-
Notifications
You must be signed in to change notification settings - Fork 4.9k
/
Copy pathKeyBagTests.cs
105 lines (93 loc) · 3.32 KB
/
KeyBagTests.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
using Test.Cryptography;
using Xunit;
namespace System.Security.Cryptography.Pkcs.Tests.Pkcs12
{
public static class KeyBagTests
{
private static readonly ReadOnlyMemory<byte> s_derNull = new byte[] { 0x05, 0x00 };
[Fact]
public static void BuildWithFactoryReadDirect()
{
using (RSA rsa = RSA.Create())
{
Pkcs12SafeContents contents = new Pkcs12SafeContents();
Pkcs12KeyBag keyBag = contents.AddKeyUnencrypted(rsa);
using (RSA rsa2 = RSA.Create())
{
rsa2.ImportPkcs8PrivateKey(
keyBag.Pkcs8PrivateKey.Span,
out _);
byte[] sig = new byte[rsa.KeySize / 8];
Assert.True(rsa2.TrySignData(
keyBag.Pkcs8PrivateKey.Span,
sig,
HashAlgorithmName.MD5,
RSASignaturePadding.Pkcs1,
out int sigLen));
Assert.Equal(sig.Length, sigLen);
Assert.True(rsa.VerifyData(
keyBag.Pkcs8PrivateKey.Span,
sig,
HashAlgorithmName.MD5,
RSASignaturePadding.Pkcs1));
}
}
}
[Theory]
[InlineData(false)]
[InlineData(true)]
public static void SkipCopyHonored(bool skipCopy)
{
Pkcs12KeyBag keyBag = new Pkcs12KeyBag(s_derNull, skipCopy);
if (skipCopy)
{
Assert.True(
s_derNull.Span.Overlaps(keyBag.Pkcs8PrivateKey.Span),
"Same memory");
}
else
{
Assert.False(
s_derNull.Span.Overlaps(keyBag.Pkcs8PrivateKey.Span),
"Same memory");
}
}
[Theory]
// No data
[InlineData("", false)]
// Length exceeds payload
[InlineData("0401", false)]
// Two values (aka length undershoots payload)
[InlineData("0400020100", false)]
// No length
[InlineData("04", false)]
// Legal
[InlineData("0400", true)]
// A legal tag-length-value, but not a legal BIT STRING value.
[InlineData("0300", true)]
// SEQUENCE (indefinite length) {
// Constructed OCTET STRING (indefinite length) {
// OCTET STRING (inefficient encoded length 01): 07
// }
// }
[InlineData("30802480048200017F00000000", true)]
// Previous example, trailing byte
[InlineData("30802480048200017F0000000000", false)]
public static void CtorEnsuresValidBerValue(string inputHex, bool expectSuccess)
{
byte[] data = inputHex.HexToByteArray();
Func<Pkcs12KeyBag> func = () => new Pkcs12KeyBag(data, skipCopy: true);
if (!expectSuccess)
{
Assert.ThrowsAny<CryptographicException>(func);
}
else
{
// Assert.NoThrow
func();
}
}
}
}