public static bool SupportsRsaOaepCerts => PlatformDetection.IsWindows;
[Fact]
+ public static void DefaultEncryptionAlgorithm()
+ {
+ EnvelopedCms cms1 = new EnvelopedCms();
+ EnvelopedCms cms2 = new EnvelopedCms(new ContentInfo(Array.Empty<byte>()));
+
+ string[] supportedAlgorithms;
+
+ // net48 changes the default to AES-256-CBC, older versions (and quirk) are
+ // DES3-EDE-CBC
+ if (PlatformDetection.IsFullFramework)
+ {
+ supportedAlgorithms = new[] { Oids.TripleDesCbc, Oids.Aes256 };
+ }
+ else
+ {
+ supportedAlgorithms = new[] { Oids.Aes256 };
+ }
+
+ Assert.Contains(cms1.ContentEncryptionAlgorithm.Oid.Value, supportedAlgorithms);
+ Assert.Contains(cms2.ContentEncryptionAlgorithm.Oid.Value, supportedAlgorithms);
+ }
+
+ [Fact]
public static void DecodeVersion0_RoundTrip()
{
ContentInfo contentInfo = new ContentInfo(new byte[] { 1, 2, 3 });
public static void DecodeRecipients3_RoundTrip()
{
ContentInfo contentInfo = new ContentInfo(new byte[] { 1, 2, 3 });
- EnvelopedCms ecms = new EnvelopedCms(contentInfo);
+ EnvelopedCms ecms = new EnvelopedCms(contentInfo, KeyAgreeRecipientInfoTests.TripleDesAlgId);
CmsRecipientCollection recipients = new CmsRecipientCollection();
foreach (X509Certificate2 cert in s_certs)
{
{
public static partial class KeyAgreeRecipientInfoTests
{
+ internal static readonly AlgorithmIdentifier TripleDesAlgId =
+ new AlgorithmIdentifier(new Oid(Oids.TripleDesCbc, null));
+
public static bool SupportsDiffieHellman => PlatformDetection.IsWindows;
public static bool DoesNotSupportDiffieHellman => !SupportsDiffieHellman;
private static KeyAgreeRecipientInfo EncodeKeyAgreel(SubjectIdentifierType type = SubjectIdentifierType.IssuerAndSerialNumber)
{
ContentInfo contentInfo = new ContentInfo(new byte[] { 1, 2, 3 });
- EnvelopedCms ecms = new EnvelopedCms(contentInfo);
+ EnvelopedCms ecms = new EnvelopedCms(contentInfo, TripleDesAlgId);
using (X509Certificate2 cert = Certificates.DHKeyAgree1.GetCertificate())
{
CmsRecipient cmsRecipient = new CmsRecipient(type, cert);