public void VerifyKnown_512()
{
byte[] signature = (
// r:
"E21F20B0B5E553137F6649DDC58F5E4AB7D4E6DE" +
// s:
"C37534CC7D9630339936C581690E832BD85C6C79").HexToByteArray();
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(DSATestData.Dsa512Parameters);
Assert.True(VerifyData(dsa, DSATestData.HelloBytes, signature, HashAlgorithmName.SHA1));
}
}
public void VerifyKnown_576()
{
byte[] signature = (
// r:
"490AEFA5A4F28B35183BBA3BE2536514AB13A088" +
// s:
"3F883FE96524D4CC596F67B64A3382E794C8D65B").HexToByteArray();
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(DSATestData.Dsa576Parameters);
Assert.True(VerifyData(dsa, DSATestData.HelloBytes, signature, HashAlgorithmName.SHA1));
}
}
public static DSA DecodeDSA(byte[] privateKey, DSAParameters dsaParameters)
{
ASN1 asn = new ASN1(privateKey);
if (asn.Tag != 2)
{
throw new CryptographicException("invalid private key format");
}
dsaParameters.X = PKCS8.PrivateKeyInfo.Normalize(asn.Value, 20);
DSA dsa = DSA.Create();
dsa.ImportParameters(dsaParameters);
return(dsa);
}
public void PublicKey_CannotSign()
{
DSAParameters keyParameters = DSATestData.GetDSA1024Params();
keyParameters.X = null;
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(keyParameters);
Assert.ThrowsAny <CryptographicException>(
() => SignData(dsa, DSATestData.HelloBytes, HashAlgorithmName.SHA1));
}
}
public void Complex()
{
KeyInfoName name = new KeyInfoName();
name.Value = "CoreFx::";
info.AddClause(name);
using (DSA keyDSA = DSA.Create())
{
keyDSA.ImportParameters(new DSAParameters
{
P = Convert.FromBase64String(dsaP),
Q = Convert.FromBase64String(dsaQ),
G = Convert.FromBase64String(dsaG),
Y = Convert.FromBase64String(dsaY),
});
DSAKeyValue dsa = new DSAKeyValue(keyDSA);
info.AddClause(dsa);
using (RSA keyRSA = RSA.Create())
{
keyRSA.ImportParameters(new RSAParameters()
{
Modulus = Convert.FromBase64String(rsaModulus),
Exponent = Convert.FromBase64String(rsaExponent)
});
RSAKeyValue rsa = new RSAKeyValue(keyRSA);
info.AddClause(rsa);
KeyInfoRetrievalMethod retrieval = new KeyInfoRetrievalMethod();
retrieval.Uri = "https://github.com/dotnet/corefx";
info.AddClause(retrieval);
using (X509Certificate x509 = new X509Certificate(cert))
{
KeyInfoX509Data x509data = new KeyInfoX509Data(x509);
info.AddClause(x509data);
string s = "<KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><KeyName>CoreFx::</KeyName><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><DSAKeyValue><P>rjxsMU368YOCTQejWkiuO9e/vUVwkLtq1jKiU3TtJ53hBJqjFRuTa228vZe+BH2su9RPn/vYFWfQDv6zgBYe3eNdu4Afw+Ny0FatX6dl3E77Ra6Tsd3MmLXBiGSQ1mMNd5G2XQGpbt9zsGlUaexXekeMLxIufgfZLwYp67M+2WM=</P><Q>tf0K9rMyvUrU4cIkwbCrDRhQAJk=</Q><G>S8Z+1pGCed00w6DtVcqZLKjfqlCJ7JsugEFIgSy/Vxtu9YGCMclV4ijGEbPo/jU8YOSMuD7E9M7UaopMRcmKQjoKZzoJjkgVFP48Ohxl1f08lERnButsxanx3+OstFwUGQ8XNaGg3KrIoZt1FUnfxN3RHHTvVhjzNSHxMGULGaU=</G><Y>LnrxxRGLYeV2XLtK3SYz8RQHlHFZYrtznDZyMotuRfO5uC5YODhSFyLXvb1qB3WeGtF4h3Eo4KzHgMgfN2ZMlffxFRhJgTtH3ctbL8lfQoDkjeiPPnYGhspdJxr0tyZmiy0gkjJG3vwHYrLnvZWx9Wm/unqiOlGBPNuxJ+hOeP8=</Y></DSAKeyValue></KeyValue>";
s += "<KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><RSAKeyValue><Modulus>9DC4XNdQJwMRnz5pP2a6U51MHCODRilaIoVXqUPhCUb0lJdGroeqVYT84ZyIVrcarzD7Tqs3aEOIa3rKox0N1bxQpZPqayVQeLAkjLLtzJW/ScRJx3uEDJdgT1JnM1FH0GZTinmEdCUXdLc7+Y/c/qqIkTfbwHbRZjW0bBJyExM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue>";
s += "<RetrievalMethod URI=\"https://github.com/dotnet/corefx\" />";
s += "<X509Data xmlns=\"http://www.w3.org/2000/09/xmldsig#\">";
s += "<X509Certificate>MIICHTCCAYYCARQwDQYJKoZIhvcNAQEEBQAwWDELMAkGA1UEBhMCQ0ExHzAdBgNVBAMTFktleXdpdG5lc3MgQ2FuYWRhIEluYy4xKDAmBgorBgEEASoCCwIBExhrZXl3aXRuZXNzQGtleXdpdG5lc3MuY2EwHhcNOTYwNTA3MDAwMDAwWhcNOTkwNTA3MDAwMDAwWjBYMQswCQYDVQQGEwJDQTEfMB0GA1UEAxMWS2V5d2l0bmVzcyBDYW5hZGEgSW5jLjEoMCYGCisGAQQBKgILAgETGGtleXdpdG5lc3NAa2V5d2l0bmVzcy5jYTCBnTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEAzSP6KuHtmPTp0JM+13qAAkzMwQKvXLYff/pXQm8w0SDFtSEHQCyphsLzZISuPYUu7YW9VLAYKO9q+BvnCxYfkyVPx/iOw7nKmIQOVdAv73h3xXIoX2C/GSvRcqK32D/glzRaAb0EnMh4Rc2TjRXydhARq7hbLp5S3YE+nGTIKZMCAQMwDQYJKoZIhvcNAQEEBQADgYEAMho1ur9DJ9a01Lh25eObTWzAhsl3NbprFi0TRkqwMlOhW1rpmeIMhogXTg3+gqxOR+/7/zms7jXI+lI3CkmtWa3iiqkcxl8f+G9zfs2gMegMvvVN2bKrihK2MHhoEXwN8UlNo/2y6f8d8JH6VIX/M5Dowb+km6RiRr1hElmYQYk=</X509Certificate></X509Data></KeyInfo>";
AssertCrypto.AssertXmlEquals("Complex", s, (info.GetXml().OuterXml));
Assert.Equal(5, info.Count);
}
}
}
}
public static void VerifyKnownSignature()
{
// The parameters and signature come from FIPS 186-2 APPENDIX 5. EXAMPLE OF THE DSA
using (DSA dsa = DSAFactory.Create())
{
DSAParameters dsaParameters = new DSAParameters
{
P = (
"8df2a494492276aa3d25759bb06869cbeac0d83afb8d0cf7" +
"cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac" +
"49693dfbf83724c2ec0736ee31c80291").HexToByteArray(),
Q = ("c773218c737ec8ee993b4f2ded30f48edace915f").HexToByteArray(),
G = (
"626d027839ea0a13413163a55b4cb500299d5522956cefcb" +
"3bff10f399ce2c2e71cb9de5fa24babf58e5b79521925c9c" +
"c42e9f6f464b088cc572af53e6d78802").HexToByteArray(),
X = ("2070b3223dba372fde1c0ffc7b2e3b498b260614").HexToByteArray(),
Y = (
"19131871d75b1612a819f29d78d1b0d7346f7aa77bb62a85" +
"9bfd6c5675da9d212d3a36ef1672ef660b8c7c255cc0ec74" +
"858fba33f44c06699630a76b030ee333").HexToByteArray(),
};
byte[] signature = (
// r
"8bac1ab66410435cb7181f95b16ab97c92b341c0" +
// s
"41e2345f1f56df2458f426d155b4ba2db6dcd8c8"
).HexToByteArray();
byte[] data = Encoding.ASCII.GetBytes("abc");
dsa.ImportParameters(dsaParameters);
Assert.True(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1));
// Negative case
unchecked
{
--signature[signature.Length - 1];
}
Assert.False(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1));
}
}
public static void VerifySignature_SHA1()
{
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(DSATestData.GetDSA1024Params());
var formatter = new DSASignatureFormatter(dsa);
var deformatter = new DSASignatureDeformatter(dsa);
using (SHA1 alg = SHA1.Create())
{
VerifySignature(formatter, deformatter, alg, "SHA1");
VerifySignature(formatter, deformatter, alg, "sha1");
}
}
}
// DSA only encode it's X private key inside an ASN.1 INTEGER (Hint: Tag == 0x02)
// which isn't enough for rebuilding the keypair. The other parameters
// can be found (98% of the time) in the X.509 certificate associated
// with the private key or (2% of the time) the parameters are in it's
// issuer X.509 certificate (not supported in the .NET framework).
static public DSA DecodeDSA(byte[] privateKey, DSAParameters dsaParameters)
{
ASN1 pvk = new ASN1(privateKey);
if (pvk.Tag != 0x02)
{
throw new CryptographicException("invalid private key format");
}
// X is ALWAYS 20 bytes (no matter if the key length is 512 or 1024 bits)
dsaParameters.X = Normalize(pvk.Value, 20);
DSA dsa = DSA.Create();
dsa.ImportParameters(dsaParameters);
return(dsa);
}
public static void ImportRoundTrip(bool includePrivate)
{
DSAParameters imported = DSATestData.GetDSA1024Params();
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(imported);
DSAParameters exported = dsa.ExportParameters(includePrivate);
using (DSA dsa2 = DSAFactory.Create())
{
dsa2.ImportParameters(exported);
DSAParameters exported2 = dsa2.ExportParameters(includePrivate);
AssertKeyEquals(in exported, in exported2);
}
}
}
public static void VerifyKnownSignature()
{
using (DSA dsa = DSAFactory.Create())
{
byte[] data;
byte[] signature;
DSAParameters dsaParameters;
DSATestData.GetDSA1024_186_2(out dsaParameters, out signature, out data);
dsa.ImportParameters(dsaParameters);
Assert.True(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1));
// Negative case
signature[signature.Length - 1] ^= 0xff;
Assert.False(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1));
}
}
static internal DSA DecodeDSA(byte[] rawPublicKey, byte[] rawParameters)
{
DSAParameters dsaParams = new DSAParameters();
try
{
// for DSA rawPublicKey contains 1 ASN.1 integer - Y
ASN1 pubkey = new ASN1(rawPublicKey);
if (pubkey.Tag != 0x02)
{
throw new CryptographicException(Locale.GetText("Missing DSA Y integer."));
}
dsaParams.Y = GetUnsignedBigInteger(pubkey.Value);
ASN1 param = new ASN1(rawParameters);
if ((param == null) || (param.Tag != 0x30) || (param.Count < 3))
{
throw new CryptographicException(Locale.GetText("Missing DSA parameters."));
}
if ((param [0].Tag != 0x02) || (param [1].Tag != 0x02) || (param [2].Tag != 0x02))
{
throw new CryptographicException(Locale.GetText("Invalid DSA parameters."));
}
dsaParams.P = GetUnsignedBigInteger(param [0].Value);
dsaParams.Q = GetUnsignedBigInteger(param [1].Value);
dsaParams.G = GetUnsignedBigInteger(param [2].Value);
}
catch (Exception e)
{
string msg = Locale.GetText("Error decoding the ASN.1 structure.");
throw new CryptographicException(msg, e);
}
#if MOONLIGHT
DSA dsa = (DSA) new DSAManaged(dsaParams.Y.Length << 3);
#else
DSA dsa = (DSA) new DSACryptoServiceProvider(dsaParams.Y.Length << 3);
#endif
dsa.ImportParameters(dsaParams);
return(dsa);
}
private static AsymmetricAlgorithm DecodeDsaPublicKey(byte[] encodedKeyValue, byte[] encodedParameters)
{
DSAParameters dsaParameters = new DSAParameters();
DerSequenceReader parameterReader = new DerSequenceReader(encodedParameters);
parameterReader.ReadSubjectPublicKeyInfo(encodedKeyValue, ref dsaParameters);
DSA dsa = DSA.Create();
try
{
dsa.ImportParameters(dsaParameters);
return(dsa);
}
catch (Exception)
{
dsa.Dispose();
throw;
}
}
public static void DecryptPkcs12WithBytes()
{
using (DSA key = DSAFactory.Create())
{
key.ImportParameters(DSATestData.GetDSA1024Params());
string charBased = "hello";
byte[] byteBased = Encoding.UTF8.GetBytes(charBased);
byte[] encrypted = key.ExportEncryptedPkcs8PrivateKey(
charBased,
new PbeParameters(
PbeEncryptionAlgorithm.TripleDes3KeyPkcs12,
HashAlgorithmName.SHA1,
123));
Assert.ThrowsAny <CryptographicException>(
() => key.ImportEncryptedPkcs8PrivateKey(byteBased, encrypted, out _));
}
}
public static void VerifyKnownSignature()
{
using (DSA dsa = DSAFactory.Create())
{
byte[] data;
byte[] signature;
DSAParameters dsaParameters;
DSATestData.GetDSA1024_186_2(out dsaParameters, out signature, out data);
byte[] hash = SHA1.HashData(data);
dsa.ImportParameters(dsaParameters);
var deformatter = new DSASignatureDeformatter(dsa);
deformatter.VerifySignature(hash, signature);
// Negative case
signature[signature.Length - 1] ^= 0xff;
Assert.False(deformatter.VerifySignature(hash, signature));
}
}
private void UseAfterDispose(bool importKey)
{
DSA key = importKey ? DSAFactory.Create(DSATestData.GetDSA1024Params()) : DSAFactory.Create(1024);
byte[] data = { 1 };
byte[] sig;
// Ensure the key is populated, then dispose it.
using (key)
{
sig = SignData(key, data, HashAlgorithmName.SHA1);
}
key.Dispose();
UseAfterDispose(key, data, sig);
Assert.Throws <ObjectDisposedException>(() => key.ImportParameters(DSATestData.GetDSA1024Params()));
// Either set_KeySize or SignData should throw.
Assert.Throws <ObjectDisposedException>(
() =>
{
try
{
key.KeySize = 576;
}
catch (CryptographicException)
{
// DSACryptoServiceProvider on Android only supports 1024 and does an early check for legal
// key sizes, since it is more restrictive than the wrapped implementation. It will throw
// CryptographicException. SignData should still throw ObjectDisposedException.
if (!PlatformDetection.IsAndroid)
{
throw;
}
}
SignData(key, data, HashAlgorithmName.SHA1);
});
}
public void DSAKeyValue()
{
using (DSA key = DSA.Create())
{
key.ImportParameters(new DSAParameters {
P = Convert.FromBase64String(dsaP),
Q = Convert.FromBase64String(dsaQ),
G = Convert.FromBase64String(dsaG),
Y = Convert.FromBase64String(dsaY),
//J = Convert.FromBase64String(dsaJ),
//Seed = Convert.FromBase64String(dsaSeed),
//Counter = BitConverter.ToUInt16(Convert.FromBase64String(dsaPgenCounter), 0)
});
DSAKeyValue dsa = new DSAKeyValue(key);
info.AddClause(dsa);
AssertCrypto.AssertXmlEquals("dsa",
"<KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
xmlDSA + "</KeyValue></KeyInfo>", (info.GetXml().OuterXml));
Assert.Equal(1, info.Count);
}
}
private static AsymmetricAlgorithm DecodeDsaPublicKey(byte[] encodedKeyValue, byte[] encodedParameters)
{
DSAKeyFormatHelper.ReadDsaPublicKey(
encodedKeyValue,
new AlgorithmIdentifierAsn {
Parameters = encodedParameters
},
out DSAParameters dsaParameters);
DSA dsa = DSA.Create();
try
{
dsa.ImportParameters(dsaParameters);
return(dsa);
}
catch (Exception)
{
dsa.Dispose();
throw;
}
}
public static void ExportAfterDispose(bool importKey)
{
DSA key = importKey ? DSAFactory.Create(DSATestData.GetDSA1024Params()) : DSAFactory.Create(1024);
byte[] hash = new byte[20];
// Ensure that the key got created, and then Dispose it.
using (key)
{
try
{
key.CreateSignature(hash);
}
catch (PlatformNotSupportedException) when(!SupportsKeyGeneration)
{
}
}
Assert.Throws <ObjectDisposedException>(() => key.ExportParameters(false));
Assert.Throws <ObjectDisposedException>(() => key.ExportParameters(true));
Assert.Throws <ObjectDisposedException>(() => key.ImportParameters(DSATestData.GetDSA1024Params()));
}
public void Verify2048WithSha1()
{
byte[] data = { 1, 2, 3, 4 };
byte[] signature = (
"28DC05B452C8FC0E0BFE9DA067D11147D31B1F3C63E5CF95046A812417C64844868D04D3A1D23" +
"13E5DD07DE757B3A836E70A1C85DDC90CB62DE2E44746C760F2").HexToByteArray();
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(DSATestData.GetDSA2048Params());
Assert.True(VerifyData(dsa, data, signature, HashAlgorithmName.SHA1), "Untampered data verifies");
data[0] ^= 0xFF;
Assert.False(VerifyData(dsa, data, signature, HashAlgorithmName.SHA1), "Tampered data verifies");
data[0] ^= 0xFF;
signature[signature.Length - 1] ^= 0xFF;
Assert.False(VerifyData(dsa, data, signature, HashAlgorithmName.SHA1), "Tampered signature verifies");
}
}
public static void VerifyKnown_2048_SHA256()
{
byte[] signature =
{
0x92, 0x06, 0x0B, 0x57, 0xF1, 0x35, 0x20, 0x28,
0xC6, 0x54, 0x4A, 0x0F, 0x08, 0x48, 0x5F, 0x5D,
0x55, 0xA8, 0x42, 0xFB, 0x05, 0xA7, 0x3E, 0x32,
0xCA, 0xC6, 0x91, 0x77, 0x70, 0x0A, 0x68, 0x44,
0x60, 0x63, 0xF7, 0xE7, 0x96, 0x54, 0x8F, 0x4A,
0x6D, 0x47, 0x10, 0xEE, 0x9A, 0x9F, 0xC2, 0xC8,
0xDD, 0x74, 0xAE, 0x1A, 0x68, 0xF3, 0xA9, 0xB8,
0x62, 0x14, 0x50, 0xA3, 0x01, 0x1D, 0x2A, 0x22,
};
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(DSATestData.GetDSA2048Params());
Assert.True(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA256));
Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA384));
Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA512));
}
}
public static void VerifyKnown_2048_SHA512()
{
byte[] signature =
{
0x6F, 0x44, 0x68, 0x1F, 0x74, 0xF7, 0x90, 0x2F,
0x38, 0x43, 0x9B, 0x00, 0x15, 0xDA, 0xF6, 0x8F,
0x97, 0xB4, 0x4A, 0x52, 0xF7, 0xC1, 0xEC, 0x21,
0xE2, 0x44, 0x48, 0x71, 0x0F, 0xEC, 0x5E, 0xB3,
0xA1, 0xCB, 0xE4, 0x42, 0xC8, 0x1E, 0xCD, 0x3C,
0xA8, 0x15, 0x51, 0xDE, 0x0C, 0xCC, 0xAE, 0x4D,
0xEB, 0x2A, 0xE9, 0x13, 0xBB, 0x7F, 0x3C, 0xFB,
0x69, 0x8A, 0x8E, 0x0F, 0x80, 0x87, 0x2E, 0xA6,
};
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(DSATestData.GetDSA2048Params());
Assert.True(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA512));
Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA256));
Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA384));
}
}
public static void VerifyKnown_2048_SHA384()
{
byte[] signature =
{
0x56, 0xBA, 0x70, 0x48, 0x18, 0xBA, 0xE3, 0x43,
0xF0, 0x7F, 0x25, 0xFE, 0xEA, 0xF1, 0xDB, 0x49,
0x37, 0x15, 0xD3, 0xD0, 0x5B, 0x9D, 0x57, 0x19,
0x73, 0x44, 0xDA, 0x70, 0x8D, 0x44, 0x7D, 0xBA,
0x83, 0xDB, 0x8E, 0x8F, 0x39, 0x0F, 0x83, 0xD5,
0x0B, 0x73, 0x81, 0x77, 0x3D, 0x9B, 0x8D, 0xA4,
0xAD, 0x94, 0x3C, 0xAB, 0x7A, 0x6C, 0x81, 0x48,
0x2F, 0xCF, 0x50, 0xE3, 0x34, 0x0B, 0xEC, 0xF0,
};
using (DSA dsa = DSAFactory.Create())
{
dsa.ImportParameters(DSATestData.GetDSA2048Params());
Assert.True(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA384));
Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA256));
Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA512));
}
}
/// <summary>準備</summary>
private void Prepare()
{
AsymmetricAlgorithm aa = null;
if (this.X509Certificate.PrivateKey == null)
{
// *.cer
aa = this.GetPublicKey();
}
else
{
// *.pfx
aa = this.GetPrivateKey();
// *.pfxの場合、ExportParameters(true)して生成し直す必要がある。
if (aa is RSA)
{
// RSA
RSA rsa = (RSA)AsymmetricAlgorithmCmnFunc.CreateSameKeySizeSP(aa);
rsa.ImportParameters(((RSA)(aa)).ExportParameters(true));
aa = rsa;
}
else if (aa is DSA)
{
// DSA
DSA dsa = (DSA)AsymmetricAlgorithmCmnFunc.CreateSameKeySizeSP(aa);
dsa.ImportParameters(((DSA)(aa)).ExportParameters(true));
aa = dsa;
}
else
{
throw new NotImplementedException(PublicExceptionMessage.NOT_IMPLEMENTED);
}
}
// AsymmetricAlgorithmを設定
this.AsymmetricAlgorithm = aa;
}
public static void NoFuzzyEncryptedPkcs8()
{
using (DSA key = DSAFactory.Create())
{
key.ImportParameters(DSATestData.GetDSA1024Params());
int bytesRead = -1;
byte[] spki = key.ExportSubjectPublicKeyInfo();
byte[] empty = Array.Empty <byte>();
Assert.ThrowsAny <CryptographicException>(
() => key.ImportEncryptedPkcs8PrivateKey(empty, spki, out bytesRead));
Assert.Equal(-1, bytesRead);
byte[] pkcs8 = key.ExportPkcs8PrivateKey();
Assert.ThrowsAny <CryptographicException>(
() => key.ImportEncryptedPkcs8PrivateKey(empty, pkcs8, out bytesRead));
Assert.Equal(-1, bytesRead);
}
}
public static void BadPbeParameters()
{
using (DSA key = DSAFactory.Create())
{
key.ImportParameters(DSATestData.GetDSA1024Params());
Assert.ThrowsAny <ArgumentNullException>(
() => key.ExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <byte> .Empty,
null));
Assert.ThrowsAny <ArgumentNullException>(
() => key.ExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <char> .Empty,
null));
Assert.ThrowsAny <ArgumentNullException>(
() => key.TryExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <byte> .Empty,
null,
Span <byte> .Empty,
out _));
Assert.ThrowsAny <ArgumentNullException>(
() => key.TryExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <char> .Empty,
null,
Span <byte> .Empty,
out _));
// PKCS12 requires SHA-1
Assert.ThrowsAny <CryptographicException>(
() => key.ExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <byte> .Empty,
new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA256, 72)));
Assert.ThrowsAny <CryptographicException>(
() => key.TryExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <byte> .Empty,
new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA256, 72),
Span <byte> .Empty,
out _));
// PKCS12 requires SHA-1
Assert.ThrowsAny <CryptographicException>(
() => key.ExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <byte> .Empty,
new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.MD5, 72)));
Assert.ThrowsAny <CryptographicException>(
() => key.TryExportEncryptedPkcs8PrivateKey(
ReadOnlySpan <byte> .Empty,
new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.MD5, 72),
Span <byte> .Empty,
out _));
// PKCS12 requires a char-based password
Assert.ThrowsAny <CryptographicException>(
() => key.ExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA1, 72)));
Assert.ThrowsAny <CryptographicException>(
() => key.TryExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA1, 72),
Span <byte> .Empty,
out _));
// Unknown encryption algorithm
Assert.ThrowsAny <CryptographicException>(
() => key.ExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters(0, HashAlgorithmName.SHA1, 72)));
Assert.ThrowsAny <CryptographicException>(
() => key.TryExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters(0, HashAlgorithmName.SHA1, 72),
Span <byte> .Empty,
out _));
// Unknown encryption algorithm (negative enum value)
Assert.ThrowsAny <CryptographicException>(
() => key.ExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters((PbeEncryptionAlgorithm)(-5), HashAlgorithmName.SHA1, 72)));
Assert.ThrowsAny <CryptographicException>(
() => key.TryExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters((PbeEncryptionAlgorithm)(-5), HashAlgorithmName.SHA1, 72),
Span <byte> .Empty,
out _));
// Unknown encryption algorithm (overly-large enum value)
Assert.ThrowsAny <CryptographicException>(
() => key.ExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters((PbeEncryptionAlgorithm)15, HashAlgorithmName.SHA1, 72)));
Assert.ThrowsAny <CryptographicException>(
() => key.TryExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters((PbeEncryptionAlgorithm)15, HashAlgorithmName.SHA1, 72),
Span <byte> .Empty,
out _));
// Unknown hash algorithm
Assert.ThrowsAny <CryptographicException>(
() => key.ExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters(PbeEncryptionAlgorithm.Aes192Cbc, new HashAlgorithmName("Potato"), 72)));
Assert.ThrowsAny <CryptographicException>(
() => key.TryExportEncryptedPkcs8PrivateKey(
new byte[3],
new PbeParameters(PbeEncryptionAlgorithm.Aes192Cbc, new HashAlgorithmName("Potato"), 72),
Span <byte> .Empty,
out _));
}
}
public void Verify_NullSignature()
{
dsa.ImportParameters(AllTests.GetKey(false));
def.SetKey(dsa);
def.VerifySignature(hash, null);
}
public static DSA FromCapiPrivateKeyBlobDSA(byte[] blob, int offset)
{
if (blob == null)
{
throw new ArgumentNullException("blob");
}
if (offset >= blob.Length)
{
throw new ArgumentException("blob is too small.");
}
DSAParameters parameters = default(DSAParameters);
try
{
if (blob[offset] != 7 || blob[offset + 1] != 2 || blob[offset + 2] != 0 || blob[offset + 3] != 0 || CryptoConvert.ToUInt32LE(blob, offset + 8) != 844321604u)
{
throw new CryptographicException("Invalid blob header");
}
int num = CryptoConvert.ToInt32LE(blob, offset + 12);
int num2 = num >> 3;
int num3 = offset + 16;
parameters.P = new byte[num2];
Buffer.BlockCopy(blob, num3, parameters.P, 0, num2);
Array.Reverse(parameters.P);
num3 += num2;
parameters.Q = new byte[20];
Buffer.BlockCopy(blob, num3, parameters.Q, 0, 20);
Array.Reverse(parameters.Q);
num3 += 20;
parameters.G = new byte[num2];
Buffer.BlockCopy(blob, num3, parameters.G, 0, num2);
Array.Reverse(parameters.G);
num3 += num2;
parameters.X = new byte[20];
Buffer.BlockCopy(blob, num3, parameters.X, 0, 20);
Array.Reverse(parameters.X);
num3 += 20;
parameters.Counter = CryptoConvert.ToInt32LE(blob, num3);
num3 += 4;
parameters.Seed = new byte[20];
Buffer.BlockCopy(blob, num3, parameters.Seed, 0, 20);
Array.Reverse(parameters.Seed);
num3 += 20;
}
catch (Exception inner)
{
throw new CryptographicException("Invalid blob.", inner);
}
DSA dsa = null;
try
{
dsa = DSA.Create();
dsa.ImportParameters(parameters);
}
catch (CryptographicException ex)
{
try
{
dsa = new DSACryptoServiceProvider(new CspParameters
{
Flags = CspProviderFlags.UseMachineKeyStore
});
dsa.ImportParameters(parameters);
}
catch
{
throw ex;
}
}
return(dsa);
}
static public DSA FromCapiPublicKeyBlobDSA(byte[] blob, int offset)
{
if (blob == null)
{
throw new ArgumentNullException("blob");
}
if (offset >= blob.Length)
{
throw new ArgumentException("blob is too small.");
}
try {
if ((blob [offset] != 0x06) || // PUBLICKEYBLOB (0x06)
(blob [offset + 1] != 0x02) || // Version (0x02)
(blob [offset + 2] != 0x00) || // Reserved (word)
(blob [offset + 3] != 0x00) ||
(ToUInt32LE(blob, offset + 8) != 0x31535344)) // DWORD magic
{
throw new CryptographicException("Invalid blob header");
}
int bitlen = ToInt32LE(blob, offset + 12);
DSAParameters dsap = new DSAParameters();
int bytelen = bitlen >> 3;
int pos = offset + 16;
dsap.P = new byte [bytelen];
Buffer.BlockCopy(blob, pos, dsap.P, 0, bytelen);
Array.Reverse(dsap.P);
pos += bytelen;
dsap.Q = new byte [20];
Buffer.BlockCopy(blob, pos, dsap.Q, 0, 20);
Array.Reverse(dsap.Q);
pos += 20;
dsap.G = new byte [bytelen];
Buffer.BlockCopy(blob, pos, dsap.G, 0, bytelen);
Array.Reverse(dsap.G);
pos += bytelen;
dsap.Y = new byte [bytelen];
Buffer.BlockCopy(blob, pos, dsap.Y, 0, bytelen);
Array.Reverse(dsap.Y);
pos += bytelen;
dsap.Counter = ToInt32LE(blob, pos);
pos += 4;
dsap.Seed = new byte [20];
Buffer.BlockCopy(blob, pos, dsap.Seed, 0, 20);
Array.Reverse(dsap.Seed);
pos += 20;
DSA dsa = (DSA)DSA.Create();
dsa.ImportParameters(dsap);
return(dsa);
}
catch (Exception e) {
throw new CryptographicException("Invalid blob.", e);
}
}
static public DSA FromCapiPrivateKeyBlobDSA(byte[] blob, int offset)
{
if (blob == null)
{
throw new ArgumentNullException("blob");
}
if (offset >= blob.Length)
{
throw new ArgumentException("blob is too small.");
}
DSAParameters dsap = new DSAParameters();
try {
if ((blob [offset] != 0x07) || // PRIVATEKEYBLOB (0x07)
(blob [offset + 1] != 0x02) || // Version (0x02)
(blob [offset + 2] != 0x00) || // Reserved (word)
(blob [offset + 3] != 0x00) ||
(ToUInt32LE(blob, offset + 8) != 0x32535344)) // DWORD magic
{
throw new CryptographicException("Invalid blob header");
}
int bitlen = ToInt32LE(blob, offset + 12);
int bytelen = bitlen >> 3;
int pos = offset + 16;
dsap.P = new byte [bytelen];
Buffer.BlockCopy(blob, pos, dsap.P, 0, bytelen);
Array.Reverse(dsap.P);
pos += bytelen;
dsap.Q = new byte [20];
Buffer.BlockCopy(blob, pos, dsap.Q, 0, 20);
Array.Reverse(dsap.Q);
pos += 20;
dsap.G = new byte [bytelen];
Buffer.BlockCopy(blob, pos, dsap.G, 0, bytelen);
Array.Reverse(dsap.G);
pos += bytelen;
dsap.X = new byte [20];
Buffer.BlockCopy(blob, pos, dsap.X, 0, 20);
Array.Reverse(dsap.X);
pos += 20;
dsap.Counter = ToInt32LE(blob, pos);
pos += 4;
dsap.Seed = new byte [20];
Buffer.BlockCopy(blob, pos, dsap.Seed, 0, 20);
Array.Reverse(dsap.Seed);
pos += 20;
}
catch (Exception e) {
throw new CryptographicException("Invalid blob.", e);
}
#if NET_2_1
DSA dsa = (DSA)DSA.Create();
dsa.ImportParameters(dsap);
#else
DSA dsa = null;
try {
dsa = (DSA)DSA.Create();
dsa.ImportParameters(dsap);
}
catch (CryptographicException ce) {
// this may cause problem when this code is run under
// the SYSTEM identity on Windows (e.g. ASP.NET). See
// http://bugzilla.ximian.com/show_bug.cgi?id=77559
try {
CspParameters csp = new CspParameters();
csp.Flags = CspProviderFlags.UseMachineKeyStore;
dsa = new DSACryptoServiceProvider(csp);
dsa.ImportParameters(dsap);
}
catch {
// rethrow original, not the later, exception if this fails
throw ce;
}
}
#endif
return(dsa);
}
public override void ImportParameters(DSAParameters parameters) => _impl.ImportParameters(parameters);
