github.com/twelsh-aw/go/src@v0.0.0-20230516233729-a56fe86a7c81/crypto/rsa/rsa_test.go (about) 1 // Copyright 2009 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package rsa_test 6 7 import ( 8 "bufio" 9 "bytes" 10 "crypto" 11 "crypto/internal/boring" 12 "crypto/rand" 13 . "crypto/rsa" 14 "crypto/sha1" 15 "crypto/sha256" 16 "crypto/x509" 17 "encoding/pem" 18 "flag" 19 "fmt" 20 "internal/testenv" 21 "math/big" 22 "strings" 23 "testing" 24 ) 25 26 func TestKeyGeneration(t *testing.T) { 27 for _, size := range []int{128, 1024, 2048, 3072} { 28 priv, err := GenerateKey(rand.Reader, size) 29 if err != nil { 30 t.Errorf("GenerateKey(%d): %v", size, err) 31 } 32 if bits := priv.N.BitLen(); bits != size { 33 t.Errorf("key too short (%d vs %d)", bits, size) 34 } 35 testKeyBasics(t, priv) 36 if testing.Short() { 37 break 38 } 39 } 40 } 41 42 func Test3PrimeKeyGeneration(t *testing.T) { 43 size := 768 44 if testing.Short() { 45 size = 256 46 } 47 48 priv, err := GenerateMultiPrimeKey(rand.Reader, 3, size) 49 if err != nil { 50 t.Errorf("failed to generate key") 51 } 52 testKeyBasics(t, priv) 53 } 54 55 func Test4PrimeKeyGeneration(t *testing.T) { 56 size := 768 57 if testing.Short() { 58 size = 256 59 } 60 61 priv, err := GenerateMultiPrimeKey(rand.Reader, 4, size) 62 if err != nil { 63 t.Errorf("failed to generate key") 64 } 65 testKeyBasics(t, priv) 66 } 67 68 func TestNPrimeKeyGeneration(t *testing.T) { 69 primeSize := 64 70 maxN := 24 71 if testing.Short() { 72 primeSize = 16 73 maxN = 16 74 } 75 // Test that generation of N-prime keys works for N > 4. 76 for n := 5; n < maxN; n++ { 77 priv, err := GenerateMultiPrimeKey(rand.Reader, n, 64+n*primeSize) 78 if err == nil { 79 testKeyBasics(t, priv) 80 } else { 81 t.Errorf("failed to generate %d-prime key", n) 82 } 83 } 84 } 85 86 func TestImpossibleKeyGeneration(t *testing.T) { 87 // This test ensures that trying to generate toy RSA keys doesn't enter 88 // an infinite loop. 89 for i := 0; i < 32; i++ { 90 GenerateKey(rand.Reader, i) 91 GenerateMultiPrimeKey(rand.Reader, 3, i) 92 GenerateMultiPrimeKey(rand.Reader, 4, i) 93 GenerateMultiPrimeKey(rand.Reader, 5, i) 94 } 95 } 96 97 func TestGnuTLSKey(t *testing.T) { 98 // This is a key generated by `certtool --generate-privkey --bits 128`. 99 // It's such that de ≢ 1 mod φ(n), but is congruent mod the order of 100 // the group. 101 priv := parseKey(testingKey(`-----BEGIN RSA TESTING KEY----- 102 MGECAQACEQDar8EuoZuSosYtE9SeXSyPAgMBAAECEBf7XDET8e6jjTcfO7y/sykC 103 CQDozXjCjkBzLQIJAPB6MqNbZaQrAghbZTdQoko5LQIIUp9ZiKDdYjMCCCCpqzmX 104 d8Y7 105 -----END RSA TESTING KEY-----`)) 106 testKeyBasics(t, priv) 107 } 108 109 func testKeyBasics(t *testing.T, priv *PrivateKey) { 110 if err := priv.Validate(); err != nil { 111 t.Errorf("Validate() failed: %s", err) 112 } 113 if priv.D.Cmp(priv.N) > 0 { 114 t.Errorf("private exponent too large") 115 } 116 117 msg := []byte("hi!") 118 enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg) 119 if err != nil { 120 t.Errorf("EncryptPKCS1v15: %v", err) 121 return 122 } 123 124 dec, err := DecryptPKCS1v15(nil, priv, enc) 125 if err != nil { 126 t.Errorf("DecryptPKCS1v15: %v", err) 127 return 128 } 129 if !bytes.Equal(dec, msg) { 130 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) 131 } 132 } 133 134 func TestAllocations(t *testing.T) { 135 if boring.Enabled { 136 t.Skip("skipping allocations test with BoringCrypto") 137 } 138 testenv.SkipIfOptimizationOff(t) 139 140 m := []byte("Hello Gophers") 141 c, err := EncryptPKCS1v15(rand.Reader, &test2048Key.PublicKey, m) 142 if err != nil { 143 t.Fatal(err) 144 } 145 146 if allocs := testing.AllocsPerRun(100, func() { 147 p, err := DecryptPKCS1v15(nil, test2048Key, c) 148 if err != nil { 149 t.Fatal(err) 150 } 151 if !bytes.Equal(p, m) { 152 t.Fatalf("unexpected output: %q", p) 153 } 154 }); allocs > 10 { 155 t.Errorf("expected less than 10 allocations, got %0.1f", allocs) 156 } 157 } 158 159 var allFlag = flag.Bool("all", false, "test all key sizes up to 2048") 160 161 func TestEverything(t *testing.T) { 162 min := 32 163 max := 560 // any smaller than this and not all tests will run 164 if testing.Short() { 165 min = max 166 } 167 if *allFlag { 168 max = 2048 169 } 170 for size := min; size <= max; size++ { 171 size := size 172 t.Run(fmt.Sprintf("%d", size), func(t *testing.T) { 173 t.Parallel() 174 priv, err := GenerateKey(rand.Reader, size) 175 if err != nil { 176 t.Errorf("GenerateKey(%d): %v", size, err) 177 } 178 if bits := priv.N.BitLen(); bits != size { 179 t.Errorf("key too short (%d vs %d)", bits, size) 180 } 181 testEverything(t, priv) 182 }) 183 } 184 } 185 186 func testEverything(t *testing.T, priv *PrivateKey) { 187 if err := priv.Validate(); err != nil { 188 t.Errorf("Validate() failed: %s", err) 189 } 190 191 msg := []byte("test") 192 enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg) 193 if err == ErrMessageTooLong { 194 t.Log("key too small for EncryptPKCS1v15") 195 } else if err != nil { 196 t.Errorf("EncryptPKCS1v15: %v", err) 197 } 198 if err == nil { 199 dec, err := DecryptPKCS1v15(nil, priv, enc) 200 if err != nil { 201 t.Errorf("DecryptPKCS1v15: %v", err) 202 } 203 err = DecryptPKCS1v15SessionKey(nil, priv, enc, make([]byte, 4)) 204 if err != nil { 205 t.Errorf("DecryptPKCS1v15SessionKey: %v", err) 206 } 207 if !bytes.Equal(dec, msg) { 208 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) 209 } 210 } 211 212 label := []byte("label") 213 enc, err = EncryptOAEP(sha256.New(), rand.Reader, &priv.PublicKey, msg, label) 214 if err == ErrMessageTooLong { 215 t.Log("key too small for EncryptOAEP") 216 } else if err != nil { 217 t.Errorf("EncryptOAEP: %v", err) 218 } 219 if err == nil { 220 dec, err := DecryptOAEP(sha256.New(), nil, priv, enc, label) 221 if err != nil { 222 t.Errorf("DecryptOAEP: %v", err) 223 } 224 if !bytes.Equal(dec, msg) { 225 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) 226 } 227 } 228 229 hash := sha256.Sum256(msg) 230 sig, err := SignPKCS1v15(nil, priv, crypto.SHA256, hash[:]) 231 if err == ErrMessageTooLong { 232 t.Log("key too small for SignPKCS1v15") 233 } else if err != nil { 234 t.Errorf("SignPKCS1v15: %v", err) 235 } 236 if err == nil { 237 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig) 238 if err != nil { 239 t.Errorf("VerifyPKCS1v15: %v", err) 240 } 241 sig[1] ^= 0x80 242 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig) 243 if err == nil { 244 t.Errorf("VerifyPKCS1v15 success for tampered signature") 245 } 246 sig[1] ^= 0x80 247 hash[1] ^= 0x80 248 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig) 249 if err == nil { 250 t.Errorf("VerifyPKCS1v15 success for tampered message") 251 } 252 hash[1] ^= 0x80 253 } 254 255 opts := &PSSOptions{SaltLength: PSSSaltLengthAuto} 256 sig, err = SignPSS(rand.Reader, priv, crypto.SHA256, hash[:], opts) 257 if err == ErrMessageTooLong { 258 t.Log("key too small for SignPSS with PSSSaltLengthAuto") 259 } else if err != nil { 260 t.Errorf("SignPSS: %v", err) 261 } 262 if err == nil { 263 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 264 if err != nil { 265 t.Errorf("VerifyPSS: %v", err) 266 } 267 sig[1] ^= 0x80 268 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 269 if err == nil { 270 t.Errorf("VerifyPSS success for tampered signature") 271 } 272 sig[1] ^= 0x80 273 hash[1] ^= 0x80 274 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 275 if err == nil { 276 t.Errorf("VerifyPSS success for tampered message") 277 } 278 hash[1] ^= 0x80 279 } 280 281 opts.SaltLength = PSSSaltLengthEqualsHash 282 sig, err = SignPSS(rand.Reader, priv, crypto.SHA256, hash[:], opts) 283 if err == ErrMessageTooLong { 284 t.Log("key too small for SignPSS with PSSSaltLengthEqualsHash") 285 } else if err != nil { 286 t.Errorf("SignPSS: %v", err) 287 } 288 if err == nil { 289 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 290 if err != nil { 291 t.Errorf("VerifyPSS: %v", err) 292 } 293 sig[1] ^= 0x80 294 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 295 if err == nil { 296 t.Errorf("VerifyPSS success for tampered signature") 297 } 298 sig[1] ^= 0x80 299 hash[1] ^= 0x80 300 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 301 if err == nil { 302 t.Errorf("VerifyPSS success for tampered message") 303 } 304 hash[1] ^= 0x80 305 } 306 307 // Check that an input bigger than the modulus is handled correctly, 308 // whether it is longer than the byte size of the modulus or not. 309 c := bytes.Repeat([]byte{0xff}, priv.Size()) 310 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], c, opts) 311 if err == nil { 312 t.Errorf("VerifyPSS accepted a large signature") 313 } 314 _, err = DecryptPKCS1v15(nil, priv, c) 315 if err == nil { 316 t.Errorf("DecryptPKCS1v15 accepted a large ciphertext") 317 } 318 c = append(c, 0xff) 319 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], c, opts) 320 if err == nil { 321 t.Errorf("VerifyPSS accepted a long signature") 322 } 323 _, err = DecryptPKCS1v15(nil, priv, c) 324 if err == nil { 325 t.Errorf("DecryptPKCS1v15 accepted a long ciphertext") 326 } 327 } 328 329 func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") } 330 331 func parseKey(s string) *PrivateKey { 332 p, _ := pem.Decode([]byte(s)) 333 k, err := x509.ParsePKCS1PrivateKey(p.Bytes) 334 if err != nil { 335 panic(err) 336 } 337 return k 338 } 339 340 var test2048Key = parseKey(testingKey(`-----BEGIN RSA TESTING KEY----- 341 MIIEnwIBAAKCAQBxY8hCshkKiXCUKydkrtQtQSRke28w4JotocDiVqou4k55DEDJ 342 akvWbXXDcakV4HA8R2tOGgbxvTjFo8EK470w9O9ipapPUSrRRaBsSOlkaaIs6OYh 343 4FLwZpqMNBVVEtguVUR/C34Y2pS9kRrHs6q+cGhDZolkWT7nGy5eSEvPDHg0EBq1 344 1hu6HmPmI3r0BInONqJg2rcK3U++wk1lnbD3ysCZsKOqRUms3n/IWKeTqXXmz2XK 345 J2t0NSXwiDmA9q0Gm+w0bXh3lzhtUP4MlzS+lnx9hK5bjzSbCUB5RXwMDG/uNMQq 346 C4MmA4BPceSfMyAIFjdRLGy/K7gbb2viOYRtAgEDAoIBAEuX2tchZgcGSw1yGkMf 347 OB4rbZhSSiCVvB5r1ew5xsnsNFCy1ducMo7zo9ehG2Pq9X2E8jQRWfZ+JdkX1gdC 348 fiCjSkHDxt+LceDZFZ2F8O2bwXNF7sFAN0rvEbLNY44MkB7jgv9c/rs8YykLZy/N 349 HH71mteZsO2Q1JoSHumFh99cwWHFhLxYh64qFeeH6Gqx6AM2YVBWHgs7OuKOvc8y 350 zUbf8xftPht1kMwwDR1XySiEYtBtn74JflK3DcT8oxOuCZBuX6sMJHKbVP41zDj+ 351 FJZBmpAvNfCEYJUr1Hg+DpMLqLUg+D6v5vpliburbk9LxcKFZyyZ9QVe7GoqMLBu 352 eGsCgYEAummUj4MMKWJC2mv5rj/dt2pj2/B2HtP2RLypai4et1/Ru9nNk8cjMLzC 353 qXz6/RLuJ7/eD7asFS3y7EqxKxEmW0G8tTHjnzR/3wnpVipuWnwCDGU032HJVd13 354 LMe51GH97qLzuDZjMCz+VlbCNdSslMgWWK0XmRnN7Yqxvh6ao2kCgYEAm7fTRBhF 355 JtKcaJ7d8BQb9l8BNHfjayYOMq5CxoCyxa2pGBv/Mrnxv73Twp9Z/MP0ue5M5nZt 356 GMovpP5cGdJLQ2w5p4H3opcuWeYW9Yyru2EyCEAI/hD/Td3QVP0ukc19BDuPl5Wg 357 eIFs218uiVOU4pw3w+Et5B1PZ/F+ZLr5LGUCgYB8RmMKV11w7CyRnVEe1T56Ru09 358 Svlp4qQt0xucHr8k6ovSkTO32hd10yxw/fyot0lv1T61JHK4yUydhyDHYMQ81n3O 359 IUJqIv/qBpuOxvQ8UqwIQ3iU69uOk6TIhSaNlqlJwffQJEIgHf7kOdbOjchjMA7l 360 yLpmETPzscvUFGcXmwKBgGfP4i1lg283EvBp6Uq4EqQ/ViL6l5zECXce1y8Ady5z 361 xhASqiHRS9UpN9cU5qiCoyae3e75nhCGym3+6BE23Nede8UBT8G6HuaZZKOzHSeW 362 IVrVW1QLVN6T4DioybaI/gLSX7pjwFBWSJI/dFuNDexoJS1AyUK+NO/2VEMnUMhD 363 AoGAOsdn3Prnh/mjC95vraHCLap0bRBSexMdx77ImHgtFUUcSaT8DJHs+NZw1RdM 364 SZA0J+zVQ8q7B11jIgz5hMz+chedwoRjTL7a8VRTKHFmmBH0zlEuV7L79w6HkRCQ 365 VRg10GUN6heGLv0aOHbPdobcuVDH4sgOqpT1QnOuce34sQs= 366 -----END RSA TESTING KEY-----`)) 367 368 var test3072Key = parseKey(testingKey(`-----BEGIN RSA TESTING KEY----- 369 MIIG5AIBAAKCAYEAuvg7HHdVlr2kKZzRw9xs/uZqR6JK21izBdg8D52YPqEdMIhG 370 BSuOrejT6HiDaJcyCkeNxj7E2dKWacIV4UytlPvDnSL9dQduytl31YQ01J5i20r3 371 Kp1etZDEDltly1eVKcbdQTsr26oSQCojYYiYOj+q8w/rzH3WSEuMs04TMwxCR0CC 372 nStVsNWw5zL45n26mxDgDdPK/i3OJTinTvPUDysB/V0c8tRaQ8U6YesmgSYGIMe0 373 bx5l9k1RJbISGIipmS1IVdNAHSnxqJTUG+9k8SHzp5bvqPeiuVLMZeEdqPHwkNHW 374 37LNO28nN+B0xhc4wvEFvggrMf58oO3oy16AzBsWDKSOQnsagc4gQtrJ4N4WOibT 375 /LJB76RLoNyJ+Ov7Ue8ngqR3r3EM8I9AAkj2+3fo+DxcLuE9qOVnrHYFRqq+EYQe 376 lKSg3Z0EHb7XF35xXeAFbpEXSVuidBRm+emgLkZ2n313hz6jUg3FdE3vLMYHvxly 377 ROzgsz0cNOAH3jnXAgMBAAECggGBAILJqe/buk9cET3aqRGtW8FjRO0fJeYSQgjQ 378 nhL+VsVYxqZwbSqosYIN4E46HxJG0YZHT3Fh7ynAGd+ZGN0lWjdhdhCxrUL0FBhp 379 z13YwWwJ73UfF48DzoCL59lzLd30Qi+bIKLE1YUvjty7nUxY1MPKTbcBaBz/2alw 380 z9eNwfhvlt1ozvVKnwK4OKtCCMKTKLnYMCL8CH+NYyq+Wqrr/Wcu2pF1VQ64ZPwL 381 Ny/P4nttMdQ0Xo9sYD7PDvije+0VivsoT8ZatLt06fCwxEIue2uucIQjXCgO8Igm 382 pZwBEWDfy+NHtTKrFpyKf357S8veDwdU14GjviY8JFH8Bg8PBn3i38635m0o7xMG 383 pRlQi5x1zbHy4riOEjyjCIRVCKwKT5HEYNK5Uu3aQnlOV7CzxBLNp5lyioAIGOBC 384 RKJabN5vbUqJjxaQ39tA29DtfA3+r30aMO+QzOl5hrjJV7A7ueV3dbjp+fDV0LPq 385 QrJ68IvHPi3hfqVlP1UM2s4T69kcYQKBwQDoj+rZVb3Aq0JZ8LraR3nA1yFw4NfA 386 SZ/Ne36rIySiy5z+qY9p6WRNLGLrusSIfmbmvStswAliIdh1cZTAUsIF5+kQvBQg 387 VlxJW/nY5hTktIDOZPDaI77jid1iZLID3VXEm6dXY/Hv7DiUORudXAHoy6HZm2Jt 388 kSkIplSeSfASqidj9Bv7V27ttCcMLu0ImdX4JyWoXkVuzBuxKAgiemtLS5IPN8tw 389 m/o2lMaP8/sCMpXrlo2VS3TMsfJyRI/JGoMCgcEAzdAH1TKNeQ3ghzRdlw5NAs31 390 VbcYzjz8HRkNhOsQCs++1ib7H2MZ3HPLpAa3mBJ+VfXO479G23yI7f2zpiUzRuVY 391 cTMHw5Ln7FXfBro5eu/ruyNzKiWPElP8VK814HI5u5XqUU05BsQbe6AjSGHoU6P6 392 PfSDzaw8hGW78GcZu4/EkZp/0TXW+1HUGgU+ObgmG+PnyIMHIt99i7qrOVbNmG9n 393 uNwGwmfFzNqAtVLbLcVyBV5TR+Ze3ZAwjnVaH5MdAoHBAOg5ncd8KMjVuqHZEpyY 394 tulraQcwXgCzBBHJ+YimxRSSwahCZOTbm768TeMaUtoBbnuF9nDXqgcFyQItct5B 395 RWFkXITLakWINwtB/tEpnz9pRx3SCfeprhnENv7jkibtw5FZ5NYNBTAQ78aC6CJQ 396 F9AAVxPWZ4kFZLYwcVrGdiYNJtxWjAKFIk3WkQ9HZIYsJ09ut9nSmP60bgqO8OCM 397 4csEIUt06X7/IfGSylxAwytEnBPt+F9WQ8GLB5A3CmVERQKBwGmBR0Knk5aG4p7s 398 3T1ee2QAqM+z+Odgo+1WtnN4/NROAwpNGVbRuqQkSDRhrSQr9s+iHtjpaS2C/b7i 399 24FEeLDTSS9edZBwcqvYqWgNdwHqk/FvDs6ASoOewi+3UespIydihqf+6kjppx0M 400 zomAh1S5LsMr4ZVBwhQtAtcOQ0a/QIlTpkpdS0OygwSDw45bNE3/2wYTBUl/QCCt 401 JLFUKjkGgylkwaJPCDsnl+tb+jfQi87st8yX7/GsxPeCeRzOkQKBwGPcu2OgZfsl 402 dMHz0LwKOEattrkDujpIoNxyTrBN4fX0RdhTgfRrqsEkrH/4XG5VTtc7K7sBgx7f 403 IwP1uUAx5v16QDA1Z+oFBXwmI7atdKRM34kl1Q0i60z83ahgA/9bAsSpcA23LtM4 404 u2PRX3YNXb9kUcSbod2tVfXyiu7wl6NlsYw5PeF8A8m7QicaeXR6t8NB02XqQ4k+ 405 BoyV2DVuoxSZKOMti0piQIIacSZWEbgyslwNxW99JRVfA2xKJGjUqA== 406 -----END RSA TESTING KEY-----`)) 407 408 var test4096Key = parseKey(testingKey(`-----BEGIN RSA TESTING KEY----- 409 MIIJKQIBAAKCAgEAwTmi+2MLTSm6GbsKksOHCMdIRsPwLlPtJQiMEjnKq4YEPSaC 410 HXWQTza0KL/PySjhgw3Go5pC7epXlA9o1I+rbx4J3AwxC+xUUJqs3U0AETtzC1JD 411 r3+/aP5KJzXp7IQXe1twEyHbQDCy3XUFhB0tZpIuAx82VSzMv4c6h6KPaES24ljd 412 OxJJLPTYVECG2NbYBeKZPxyGNIkHn6/6rJDxnlICvLVBMrPaxsvN04ck55SRIglw 413 MWmxpPTRFkMFERY7b2C33BuVICB8tXccvNwgtrNOmaWd6yjESZOYMyJQLi0QHMan 414 ObuZw2PeUR+9gAE3R8/ji/i1VLYeVfC6TKzhziq5NKeBXzjSGOS7XyjvxrzypUco 415 HiAUyVGKtouRFyOe4gr4xxZpljIEoN4TsBWSbM8GH6n5uFmEKvFnBR5KDRCwFfvI 416 JudWm/oWptzQUyqRvzNtv4OgU9YVnx/fY3hyaD5ZnVZjUZzAjo3o8WSwmuTbZbJ1 417 gX3pDRPw3g0naBm6rMEWPV4YR93be/mBERxWua6IrPPptRh9WYAJP4bkwk9V0F8U 418 Ydk1URLeETAyFScNgukcKzpNw+OeCze2Blvrenf9goHefIpMzv4/ulEr7/v80ESq 419 qd9CAwpz7cRe5+g18v5rFTEHESTCCq+rOFI5L59UX4VvE7CGOzcPLLZjlcMCAwEA 420 AQKCAgB3/09UR0IxfYRxjlMWqg8mSHx+VhjG7KANq60xdGqE8wmW4F9V5DjmuNZR 421 qC1mg9jpBpkh6R8/mZUiAh/cQgz5SPJekcOz3+TM2gIYvUUZbo4XrdMTHobEsYdj 422 qnvHwpDCrxp/BzueNaAfIBl43pXfaVDh53RamSPeniCfMzlUS7g4AXACy2xeWwAt 423 8pTL/UDTBtKc+x3talwts6A9oxYqeEvy3a3Lyx5G7zK39unYV896D9p5FWaZRuDC 424 roRrBB+NH8ePDiIifYp1N6/FKf+29swNZ2kXLY4ZE2wl9V1OD/Y9qLEZjYQEb/UU 425 9F0/LYIjOtvZhW83WJKmVIWeMI9Z4UooOztJJK0XOqSDsXVaEMgrF9D4E8BnKdWp 426 ddM5E0nNXpLEV/SsoUyAMjArjImf8HjmJA45Px+BBGxdIv5PCyvUUD2R/6WbHOdh 427 glH49I4SpVKGICV+qhLdSZkjWaItECwbsw5CeXrcOPjVCrNGOOKI8FdQN7S9JRiN 428 Th6pTL1ezDUOx2Sq1M/h++ucd7akzsxm6my3leNYHxxyX7/PnQgUDyoXwQ1azAtB 429 8PmMe7JAxuMjwFJJXn1Sgoq0ml0RkRkrj18+UMiz32qX8OtN+x44LkC7TnMNXqiA 430 ohmzYy4WJRc3LyyTMWGrH00Zckc8oBvjf/rWy5X1nWz+DcuQIQKCAQEA6x92d8A9 431 WR4qeHRY6zfHaaza8Z9vFUUUwebPxDy82Q6znu6nXNB/Q+OuhGohqcODUC8dj2qv 432 7AyKdukzZzPTNSWNoSnr3c3nGpOzXxFntGOMFB83nmeoYGJEo3RertQO8QG2Dkis 433 Ix9uKU6u2m5ijnH5cqHs2OcRbl2b+6mkRvPY2YxI0EqSXnMa1jpjeCKpZDW89iLU 434 rm7x6vqyffqVaTt4PHj47p5QIUj8cRkVtAvUuIzM/R2g/epiytTo4iRM28rVLRnK 435 28BtTtXZBT6Xy4UWX0fLSOUm2Hr1jiUJIc+Adb2h+zh69MBtBG6JRBiK7zwx7HxE 436 c6sFzNvfMei99QKCAQEA0mHNpqmHuHb+wNdAEiKz4hCnYyuLDy+lZp/uQRkiODqV 437 eUxAHRK1OP8yt45ZBxyaLcuRvAgK/ETg/QlYWUuAXvUWVGq9Ycv3WrpjUL0DHvuo 438 rBfWTSiTNWH9sbDoCapiJMDe28ELBXVp1dCKuei/EReRHYg/vJn+GdPaZL60rlQg 439 qCMou3jOXw94/Y05QcJQNkoLmVEEEwkbwrfXWvjShRbKNsv5kJydgPRfnsu5JSue 440 Ydkx/Io4+4xz6vjfDDjgFFfvOJJjouFkYGWIDuT5JViIVBVK1F3XrkzOYUjoBzo7 441 xDJkZrgNyNIpWXdzwfb8WTCJAOTHMk9DSB4lkk651wKCAQBKMTtovjidjm9IYy5L 442 yuYZ6nmMFQswYwQRy4t0GNZeh80WMaiOGRyPh6DiF7tXnmIpQzTItJmemrZ2n0+h 443 GTFka90tJdVPwFFUiZboQM3Alkj1cIRUb9Ep2Nhf27Ck6jVsx2VzTGtFCf3w+ush 444 8gMXf89+5KmgKAnQEanO19EGspuSyjmPwHg/ZYLqZrJMjmN1Q5/E62jBQjEEPOdl 445 6VSMSD/AlUu3wCz409cUuR2oGrOdKJDmrhrHBNb3ugdilKHMGUz7VlA015umbMR2 446 azHq/qv4lOcIsYZ4eRRTLkybZqbagGREqaXi5XWBGIAoBLaSlyQJw4y2ExlZc2gS 447 j6ahAoIBAQCwzdsL1mumHfMI050X4Kw2L3LNCBoMwCkL7xpHAT1d7fYSg39aL4+3 448 f9j6pBmzvVjhZbRrRoMc8TH31XO3T5lptCV4+l+AIe8WA5BVmRNXZX2ia0IBhDj6 449 4whW3eqTvOpQIvrnyfteMgeo1mLPzIdOcPTW0dtmwC/pOr7Obergmvj69NlVfDhL 450 cXBn/diBqDDK/z1yMsDu0nfPE7tby8L4cGeu14s7+jLv3e/CP0mwsFChwOueZfdv 451 h+EfNtoUpnPDBQeZDoXHrA40aP+ILOwpc5bWuzIw+VC6PfgvkBrXgBwcTZFNNh73 452 h4+Sja3t84it1/k7lAjIAg70O8mthJXvAoIBAQDUUqWxqQN76gY2CPuXrwIvWvfP 453 Z9U2Lv5ZTmY75L20CWRY0os0hAF68vCwxLpfeUMUTSokwa5L/l1gHwA2Zqm1977W 454 9wV2Iiyqmkz9u3fu5YNOlezSoffOvAf/GUvSQ9HJ/VGqFdy2bC6NE81HRxojxeeY 455 7ZmNlJrcsupyWmpUTpAd4cRVaCjcZQRoj+uIYCbgtV6/RD5VXHcPTd9wR7pjZPv7 456 239qVdVU4ahkSZP6ikeN/wOEegWS0i/cKSgYmLBpWFGze3EKvHdEzurqPNCr5zo2 457 jd7HGMtCpvqFx/7wUl09ac/kHeY+Ob2KduWinSPm5+jI6dPohnGx/wBEVCWh 458 -----END RSA TESTING KEY-----`)) 459 460 func BenchmarkDecryptPKCS1v15(b *testing.B) { 461 b.Run("2048", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test2048Key) }) 462 b.Run("3072", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test3072Key) }) 463 b.Run("4096", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test4096Key) }) 464 } 465 466 func benchmarkDecryptPKCS1v15(b *testing.B, k *PrivateKey) { 467 r := bufio.NewReaderSize(rand.Reader, 1<<15) 468 469 m := []byte("Hello Gophers") 470 c, err := EncryptPKCS1v15(r, &k.PublicKey, m) 471 if err != nil { 472 b.Fatal(err) 473 } 474 475 b.ResetTimer() 476 var sink byte 477 for i := 0; i < b.N; i++ { 478 p, err := DecryptPKCS1v15(r, k, c) 479 if err != nil { 480 b.Fatal(err) 481 } 482 if !bytes.Equal(p, m) { 483 b.Fatalf("unexpected output: %q", p) 484 } 485 sink ^= p[0] 486 } 487 } 488 489 func BenchmarkEncryptPKCS1v15(b *testing.B) { 490 b.Run("2048", func(b *testing.B) { 491 r := bufio.NewReaderSize(rand.Reader, 1<<15) 492 m := []byte("Hello Gophers") 493 494 var sink byte 495 for i := 0; i < b.N; i++ { 496 c, err := EncryptPKCS1v15(r, &test2048Key.PublicKey, m) 497 if err != nil { 498 b.Fatal(err) 499 } 500 sink ^= c[0] 501 } 502 }) 503 } 504 505 func BenchmarkDecryptOAEP(b *testing.B) { 506 b.Run("2048", func(b *testing.B) { 507 r := bufio.NewReaderSize(rand.Reader, 1<<15) 508 509 m := []byte("Hello Gophers") 510 c, err := EncryptOAEP(sha256.New(), r, &test2048Key.PublicKey, m, nil) 511 if err != nil { 512 b.Fatal(err) 513 } 514 515 b.ResetTimer() 516 var sink byte 517 for i := 0; i < b.N; i++ { 518 p, err := DecryptOAEP(sha256.New(), r, test2048Key, c, nil) 519 if err != nil { 520 b.Fatal(err) 521 } 522 if !bytes.Equal(p, m) { 523 b.Fatalf("unexpected output: %q", p) 524 } 525 sink ^= p[0] 526 } 527 }) 528 } 529 530 func BenchmarkEncryptOAEP(b *testing.B) { 531 b.Run("2048", func(b *testing.B) { 532 r := bufio.NewReaderSize(rand.Reader, 1<<15) 533 m := []byte("Hello Gophers") 534 535 var sink byte 536 for i := 0; i < b.N; i++ { 537 c, err := EncryptOAEP(sha256.New(), r, &test2048Key.PublicKey, m, nil) 538 if err != nil { 539 b.Fatal(err) 540 } 541 sink ^= c[0] 542 } 543 }) 544 } 545 546 func BenchmarkSignPKCS1v15(b *testing.B) { 547 b.Run("2048", func(b *testing.B) { 548 hashed := sha256.Sum256([]byte("testing")) 549 550 var sink byte 551 b.ResetTimer() 552 for i := 0; i < b.N; i++ { 553 s, err := SignPKCS1v15(rand.Reader, test2048Key, crypto.SHA256, hashed[:]) 554 if err != nil { 555 b.Fatal(err) 556 } 557 sink ^= s[0] 558 } 559 }) 560 } 561 562 func BenchmarkVerifyPKCS1v15(b *testing.B) { 563 b.Run("2048", func(b *testing.B) { 564 hashed := sha256.Sum256([]byte("testing")) 565 s, err := SignPKCS1v15(rand.Reader, test2048Key, crypto.SHA256, hashed[:]) 566 if err != nil { 567 b.Fatal(err) 568 } 569 570 b.ResetTimer() 571 for i := 0; i < b.N; i++ { 572 err := VerifyPKCS1v15(&test2048Key.PublicKey, crypto.SHA256, hashed[:], s) 573 if err != nil { 574 b.Fatal(err) 575 } 576 } 577 }) 578 } 579 580 func BenchmarkSignPSS(b *testing.B) { 581 b.Run("2048", func(b *testing.B) { 582 hashed := sha256.Sum256([]byte("testing")) 583 584 var sink byte 585 b.ResetTimer() 586 for i := 0; i < b.N; i++ { 587 s, err := SignPSS(rand.Reader, test2048Key, crypto.SHA256, hashed[:], nil) 588 if err != nil { 589 b.Fatal(err) 590 } 591 sink ^= s[0] 592 } 593 }) 594 } 595 596 func BenchmarkVerifyPSS(b *testing.B) { 597 b.Run("2048", func(b *testing.B) { 598 hashed := sha256.Sum256([]byte("testing")) 599 s, err := SignPSS(rand.Reader, test2048Key, crypto.SHA256, hashed[:], nil) 600 if err != nil { 601 b.Fatal(err) 602 } 603 604 b.ResetTimer() 605 for i := 0; i < b.N; i++ { 606 err := VerifyPSS(&test2048Key.PublicKey, crypto.SHA256, hashed[:], s, nil) 607 if err != nil { 608 b.Fatal(err) 609 } 610 } 611 }) 612 } 613 614 type testEncryptOAEPMessage struct { 615 in []byte 616 seed []byte 617 out []byte 618 } 619 620 type testEncryptOAEPStruct struct { 621 modulus string 622 e int 623 d string 624 msgs []testEncryptOAEPMessage 625 } 626 627 func TestEncryptOAEP(t *testing.T) { 628 sha1 := sha1.New() 629 n := new(big.Int) 630 for i, test := range testEncryptOAEPData { 631 n.SetString(test.modulus, 16) 632 public := PublicKey{N: n, E: test.e} 633 634 for j, message := range test.msgs { 635 randomSource := bytes.NewReader(message.seed) 636 out, err := EncryptOAEP(sha1, randomSource, &public, message.in, nil) 637 if err != nil { 638 t.Errorf("#%d,%d error: %s", i, j, err) 639 } 640 if !bytes.Equal(out, message.out) { 641 t.Errorf("#%d,%d bad result: %x (want %x)", i, j, out, message.out) 642 } 643 } 644 } 645 } 646 647 func TestDecryptOAEP(t *testing.T) { 648 random := rand.Reader 649 650 sha1 := sha1.New() 651 n := new(big.Int) 652 d := new(big.Int) 653 for i, test := range testEncryptOAEPData { 654 n.SetString(test.modulus, 16) 655 d.SetString(test.d, 16) 656 private := new(PrivateKey) 657 private.PublicKey = PublicKey{N: n, E: test.e} 658 private.D = d 659 660 for j, message := range test.msgs { 661 out, err := DecryptOAEP(sha1, nil, private, message.out, nil) 662 if err != nil { 663 t.Errorf("#%d,%d error: %s", i, j, err) 664 } else if !bytes.Equal(out, message.in) { 665 t.Errorf("#%d,%d bad result: %#v (want %#v)", i, j, out, message.in) 666 } 667 668 // Decrypt with blinding. 669 out, err = DecryptOAEP(sha1, random, private, message.out, nil) 670 if err != nil { 671 t.Errorf("#%d,%d (blind) error: %s", i, j, err) 672 } else if !bytes.Equal(out, message.in) { 673 t.Errorf("#%d,%d (blind) bad result: %#v (want %#v)", i, j, out, message.in) 674 } 675 } 676 if testing.Short() { 677 break 678 } 679 } 680 } 681 682 func Test2DecryptOAEP(t *testing.T) { 683 random := rand.Reader 684 685 msg := []byte{0xed, 0x36, 0x90, 0x8d, 0xbe, 0xfc, 0x35, 0x40, 0x70, 0x4f, 0xf5, 0x9d, 0x6e, 0xc2, 0xeb, 0xf5, 0x27, 0xae, 0x65, 0xb0, 0x59, 0x29, 0x45, 0x25, 0x8c, 0xc1, 0x91, 0x22} 686 in := []byte{0x72, 0x26, 0x84, 0xc9, 0xcf, 0xd6, 0xa8, 0x96, 0x04, 0x3e, 0x34, 0x07, 0x2c, 0x4f, 0xe6, 0x52, 0xbe, 0x46, 0x3c, 0xcf, 0x79, 0x21, 0x09, 0x64, 0xe7, 0x33, 0x66, 0x9b, 0xf8, 0x14, 0x22, 0x43, 0xfe, 0x8e, 0x52, 0x8b, 0xe0, 0x5f, 0x98, 0xef, 0x54, 0xac, 0x6b, 0xc6, 0x26, 0xac, 0x5b, 0x1b, 0x4b, 0x7d, 0x2e, 0xd7, 0x69, 0x28, 0x5a, 0x2f, 0x4a, 0x95, 0x89, 0x6c, 0xc7, 0x53, 0x95, 0xc7, 0xd2, 0x89, 0x04, 0x6f, 0x94, 0x74, 0x9b, 0x09, 0x0d, 0xf4, 0x61, 0x2e, 0xab, 0x48, 0x57, 0x4a, 0xbf, 0x95, 0xcb, 0xff, 0x15, 0xe2, 0xa0, 0x66, 0x58, 0xf7, 0x46, 0xf8, 0xc7, 0x0b, 0xb5, 0x1e, 0xa7, 0xba, 0x36, 0xce, 0xdd, 0x36, 0x41, 0x98, 0x6e, 0x10, 0xf9, 0x3b, 0x70, 0xbb, 0xa1, 0xda, 0x00, 0x40, 0xd5, 0xa5, 0x3f, 0x87, 0x64, 0x32, 0x7c, 0xbc, 0x50, 0x52, 0x0e, 0x4f, 0x21, 0xbd} 687 688 n := new(big.Int) 689 d := new(big.Int) 690 n.SetString(testEncryptOAEPData[0].modulus, 16) 691 d.SetString(testEncryptOAEPData[0].d, 16) 692 priv := new(PrivateKey) 693 priv.PublicKey = PublicKey{N: n, E: testEncryptOAEPData[0].e} 694 priv.D = d 695 sha1 := crypto.SHA1 696 sha256 := crypto.SHA256 697 698 out, err := priv.Decrypt(random, in, &OAEPOptions{MGFHash: sha1, Hash: sha256}) 699 700 if err != nil { 701 t.Errorf("error: %s", err) 702 } else if !bytes.Equal(out, msg) { 703 t.Errorf("bad result %#v (want %#v)", out, msg) 704 } 705 } 706 707 func TestEncryptDecryptOAEP(t *testing.T) { 708 sha256 := sha256.New() 709 n := new(big.Int) 710 d := new(big.Int) 711 for i, test := range testEncryptOAEPData { 712 n.SetString(test.modulus, 16) 713 d.SetString(test.d, 16) 714 priv := new(PrivateKey) 715 priv.PublicKey = PublicKey{N: n, E: test.e} 716 priv.D = d 717 718 for j, message := range test.msgs { 719 label := []byte(fmt.Sprintf("hi#%d", j)) 720 enc, err := EncryptOAEP(sha256, rand.Reader, &priv.PublicKey, message.in, label) 721 if err != nil { 722 t.Errorf("#%d,%d: EncryptOAEP: %v", i, j, err) 723 continue 724 } 725 dec, err := DecryptOAEP(sha256, rand.Reader, priv, enc, label) 726 if err != nil { 727 t.Errorf("#%d,%d: DecryptOAEP: %v", i, j, err) 728 continue 729 } 730 if !bytes.Equal(dec, message.in) { 731 t.Errorf("#%d,%d: round trip %q -> %q", i, j, message.in, dec) 732 } 733 } 734 } 735 } 736 737 // testEncryptOAEPData contains a subset of the vectors from RSA's "Test vectors for RSA-OAEP". 738 var testEncryptOAEPData = []testEncryptOAEPStruct{ 739 // Key 1 740 {"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb", 741 65537, 742 "53339cfdb79fc8466a655c7316aca85c55fd8f6dd898fdaf119517ef4f52e8fd8e258df93fee180fa0e4ab29693cd83b152a553d4ac4d1812b8b9fa5af0e7f55fe7304df41570926f3311f15c4d65a732c483116ee3d3d2d0af3549ad9bf7cbfb78ad884f84d5beb04724dc7369b31def37d0cf539e9cfcdd3de653729ead5d1", 743 []testEncryptOAEPMessage{ 744 // Example 1.1 745 { 746 []byte{0x66, 0x28, 0x19, 0x4e, 0x12, 0x07, 0x3d, 0xb0, 747 0x3b, 0xa9, 0x4c, 0xda, 0x9e, 0xf9, 0x53, 0x23, 0x97, 748 0xd5, 0x0d, 0xba, 0x79, 0xb9, 0x87, 0x00, 0x4a, 0xfe, 749 0xfe, 0x34, 750 }, 751 []byte{0x18, 0xb7, 0x76, 0xea, 0x21, 0x06, 0x9d, 0x69, 752 0x77, 0x6a, 0x33, 0xe9, 0x6b, 0xad, 0x48, 0xe1, 0xdd, 753 0xa0, 0xa5, 0xef, 754 }, 755 []byte{0x35, 0x4f, 0xe6, 0x7b, 0x4a, 0x12, 0x6d, 0x5d, 756 0x35, 0xfe, 0x36, 0xc7, 0x77, 0x79, 0x1a, 0x3f, 0x7b, 757 0xa1, 0x3d, 0xef, 0x48, 0x4e, 0x2d, 0x39, 0x08, 0xaf, 758 0xf7, 0x22, 0xfa, 0xd4, 0x68, 0xfb, 0x21, 0x69, 0x6d, 759 0xe9, 0x5d, 0x0b, 0xe9, 0x11, 0xc2, 0xd3, 0x17, 0x4f, 760 0x8a, 0xfc, 0xc2, 0x01, 0x03, 0x5f, 0x7b, 0x6d, 0x8e, 761 0x69, 0x40, 0x2d, 0xe5, 0x45, 0x16, 0x18, 0xc2, 0x1a, 762 0x53, 0x5f, 0xa9, 0xd7, 0xbf, 0xc5, 0xb8, 0xdd, 0x9f, 763 0xc2, 0x43, 0xf8, 0xcf, 0x92, 0x7d, 0xb3, 0x13, 0x22, 764 0xd6, 0xe8, 0x81, 0xea, 0xa9, 0x1a, 0x99, 0x61, 0x70, 765 0xe6, 0x57, 0xa0, 0x5a, 0x26, 0x64, 0x26, 0xd9, 0x8c, 766 0x88, 0x00, 0x3f, 0x84, 0x77, 0xc1, 0x22, 0x70, 0x94, 767 0xa0, 0xd9, 0xfa, 0x1e, 0x8c, 0x40, 0x24, 0x30, 0x9c, 768 0xe1, 0xec, 0xcc, 0xb5, 0x21, 0x00, 0x35, 0xd4, 0x7a, 769 0xc7, 0x2e, 0x8a, 770 }, 771 }, 772 // Example 1.2 773 { 774 []byte{0x75, 0x0c, 0x40, 0x47, 0xf5, 0x47, 0xe8, 0xe4, 775 0x14, 0x11, 0x85, 0x65, 0x23, 0x29, 0x8a, 0xc9, 0xba, 776 0xe2, 0x45, 0xef, 0xaf, 0x13, 0x97, 0xfb, 0xe5, 0x6f, 777 0x9d, 0xd5, 778 }, 779 []byte{0x0c, 0xc7, 0x42, 0xce, 0x4a, 0x9b, 0x7f, 0x32, 780 0xf9, 0x51, 0xbc, 0xb2, 0x51, 0xef, 0xd9, 0x25, 0xfe, 781 0x4f, 0xe3, 0x5f, 782 }, 783 []byte{0x64, 0x0d, 0xb1, 0xac, 0xc5, 0x8e, 0x05, 0x68, 784 0xfe, 0x54, 0x07, 0xe5, 0xf9, 0xb7, 0x01, 0xdf, 0xf8, 785 0xc3, 0xc9, 0x1e, 0x71, 0x6c, 0x53, 0x6f, 0xc7, 0xfc, 786 0xec, 0x6c, 0xb5, 0xb7, 0x1c, 0x11, 0x65, 0x98, 0x8d, 787 0x4a, 0x27, 0x9e, 0x15, 0x77, 0xd7, 0x30, 0xfc, 0x7a, 788 0x29, 0x93, 0x2e, 0x3f, 0x00, 0xc8, 0x15, 0x15, 0x23, 789 0x6d, 0x8d, 0x8e, 0x31, 0x01, 0x7a, 0x7a, 0x09, 0xdf, 790 0x43, 0x52, 0xd9, 0x04, 0xcd, 0xeb, 0x79, 0xaa, 0x58, 791 0x3a, 0xdc, 0xc3, 0x1e, 0xa6, 0x98, 0xa4, 0xc0, 0x52, 792 0x83, 0xda, 0xba, 0x90, 0x89, 0xbe, 0x54, 0x91, 0xf6, 793 0x7c, 0x1a, 0x4e, 0xe4, 0x8d, 0xc7, 0x4b, 0xbb, 0xe6, 794 0x64, 0x3a, 0xef, 0x84, 0x66, 0x79, 0xb4, 0xcb, 0x39, 795 0x5a, 0x35, 0x2d, 0x5e, 0xd1, 0x15, 0x91, 0x2d, 0xf6, 796 0x96, 0xff, 0xe0, 0x70, 0x29, 0x32, 0x94, 0x6d, 0x71, 797 0x49, 0x2b, 0x44, 798 }, 799 }, 800 // Example 1.3 801 { 802 []byte{0xd9, 0x4a, 0xe0, 0x83, 0x2e, 0x64, 0x45, 0xce, 803 0x42, 0x33, 0x1c, 0xb0, 0x6d, 0x53, 0x1a, 0x82, 0xb1, 804 0xdb, 0x4b, 0xaa, 0xd3, 0x0f, 0x74, 0x6d, 0xc9, 0x16, 805 0xdf, 0x24, 0xd4, 0xe3, 0xc2, 0x45, 0x1f, 0xff, 0x59, 806 0xa6, 0x42, 0x3e, 0xb0, 0xe1, 0xd0, 0x2d, 0x4f, 0xe6, 807 0x46, 0xcf, 0x69, 0x9d, 0xfd, 0x81, 0x8c, 0x6e, 0x97, 808 0xb0, 0x51, 809 }, 810 []byte{0x25, 0x14, 0xdf, 0x46, 0x95, 0x75, 0x5a, 0x67, 811 0xb2, 0x88, 0xea, 0xf4, 0x90, 0x5c, 0x36, 0xee, 0xc6, 812 0x6f, 0xd2, 0xfd, 813 }, 814 []byte{0x42, 0x37, 0x36, 0xed, 0x03, 0x5f, 0x60, 0x26, 815 0xaf, 0x27, 0x6c, 0x35, 0xc0, 0xb3, 0x74, 0x1b, 0x36, 816 0x5e, 0x5f, 0x76, 0xca, 0x09, 0x1b, 0x4e, 0x8c, 0x29, 817 0xe2, 0xf0, 0xbe, 0xfe, 0xe6, 0x03, 0x59, 0x5a, 0xa8, 818 0x32, 0x2d, 0x60, 0x2d, 0x2e, 0x62, 0x5e, 0x95, 0xeb, 819 0x81, 0xb2, 0xf1, 0xc9, 0x72, 0x4e, 0x82, 0x2e, 0xca, 820 0x76, 0xdb, 0x86, 0x18, 0xcf, 0x09, 0xc5, 0x34, 0x35, 821 0x03, 0xa4, 0x36, 0x08, 0x35, 0xb5, 0x90, 0x3b, 0xc6, 822 0x37, 0xe3, 0x87, 0x9f, 0xb0, 0x5e, 0x0e, 0xf3, 0x26, 823 0x85, 0xd5, 0xae, 0xc5, 0x06, 0x7c, 0xd7, 0xcc, 0x96, 824 0xfe, 0x4b, 0x26, 0x70, 0xb6, 0xea, 0xc3, 0x06, 0x6b, 825 0x1f, 0xcf, 0x56, 0x86, 0xb6, 0x85, 0x89, 0xaa, 0xfb, 826 0x7d, 0x62, 0x9b, 0x02, 0xd8, 0xf8, 0x62, 0x5c, 0xa3, 827 0x83, 0x36, 0x24, 0xd4, 0x80, 0x0f, 0xb0, 0x81, 0xb1, 828 0xcf, 0x94, 0xeb, 829 }, 830 }, 831 }, 832 }, 833 // Key 10 834 {"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb", 835 65537, 836 "056b04216fe5f354ac77250a4b6b0c8525a85c59b0bd80c56450a22d5f438e596a333aa875e291dd43f48cb88b9d5fc0d499f9fcd1c397f9afc070cd9e398c8d19e61db7c7410a6b2675dfbf5d345b804d201add502d5ce2dfcb091ce9997bbebe57306f383e4d588103f036f7e85d1934d152a323e4a8db451d6f4a5b1b0f102cc150e02feee2b88dea4ad4c1baccb24d84072d14e1d24a6771f7408ee30564fb86d4393a34bcf0b788501d193303f13a2284b001f0f649eaf79328d4ac5c430ab4414920a9460ed1b7bc40ec653e876d09abc509ae45b525190116a0c26101848298509c1c3bf3a483e7274054e15e97075036e989f60932807b5257751e79", 837 []testEncryptOAEPMessage{ 838 // Example 10.1 839 { 840 []byte{0x8b, 0xba, 0x6b, 0xf8, 0x2a, 0x6c, 0x0f, 0x86, 841 0xd5, 0xf1, 0x75, 0x6e, 0x97, 0x95, 0x68, 0x70, 0xb0, 842 0x89, 0x53, 0xb0, 0x6b, 0x4e, 0xb2, 0x05, 0xbc, 0x16, 843 0x94, 0xee, 844 }, 845 []byte{0x47, 0xe1, 0xab, 0x71, 0x19, 0xfe, 0xe5, 0x6c, 846 0x95, 0xee, 0x5e, 0xaa, 0xd8, 0x6f, 0x40, 0xd0, 0xaa, 847 0x63, 0xbd, 0x33, 848 }, 849 []byte{0x53, 0xea, 0x5d, 0xc0, 0x8c, 0xd2, 0x60, 0xfb, 850 0x3b, 0x85, 0x85, 0x67, 0x28, 0x7f, 0xa9, 0x15, 0x52, 851 0xc3, 0x0b, 0x2f, 0xeb, 0xfb, 0xa2, 0x13, 0xf0, 0xae, 852 0x87, 0x70, 0x2d, 0x06, 0x8d, 0x19, 0xba, 0xb0, 0x7f, 853 0xe5, 0x74, 0x52, 0x3d, 0xfb, 0x42, 0x13, 0x9d, 0x68, 854 0xc3, 0xc5, 0xaf, 0xee, 0xe0, 0xbf, 0xe4, 0xcb, 0x79, 855 0x69, 0xcb, 0xf3, 0x82, 0xb8, 0x04, 0xd6, 0xe6, 0x13, 856 0x96, 0x14, 0x4e, 0x2d, 0x0e, 0x60, 0x74, 0x1f, 0x89, 857 0x93, 0xc3, 0x01, 0x4b, 0x58, 0xb9, 0xb1, 0x95, 0x7a, 858 0x8b, 0xab, 0xcd, 0x23, 0xaf, 0x85, 0x4f, 0x4c, 0x35, 859 0x6f, 0xb1, 0x66, 0x2a, 0xa7, 0x2b, 0xfc, 0xc7, 0xe5, 860 0x86, 0x55, 0x9d, 0xc4, 0x28, 0x0d, 0x16, 0x0c, 0x12, 861 0x67, 0x85, 0xa7, 0x23, 0xeb, 0xee, 0xbe, 0xff, 0x71, 862 0xf1, 0x15, 0x94, 0x44, 0x0a, 0xae, 0xf8, 0x7d, 0x10, 863 0x79, 0x3a, 0x87, 0x74, 0xa2, 0x39, 0xd4, 0xa0, 0x4c, 864 0x87, 0xfe, 0x14, 0x67, 0xb9, 0xda, 0xf8, 0x52, 0x08, 865 0xec, 0x6c, 0x72, 0x55, 0x79, 0x4a, 0x96, 0xcc, 0x29, 866 0x14, 0x2f, 0x9a, 0x8b, 0xd4, 0x18, 0xe3, 0xc1, 0xfd, 867 0x67, 0x34, 0x4b, 0x0c, 0xd0, 0x82, 0x9d, 0xf3, 0xb2, 868 0xbe, 0xc6, 0x02, 0x53, 0x19, 0x62, 0x93, 0xc6, 0xb3, 869 0x4d, 0x3f, 0x75, 0xd3, 0x2f, 0x21, 0x3d, 0xd4, 0x5c, 870 0x62, 0x73, 0xd5, 0x05, 0xad, 0xf4, 0xcc, 0xed, 0x10, 871 0x57, 0xcb, 0x75, 0x8f, 0xc2, 0x6a, 0xee, 0xfa, 0x44, 872 0x12, 0x55, 0xed, 0x4e, 0x64, 0xc1, 0x99, 0xee, 0x07, 873 0x5e, 0x7f, 0x16, 0x64, 0x61, 0x82, 0xfd, 0xb4, 0x64, 874 0x73, 0x9b, 0x68, 0xab, 0x5d, 0xaf, 0xf0, 0xe6, 0x3e, 875 0x95, 0x52, 0x01, 0x68, 0x24, 0xf0, 0x54, 0xbf, 0x4d, 876 0x3c, 0x8c, 0x90, 0xa9, 0x7b, 0xb6, 0xb6, 0x55, 0x32, 877 0x84, 0xeb, 0x42, 0x9f, 0xcc, 878 }, 879 }, 880 }, 881 }, 882 }