public void LoadECDsaCertificate()
{
#if NET461 || NETCOREAPP2_1
// Compatible with previous release. Goes through the LightweightPkcs8Decoder.DecodeRSAPkcs8().
Assert.Throws <InvalidDataException>(() => PemReader.LoadCertificate(ECDsaCertificate.AsSpan(), keyType: PemReader.KeyType.RSA));
#else
// Compatible with the previous release. Goes through RSA.ImportPKcs8PrivateKey().
Assert.That(() => PemReader.LoadCertificate(ECDsaCertificate.AsSpan(), keyType: PemReader.KeyType.RSA), Throws.InstanceOf <CryptographicException>());
#endif
}
public void LoadCertificateWithOnlyPublicKeyAllowed()
{
using X509Certificate2 certificate = PemReader.LoadCertificate(ECDsaCertificate.AsSpan(), allowCertificateOnly: true, keyType: PemReader.KeyType.ECDsa);
Assert.AreEqual("CN=Azure SDK", certificate.Subject);
Assert.IsFalse(certificate.HasPrivateKey);
}
public void LoadCertificateWithoutPrivateKey()
{
Exception ex = Assert.Throws <InvalidDataException>(() => PemReader.LoadCertificate(ECDsaCertificate.AsSpan(), keyType: PemReader.KeyType.ECDsa));
Assert.AreEqual("The certificate is missing the private key", ex.Message);
}
public void LoadECDsaCertificateAutomatically()
{
// Support for ECDsa certificates are not supported by default. See Azure.Security.KeyVault.Certificates for support.
Assert.Throws <NotSupportedException>(() => PemReader.LoadCertificate(ECDsaCertificate.AsSpan(), keyType: PemReader.KeyType.Auto));
}
