github.com/varialus/godfly@v0.0.0-20130904042352-1934f9f095ab/src/pkg/crypto/rsa/pkcs1v15_test.go

github.com/varialus/godfly@v0.0.0-20130904042352-1934f9f095ab/src/pkg/crypto/rsa/pkcs1v15_test.go (about)

     1  // Copyright 2009 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package rsa
     6  
     7  import (
     8  	"bytes"
     9  	"crypto"
    10  	"crypto/rand"
    11  	"crypto/sha1"
    12  	"encoding/base64"
    13  	"encoding/hex"
    14  	"io"
    15  	"math/big"
    16  	"testing"
    17  	"testing/quick"
    18  )
    19  
    20  func decodeBase64(in string) []byte {
    21  	out := make([]byte, base64.StdEncoding.DecodedLen(len(in)))
    22  	n, err := base64.StdEncoding.Decode(out, []byte(in))
    23  	if err != nil {
    24  		return nil
    25  	}
    26  	return out[0:n]
    27  }
    28  
    29  type DecryptPKCS1v15Test struct {
    30  	in, out string
    31  }
    32  
    33  // These test vectors were generated with `openssl rsautl -pkcs -encrypt`
    34  var decryptPKCS1v15Tests = []DecryptPKCS1v15Test{
    35  	{
    36  		"gIcUIoVkD6ATMBk/u/nlCZCCWRKdkfjCgFdo35VpRXLduiKXhNz1XupLLzTXAybEq15juc+EgY5o0DHv/nt3yg==",
    37  		"x",
    38  	},
    39  	{
    40  		"Y7TOCSqofGhkRb+jaVRLzK8xw2cSo1IVES19utzv6hwvx+M8kFsoWQm5DzBeJCZTCVDPkTpavUuEbgp8hnUGDw==",
    41  		"testing.",
    42  	},
    43  	{
    44  		"arReP9DJtEVyV2Dg3dDp4c/PSk1O6lxkoJ8HcFupoRorBZG+7+1fDAwT1olNddFnQMjmkb8vxwmNMoTAT/BFjQ==",
    45  		"testing.\n",
    46  	},
    47  	{
    48  		"WtaBXIoGC54+vH0NH0CHHE+dRDOsMc/6BrfFu2lEqcKL9+uDuWaf+Xj9mrbQCjjZcpQuX733zyok/jsnqe/Ftw==",
    49  		"01234567890123456789012345678901234567890123456789012",
    50  	},
    51  }
    52  
    53  func TestDecryptPKCS1v15(t *testing.T) {
    54  	for i, test := range decryptPKCS1v15Tests {
    55  		out, err := DecryptPKCS1v15(nil, rsaPrivateKey, decodeBase64(test.in))
    56  		if err != nil {
    57  			t.Errorf("#%d error decrypting", i)
    58  		}
    59  		want := []byte(test.out)
    60  		if !bytes.Equal(out, want) {
    61  			t.Errorf("#%d got:%#v want:%#v", i, out, want)
    62  		}
    63  	}
    64  }
    65  
    66  func TestEncryptPKCS1v15(t *testing.T) {
    67  	random := rand.Reader
    68  	k := (rsaPrivateKey.N.BitLen() + 7) / 8
    69  
    70  	tryEncryptDecrypt := func(in []byte, blind bool) bool {
    71  		if len(in) > k-11 {
    72  			in = in[0 : k-11]
    73  		}
    74  
    75  		ciphertext, err := EncryptPKCS1v15(random, &rsaPrivateKey.PublicKey, in)
    76  		if err != nil {
    77  			t.Errorf("error encrypting: %s", err)
    78  			return false
    79  		}
    80  
    81  		var rand io.Reader
    82  		if !blind {
    83  			rand = nil
    84  		} else {
    85  			rand = random
    86  		}
    87  		plaintext, err := DecryptPKCS1v15(rand, rsaPrivateKey, ciphertext)
    88  		if err != nil {
    89  			t.Errorf("error decrypting: %s", err)
    90  			return false
    91  		}
    92  
    93  		if !bytes.Equal(plaintext, in) {
    94  			t.Errorf("output mismatch: %#v %#v", plaintext, in)
    95  			return false
    96  		}
    97  		return true
    98  	}
    99  
   100  	config := new(quick.Config)
   101  	if testing.Short() {
   102  		config.MaxCount = 10
   103  	}
   104  	quick.Check(tryEncryptDecrypt, config)
   105  }
   106  
   107  // These test vectors were generated with `openssl rsautl -pkcs -encrypt`
   108  var decryptPKCS1v15SessionKeyTests = []DecryptPKCS1v15Test{
   109  	{
   110  		"e6ukkae6Gykq0fKzYwULpZehX+UPXYzMoB5mHQUDEiclRbOTqas4Y0E6nwns1BBpdvEJcilhl5zsox/6DtGsYg==",
   111  		"1234",
   112  	},
   113  	{
   114  		"Dtis4uk/q/LQGGqGk97P59K03hkCIVFMEFZRgVWOAAhxgYpCRG0MX2adptt92l67IqMki6iVQyyt0TtX3IdtEw==",
   115  		"FAIL",
   116  	},
   117  	{
   118  		"LIyFyCYCptPxrvTxpol8F3M7ZivlMsf53zs0vHRAv+rDIh2YsHS69ePMoPMe3TkOMZ3NupiL3takPxIs1sK+dw==",
   119  		"abcd",
   120  	},
   121  	{
   122  		"bafnobel46bKy76JzqU/RIVOH0uAYvzUtauKmIidKgM0sMlvobYVAVQPeUQ/oTGjbIZ1v/6Gyi5AO4DtHruGdw==",
   123  		"FAIL",
   124  	},
   125  }
   126  
   127  func TestEncryptPKCS1v15SessionKey(t *testing.T) {
   128  	for i, test := range decryptPKCS1v15SessionKeyTests {
   129  		key := []byte("FAIL")
   130  		err := DecryptPKCS1v15SessionKey(nil, rsaPrivateKey, decodeBase64(test.in), key)
   131  		if err != nil {
   132  			t.Errorf("#%d error decrypting", i)
   133  		}
   134  		want := []byte(test.out)
   135  		if !bytes.Equal(key, want) {
   136  			t.Errorf("#%d got:%#v want:%#v", i, key, want)
   137  		}
   138  	}
   139  }
   140  
   141  func TestNonZeroRandomBytes(t *testing.T) {
   142  	random := rand.Reader
   143  
   144  	b := make([]byte, 512)
   145  	err := nonZeroRandomBytes(b, random)
   146  	if err != nil {
   147  		t.Errorf("returned error: %s", err)
   148  	}
   149  	for _, b := range b {
   150  		if b == 0 {
   151  			t.Errorf("Zero octet found")
   152  			return
   153  		}
   154  	}
   155  }
   156  
   157  type signPKCS1v15Test struct {
   158  	in, out string
   159  }
   160  
   161  // These vectors have been tested with
   162  //   `openssl rsautl -verify -inkey pk -in signature | hexdump -C`
   163  var signPKCS1v15Tests = []signPKCS1v15Test{
   164  	{"Test.\n", "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e336ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae"},
   165  }
   166  
   167  func TestSignPKCS1v15(t *testing.T) {
   168  	for i, test := range signPKCS1v15Tests {
   169  		h := sha1.New()
   170  		h.Write([]byte(test.in))
   171  		digest := h.Sum(nil)
   172  
   173  		s, err := SignPKCS1v15(nil, rsaPrivateKey, crypto.SHA1, digest)
   174  		if err != nil {
   175  			t.Errorf("#%d %s", i, err)
   176  		}
   177  
   178  		expected, _ := hex.DecodeString(test.out)
   179  		if !bytes.Equal(s, expected) {
   180  			t.Errorf("#%d got: %x want: %x", i, s, expected)
   181  		}
   182  	}
   183  }
   184  
   185  func TestVerifyPKCS1v15(t *testing.T) {
   186  	for i, test := range signPKCS1v15Tests {
   187  		h := sha1.New()
   188  		h.Write([]byte(test.in))
   189  		digest := h.Sum(nil)
   190  
   191  		sig, _ := hex.DecodeString(test.out)
   192  
   193  		err := VerifyPKCS1v15(&rsaPrivateKey.PublicKey, crypto.SHA1, digest, sig)
   194  		if err != nil {
   195  			t.Errorf("#%d %s", i, err)
   196  		}
   197  	}
   198  }
   199  
   200  func TestOverlongMessagePKCS1v15(t *testing.T) {
   201  	ciphertext := decodeBase64("fjOVdirUzFoLlukv80dBllMLjXythIf22feqPrNo0YoIjzyzyoMFiLjAc/Y4krkeZ11XFThIrEvw\nkRiZcCq5ng==")
   202  	_, err := DecryptPKCS1v15(nil, rsaPrivateKey, ciphertext)
   203  	if err == nil {
   204  		t.Error("RSA decrypted a message that was too long.")
   205  	}
   206  }
   207  
   208  // In order to generate new test vectors you'll need the PEM form of this key:
   209  // -----BEGIN RSA PRIVATE KEY-----
   210  // MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0
   211  // fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu
   212  // /ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu
   213  // RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/
   214  // EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A
   215  // IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS
   216  // tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V
   217  // -----END RSA PRIVATE KEY-----
   218  
   219  var rsaPrivateKey = &PrivateKey{
   220  	PublicKey: PublicKey{
   221  		N: fromBase10("9353930466774385905609975137998169297361893554149986716853295022578535724979677252958524466350471210367835187480748268864277464700638583474144061408845077"),
   222  		E: 65537,
   223  	},
   224  	D: fromBase10("7266398431328116344057699379749222532279343923819063639497049039389899328538543087657733766554155839834519529439851673014800261285757759040931985506583861"),
   225  	Primes: []*big.Int{
   226  		fromBase10("98920366548084643601728869055592650835572950932266967461790948584315647051443"),
   227  		fromBase10("94560208308847015747498523884063394671606671904944666360068158221458669711639"),
   228  	},
   229  }