Source file
src/crypto/rsa/rsa_test.go
1
2
3
4
5 package rsa_test
6
7 import (
8 "bufio"
9 "bytes"
10 "crypto"
11 "crypto/internal/boring"
12 "crypto/internal/cryptotest"
13 "crypto/rand"
14 . "crypto/rsa"
15 "crypto/sha1"
16 "crypto/sha256"
17 "crypto/sha512"
18 "crypto/x509"
19 "encoding/hex"
20 "encoding/pem"
21 "flag"
22 "fmt"
23 "io"
24 "math/big"
25 "os"
26 "strings"
27 "testing"
28 )
29
30 func TestKeyGeneration(t *testing.T) {
31 sizes := []int{128, 512, 1024, 2048, 3072, 4096}
32 if testing.Short() {
33 sizes = sizes[:2]
34 }
35 for _, size := range sizes {
36 t.Run(fmt.Sprintf("%d", size), func(t *testing.T) {
37 if size < 1024 {
38 _, err := GenerateKey(rand.Reader, size)
39 if err == nil {
40 t.Errorf("GenerateKey(%d) succeeded without GODEBUG", size)
41 }
42 t.Setenv("GODEBUG", "rsa1024min=0")
43 }
44 priv, err := GenerateKey(rand.Reader, size)
45 if err != nil {
46 t.Errorf("GenerateKey(%d): %v", size, err)
47 }
48 if bits := priv.N.BitLen(); bits != size {
49 t.Errorf("key too short (%d vs %d)", bits, size)
50 }
51 testKeyBasics(t, priv)
52 })
53 }
54 }
55
56 func Test3PrimeKeyGeneration(t *testing.T) {
57 size := 1024
58 if testing.Short() {
59 t.Setenv("GODEBUG", "rsa1024min=0")
60 size = 256
61 }
62
63 priv, err := GenerateMultiPrimeKey(rand.Reader, 3, size)
64 if err != nil {
65 t.Errorf("failed to generate key")
66 }
67 testKeyBasics(t, priv)
68 }
69
70 func Test4PrimeKeyGeneration(t *testing.T) {
71 size := 1024
72 if testing.Short() {
73 t.Setenv("GODEBUG", "rsa1024min=0")
74 size = 256
75 }
76
77 priv, err := GenerateMultiPrimeKey(rand.Reader, 4, size)
78 if err != nil {
79 t.Errorf("failed to generate key")
80 }
81 testKeyBasics(t, priv)
82 }
83
84 func TestNPrimeKeyGeneration(t *testing.T) {
85 t.Setenv("GODEBUG", "rsa1024min=0")
86 primeSize := 64
87 maxN := 24
88 if testing.Short() {
89 primeSize = 16
90 maxN = 16
91 }
92
93 for n := 5; n < maxN; n++ {
94 priv, err := GenerateMultiPrimeKey(rand.Reader, n, 64+n*primeSize)
95 if err == nil {
96 testKeyBasics(t, priv)
97 } else {
98 t.Errorf("failed to generate %d-prime key", n)
99 }
100 }
101 }
102
103 func TestImpossibleKeyGeneration(t *testing.T) {
104
105
106 t.Setenv("GODEBUG", "rsa1024min=0")
107 for i := 0; i < 32; i++ {
108 GenerateKey(rand.Reader, i)
109 GenerateMultiPrimeKey(rand.Reader, 3, i)
110 GenerateMultiPrimeKey(rand.Reader, 4, i)
111 GenerateMultiPrimeKey(rand.Reader, 5, i)
112 }
113 }
114
115 func TestTinyKeyGeneration(t *testing.T) {
116
117 if testing.Short() {
118 t.Skip("skipping in short mode")
119 }
120 t.Setenv("GODEBUG", "rsa1024min=0")
121 for range 10000 {
122 k, err := GenerateKey(rand.Reader, 32)
123 if err != nil {
124 t.Fatalf("GenerateKey(32): %v", err)
125 }
126 if err := k.Validate(); err != nil {
127 t.Fatalf("Validate(32): %v", err)
128 }
129 }
130 }
131
132 func TestGnuTLSKey(t *testing.T) {
133 t.Setenv("GODEBUG", "rsa1024min=0")
134
135
136
137 priv := parseKey(testingKey(`-----BEGIN RSA TESTING KEY-----
138 MGECAQACEQDar8EuoZuSosYtE9SeXSyPAgMBAAECEBf7XDET8e6jjTcfO7y/sykC
139 CQDozXjCjkBzLQIJAPB6MqNbZaQrAghbZTdQoko5LQIIUp9ZiKDdYjMCCCCpqzmX
140 d8Y7
141 -----END RSA TESTING KEY-----`))
142 testKeyBasics(t, priv)
143 }
144
145 func testKeyBasics(t *testing.T, priv *PrivateKey) {
146 if err := priv.Validate(); err != nil {
147 t.Errorf("Validate() failed: %s", err)
148 }
149 if priv.D.Cmp(priv.N) > 0 {
150 t.Errorf("private exponent too large")
151 }
152
153 msg := []byte("hi!")
154 enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg)
155 if err != nil {
156 t.Errorf("EncryptPKCS1v15: %v", err)
157 return
158 }
159
160 dec, err := DecryptPKCS1v15(nil, priv, enc)
161 if err != nil {
162 t.Errorf("DecryptPKCS1v15: %v", err)
163 return
164 }
165 if !bytes.Equal(dec, msg) {
166 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv)
167 }
168 }
169
170 func TestAllocations(t *testing.T) {
171 cryptotest.SkipTestAllocations(t)
172
173 m := []byte("Hello Gophers")
174 c, err := EncryptPKCS1v15(rand.Reader, &test2048Key.PublicKey, m)
175 if err != nil {
176 t.Fatal(err)
177 }
178
179 if allocs := testing.AllocsPerRun(100, func() {
180 p, err := DecryptPKCS1v15(nil, test2048Key, c)
181 if err != nil {
182 t.Fatal(err)
183 }
184 if !bytes.Equal(p, m) {
185 t.Fatalf("unexpected output: %q", p)
186 }
187 }); allocs > 10 {
188 t.Errorf("expected less than 10 allocations, got %0.1f", allocs)
189 }
190 }
191
192 var allFlag = flag.Bool("all", false, "test all key sizes up to 2048")
193
194 func TestEverything(t *testing.T) {
195 if testing.Short() {
196
197 for _, key := range []*PrivateKey{test1024Key, test2048Key} {
198 t.Run(fmt.Sprintf("%d", key.N.BitLen()), func(t *testing.T) {
199 t.Parallel()
200 testEverything(t, key)
201 })
202 }
203 return
204 }
205
206 t.Setenv("GODEBUG", "rsa1024min=0")
207 min := 32
208 max := 560
209 if *allFlag {
210 max = 2048
211 }
212 for size := min; size <= max; size++ {
213 size := size
214 t.Run(fmt.Sprintf("%d", size), func(t *testing.T) {
215 t.Parallel()
216 priv, err := GenerateKey(rand.Reader, size)
217 if err != nil {
218 t.Fatalf("GenerateKey(%d): %v", size, err)
219 }
220 if bits := priv.N.BitLen(); bits != size {
221 t.Errorf("key too short (%d vs %d)", bits, size)
222 }
223 testEverything(t, priv)
224 })
225 }
226 }
227
228 func testEverything(t *testing.T, priv *PrivateKey) {
229 if err := priv.Validate(); err != nil {
230 t.Errorf("Validate() failed: %s", err)
231 }
232
233 msg := []byte("test")
234 enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg)
235 if err == ErrMessageTooLong {
236 t.Log("key too small for EncryptPKCS1v15")
237 } else if err != nil {
238 t.Errorf("EncryptPKCS1v15: %v", err)
239 }
240 if err == nil {
241 dec, err := DecryptPKCS1v15(nil, priv, enc)
242 if err != nil {
243 t.Errorf("DecryptPKCS1v15: %v", err)
244 }
245 err = DecryptPKCS1v15SessionKey(nil, priv, enc, make([]byte, 4))
246 if err != nil {
247 t.Errorf("DecryptPKCS1v15SessionKey: %v", err)
248 }
249 if !bytes.Equal(dec, msg) {
250 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv)
251 }
252 }
253
254 label := []byte("label")
255 enc, err = EncryptOAEP(sha256.New(), rand.Reader, &priv.PublicKey, msg, label)
256 if err == ErrMessageTooLong {
257 t.Log("key too small for EncryptOAEP")
258 } else if err != nil {
259 t.Errorf("EncryptOAEP: %v", err)
260 }
261 if err == nil {
262 dec, err := DecryptOAEP(sha256.New(), nil, priv, enc, label)
263 if err != nil {
264 t.Errorf("DecryptOAEP: %v", err)
265 }
266 if !bytes.Equal(dec, msg) {
267 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv)
268 }
269 }
270
271 const hashMsg = "crypto/rsa: input must be hashed message"
272 sig, err := SignPKCS1v15(nil, priv, crypto.SHA256, msg)
273 if err == nil || err.Error() != hashMsg {
274 t.Errorf("SignPKCS1v15 with bad hash: err = %q, want %q", err, hashMsg)
275 }
276
277 hash := sha256.Sum256(msg)
278 sig, err = SignPKCS1v15(nil, priv, crypto.SHA256, hash[:])
279 if err == ErrMessageTooLong {
280 t.Log("key too small for SignPKCS1v15")
281 } else if err != nil {
282 t.Errorf("SignPKCS1v15: %v", err)
283 }
284 if err == nil {
285 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig)
286 if err != nil {
287 t.Errorf("VerifyPKCS1v15: %v", err)
288 }
289 sig[1] ^= 0x80
290 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig)
291 if err == nil {
292 t.Errorf("VerifyPKCS1v15 success for tampered signature")
293 }
294 sig[1] ^= 0x80
295 hash[1] ^= 0x80
296 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig)
297 if err == nil {
298 t.Errorf("VerifyPKCS1v15 success for tampered message")
299 }
300 hash[1] ^= 0x80
301 }
302
303 opts := &PSSOptions{SaltLength: PSSSaltLengthAuto}
304 sig, err = SignPSS(rand.Reader, priv, crypto.SHA256, hash[:], opts)
305 if err == ErrMessageTooLong {
306 t.Log("key too small for SignPSS with PSSSaltLengthAuto")
307 } else if err != nil {
308 t.Errorf("SignPSS: %v", err)
309 }
310 if err == nil {
311 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts)
312 if err != nil {
313 t.Errorf("VerifyPSS: %v", err)
314 }
315 sig[1] ^= 0x80
316 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts)
317 if err == nil {
318 t.Errorf("VerifyPSS success for tampered signature")
319 }
320 sig[1] ^= 0x80
321 hash[1] ^= 0x80
322 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts)
323 if err == nil {
324 t.Errorf("VerifyPSS success for tampered message")
325 }
326 hash[1] ^= 0x80
327 }
328
329 opts.SaltLength = PSSSaltLengthEqualsHash
330 sig, err = SignPSS(rand.Reader, priv, crypto.SHA256, hash[:], opts)
331 if err == ErrMessageTooLong {
332 t.Log("key too small for SignPSS with PSSSaltLengthEqualsHash")
333 } else if err != nil {
334 t.Errorf("SignPSS: %v", err)
335 }
336 if err == nil {
337 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts)
338 if err != nil {
339 t.Errorf("VerifyPSS: %v", err)
340 }
341 sig[1] ^= 0x80
342 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts)
343 if err == nil {
344 t.Errorf("VerifyPSS success for tampered signature")
345 }
346 sig[1] ^= 0x80
347 hash[1] ^= 0x80
348 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts)
349 if err == nil {
350 t.Errorf("VerifyPSS success for tampered message")
351 }
352 hash[1] ^= 0x80
353 }
354
355
356
357 c := bytes.Repeat([]byte{0xff}, priv.Size())
358 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], c, opts)
359 if err == nil {
360 t.Errorf("VerifyPSS accepted a large signature")
361 }
362 _, err = DecryptPKCS1v15(nil, priv, c)
363 if err == nil {
364 t.Errorf("DecryptPKCS1v15 accepted a large ciphertext")
365 }
366 c = append(c, 0xff)
367 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], c, opts)
368 if err == nil {
369 t.Errorf("VerifyPSS accepted a long signature")
370 }
371 _, err = DecryptPKCS1v15(nil, priv, c)
372 if err == nil {
373 t.Errorf("DecryptPKCS1v15 accepted a long ciphertext")
374 }
375
376 der, err := x509.MarshalPKCS8PrivateKey(priv)
377 if err != nil {
378 t.Errorf("MarshalPKCS8PrivateKey: %v", err)
379 }
380 key, err := x509.ParsePKCS8PrivateKey(der)
381 if err != nil {
382 t.Errorf("ParsePKCS8PrivateKey: %v", err)
383 }
384 if !key.(*PrivateKey).Equal(priv) {
385 t.Errorf("private key mismatch")
386 }
387
388 der, err = x509.MarshalPKIXPublicKey(&priv.PublicKey)
389 if err != nil {
390 t.Errorf("MarshalPKIXPublicKey: %v", err)
391 }
392 pub, err := x509.ParsePKIXPublicKey(der)
393 if err != nil {
394 t.Errorf("ParsePKIXPublicKey: %v", err)
395 }
396 if !pub.(*PublicKey).Equal(&priv.PublicKey) {
397 t.Errorf("public key mismatch")
398 }
399 }
400
401 func TestKeyTooSmall(t *testing.T) {
402 checkErr := func(err error) {
403 t.Helper()
404 if err == nil {
405 t.Error("expected error")
406 }
407 if !strings.Contains(err.Error(), "insecure") {
408 t.Errorf("unexpected error: %v", err)
409 }
410 }
411 checkErr2 := func(_ []byte, err error) {
412 t.Helper()
413 checkErr(err)
414 }
415
416 buf := make([]byte, 512/8)
417 checkErr2(test512Key.Sign(rand.Reader, buf, crypto.SHA512))
418 checkErr2(test512Key.Sign(rand.Reader, buf, &PSSOptions{SaltLength: PSSSaltLengthEqualsHash}))
419 checkErr2(test512Key.Decrypt(rand.Reader, buf, &PKCS1v15DecryptOptions{}))
420 checkErr2(test512Key.Decrypt(rand.Reader, buf, &OAEPOptions{Hash: crypto.SHA512}))
421 checkErr(VerifyPKCS1v15(&test512Key.PublicKey, crypto.SHA512, buf, buf))
422 checkErr(VerifyPSS(&test512Key.PublicKey, crypto.SHA512, buf, buf, &PSSOptions{SaltLength: PSSSaltLengthEqualsHash}))
423 checkErr2(SignPKCS1v15(rand.Reader, test512Key, crypto.SHA512, buf))
424 checkErr2(SignPSS(rand.Reader, test512Key, crypto.SHA512, buf, &PSSOptions{SaltLength: PSSSaltLengthEqualsHash}))
425 checkErr2(EncryptPKCS1v15(rand.Reader, &test512Key.PublicKey, buf))
426 checkErr2(EncryptOAEP(sha512.New(), rand.Reader, &test512Key.PublicKey, buf, nil))
427 checkErr2(DecryptPKCS1v15(nil, test512Key, buf))
428 checkErr2(DecryptOAEP(sha512.New(), nil, test512Key, buf, nil))
429 checkErr(DecryptPKCS1v15SessionKey(nil, test512Key, buf, buf))
430 }
431
432 func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") }
433
434 func parseKey(s string) *PrivateKey {
435 p, _ := pem.Decode([]byte(s))
436 if p.Type == "PRIVATE KEY" {
437 k, err := x509.ParsePKCS8PrivateKey(p.Bytes)
438 if err != nil {
439 panic(err)
440 }
441 return k.(*PrivateKey)
442 }
443 k, err := x509.ParsePKCS1PrivateKey(p.Bytes)
444 if err != nil {
445 panic(err)
446 }
447 return k
448 }
449
450 var rsaPrivateKey = test1024Key
451
452 var test512Key = parseKey(testingKey(`-----BEGIN RSA TESTING KEY-----
453 MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0
454 fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu
455 /ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu
456 RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/
457 EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A
458 IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS
459 tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V
460 -----END RSA TESTING KEY-----`))
461
462 var test512KeyTwo = parseKey(testingKey(`-----BEGIN TESTING KEY-----
463 MIIBVgIBADANBgkqhkiG9w0BAQEFAASCAUAwggE8AgEAAkEA0wLCoguSfgskR8tY
464 Fh2AzXQzBpSEmPucxtVe93HzPdQpxvtSTvZe5kIsdvPc7QZ0dCc/qbnUBRbuGIAl
465 Ir0c9QIDAQABAkAzul+AXhnhcFXKi9ziPwVOWIgRuuLupe//BluriXG53BEBSVrV
466 Hr7qFqwnSLSLroMzqhZwoqyRgjsLYyGEHDGBAiEA8T0sDPuht3w2Qv61IAvBwjLH
467 H4HXjRUEWYRn1XjHqAUCIQDf7BYlANRqFfvg1YK3VCM4YyK2mH1UivDi8wdPlJRk
468 MQIhAMp5i2WCNeNpD6n/WkqBU6kJMXPSaPZy82mm5feYHgt5AiEAkg/QnhB9fjma
469 1BzRqD4Uv0pDMXIkhooe+Rrn0OwtI3ECIQDP6nxML3JOjbAS7ydFBv176uVsMJib
470 r4PZozCXKuuGNg==
471 -----END PRIVATE KEY-----`))
472
473 var test1024Key = parseKey(testingKey(`-----BEGIN RSA TESTING KEY-----
474 MIICXQIBAAKBgQCw0YNSqI9T1VFvRsIOejZ9feiKz1SgGfbe9Xq5tEzt2yJCsbyg
475 +xtcuCswNhdqY5A1ZN7G60HbL4/Hh/TlLhFJ4zNHVylz9mDDx3yp4IIcK2lb566d
476 fTD0B5EQ9Iqub4twLUdLKQCBfyhmJJvsEqKxm4J4QWgI+Brh/Pm3d4piPwIDAQAB
477 AoGASC6fj6TkLfMNdYHLQqG9kOlPfys4fstarpZD7X+fUBJ/H/7y5DzeZLGCYAIU
478 +QeAHWv6TfZIQjReW7Qy00RFJdgwFlTFRCsKXhG5x+IB+jL0Grr08KbgPPDgy4Jm
479 xirRHZVtU8lGbkiZX+omDIU28EHLNWL6rFEcTWao/tERspECQQDp2G5Nw0qYWn7H
480 Wm9Up1zkUTnkUkCzhqtxHbeRvNmHGKE7ryGMJEk2RmgHVstQpsvuFY4lIUSZEjAc
481 DUFJERhFAkEAwZH6O1ULORp8sHKDdidyleYcZU8L7y9Y3OXJYqELfddfBgFUZeVQ
482 duRmJj7ryu0g0uurOTE+i8VnMg/ostxiswJBAOc64Dd8uLJWKa6uug+XPr91oi0n
483 OFtM+xHrNK2jc+WmcSg3UJDnAI3uqMc5B+pERLq0Dc6hStehqHjUko3RnZECQEGZ
484 eRYWciE+Cre5dzfZkomeXE0xBrhecV0bOq6EKWLSVE+yr6mAl05ThRK9DCfPSOpy
485 F6rgN3QiyCA9J/1FluUCQQC5nX+PTU1FXx+6Ri2ZCi6EjEKMHr7gHcABhMinZYOt
486 N59pra9UdVQw9jxCU9G7eMyb0jJkNACAuEwakX3gi27b
487 -----END RSA TESTING KEY-----`))
488
489 var test2048KeyPEM = testingKey(`-----BEGIN TESTING KEY-----
490 MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDNoyFUYeDuqw+k
491 iyv47iBy/udbWmQdpbUZ8JobHv8uQrvL7sQN6l83teHgNJsXqtiLF3MC+K+XI6Dq
492 hxUWfQwLip8WEnv7Jx/+53S8yp/CS4Jw86Q1bQHbZjFDpcoqSuwAxlegw18HNZCY
493 fpipYnA1lYCm+MTjtgXJQbjA0dwUGCf4BDMqt+76Jk3XZF5975rftbkGoT9eu8Jt
494 Xs5F5Xkwd8q3fkQz+fpLW4u9jrfFyQ61RRFkYrCjlhtGjYIzBHGgQM4n/sNXhiy5
495 h0tA7Xa6NyYrN/OXe/Y1K8Rz/tzlvbMoxgZgtBuKo1N3m8ckFi7hUVK2eNv7GoAb
496 teTTPrg/AgMBAAECggEAAnfsVpmsL3R0Bh4gXRpPeM63H6e1a8B8kyVwiO9o0cXX
497 gKp9+P39izfB0Kt6lyCj/Wg+wOQT7rg5qy1yIw7fBHGmcjquxh3uN0s3YZ+Vcym6
498 SAY5f0vh/OyJN9r3Uv8+Pc4jtb7So7QDzdWeZurssBmUB0avAMRdGNFGP5SyILcz
499 l3Q59hTxQ4czRHKjZ06L1/sA+tFVbO1j39FN8nMOU/ovLF4lAmZTkQ6AP6n6XPHP
500 B8Nq7jSYz6RDO200jzp6UsdrnjjkJRbzOxN/fn+ckCP+WYuq+y/d05ET9PdVa4qI
501 Jyr80D9QgHmfztcecvYwoskGnkb2F4Tmp0WnAj/xVQKBgQD4TrMLyyHdbAr5hoSi
502 p+r7qBQxnHxPe2FKO7aqagi4iPEHauEDgwPIcsOYota1ACiSs3BaESdJAClbqPYd
503 HDI4c2DZ6opux6WYkSju+tVXYW6qarR3fzrP3fUCdz2c2NfruWOqq8YmjzAhTNPm
504 YzvtzTdwheNYV0Vi71t1SfZmfQKBgQDUAgSUcrgXdGDnSbaNe6KwjY5oZWOQfZe2
505 DUhqfN/JRFZj+EMfIIh6OQXnZqkp0FeRdfRAFl8Yz8ESHEs4j+TikLJEeOdfmYLS
506 TWxlMPDTUGbUvSf4g358NJ8TlfYA7dYpSTNPXMRSLtsz1palmaDBTE/V2xKtTH6p
507 VglRNRUKawKBgCPqBh2TkN9czC2RFkgMb4FcqycN0jEQ0F6TSnVVhtNiAzKmc8s1
508 POvWJZJDIzjkv/mP+JUeXAdD/bdjNc26EU126rA6KzGgsMPjYv9FymusDPybGGUc
509 Qt5j5RcpNgEkn/5ZPyAlXjCfjz+RxChTfAyGHRmqU9qoLMIFir3pJ7llAoGBAMNH
510 sIxENwlzqyafoUUlEq/pU7kZWuJmrO2FwqRDraYoCiM/NCRhxRQ/ng6NY1gejepw
511 abD2alXiV4alBSxubne6rFmhvA00y2mG40c6Ezmxn2ZpbX3dMQ6bMcPKp7QnXtLc
512 mCSL4FGK02ImUNDsd0RVVFw51DRId4rmsuJYMK9NAoGAKlYdc4784ixTD2ZICIOC
513 ZWPxPAyQUEA7EkuUhAX1bVNG6UJTYA8kmGcUCG4jPTgWzi00IyUUr8jK7efyU/zs
514 qiJuVs1bia+flYIQpysMl1VzZh8gW1nkB4SVPm5l2wBvVJDIr9Mc6rueC/oVNkh2
515 fLVGuFoTVIu2bF0cWAjNNMg=
516 -----END TESTING KEY-----`)
517
518 var test2048Key = parseKey(test2048KeyPEM)
519
520 var test3072Key = parseKey(testingKey(`-----BEGIN TESTING KEY-----
521 MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQDJrvevql7G07LM
522 xQAwAA1Oo8qUAkWfmpgrpxIUZE1QTyMCDaspQJGBBR2+iStrzi2NnWvyBz3jJWFZ
523 LepnsMUFSXj5Ez6bEt2x9YbLAAVGhI6USrGAKqRdJ77+F7yIVCJWcV4vtTyN86IO
524 UaHObwCR8GX7MUwJiRxDUZtYxJcwTMHSs4OWxNnqc+A8yRKn85CsCx0X9I1DULq+
525 5BL8gF3MUXvb2zYzIOGI1s3lXOo9tHVcRVB1eV7dZHDyYGxZ4Exj9eKhiOL52hE6
526 ZPTWCCKbQnyBV3HYe+t8DscOG/IzaAzLrx1s6xnqKEe5lUQ03Ty9QN3tpqqLsC4b
527 CUkdk6Ma43KXGkCmoPaGCkssSc9qOrwHrqoMkOnZDWOJ5mKHhINKWV/U7p54T7tx
528 FWI3PFvvYevoPf7cQdJcChbIBvQ+LEuVZvmljhONUjIGKBaqBz5Sjv7Fd5BNnBGz
529 8NwH6tYdT9kdTkCZdfrazbuhLxN0mhhXp2sePRV2KZsB7i7cUJMCAwEAAQKCAYAT
530 fqunbxmehhu237tUaHTg1e6WHvVu54kaUxm+ydvlTY5N5ldV801Sl4AtXjdJwjy0
531 qcj430qpTarawsLxMezhcB2BlKLNEjucC5EeHIrmAEMt7LMP90868prAweJHRTv/
532 zLvfcwPURClf0Uk0L0Dyr7Y+hnXZ8scTb2x2M06FQdjMY+4Yy+oKgm05mEVgNv1p
533 e+DcjhbSMRf+rVoeeSQCmhprATCnLDWmE1QEqIC7OoR2SPxC1rAHnhatfwo00nwz
534 rciN5YSOqoGa1WMNv6ut0HJWZnu5nR1OuZpaf+zrxlthMxPwhhPq0211J4fZviTO
535 WLnubXD3/G9TN1TszeFuO7Ty8HYYkTJ3RLRrTRrfwhOtOJ4tkuwSJol3QIs1asab
536 wYabuqyTv4+6JeoMBSLnMoA8rXSW9ti4gvJ1h8xMqmMF6e91Z0Fn7fvP5MCn/t8H
537 8cIPhYLOhdPH5JMqxozb/a1s+JKvRTLnAXxNjlmyXzNvC+3Ixp4q9O8dWJ8Gt+EC
538 gcEA+12m6iMXU3tBw1cYDcs/Jc0hOVgMAMgtnWZ4+p8RSucO/74bq82kdyAOJxao
539 spAcK03NnpRBDcYsSyuQrE6AXQYel1Gj98mMtOirwt2T9vH5fHT6oKsqEu03hYIB
540 5cggeie4wqKAOb9tVdShJk7YBJUgIXnAcqqmkD4oeUGzUV0QseQtspEHUJSqBQ9n
541 yR4DmyMECgLm47S9LwPMtgRh9ADLBaZeuIRdBEKCDPgNkdya/dLb8u8kE8Ox3T3R
542 +r2hAoHBAM1m1ZNqP9bEa74jZkpMxDN+vUdN7rZcxcpHu1nyii8OzXEopB+jByFA
543 lmMqnKt8z5DRD0dmHXzOggnKJGO2j63/XFaVmsaXcM2B8wlRCqwm4mBE/bYCEKJl
544 xqkDveICzwb1paWSgmFkjc6DN2g1jUd3ptOORuU38onrSphPHFxgyNlNTcOcXvxb
545 GW4R8iPinvpkY3shluWqRQTvai1+gNQlmKMdqXvreUjKqJFCOhoRUVG/MDv8IdP2
546 tXq43+UZswKBwQDSErOzi74r25/bVAdbR9gvjF7O4OGvKZzNpd1HfvbhxXcIjuXr
547 UEK5+AU777ju+ndATZahiD9R9qP/8pnHFxg6JiocxnMlW8EHVEhv4+SMBjA+Ljlj
548 W4kfJjc3ka5qTjWuQVIs/8fv+yayC7DeJhhsxACFWY5Xhn0LoZcLt7fYMNIKCauT
549 R5d4ZbYt4nEXaMkUt0/h2gkCloNhLmjAWatPU/ZYc3FH/f8K11Z+5jPZCihSJw4A
550 2pEpH2yffNHnHuECgcEAmxIWEHNYuwYT6brEETgfsFjxAZI+tIMZ+HtrYJ8R4DEm
551 vVXXguMMEPi4ESosmfNiqYyMInVfscgeuNFZ48YCd3Sg++V6so/G5ABFwjTi/9Fj
552 exbbDLxGXrTD5PokMyu3rSNr6bLQqELIJK8/93bmsJwO4Q07TPaOL73p1U90s/GF
553 8TjBivrVY2RLsKPv0VPYfmWoDV/wkneYH/+4g5xMGt4/fHZ6bEn8iQ4ncXM0dlW4
554 tSTIf6D80RAjNwG4VzitAoHAA8GLh22w+Cx8RPsj6xdrUiVFE+nNMMgeY8Mdjsrq
555 Fh4jJb+4zwSML9R6iJu/LH5B7Fre2Te8QrYP+k/jIHPYJtGesVt/WlAtpDCNsC3j
556 8CBzxwL6zkN+46pph35jPKUSaQQ2r8euNMp/sirkYcP8PpbdtifXCjN08QQIKsqj
557 17IGHe9jZX/EVnSshCkXOBHG31buV10k5GSkeKcoDrkpp25wQ6FjW9L3Q68y6Y8r
558 8h02sdAMB9Yc2A4EgzOySWoD
559 -----END TESTING KEY-----`))
560
561 var test4096Key = parseKey(testingKey(`-----BEGIN TESTING KEY-----
562 MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCmH55T2e8fdUaL
563 iWVL2yI7d/wOu/sxI4nVGoiRMiSMlMZlOEZ4oJY6l2y9N/b8ftwoIpjYO8CBk5au
564 x2Odgpuz+FJyHppvKakUIeAn4940zoNkRe/iptybIuH5tCBygjs0y1617TlR/c5+
565 FF5YRkzsEJrGcLqXzj0hDyrwdplBOv1xz2oHYlvKWWcVMR/qgwoRuj65Ef262t/Q
566 ELH3+fFLzIIstFTk2co2WaALquOsOB6xGOJSAAr8cIAWe+3MqWM8DOcgBuhABA42
567 9IhbBBw0uqTXUv/TGi6tcF29H2buSxAx/Wm6h2PstLd6IJAbWHAa6oTz87H0S6XZ
568 v42cYoFhHma1OJw4id1oOZMFDTPDbHxgUnr2puSU+Fpxrj9+FWwViKE4j0YatbG9
569 cNVpx9xo4NdvOkejWUrqziRorMZTk/zWKz0AkGQzTN3PrX0yy61BoWfznH/NXZ+o
570 j3PqVtkUs6schoIYvrUcdhTCrlLwGSHhU1VKNGAUlLbNrIYTQNgt2gqvjLEsn4/i
571 PgS1IsuDHIc7nGjzvKcuR0UeYCDkmBQqKrdhGbdJ1BRohzLdm+woRpjrqmUCbMa5
572 VWWldJen0YyAlxNILvXMD117azeduseM1sZeGA9L8MmE12auzNbKr371xzgANSXn
573 jRuyrblAZKc10kYStrcEmJdfNlzYAwIDAQABAoICABdQBpsD0W/buFuqm2GKzgIE
574 c4Xp0XVy5EvYnmOp4sEru6/GtvUErDBqwaLIMMv8TY8AU+y8beaBPLsoVg1rn8gg
575 yAklzExfT0/49QkEDFHizUOMIP7wpbLLsWSmZ4tKRV7CT3c+ZDXiZVECML84lmDm
576 b6H7feQB2EhEZaU7L4Sc76ZCEkIZBoKeCz5JF46EdyxHs7erE61eO9xqC1+eXsNh
577 Xr9BS0yWV69K4o/gmnS3p2747AHP6brFWuRM3fFDsB5kPScccQlSyF/j7yK+r+qi
578 arGg/y+z0+sZAr6gooQ8Wnh5dJXtnBNCxSDJYw/DWHAeiyvk/gsndo3ZONlCZZ9u
579 bpwBYx3hA2wTa5GUQxFM0KlI7Ftr9Cescf2jN6Ia48C6FcQsepMzD3jaMkLir8Jk
580 /YD/s5KPzNvwPAyLnf7x574JeWuuxTIPx6b/fHVtboDK6j6XQnzrN2Hy3ngvlEFo
581 zuGYVvtrz5pJXWGVSjZWG1kc9iXCdHKpmFdPj7XhU0gugTzQ/e5uRIqdOqfNLI37
582 fppSuWkWd5uaAg0Zuhd+2L4LG2GhVdfFa1UeHBe/ncFKz1km9Bmjvt04TpxlRnVG
583 wHxJZKlxpxCZ3AuLNUMP/QazPXO8OIfGOCbwkgFiqRY32mKDUvmEADBBoYpk/wBv
584 qV99g5gvYFC5Le4QLzOJAoIBAQDcnqnK2tgkISJhsLs2Oj8vEcT7dU9vVnPSxTcC
585 M0F+8ITukn33K0biUlA+ktcQaF+eeLjfbjkn/H0f2Ajn++ldT56MgAFutZkYvwxJ
586 2A6PVB3jesauSpe8aqoKMDIj8HSA3+AwH+yU+yA9r5EdUq1S6PscP+5Wj22+thAa
587 l65CFD77C0RX0lly5zdjQo3Vyca2HYGm/cshFCPRZc66TPjNAHFthbqktKjMQ91H
588 Hg+Gun2zv8KqeSzMDeHnef4rVaWMIyIBzpu3QdkKPUXMQQxvJ+RW7+MORV9VjE7Z
589 KVnHa/6x9n+jvtQ0ydHc2n0NOp6BQghTCB2G3w3JJfmPcRSNAoIBAQDAw6mPddoz
590 UUzANMOYcFtos4EaWfTQE2okSLVAmLY2gtAK6ldTv6X9xl0IiC/DmWqiNZJ/WmVI
591 glkp6iZhxBSmqov0X9P0M+jdz7CRnbZDFhQWPxSPicurYuPKs52IC08HgIrwErzT
592 /lh+qRXEqzT8rTdftywj5fE89w52NPHBsMS07VhFsJtU4aY2Yl8y1PHeumXU6h66
593 yTvoCLLxJPiLIg9PgvbMF+RiYyomIg75gwfx4zWvIvWdXifQBC88fE7lP2u5gtWL
594 JUJaMy6LNKHn8YezvwQp0dRecvvoqzoApOuHfsPASHb9cfvcy/BxDXFMJO4QWCi1
595 6WLaR835nKLPAoIBAFw7IHSjxNRl3b/FaJ6k/yEoZpdRVaIQHF+y/uo2j10IJCqw
596 p2SbfQjErLNcI/jCCadwhKkzpUVoMs8LO73v/IF79aZ7JR4pYRWNWQ/N+VhGLDCb
597 dVAL8x9b4DZeK7gGoE34SfsUfY1S5wmiyiHeHIOazs/ikjsxvwmJh3X2j20klafR
598 8AJe9/InY2plunHz5tTfxQIQ+8iaaNbzntcXsrPRSZol2/9bX231uR4wHQGQGVj6
599 A+HMwsOT0is5Pt7S8WCCl4b13vdf2eKD9xgK4a3emYEWzG985PwYqiXzOYs7RMEV
600 cgr8ji57aPbRiJHtPbJ/7ob3z5BA07yR2aDz/0kCggEAZDyajHYNLAhHr98AIuGy
601 NsS5CpnietzNoeaJEfkXL0tgoXxwQqVyzH7827XtmHnLgGP5NO4tosHdWbVflhEf
602 Z/dhZYb7MY5YthcMyvvGziXJ9jOBHo7Z8Nowd7Rk41x2EQGfve0QcfBd1idYoXch
603 y47LL6OReW1Vv4z84Szw1fZ0o1yUPVDzxPS9uKP4uvcOevJUh53isuB3nVYArvK5
604 p6fjbEY+zaxS33KPdVrajJa9Z+Ptg4/bRqSycTHr2jkN0ZnkC4hkQMH0OfFJb6vD
605 0VfAaBCZOqHZG/AQ3FFFjRY1P7UEV5WXAn3mKU+HTVJfKug9PxSIvueIttcF3Zm8
606 8wKCAQAM43+DnGW1w34jpsTAeOXC5mhIz7J8spU6Uq5bJIheEE2AbX1z+eRVErZX
607 1WsRNPsNrQfdt/b5IKboBbSYKoGxxRMngJI1eJqyj4LxZrACccS3euAlcU1q+3oN
608 T10qfQol54KjGld/HVDhzbsZJxzLDqvPlroWgwLdOLDMXhwJYfTnqMEQkaG4Aawr
609 3P14+Zp/woLiPWw3iZFcL/bt23IOa9YI0NoLhp5MFNXfIuzx2FhVz6BUSeVfQ6Ko
610 Nx2YZ03g6Kt6B6c43LJx1a/zEPYSZcPERgWOSHlcjmwRfTs6uoN9xt1qs4zEUaKv
611 Axreud3rJ0rekUp6rI1joG717Wls
612 -----END TESTING KEY-----`))
613
614 func BenchmarkDecryptPKCS1v15(b *testing.B) {
615 b.Run("2048", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test2048Key) })
616 b.Run("3072", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test3072Key) })
617 b.Run("4096", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test4096Key) })
618 }
619
620 func benchmarkDecryptPKCS1v15(b *testing.B, k *PrivateKey) {
621 r := bufio.NewReaderSize(rand.Reader, 1<<15)
622
623 m := []byte("Hello Gophers")
624 c, err := EncryptPKCS1v15(r, &k.PublicKey, m)
625 if err != nil {
626 b.Fatal(err)
627 }
628
629 b.ResetTimer()
630 var sink byte
631 for i := 0; i < b.N; i++ {
632 p, err := DecryptPKCS1v15(r, k, c)
633 if err != nil {
634 b.Fatal(err)
635 }
636 if !bytes.Equal(p, m) {
637 b.Fatalf("unexpected output: %q", p)
638 }
639 sink ^= p[0]
640 }
641 }
642
643 func BenchmarkEncryptPKCS1v15(b *testing.B) {
644 b.Run("2048", func(b *testing.B) {
645 r := bufio.NewReaderSize(rand.Reader, 1<<15)
646 m := []byte("Hello Gophers")
647
648 var sink byte
649 for i := 0; i < b.N; i++ {
650 c, err := EncryptPKCS1v15(r, &test2048Key.PublicKey, m)
651 if err != nil {
652 b.Fatal(err)
653 }
654 sink ^= c[0]
655 }
656 })
657 }
658
659 func BenchmarkDecryptOAEP(b *testing.B) {
660 b.Run("2048", func(b *testing.B) {
661 r := bufio.NewReaderSize(rand.Reader, 1<<15)
662
663 m := []byte("Hello Gophers")
664 c, err := EncryptOAEP(sha256.New(), r, &test2048Key.PublicKey, m, nil)
665 if err != nil {
666 b.Fatal(err)
667 }
668
669 b.ResetTimer()
670 var sink byte
671 for i := 0; i < b.N; i++ {
672 p, err := DecryptOAEP(sha256.New(), r, test2048Key, c, nil)
673 if err != nil {
674 b.Fatal(err)
675 }
676 if !bytes.Equal(p, m) {
677 b.Fatalf("unexpected output: %q", p)
678 }
679 sink ^= p[0]
680 }
681 })
682 }
683
684 func BenchmarkEncryptOAEP(b *testing.B) {
685 b.Run("2048", func(b *testing.B) {
686 r := bufio.NewReaderSize(rand.Reader, 1<<15)
687 m := []byte("Hello Gophers")
688
689 var sink byte
690 for i := 0; i < b.N; i++ {
691 c, err := EncryptOAEP(sha256.New(), r, &test2048Key.PublicKey, m, nil)
692 if err != nil {
693 b.Fatal(err)
694 }
695 sink ^= c[0]
696 }
697 })
698 }
699
700 func BenchmarkSignPKCS1v15(b *testing.B) {
701 b.Run("2048", func(b *testing.B) { benchmarkSignPKCS1v15(b, test2048Key) })
702 b.Run("2048/noprecomp/OnlyD", func(b *testing.B) {
703 benchmarkSignPKCS1v15(b, &PrivateKey{
704 PublicKey: test2048Key.PublicKey,
705 D: test2048Key.D,
706 })
707 })
708 b.Run("2048/noprecomp/Primes", func(b *testing.B) {
709 benchmarkSignPKCS1v15(b, &PrivateKey{
710 PublicKey: test2048Key.PublicKey,
711 D: test2048Key.D,
712 Primes: test2048Key.Primes,
713 })
714 })
715
716
717 b.Run("2048/noprecomp/AllValues", func(b *testing.B) {
718 benchmarkSignPKCS1v15(b, &PrivateKey{
719 PublicKey: test2048Key.PublicKey,
720 D: test2048Key.D,
721 Primes: test2048Key.Primes,
722 Precomputed: PrecomputedValues{
723 Dp: test2048Key.Precomputed.Dp,
724 Dq: test2048Key.Precomputed.Dq,
725 Qinv: test2048Key.Precomputed.Qinv,
726 },
727 })
728 })
729 }
730
731 func benchmarkSignPKCS1v15(b *testing.B, k *PrivateKey) {
732 hashed := sha256.Sum256([]byte("testing"))
733
734 var sink byte
735 b.ResetTimer()
736 for i := 0; i < b.N; i++ {
737 s, err := SignPKCS1v15(rand.Reader, k, crypto.SHA256, hashed[:])
738 if err != nil {
739 b.Fatal(err)
740 }
741 sink ^= s[0]
742 }
743 }
744
745 func BenchmarkVerifyPKCS1v15(b *testing.B) {
746 b.Run("2048", func(b *testing.B) {
747 hashed := sha256.Sum256([]byte("testing"))
748 s, err := SignPKCS1v15(rand.Reader, test2048Key, crypto.SHA256, hashed[:])
749 if err != nil {
750 b.Fatal(err)
751 }
752
753 b.ResetTimer()
754 for i := 0; i < b.N; i++ {
755 err := VerifyPKCS1v15(&test2048Key.PublicKey, crypto.SHA256, hashed[:], s)
756 if err != nil {
757 b.Fatal(err)
758 }
759 }
760 })
761 }
762
763 func BenchmarkSignPSS(b *testing.B) {
764 b.Run("2048", func(b *testing.B) {
765 hashed := sha256.Sum256([]byte("testing"))
766
767 var sink byte
768 b.ResetTimer()
769 for i := 0; i < b.N; i++ {
770 s, err := SignPSS(rand.Reader, test2048Key, crypto.SHA256, hashed[:], nil)
771 if err != nil {
772 b.Fatal(err)
773 }
774 sink ^= s[0]
775 }
776 })
777 }
778
779 func BenchmarkVerifyPSS(b *testing.B) {
780 b.Run("2048", func(b *testing.B) {
781 hashed := sha256.Sum256([]byte("testing"))
782 s, err := SignPSS(rand.Reader, test2048Key, crypto.SHA256, hashed[:], nil)
783 if err != nil {
784 b.Fatal(err)
785 }
786
787 b.ResetTimer()
788 for i := 0; i < b.N; i++ {
789 err := VerifyPSS(&test2048Key.PublicKey, crypto.SHA256, hashed[:], s, nil)
790 if err != nil {
791 b.Fatal(err)
792 }
793 }
794 })
795 }
796
797 func BenchmarkParsePKCS8PrivateKey(b *testing.B) {
798 b.Run("2048", func(b *testing.B) {
799 p, _ := pem.Decode([]byte(test2048KeyPEM))
800 b.ResetTimer()
801 for i := 0; i < b.N; i++ {
802 if _, err := x509.ParsePKCS8PrivateKey(p.Bytes); err != nil {
803 b.Fatal(err)
804 }
805 }
806 })
807 }
808
809 func BenchmarkGenerateKey(b *testing.B) {
810 b.Run("2048", func(b *testing.B) {
811 primes, err := os.ReadFile("testdata/keygen2048.txt")
812 if err != nil {
813 b.Fatal(err)
814 }
815 for b.Loop() {
816 r := &testPrimeReader{primes: string(primes)}
817 if _, err := GenerateKey(r, 2048); err != nil {
818 b.Fatal(err)
819 }
820 }
821 })
822 }
823
824
825
826 type testPrimeReader struct {
827 primes string
828 }
829
830 func (r *testPrimeReader) Read(p []byte) (n int, err error) {
831
832
833
834
835
836
837
838 if len(p) == 1 {
839 return 1, nil
840 }
841
842 var line string
843 for line == "" || line[0] == '#' {
844 var ok bool
845 line, r.primes, ok = strings.Cut(r.primes, "\n")
846 if !ok {
847 return 0, io.EOF
848 }
849 }
850 b, err := hex.DecodeString(line)
851 if err != nil {
852 return 0, err
853 }
854 if len(p) != len(b) {
855 return 0, fmt.Errorf("unexpected read length: %d", len(p))
856 }
857 copy(p, b)
858 return len(p), nil
859 }
860
861 type testEncryptOAEPMessage struct {
862 in []byte
863 seed []byte
864 out []byte
865 }
866
867 type testEncryptOAEPStruct struct {
868 modulus string
869 e int
870 d string
871 msgs []testEncryptOAEPMessage
872 }
873
874 func TestEncryptOAEP(t *testing.T) {
875 sha1 := sha1.New()
876 n := new(big.Int)
877 for i, test := range testEncryptOAEPData {
878 n.SetString(test.modulus, 16)
879 public := PublicKey{N: n, E: test.e}
880
881 for j, message := range test.msgs {
882 randomSource := bytes.NewReader(message.seed)
883 out, err := EncryptOAEP(sha1, randomSource, &public, message.in, nil)
884 if err != nil {
885 t.Errorf("#%d,%d error: %s", i, j, err)
886 }
887 if !bytes.Equal(out, message.out) {
888 t.Errorf("#%d,%d bad result: %x (want %x)", i, j, out, message.out)
889 }
890 }
891 }
892 }
893
894 func TestDecryptOAEP(t *testing.T) {
895 random := rand.Reader
896
897 sha1 := sha1.New()
898 n := new(big.Int)
899 d := new(big.Int)
900 for i, test := range testEncryptOAEPData {
901 n.SetString(test.modulus, 16)
902 d.SetString(test.d, 16)
903 private := new(PrivateKey)
904 private.PublicKey = PublicKey{N: n, E: test.e}
905 private.D = d
906
907 for j, message := range test.msgs {
908 out, err := DecryptOAEP(sha1, nil, private, message.out, nil)
909 if err != nil {
910 t.Errorf("#%d,%d error: %s", i, j, err)
911 } else if !bytes.Equal(out, message.in) {
912 t.Errorf("#%d,%d bad result: %#v (want %#v)", i, j, out, message.in)
913 }
914
915
916 out, err = DecryptOAEP(sha1, random, private, message.out, nil)
917 if err != nil {
918 t.Errorf("#%d,%d (blind) error: %s", i, j, err)
919 } else if !bytes.Equal(out, message.in) {
920 t.Errorf("#%d,%d (blind) bad result: %#v (want %#v)", i, j, out, message.in)
921 }
922 }
923 if testing.Short() {
924 break
925 }
926 }
927 }
928
929 func Test2DecryptOAEP(t *testing.T) {
930 random := rand.Reader
931
932 msg := []byte{0xed, 0x36, 0x90, 0x8d, 0xbe, 0xfc, 0x35, 0x40, 0x70, 0x4f, 0xf5, 0x9d, 0x6e, 0xc2, 0xeb, 0xf5, 0x27, 0xae, 0x65, 0xb0, 0x59, 0x29, 0x45, 0x25, 0x8c, 0xc1, 0x91, 0x22}
933 in := []byte{0x72, 0x26, 0x84, 0xc9, 0xcf, 0xd6, 0xa8, 0x96, 0x04, 0x3e, 0x34, 0x07, 0x2c, 0x4f, 0xe6, 0x52, 0xbe, 0x46, 0x3c, 0xcf, 0x79, 0x21, 0x09, 0x64, 0xe7, 0x33, 0x66, 0x9b, 0xf8, 0x14, 0x22, 0x43, 0xfe, 0x8e, 0x52, 0x8b, 0xe0, 0x5f, 0x98, 0xef, 0x54, 0xac, 0x6b, 0xc6, 0x26, 0xac, 0x5b, 0x1b, 0x4b, 0x7d, 0x2e, 0xd7, 0x69, 0x28, 0x5a, 0x2f, 0x4a, 0x95, 0x89, 0x6c, 0xc7, 0x53, 0x95, 0xc7, 0xd2, 0x89, 0x04, 0x6f, 0x94, 0x74, 0x9b, 0x09, 0x0d, 0xf4, 0x61, 0x2e, 0xab, 0x48, 0x57, 0x4a, 0xbf, 0x95, 0xcb, 0xff, 0x15, 0xe2, 0xa0, 0x66, 0x58, 0xf7, 0x46, 0xf8, 0xc7, 0x0b, 0xb5, 0x1e, 0xa7, 0xba, 0x36, 0xce, 0xdd, 0x36, 0x41, 0x98, 0x6e, 0x10, 0xf9, 0x3b, 0x70, 0xbb, 0xa1, 0xda, 0x00, 0x40, 0xd5, 0xa5, 0x3f, 0x87, 0x64, 0x32, 0x7c, 0xbc, 0x50, 0x52, 0x0e, 0x4f, 0x21, 0xbd}
934
935 n := new(big.Int)
936 d := new(big.Int)
937 n.SetString(testEncryptOAEPData[0].modulus, 16)
938 d.SetString(testEncryptOAEPData[0].d, 16)
939 priv := new(PrivateKey)
940 priv.PublicKey = PublicKey{N: n, E: testEncryptOAEPData[0].e}
941 priv.D = d
942 sha1 := crypto.SHA1
943 sha256 := crypto.SHA256
944
945 out, err := priv.Decrypt(random, in, &OAEPOptions{MGFHash: sha1, Hash: sha256})
946
947 if err != nil {
948 t.Errorf("error: %s", err)
949 } else if !bytes.Equal(out, msg) {
950 t.Errorf("bad result %#v (want %#v)", out, msg)
951 }
952 }
953
954 func TestEncryptDecryptOAEP(t *testing.T) {
955 sha256 := sha256.New()
956 n := new(big.Int)
957 d := new(big.Int)
958 for i, test := range testEncryptOAEPData {
959 n.SetString(test.modulus, 16)
960 d.SetString(test.d, 16)
961 priv := new(PrivateKey)
962 priv.PublicKey = PublicKey{N: n, E: test.e}
963 priv.D = d
964
965 for j, message := range test.msgs {
966 label := []byte(fmt.Sprintf("hi#%d", j))
967 enc, err := EncryptOAEP(sha256, rand.Reader, &priv.PublicKey, message.in, label)
968 if err != nil {
969 t.Errorf("#%d,%d: EncryptOAEP: %v", i, j, err)
970 continue
971 }
972 dec, err := DecryptOAEP(sha256, rand.Reader, priv, enc, label)
973 if err != nil {
974 t.Errorf("#%d,%d: DecryptOAEP: %v", i, j, err)
975 continue
976 }
977 if !bytes.Equal(dec, message.in) {
978 t.Errorf("#%d,%d: round trip %q -> %q", i, j, message.in, dec)
979 }
980 }
981 }
982 }
983
984
985 var testEncryptOAEPData = []testEncryptOAEPStruct{
986
987 {"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb",
988 65537,
989 "53339cfdb79fc8466a655c7316aca85c55fd8f6dd898fdaf119517ef4f52e8fd8e258df93fee180fa0e4ab29693cd83b152a553d4ac4d1812b8b9fa5af0e7f55fe7304df41570926f3311f15c4d65a732c483116ee3d3d2d0af3549ad9bf7cbfb78ad884f84d5beb04724dc7369b31def37d0cf539e9cfcdd3de653729ead5d1",
990 []testEncryptOAEPMessage{
991
992 {
993 []byte{0x66, 0x28, 0x19, 0x4e, 0x12, 0x07, 0x3d, 0xb0,
994 0x3b, 0xa9, 0x4c, 0xda, 0x9e, 0xf9, 0x53, 0x23, 0x97,
995 0xd5, 0x0d, 0xba, 0x79, 0xb9, 0x87, 0x00, 0x4a, 0xfe,
996 0xfe, 0x34,
997 },
998 []byte{0x18, 0xb7, 0x76, 0xea, 0x21, 0x06, 0x9d, 0x69,
999 0x77, 0x6a, 0x33, 0xe9, 0x6b, 0xad, 0x48, 0xe1, 0xdd,
1000 0xa0, 0xa5, 0xef,
1001 },
1002 []byte{0x35, 0x4f, 0xe6, 0x7b, 0x4a, 0x12, 0x6d, 0x5d,
1003 0x35, 0xfe, 0x36, 0xc7, 0x77, 0x79, 0x1a, 0x3f, 0x7b,
1004 0xa1, 0x3d, 0xef, 0x48, 0x4e, 0x2d, 0x39, 0x08, 0xaf,
1005 0xf7, 0x22, 0xfa, 0xd4, 0x68, 0xfb, 0x21, 0x69, 0x6d,
1006 0xe9, 0x5d, 0x0b, 0xe9, 0x11, 0xc2, 0xd3, 0x17, 0x4f,
1007 0x8a, 0xfc, 0xc2, 0x01, 0x03, 0x5f, 0x7b, 0x6d, 0x8e,
1008 0x69, 0x40, 0x2d, 0xe5, 0x45, 0x16, 0x18, 0xc2, 0x1a,
1009 0x53, 0x5f, 0xa9, 0xd7, 0xbf, 0xc5, 0xb8, 0xdd, 0x9f,
1010 0xc2, 0x43, 0xf8, 0xcf, 0x92, 0x7d, 0xb3, 0x13, 0x22,
1011 0xd6, 0xe8, 0x81, 0xea, 0xa9, 0x1a, 0x99, 0x61, 0x70,
1012 0xe6, 0x57, 0xa0, 0x5a, 0x26, 0x64, 0x26, 0xd9, 0x8c,
1013 0x88, 0x00, 0x3f, 0x84, 0x77, 0xc1, 0x22, 0x70, 0x94,
1014 0xa0, 0xd9, 0xfa, 0x1e, 0x8c, 0x40, 0x24, 0x30, 0x9c,
1015 0xe1, 0xec, 0xcc, 0xb5, 0x21, 0x00, 0x35, 0xd4, 0x7a,
1016 0xc7, 0x2e, 0x8a,
1017 },
1018 },
1019
1020 {
1021 []byte{0x75, 0x0c, 0x40, 0x47, 0xf5, 0x47, 0xe8, 0xe4,
1022 0x14, 0x11, 0x85, 0x65, 0x23, 0x29, 0x8a, 0xc9, 0xba,
1023 0xe2, 0x45, 0xef, 0xaf, 0x13, 0x97, 0xfb, 0xe5, 0x6f,
1024 0x9d, 0xd5,
1025 },
1026 []byte{0x0c, 0xc7, 0x42, 0xce, 0x4a, 0x9b, 0x7f, 0x32,
1027 0xf9, 0x51, 0xbc, 0xb2, 0x51, 0xef, 0xd9, 0x25, 0xfe,
1028 0x4f, 0xe3, 0x5f,
1029 },
1030 []byte{0x64, 0x0d, 0xb1, 0xac, 0xc5, 0x8e, 0x05, 0x68,
1031 0xfe, 0x54, 0x07, 0xe5, 0xf9, 0xb7, 0x01, 0xdf, 0xf8,
1032 0xc3, 0xc9, 0x1e, 0x71, 0x6c, 0x53, 0x6f, 0xc7, 0xfc,
1033 0xec, 0x6c, 0xb5, 0xb7, 0x1c, 0x11, 0x65, 0x98, 0x8d,
1034 0x4a, 0x27, 0x9e, 0x15, 0x77, 0xd7, 0x30, 0xfc, 0x7a,
1035 0x29, 0x93, 0x2e, 0x3f, 0x00, 0xc8, 0x15, 0x15, 0x23,
1036 0x6d, 0x8d, 0x8e, 0x31, 0x01, 0x7a, 0x7a, 0x09, 0xdf,
1037 0x43, 0x52, 0xd9, 0x04, 0xcd, 0xeb, 0x79, 0xaa, 0x58,
1038 0x3a, 0xdc, 0xc3, 0x1e, 0xa6, 0x98, 0xa4, 0xc0, 0x52,
1039 0x83, 0xda, 0xba, 0x90, 0x89, 0xbe, 0x54, 0x91, 0xf6,
1040 0x7c, 0x1a, 0x4e, 0xe4, 0x8d, 0xc7, 0x4b, 0xbb, 0xe6,
1041 0x64, 0x3a, 0xef, 0x84, 0x66, 0x79, 0xb4, 0xcb, 0x39,
1042 0x5a, 0x35, 0x2d, 0x5e, 0xd1, 0x15, 0x91, 0x2d, 0xf6,
1043 0x96, 0xff, 0xe0, 0x70, 0x29, 0x32, 0x94, 0x6d, 0x71,
1044 0x49, 0x2b, 0x44,
1045 },
1046 },
1047
1048 {
1049 []byte{0xd9, 0x4a, 0xe0, 0x83, 0x2e, 0x64, 0x45, 0xce,
1050 0x42, 0x33, 0x1c, 0xb0, 0x6d, 0x53, 0x1a, 0x82, 0xb1,
1051 0xdb, 0x4b, 0xaa, 0xd3, 0x0f, 0x74, 0x6d, 0xc9, 0x16,
1052 0xdf, 0x24, 0xd4, 0xe3, 0xc2, 0x45, 0x1f, 0xff, 0x59,
1053 0xa6, 0x42, 0x3e, 0xb0, 0xe1, 0xd0, 0x2d, 0x4f, 0xe6,
1054 0x46, 0xcf, 0x69, 0x9d, 0xfd, 0x81, 0x8c, 0x6e, 0x97,
1055 0xb0, 0x51,
1056 },
1057 []byte{0x25, 0x14, 0xdf, 0x46, 0x95, 0x75, 0x5a, 0x67,
1058 0xb2, 0x88, 0xea, 0xf4, 0x90, 0x5c, 0x36, 0xee, 0xc6,
1059 0x6f, 0xd2, 0xfd,
1060 },
1061 []byte{0x42, 0x37, 0x36, 0xed, 0x03, 0x5f, 0x60, 0x26,
1062 0xaf, 0x27, 0x6c, 0x35, 0xc0, 0xb3, 0x74, 0x1b, 0x36,
1063 0x5e, 0x5f, 0x76, 0xca, 0x09, 0x1b, 0x4e, 0x8c, 0x29,
1064 0xe2, 0xf0, 0xbe, 0xfe, 0xe6, 0x03, 0x59, 0x5a, 0xa8,
1065 0x32, 0x2d, 0x60, 0x2d, 0x2e, 0x62, 0x5e, 0x95, 0xeb,
1066 0x81, 0xb2, 0xf1, 0xc9, 0x72, 0x4e, 0x82, 0x2e, 0xca,
1067 0x76, 0xdb, 0x86, 0x18, 0xcf, 0x09, 0xc5, 0x34, 0x35,
1068 0x03, 0xa4, 0x36, 0x08, 0x35, 0xb5, 0x90, 0x3b, 0xc6,
1069 0x37, 0xe3, 0x87, 0x9f, 0xb0, 0x5e, 0x0e, 0xf3, 0x26,
1070 0x85, 0xd5, 0xae, 0xc5, 0x06, 0x7c, 0xd7, 0xcc, 0x96,
1071 0xfe, 0x4b, 0x26, 0x70, 0xb6, 0xea, 0xc3, 0x06, 0x6b,
1072 0x1f, 0xcf, 0x56, 0x86, 0xb6, 0x85, 0x89, 0xaa, 0xfb,
1073 0x7d, 0x62, 0x9b, 0x02, 0xd8, 0xf8, 0x62, 0x5c, 0xa3,
1074 0x83, 0x36, 0x24, 0xd4, 0x80, 0x0f, 0xb0, 0x81, 0xb1,
1075 0xcf, 0x94, 0xeb,
1076 },
1077 },
1078 },
1079 },
1080
1081 {"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb",
1082 65537,
1083 "056b04216fe5f354ac77250a4b6b0c8525a85c59b0bd80c56450a22d5f438e596a333aa875e291dd43f48cb88b9d5fc0d499f9fcd1c397f9afc070cd9e398c8d19e61db7c7410a6b2675dfbf5d345b804d201add502d5ce2dfcb091ce9997bbebe57306f383e4d588103f036f7e85d1934d152a323e4a8db451d6f4a5b1b0f102cc150e02feee2b88dea4ad4c1baccb24d84072d14e1d24a6771f7408ee30564fb86d4393a34bcf0b788501d193303f13a2284b001f0f649eaf79328d4ac5c430ab4414920a9460ed1b7bc40ec653e876d09abc509ae45b525190116a0c26101848298509c1c3bf3a483e7274054e15e97075036e989f60932807b5257751e79",
1084 []testEncryptOAEPMessage{
1085
1086 {
1087 []byte{0x8b, 0xba, 0x6b, 0xf8, 0x2a, 0x6c, 0x0f, 0x86,
1088 0xd5, 0xf1, 0x75, 0x6e, 0x97, 0x95, 0x68, 0x70, 0xb0,
1089 0x89, 0x53, 0xb0, 0x6b, 0x4e, 0xb2, 0x05, 0xbc, 0x16,
1090 0x94, 0xee,
1091 },
1092 []byte{0x47, 0xe1, 0xab, 0x71, 0x19, 0xfe, 0xe5, 0x6c,
1093 0x95, 0xee, 0x5e, 0xaa, 0xd8, 0x6f, 0x40, 0xd0, 0xaa,
1094 0x63, 0xbd, 0x33,
1095 },
1096 []byte{0x53, 0xea, 0x5d, 0xc0, 0x8c, 0xd2, 0x60, 0xfb,
1097 0x3b, 0x85, 0x85, 0x67, 0x28, 0x7f, 0xa9, 0x15, 0x52,
1098 0xc3, 0x0b, 0x2f, 0xeb, 0xfb, 0xa2, 0x13, 0xf0, 0xae,
1099 0x87, 0x70, 0x2d, 0x06, 0x8d, 0x19, 0xba, 0xb0, 0x7f,
1100 0xe5, 0x74, 0x52, 0x3d, 0xfb, 0x42, 0x13, 0x9d, 0x68,
1101 0xc3, 0xc5, 0xaf, 0xee, 0xe0, 0xbf, 0xe4, 0xcb, 0x79,
1102 0x69, 0xcb, 0xf3, 0x82, 0xb8, 0x04, 0xd6, 0xe6, 0x13,
1103 0x96, 0x14, 0x4e, 0x2d, 0x0e, 0x60, 0x74, 0x1f, 0x89,
1104 0x93, 0xc3, 0x01, 0x4b, 0x58, 0xb9, 0xb1, 0x95, 0x7a,
1105 0x8b, 0xab, 0xcd, 0x23, 0xaf, 0x85, 0x4f, 0x4c, 0x35,
1106 0x6f, 0xb1, 0x66, 0x2a, 0xa7, 0x2b, 0xfc, 0xc7, 0xe5,
1107 0x86, 0x55, 0x9d, 0xc4, 0x28, 0x0d, 0x16, 0x0c, 0x12,
1108 0x67, 0x85, 0xa7, 0x23, 0xeb, 0xee, 0xbe, 0xff, 0x71,
1109 0xf1, 0x15, 0x94, 0x44, 0x0a, 0xae, 0xf8, 0x7d, 0x10,
1110 0x79, 0x3a, 0x87, 0x74, 0xa2, 0x39, 0xd4, 0xa0, 0x4c,
1111 0x87, 0xfe, 0x14, 0x67, 0xb9, 0xda, 0xf8, 0x52, 0x08,
1112 0xec, 0x6c, 0x72, 0x55, 0x79, 0x4a, 0x96, 0xcc, 0x29,
1113 0x14, 0x2f, 0x9a, 0x8b, 0xd4, 0x18, 0xe3, 0xc1, 0xfd,
1114 0x67, 0x34, 0x4b, 0x0c, 0xd0, 0x82, 0x9d, 0xf3, 0xb2,
1115 0xbe, 0xc6, 0x02, 0x53, 0x19, 0x62, 0x93, 0xc6, 0xb3,
1116 0x4d, 0x3f, 0x75, 0xd3, 0x2f, 0x21, 0x3d, 0xd4, 0x5c,
1117 0x62, 0x73, 0xd5, 0x05, 0xad, 0xf4, 0xcc, 0xed, 0x10,
1118 0x57, 0xcb, 0x75, 0x8f, 0xc2, 0x6a, 0xee, 0xfa, 0x44,
1119 0x12, 0x55, 0xed, 0x4e, 0x64, 0xc1, 0x99, 0xee, 0x07,
1120 0x5e, 0x7f, 0x16, 0x64, 0x61, 0x82, 0xfd, 0xb4, 0x64,
1121 0x73, 0x9b, 0x68, 0xab, 0x5d, 0xaf, 0xf0, 0xe6, 0x3e,
1122 0x95, 0x52, 0x01, 0x68, 0x24, 0xf0, 0x54, 0xbf, 0x4d,
1123 0x3c, 0x8c, 0x90, 0xa9, 0x7b, 0xb6, 0xb6, 0x55, 0x32,
1124 0x84, 0xeb, 0x42, 0x9f, 0xcc,
1125 },
1126 },
1127 },
1128 },
1129 }
1130
1131 func TestPSmallerThanQ(t *testing.T) {
1132
1133 k := parseKey(testingKey(`-----BEGIN RSA TESTING KEY-----
1134 MIIBOgIBAAJBAKj34GkxFhD90vcNLYLInFEX6Ppy1tPf9Cnzj4p4WGeKLs1Pt8Qu
1135 KUpRKfFLfRYC9AIKjbJTWit+CqvjWYzvQwECAwEAAQJAIJLixBy2qpFoS4DSmoEm
1136 o3qGy0t6z09AIJtH+5OeRV1be+N4cDYJKffGzDa88vQENZiRm0GRq6a+HPGQMd2k
1137 TQIhAKMSvzIBnni7ot/OSie2TmJLY4SwTQAevXysE2RbFDYdAiEBCUEaRQnMnbp7
1138 9mxDXDf6AU0cN/RPBjb9qSHDcWZHGzUCIG2Es59z8ugGrDY+pxLQnwfotadxd+Uy
1139 v/Ow5T0q5gIJAiEAyS4RaI9YG8EWx/2w0T67ZUVAw8eOMB6BIUg0Xcu+3okCIBOs
1140 /5OiPgoTdSy7bcF9IGpSE8ZgGKzgYQVZeN97YE00
1141 -----END RSA TESTING KEY-----`))
1142 t.Setenv("GODEBUG", "rsa1024min=0")
1143 if boring.Enabled {
1144 t.Skip("BoringCrypto mode returns the wrong error from SignPSS")
1145 }
1146 testEverything(t, k)
1147 }
1148
1149 func TestLargeSizeDifference(t *testing.T) {
1150
1151 k1 := parseKey(testingKey(`-----BEGIN TESTING KEY-----
1152 MIICmAIBADANBgkqhkiG9w0BAQEFAASCAoIwggJ+AgEAAoGBAOB/V7qbbMLHZSHS
1153 rU3FLNQJe88wQr5asy813wqlWsCeYUn7Imxv23vDXthpkH/54+CplWDvVri24zhU
1154 4tHfONSEBWWKTRfQKCW+vrzf+d02rB95lVBrBDSKAUR6w1Xcx9/6ib+kQRDnMl2l
1155 WZzDgv8jrNPrLGipYBOLcI9/Oh3HAgMBAAECgYBr85AiAX8JIoy0+POxA/GMfIr2
1156 lERj+IVVXFhGbED5gjUBUn8kz/gOrClZAqgxJKVbdTcxn4KGOM64z427Y24H52zQ
1157 sCq7RFJ9KDd4s1hAPQImBRUYu2blqDoqxNBQBxLHVUN7vwFp2MGsHzTz7mcx7QNG
1158 teRbyLhCanUd3UOb4QJhAP5dyjIK1WzKBZ/jSAmjJL64bks4wEEl5eG6e2cTscCH
1159 RE/OSpHi57dyrxgnBkczt56hOksJFzwmgk4wEM8n/JDOXwIzvAH4w4JWhu169gCW
1160 8LgxCzJ71xv8+wUUouUTLwIhAOHwcdEAKyLo3K7X1nlYcUOX61yQ1GXRgIROGrsh
1161 NNjpAmEAuW1nu4k4QmEXLpJB7nyWic3q4T0SsatN5HrMAL1To/U3sDHDHIxbvNiG
1162 mcXBBuDFp4cC9rY+0OOFtDfH2SveKzW1/uX11T4iT/6Bx9cORCnEe5GNBxVOH6IQ
1163 34hGo1WTAiEAyCYALW1AyUQPerOpQwWeEIrb7Lw/65KTjqDB/VOFRUECYQCPcc07
1164 D19OB593kGklAtk1XwGt1W8OmfGIKhGMKzlYhb9MezjaX/3zpO19msSUmSNKszMX
1165 RpZX4LYz9Ity0nxQ3qZYN6XYNwvr7dCV0E5eS+mgbGWRrf3utdbUkZUNwYE=
1166 -----END TESTING KEY-----`))
1167
1168
1169 k2 := parseKey(testingKey(`-----BEGIN TESTING KEY-----
1170 MIICVwIBADANBgkqhkiG9w0BAQEFAASCAkEwggI9AgEAAoGBAObSD1Q4cfUURAuY
1171 RCCTDxv3TxK/VPJH/ees4eVkJHBkgErTXJsVb7df3Pyz8J5yVU7Y68osp1uRgJu1
1172 E/v61L388oUQbpDlhpCzkpx2ZBfwx891JJBNgrRu/ZEDaWfXA4fx3iUDcA83NfY+
1173 WWBlwwjhZG2jTQAgB0kz6fIhxODRAgMBAAECgYAJcO3i1WC25C5w1Xhy5yT68TuN
1174 IiGWu+JbLa97NySE6tOHRvQk0QSTUGw8thsEoo3BAthlQtKHWLmvwPl1YNtEGE14
1175 9gMlzoveiB10tMAJqmIaPoUWgQ2Wmzz+akYgr3zEloN+2ptVRYmboOWXGOHK4LJd
1176 n5h7UvQNSqZyUvqogQIhAPOfMCgE3hvt4wA9cNUg3uQgUNnjr0ITiptNmgmoaaFB
1177 AmEA8oxdQm/Uo1B5J2ebPj/e6mCi/wv3Ewq0CNE4Q1SiLmK1EKwyYj1pNBfrT2Vs
1178 O5XsuFPC5V07iSjjfbaE8Q4zuKSmhVFe9aoAn8lwuuVBufGLFW7FD8PnhDZcqWsE
1179 ksuRAiEA7sRa5y32Hbtlmquc9VV0/nJpq1NKRmFunE1PJh4IAMECYH0Q1ZHJWkqv
1180 1xjzeoA5rPcLx2BdyhP+g+C8CRfmzw2+BgFH2V8ArXuYDdTNxmZfI0XUov1j+qv5
1181 8nvDHn+xxAekltzNnXptI49A7qjgR+jaXM47ZM+BQ6LP6S3OqfgLkQIhAKbHdb9l
1182 cHPGX1uUDRAU1xxtpVQ0OqXyEgqwz6y6hYRw
1183 -----END TESTING KEY-----`))
1184
1185 if boring.Enabled {
1186 t.Skip("BoringCrypto mode returns the wrong error from SignPSS")
1187 }
1188 testEverything(t, k1)
1189 testEverything(t, k2)
1190 }
1191
View as plain text