github.com/ice-blockchain/go/src@v0.0.0-20240403114104-1564d284e521/crypto/rsa/rsa_test.go (about) 1 // Copyright 2009 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package rsa_test 6 7 import ( 8 "bufio" 9 "bytes" 10 "crypto" 11 "crypto/internal/boring" 12 "crypto/rand" 13 . "crypto/rsa" 14 "crypto/sha1" 15 "crypto/sha256" 16 "crypto/x509" 17 "encoding/pem" 18 "flag" 19 "fmt" 20 "internal/testenv" 21 "math/big" 22 "strings" 23 "testing" 24 ) 25 26 func TestKeyGeneration(t *testing.T) { 27 for _, size := range []int{128, 1024, 2048, 3072} { 28 priv, err := GenerateKey(rand.Reader, size) 29 if err != nil { 30 t.Errorf("GenerateKey(%d): %v", size, err) 31 } 32 if bits := priv.N.BitLen(); bits != size { 33 t.Errorf("key too short (%d vs %d)", bits, size) 34 } 35 testKeyBasics(t, priv) 36 if testing.Short() { 37 break 38 } 39 } 40 } 41 42 func Test3PrimeKeyGeneration(t *testing.T) { 43 size := 768 44 if testing.Short() { 45 size = 256 46 } 47 48 priv, err := GenerateMultiPrimeKey(rand.Reader, 3, size) 49 if err != nil { 50 t.Errorf("failed to generate key") 51 } 52 testKeyBasics(t, priv) 53 } 54 55 func Test4PrimeKeyGeneration(t *testing.T) { 56 size := 768 57 if testing.Short() { 58 size = 256 59 } 60 61 priv, err := GenerateMultiPrimeKey(rand.Reader, 4, size) 62 if err != nil { 63 t.Errorf("failed to generate key") 64 } 65 testKeyBasics(t, priv) 66 } 67 68 func TestNPrimeKeyGeneration(t *testing.T) { 69 primeSize := 64 70 maxN := 24 71 if testing.Short() { 72 primeSize = 16 73 maxN = 16 74 } 75 // Test that generation of N-prime keys works for N > 4. 76 for n := 5; n < maxN; n++ { 77 priv, err := GenerateMultiPrimeKey(rand.Reader, n, 64+n*primeSize) 78 if err == nil { 79 testKeyBasics(t, priv) 80 } else { 81 t.Errorf("failed to generate %d-prime key", n) 82 } 83 } 84 } 85 86 func TestImpossibleKeyGeneration(t *testing.T) { 87 // This test ensures that trying to generate toy RSA keys doesn't enter 88 // an infinite loop. 89 for i := 0; i < 32; i++ { 90 GenerateKey(rand.Reader, i) 91 GenerateMultiPrimeKey(rand.Reader, 3, i) 92 GenerateMultiPrimeKey(rand.Reader, 4, i) 93 GenerateMultiPrimeKey(rand.Reader, 5, i) 94 } 95 } 96 97 func TestGnuTLSKey(t *testing.T) { 98 // This is a key generated by `certtool --generate-privkey --bits 128`. 99 // It's such that de ≢ 1 mod φ(n), but is congruent mod the order of 100 // the group. 101 priv := parseKey(testingKey(`-----BEGIN RSA TESTING KEY----- 102 MGECAQACEQDar8EuoZuSosYtE9SeXSyPAgMBAAECEBf7XDET8e6jjTcfO7y/sykC 103 CQDozXjCjkBzLQIJAPB6MqNbZaQrAghbZTdQoko5LQIIUp9ZiKDdYjMCCCCpqzmX 104 d8Y7 105 -----END RSA TESTING KEY-----`)) 106 testKeyBasics(t, priv) 107 } 108 109 func testKeyBasics(t *testing.T, priv *PrivateKey) { 110 if err := priv.Validate(); err != nil { 111 t.Errorf("Validate() failed: %s", err) 112 } 113 if priv.D.Cmp(priv.N) > 0 { 114 t.Errorf("private exponent too large") 115 } 116 117 msg := []byte("hi!") 118 enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg) 119 if err != nil { 120 t.Errorf("EncryptPKCS1v15: %v", err) 121 return 122 } 123 124 dec, err := DecryptPKCS1v15(nil, priv, enc) 125 if err != nil { 126 t.Errorf("DecryptPKCS1v15: %v", err) 127 return 128 } 129 if !bytes.Equal(dec, msg) { 130 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) 131 } 132 } 133 134 func TestAllocations(t *testing.T) { 135 if boring.Enabled { 136 t.Skip("skipping allocations test with BoringCrypto") 137 } 138 testenv.SkipIfOptimizationOff(t) 139 140 m := []byte("Hello Gophers") 141 c, err := EncryptPKCS1v15(rand.Reader, &test2048Key.PublicKey, m) 142 if err != nil { 143 t.Fatal(err) 144 } 145 146 if allocs := testing.AllocsPerRun(100, func() { 147 p, err := DecryptPKCS1v15(nil, test2048Key, c) 148 if err != nil { 149 t.Fatal(err) 150 } 151 if !bytes.Equal(p, m) { 152 t.Fatalf("unexpected output: %q", p) 153 } 154 }); allocs > 10 { 155 t.Errorf("expected less than 10 allocations, got %0.1f", allocs) 156 } 157 } 158 159 var allFlag = flag.Bool("all", false, "test all key sizes up to 2048") 160 161 func TestEverything(t *testing.T) { 162 min := 32 163 max := 560 // any smaller than this and not all tests will run 164 if testing.Short() { 165 min = max 166 } 167 if *allFlag { 168 max = 2048 169 } 170 for size := min; size <= max; size++ { 171 size := size 172 t.Run(fmt.Sprintf("%d", size), func(t *testing.T) { 173 t.Parallel() 174 priv, err := GenerateKey(rand.Reader, size) 175 if err != nil { 176 t.Errorf("GenerateKey(%d): %v", size, err) 177 } 178 if bits := priv.N.BitLen(); bits != size { 179 t.Errorf("key too short (%d vs %d)", bits, size) 180 } 181 testEverything(t, priv) 182 }) 183 } 184 } 185 186 func testEverything(t *testing.T, priv *PrivateKey) { 187 if err := priv.Validate(); err != nil { 188 t.Errorf("Validate() failed: %s", err) 189 } 190 191 msg := []byte("test") 192 enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg) 193 if err == ErrMessageTooLong { 194 t.Log("key too small for EncryptPKCS1v15") 195 } else if err != nil { 196 t.Errorf("EncryptPKCS1v15: %v", err) 197 } 198 if err == nil { 199 dec, err := DecryptPKCS1v15(nil, priv, enc) 200 if err != nil { 201 t.Errorf("DecryptPKCS1v15: %v", err) 202 } 203 err = DecryptPKCS1v15SessionKey(nil, priv, enc, make([]byte, 4)) 204 if err != nil { 205 t.Errorf("DecryptPKCS1v15SessionKey: %v", err) 206 } 207 if !bytes.Equal(dec, msg) { 208 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) 209 } 210 } 211 212 label := []byte("label") 213 enc, err = EncryptOAEP(sha256.New(), rand.Reader, &priv.PublicKey, msg, label) 214 if err == ErrMessageTooLong { 215 t.Log("key too small for EncryptOAEP") 216 } else if err != nil { 217 t.Errorf("EncryptOAEP: %v", err) 218 } 219 if err == nil { 220 dec, err := DecryptOAEP(sha256.New(), nil, priv, enc, label) 221 if err != nil { 222 t.Errorf("DecryptOAEP: %v", err) 223 } 224 if !bytes.Equal(dec, msg) { 225 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) 226 } 227 } 228 229 hash := sha256.Sum256(msg) 230 sig, err := SignPKCS1v15(nil, priv, crypto.SHA256, hash[:]) 231 if err == ErrMessageTooLong { 232 t.Log("key too small for SignPKCS1v15") 233 } else if err != nil { 234 t.Errorf("SignPKCS1v15: %v", err) 235 } 236 if err == nil { 237 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig) 238 if err != nil { 239 t.Errorf("VerifyPKCS1v15: %v", err) 240 } 241 sig[1] ^= 0x80 242 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig) 243 if err == nil { 244 t.Errorf("VerifyPKCS1v15 success for tampered signature") 245 } 246 sig[1] ^= 0x80 247 hash[1] ^= 0x80 248 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig) 249 if err == nil { 250 t.Errorf("VerifyPKCS1v15 success for tampered message") 251 } 252 hash[1] ^= 0x80 253 } 254 255 opts := &PSSOptions{SaltLength: PSSSaltLengthAuto} 256 sig, err = SignPSS(rand.Reader, priv, crypto.SHA256, hash[:], opts) 257 if err == ErrMessageTooLong { 258 t.Log("key too small for SignPSS with PSSSaltLengthAuto") 259 } else if err != nil { 260 t.Errorf("SignPSS: %v", err) 261 } 262 if err == nil { 263 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 264 if err != nil { 265 t.Errorf("VerifyPSS: %v", err) 266 } 267 sig[1] ^= 0x80 268 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 269 if err == nil { 270 t.Errorf("VerifyPSS success for tampered signature") 271 } 272 sig[1] ^= 0x80 273 hash[1] ^= 0x80 274 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 275 if err == nil { 276 t.Errorf("VerifyPSS success for tampered message") 277 } 278 hash[1] ^= 0x80 279 } 280 281 opts.SaltLength = PSSSaltLengthEqualsHash 282 sig, err = SignPSS(rand.Reader, priv, crypto.SHA256, hash[:], opts) 283 if err == ErrMessageTooLong { 284 t.Log("key too small for SignPSS with PSSSaltLengthEqualsHash") 285 } else if err != nil { 286 t.Errorf("SignPSS: %v", err) 287 } 288 if err == nil { 289 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 290 if err != nil { 291 t.Errorf("VerifyPSS: %v", err) 292 } 293 sig[1] ^= 0x80 294 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 295 if err == nil { 296 t.Errorf("VerifyPSS success for tampered signature") 297 } 298 sig[1] ^= 0x80 299 hash[1] ^= 0x80 300 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 301 if err == nil { 302 t.Errorf("VerifyPSS success for tampered message") 303 } 304 hash[1] ^= 0x80 305 } 306 307 // Check that an input bigger than the modulus is handled correctly, 308 // whether it is longer than the byte size of the modulus or not. 309 c := bytes.Repeat([]byte{0xff}, priv.Size()) 310 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], c, opts) 311 if err == nil { 312 t.Errorf("VerifyPSS accepted a large signature") 313 } 314 _, err = DecryptPKCS1v15(nil, priv, c) 315 if err == nil { 316 t.Errorf("DecryptPKCS1v15 accepted a large ciphertext") 317 } 318 c = append(c, 0xff) 319 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], c, opts) 320 if err == nil { 321 t.Errorf("VerifyPSS accepted a long signature") 322 } 323 _, err = DecryptPKCS1v15(nil, priv, c) 324 if err == nil { 325 t.Errorf("DecryptPKCS1v15 accepted a long ciphertext") 326 } 327 } 328 329 func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") } 330 331 func parseKey(s string) *PrivateKey { 332 p, _ := pem.Decode([]byte(s)) 333 if p.Type == "PRIVATE KEY" { 334 k, err := x509.ParsePKCS8PrivateKey(p.Bytes) 335 if err != nil { 336 panic(err) 337 } 338 return k.(*PrivateKey) 339 } 340 k, err := x509.ParsePKCS1PrivateKey(p.Bytes) 341 if err != nil { 342 panic(err) 343 } 344 return k 345 } 346 347 var test2048Key = parseKey(testingKey(`-----BEGIN TESTING KEY----- 348 MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDNoyFUYeDuqw+k 349 iyv47iBy/udbWmQdpbUZ8JobHv8uQrvL7sQN6l83teHgNJsXqtiLF3MC+K+XI6Dq 350 hxUWfQwLip8WEnv7Jx/+53S8yp/CS4Jw86Q1bQHbZjFDpcoqSuwAxlegw18HNZCY 351 fpipYnA1lYCm+MTjtgXJQbjA0dwUGCf4BDMqt+76Jk3XZF5975rftbkGoT9eu8Jt 352 Xs5F5Xkwd8q3fkQz+fpLW4u9jrfFyQ61RRFkYrCjlhtGjYIzBHGgQM4n/sNXhiy5 353 h0tA7Xa6NyYrN/OXe/Y1K8Rz/tzlvbMoxgZgtBuKo1N3m8ckFi7hUVK2eNv7GoAb 354 teTTPrg/AgMBAAECggEAAnfsVpmsL3R0Bh4gXRpPeM63H6e1a8B8kyVwiO9o0cXX 355 gKp9+P39izfB0Kt6lyCj/Wg+wOQT7rg5qy1yIw7fBHGmcjquxh3uN0s3YZ+Vcym6 356 SAY5f0vh/OyJN9r3Uv8+Pc4jtb7So7QDzdWeZurssBmUB0avAMRdGNFGP5SyILcz 357 l3Q59hTxQ4czRHKjZ06L1/sA+tFVbO1j39FN8nMOU/ovLF4lAmZTkQ6AP6n6XPHP 358 B8Nq7jSYz6RDO200jzp6UsdrnjjkJRbzOxN/fn+ckCP+WYuq+y/d05ET9PdVa4qI 359 Jyr80D9QgHmfztcecvYwoskGnkb2F4Tmp0WnAj/xVQKBgQD4TrMLyyHdbAr5hoSi 360 p+r7qBQxnHxPe2FKO7aqagi4iPEHauEDgwPIcsOYota1ACiSs3BaESdJAClbqPYd 361 HDI4c2DZ6opux6WYkSju+tVXYW6qarR3fzrP3fUCdz2c2NfruWOqq8YmjzAhTNPm 362 YzvtzTdwheNYV0Vi71t1SfZmfQKBgQDUAgSUcrgXdGDnSbaNe6KwjY5oZWOQfZe2 363 DUhqfN/JRFZj+EMfIIh6OQXnZqkp0FeRdfRAFl8Yz8ESHEs4j+TikLJEeOdfmYLS 364 TWxlMPDTUGbUvSf4g358NJ8TlfYA7dYpSTNPXMRSLtsz1palmaDBTE/V2xKtTH6p 365 VglRNRUKawKBgCPqBh2TkN9czC2RFkgMb4FcqycN0jEQ0F6TSnVVhtNiAzKmc8s1 366 POvWJZJDIzjkv/mP+JUeXAdD/bdjNc26EU126rA6KzGgsMPjYv9FymusDPybGGUc 367 Qt5j5RcpNgEkn/5ZPyAlXjCfjz+RxChTfAyGHRmqU9qoLMIFir3pJ7llAoGBAMNH 368 sIxENwlzqyafoUUlEq/pU7kZWuJmrO2FwqRDraYoCiM/NCRhxRQ/ng6NY1gejepw 369 abD2alXiV4alBSxubne6rFmhvA00y2mG40c6Ezmxn2ZpbX3dMQ6bMcPKp7QnXtLc 370 mCSL4FGK02ImUNDsd0RVVFw51DRId4rmsuJYMK9NAoGAKlYdc4784ixTD2ZICIOC 371 ZWPxPAyQUEA7EkuUhAX1bVNG6UJTYA8kmGcUCG4jPTgWzi00IyUUr8jK7efyU/zs 372 qiJuVs1bia+flYIQpysMl1VzZh8gW1nkB4SVPm5l2wBvVJDIr9Mc6rueC/oVNkh2 373 fLVGuFoTVIu2bF0cWAjNNMg= 374 -----END TESTING KEY-----`)) 375 376 var test3072Key = parseKey(testingKey(`-----BEGIN TESTING KEY----- 377 MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQDJrvevql7G07LM 378 xQAwAA1Oo8qUAkWfmpgrpxIUZE1QTyMCDaspQJGBBR2+iStrzi2NnWvyBz3jJWFZ 379 LepnsMUFSXj5Ez6bEt2x9YbLAAVGhI6USrGAKqRdJ77+F7yIVCJWcV4vtTyN86IO 380 UaHObwCR8GX7MUwJiRxDUZtYxJcwTMHSs4OWxNnqc+A8yRKn85CsCx0X9I1DULq+ 381 5BL8gF3MUXvb2zYzIOGI1s3lXOo9tHVcRVB1eV7dZHDyYGxZ4Exj9eKhiOL52hE6 382 ZPTWCCKbQnyBV3HYe+t8DscOG/IzaAzLrx1s6xnqKEe5lUQ03Ty9QN3tpqqLsC4b 383 CUkdk6Ma43KXGkCmoPaGCkssSc9qOrwHrqoMkOnZDWOJ5mKHhINKWV/U7p54T7tx 384 FWI3PFvvYevoPf7cQdJcChbIBvQ+LEuVZvmljhONUjIGKBaqBz5Sjv7Fd5BNnBGz 385 8NwH6tYdT9kdTkCZdfrazbuhLxN0mhhXp2sePRV2KZsB7i7cUJMCAwEAAQKCAYAT 386 fqunbxmehhu237tUaHTg1e6WHvVu54kaUxm+ydvlTY5N5ldV801Sl4AtXjdJwjy0 387 qcj430qpTarawsLxMezhcB2BlKLNEjucC5EeHIrmAEMt7LMP90868prAweJHRTv/ 388 zLvfcwPURClf0Uk0L0Dyr7Y+hnXZ8scTb2x2M06FQdjMY+4Yy+oKgm05mEVgNv1p 389 e+DcjhbSMRf+rVoeeSQCmhprATCnLDWmE1QEqIC7OoR2SPxC1rAHnhatfwo00nwz 390 rciN5YSOqoGa1WMNv6ut0HJWZnu5nR1OuZpaf+zrxlthMxPwhhPq0211J4fZviTO 391 WLnubXD3/G9TN1TszeFuO7Ty8HYYkTJ3RLRrTRrfwhOtOJ4tkuwSJol3QIs1asab 392 wYabuqyTv4+6JeoMBSLnMoA8rXSW9ti4gvJ1h8xMqmMF6e91Z0Fn7fvP5MCn/t8H 393 8cIPhYLOhdPH5JMqxozb/a1s+JKvRTLnAXxNjlmyXzNvC+3Ixp4q9O8dWJ8Gt+EC 394 gcEA+12m6iMXU3tBw1cYDcs/Jc0hOVgMAMgtnWZ4+p8RSucO/74bq82kdyAOJxao 395 spAcK03NnpRBDcYsSyuQrE6AXQYel1Gj98mMtOirwt2T9vH5fHT6oKsqEu03hYIB 396 5cggeie4wqKAOb9tVdShJk7YBJUgIXnAcqqmkD4oeUGzUV0QseQtspEHUJSqBQ9n 397 yR4DmyMECgLm47S9LwPMtgRh9ADLBaZeuIRdBEKCDPgNkdya/dLb8u8kE8Ox3T3R 398 +r2hAoHBAM1m1ZNqP9bEa74jZkpMxDN+vUdN7rZcxcpHu1nyii8OzXEopB+jByFA 399 lmMqnKt8z5DRD0dmHXzOggnKJGO2j63/XFaVmsaXcM2B8wlRCqwm4mBE/bYCEKJl 400 xqkDveICzwb1paWSgmFkjc6DN2g1jUd3ptOORuU38onrSphPHFxgyNlNTcOcXvxb 401 GW4R8iPinvpkY3shluWqRQTvai1+gNQlmKMdqXvreUjKqJFCOhoRUVG/MDv8IdP2 402 tXq43+UZswKBwQDSErOzi74r25/bVAdbR9gvjF7O4OGvKZzNpd1HfvbhxXcIjuXr 403 UEK5+AU777ju+ndATZahiD9R9qP/8pnHFxg6JiocxnMlW8EHVEhv4+SMBjA+Ljlj 404 W4kfJjc3ka5qTjWuQVIs/8fv+yayC7DeJhhsxACFWY5Xhn0LoZcLt7fYMNIKCauT 405 R5d4ZbYt4nEXaMkUt0/h2gkCloNhLmjAWatPU/ZYc3FH/f8K11Z+5jPZCihSJw4A 406 2pEpH2yffNHnHuECgcEAmxIWEHNYuwYT6brEETgfsFjxAZI+tIMZ+HtrYJ8R4DEm 407 vVXXguMMEPi4ESosmfNiqYyMInVfscgeuNFZ48YCd3Sg++V6so/G5ABFwjTi/9Fj 408 exbbDLxGXrTD5PokMyu3rSNr6bLQqELIJK8/93bmsJwO4Q07TPaOL73p1U90s/GF 409 8TjBivrVY2RLsKPv0VPYfmWoDV/wkneYH/+4g5xMGt4/fHZ6bEn8iQ4ncXM0dlW4 410 tSTIf6D80RAjNwG4VzitAoHAA8GLh22w+Cx8RPsj6xdrUiVFE+nNMMgeY8Mdjsrq 411 Fh4jJb+4zwSML9R6iJu/LH5B7Fre2Te8QrYP+k/jIHPYJtGesVt/WlAtpDCNsC3j 412 8CBzxwL6zkN+46pph35jPKUSaQQ2r8euNMp/sirkYcP8PpbdtifXCjN08QQIKsqj 413 17IGHe9jZX/EVnSshCkXOBHG31buV10k5GSkeKcoDrkpp25wQ6FjW9L3Q68y6Y8r 414 8h02sdAMB9Yc2A4EgzOySWoD 415 -----END TESTING KEY-----`)) 416 417 var test4096Key = parseKey(testingKey(`-----BEGIN TESTING KEY----- 418 MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCmH55T2e8fdUaL 419 iWVL2yI7d/wOu/sxI4nVGoiRMiSMlMZlOEZ4oJY6l2y9N/b8ftwoIpjYO8CBk5au 420 x2Odgpuz+FJyHppvKakUIeAn4940zoNkRe/iptybIuH5tCBygjs0y1617TlR/c5+ 421 FF5YRkzsEJrGcLqXzj0hDyrwdplBOv1xz2oHYlvKWWcVMR/qgwoRuj65Ef262t/Q 422 ELH3+fFLzIIstFTk2co2WaALquOsOB6xGOJSAAr8cIAWe+3MqWM8DOcgBuhABA42 423 9IhbBBw0uqTXUv/TGi6tcF29H2buSxAx/Wm6h2PstLd6IJAbWHAa6oTz87H0S6XZ 424 v42cYoFhHma1OJw4id1oOZMFDTPDbHxgUnr2puSU+Fpxrj9+FWwViKE4j0YatbG9 425 cNVpx9xo4NdvOkejWUrqziRorMZTk/zWKz0AkGQzTN3PrX0yy61BoWfznH/NXZ+o 426 j3PqVtkUs6schoIYvrUcdhTCrlLwGSHhU1VKNGAUlLbNrIYTQNgt2gqvjLEsn4/i 427 PgS1IsuDHIc7nGjzvKcuR0UeYCDkmBQqKrdhGbdJ1BRohzLdm+woRpjrqmUCbMa5 428 VWWldJen0YyAlxNILvXMD117azeduseM1sZeGA9L8MmE12auzNbKr371xzgANSXn 429 jRuyrblAZKc10kYStrcEmJdfNlzYAwIDAQABAoICABdQBpsD0W/buFuqm2GKzgIE 430 c4Xp0XVy5EvYnmOp4sEru6/GtvUErDBqwaLIMMv8TY8AU+y8beaBPLsoVg1rn8gg 431 yAklzExfT0/49QkEDFHizUOMIP7wpbLLsWSmZ4tKRV7CT3c+ZDXiZVECML84lmDm 432 b6H7feQB2EhEZaU7L4Sc76ZCEkIZBoKeCz5JF46EdyxHs7erE61eO9xqC1+eXsNh 433 Xr9BS0yWV69K4o/gmnS3p2747AHP6brFWuRM3fFDsB5kPScccQlSyF/j7yK+r+qi 434 arGg/y+z0+sZAr6gooQ8Wnh5dJXtnBNCxSDJYw/DWHAeiyvk/gsndo3ZONlCZZ9u 435 bpwBYx3hA2wTa5GUQxFM0KlI7Ftr9Cescf2jN6Ia48C6FcQsepMzD3jaMkLir8Jk 436 /YD/s5KPzNvwPAyLnf7x574JeWuuxTIPx6b/fHVtboDK6j6XQnzrN2Hy3ngvlEFo 437 zuGYVvtrz5pJXWGVSjZWG1kc9iXCdHKpmFdPj7XhU0gugTzQ/e5uRIqdOqfNLI37 438 fppSuWkWd5uaAg0Zuhd+2L4LG2GhVdfFa1UeHBe/ncFKz1km9Bmjvt04TpxlRnVG 439 wHxJZKlxpxCZ3AuLNUMP/QazPXO8OIfGOCbwkgFiqRY32mKDUvmEADBBoYpk/wBv 440 qV99g5gvYFC5Le4QLzOJAoIBAQDcnqnK2tgkISJhsLs2Oj8vEcT7dU9vVnPSxTcC 441 M0F+8ITukn33K0biUlA+ktcQaF+eeLjfbjkn/H0f2Ajn++ldT56MgAFutZkYvwxJ 442 2A6PVB3jesauSpe8aqoKMDIj8HSA3+AwH+yU+yA9r5EdUq1S6PscP+5Wj22+thAa 443 l65CFD77C0RX0lly5zdjQo3Vyca2HYGm/cshFCPRZc66TPjNAHFthbqktKjMQ91H 444 Hg+Gun2zv8KqeSzMDeHnef4rVaWMIyIBzpu3QdkKPUXMQQxvJ+RW7+MORV9VjE7Z 445 KVnHa/6x9n+jvtQ0ydHc2n0NOp6BQghTCB2G3w3JJfmPcRSNAoIBAQDAw6mPddoz 446 UUzANMOYcFtos4EaWfTQE2okSLVAmLY2gtAK6ldTv6X9xl0IiC/DmWqiNZJ/WmVI 447 glkp6iZhxBSmqov0X9P0M+jdz7CRnbZDFhQWPxSPicurYuPKs52IC08HgIrwErzT 448 /lh+qRXEqzT8rTdftywj5fE89w52NPHBsMS07VhFsJtU4aY2Yl8y1PHeumXU6h66 449 yTvoCLLxJPiLIg9PgvbMF+RiYyomIg75gwfx4zWvIvWdXifQBC88fE7lP2u5gtWL 450 JUJaMy6LNKHn8YezvwQp0dRecvvoqzoApOuHfsPASHb9cfvcy/BxDXFMJO4QWCi1 451 6WLaR835nKLPAoIBAFw7IHSjxNRl3b/FaJ6k/yEoZpdRVaIQHF+y/uo2j10IJCqw 452 p2SbfQjErLNcI/jCCadwhKkzpUVoMs8LO73v/IF79aZ7JR4pYRWNWQ/N+VhGLDCb 453 dVAL8x9b4DZeK7gGoE34SfsUfY1S5wmiyiHeHIOazs/ikjsxvwmJh3X2j20klafR 454 8AJe9/InY2plunHz5tTfxQIQ+8iaaNbzntcXsrPRSZol2/9bX231uR4wHQGQGVj6 455 A+HMwsOT0is5Pt7S8WCCl4b13vdf2eKD9xgK4a3emYEWzG985PwYqiXzOYs7RMEV 456 cgr8ji57aPbRiJHtPbJ/7ob3z5BA07yR2aDz/0kCggEAZDyajHYNLAhHr98AIuGy 457 NsS5CpnietzNoeaJEfkXL0tgoXxwQqVyzH7827XtmHnLgGP5NO4tosHdWbVflhEf 458 Z/dhZYb7MY5YthcMyvvGziXJ9jOBHo7Z8Nowd7Rk41x2EQGfve0QcfBd1idYoXch 459 y47LL6OReW1Vv4z84Szw1fZ0o1yUPVDzxPS9uKP4uvcOevJUh53isuB3nVYArvK5 460 p6fjbEY+zaxS33KPdVrajJa9Z+Ptg4/bRqSycTHr2jkN0ZnkC4hkQMH0OfFJb6vD 461 0VfAaBCZOqHZG/AQ3FFFjRY1P7UEV5WXAn3mKU+HTVJfKug9PxSIvueIttcF3Zm8 462 8wKCAQAM43+DnGW1w34jpsTAeOXC5mhIz7J8spU6Uq5bJIheEE2AbX1z+eRVErZX 463 1WsRNPsNrQfdt/b5IKboBbSYKoGxxRMngJI1eJqyj4LxZrACccS3euAlcU1q+3oN 464 T10qfQol54KjGld/HVDhzbsZJxzLDqvPlroWgwLdOLDMXhwJYfTnqMEQkaG4Aawr 465 3P14+Zp/woLiPWw3iZFcL/bt23IOa9YI0NoLhp5MFNXfIuzx2FhVz6BUSeVfQ6Ko 466 Nx2YZ03g6Kt6B6c43LJx1a/zEPYSZcPERgWOSHlcjmwRfTs6uoN9xt1qs4zEUaKv 467 Axreud3rJ0rekUp6rI1joG717Wls 468 -----END TESTING KEY-----`)) 469 470 func BenchmarkDecryptPKCS1v15(b *testing.B) { 471 b.Run("2048", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test2048Key) }) 472 b.Run("3072", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test3072Key) }) 473 b.Run("4096", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test4096Key) }) 474 } 475 476 func benchmarkDecryptPKCS1v15(b *testing.B, k *PrivateKey) { 477 r := bufio.NewReaderSize(rand.Reader, 1<<15) 478 479 m := []byte("Hello Gophers") 480 c, err := EncryptPKCS1v15(r, &k.PublicKey, m) 481 if err != nil { 482 b.Fatal(err) 483 } 484 485 b.ResetTimer() 486 var sink byte 487 for i := 0; i < b.N; i++ { 488 p, err := DecryptPKCS1v15(r, k, c) 489 if err != nil { 490 b.Fatal(err) 491 } 492 if !bytes.Equal(p, m) { 493 b.Fatalf("unexpected output: %q", p) 494 } 495 sink ^= p[0] 496 } 497 } 498 499 func BenchmarkEncryptPKCS1v15(b *testing.B) { 500 b.Run("2048", func(b *testing.B) { 501 r := bufio.NewReaderSize(rand.Reader, 1<<15) 502 m := []byte("Hello Gophers") 503 504 var sink byte 505 for i := 0; i < b.N; i++ { 506 c, err := EncryptPKCS1v15(r, &test2048Key.PublicKey, m) 507 if err != nil { 508 b.Fatal(err) 509 } 510 sink ^= c[0] 511 } 512 }) 513 } 514 515 func BenchmarkDecryptOAEP(b *testing.B) { 516 b.Run("2048", func(b *testing.B) { 517 r := bufio.NewReaderSize(rand.Reader, 1<<15) 518 519 m := []byte("Hello Gophers") 520 c, err := EncryptOAEP(sha256.New(), r, &test2048Key.PublicKey, m, nil) 521 if err != nil { 522 b.Fatal(err) 523 } 524 525 b.ResetTimer() 526 var sink byte 527 for i := 0; i < b.N; i++ { 528 p, err := DecryptOAEP(sha256.New(), r, test2048Key, c, nil) 529 if err != nil { 530 b.Fatal(err) 531 } 532 if !bytes.Equal(p, m) { 533 b.Fatalf("unexpected output: %q", p) 534 } 535 sink ^= p[0] 536 } 537 }) 538 } 539 540 func BenchmarkEncryptOAEP(b *testing.B) { 541 b.Run("2048", func(b *testing.B) { 542 r := bufio.NewReaderSize(rand.Reader, 1<<15) 543 m := []byte("Hello Gophers") 544 545 var sink byte 546 for i := 0; i < b.N; i++ { 547 c, err := EncryptOAEP(sha256.New(), r, &test2048Key.PublicKey, m, nil) 548 if err != nil { 549 b.Fatal(err) 550 } 551 sink ^= c[0] 552 } 553 }) 554 } 555 556 func BenchmarkSignPKCS1v15(b *testing.B) { 557 b.Run("2048", func(b *testing.B) { 558 hashed := sha256.Sum256([]byte("testing")) 559 560 var sink byte 561 b.ResetTimer() 562 for i := 0; i < b.N; i++ { 563 s, err := SignPKCS1v15(rand.Reader, test2048Key, crypto.SHA256, hashed[:]) 564 if err != nil { 565 b.Fatal(err) 566 } 567 sink ^= s[0] 568 } 569 }) 570 } 571 572 func BenchmarkVerifyPKCS1v15(b *testing.B) { 573 b.Run("2048", func(b *testing.B) { 574 hashed := sha256.Sum256([]byte("testing")) 575 s, err := SignPKCS1v15(rand.Reader, test2048Key, crypto.SHA256, hashed[:]) 576 if err != nil { 577 b.Fatal(err) 578 } 579 580 b.ResetTimer() 581 for i := 0; i < b.N; i++ { 582 err := VerifyPKCS1v15(&test2048Key.PublicKey, crypto.SHA256, hashed[:], s) 583 if err != nil { 584 b.Fatal(err) 585 } 586 } 587 }) 588 } 589 590 func BenchmarkSignPSS(b *testing.B) { 591 b.Run("2048", func(b *testing.B) { 592 hashed := sha256.Sum256([]byte("testing")) 593 594 var sink byte 595 b.ResetTimer() 596 for i := 0; i < b.N; i++ { 597 s, err := SignPSS(rand.Reader, test2048Key, crypto.SHA256, hashed[:], nil) 598 if err != nil { 599 b.Fatal(err) 600 } 601 sink ^= s[0] 602 } 603 }) 604 } 605 606 func BenchmarkVerifyPSS(b *testing.B) { 607 b.Run("2048", func(b *testing.B) { 608 hashed := sha256.Sum256([]byte("testing")) 609 s, err := SignPSS(rand.Reader, test2048Key, crypto.SHA256, hashed[:], nil) 610 if err != nil { 611 b.Fatal(err) 612 } 613 614 b.ResetTimer() 615 for i := 0; i < b.N; i++ { 616 err := VerifyPSS(&test2048Key.PublicKey, crypto.SHA256, hashed[:], s, nil) 617 if err != nil { 618 b.Fatal(err) 619 } 620 } 621 }) 622 } 623 624 type testEncryptOAEPMessage struct { 625 in []byte 626 seed []byte 627 out []byte 628 } 629 630 type testEncryptOAEPStruct struct { 631 modulus string 632 e int 633 d string 634 msgs []testEncryptOAEPMessage 635 } 636 637 func TestEncryptOAEP(t *testing.T) { 638 sha1 := sha1.New() 639 n := new(big.Int) 640 for i, test := range testEncryptOAEPData { 641 n.SetString(test.modulus, 16) 642 public := PublicKey{N: n, E: test.e} 643 644 for j, message := range test.msgs { 645 randomSource := bytes.NewReader(message.seed) 646 out, err := EncryptOAEP(sha1, randomSource, &public, message.in, nil) 647 if err != nil { 648 t.Errorf("#%d,%d error: %s", i, j, err) 649 } 650 if !bytes.Equal(out, message.out) { 651 t.Errorf("#%d,%d bad result: %x (want %x)", i, j, out, message.out) 652 } 653 } 654 } 655 } 656 657 func TestDecryptOAEP(t *testing.T) { 658 random := rand.Reader 659 660 sha1 := sha1.New() 661 n := new(big.Int) 662 d := new(big.Int) 663 for i, test := range testEncryptOAEPData { 664 n.SetString(test.modulus, 16) 665 d.SetString(test.d, 16) 666 private := new(PrivateKey) 667 private.PublicKey = PublicKey{N: n, E: test.e} 668 private.D = d 669 670 for j, message := range test.msgs { 671 out, err := DecryptOAEP(sha1, nil, private, message.out, nil) 672 if err != nil { 673 t.Errorf("#%d,%d error: %s", i, j, err) 674 } else if !bytes.Equal(out, message.in) { 675 t.Errorf("#%d,%d bad result: %#v (want %#v)", i, j, out, message.in) 676 } 677 678 // Decrypt with blinding. 679 out, err = DecryptOAEP(sha1, random, private, message.out, nil) 680 if err != nil { 681 t.Errorf("#%d,%d (blind) error: %s", i, j, err) 682 } else if !bytes.Equal(out, message.in) { 683 t.Errorf("#%d,%d (blind) bad result: %#v (want %#v)", i, j, out, message.in) 684 } 685 } 686 if testing.Short() { 687 break 688 } 689 } 690 } 691 692 func Test2DecryptOAEP(t *testing.T) { 693 random := rand.Reader 694 695 msg := []byte{0xed, 0x36, 0x90, 0x8d, 0xbe, 0xfc, 0x35, 0x40, 0x70, 0x4f, 0xf5, 0x9d, 0x6e, 0xc2, 0xeb, 0xf5, 0x27, 0xae, 0x65, 0xb0, 0x59, 0x29, 0x45, 0x25, 0x8c, 0xc1, 0x91, 0x22} 696 in := []byte{0x72, 0x26, 0x84, 0xc9, 0xcf, 0xd6, 0xa8, 0x96, 0x04, 0x3e, 0x34, 0x07, 0x2c, 0x4f, 0xe6, 0x52, 0xbe, 0x46, 0x3c, 0xcf, 0x79, 0x21, 0x09, 0x64, 0xe7, 0x33, 0x66, 0x9b, 0xf8, 0x14, 0x22, 0x43, 0xfe, 0x8e, 0x52, 0x8b, 0xe0, 0x5f, 0x98, 0xef, 0x54, 0xac, 0x6b, 0xc6, 0x26, 0xac, 0x5b, 0x1b, 0x4b, 0x7d, 0x2e, 0xd7, 0x69, 0x28, 0x5a, 0x2f, 0x4a, 0x95, 0x89, 0x6c, 0xc7, 0x53, 0x95, 0xc7, 0xd2, 0x89, 0x04, 0x6f, 0x94, 0x74, 0x9b, 0x09, 0x0d, 0xf4, 0x61, 0x2e, 0xab, 0x48, 0x57, 0x4a, 0xbf, 0x95, 0xcb, 0xff, 0x15, 0xe2, 0xa0, 0x66, 0x58, 0xf7, 0x46, 0xf8, 0xc7, 0x0b, 0xb5, 0x1e, 0xa7, 0xba, 0x36, 0xce, 0xdd, 0x36, 0x41, 0x98, 0x6e, 0x10, 0xf9, 0x3b, 0x70, 0xbb, 0xa1, 0xda, 0x00, 0x40, 0xd5, 0xa5, 0x3f, 0x87, 0x64, 0x32, 0x7c, 0xbc, 0x50, 0x52, 0x0e, 0x4f, 0x21, 0xbd} 697 698 n := new(big.Int) 699 d := new(big.Int) 700 n.SetString(testEncryptOAEPData[0].modulus, 16) 701 d.SetString(testEncryptOAEPData[0].d, 16) 702 priv := new(PrivateKey) 703 priv.PublicKey = PublicKey{N: n, E: testEncryptOAEPData[0].e} 704 priv.D = d 705 sha1 := crypto.SHA1 706 sha256 := crypto.SHA256 707 708 out, err := priv.Decrypt(random, in, &OAEPOptions{MGFHash: sha1, Hash: sha256}) 709 710 if err != nil { 711 t.Errorf("error: %s", err) 712 } else if !bytes.Equal(out, msg) { 713 t.Errorf("bad result %#v (want %#v)", out, msg) 714 } 715 } 716 717 func TestEncryptDecryptOAEP(t *testing.T) { 718 sha256 := sha256.New() 719 n := new(big.Int) 720 d := new(big.Int) 721 for i, test := range testEncryptOAEPData { 722 n.SetString(test.modulus, 16) 723 d.SetString(test.d, 16) 724 priv := new(PrivateKey) 725 priv.PublicKey = PublicKey{N: n, E: test.e} 726 priv.D = d 727 728 for j, message := range test.msgs { 729 label := []byte(fmt.Sprintf("hi#%d", j)) 730 enc, err := EncryptOAEP(sha256, rand.Reader, &priv.PublicKey, message.in, label) 731 if err != nil { 732 t.Errorf("#%d,%d: EncryptOAEP: %v", i, j, err) 733 continue 734 } 735 dec, err := DecryptOAEP(sha256, rand.Reader, priv, enc, label) 736 if err != nil { 737 t.Errorf("#%d,%d: DecryptOAEP: %v", i, j, err) 738 continue 739 } 740 if !bytes.Equal(dec, message.in) { 741 t.Errorf("#%d,%d: round trip %q -> %q", i, j, message.in, dec) 742 } 743 } 744 } 745 } 746 747 // testEncryptOAEPData contains a subset of the vectors from RSA's "Test vectors for RSA-OAEP". 748 var testEncryptOAEPData = []testEncryptOAEPStruct{ 749 // Key 1 750 {"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb", 751 65537, 752 "53339cfdb79fc8466a655c7316aca85c55fd8f6dd898fdaf119517ef4f52e8fd8e258df93fee180fa0e4ab29693cd83b152a553d4ac4d1812b8b9fa5af0e7f55fe7304df41570926f3311f15c4d65a732c483116ee3d3d2d0af3549ad9bf7cbfb78ad884f84d5beb04724dc7369b31def37d0cf539e9cfcdd3de653729ead5d1", 753 []testEncryptOAEPMessage{ 754 // Example 1.1 755 { 756 []byte{0x66, 0x28, 0x19, 0x4e, 0x12, 0x07, 0x3d, 0xb0, 757 0x3b, 0xa9, 0x4c, 0xda, 0x9e, 0xf9, 0x53, 0x23, 0x97, 758 0xd5, 0x0d, 0xba, 0x79, 0xb9, 0x87, 0x00, 0x4a, 0xfe, 759 0xfe, 0x34, 760 }, 761 []byte{0x18, 0xb7, 0x76, 0xea, 0x21, 0x06, 0x9d, 0x69, 762 0x77, 0x6a, 0x33, 0xe9, 0x6b, 0xad, 0x48, 0xe1, 0xdd, 763 0xa0, 0xa5, 0xef, 764 }, 765 []byte{0x35, 0x4f, 0xe6, 0x7b, 0x4a, 0x12, 0x6d, 0x5d, 766 0x35, 0xfe, 0x36, 0xc7, 0x77, 0x79, 0x1a, 0x3f, 0x7b, 767 0xa1, 0x3d, 0xef, 0x48, 0x4e, 0x2d, 0x39, 0x08, 0xaf, 768 0xf7, 0x22, 0xfa, 0xd4, 0x68, 0xfb, 0x21, 0x69, 0x6d, 769 0xe9, 0x5d, 0x0b, 0xe9, 0x11, 0xc2, 0xd3, 0x17, 0x4f, 770 0x8a, 0xfc, 0xc2, 0x01, 0x03, 0x5f, 0x7b, 0x6d, 0x8e, 771 0x69, 0x40, 0x2d, 0xe5, 0x45, 0x16, 0x18, 0xc2, 0x1a, 772 0x53, 0x5f, 0xa9, 0xd7, 0xbf, 0xc5, 0xb8, 0xdd, 0x9f, 773 0xc2, 0x43, 0xf8, 0xcf, 0x92, 0x7d, 0xb3, 0x13, 0x22, 774 0xd6, 0xe8, 0x81, 0xea, 0xa9, 0x1a, 0x99, 0x61, 0x70, 775 0xe6, 0x57, 0xa0, 0x5a, 0x26, 0x64, 0x26, 0xd9, 0x8c, 776 0x88, 0x00, 0x3f, 0x84, 0x77, 0xc1, 0x22, 0x70, 0x94, 777 0xa0, 0xd9, 0xfa, 0x1e, 0x8c, 0x40, 0x24, 0x30, 0x9c, 778 0xe1, 0xec, 0xcc, 0xb5, 0x21, 0x00, 0x35, 0xd4, 0x7a, 779 0xc7, 0x2e, 0x8a, 780 }, 781 }, 782 // Example 1.2 783 { 784 []byte{0x75, 0x0c, 0x40, 0x47, 0xf5, 0x47, 0xe8, 0xe4, 785 0x14, 0x11, 0x85, 0x65, 0x23, 0x29, 0x8a, 0xc9, 0xba, 786 0xe2, 0x45, 0xef, 0xaf, 0x13, 0x97, 0xfb, 0xe5, 0x6f, 787 0x9d, 0xd5, 788 }, 789 []byte{0x0c, 0xc7, 0x42, 0xce, 0x4a, 0x9b, 0x7f, 0x32, 790 0xf9, 0x51, 0xbc, 0xb2, 0x51, 0xef, 0xd9, 0x25, 0xfe, 791 0x4f, 0xe3, 0x5f, 792 }, 793 []byte{0x64, 0x0d, 0xb1, 0xac, 0xc5, 0x8e, 0x05, 0x68, 794 0xfe, 0x54, 0x07, 0xe5, 0xf9, 0xb7, 0x01, 0xdf, 0xf8, 795 0xc3, 0xc9, 0x1e, 0x71, 0x6c, 0x53, 0x6f, 0xc7, 0xfc, 796 0xec, 0x6c, 0xb5, 0xb7, 0x1c, 0x11, 0x65, 0x98, 0x8d, 797 0x4a, 0x27, 0x9e, 0x15, 0x77, 0xd7, 0x30, 0xfc, 0x7a, 798 0x29, 0x93, 0x2e, 0x3f, 0x00, 0xc8, 0x15, 0x15, 0x23, 799 0x6d, 0x8d, 0x8e, 0x31, 0x01, 0x7a, 0x7a, 0x09, 0xdf, 800 0x43, 0x52, 0xd9, 0x04, 0xcd, 0xeb, 0x79, 0xaa, 0x58, 801 0x3a, 0xdc, 0xc3, 0x1e, 0xa6, 0x98, 0xa4, 0xc0, 0x52, 802 0x83, 0xda, 0xba, 0x90, 0x89, 0xbe, 0x54, 0x91, 0xf6, 803 0x7c, 0x1a, 0x4e, 0xe4, 0x8d, 0xc7, 0x4b, 0xbb, 0xe6, 804 0x64, 0x3a, 0xef, 0x84, 0x66, 0x79, 0xb4, 0xcb, 0x39, 805 0x5a, 0x35, 0x2d, 0x5e, 0xd1, 0x15, 0x91, 0x2d, 0xf6, 806 0x96, 0xff, 0xe0, 0x70, 0x29, 0x32, 0x94, 0x6d, 0x71, 807 0x49, 0x2b, 0x44, 808 }, 809 }, 810 // Example 1.3 811 { 812 []byte{0xd9, 0x4a, 0xe0, 0x83, 0x2e, 0x64, 0x45, 0xce, 813 0x42, 0x33, 0x1c, 0xb0, 0x6d, 0x53, 0x1a, 0x82, 0xb1, 814 0xdb, 0x4b, 0xaa, 0xd3, 0x0f, 0x74, 0x6d, 0xc9, 0x16, 815 0xdf, 0x24, 0xd4, 0xe3, 0xc2, 0x45, 0x1f, 0xff, 0x59, 816 0xa6, 0x42, 0x3e, 0xb0, 0xe1, 0xd0, 0x2d, 0x4f, 0xe6, 817 0x46, 0xcf, 0x69, 0x9d, 0xfd, 0x81, 0x8c, 0x6e, 0x97, 818 0xb0, 0x51, 819 }, 820 []byte{0x25, 0x14, 0xdf, 0x46, 0x95, 0x75, 0x5a, 0x67, 821 0xb2, 0x88, 0xea, 0xf4, 0x90, 0x5c, 0x36, 0xee, 0xc6, 822 0x6f, 0xd2, 0xfd, 823 }, 824 []byte{0x42, 0x37, 0x36, 0xed, 0x03, 0x5f, 0x60, 0x26, 825 0xaf, 0x27, 0x6c, 0x35, 0xc0, 0xb3, 0x74, 0x1b, 0x36, 826 0x5e, 0x5f, 0x76, 0xca, 0x09, 0x1b, 0x4e, 0x8c, 0x29, 827 0xe2, 0xf0, 0xbe, 0xfe, 0xe6, 0x03, 0x59, 0x5a, 0xa8, 828 0x32, 0x2d, 0x60, 0x2d, 0x2e, 0x62, 0x5e, 0x95, 0xeb, 829 0x81, 0xb2, 0xf1, 0xc9, 0x72, 0x4e, 0x82, 0x2e, 0xca, 830 0x76, 0xdb, 0x86, 0x18, 0xcf, 0x09, 0xc5, 0x34, 0x35, 831 0x03, 0xa4, 0x36, 0x08, 0x35, 0xb5, 0x90, 0x3b, 0xc6, 832 0x37, 0xe3, 0x87, 0x9f, 0xb0, 0x5e, 0x0e, 0xf3, 0x26, 833 0x85, 0xd5, 0xae, 0xc5, 0x06, 0x7c, 0xd7, 0xcc, 0x96, 834 0xfe, 0x4b, 0x26, 0x70, 0xb6, 0xea, 0xc3, 0x06, 0x6b, 835 0x1f, 0xcf, 0x56, 0x86, 0xb6, 0x85, 0x89, 0xaa, 0xfb, 836 0x7d, 0x62, 0x9b, 0x02, 0xd8, 0xf8, 0x62, 0x5c, 0xa3, 837 0x83, 0x36, 0x24, 0xd4, 0x80, 0x0f, 0xb0, 0x81, 0xb1, 838 0xcf, 0x94, 0xeb, 839 }, 840 }, 841 }, 842 }, 843 // Key 10 844 {"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb", 845 65537, 846 "056b04216fe5f354ac77250a4b6b0c8525a85c59b0bd80c56450a22d5f438e596a333aa875e291dd43f48cb88b9d5fc0d499f9fcd1c397f9afc070cd9e398c8d19e61db7c7410a6b2675dfbf5d345b804d201add502d5ce2dfcb091ce9997bbebe57306f383e4d588103f036f7e85d1934d152a323e4a8db451d6f4a5b1b0f102cc150e02feee2b88dea4ad4c1baccb24d84072d14e1d24a6771f7408ee30564fb86d4393a34bcf0b788501d193303f13a2284b001f0f649eaf79328d4ac5c430ab4414920a9460ed1b7bc40ec653e876d09abc509ae45b525190116a0c26101848298509c1c3bf3a483e7274054e15e97075036e989f60932807b5257751e79", 847 []testEncryptOAEPMessage{ 848 // Example 10.1 849 { 850 []byte{0x8b, 0xba, 0x6b, 0xf8, 0x2a, 0x6c, 0x0f, 0x86, 851 0xd5, 0xf1, 0x75, 0x6e, 0x97, 0x95, 0x68, 0x70, 0xb0, 852 0x89, 0x53, 0xb0, 0x6b, 0x4e, 0xb2, 0x05, 0xbc, 0x16, 853 0x94, 0xee, 854 }, 855 []byte{0x47, 0xe1, 0xab, 0x71, 0x19, 0xfe, 0xe5, 0x6c, 856 0x95, 0xee, 0x5e, 0xaa, 0xd8, 0x6f, 0x40, 0xd0, 0xaa, 857 0x63, 0xbd, 0x33, 858 }, 859 []byte{0x53, 0xea, 0x5d, 0xc0, 0x8c, 0xd2, 0x60, 0xfb, 860 0x3b, 0x85, 0x85, 0x67, 0x28, 0x7f, 0xa9, 0x15, 0x52, 861 0xc3, 0x0b, 0x2f, 0xeb, 0xfb, 0xa2, 0x13, 0xf0, 0xae, 862 0x87, 0x70, 0x2d, 0x06, 0x8d, 0x19, 0xba, 0xb0, 0x7f, 863 0xe5, 0x74, 0x52, 0x3d, 0xfb, 0x42, 0x13, 0x9d, 0x68, 864 0xc3, 0xc5, 0xaf, 0xee, 0xe0, 0xbf, 0xe4, 0xcb, 0x79, 865 0x69, 0xcb, 0xf3, 0x82, 0xb8, 0x04, 0xd6, 0xe6, 0x13, 866 0x96, 0x14, 0x4e, 0x2d, 0x0e, 0x60, 0x74, 0x1f, 0x89, 867 0x93, 0xc3, 0x01, 0x4b, 0x58, 0xb9, 0xb1, 0x95, 0x7a, 868 0x8b, 0xab, 0xcd, 0x23, 0xaf, 0x85, 0x4f, 0x4c, 0x35, 869 0x6f, 0xb1, 0x66, 0x2a, 0xa7, 0x2b, 0xfc, 0xc7, 0xe5, 870 0x86, 0x55, 0x9d, 0xc4, 0x28, 0x0d, 0x16, 0x0c, 0x12, 871 0x67, 0x85, 0xa7, 0x23, 0xeb, 0xee, 0xbe, 0xff, 0x71, 872 0xf1, 0x15, 0x94, 0x44, 0x0a, 0xae, 0xf8, 0x7d, 0x10, 873 0x79, 0x3a, 0x87, 0x74, 0xa2, 0x39, 0xd4, 0xa0, 0x4c, 874 0x87, 0xfe, 0x14, 0x67, 0xb9, 0xda, 0xf8, 0x52, 0x08, 875 0xec, 0x6c, 0x72, 0x55, 0x79, 0x4a, 0x96, 0xcc, 0x29, 876 0x14, 0x2f, 0x9a, 0x8b, 0xd4, 0x18, 0xe3, 0xc1, 0xfd, 877 0x67, 0x34, 0x4b, 0x0c, 0xd0, 0x82, 0x9d, 0xf3, 0xb2, 878 0xbe, 0xc6, 0x02, 0x53, 0x19, 0x62, 0x93, 0xc6, 0xb3, 879 0x4d, 0x3f, 0x75, 0xd3, 0x2f, 0x21, 0x3d, 0xd4, 0x5c, 880 0x62, 0x73, 0xd5, 0x05, 0xad, 0xf4, 0xcc, 0xed, 0x10, 881 0x57, 0xcb, 0x75, 0x8f, 0xc2, 0x6a, 0xee, 0xfa, 0x44, 882 0x12, 0x55, 0xed, 0x4e, 0x64, 0xc1, 0x99, 0xee, 0x07, 883 0x5e, 0x7f, 0x16, 0x64, 0x61, 0x82, 0xfd, 0xb4, 0x64, 884 0x73, 0x9b, 0x68, 0xab, 0x5d, 0xaf, 0xf0, 0xe6, 0x3e, 885 0x95, 0x52, 0x01, 0x68, 0x24, 0xf0, 0x54, 0xbf, 0x4d, 886 0x3c, 0x8c, 0x90, 0xa9, 0x7b, 0xb6, 0xb6, 0x55, 0x32, 887 0x84, 0xeb, 0x42, 0x9f, 0xcc, 888 }, 889 }, 890 }, 891 }, 892 }