1 // 2 // RSAPKCS1SignatureDeformatterTest.cs - NUnit tests for PKCS#1 v.1.5 signature. 3 // 4 // Author: 5 // Sebastien Pouliot (sebastien@ximian.com) 6 // 7 // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) 8 // Copyright (C) 2004-2006 Novell, Inc (http://www.novell.com) 9 // 10 11 using NUnit.Framework; 12 using System; 13 using System.Security.Cryptography; 14 using System.Text; 15 16 namespace MonoTests.System.Security.Cryptography { 17 18 [TestFixture] 19 public class RSAPKCS1SignatureDeformatterTest { 20 21 private static byte[] shaSignature = { 0x51, 0xE1, 0x69, 0xC4, 0x84, 0x0C, 0x33, 0xD9, 0x80, 0xC0, 0xBD, 0x85, 0x87, 0x6E, 0x85, 0x91, 0xB9, 0xD5, 0xB6, 0xE1, 0xAB, 0xD3, 0x06, 0x83, 0xCF, 0x33, 0x56, 0xB9, 0xE6, 0x2C, 0x37, 0xC0, 0x08, 0xFC, 0x81, 0x15, 0xAB, 0x57, 0x80, 0xE4, 0xB9, 0x95, 0x4B, 0xFA, 0x63, 0x13, 0x5E, 0xA9, 0x6E, 0xAB, 0xB0, 0x89, 0xF3, 0xD0, 0xE9, 0xC7, 0xE7, 0xA0, 0xE2, 0xB6, 0x0A, 0xFF, 0x46, 0x2B, 0x8B, 0xC1, 0x4C, 0xEA, 0xDB, 0xEA, 0xD6, 0xF5, 0xA5, 0x2C, 0x8C, 0x1D, 0x57, 0xDF, 0x2D, 0xF0, 0x6B, 0x1D, 0xA9, 0xAE, 0x7F, 0x10, 0x02, 0xE2, 0x05, 0x7E, 0xD2, 0x80, 0xFC, 0x0E, 0x5A, 0xFD, 0xE9, 0xDB, 0x1B, 0xBA, 0xB4, 0xF7, 0x50, 0x88, 0x73, 0x95, 0xBD, 0x3C, 0xCB, 0x33, 0x02, 0xF5, 0x55, 0x10, 0xA6, 0x1B, 0xFD, 0x1D, 0xB1, 0x0E, 0xE3, 0xD0, 0xB7, 0x14, 0x8D, 0x45, 0xC4, 0xF3 }; 22 private static byte[] md5Signature = { 0xB4, 0xA9, 0xE9, 0x76, 0x04, 0x0E, 0x0E, 0x04, 0xA3, 0x68, 0x9E, 0x50, 0xD1, 0x29, 0x07, 0x22, 0x45, 0x41, 0x72, 0x1F, 0xBE, 0x74, 0x78, 0xDA, 0x5F, 0x22, 0x4B, 0x45, 0xA8, 0x5F, 0x2D, 0xA5, 0x5F, 0x01, 0x84, 0xA7, 0xF3, 0x6E, 0xB8, 0x8B, 0xF3, 0x29, 0xB2, 0x82, 0xE6, 0x5D, 0x1A, 0x98, 0xAE, 0x9C, 0x2E, 0xB0, 0xDD, 0x3F, 0x8D, 0xF9, 0x1C, 0x9E, 0x40, 0x25, 0x01, 0x9F, 0x92, 0x4E, 0xBE, 0x11, 0xE5, 0xE8, 0xE0, 0xF6, 0x3E, 0xDF, 0x8D, 0x1A, 0xC7, 0x26, 0x37, 0xF7, 0x01, 0x95, 0x48, 0xD8, 0x07, 0x4D, 0x0E, 0xDE, 0xB2, 0x76, 0xD1, 0x23, 0xBD, 0x74, 0xE9, 0xC3, 0x63, 0xB3, 0xE7, 0xCE, 0xA2, 0xEA, 0x20, 0x19, 0x1C, 0x4D, 0x8D, 0xBB, 0xAB, 0x6E, 0xB0, 0xD0, 0x08, 0xC2, 0x2B, 0x69, 0xA4, 0xF3, 0xE9, 0x23, 0xAC, 0x93, 0xB2, 0x0F, 0x90, 0x95, 0x6A, 0x66, 0xDC, 0x44 }; 23 24 private static RSA rsa; 25 private static DSA dsa; 26 27 [SetUp] SetUp()28 public void SetUp () 29 { 30 shaSignature [0] = 0x51; 31 md5Signature [0] = 0xB4; 32 33 if (rsa == null) 34 rsa = RSA.Create (); 35 if (dsa == null) 36 dsa = DSA.Create (); 37 } 38 AssertEquals(string msg, byte[] array1, byte[] array2)39 public void AssertEquals (string msg, byte[] array1, byte[] array2) 40 { 41 AllTests.AssertEquals (msg, array1, array2); 42 } 43 44 [Test] RSAConstructors()45 public void RSAConstructors () 46 { 47 RSAPKCS1SignatureDeformatter fmt; 48 fmt = new RSAPKCS1SignatureDeformatter (); 49 50 fmt = new RSAPKCS1SignatureDeformatter (rsa); 51 } 52 53 [Test] 54 [ExpectedException (typeof (ArgumentNullException))] RSAConstructor_Null()55 public void RSAConstructor_Null () 56 { 57 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (null); 58 } 59 60 [Test] 61 [ExpectedException (typeof (InvalidCastException))] DSAConstructor()62 public void DSAConstructor () 63 { 64 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (dsa); 65 } 66 67 [Test] SetRSAKey()68 public void SetRSAKey () 69 { 70 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 71 fmt.SetKey (rsa); 72 } 73 74 [Test] 75 [ExpectedException (typeof (InvalidCastException))] SetDSAKey()76 public void SetDSAKey () 77 { 78 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 79 fmt.SetKey (dsa); 80 } 81 82 [Test] 83 [ExpectedException (typeof (ArgumentNullException))] SetNullKey()84 public void SetNullKey () 85 { 86 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 87 fmt.SetKey (null); 88 } 89 90 [Test] 91 [ExpectedException (typeof (ArgumentNullException))] SetNullHashAlgorithm()92 public void SetNullHashAlgorithm () 93 { 94 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 95 fmt.SetHashAlgorithm (null); 96 } 97 98 [Test] SetInvalidHashAlgorithm()99 public void SetInvalidHashAlgorithm () 100 { 101 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 102 fmt.SetHashAlgorithm ("MD3"); 103 } 104 105 [Test] SetSHA1HashAlgorithm()106 public void SetSHA1HashAlgorithm () 107 { 108 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 109 fmt.SetHashAlgorithm ("SHA1"); 110 } 111 112 [Test] SetMD5HashAlgorithm()113 public void SetMD5HashAlgorithm () 114 { 115 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 116 fmt.SetHashAlgorithm ("MD5"); 117 } 118 119 [Test] SetSHA256HashAlgorithm()120 public void SetSHA256HashAlgorithm () 121 { 122 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 123 fmt.SetHashAlgorithm ("SHA256"); 124 } 125 126 [Test] SetSHA384HashAlgorithm()127 public void SetSHA384HashAlgorithm () 128 { 129 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 130 fmt.SetHashAlgorithm ("SHA384"); 131 } 132 133 [Test] SetSHA512HashAlgorithm()134 public void SetSHA512HashAlgorithm () 135 { 136 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 137 fmt.SetHashAlgorithm ("SHA512"); 138 } 139 140 [Test] 141 [ExpectedException (typeof (ArgumentNullException))] VerifySignatureNullHash()142 public void VerifySignatureNullHash () 143 { 144 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 145 fmt.SetHashAlgorithm ("SHA1"); 146 fmt.SetKey (rsa); 147 byte[] hash = null; 148 byte[] signature = new byte [128]; 149 fmt.VerifySignature (hash, signature); 150 } 151 152 [Test] 153 [ExpectedException (typeof (ArgumentNullException))] VerifySignatureNullSignature()154 public void VerifySignatureNullSignature () 155 { 156 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 157 fmt.SetHashAlgorithm ("SHA1"); 158 fmt.SetKey (rsa); 159 byte[] hash = new byte [20]; 160 fmt.VerifySignature (hash, null); 161 } 162 163 [Test] 164 [ExpectedException (typeof (CryptographicUnexpectedOperationException))] VerifySignatureWithBadHash()165 public void VerifySignatureWithBadHash () 166 { 167 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 168 fmt.SetKey (rsa); 169 // no hash algorithm 170 byte[] hash = new byte [1]; 171 byte[] signature = new byte [1]; 172 fmt.VerifySignature (hash, signature); 173 } 174 175 [Test] VerifySHA1SignatureWithNullKey()176 public void VerifySHA1SignatureWithNullKey () 177 { 178 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 179 fmt.SetHashAlgorithm ("SHA1"); 180 byte[] hash = new byte [20]; 181 try { 182 // no key 183 fmt.VerifySignature (hash, shaSignature); 184 Assert.Fail ("VerifySHA1SignatureWithNullKey - Expected CryptographicUnexpectedOperationException but none"); 185 } 186 catch (CryptographicUnexpectedOperationException) { 187 // this was expected 188 } 189 catch (NullReferenceException) { 190 // this wasn't expected - but that's the result from framework 1.1 191 } 192 catch (Exception e) { 193 Assert.Fail ("VerifySHA1SignatureWithNullKey - Expected CryptographicUnexpectedOperationException but got: " + e.ToString ()); 194 } 195 } 196 GetDefaultDeformatter(string hashName)197 private RSAPKCS1SignatureDeformatter GetDefaultDeformatter (string hashName) 198 { 199 // no need for the private key 200 RSA rsa = RSA.Create (); 201 rsa.ImportParameters (AllTests.GetRsaKey (false)); 202 203 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 204 fmt.SetKey (rsa); 205 fmt.SetHashAlgorithm (hashName); 206 return fmt; 207 } 208 209 [Test] VerifySHA1SignatureWithRSAKey()210 public void VerifySHA1SignatureWithRSAKey () 211 { 212 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("SHA1"); 213 // good SHA1 214 byte[] hash = new byte [20]; 215 Assert.IsTrue (fmt.VerifySignature (hash, shaSignature), "VerifySignature(SHA1, sign)"); 216 // bad signature 217 shaSignature [0] = (byte) ~shaSignature [0]; 218 Assert.IsFalse (fmt.VerifySignature (hash, shaSignature), "VerifySignature(SHA1, badSign)"); 219 } 220 221 [Test] 222 [ExpectedException (typeof (CryptographicException))] VerifySHA1SignatureWithWrongHashLength()223 public void VerifySHA1SignatureWithWrongHashLength () 224 { 225 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("SHA1"); 226 // wrong SHA1 length 227 byte[] hash = new byte [19]; 228 fmt.VerifySignature (hash, shaSignature); 229 } 230 231 [Test] VerifySHA1SignatureWithWrongSignatureLength()232 public void VerifySHA1SignatureWithWrongSignatureLength () 233 { 234 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("SHA1"); 235 // wrong signature length 236 byte[] hash = new byte [20]; 237 byte[] badSignature = new byte [shaSignature.Length-1]; 238 Assert.IsFalse (fmt.VerifySignature (hash, badSignature), "VerifySignature(SHA1, badSign)"); 239 } 240 241 [Test] VerifyMD5SignatureWithRSAKey()242 public void VerifyMD5SignatureWithRSAKey () 243 { 244 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("MD5"); 245 // good MD5 246 byte[] hash = new byte [16]; 247 Assert.IsTrue (fmt.VerifySignature (hash, md5Signature), "VerifySignature(MD5, sign)"); 248 // bad signature 249 md5Signature [0] = (byte) ~md5Signature [0]; 250 Assert.IsFalse (fmt.VerifySignature (hash, md5Signature), "VerifySignature(MD5, badSign)"); 251 } 252 253 [Test] 254 [ExpectedException (typeof (CryptographicException))] VerifyMD5SignatureWithWrongHashLength()255 public void VerifyMD5SignatureWithWrongHashLength () 256 { 257 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("MD5"); 258 // wrong MD5 length 259 byte[] hash = new byte [17]; 260 fmt.VerifySignature (hash, md5Signature); 261 } 262 263 [Test] VerifyMD5SignatureWithWrongSignatureLength()264 public void VerifyMD5SignatureWithWrongSignatureLength () 265 { 266 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("MD5"); 267 // wrong signature length 268 byte[] hash = new byte [16]; 269 byte[] badSignature = new byte [md5Signature.Length-1]; 270 Assert.IsFalse (fmt.VerifySignature (hash, badSignature), "VerifySignature(MD5, badSign)"); 271 } 272 273 [Test] 274 [ExpectedException (typeof (ArgumentNullException))] VerifySignatureNullHashAlgorithm()275 public void VerifySignatureNullHashAlgorithm () 276 { 277 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 278 HashAlgorithm hash = null; 279 byte[] data = new byte [20]; 280 // no hash algorithm 281 byte[] signature = new byte [1]; 282 fmt.VerifySignature (hash, signature); 283 } 284 285 [Test] VerifySignatureHashNoKey()286 public void VerifySignatureHashNoKey () 287 { 288 RSAPKCS1SignatureDeformatter fmt = new RSAPKCS1SignatureDeformatter (); 289 HashAlgorithm hash = SHA1.Create (); 290 try { 291 // no key 292 fmt.VerifySignature (hash, shaSignature); 293 Assert.Fail ("VerifySignatureHashNoKey - Expected CryptographicUnexpectedOperationException but none"); 294 } 295 catch (CryptographicUnexpectedOperationException) { 296 // this was expected 297 } 298 catch (NullReferenceException) { 299 // this wasn't expected - but that's the result from framework 1.1 300 } 301 catch (Exception e) { 302 Assert.Fail ("VerifySignatureHashNoKey - Expected CryptographicUnexpectedOperationException but got: " + e.ToString ()); 303 } 304 } 305 306 [Test] VerifySignatureSHA1Hash()307 public void VerifySignatureSHA1Hash () 308 { 309 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("SHA1"); 310 // good SHA1 311 byte[] data = new byte [20]; 312 HashAlgorithm hash = SHA1.Create (); 313 hash.ComputeHash (data); 314 315 byte[] shaSignature = { 0x7C, 0xA0, 0x13, 0xFB, 0xCB, 0x4D, 0x08, 0x02, 0x3C, 0x6B, 0x88, 0xA6, 0x25, 0x43, 0x17, 0x51, 0xA6, 0xA8, 0x8F, 0x5B, 0xAE, 0xC3, 0x57, 0x75, 0x2A, 0x8B, 0xD8, 0xBA, 0xCF, 0x9B, 0xBB, 0x5A, 0xD5, 0xB0, 0x11, 0xF2, 0xA9, 0xCC, 0xB5, 0x22, 0x59, 0xEE, 0x85, 0x49, 0x11, 0xB6, 0x9C, 0x50, 0x61, 0x4A, 0xEC, 0xA3, 0x50, 0x96, 0xE3, 0x2F, 0x1A, 0x6D, 0x9B, 0x6B, 0x6E, 0xC4, 0x50, 0x50, 0x84, 0x29, 0x92, 0x93, 0xE0, 0x0F, 0xCB, 0xBB, 0x61, 0x5D, 0x36, 0x51, 0x1A, 0xBB, 0x73, 0x75, 0x83, 0xEF, 0xDB, 0x4B, 0x2A, 0x38, 0x2C, 0x37, 0x0A, 0x1F, 0x84, 0xE0, 0x9B, 0x24, 0xDF, 0x69, 0x0E, 0x5C, 0xD9, 0xAF, 0x89, 0x72, 0x45, 0x30, 0xA1, 0xDB, 0xA8, 0x22, 0x40, 0x42, 0x07, 0xCC, 0x2A, 0x0E, 0x90, 0x9A, 0x4D, 0xE5, 0x2B, 0x48, 0x86, 0x4D, 0x01, 0x25, 0x23, 0x95, 0xB5, 0xBD }; 316 Assert.IsTrue (fmt.VerifySignature (hash, shaSignature), "VerifySignature(SHA1, sign)"); 317 // bad signature 318 shaSignature [0] = (byte) ~shaSignature [0]; 319 Assert.IsFalse (fmt.VerifySignature (hash, shaSignature), "VerifySignature(SHA1, badSign)"); 320 } 321 322 [Test] VerifySignatureSHA1HashBadSignatureLength()323 public void VerifySignatureSHA1HashBadSignatureLength () 324 { 325 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("SHA1"); 326 // wrong signature length 327 byte[] badSignature = new byte [shaSignature.Length-1]; 328 HashAlgorithm hash = SHA1.Create (); 329 try { 330 fmt.VerifySignature (hash, badSignature); 331 Assert.Fail ("VerifySignatureSHA1HashBadSignatureLength - Expected CryptographicUnexpectedOperationException but none"); 332 } 333 catch (CryptographicUnexpectedOperationException) { 334 // this was expected 335 } 336 catch (NullReferenceException) { 337 // this wasn't expected - but that's the result from framework 1.1 338 } 339 catch (Exception e) { 340 Assert.Fail ("VerifySignatureSHA1HashBadSignatureLength - Expected CryptographicUnexpectedOperationException but got: " + e.ToString ()); 341 } 342 } 343 344 [Test] VerifySignatureMD5Hash()345 public void VerifySignatureMD5Hash () 346 { 347 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("MD5"); 348 // good MD5 349 byte[] data = new byte [20]; 350 HashAlgorithm hash = MD5.Create (); 351 hash.ComputeHash (data); 352 byte[] signature = { 0x0F, 0xD6, 0x16, 0x2C, 0x31, 0xD6, 0xD7, 0xA0, 0xE8, 0xA0, 0x89, 0x53, 0x7B, 0x36, 0x8F, 0x25, 0xA5, 0xF6, 0x4A, 0x0B, 0xD3, 0xB9, 0x9B, 0xC4, 0xAE, 0xDC, 0xD4, 0x58, 0x5C, 0xD9, 0x58, 0x61, 0xE3, 0x66, 0x89, 0xB1, 0x1E, 0x33, 0x88, 0xDF, 0x58, 0xC4, 0x2E, 0xAE, 0xE7, 0x7B, 0x96, 0x61, 0x77, 0x91, 0xBD, 0xBD, 0x99, 0x9E, 0x1C, 0x3E, 0x0A, 0x5C, 0x15, 0x69, 0x00, 0xFA, 0xEE, 0xD7, 0xDC, 0xD2, 0x62, 0xA3, 0x31, 0x6A, 0x33, 0x75, 0xC8, 0x8E, 0x47, 0x5C, 0x1E, 0xD8, 0x91, 0x36, 0x65, 0xF3, 0x67, 0x63, 0xFC, 0x2B, 0x37, 0x7D, 0xE6, 0x2C, 0x2C, 0x09, 0x45, 0xE1, 0x8D, 0x8C, 0x8F, 0xFC, 0x6A, 0x4A, 0xD1, 0x4D, 0x06, 0xF3, 0x79, 0x9F, 0xDB, 0x0F, 0x4B, 0xD1, 0x94, 0x6F, 0xC7, 0xE7, 0x4E, 0x06, 0xDA, 0xDB, 0x2A, 0x51, 0x62, 0xCA, 0x1A, 0x31, 0x51, 0x2B, 0x83, 0xDD }; 353 Assert.IsTrue (fmt.VerifySignature (hash, signature), "VerifySignature(MD5, sign)"); 354 } 355 356 [Test] VerifyBadSignatureMD5Hash()357 public void VerifyBadSignatureMD5Hash () 358 { 359 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("MD5"); 360 // bad signature 361 byte[] badSignature = new Byte [md5Signature.Length]; 362 Array.Copy (md5Signature, 0, badSignature, 0, badSignature.Length); 363 badSignature[0] = (byte) ~md5Signature [0]; 364 HashAlgorithm hash = MD5.Create (); 365 try { 366 fmt.VerifySignature (hash, md5Signature); 367 Assert.Fail ("VerifyBadSignatureMD5Hash - Expected CryptographicUnexpectedOperationException but none"); 368 } 369 catch (CryptographicUnexpectedOperationException) { 370 // this was expected 371 } 372 catch (NullReferenceException) { 373 // this wasn't expected - but that's the result from framework 1.1 374 } 375 catch (Exception e) { 376 Assert.Fail ("VerifyBadSignatureMD5Hash - Expected CryptographicUnexpectedOperationException but got: " + e.ToString ()); 377 } 378 } 379 380 [Test] VerifySignatureMD5HashBadSignatureLength()381 public void VerifySignatureMD5HashBadSignatureLength () 382 { 383 RSAPKCS1SignatureDeformatter fmt = GetDefaultDeformatter ("MD5"); 384 // wrong signature length 385 byte[] badSignature = new byte [md5Signature.Length-1]; 386 HashAlgorithm hash = MD5.Create (); 387 try { 388 fmt.VerifySignature (hash, md5Signature); 389 Assert.Fail ("VerifySignatureMD5HashBadSignatureLength - Expected CryptographicUnexpectedOperationException but none"); 390 } 391 catch (CryptographicUnexpectedOperationException) { 392 // this was expected 393 } 394 catch (NullReferenceException) { 395 // this wasn't expected - but that's the result from framework 1.1 396 } 397 catch (Exception e) { 398 Assert.Fail ("VerifySignatureMD5HashBadSignatureLength - Expected CryptographicUnexpectedOperationException but got: " + e.ToString ()); 399 } 400 } 401 402 [Test] VerifySignatureWithoutCallingSetHashAlgorithm()403 public void VerifySignatureWithoutCallingSetHashAlgorithm () 404 { 405 string text = "text to sign"; 406 RSA rsa = RSA.Create (); 407 RSAPKCS1SignatureFormatter fmt = new RSAPKCS1SignatureFormatter (rsa); 408 SHA1 hash = SHA1.Create (); 409 hash.ComputeHash (Encoding.UTF8.GetBytes (text)); 410 byte[] signature = fmt.CreateSignature (hash); 411 412 RSAPKCS1SignatureDeformatter def = new RSAPKCS1SignatureDeformatter (rsa); 413 Assert.IsTrue (def.VerifySignature (hash, signature), "Signature Ok"); 414 } 415 } 416 } 417