public static void VerifySignature_ECDsa(string hashAlgorithm)
        {
            HashAlgorithmName hashAlgorithmName = new HashAlgorithmName(hashAlgorithm);

            using (ECDsa key = ECDsa.Create())
            {
                CertificateRequest first = new CertificateRequest(
                    "CN=Test",
                    key,
                    hashAlgorithmName);

                byte[] pkcs10;

                if (hashAlgorithm == "SHA1")
                {
                    pkcs10 = first.CreateSigningRequest(new ECDsaSha1SignatureGenerator(key));
                }
                else
                {
                    pkcs10 = first.CreateSigningRequest();
                }

                // Assert.NoThrow
                CertificateRequest.LoadSigningRequest(pkcs10, hashAlgorithmName, out _);

                pkcs10[^ 1] ^= 0xFF;
        public static void LoadWithEmptyHashAlgorithm()
        {
            HashAlgorithmName hashAlgorithm = new HashAlgorithmName("");

            Assert.Throws <ArgumentException>(
                "signerHashAlgorithm",
                () => CertificateRequest.LoadSigningRequest(Array.Empty <byte>(), hashAlgorithm));

            {
                int consumed = -1;

                Assert.Throws <ArgumentException>(
                    "signerHashAlgorithm",
                    () => CertificateRequest.LoadSigningRequest(
                        ReadOnlySpan <byte> .Empty,
                        hashAlgorithm,
                        out consumed));

                Assert.Equal(-1, consumed);
            }

            Assert.Throws <ArgumentException>(
                "signerHashAlgorithm",
                () => CertificateRequest.LoadSigningRequestPem(string.Empty, hashAlgorithm));

            Assert.Throws <ArgumentException>(
                "signerHashAlgorithm",
                () => CertificateRequest.LoadSigningRequestPem(
                    ReadOnlySpan <char> .Empty,
                    hashAlgorithm));
        }
        public static void VerifySignature_RSA_PKCS1(string hashAlgorithm)
        {
            HashAlgorithmName hashAlgorithmName = new HashAlgorithmName(hashAlgorithm);

            using (RSA key = RSA.Create())
            {
                CertificateRequest first = new CertificateRequest(
                    "CN=Test",
                    key,
                    hashAlgorithmName,
                    RSASignaturePadding.Pkcs1);

                byte[] pkcs10;

                if (hashAlgorithm == "SHA1")
                {
                    pkcs10 = first.CreateSigningRequest(new RSASha1Pkcs1SignatureGenerator(key));
                }
                else
                {
                    pkcs10 = first.CreateSigningRequest();
                }

                // Assert.NoThrow
                CertificateRequest.LoadSigningRequest(pkcs10, hashAlgorithmName, out _);

                pkcs10[^ 1] ^= 0xFF;
        public static void LoadWithDefaultHashAlgorithm()
        {
            Assert.Throws <ArgumentNullException>(
                "signerHashAlgorithm",
                () => CertificateRequest.LoadSigningRequest(Array.Empty <byte>(), default(HashAlgorithmName)));

            {
                int consumed = -1;

                Assert.Throws <ArgumentNullException>(
                    "signerHashAlgorithm",
                    () => CertificateRequest.LoadSigningRequest(
                        ReadOnlySpan <byte> .Empty,
                        default(HashAlgorithmName),
                        out consumed));

                Assert.Equal(-1, consumed);
            }

            Assert.Throws <ArgumentNullException>(
                "signerHashAlgorithm",
                () => CertificateRequest.LoadSigningRequestPem(string.Empty, default(HashAlgorithmName)));

            Assert.Throws <ArgumentNullException>(
                "signerHashAlgorithm",
                () => CertificateRequest.LoadSigningRequestPem(
                    ReadOnlySpan <char> .Empty,
                    default(HashAlgorithmName)));
        }
        public static void LoadBigExponentRequest_Bytes(CertificateRequestLoadOptions options)
        {
            CertificateRequest req = CertificateRequest.LoadSigningRequest(
                TestData.BigExponentPkcs10Bytes,
                HashAlgorithmName.SHA384,
                options);

            Assert.Equal(HashAlgorithmName.SHA384, req.HashAlgorithm);
            VerifyBigExponentRequest(req, options);
        }
        public static void HashAlgorithmLaxInLoad()
        {
            HashAlgorithmName hashAlgorithm = new HashAlgorithmName("I promise to be a hash algorithm");

            CertificateRequest req = CertificateRequest.LoadSigningRequest(
                TestData.BigExponentPkcs10Bytes,
                hashAlgorithm);

            Assert.Equal(hashAlgorithm, req.HashAlgorithm);
        }
        public static void LoadBigExponentRequest_Bytes_Oversized(CertificateRequestLoadOptions options)
        {
            byte[] pkcs10 = TestData.BigExponentPkcs10Bytes;
            Array.Resize(ref pkcs10, pkcs10.Length + 1);

            Assert.Throws <CryptographicException>(
                () => CertificateRequest.LoadSigningRequest(
                    pkcs10,
                    HashAlgorithmName.SHA384,
                    options));
        }
        public static void LoadBigExponentRequest_Span(CertificateRequestLoadOptions options, bool oversized)
        {
            byte[] pkcs10 = TestData.BigExponentPkcs10Bytes;

            if (oversized)
            {
                Array.Resize(ref pkcs10, pkcs10.Length + 22);
            }

            CertificateRequest req = CertificateRequest.LoadSigningRequest(
                new ReadOnlySpan <byte>(pkcs10),
                HashAlgorithmName.SHA256,
                out int bytesConsumed,
                options);

            Assert.Equal(TestData.BigExponentPkcs10Bytes.Length, bytesConsumed);
            Assert.Equal(HashAlgorithmName.SHA256, req.HashAlgorithm);
            VerifyBigExponentRequest(req, options);
        }
        public static void LoadWithUnknownOptions(int optionsValue)
        {
            CertificateRequestLoadOptions options       = (CertificateRequestLoadOptions)optionsValue;
            HashAlgorithmName             hashAlgorithm = HashAlgorithmName.SHA256;
            ArgumentOutOfRangeException   ex;

            ex = Assert.Throws <ArgumentOutOfRangeException>(
                "options",
                () => CertificateRequest.LoadSigningRequest(Array.Empty <byte>(), hashAlgorithm, options));

            Assert.Equal(options, ex.ActualValue);

            {
                int consumed = -1;

                ex = Assert.Throws <ArgumentOutOfRangeException>(
                    "options",
                    () => CertificateRequest.LoadSigningRequest(
                        ReadOnlySpan <byte> .Empty,
                        hashAlgorithm,
                        out consumed,
                        options));

                Assert.Equal(-1, consumed);
                Assert.Equal(options, ex.ActualValue);
            }

            ex = Assert.Throws <ArgumentOutOfRangeException>(
                "options",
                () => CertificateRequest.LoadSigningRequestPem(string.Empty, hashAlgorithm, options));

            Assert.Equal(options, ex.ActualValue);

            ex = Assert.Throws <ArgumentOutOfRangeException>(
                "options",
                () => CertificateRequest.LoadSigningRequestPem(
                    ReadOnlySpan <char> .Empty,
                    hashAlgorithm,
                    options));

            Assert.Equal(options, ex.ActualValue);
        }
 public static void LoadNullArray()
 {
     Assert.Throws <ArgumentNullException>(
         "pkcs10",
         () => CertificateRequest.LoadSigningRequest((byte[])null, HashAlgorithmName.SHA256));
 }