private void Constructors(
string testId,
string json,
JsonWebKeySet compareTo,
ExpectedException ee)
{
var context = new CompareContext($"{this}.{testId}");
context.PropertiesToIgnoreWhenComparing.Add(typeof(JsonWebKeySet), new List <string>()
{
"SkipUnresolvedJsonWebKeys"
});
try
{
var jsonWebKeys = new JsonWebKeySet(json);
var keys = jsonWebKeys.GetSigningKeys();
ee.ProcessNoException(context);
if (compareTo != null)
{
IdentityComparer.AreEqual(jsonWebKeys, compareTo, context);
}
}
catch (Exception ex)
{
ee.ProcessException(ex, context.Diffs);
}
TestUtilities.AssertFailIfErrors(context);
}
private void SignatureProvider_DisposeVariation(string testCase, SignatureProvider provider, ExpectedException expectedException)
{
try
{
if (testCase.StartsWith("Sign"))
{
provider.Sign(new byte[256]);
}
else if (testCase.StartsWith("Verify"))
{
provider.Verify(new byte[256], new byte[256]);
}
else if (testCase.StartsWith("Dispose"))
{
provider.Dispose();
}
else
{
Assert.True(false, "Test case does not match any scenario");
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
private void SymmetricSignatureProvider_ConstructorVariation(SecurityKey key, string algorithm, ExpectedException expectedException)
{
try
{
SymmetricSignatureProvider provider = new SymmetricSignatureProvider(key, algorithm);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
private void SignData(RSACryptoServiceProviderProxy rsaCspProxy, ExpectedException ee)
{
try
{
rsaCspProxy.SignData(input, _hashAlgorithm);
ee.ProcessNoException();
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
public void Audience(List <string> audiences, SecurityToken securityToken, TokenValidationParameters validationParameters, ExpectedException ee)
{
try
{
Validators.ValidateAudience(audiences, securityToken, validationParameters);
ee.ProcessNoException();
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
public void TokenReplay(string securityToken, DateTime?expirationTime, TokenValidationParameters validationParameters, ExpectedException ee)
{
try
{
Validators.ValidateTokenReplay(expirationTime, securityToken, validationParameters);
ee.ProcessNoException();
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
public void Issuer(string issuer, SecurityToken securityToken, TokenValidationParameters validationParameters, ExpectedException ee)
{
try
{
Validators.ValidateIssuer(issuer, securityToken, validationParameters);
ee.ProcessNoException();
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
private void RsaSecurityKeyConstructor(RSAParameters parameters, ExpectedException ee)
{
try
{
var rsaSecurityKey = new RsaSecurityKey(parameters);
ee.ProcessNoException();
}
catch (Exception exception)
{
ee.ProcessException(exception);
}
}
private void RsaSecurityKeyConstructorWithRsa(RSA rsa, ExpectedException ee)
{
try
{
var rsaSecurityKey = new RsaSecurityKey(rsa);
ee.ProcessNoException();
}
catch (Exception exception)
{
ee.ProcessException(exception);
}
}
public void SecurityKey(SecurityKey securityKey, SecurityToken securityToken, TokenValidationParameters validationParameters, ExpectedException ee)
{
try
{
Validators.ValidateIssuerSecurityKey(securityKey, securityToken, validationParameters);
ee.ProcessNoException();
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
public void Lifetime(DateTime?notBefore, DateTime?expires, SecurityToken securityToken, TokenValidationParameters validationParameters, ExpectedException ee)
{
try
{
Validators.ValidateLifetime(notBefore, expires, securityToken, validationParameters);
ee.ProcessNoException();
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
private void SymmetricSignatureProvidersSignVariation(SecurityKey key, string algorithm, byte[] input, ExpectedException ee, List <string> errors)
{
try
{
SymmetricSignatureProvider provider = new SymmetricSignatureProvider(key, algorithm);
byte[] signature = provider.Sign(input);
ee.ProcessNoException(errors);
}
catch (Exception ex)
{
ee.ProcessException(ex, errors);
}
}
public void SymmetricSignatureProvider_Publics()
{
SymmetricSignatureProvider provider = new SymmetricSignatureProvider(KeyingMaterial.DefaultSymmetricSecurityKey_256, KeyingMaterial.DefaultSymmetricSigningCreds_256_Sha2.Algorithm);
ExpectedException expectedException = ExpectedException.ArgumentOutOfRangeException("IDX10628:");
try
{
provider.MinimumSymmetricKeySizeInBits = SymmetricSignatureProvider.DefaultMinimumSymmetricKeySizeInBits - 10;
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
public static ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, ISecurityTokenValidator tokenValidator, ExpectedException expectedException)
{
ClaimsPrincipal retVal = null;
try
{
SecurityToken validatedToken;
retVal = tokenValidator.ValidateToken(securityToken, validationParameters, out validatedToken);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
return(retVal);
}
private void SymmetricSignatureProviders_Verify_Variation(SecurityKey key, string algorithm, byte[] rawBytes, byte[] signature, ExpectedException ee, List <string> errors, bool shouldSignatureSucceed)
{
try
{
SymmetricSignatureProvider provider = new SymmetricSignatureProvider(key, algorithm);
if (provider.Verify(rawBytes, signature) != shouldSignatureSucceed)
{
errors.Add("SignatureProvider.Verify did not return expected: " + shouldSignatureSucceed + " , algorithm: " + algorithm);
}
ee.ProcessNoException(errors);
}
catch (Exception ex)
{
ee.ProcessException(ex, errors);
}
}
#pragma warning restore CS3016 // Arrays as attribute arguments is not CLS-compliant
public void Constructors(string testId, SecurityKey key, string algorithm, ExpectedException ee)
{
try
{
var context = Guid.NewGuid().ToString();
var provider = CryptoProviderFactory.Default.CreateKeyWrapProvider(key, algorithm);
provider.Context = context;
ee.ProcessNoException();
Assert.Equal(provider.Algorithm, algorithm);
Assert.Equal(provider.Context, context);
Assert.True(ReferenceEquals(provider.Key, key));
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
private void FactoryCreateFor(string testcase, SecurityKey key, string algorithm, CryptoProviderFactory factory, ExpectedException expectedException)
{
Console.WriteLine(testcase);
try
{
if (testcase.StartsWith("Signing"))
{
factory.CreateForSigning(key, algorithm);
}
else
{
factory.CreateForVerifying(key, algorithm);
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
private void AsymmetricConstructorVariation(string testcase, SecurityKey key, string algorithm, ExpectedException expectedException)
{
AsymmetricSignatureProvider provider = null;
try
{
if (testcase.StartsWith("Signing"))
{
provider = new AsymmetricSignatureProvider(key, algorithm, true);
}
else
{
provider = new AsymmetricSignatureProvider(key, algorithm, false);
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
public void Constructors(string testId, SecurityKey key, string algorithm, bool isDecrypt, ExpectedException ee)
{
TestUtilities.WriteHeader("Constructors - " + testId, true);
try
{
var context = Guid.NewGuid().ToString();
var provider = new RsaKeyWrapProvider(key, algorithm, isDecrypt)
{
Context = context
};
ee.ProcessNoException();
Assert.Equal(provider.Algorithm, algorithm);
Assert.Equal(provider.Context, context);
Assert.True(ReferenceEquals(provider.Key, key));
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
public void DefaultCryptoProviderFactory(SecurityKey key, string algorithm, bool isSupported, bool supportsSigning, ExpectedException ee)
{
Assert.True(CryptoProviderFactory.Default.IsSupportedAlgorithm(algorithm, key) == isSupported, string.Format(CultureInfo.InvariantCulture, "SecurityKey: '{0}', algorithm: '{1}', isSupported: '{2}'", key, algorithm, isSupported));
if (isSupported && supportsSigning)
{
try
{
var signatureProvider = CryptoProviderFactory.Default.CreateForSigning(key, algorithm);
var signatureProviderVerify = CryptoProviderFactory.Default.CreateForVerifying(key, algorithm);
var bytes = Encoding.UTF8.GetBytes("GenerateASignature");
var signature = signatureProvider.Sign(bytes);
var signatureCheck = signatureProviderVerify.Verify(bytes, signature);
Assert.True(signatureCheck);
CryptoProviderFactory.Default.ReleaseSignatureProvider(signatureProvider);
CryptoProviderFactory.Default.ReleaseSignatureProvider(signatureProviderVerify);
ee.ProcessNoException();
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
}
/// <summary>
/// Sets a property, then checks it, checking for an expected exception.
/// </summary>
/// <param name="obj">object that has a 'setter'.</param>
/// <param name="property">the name of the property.</param>
/// <param name="propertyValue">value to set on the property.</param>
/// <param name="expectedException">checks that exception is correct.</param>
public static void SetGet(object obj, string property, object propertyValue, ExpectedException expectedException)
{
Assert.NotNull(obj);
Assert.False(string.IsNullOrWhiteSpace(property));
Type type = obj.GetType();
PropertyInfo propertyInfo = type.GetProperty(property);
Assert.True(propertyInfo != null, "'get is not found for property: '" + property + "', type: '" + type.ToString() + "'");
Assert.True(propertyInfo.CanWrite, "can not write to property: '" + property + "', type: '" + type.ToString() + "'");
try
{
propertyInfo.SetValue(obj, propertyValue);
object retval = propertyInfo.GetValue(obj);
Assert.Equal(propertyValue, retval);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
// pass inner exception
expectedException.ProcessException(exception.InnerException);
}
}
public void Constructor()
{
var context = new CompareContext();
var expectedException = new ExpectedException(typeExpected: typeof(ArgumentNullException), substringExpected: "certificate");
try
{
new X509SecurityKey((X509Certificate2)null);
expectedException.ProcessNoException(context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
var certificate = KeyingMaterial.DefaultCert_2048;
expectedException = new ExpectedException(typeExpected: typeof(ArgumentNullException), substringExpected: "keyId");
try
{
new X509SecurityKey(certificate, null);
expectedException.ProcessNoException(context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
try
{
new X509SecurityKey(certificate, string.Empty);
expectedException.ProcessNoException(context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
expectedException = ExpectedException.NoExceptionExpected;
try
{
var x509SecurityKey = new X509SecurityKey(certificate);
IdentityComparer.AreEqual(x509SecurityKey.KeyId, certificate.Thumbprint, context);
IdentityComparer.AreEqual(x509SecurityKey.X5t, Base64UrlEncoder.Encode(certificate.GetCertHash()), context);
IdentityComparer.AreEqual(certificate, x509SecurityKey.Certificate, context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
try
{
var x509SecurityKey = new X509SecurityKey(certificate, "KID");
IdentityComparer.AreEqual(x509SecurityKey.KeyId, "KID", context);
IdentityComparer.AreEqual(x509SecurityKey.X5t, Base64UrlEncoder.Encode(certificate.GetCertHash()), context);
IdentityComparer.AreEqual(certificate, x509SecurityKey.Certificate, context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
TestUtilities.AssertFailIfErrors(context);
}
