private static KeyDescription CreateKey(ECCurve curve)
{
ECDsa dsa = ECDsaFactory.Create(curve);
return(new KeyDescription(
dsa,
$"{dsa.KeySize}-bit random key",
dsa.KeySize));
}
public static void TestNamedCurveWithExplicitKey()
{
using (ECDsa ec = ECDsaFactory.Create())
{
ECParameters parameters = EccTestData.GetNistP224KeyTestData();
ec.ImportParameters(parameters);
VerifyNamedCurve(parameters, ec, 224, true);
}
}
public static void TestExplicitImportValidationNegative()
{
unchecked
{
using (ECDsa ec = ECDsaFactory.Create())
{
ECParameters p = EccTestData.GetNistP256ExplicitTestData();
Assert.True(p.Curve.IsPrime);
ec.ImportParameters(p);
ECParameters temp = p;
temp.Q.X = null; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Q.X = new byte[] { }; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Q.X = new byte[1] {
0x10
}; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Q.X = (byte[])p.Q.X.Clone(); --temp.Q.X[0]; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp = p;
temp.Q.Y = null; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Q.Y = new byte[] { }; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Q.Y = new byte[1] {
0x10
}; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Q.Y = (byte[])p.Q.Y.Clone(); --temp.Q.Y[0]; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp = p;
temp.Curve.A = null; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.A = new byte[] { }; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.A = new byte[1] {
0x10
}; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.A = (byte[])p.Curve.A.Clone(); --temp.Curve.A[0]; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp = p;
temp.Curve.B = null; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.B = new byte[] { }; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.B = new byte[1] {
0x10
}; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.B = (byte[])p.Curve.B.Clone(); --temp.Curve.B[0]; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp = p;
temp.Curve.Order = null; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.Order = new byte[] { }; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp = p;
temp.Curve.Prime = null; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.Prime = new byte[] { }; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.Prime = new byte[1] {
0x10
}; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
temp.Curve.Prime = (byte[])p.Curve.Prime.Clone(); --temp.Curve.Prime[0]; Assert.ThrowsAny <CryptographicException>(() => ec.ImportParameters(temp));
}
}
}
public static void TestNamedCurvesNegative(CurveDef curveDef)
{
if (!curveDef.Curve.IsNamed)
{
return;
}
// An exception may be thrown during Create() if the Oid is bad, or later during native calls
Assert.Throws <PlatformNotSupportedException>(() => ECDsaFactory.Create(curveDef.Curve).ExportParameters(false));
}
public static void TestNamedCurveNegative()
{
Assert.Throws <ArgumentNullException>(() => ECCurve.CreateFromFriendlyName(null));
Assert.Throws <ArgumentNullException>(() => ECCurve.CreateFromValue(null));
AssertExtensions.Throws <ArgumentException>(null, () => ECCurve.CreateFromFriendlyName(""));
Assert.Throws <PlatformNotSupportedException>(() => ECDsaFactory.Create(ECCurve.CreateFromFriendlyName("Invalid")).ExportExplicitParameters(false));
AssertExtensions.Throws <ArgumentException>(null, () => ECCurve.CreateFromValue(""));
Assert.Throws <PlatformNotSupportedException>(() => ECDsaFactory.Create(ECCurve.CreateFromValue("Invalid")).ExportExplicitParameters(false));
AssertExtensions.Throws <ArgumentException>(null, () => ECCurve.CreateFromOid(new Oid(null, null)));
AssertExtensions.Throws <ArgumentException>(null, () => ECCurve.CreateFromOid(new Oid("", "")));
}
public void CreateKey(int keySize)
{
using (ECDsa ecdsa = ECDsaFactory.Create())
{
// Step 1, don't throw here.
ecdsa.KeySize = keySize;
// Step 2, ensure the key was generated without throwing.
ecdsa.SignData(Array.Empty <byte>(), HashAlgorithmName.SHA256);
}
}
public void PublicKey_CannotSign()
{
using (ECDsa ecdsaPriv = ECDsaFactory.Create())
using (ECDsa ecdsa = ECDsaFactory.Create())
{
ECParameters keyParameters = ecdsaPriv.ExportParameters(false);
ecdsa.ImportParameters(keyParameters);
Assert.ThrowsAny <CryptographicException>(
() => ecdsa.SignData(new byte[] { 1, 2, 3, 4, 5 }, HashAlgorithmName.SHA256));
}
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
public static IEnumerable <object[]> InteroperableSignatureConfigurations()
{
foreach (HashAlgorithmName hashAlgorithm in new[] {
HashAlgorithmName.MD5,
HashAlgorithmName.SHA1,
HashAlgorithmName.SHA256,
HashAlgorithmName.SHA384,
HashAlgorithmName.SHA512
})
{
yield return(new object[] { ECDsaFactory.Create(), hashAlgorithm });
}
}
public static void TestKeySizeCreateKey()
{
using (ECDsa ec = ECDsaFactory.Create(ECCurve.NamedCurves.nistP256))
{
// Ensure the handle is created
Assert.Equal(256, ec.KeySize);
ec.Exercise();
ec.KeySize = 521; //nistP521
Assert.Equal(521, ec.KeySize);
ec.Exercise();
Assert.ThrowsAny <CryptographicException>(() => ec.KeySize = 9999);
}
}
public static void TestGeneralExportWithExplicitParameters()
{
using (ECDsa ecdsa = ECDsaFactory.Create())
{
ECParameters param = EccTestData.GetNistP256ExplicitTestData();
param.Validate();
ecdsa.ImportParameters(param);
Assert.True(param.Curve.IsExplicit);
param = ecdsa.ExportParameters(false);
param.Validate();
// We should have explicit values, not named, as this curve has no name.
Assert.True(param.Curve.IsExplicit);
}
}
public static void TestExplicitCurves(CurveDef curveDef)
{
using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve))
{
ECParameters param1 = ec1.ExportExplicitParameters(curveDef.IncludePrivate);
VerifyExplicitCurve(param1, ec1, curveDef);
using (ECDsa ec2 = ECDsaFactory.Create())
{
ec2.ImportParameters(param1);
ECParameters param2 = ec2.ExportExplicitParameters(curveDef.IncludePrivate);
VerifyExplicitCurve(param1, ec1, curveDef);
AssertEqual(param1, param2);
}
}
}
public static void TestExplicitCurvesSignVerify(CurveDef curveDef)
{
using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve))
{
byte[] data = new byte[0x10];
byte[] sig1 = ec1.SignData(data, 0, data.Length, HashAlgorithmName.SHA1);
bool verified;
verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.True(verified);
using (ECDsa ec2 = ECDsaFactory.Create())
{
ec2.ImportParameters(ec1.ExportExplicitParameters(true));
Assert.Equal(ec1.KeySize, ec2.KeySize);
byte[] sig2 = ec2.SignData(data, 0, data.Length, HashAlgorithmName.SHA1);
verified = ec2.VerifyData(data, sig2, HashAlgorithmName.SHA1);
Assert.True(verified);
// Verify key is compatible other signature
verified = ec2.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.True(verified);
verified = ec1.VerifyData(data, sig2, HashAlgorithmName.SHA1);
Assert.True(verified);
// Verify with no private key
using (ECDsa ec3 = ECDsaFactory.Create())
{
ec3.ImportParameters(ec2.ExportExplicitParameters(false));
Assert.Equal(ec2.KeySize, ec3.KeySize);
verified = ec3.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.True(verified);
}
}
// Ensure negative result
unchecked
{
sig1[sig1.Length - 1]++;
}
verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.False(verified);
}
}
public static void DiminishedCoordsRoundtrip()
{
ECParameters toImport = EccTestData.GetNistP521DiminishedCoordsParameters();
ECParameters privateParams;
ECParameters publicParams;
using (ECDsa ecdsa = ECDsaFactory.Create())
{
ecdsa.ImportParameters(toImport);
privateParams = ecdsa.ExportParameters(true);
publicParams = ecdsa.ExportParameters(false);
}
ComparePublicKey(toImport.Q, privateParams.Q);
ComparePrivateKey(toImport, privateParams);
ComparePublicKey(toImport.Q, publicParams.Q);
Assert.Null(publicParams.D);
}
public void TestRegenKeyNistP256()
{
ECParameters param, param2;
ECDsa ec;
using (ec = ECDsaFactory.Create(256))
{
param = ec.ExportExplicitParameters(true);
Assert.NotEqual(param.D, null);
ec.GenerateKey(param.Curve);
param2 = ec.ExportExplicitParameters(true);
// Only curve should match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
CompareCurve(param.Curve, param2.Curve);
}
}
public void KeySizeProp()
{
using (ECDsa e = ECDsaFactory.Create())
{
e.KeySize = 384;
Assert.Equal(384, e.KeySize);
ECParameters p384 = e.ExportParameters(false);
Assert.True(p384.Curve.IsNamed);
p384.Validate();
e.KeySize = 521;
Assert.Equal(521, e.KeySize);
ECParameters p521 = e.ExportParameters(false);
Assert.True(p521.Curve.IsNamed);
p521.Validate();
// Ensure the key was regenerated
Assert.NotEqual(p384.Curve.Oid.FriendlyName, p521.Curve.Oid.FriendlyName);
}
}
public void TestRegenKeyNamed(CurveDef curveDef)
{
ECParameters param, param2;
ECDsa cng;
using (cng = ECDsaFactory.Create(curveDef.Curve))
{
param = cng.ExportParameters(true);
Assert.NotEqual(param.D, null);
param.Validate();
cng.GenerateKey(param.Curve);
param2 = cng.ExportParameters(true);
param2.Validate();
// Only curve should match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
CompareCurve(param.Curve, param2.Curve);
}
}
public static void ImportExplicitWithHashButNoSeed()
{
if (!ECDsaFactory.ExplicitCurvesSupported)
{
return;
}
using (ECDsa ec = ECDsaFactory.Create())
{
ECCurve curve = EccTestData.GetNistP256ExplicitCurve();
Assert.NotNull(curve.Hash);
ec.GenerateKey(curve);
ECParameters parameters = ec.ExportExplicitParameters(true);
Assert.NotNull(parameters.Curve.Hash);
parameters.Curve.Seed = null;
ec.ImportParameters(parameters);
ec.Exercise();
}
}
public void TestChangeFromNamedCurveToKeySize(CurveDef curveDef)
{
using (ECDsa ec = ECDsaFactory.Create(curveDef.Curve))
{
ECParameters param = ec.ExportParameters(false);
// Avoid comparing against same key as in curveDef
if (ec.KeySize != 384 && ec.KeySize != 521)
{
ec.KeySize = 384;
ECParameters param384 = ec.ExportParameters(false);
Assert.NotEqual(param.Curve.Oid.FriendlyName, param384.Curve.Oid.FriendlyName);
Assert.Equal(384, ec.KeySize);
ec.KeySize = 521;
ECParameters param521 = ec.ExportParameters(false);
Assert.NotEqual(param384.Curve.Oid.FriendlyName, param521.Curve.Oid.FriendlyName);
Assert.Equal(521, ec.KeySize);
}
}
}
private static void Validate(
ECParameters parameters,
ECCurve explicitCurve,
byte[] msg,
byte[] signature,
HashAlgorithmName hashAlgorithm)
{
byte[] tamperedSignature = (byte[])signature.Clone();
tamperedSignature[0] ^= 0xFF;
using (ECDsa ecdsa = ECDsaFactory.Create())
{
ecdsa.ImportParameters(parameters);
Assert.True(
ecdsa.VerifyData(msg, signature, hashAlgorithm),
"named verifies signature");
Assert.False(
ecdsa.VerifyData(msg, tamperedSignature, hashAlgorithm),
"named verifies tampered");
}
if (ECDsaFactory.ExplicitCurvesSupported)
{
using (ECDsa ecdsa = ECDsaFactory.Create())
{
parameters.Curve = explicitCurve;
ecdsa.ImportParameters(parameters);
Assert.True(
ecdsa.VerifyData(msg, signature, hashAlgorithm),
"explicit verifies signature");
Assert.False(
ecdsa.VerifyData(msg, tamperedSignature, hashAlgorithm),
"explicit verifies tampered");
}
}
}
public static void TestNamedCurves(CurveDef curveDef)
{
if (!curveDef.Curve.IsNamed)
{
return;
}
using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve))
{
ECParameters param1 = ec1.ExportParameters(curveDef.IncludePrivate);
VerifyNamedCurve(param1, ec1, curveDef.KeySize, curveDef.IncludePrivate);
using (ECDsa ec2 = ECDsaFactory.Create())
{
ec2.ImportParameters(param1);
ECParameters param2 = ec2.ExportParameters(curveDef.IncludePrivate);
VerifyNamedCurve(param2, ec2, curveDef.KeySize, curveDef.IncludePrivate);
AssertEqual(param1, param2);
}
}
}
public static void ExportIncludingPrivateOnPublicOnlyKey()
{
ECParameters iutParameters = new ECParameters
{
Curve = ECCurve.NamedCurves.nistP521,
Q =
{
X = "00d45615ed5d37fde699610a62cd43ba76bedd8f85ed31005fe00d6450fbbd101291abd96d4945a8b57bc73b3fe9f4671105309ec9b6879d0551d930dac8ba45d255".HexToByteArray(),
Y = "01425332844e592b440c0027972ad1526431c06732df19cd46a242172d4dd67c2c8c99dfc22e49949a56cf90c6473635ce82f25b33682fb19bc33bd910ed8ce3a7fa".HexToByteArray(),
},
D = "00816f19c1fb10ef94d4a1d81c156ec3d1de08b66761f03f06ee4bb9dcebbbfe1eaa1ed49a6a990838d8ed318c14d74cc872f95d05d07ad50f621ceb620cd905cfb8".HexToByteArray(),
};
using (ECDsa iut = ECDsaFactory.Create())
using (ECDsa cavs = ECDsaFactory.Create())
{
iut.ImportParameters(iutParameters);
cavs.ImportParameters(iut.ExportParameters(false));
// Linux throws an Interop.Crypto.OpenSslCryptographicException : CryptographicException
Assert.ThrowsAny <CryptographicException>(() => cavs.ExportExplicitParameters(true));
Assert.ThrowsAny <CryptographicException>(() => cavs.ExportParameters(true));
}
}
protected override ECDsa CreateKey()
{
return(ECDsaFactory.Create());
}
protected override ECDsa CreateKey() => ECDsaFactory.Create();
public void TestRegenKeyExplicit(CurveDef curveDef)
{
ECParameters param, param2;
ECDsa ec, newEc;
using (ec = ECDsaFactory.Create(curveDef.Curve))
{
param = ec.ExportExplicitParameters(true);
Assert.NotEqual(null, param.D);
using (newEc = ECDsaFactory.Create())
{
newEc.ImportParameters(param);
// The curve name is not flowed on explicit export\import (by design) so this excercises logic
// that regenerates based on current curve values
newEc.GenerateKey(param.Curve);
param2 = newEc.ExportExplicitParameters(true);
// Only curve should match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
CompareCurve(param.Curve, param2.Curve);
// Specify same curve name
newEc.GenerateKey(curveDef.Curve);
Assert.Equal(curveDef.KeySize, newEc.KeySize);
param2 = newEc.ExportExplicitParameters(true);
// Only curve should match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
CompareCurve(param.Curve, param2.Curve);
// Specify different curve than current
if (param.Curve.IsPrime)
{
if (curveDef.Curve.IsNamed &&
curveDef.Curve.Oid.FriendlyName != ECCurve.NamedCurves.nistP256.Oid.FriendlyName)
{
// Specify different curve (nistP256) by explicit value
newEc.GenerateKey(ECCurve.NamedCurves.nistP256);
Assert.Equal(256, newEc.KeySize);
param2 = newEc.ExportExplicitParameters(true);
// Keys should should not match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
// P,X,Y (and others) should not match
Assert.True(param2.Curve.IsPrime);
Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime);
Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X);
Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y);
// Reset back to original
newEc.GenerateKey(param.Curve);
Assert.Equal(curveDef.KeySize, newEc.KeySize);
ECParameters copyOfParam1 = newEc.ExportExplicitParameters(true);
// Only curve should match
ComparePrivateKey(param, copyOfParam1, false);
ComparePublicKey(param.Q, copyOfParam1.Q, false);
CompareCurve(param.Curve, copyOfParam1.Curve);
// Set back to nistP256
newEc.GenerateKey(param2.Curve);
Assert.Equal(256, newEc.KeySize);
param2 = newEc.ExportExplicitParameters(true);
// Keys should should not match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
// P,X,Y (and others) should not match
Assert.True(param2.Curve.IsPrime);
Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime);
Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X);
Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y);
}
}
else if (param.Curve.IsCharacteristic2)
{
if (curveDef.Curve.Oid.Value != ECDSA_Sect193r1_OID_VALUE)
{
if (ECDsaFactory.IsCurveValid(new Oid(ECDSA_Sect193r1_OID_VALUE)))
{
// Specify different curve by name
newEc.GenerateKey(ECCurve.CreateFromValue(ECDSA_Sect193r1_OID_VALUE));
Assert.Equal(193, newEc.KeySize);
param2 = newEc.ExportExplicitParameters(true);
// Keys should should not match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
// Polynomial,X,Y (and others) should not match
Assert.True(param2.Curve.IsCharacteristic2);
Assert.NotEqual(param.Curve.Polynomial, param2.Curve.Polynomial);
Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X);
Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y);
}
}
}
}
}
}
public static IEnumerable <object[]> RealImplementations()
{
return(new[] {
new ECDsa[] { ECDsaFactory.Create() },
});
}
