtilities.AssertFailIfErrors("AsymmetricSignatureProviders_Verify", errors);
}
public void SymmetricSignatureProvider_ConstructorTests()
{
// no errors
SymmetricSignatureProvider_ConstructorVariation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, ExpectedException.NoExceptionExpected);
SymmetricSignatureProvider_ConstructorVariation(KeyingMaterial.JsonWebKeySymmetric256, SecurityAlgorithms.HmacSha256, ExpectedException.NoExceptionExpected);
// null key
SymmetricSignatureProvider_ConstructorVariation(null, SecurityAlgorithms.HmacSha256Signature, ExpectedException.ArgumentNullException());
// empty algorithm
SymmetricSignatureProvider_ConstructorVariation(KeyingMaterial.DefaultSymmetricSecurityKey_256, string.Empty, ExpectedException.ArgumentException());
// unsupported algorithm
SymmetricSignatureProvider_ConstructorVariation(KeyingMaterial.DefaultSymmetricSecurityKey_256, "unknown algorithm", ExpectedException.ArgumentException("IDX10634:"));
// smaller key < 256 bytes
SymmetricSignatureProvider_ConstructorVariation(KeyingMaterial.SymmetricSecurityKey_56, SecurityAlgorithms.HmacSha256Signature, ExpectedException.ArgumentOutOfRangeException("IDX10603"));
// GetKeyedHashAlgorithm throws
SymmetricSecurityKey key = new FaultingSymmetricSecurityKey(KeyingMaterial.DefaultSymmetricSecurityKey_256, new CryptographicException("hi from inner"), null, null, KeyingMaterial.DefaultSymmetricKeyBytes_256);
SymmetricSignatureProvider_ConstructorVariation(key, SecurityAlgorithms.HmacSha256Signature, ExpectedException.InvalidOperationException("IDX10634:", typeof(CryptographicException)));
}
public void CryptoProviderFactory_Tests()
{
CryptoProviderFactory factory = new CryptoProviderFactory();
// Asymmetric / Symmetric both need signature alg specified
FactoryCreateFor("Signing: algorithm string.Empty", KeyingMaterial.X509SecurityKey_1024, string.Empty, factory, ExpectedException.ArgumentNullException());
FactoryCreateFor("Verifying: algorithm string.Empty", KeyingMaterial.X509SecurityKey_1024, string.Empty, factory, ExpectedException.ArgumentNullException());
// Json Web Keys
FactoryCreateFor("Signing: No exception", KeyingMaterial.JsonWebKeyRsa256, SecurityAlgorithms.RsaSha256, factory, ExpectedException.NoExceptionExpected);
FactoryCreateFor("Signing: security key without private key", KeyingMaterial.JsonWebKeyRsa256Public, SecurityAlgorithms.RsaSha256, factory, ExpectedException.InvalidOperationException("IDX10638:"));
FactoryCreateFor("Verifying: No exception", KeyingMaterial.JsonWebKeyRsa256Public, SecurityAlgorithms.RsaSha256, factory, ExpectedException.NoExceptionExpected);
FactoryCreateFor("Signing: No exception", KeyingMaterial.JsonWebKeySymmetric256, SecurityAlgorithms.HmacSha256, factory, ExpectedException.NoExceptionExpected);
FactoryCreateFor("Verifying: No exception", KeyingMaterial.JsonWebKeySymmetric256, SecurityAlgorithms.HmacSha256, factory, ExpectedException.NoExceptionExpected);
// Keytype not supported
FactoryCreateFor("Signing: SecurityKey type not Asymmetric or Symmetric", NotAsymmetricOrSymmetricSecurityKey.New, SecurityAlgorithms.HmacSha256Signature, factory, ExpectedException.ArgumentException("IDX10634:"));
FactoryCreateFor("Verifying: SecurityKey type not Asymmetric or Symmetric", NotAsymmetricOrSymmetricSecurityKey.New, SecurityAlgorithms.RsaSha256Signature, factory, ExpectedException.ArgumentException("IDX10634:"));
// Private keys missing
FactoryCreateFor("Signing RsaSecurityKey_2048_Public: SecurityKey without private key", KeyingMaterial.RsaSecurityKey_2048_Public, SecurityAlgorithms.RsaSha256Signature, factory, ExpectedException.InvalidOperationException(substringExpected: "IDX10638:"));
FactoryCreateFor("Verifying RsaSecurityKey_2048_Public: SecurityKey without private key", KeyingMaterial.RsaSecurityKey_2048_Public, SecurityAlgorithms.RsaSha256Signature, factory, ExpectedException.NoExceptionExpected);
FactoryCreateFor("Signing ECDsa256Key_Public: SecurityKey without private key", KeyingMaterial.ECDsa256Key_Public, SecurityAlgorithms.EcdsaSha256, factory, ExpectedException.InvalidOperationException(substringExpected: "IDX10638:"));
// Key size checks
FactoryCreateFor("Signing: AsymmetricKeySize Key to small", KeyingMaterial.X509SecurityKey_1024, SecurityAlgorithms.RsaSha256Signature, factory, ExpectedException.ArgumentOutOfRangeException("IDX10630:"));
FactoryCreateFor("Signing: SymmetricKeySize Key to small", KeyingMaterial.SymmetricSecurityKey_56, SecurityAlgorithms.HmacSha256Signature, factory, ExpectedException.ArgumentOutOfRangeException("IDX10603:"));
FactoryCreateFor("Signing: SymmetricKeySize Key", KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, factory, ExpectedException.NoExceptionExpected);
FactoryCreateFor("Verifying: SymmetricKeySize Key", KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, factory, ExpectedException.NoExceptionExpected);
// extensibility tests
// smaller key sizes but no exceptions using custom crypto factory
FactoryCreateFor("Signing: AsymmetricKeySize Key to small", KeyingMaterial.X509SecurityKey_1024, SecurityAlgorithms.RsaSha256Signature, new CustomCryptoProviderFactory(new string[] { SecurityAlgorithms.RsaSha256Signature }), ExpectedException.NoExceptionExpected);
FactoryCreateFor("Signing: SymmetricKeySize Key to small", KeyingMaterial.SymmetricSecurityKey_56, SecurityAlgorithms.HmacSha256Signature, new CustomCryptoProviderFactory(new string[] { SecurityAlgorithms.HmacSha256Signature }), ExpectedException.NoExceptionExpected);
}
public void SymmetricSignatureProvider_Verify()
{
List <string> errors = new List <string>();
byte[] rawBytes = new byte[8192];
(new Random()).NextBytes(rawBytes);
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, null, null, ExpectedException.ArgumentNullException(), errors, false);
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, new byte[0], null, ExpectedException.ArgumentNullException(), errors, false);
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, new byte[0], new byte[0], ExpectedException.ArgumentException("IDX10625:"), errors, false);
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, new byte[1], new byte[0], ExpectedException.ArgumentException("IDX10626:"), errors, false);
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, new byte[1], new byte[1], ExpectedException.NoExceptionExpected, errors, false);
var signature = GetSignatureFromSymmetricKey(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, rawBytes);
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
// wrong algorithm
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha384Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
// wrong key
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.SymmetricSecurityKey2_256, SecurityAlgorithms.HmacSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, false);
signature = GetSignatureFromSymmetricKey(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha512Signature, rawBytes);
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha512Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
signature = GetSignatureFromSymmetricKey(KeyingMaterial.JsonWebKeySymmetric256, SecurityAlgorithms.HmacSha256Signature, rawBytes);
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.JsonWebKeySymmetric256, SecurityAlgorithms.HmacSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
SymmetricSignatureProviders_Verify_Variation(KeyingMaterial.DefaultSymmetricSecurityKey_256, SecurityAlgorithms.HmacSha256Signature, rawBytes, signature, ExpectedException.NoExceptionExpected, errors, true);
TestUtilities.AssertFailIfErrors("SymmetricSignatureProvider_Verify", errors);
}
public static TheoryData <KeyWrapTheoryData> RsaKeyWrapConstructorTheoryData()
{
return(new TheoryData <KeyWrapTheoryData>
{
new KeyWrapTheoryData
{
ExpectedException = ExpectedException.ArgumentNullException("key"),
First = true,
TestId = "SecurityKeyNULL",
WillUnwrap = false,
WrapAlgorithm = SecurityAlgorithms.Aes128KeyWrap,
WrapKey = null
},
new KeyWrapTheoryData
{
ExpectedException = ExpectedException.ArgumentNullException("algorithm"),
TestId = "AlgorithmNULL",
WillUnwrap = false,
WrapAlgorithm = null,
WrapKey = KeyingMaterial.RsaSecurityKey_2048
},
new KeyWrapTheoryData
{
ExpectedException = ExpectedException.NotSupportedException("IDX10661:"),
TestId = "KeyTooSmall1024",
WillUnwrap = false,
WrapAlgorithm = SecurityAlgorithms.RsaOAEP,
WrapKey = KeyingMaterial.RsaSecurityKey_1024
},
new KeyWrapTheoryData
{
ExpectedException = ExpectedException.NotSupportedException("IDX10661:"),
TestId = "KeyDoesNotMatchAlgorithm",
WillUnwrap = false,
WrapAlgorithm = SecurityAlgorithms.Aes128KW,
WrapKey = KeyingMaterial.RsaSecurityKey_2048
},
new KeyWrapTheoryData
{
TestId = "RsaAlgorithmMatch",
WillUnwrap = false,
WrapAlgorithm = SecurityAlgorithms.RsaPKCS1,
WrapKey = KeyingMaterial.RsaSecurityKey_2048
},
new KeyWrapTheoryData
{
TestId = "X509AlgorithmMatch",
WillUnwrap = false,
WrapKey = KeyingMaterial.X509SecurityKey2,
WrapAlgorithm = SecurityAlgorithms.RsaPKCS1
},
new KeyWrapTheoryData
{
TestId = "JwkRSA",
WillUnwrap = false,
WrapKey = KeyingMaterial.JsonWebKeyRsa256,
WrapAlgorithm = SecurityAlgorithms.RsaPKCS1,
},
new KeyWrapTheoryData
{
TestId = "RsaPublicKey",
UnwrapKey = KeyingMaterial.JsonWebKeyRsa256Public,
UnwrapAlgorithm = SecurityAlgorithms.RsaPKCS1,
WillUnwrap = true
}
});
}
public static TheoryData <KeyWrapTestParams> UnwrapTheoryData()
{
var theoryData = new TheoryData <KeyWrapTestParams>();
// Unwrap parameter checking
AddUnwrapParameterCheckTheoryData("Test1", SecurityAlgorithms.Aes128KW, Default.SymmetricEncryptionKey128, null, ExpectedException.ArgumentNullException(), theoryData);
byte[] wrappedKey = new byte[12];
Array.Copy(Guid.NewGuid().ToByteArray(), wrappedKey, wrappedKey.Length);
AddUnwrapParameterCheckTheoryData("Test2", SecurityAlgorithms.Aes128KW, Default.SymmetricEncryptionKey128, wrappedKey, ExpectedException.ArgumentException("IDX10664:"), theoryData);
return(theoryData);
}
public static TheoryData <KeyWrapTestParams> WrapUnwrapTheoryData()
{
var theoryData = new TheoryData <KeyWrapTestParams>();
// round trip positive tests
AddWrapUnwrapTheoryData("Test1", SecurityAlgorithms.Aes128KW, Default.SymmetricEncryptionKey128, theoryData);
AddWrapUnwrapTheoryData("Test2", SecurityAlgorithms.Aes256KW, Default.SymmetricEncryptionKey256, theoryData);
// Wrap parameter checking
AddWrapParameterCheckTheoryData("Test3", SecurityAlgorithms.Aes128KW, Default.SymmetricEncryptionKey128, null, ExpectedException.ArgumentNullException(), theoryData);
byte[] keyToWrap = new byte[9];
Array.Copy(Guid.NewGuid().ToByteArray(), keyToWrap, keyToWrap.Length);
AddWrapParameterCheckTheoryData("Test4", SecurityAlgorithms.Aes128KW, Default.SymmetricEncryptionKey128, keyToWrap, ExpectedException.ArgumentException("IDX10664:"), theoryData);
return(theoryData);
}
public void AsymmetricSignatureProvider_Constructor()
{
AsymmetricSecurityKey privateKey = KeyingMaterial.DefaultX509SigningCreds_2048_RsaSha2_Sha2.Key as AsymmetricSecurityKey;
AsymmetricSecurityKey publicKey = KeyingMaterial.DefaultX509SigningCreds_Public_2048_RsaSha2_Sha2.Key as AsymmetricSecurityKey;
string sha2SignatureAlgorithm = KeyingMaterial.DefaultX509SigningCreds_2048_RsaSha2_Sha2.Algorithm;
// no errors
AsymmetricConstructorVariation("Signing: - Creates with no errors", privateKey, sha2SignatureAlgorithm, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Verifying: - Creates with no errors (Private Key)", privateKey, sha2SignatureAlgorithm, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Verifying: - Creates with no errors (Public Key)", publicKey, sha2SignatureAlgorithm, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Signing: - Creates with no errors", KeyingMaterial.ECDsa256Key, SecurityAlgorithms.EcdsaSha256, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Verifying: - Creates with no errors (Public Key)", KeyingMaterial.ECDsa256Key_Public, SecurityAlgorithms.EcdsaSha256, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Verifying: - Creates with no errors (Private Key)", KeyingMaterial.ECDsa256Key, SecurityAlgorithms.EcdsaSha256, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Verifying: - Creates with no errors (Public Key)", KeyingMaterial.ECDsa384Key_Public, SecurityAlgorithms.EcdsaSha384, ExpectedException.NoExceptionExpected);
// null, empty algorithm digest
AsymmetricConstructorVariation("Signing: - NUll key", null, sha2SignatureAlgorithm, ExpectedException.ArgumentNullException());
AsymmetricConstructorVariation("Signing: - SignatureAlorithm == null", privateKey, null, ExpectedException.ArgumentException("IDX10634:"));
AsymmetricConstructorVariation("Signing: - SignatureAlorithm == whitespace", privateKey, " ", ExpectedException.ArgumentException("IDX10634:"));
// No Private keys
AsymmetricConstructorVariation("Signing: - SecurityKey without private key", publicKey, sha2SignatureAlgorithm, ExpectedException.InvalidOperationException("IDX10638:"));
AsymmetricConstructorVariation("Verifying: - SecurityKey without private key", publicKey, sha2SignatureAlgorithm, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Signing: - no private key", KeyingMaterial.ECDsa521Key_Public, SecurityAlgorithms.EcdsaSha512, ExpectedException.InvalidOperationException("IDX10638:"));
// Signature algorithm not supported
AsymmetricConstructorVariation("Signing: - SignatureAlgorithm not supported", KeyingMaterial.X509SecurityKey_1024, "SecurityAlgorithms.RsaSha256Signature", ExpectedException.ArgumentException(substringExpected: "IDX10634:"));
AsymmetricConstructorVariation("Verifying: - SignatureAlgorithm not supported", KeyingMaterial.DefaultX509Key_Public_2048, "SecurityAlgorithms.RsaSha256Signature", ExpectedException.ArgumentException(substringExpected: "IDX10634:"));
// constructing using jsonweb keys
AsymmetricConstructorVariation("Signing: - Creates with no errors", KeyingMaterial.JsonWebKeyRsa256, SecurityAlgorithms.RsaSha256, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Verifying: - Creates with no errors", KeyingMaterial.JsonWebKeyRsa256Public, SecurityAlgorithms.RsaSha256, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Signing: - Creates with no errors", KeyingMaterial.JsonWebKeyEcdsa256, SecurityAlgorithms.EcdsaSha256, ExpectedException.NoExceptionExpected);
AsymmetricConstructorVariation("Verifying: - Creates with no errors", KeyingMaterial.JsonWebKeyEcdsa256Public, SecurityAlgorithms.EcdsaSha256, ExpectedException.NoExceptionExpected);
}
public static TheoryData <string, SecurityKey, string, bool, ExpectedException> RsaKeyWrapConstructorTheoryData()
{
var theoryData = new TheoryData <string, SecurityKey, string, bool, ExpectedException>();
theoryData.Add(
"SecurityKey_NULL",
null,
null,
false,
ExpectedException.ArgumentNullException());
theoryData.Add(
"Algorithm_NULL",
KeyingMaterial.RsaSecurityKey_2048,
null,
false,
ExpectedException.ArgumentNullException());
theoryData.Add(
"KeyTooSmall_1024",
KeyingMaterial.RsaSecurityKey_1024,
SecurityAlgorithms.RsaOAEP,
false,
ExpectedException.NotSupportedException("IDX10661:"));
theoryData.Add(
"KeyDoesNotRightType",
KeyingMaterial.RsaSecurityKey_2048,
SecurityAlgorithms.Aes128KW,
false,
ExpectedException.NotSupportedException("IDX10661:"));
theoryData.Add(
"KeyAlgorithmMatch",
KeyingMaterial.RsaSecurityKey_2048,
SecurityAlgorithms.RsaPKCS1,
false,
ExpectedException.NoExceptionExpected);
theoryData.Add(
"X509AlorithmMatch",
KeyingMaterial.X509SecurityKey2,
SecurityAlgorithms.RsaPKCS1,
false,
ExpectedException.NoExceptionExpected);
theoryData.Add(
"JWK_RSA",
KeyingMaterial.JsonWebKeyRsa256,
SecurityAlgorithms.RsaPKCS1,
true,
ExpectedException.NoExceptionExpected);
theoryData.Add(
"OnlyRSAPublicKeyProvided",
KeyingMaterial.JsonWebKeyRsa256Public,
SecurityAlgorithms.RsaPKCS1,
true,
ExpectedException.NoExceptionExpected);
return(theoryData);
}
