public void SignWithUnsupportedKey()
{
AsymmetricAlgorithm key = ECDiffieHellman.Create();
// Header still says that a supported combination of key-algorithm will be used.
Assert.Throws <CryptographicException>(() => CoseSign1Message.Sign(GetDummyContent(ContentTestCase.Small), key, DefaultHash, GetHeaderMapWithAlgorithm(), GetEmptyHeaderMap()));
}
public void SignWithNullKey()
{
byte[] content = GetDummyContent(ContentTestCase.Small);
Assert.Throws <ArgumentNullException>(() => CoseSign1Message.Sign(content, (ECDsa)null !, HashAlgorithmName.SHA256));
Assert.Throws <ArgumentNullException>(() => CoseSign1Message.Sign(content, (RSA)null !, HashAlgorithmName.SHA256));
Assert.Throws <ArgumentNullException>(() => CoseSign1Message.Sign(content, (AsymmetricAlgorithm)null !, GetHashAlgorithmNameFromCoseAlgorithm((int)ECDsaAlgorithm.ES256)));
}
public void SignWithUnsupportedHashAlgorithm(string hashAlgorithm)
{
byte[] content = GetDummyContent(ContentTestCase.Small);
Assert.Throws <CryptographicException>(() => CoseSign1Message.Sign(GetDummyContent(ContentTestCase.Small), DefaultKey, new HashAlgorithmName(hashAlgorithm)));
Assert.Throws <CryptographicException>(() => CoseSign1Message.Sign(GetDummyContent(ContentTestCase.Small), RSAKey, new HashAlgorithmName(hashAlgorithm)));
Assert.Throws <CryptographicException>(() => CoseSign1Message.Sign(GetDummyContent(ContentTestCase.Small), DefaultKey, DefaultHash, GetHeaderMapWithAlgorithm(-47 /*ES256K*/), GetEmptyHeaderMap()));
}
internal override byte[] Sign(
byte[] content,
AsymmetricAlgorithm key,
HashAlgorithmName hashAlgorithm,
CoseHeaderMap?protectedHeaders = null,
CoseHeaderMap?unprotectedHeaders = null,
bool isDetached = false)
=> CoseSign1Message.Sign(content, key, hashAlgorithm, protectedHeaders, unprotectedHeaders, isDetached);
public void SignVerifyRSA(RSAAlgorithm algorithm)
{
HashAlgorithmName hashAlgorithm = GetHashAlgorithmNameFromCoseAlgorithm((int)algorithm);
byte[] coseMessageBytes = CoseSign1Message.Sign(s_sampleContent, RSAKey, hashAlgorithm);
CoseSign1Message msg = CoseMessage.DecodeSign1(coseMessageBytes);
Assert.True(msg.Verify(RSAKey));
}
public void SignWithIsDetached(bool isDetached)
{
byte[] content = GetDummyContent(ContentTestCase.Small);
byte[] messageEncoded = CoseSign1Message.Sign(content, DefaultKey, DefaultHash, isDetached);
VerifyContentDetached(messageEncoded, content, isDetached);
messageEncoded = CoseSign1Message.Sign(content, DefaultKey, DefaultHash, isDetached);
VerifyContentDetached(messageEncoded, content, isDetached);
public void SignWithIsDetached(bool isDetached)
{
ReadOnlySpan <byte> messageEncoded = CoseSign1Message.Sign(s_sampleContent, DefaultKey, DefaultHash, isDetached: isDetached);
AssertSign1Message(messageEncoded, s_sampleContent, DefaultKey, DefaultAlgorithm, expectedDetachedContent: isDetached);
messageEncoded = Sign(s_sampleContent, DefaultKey, DefaultHash, isDetached: isDetached);
AssertSign1Message(messageEncoded, s_sampleContent, DefaultKey, DefaultAlgorithm, expectedDetachedContent: isDetached);
}
public void SignVerifyECDsa(ECDsaAlgorithm algorithm)
{
ECDsa ecdsa = ECDsaKeys[algorithm];
HashAlgorithmName hashAlgorithm = GetHashAlgorithmNameFromCoseAlgorithm((int)algorithm);
byte[] coseMessageBytes = CoseSign1Message.Sign(s_sampleContent, ecdsa, hashAlgorithm);
CoseSign1Message msg = CoseMessage.DecodeSign1(coseMessageBytes);
Assert.True(msg.Verify(ecdsa));
}
public void VerifyWithUnreadableStream()
{
using Stream stream = GetTestStream(s_sampleContent);
byte[] encodedMsg = CoseSign1Message.Sign(stream, DefaultKey, DefaultHash);
CoseSign1Message msg = CoseMessage.DecodeSign1(encodedMsg);
using Stream unseekableStream = GetTestStream(s_sampleContent, StreamKind.Unreadable);
Assert.Throws <ArgumentException>("detachedContent", () => msg.Verify(DefaultKey, unseekableStream));
}
public void SignWithValidContent(ContentTestCase @case)
{
byte[] content = GetDummyContent(@case);
AssertSign1Message(CoseSign1Message.Sign(content, DefaultKey, DefaultHash), content, DefaultKey);
AssertSign1Message(CoseSign1Message.Sign(content, RSAKey, DefaultHash), content, RSAKey, GetExpectedProtectedHeaders((int)RSAAlgorithm.PS256));
AssertSign1Message(CoseSign1Message.Sign(content, GetHeaderMapWithAlgorithm(), GetEmptyHeaderMap(), DefaultKey, DefaultHash), content, DefaultKey);
}
internal override byte[] Sign(byte[] content, AsymmetricAlgorithm key, HashAlgorithmName hashAlgorithm, CoseHeaderMap?protectedHeaders = null, CoseHeaderMap?unprotectedHeaders = null, bool isDetached = false)
{
Assert.False(isDetached);
if (content == null)
{
return(CoseSign1Message.Sign(null !, key, hashAlgorithm, protectedHeaders, unprotectedHeaders));
}
using Stream stream = GetTestStream(content);
return(CoseSign1Message.Sign(stream, key, hashAlgorithm, protectedHeaders, unprotectedHeaders));
}
public void SignVerifyWithCustomHeaders(ECDsaAlgorithm algorithm)
{
var protectedHeaders = new CoseHeaderMap();
protectedHeaders.SetValue(CoseHeaderLabel.Algorithm, (int)algorithm);
CoseHeaderMap unprotectedHeaders = new CoseHeaderMap();
unprotectedHeaders.SetValue(CoseHeaderLabel.ContentType, ContentTypeDummyValue);
ECDsa key = ECDsaKeys[algorithm];
HashAlgorithmName hashAlgorithm = GetHashAlgorithmNameFromCoseAlgorithm((int)algorithm);
byte[] message = CoseSign1Message.Sign(s_sampleContent, key, hashAlgorithm, protectedHeaders, unprotectedHeaders);
Assert.True(CoseMessage.DecodeSign1(message).Verify(key));
}
public void SignWithNonPrivateKey(int algorithm)
{
byte[] content = GetDummyContent(ContentTestCase.Small);
HashAlgorithmName hashAlgorithm = GetHashAlgorithmNameFromCoseAlgorithm(algorithm);
AsymmetricAlgorithm key;
if (Enum.IsDefined(typeof(ECDsaAlgorithm), algorithm))
{
ECDsa ecdsa = ECDsaKeysWithoutPrivateKey[(ECDsaAlgorithm)algorithm];
Assert.ThrowsAny <CryptographicException>(() => CoseSign1Message.Sign(content, ecdsa, hashAlgorithm));
key = ecdsa;
}
else
{
Assert.ThrowsAny <CryptographicException>(() => CoseSign1Message.Sign(content, RSAKeyWithoutPrivateKey, hashAlgorithm));
key = RSAKeyWithoutPrivateKey;
}
Assert.ThrowsAny <CryptographicException>(() => CoseSign1Message.Sign(content, key, hashAlgorithm, GetHeaderMapWithAlgorithm(algorithm), GetEmptyHeaderMap()));
}
public void SignWithSupportedHashAlgorithm(int algorithm)
{
byte[] content = GetDummyContent(ContentTestCase.Small);
HashAlgorithmName hashAlgorithm = GetHashAlgorithmNameFromCoseAlgorithm(algorithm);
AsymmetricAlgorithm key;
List <(CoseHeaderLabel, ReadOnlyMemory <byte>)> expectedProtectedHeaders = GetExpectedProtectedHeaders(algorithm);
if (Enum.IsDefined(typeof(ECDsaAlgorithm), algorithm))
{
ECDsa ecdsa = ECDsaKeys[(ECDsaAlgorithm)algorithm];
key = ecdsa;
AssertSign1Message(CoseSign1Message.Sign(content, ecdsa, hashAlgorithm), content, key, expectedProtectedHeaders);
}
else
{
key = RSAKey;
AssertSign1Message(CoseSign1Message.Sign(content, RSAKey, hashAlgorithm), content, key, expectedProtectedHeaders);
}
AssertSign1Message(CoseSign1Message.Sign(content, key, hashAlgorithm, GetHeaderMapWithAlgorithm(algorithm), GetEmptyHeaderMap()), content, key, expectedProtectedHeaders);
}
public void SignWithUnreadableStream()
{
using Stream stream = GetTestStream(s_sampleContent, StreamKind.Unreadable);
Assert.Throws <ArgumentException>("detachedContent", () => CoseSign1Message.Sign(stream, DefaultKey, DefaultHash));
}