public void TestChangeFromNamedCurveToKeySize(CurveDef curveDef)
{
if (!curveDef.Curve.IsNamed)
{
return;
}
using (ECDsa ec = ECDsaFactory.Create(curveDef.Curve))
{
ECParameters param = ec.ExportParameters(false);
// Avoid comparing against same key as in curveDef
if (ec.KeySize != 384 && ec.KeySize != 521)
{
ec.KeySize = 384;
ECParameters param384 = ec.ExportParameters(false);
Assert.NotEqual(param.Curve.Oid.FriendlyName, param384.Curve.Oid.FriendlyName);
Assert.Equal(384, ec.KeySize);
ec.KeySize = 521;
ECParameters param521 = ec.ExportParameters(false);
Assert.NotEqual(param384.Curve.Oid.FriendlyName, param521.Curve.Oid.FriendlyName);
Assert.Equal(521, ec.KeySize);
}
}
}
private static void VerifyExplicitCurve(ECParameters parameters, ECDsa ec, CurveDef curveDef)
{
Assert.True(parameters.Curve.IsExplicit);
ECCurve curve = parameters.Curve;
Assert.True(curveDef.IsCurveTypeEqual(curve.CurveType));
Assert.True(
curveDef.IncludePrivate && parameters.D.Length > 0 ||
!curveDef.IncludePrivate && parameters.D == null);
Assert.Equal(curveDef.KeySize, ec.KeySize);
Assert.Equal(curve.A.Length, parameters.Q.X.Length);
Assert.Equal(curve.A.Length, parameters.Q.Y.Length);
Assert.Equal(curve.A.Length, curve.B.Length);
Assert.Equal(curve.A.Length, curve.G.X.Length);
Assert.Equal(curve.A.Length, curve.G.Y.Length);
Assert.True(curve.Seed == null || curve.Seed.Length > 0);
Assert.True(curve.Order == null || curve.Order.Length > 0);
if (curve.IsPrime)
{
Assert.Equal(curve.A.Length, curve.Prime.Length);
}
if (curveDef.IncludePrivate)
{
ec.Exercise();
}
// Ensure the key doesn't get regenerated after export
ECParameters paramSecondExport = ec.ExportExplicitParameters(curveDef.IncludePrivate);
AssertEqual(parameters, paramSecondExport);
}
public static void TestNamedCurvesNegative(CurveDef curveDef)
{
if (!curveDef.Curve.IsNamed)
{
return;
}
// An exception may be thrown during Create() if the Oid is bad, or later during native calls
Assert.Throws <PlatformNotSupportedException>(() => ECDsaFactory.Create(curveDef.Curve).ExportParameters(false));
}
public static void TestExplicitCurves(CurveDef curveDef)
{
using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve))
{
ECParameters param1 = ec1.ExportExplicitParameters(curveDef.IncludePrivate);
VerifyExplicitCurve(param1, ec1, curveDef);
using (ECDsa ec2 = ECDsaFactory.Create())
{
ec2.ImportParameters(param1);
ECParameters param2 = ec2.ExportExplicitParameters(curveDef.IncludePrivate);
VerifyExplicitCurve(param1, ec1, curveDef);
AssertEqual(param1, param2);
}
}
}
public static void TestExplicitCurves(CurveDef curveDef)
{
using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve))
{
ECParameters param1 = ec1.ExportExplicitParameters(curveDef.IncludePrivate);
VerifyExplicitCurve(param1, ec1, curveDef);
using (ECDsa ec2 = ECDsaFactory.Create())
{
ec2.ImportParameters(param1);
ECParameters param2 = ec2.ExportExplicitParameters(curveDef.IncludePrivate);
VerifyExplicitCurve(param1, ec1, curveDef);
AssertEqual(param1, param2);
}
}
}
public static void TestExplicitCurvesSignVerify(CurveDef curveDef)
{
using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve))
{
byte[] data = new byte[0x10];
byte[] sig1 = ec1.SignData(data, 0, data.Length, HashAlgorithmName.SHA1);
bool verified;
verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.True(verified);
using (ECDsa ec2 = ECDsaFactory.Create())
{
ec2.ImportParameters(ec1.ExportExplicitParameters(true));
Assert.Equal(ec1.KeySize, ec2.KeySize);
byte[] sig2 = ec2.SignData(data, 0, data.Length, HashAlgorithmName.SHA1);
verified = ec2.VerifyData(data, sig2, HashAlgorithmName.SHA1);
Assert.True(verified);
// Verify key is compatible other signature
verified = ec2.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.True(verified);
verified = ec1.VerifyData(data, sig2, HashAlgorithmName.SHA1);
Assert.True(verified);
// Verify with no private key
using (ECDsa ec3 = ECDsaFactory.Create())
{
ec3.ImportParameters(ec2.ExportExplicitParameters(false));
Assert.Equal(ec2.KeySize, ec3.KeySize);
verified = ec3.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.True(verified);
}
}
// Ensure negative result
unchecked
{
sig1[sig1.Length - 1]++;
}
verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.False(verified);
}
}
public static void TestExplicitCurvesSignVerify(CurveDef curveDef)
{
using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve))
{
byte[] data = new byte[0x10];
byte[] sig1 = ec1.SignData(data, 0, data.Length, HashAlgorithmName.SHA1);
bool verified;
verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.True(verified);
using (ECDsa ec2 = ECDsaFactory.Create())
{
ec2.ImportParameters(ec1.ExportExplicitParameters(true));
Assert.Equal(ec1.KeySize, ec2.KeySize);
byte[] sig2 = ec2.SignData(data, 0, data.Length, HashAlgorithmName.SHA1);
verified = ec2.VerifyData(data, sig2, HashAlgorithmName.SHA1);
Assert.True(verified);
// Verify key is compatible other signature
verified = ec2.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.True(verified);
verified = ec1.VerifyData(data, sig2, HashAlgorithmName.SHA1);
Assert.True(verified);
// Verify with no private key
using (ECDsa ec3 = ECDsaFactory.Create())
{
ec3.ImportParameters(ec2.ExportExplicitParameters(false));
Assert.Equal(ec2.KeySize, ec3.KeySize);
verified = ec3.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.True(verified);
}
}
// Ensure negative result
unchecked
{
sig1[sig1.Length - 1]++;
}
verified = ec1.VerifyData(data, sig1, HashAlgorithmName.SHA1);
Assert.False(verified);
}
}
public void TestRegenKeyNamed(CurveDef curveDef)
{
ECParameters param, param2;
ECDsa ec;
using (ec = ECDsaFactory.Create(curveDef.Curve))
{
param = ec.ExportParameters(true);
Assert.NotEqual(param.D, null);
param.Validate();
ec.GenerateKey(param.Curve);
param2 = ec.ExportParameters(true);
param2.Validate();
// Only curve should match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
CompareCurve(param.Curve, param2.Curve);
}
}
public static void TestHashRoundTrip(CurveDef curveDef)
{
// This test is in the cng only tests because OpenSsl does not provide the hash algorithm
using (var cng = new ECDsaCng(curveDef.Curve))
{
ECParameters param = cng.ExportExplicitParameters(false);
// Add some dummy values and import
Assert.True(param.Curve.IsExplicit);
var curve = param.Curve;
curve.Hash = HashAlgorithmName.SHA1;
curve.Seed = new byte[1] { 0xFF }; // Hash should have a seed
param.Curve = curve;
cng.ImportParameters(param);
// Export to see if the hash is there
ECParameters param2 = cng.ExportExplicitParameters(false);
Assert.Equal(HashAlgorithmName.SHA1.Name.ToUpper(), param2.Curve.Hash.Value.Name.ToUpper());
Assert.Equal(0xFF, param2.Curve.Seed[0]);
}
}
public static void TestNamedCurves(CurveDef curveDef)
{
if (!curveDef.Curve.IsNamed)
{
return;
}
using (ECDsa ec1 = ECDsaFactory.Create(curveDef.Curve))
{
ECParameters param1 = ec1.ExportParameters(curveDef.IncludePrivate);
VerifyNamedCurve(param1, ec1, curveDef.KeySize, curveDef.IncludePrivate);
using (ECDsa ec2 = ECDsaFactory.Create())
{
ec2.ImportParameters(param1);
ECParameters param2 = ec2.ExportParameters(curveDef.IncludePrivate);
VerifyNamedCurve(param2, ec2, curveDef.KeySize, curveDef.IncludePrivate);
AssertEqual(param1, param2);
}
}
}
public void TestRegenKeyExplicit(CurveDef curveDef)
{
ECParameters param, param2;
ECDsa ec, newEc;
using (ec = ECDsaFactory.Create(curveDef.Curve))
{
param = ec.ExportExplicitParameters(true);
Assert.NotEqual(null, param.D);
using (newEc = ECDsaFactory.Create())
{
newEc.ImportParameters(param);
// The curve name is not flowed on explicit export\import (by design) so this excercises logic
// that regenerates based on current curve values
newEc.GenerateKey(param.Curve);
param2 = newEc.ExportExplicitParameters(true);
// Only curve should match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
CompareCurve(param.Curve, param2.Curve);
// Specify same curve name
newEc.GenerateKey(curveDef.Curve);
Assert.Equal(curveDef.KeySize, newEc.KeySize);
param2 = newEc.ExportExplicitParameters(true);
// Only curve should match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
CompareCurve(param.Curve, param2.Curve);
// Specify different curve than current
if (param.Curve.IsPrime)
{
if (curveDef.Curve.IsNamed &&
curveDef.Curve.Oid.FriendlyName != ECCurve.NamedCurves.nistP256.Oid.FriendlyName)
{
// Specify different curve (nistP256) by explicit value
newEc.GenerateKey(ECCurve.NamedCurves.nistP256);
Assert.Equal(256, newEc.KeySize);
param2 = newEc.ExportExplicitParameters(true);
// Keys should should not match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
// P,X,Y (and others) should not match
Assert.True(param2.Curve.IsPrime);
Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime);
Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X);
Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y);
// Reset back to original
newEc.GenerateKey(param.Curve);
Assert.Equal(curveDef.KeySize, newEc.KeySize);
ECParameters copyOfParam1 = newEc.ExportExplicitParameters(true);
// Only curve should match
ComparePrivateKey(param, copyOfParam1, false);
ComparePublicKey(param.Q, copyOfParam1.Q, false);
CompareCurve(param.Curve, copyOfParam1.Curve);
// Set back to nistP256
newEc.GenerateKey(param2.Curve);
Assert.Equal(256, newEc.KeySize);
param2 = newEc.ExportExplicitParameters(true);
// Keys should should not match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
// P,X,Y (and others) should not match
Assert.True(param2.Curve.IsPrime);
Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime);
Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X);
Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y);
}
}
else if (param.Curve.IsCharacteristic2)
{
if (curveDef.Curve.Oid.Value != ECDSA_Sect193r1_OID_VALUE)
{
if (ECDsaFactory.IsCurveValid(new Oid(ECDSA_Sect193r1_OID_VALUE)))
{
// Specify different curve by name
newEc.GenerateKey(ECCurve.CreateFromValue(ECDSA_Sect193r1_OID_VALUE));
Assert.Equal(193, newEc.KeySize);
param2 = newEc.ExportExplicitParameters(true);
// Keys should should not match
ComparePrivateKey(param, param2, false);
ComparePublicKey(param.Q, param2.Q, false);
// Polynomial,X,Y (and others) should not match
Assert.True(param2.Curve.IsCharacteristic2);
Assert.NotEqual(param.Curve.Polynomial, param2.Curve.Polynomial);
Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X);
Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y);
}
}
}
}
}
}
public static void TestNamedCurvesNegative(CurveDef curveDef)
{
// An exception may be thrown during Create() if the Oid is bad, or later during native calls
Assert.Throws<PlatformNotSupportedException>(() => ECDsaFactory.Create(curveDef.Curve).ExportParameters(false));
}
private static void VerifyExplicitCurve(ECParameters parameters, ECDsa ec, CurveDef curveDef)
{
Assert.True(parameters.Curve.IsExplicit);
ECCurve curve = parameters.Curve;
Assert.True(curveDef.IsCurveTypeEqual(curve.CurveType));
Assert.True(
curveDef.IncludePrivate && parameters.D.Length > 0 ||
!curveDef.IncludePrivate && parameters.D == null);
Assert.Equal(curveDef.KeySize, ec.KeySize);
Assert.Equal(curve.A.Length, parameters.Q.X.Length);
Assert.Equal(curve.A.Length, parameters.Q.Y.Length);
Assert.Equal(curve.A.Length, curve.B.Length);
Assert.Equal(curve.A.Length, curve.G.X.Length);
Assert.Equal(curve.A.Length, curve.G.Y.Length);
Assert.True(curve.Seed == null || curve.Seed.Length > 0);
Assert.True(curve.Order == null || curve.Order.Length > 0);
if (curve.IsPrime)
{
Assert.Equal(curve.A.Length,curve.Prime.Length);
}
if (curveDef.IncludePrivate)
ec.Exercise();
// Ensure the key doesn't get regenerated after export
ECParameters paramSecondExport = ec.ExportExplicitParameters(curveDef.IncludePrivate);
AssertEqual(parameters, paramSecondExport);
}
public static void TestCreateKeyFromCngAlgorithmNegative(CurveDef curveDef)
{
CngAlgorithm alg = CngAlgorithm.ECDsa;
Assert.ThrowsAny<Exception>(() => CngKey.Create(alg));
}
public static void TestKeyPropertyFromNamedCurve(CurveDef curveDef)
{
ECDsaCng e = new ECDsaCng(curveDef.Curve);
CngKey key1 = e.Key;
VerifyKey(key1);
e.Exercise();
CngKey key2 = e.Key;
Assert.Same(key1, key2);
}
