vendor/golang.org/x/crypto/openpgp/packet/private_key_test.go

   1 // Copyright 2011 The Go Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style
   3 // license that can be found in the LICENSE file.
   4
   5 package packet
   6
   7 import (
   8         "bytes"
   9         "crypto"
  10         "crypto/ecdsa"
  11         "crypto/elliptic"
  12         "crypto/rand"
  13         "crypto/rsa"
  14         "crypto/x509"
  15         "encoding/hex"
  16         "hash"
  17         "io"
  18         "testing"
  19         "time"
  20 )
  21
  22 var privateKeyTests = []struct {
  23         privateKeyHex string
  24         creationTime  time.Time
  25 }{
  26         {
  27                 privKeyRSAHex,
  28                 time.Unix(0x4cc349a8, 0),
  29         },
  30         {
  31                 privKeyElGamalHex,
  32                 time.Unix(0x4df9ee1a, 0),
  33         },
  34 }
  35
  36 func TestPrivateKeyRead(t *testing.T) {
  37         for i, test := range privateKeyTests {
  38                 packet, err := Read(readerFromHex(test.privateKeyHex))
  39                 if err != nil {
  40                         t.Errorf("#%d: failed to parse: %s", i, err)
  41                         continue
  42                 }
  43
  44                 privKey := packet.(*PrivateKey)
  45
  46                 if !privKey.Encrypted {
  47                         t.Errorf("#%d: private key isn't encrypted", i)
  48                         continue
  49                 }
  50
  51                 err = privKey.Decrypt([]byte("wrong password"))
  52                 if err == nil {
  53                         t.Errorf("#%d: decrypted with incorrect key", i)
  54                         continue
  55                 }
  56
  57                 err = privKey.Decrypt([]byte("testing"))
  58                 if err != nil {
  59                         t.Errorf("#%d: failed to decrypt: %s", i, err)
  60                         continue
  61                 }
  62
  63                 if !privKey.CreationTime.Equal(test.creationTime) || privKey.Encrypted {
  64                         t.Errorf("#%d: bad result, got: %#v", i, privKey)
  65                 }
  66         }
  67 }
  68
  69 func populateHash(hashFunc crypto.Hash, msg []byte) (hash.Hash, error) {
  70         h := hashFunc.New()
  71         if _, err := h.Write(msg); err != nil {
  72                 return nil, err
  73         }
  74         return h, nil
  75 }
  76
  77 func TestRSAPrivateKey(t *testing.T) {
  78         privKeyDER, _ := hex.DecodeString(pkcs1PrivKeyHex)
  79         rsaPriv, err := x509.ParsePKCS1PrivateKey(privKeyDER)
  80         if err != nil {
  81                 t.Fatal(err)
  82         }
  83
  84         var buf bytes.Buffer
  85         if err := NewRSAPrivateKey(time.Now(), rsaPriv).Serialize(&buf); err != nil {
  86                 t.Fatal(err)
  87         }
  88
  89         p, err := Read(&buf)
  90         if err != nil {
  91                 t.Fatal(err)
  92         }
  93
  94         priv, ok := p.(*PrivateKey)
  95         if !ok {
  96                 t.Fatal("didn't parse private key")
  97         }
  98
  99         sig := &Signature{
 100                 PubKeyAlgo: PubKeyAlgoRSA,
 101                 Hash:       crypto.SHA256,
 102         }
 103         msg := []byte("Hello World!")
 104
 105         h, err := populateHash(sig.Hash, msg)
 106         if err != nil {
 107                 t.Fatal(err)
 108         }
 109         if err := sig.Sign(h, priv, nil); err != nil {
 110                 t.Fatal(err)
 111         }
 112
 113         if h, err = populateHash(sig.Hash, msg); err != nil {
 114                 t.Fatal(err)
 115         }
 116         if err := priv.VerifySignature(h, sig); err != nil {
 117                 t.Fatal(err)
 118         }
 119 }
 120
 121 func TestECDSAPrivateKey(t *testing.T) {
 122         ecdsaPriv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 123         if err != nil {
 124                 t.Fatal(err)
 125         }
 126
 127         var buf bytes.Buffer
 128         if err := NewECDSAPrivateKey(time.Now(), ecdsaPriv).Serialize(&buf); err != nil {
 129                 t.Fatal(err)
 130         }
 131
 132         p, err := Read(&buf)
 133         if err != nil {
 134                 t.Fatal(err)
 135         }
 136
 137         priv, ok := p.(*PrivateKey)
 138         if !ok {
 139                 t.Fatal("didn't parse private key")
 140         }
 141
 142         sig := &Signature{
 143                 PubKeyAlgo: PubKeyAlgoECDSA,
 144                 Hash:       crypto.SHA256,
 145         }
 146         msg := []byte("Hello World!")
 147
 148         h, err := populateHash(sig.Hash, msg)
 149         if err != nil {
 150                 t.Fatal(err)
 151         }
 152         if err := sig.Sign(h, priv, nil); err != nil {
 153                 t.Fatal(err)
 154         }
 155
 156         if h, err = populateHash(sig.Hash, msg); err != nil {
 157                 t.Fatal(err)
 158         }
 159         if err := priv.VerifySignature(h, sig); err != nil {
 160                 t.Fatal(err)
 161         }
 162 }
 163
 164 type rsaSigner struct {
 165         priv *rsa.PrivateKey
 166 }
 167
 168 func (s *rsaSigner) Public() crypto.PublicKey {
 169         return s.priv.PublicKey
 170 }
 171
 172 func (s *rsaSigner) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error) {
 173         return s.priv.Sign(rand, msg, opts)
 174 }
 175
 176 func TestRSASignerPrivateKey(t *testing.T) {
 177         rsaPriv, err := rsa.GenerateKey(rand.Reader, 1024)
 178         if err != nil {
 179                 t.Fatal(err)
 180         }
 181
 182         priv := NewSignerPrivateKey(time.Now(), &rsaSigner{rsaPriv})
 183
 184         if priv.PubKeyAlgo != PubKeyAlgoRSASignOnly {
 185                 t.Fatal("NewSignerPrivateKey should have made a sign-only RSA private key")
 186         }
 187
 188         sig := &Signature{
 189                 PubKeyAlgo: PubKeyAlgoRSASignOnly,
 190                 Hash:       crypto.SHA256,
 191         }
 192         msg := []byte("Hello World!")
 193
 194         h, err := populateHash(sig.Hash, msg)
 195         if err != nil {
 196                 t.Fatal(err)
 197         }
 198         if err := sig.Sign(h, priv, nil); err != nil {
 199                 t.Fatal(err)
 200         }
 201
 202         if h, err = populateHash(sig.Hash, msg); err != nil {
 203                 t.Fatal(err)
 204         }
 205         if err := priv.VerifySignature(h, sig); err != nil {
 206                 t.Fatal(err)
 207         }
 208 }
 209
 210 type ecdsaSigner struct {
 211         priv *ecdsa.PrivateKey
 212 }
 213
 214 func (s *ecdsaSigner) Public() crypto.PublicKey {
 215         return s.priv.PublicKey
 216 }
 217
 218 func (s *ecdsaSigner) Sign(rand io.Reader, msg []byte, opts crypto.SignerOpts) ([]byte, error) {
 219         return s.priv.Sign(rand, msg, opts)
 220 }
 221
 222 func TestECDSASignerPrivateKey(t *testing.T) {
 223         ecdsaPriv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 224         if err != nil {
 225                 t.Fatal(err)
 226         }
 227
 228         priv := NewSignerPrivateKey(time.Now(), &ecdsaSigner{ecdsaPriv})
 229
 230         if priv.PubKeyAlgo != PubKeyAlgoECDSA {
 231                 t.Fatal("NewSignerPrivateKey should have made a ECSDA private key")
 232         }
 233
 234         sig := &Signature{
 235                 PubKeyAlgo: PubKeyAlgoECDSA,
 236                 Hash:       crypto.SHA256,
 237         }
 238         msg := []byte("Hello World!")
 239
 240         h, err := populateHash(sig.Hash, msg)
 241         if err != nil {
 242                 t.Fatal(err)
 243         }
 244         if err := sig.Sign(h, priv, nil); err != nil {
 245                 t.Fatal(err)
 246         }
 247
 248         if h, err = populateHash(sig.Hash, msg); err != nil {
 249                 t.Fatal(err)
 250         }
 251         if err := priv.VerifySignature(h, sig); err != nil {
 252                 t.Fatal(err)
 253         }
 254 }
 255
 256 func TestIssue11505(t *testing.T) {
 257         // parsing a rsa private key with p or q == 1 used to panic due to a divide by zero
 258         _, _ = Read(readerFromHex("9c3004303030300100000011303030000000000000010130303030303030303030303030303030303030303030303030303030303030303030303030303030303030"))
 259 }
 260
 261 // Generated with `gpg --export-secret-keys "Test Key 2"`
 262 const privKeyRSAHex = "9501fe044cc349a8010400b70ca0010e98c090008d45d1ee8f9113bd5861fd57b88bacb7c68658747663f1e1a3b5a98f32fda6472373c024b97359cd2efc88ff60f77751adfbf6af5e615e6a1408cfad8bf0cea30b0d5f53aa27ad59089ba9b15b7ebc2777a25d7b436144027e3bcd203909f147d0e332b240cf63d3395f5dfe0df0a6c04e8655af7eacdf0011010001fe0303024a252e7d475fd445607de39a265472aa74a9320ba2dac395faa687e9e0336aeb7e9a7397e511b5afd9dc84557c80ac0f3d4d7bfec5ae16f20d41c8c84a04552a33870b930420e230e179564f6d19bb153145e76c33ae993886c388832b0fa042ddda7f133924f3854481533e0ede31d51278c0519b29abc3bf53da673e13e3e1214b52413d179d7f66deee35cac8eacb060f78379d70ef4af8607e68131ff529439668fc39c9ce6dfef8a5ac234d234802cbfb749a26107db26406213ae5c06d4673253a3cbee1fcbae58d6ab77e38d6e2c0e7c6317c48e054edadb5a40d0d48acb44643d998139a8a66bb820be1f3f80185bc777d14b5954b60effe2448a036d565c6bc0b915fcea518acdd20ab07bc1529f561c58cd044f723109b93f6fd99f876ff891d64306b5d08f48bab59f38695e9109c4dec34013ba3153488ce070268381ba923ee1eb77125b36afcb4347ec3478c8f2735b06ef17351d872e577fa95d0c397c88c71b59629a36aec"
 263
 264 // Generated by `gpg --export-secret-keys` followed by a manual extraction of
 265 // the ElGamal subkey from the packets.
 266 const privKeyElGamalHex = "9d0157044df9ee1a100400eb8e136a58ec39b582629cdadf830bc64e0a94ed8103ca8bb247b27b11b46d1d25297ef4bcc3071785ba0c0bedfe89eabc5287fcc0edf81ab5896c1c8e4b20d27d79813c7aede75320b33eaeeaa586edc00fd1036c10133e6ba0ff277245d0d59d04b2b3421b7244aca5f4a8d870c6f1c1fbff9e1c26699a860b9504f35ca1d700030503fd1ededd3b840795be6d9ccbe3c51ee42e2f39233c432b831ddd9c4e72b7025a819317e47bf94f9ee316d7273b05d5fcf2999c3a681f519b1234bbfa6d359b4752bd9c3f77d6b6456cde152464763414ca130f4e91d91041432f90620fec0e6d6b5116076c2985d5aeaae13be492b9b329efcaf7ee25120159a0a30cd976b42d7afe030302dae7eb80db744d4960c4df930d57e87fe81412eaace9f900e6c839817a614ddb75ba6603b9417c33ea7b6c93967dfa2bcff3fa3c74a5ce2c962db65b03aece14c96cbd0038fc"
 267
 268 // pkcs1PrivKeyHex is a PKCS#1, RSA private key.
 269 // Generated by `openssl genrsa 1024 | openssl rsa -outform DER  | xxd -p`
 270 const pkcs1PrivKeyHex = "3082025d02010002818100e98edfa1c3b35884a54d0b36a6a603b0290fa85e49e30fa23fc94fef9c6790bc4849928607aa48d809da326fb42a969d06ad756b98b9c1a90f5d4a2b6d0ac05953c97f4da3120164a21a679793ce181c906dc01d235cc085ddcdf6ea06c389b6ab8885dfd685959e693138856a68a7e5db263337ff82a088d583a897cf2d59e9020301000102818100b6d5c9eb70b02d5369b3ee5b520a14490b5bde8a317d36f7e4c74b7460141311d1e5067735f8f01d6f5908b2b96fbd881f7a1ab9a84d82753e39e19e2d36856be960d05ac9ef8e8782ea1b6d65aee28fdfe1d61451e8cff0adfe84322f12cf455028b581cf60eb9e0e140ba5d21aeba6c2634d7c65318b9a665fc01c3191ca21024100fa5e818da3705b0fa33278bb28d4b6f6050388af2d4b75ec9375dd91ccf2e7d7068086a8b82a8f6282e4fbbdb8a7f2622eb97295249d87acea7f5f816f54d347024100eecf9406d7dc49cdfb95ab1eff4064de84c7a30f64b2798936a0d2018ba9eb52e4b636f82e96c49cc63b80b675e91e40d1b2e4017d4b9adaf33ab3d9cf1c214f024100c173704ace742c082323066226a4655226819a85304c542b9dacbeacbf5d1881ee863485fcf6f59f3a604f9b42289282067447f2b13dfeed3eab7851fc81e0550240741fc41f3fc002b382eed8730e33c5d8de40256e4accee846667f536832f711ab1d4590e7db91a8a116ac5bff3be13d3f9243ff2e976662aa9b395d907f8e9c9024046a5696c9ef882363e06c9fa4e2f5b580906452befba03f4a99d0f873697ef1f851d2226ca7934b30b7c3e80cb634a67172bbbf4781735fe3e09263e2dd723e7"