public void NullPadding_Throws()
{
using (RSA rsa = RSAFactory.Create())
{
AssertExtensions.Throws <ArgumentNullException>("padding", () => Encrypt(rsa, TestData.HelloBytes, null));
AssertExtensions.Throws <ArgumentNullException>("padding", () => Decrypt(rsa, TestData.HelloBytes, null));
}
}
public void NotSupportedValueMethods()
{
using (RSA rsa = RSAFactory.Create())
{
Assert.Throws <NotSupportedException>(() => rsa.DecryptValue(null));
Assert.Throws <NotSupportedException>(() => rsa.EncryptValue(null));
}
}
public void NullArray_Throws()
{
using (RSA rsa = RSAFactory.Create())
{
AssertExtensions.Throws <ArgumentNullException>("data", () => rsa.Encrypt(null, RSAEncryptionPadding.OaepSHA1));
AssertExtensions.Throws <ArgumentNullException>("data", () => rsa.Decrypt(null, RSAEncryptionPadding.OaepSHA1));
}
}
public static void VerifyDecryptKeyExchangePkcs1()
{
using (RSA rsa = RSAFactory.Create())
{
var formatter = new RSAPKCS1KeyExchangeFormatter(rsa);
var deformatter = new RSAPKCS1KeyExchangeDeformatter(rsa);
VerifyDecryptKeyExchange(formatter, deformatter);
}
}
public static void ImportFromPem_NoPem()
{
using (RSA rsa = RSAFactory.Create())
{
string pem = @"these aren't the PEMs you're looking for";
ArgumentException ae = AssertExtensions.Throws <ArgumentException>("input", () => rsa.ImportFromPem(pem));
Assert.Contains(NoPemExceptionMarker, ae.Message);
}
}
public static void ImportFromEncryptedPem_Pkcs8Encrypted_Byte_NoPem()
{
using (RSA rsa = RSAFactory.Create())
{
string pem = "these aren't the PEMs we're looking for.";
ArgumentException ae = AssertExtensions.Throws <ArgumentException>("input", () =>
rsa.ImportFromEncryptedPem(pem, "test" u8));
Assert.Contains(NoPemExceptionMarker, ae.Message);
}
}
public void NullPadding_Throws()
{
using (RSA rsa = RSAFactory.Create())
{
AssertExtensions.Throws <ArgumentNullException>("padding", () => SignData(rsa, new byte[1], HashAlgorithmName.SHA1, null));
AssertExtensions.Throws <ArgumentNullException>("padding", () => SignHash(rsa, new byte[1], HashAlgorithmName.SHA1, null));
AssertExtensions.Throws <ArgumentNullException>("padding", () => VerifyData(rsa, new byte[1], new byte[1], HashAlgorithmName.SHA1, null));
AssertExtensions.Throws <ArgumentNullException>("padding", () => VerifyHash(rsa, new byte[1], new byte[1], HashAlgorithmName.SHA1, null));
}
}
public void NegativeVerify_TamperedData()
{
using (RSA rsa = RSAFactory.Create())
{
rsa.ImportParameters(TestData.RSA2048Params);
byte[] signature = SignData(rsa, TestData.HelloBytes, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
bool signatureMatched = VerifyData(rsa, Array.Empty <byte>(), signature, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
Assert.False(signatureMatched);
}
}
private void SignAndVerify(byte[] data, string hashAlgorithmName, RSAParameters rsaParameters)
{
using (RSA rsa = RSAFactory.Create())
{
rsa.ImportParameters(rsaParameters);
byte[] signature = SignData(rsa, data, new HashAlgorithmName(hashAlgorithmName), RSASignaturePadding.Pkcs1);
bool signatureMatched = VerifyData(rsa, data, signature, new HashAlgorithmName(hashAlgorithmName), RSASignaturePadding.Pkcs1);
Assert.True(signatureMatched);
}
}
public static void VerifyDecryptKeyExchangePkcs1()
{
using (RSA rsa = RSAFactory.Create())
{
rsa.ImportParameters(TestData.RSA2048Params);
var formatter = new RSAPKCS1KeyExchangeFormatter(rsa);
var deformatter = new RSAPKCS1KeyExchangeDeformatter(rsa);
VerifyDecryptKeyExchange(formatter, deformatter);
}
}
public void PublicKey_CannotSign()
{
using (RSA rsa = RSAFactory.Create())
using (RSA rsaPub = RSAFactory.Create())
{
rsaPub.ImportParameters(rsa.ExportParameters(false));
Assert.ThrowsAny <CryptographicException>(
() => rsaPub.SignData(TestData.HelloBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1));
}
}
public static void NegativeVerify_WrongAlgorithm()
{
using (RSA rsa = RSAFactory.Create())
{
rsa.ImportParameters(TestData.RSA2048Params);
byte[] signature = rsa.SignData(TestData.HelloBytes, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
bool signatureMatched = rsa.VerifyData(TestData.HelloBytes, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
Assert.False(signatureMatched);
}
}
public static void ImportFromEncryptedPem_Pkcs8Encrypted_Char_NoPem()
{
using (RSA rsa = RSAFactory.Create())
{
string pem = "go about your business";
string password = "******";
ArgumentException ae = AssertExtensions.Throws <ArgumentException>("input", () =>
rsa.ImportFromEncryptedPem(pem, password));
Assert.Contains(NoPemExceptionMarker, ae.Message);
}
}
public void RsaDecryptOaepWrongAlgorithm()
{
using (RSA rsa = RSAFactory.Create(TestData.RSA2048Params))
{
byte[] data = TestData.HelloBytes;
byte[] encrypted = Encrypt(rsa, data, RSAEncryptionPadding.OaepSHA256);
Assert.ThrowsAny <CryptographicException>(
() => Decrypt(rsa, encrypted, RSAEncryptionPadding.OaepSHA384));
}
}
public void InvalidHashAlgorithmName_Throws(string name)
{
using (RSA rsa = RSAFactory.Create())
{
var invalidName = new HashAlgorithmName(name);
AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => SignData(rsa, new byte[1], invalidName, RSASignaturePadding.Pkcs1));
AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => SignHash(rsa, new byte[1], invalidName, RSASignaturePadding.Pkcs1));
AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => VerifyData(rsa, new byte[1], new byte[1], invalidName, RSASignaturePadding.Pkcs1));
AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => VerifyHash(rsa, new byte[1], new byte[1], invalidName, RSASignaturePadding.Pkcs1));
}
}
public void InvalidKeySize_DoesNotInvalidateKey()
{
using (RSA rsa = RSAFactory.Create())
{
byte[] signature = SignData(rsa, TestData.HelloBytes, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
// A 2049-bit key is hard to describe, none of the providers support it.
Assert.ThrowsAny <CryptographicException>(() => rsa.KeySize = 2049);
Assert.True(VerifyData(rsa, TestData.HelloBytes, signature, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
}
}
public static void ImportNoModulus()
{
RSAParameters imported = new RSAParameters
{
Exponent = TestData.RSA1024Params.Exponent,
};
using (RSA rsa = RSAFactory.Create())
{
Assert.ThrowsAny <CryptographicException>(() => rsa.ImportParameters(imported));
}
}
public static void ImportNoDP()
{
// Because RSAParameters is a struct, this is a copy,
// so assigning DP is not destructive to other tests.
RSAParameters imported = TestData.RSA1024Params;
imported.DP = null;
using (RSA rsa = RSAFactory.Create())
{
Assert.ThrowsAny <CryptographicException>(() => rsa.ImportParameters(imported));
}
}
public static void VerifySignature_SHA256()
{
using (RSA rsa = RSAFactory.Create())
{
var formatter = new RSAPKCS1SignatureFormatter(rsa);
var deformatter = new RSAPKCS1SignatureDeformatter(rsa);
using (SHA256 alg = SHA256.Create())
{
VerifySignature(formatter, deformatter, alg, "SHA256");
VerifySignature(formatter, deformatter, alg, "sha256");
}
}
}
public void NonPowerOfTwoKeySizeOaepRoundtrip(RSAEncryptionPadding oaepPaddingMode)
{
byte[] crypt;
byte[] output;
using (RSA rsa = RSAFactory.Create(3072))
{
crypt = Encrypt(rsa, TestData.HelloBytes, oaepPaddingMode);
output = Decrypt(rsa, crypt, oaepPaddingMode);
}
Assert.NotEqual(crypt, output);
Assert.Equal(TestData.HelloBytes, output);
}
public void NullArray_Throws()
{
using (RSA rsa = RSAFactory.Create())
{
AssertExtensions.Throws <ArgumentNullException>("data", () => SignData(rsa, null, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
AssertExtensions.Throws <ArgumentNullException>("hash", () => SignHash(rsa, null, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
AssertExtensions.Throws <ArgumentNullException>("data", () => VerifyData(rsa, null, new byte[1], HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
AssertExtensions.Throws <ArgumentNullException>("hash", () => VerifyHash(rsa, null, new byte[1], HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
AssertExtensions.Throws <ArgumentNullException>("signature", () => VerifyData(rsa, new byte[1], null, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
AssertExtensions.Throws <ArgumentNullException>("signature", () => VerifyHash(rsa, new byte[1], null, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
}
}
public void NegativeVerify_WrongSignature()
{
using (RSA rsa = RSAFactory.Create())
{
rsa.ImportParameters(TestData.RSA2048Params);
byte[] signature = SignData(rsa, TestData.HelloBytes, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
// Invalidate the signature.
signature[0] = unchecked ((byte)~signature[0]);
bool signatureMatched = VerifyData(rsa, TestData.HelloBytes, signature, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
Assert.False(signatureMatched);
}
}
public static void RsaCryptRoundtrip()
{
byte[] crypt;
byte[] output;
using (RSA rsa = RSAFactory.Create())
{
crypt = rsa.Encrypt(TestData.HelloBytes, RSAEncryptionPadding.OaepSHA1);
output = rsa.Decrypt(crypt, RSAEncryptionPadding.OaepSHA1);
}
Assert.NotEqual(crypt, output);
Assert.Equal(TestData.HelloBytes, output);
}
public static void PublicOnlyPrivateExport()
{
RSAParameters imported = new RSAParameters
{
Modulus = TestData.RSA1024Params.Modulus,
Exponent = TestData.RSA1024Params.Exponent,
};
using (RSA rsa = RSAFactory.Create())
{
rsa.ImportParameters(imported);
Assert.ThrowsAny <CryptographicException>(() => rsa.ExportParameters(true));
}
}
public static void RsaDecryptAfterExport()
{
byte[] output;
using (RSA rsa = RSAFactory.Create())
{
byte[] crypt = rsa.Encrypt(TestData.HelloBytes, RSAEncryptionPadding.OaepSHA1);
// Export the key, this should not clear/destroy the key.
RSAParameters ignored = rsa.ExportParameters(true);
output = rsa.Decrypt(crypt, RSAEncryptionPadding.OaepSHA1);
}
Assert.Equal(TestData.HelloBytes, output);
}
public static void ImportFromPem_SubjectPublicKeyInfo_Simple()
{
using (RSA rsa = RSAFactory.Create())
{
string pem = @"
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALc/WfXui9VeJLf/AprRaoVDyW0lPlQx
m5NTLEHDwUd7idstLzPXuah0WEjgao5oO1BEUR4byjYlJ+F89Cs4BhUCAwEAAQ==
-----END PUBLIC KEY-----";
rsa.ImportFromPem(pem);
RSAParameters rsaParameters = rsa.ExportParameters(false);
ImportExport.AssertKeyEquals(TestData.DiminishedDPParameters.ToPublic(), rsaParameters);
}
}
public void UseAfterDispose(bool importKey)
{
RSA rsa = importKey ? RSAFactory.Create(TestData.RSA2048Params) : RSAFactory.Create(1024);
byte[] data = TestData.HelloBytes;
byte[] enc;
using (rsa)
{
enc = Encrypt(rsa, data, RSAEncryptionPadding.Pkcs1);
}
Assert.Throws <ObjectDisposedException>(
() => Decrypt(rsa, enc, RSAEncryptionPadding.Pkcs1));
}
public static void TestKnownValueOaep()
{
using (RSA rsa = RSAFactory.Create())
{
rsa.ImportParameters(TestData.RSA1024Params);
byte[] encrypted =
("19134ffba4025a1c651120ca07258a46e005a327c3927f615465060734dc0339114cabfd13803288883abf9329296a3e3a5cb1587927"
+ "a6e8a2e736f0a756e342b4adb0f1de5bba9ba5faee30456fb7409678eb71a70185606eda3303d9425fbeb730ab7803bea50e208b563f"
+ "e9bfa97a8966deefb211a3bd6abe08cd15e0b927").HexToByteArray();
RSAOAEPKeyExchangeDeformatter deformatter = new RSAOAEPKeyExchangeDeformatter(rsa);
byte[] plain = deformatter.DecryptKeyExchange(encrypted);
byte[] expectedPlain = { 0x41, 0x42, 0x43 };
Assert.Equal(expectedPlain, plain);
}
}
public static void TestKnownValuePkcs1()
{
using (RSA rsa = RSAFactory.Create())
{
rsa.ImportParameters(TestData.RSA1024Params);
byte[] encrypted =
("7061adb87a8759f0a0dc6ece42f5b63bf186f845237c6b16bf824b303812486efbb8f5febb681902228a609d4330a6c21abf0fc0d271"
+ "ba63d1d0d9e486668270c2dbf73ab33055dfc0b797938557b99c0e9a535605c0a4bceefe5a37594732bb566ab026e4e8d5ce47d0967d"
+ "f1c66e7ee4d39d804f6d558670222d708f943eb0").HexToByteArray();
RSAPKCS1KeyExchangeDeformatter deformatter = new RSAPKCS1KeyExchangeDeformatter(rsa);
byte[] plain = deformatter.DecryptKeyExchange(encrypted);
byte[] expectedPlain = { 0x41, 0x42, 0x43 };
Assert.Equal(expectedPlain, plain);
}
}
public static void UnusualExponentCryptRoundtrip()
{
byte[] crypt;
byte[] output;
using (RSA rsa = RSAFactory.Create())
{
rsa.ImportParameters(TestData.UnusualExponentParameters);
crypt = rsa.Encrypt(TestData.HelloBytes, RSAEncryptionPadding.OaepSHA1);
output = rsa.Decrypt(crypt, RSAEncryptionPadding.OaepSHA1);
}
Assert.NotEqual(crypt, output);
Assert.Equal(TestData.HelloBytes, output);
}