internal override CoseHeaderMap GetSigningHeaderMap(CoseMessage msg, bool getProtectedMap)
{
CoseMultiSignMessage multiSignMsg = Assert.IsType <CoseMultiSignMessage>(msg);
Assert.Equal(1, multiSignMsg.Signatures.Count);
CoseSignature signature = multiSignMsg.Signatures[0];
return(getProtectedMap ? signature.ProtectedHeaders : signature.UnprotectedHeaders);
}
internal override bool Verify(CoseMessage msg, AsymmetricAlgorithm key, byte[] content, byte[]?associatedData = null)
{
CoseMultiSignMessage multiSignMsg = Assert.IsType <CoseMultiSignMessage>(msg);
ReadOnlyCollection <CoseSignature> signatures = multiSignMsg.Signatures;
Assert.Equal(1, signatures.Count);
return(signatures[0].VerifyDetached(key, content, associatedData));
}
public async Task VerifyAsyncWithUnreadableStream()
{
using Stream stream = GetTestStream(s_sampleContent);
byte[] encodedMsg = await CoseMultiSignMessage.SignDetachedAsync(stream, GetCoseSigner(DefaultKey, DefaultHash));
CoseMultiSignMessage msg = CoseMessage.DecodeMultiSign(encodedMsg);
using Stream unseekableStream = GetTestStream(s_sampleContent, StreamKind.Unreadable);
await Assert.ThrowsAsync <ArgumentException>("detachedContent", () => msg.Signatures[0].VerifyDetachedAsync(DefaultKey, unseekableStream));
}
internal override byte[] Sign(byte[] content, CoseSigner signer)
{
if (content == null)
{
return(CoseMultiSignMessage.SignDetachedAsync(null !, signer).GetAwaiter().GetResult());
}
using Stream stream = GetTestStream(content);
return(CoseMultiSignMessage.SignDetachedAsync(stream, signer).GetAwaiter().GetResult());
}
internal override byte[] Sign(byte[] content, CoseSigner signer)
{
if (content == null)
{
return(CoseMultiSignMessage.SignDetached((Stream)null !, signer));
}
using Stream stream = GetTestStream(content);
return(CoseMultiSignMessage.SignDetached(stream, signer));
}
public void DecodeMultiSign_VerifyUntagged()
{
// https://github.com/cose-wg/Examples/blob/master/ecdsa-examples/ecdsa-01.json minus first 2 bytes.
CoseMultiSignMessage msg = CoseMessage.DecodeMultiSign(ByteUtils.HexToByteArray("8443A10300A054546869732069732074686520636F6E74656E742E818343A10126A1044231315840D71C05DB52C9CE7F1BF5AAC01334BBEACAC1D86A2303E6EEAA89266F45C01ED602CA649EAF790D8BC99D2458457CA6A872061940E7AFBE48E289DFAC146AE258"));
ReadOnlyCollection <CoseSignature> signatures = msg.Signatures;
Assert.Equal(1, signatures.Count);
Assert.True(signatures[0].VerifyEmbedded(DefaultKey));
}
public void DecodeMultiSign_VerifyDetachedContent()
{
// Content is replaced with CBOR null - https://github.com/cose-wg/Examples/blob/master/ecdsa-examples/ecdsa-01.json.
CoseMultiSignMessage msg = CoseMessage.DecodeMultiSign(ByteUtils.HexToByteArray("D8628443A10300A0F6818343A10126A1044231315840D71C05DB52C9CE7F1BF5AAC01334BBEACAC1D86A2303E6EEAA89266F45C01ED602CA649EAF790D8BC99D2458457CA6A872061940E7AFBE48E289DFAC146AE258"));
Assert.Null(msg.Content);
ReadOnlyCollection <CoseSignature> signatures = msg.Signatures;
Assert.Equal(1, signatures.Count);
Assert.True(signatures[0].VerifyDetached(DefaultKey, s_sampleContent));
}
internal override byte[] Sign(
byte[] content,
CoseSigner signer,
CoseHeaderMap?protectedHeaders = null,
CoseHeaderMap?unprotectedHeaders = null,
byte[]?associatedData = null,
bool isDetached = false)
{
return(isDetached ?
CoseMultiSignMessage.SignDetached(content, signer, protectedHeaders, unprotectedHeaders, associatedData) :
CoseMultiSignMessage.SignEmbedded(content, signer, protectedHeaders, unprotectedHeaders, associatedData));
}
internal override bool Verify(CoseMessage msg, AsymmetricAlgorithm key, byte[] content, byte[]?associatedData = null)
{
Assert.True(!OnlySupportsDetachedContent || msg.Content == null);
CoseMultiSignMessage multiSignMsg = Assert.IsType <CoseMultiSignMessage>(msg);
ReadOnlyCollection <CoseSignature> signatures = multiSignMsg.Signatures;
Assert.Equal(1, signatures.Count);
using Stream stream = GetTestStream(content);
return(signatures[0].VerifyDetached(key, stream, associatedData));
}
internal override bool Verify(CoseMessage msg, AsymmetricAlgorithm key, byte[] content, byte[]?associatedData = null)
{
CoseMultiSignMessage multiSignMsg = Assert.IsType <CoseMultiSignMessage>(msg);
ReadOnlyCollection <CoseSignature> signatures = multiSignMsg.Signatures;
Assert.Equal(1, signatures.Count);
if (content == null)
{
return(signatures[0].VerifyDetachedAsync(key, null !, associatedData).GetAwaiter().GetResult());
}
using Stream stream = GetTestStream(content);
return(signatures[0].VerifyDetachedAsync(key, stream, associatedData).GetAwaiter().GetResult());
}
public void MultiSign_AddSignatureWithDuplicateHeaderBetweenProtectedAndUnprotected()
{
if (MessageKind != CoseMessageKind.MultiSign)
{
return;
}
CoseHeaderMap protectedHeaders, unprotectedHeaders;
Initialize(DefaultAlgorithm);
CoseMultiSignMessage msg = Assert.IsType <CoseMultiSignMessage>(Decode(Sign(s_sampleContent, GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders, unprotectedHeaders))));
// Algorithm header is duplicated. It is a special case because it is mandatory that the header exists in the protected map.
unprotectedHeaders.Add(CoseHeaderLabel.Algorithm, (int)DefaultAlgorithm);
CoseSigner signer = GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders, unprotectedHeaders);
Assert.Throws <CryptographicException>(() => AddSignature(msg, s_sampleContent, signer));
// other known header is duplicate.
Initialize(DefaultAlgorithm);
protectedHeaders.Add(CoseHeaderLabel.ContentType, ContentTypeDummyValue);
unprotectedHeaders.Add(CoseHeaderLabel.ContentType, ContentTypeDummyValue);
signer = GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders, unprotectedHeaders);
Assert.Throws <CryptographicException>(() => AddSignature(msg, s_sampleContent, signer));
// not-known int header is duplicate.
Initialize(DefaultAlgorithm);
var myLabel = new CoseHeaderLabel(42);
protectedHeaders.Add(myLabel, 42);
unprotectedHeaders.Add(myLabel, 42);
signer = GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders, unprotectedHeaders);
Assert.Throws <CryptographicException>(() => AddSignature(msg, s_sampleContent, signer));
// not-known tstr header is duplicate.
Initialize(DefaultAlgorithm);
myLabel = new CoseHeaderLabel("42");
protectedHeaders.Add(myLabel, 42);
unprotectedHeaders.Add(myLabel, 42);
signer = GetCoseSigner(DefaultKey, DefaultHash, protectedHeaders, unprotectedHeaders);
Assert.Throws <CryptographicException>(() => AddSignature(msg, s_sampleContent, signer));
void Initialize(CoseAlgorithm algorithm)
{
protectedHeaders = GetHeaderMapWithAlgorithm(algorithm);
unprotectedHeaders = GetEmptyHeaderMap();
}
}
public void MultiSign_SignWithCriticalHeaders_NotTransportingTheSpecifiedCriticalHeaderThrows_AddSignature()
{
if (MessageKind != CoseMessageKind.MultiSign)
{
return;
}
ReadOnlySpan <byte> encodedMsg = Sign(s_sampleContent, GetCoseSigner(DefaultKey, DefaultHash));
CoseMultiSignMessage multiSignMsg = Assert.IsType <CoseMultiSignMessage>(Decode(encodedMsg));
multiSignMsg.RemoveSignature(0);
CoseHeaderMap signProtectedHeaders = GetHeaderMapWithAlgorithm(DefaultAlgorithm);
AddCriticalHeaders(signProtectedHeaders, null, includeSpecifiedCritHeader: false);
CoseSigner signer = GetCoseSigner(DefaultKey, DefaultHash, signProtectedHeaders);
Assert.Throws <CryptographicException>(() => AddSignature(multiSignMsg, s_sampleContent, signer));
}
public void MultiSign_SignWithCriticalHeaders_AddSignature()
{
if (MessageKind != CoseMessageKind.MultiSign)
{
return;
}
ReadOnlySpan <byte> encodedMsg = Sign(s_sampleContent, GetCoseSigner(DefaultKey, DefaultHash));
CoseMultiSignMessage multiSignMsg = Assert.IsType <CoseMultiSignMessage>(Decode(encodedMsg));
multiSignMsg.RemoveSignature(0);
CoseHeaderMap signProtectedHeaders = GetHeaderMapWithAlgorithm(DefaultAlgorithm);
List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedSignProtected = GetExpectedProtectedHeaders(DefaultAlgorithm);
AddCriticalHeaders(signProtectedHeaders, expectedSignProtected, includeSpecifiedCritHeader: true);
CoseSigner signer = GetCoseSigner(DefaultKey, DefaultHash, signProtectedHeaders);
AddSignature(multiSignMsg, s_sampleContent, signer);
AssertCoseSignMessage(multiSignMsg.Encode(), s_sampleContent, DefaultKey, DefaultAlgorithm, expectedProtectedHeaders: expectedSignProtected);
}
private bool TrySign(ReadOnlySpan <byte> content, Span <byte> destination, CoseSigner signer, out int bytesWritten, CoseHeaderMap?protectedHeaders, CoseHeaderMap?unprotectedHeaders, byte[]?associatedData, bool isDetached)
=> isDetached?
CoseMultiSignMessage.TrySignDetached(content, destination, signer, out bytesWritten, protectedHeaders, unprotectedHeaders, associatedData) :
CoseMultiSignMessage.TrySignEmbedded(content, destination, signer, out bytesWritten, protectedHeaders, unprotectedHeaders, associatedData);
private byte[] SignFixed(byte[] content, CoseSigner signer, CoseHeaderMap?protectedHeaders, CoseHeaderMap?unprotectedHeaders, byte[]?associatedData, bool isDetached)
=> isDetached?
CoseMultiSignMessage.SignDetached(content, signer, protectedHeaders, unprotectedHeaders, associatedData) :
CoseMultiSignMessage.SignEmbedded(content, signer, protectedHeaders, unprotectedHeaders, associatedData);
internal override void AddSignature(CoseMultiSignMessage msg, byte[] content, CoseSigner signer, byte[]?associatedData = null) => MultiSignAddSignature(msg, content, signer, associatedData);
internal override void AddSignature(CoseMultiSignMessage msg, byte[] content, CoseSigner signer, byte[]?associatedData = null) => throw new NotSupportedException();
internal override byte[] Sign(byte[] content, CoseSigner signer) => CoseMultiSignMessage.SignDetached(content, signer);
internal abstract void AddSignature(CoseMultiSignMessage msg, byte[] content, CoseSigner signer, byte[]?associatedData = null);
internal override byte[] SignDetached(Stream detachedContent, CoseSigner signer, CoseHeaderMap?protectedHeaders = null, CoseHeaderMap?unprotectedHeaders = null, byte[]?associatedData = null) => CoseMultiSignMessage.SignDetached(detachedContent, signer, protectedHeaders, unprotectedHeaders, associatedData);
internal override void AddSignature(CoseMultiSignMessage msg, byte[] content, CoseSigner signer, byte[]?associatedData = null)
{
using Stream stream = GetTestStream(content);
msg.AddSignatureForDetached(stream, signer, associatedData);
}
