public static void VerifySignature_ECDsa(string hashAlgorithm)
{
HashAlgorithmName hashAlgorithmName = new HashAlgorithmName(hashAlgorithm);
using (ECDsa key = ECDsa.Create())
{
CertificateRequest first = new CertificateRequest(
"CN=Test",
key,
hashAlgorithmName);
byte[] pkcs10;
if (hashAlgorithm == "SHA1")
{
pkcs10 = first.CreateSigningRequest(new ECDsaSha1SignatureGenerator(key));
}
else
{
pkcs10 = first.CreateSigningRequest();
}
// Assert.NoThrow
CertificateRequest.LoadSigningRequest(pkcs10, hashAlgorithmName, out _);
pkcs10[^ 1] ^= 0xFF;
public static void LoadWithEmptyHashAlgorithm()
{
HashAlgorithmName hashAlgorithm = new HashAlgorithmName("");
Assert.Throws <ArgumentException>(
"signerHashAlgorithm",
() => CertificateRequest.LoadSigningRequest(Array.Empty <byte>(), hashAlgorithm));
{
int consumed = -1;
Assert.Throws <ArgumentException>(
"signerHashAlgorithm",
() => CertificateRequest.LoadSigningRequest(
ReadOnlySpan <byte> .Empty,
hashAlgorithm,
out consumed));
Assert.Equal(-1, consumed);
}
Assert.Throws <ArgumentException>(
"signerHashAlgorithm",
() => CertificateRequest.LoadSigningRequestPem(string.Empty, hashAlgorithm));
Assert.Throws <ArgumentException>(
"signerHashAlgorithm",
() => CertificateRequest.LoadSigningRequestPem(
ReadOnlySpan <char> .Empty,
hashAlgorithm));
}
public static void VerifySignature_RSA_PKCS1(string hashAlgorithm)
{
HashAlgorithmName hashAlgorithmName = new HashAlgorithmName(hashAlgorithm);
using (RSA key = RSA.Create())
{
CertificateRequest first = new CertificateRequest(
"CN=Test",
key,
hashAlgorithmName,
RSASignaturePadding.Pkcs1);
byte[] pkcs10;
if (hashAlgorithm == "SHA1")
{
pkcs10 = first.CreateSigningRequest(new RSASha1Pkcs1SignatureGenerator(key));
}
else
{
pkcs10 = first.CreateSigningRequest();
}
// Assert.NoThrow
CertificateRequest.LoadSigningRequest(pkcs10, hashAlgorithmName, out _);
pkcs10[^ 1] ^= 0xFF;
public static void LoadWithDefaultHashAlgorithm()
{
Assert.Throws <ArgumentNullException>(
"signerHashAlgorithm",
() => CertificateRequest.LoadSigningRequest(Array.Empty <byte>(), default(HashAlgorithmName)));
{
int consumed = -1;
Assert.Throws <ArgumentNullException>(
"signerHashAlgorithm",
() => CertificateRequest.LoadSigningRequest(
ReadOnlySpan <byte> .Empty,
default(HashAlgorithmName),
out consumed));
Assert.Equal(-1, consumed);
}
Assert.Throws <ArgumentNullException>(
"signerHashAlgorithm",
() => CertificateRequest.LoadSigningRequestPem(string.Empty, default(HashAlgorithmName)));
Assert.Throws <ArgumentNullException>(
"signerHashAlgorithm",
() => CertificateRequest.LoadSigningRequestPem(
ReadOnlySpan <char> .Empty,
default(HashAlgorithmName)));
}
public static void LoadBigExponentRequest_Bytes(CertificateRequestLoadOptions options)
{
CertificateRequest req = CertificateRequest.LoadSigningRequest(
TestData.BigExponentPkcs10Bytes,
HashAlgorithmName.SHA384,
options);
Assert.Equal(HashAlgorithmName.SHA384, req.HashAlgorithm);
VerifyBigExponentRequest(req, options);
}
public static void HashAlgorithmLaxInLoad()
{
HashAlgorithmName hashAlgorithm = new HashAlgorithmName("I promise to be a hash algorithm");
CertificateRequest req = CertificateRequest.LoadSigningRequest(
TestData.BigExponentPkcs10Bytes,
hashAlgorithm);
Assert.Equal(hashAlgorithm, req.HashAlgorithm);
}
public static void LoadBigExponentRequest_Bytes_Oversized(CertificateRequestLoadOptions options)
{
byte[] pkcs10 = TestData.BigExponentPkcs10Bytes;
Array.Resize(ref pkcs10, pkcs10.Length + 1);
Assert.Throws <CryptographicException>(
() => CertificateRequest.LoadSigningRequest(
pkcs10,
HashAlgorithmName.SHA384,
options));
}
public static void LoadBigExponentRequest_Span(CertificateRequestLoadOptions options, bool oversized)
{
byte[] pkcs10 = TestData.BigExponentPkcs10Bytes;
if (oversized)
{
Array.Resize(ref pkcs10, pkcs10.Length + 22);
}
CertificateRequest req = CertificateRequest.LoadSigningRequest(
new ReadOnlySpan <byte>(pkcs10),
HashAlgorithmName.SHA256,
out int bytesConsumed,
options);
Assert.Equal(TestData.BigExponentPkcs10Bytes.Length, bytesConsumed);
Assert.Equal(HashAlgorithmName.SHA256, req.HashAlgorithm);
VerifyBigExponentRequest(req, options);
}
public static void LoadWithUnknownOptions(int optionsValue)
{
CertificateRequestLoadOptions options = (CertificateRequestLoadOptions)optionsValue;
HashAlgorithmName hashAlgorithm = HashAlgorithmName.SHA256;
ArgumentOutOfRangeException ex;
ex = Assert.Throws <ArgumentOutOfRangeException>(
"options",
() => CertificateRequest.LoadSigningRequest(Array.Empty <byte>(), hashAlgorithm, options));
Assert.Equal(options, ex.ActualValue);
{
int consumed = -1;
ex = Assert.Throws <ArgumentOutOfRangeException>(
"options",
() => CertificateRequest.LoadSigningRequest(
ReadOnlySpan <byte> .Empty,
hashAlgorithm,
out consumed,
options));
Assert.Equal(-1, consumed);
Assert.Equal(options, ex.ActualValue);
}
ex = Assert.Throws <ArgumentOutOfRangeException>(
"options",
() => CertificateRequest.LoadSigningRequestPem(string.Empty, hashAlgorithm, options));
Assert.Equal(options, ex.ActualValue);
ex = Assert.Throws <ArgumentOutOfRangeException>(
"options",
() => CertificateRequest.LoadSigningRequestPem(
ReadOnlySpan <char> .Empty,
hashAlgorithm,
options));
Assert.Equal(options, ex.ActualValue);
}
public static void LoadNullArray()
{
Assert.Throws <ArgumentNullException>(
"pkcs10",
() => CertificateRequest.LoadSigningRequest((byte[])null, HashAlgorithmName.SHA256));
}