public void VerifyKnown_512() { byte[] signature = ( // r: "E21F20B0B5E553137F6649DDC58F5E4AB7D4E6DE" + // s: "C37534CC7D9630339936C581690E832BD85C6C79").HexToByteArray(); using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.Dsa512Parameters); Assert.True(VerifyData(dsa, DSATestData.HelloBytes, signature, HashAlgorithmName.SHA1)); } }
public void VerifyKnown_576() { byte[] signature = ( // r: "490AEFA5A4F28B35183BBA3BE2536514AB13A088" + // s: "3F883FE96524D4CC596F67B64A3382E794C8D65B").HexToByteArray(); using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.Dsa576Parameters); Assert.True(VerifyData(dsa, DSATestData.HelloBytes, signature, HashAlgorithmName.SHA1)); } }
public static DSA DecodeDSA(byte[] privateKey, DSAParameters dsaParameters) { ASN1 asn = new ASN1(privateKey); if (asn.Tag != 2) { throw new CryptographicException("invalid private key format"); } dsaParameters.X = PKCS8.PrivateKeyInfo.Normalize(asn.Value, 20); DSA dsa = DSA.Create(); dsa.ImportParameters(dsaParameters); return(dsa); }
public void PublicKey_CannotSign() { DSAParameters keyParameters = DSATestData.GetDSA1024Params(); keyParameters.X = null; using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(keyParameters); Assert.ThrowsAny <CryptographicException>( () => SignData(dsa, DSATestData.HelloBytes, HashAlgorithmName.SHA1)); } }
public void Complex() { KeyInfoName name = new KeyInfoName(); name.Value = "CoreFx::"; info.AddClause(name); using (DSA keyDSA = DSA.Create()) { keyDSA.ImportParameters(new DSAParameters { P = Convert.FromBase64String(dsaP), Q = Convert.FromBase64String(dsaQ), G = Convert.FromBase64String(dsaG), Y = Convert.FromBase64String(dsaY), }); DSAKeyValue dsa = new DSAKeyValue(keyDSA); info.AddClause(dsa); using (RSA keyRSA = RSA.Create()) { keyRSA.ImportParameters(new RSAParameters() { Modulus = Convert.FromBase64String(rsaModulus), Exponent = Convert.FromBase64String(rsaExponent) }); RSAKeyValue rsa = new RSAKeyValue(keyRSA); info.AddClause(rsa); KeyInfoRetrievalMethod retrieval = new KeyInfoRetrievalMethod(); retrieval.Uri = "https://github.com/dotnet/corefx"; info.AddClause(retrieval); using (X509Certificate x509 = new X509Certificate(cert)) { KeyInfoX509Data x509data = new KeyInfoX509Data(x509); info.AddClause(x509data); string s = "<KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><KeyName>CoreFx::</KeyName><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><DSAKeyValue><P>rjxsMU368YOCTQejWkiuO9e/vUVwkLtq1jKiU3TtJ53hBJqjFRuTa228vZe+BH2su9RPn/vYFWfQDv6zgBYe3eNdu4Afw+Ny0FatX6dl3E77Ra6Tsd3MmLXBiGSQ1mMNd5G2XQGpbt9zsGlUaexXekeMLxIufgfZLwYp67M+2WM=</P><Q>tf0K9rMyvUrU4cIkwbCrDRhQAJk=</Q><G>S8Z+1pGCed00w6DtVcqZLKjfqlCJ7JsugEFIgSy/Vxtu9YGCMclV4ijGEbPo/jU8YOSMuD7E9M7UaopMRcmKQjoKZzoJjkgVFP48Ohxl1f08lERnButsxanx3+OstFwUGQ8XNaGg3KrIoZt1FUnfxN3RHHTvVhjzNSHxMGULGaU=</G><Y>LnrxxRGLYeV2XLtK3SYz8RQHlHFZYrtznDZyMotuRfO5uC5YODhSFyLXvb1qB3WeGtF4h3Eo4KzHgMgfN2ZMlffxFRhJgTtH3ctbL8lfQoDkjeiPPnYGhspdJxr0tyZmiy0gkjJG3vwHYrLnvZWx9Wm/unqiOlGBPNuxJ+hOeP8=</Y></DSAKeyValue></KeyValue>"; s += "<KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><RSAKeyValue><Modulus>9DC4XNdQJwMRnz5pP2a6U51MHCODRilaIoVXqUPhCUb0lJdGroeqVYT84ZyIVrcarzD7Tqs3aEOIa3rKox0N1bxQpZPqayVQeLAkjLLtzJW/ScRJx3uEDJdgT1JnM1FH0GZTinmEdCUXdLc7+Y/c/qqIkTfbwHbRZjW0bBJyExM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue>"; s += "<RetrievalMethod URI=\"https://github.com/dotnet/corefx\" />"; s += "<X509Data xmlns=\"http://www.w3.org/2000/09/xmldsig#\">"; s += "<X509Certificate>MIICHTCCAYYCARQwDQYJKoZIhvcNAQEEBQAwWDELMAkGA1UEBhMCQ0ExHzAdBgNVBAMTFktleXdpdG5lc3MgQ2FuYWRhIEluYy4xKDAmBgorBgEEASoCCwIBExhrZXl3aXRuZXNzQGtleXdpdG5lc3MuY2EwHhcNOTYwNTA3MDAwMDAwWhcNOTkwNTA3MDAwMDAwWjBYMQswCQYDVQQGEwJDQTEfMB0GA1UEAxMWS2V5d2l0bmVzcyBDYW5hZGEgSW5jLjEoMCYGCisGAQQBKgILAgETGGtleXdpdG5lc3NAa2V5d2l0bmVzcy5jYTCBnTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEAzSP6KuHtmPTp0JM+13qAAkzMwQKvXLYff/pXQm8w0SDFtSEHQCyphsLzZISuPYUu7YW9VLAYKO9q+BvnCxYfkyVPx/iOw7nKmIQOVdAv73h3xXIoX2C/GSvRcqK32D/glzRaAb0EnMh4Rc2TjRXydhARq7hbLp5S3YE+nGTIKZMCAQMwDQYJKoZIhvcNAQEEBQADgYEAMho1ur9DJ9a01Lh25eObTWzAhsl3NbprFi0TRkqwMlOhW1rpmeIMhogXTg3+gqxOR+/7/zms7jXI+lI3CkmtWa3iiqkcxl8f+G9zfs2gMegMvvVN2bKrihK2MHhoEXwN8UlNo/2y6f8d8JH6VIX/M5Dowb+km6RiRr1hElmYQYk=</X509Certificate></X509Data></KeyInfo>"; AssertCrypto.AssertXmlEquals("Complex", s, (info.GetXml().OuterXml)); Assert.Equal(5, info.Count); } } } }
public static void VerifyKnownSignature() { // The parameters and signature come from FIPS 186-2 APPENDIX 5. EXAMPLE OF THE DSA using (DSA dsa = DSAFactory.Create()) { DSAParameters dsaParameters = new DSAParameters { P = ( "8df2a494492276aa3d25759bb06869cbeac0d83afb8d0cf7" + "cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac" + "49693dfbf83724c2ec0736ee31c80291").HexToByteArray(), Q = ("c773218c737ec8ee993b4f2ded30f48edace915f").HexToByteArray(), G = ( "626d027839ea0a13413163a55b4cb500299d5522956cefcb" + "3bff10f399ce2c2e71cb9de5fa24babf58e5b79521925c9c" + "c42e9f6f464b088cc572af53e6d78802").HexToByteArray(), X = ("2070b3223dba372fde1c0ffc7b2e3b498b260614").HexToByteArray(), Y = ( "19131871d75b1612a819f29d78d1b0d7346f7aa77bb62a85" + "9bfd6c5675da9d212d3a36ef1672ef660b8c7c255cc0ec74" + "858fba33f44c06699630a76b030ee333").HexToByteArray(), }; byte[] signature = ( // r "8bac1ab66410435cb7181f95b16ab97c92b341c0" + // s "41e2345f1f56df2458f426d155b4ba2db6dcd8c8" ).HexToByteArray(); byte[] data = Encoding.ASCII.GetBytes("abc"); dsa.ImportParameters(dsaParameters); Assert.True(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1)); // Negative case unchecked { --signature[signature.Length - 1]; } Assert.False(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1)); } }
public static void VerifySignature_SHA1() { using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.GetDSA1024Params()); var formatter = new DSASignatureFormatter(dsa); var deformatter = new DSASignatureDeformatter(dsa); using (SHA1 alg = SHA1.Create()) { VerifySignature(formatter, deformatter, alg, "SHA1"); VerifySignature(formatter, deformatter, alg, "sha1"); } } }
// DSA only encode it's X private key inside an ASN.1 INTEGER (Hint: Tag == 0x02) // which isn't enough for rebuilding the keypair. The other parameters // can be found (98% of the time) in the X.509 certificate associated // with the private key or (2% of the time) the parameters are in it's // issuer X.509 certificate (not supported in the .NET framework). static public DSA DecodeDSA(byte[] privateKey, DSAParameters dsaParameters) { ASN1 pvk = new ASN1(privateKey); if (pvk.Tag != 0x02) { throw new CryptographicException("invalid private key format"); } // X is ALWAYS 20 bytes (no matter if the key length is 512 or 1024 bits) dsaParameters.X = Normalize(pvk.Value, 20); DSA dsa = DSA.Create(); dsa.ImportParameters(dsaParameters); return(dsa); }
public static void ImportRoundTrip(bool includePrivate) { DSAParameters imported = DSATestData.GetDSA1024Params(); using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(imported); DSAParameters exported = dsa.ExportParameters(includePrivate); using (DSA dsa2 = DSAFactory.Create()) { dsa2.ImportParameters(exported); DSAParameters exported2 = dsa2.ExportParameters(includePrivate); AssertKeyEquals(in exported, in exported2); } } }
public static void VerifyKnownSignature() { using (DSA dsa = DSAFactory.Create()) { byte[] data; byte[] signature; DSAParameters dsaParameters; DSATestData.GetDSA1024_186_2(out dsaParameters, out signature, out data); dsa.ImportParameters(dsaParameters); Assert.True(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1)); // Negative case signature[signature.Length - 1] ^= 0xff; Assert.False(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1)); } }
static internal DSA DecodeDSA(byte[] rawPublicKey, byte[] rawParameters) { DSAParameters dsaParams = new DSAParameters(); try { // for DSA rawPublicKey contains 1 ASN.1 integer - Y ASN1 pubkey = new ASN1(rawPublicKey); if (pubkey.Tag != 0x02) { throw new CryptographicException(Locale.GetText("Missing DSA Y integer.")); } dsaParams.Y = GetUnsignedBigInteger(pubkey.Value); ASN1 param = new ASN1(rawParameters); if ((param == null) || (param.Tag != 0x30) || (param.Count < 3)) { throw new CryptographicException(Locale.GetText("Missing DSA parameters.")); } if ((param [0].Tag != 0x02) || (param [1].Tag != 0x02) || (param [2].Tag != 0x02)) { throw new CryptographicException(Locale.GetText("Invalid DSA parameters.")); } dsaParams.P = GetUnsignedBigInteger(param [0].Value); dsaParams.Q = GetUnsignedBigInteger(param [1].Value); dsaParams.G = GetUnsignedBigInteger(param [2].Value); } catch (Exception e) { string msg = Locale.GetText("Error decoding the ASN.1 structure."); throw new CryptographicException(msg, e); } #if MOONLIGHT DSA dsa = (DSA) new DSAManaged(dsaParams.Y.Length << 3); #else DSA dsa = (DSA) new DSACryptoServiceProvider(dsaParams.Y.Length << 3); #endif dsa.ImportParameters(dsaParams); return(dsa); }
private static AsymmetricAlgorithm DecodeDsaPublicKey(byte[] encodedKeyValue, byte[] encodedParameters) { DSAParameters dsaParameters = new DSAParameters(); DerSequenceReader parameterReader = new DerSequenceReader(encodedParameters); parameterReader.ReadSubjectPublicKeyInfo(encodedKeyValue, ref dsaParameters); DSA dsa = DSA.Create(); try { dsa.ImportParameters(dsaParameters); return(dsa); } catch (Exception) { dsa.Dispose(); throw; } }
public static void DecryptPkcs12WithBytes() { using (DSA key = DSAFactory.Create()) { key.ImportParameters(DSATestData.GetDSA1024Params()); string charBased = "hello"; byte[] byteBased = Encoding.UTF8.GetBytes(charBased); byte[] encrypted = key.ExportEncryptedPkcs8PrivateKey( charBased, new PbeParameters( PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA1, 123)); Assert.ThrowsAny <CryptographicException>( () => key.ImportEncryptedPkcs8PrivateKey(byteBased, encrypted, out _)); } }
public static void VerifyKnownSignature() { using (DSA dsa = DSAFactory.Create()) { byte[] data; byte[] signature; DSAParameters dsaParameters; DSATestData.GetDSA1024_186_2(out dsaParameters, out signature, out data); byte[] hash = SHA1.HashData(data); dsa.ImportParameters(dsaParameters); var deformatter = new DSASignatureDeformatter(dsa); deformatter.VerifySignature(hash, signature); // Negative case signature[signature.Length - 1] ^= 0xff; Assert.False(deformatter.VerifySignature(hash, signature)); } }
private void UseAfterDispose(bool importKey) { DSA key = importKey ? DSAFactory.Create(DSATestData.GetDSA1024Params()) : DSAFactory.Create(1024); byte[] data = { 1 }; byte[] sig; // Ensure the key is populated, then dispose it. using (key) { sig = SignData(key, data, HashAlgorithmName.SHA1); } key.Dispose(); UseAfterDispose(key, data, sig); Assert.Throws <ObjectDisposedException>(() => key.ImportParameters(DSATestData.GetDSA1024Params())); // Either set_KeySize or SignData should throw. Assert.Throws <ObjectDisposedException>( () => { try { key.KeySize = 576; } catch (CryptographicException) { // DSACryptoServiceProvider on Android only supports 1024 and does an early check for legal // key sizes, since it is more restrictive than the wrapped implementation. It will throw // CryptographicException. SignData should still throw ObjectDisposedException. if (!PlatformDetection.IsAndroid) { throw; } } SignData(key, data, HashAlgorithmName.SHA1); }); }
public void DSAKeyValue() { using (DSA key = DSA.Create()) { key.ImportParameters(new DSAParameters { P = Convert.FromBase64String(dsaP), Q = Convert.FromBase64String(dsaQ), G = Convert.FromBase64String(dsaG), Y = Convert.FromBase64String(dsaY), //J = Convert.FromBase64String(dsaJ), //Seed = Convert.FromBase64String(dsaSeed), //Counter = BitConverter.ToUInt16(Convert.FromBase64String(dsaPgenCounter), 0) }); DSAKeyValue dsa = new DSAKeyValue(key); info.AddClause(dsa); AssertCrypto.AssertXmlEquals("dsa", "<KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" + xmlDSA + "</KeyValue></KeyInfo>", (info.GetXml().OuterXml)); Assert.Equal(1, info.Count); } }
private static AsymmetricAlgorithm DecodeDsaPublicKey(byte[] encodedKeyValue, byte[] encodedParameters) { DSAKeyFormatHelper.ReadDsaPublicKey( encodedKeyValue, new AlgorithmIdentifierAsn { Parameters = encodedParameters }, out DSAParameters dsaParameters); DSA dsa = DSA.Create(); try { dsa.ImportParameters(dsaParameters); return(dsa); } catch (Exception) { dsa.Dispose(); throw; } }
public static void ExportAfterDispose(bool importKey) { DSA key = importKey ? DSAFactory.Create(DSATestData.GetDSA1024Params()) : DSAFactory.Create(1024); byte[] hash = new byte[20]; // Ensure that the key got created, and then Dispose it. using (key) { try { key.CreateSignature(hash); } catch (PlatformNotSupportedException) when(!SupportsKeyGeneration) { } } Assert.Throws <ObjectDisposedException>(() => key.ExportParameters(false)); Assert.Throws <ObjectDisposedException>(() => key.ExportParameters(true)); Assert.Throws <ObjectDisposedException>(() => key.ImportParameters(DSATestData.GetDSA1024Params())); }
public void Verify2048WithSha1() { byte[] data = { 1, 2, 3, 4 }; byte[] signature = ( "28DC05B452C8FC0E0BFE9DA067D11147D31B1F3C63E5CF95046A812417C64844868D04D3A1D23" + "13E5DD07DE757B3A836E70A1C85DDC90CB62DE2E44746C760F2").HexToByteArray(); using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.GetDSA2048Params()); Assert.True(VerifyData(dsa, data, signature, HashAlgorithmName.SHA1), "Untampered data verifies"); data[0] ^= 0xFF; Assert.False(VerifyData(dsa, data, signature, HashAlgorithmName.SHA1), "Tampered data verifies"); data[0] ^= 0xFF; signature[signature.Length - 1] ^= 0xFF; Assert.False(VerifyData(dsa, data, signature, HashAlgorithmName.SHA1), "Tampered signature verifies"); } }
public static void VerifyKnown_2048_SHA256() { byte[] signature = { 0x92, 0x06, 0x0B, 0x57, 0xF1, 0x35, 0x20, 0x28, 0xC6, 0x54, 0x4A, 0x0F, 0x08, 0x48, 0x5F, 0x5D, 0x55, 0xA8, 0x42, 0xFB, 0x05, 0xA7, 0x3E, 0x32, 0xCA, 0xC6, 0x91, 0x77, 0x70, 0x0A, 0x68, 0x44, 0x60, 0x63, 0xF7, 0xE7, 0x96, 0x54, 0x8F, 0x4A, 0x6D, 0x47, 0x10, 0xEE, 0x9A, 0x9F, 0xC2, 0xC8, 0xDD, 0x74, 0xAE, 0x1A, 0x68, 0xF3, 0xA9, 0xB8, 0x62, 0x14, 0x50, 0xA3, 0x01, 0x1D, 0x2A, 0x22, }; using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.GetDSA2048Params()); Assert.True(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA256)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA384)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA512)); } }
public static void VerifyKnown_2048_SHA512() { byte[] signature = { 0x6F, 0x44, 0x68, 0x1F, 0x74, 0xF7, 0x90, 0x2F, 0x38, 0x43, 0x9B, 0x00, 0x15, 0xDA, 0xF6, 0x8F, 0x97, 0xB4, 0x4A, 0x52, 0xF7, 0xC1, 0xEC, 0x21, 0xE2, 0x44, 0x48, 0x71, 0x0F, 0xEC, 0x5E, 0xB3, 0xA1, 0xCB, 0xE4, 0x42, 0xC8, 0x1E, 0xCD, 0x3C, 0xA8, 0x15, 0x51, 0xDE, 0x0C, 0xCC, 0xAE, 0x4D, 0xEB, 0x2A, 0xE9, 0x13, 0xBB, 0x7F, 0x3C, 0xFB, 0x69, 0x8A, 0x8E, 0x0F, 0x80, 0x87, 0x2E, 0xA6, }; using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.GetDSA2048Params()); Assert.True(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA512)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA256)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA384)); } }
public static void VerifyKnown_2048_SHA384() { byte[] signature = { 0x56, 0xBA, 0x70, 0x48, 0x18, 0xBA, 0xE3, 0x43, 0xF0, 0x7F, 0x25, 0xFE, 0xEA, 0xF1, 0xDB, 0x49, 0x37, 0x15, 0xD3, 0xD0, 0x5B, 0x9D, 0x57, 0x19, 0x73, 0x44, 0xDA, 0x70, 0x8D, 0x44, 0x7D, 0xBA, 0x83, 0xDB, 0x8E, 0x8F, 0x39, 0x0F, 0x83, 0xD5, 0x0B, 0x73, 0x81, 0x77, 0x3D, 0x9B, 0x8D, 0xA4, 0xAD, 0x94, 0x3C, 0xAB, 0x7A, 0x6C, 0x81, 0x48, 0x2F, 0xCF, 0x50, 0xE3, 0x34, 0x0B, 0xEC, 0xF0, }; using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.GetDSA2048Params()); Assert.True(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA384)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA256)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA512)); } }
/// <summary>準備</summary> private void Prepare() { AsymmetricAlgorithm aa = null; if (this.X509Certificate.PrivateKey == null) { // *.cer aa = this.GetPublicKey(); } else { // *.pfx aa = this.GetPrivateKey(); // *.pfxの場合、ExportParameters(true)して生成し直す必要がある。 if (aa is RSA) { // RSA RSA rsa = (RSA)AsymmetricAlgorithmCmnFunc.CreateSameKeySizeSP(aa); rsa.ImportParameters(((RSA)(aa)).ExportParameters(true)); aa = rsa; } else if (aa is DSA) { // DSA DSA dsa = (DSA)AsymmetricAlgorithmCmnFunc.CreateSameKeySizeSP(aa); dsa.ImportParameters(((DSA)(aa)).ExportParameters(true)); aa = dsa; } else { throw new NotImplementedException(PublicExceptionMessage.NOT_IMPLEMENTED); } } // AsymmetricAlgorithmを設定 this.AsymmetricAlgorithm = aa; }
public static void NoFuzzyEncryptedPkcs8() { using (DSA key = DSAFactory.Create()) { key.ImportParameters(DSATestData.GetDSA1024Params()); int bytesRead = -1; byte[] spki = key.ExportSubjectPublicKeyInfo(); byte[] empty = Array.Empty <byte>(); Assert.ThrowsAny <CryptographicException>( () => key.ImportEncryptedPkcs8PrivateKey(empty, spki, out bytesRead)); Assert.Equal(-1, bytesRead); byte[] pkcs8 = key.ExportPkcs8PrivateKey(); Assert.ThrowsAny <CryptographicException>( () => key.ImportEncryptedPkcs8PrivateKey(empty, pkcs8, out bytesRead)); Assert.Equal(-1, bytesRead); } }
public static void BadPbeParameters() { using (DSA key = DSAFactory.Create()) { key.ImportParameters(DSATestData.GetDSA1024Params()); Assert.ThrowsAny <ArgumentNullException>( () => key.ExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, null)); Assert.ThrowsAny <ArgumentNullException>( () => key.ExportEncryptedPkcs8PrivateKey( ReadOnlySpan <char> .Empty, null)); Assert.ThrowsAny <ArgumentNullException>( () => key.TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, null, Span <byte> .Empty, out _)); Assert.ThrowsAny <ArgumentNullException>( () => key.TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan <char> .Empty, null, Span <byte> .Empty, out _)); // PKCS12 requires SHA-1 Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA256, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA256, 72), Span <byte> .Empty, out _)); // PKCS12 requires SHA-1 Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.MD5, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.MD5, 72), Span <byte> .Empty, out _)); // PKCS12 requires a char-based password Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA1, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA1, 72), Span <byte> .Empty, out _)); // Unknown encryption algorithm Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(0, HashAlgorithmName.SHA1, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(0, HashAlgorithmName.SHA1, 72), Span <byte> .Empty, out _)); // Unknown encryption algorithm (negative enum value) Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters((PbeEncryptionAlgorithm)(-5), HashAlgorithmName.SHA1, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters((PbeEncryptionAlgorithm)(-5), HashAlgorithmName.SHA1, 72), Span <byte> .Empty, out _)); // Unknown encryption algorithm (overly-large enum value) Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters((PbeEncryptionAlgorithm)15, HashAlgorithmName.SHA1, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters((PbeEncryptionAlgorithm)15, HashAlgorithmName.SHA1, 72), Span <byte> .Empty, out _)); // Unknown hash algorithm Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(PbeEncryptionAlgorithm.Aes192Cbc, new HashAlgorithmName("Potato"), 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(PbeEncryptionAlgorithm.Aes192Cbc, new HashAlgorithmName("Potato"), 72), Span <byte> .Empty, out _)); } }
public void Verify_NullSignature() { dsa.ImportParameters(AllTests.GetKey(false)); def.SetKey(dsa); def.VerifySignature(hash, null); }
public static DSA FromCapiPrivateKeyBlobDSA(byte[] blob, int offset) { if (blob == null) { throw new ArgumentNullException("blob"); } if (offset >= blob.Length) { throw new ArgumentException("blob is too small."); } DSAParameters parameters = default(DSAParameters); try { if (blob[offset] != 7 || blob[offset + 1] != 2 || blob[offset + 2] != 0 || blob[offset + 3] != 0 || CryptoConvert.ToUInt32LE(blob, offset + 8) != 844321604u) { throw new CryptographicException("Invalid blob header"); } int num = CryptoConvert.ToInt32LE(blob, offset + 12); int num2 = num >> 3; int num3 = offset + 16; parameters.P = new byte[num2]; Buffer.BlockCopy(blob, num3, parameters.P, 0, num2); Array.Reverse(parameters.P); num3 += num2; parameters.Q = new byte[20]; Buffer.BlockCopy(blob, num3, parameters.Q, 0, 20); Array.Reverse(parameters.Q); num3 += 20; parameters.G = new byte[num2]; Buffer.BlockCopy(blob, num3, parameters.G, 0, num2); Array.Reverse(parameters.G); num3 += num2; parameters.X = new byte[20]; Buffer.BlockCopy(blob, num3, parameters.X, 0, 20); Array.Reverse(parameters.X); num3 += 20; parameters.Counter = CryptoConvert.ToInt32LE(blob, num3); num3 += 4; parameters.Seed = new byte[20]; Buffer.BlockCopy(blob, num3, parameters.Seed, 0, 20); Array.Reverse(parameters.Seed); num3 += 20; } catch (Exception inner) { throw new CryptographicException("Invalid blob.", inner); } DSA dsa = null; try { dsa = DSA.Create(); dsa.ImportParameters(parameters); } catch (CryptographicException ex) { try { dsa = new DSACryptoServiceProvider(new CspParameters { Flags = CspProviderFlags.UseMachineKeyStore }); dsa.ImportParameters(parameters); } catch { throw ex; } } return(dsa); }
static public DSA FromCapiPublicKeyBlobDSA(byte[] blob, int offset) { if (blob == null) { throw new ArgumentNullException("blob"); } if (offset >= blob.Length) { throw new ArgumentException("blob is too small."); } try { if ((blob [offset] != 0x06) || // PUBLICKEYBLOB (0x06) (blob [offset + 1] != 0x02) || // Version (0x02) (blob [offset + 2] != 0x00) || // Reserved (word) (blob [offset + 3] != 0x00) || (ToUInt32LE(blob, offset + 8) != 0x31535344)) // DWORD magic { throw new CryptographicException("Invalid blob header"); } int bitlen = ToInt32LE(blob, offset + 12); DSAParameters dsap = new DSAParameters(); int bytelen = bitlen >> 3; int pos = offset + 16; dsap.P = new byte [bytelen]; Buffer.BlockCopy(blob, pos, dsap.P, 0, bytelen); Array.Reverse(dsap.P); pos += bytelen; dsap.Q = new byte [20]; Buffer.BlockCopy(blob, pos, dsap.Q, 0, 20); Array.Reverse(dsap.Q); pos += 20; dsap.G = new byte [bytelen]; Buffer.BlockCopy(blob, pos, dsap.G, 0, bytelen); Array.Reverse(dsap.G); pos += bytelen; dsap.Y = new byte [bytelen]; Buffer.BlockCopy(blob, pos, dsap.Y, 0, bytelen); Array.Reverse(dsap.Y); pos += bytelen; dsap.Counter = ToInt32LE(blob, pos); pos += 4; dsap.Seed = new byte [20]; Buffer.BlockCopy(blob, pos, dsap.Seed, 0, 20); Array.Reverse(dsap.Seed); pos += 20; DSA dsa = (DSA)DSA.Create(); dsa.ImportParameters(dsap); return(dsa); } catch (Exception e) { throw new CryptographicException("Invalid blob.", e); } }
static public DSA FromCapiPrivateKeyBlobDSA(byte[] blob, int offset) { if (blob == null) { throw new ArgumentNullException("blob"); } if (offset >= blob.Length) { throw new ArgumentException("blob is too small."); } DSAParameters dsap = new DSAParameters(); try { if ((blob [offset] != 0x07) || // PRIVATEKEYBLOB (0x07) (blob [offset + 1] != 0x02) || // Version (0x02) (blob [offset + 2] != 0x00) || // Reserved (word) (blob [offset + 3] != 0x00) || (ToUInt32LE(blob, offset + 8) != 0x32535344)) // DWORD magic { throw new CryptographicException("Invalid blob header"); } int bitlen = ToInt32LE(blob, offset + 12); int bytelen = bitlen >> 3; int pos = offset + 16; dsap.P = new byte [bytelen]; Buffer.BlockCopy(blob, pos, dsap.P, 0, bytelen); Array.Reverse(dsap.P); pos += bytelen; dsap.Q = new byte [20]; Buffer.BlockCopy(blob, pos, dsap.Q, 0, 20); Array.Reverse(dsap.Q); pos += 20; dsap.G = new byte [bytelen]; Buffer.BlockCopy(blob, pos, dsap.G, 0, bytelen); Array.Reverse(dsap.G); pos += bytelen; dsap.X = new byte [20]; Buffer.BlockCopy(blob, pos, dsap.X, 0, 20); Array.Reverse(dsap.X); pos += 20; dsap.Counter = ToInt32LE(blob, pos); pos += 4; dsap.Seed = new byte [20]; Buffer.BlockCopy(blob, pos, dsap.Seed, 0, 20); Array.Reverse(dsap.Seed); pos += 20; } catch (Exception e) { throw new CryptographicException("Invalid blob.", e); } #if NET_2_1 DSA dsa = (DSA)DSA.Create(); dsa.ImportParameters(dsap); #else DSA dsa = null; try { dsa = (DSA)DSA.Create(); dsa.ImportParameters(dsap); } catch (CryptographicException ce) { // this may cause problem when this code is run under // the SYSTEM identity on Windows (e.g. ASP.NET). See // http://bugzilla.ximian.com/show_bug.cgi?id=77559 try { CspParameters csp = new CspParameters(); csp.Flags = CspProviderFlags.UseMachineKeyStore; dsa = new DSACryptoServiceProvider(csp); dsa.ImportParameters(dsap); } catch { // rethrow original, not the later, exception if this fails throw ce; } } #endif return(dsa); }
public override void ImportParameters(DSAParameters parameters) => _impl.ImportParameters(parameters);