Source file
src/crypto/rsa/pkcs1v15_test.go
1
2
3
4
5 package rsa_test
6
7 import (
8 "bytes"
9 "crypto"
10 "crypto/rand"
11 . "crypto/rsa"
12 "crypto/sha1"
13 "crypto/sha256"
14 "crypto/x509"
15 "encoding/base64"
16 "encoding/hex"
17 "encoding/pem"
18 "io"
19 "testing"
20 "testing/quick"
21 )
22
23 func decodeBase64(in string) []byte {
24 out := make([]byte, base64.StdEncoding.DecodedLen(len(in)))
25 n, err := base64.StdEncoding.Decode(out, []byte(in))
26 if err != nil {
27 return nil
28 }
29 return out[0:n]
30 }
31
32 type DecryptPKCS1v15Test struct {
33 in, out string
34 }
35
36
37 var decryptPKCS1v15Tests = []DecryptPKCS1v15Test{
38 {
39 "gIcUIoVkD6ATMBk/u/nlCZCCWRKdkfjCgFdo35VpRXLduiKXhNz1XupLLzTXAybEq15juc+EgY5o0DHv/nt3yg==",
40 "x",
41 },
42 {
43 "Y7TOCSqofGhkRb+jaVRLzK8xw2cSo1IVES19utzv6hwvx+M8kFsoWQm5DzBeJCZTCVDPkTpavUuEbgp8hnUGDw==",
44 "testing.",
45 },
46 {
47 "arReP9DJtEVyV2Dg3dDp4c/PSk1O6lxkoJ8HcFupoRorBZG+7+1fDAwT1olNddFnQMjmkb8vxwmNMoTAT/BFjQ==",
48 "testing.\n",
49 },
50 {
51 "WtaBXIoGC54+vH0NH0CHHE+dRDOsMc/6BrfFu2lEqcKL9+uDuWaf+Xj9mrbQCjjZcpQuX733zyok/jsnqe/Ftw==",
52 "01234567890123456789012345678901234567890123456789012",
53 },
54 }
55
56 func TestDecryptPKCS1v15(t *testing.T) {
57 t.Setenv("GODEBUG", "rsa1024min=0")
58
59 decryptionFuncs := []func([]byte) ([]byte, error){
60 func(ciphertext []byte) (plaintext []byte, err error) {
61 return DecryptPKCS1v15(nil, test512Key, ciphertext)
62 },
63 func(ciphertext []byte) (plaintext []byte, err error) {
64 return test512Key.Decrypt(nil, ciphertext, nil)
65 },
66 }
67
68 for _, decryptFunc := range decryptionFuncs {
69 for i, test := range decryptPKCS1v15Tests {
70 out, err := decryptFunc(decodeBase64(test.in))
71 if err != nil {
72 t.Errorf("#%d error decrypting: %v", i, err)
73 }
74 want := []byte(test.out)
75 if !bytes.Equal(out, want) {
76 t.Errorf("#%d got:%#v want:%#v", i, out, want)
77 }
78 }
79 }
80 }
81
82 func TestEncryptPKCS1v15(t *testing.T) {
83 random := rand.Reader
84 k := (rsaPrivateKey.N.BitLen() + 7) / 8
85
86 tryEncryptDecrypt := func(in []byte, blind bool) bool {
87 if len(in) > k-11 {
88 in = in[0 : k-11]
89 }
90
91 ciphertext, err := EncryptPKCS1v15(random, &rsaPrivateKey.PublicKey, in)
92 if err != nil {
93 t.Errorf("error encrypting: %s", err)
94 return false
95 }
96
97 var rand io.Reader
98 if !blind {
99 rand = nil
100 } else {
101 rand = random
102 }
103 plaintext, err := DecryptPKCS1v15(rand, rsaPrivateKey, ciphertext)
104 if err != nil {
105 t.Errorf("error decrypting: %s", err)
106 return false
107 }
108
109 if !bytes.Equal(plaintext, in) {
110 t.Errorf("output mismatch: %#v %#v", plaintext, in)
111 return false
112 }
113 return true
114 }
115
116 config := new(quick.Config)
117 if testing.Short() {
118 config.MaxCount = 10
119 }
120 quick.Check(tryEncryptDecrypt, config)
121 }
122
123
124 var decryptPKCS1v15SessionKeyTests = []DecryptPKCS1v15Test{
125 {
126 "e6ukkae6Gykq0fKzYwULpZehX+UPXYzMoB5mHQUDEiclRbOTqas4Y0E6nwns1BBpdvEJcilhl5zsox/6DtGsYg==",
127 "1234",
128 },
129 {
130 "Dtis4uk/q/LQGGqGk97P59K03hkCIVFMEFZRgVWOAAhxgYpCRG0MX2adptt92l67IqMki6iVQyyt0TtX3IdtEw==",
131 "FAIL",
132 },
133 {
134 "LIyFyCYCptPxrvTxpol8F3M7ZivlMsf53zs0vHRAv+rDIh2YsHS69ePMoPMe3TkOMZ3NupiL3takPxIs1sK+dw==",
135 "abcd",
136 },
137 {
138 "bafnobel46bKy76JzqU/RIVOH0uAYvzUtauKmIidKgM0sMlvobYVAVQPeUQ/oTGjbIZ1v/6Gyi5AO4DtHruGdw==",
139 "FAIL",
140 },
141 }
142
143 func TestEncryptPKCS1v15SessionKey(t *testing.T) {
144 t.Setenv("GODEBUG", "rsa1024min=0")
145 for i, test := range decryptPKCS1v15SessionKeyTests {
146 key := []byte("FAIL")
147 err := DecryptPKCS1v15SessionKey(nil, test512Key, decodeBase64(test.in), key)
148 if err != nil {
149 t.Errorf("#%d error decrypting", i)
150 }
151 want := []byte(test.out)
152 if !bytes.Equal(key, want) {
153 t.Errorf("#%d got:%#v want:%#v", i, key, want)
154 }
155 }
156 }
157
158 func TestEncryptPKCS1v15DecrypterSessionKey(t *testing.T) {
159 t.Setenv("GODEBUG", "rsa1024min=0")
160 for i, test := range decryptPKCS1v15SessionKeyTests {
161 plaintext, err := test512Key.Decrypt(rand.Reader, decodeBase64(test.in), &PKCS1v15DecryptOptions{SessionKeyLen: 4})
162 if err != nil {
163 t.Fatalf("#%d: error decrypting: %s", i, err)
164 }
165 if len(plaintext) != 4 {
166 t.Fatalf("#%d: incorrect length plaintext: got %d, want 4", i, len(plaintext))
167 }
168
169 if test.out != "FAIL" && !bytes.Equal(plaintext, []byte(test.out)) {
170 t.Errorf("#%d: incorrect plaintext: got %x, want %x", i, plaintext, test.out)
171 }
172 }
173 }
174
175 func TestNonZeroRandomBytes(t *testing.T) {
176 random := rand.Reader
177
178 b := make([]byte, 512)
179 err := NonZeroRandomBytes(b, random)
180 if err != nil {
181 t.Errorf("returned error: %s", err)
182 }
183 for _, b := range b {
184 if b == 0 {
185 t.Errorf("Zero octet found")
186 return
187 }
188 }
189 }
190
191 type signPKCS1v15Test struct {
192 in, out string
193 }
194
195
196
197
198 var signPKCS1v15Tests = []signPKCS1v15Test{
199 {"Test.\n", "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e336ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae"},
200 }
201
202 func TestSignPKCS1v15(t *testing.T) {
203 t.Setenv("GODEBUG", "rsa1024min=0")
204 for i, test := range signPKCS1v15Tests {
205 h := sha1.New()
206 h.Write([]byte(test.in))
207 digest := h.Sum(nil)
208
209 s, err := SignPKCS1v15(nil, test512Key, crypto.SHA1, digest)
210 if err != nil {
211 t.Errorf("#%d %s", i, err)
212 }
213
214 expected, _ := hex.DecodeString(test.out)
215 if !bytes.Equal(s, expected) {
216 t.Errorf("#%d got: %x want: %x", i, s, expected)
217 }
218 }
219 }
220
221 func TestVerifyPKCS1v15(t *testing.T) {
222 t.Setenv("GODEBUG", "rsa1024min=0")
223 for i, test := range signPKCS1v15Tests {
224 h := sha1.New()
225 h.Write([]byte(test.in))
226 digest := h.Sum(nil)
227
228 sig, _ := hex.DecodeString(test.out)
229
230 err := VerifyPKCS1v15(&test512Key.PublicKey, crypto.SHA1, digest, sig)
231 if err != nil {
232 t.Errorf("#%d %s", i, err)
233 }
234 }
235 }
236
237 func TestOverlongMessagePKCS1v15(t *testing.T) {
238 t.Setenv("GODEBUG", "rsa1024min=0")
239 ciphertext := decodeBase64("fjOVdirUzFoLlukv80dBllMLjXythIf22feqPrNo0YoIjzyzyoMFiLjAc/Y4krkeZ11XFThIrEvw\nkRiZcCq5ng==")
240 _, err := DecryptPKCS1v15(nil, test512Key, ciphertext)
241 if err == nil {
242 t.Error("RSA decrypted a message that was too long.")
243 }
244 }
245
246 func TestUnpaddedSignature(t *testing.T) {
247 t.Setenv("GODEBUG", "rsa1024min=0")
248
249 msg := []byte("Thu Dec 19 18:06:16 EST 2013\n")
250
251
252
253
254
255
256 expectedSig := decodeBase64("pX4DR8azytjdQ1rtUiC040FjkepuQut5q2ZFX1pTjBrOVKNjgsCDyiJDGZTCNoh9qpXYbhl7iEym30BWWwuiZg==")
257
258 sig, err := SignPKCS1v15(nil, test512Key, crypto.Hash(0), msg)
259 if err != nil {
260 t.Fatalf("SignPKCS1v15 failed: %s", err)
261 }
262 if !bytes.Equal(sig, expectedSig) {
263 t.Fatalf("signature is not expected value: got %x, want %x", sig, expectedSig)
264 }
265 if err := VerifyPKCS1v15(&test512Key.PublicKey, crypto.Hash(0), msg, sig); err != nil {
266 t.Fatalf("signature failed to verify: %s", err)
267 }
268 }
269
270 func TestShortSessionKey(t *testing.T) {
271
272
273 ciphertext, err := EncryptPKCS1v15(rand.Reader, &rsaPrivateKey.PublicKey, []byte{1})
274 if err != nil {
275 t.Fatalf("Failed to encrypt short message: %s", err)
276 }
277
278 var key [32]byte
279 if err := DecryptPKCS1v15SessionKey(nil, rsaPrivateKey, ciphertext, key[:]); err != nil {
280 t.Fatalf("Failed to decrypt short message: %s", err)
281 }
282
283 for _, v := range key {
284 if v != 0 {
285 t.Fatal("key was modified when ciphertext was invalid")
286 }
287 }
288 }
289
290 func parsePublicKey(s string) *PublicKey {
291 p, _ := pem.Decode([]byte(s))
292 k, err := x509.ParsePKCS1PublicKey(p.Bytes)
293 if err != nil {
294 panic(err)
295 }
296 return k
297 }
298
299 func TestShortPKCS1v15Signature(t *testing.T) {
300 pub := parsePublicKey(`-----BEGIN RSA PUBLIC KEY-----
301 MEgCQQCd9BVzo775lkohasxjnefF1nCMcNoibqIWEVDe/K7M2GSoO4zlSQB+gkix
302 O3AnTcdHB51iaZpWfxPSnew8yfulAgMBAAE=
303 -----END RSA PUBLIC KEY-----`)
304 sig, err := hex.DecodeString("193a310d0dcf64094c6e3a00c8219b80ded70535473acff72c08e1222974bb24a93a535b1dc4c59fc0e65775df7ba2007dd20e9193f4c4025a18a7070aee93")
305 if err != nil {
306 t.Fatalf("failed to decode signature: %s", err)
307 }
308
309 h := sha256.Sum256([]byte("hello"))
310 err = VerifyPKCS1v15(pub, crypto.SHA256, h[:], sig)
311 if err == nil {
312 t.Fatal("VerifyPKCS1v15 accepted a truncated signature")
313 }
314 }
315
View as plain text