diff options
Diffstat (limited to 'src/pkg/crypto/rsa')
| -rw-r--r-- | src/pkg/crypto/rsa/Makefile | 2 | ||||
| -rw-r--r-- | src/pkg/crypto/rsa/pkcs1v15.go | 20 | ||||
| -rw-r--r-- | src/pkg/crypto/rsa/pkcs1v15_test.go | 36 | ||||
| -rw-r--r-- | src/pkg/crypto/rsa/rsa_test.go | 30 |
4 files changed, 42 insertions, 46 deletions
diff --git a/src/pkg/crypto/rsa/Makefile b/src/pkg/crypto/rsa/Makefile index e4d81bc52..ff26ca6f2 100644 --- a/src/pkg/crypto/rsa/Makefile +++ b/src/pkg/crypto/rsa/Makefile @@ -2,7 +2,7 @@ # Use of this source code is governed by a BSD-style # license that can be found in the LICENSE file. -include ../../../Make.$(GOARCH) +include ../../../Make.inc TARG=crypto/rsa GOFILES=\ diff --git a/src/pkg/crypto/rsa/pkcs1v15.go b/src/pkg/crypto/rsa/pkcs1v15.go index 5fd25d58c..714046250 100644 --- a/src/pkg/crypto/rsa/pkcs1v15.go +++ b/src/pkg/crypto/rsa/pkcs1v15.go @@ -130,6 +130,9 @@ func nonZeroRandomBytes(s []byte, rand io.Reader) (err os.Error) { if err != nil { return } + // In tests, the PRNG may return all zeros so we do + // this to break the loop. + s[i] ^= 0x42 } } @@ -146,6 +149,7 @@ const ( HashSHA256 HashSHA384 HashSHA512 + HashMD5SHA1 // combined MD5 and SHA1 hash used for RSA signing in TLS. ) // These are ASN1 DER structures: @@ -153,20 +157,22 @@ const ( // digestAlgorithm AlgorithmIdentifier, // digest OCTET STRING // } -// For performance, we don't use the generic ASN1 encoding. Rather, we +// For performance, we don't use the generic ASN1 encoder. Rather, we // precompute a prefix of the digest value that makes a valid ASN1 DER string // with the correct contents. var hashPrefixes = [][]byte{ // HashMD5 - []byte{0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10}, + {0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10}, // HashSHA1 - []byte{0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14}, + {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14}, // HashSHA256 - []byte{0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}, + {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}, // HashSHA384 - []byte{0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}, + {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}, // HashSHA512 - []byte{0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}, + {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}, + // HashMD5SHA1 + {}, // A special TLS case which doesn't use an ASN1 prefix. } // SignPKCS1v15 calcuates the signature of hashed using RSASSA-PSS-SIGN from RSA PKCS#1 v1.5. @@ -252,6 +258,8 @@ func pkcs1v15HashInfo(hash PKCS1v15Hash, inLen int) (hashLen int, prefix []byte, hashLen = 48 case HashSHA512: hashLen = 64 + case HashMD5SHA1: + hashLen = 36 default: return 0, nil, os.ErrorString("unknown hash function") } diff --git a/src/pkg/crypto/rsa/pkcs1v15_test.go b/src/pkg/crypto/rsa/pkcs1v15_test.go index bfc12be28..bf6306dc2 100644 --- a/src/pkg/crypto/rsa/pkcs1v15_test.go +++ b/src/pkg/crypto/rsa/pkcs1v15_test.go @@ -7,10 +7,10 @@ package rsa import ( "big" "bytes" + "crypto/rand" "crypto/sha1" "encoding/base64" "encoding/hex" - "os" "io" "testing" "testing/quick" @@ -31,19 +31,19 @@ type DecryptPKCS1v15Test struct { // These test vectors were generated with `openssl rsautl -pkcs -encrypt` var decryptPKCS1v15Tests = []DecryptPKCS1v15Test{ - DecryptPKCS1v15Test{ + { "gIcUIoVkD6ATMBk/u/nlCZCCWRKdkfjCgFdo35VpRXLduiKXhNz1XupLLzTXAybEq15juc+EgY5o0DHv/nt3yg==", "x", }, - DecryptPKCS1v15Test{ + { "Y7TOCSqofGhkRb+jaVRLzK8xw2cSo1IVES19utzv6hwvx+M8kFsoWQm5DzBeJCZTCVDPkTpavUuEbgp8hnUGDw==", "testing.", }, - DecryptPKCS1v15Test{ + { "arReP9DJtEVyV2Dg3dDp4c/PSk1O6lxkoJ8HcFupoRorBZG+7+1fDAwT1olNddFnQMjmkb8vxwmNMoTAT/BFjQ==", "testing.\n", }, - DecryptPKCS1v15Test{ + { "WtaBXIoGC54+vH0NH0CHHE+dRDOsMc/6BrfFu2lEqcKL9+uDuWaf+Xj9mrbQCjjZcpQuX733zyok/jsnqe/Ftw==", "01234567890123456789012345678901234567890123456789012", }, @@ -63,10 +63,7 @@ func TestDecryptPKCS1v15(t *testing.T) { } func TestEncryptPKCS1v15(t *testing.T) { - urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0) - if err != nil { - t.Errorf("Failed to open /dev/urandom") - } + random := rand.Reader k := (rsaPrivateKey.N.BitLen() + 7) / 8 tryEncryptDecrypt := func(in []byte, blind bool) bool { @@ -74,7 +71,7 @@ func TestEncryptPKCS1v15(t *testing.T) { in = in[0 : k-11] } - ciphertext, err := EncryptPKCS1v15(urandom, &rsaPrivateKey.PublicKey, in) + ciphertext, err := EncryptPKCS1v15(random, &rsaPrivateKey.PublicKey, in) if err != nil { t.Errorf("error encrypting: %s", err) return false @@ -84,7 +81,7 @@ func TestEncryptPKCS1v15(t *testing.T) { if !blind { rand = nil } else { - rand = urandom + rand = random } plaintext, err := DecryptPKCS1v15(rand, rsaPrivateKey, ciphertext) if err != nil { @@ -104,19 +101,19 @@ func TestEncryptPKCS1v15(t *testing.T) { // These test vectors were generated with `openssl rsautl -pkcs -encrypt` var decryptPKCS1v15SessionKeyTests = []DecryptPKCS1v15Test{ - DecryptPKCS1v15Test{ + { "e6ukkae6Gykq0fKzYwULpZehX+UPXYzMoB5mHQUDEiclRbOTqas4Y0E6nwns1BBpdvEJcilhl5zsox/6DtGsYg==", "1234", }, - DecryptPKCS1v15Test{ + { "Dtis4uk/q/LQGGqGk97P59K03hkCIVFMEFZRgVWOAAhxgYpCRG0MX2adptt92l67IqMki6iVQyyt0TtX3IdtEw==", "FAIL", }, - DecryptPKCS1v15Test{ + { "LIyFyCYCptPxrvTxpol8F3M7ZivlMsf53zs0vHRAv+rDIh2YsHS69ePMoPMe3TkOMZ3NupiL3takPxIs1sK+dw==", "abcd", }, - DecryptPKCS1v15Test{ + { "bafnobel46bKy76JzqU/RIVOH0uAYvzUtauKmIidKgM0sMlvobYVAVQPeUQ/oTGjbIZ1v/6Gyi5AO4DtHruGdw==", "FAIL", }, @@ -137,13 +134,10 @@ func TestEncryptPKCS1v15SessionKey(t *testing.T) { } func TestNonZeroRandomBytes(t *testing.T) { - urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0) - if err != nil { - t.Errorf("Failed to open /dev/urandom") - } + random := rand.Reader b := make([]byte, 512) - err = nonZeroRandomBytes(b, urandom) + err := nonZeroRandomBytes(b, random) if err != nil { t.Errorf("returned error: %s", err) } @@ -162,7 +156,7 @@ type signPKCS1v15Test struct { // These vectors have been tested with // `openssl rsautl -verify -inkey pk -in signature | hexdump -C` var signPKCS1v15Tests = []signPKCS1v15Test{ - signPKCS1v15Test{"Test.\n", "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e336ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae"}, + {"Test.\n", "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e336ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae"}, } func TestSignPKCS1v15(t *testing.T) { diff --git a/src/pkg/crypto/rsa/rsa_test.go b/src/pkg/crypto/rsa/rsa_test.go index 172173900..df1f17f17 100644 --- a/src/pkg/crypto/rsa/rsa_test.go +++ b/src/pkg/crypto/rsa/rsa_test.go @@ -7,18 +7,15 @@ package rsa import ( "big" "bytes" + "crypto/rand" "crypto/sha1" - "os" "testing" ) func TestKeyGeneration(t *testing.T) { - urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0) - if err != nil { - t.Errorf("failed to open /dev/urandom") - } + random := rand.Reader - priv, err := GenerateKey(urandom, 1024) + priv, err := GenerateKey(random, 1024) if err != nil { t.Errorf("failed to generate key") } @@ -33,7 +30,7 @@ func TestKeyGeneration(t *testing.T) { t.Errorf("got:%v, want:%v (%s)", m2, m, priv) } - m3, err := decrypt(urandom, priv, c) + m3, err := decrypt(random, priv, c) if err != nil { t.Errorf("error while decrypting (blind): %s", err) } @@ -76,10 +73,7 @@ func TestEncryptOAEP(t *testing.T) { } func TestDecryptOAEP(t *testing.T) { - urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0) - if err != nil { - t.Errorf("Failed to open /dev/urandom") - } + random := rand.Reader sha1 := sha1.New() n := new(big.Int) @@ -98,7 +92,7 @@ func TestDecryptOAEP(t *testing.T) { } // Decrypt with blinding. - out, err = DecryptOAEP(sha1, urandom, &private, message.out, nil) + out, err = DecryptOAEP(sha1, random, &private, message.out, nil) if err != nil { t.Errorf("#%d,%d (blind) error: %s", i, j, err) } else if bytes.Compare(out, message.in) != 0 { @@ -111,12 +105,12 @@ func TestDecryptOAEP(t *testing.T) { // testEncryptOAEPData contains a subset of the vectors from RSA's "Test vectors for RSA-OAEP". var testEncryptOAEPData = []testEncryptOAEPStruct{ // Key 1 - testEncryptOAEPStruct{"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb", + {"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb", 65537, "53339cfdb79fc8466a655c7316aca85c55fd8f6dd898fdaf119517ef4f52e8fd8e258df93fee180fa0e4ab29693cd83b152a553d4ac4d1812b8b9fa5af0e7f55fe7304df41570926f3311f15c4d65a732c483116ee3d3d2d0af3549ad9bf7cbfb78ad884f84d5beb04724dc7369b31def37d0cf539e9cfcdd3de653729ead5d1", []testEncryptOAEPMessage{ // Example 1.1 - testEncryptOAEPMessage{ + { []byte{0x66, 0x28, 0x19, 0x4e, 0x12, 0x07, 0x3d, 0xb0, 0x3b, 0xa9, 0x4c, 0xda, 0x9e, 0xf9, 0x53, 0x23, 0x97, 0xd5, 0x0d, 0xba, 0x79, 0xb9, 0x87, 0x00, 0x4a, 0xfe, @@ -144,7 +138,7 @@ var testEncryptOAEPData = []testEncryptOAEPStruct{ }, }, // Example 1.2 - testEncryptOAEPMessage{ + { []byte{0x75, 0x0c, 0x40, 0x47, 0xf5, 0x47, 0xe8, 0xe4, 0x14, 0x11, 0x85, 0x65, 0x23, 0x29, 0x8a, 0xc9, 0xba, 0xe2, 0x45, 0xef, 0xaf, 0x13, 0x97, 0xfb, 0xe5, 0x6f, @@ -172,7 +166,7 @@ var testEncryptOAEPData = []testEncryptOAEPStruct{ }, }, // Example 1.3 - testEncryptOAEPMessage{ + { []byte{0xd9, 0x4a, 0xe0, 0x83, 0x2e, 0x64, 0x45, 0xce, 0x42, 0x33, 0x1c, 0xb0, 0x6d, 0x53, 0x1a, 0x82, 0xb1, 0xdb, 0x4b, 0xaa, 0xd3, 0x0f, 0x74, 0x6d, 0xc9, 0x16, @@ -205,12 +199,12 @@ var testEncryptOAEPData = []testEncryptOAEPStruct{ }, }, // Key 10 - testEncryptOAEPStruct{"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb", + {"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb", 65537, "056b04216fe5f354ac77250a4b6b0c8525a85c59b0bd80c56450a22d5f438e596a333aa875e291dd43f48cb88b9d5fc0d499f9fcd1c397f9afc070cd9e398c8d19e61db7c7410a6b2675dfbf5d345b804d201add502d5ce2dfcb091ce9997bbebe57306f383e4d588103f036f7e85d1934d152a323e4a8db451d6f4a5b1b0f102cc150e02feee2b88dea4ad4c1baccb24d84072d14e1d24a6771f7408ee30564fb86d4393a34bcf0b788501d193303f13a2284b001f0f649eaf79328d4ac5c430ab4414920a9460ed1b7bc40ec653e876d09abc509ae45b525190116a0c26101848298509c1c3bf3a483e7274054e15e97075036e989f60932807b5257751e79", []testEncryptOAEPMessage{ // Example 10.1 - testEncryptOAEPMessage{ + { []byte{0x8b, 0xba, 0x6b, 0xf8, 0x2a, 0x6c, 0x0f, 0x86, 0xd5, 0xf1, 0x75, 0x6e, 0x97, 0x95, 0x68, 0x70, 0xb0, 0x89, 0x53, 0xb0, 0x6b, 0x4e, 0xb2, 0x05, 0xbc, 0x16, |