Skip to content

Commit ee2051e

Browse files
DennisDyalloDennisDyallo
committed
tests: Added tests to verify that the private key data is cleared on disposal
1 parent 030bc36 commit ee2051e

File tree

3 files changed

+59
-9
lines changed

3 files changed

+59
-9
lines changed

Yubico.YubiKey/tests/unit/Yubico/YubiKey/Cryptography/Curve25519PrivateKeyTests.cs

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@
1313
// limitations under the License.
1414

1515
using System;
16+
using System.Linq;
1617
using System.Security.Cryptography;
1718
using Xunit;
1819
using Yubico.YubiKey.TestUtilities;
@@ -21,6 +22,20 @@ namespace Yubico.YubiKey.Cryptography;
2122

2223
public class Curve25519PrivateKeyTests
2324
{
25+
[Fact]
26+
public void Dispose_DisposesResources()
27+
{
28+
// Arrange
29+
var testKey = TestKeys.GetTestPrivateKey(KeyType.Ed25519);
30+
var privateKey = Curve25519PrivateKey.CreateFromPkcs8(testKey.EncodedKey);
31+
32+
// Act
33+
privateKey.Dispose();
34+
35+
// Assert all bytes are zero
36+
Assert.True(privateKey.PrivateKey.ToArray().All(b => b == 0));
37+
}
38+
2439
[Fact]
2540
public void CreateFromValue_CreatesInstance()
2641
{

Yubico.YubiKey/tests/unit/Yubico/YubiKey/Cryptography/ECPrivateKeyTests.cs

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,14 +2,27 @@
22
using System.Linq;
33
using System.Security.Cryptography;
44
using Xunit;
5-
using Yubico.YubiKey.Piv;
65
using Yubico.YubiKey.Piv.Converters;
76
using Yubico.YubiKey.TestUtilities;
87

98
namespace Yubico.YubiKey.Cryptography
109
{
1110
public class ECPrivateKeyTests
1211
{
12+
[Fact]
13+
public void Dispose_DisposesResources()
14+
{
15+
// Arrange
16+
using var rsa = ECDsa.Create();
17+
var parameters = rsa.ExportParameters(true);
18+
var privateKey = ECPrivateKey.CreateFromParameters(parameters);
19+
20+
// Act
21+
privateKey.Dispose();
22+
23+
// Assert all bytes are zero
24+
Assert.True(privateKey.Parameters.D?.All(b => b == 0) ?? true);
25+
}
1326

1427
[Fact]
1528
public void CreateFromPivEncoding_WithValidParameters_CreatesInstance()

Yubico.YubiKey/tests/unit/Yubico/YubiKey/Cryptography/RsaPrivateKeyTests.cs renamed to Yubico.YubiKey/tests/unit/Yubico/YubiKey/Cryptography/RSAPrivateKeyTests.cs

Lines changed: 30 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -12,16 +12,38 @@
1212
// See the License for the specific language governing permissions and
1313
// limitations under the License.
1414

15+
using System.Linq;
1516
using System.Security.Cryptography;
1617
using Xunit;
17-
using Yubico.YubiKey.Piv;
1818
using Yubico.YubiKey.Piv.Converters;
1919
using Yubico.YubiKey.TestUtilities;
2020

2121
namespace Yubico.YubiKey.Cryptography;
2222

23-
public class RsaPrivateKeyTests
23+
public class RSAPrivateKeyTests
2424
{
25+
[Fact]
26+
public void Dispose_DisposesResources()
27+
{
28+
// Arrange
29+
using var rsa = RSA.Create(2048);
30+
var parameters = rsa.ExportParameters(true);
31+
var privateKey = RSAPrivateKey.CreateFromParameters(parameters);
32+
33+
// Act
34+
privateKey.Dispose();
35+
36+
// Assert all bytes are zero
37+
Assert.True(privateKey.Parameters.Modulus?.All(b => b == 0) ?? true);
38+
Assert.True(privateKey.Parameters.Exponent?.All(b => b == 0) ?? true);
39+
Assert.True(privateKey.Parameters.P?.All(b => b == 0) ?? true);
40+
Assert.True(privateKey.Parameters.Q?.All(b => b == 0) ?? true);
41+
Assert.True(privateKey.Parameters.DP?.All(b => b == 0) ?? true);
42+
Assert.True(privateKey.Parameters.DQ?.All(b => b == 0) ?? true);
43+
Assert.True(privateKey.Parameters.InverseQ?.All(b => b == 0) ?? true);
44+
}
45+
46+
2547
[Fact]
2648
public void CreateFromPivEncoding_WithValidParameters_CreatesInstance()
2749
{
@@ -43,7 +65,7 @@ public void CreateFromPivEncoding_WithValidParameters_CreatesInstance()
4365
Assert.Equal(parameters.DQ, privateKeyParams.Parameters.DQ);
4466
Assert.Equal(parameters.InverseQ, privateKeyParams.Parameters.InverseQ);
4567
}
46-
68+
4769
[Fact]
4870
public void CreateFromPkcs8_WithValidParameters_CreatesInstance()
4971
{
@@ -65,14 +87,14 @@ public void CreateFromPkcs8_WithValidParameters_CreatesInstance()
6587
Assert.Equal(parameters.DQ, privateKeyParams.Parameters.DQ);
6688
Assert.Equal(parameters.InverseQ, privateKeyParams.Parameters.InverseQ);
6789
}
68-
90+
6991
[Fact]
7092
public void CreateFromRsaParameters_WithValidParameters_CreatesInstance()
7193
{
7294
// Arrange
7395
using var rsa = RSA.Create(2048);
7496
var parameters = rsa.ExportParameters(true);
75-
97+
7698
// Act
7799
var privateKeyParams = RSAPrivateKey.CreateFromParameters(parameters);
78100

@@ -84,10 +106,10 @@ public void CreateFromRsaParameters_WithValidParameters_CreatesInstance()
84106
Assert.Equal(parameters.DP, privateKeyParams.Parameters.DP);
85107
Assert.Equal(parameters.DQ, privateKeyParams.Parameters.DQ);
86108
Assert.Equal(parameters.InverseQ, privateKeyParams.Parameters.InverseQ);
87-
109+
88110
Assert.Equal(rsa.ExportPkcs8PrivateKey(), privateKeyParams.ExportPkcs8PrivateKey());
89111
}
90-
112+
91113
[Fact]
92114
public void CreateFromRsaParameters_WithCRTParameters_CreatesInstance()
93115
{
@@ -102,7 +124,7 @@ public void CreateFromRsaParameters_WithCRTParameters_CreatesInstance()
102124
DQ = parameters.DQ,
103125
InverseQ = parameters.InverseQ
104126
};
105-
127+
106128
// Act
107129
var privateKeyParams = RSAPrivateKey.CreateFromParameters(crtParameters);
108130

0 commit comments

Comments
 (0)