1 // Copyright 2009 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
19 func decodeBase64(in
string) []byte {
20 out
:= make([]byte, base64
.StdEncoding
.DecodedLen(len(in
)))
21 n
, err
:= base64
.StdEncoding
.Decode(out
, []byte(in
))
28 type DecryptPKCS1v15Test
struct {
32 // These test vectors were generated with `openssl rsautl -pkcs -encrypt`
33 var decryptPKCS1v15Tests
= []DecryptPKCS1v15Test
{
35 "gIcUIoVkD6ATMBk/u/nlCZCCWRKdkfjCgFdo35VpRXLduiKXhNz1XupLLzTXAybEq15juc+EgY5o0DHv/nt3yg==",
39 "Y7TOCSqofGhkRb+jaVRLzK8xw2cSo1IVES19utzv6hwvx+M8kFsoWQm5DzBeJCZTCVDPkTpavUuEbgp8hnUGDw==",
43 "arReP9DJtEVyV2Dg3dDp4c/PSk1O6lxkoJ8HcFupoRorBZG+7+1fDAwT1olNddFnQMjmkb8vxwmNMoTAT/BFjQ==",
47 "WtaBXIoGC54+vH0NH0CHHE+dRDOsMc/6BrfFu2lEqcKL9+uDuWaf+Xj9mrbQCjjZcpQuX733zyok/jsnqe/Ftw==",
48 "01234567890123456789012345678901234567890123456789012",
52 func TestDecryptPKCS1v15(t
*testing
.T
) {
53 for i
, test
:= range decryptPKCS1v15Tests
{
54 out
, err
:= DecryptPKCS1v15(nil, rsaPrivateKey
, decodeBase64(test
.in
))
56 t
.Errorf("#%d error decrypting", i
)
58 want
:= []byte(test
.out
)
59 if bytes
.Compare(out
, want
) != 0 {
60 t
.Errorf("#%d got:%#v want:%#v", i
, out
, want
)
65 func TestEncryptPKCS1v15(t
*testing
.T
) {
67 k
:= (rsaPrivateKey
.N
.BitLen() + 7) / 8
69 tryEncryptDecrypt
:= func(in
[]byte, blind
bool) bool {
74 ciphertext
, err
:= EncryptPKCS1v15(random
, &rsaPrivateKey
.PublicKey
, in
)
76 t
.Errorf("error encrypting: %s", err
)
86 plaintext
, err
:= DecryptPKCS1v15(rand
, rsaPrivateKey
, ciphertext
)
88 t
.Errorf("error decrypting: %s", err
)
92 if bytes
.Compare(plaintext
, in
) != 0 {
93 t
.Errorf("output mismatch: %#v %#v", plaintext
, in
)
99 quick
.Check(tryEncryptDecrypt
, nil)
102 // These test vectors were generated with `openssl rsautl -pkcs -encrypt`
103 var decryptPKCS1v15SessionKeyTests
= []DecryptPKCS1v15Test
{
105 "e6ukkae6Gykq0fKzYwULpZehX+UPXYzMoB5mHQUDEiclRbOTqas4Y0E6nwns1BBpdvEJcilhl5zsox/6DtGsYg==",
109 "Dtis4uk/q/LQGGqGk97P59K03hkCIVFMEFZRgVWOAAhxgYpCRG0MX2adptt92l67IqMki6iVQyyt0TtX3IdtEw==",
113 "LIyFyCYCptPxrvTxpol8F3M7ZivlMsf53zs0vHRAv+rDIh2YsHS69ePMoPMe3TkOMZ3NupiL3takPxIs1sK+dw==",
117 "bafnobel46bKy76JzqU/RIVOH0uAYvzUtauKmIidKgM0sMlvobYVAVQPeUQ/oTGjbIZ1v/6Gyi5AO4DtHruGdw==",
122 func TestEncryptPKCS1v15SessionKey(t
*testing
.T
) {
123 for i
, test
:= range decryptPKCS1v15SessionKeyTests
{
124 key
:= []byte("FAIL")
125 err
:= DecryptPKCS1v15SessionKey(nil, rsaPrivateKey
, decodeBase64(test
.in
), key
)
127 t
.Errorf("#%d error decrypting", i
)
129 want
:= []byte(test
.out
)
130 if bytes
.Compare(key
, want
) != 0 {
131 t
.Errorf("#%d got:%#v want:%#v", i
, key
, want
)
136 func TestNonZeroRandomBytes(t
*testing
.T
) {
137 random
:= rand
.Reader
139 b
:= make([]byte, 512)
140 err
:= nonZeroRandomBytes(b
, random
)
142 t
.Errorf("returned error: %s", err
)
144 for _
, b
:= range b
{
146 t
.Errorf("Zero octet found")
152 type signPKCS1v15Test
struct {
156 // These vectors have been tested with
157 // `openssl rsautl -verify -inkey pk -in signature | hexdump -C`
158 var signPKCS1v15Tests
= []signPKCS1v15Test
{
159 {"Test.\n", "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e336ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae"},
162 func TestSignPKCS1v15(t
*testing
.T
) {
163 for i
, test
:= range signPKCS1v15Tests
{
165 h
.Write([]byte(test
.in
))
168 s
, err
:= SignPKCS1v15(nil, rsaPrivateKey
, HashSHA1
, digest
)
170 t
.Errorf("#%d %s", i
, err
)
173 expected
, _
:= hex
.DecodeString(test
.out
)
174 if bytes
.Compare(s
, expected
) != 0 {
175 t
.Errorf("#%d got: %x want: %x", i
, s
, expected
)
180 func TestVerifyPKCS1v15(t
*testing
.T
) {
181 for i
, test
:= range signPKCS1v15Tests
{
183 h
.Write([]byte(test
.in
))
186 sig
, _
:= hex
.DecodeString(test
.out
)
188 err
:= VerifyPKCS1v15(&rsaPrivateKey
.PublicKey
, HashSHA1
, digest
, sig
)
190 t
.Errorf("#%d %s", i
, err
)
195 func bigFromString(s
string) *big
.Int
{
201 // In order to generate new test vectors you'll need the PEM form of this key:
202 // -----BEGIN RSA PRIVATE KEY-----
203 // MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0
204 // fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu
205 // /ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu
206 // RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/
207 // EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A
208 // IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS
209 // tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V
210 // -----END RSA PRIVATE KEY-----
212 var rsaPrivateKey
= &PrivateKey
{
213 PublicKey
: PublicKey
{
214 N
: bigFromString("9353930466774385905609975137998169297361893554149986716853295022578535724979677252958524466350471210367835187480748268864277464700638583474144061408845077"),
217 D
: bigFromString("7266398431328116344057699379749222532279343923819063639497049039389899328538543087657733766554155839834519529439851673014800261285757759040931985506583861"),
218 P
: bigFromString("98920366548084643601728869055592650835572950932266967461790948584315647051443"),
219 Q
: bigFromString("94560208308847015747498523884063394671606671904944666360068158221458669711639"),