Refactored and added cryptographic import and export methods. This now includes support for binary, PKCS8, and PEM formatted imports and exports. (#88)

Author: MrMatthewLayton

Directory.Build.props

@@ -8,8 +8,8 @@
         <NeutralLanguage>en</NeutralLanguage>
         <Copyright>Copyright © ONIXLabs 2020</Copyright>
         <RepositoryUrl>https://github.com/onix-labs/onixlabs-dotnet</RepositoryUrl>
-        <Version>10.1.0</Version>
-        <PackageVersion>10.1.0</PackageVersion>
-        <AssemblyVersion>10.1.0</AssemblyVersion>
+        <Version>11.0.0</Version>
+        <PackageVersion>11.0.0</PackageVersion>
+        <AssemblyVersion>11.0.0</AssemblyVersion>
     </PropertyGroup>
 </Project>

OnixLabs.Security.Cryptography.UnitTests/EcdhKeyTests.cs

@@ -40,11 +40,11 @@ public void EcdhPkcs8RoundTripDeriveSharedSecretShouldProduceIdenticalSecrets()
         // Given
         using HashAlgorithm algorithm = SHA256.Create();
         PbeParameters parameters = new(PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, 10);
-        byte[] aliceExportedBytes = EcdhPrivateKey.Create().ExportPkcs8PrivateKey("AlicePassword", parameters);
-        byte[] bobExportedBytes = EcdhPrivateKey.Create().ExportPkcs8PrivateKey("BobPassword", parameters);
+        byte[] aliceExportedBytes = EcdhPrivateKey.Create().ExportPkcs8("AlicePassword", parameters);
+        byte[] bobExportedBytes = EcdhPrivateKey.Create().ExportPkcs8("BobPassword", parameters);
 
-        IEcdhPrivateKey alice = EcdhPrivateKey.ImportPkcs8PrivateKey(aliceExportedBytes, "AlicePassword");
-        IEcdhPrivateKey bob = EcdhPrivateKey.ImportPkcs8PrivateKey(bobExportedBytes, "BobPassword");
+        IEcdhPrivateKey alice = EcdhPrivateKey.ImportPkcs8(aliceExportedBytes, "AlicePassword");
+        IEcdhPrivateKey bob = EcdhPrivateKey.ImportPkcs8(bobExportedBytes, "BobPassword");
 
         // When
         Secret aliceSecret = alice.DeriveSharedSecret(bob.GetPublicKey());
@@ -53,4 +53,118 @@ public void EcdhPkcs8RoundTripDeriveSharedSecretShouldProduceIdenticalSecrets()
         // Then
         Assert.Equal(aliceSecret, bobSecret);
     }
+
+    [Fact(DisplayName = "EcdhPrivateKey should be exportable and importable")]
+    public void EcdhPrivateKeyShouldBeExportableAndImportable()
+    {
+        // Given
+        EcdhPrivateKey expected = EcdhPrivateKey.Create();
+
+        // When
+        byte[] privateKeyData = expected.Export();
+        EcdhPrivateKey actual = EcdhPrivateKey.Import(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdhPrivateKey should be exportable and importable as PEM")]
+    public void EcdhPrivateKeyShouldBeExportableAndImportableAsPem()
+    {
+        // Given
+        EcdhPrivateKey expected = EcdhPrivateKey.Create();
+
+        // When
+        string privateKeyData = expected.ExportPem();
+        EcdhPrivateKey actual = EcdhPrivateKey.ImportPem(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdhPrivateKey should be exportable and importable as PKCS8")]
+    public void EcdhPrivateKeyShouldBeExportableAndImportableAsPkcs8()
+    {
+        // Given
+        EcdhPrivateKey expected = EcdhPrivateKey.Create();
+
+        // When
+        byte[] privateKeyData = expected.ExportPkcs8();
+        EcdhPrivateKey actual = EcdhPrivateKey.ImportPkcs8(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdhPrivateKey should be exportable and importable as PKCS8 PEM")]
+    public void EcdhPrivateKeyShouldBeExportableAndImportableAsPkcs8Pem()
+    {
+        // Given
+        EcdhPrivateKey expected = EcdhPrivateKey.Create();
+
+        // When
+        string privateKeyData = expected.ExportPkcs8Pem();
+        EcdhPrivateKey actual = EcdhPrivateKey.ImportPem(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdhPrivateKey should be exportable and importable as encrypted PKCS8")]
+    public void EcdhPrivateKeyShouldBeExportableAndImportableAsEncryptedPkcs8()
+    {
+        // Given
+        EcdhPrivateKey expected = EcdhPrivateKey.Create();
+        PbeParameters parameters = new(PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, 10);
+
+        // When
+        byte[] privateKeyData = expected.ExportPkcs8("Password", parameters);
+        EcdhPrivateKey actual = EcdhPrivateKey.ImportPkcs8(privateKeyData, "Password");
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdhPrivateKey should be exportable and importable as encrypted PKCS8 PEM")]
+    public void EcdhPrivateKeyShouldBeExportableAndImportableAsEncryptedPkcs8Pem()
+    {
+        // Given
+        EcdhPrivateKey expected = EcdhPrivateKey.Create();
+        PbeParameters parameters = new(PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, 10);
+
+        // When
+        string privateKeyData = expected.ExportPkcs8Pem("Password", parameters);
+        EcdhPrivateKey actual = EcdhPrivateKey.ImportPem(privateKeyData, "Password");
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdhPublicKey should be exportable and importable")]
+    public void EcdhPublicKeyShouldBeExportableAndImportable()
+    {
+        // Given
+        EcdhPublicKey expected = EcdhPrivateKey.Create().GetPublicKey();
+
+        // When
+        byte[] privateKeyData = expected.Export();
+        EcdhPublicKey actual = EcdhPublicKey.Import(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdhPublicKey should be exportable and importable as PEM")]
+    public void EcdhPublicKeyShouldBeExportableAndImportableAsPem()
+    {
+        // Given
+        EcdhPublicKey expected = EcdhPrivateKey.Create().GetPublicKey();
+
+        // When
+        string privateKeyData = expected.ExportPem();
+        EcdhPublicKey actual = EcdhPublicKey.ImportPem(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
 }

OnixLabs.Security.Cryptography.UnitTests/EcdsaKeyTests.cs

@@ -49,8 +49,8 @@ public void EcdsaPkcs8RoundTripSignAndVerifyShouldSucceed()
         ReadOnlySpan<byte> data = Salt.CreateNonZero(2048).AsReadOnlySpan();
         using HashAlgorithm algorithm = SHA256.Create();
         PbeParameters parameters = new(PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, 10);
-        byte[] exportedPrivateKey = EcdsaPrivateKey.Create().ExportPkcs8PrivateKey("Password", parameters);
-        IEcdsaPrivateKey privateKey = EcdsaPrivateKey.ImportPkcs8PrivateKey(exportedPrivateKey, "Password");
+        byte[] exportedPrivateKey = EcdsaPrivateKey.Create().ExportPkcs8("Password", parameters);
+        IEcdsaPrivateKey privateKey = EcdsaPrivateKey.ImportPkcs8(exportedPrivateKey, "Password");
         IEcdsaPublicKey publicKey = privateKey.GetPublicKey();
 
         // When
@@ -59,4 +59,118 @@ public void EcdsaPkcs8RoundTripSignAndVerifyShouldSucceed()
         // Then
         Assert.True(publicKey.IsDataValid(signature, data, algorithm));
     }
+
+    [Fact(DisplayName = "EcdsaPrivateKey should be exportable and importable")]
+    public void EcdsaPrivateKeyShouldBeExportableAndImportable()
+    {
+        // Given
+        EcdsaPrivateKey expected = EcdsaPrivateKey.Create();
+
+        // When
+        byte[] privateKeyData = expected.Export();
+        EcdsaPrivateKey actual = EcdsaPrivateKey.Import(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdsaPrivateKey should be exportable and importable as PEM")]
+    public void EcdsaPrivateKeyShouldBeExportableAndImportableAsPem()
+    {
+        // Given
+        EcdsaPrivateKey expected = EcdsaPrivateKey.Create();
+
+        // When
+        string privateKeyData = expected.ExportPem();
+        EcdsaPrivateKey actual = EcdsaPrivateKey.ImportPem(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdsaPrivateKey should be exportable and importable as PKCS8")]
+    public void EcdsaPrivateKeyShouldBeExportableAndImportableAsPkcs8()
+    {
+        // Given
+        EcdsaPrivateKey expected = EcdsaPrivateKey.Create();
+
+        // When
+        byte[] privateKeyData = expected.ExportPkcs8();
+        EcdsaPrivateKey actual = EcdsaPrivateKey.ImportPkcs8(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdsaPrivateKey should be exportable and importable as PKCS8 PEM")]
+    public void EcdsaPrivateKeyShouldBeExportableAndImportableAsPkcs8Pem()
+    {
+        // Given
+        EcdsaPrivateKey expected = EcdsaPrivateKey.Create();
+
+        // When
+        string privateKeyData = expected.ExportPkcs8Pem();
+        EcdsaPrivateKey actual = EcdsaPrivateKey.ImportPem(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdsaPrivateKey should be exportable and importable as encrypted PKCS8")]
+    public void EcdsaPrivateKeyShouldBeExportableAndImportableAsEncryptedPkcs8()
+    {
+        // Given
+        EcdsaPrivateKey expected = EcdsaPrivateKey.Create();
+        PbeParameters parameters = new(PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, 10);
+
+        // When
+        byte[] privateKeyData = expected.ExportPkcs8("Password", parameters);
+        EcdsaPrivateKey actual = EcdsaPrivateKey.ImportPkcs8(privateKeyData, "Password");
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdsaPrivateKey should be exportable and importable as encrypted PKCS8 PEM")]
+    public void EcdsaPrivateKeyShouldBeExportableAndImportableAsEncryptedPkcs8Pem()
+    {
+        // Given
+        EcdsaPrivateKey expected = EcdsaPrivateKey.Create();
+        PbeParameters parameters = new(PbeEncryptionAlgorithm.Aes256Cbc, HashAlgorithmName.SHA256, 10);
+
+        // When
+        string privateKeyData = expected.ExportPkcs8Pem("Password", parameters);
+        EcdsaPrivateKey actual = EcdsaPrivateKey.ImportPem(privateKeyData, "Password");
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdsaPublicKey should be exportable and importable")]
+    public void EcdsaPublicKeyShouldBeExportableAndImportable()
+    {
+        // Given
+        EcdsaPublicKey expected = EcdsaPrivateKey.Create().GetPublicKey();
+
+        // When
+        byte[] privateKeyData = expected.Export();
+        EcdsaPublicKey actual = EcdsaPublicKey.Import(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
+
+    [Fact(DisplayName = "EcdsaPublicKey should be exportable and importable as PEM")]
+    public void EcdsaPublicKeyShouldBeExportableAndImportableAsPem()
+    {
+        // Given
+        EcdsaPublicKey expected = EcdsaPrivateKey.Create().GetPublicKey();
+
+        // When
+        string privateKeyData = expected.ExportPem();
+        EcdsaPublicKey actual = EcdsaPublicKey.ImportPem(privateKeyData);
+
+        // Then
+        Assert.Equal(expected, actual);
+    }
 }