public static void ImportFromEncryptedPem_Pkcs8_Encrypted_Char_Simple() { using (DSA dsa = DSAFactory.Create()) { string pem = @" -----BEGIN ENCRYPTED PRIVATE KEY----- MIIBIDBLBgkqhkiG9w0BBQ0wPjApBgkqhkiG9w0BBQwwHAQIkM/kCKe6rYsCAggA MAwGCCqGSIb3DQIJBQAwEQYFKw4DAgcECBOccveL65bDBIHQiCcCqwxJs93g1+16 7Gx1D5lL4/nZ94fRa+Hl4nGEX4gmjuxH6pOHKyywwflAyXNTfVhOCP9zBedwENx9 MGHbpaaShD6iJfoGMRX0frr0mMCtuOOZkkjBF9pSpkhaH0TDSq1PrVLxcM0/S4Vs +//2uPrP8U+CTW9W7CXCZw698BAuevZRuD0koT2Bn9ErhTiuVZZMcOjtLmN2oXHG dVYwfovccu8ktEAwk5XAOo0r+5CCw2lDDw/hbDeO87BToC5Cc5nu3F5LxAUj8Flc v8pi3w== -----END ENCRYPTED PRIVATE KEY-----"; dsa.ImportFromEncryptedPem(pem, (ReadOnlySpan <char>) "test"); DSAParameters dsaParameters = dsa.ExportParameters(true); DSAImportExport.AssertKeyEquals(DSATestData.Dsa512Parameters, dsaParameters); } }
public static void InvalidHashAlgorithm() { using (DSA dsa = DSAFactory.Create()) { var formatter = new DSASignatureFormatter(dsa); var deformatter = new DSASignatureDeformatter(dsa); // Unlike RSA, DSA will throw during SetHashAlgorithm Assert.Throws <CryptographicUnexpectedOperationException>(() => formatter.SetHashAlgorithm("INVALIDVALUE")); Assert.Throws <CryptographicUnexpectedOperationException>(() => deformatter.SetHashAlgorithm("INVALIDVALUE")); // Currently anything other than SHA1 fails Assert.Throws <CryptographicUnexpectedOperationException>(() => formatter.SetHashAlgorithm("SHA256")); Assert.Throws <CryptographicUnexpectedOperationException>(() => deformatter.SetHashAlgorithm("SHA256")); } }
public static void DecryptPkcs12WithBytes() { using (DSA key = DSAFactory.Create()) { key.ImportParameters(DSATestData.GetDSA1024Params()); string charBased = "hello"; byte[] byteBased = Encoding.UTF8.GetBytes(charBased); byte[] encrypted = key.ExportEncryptedPkcs8PrivateKey( charBased, new PbeParameters( PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA1, 123)); Assert.ThrowsAny <CryptographicException>( () => key.ImportEncryptedPkcs8PrivateKey(byteBased, encrypted, out _)); } }
public static void VerifyKnownSignature() { using (DSA dsa = DSAFactory.Create()) { byte[] data; byte[] signature; DSAParameters dsaParameters; DSATestData.GetDSA1024_186_2(out dsaParameters, out signature, out data); byte[] hash = SHA1.HashData(data); dsa.ImportParameters(dsaParameters); var deformatter = new DSASignatureDeformatter(dsa); deformatter.VerifySignature(hash, signature); // Negative case signature[signature.Length - 1] ^= 0xff; Assert.False(deformatter.VerifySignature(hash, signature)); } }
public static void ImportFromEncryptedPem_Pkcs8_Encrypted_Byte_Simple() { using (DSA dsa = DSAFactory.Create()) { string pem = @" -----BEGIN ENCRYPTED PRIVATE KEY----- MIIBLDBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIfcoipdEY/C4CAggA MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAECBBC9heEphj00fB89aP6chSOjBIHQ HF2RLrIw6654q2hjUdCG4PhhYNXlck0zD0mOuaVQHmnKIKArk/1DSpgSrYnKw6aE 2eujwNdySLLEwUj5l+X/IXwhOnPIZDJqUN7oMagUYJX28gnQmXyDvrt3r16utbpd ho0YNYGUDSgOs6RxBpw1rJUCnAlHNU09peCjEP+aZSrhsxlejN/GpVS4e0JTmMeo xTL6VO9mx52x6h5WDAQAisMVeMkBoxQUWLANXiw1zSfVbsmB7mDknsRcvD3tcgMs 7YLD7LQMiPAIjDlOP8XP/w== -----END ENCRYPTED PRIVATE KEY-----"; byte[] passwordBytes = Encoding.UTF8.GetBytes("test"); dsa.ImportFromEncryptedPem(pem, passwordBytes); DSAParameters dsaParameters = dsa.ExportParameters(true); DSAImportExport.AssertKeyEquals(DSATestData.Dsa512Parameters, dsaParameters); } }
public static void ImportFromPem_Pkcs8_PrecedingMalformedPem() { using (DSA dsa = DSAFactory.Create()) { string pem = @" -----BEGIN CERTIFICATE----- $$$ BAD PEM -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN IHRnQNgv4U4UY2NifZGSUULc3uOEvgoeBO1b9fRxSG9NmG1CoufflQIVAPq19iXV 1eFkMKHvYw6+M4l8wiT5AkAIRMSQ5S71jgWQLGNtZNHV6yxggqDU87/RzgeOh7Q6 fve77OGaTv4qbZwinTYAg86p9yHzmwW6+XBS3vxnpYorBBYCFC49eoTIW2Z4Xh9v 55aYKyKwy5i8 -----END PRIVATE KEY-----"; dsa.ImportFromPem(pem); DSAParameters dsaParameters = dsa.ExportParameters(true); DSAImportExport.AssertKeyEquals(DSATestData.Dsa512Parameters, dsaParameters); } }
public static void ExportAfterDispose(bool importKey) { DSA key = importKey ? DSAFactory.Create(DSATestData.GetDSA1024Params()) : DSAFactory.Create(1024); byte[] hash = new byte[20]; // Ensure that the key got created, and then Dispose it. using (key) { try { key.CreateSignature(hash); } catch (PlatformNotSupportedException) when(!SupportsKeyGeneration) { } } Assert.Throws <ObjectDisposedException>(() => key.ExportParameters(false)); Assert.Throws <ObjectDisposedException>(() => key.ExportParameters(true)); Assert.Throws <ObjectDisposedException>(() => key.ImportParameters(DSATestData.GetDSA1024Params())); }
public static void Verify2048WithSha1() { byte[] data = { 1, 2, 3, 4 }; byte[] signature = ( "28DC05B452C8FC0E0BFE9DA067D11147D31B1F3C63E5CF95046A812417C64844868D04D3A1D23" + "13E5DD07DE757B3A836E70A1C85DDC90CB62DE2E44746C760F2").HexToByteArray(); using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.GetDSA2048Params()); Assert.True(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1), "Untampered data verifies"); data[0] ^= 0xFF; Assert.False(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1), "Tampered data verifies"); data[0] ^= 0xFF; signature[signature.Length - 1] ^= 0xFF; Assert.False(dsa.VerifyData(data, signature, HashAlgorithmName.SHA1), "Tampered signature verifies"); } }
public static void VerifyKnown_2048_SHA256() { byte[] signature = { 0x92, 0x06, 0x0B, 0x57, 0xF1, 0x35, 0x20, 0x28, 0xC6, 0x54, 0x4A, 0x0F, 0x08, 0x48, 0x5F, 0x5D, 0x55, 0xA8, 0x42, 0xFB, 0x05, 0xA7, 0x3E, 0x32, 0xCA, 0xC6, 0x91, 0x77, 0x70, 0x0A, 0x68, 0x44, 0x60, 0x63, 0xF7, 0xE7, 0x96, 0x54, 0x8F, 0x4A, 0x6D, 0x47, 0x10, 0xEE, 0x9A, 0x9F, 0xC2, 0xC8, 0xDD, 0x74, 0xAE, 0x1A, 0x68, 0xF3, 0xA9, 0xB8, 0x62, 0x14, 0x50, 0xA3, 0x01, 0x1D, 0x2A, 0x22, }; using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.GetDSA2048Params()); Assert.True(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA256)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA384)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA512)); } }
public static void VerifyKnown_2048_SHA512() { byte[] signature = { 0x6F, 0x44, 0x68, 0x1F, 0x74, 0xF7, 0x90, 0x2F, 0x38, 0x43, 0x9B, 0x00, 0x15, 0xDA, 0xF6, 0x8F, 0x97, 0xB4, 0x4A, 0x52, 0xF7, 0xC1, 0xEC, 0x21, 0xE2, 0x44, 0x48, 0x71, 0x0F, 0xEC, 0x5E, 0xB3, 0xA1, 0xCB, 0xE4, 0x42, 0xC8, 0x1E, 0xCD, 0x3C, 0xA8, 0x15, 0x51, 0xDE, 0x0C, 0xCC, 0xAE, 0x4D, 0xEB, 0x2A, 0xE9, 0x13, 0xBB, 0x7F, 0x3C, 0xFB, 0x69, 0x8A, 0x8E, 0x0F, 0x80, 0x87, 0x2E, 0xA6, }; using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.GetDSA2048Params()); Assert.True(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA512)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA256)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA384)); } }
public static void VerifyKnown_2048_SHA384() { byte[] signature = { 0x56, 0xBA, 0x70, 0x48, 0x18, 0xBA, 0xE3, 0x43, 0xF0, 0x7F, 0x25, 0xFE, 0xEA, 0xF1, 0xDB, 0x49, 0x37, 0x15, 0xD3, 0xD0, 0x5B, 0x9D, 0x57, 0x19, 0x73, 0x44, 0xDA, 0x70, 0x8D, 0x44, 0x7D, 0xBA, 0x83, 0xDB, 0x8E, 0x8F, 0x39, 0x0F, 0x83, 0xD5, 0x0B, 0x73, 0x81, 0x77, 0x3D, 0x9B, 0x8D, 0xA4, 0xAD, 0x94, 0x3C, 0xAB, 0x7A, 0x6C, 0x81, 0x48, 0x2F, 0xCF, 0x50, 0xE3, 0x34, 0x0B, 0xEC, 0xF0, }; using (DSA dsa = DSAFactory.Create()) { dsa.ImportParameters(DSATestData.GetDSA2048Params()); Assert.True(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA384)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA256)); Assert.False(dsa.VerifyData(DSATestData.HelloBytes, signature, HashAlgorithmName.SHA512)); } }
public static void NoFuzzyEncryptedPkcs8() { using (DSA key = DSAFactory.Create()) { key.ImportParameters(DSATestData.GetDSA1024Params()); int bytesRead = -1; byte[] spki = key.ExportSubjectPublicKeyInfo(); byte[] empty = Array.Empty <byte>(); Assert.ThrowsAny <CryptographicException>( () => key.ImportEncryptedPkcs8PrivateKey(empty, spki, out bytesRead)); Assert.Equal(-1, bytesRead); byte[] pkcs8 = key.ExportPkcs8PrivateKey(); Assert.ThrowsAny <CryptographicException>( () => key.ImportEncryptedPkcs8PrivateKey(empty, pkcs8, out bytesRead)); Assert.Equal(-1, bytesRead); } }
private static KeyDescription CreateKey(int keySize) { DSA dsa = DSAFactory.Create(keySize); int fieldSize; if (keySize <= 1024) { fieldSize = 160; } else if (keySize == 3072) { fieldSize = 256; } else { fieldSize = dsa.ExportParameters(false).Q.Length * 8; } return(new KeyDescription( dsa, $"{keySize}-bit random key", fieldSize)); }
public static void ImportFromPem_Pkcs8UnEncrypted_IgnoresUnrelatedAlgorithm() { using (DSA dsa = DSAFactory.Create()) { string pem = @" -----BEGIN EC PRIVATE KEY----- MHcCAQEEIHChLC2xaEXtVv9oz8IaRys/BNfWhRv2NJ8tfVs0UrOKoAoGCCqGSM49 AwEHoUQDQgAEgQHs5HRkpurXDPaabivT2IaRoyYtIsuk92Ner/JmgKjYoSumHVmS NfZ9nLTVjxeD08pD548KWrqmJAeZNsDDqQ== -----END EC PRIVATE KEY----- -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN IHRnQNgv4U4UY2NifZGSUULc3uOEvgoeBO1b9fRxSG9NmG1CoufflQIVAPq19iXV 1eFkMKHvYw6+M4l8wiT5AkAIRMSQ5S71jgWQLGNtZNHV6yxggqDU87/RzgeOh7Q6 fve77OGaTv4qbZwinTYAg86p9yHzmwW6+XBS3vxnpYorBBYCFC49eoTIW2Z4Xh9v 55aYKyKwy5i8 -----END PRIVATE KEY-----"; dsa.ImportFromPem(pem); DSAParameters dsaParameters = dsa.ExportParameters(true); DSAImportExport.AssertKeyEquals(DSATestData.Dsa512Parameters, dsaParameters); } }
public static void ImportFromPem_Pkcs8_AmbiguousKey_Pkcs8() { using (DSA dsa = DSAFactory.Create()) { string pem = @" -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN IHRnQNgv4U4UY2NifZGSUULc3uOEvgoeBO1b9fRxSG9NmG1CoufflQIVAPq19iXV 1eFkMKHvYw6+M4l8wiT5AkAIRMSQ5S71jgWQLGNtZNHV6yxggqDU87/RzgeOh7Q6 fve77OGaTv4qbZwinTYAg86p9yHzmwW6+XBS3vxnpYorBBYCFC49eoTIW2Z4Xh9v 55aYKyKwy5i8 -----END PRIVATE KEY----- -----BEGIN PRIVATE KEY----- MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA1qi38cr3ppZNB2Y/xpHSL2q81Vw3rvWN IHRnQNgv4U4UY2NifZGSUULc3uOEvgoeBO1b9fRxSG9NmG1CoufflQIVAPq19iXV 1eFkMKHvYw6+M4l8wiT5AkAIRMSQ5S71jgWQLGNtZNHV6yxggqDU87/RzgeOh7Q6 fve77OGaTv4qbZwinTYAg86p9yHzmwW6+XBS3vxnpYorBBYCFC49eoTIW2Z4Xh9v 55aYKyKwy5i8 -----END PRIVATE KEY-----"; ArgumentException ae = AssertExtensions.Throws <ArgumentException>("input", () => dsa.ImportFromPem(pem)); Assert.Contains(AmbiguousExceptionMarker, ae.Message); } }
public static void FromXml_CounterOverflow_Succeeds() { // The counter value should be 105 (0x69). // This payload says 0x01_00000069 (4294967401). // Since we only end up looking at the last 4 bytes, this is /a/ right answer. // This key comes from FIPS-186-2, Appendix 5, Example of the DSA. // The version in DSATestData does not have the seed or counter supplied. using (DSA dsa = DSAFactory.Create()) { dsa.FromXmlString(@" <DSAKeyValue> <P> jfKklEkidqo9JXWbsGhpy+rA2Dr7jQz3y7gyTw14guXQdi/FtyEOr8Lprawyq3qs SWk9+/g3JMLsBzbuMcgCkQ== </P> <Q>x3MhjHN+yO6ZO08t7TD0jtrOkV8=</Q> <G> Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc xC6fb0ZLCIzFcq9T5teIAg== </G> <Y> GRMYcddbFhKoGfKdeNGw1zRveqd7tiqFm/1sVnXanSEtOjbvFnLvZguMfCVcwOx0 hY+6M/RMBmmWMKdrAw7jMw== </Y> <J>AgRO2deYCHK5/u5+ElWfz2J6fdI2PN/mnjBxceE11r5zt7x/DVqcoWAp2+dr</J> <Seed>1QFOS2DvK6i2IRtAYroyJOBCfdM=</Seed> <PgenCounter>AQAAAGk=</PgenCounter> <X>IHCzIj26Ny/eHA/8ey47SYsmBhQ=</X> </DSAKeyValue>"); DSATestData.GetDSA1024_186_2(out DSAParameters expected, out _, out _); DSAImportExport.AssertKeyEquals(expected, dsa.ExportParameters(true)); } }
public static void BadPbeParameters() { using (DSA key = DSAFactory.Create()) { key.ImportParameters(DSATestData.GetDSA1024Params()); Assert.ThrowsAny <ArgumentNullException>( () => key.ExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, null)); Assert.ThrowsAny <ArgumentNullException>( () => key.ExportEncryptedPkcs8PrivateKey( ReadOnlySpan <char> .Empty, null)); Assert.ThrowsAny <ArgumentNullException>( () => key.TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, null, Span <byte> .Empty, out _)); Assert.ThrowsAny <ArgumentNullException>( () => key.TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan <char> .Empty, null, Span <byte> .Empty, out _)); // PKCS12 requires SHA-1 Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA256, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA256, 72), Span <byte> .Empty, out _)); // PKCS12 requires SHA-1 Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.MD5, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( ReadOnlySpan <byte> .Empty, new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.MD5, 72), Span <byte> .Empty, out _)); // PKCS12 requires a char-based password Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA1, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA1, 72), Span <byte> .Empty, out _)); // Unknown encryption algorithm Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(0, HashAlgorithmName.SHA1, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(0, HashAlgorithmName.SHA1, 72), Span <byte> .Empty, out _)); // Unknown encryption algorithm (negative enum value) Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters((PbeEncryptionAlgorithm)(-5), HashAlgorithmName.SHA1, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters((PbeEncryptionAlgorithm)(-5), HashAlgorithmName.SHA1, 72), Span <byte> .Empty, out _)); // Unknown encryption algorithm (overly-large enum value) Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters((PbeEncryptionAlgorithm)15, HashAlgorithmName.SHA1, 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters((PbeEncryptionAlgorithm)15, HashAlgorithmName.SHA1, 72), Span <byte> .Empty, out _)); // Unknown hash algorithm Assert.ThrowsAny <CryptographicException>( () => key.ExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(PbeEncryptionAlgorithm.Aes192Cbc, new HashAlgorithmName("Potato"), 72))); Assert.ThrowsAny <CryptographicException>( () => key.TryExportEncryptedPkcs8PrivateKey( new byte[3], new PbeParameters(PbeEncryptionAlgorithm.Aes192Cbc, new HashAlgorithmName("Potato"), 72), Span <byte> .Empty, out _)); } }
private static void UseAfterDispose(bool importKey) { DSA key = importKey ? DSAFactory.Create(DSATestData.GetDSA1024Params()) : DSAFactory.Create(1024); byte[] pkcs8Private; byte[] pkcs8EncryptedPrivate; byte[] subjectPublicKeyInfo; string pwStr = "Hello"; // Because the PBE algorithm uses PBES2 the string->byte encoding is UTF-8. byte[] pwBytes = Encoding.UTF8.GetBytes(pwStr); PbeParameters pbeParameters = new PbeParameters( PbeEncryptionAlgorithm.Aes192Cbc, HashAlgorithmName.SHA256, 3072); // Ensure the key was loaded, then dispose it. // Also ensures all of the inputs are valid for the disposed tests. using (key) { pkcs8Private = key.ExportPkcs8PrivateKey(); pkcs8EncryptedPrivate = key.ExportEncryptedPkcs8PrivateKey(pwStr, pbeParameters); subjectPublicKeyInfo = key.ExportSubjectPublicKeyInfo(); } Assert.Throws <ObjectDisposedException>(() => key.ImportPkcs8PrivateKey(pkcs8Private, out _)); Assert.Throws <ObjectDisposedException>(() => key.ImportEncryptedPkcs8PrivateKey(pwStr, pkcs8EncryptedPrivate, out _)); Assert.Throws <ObjectDisposedException>(() => key.ImportEncryptedPkcs8PrivateKey(pwBytes, pkcs8EncryptedPrivate, out _)); Assert.Throws <ObjectDisposedException>(() => key.ImportSubjectPublicKeyInfo(subjectPublicKeyInfo, out _)); Assert.Throws <ObjectDisposedException>(() => key.ExportPkcs8PrivateKey()); Assert.Throws <ObjectDisposedException>(() => key.TryExportPkcs8PrivateKey(pkcs8Private, out _)); Assert.Throws <ObjectDisposedException>(() => key.ExportEncryptedPkcs8PrivateKey(pwStr, pbeParameters)); Assert.Throws <ObjectDisposedException>(() => key.TryExportEncryptedPkcs8PrivateKey(pwStr, pbeParameters, pkcs8EncryptedPrivate, out _)); Assert.Throws <ObjectDisposedException>(() => key.ExportEncryptedPkcs8PrivateKey(pwBytes, pbeParameters)); Assert.Throws <ObjectDisposedException>(() => key.TryExportEncryptedPkcs8PrivateKey(pwBytes, pbeParameters, pkcs8EncryptedPrivate, out _)); Assert.Throws <ObjectDisposedException>(() => key.ExportSubjectPublicKeyInfo()); Assert.Throws <ObjectDisposedException>(() => key.TryExportSubjectPublicKeyInfo(subjectPublicKeyInfo, out _)); // Check encrypted import with the wrong password. // It shouldn't do enough work to realize it was wrong. pwBytes = Array.Empty <byte>(); Assert.Throws <ObjectDisposedException>(() => key.ImportEncryptedPkcs8PrivateKey("", pkcs8EncryptedPrivate, out _)); Assert.Throws <ObjectDisposedException>(() => key.ImportEncryptedPkcs8PrivateKey(pwBytes, pkcs8EncryptedPrivate, out _)); }