[AndroidCrypto] Fix remaining Algorithms test failures. (#49501)

dotnet · Mar 16, 2021 · 707b903 · 707b903
1 parent 0a5ee51
commit 707b903
Show file tree

Hide file tree

Showing 8 changed files with 55 additions and 32 deletions.
diff --git a/...Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyFileTests.cs b/...Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyFileTests.cs
@@ -27,7 +27,7 @@ public static void UseAfterDispose_ImportedKey()
 
         private static void UseAfterDispose(bool importKey)
         {
-            DSA key = importKey ? DSAFactory.Create(DSATestData.GetDSA1024Params()) : DSAFactory.Create(512);
+            DSA key = importKey ? DSAFactory.Create(DSATestData.GetDSA1024Params()) : DSAFactory.Create(1024);
 
             byte[] pkcs8Private;
             byte[] pkcs8EncryptedPrivate;

diff --git a/...System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.LimitedPrivate.cs b/...System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.LimitedPrivate.cs
@@ -134,7 +134,7 @@ public void ReadWriteNistP256ExplicitPkcs8_LimitedPrivate()
 AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBCcwJQIBAQQgcKEsLbFoRe1W
 /2jPwhpHKz8E19aFG/Y0ny19WzRSs4o=",
                 EccTestData.GetNistP256ReferenceKeyExplicit(),
-                SupportsExplicitCurves);
+                SupportsExplicitCurves && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -177,7 +177,7 @@ public void ReadWriteBrainpoolKey1Pkcs8_LimitedPrivate()
 MDYCAQAwFAYHKoZIzj0CAQYJKyQDAwIIAQEBBBswGQIBAQQUxdlEVH3hFdsliNxv
 3ro7Rz6cTZY=",
                 EccTestData.BrainpoolP160r1Key1,
-                SupportsBrainpool);
+                SupportsBrainpool && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -195,7 +195,7 @@ public void ReadWriteBrainpoolKey1EncryptedPkcs8_LimitedPrivate()
                     HashAlgorithmName.SHA384,
                     4096),
                 EccTestData.BrainpoolP160r1Key1,
-                SupportsBrainpool);
+                SupportsBrainpool && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -204,7 +204,7 @@ public void ReadWriteSect163k1Key1ECPrivateKey_LimitedPrivate()
             ReadWriteBase64ECPrivateKey(
                 "MCMCAQEEFQPBmVrfrowFGNwT3+YwS7AQF+akEqAHBgUrgQQAAQ==",
                 EccTestData.Sect163k1Key1,
-                SupportsSect163k1 && CanDeriveNewPublicKey);
+                SupportsSect163k1Explicit && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -215,7 +215,7 @@ public void ReadWriteSect163k1Key1Pkcs8_LimitedPrivate()
 MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUDwZla366MBRjcE9/mMEuw
 EBfmpBI=",
                 EccTestData.Sect163k1Key1,
-                SupportsSect163k1);
+                SupportsSect163k1 && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -229,7 +229,7 @@ public void ReadWriteSect163k1Key1ExplicitECPrivateKey_LimitedPrivate()
 XlyU7ugCiQcPsF04/1gyHy6ABTbVOMzao9kCFQQAAAAAAAAAAAACAQii4MwNmfil
 7wIBAg==",
                 EccTestData.Sect163k1Key1Explicit,
-                SupportsSect163k1 && CanDeriveNewPublicKey);
+                SupportsSect163k1Explicit && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -243,7 +243,7 @@ public void ReadWriteSect163k1Key1ExplicitPkcs8_LimitedPrivate()
 Mh8ugAU21TjM2qPZAhUEAAAAAAAAAAAAAgEIouDMDZn4pe8CAQIEHDAaAgEBBBUD
 wZla366MBRjcE9/mMEuwEBfmpBI=",
                 EccTestData.Sect163k1Key1Explicit,
-                SupportsSect163k1);
+                SupportsSect163k1Explicit && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -261,7 +261,7 @@ public void ReadWriteSect163k1Key1EncryptedPkcs8_LimitedPrivate()
                     HashAlgorithmName.SHA256,
                     7),
                 EccTestData.Sect163k1Key1,
-                SupportsSect163k1);
+                SupportsSect163k1 && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -282,7 +282,7 @@ public void ReadWriteSect163k1Key1ExplicitEncryptedPkcs8_LimitedPrivate()
                     HashAlgorithmName.SHA256,
                     7),
                 EccTestData.Sect163k1Key1Explicit,
-                SupportsSect163k1);
+                SupportsSect163k1Explicit && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -307,7 +307,7 @@ public void ReadWriteC2pnb163v1ExplicitECPrivateKey_LimitedPrivate()
 VhUXVAQrBAevaZiVRhA9eTKfzD10iA8zu+gDywHsIyEbWWat6h0/h/fqWEiu8LfK
 nwIVBAAAAAAAAAAAAAHmD8iCHMdNrq/BAgEC",
                 EccTestData.C2pnb163v1Key1Explicit,
-                SupportsC2pnb163v1 && CanDeriveNewPublicKey);
+                SupportsC2pnb163v1Explicit && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -321,7 +321,7 @@ public void ReadWriteC2pnb163v1ExplicitPkcs8_LimitedPrivate()
 PXkyn8w9dIgPM7voA8sB7CMhG1lmreodP4f36lhIrvC3yp8CFQQAAAAAAAAAAAAB
 5g/IghzHTa6vwQIBAgQcMBoCAQEEFQD00koUBxIvRFlnvh2TwAk6ZTZ5hg==",
                 EccTestData.C2pnb163v1Key1Explicit,
-                SupportsC2pnb163v1);
+                SupportsC2pnb163v1Explicit && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -342,7 +342,7 @@ public void ReadWriteC2pnb163v1ExplicitEncryptedPkcs8_LimitedPrivate()
                     HashAlgorithmName.SHA256,
                     7),
                 EccTestData.C2pnb163v1Key1Explicit,
-                SupportsC2pnb163v1);
+                SupportsC2pnb163v1Explicit && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -353,7 +353,7 @@ public void ReadWriteSect283k1Key1Pkcs8_LimitedPrivate()
 MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQAtPGuHn/c1LDoIFPAipCI
 UrJiMebAFnD8xsPqLF0/7UDt8Dc=",
                 EccTestData.Sect283k1Key1,
-                SupportsSect283k1);
+                SupportsSect283k1 && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -371,7 +371,7 @@ public void ReadWriteSect283k1Key1EncryptedPkcs8_LimitedPrivate()
                     HashAlgorithmName.SHA384,
                     4096),
                 EccTestData.Sect283k1Key1,
-                SupportsSect283k1);
+                SupportsSect283k1 && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -391,7 +391,7 @@ public void ReadWriteC2pnb163v1Pkcs8_LimitedPrivate()
 MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEEHDAaAgEBBBUA9NJKFAcSL0RZZ74d
 k8AJOmU2eYY=",
                 EccTestData.C2pnb163v1Key1,
-                SupportsC2pnb163v1);
+                SupportsC2pnb163v1 && CanDeriveNewPublicKey);
         }
 
         [Fact]
@@ -409,7 +409,7 @@ public void ReadWriteC2pnb163v1EncryptedPkcs8_LimitedPrivate()
                     HashAlgorithmName.SHA512,
                     1024),
                 EccTestData.C2pnb163v1Key1,
-                SupportsC2pnb163v1);
+                SupportsC2pnb163v1 && CanDeriveNewPublicKey);
         }
     }
 }
diff --git a/...s/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs b/...s/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyFileTests.cs
@@ -20,17 +20,22 @@ public abstract partial class ECKeyFileTests<T> where T : AsymmetricAlgorithm
         protected abstract void Exercise(T key);
         protected virtual Func<T, byte[]> PublicKeyWriteArrayFunc { get; } = null;
         protected virtual WriteKeyToSpanFunc PublicKeyWriteSpanFunc { get; } = null;
+
+        // This would need to be virtualized if there was ever a platform that
+        // allowed explicit in ECDH or ECDSA but not the other.
+        public static bool SupportsExplicitCurves { get; } = EcDiffieHellman.Tests.ECDiffieHellmanFactory.ExplicitCurvesSupported;
+
+        public static bool CanDeriveNewPublicKey { get; } = EcDiffieHellman.Tests.ECDiffieHellmanFactory.CanDeriveNewPublicKey;
 
         public static bool SupportsBrainpool { get; } = IsCurveSupported(ECCurve.NamedCurves.brainpoolP160r1.Oid);
         public static bool SupportsSect163k1 { get; } = IsCurveSupported(EccTestData.Sect163k1Key1.Curve.Oid);
         public static bool SupportsSect283k1 { get; } = IsCurveSupported(EccTestData.Sect283k1Key1.Curve.Oid);
         public static bool SupportsC2pnb163v1 { get; } = IsCurveSupported(EccTestData.C2pnb163v1Key1.Curve.Oid);
 
-        // This would need to be virtualized if there was ever a platform that
-        // allowed explicit in ECDH or ECDSA but not the other.
-        public static bool SupportsExplicitCurves { get; } = EcDiffieHellman.Tests.ECDiffieHellmanFactory.ExplicitCurvesSupported;
-
-        public static bool CanDeriveNewPublicKey { get; } = EcDiffieHellman.Tests.ECDiffieHellmanFactory.CanDeriveNewPublicKey;
+        // Some platforms support explicitly specifying these curves, but do not support specifying them by name.
+        public static bool ExplicitNamedSameSupport { get; } = !PlatformDetection.IsAndroid;
+        public static bool SupportsSect163k1Explicit { get; } = SupportsSect163k1 || (!ExplicitNamedSameSupport && SupportsExplicitCurves);
+        public static bool SupportsC2pnb163v1Explicit { get; } = SupportsC2pnb163v1 || (!ExplicitNamedSameSupport && SupportsExplicitCurves);
 
         private static bool IsCurveSupported(Oid oid)
         {
@@ -421,7 +426,7 @@ public void ReadWriteSect163k1Key1ExplicitECPrivateKey()
 4MwNmfil7wIBAqEuAywABAYXnjcZzIElQ1/mRYnV/KbcGIdVHQeI/rti/8kkjYs5
 iv4+C1w8ArP+Nw==",
                 EccTestData.Sect163k1Key1Explicit,
-                SupportsSect163k1);
+                SupportsSect163k1Explicit);
         }
 
         [Fact]
@@ -435,7 +440,7 @@ public void ReadWriteSect163k1Key1ExplicitPkcs8()
 SgIBAQQVA8GZWt+ujAUY3BPf5jBLsBAX5qQSoS4DLAAEBheeNxnMgSVDX+ZFidX8
 ptwYh1UdB4j+u2L/ySSNizmK/j4LXDwCs/43",
                 EccTestData.Sect163k1Key1Explicit,
-                SupportsSect163k1);
+                SupportsSect163k1Explicit);
         }
 
         [Fact]
@@ -455,7 +460,7 @@ public void ReadWriteSect163k1Key1ExplicitEncryptedPkcs8()
                     HashAlgorithmName.SHA256,
                     12),
                 EccTestData.Sect163k1Key1Explicit,
-                SupportsSect163k1);
+                SupportsSect163k1Explicit);
         }
 
         [Fact]
@@ -468,7 +473,7 @@ public void ReadWriteSect163k1Key1ExplicitSubjectPublicKeyInfo()
 XTj/WDIfLoAFNtU4zNqj2QIVBAAAAAAAAAAAAAIBCKLgzA2Z+KXvAgECAywABAYX
 njcZzIElQ1/mRYnV/KbcGIdVHQeI/rti/8kkjYs5iv4+C1w8ArP+Nw==",
                 EccTestData.Sect163k1Key1Explicit,
-                SupportsSect163k1);
+                SupportsSect163k1Explicit);
         }
 
         [Fact]
@@ -589,7 +594,7 @@ public void ReadWriteC2pnb163v1ExplicitECPrivateKey()
 nwIVBAAAAAAAAAAAAAHmD8iCHMdNrq/BAgECoS4DLAAEAhEnLxxVgkJoiOkb1pJX
 dJQjIkiqBCcIMPehAJrWcKiN6SvVkkjMgTtF",
                 EccTestData.C2pnb163v1Key1Explicit,
-                SupportsC2pnb163v1);
+                SupportsC2pnb163v1Explicit);
         }
 
         [Fact]
@@ -604,7 +609,7 @@ public void ReadWriteC2pnb163v1ExplicitPkcs8()
 5g/IghzHTa6vwQIBAgRMMEoCAQEEFQD00koUBxIvRFlnvh2TwAk6ZTZ5hqEuAywA
 BAIRJy8cVYJCaIjpG9aSV3SUIyJIqgQnCDD3oQCa1nCojekr1ZJIzIE7RQ==",
                 EccTestData.C2pnb163v1Key1Explicit,
-                SupportsC2pnb163v1);
+                SupportsC2pnb163v1Explicit);
         }
 
         [Fact]
@@ -625,7 +630,7 @@ public void ReadWriteC2pnb163v1ExplicitEncryptedPkcs8()
                     HashAlgorithmName.SHA512,
                     1024),
                 EccTestData.C2pnb163v1Key1Explicit,
-                SupportsC2pnb163v1);
+                SupportsC2pnb163v1Explicit);
         }
 
         [Fact]
@@ -640,7 +645,7 @@ public void ReadWriteC2pnb163v1ExplicitSubjectPublicKeyInfo()
 HMdNrq/BAgECAywABAIRJy8cVYJCaIjpG9aSV3SUIyJIqgQnCDD3oQCa1nCojekr
 1ZJIzIE7RQ==",
                 EccTestData.C2pnb163v1Key1Explicit,
-                SupportsC2pnb163v1);
+                SupportsC2pnb163v1Explicit);
         }
 
         [Fact]

diff --git a/...ryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanTests.ImportExport.cs b/...ryptography/AlgorithmImplementations/ECDiffieHellman/ECDiffieHellmanTests.ImportExport.cs
@@ -154,6 +154,7 @@ public static void TestKeySizeCreateKey()
         }
 
         [Fact]
+        [PlatformSpecific(~TestPlatforms.Android)] // Android does not validate curve parameters
         public static void TestExplicitImportValidationNegative()
         {
             if (!ECDiffieHellmanFactory.ExplicitCurvesSupported)

diff --git a/...on/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaImportExport.cs b/...on/tests/System/Security/Cryptography/AlgorithmImplementations/ECDsa/ECDsaImportExport.cs
@@ -188,6 +188,7 @@ public static void TestKeySizeCreateKey()
         }
 
         [ConditionalFact(nameof(ECExplicitCurvesSupported))]
+        [PlatformSpecific(~TestPlatforms.Android)] // Android does not validate curve parameters
         public static void TestExplicitImportValidationNegative()
         {
             unchecked

diff --git a/...ibraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAXml.cs b/...ibraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAXml.cs
@@ -1340,7 +1340,7 @@ public static void FromInvalidXml()
         }
 
         [Fact]
-        [ActiveIssue("https://github.com/dotnet/runtime/issues/29515", TestPlatforms.OSX)]
+        [ActiveIssue("https://github.com/dotnet/runtime/issues/29515", TestPlatforms.OSX | TestPlatforms.Android)]
         public static void FromNonsenseXml()
         {
             // This is DiminishedDPParameters XML, but with a P that is way too long.

diff --git a/...libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_ecc_import_export.c b/...libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_ecc_import_export.c
@@ -341,6 +341,8 @@ static jobject AndroidCryptoNative_CreateKeyPairFromCurveParameters(
     return keyPair;
 }
 
+#define CURVE_NOT_SUPPORTED -1
+
 int32_t AndroidCryptoNative_EcKeyCreateByKeyParameters(EC_KEY** key,
                                                 const char* oid,
                                                 uint8_t* qx,
@@ -365,7 +367,7 @@ int32_t AndroidCryptoNative_EcKeyCreateByKeyParameters(EC_KEY** key,
     *key = AndroidCryptoNative_EcKeyCreateByOid(oid);
     if (*key == NULL)
     {
-        return FAIL;
+        return CURVE_NOT_SUPPORTED;
     }
 
     // Release the reference to the generated key pair. We're going to make our own with the explicit keys.

diff --git a/src/libraries/System.Security.Cryptography.Algorithms/tests/DSACreateTests.cs b/src/libraries/System.Security.Cryptography.Algorithms/tests/DSACreateTests.cs
@@ -13,8 +13,22 @@ public static class DSACreateTests
         public static bool SupportsFips186_3 => DSAFactory.SupportsFips186_3;
 
         [ConditionalTheory(nameof(SupportsKeyGeneration))]
+        [PlatformSpecific(~TestPlatforms.Android)] // Android only supports key sizes that are a multiple of 1024
         [InlineData(512)]
         [InlineData(960)]
+        public static void CreateWithKeysize_SmallKeys(int keySizeInBits)
+        {
+            using (DSA dsa = DSA.Create(keySizeInBits))
+            {
+                Assert.Equal(keySizeInBits, dsa.KeySize);
+
+                DSAParameters parameters = dsa.ExportParameters(false);
+                Assert.Equal(keySizeInBits, parameters.Y.Length << 3);
+                Assert.Equal(keySizeInBits, dsa.KeySize);
+            }
+        }
+
+        [ConditionalTheory(nameof(SupportsKeyGeneration))]
         [InlineData(1024)]
         public static void CreateWithKeysize(int keySizeInBits)
         {