public void TestChangeFromNamedCurveToKeySize(CurveDef curveDef) { if (!curveDef.Curve.IsNamed) { return; } using (ECDsa ec = ECDsaFactory.Create(curveDef.Curve)) { ECParameters param = ec.ExportParameters(false); // Avoid comparing against same key as in curveDef if (ec.KeySize != 384 && ec.KeySize != 521) { ec.KeySize = 384; ECParameters param384 = ec.ExportParameters(false); Assert.NotEqual(param.Curve.Oid.FriendlyName, param384.Curve.Oid.FriendlyName); Assert.Equal(384, ec.KeySize); ec.KeySize = 521; ECParameters param521 = ec.ExportParameters(false); Assert.NotEqual(param384.Curve.Oid.FriendlyName, param521.Curve.Oid.FriendlyName); Assert.Equal(521, ec.KeySize); } } }
private static void VerifyExplicitCurve(ECParameters parameters, ECDsa ec, CurveDef curveDef) { Assert.True(parameters.Curve.IsExplicit); ECCurve curve = parameters.Curve; Assert.True(curveDef.IsCurveTypeEqual(curve.CurveType)); Assert.True( curveDef.IncludePrivate && parameters.D.Length > 0 || !curveDef.IncludePrivate && parameters.D == null); Assert.Equal(curveDef.KeySize, ec.KeySize); Assert.Equal(curve.A.Length, parameters.Q.X.Length); Assert.Equal(curve.A.Length, parameters.Q.Y.Length); Assert.Equal(curve.A.Length, curve.B.Length); Assert.Equal(curve.A.Length, curve.G.X.Length); Assert.Equal(curve.A.Length, curve.G.Y.Length); Assert.True(curve.Seed == null || curve.Seed.Length > 0); Assert.True(curve.Order == null || curve.Order.Length > 0); if (curve.IsPrime) { Assert.Equal(curve.A.Length, curve.Prime.Length); } if (curveDef.IncludePrivate) { ec.Exercise(); } // Ensure the key doesn't get regenerated after export ECParameters paramSecondExport = ec.ExportExplicitParameters(curveDef.IncludePrivate); AssertEqual(parameters, paramSecondExport); }
public static void TestNamedCurvesNegative(CurveDef curveDef) { if (!curveDef.Curve.IsNamed) { return; } // An exception may be thrown during Create() if the Oid is bad, or later during native calls Assert.Throws <PlatformNotSupportedException>(() => ECDsaFactory.Create(curveDef.Curve).ExportParameters(false)); }
public static void TestExplicitCurves(CurveDef curveDef) { using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve)) { ECParameters param1 = ec1.ExportExplicitParameters(curveDef.IncludePrivate); VerifyExplicitCurve(param1, ec1, curveDef); using (ECDsa ec2 = ECDsaFactory.Create()) { ec2.ImportParameters(param1); ECParameters param2 = ec2.ExportExplicitParameters(curveDef.IncludePrivate); VerifyExplicitCurve(param1, ec1, curveDef); AssertEqual(param1, param2); } } }
public static void TestExplicitCurves(CurveDef curveDef) { using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve)) { ECParameters param1 = ec1.ExportExplicitParameters(curveDef.IncludePrivate); VerifyExplicitCurve(param1, ec1, curveDef); using (ECDsa ec2 = ECDsaFactory.Create()) { ec2.ImportParameters(param1); ECParameters param2 = ec2.ExportExplicitParameters(curveDef.IncludePrivate); VerifyExplicitCurve(param1, ec1, curveDef); AssertEqual(param1, param2); } } }
public static void TestExplicitCurvesSignVerify(CurveDef curveDef) { using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve)) { byte[] data = new byte[0x10]; byte[] sig1 = ec1.SignData(data, 0, data.Length, HashAlgorithmName.SHA1); bool verified; verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1); Assert.True(verified); using (ECDsa ec2 = ECDsaFactory.Create()) { ec2.ImportParameters(ec1.ExportExplicitParameters(true)); Assert.Equal(ec1.KeySize, ec2.KeySize); byte[] sig2 = ec2.SignData(data, 0, data.Length, HashAlgorithmName.SHA1); verified = ec2.VerifyData(data, sig2, HashAlgorithmName.SHA1); Assert.True(verified); // Verify key is compatible other signature verified = ec2.VerifyData(data, sig1, HashAlgorithmName.SHA1); Assert.True(verified); verified = ec1.VerifyData(data, sig2, HashAlgorithmName.SHA1); Assert.True(verified); // Verify with no private key using (ECDsa ec3 = ECDsaFactory.Create()) { ec3.ImportParameters(ec2.ExportExplicitParameters(false)); Assert.Equal(ec2.KeySize, ec3.KeySize); verified = ec3.VerifyData(data, sig1, HashAlgorithmName.SHA1); Assert.True(verified); } } // Ensure negative result unchecked { sig1[sig1.Length - 1]++; } verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1); Assert.False(verified); } }
public static void TestExplicitCurvesSignVerify(CurveDef curveDef) { using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve)) { byte[] data = new byte[0x10]; byte[] sig1 = ec1.SignData(data, 0, data.Length, HashAlgorithmName.SHA1); bool verified; verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1); Assert.True(verified); using (ECDsa ec2 = ECDsaFactory.Create()) { ec2.ImportParameters(ec1.ExportExplicitParameters(true)); Assert.Equal(ec1.KeySize, ec2.KeySize); byte[] sig2 = ec2.SignData(data, 0, data.Length, HashAlgorithmName.SHA1); verified = ec2.VerifyData(data, sig2, HashAlgorithmName.SHA1); Assert.True(verified); // Verify key is compatible other signature verified = ec2.VerifyData(data, sig1, HashAlgorithmName.SHA1); Assert.True(verified); verified = ec1.VerifyData(data, sig2, HashAlgorithmName.SHA1); Assert.True(verified); // Verify with no private key using (ECDsa ec3 = ECDsaFactory.Create()) { ec3.ImportParameters(ec2.ExportExplicitParameters(false)); Assert.Equal(ec2.KeySize, ec3.KeySize); verified = ec3.VerifyData(data, sig1, HashAlgorithmName.SHA1); Assert.True(verified); } } // Ensure negative result unchecked { sig1[sig1.Length - 1]++; } verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1); Assert.False(verified); } }
public void TestRegenKeyNamed(CurveDef curveDef) { ECParameters param, param2; ECDsa ec; using (ec = ECDsaFactory.Create(curveDef.Curve)) { param = ec.ExportParameters(true); Assert.NotEqual(param.D, null); param.Validate(); ec.GenerateKey(param.Curve); param2 = ec.ExportParameters(true); param2.Validate(); // Only curve should match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); CompareCurve(param.Curve, param2.Curve); } }
public static void TestHashRoundTrip(CurveDef curveDef) { // This test is in the cng only tests because OpenSsl does not provide the hash algorithm using (var cng = new ECDsaCng(curveDef.Curve)) { ECParameters param = cng.ExportExplicitParameters(false); // Add some dummy values and import Assert.True(param.Curve.IsExplicit); var curve = param.Curve; curve.Hash = HashAlgorithmName.SHA1; curve.Seed = new byte[1] { 0xFF }; // Hash should have a seed param.Curve = curve; cng.ImportParameters(param); // Export to see if the hash is there ECParameters param2 = cng.ExportExplicitParameters(false); Assert.Equal(HashAlgorithmName.SHA1.Name.ToUpper(), param2.Curve.Hash.Value.Name.ToUpper()); Assert.Equal(0xFF, param2.Curve.Seed[0]); } }
public static void TestNamedCurves(CurveDef curveDef) { if (!curveDef.Curve.IsNamed) { return; } using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve)) { ECParameters param1 = ec1.ExportParameters(curveDef.IncludePrivate); VerifyNamedCurve(param1, ec1, curveDef.KeySize, curveDef.IncludePrivate); using (ECDsa ec2 = ECDsaFactory.Create()) { ec2.ImportParameters(param1); ECParameters param2 = ec2.ExportParameters(curveDef.IncludePrivate); VerifyNamedCurve(param2, ec2, curveDef.KeySize, curveDef.IncludePrivate); AssertEqual(param1, param2); } } }
public void TestRegenKeyExplicit(CurveDef curveDef) { ECParameters param, param2; ECDsa ec, newEc; using (ec = ECDsaFactory.Create(curveDef.Curve)) { param = ec.ExportExplicitParameters(true); Assert.NotEqual(null, param.D); using (newEc = ECDsaFactory.Create()) { newEc.ImportParameters(param); // The curve name is not flowed on explicit export\import (by design) so this excercises logic // that regenerates based on current curve values newEc.GenerateKey(param.Curve); param2 = newEc.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); CompareCurve(param.Curve, param2.Curve); // Specify same curve name newEc.GenerateKey(curveDef.Curve); Assert.Equal(curveDef.KeySize, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); CompareCurve(param.Curve, param2.Curve); // Specify different curve than current if (param.Curve.IsPrime) { if (curveDef.Curve.IsNamed && curveDef.Curve.Oid.FriendlyName != ECCurve.NamedCurves.nistP256.Oid.FriendlyName) { // Specify different curve (nistP256) by explicit value newEc.GenerateKey(ECCurve.NamedCurves.nistP256); Assert.Equal(256, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Keys should should not match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); // P,X,Y (and others) should not match Assert.True(param2.Curve.IsPrime); Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime); Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X); Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y); // Reset back to original newEc.GenerateKey(param.Curve); Assert.Equal(curveDef.KeySize, newEc.KeySize); ECParameters copyOfParam1 = newEc.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, copyOfParam1, false); ComparePublicKey(param.Q, copyOfParam1.Q, false); CompareCurve(param.Curve, copyOfParam1.Curve); // Set back to nistP256 newEc.GenerateKey(param2.Curve); Assert.Equal(256, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Keys should should not match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); // P,X,Y (and others) should not match Assert.True(param2.Curve.IsPrime); Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime); Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X); Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y); } } else if (param.Curve.IsCharacteristic2) { if (curveDef.Curve.Oid.Value != ECDSA_Sect193r1_OID_VALUE) { if (ECDsaFactory.IsCurveValid(new Oid(ECDSA_Sect193r1_OID_VALUE))) { // Specify different curve by name newEc.GenerateKey(ECCurve.CreateFromValue(ECDSA_Sect193r1_OID_VALUE)); Assert.Equal(193, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Keys should should not match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); // Polynomial,X,Y (and others) should not match Assert.True(param2.Curve.IsCharacteristic2); Assert.NotEqual(param.Curve.Polynomial, param2.Curve.Polynomial); Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X); Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y); } } } } } }
public static void TestNamedCurvesNegative(CurveDef curveDef) { // An exception may be thrown during Create() if the Oid is bad, or later during native calls Assert.Throws<PlatformNotSupportedException>(() => ECDsaFactory.Create(curveDef.Curve).ExportParameters(false)); }
private static void VerifyExplicitCurve(ECParameters parameters, ECDsa ec, CurveDef curveDef) { Assert.True(parameters.Curve.IsExplicit); ECCurve curve = parameters.Curve; Assert.True(curveDef.IsCurveTypeEqual(curve.CurveType)); Assert.True( curveDef.IncludePrivate && parameters.D.Length > 0 || !curveDef.IncludePrivate && parameters.D == null); Assert.Equal(curveDef.KeySize, ec.KeySize); Assert.Equal(curve.A.Length, parameters.Q.X.Length); Assert.Equal(curve.A.Length, parameters.Q.Y.Length); Assert.Equal(curve.A.Length, curve.B.Length); Assert.Equal(curve.A.Length, curve.G.X.Length); Assert.Equal(curve.A.Length, curve.G.Y.Length); Assert.True(curve.Seed == null || curve.Seed.Length > 0); Assert.True(curve.Order == null || curve.Order.Length > 0); if (curve.IsPrime) { Assert.Equal(curve.A.Length,curve.Prime.Length); } if (curveDef.IncludePrivate) ec.Exercise(); // Ensure the key doesn't get regenerated after export ECParameters paramSecondExport = ec.ExportExplicitParameters(curveDef.IncludePrivate); AssertEqual(parameters, paramSecondExport); }
public static void TestCreateKeyFromCngAlgorithmNegative(CurveDef curveDef) { CngAlgorithm alg = CngAlgorithm.ECDsa; Assert.ThrowsAny<Exception>(() => CngKey.Create(alg)); }
public static void TestKeyPropertyFromNamedCurve(CurveDef curveDef) { ECDsaCng e = new ECDsaCng(curveDef.Curve); CngKey key1 = e.Key; VerifyKey(key1); e.Exercise(); CngKey key2 = e.Key; Assert.Same(key1, key2); }