Add tests for exercising certificates with platform provider keys

src/libraries/System.Security.Cryptography/tests/X509Certificates/CertTests.cs

@@ -571,6 +571,86 @@ public static void SignatureAlgorithmOidReadableForGostCertificate()
             }
         }
 
+        [ConditionalFact(typeof(PlatformSupport), nameof(PlatformSupport.PlatformCryptoProviderFunctional))]
+        [OuterLoop("Hardware backed key generation takes several seconds.")]
+        public static void CreateCertificate_MicrosoftPlatformCryptoProvider_EcdsaKey()
+        {
+             CngKey key = null;
+
+            try
+            {
+                CngKeyCreationParameters cngCreationParameters = new CngKeyCreationParameters
+                {
+                    Provider = CngProvider.MicrosoftPlatformCryptoProvider,
+                    KeyCreationOptions = CngKeyCreationOptions.OverwriteExistingKey,
+                };
+
+                key = CngKey.Create(
+                    CngAlgorithm.ECDsaP384,
+                    nameof(CreateCertificate_MicrosoftPlatformCryptoProvider_EcdsaKey),
+                    cngCreationParameters);
+
+                using (ECDsaCng ecdsa = new ECDsaCng(key))
+                {
+                    CertificateRequest req = new CertificateRequest("CN=potato", ecdsa, HashAlgorithmName.SHA256);
+
+                    using (X509Certificate2 cert = req.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow))
+                    using (ECDsa certKey = cert.GetECDsaPrivateKey())
+                    {
+                        Assert.NotNull(certKey);
+                        byte[] data = new byte[] { 12, 11, 02, 08, 25, 14, 11, 18, 16 };
+                        byte[] signature = certKey.SignData(data, HashAlgorithmName.SHA256);
+                        bool valid = ecdsa.VerifyData(data, signature, HashAlgorithmName.SHA256);
+                        Assert.True(valid, "valid signature");
+                    }
+                }
+            }
+            finally
+            {
+                key?.Delete();
+            }
+        }
+
+        [ConditionalFact(typeof(PlatformSupport), nameof(PlatformSupport.PlatformCryptoProviderFunctional))]
+        [OuterLoop("Hardware backed key generation takes several seconds.")]
+        public static void CreateCertificate_MicrosoftPlatformCryptoProvider_RsaKey()
+        {
+             CngKey key = null;
+
+            try
+            {
+                CngKeyCreationParameters cngCreationParameters = new CngKeyCreationParameters
+                {
+                    Provider = CngProvider.MicrosoftPlatformCryptoProvider,
+                    KeyCreationOptions = CngKeyCreationOptions.OverwriteExistingKey,
+                };
+
+                key = CngKey.Create(
+                    CngAlgorithm.Rsa,
+                    nameof(CreateCertificate_MicrosoftPlatformCryptoProvider_RsaKey),
+                    cngCreationParameters);
+
+                using (RSACng rsa = new RSACng(key))
+                {
+                    CertificateRequest req = new CertificateRequest("CN=potato", rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
+
+                    using (X509Certificate2 cert = req.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow))
+                    using (RSA certKey = cert.GetRSAPrivateKey())
+                    {
+                        Assert.NotNull(certKey);
+                        byte[] data = new byte[] { 12, 11, 02, 08, 25, 14, 11, 18, 16 };
+                        byte[] signature = certKey.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
+                        bool valid = rsa.VerifyData(data, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
+                        Assert.True(valid, "valid signature");
+                    }
+                }
+            }
+            finally
+            {
+                key?.Delete();
+            }
+        }
+
         public static IEnumerable<object[]> StorageFlags => CollectionImportTests.StorageFlags;
     }
 }