diff options
Diffstat (limited to 'src/pkg/crypto/openpgp/packet')
22 files changed, 0 insertions, 3737 deletions
| diff --git a/src/pkg/crypto/openpgp/packet/Makefile b/src/pkg/crypto/openpgp/packet/Makefile deleted file mode 100644 index 0f0d94eb1..000000000 --- a/src/pkg/crypto/openpgp/packet/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2011 The Go Authors. All rights reserved. -# Use of this source code is governed by a BSD-style -# license that can be found in the LICENSE file. - -include ../../../../Make.inc - -TARG=crypto/openpgp/packet -GOFILES=\ -	compressed.go\ -	encrypted_key.go\ -	literal.go\ -	one_pass_signature.go\ -	packet.go\ -	private_key.go\ -	public_key.go\ -	reader.go\ -	signature.go\ -	symmetrically_encrypted.go\ -	symmetric_key_encrypted.go\ -	userid.go\ - -include ../../../../Make.pkg diff --git a/src/pkg/crypto/openpgp/packet/compressed.go b/src/pkg/crypto/openpgp/packet/compressed.go deleted file mode 100644 index 1c15c24c4..000000000 --- a/src/pkg/crypto/openpgp/packet/compressed.go +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"compress/flate" -	"compress/zlib" -	"crypto/openpgp/error" -	"io" -	"os" -	"strconv" -) - -// Compressed represents a compressed OpenPGP packet. The decompressed contents -// will contain more OpenPGP packets. See RFC 4880, section 5.6. -type Compressed struct { -	Body io.Reader -} - -func (c *Compressed) parse(r io.Reader) os.Error { -	var buf [1]byte -	_, err := readFull(r, buf[:]) -	if err != nil { -		return err -	} - -	switch buf[0] { -	case 1: -		c.Body = flate.NewReader(r) -	case 2: -		c.Body, err = zlib.NewReader(r) -	default: -		err = error.UnsupportedError("unknown compression algorithm: " + strconv.Itoa(int(buf[0]))) -	} - -	return err -} diff --git a/src/pkg/crypto/openpgp/packet/compressed_test.go b/src/pkg/crypto/openpgp/packet/compressed_test.go deleted file mode 100644 index 24fe501ed..000000000 --- a/src/pkg/crypto/openpgp/packet/compressed_test.go +++ /dev/null @@ -1,41 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"bytes" -	"encoding/hex" -	"os" -	"io/ioutil" -	"testing" -) - -func TestCompressed(t *testing.T) { -	packet, err := Read(readerFromHex(compressedHex)) -	if err != nil { -		t.Errorf("failed to read Compressed: %s", err) -		return -	} - -	c, ok := packet.(*Compressed) -	if !ok { -		t.Error("didn't find Compressed packet") -		return -	} - -	contents, err := ioutil.ReadAll(c.Body) -	if err != nil && err != os.EOF { -		t.Error(err) -		return -	} - -	expected, _ := hex.DecodeString(compressedExpectedHex) -	if !bytes.Equal(expected, contents) { -		t.Errorf("got:%x want:%x", contents, expected) -	} -} - -const compressedHex = "a3013b2d90c4e02b72e25f727e5e496a5e49b11e1700" -const compressedExpectedHex = "cb1062004d14c8fe636f6e74656e74732e0a" diff --git a/src/pkg/crypto/openpgp/packet/encrypted_key.go b/src/pkg/crypto/openpgp/packet/encrypted_key.go deleted file mode 100644 index b4730cbc9..000000000 --- a/src/pkg/crypto/openpgp/packet/encrypted_key.go +++ /dev/null @@ -1,168 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"big" -	"crypto/openpgp/elgamal" -	"crypto/openpgp/error" -	"crypto/rand" -	"crypto/rsa" -	"encoding/binary" -	"io" -	"os" -	"strconv" -) - -const encryptedKeyVersion = 3 - -// EncryptedKey represents a public-key encrypted session key. See RFC 4880, -// section 5.1. -type EncryptedKey struct { -	KeyId      uint64 -	Algo       PublicKeyAlgorithm -	CipherFunc CipherFunction // only valid after a successful Decrypt -	Key        []byte         // only valid after a successful Decrypt - -	encryptedMPI1, encryptedMPI2 []byte -} - -func (e *EncryptedKey) parse(r io.Reader) (err os.Error) { -	var buf [10]byte -	_, err = readFull(r, buf[:]) -	if err != nil { -		return -	} -	if buf[0] != encryptedKeyVersion { -		return error.UnsupportedError("unknown EncryptedKey version " + strconv.Itoa(int(buf[0]))) -	} -	e.KeyId = binary.BigEndian.Uint64(buf[1:9]) -	e.Algo = PublicKeyAlgorithm(buf[9]) -	switch e.Algo { -	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly: -		e.encryptedMPI1, _, err = readMPI(r) -	case PubKeyAlgoElGamal: -		e.encryptedMPI1, _, err = readMPI(r) -		if err != nil { -			return -		} -		e.encryptedMPI2, _, err = readMPI(r) -	} -	_, err = consumeAll(r) -	return -} - -func checksumKeyMaterial(key []byte) uint16 { -	var checksum uint16 -	for _, v := range key { -		checksum += uint16(v) -	} -	return checksum -} - -// Decrypt decrypts an encrypted session key with the given private key. The -// private key must have been decrypted first. -func (e *EncryptedKey) Decrypt(priv *PrivateKey) os.Error { -	var err os.Error -	var b []byte - -	// TODO(agl): use session key decryption routines here to avoid -	// padding oracle attacks. -	switch priv.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly: -		b, err = rsa.DecryptPKCS1v15(rand.Reader, priv.PrivateKey.(*rsa.PrivateKey), e.encryptedMPI1) -	case PubKeyAlgoElGamal: -		c1 := new(big.Int).SetBytes(e.encryptedMPI1) -		c2 := new(big.Int).SetBytes(e.encryptedMPI2) -		b, err = elgamal.Decrypt(priv.PrivateKey.(*elgamal.PrivateKey), c1, c2) -	default: -		err = error.InvalidArgumentError("cannot decrypted encrypted session key with private key of type " + strconv.Itoa(int(priv.PubKeyAlgo))) -	} - -	if err != nil { -		return err -	} - -	e.CipherFunc = CipherFunction(b[0]) -	e.Key = b[1 : len(b)-2] -	expectedChecksum := uint16(b[len(b)-2])<<8 | uint16(b[len(b)-1]) -	checksum := checksumKeyMaterial(e.Key) -	if checksum != expectedChecksum { -		return error.StructuralError("EncryptedKey checksum incorrect") -	} - -	return nil -} - -// SerializeEncryptedKey serializes an encrypted key packet to w that contains -// key, encrypted to pub. -func SerializeEncryptedKey(w io.Writer, rand io.Reader, pub *PublicKey, cipherFunc CipherFunction, key []byte) os.Error { -	var buf [10]byte -	buf[0] = encryptedKeyVersion -	binary.BigEndian.PutUint64(buf[1:9], pub.KeyId) -	buf[9] = byte(pub.PubKeyAlgo) - -	keyBlock := make([]byte, 1 /* cipher type */ +len(key)+2 /* checksum */ ) -	keyBlock[0] = byte(cipherFunc) -	copy(keyBlock[1:], key) -	checksum := checksumKeyMaterial(key) -	keyBlock[1+len(key)] = byte(checksum >> 8) -	keyBlock[1+len(key)+1] = byte(checksum) - -	switch pub.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly: -		return serializeEncryptedKeyRSA(w, rand, buf, pub.PublicKey.(*rsa.PublicKey), keyBlock) -	case PubKeyAlgoElGamal: -		return serializeEncryptedKeyElGamal(w, rand, buf, pub.PublicKey.(*elgamal.PublicKey), keyBlock) -	case PubKeyAlgoDSA, PubKeyAlgoRSASignOnly: -		return error.InvalidArgumentError("cannot encrypt to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo))) -	} - -	return error.UnsupportedError("encrypting a key to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo))) -} - -func serializeEncryptedKeyRSA(w io.Writer, rand io.Reader, header [10]byte, pub *rsa.PublicKey, keyBlock []byte) os.Error { -	cipherText, err := rsa.EncryptPKCS1v15(rand, pub, keyBlock) -	if err != nil { -		return error.InvalidArgumentError("RSA encryption failed: " + err.String()) -	} - -	packetLen := 10 /* header length */ + 2 /* mpi size */ + len(cipherText) - -	err = serializeHeader(w, packetTypeEncryptedKey, packetLen) -	if err != nil { -		return err -	} -	_, err = w.Write(header[:]) -	if err != nil { -		return err -	} -	return writeMPI(w, 8*uint16(len(cipherText)), cipherText) -} - -func serializeEncryptedKeyElGamal(w io.Writer, rand io.Reader, header [10]byte, pub *elgamal.PublicKey, keyBlock []byte) os.Error { -	c1, c2, err := elgamal.Encrypt(rand, pub, keyBlock) -	if err != nil { -		return error.InvalidArgumentError("ElGamal encryption failed: " + err.String()) -	} - -	packetLen := 10 /* header length */ -	packetLen += 2 /* mpi size */ + (c1.BitLen()+7)/8 -	packetLen += 2 /* mpi size */ + (c2.BitLen()+7)/8 - -	err = serializeHeader(w, packetTypeEncryptedKey, packetLen) -	if err != nil { -		return err -	} -	_, err = w.Write(header[:]) -	if err != nil { -		return err -	} -	err = writeBig(w, c1) -	if err != nil { -		return err -	} -	return writeBig(w, c2) -} diff --git a/src/pkg/crypto/openpgp/packet/encrypted_key_test.go b/src/pkg/crypto/openpgp/packet/encrypted_key_test.go deleted file mode 100644 index b402245bd..000000000 --- a/src/pkg/crypto/openpgp/packet/encrypted_key_test.go +++ /dev/null @@ -1,126 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"big" -	"bytes" -	"crypto/rand" -	"crypto/rsa" -	"fmt" -	"testing" -) - -func bigFromBase10(s string) *big.Int { -	b, ok := new(big.Int).SetString(s, 10) -	if !ok { -		panic("bigFromBase10 failed") -	} -	return b -} - -var encryptedKeyPub = rsa.PublicKey{ -	E: 65537, -	N: bigFromBase10("115804063926007623305902631768113868327816898845124614648849934718568541074358183759250136204762053879858102352159854352727097033322663029387610959884180306668628526686121021235757016368038585212410610742029286439607686208110250133174279811431933746643015923132833417396844716207301518956640020862630546868823"), -} - -var encryptedKeyRSAPriv = &rsa.PrivateKey{ -	PublicKey: encryptedKeyPub, -	D:         bigFromBase10("32355588668219869544751561565313228297765464314098552250409557267371233892496951383426602439009993875125222579159850054973310859166139474359774543943714622292329487391199285040721944491839695981199720170366763547754915493640685849961780092241140181198779299712578774460837139360803883139311171713302987058393"), -} - -var encryptedKeyPriv = &PrivateKey{ -	PublicKey: PublicKey{ -		PubKeyAlgo: PubKeyAlgoRSA, -	}, -	PrivateKey: encryptedKeyRSAPriv, -} - -func TestDecryptingEncryptedKey(t *testing.T) { -	const encryptedKeyHex = "c18c032a67d68660df41c70104005789d0de26b6a50c985a02a13131ca829c413a35d0e6fa8d6842599252162808ac7439c72151c8c6183e76923fe3299301414d0c25a2f06a2257db3839e7df0ec964773f6e4c4ac7ff3b48c444237166dd46ba8ff443a5410dc670cb486672fdbe7c9dfafb75b4fea83af3a204fe2a7dfa86bd20122b4f3d2646cbeecb8f7be8" -	const expectedKeyHex = "d930363f7e0308c333b9618617ea728963d8df993665ae7be1092d4926fd864b" - -	p, err := Read(readerFromHex(encryptedKeyHex)) -	if err != nil { -		t.Errorf("error from Read: %s", err) -		return -	} -	ek, ok := p.(*EncryptedKey) -	if !ok { -		t.Errorf("didn't parse an EncryptedKey, got %#v", p) -		return -	} - -	if ek.KeyId != 0x2a67d68660df41c7 || ek.Algo != PubKeyAlgoRSA { -		t.Errorf("unexpected EncryptedKey contents: %#v", ek) -		return -	} - -	err = ek.Decrypt(encryptedKeyPriv) -	if err != nil { -		t.Errorf("error from Decrypt: %s", err) -		return -	} - -	if ek.CipherFunc != CipherAES256 { -		t.Errorf("unexpected EncryptedKey contents: %#v", ek) -		return -	} - -	keyHex := fmt.Sprintf("%x", ek.Key) -	if keyHex != expectedKeyHex { -		t.Errorf("bad key, got %s want %x", keyHex, expectedKeyHex) -	} -} - -func TestEncryptingEncryptedKey(t *testing.T) { -	key := []byte{1, 2, 3, 4} -	const expectedKeyHex = "01020304" -	const keyId = 42 - -	pub := &PublicKey{ -		PublicKey:  &encryptedKeyPub, -		KeyId:      keyId, -		PubKeyAlgo: PubKeyAlgoRSAEncryptOnly, -	} - -	buf := new(bytes.Buffer) -	err := SerializeEncryptedKey(buf, rand.Reader, pub, CipherAES128, key) -	if err != nil { -		t.Errorf("error writing encrypted key packet: %s", err) -	} - -	p, err := Read(buf) -	if err != nil { -		t.Errorf("error from Read: %s", err) -		return -	} -	ek, ok := p.(*EncryptedKey) -	if !ok { -		t.Errorf("didn't parse an EncryptedKey, got %#v", p) -		return -	} - -	if ek.KeyId != keyId || ek.Algo != PubKeyAlgoRSAEncryptOnly { -		t.Errorf("unexpected EncryptedKey contents: %#v", ek) -		return -	} - -	err = ek.Decrypt(encryptedKeyPriv) -	if err != nil { -		t.Errorf("error from Decrypt: %s", err) -		return -	} - -	if ek.CipherFunc != CipherAES128 { -		t.Errorf("unexpected EncryptedKey contents: %#v", ek) -		return -	} - -	keyHex := fmt.Sprintf("%x", ek.Key) -	if keyHex != expectedKeyHex { -		t.Errorf("bad key, got %s want %x", keyHex, expectedKeyHex) -	} -} diff --git a/src/pkg/crypto/openpgp/packet/literal.go b/src/pkg/crypto/openpgp/packet/literal.go deleted file mode 100644 index 9411572d7..000000000 --- a/src/pkg/crypto/openpgp/packet/literal.go +++ /dev/null @@ -1,90 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"encoding/binary" -	"io" -	"os" -) - -// LiteralData represents an encrypted file. See RFC 4880, section 5.9. -type LiteralData struct { -	IsBinary bool -	FileName string -	Time     uint32 // Unix epoch time. Either creation time or modification time. 0 means undefined. -	Body     io.Reader -} - -// ForEyesOnly returns whether the contents of the LiteralData have been marked -// as especially sensitive. -func (l *LiteralData) ForEyesOnly() bool { -	return l.FileName == "_CONSOLE" -} - -func (l *LiteralData) parse(r io.Reader) (err os.Error) { -	var buf [256]byte - -	_, err = readFull(r, buf[:2]) -	if err != nil { -		return -	} - -	l.IsBinary = buf[0] == 'b' -	fileNameLen := int(buf[1]) - -	_, err = readFull(r, buf[:fileNameLen]) -	if err != nil { -		return -	} - -	l.FileName = string(buf[:fileNameLen]) - -	_, err = readFull(r, buf[:4]) -	if err != nil { -		return -	} - -	l.Time = binary.BigEndian.Uint32(buf[:4]) -	l.Body = r -	return -} - -// SerializeLiteral serializes a literal data packet to w and returns a -// WriteCloser to which the data itself can be written and which MUST be closed -// on completion. The fileName is truncated to 255 bytes. -func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err os.Error) { -	var buf [4]byte -	buf[0] = 't' -	if isBinary { -		buf[0] = 'b' -	} -	if len(fileName) > 255 { -		fileName = fileName[:255] -	} -	buf[1] = byte(len(fileName)) - -	inner, err := serializeStreamHeader(w, packetTypeLiteralData) -	if err != nil { -		return -	} - -	_, err = inner.Write(buf[:2]) -	if err != nil { -		return -	} -	_, err = inner.Write([]byte(fileName)) -	if err != nil { -		return -	} -	binary.BigEndian.PutUint32(buf[:], time) -	_, err = inner.Write(buf[:]) -	if err != nil { -		return -	} - -	plaintext = inner -	return -} diff --git a/src/pkg/crypto/openpgp/packet/one_pass_signature.go b/src/pkg/crypto/openpgp/packet/one_pass_signature.go deleted file mode 100644 index ca826e4f4..000000000 --- a/src/pkg/crypto/openpgp/packet/one_pass_signature.go +++ /dev/null @@ -1,74 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"crypto" -	"crypto/openpgp/error" -	"crypto/openpgp/s2k" -	"encoding/binary" -	"io" -	"os" -	"strconv" -) - -// OnePassSignature represents a one-pass signature packet. See RFC 4880, -// section 5.4. -type OnePassSignature struct { -	SigType    SignatureType -	Hash       crypto.Hash -	PubKeyAlgo PublicKeyAlgorithm -	KeyId      uint64 -	IsLast     bool -} - -const onePassSignatureVersion = 3 - -func (ops *OnePassSignature) parse(r io.Reader) (err os.Error) { -	var buf [13]byte - -	_, err = readFull(r, buf[:]) -	if err != nil { -		return -	} -	if buf[0] != onePassSignatureVersion { -		err = error.UnsupportedError("one-pass-signature packet version " + strconv.Itoa(int(buf[0]))) -	} - -	var ok bool -	ops.Hash, ok = s2k.HashIdToHash(buf[2]) -	if !ok { -		return error.UnsupportedError("hash function: " + strconv.Itoa(int(buf[2]))) -	} - -	ops.SigType = SignatureType(buf[1]) -	ops.PubKeyAlgo = PublicKeyAlgorithm(buf[3]) -	ops.KeyId = binary.BigEndian.Uint64(buf[4:12]) -	ops.IsLast = buf[12] != 0 -	return -} - -// Serialize marshals the given OnePassSignature to w. -func (ops *OnePassSignature) Serialize(w io.Writer) os.Error { -	var buf [13]byte -	buf[0] = onePassSignatureVersion -	buf[1] = uint8(ops.SigType) -	var ok bool -	buf[2], ok = s2k.HashToHashId(ops.Hash) -	if !ok { -		return error.UnsupportedError("hash type: " + strconv.Itoa(int(ops.Hash))) -	} -	buf[3] = uint8(ops.PubKeyAlgo) -	binary.BigEndian.PutUint64(buf[4:12], ops.KeyId) -	if ops.IsLast { -		buf[12] = 1 -	} - -	if err := serializeHeader(w, packetTypeOnePassSignature, len(buf)); err != nil { -		return err -	} -	_, err := w.Write(buf[:]) -	return err -} diff --git a/src/pkg/crypto/openpgp/packet/packet.go b/src/pkg/crypto/openpgp/packet/packet.go deleted file mode 100644 index 1d7297e38..000000000 --- a/src/pkg/crypto/openpgp/packet/packet.go +++ /dev/null @@ -1,483 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package packet implements parsing and serialization of OpenPGP packets, as -// specified in RFC 4880. -package packet - -import ( -	"big" -	"crypto/aes" -	"crypto/cast5" -	"crypto/cipher" -	"crypto/openpgp/error" -	"io" -	"os" -) - -// readFull is the same as io.ReadFull except that reading zero bytes returns -// ErrUnexpectedEOF rather than EOF. -func readFull(r io.Reader, buf []byte) (n int, err os.Error) { -	n, err = io.ReadFull(r, buf) -	if err == os.EOF { -		err = io.ErrUnexpectedEOF -	} -	return -} - -// readLength reads an OpenPGP length from r. See RFC 4880, section 4.2.2. -func readLength(r io.Reader) (length int64, isPartial bool, err os.Error) { -	var buf [4]byte -	_, err = readFull(r, buf[:1]) -	if err != nil { -		return -	} -	switch { -	case buf[0] < 192: -		length = int64(buf[0]) -	case buf[0] < 224: -		length = int64(buf[0]-192) << 8 -		_, err = readFull(r, buf[0:1]) -		if err != nil { -			return -		} -		length += int64(buf[0]) + 192 -	case buf[0] < 255: -		length = int64(1) << (buf[0] & 0x1f) -		isPartial = true -	default: -		_, err = readFull(r, buf[0:4]) -		if err != nil { -			return -		} -		length = int64(buf[0])<<24 | -			int64(buf[1])<<16 | -			int64(buf[2])<<8 | -			int64(buf[3]) -	} -	return -} - -// partialLengthReader wraps an io.Reader and handles OpenPGP partial lengths. -// The continuation lengths are parsed and removed from the stream and EOF is -// returned at the end of the packet. See RFC 4880, section 4.2.2.4. -type partialLengthReader struct { -	r         io.Reader -	remaining int64 -	isPartial bool -} - -func (r *partialLengthReader) Read(p []byte) (n int, err os.Error) { -	for r.remaining == 0 { -		if !r.isPartial { -			return 0, os.EOF -		} -		r.remaining, r.isPartial, err = readLength(r.r) -		if err != nil { -			return 0, err -		} -	} - -	toRead := int64(len(p)) -	if toRead > r.remaining { -		toRead = r.remaining -	} - -	n, err = r.r.Read(p[:int(toRead)]) -	r.remaining -= int64(n) -	if n < int(toRead) && err == os.EOF { -		err = io.ErrUnexpectedEOF -	} -	return -} - -// partialLengthWriter writes a stream of data using OpenPGP partial lengths. -// See RFC 4880, section 4.2.2.4. -type partialLengthWriter struct { -	w          io.WriteCloser -	lengthByte [1]byte -} - -func (w *partialLengthWriter) Write(p []byte) (n int, err os.Error) { -	for len(p) > 0 { -		for power := uint(14); power < 32; power-- { -			l := 1 << power -			if len(p) >= l { -				w.lengthByte[0] = 224 + uint8(power) -				_, err = w.w.Write(w.lengthByte[:]) -				if err != nil { -					return -				} -				var m int -				m, err = w.w.Write(p[:l]) -				n += m -				if err != nil { -					return -				} -				p = p[l:] -				break -			} -		} -	} -	return -} - -func (w *partialLengthWriter) Close() os.Error { -	w.lengthByte[0] = 0 -	_, err := w.w.Write(w.lengthByte[:]) -	if err != nil { -		return err -	} -	return w.w.Close() -} - -// A spanReader is an io.LimitReader, but it returns ErrUnexpectedEOF if the -// underlying Reader returns EOF before the limit has been reached. -type spanReader struct { -	r io.Reader -	n int64 -} - -func (l *spanReader) Read(p []byte) (n int, err os.Error) { -	if l.n <= 0 { -		return 0, os.EOF -	} -	if int64(len(p)) > l.n { -		p = p[0:l.n] -	} -	n, err = l.r.Read(p) -	l.n -= int64(n) -	if l.n > 0 && err == os.EOF { -		err = io.ErrUnexpectedEOF -	} -	return -} - -// readHeader parses a packet header and returns an io.Reader which will return -// the contents of the packet. See RFC 4880, section 4.2. -func readHeader(r io.Reader) (tag packetType, length int64, contents io.Reader, err os.Error) { -	var buf [4]byte -	_, err = io.ReadFull(r, buf[:1]) -	if err != nil { -		return -	} -	if buf[0]&0x80 == 0 { -		err = error.StructuralError("tag byte does not have MSB set") -		return -	} -	if buf[0]&0x40 == 0 { -		// Old format packet -		tag = packetType((buf[0] & 0x3f) >> 2) -		lengthType := buf[0] & 3 -		if lengthType == 3 { -			length = -1 -			contents = r -			return -		} -		lengthBytes := 1 << lengthType -		_, err = readFull(r, buf[0:lengthBytes]) -		if err != nil { -			return -		} -		for i := 0; i < lengthBytes; i++ { -			length <<= 8 -			length |= int64(buf[i]) -		} -		contents = &spanReader{r, length} -		return -	} - -	// New format packet -	tag = packetType(buf[0] & 0x3f) -	length, isPartial, err := readLength(r) -	if err != nil { -		return -	} -	if isPartial { -		contents = &partialLengthReader{ -			remaining: length, -			isPartial: true, -			r:         r, -		} -		length = -1 -	} else { -		contents = &spanReader{r, length} -	} -	return -} - -// serializeHeader writes an OpenPGP packet header to w. See RFC 4880, section -// 4.2. -func serializeHeader(w io.Writer, ptype packetType, length int) (err os.Error) { -	var buf [6]byte -	var n int - -	buf[0] = 0x80 | 0x40 | byte(ptype) -	if length < 192 { -		buf[1] = byte(length) -		n = 2 -	} else if length < 8384 { -		length -= 192 -		buf[1] = 192 + byte(length>>8) -		buf[2] = byte(length) -		n = 3 -	} else { -		buf[1] = 255 -		buf[2] = byte(length >> 24) -		buf[3] = byte(length >> 16) -		buf[4] = byte(length >> 8) -		buf[5] = byte(length) -		n = 6 -	} - -	_, err = w.Write(buf[:n]) -	return -} - -// serializeStreamHeader writes an OpenPGP packet header to w where the -// length of the packet is unknown. It returns a io.WriteCloser which can be -// used to write the contents of the packet. See RFC 4880, section 4.2. -func serializeStreamHeader(w io.WriteCloser, ptype packetType) (out io.WriteCloser, err os.Error) { -	var buf [1]byte -	buf[0] = 0x80 | 0x40 | byte(ptype) -	_, err = w.Write(buf[:]) -	if err != nil { -		return -	} -	out = &partialLengthWriter{w: w} -	return -} - -// Packet represents an OpenPGP packet. Users are expected to try casting -// instances of this interface to specific packet types. -type Packet interface { -	parse(io.Reader) os.Error -} - -// consumeAll reads from the given Reader until error, returning the number of -// bytes read. -func consumeAll(r io.Reader) (n int64, err os.Error) { -	var m int -	var buf [1024]byte - -	for { -		m, err = r.Read(buf[:]) -		n += int64(m) -		if err == os.EOF { -			err = nil -			return -		} -		if err != nil { -			return -		} -	} - -	panic("unreachable") -} - -// packetType represents the numeric ids of the different OpenPGP packet types. See -// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-2 -type packetType uint8 - -const ( -	packetTypeEncryptedKey              packetType = 1 -	packetTypeSignature                 packetType = 2 -	packetTypeSymmetricKeyEncrypted     packetType = 3 -	packetTypeOnePassSignature          packetType = 4 -	packetTypePrivateKey                packetType = 5 -	packetTypePublicKey                 packetType = 6 -	packetTypePrivateSubkey             packetType = 7 -	packetTypeCompressed                packetType = 8 -	packetTypeSymmetricallyEncrypted    packetType = 9 -	packetTypeLiteralData               packetType = 11 -	packetTypeUserId                    packetType = 13 -	packetTypePublicSubkey              packetType = 14 -	packetTypeSymmetricallyEncryptedMDC packetType = 18 -) - -// Read reads a single OpenPGP packet from the given io.Reader. If there is an -// error parsing a packet, the whole packet is consumed from the input. -func Read(r io.Reader) (p Packet, err os.Error) { -	tag, _, contents, err := readHeader(r) -	if err != nil { -		return -	} - -	switch tag { -	case packetTypeEncryptedKey: -		p = new(EncryptedKey) -	case packetTypeSignature: -		p = new(Signature) -	case packetTypeSymmetricKeyEncrypted: -		p = new(SymmetricKeyEncrypted) -	case packetTypeOnePassSignature: -		p = new(OnePassSignature) -	case packetTypePrivateKey, packetTypePrivateSubkey: -		pk := new(PrivateKey) -		if tag == packetTypePrivateSubkey { -			pk.IsSubkey = true -		} -		p = pk -	case packetTypePublicKey, packetTypePublicSubkey: -		pk := new(PublicKey) -		if tag == packetTypePublicSubkey { -			pk.IsSubkey = true -		} -		p = pk -	case packetTypeCompressed: -		p = new(Compressed) -	case packetTypeSymmetricallyEncrypted: -		p = new(SymmetricallyEncrypted) -	case packetTypeLiteralData: -		p = new(LiteralData) -	case packetTypeUserId: -		p = new(UserId) -	case packetTypeSymmetricallyEncryptedMDC: -		se := new(SymmetricallyEncrypted) -		se.MDC = true -		p = se -	default: -		err = error.UnknownPacketTypeError(tag) -	} -	if p != nil { -		err = p.parse(contents) -	} -	if err != nil { -		consumeAll(contents) -	} -	return -} - -// SignatureType represents the different semantic meanings of an OpenPGP -// signature. See RFC 4880, section 5.2.1. -type SignatureType uint8 - -const ( -	SigTypeBinary        SignatureType = 0 -	SigTypeText                        = 1 -	SigTypeGenericCert                 = 0x10 -	SigTypePersonaCert                 = 0x11 -	SigTypeCasualCert                  = 0x12 -	SigTypePositiveCert                = 0x13 -	SigTypeSubkeyBinding               = 0x18 -) - -// PublicKeyAlgorithm represents the different public key system specified for -// OpenPGP. See -// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-12 -type PublicKeyAlgorithm uint8 - -const ( -	PubKeyAlgoRSA            PublicKeyAlgorithm = 1 -	PubKeyAlgoRSAEncryptOnly PublicKeyAlgorithm = 2 -	PubKeyAlgoRSASignOnly    PublicKeyAlgorithm = 3 -	PubKeyAlgoElGamal        PublicKeyAlgorithm = 16 -	PubKeyAlgoDSA            PublicKeyAlgorithm = 17 -) - -// CanEncrypt returns true if it's possible to encrypt a message to a public -// key of the given type. -func (pka PublicKeyAlgorithm) CanEncrypt() bool { -	switch pka { -	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoElGamal: -		return true -	} -	return false -} - -// CanSign returns true if it's possible for a public key of the given type to -// sign a message. -func (pka PublicKeyAlgorithm) CanSign() bool { -	switch pka { -	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoDSA: -		return true -	} -	return false -} - -// CipherFunction represents the different block ciphers specified for OpenPGP. See -// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13 -type CipherFunction uint8 - -const ( -	CipherCAST5  CipherFunction = 3 -	CipherAES128 CipherFunction = 7 -	CipherAES192 CipherFunction = 8 -	CipherAES256 CipherFunction = 9 -) - -// KeySize returns the key size, in bytes, of cipher. -func (cipher CipherFunction) KeySize() int { -	switch cipher { -	case CipherCAST5: -		return cast5.KeySize -	case CipherAES128: -		return 16 -	case CipherAES192: -		return 24 -	case CipherAES256: -		return 32 -	} -	return 0 -} - -// blockSize returns the block size, in bytes, of cipher. -func (cipher CipherFunction) blockSize() int { -	switch cipher { -	case CipherCAST5: -		return 8 -	case CipherAES128, CipherAES192, CipherAES256: -		return 16 -	} -	return 0 -} - -// new returns a fresh instance of the given cipher. -func (cipher CipherFunction) new(key []byte) (block cipher.Block) { -	switch cipher { -	case CipherCAST5: -		block, _ = cast5.NewCipher(key) -	case CipherAES128, CipherAES192, CipherAES256: -		block, _ = aes.NewCipher(key) -	} -	return -} - -// readMPI reads a big integer from r. The bit length returned is the bit -// length that was specified in r. This is preserved so that the integer can be -// reserialized exactly. -func readMPI(r io.Reader) (mpi []byte, bitLength uint16, err os.Error) { -	var buf [2]byte -	_, err = readFull(r, buf[0:]) -	if err != nil { -		return -	} -	bitLength = uint16(buf[0])<<8 | uint16(buf[1]) -	numBytes := (int(bitLength) + 7) / 8 -	mpi = make([]byte, numBytes) -	_, err = readFull(r, mpi) -	return -} - -// mpiLength returns the length of the given *big.Int when serialized as an -// MPI. -func mpiLength(n *big.Int) (mpiLengthInBytes int) { -	mpiLengthInBytes = 2 /* MPI length */ -	mpiLengthInBytes += (n.BitLen() + 7) / 8 -	return -} - -// writeMPI serializes a big integer to w. -func writeMPI(w io.Writer, bitLength uint16, mpiBytes []byte) (err os.Error) { -	_, err = w.Write([]byte{byte(bitLength >> 8), byte(bitLength)}) -	if err == nil { -		_, err = w.Write(mpiBytes) -	} -	return -} - -// writeBig serializes a *big.Int to w. -func writeBig(w io.Writer, i *big.Int) os.Error { -	return writeMPI(w, uint16(i.BitLen()), i.Bytes()) -} diff --git a/src/pkg/crypto/openpgp/packet/packet_test.go b/src/pkg/crypto/openpgp/packet/packet_test.go deleted file mode 100644 index 23d9978ae..000000000 --- a/src/pkg/crypto/openpgp/packet/packet_test.go +++ /dev/null @@ -1,256 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"bytes" -	"crypto/openpgp/error" -	"encoding/hex" -	"fmt" -	"io" -	"io/ioutil" -	"os" -	"testing" -) - -func TestReadFull(t *testing.T) { -	var out [4]byte - -	b := bytes.NewBufferString("foo") -	n, err := readFull(b, out[:3]) -	if n != 3 || err != nil { -		t.Errorf("full read failed n:%d err:%s", n, err) -	} - -	b = bytes.NewBufferString("foo") -	n, err = readFull(b, out[:4]) -	if n != 3 || err != io.ErrUnexpectedEOF { -		t.Errorf("partial read failed n:%d err:%s", n, err) -	} - -	b = bytes.NewBuffer(nil) -	n, err = readFull(b, out[:3]) -	if n != 0 || err != io.ErrUnexpectedEOF { -		t.Errorf("empty read failed n:%d err:%s", n, err) -	} -} - -func readerFromHex(s string) io.Reader { -	data, err := hex.DecodeString(s) -	if err != nil { -		panic("readerFromHex: bad input") -	} -	return bytes.NewBuffer(data) -} - -var readLengthTests = []struct { -	hexInput  string -	length    int64 -	isPartial bool -	err       os.Error -}{ -	{"", 0, false, io.ErrUnexpectedEOF}, -	{"1f", 31, false, nil}, -	{"c0", 0, false, io.ErrUnexpectedEOF}, -	{"c101", 256 + 1 + 192, false, nil}, -	{"e0", 1, true, nil}, -	{"e1", 2, true, nil}, -	{"e2", 4, true, nil}, -	{"ff", 0, false, io.ErrUnexpectedEOF}, -	{"ff00", 0, false, io.ErrUnexpectedEOF}, -	{"ff0000", 0, false, io.ErrUnexpectedEOF}, -	{"ff000000", 0, false, io.ErrUnexpectedEOF}, -	{"ff00000000", 0, false, nil}, -	{"ff01020304", 16909060, false, nil}, -} - -func TestReadLength(t *testing.T) { -	for i, test := range readLengthTests { -		length, isPartial, err := readLength(readerFromHex(test.hexInput)) -		if test.err != nil { -			if err != test.err { -				t.Errorf("%d: expected different error got:%s want:%s", i, err, test.err) -			} -			continue -		} -		if err != nil { -			t.Errorf("%d: unexpected error: %s", i, err) -			continue -		} -		if length != test.length || isPartial != test.isPartial { -			t.Errorf("%d: bad result got:(%d,%t) want:(%d,%t)", i, length, isPartial, test.length, test.isPartial) -		} -	} -} - -var partialLengthReaderTests = []struct { -	hexInput  string -	err       os.Error -	hexOutput string -}{ -	{"e0", io.ErrUnexpectedEOF, ""}, -	{"e001", io.ErrUnexpectedEOF, ""}, -	{"e0010102", nil, "0102"}, -	{"ff00000000", nil, ""}, -	{"e10102e1030400", nil, "01020304"}, -	{"e101", io.ErrUnexpectedEOF, ""}, -} - -func TestPartialLengthReader(t *testing.T) { -	for i, test := range partialLengthReaderTests { -		r := &partialLengthReader{readerFromHex(test.hexInput), 0, true} -		out, err := ioutil.ReadAll(r) -		if test.err != nil { -			if err != test.err { -				t.Errorf("%d: expected different error got:%s want:%s", i, err, test.err) -			} -			continue -		} -		if err != nil { -			t.Errorf("%d: unexpected error: %s", i, err) -			continue -		} - -		got := fmt.Sprintf("%x", out) -		if got != test.hexOutput { -			t.Errorf("%d: got:%s want:%s", i, test.hexOutput, got) -		} -	} -} - -var readHeaderTests = []struct { -	hexInput        string -	structuralError bool -	unexpectedEOF   bool -	tag             int -	length          int64 -	hexOutput       string -}{ -	{"", false, false, 0, 0, ""}, -	{"7f", true, false, 0, 0, ""}, - -	// Old format headers -	{"80", false, true, 0, 0, ""}, -	{"8001", false, true, 0, 1, ""}, -	{"800102", false, false, 0, 1, "02"}, -	{"81000102", false, false, 0, 1, "02"}, -	{"820000000102", false, false, 0, 1, "02"}, -	{"860000000102", false, false, 1, 1, "02"}, -	{"83010203", false, false, 0, -1, "010203"}, - -	// New format headers -	{"c0", false, true, 0, 0, ""}, -	{"c000", false, false, 0, 0, ""}, -	{"c00102", false, false, 0, 1, "02"}, -	{"c0020203", false, false, 0, 2, "0203"}, -	{"c00202", false, true, 0, 2, ""}, -	{"c3020203", false, false, 3, 2, "0203"}, -} - -func TestReadHeader(t *testing.T) { -	for i, test := range readHeaderTests { -		tag, length, contents, err := readHeader(readerFromHex(test.hexInput)) -		if test.structuralError { -			if _, ok := err.(error.StructuralError); ok { -				continue -			} -			t.Errorf("%d: expected StructuralError, got:%s", i, err) -			continue -		} -		if err != nil { -			if len(test.hexInput) == 0 && err == os.EOF { -				continue -			} -			if !test.unexpectedEOF || err != io.ErrUnexpectedEOF { -				t.Errorf("%d: unexpected error from readHeader: %s", i, err) -			} -			continue -		} -		if int(tag) != test.tag || length != test.length { -			t.Errorf("%d: got:(%d,%d) want:(%d,%d)", i, int(tag), length, test.tag, test.length) -			continue -		} - -		body, err := ioutil.ReadAll(contents) -		if err != nil { -			if !test.unexpectedEOF || err != io.ErrUnexpectedEOF { -				t.Errorf("%d: unexpected error from contents: %s", i, err) -			} -			continue -		} -		if test.unexpectedEOF { -			t.Errorf("%d: expected ErrUnexpectedEOF from contents but got no error", i) -			continue -		} -		got := fmt.Sprintf("%x", body) -		if got != test.hexOutput { -			t.Errorf("%d: got:%s want:%s", i, got, test.hexOutput) -		} -	} -} - -func TestSerializeHeader(t *testing.T) { -	tag := packetTypePublicKey -	lengths := []int{0, 1, 2, 64, 192, 193, 8000, 8384, 8385, 10000} - -	for _, length := range lengths { -		buf := bytes.NewBuffer(nil) -		serializeHeader(buf, tag, length) -		tag2, length2, _, err := readHeader(buf) -		if err != nil { -			t.Errorf("length %d, err: %s", length, err) -		} -		if tag2 != tag { -			t.Errorf("length %d, tag incorrect (got %d, want %d)", length, tag2, tag) -		} -		if int(length2) != length { -			t.Errorf("length %d, length incorrect (got %d)", length, length2) -		} -	} -} - -func TestPartialLengths(t *testing.T) { -	buf := bytes.NewBuffer(nil) -	w := new(partialLengthWriter) -	w.w = noOpCloser{buf} - -	const maxChunkSize = 64 - -	var b [maxChunkSize]byte -	var n uint8 -	for l := 1; l <= maxChunkSize; l++ { -		for i := 0; i < l; i++ { -			b[i] = n -			n++ -		} -		m, err := w.Write(b[:l]) -		if m != l { -			t.Errorf("short write got: %d want: %d", m, l) -		} -		if err != nil { -			t.Errorf("error from write: %s", err) -		} -	} -	w.Close() - -	want := (maxChunkSize * (maxChunkSize + 1)) / 2 -	copyBuf := bytes.NewBuffer(nil) -	r := &partialLengthReader{buf, 0, true} -	m, err := io.Copy(copyBuf, r) -	if m != int64(want) { -		t.Errorf("short copy got: %d want: %d", m, want) -	} -	if err != nil { -		t.Errorf("error from copy: %s", err) -	} - -	copyBytes := copyBuf.Bytes() -	for i := 0; i < want; i++ { -		if copyBytes[i] != uint8(i) { -			t.Errorf("bad pattern in copy at %d", i) -			break -		} -	} -} diff --git a/src/pkg/crypto/openpgp/packet/private_key.go b/src/pkg/crypto/openpgp/packet/private_key.go deleted file mode 100644 index 6f8133d98..000000000 --- a/src/pkg/crypto/openpgp/packet/private_key.go +++ /dev/null @@ -1,301 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"big" -	"bytes" -	"crypto/cipher" -	"crypto/dsa" -	"crypto/openpgp/elgamal" -	"crypto/openpgp/error" -	"crypto/openpgp/s2k" -	"crypto/rsa" -	"crypto/sha1" -	"io" -	"io/ioutil" -	"os" -	"strconv" -) - -// PrivateKey represents a possibly encrypted private key. See RFC 4880, -// section 5.5.3. -type PrivateKey struct { -	PublicKey -	Encrypted     bool // if true then the private key is unavailable until Decrypt has been called. -	encryptedData []byte -	cipher        CipherFunction -	s2k           func(out, in []byte) -	PrivateKey    interface{} // An *rsa.PrivateKey. -	sha1Checksum  bool -	iv            []byte -} - -func NewRSAPrivateKey(currentTimeSecs uint32, priv *rsa.PrivateKey, isSubkey bool) *PrivateKey { -	pk := new(PrivateKey) -	pk.PublicKey = *NewRSAPublicKey(currentTimeSecs, &priv.PublicKey, isSubkey) -	pk.PrivateKey = priv -	return pk -} - -func (pk *PrivateKey) parse(r io.Reader) (err os.Error) { -	err = (&pk.PublicKey).parse(r) -	if err != nil { -		return -	} -	var buf [1]byte -	_, err = readFull(r, buf[:]) -	if err != nil { -		return -	} - -	s2kType := buf[0] - -	switch s2kType { -	case 0: -		pk.s2k = nil -		pk.Encrypted = false -	case 254, 255: -		_, err = readFull(r, buf[:]) -		if err != nil { -			return -		} -		pk.cipher = CipherFunction(buf[0]) -		pk.Encrypted = true -		pk.s2k, err = s2k.Parse(r) -		if err != nil { -			return -		} -		if s2kType == 254 { -			pk.sha1Checksum = true -		} -	default: -		return error.UnsupportedError("deprecated s2k function in private key") -	} - -	if pk.Encrypted { -		blockSize := pk.cipher.blockSize() -		if blockSize == 0 { -			return error.UnsupportedError("unsupported cipher in private key: " + strconv.Itoa(int(pk.cipher))) -		} -		pk.iv = make([]byte, blockSize) -		_, err = readFull(r, pk.iv) -		if err != nil { -			return -		} -	} - -	pk.encryptedData, err = ioutil.ReadAll(r) -	if err != nil { -		return -	} - -	if !pk.Encrypted { -		return pk.parsePrivateKey(pk.encryptedData) -	} - -	return -} - -func mod64kHash(d []byte) uint16 { -	h := uint16(0) -	for i := 0; i < len(d); i += 2 { -		v := uint16(d[i]) << 8 -		if i+1 < len(d) { -			v += uint16(d[i+1]) -		} -		h += v -	} -	return h -} - -func (pk *PrivateKey) Serialize(w io.Writer) (err os.Error) { -	// TODO(agl): support encrypted private keys -	buf := bytes.NewBuffer(nil) -	err = pk.PublicKey.serializeWithoutHeaders(buf) -	if err != nil { -		return -	} -	buf.WriteByte(0 /* no encryption */ ) - -	privateKeyBuf := bytes.NewBuffer(nil) - -	switch priv := pk.PrivateKey.(type) { -	case *rsa.PrivateKey: -		err = serializeRSAPrivateKey(privateKeyBuf, priv) -	default: -		err = error.InvalidArgumentError("non-RSA private key") -	} -	if err != nil { -		return -	} - -	ptype := packetTypePrivateKey -	contents := buf.Bytes() -	privateKeyBytes := privateKeyBuf.Bytes() -	if pk.IsSubkey { -		ptype = packetTypePrivateSubkey -	} -	err = serializeHeader(w, ptype, len(contents)+len(privateKeyBytes)+2) -	if err != nil { -		return -	} -	_, err = w.Write(contents) -	if err != nil { -		return -	} -	_, err = w.Write(privateKeyBytes) -	if err != nil { -		return -	} - -	checksum := mod64kHash(privateKeyBytes) -	var checksumBytes [2]byte -	checksumBytes[0] = byte(checksum >> 8) -	checksumBytes[1] = byte(checksum) -	_, err = w.Write(checksumBytes[:]) - -	return -} - -func serializeRSAPrivateKey(w io.Writer, priv *rsa.PrivateKey) os.Error { -	err := writeBig(w, priv.D) -	if err != nil { -		return err -	} -	err = writeBig(w, priv.Primes[1]) -	if err != nil { -		return err -	} -	err = writeBig(w, priv.Primes[0]) -	if err != nil { -		return err -	} -	return writeBig(w, priv.Precomputed.Qinv) -} - -// Decrypt decrypts an encrypted private key using a passphrase. -func (pk *PrivateKey) Decrypt(passphrase []byte) os.Error { -	if !pk.Encrypted { -		return nil -	} - -	key := make([]byte, pk.cipher.KeySize()) -	pk.s2k(key, passphrase) -	block := pk.cipher.new(key) -	cfb := cipher.NewCFBDecrypter(block, pk.iv) - -	data := pk.encryptedData -	cfb.XORKeyStream(data, data) - -	if pk.sha1Checksum { -		if len(data) < sha1.Size { -			return error.StructuralError("truncated private key data") -		} -		h := sha1.New() -		h.Write(data[:len(data)-sha1.Size]) -		sum := h.Sum() -		if !bytes.Equal(sum, data[len(data)-sha1.Size:]) { -			return error.StructuralError("private key checksum failure") -		} -		data = data[:len(data)-sha1.Size] -	} else { -		if len(data) < 2 { -			return error.StructuralError("truncated private key data") -		} -		var sum uint16 -		for i := 0; i < len(data)-2; i++ { -			sum += uint16(data[i]) -		} -		if data[len(data)-2] != uint8(sum>>8) || -			data[len(data)-1] != uint8(sum) { -			return error.StructuralError("private key checksum failure") -		} -		data = data[:len(data)-2] -	} - -	return pk.parsePrivateKey(data) -} - -func (pk *PrivateKey) parsePrivateKey(data []byte) (err os.Error) { -	switch pk.PublicKey.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoRSAEncryptOnly: -		return pk.parseRSAPrivateKey(data) -	case PubKeyAlgoDSA: -		return pk.parseDSAPrivateKey(data) -	case PubKeyAlgoElGamal: -		return pk.parseElGamalPrivateKey(data) -	} -	panic("impossible") -} - -func (pk *PrivateKey) parseRSAPrivateKey(data []byte) (err os.Error) { -	rsaPub := pk.PublicKey.PublicKey.(*rsa.PublicKey) -	rsaPriv := new(rsa.PrivateKey) -	rsaPriv.PublicKey = *rsaPub - -	buf := bytes.NewBuffer(data) -	d, _, err := readMPI(buf) -	if err != nil { -		return -	} -	p, _, err := readMPI(buf) -	if err != nil { -		return -	} -	q, _, err := readMPI(buf) -	if err != nil { -		return -	} - -	rsaPriv.D = new(big.Int).SetBytes(d) -	rsaPriv.Primes = make([]*big.Int, 2) -	rsaPriv.Primes[0] = new(big.Int).SetBytes(p) -	rsaPriv.Primes[1] = new(big.Int).SetBytes(q) -	rsaPriv.Precompute() -	pk.PrivateKey = rsaPriv -	pk.Encrypted = false -	pk.encryptedData = nil - -	return nil -} - -func (pk *PrivateKey) parseDSAPrivateKey(data []byte) (err os.Error) { -	dsaPub := pk.PublicKey.PublicKey.(*dsa.PublicKey) -	dsaPriv := new(dsa.PrivateKey) -	dsaPriv.PublicKey = *dsaPub - -	buf := bytes.NewBuffer(data) -	x, _, err := readMPI(buf) -	if err != nil { -		return -	} - -	dsaPriv.X = new(big.Int).SetBytes(x) -	pk.PrivateKey = dsaPriv -	pk.Encrypted = false -	pk.encryptedData = nil - -	return nil -} - -func (pk *PrivateKey) parseElGamalPrivateKey(data []byte) (err os.Error) { -	pub := pk.PublicKey.PublicKey.(*elgamal.PublicKey) -	priv := new(elgamal.PrivateKey) -	priv.PublicKey = *pub - -	buf := bytes.NewBuffer(data) -	x, _, err := readMPI(buf) -	if err != nil { -		return -	} - -	priv.X = new(big.Int).SetBytes(x) -	pk.PrivateKey = priv -	pk.Encrypted = false -	pk.encryptedData = nil - -	return nil -} diff --git a/src/pkg/crypto/openpgp/packet/private_key_test.go b/src/pkg/crypto/openpgp/packet/private_key_test.go deleted file mode 100644 index 60eebaa6b..000000000 --- a/src/pkg/crypto/openpgp/packet/private_key_test.go +++ /dev/null @@ -1,57 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"testing" -) - -var privateKeyTests = []struct { -	privateKeyHex string -	creationTime  uint32 -}{ -	{ -		privKeyRSAHex, -		0x4cc349a8, -	}, -	{ -		privKeyElGamalHex, -		0x4df9ee1a, -	}, -} - -func TestPrivateKeyRead(t *testing.T) { -	for i, test := range privateKeyTests { -		packet, err := Read(readerFromHex(test.privateKeyHex)) -		if err != nil { -			t.Errorf("#%d: failed to parse: %s", i, err) -			continue -		} - -		privKey := packet.(*PrivateKey) - -		if !privKey.Encrypted { -			t.Errorf("#%d: private key isn't encrypted", i) -			continue -		} - -		err = privKey.Decrypt([]byte("testing")) -		if err != nil { -			t.Errorf("#%d: failed to decrypt: %s", i, err) -			continue -		} - -		if privKey.CreationTime != test.creationTime || privKey.Encrypted { -			t.Errorf("#%d: bad result, got: %#v", i, privKey) -		} -	} -} - -// Generated with `gpg --export-secret-keys "Test Key 2"` -const privKeyRSAHex = "9501fe044cc349a8010400b70ca0010e98c090008d45d1ee8f9113bd5861fd57b88bacb7c68658747663f1e1a3b5a98f32fda6472373c024b97359cd2efc88ff60f77751adfbf6af5e615e6a1408cfad8bf0cea30b0d5f53aa27ad59089ba9b15b7ebc2777a25d7b436144027e3bcd203909f147d0e332b240cf63d3395f5dfe0df0a6c04e8655af7eacdf0011010001fe0303024a252e7d475fd445607de39a265472aa74a9320ba2dac395faa687e9e0336aeb7e9a7397e511b5afd9dc84557c80ac0f3d4d7bfec5ae16f20d41c8c84a04552a33870b930420e230e179564f6d19bb153145e76c33ae993886c388832b0fa042ddda7f133924f3854481533e0ede31d51278c0519b29abc3bf53da673e13e3e1214b52413d179d7f66deee35cac8eacb060f78379d70ef4af8607e68131ff529439668fc39c9ce6dfef8a5ac234d234802cbfb749a26107db26406213ae5c06d4673253a3cbee1fcbae58d6ab77e38d6e2c0e7c6317c48e054edadb5a40d0d48acb44643d998139a8a66bb820be1f3f80185bc777d14b5954b60effe2448a036d565c6bc0b915fcea518acdd20ab07bc1529f561c58cd044f723109b93f6fd99f876ff891d64306b5d08f48bab59f38695e9109c4dec34013ba3153488ce070268381ba923ee1eb77125b36afcb4347ec3478c8f2735b06ef17351d872e577fa95d0c397c88c71b59629a36aec" - -// Generated by `gpg --export-secret-keys` followed by a manual extraction of -// the ElGamal subkey from the packets. -const privKeyElGamalHex = "9d0157044df9ee1a100400eb8e136a58ec39b582629cdadf830bc64e0a94ed8103ca8bb247b27b11b46d1d25297ef4bcc3071785ba0c0bedfe89eabc5287fcc0edf81ab5896c1c8e4b20d27d79813c7aede75320b33eaeeaa586edc00fd1036c10133e6ba0ff277245d0d59d04b2b3421b7244aca5f4a8d870c6f1c1fbff9e1c26699a860b9504f35ca1d700030503fd1ededd3b840795be6d9ccbe3c51ee42e2f39233c432b831ddd9c4e72b7025a819317e47bf94f9ee316d7273b05d5fcf2999c3a681f519b1234bbfa6d359b4752bd9c3f77d6b6456cde152464763414ca130f4e91d91041432f90620fec0e6d6b5116076c2985d5aeaae13be492b9b329efcaf7ee25120159a0a30cd976b42d7afe030302dae7eb80db744d4960c4df930d57e87fe81412eaace9f900e6c839817a614ddb75ba6603b9417c33ea7b6c93967dfa2bcff3fa3c74a5ce2c962db65b03aece14c96cbd0038fc" diff --git a/src/pkg/crypto/openpgp/packet/public_key.go b/src/pkg/crypto/openpgp/packet/public_key.go deleted file mode 100644 index e6b0ae5f3..000000000 --- a/src/pkg/crypto/openpgp/packet/public_key.go +++ /dev/null @@ -1,393 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"big" -	"crypto/dsa" -	"crypto/openpgp/elgamal" -	"crypto/openpgp/error" -	"crypto/rsa" -	"crypto/sha1" -	"encoding/binary" -	"fmt" -	"hash" -	"io" -	"os" -	"strconv" -) - -// PublicKey represents an OpenPGP public key. See RFC 4880, section 5.5.2. -type PublicKey struct { -	CreationTime uint32 // seconds since the epoch -	PubKeyAlgo   PublicKeyAlgorithm -	PublicKey    interface{} // Either a *rsa.PublicKey or *dsa.PublicKey -	Fingerprint  [20]byte -	KeyId        uint64 -	IsSubkey     bool - -	n, e, p, q, g, y parsedMPI -} - -func fromBig(n *big.Int) parsedMPI { -	return parsedMPI{ -		bytes:     n.Bytes(), -		bitLength: uint16(n.BitLen()), -	} -} - -// NewRSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey. -func NewRSAPublicKey(creationTimeSecs uint32, pub *rsa.PublicKey, isSubkey bool) *PublicKey { -	pk := &PublicKey{ -		CreationTime: creationTimeSecs, -		PubKeyAlgo:   PubKeyAlgoRSA, -		PublicKey:    pub, -		IsSubkey:     isSubkey, -		n:            fromBig(pub.N), -		e:            fromBig(big.NewInt(int64(pub.E))), -	} - -	pk.setFingerPrintAndKeyId() -	return pk -} - -func (pk *PublicKey) parse(r io.Reader) (err os.Error) { -	// RFC 4880, section 5.5.2 -	var buf [6]byte -	_, err = readFull(r, buf[:]) -	if err != nil { -		return -	} -	if buf[0] != 4 { -		return error.UnsupportedError("public key version") -	} -	pk.CreationTime = uint32(buf[1])<<24 | uint32(buf[2])<<16 | uint32(buf[3])<<8 | uint32(buf[4]) -	pk.PubKeyAlgo = PublicKeyAlgorithm(buf[5]) -	switch pk.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly: -		err = pk.parseRSA(r) -	case PubKeyAlgoDSA: -		err = pk.parseDSA(r) -	case PubKeyAlgoElGamal: -		err = pk.parseElGamal(r) -	default: -		err = error.UnsupportedError("public key type: " + strconv.Itoa(int(pk.PubKeyAlgo))) -	} -	if err != nil { -		return -	} - -	pk.setFingerPrintAndKeyId() -	return -} - -func (pk *PublicKey) setFingerPrintAndKeyId() { -	// RFC 4880, section 12.2 -	fingerPrint := sha1.New() -	pk.SerializeSignaturePrefix(fingerPrint) -	pk.serializeWithoutHeaders(fingerPrint) -	copy(pk.Fingerprint[:], fingerPrint.Sum()) -	pk.KeyId = binary.BigEndian.Uint64(pk.Fingerprint[12:20]) -} - -// parseRSA parses RSA public key material from the given Reader. See RFC 4880, -// section 5.5.2. -func (pk *PublicKey) parseRSA(r io.Reader) (err os.Error) { -	pk.n.bytes, pk.n.bitLength, err = readMPI(r) -	if err != nil { -		return -	} -	pk.e.bytes, pk.e.bitLength, err = readMPI(r) -	if err != nil { -		return -	} - -	if len(pk.e.bytes) > 3 { -		err = error.UnsupportedError("large public exponent") -		return -	} -	rsa := &rsa.PublicKey{ -		N: new(big.Int).SetBytes(pk.n.bytes), -		E: 0, -	} -	for i := 0; i < len(pk.e.bytes); i++ { -		rsa.E <<= 8 -		rsa.E |= int(pk.e.bytes[i]) -	} -	pk.PublicKey = rsa -	return -} - -// parseDSA parses DSA public key material from the given Reader. See RFC 4880, -// section 5.5.2. -func (pk *PublicKey) parseDSA(r io.Reader) (err os.Error) { -	pk.p.bytes, pk.p.bitLength, err = readMPI(r) -	if err != nil { -		return -	} -	pk.q.bytes, pk.q.bitLength, err = readMPI(r) -	if err != nil { -		return -	} -	pk.g.bytes, pk.g.bitLength, err = readMPI(r) -	if err != nil { -		return -	} -	pk.y.bytes, pk.y.bitLength, err = readMPI(r) -	if err != nil { -		return -	} - -	dsa := new(dsa.PublicKey) -	dsa.P = new(big.Int).SetBytes(pk.p.bytes) -	dsa.Q = new(big.Int).SetBytes(pk.q.bytes) -	dsa.G = new(big.Int).SetBytes(pk.g.bytes) -	dsa.Y = new(big.Int).SetBytes(pk.y.bytes) -	pk.PublicKey = dsa -	return -} - -// parseElGamal parses ElGamal public key material from the given Reader. See -// RFC 4880, section 5.5.2. -func (pk *PublicKey) parseElGamal(r io.Reader) (err os.Error) { -	pk.p.bytes, pk.p.bitLength, err = readMPI(r) -	if err != nil { -		return -	} -	pk.g.bytes, pk.g.bitLength, err = readMPI(r) -	if err != nil { -		return -	} -	pk.y.bytes, pk.y.bitLength, err = readMPI(r) -	if err != nil { -		return -	} - -	elgamal := new(elgamal.PublicKey) -	elgamal.P = new(big.Int).SetBytes(pk.p.bytes) -	elgamal.G = new(big.Int).SetBytes(pk.g.bytes) -	elgamal.Y = new(big.Int).SetBytes(pk.y.bytes) -	pk.PublicKey = elgamal -	return -} - -// SerializeSignaturePrefix writes the prefix for this public key to the given Writer. -// The prefix is used when calculating a signature over this public key. See -// RFC 4880, section 5.2.4. -func (pk *PublicKey) SerializeSignaturePrefix(h hash.Hash) { -	var pLength uint16 -	switch pk.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly: -		pLength += 2 + uint16(len(pk.n.bytes)) -		pLength += 2 + uint16(len(pk.e.bytes)) -	case PubKeyAlgoDSA: -		pLength += 2 + uint16(len(pk.p.bytes)) -		pLength += 2 + uint16(len(pk.q.bytes)) -		pLength += 2 + uint16(len(pk.g.bytes)) -		pLength += 2 + uint16(len(pk.y.bytes)) -	case PubKeyAlgoElGamal: -		pLength += 2 + uint16(len(pk.p.bytes)) -		pLength += 2 + uint16(len(pk.g.bytes)) -		pLength += 2 + uint16(len(pk.y.bytes)) -	default: -		panic("unknown public key algorithm") -	} -	pLength += 6 -	h.Write([]byte{0x99, byte(pLength >> 8), byte(pLength)}) -	return -} - -func (pk *PublicKey) Serialize(w io.Writer) (err os.Error) { -	length := 6 // 6 byte header - -	switch pk.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly: -		length += 2 + len(pk.n.bytes) -		length += 2 + len(pk.e.bytes) -	case PubKeyAlgoDSA: -		length += 2 + len(pk.p.bytes) -		length += 2 + len(pk.q.bytes) -		length += 2 + len(pk.g.bytes) -		length += 2 + len(pk.y.bytes) -	case PubKeyAlgoElGamal: -		length += 2 + len(pk.p.bytes) -		length += 2 + len(pk.g.bytes) -		length += 2 + len(pk.y.bytes) -	default: -		panic("unknown public key algorithm") -	} - -	packetType := packetTypePublicKey -	if pk.IsSubkey { -		packetType = packetTypePublicSubkey -	} -	err = serializeHeader(w, packetType, length) -	if err != nil { -		return -	} -	return pk.serializeWithoutHeaders(w) -} - -// serializeWithoutHeaders marshals the PublicKey to w in the form of an -// OpenPGP public key packet, not including the packet header. -func (pk *PublicKey) serializeWithoutHeaders(w io.Writer) (err os.Error) { -	var buf [6]byte -	buf[0] = 4 -	buf[1] = byte(pk.CreationTime >> 24) -	buf[2] = byte(pk.CreationTime >> 16) -	buf[3] = byte(pk.CreationTime >> 8) -	buf[4] = byte(pk.CreationTime) -	buf[5] = byte(pk.PubKeyAlgo) - -	_, err = w.Write(buf[:]) -	if err != nil { -		return -	} - -	switch pk.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly: -		return writeMPIs(w, pk.n, pk.e) -	case PubKeyAlgoDSA: -		return writeMPIs(w, pk.p, pk.q, pk.g, pk.y) -	case PubKeyAlgoElGamal: -		return writeMPIs(w, pk.p, pk.g, pk.y) -	} -	return error.InvalidArgumentError("bad public-key algorithm") -} - -// CanSign returns true iff this public key can generate signatures -func (pk *PublicKey) CanSign() bool { -	return pk.PubKeyAlgo != PubKeyAlgoRSAEncryptOnly && pk.PubKeyAlgo != PubKeyAlgoElGamal -} - -// VerifySignature returns nil iff sig is a valid signature, made by this -// public key, of the data hashed into signed. signed is mutated by this call. -func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err os.Error) { -	if !pk.CanSign() { -		return error.InvalidArgumentError("public key cannot generate signatures") -	} - -	signed.Write(sig.HashSuffix) -	hashBytes := signed.Sum() - -	if hashBytes[0] != sig.HashTag[0] || hashBytes[1] != sig.HashTag[1] { -		return error.SignatureError("hash tag doesn't match") -	} - -	if pk.PubKeyAlgo != sig.PubKeyAlgo { -		return error.InvalidArgumentError("public key and signature use different algorithms") -	} - -	switch pk.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly: -		rsaPublicKey, _ := pk.PublicKey.(*rsa.PublicKey) -		err = rsa.VerifyPKCS1v15(rsaPublicKey, sig.Hash, hashBytes, sig.RSASignature.bytes) -		if err != nil { -			return error.SignatureError("RSA verification failure") -		} -		return nil -	case PubKeyAlgoDSA: -		dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey) -		if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) { -			return error.SignatureError("DSA verification failure") -		} -		return nil -	default: -		panic("shouldn't happen") -	} -	panic("unreachable") -} - -// keySignatureHash returns a Hash of the message that needs to be signed for -// pk to assert a subkey relationship to signed. -func keySignatureHash(pk, signed *PublicKey, sig *Signature) (h hash.Hash, err os.Error) { -	h = sig.Hash.New() -	if h == nil { -		return nil, error.UnsupportedError("hash function") -	} - -	// RFC 4880, section 5.2.4 -	pk.SerializeSignaturePrefix(h) -	pk.serializeWithoutHeaders(h) -	signed.SerializeSignaturePrefix(h) -	signed.serializeWithoutHeaders(h) -	return -} - -// VerifyKeySignature returns nil iff sig is a valid signature, made by this -// public key, of signed. -func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) (err os.Error) { -	h, err := keySignatureHash(pk, signed, sig) -	if err != nil { -		return err -	} -	return pk.VerifySignature(h, sig) -} - -// userIdSignatureHash returns a Hash of the message that needs to be signed -// to assert that pk is a valid key for id. -func userIdSignatureHash(id string, pk *PublicKey, sig *Signature) (h hash.Hash, err os.Error) { -	h = sig.Hash.New() -	if h == nil { -		return nil, error.UnsupportedError("hash function") -	} - -	// RFC 4880, section 5.2.4 -	pk.SerializeSignaturePrefix(h) -	pk.serializeWithoutHeaders(h) - -	var buf [5]byte -	buf[0] = 0xb4 -	buf[1] = byte(len(id) >> 24) -	buf[2] = byte(len(id) >> 16) -	buf[3] = byte(len(id) >> 8) -	buf[4] = byte(len(id)) -	h.Write(buf[:]) -	h.Write([]byte(id)) - -	return -} - -// VerifyUserIdSignature returns nil iff sig is a valid signature, made by this -// public key, of id. -func (pk *PublicKey) VerifyUserIdSignature(id string, sig *Signature) (err os.Error) { -	h, err := userIdSignatureHash(id, pk, sig) -	if err != nil { -		return err -	} -	return pk.VerifySignature(h, sig) -} - -// KeyIdString returns the public key's fingerprint in capital hex -// (e.g. "6C7EE1B8621CC013"). -func (pk *PublicKey) KeyIdString() string { -	return fmt.Sprintf("%X", pk.Fingerprint[12:20]) -} - -// KeyIdShortString returns the short form of public key's fingerprint -// in capital hex, as shown by gpg --list-keys (e.g. "621CC013"). -func (pk *PublicKey) KeyIdShortString() string { -	return fmt.Sprintf("%X", pk.Fingerprint[16:20]) -} - -// A parsedMPI is used to store the contents of a big integer, along with the -// bit length that was specified in the original input. This allows the MPI to -// be reserialized exactly. -type parsedMPI struct { -	bytes     []byte -	bitLength uint16 -} - -// writeMPIs is a utility function for serializing several big integers to the -// given Writer. -func writeMPIs(w io.Writer, mpis ...parsedMPI) (err os.Error) { -	for _, mpi := range mpis { -		err = writeMPI(w, mpi.bitLength, mpi.bytes) -		if err != nil { -			return -		} -	} -	return -} diff --git a/src/pkg/crypto/openpgp/packet/public_key_test.go b/src/pkg/crypto/openpgp/packet/public_key_test.go deleted file mode 100644 index 6e8bfbce6..000000000 --- a/src/pkg/crypto/openpgp/packet/public_key_test.go +++ /dev/null @@ -1,98 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"bytes" -	"encoding/hex" -	"testing" -) - -var pubKeyTests = []struct { -	hexData        string -	hexFingerprint string -	creationTime   uint32 -	pubKeyAlgo     PublicKeyAlgorithm -	keyId          uint64 -	keyIdString    string -	keyIdShort     string -}{ -	{rsaPkDataHex, rsaFingerprintHex, 0x4d3c5c10, PubKeyAlgoRSA, 0xa34d7e18c20c31bb, "A34D7E18C20C31BB", "C20C31BB"}, -	{dsaPkDataHex, dsaFingerprintHex, 0x4d432f89, PubKeyAlgoDSA, 0x8e8fbe54062f19ed, "8E8FBE54062F19ED", "062F19ED"}, -} - -func TestPublicKeyRead(t *testing.T) { -	for i, test := range pubKeyTests { -		packet, err := Read(readerFromHex(test.hexData)) -		if err != nil { -			t.Errorf("#%d: Read error: %s", i, err) -			continue -		} -		pk, ok := packet.(*PublicKey) -		if !ok { -			t.Errorf("#%d: failed to parse, got: %#v", i, packet) -			continue -		} -		if pk.PubKeyAlgo != test.pubKeyAlgo { -			t.Errorf("#%d: bad public key algorithm got:%x want:%x", i, pk.PubKeyAlgo, test.pubKeyAlgo) -		} -		if pk.CreationTime != test.creationTime { -			t.Errorf("#%d: bad creation time got:%x want:%x", i, pk.CreationTime, test.creationTime) -		} -		expectedFingerprint, _ := hex.DecodeString(test.hexFingerprint) -		if !bytes.Equal(expectedFingerprint, pk.Fingerprint[:]) { -			t.Errorf("#%d: bad fingerprint got:%x want:%x", i, pk.Fingerprint[:], expectedFingerprint) -		} -		if pk.KeyId != test.keyId { -			t.Errorf("#%d: bad keyid got:%x want:%x", i, pk.KeyId, test.keyId) -		} -		if g, e := pk.KeyIdString(), test.keyIdString; g != e { -			t.Errorf("#%d: bad KeyIdString got:%q want:%q", i, g, e) -		} -		if g, e := pk.KeyIdShortString(), test.keyIdShort; g != e { -			t.Errorf("#%d: bad KeyIdShortString got:%q want:%q", i, g, e) -		} -	} -} - -func TestPublicKeySerialize(t *testing.T) { -	for i, test := range pubKeyTests { -		packet, err := Read(readerFromHex(test.hexData)) -		if err != nil { -			t.Errorf("#%d: Read error: %s", i, err) -			continue -		} -		pk, ok := packet.(*PublicKey) -		if !ok { -			t.Errorf("#%d: failed to parse, got: %#v", i, packet) -			continue -		} -		serializeBuf := bytes.NewBuffer(nil) -		err = pk.Serialize(serializeBuf) -		if err != nil { -			t.Errorf("#%d: failed to serialize: %s", i, err) -			continue -		} - -		packet, err = Read(serializeBuf) -		if err != nil { -			t.Errorf("#%d: Read error (from serialized data): %s", i, err) -			continue -		} -		pk, ok = packet.(*PublicKey) -		if !ok { -			t.Errorf("#%d: failed to parse serialized data, got: %#v", i, packet) -			continue -		} -	} -} - -const rsaFingerprintHex = "5fb74b1d03b1e3cb31bc2f8aa34d7e18c20c31bb" - -const rsaPkDataHex = "988d044d3c5c10010400b1d13382944bd5aba23a4312968b5095d14f947f600eb478e14a6fcb16b0e0cac764884909c020bc495cfcc39a935387c661507bdb236a0612fb582cac3af9b29cc2c8c70090616c41b662f4da4c1201e195472eb7f4ae1ccbcbf9940fe21d985e379a5563dde5b9a23d35f1cfaa5790da3b79db26f23695107bfaca8e7b5bcd0011010001" - -const dsaFingerprintHex = "eece4c094db002103714c63c8e8fbe54062f19ed" - -const dsaPkDataHex = "9901a2044d432f89110400cd581334f0d7a1e1bdc8b9d6d8c0baf68793632735d2bb0903224cbaa1dfbf35a60ee7a13b92643421e1eb41aa8d79bea19a115a677f6b8ba3c7818ce53a6c2a24a1608bd8b8d6e55c5090cbde09dd26e356267465ae25e69ec8bdd57c7bbb2623e4d73336f73a0a9098f7f16da2e25252130fd694c0e8070c55a812a423ae7f00a0ebf50e70c2f19c3520a551bd4b08d30f23530d3d03ff7d0bf4a53a64a09dc5e6e6e35854b7d70c882b0c60293401958b1bd9e40abec3ea05ba87cf64899299d4bd6aa7f459c201d3fbbd6c82004bdc5e8a9eb8082d12054cc90fa9d4ec251a843236a588bf49552441817436c4f43326966fe85447d4e6d0acf8fa1ef0f014730770603ad7634c3088dc52501c237328417c31c89ed70400b2f1a98b0bf42f11fefc430704bebbaa41d9f355600c3facee1e490f64208e0e094ea55e3a598a219a58500bf78ac677b670a14f4e47e9cf8eab4f368cc1ddcaa18cc59309d4cc62dd4f680e73e6cc3e1ce87a84d0925efbcb26c575c093fc42eecf45135fabf6403a25c2016e1774c0484e440a18319072c617cc97ac0a3bb0" diff --git a/src/pkg/crypto/openpgp/packet/reader.go b/src/pkg/crypto/openpgp/packet/reader.go deleted file mode 100644 index 5febc3bc8..000000000 --- a/src/pkg/crypto/openpgp/packet/reader.go +++ /dev/null @@ -1,63 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"crypto/openpgp/error" -	"io" -	"os" -) - -// Reader reads packets from an io.Reader and allows packets to be 'unread' so -// that they result from the next call to Next. -type Reader struct { -	q       []Packet -	readers []io.Reader -} - -// Next returns the most recently unread Packet, or reads another packet from -// the top-most io.Reader. Unknown packet types are skipped. -func (r *Reader) Next() (p Packet, err os.Error) { -	if len(r.q) > 0 { -		p = r.q[len(r.q)-1] -		r.q = r.q[:len(r.q)-1] -		return -	} - -	for len(r.readers) > 0 { -		p, err = Read(r.readers[len(r.readers)-1]) -		if err == nil { -			return -		} -		if err == os.EOF { -			r.readers = r.readers[:len(r.readers)-1] -			continue -		} -		if _, ok := err.(error.UnknownPacketTypeError); !ok { -			return nil, err -		} -	} - -	return nil, os.EOF -} - -// Push causes the Reader to start reading from a new io.Reader. When an EOF -// error is seen from the new io.Reader, it is popped and the Reader continues -// to read from the next most recent io.Reader. -func (r *Reader) Push(reader io.Reader) { -	r.readers = append(r.readers, reader) -} - -// Unread causes the given Packet to be returned from the next call to Next. -func (r *Reader) Unread(p Packet) { -	r.q = append(r.q, p) -} - -func NewReader(r io.Reader) *Reader { -	return &Reader{ -		q:       nil, -		readers: []io.Reader{r}, -	} -} diff --git a/src/pkg/crypto/openpgp/packet/signature.go b/src/pkg/crypto/openpgp/packet/signature.go deleted file mode 100644 index 7577e2875..000000000 --- a/src/pkg/crypto/openpgp/packet/signature.go +++ /dev/null @@ -1,558 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"crypto" -	"crypto/dsa" -	"crypto/openpgp/error" -	"crypto/openpgp/s2k" -	"crypto/rand" -	"crypto/rsa" -	"encoding/binary" -	"hash" -	"io" -	"os" -	"strconv" -) - -// Signature represents a signature. See RFC 4880, section 5.2. -type Signature struct { -	SigType    SignatureType -	PubKeyAlgo PublicKeyAlgorithm -	Hash       crypto.Hash - -	// HashSuffix is extra data that is hashed in after the signed data. -	HashSuffix []byte -	// HashTag contains the first two bytes of the hash for fast rejection -	// of bad signed data. -	HashTag      [2]byte -	CreationTime uint32 // Unix epoch time - -	RSASignature     parsedMPI -	DSASigR, DSASigS parsedMPI - -	// rawSubpackets contains the unparsed subpackets, in order. -	rawSubpackets []outputSubpacket - -	// The following are optional so are nil when not included in the -	// signature. - -	SigLifetimeSecs, KeyLifetimeSecs                        *uint32 -	PreferredSymmetric, PreferredHash, PreferredCompression []uint8 -	IssuerKeyId                                             *uint64 -	IsPrimaryId                                             *bool - -	// FlagsValid is set if any flags were given. See RFC 4880, section -	// 5.2.3.21 for details. -	FlagsValid                                                           bool -	FlagCertify, FlagSign, FlagEncryptCommunications, FlagEncryptStorage bool - -	outSubpackets []outputSubpacket -} - -func (sig *Signature) parse(r io.Reader) (err os.Error) { -	// RFC 4880, section 5.2.3 -	var buf [5]byte -	_, err = readFull(r, buf[:1]) -	if err != nil { -		return -	} -	if buf[0] != 4 { -		err = error.UnsupportedError("signature packet version " + strconv.Itoa(int(buf[0]))) -		return -	} - -	_, err = readFull(r, buf[:5]) -	if err != nil { -		return -	} -	sig.SigType = SignatureType(buf[0]) -	sig.PubKeyAlgo = PublicKeyAlgorithm(buf[1]) -	switch sig.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoDSA: -	default: -		err = error.UnsupportedError("public key algorithm " + strconv.Itoa(int(sig.PubKeyAlgo))) -		return -	} - -	var ok bool -	sig.Hash, ok = s2k.HashIdToHash(buf[2]) -	if !ok { -		return error.UnsupportedError("hash function " + strconv.Itoa(int(buf[2]))) -	} - -	hashedSubpacketsLength := int(buf[3])<<8 | int(buf[4]) -	l := 6 + hashedSubpacketsLength -	sig.HashSuffix = make([]byte, l+6) -	sig.HashSuffix[0] = 4 -	copy(sig.HashSuffix[1:], buf[:5]) -	hashedSubpackets := sig.HashSuffix[6:l] -	_, err = readFull(r, hashedSubpackets) -	if err != nil { -		return -	} -	// See RFC 4880, section 5.2.4 -	trailer := sig.HashSuffix[l:] -	trailer[0] = 4 -	trailer[1] = 0xff -	trailer[2] = uint8(l >> 24) -	trailer[3] = uint8(l >> 16) -	trailer[4] = uint8(l >> 8) -	trailer[5] = uint8(l) - -	err = parseSignatureSubpackets(sig, hashedSubpackets, true) -	if err != nil { -		return -	} - -	_, err = readFull(r, buf[:2]) -	if err != nil { -		return -	} -	unhashedSubpacketsLength := int(buf[0])<<8 | int(buf[1]) -	unhashedSubpackets := make([]byte, unhashedSubpacketsLength) -	_, err = readFull(r, unhashedSubpackets) -	if err != nil { -		return -	} -	err = parseSignatureSubpackets(sig, unhashedSubpackets, false) -	if err != nil { -		return -	} - -	_, err = readFull(r, sig.HashTag[:2]) -	if err != nil { -		return -	} - -	switch sig.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly: -		sig.RSASignature.bytes, sig.RSASignature.bitLength, err = readMPI(r) -	case PubKeyAlgoDSA: -		sig.DSASigR.bytes, sig.DSASigR.bitLength, err = readMPI(r) -		if err == nil { -			sig.DSASigS.bytes, sig.DSASigS.bitLength, err = readMPI(r) -		} -	default: -		panic("unreachable") -	} -	return -} - -// parseSignatureSubpackets parses subpackets of the main signature packet. See -// RFC 4880, section 5.2.3.1. -func parseSignatureSubpackets(sig *Signature, subpackets []byte, isHashed bool) (err os.Error) { -	for len(subpackets) > 0 { -		subpackets, err = parseSignatureSubpacket(sig, subpackets, isHashed) -		if err != nil { -			return -		} -	} - -	if sig.CreationTime == 0 { -		err = error.StructuralError("no creation time in signature") -	} - -	return -} - -type signatureSubpacketType uint8 - -const ( -	creationTimeSubpacket        signatureSubpacketType = 2 -	signatureExpirationSubpacket signatureSubpacketType = 3 -	keyExpirySubpacket           signatureSubpacketType = 9 -	prefSymmetricAlgosSubpacket  signatureSubpacketType = 11 -	issuerSubpacket              signatureSubpacketType = 16 -	prefHashAlgosSubpacket       signatureSubpacketType = 21 -	prefCompressionSubpacket     signatureSubpacketType = 22 -	primaryUserIdSubpacket       signatureSubpacketType = 25 -	keyFlagsSubpacket            signatureSubpacketType = 27 -) - -// parseSignatureSubpacket parses a single subpacket. len(subpacket) is >= 1. -func parseSignatureSubpacket(sig *Signature, subpacket []byte, isHashed bool) (rest []byte, err os.Error) { -	// RFC 4880, section 5.2.3.1 -	var ( -		length     uint32 -		packetType signatureSubpacketType -		isCritical bool -	) -	switch { -	case subpacket[0] < 192: -		length = uint32(subpacket[0]) -		subpacket = subpacket[1:] -	case subpacket[0] < 255: -		if len(subpacket) < 2 { -			goto Truncated -		} -		length = uint32(subpacket[0]-192)<<8 + uint32(subpacket[1]) + 192 -		subpacket = subpacket[2:] -	default: -		if len(subpacket) < 5 { -			goto Truncated -		} -		length = uint32(subpacket[1])<<24 | -			uint32(subpacket[2])<<16 | -			uint32(subpacket[3])<<8 | -			uint32(subpacket[4]) -		subpacket = subpacket[5:] -	} -	if length > uint32(len(subpacket)) { -		goto Truncated -	} -	rest = subpacket[length:] -	subpacket = subpacket[:length] -	if len(subpacket) == 0 { -		err = error.StructuralError("zero length signature subpacket") -		return -	} -	packetType = signatureSubpacketType(subpacket[0] & 0x7f) -	isCritical = subpacket[0]&0x80 == 0x80 -	subpacket = subpacket[1:] -	sig.rawSubpackets = append(sig.rawSubpackets, outputSubpacket{isHashed, packetType, isCritical, subpacket}) -	switch packetType { -	case creationTimeSubpacket: -		if !isHashed { -			err = error.StructuralError("signature creation time in non-hashed area") -			return -		} -		if len(subpacket) != 4 { -			err = error.StructuralError("signature creation time not four bytes") -			return -		} -		sig.CreationTime = binary.BigEndian.Uint32(subpacket) -	case signatureExpirationSubpacket: -		// Signature expiration time, section 5.2.3.10 -		if !isHashed { -			return -		} -		if len(subpacket) != 4 { -			err = error.StructuralError("expiration subpacket with bad length") -			return -		} -		sig.SigLifetimeSecs = new(uint32) -		*sig.SigLifetimeSecs = binary.BigEndian.Uint32(subpacket) -	case keyExpirySubpacket: -		// Key expiration time, section 5.2.3.6 -		if !isHashed { -			return -		} -		if len(subpacket) != 4 { -			err = error.StructuralError("key expiration subpacket with bad length") -			return -		} -		sig.KeyLifetimeSecs = new(uint32) -		*sig.KeyLifetimeSecs = binary.BigEndian.Uint32(subpacket) -	case prefSymmetricAlgosSubpacket: -		// Preferred symmetric algorithms, section 5.2.3.7 -		if !isHashed { -			return -		} -		sig.PreferredSymmetric = make([]byte, len(subpacket)) -		copy(sig.PreferredSymmetric, subpacket) -	case issuerSubpacket: -		// Issuer, section 5.2.3.5 -		if len(subpacket) != 8 { -			err = error.StructuralError("issuer subpacket with bad length") -			return -		} -		sig.IssuerKeyId = new(uint64) -		*sig.IssuerKeyId = binary.BigEndian.Uint64(subpacket) -	case prefHashAlgosSubpacket: -		// Preferred hash algorithms, section 5.2.3.8 -		if !isHashed { -			return -		} -		sig.PreferredHash = make([]byte, len(subpacket)) -		copy(sig.PreferredHash, subpacket) -	case prefCompressionSubpacket: -		// Preferred compression algorithms, section 5.2.3.9 -		if !isHashed { -			return -		} -		sig.PreferredCompression = make([]byte, len(subpacket)) -		copy(sig.PreferredCompression, subpacket) -	case primaryUserIdSubpacket: -		// Primary User ID, section 5.2.3.19 -		if !isHashed { -			return -		} -		if len(subpacket) != 1 { -			err = error.StructuralError("primary user id subpacket with bad length") -			return -		} -		sig.IsPrimaryId = new(bool) -		if subpacket[0] > 0 { -			*sig.IsPrimaryId = true -		} -	case keyFlagsSubpacket: -		// Key flags, section 5.2.3.21 -		if !isHashed { -			return -		} -		if len(subpacket) == 0 { -			err = error.StructuralError("empty key flags subpacket") -			return -		} -		sig.FlagsValid = true -		if subpacket[0]&1 != 0 { -			sig.FlagCertify = true -		} -		if subpacket[0]&2 != 0 { -			sig.FlagSign = true -		} -		if subpacket[0]&4 != 0 { -			sig.FlagEncryptCommunications = true -		} -		if subpacket[0]&8 != 0 { -			sig.FlagEncryptStorage = true -		} - -	default: -		if isCritical { -			err = error.UnsupportedError("unknown critical signature subpacket type " + strconv.Itoa(int(packetType))) -			return -		} -	} -	return - -Truncated: -	err = error.StructuralError("signature subpacket truncated") -	return -} - -// subpacketLengthLength returns the length, in bytes, of an encoded length value. -func subpacketLengthLength(length int) int { -	if length < 192 { -		return 1 -	} -	if length < 16320 { -		return 2 -	} -	return 5 -} - -// serializeSubpacketLength marshals the given length into to. -func serializeSubpacketLength(to []byte, length int) int { -	if length < 192 { -		to[0] = byte(length) -		return 1 -	} -	if length < 16320 { -		length -= 192 -		to[0] = byte(length >> 8) -		to[1] = byte(length) -		return 2 -	} -	to[0] = 255 -	to[1] = byte(length >> 24) -	to[2] = byte(length >> 16) -	to[3] = byte(length >> 8) -	to[4] = byte(length) -	return 5 -} - -// subpacketsLength returns the serialized length, in bytes, of the given -// subpackets. -func subpacketsLength(subpackets []outputSubpacket, hashed bool) (length int) { -	for _, subpacket := range subpackets { -		if subpacket.hashed == hashed { -			length += subpacketLengthLength(len(subpacket.contents) + 1) -			length += 1 // type byte -			length += len(subpacket.contents) -		} -	} -	return -} - -// serializeSubpackets marshals the given subpackets into to. -func serializeSubpackets(to []byte, subpackets []outputSubpacket, hashed bool) { -	for _, subpacket := range subpackets { -		if subpacket.hashed == hashed { -			n := serializeSubpacketLength(to, len(subpacket.contents)+1) -			to[n] = byte(subpacket.subpacketType) -			to = to[1+n:] -			n = copy(to, subpacket.contents) -			to = to[n:] -		} -	} -	return -} - -// buildHashSuffix constructs the HashSuffix member of sig in preparation for signing. -func (sig *Signature) buildHashSuffix() (err os.Error) { -	hashedSubpacketsLen := subpacketsLength(sig.outSubpackets, true) - -	var ok bool -	l := 6 + hashedSubpacketsLen -	sig.HashSuffix = make([]byte, l+6) -	sig.HashSuffix[0] = 4 -	sig.HashSuffix[1] = uint8(sig.SigType) -	sig.HashSuffix[2] = uint8(sig.PubKeyAlgo) -	sig.HashSuffix[3], ok = s2k.HashToHashId(sig.Hash) -	if !ok { -		sig.HashSuffix = nil -		return error.InvalidArgumentError("hash cannot be represented in OpenPGP: " + strconv.Itoa(int(sig.Hash))) -	} -	sig.HashSuffix[4] = byte(hashedSubpacketsLen >> 8) -	sig.HashSuffix[5] = byte(hashedSubpacketsLen) -	serializeSubpackets(sig.HashSuffix[6:l], sig.outSubpackets, true) -	trailer := sig.HashSuffix[l:] -	trailer[0] = 4 -	trailer[1] = 0xff -	trailer[2] = byte(l >> 24) -	trailer[3] = byte(l >> 16) -	trailer[4] = byte(l >> 8) -	trailer[5] = byte(l) -	return -} - -func (sig *Signature) signPrepareHash(h hash.Hash) (digest []byte, err os.Error) { -	err = sig.buildHashSuffix() -	if err != nil { -		return -	} - -	h.Write(sig.HashSuffix) -	digest = h.Sum() -	copy(sig.HashTag[:], digest) -	return -} - -// Sign signs a message with a private key. The hash, h, must contain -// the hash of the message to be signed and will be mutated by this function. -// On success, the signature is stored in sig. Call Serialize to write it out. -func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey) (err os.Error) { -	sig.outSubpackets = sig.buildSubpackets() -	digest, err := sig.signPrepareHash(h) -	if err != nil { -		return -	} - -	switch priv.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly: -		sig.RSASignature.bytes, err = rsa.SignPKCS1v15(rand.Reader, priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest) -		sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes)) -	case PubKeyAlgoDSA: -		r, s, err := dsa.Sign(rand.Reader, priv.PrivateKey.(*dsa.PrivateKey), digest) -		if err == nil { -			sig.DSASigR.bytes = r.Bytes() -			sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes)) -			sig.DSASigS.bytes = s.Bytes() -			sig.DSASigS.bitLength = uint16(8 * len(sig.DSASigS.bytes)) -		} -	default: -		err = error.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo))) -	} - -	return -} - -// SignUserId computes a signature from priv, asserting that pub is a valid -// key for the identity id.  On success, the signature is stored in sig. Call -// Serialize to write it out. -func (sig *Signature) SignUserId(id string, pub *PublicKey, priv *PrivateKey) os.Error { -	h, err := userIdSignatureHash(id, pub, sig) -	if err != nil { -		return nil -	} -	return sig.Sign(h, priv) -} - -// SignKey computes a signature from priv, asserting that pub is a subkey.  On -// success, the signature is stored in sig. Call Serialize to write it out. -func (sig *Signature) SignKey(pub *PublicKey, priv *PrivateKey) os.Error { -	h, err := keySignatureHash(&priv.PublicKey, pub, sig) -	if err != nil { -		return err -	} -	return sig.Sign(h, priv) -} - -// Serialize marshals sig to w. SignRSA or SignDSA must have been called first. -func (sig *Signature) Serialize(w io.Writer) (err os.Error) { -	if len(sig.outSubpackets) == 0 { -		sig.outSubpackets = sig.rawSubpackets -	} -	if sig.RSASignature.bytes == nil && sig.DSASigR.bytes == nil { -		return error.InvalidArgumentError("Signature: need to call SignRSA or SignDSA before Serialize") -	} - -	sigLength := 0 -	switch sig.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly: -		sigLength = 2 + len(sig.RSASignature.bytes) -	case PubKeyAlgoDSA: -		sigLength = 2 + len(sig.DSASigR.bytes) -		sigLength += 2 + len(sig.DSASigS.bytes) -	default: -		panic("impossible") -	} - -	unhashedSubpacketsLen := subpacketsLength(sig.outSubpackets, false) -	length := len(sig.HashSuffix) - 6 /* trailer not included */ + -		2 /* length of unhashed subpackets */ + unhashedSubpacketsLen + -		2 /* hash tag */ + sigLength -	err = serializeHeader(w, packetTypeSignature, length) -	if err != nil { -		return -	} - -	_, err = w.Write(sig.HashSuffix[:len(sig.HashSuffix)-6]) -	if err != nil { -		return -	} - -	unhashedSubpackets := make([]byte, 2+unhashedSubpacketsLen) -	unhashedSubpackets[0] = byte(unhashedSubpacketsLen >> 8) -	unhashedSubpackets[1] = byte(unhashedSubpacketsLen) -	serializeSubpackets(unhashedSubpackets[2:], sig.outSubpackets, false) - -	_, err = w.Write(unhashedSubpackets) -	if err != nil { -		return -	} -	_, err = w.Write(sig.HashTag[:]) -	if err != nil { -		return -	} - -	switch sig.PubKeyAlgo { -	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly: -		err = writeMPIs(w, sig.RSASignature) -	case PubKeyAlgoDSA: -		err = writeMPIs(w, sig.DSASigR, sig.DSASigS) -	default: -		panic("impossible") -	} -	return -} - -// outputSubpacket represents a subpacket to be marshaled. -type outputSubpacket struct { -	hashed        bool // true if this subpacket is in the hashed area. -	subpacketType signatureSubpacketType -	isCritical    bool -	contents      []byte -} - -func (sig *Signature) buildSubpackets() (subpackets []outputSubpacket) { -	creationTime := make([]byte, 4) -	creationTime[0] = byte(sig.CreationTime >> 24) -	creationTime[1] = byte(sig.CreationTime >> 16) -	creationTime[2] = byte(sig.CreationTime >> 8) -	creationTime[3] = byte(sig.CreationTime) -	subpackets = append(subpackets, outputSubpacket{true, creationTimeSubpacket, false, creationTime}) - -	if sig.IssuerKeyId != nil { -		keyId := make([]byte, 8) -		binary.BigEndian.PutUint64(keyId, *sig.IssuerKeyId) -		subpackets = append(subpackets, outputSubpacket{true, issuerSubpacket, false, keyId}) -	} - -	return -} diff --git a/src/pkg/crypto/openpgp/packet/signature_test.go b/src/pkg/crypto/openpgp/packet/signature_test.go deleted file mode 100644 index c1bbde8b0..000000000 --- a/src/pkg/crypto/openpgp/packet/signature_test.go +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"bytes" -	"crypto" -	"encoding/hex" -	"testing" -) - -func TestSignatureRead(t *testing.T) { -	packet, err := Read(readerFromHex(signatureDataHex)) -	if err != nil { -		t.Error(err) -		return -	} -	sig, ok := packet.(*Signature) -	if !ok || sig.SigType != SigTypeBinary || sig.PubKeyAlgo != PubKeyAlgoRSA || sig.Hash != crypto.SHA1 { -		t.Errorf("failed to parse, got: %#v", packet) -	} -} - -func TestSignatureReserialize(t *testing.T) { -	packet, _ := Read(readerFromHex(signatureDataHex)) -	sig := packet.(*Signature) -	out := new(bytes.Buffer) -	err := sig.Serialize(out) -	if err != nil { -		t.Errorf("error reserializing: %s", err) -		return -	} - -	expected, _ := hex.DecodeString(signatureDataHex) -	if !bytes.Equal(expected, out.Bytes()) { -		t.Errorf("output doesn't match input (got vs expected):\n%s\n%s", hex.Dump(out.Bytes()), hex.Dump(expected)) -	} -} - -const signatureDataHex = "c2c05c04000102000605024cb45112000a0910ab105c91af38fb158f8d07ff5596ea368c5efe015bed6e78348c0f033c931d5f2ce5db54ce7f2a7e4b4ad64db758d65a7a71773edeab7ba2a9e0908e6a94a1175edd86c1d843279f045b021a6971a72702fcbd650efc393c5474d5b59a15f96d2eaad4c4c426797e0dcca2803ef41c6ff234d403eec38f31d610c344c06f2401c262f0993b2e66cad8a81ebc4322c723e0d4ba09fe917e8777658307ad8329adacba821420741009dfe87f007759f0982275d028a392c6ed983a0d846f890b36148c7358bdb8a516007fac760261ecd06076813831a36d0459075d1befa245ae7f7fb103d92ca759e9498fe60ef8078a39a3beda510deea251ea9f0a7f0df6ef42060f20780360686f3e400e" diff --git a/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted.go b/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted.go deleted file mode 100644 index ad4f1d621..000000000 --- a/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted.go +++ /dev/null @@ -1,162 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"bytes" -	"crypto/cipher" -	"crypto/openpgp/error" -	"crypto/openpgp/s2k" -	"io" -	"os" -	"strconv" -) - -// This is the largest session key that we'll support. Since no 512-bit cipher -// has even been seriously used, this is comfortably large. -const maxSessionKeySizeInBytes = 64 - -// SymmetricKeyEncrypted represents a passphrase protected session key. See RFC -// 4880, section 5.3. -type SymmetricKeyEncrypted struct { -	CipherFunc   CipherFunction -	Encrypted    bool -	Key          []byte // Empty unless Encrypted is false. -	s2k          func(out, in []byte) -	encryptedKey []byte -} - -const symmetricKeyEncryptedVersion = 4 - -func (ske *SymmetricKeyEncrypted) parse(r io.Reader) (err os.Error) { -	// RFC 4880, section 5.3. -	var buf [2]byte -	_, err = readFull(r, buf[:]) -	if err != nil { -		return -	} -	if buf[0] != symmetricKeyEncryptedVersion { -		return error.UnsupportedError("SymmetricKeyEncrypted version") -	} -	ske.CipherFunc = CipherFunction(buf[1]) - -	if ske.CipherFunc.KeySize() == 0 { -		return error.UnsupportedError("unknown cipher: " + strconv.Itoa(int(buf[1]))) -	} - -	ske.s2k, err = s2k.Parse(r) -	if err != nil { -		return -	} - -	encryptedKey := make([]byte, maxSessionKeySizeInBytes) -	// The session key may follow. We just have to try and read to find -	// out. If it exists then we limit it to maxSessionKeySizeInBytes. -	n, err := readFull(r, encryptedKey) -	if err != nil && err != io.ErrUnexpectedEOF { -		return -	} -	err = nil -	if n != 0 { -		if n == maxSessionKeySizeInBytes { -			return error.UnsupportedError("oversized encrypted session key") -		} -		ske.encryptedKey = encryptedKey[:n] -	} - -	ske.Encrypted = true - -	return -} - -// Decrypt attempts to decrypt an encrypted session key. If it returns nil, -// ske.Key will contain the session key. -func (ske *SymmetricKeyEncrypted) Decrypt(passphrase []byte) os.Error { -	if !ske.Encrypted { -		return nil -	} - -	key := make([]byte, ske.CipherFunc.KeySize()) -	ske.s2k(key, passphrase) - -	if len(ske.encryptedKey) == 0 { -		ske.Key = key -	} else { -		// the IV is all zeros -		iv := make([]byte, ske.CipherFunc.blockSize()) -		c := cipher.NewCFBDecrypter(ske.CipherFunc.new(key), iv) -		c.XORKeyStream(ske.encryptedKey, ske.encryptedKey) -		ske.CipherFunc = CipherFunction(ske.encryptedKey[0]) -		if ske.CipherFunc.blockSize() == 0 { -			return error.UnsupportedError("unknown cipher: " + strconv.Itoa(int(ske.CipherFunc))) -		} -		ske.CipherFunc = CipherFunction(ske.encryptedKey[0]) -		ske.Key = ske.encryptedKey[1:] -		if len(ske.Key)%ske.CipherFunc.blockSize() != 0 { -			ske.Key = nil -			return error.StructuralError("length of decrypted key not a multiple of block size") -		} -	} - -	ske.Encrypted = false -	return nil -} - -// SerializeSymmetricKeyEncrypted serializes a symmetric key packet to w. The -// packet contains a random session key, encrypted by a key derived from the -// given passphrase. The session key is returned and must be passed to -// SerializeSymmetricallyEncrypted. -func SerializeSymmetricKeyEncrypted(w io.Writer, rand io.Reader, passphrase []byte, cipherFunc CipherFunction) (key []byte, err os.Error) { -	keySize := cipherFunc.KeySize() -	if keySize == 0 { -		return nil, error.UnsupportedError("unknown cipher: " + strconv.Itoa(int(cipherFunc))) -	} - -	s2kBuf := new(bytes.Buffer) -	keyEncryptingKey := make([]byte, keySize) -	// s2k.Serialize salts and stretches the passphrase, and writes the -	// resulting key to keyEncryptingKey and the s2k descriptor to s2kBuf. -	err = s2k.Serialize(s2kBuf, keyEncryptingKey, rand, passphrase) -	if err != nil { -		return -	} -	s2kBytes := s2kBuf.Bytes() - -	packetLength := 2 /* header */ + len(s2kBytes) + 1 /* cipher type */ + keySize -	err = serializeHeader(w, packetTypeSymmetricKeyEncrypted, packetLength) -	if err != nil { -		return -	} - -	var buf [2]byte -	buf[0] = symmetricKeyEncryptedVersion -	buf[1] = byte(cipherFunc) -	_, err = w.Write(buf[:]) -	if err != nil { -		return -	} -	_, err = w.Write(s2kBytes) -	if err != nil { -		return -	} - -	sessionKey := make([]byte, keySize) -	_, err = io.ReadFull(rand, sessionKey) -	if err != nil { -		return -	} -	iv := make([]byte, cipherFunc.blockSize()) -	c := cipher.NewCFBEncrypter(cipherFunc.new(keyEncryptingKey), iv) -	encryptedCipherAndKey := make([]byte, keySize+1) -	c.XORKeyStream(encryptedCipherAndKey, buf[1:]) -	c.XORKeyStream(encryptedCipherAndKey[1:], sessionKey) -	_, err = w.Write(encryptedCipherAndKey) -	if err != nil { -		return -	} - -	key = sessionKey -	return -} diff --git a/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted_test.go b/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted_test.go deleted file mode 100644 index 823ec400d..000000000 --- a/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted_test.go +++ /dev/null @@ -1,101 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"bytes" -	"crypto/rand" -	"encoding/hex" -	"io/ioutil" -	"os" -	"testing" -) - -func TestSymmetricKeyEncrypted(t *testing.T) { -	buf := readerFromHex(symmetricallyEncryptedHex) -	packet, err := Read(buf) -	if err != nil { -		t.Errorf("failed to read SymmetricKeyEncrypted: %s", err) -		return -	} -	ske, ok := packet.(*SymmetricKeyEncrypted) -	if !ok { -		t.Error("didn't find SymmetricKeyEncrypted packet") -		return -	} -	err = ske.Decrypt([]byte("password")) -	if err != nil { -		t.Error(err) -		return -	} - -	packet, err = Read(buf) -	if err != nil { -		t.Errorf("failed to read SymmetricallyEncrypted: %s", err) -		return -	} -	se, ok := packet.(*SymmetricallyEncrypted) -	if !ok { -		t.Error("didn't find SymmetricallyEncrypted packet") -		return -	} -	r, err := se.Decrypt(ske.CipherFunc, ske.Key) -	if err != nil { -		t.Error(err) -		return -	} - -	contents, err := ioutil.ReadAll(r) -	if err != nil && err != os.EOF { -		t.Error(err) -		return -	} - -	expectedContents, _ := hex.DecodeString(symmetricallyEncryptedContentsHex) -	if !bytes.Equal(expectedContents, contents) { -		t.Errorf("bad contents got:%x want:%x", contents, expectedContents) -	} -} - -const symmetricallyEncryptedHex = "8c0d04030302371a0b38d884f02060c91cf97c9973b8e58e028e9501708ccfe618fb92afef7fa2d80ddadd93cf" -const symmetricallyEncryptedContentsHex = "cb1062004d14c4df636f6e74656e74732e0a" - -func TestSerializeSymmetricKeyEncrypted(t *testing.T) { -	buf := bytes.NewBuffer(nil) -	passphrase := []byte("testing") -	cipherFunc := CipherAES128 - -	key, err := SerializeSymmetricKeyEncrypted(buf, rand.Reader, passphrase, cipherFunc) -	if err != nil { -		t.Errorf("failed to serialize: %s", err) -		return -	} - -	p, err := Read(buf) -	if err != nil { -		t.Errorf("failed to reparse: %s", err) -		return -	} -	ske, ok := p.(*SymmetricKeyEncrypted) -	if !ok { -		t.Errorf("parsed a different packet type: %#v", p) -		return -	} - -	if !ske.Encrypted { -		t.Errorf("SKE not encrypted but should be") -	} -	if ske.CipherFunc != cipherFunc { -		t.Errorf("SKE cipher function is %d (expected %d)", ske.CipherFunc, cipherFunc) -	} -	err = ske.Decrypt(passphrase) -	if err != nil { -		t.Errorf("failed to decrypt reparsed SKE: %s", err) -		return -	} -	if !bytes.Equal(key, ske.Key) { -		t.Errorf("keys don't match after Decrpyt: %x (original) vs %x (parsed)", key, ske.Key) -	} -} diff --git a/src/pkg/crypto/openpgp/packet/symmetrically_encrypted.go b/src/pkg/crypto/openpgp/packet/symmetrically_encrypted.go deleted file mode 100644 index e33c9f3a0..000000000 --- a/src/pkg/crypto/openpgp/packet/symmetrically_encrypted.go +++ /dev/null @@ -1,291 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"crypto/cipher" -	"crypto/openpgp/error" -	"crypto/rand" -	"crypto/sha1" -	"crypto/subtle" -	"hash" -	"io" -	"os" -	"strconv" -) - -// SymmetricallyEncrypted represents a symmetrically encrypted byte string. The -// encrypted contents will consist of more OpenPGP packets. See RFC 4880, -// sections 5.7 and 5.13. -type SymmetricallyEncrypted struct { -	MDC      bool // true iff this is a type 18 packet and thus has an embedded MAC. -	contents io.Reader -	prefix   []byte -} - -const symmetricallyEncryptedVersion = 1 - -func (se *SymmetricallyEncrypted) parse(r io.Reader) os.Error { -	if se.MDC { -		// See RFC 4880, section 5.13. -		var buf [1]byte -		_, err := readFull(r, buf[:]) -		if err != nil { -			return err -		} -		if buf[0] != symmetricallyEncryptedVersion { -			return error.UnsupportedError("unknown SymmetricallyEncrypted version") -		} -	} -	se.contents = r -	return nil -} - -// Decrypt returns a ReadCloser, from which the decrypted contents of the -// packet can be read. An incorrect key can, with high probability, be detected -// immediately and this will result in a KeyIncorrect error being returned. -func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, os.Error) { -	keySize := c.KeySize() -	if keySize == 0 { -		return nil, error.UnsupportedError("unknown cipher: " + strconv.Itoa(int(c))) -	} -	if len(key) != keySize { -		return nil, error.InvalidArgumentError("SymmetricallyEncrypted: incorrect key length") -	} - -	if se.prefix == nil { -		se.prefix = make([]byte, c.blockSize()+2) -		_, err := readFull(se.contents, se.prefix) -		if err != nil { -			return nil, err -		} -	} else if len(se.prefix) != c.blockSize()+2 { -		return nil, error.InvalidArgumentError("can't try ciphers with different block lengths") -	} - -	ocfbResync := cipher.OCFBResync -	if se.MDC { -		// MDC packets use a different form of OCFB mode. -		ocfbResync = cipher.OCFBNoResync -	} - -	s := cipher.NewOCFBDecrypter(c.new(key), se.prefix, ocfbResync) -	if s == nil { -		return nil, error.KeyIncorrectError -	} - -	plaintext := cipher.StreamReader{S: s, R: se.contents} - -	if se.MDC { -		// MDC packets have an embedded hash that we need to check. -		h := sha1.New() -		h.Write(se.prefix) -		return &seMDCReader{in: plaintext, h: h}, nil -	} - -	// Otherwise, we just need to wrap plaintext so that it's a valid ReadCloser. -	return seReader{plaintext}, nil -} - -// seReader wraps an io.Reader with a no-op Close method. -type seReader struct { -	in io.Reader -} - -func (ser seReader) Read(buf []byte) (int, os.Error) { -	return ser.in.Read(buf) -} - -func (ser seReader) Close() os.Error { -	return nil -} - -const mdcTrailerSize = 1 /* tag byte */ + 1 /* length byte */ + sha1.Size - -// An seMDCReader wraps an io.Reader, maintains a running hash and keeps hold -// of the most recent 22 bytes (mdcTrailerSize). Upon EOF, those bytes form an -// MDC packet containing a hash of the previous contents which is checked -// against the running hash. See RFC 4880, section 5.13. -type seMDCReader struct { -	in          io.Reader -	h           hash.Hash -	trailer     [mdcTrailerSize]byte -	scratch     [mdcTrailerSize]byte -	trailerUsed int -	error       bool -	eof         bool -} - -func (ser *seMDCReader) Read(buf []byte) (n int, err os.Error) { -	if ser.error { -		err = io.ErrUnexpectedEOF -		return -	} -	if ser.eof { -		err = os.EOF -		return -	} - -	// If we haven't yet filled the trailer buffer then we must do that -	// first. -	for ser.trailerUsed < mdcTrailerSize { -		n, err = ser.in.Read(ser.trailer[ser.trailerUsed:]) -		ser.trailerUsed += n -		if err == os.EOF { -			if ser.trailerUsed != mdcTrailerSize { -				n = 0 -				err = io.ErrUnexpectedEOF -				ser.error = true -				return -			} -			ser.eof = true -			n = 0 -			return -		} - -		if err != nil { -			n = 0 -			return -		} -	} - -	// If it's a short read then we read into a temporary buffer and shift -	// the data into the caller's buffer. -	if len(buf) <= mdcTrailerSize { -		n, err = readFull(ser.in, ser.scratch[:len(buf)]) -		copy(buf, ser.trailer[:n]) -		ser.h.Write(buf[:n]) -		copy(ser.trailer[:], ser.trailer[n:]) -		copy(ser.trailer[mdcTrailerSize-n:], ser.scratch[:]) -		if n < len(buf) { -			ser.eof = true -			err = os.EOF -		} -		return -	} - -	n, err = ser.in.Read(buf[mdcTrailerSize:]) -	copy(buf, ser.trailer[:]) -	ser.h.Write(buf[:n]) -	copy(ser.trailer[:], buf[n:]) - -	if err == os.EOF { -		ser.eof = true -	} -	return -} - -// This is a new-format packet tag byte for a type 19 (MDC) packet. -const mdcPacketTagByte = byte(0x80) | 0x40 | 19 - -func (ser *seMDCReader) Close() os.Error { -	if ser.error { -		return error.SignatureError("error during reading") -	} - -	for !ser.eof { -		// We haven't seen EOF so we need to read to the end -		var buf [1024]byte -		_, err := ser.Read(buf[:]) -		if err == os.EOF { -			break -		} -		if err != nil { -			return error.SignatureError("error during reading") -		} -	} - -	if ser.trailer[0] != mdcPacketTagByte || ser.trailer[1] != sha1.Size { -		return error.SignatureError("MDC packet not found") -	} -	ser.h.Write(ser.trailer[:2]) - -	final := ser.h.Sum() -	if subtle.ConstantTimeCompare(final, ser.trailer[2:]) != 1 { -		return error.SignatureError("hash mismatch") -	} -	return nil -} - -// An seMDCWriter writes through to an io.WriteCloser while maintains a running -// hash of the data written. On close, it emits an MDC packet containing the -// running hash. -type seMDCWriter struct { -	w io.WriteCloser -	h hash.Hash -} - -func (w *seMDCWriter) Write(buf []byte) (n int, err os.Error) { -	w.h.Write(buf) -	return w.w.Write(buf) -} - -func (w *seMDCWriter) Close() (err os.Error) { -	var buf [mdcTrailerSize]byte - -	buf[0] = mdcPacketTagByte -	buf[1] = sha1.Size -	w.h.Write(buf[:2]) -	digest := w.h.Sum() -	copy(buf[2:], digest) - -	_, err = w.w.Write(buf[:]) -	if err != nil { -		return -	} -	return w.w.Close() -} - -// noOpCloser is like an ioutil.NopCloser, but for an io.Writer. -type noOpCloser struct { -	w io.Writer -} - -func (c noOpCloser) Write(data []byte) (n int, err os.Error) { -	return c.w.Write(data) -} - -func (c noOpCloser) Close() os.Error { -	return nil -} - -// SerializeSymmetricallyEncrypted serializes a symmetrically encrypted packet -// to w and returns a WriteCloser to which the to-be-encrypted packets can be -// written. -func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte) (contents io.WriteCloser, err os.Error) { -	if c.KeySize() != len(key) { -		return nil, error.InvalidArgumentError("SymmetricallyEncrypted.Serialize: bad key length") -	} -	writeCloser := noOpCloser{w} -	ciphertext, err := serializeStreamHeader(writeCloser, packetTypeSymmetricallyEncryptedMDC) -	if err != nil { -		return -	} - -	_, err = ciphertext.Write([]byte{symmetricallyEncryptedVersion}) -	if err != nil { -		return -	} - -	block := c.new(key) -	blockSize := block.BlockSize() -	iv := make([]byte, blockSize) -	_, err = rand.Reader.Read(iv) -	if err != nil { -		return -	} -	s, prefix := cipher.NewOCFBEncrypter(block, iv, cipher.OCFBNoResync) -	_, err = ciphertext.Write(prefix) -	if err != nil { -		return -	} -	plaintext := cipher.StreamWriter{S: s, W: ciphertext} - -	h := sha1.New() -	h.Write(iv) -	h.Write(iv[blockSize-2:]) -	contents = &seMDCWriter{w: plaintext, h: h} -	return -} diff --git a/src/pkg/crypto/openpgp/packet/symmetrically_encrypted_test.go b/src/pkg/crypto/openpgp/packet/symmetrically_encrypted_test.go deleted file mode 100644 index 1054fc2f9..000000000 --- a/src/pkg/crypto/openpgp/packet/symmetrically_encrypted_test.go +++ /dev/null @@ -1,124 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"bytes" -	"crypto/openpgp/error" -	"crypto/sha1" -	"encoding/hex" -	"io" -	"io/ioutil" -	"os" -	"testing" -) - -// TestReader wraps a []byte and returns reads of a specific length. -type testReader struct { -	data   []byte -	stride int -} - -func (t *testReader) Read(buf []byte) (n int, err os.Error) { -	n = t.stride -	if n > len(t.data) { -		n = len(t.data) -	} -	if n > len(buf) { -		n = len(buf) -	} -	copy(buf, t.data) -	t.data = t.data[n:] -	if len(t.data) == 0 { -		err = os.EOF -	} -	return -} - -func testMDCReader(t *testing.T) { -	mdcPlaintext, _ := hex.DecodeString(mdcPlaintextHex) - -	for stride := 1; stride < len(mdcPlaintext)/2; stride++ { -		r := &testReader{data: mdcPlaintext, stride: stride} -		mdcReader := &seMDCReader{in: r, h: sha1.New()} -		body, err := ioutil.ReadAll(mdcReader) -		if err != nil { -			t.Errorf("stride: %d, error: %s", stride, err) -			continue -		} -		if !bytes.Equal(body, mdcPlaintext[:len(mdcPlaintext)-22]) { -			t.Errorf("stride: %d: bad contents %x", stride, body) -			continue -		} - -		err = mdcReader.Close() -		if err != nil { -			t.Errorf("stride: %d, error on Close: %s", stride, err) -		} -	} - -	mdcPlaintext[15] ^= 80 - -	r := &testReader{data: mdcPlaintext, stride: 2} -	mdcReader := &seMDCReader{in: r, h: sha1.New()} -	_, err := ioutil.ReadAll(mdcReader) -	if err != nil { -		t.Errorf("corruption test, error: %s", err) -		return -	} -	err = mdcReader.Close() -	if err == nil { -		t.Error("corruption: no error") -	} else if _, ok := err.(*error.SignatureError); !ok { -		t.Errorf("corruption: expected SignatureError, got: %s", err) -	} -} - -const mdcPlaintextHex = "a302789c3b2d93c4e0eb9aba22283539b3203335af44a134afb800c849cb4c4de10200aff40b45d31432c80cb384299a0655966d6939dfdeed1dddf980" - -func TestSerialize(t *testing.T) { -	buf := bytes.NewBuffer(nil) -	c := CipherAES128 -	key := make([]byte, c.KeySize()) - -	w, err := SerializeSymmetricallyEncrypted(buf, c, key) -	if err != nil { -		t.Errorf("error from SerializeSymmetricallyEncrypted: %s", err) -		return -	} - -	contents := []byte("hello world\n") - -	w.Write(contents) -	w.Close() - -	p, err := Read(buf) -	if err != nil { -		t.Errorf("error from Read: %s", err) -		return -	} - -	se, ok := p.(*SymmetricallyEncrypted) -	if !ok { -		t.Errorf("didn't read a *SymmetricallyEncrypted") -		return -	} - -	r, err := se.Decrypt(c, key) -	if err != nil { -		t.Errorf("error from Decrypt: %s", err) -		return -	} - -	contentsCopy := bytes.NewBuffer(nil) -	_, err = io.Copy(contentsCopy, r) -	if err != nil { -		t.Errorf("error from io.Copy: %s", err) -		return -	} -	if !bytes.Equal(contentsCopy.Bytes(), contents) { -		t.Errorf("contents not equal got: %x want: %x", contentsCopy.Bytes(), contents) -	} -} diff --git a/src/pkg/crypto/openpgp/packet/userid.go b/src/pkg/crypto/openpgp/packet/userid.go deleted file mode 100644 index 0580ba3ed..000000000 --- a/src/pkg/crypto/openpgp/packet/userid.go +++ /dev/null @@ -1,161 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"io" -	"io/ioutil" -	"os" -	"strings" -) - -// UserId contains text that is intended to represent the name and email -// address of the key holder. See RFC 4880, section 5.11. By convention, this -// takes the form "Full Name (Comment) <email@example.com>" -type UserId struct { -	Id string // By convention, this takes the form "Full Name (Comment) <email@example.com>" which is split out in the fields below. - -	Name, Comment, Email string -} - -func hasInvalidCharacters(s string) bool { -	for _, c := range s { -		switch c { -		case '(', ')', '<', '>', 0: -			return true -		} -	} -	return false -} - -// NewUserId returns a UserId or nil if any of the arguments contain invalid -// characters. The invalid characters are '\x00', '(', ')', '<' and '>' -func NewUserId(name, comment, email string) *UserId { -	// RFC 4880 doesn't deal with the structure of userid strings; the -	// name, comment and email form is just a convention. However, there's -	// no convention about escaping the metacharacters and GPG just refuses -	// to create user ids where, say, the name contains a '('. We mirror -	// this behaviour. - -	if hasInvalidCharacters(name) || hasInvalidCharacters(comment) || hasInvalidCharacters(email) { -		return nil -	} - -	uid := new(UserId) -	uid.Name, uid.Comment, uid.Email = name, comment, email -	uid.Id = name -	if len(comment) > 0 { -		if len(uid.Id) > 0 { -			uid.Id += " " -		} -		uid.Id += "(" -		uid.Id += comment -		uid.Id += ")" -	} -	if len(email) > 0 { -		if len(uid.Id) > 0 { -			uid.Id += " " -		} -		uid.Id += "<" -		uid.Id += email -		uid.Id += ">" -	} -	return uid -} - -func (uid *UserId) parse(r io.Reader) (err os.Error) { -	// RFC 4880, section 5.11 -	b, err := ioutil.ReadAll(r) -	if err != nil { -		return -	} -	uid.Id = string(b) -	uid.Name, uid.Comment, uid.Email = parseUserId(uid.Id) -	return -} - -// Serialize marshals uid to w in the form of an OpenPGP packet, including -// header. -func (uid *UserId) Serialize(w io.Writer) os.Error { -	err := serializeHeader(w, packetTypeUserId, len(uid.Id)) -	if err != nil { -		return err -	} -	_, err = w.Write([]byte(uid.Id)) -	return err -} - -// parseUserId extracts the name, comment and email from a user id string that -// is formatted as "Full Name (Comment) <email@example.com>". -func parseUserId(id string) (name, comment, email string) { -	var n, c, e struct { -		start, end int -	} -	var state int - -	for offset, rune := range id { -		switch state { -		case 0: -			// Entering name -			n.start = offset -			state = 1 -			fallthrough -		case 1: -			// In name -			if rune == '(' { -				state = 2 -				n.end = offset -			} else if rune == '<' { -				state = 5 -				n.end = offset -			} -		case 2: -			// Entering comment -			c.start = offset -			state = 3 -			fallthrough -		case 3: -			// In comment -			if rune == ')' { -				state = 4 -				c.end = offset -			} -		case 4: -			// Between comment and email -			if rune == '<' { -				state = 5 -			} -		case 5: -			// Entering email -			e.start = offset -			state = 6 -			fallthrough -		case 6: -			// In email -			if rune == '>' { -				state = 7 -				e.end = offset -			} -		default: -			// After email -		} -	} -	switch state { -	case 1: -		// ended in the name -		n.end = len(id) -	case 3: -		// ended in comment -		c.end = len(id) -	case 6: -		// ended in email -		e.end = len(id) -	} - -	name = strings.TrimSpace(id[n.start:n.end]) -	comment = strings.TrimSpace(id[c.start:c.end]) -	email = strings.TrimSpace(id[e.start:e.end]) -	return -} diff --git a/src/pkg/crypto/openpgp/packet/userid_test.go b/src/pkg/crypto/openpgp/packet/userid_test.go deleted file mode 100644 index 296819389..000000000 --- a/src/pkg/crypto/openpgp/packet/userid_test.go +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package packet - -import ( -	"testing" -) - -var userIdTests = []struct { -	id                   string -	name, comment, email string -}{ -	{"", "", "", ""}, -	{"John Smith", "John Smith", "", ""}, -	{"John Smith ()", "John Smith", "", ""}, -	{"John Smith () <>", "John Smith", "", ""}, -	{"(comment", "", "comment", ""}, -	{"(comment)", "", "comment", ""}, -	{"<email", "", "", "email"}, -	{"<email>   sdfk", "", "", "email"}, -	{"  John Smith  (  Comment ) asdkflj < email > lksdfj", "John Smith", "Comment", "email"}, -	{"  John Smith  < email > lksdfj", "John Smith", "", "email"}, -	{"(<foo", "", "<foo", ""}, -	{"René Descartes (العربي)", "René Descartes", "العربي", ""}, -} - -func TestParseUserId(t *testing.T) { -	for i, test := range userIdTests { -		name, comment, email := parseUserId(test.id) -		if name != test.name { -			t.Errorf("%d: name mismatch got:%s want:%s", i, name, test.name) -		} -		if comment != test.comment { -			t.Errorf("%d: comment mismatch got:%s want:%s", i, comment, test.comment) -		} -		if email != test.email { -			t.Errorf("%d: email mismatch got:%s want:%s", i, email, test.email) -		} -	} -} - -var newUserIdTests = []struct { -	name, comment, email, id string -}{ -	{"foo", "", "", "foo"}, -	{"", "bar", "", "(bar)"}, -	{"", "", "baz", "<baz>"}, -	{"foo", "bar", "", "foo (bar)"}, -	{"foo", "", "baz", "foo <baz>"}, -	{"", "bar", "baz", "(bar) <baz>"}, -	{"foo", "bar", "baz", "foo (bar) <baz>"}, -} - -func TestNewUserId(t *testing.T) { -	for i, test := range newUserIdTests { -		uid := NewUserId(test.name, test.comment, test.email) -		if uid == nil { -			t.Errorf("#%d: returned nil", i) -			continue -		} -		if uid.Id != test.id { -			t.Errorf("#%d: got '%s', want '%s'", i, uid.Id, test.id) -		} -	} -} - -var invalidNewUserIdTests = []struct { -	name, comment, email string -}{ -	{"foo(", "", ""}, -	{"foo<", "", ""}, -	{"", "bar)", ""}, -	{"", "bar<", ""}, -	{"", "", "baz>"}, -	{"", "", "baz)"}, -	{"", "", "baz\x00"}, -} - -func TestNewUserIdWithInvalidInput(t *testing.T) { -	for i, test := range invalidNewUserIdTests { -		if uid := NewUserId(test.name, test.comment, test.email); uid != nil { -			t.Errorf("#%d: returned non-nil value: %#v", i, uid) -		} -	} -} | 
