From 113a7fb453292f564a94d512c4fb672131aa3a6e Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Tue, 7 Apr 2020 16:28:33 -0400 Subject: [PATCH 1/3] Support macOS with private-key-only parameters. --- .../Cryptography/EccSecurityTransforms.cs | 25 +++++++++++++++++-- .../DefaultECDiffieHellmanProvider.Unix.cs | 2 +- .../tests/DefaultECDsaProvider.Unix.cs | 2 +- 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/src/libraries/Common/src/System/Security/Cryptography/EccSecurityTransforms.cs b/src/libraries/Common/src/System/Security/Cryptography/EccSecurityTransforms.cs index d095711812288..09c8502f21241 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/EccSecurityTransforms.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/EccSecurityTransforms.cs @@ -117,6 +117,17 @@ private void SetKey(SecKeyPair keyPair) current?.Dispose(); } + internal static ECParameters ExportPublicParametersFromPrivateKey(SafeSecKeyRefHandle handle) + { + const string ExportPassword = "DotnetExportPassphrase"; + byte[] keyBlob = Interop.AppleCrypto.SecKeyExport(handle, exportPrivate: true, password: ExportPassword); + EccKeyFormatHelper.ReadEncryptedPkcs8(keyBlob, ExportPassword, out _, out ECParameters key); + CryptographicOperations.ZeroMemory(key.D); + CryptographicOperations.ZeroMemory(keyBlob); + key.D = null; + return key; + } + internal ECParameters ExportParameters(bool includePrivateParameters, int keySizeInBits) { // Apple requires all private keys to be exported encrypted, but since we're trying to export @@ -166,6 +177,7 @@ internal int ImportParameters(ECParameters parameters) ThrowIfDisposed(); bool isPrivateKey = parameters.D != null; + bool hasPublicParameters = parameters.Q.X != null && parameters.Q.Y != null; SecKeyPair newKeys; if (isPrivateKey) @@ -176,8 +188,17 @@ internal int ImportParameters(ECParameters parameters) // Public import should go off without a hitch. SafeSecKeyRefHandle privateKey = ImportKey(parameters); - ECParameters publicOnly = parameters; - publicOnly.D = null; + ECParameters publicOnly; + + if (hasPublicParameters) + { + publicOnly = parameters; + publicOnly.D = null; + } + else + { + publicOnly = ExportPublicParametersFromPrivateKey(privateKey); + } SafeSecKeyRefHandle publicKey; try diff --git a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Unix.cs b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Unix.cs index 063c4e008b3cd..38310d93160ce 100644 --- a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Unix.cs +++ b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Unix.cs @@ -35,7 +35,7 @@ public bool ExplicitCurvesSupported } } - public bool LimitedPrivateKeySupported => !PlatformDetection.IsOSX; + public bool LimitedPrivateKeySupported => true; private static bool IsValueOrFriendlyNameValid(string friendlyNameOrValue) { diff --git a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Unix.cs b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Unix.cs index 7983e72698755..04ed59b320798 100644 --- a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Unix.cs +++ b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Unix.cs @@ -35,7 +35,7 @@ public bool ExplicitCurvesSupported } } - public bool LimitedPrivateKeySupported => !PlatformDetection.IsOSX; + public bool LimitedPrivateKeySupported => true; private static bool IsValueOrFriendlyNameValid(string friendlyNameOrValue) { From 143f24c84515627f94599b83e818098471761f65 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Tue, 7 Apr 2020 16:33:00 -0400 Subject: [PATCH 2/3] Remove LimitedPrivateKeySupported. All platforms support it now. --- .../EC/ECKeyFileTests.LimitedPrivate.cs | 56 +++++++++---------- .../ECDiffieHellman/ECDiffieHellmanFactory.cs | 2 - .../ECDiffieHellmanTests.ImportExport.cs | 3 - .../ECDsa/ECDsaFactory.cs | 2 - .../ECDsa/ECDsaImportExport.cs | 3 - .../DefaultECDiffieHellmanProvider.Unix.cs | 2 - .../DefaultECDiffieHellmanProvider.Windows.cs | 2 - .../tests/DefaultECDsaProvider.Unix.cs | 2 - .../tests/DefaultECDsaProvider.Windows.cs | 2 - .../tests/ECDiffieHellmanCngProvider.cs | 2 - .../tests/ECDsaCngProvider.cs | 2 - .../tests/EcDiffieHellmanOpenSslProvider.cs | 1 - .../tests/EcDsaOpenSslProvider.cs | 2 - 13 files changed, 26 insertions(+), 55 deletions(-) diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.LimitedPrivate.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.LimitedPrivate.cs index f85c8ce246618..ee534fd9cc40d 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.LimitedPrivate.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.LimitedPrivate.cs @@ -10,14 +10,13 @@ namespace System.Security.Cryptography.Tests { public abstract partial class ECKeyFileTests { - private static bool LimitedPrivateKeySupported { get; } = EcDiffieHellman.Tests.ECDiffieHellmanFactory.LimitedPrivateKeySupported; private const int NTE_PERM = unchecked((int)0x80090010); [Fact] [PlatformSpecific(TestPlatforms.Windows)] public void ReadWriteNistP256_PreservesKeyUsage_Explicit_LimitedPrivate() { - if (!LimitedPrivateKeySupported || !SupportsExplicitCurves) + if (!SupportsExplicitCurves) { return; } @@ -49,7 +48,7 @@ public void ReadWriteNistP521Pkcs8_LimitedPrivate() f9ZNiwTM6lfv1ZYeaPM/q0NUUWbKZVPNOP9xPRKJxpi9fQhrVeAbW9XtJ+NjA3ax FmY="; - ReadWriteBase64Pkcs8(base64, EccTestData.GetNistP521Key2(), LimitedPrivateKeySupported); + ReadWriteBase64Pkcs8(base64, EccTestData.GetNistP521Key2()); } [Fact] @@ -69,8 +68,7 @@ public void ReadNistP521EncryptedPkcs8_Pbes2_Aes128_LimitedPrivateKey() PbeEncryptionAlgorithm.TripleDes3KeyPkcs12, HashAlgorithmName.SHA1, 12321), - EccTestData.GetNistP521Key2(), - LimitedPrivateKeySupported); + EccTestData.GetNistP521Key2()); } [Fact] @@ -90,8 +88,7 @@ public void ReadNistP521EncryptedPkcs8_Pbes2_Aes128_LimitedPrivateKey_PasswordBy PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA1, 12321), - EccTestData.GetNistP521Key2(), - LimitedPrivateKeySupported); + EccTestData.GetNistP521Key2()); } [Fact] @@ -103,8 +100,7 @@ public void ReadWriteNistP256ECPrivateKey_LimitedPrivateKey() ReadWriteBase64ECPrivateKey( base64, - EccTestData.GetNistP256ReferenceKey(), - LimitedPrivateKeySupported); + EccTestData.GetNistP256ReferenceKey()); } [Fact] @@ -120,7 +116,7 @@ public void ReadWriteNistP256ExplicitECPrivateKey_LimitedPrivate() K84zV2sxXs7LtkBoN79R9QIhAP////8AAAAA//////////+85vqtpxeehPO5ysL8 YyVRAgEB", EccTestData.GetNistP256ReferenceKeyExplicit(), - LimitedPrivateKeySupported && SupportsExplicitCurves); + SupportsExplicitCurves); } [Fact] @@ -136,7 +132,7 @@ public void ReadWriteNistP256ExplicitPkcs8_LimitedPrivate() AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBCcwJQIBAQQgcKEsLbFoRe1W /2jPwhpHKz8E19aFG/Y0ny19WzRSs4o=", EccTestData.GetNistP256ReferenceKeyExplicit(), - LimitedPrivateKeySupported && SupportsExplicitCurves); + SupportsExplicitCurves); } [Fact] @@ -159,7 +155,7 @@ public void ReadWriteNistP256ExplicitEncryptedPkcs8_LimitedPrivate() HashAlgorithmName.SHA256, 1234), EccTestData.GetNistP256ReferenceKeyExplicit(), - LimitedPrivateKeySupported && SupportsExplicitCurves); + SupportsExplicitCurves); } [Fact] @@ -168,7 +164,7 @@ public void ReadWriteBrainpoolKey1ECPrivateKey_LimitedPrivate() ReadWriteBase64ECPrivateKey( "MCYCAQEEFMXZRFR94RXbJYjcb966O0c+nE2WoAsGCSskAwMCCAEBAQ==", EccTestData.BrainpoolP160r1Key1, - SupportsBrainpool && LimitedPrivateKeySupported); + SupportsBrainpool); } [Fact] @@ -179,7 +175,7 @@ public void ReadWriteBrainpoolKey1Pkcs8_LimitedPrivate() MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBBswGQIBAQQUxdlEVH3hFdsliNxv 3ro7Rz6cTZY=", EccTestData.BrainpoolP160r1Key1, - SupportsBrainpool && LimitedPrivateKeySupported); + SupportsBrainpool); } [Fact] @@ -197,7 +193,7 @@ public void ReadWriteBrainpoolKey1EncryptedPkcs8_LimitedPrivate() HashAlgorithmName.SHA384, 4096), EccTestData.BrainpoolP160r1Key1, - SupportsBrainpool && LimitedPrivateKeySupported); + SupportsBrainpool); } [Fact] @@ -206,7 +202,7 @@ public void ReadWriteSect163k1Key1ECPrivateKey_LimitedPrivate() ReadWriteBase64ECPrivateKey( "MCMCAQEEFQPBmVrfrowFGNwT3+YwS7AQF+akEqAHBgUrgQQAAQ==", EccTestData.Sect163k1Key1, - SupportsSect163k1 && LimitedPrivateKeySupported); + SupportsSect163k1); } [Fact] @@ -217,7 +213,7 @@ public void ReadWriteSect163k1Key1Pkcs8_LimitedPrivate() MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUDwZla366MBRjcE9/mMEuw EBfmpBI=", EccTestData.Sect163k1Key1, - SupportsSect163k1 && LimitedPrivateKeySupported); + SupportsSect163k1); } [Fact] @@ -231,7 +227,7 @@ public void ReadWriteSect163k1Key1ExplicitECPrivateKey_LimitedPrivate() XlyU7ugCiQcPsF04/1gyHy6ABTbVOMzao9kCFQQAAAAAAAAAAAACAQii4MwNmfil 7wIBAg==", EccTestData.Sect163k1Key1Explicit, - SupportsSect163k1 && LimitedPrivateKeySupported); + SupportsSect163k1); } [Fact] @@ -245,7 +241,7 @@ public void ReadWriteSect163k1Key1ExplicitPkcs8_LimitedPrivate() Mh8ugAU21TjM2qPZAhUEAAAAAAAAAAAAAgEIouDMDZn4pe8CAQIEHDAaAgEBBBUD wZla366MBRjcE9/mMEuwEBfmpBI=", EccTestData.Sect163k1Key1Explicit, - SupportsSect163k1 && LimitedPrivateKeySupported); + SupportsSect163k1); } [Fact] @@ -263,7 +259,7 @@ public void ReadWriteSect163k1Key1EncryptedPkcs8_LimitedPrivate() HashAlgorithmName.SHA256, 7), EccTestData.Sect163k1Key1, - SupportsSect163k1 && LimitedPrivateKeySupported); + SupportsSect163k1); } [Fact] @@ -284,7 +280,7 @@ public void ReadWriteSect163k1Key1ExplicitEncryptedPkcs8_LimitedPrivate() HashAlgorithmName.SHA256, 7), EccTestData.Sect163k1Key1Explicit, - SupportsSect163k1 && LimitedPrivateKeySupported); + SupportsSect163k1); } [Fact] @@ -295,7 +291,7 @@ public void ReadWriteSect283k1Key1ECPrivateKey_LimitedPrivate() MDICAQEEJAC08a4ef9zUsOggU8CKkIhSsmIx5sAWcPzGw+osXT/tQO3wN6AHBgUr gQQAEA==", EccTestData.Sect283k1Key1, - SupportsSect283k1 && LimitedPrivateKeySupported); + SupportsSect283k1); } [Fact] @@ -309,7 +305,7 @@ public void ReadWriteC2pnb163v1ExplicitECPrivateKey_LimitedPrivate() VhUXVAQrBAevaZiVRhA9eTKfzD10iA8zu+gDywHsIyEbWWat6h0/h/fqWEiu8LfK nwIVBAAAAAAAAAAAAAHmD8iCHMdNrq/BAgEC", EccTestData.C2pnb163v1Key1Explicit, - SupportsC2pnb163v1 && LimitedPrivateKeySupported); + SupportsC2pnb163v1); } [Fact] @@ -323,7 +319,7 @@ public void ReadWriteC2pnb163v1ExplicitPkcs8_LimitedPrivate() PXkyn8w9dIgPM7voA8sB7CMhG1lmreodP4f36lhIrvC3yp8CFQQAAAAAAAAAAAAB 5g/IghzHTa6vwQIBAgQcMBoCAQEEFQD00koUBxIvRFlnvh2TwAk6ZTZ5hg==", EccTestData.C2pnb163v1Key1Explicit, - SupportsC2pnb163v1 && LimitedPrivateKeySupported); + SupportsC2pnb163v1); } [Fact] @@ -344,7 +340,7 @@ public void ReadWriteC2pnb163v1ExplicitEncryptedPkcs8_LimitedPrivate() HashAlgorithmName.SHA256, 7), EccTestData.C2pnb163v1Key1Explicit, - SupportsC2pnb163v1 && LimitedPrivateKeySupported); + SupportsC2pnb163v1); } [Fact] @@ -355,7 +351,7 @@ public void ReadWriteSect283k1Key1Pkcs8_LimitedPrivate() MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQAtPGuHn/c1LDoIFPAipCI UrJiMebAFnD8xsPqLF0/7UDt8Dc=", EccTestData.Sect283k1Key1, - SupportsSect283k1 && LimitedPrivateKeySupported); + SupportsSect283k1); } [Fact] @@ -373,7 +369,7 @@ public void ReadWriteSect283k1Key1EncryptedPkcs8_LimitedPrivate() HashAlgorithmName.SHA384, 4096), EccTestData.Sect283k1Key1, - SupportsSect283k1 && LimitedPrivateKeySupported); + SupportsSect283k1); } [Fact] @@ -382,7 +378,7 @@ public void ReadWriteC2pnb163v1ECPrivateKey_LimitedPrivate() ReadWriteBase64ECPrivateKey( "MCYCAQEEFQD00koUBxIvRFlnvh2TwAk6ZTZ5hqAKBggqhkjOPQMAAQ==", EccTestData.C2pnb163v1Key1, - SupportsC2pnb163v1 && LimitedPrivateKeySupported); + SupportsC2pnb163v1); } [Fact] @@ -393,7 +389,7 @@ public void ReadWriteC2pnb163v1Pkcs8_LimitedPrivate() MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEEHDAaAgEBBBUA9NJKFAcSL0RZZ74d k8AJOmU2eYY=", EccTestData.C2pnb163v1Key1, - SupportsC2pnb163v1 && LimitedPrivateKeySupported); + SupportsC2pnb163v1); } [Fact] @@ -411,7 +407,7 @@ public void ReadWriteC2pnb163v1EncryptedPkcs8_LimitedPrivate() HashAlgorithmName.SHA512, 1024), EccTestData.C2pnb163v1Key1, - SupportsC2pnb163v1 && LimitedPrivateKeySupported); + SupportsC2pnb163v1); } } } diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanFactory.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanFactory.cs index c0b6fb508afa5..41718a92a7843 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanFactory.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanFactory.cs @@ -13,7 +13,6 @@ public interface IECDiffieHellmanProvider #endif bool IsCurveValid(Oid oid); bool ExplicitCurvesSupported { get; } - bool LimitedPrivateKeySupported { get; } } public static partial class ECDiffieHellmanFactory @@ -41,6 +40,5 @@ public static bool IsCurveValid(Oid oid) } public static bool ExplicitCurvesSupported => s_provider.ExplicitCurvesSupported; - public static bool LimitedPrivateKeySupported => s_provider.LimitedPrivateKeySupported; } } diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanTests.ImportExport.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanTests.ImportExport.cs index 085305d445e4d..10ca458604296 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanTests.ImportExport.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanTests.ImportExport.cs @@ -389,9 +389,6 @@ public static void ExportIncludingPrivateOnPublicOnlyKey() [Fact] public static void ImportFromPrivateOnlyKey() { - if (!ECDiffieHellmanFactory.LimitedPrivateKeySupported) - return; - byte[] expectedX = "00d45615ed5d37fde699610a62cd43ba76bedd8f85ed31005fe00d6450fbbd101291abd96d4945a8b57bc73b3fe9f4671105309ec9b6879d0551d930dac8ba45d255".HexToByteArray(); byte[] expectedY = "01425332844e592b440c0027972ad1526431c06732df19cd46a242172d4dd67c2c8c99dfc22e49949a56cf90c6473635ce82f25b33682fb19bc33bd910ed8ce3a7fa".HexToByteArray(); diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaFactory.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaFactory.cs index fe65d17420212..221ad59486b2e 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaFactory.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaFactory.cs @@ -13,7 +13,6 @@ public interface IECDsaProvider #endif bool IsCurveValid(Oid oid); bool ExplicitCurvesSupported { get; } - bool LimitedPrivateKeySupported { get; } } public static partial class ECDsaFactory @@ -41,6 +40,5 @@ public static bool IsCurveValid(Oid oid) } public static bool ExplicitCurvesSupported => s_provider.ExplicitCurvesSupported; - public static bool LimitedPrivateKeySupported => s_provider.LimitedPrivateKeySupported; } } diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaImportExport.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaImportExport.cs index ee0eeef043f25..7cecc275506f0 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaImportExport.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaImportExport.cs @@ -323,9 +323,6 @@ public static void ExportIncludingPrivateOnPublicOnlyKey() [Fact] public static void ImportFromPrivateOnlyKey() { - if (!ECDsaFactory.LimitedPrivateKeySupported) - return; - byte[] expectedX = "00d45615ed5d37fde699610a62cd43ba76bedd8f85ed31005fe00d6450fbbd101291abd96d4945a8b57bc73b3fe9f4671105309ec9b6879d0551d930dac8ba45d255".HexToByteArray(); byte[] expectedY = "01425332844e592b440c0027972ad1526431c06732df19cd46a242172d4dd67c2c8c99dfc22e49949a56cf90c6473635ce82f25b33682fb19bc33bd910ed8ce3a7fa".HexToByteArray(); diff --git a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Unix.cs b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Unix.cs index 38310d93160ce..21c3c5016e9fb 100644 --- a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Unix.cs +++ b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Unix.cs @@ -35,8 +35,6 @@ public bool ExplicitCurvesSupported } } - public bool LimitedPrivateKeySupported => true; - private static bool IsValueOrFriendlyNameValid(string friendlyNameOrValue) { if (string.IsNullOrEmpty(friendlyNameOrValue)) diff --git a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Windows.cs b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Windows.cs index 5849b8b11f190..fdd5e11c733f3 100644 --- a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Windows.cs +++ b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDiffieHellmanProvider.Windows.cs @@ -23,8 +23,6 @@ public bool ExplicitCurvesSupported } } - public bool LimitedPrivateKeySupported => true; - private static bool NativeOidFriendlyNameExists(string oidFriendlyName) { if (string.IsNullOrEmpty(oidFriendlyName)) diff --git a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Unix.cs b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Unix.cs index 04ed59b320798..db573a6cd03a2 100644 --- a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Unix.cs +++ b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Unix.cs @@ -35,8 +35,6 @@ public bool ExplicitCurvesSupported } } - public bool LimitedPrivateKeySupported => true; - private static bool IsValueOrFriendlyNameValid(string friendlyNameOrValue) { if (string.IsNullOrEmpty(friendlyNameOrValue)) diff --git a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Windows.cs b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Windows.cs index 6b82d2b107e8f..981da0ddb45be 100644 --- a/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Windows.cs +++ b/src/libraries/System.Security.Cryptography.Algorithms/tests/DefaultECDsaProvider.Windows.cs @@ -22,8 +22,6 @@ public bool ExplicitCurvesSupported } } - public bool LimitedPrivateKeySupported => true; - private static bool NativeOidFriendlyNameExists(string oidFriendlyName) { if (string.IsNullOrEmpty(oidFriendlyName)) diff --git a/src/libraries/System.Security.Cryptography.Cng/tests/ECDiffieHellmanCngProvider.cs b/src/libraries/System.Security.Cryptography.Cng/tests/ECDiffieHellmanCngProvider.cs index 8cfd7a4e7d377..1942f26a11a2b 100644 --- a/src/libraries/System.Security.Cryptography.Cng/tests/ECDiffieHellmanCngProvider.cs +++ b/src/libraries/System.Security.Cryptography.Cng/tests/ECDiffieHellmanCngProvider.cs @@ -37,8 +37,6 @@ public bool ExplicitCurvesSupported } } - public bool LimitedPrivateKeySupported => true; - private static bool NativeOidFriendlyNameExists(string oidFriendlyName) { if (string.IsNullOrEmpty(oidFriendlyName)) diff --git a/src/libraries/System.Security.Cryptography.Cng/tests/ECDsaCngProvider.cs b/src/libraries/System.Security.Cryptography.Cng/tests/ECDsaCngProvider.cs index 200c61070ab8d..b0dc50297f24d 100644 --- a/src/libraries/System.Security.Cryptography.Cng/tests/ECDsaCngProvider.cs +++ b/src/libraries/System.Security.Cryptography.Cng/tests/ECDsaCngProvider.cs @@ -37,8 +37,6 @@ public bool ExplicitCurvesSupported } } - public bool LimitedPrivateKeySupported => true; - private static bool NativeOidFriendlyNameExists(string oidFriendlyName) { if (string.IsNullOrEmpty(oidFriendlyName)) diff --git a/src/libraries/System.Security.Cryptography.OpenSsl/tests/EcDiffieHellmanOpenSslProvider.cs b/src/libraries/System.Security.Cryptography.OpenSsl/tests/EcDiffieHellmanOpenSslProvider.cs index 8903cf8bd063a..44c7fcb519616 100644 --- a/src/libraries/System.Security.Cryptography.OpenSsl/tests/EcDiffieHellmanOpenSslProvider.cs +++ b/src/libraries/System.Security.Cryptography.OpenSsl/tests/EcDiffieHellmanOpenSslProvider.cs @@ -26,7 +26,6 @@ public ECDiffieHellman Create(ECCurve curve) public bool IsCurveValid(Oid oid) => _ecdsaProvider.IsCurveValid(oid); public bool ExplicitCurvesSupported => _ecdsaProvider.ExplicitCurvesSupported; - public bool LimitedPrivateKeySupported => _ecdsaProvider.LimitedPrivateKeySupported; } public partial class ECDiffieHellmanFactory diff --git a/src/libraries/System.Security.Cryptography.OpenSsl/tests/EcDsaOpenSslProvider.cs b/src/libraries/System.Security.Cryptography.OpenSsl/tests/EcDsaOpenSslProvider.cs index 3cb4095462504..a78cf83145371 100644 --- a/src/libraries/System.Security.Cryptography.OpenSsl/tests/EcDsaOpenSslProvider.cs +++ b/src/libraries/System.Security.Cryptography.OpenSsl/tests/EcDsaOpenSslProvider.cs @@ -54,8 +54,6 @@ public bool ExplicitCurvesSupported return true; } } - - public bool LimitedPrivateKeySupported => true; } public partial class ECDsaFactory From 4ca8408fad9be7759ed4ff99aff9fe12076afa5b Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Tue, 7 Apr 2020 16:37:10 -0400 Subject: [PATCH 3/3] Fix exception message. --- .../src/Resources/Strings.resx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libraries/System.Security.Cryptography.Algorithms/src/Resources/Strings.resx b/src/libraries/System.Security.Cryptography.Algorithms/src/Resources/Strings.resx index 878856832fbab..62cbc37cc8716 100644 --- a/src/libraries/System.Security.Cryptography.Algorithms/src/Resources/Strings.resx +++ b/src/libraries/System.Security.Cryptography.Algorithms/src/Resources/Strings.resx @@ -163,7 +163,7 @@ The specified Oid is not valid. The Oid.FriendlyName or Oid.Value property must be set. - The specified key parameters are not valid. Q.X and Q.Y are required fields. Q.X, Q.Y must be the same length. If D is specified it must be the same length as Q.X and Q.Y for named curves or the same length as Order for explicit curves. + The specified key parameters are not valid. Q.X and Q.Y, or D, must be specified. Q.X, Q.Y must be the same length. If D is specified it must be the same length as Q.X and Q.Y if also specified for named curves or the same length as Order for explicit curves. The specified DSA parameters are not valid; P, Q, G and Y are all required.