public static void TestSpecialNistKeys(int keySize, string curveName, CngAlgorithm algorithm) { using (ECDsaCng cng = (ECDsaCng)ECDsaFactory.Create(keySize)) { Assert.Equal(keySize, cng.KeySize); ECParameters param = cng.ExportParameters(false); Assert.Equal(curveName, param.Curve.Oid.FriendlyName); Assert.Equal(algorithm, cng.Key.Algorithm); } }
public void PublicKey_CannotSign() { using (ECDsa ecdsaPriv = ECDsaFactory.Create()) using (ECDsa ecdsa = ECDsaFactory.Create()) { ECParameters keyParameters = ecdsaPriv.ExportParameters(false); ecdsa.ImportParameters(keyParameters); Assert.ThrowsAny <CryptographicException>( () => SignData(ecdsa, new byte[] { 1, 2, 3, 4, 5 }, HashAlgorithmName.SHA256)); } }
public void NotSupportedBaseMethods_Throw() { using (var ecdsa = new OverrideAbstractECDsa(ECDsaFactory.Create())) { Assert.Throws <NotSupportedException>(() => ecdsa.ExportParameters(false)); Assert.Throws <NotSupportedException>(() => ecdsa.ExportExplicitParameters(false)); Assert.Throws <NotSupportedException>(() => ecdsa.ImportParameters(default(ECParameters))); Assert.Throws <NotSupportedException>(() => ecdsa.GenerateKey(default(ECCurve))); Assert.Throws <NotImplementedException>(() => ecdsa.FromXmlString(null)); Assert.Throws <NotImplementedException>(() => ecdsa.ToXmlString(false)); } }
public void TestRegenKeyNistP256() { ECParameters param, param2; ECDsa ec; using (ec = ECDsaFactory.Create(256)) { param = ec.ExportExplicitParameters(true); Assert.NotNull(param.D); ec.GenerateKey(param.Curve); param2 = ec.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); CompareCurve(param.Curve, param2.Curve); } }
public void KeySizeProp() { using (ECDsa e = ECDsaFactory.Create()) { e.KeySize = 384; Assert.Equal(384, e.KeySize); ECParameters p384 = e.ExportParameters(false); Assert.True(p384.Curve.IsNamed); p384.Validate(); e.KeySize = 521; Assert.Equal(521, e.KeySize); ECParameters p521 = e.ExportParameters(false); Assert.True(p521.Curve.IsNamed); p521.Validate(); // Ensure the key was regenerated Assert.NotEqual(p384.Curve.Oid.FriendlyName, p521.Curve.Oid.FriendlyName); } }
public void Span_TrySignData_VerifyData_UsesTryHashDataAndTrySignHashAndTryVerifyHash() { using (var ecdsa = new OverrideAbstractECDsa(ECDsaFactory.Create())) { AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.TrySignData(new byte[1], new byte[1], new HashAlgorithmName(null), out int bytesWritten)); AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.TrySignData(new byte[1], new byte[1], new HashAlgorithmName(""), out int bytesWritten)); AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.VerifyData((ReadOnlySpan <byte>) new byte[1], new byte[1], new HashAlgorithmName(""))); AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.VerifyData((ReadOnlySpan <byte>) new byte[1], new byte[1], new HashAlgorithmName(null))); var input = new byte[1024]; Random.Shared.NextBytes(input); byte[] output = new byte[1]; int outputLength; while (!ecdsa.TrySignData(input, output, HashAlgorithmName.SHA256, out outputLength)) { output = new byte[output.Length * 2]; } Assert.False(ecdsa.VerifyData((ReadOnlySpan <byte>)input, new ReadOnlySpan <byte>(output, 0, outputLength - 1), HashAlgorithmName.SHA256)); Assert.True(ecdsa.VerifyData((ReadOnlySpan <byte>)input, new ReadOnlySpan <byte>(output, 0, outputLength), HashAlgorithmName.SHA256)); } }
public void Stream_SignData_VerifyData_UsesHashDataAndSignHashAndVerifyHash() { using (var ecdsa = new OverrideAbstractECDsa(ECDsaFactory.Create())) { AssertExtensions.Throws <ArgumentNullException>("data", () => ecdsa.SignData((Stream)null, HashAlgorithmName.SHA1)); AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.SignData(new MemoryStream(new byte[1]), new HashAlgorithmName(null))); AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.SignData(new MemoryStream(new byte[1]), new HashAlgorithmName(""))); AssertExtensions.Throws <ArgumentNullException>("data", () => ecdsa.VerifyData((Stream)null, null, HashAlgorithmName.SHA1)); AssertExtensions.Throws <ArgumentNullException>("signature", () => ecdsa.VerifyData(new MemoryStream(new byte[1]), null, HashAlgorithmName.SHA1)); AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.VerifyData(new MemoryStream(new byte[1]), new byte[1], new HashAlgorithmName(null))); AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => ecdsa.VerifyData(new MemoryStream(new byte[1]), new byte[1], new HashAlgorithmName(""))); var input = new byte[1024]; Random.Shared.NextBytes(input); byte[] result = ecdsa.SignData(new MemoryStream(input), HashAlgorithmName.SHA256); Assert.NotNull(result); Assert.NotEmpty(result); Assert.False(ecdsa.VerifyData(new MemoryStream(input.AsSpan(1).ToArray()), result, HashAlgorithmName.SHA256)); Assert.True(ecdsa.VerifyData(new MemoryStream(input), result, HashAlgorithmName.SHA256)); } }
public void SignaturesAtZeroDoNotVerify_DER(CurveDef curveDef) { using (ECDsa ec = ECDsaFactory.Create(curveDef.Curve)) { byte[] data = new byte[] { 1, 2, 3, 4 }; // ASN.1: // SEQUENCE { // INTEGER 0, // INTEGER 0 // } byte[] zeroSignature = new byte[] { 0x30, 0x06, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00 }; bool verified = ec.VerifyData( data, zeroSignature, HashAlgorithmName.SHA256, DSASignatureFormat.Rfc3279DerSequence); Assert.False(verified, nameof(ec.VerifyData)); } }
public void TestRegenKeyExplicit(CurveDef curveDef) { ECParameters param, param2; ECDsa ec, newEc; using (ec = ECDsaFactory.Create(curveDef.Curve)) { param = ec.ExportExplicitParameters(true); Assert.NotNull(param.D); using (newEc = ECDsaFactory.Create()) { newEc.ImportParameters(param); // The curve name is not flowed on explicit export\import (by design) so this exercises logic // that regenerates based on current curve values newEc.GenerateKey(param.Curve); param2 = newEc.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); CompareCurve(param.Curve, param2.Curve); // Specify same curve name newEc.GenerateKey(curveDef.Curve); Assert.Equal(curveDef.KeySize, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); CompareCurve(param.Curve, param2.Curve); // Specify different curve than current if (param.Curve.IsPrime) { if (curveDef.Curve.IsNamed && curveDef.Curve.Oid.FriendlyName != ECCurve.NamedCurves.nistP256.Oid.FriendlyName) { // Specify different curve (nistP256) by explicit value newEc.GenerateKey(ECCurve.NamedCurves.nistP256); Assert.Equal(256, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Keys should not match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); // P,X,Y (and others) should not match Assert.True(param2.Curve.IsPrime); Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime); Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X); Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y); // Reset back to original newEc.GenerateKey(param.Curve); Assert.Equal(curveDef.KeySize, newEc.KeySize); ECParameters copyOfParam1 = newEc.ExportExplicitParameters(true); // Only curve should match ComparePrivateKey(param, copyOfParam1, false); ComparePublicKey(param.Q, copyOfParam1.Q, false); CompareCurve(param.Curve, copyOfParam1.Curve); // Set back to nistP256 newEc.GenerateKey(param2.Curve); Assert.Equal(256, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Keys should not match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); // P,X,Y (and others) should not match Assert.True(param2.Curve.IsPrime); Assert.NotEqual(param.Curve.Prime, param2.Curve.Prime); Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X); Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y); } } else if (param.Curve.IsCharacteristic2) { if (curveDef.Curve.Oid.Value != ECDSA_Sect193r1_OID_VALUE) { if (ECDsaFactory.IsCurveValid(new Oid(ECDSA_Sect193r1_OID_VALUE))) { // Specify different curve by name newEc.GenerateKey(ECCurve.CreateFromValue(ECDSA_Sect193r1_OID_VALUE)); Assert.Equal(193, newEc.KeySize); param2 = newEc.ExportExplicitParameters(true); // Keys should not match ComparePrivateKey(param, param2, false); ComparePublicKey(param.Q, param2.Q, false); // Polynomial,X,Y (and others) should not match Assert.True(param2.Curve.IsCharacteristic2); Assert.NotEqual(param.Curve.Polynomial, param2.Curve.Polynomial); Assert.NotEqual(param.Curve.G.X, param2.Curve.G.X); Assert.NotEqual(param.Curve.G.Y, param2.Curve.G.Y); } } } } } }