public void Verify_When_v1_Algorithm_User_Should_Return_True(string url, string method, string body, int futureSeconds)
{
var uri = new Uri(url);
var unsignedRequest = SignatureRequest.CreateSignRequest(uri, time, appId, secret, method, body, algorithm: "IO2-HMAC-SHA256");
var signedUrl = underTest.Sign(unsignedRequest);
var signedRequest = SignatureRequest.CreateVerificationRequest(signedUrl, time.AddSeconds(futureSeconds), secret, method, 60, body);
underTest.Verify(signedRequest).Should().BeTrue();
}
private void SignatureProvider_DisposeVariation(string testCase, SignatureProvider provider, ExpectedException expectedException)
{
try
{
if (testCase.StartsWith("Sign"))
{
provider.Sign(new byte[256]);
}
else if (testCase.StartsWith("Verify"))
{
provider.Verify(new byte[256], new byte[256]);
}
else if (testCase.StartsWith("Dispose"))
{
provider.Dispose();
}
else
{
Assert.True(false, "Test case does not match any scenario");
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
public ValueResult <bool> Verify(string data, string signature, string key)
{
try
{
return(new ValueResult <bool>(SignatureProvider.Verify(data, signature, key), true));
}
catch (Exception ex)
{
Logger.Error(ex, $"Can't verify signature: {ex.Message}");
return(new ValueResult <bool>(false, false).Error($"Can't verify signature: {ex.Message}", ex));
}
}
private void SignatureProvider_VerifyVariation(SignatureProvider provider, byte[] bytes, byte[] signature, ExpectedException expectedException)
{
try
{
provider.Verify(bytes, signature);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
void readFrame()
{
var buf = _recv(BitConverter.ToInt32(_recv(4), 0));
var sig = _recv(BitConverter.ToInt32(_recv(4), 0));
Log.RecordEvent(this, $"Received data: {buf.Select(x => x.ToString()).Aggregate((x, y) => x + "," + y)}", LogEntrySeverity.Info);
if (!sp.Verify(buf, sig))
{
Log.RecordEvent(this, "Data received via BCP has been tampered with!", LogEntrySeverity.Error);
throw new BCPDataTamperedWithException(buf);
}
frame = buf;
framePos = 0;
}
private void Provider_Sign_Verify_ParameterChecking(string testcase, SignatureProvider provider, byte[] bytes, byte[] signature, ExpectedException exceptionExpected = null)
{
Console.WriteLine(string.Format("Testcase: '{0}'", testcase));
try
{
if (testcase.StartsWith("Sign"))
{
provider.Sign(bytes);
}
else
{
provider.Verify(bytes, signature);
}
Assert.IsFalse(exceptionExpected != null && exceptionExpected.Thrown != null, string.Format("Expected exception: '{0}'", exceptionExpected.Thrown));
}
catch (Exception ex)
{
ExpectedException.ProcessException(exceptionExpected, ex);
}
}
public void RsaCngAdapterTest(RsaCngAdapterTheoryData theoryData)
{
var context = TestUtilities.WriteHeader($"{this}.RsaCngAdapterTest", theoryData);
var cert = KeyingMaterial.CertSelfSigned2048_SHA256;
var rsaCapiPrivateKey = new RsaSecurityKey(cert.PrivateKey as RSA);
var rsaCapiPublicKey = new RsaSecurityKey(cert.PublicKey.Key as RSA);
var clearBytes = Encoding.UTF8.GetBytes("blue star");
byte[] capiSignatureBytes = null;
AsymmetricSignatureProvider providerCapiPrivate = null;
AsymmetricSignatureProvider providerCapiPublic = null;
// create CAPI providers
try
{
providerCapiPrivate = new AsymmetricSignatureProvider(rsaCapiPrivateKey, theoryData.Algorithm, true);
capiSignatureBytes = providerCapiPrivate.Sign(clearBytes);
providerCapiPublic = new AsymmetricSignatureProvider(rsaCapiPublicKey, theoryData.Algorithm, false);
if (!providerCapiPublic.Verify(clearBytes, capiSignatureBytes))
{
context.AddDiff("providerCapiPublic.Verify(clearBytes, capiSignatureBytes)");
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
var rsaCngPrivateKey = new RsaSecurityKey(cert.GetRSAPrivateKey());
var rsaCngPublicKey = new RsaSecurityKey(cert.GetRSAPublicKey());
byte[] cngSignatureBytes = null;
byte[] cngSignatureBytesByFactory = null;
// create private signing
AsymmetricSignatureProvider providerCngPrivate = null;
try
{
providerCngPrivate = new AsymmetricSignatureProvider(rsaCngPrivateKey, theoryData.Algorithm, true);
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// create private signing with CryptoProviderFactory.Default
SignatureProvider providerCngPrivateByFactory = null;
try
{
providerCngPrivateByFactory = CryptoProviderFactory.Default.CreateForSigning(rsaCngPrivateKey, theoryData.Algorithm);
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// create public verifying
AsymmetricSignatureProvider providerCngPublic = null;
try
{
providerCngPublic = new AsymmetricSignatureProvider(rsaCngPublicKey, theoryData.Algorithm, false);
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// create public verifying with CryptoProviderFactory.Default
SignatureProvider providerCngPublicByFactory = null;
try
{
providerCngPublicByFactory = CryptoProviderFactory.Default.CreateForVerifying(rsaCngPublicKey, theoryData.Algorithm);
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
try
{
cngSignatureBytes = providerCngPrivate.Sign(clearBytes);
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// cngByFactory Sign
try
{
cngSignatureBytesByFactory = providerCngPrivateByFactory.Sign(clearBytes);
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// CngPublic -> CngPrivate validates
try
{
var cngVerify = providerCngPublic.Verify(clearBytes, cngSignatureBytes);
if (!cngVerify)
{
context.AddDiff($"cngVerify = providerCngPublic.Verify(clearBytes, cngSignatureBytes) == false.");
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// CngPublicByFactory -> CngPrivate validates
try
{
var cngVerify = providerCngPublicByFactory.Verify(clearBytes, cngSignatureBytes);
if (!cngVerify)
{
context.AddDiff($"cngVerify = providerCngPublicByFactory.Verify(clearBytes, cngSignatureBytes) == false.");
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// CngPublic -> CAPI validates
try
{
var cngVerify = providerCngPublic.Verify(clearBytes, capiSignatureBytes);
if (!cngVerify)
{
context.AddDiff($"cngVerify = providerCngPublic.Verify(clearBytes, capiSignatureBytes) == false.");
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// CngPublicByFactory -> CAPI validates
try
{
var verify = providerCngPublicByFactory.Verify(clearBytes, capiSignatureBytes);
if (!verify)
{
context.AddDiff($"verify = providerCngPublicByFactory.Verify(clearBytes, capiSignatureBytes) == false.");
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// CAPIPublic -> Cng validates
try
{
var verify = providerCapiPublic.Verify(clearBytes, cngSignatureBytes);
if (!verify)
{
context.AddDiff($"verify = providerCapiPublic.Verify(clearBytes, cngSignatureBytes) == false.");
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
// CAPIPublic -> CngByFactory validates
try
{
var verify = providerCapiPublic.Verify(clearBytes, cngSignatureBytesByFactory);
if (!verify)
{
context.AddDiff($"verify = providerCapiPublic.Verify(clearBytes, cngSignatureBytesByFactory) == false.");
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
TestUtilities.AssertFailIfErrors(context);
}
