1// Copyright 2009 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5package rsa_test 6 7import ( 8 "bufio" 9 "bytes" 10 "crypto" 11 "crypto/internal/boring" 12 "crypto/rand" 13 . "crypto/rsa" 14 "crypto/sha1" 15 "crypto/sha256" 16 "crypto/x509" 17 "encoding/pem" 18 "flag" 19 "fmt" 20 "internal/testenv" 21 "math/big" 22 "strings" 23 "testing" 24) 25 26func TestKeyGeneration(t *testing.T) { 27 for _, size := range []int{128, 1024, 2048, 3072} { 28 priv, err := GenerateKey(rand.Reader, size) 29 if err != nil { 30 t.Errorf("GenerateKey(%d): %v", size, err) 31 } 32 if bits := priv.N.BitLen(); bits != size { 33 t.Errorf("key too short (%d vs %d)", bits, size) 34 } 35 testKeyBasics(t, priv) 36 if testing.Short() { 37 break 38 } 39 } 40} 41 42func Test3PrimeKeyGeneration(t *testing.T) { 43 size := 768 44 if testing.Short() { 45 size = 256 46 } 47 48 priv, err := GenerateMultiPrimeKey(rand.Reader, 3, size) 49 if err != nil { 50 t.Errorf("failed to generate key") 51 } 52 testKeyBasics(t, priv) 53} 54 55func Test4PrimeKeyGeneration(t *testing.T) { 56 size := 768 57 if testing.Short() { 58 size = 256 59 } 60 61 priv, err := GenerateMultiPrimeKey(rand.Reader, 4, size) 62 if err != nil { 63 t.Errorf("failed to generate key") 64 } 65 testKeyBasics(t, priv) 66} 67 68func TestNPrimeKeyGeneration(t *testing.T) { 69 primeSize := 64 70 maxN := 24 71 if testing.Short() { 72 primeSize = 16 73 maxN = 16 74 } 75 // Test that generation of N-prime keys works for N > 4. 76 for n := 5; n < maxN; n++ { 77 priv, err := GenerateMultiPrimeKey(rand.Reader, n, 64+n*primeSize) 78 if err == nil { 79 testKeyBasics(t, priv) 80 } else { 81 t.Errorf("failed to generate %d-prime key", n) 82 } 83 } 84} 85 86func TestImpossibleKeyGeneration(t *testing.T) { 87 // This test ensures that trying to generate toy RSA keys doesn't enter 88 // an infinite loop. 89 for i := 0; i < 32; i++ { 90 GenerateKey(rand.Reader, i) 91 GenerateMultiPrimeKey(rand.Reader, 3, i) 92 GenerateMultiPrimeKey(rand.Reader, 4, i) 93 GenerateMultiPrimeKey(rand.Reader, 5, i) 94 } 95} 96 97func TestGnuTLSKey(t *testing.T) { 98 // This is a key generated by `certtool --generate-privkey --bits 128`. 99 // It's such that de ≢ 1 mod φ(n), but is congruent mod the order of 100 // the group. 101 priv := parseKey(testingKey(`-----BEGIN RSA TESTING KEY----- 102MGECAQACEQDar8EuoZuSosYtE9SeXSyPAgMBAAECEBf7XDET8e6jjTcfO7y/sykC 103CQDozXjCjkBzLQIJAPB6MqNbZaQrAghbZTdQoko5LQIIUp9ZiKDdYjMCCCCpqzmX 104d8Y7 105-----END RSA TESTING KEY-----`)) 106 testKeyBasics(t, priv) 107} 108 109func testKeyBasics(t *testing.T, priv *PrivateKey) { 110 if err := priv.Validate(); err != nil { 111 t.Errorf("Validate() failed: %s", err) 112 } 113 if priv.D.Cmp(priv.N) > 0 { 114 t.Errorf("private exponent too large") 115 } 116 117 msg := []byte("hi!") 118 enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg) 119 if err != nil { 120 t.Errorf("EncryptPKCS1v15: %v", err) 121 return 122 } 123 124 dec, err := DecryptPKCS1v15(nil, priv, enc) 125 if err != nil { 126 t.Errorf("DecryptPKCS1v15: %v", err) 127 return 128 } 129 if !bytes.Equal(dec, msg) { 130 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) 131 } 132} 133 134func TestAllocations(t *testing.T) { 135 if boring.Enabled { 136 t.Skip("skipping allocations test with BoringCrypto") 137 } 138 testenv.SkipIfOptimizationOff(t) 139 140 m := []byte("Hello Gophers") 141 c, err := EncryptPKCS1v15(rand.Reader, &test2048Key.PublicKey, m) 142 if err != nil { 143 t.Fatal(err) 144 } 145 146 if allocs := testing.AllocsPerRun(100, func() { 147 p, err := DecryptPKCS1v15(nil, test2048Key, c) 148 if err != nil { 149 t.Fatal(err) 150 } 151 if !bytes.Equal(p, m) { 152 t.Fatalf("unexpected output: %q", p) 153 } 154 }); allocs > 10 { 155 t.Errorf("expected less than 10 allocations, got %0.1f", allocs) 156 } 157} 158 159var allFlag = flag.Bool("all", false, "test all key sizes up to 2048") 160 161func TestEverything(t *testing.T) { 162 min := 32 163 max := 560 // any smaller than this and not all tests will run 164 if testing.Short() { 165 min = max 166 } 167 if *allFlag { 168 max = 2048 169 } 170 for size := min; size <= max; size++ { 171 size := size 172 t.Run(fmt.Sprintf("%d", size), func(t *testing.T) { 173 t.Parallel() 174 priv, err := GenerateKey(rand.Reader, size) 175 if err != nil { 176 t.Errorf("GenerateKey(%d): %v", size, err) 177 } 178 if bits := priv.N.BitLen(); bits != size { 179 t.Errorf("key too short (%d vs %d)", bits, size) 180 } 181 testEverything(t, priv) 182 }) 183 } 184} 185 186func testEverything(t *testing.T, priv *PrivateKey) { 187 if err := priv.Validate(); err != nil { 188 t.Errorf("Validate() failed: %s", err) 189 } 190 191 msg := []byte("test") 192 enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg) 193 if err == ErrMessageTooLong { 194 t.Log("key too small for EncryptPKCS1v15") 195 } else if err != nil { 196 t.Errorf("EncryptPKCS1v15: %v", err) 197 } 198 if err == nil { 199 dec, err := DecryptPKCS1v15(nil, priv, enc) 200 if err != nil { 201 t.Errorf("DecryptPKCS1v15: %v", err) 202 } 203 err = DecryptPKCS1v15SessionKey(nil, priv, enc, make([]byte, 4)) 204 if err != nil { 205 t.Errorf("DecryptPKCS1v15SessionKey: %v", err) 206 } 207 if !bytes.Equal(dec, msg) { 208 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) 209 } 210 } 211 212 label := []byte("label") 213 enc, err = EncryptOAEP(sha256.New(), rand.Reader, &priv.PublicKey, msg, label) 214 if err == ErrMessageTooLong { 215 t.Log("key too small for EncryptOAEP") 216 } else if err != nil { 217 t.Errorf("EncryptOAEP: %v", err) 218 } 219 if err == nil { 220 dec, err := DecryptOAEP(sha256.New(), nil, priv, enc, label) 221 if err != nil { 222 t.Errorf("DecryptOAEP: %v", err) 223 } 224 if !bytes.Equal(dec, msg) { 225 t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) 226 } 227 } 228 229 hash := sha256.Sum256(msg) 230 sig, err := SignPKCS1v15(nil, priv, crypto.SHA256, hash[:]) 231 if err == ErrMessageTooLong { 232 t.Log("key too small for SignPKCS1v15") 233 } else if err != nil { 234 t.Errorf("SignPKCS1v15: %v", err) 235 } 236 if err == nil { 237 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig) 238 if err != nil { 239 t.Errorf("VerifyPKCS1v15: %v", err) 240 } 241 sig[1] ^= 0x80 242 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig) 243 if err == nil { 244 t.Errorf("VerifyPKCS1v15 success for tampered signature") 245 } 246 sig[1] ^= 0x80 247 hash[1] ^= 0x80 248 err = VerifyPKCS1v15(&priv.PublicKey, crypto.SHA256, hash[:], sig) 249 if err == nil { 250 t.Errorf("VerifyPKCS1v15 success for tampered message") 251 } 252 hash[1] ^= 0x80 253 } 254 255 opts := &PSSOptions{SaltLength: PSSSaltLengthAuto} 256 sig, err = SignPSS(rand.Reader, priv, crypto.SHA256, hash[:], opts) 257 if err == ErrMessageTooLong { 258 t.Log("key too small for SignPSS with PSSSaltLengthAuto") 259 } else if err != nil { 260 t.Errorf("SignPSS: %v", err) 261 } 262 if err == nil { 263 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 264 if err != nil { 265 t.Errorf("VerifyPSS: %v", err) 266 } 267 sig[1] ^= 0x80 268 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 269 if err == nil { 270 t.Errorf("VerifyPSS success for tampered signature") 271 } 272 sig[1] ^= 0x80 273 hash[1] ^= 0x80 274 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 275 if err == nil { 276 t.Errorf("VerifyPSS success for tampered message") 277 } 278 hash[1] ^= 0x80 279 } 280 281 opts.SaltLength = PSSSaltLengthEqualsHash 282 sig, err = SignPSS(rand.Reader, priv, crypto.SHA256, hash[:], opts) 283 if err == ErrMessageTooLong { 284 t.Log("key too small for SignPSS with PSSSaltLengthEqualsHash") 285 } else if err != nil { 286 t.Errorf("SignPSS: %v", err) 287 } 288 if err == nil { 289 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 290 if err != nil { 291 t.Errorf("VerifyPSS: %v", err) 292 } 293 sig[1] ^= 0x80 294 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 295 if err == nil { 296 t.Errorf("VerifyPSS success for tampered signature") 297 } 298 sig[1] ^= 0x80 299 hash[1] ^= 0x80 300 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], sig, opts) 301 if err == nil { 302 t.Errorf("VerifyPSS success for tampered message") 303 } 304 hash[1] ^= 0x80 305 } 306 307 // Check that an input bigger than the modulus is handled correctly, 308 // whether it is longer than the byte size of the modulus or not. 309 c := bytes.Repeat([]byte{0xff}, priv.Size()) 310 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], c, opts) 311 if err == nil { 312 t.Errorf("VerifyPSS accepted a large signature") 313 } 314 _, err = DecryptPKCS1v15(nil, priv, c) 315 if err == nil { 316 t.Errorf("DecryptPKCS1v15 accepted a large ciphertext") 317 } 318 c = append(c, 0xff) 319 err = VerifyPSS(&priv.PublicKey, crypto.SHA256, hash[:], c, opts) 320 if err == nil { 321 t.Errorf("VerifyPSS accepted a long signature") 322 } 323 _, err = DecryptPKCS1v15(nil, priv, c) 324 if err == nil { 325 t.Errorf("DecryptPKCS1v15 accepted a long ciphertext") 326 } 327} 328 329func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") } 330 331func parseKey(s string) *PrivateKey { 332 p, _ := pem.Decode([]byte(s)) 333 if p.Type == "PRIVATE KEY" { 334 k, err := x509.ParsePKCS8PrivateKey(p.Bytes) 335 if err != nil { 336 panic(err) 337 } 338 return k.(*PrivateKey) 339 } 340 k, err := x509.ParsePKCS1PrivateKey(p.Bytes) 341 if err != nil { 342 panic(err) 343 } 344 return k 345} 346 347var test2048Key = parseKey(testingKey(`-----BEGIN TESTING KEY----- 348MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDNoyFUYeDuqw+k 349iyv47iBy/udbWmQdpbUZ8JobHv8uQrvL7sQN6l83teHgNJsXqtiLF3MC+K+XI6Dq 350hxUWfQwLip8WEnv7Jx/+53S8yp/CS4Jw86Q1bQHbZjFDpcoqSuwAxlegw18HNZCY 351fpipYnA1lYCm+MTjtgXJQbjA0dwUGCf4BDMqt+76Jk3XZF5975rftbkGoT9eu8Jt 352Xs5F5Xkwd8q3fkQz+fpLW4u9jrfFyQ61RRFkYrCjlhtGjYIzBHGgQM4n/sNXhiy5 353h0tA7Xa6NyYrN/OXe/Y1K8Rz/tzlvbMoxgZgtBuKo1N3m8ckFi7hUVK2eNv7GoAb 354teTTPrg/AgMBAAECggEAAnfsVpmsL3R0Bh4gXRpPeM63H6e1a8B8kyVwiO9o0cXX 355gKp9+P39izfB0Kt6lyCj/Wg+wOQT7rg5qy1yIw7fBHGmcjquxh3uN0s3YZ+Vcym6 356SAY5f0vh/OyJN9r3Uv8+Pc4jtb7So7QDzdWeZurssBmUB0avAMRdGNFGP5SyILcz 357l3Q59hTxQ4czRHKjZ06L1/sA+tFVbO1j39FN8nMOU/ovLF4lAmZTkQ6AP6n6XPHP 358B8Nq7jSYz6RDO200jzp6UsdrnjjkJRbzOxN/fn+ckCP+WYuq+y/d05ET9PdVa4qI 359Jyr80D9QgHmfztcecvYwoskGnkb2F4Tmp0WnAj/xVQKBgQD4TrMLyyHdbAr5hoSi 360p+r7qBQxnHxPe2FKO7aqagi4iPEHauEDgwPIcsOYota1ACiSs3BaESdJAClbqPYd 361HDI4c2DZ6opux6WYkSju+tVXYW6qarR3fzrP3fUCdz2c2NfruWOqq8YmjzAhTNPm 362YzvtzTdwheNYV0Vi71t1SfZmfQKBgQDUAgSUcrgXdGDnSbaNe6KwjY5oZWOQfZe2 363DUhqfN/JRFZj+EMfIIh6OQXnZqkp0FeRdfRAFl8Yz8ESHEs4j+TikLJEeOdfmYLS 364TWxlMPDTUGbUvSf4g358NJ8TlfYA7dYpSTNPXMRSLtsz1palmaDBTE/V2xKtTH6p 365VglRNRUKawKBgCPqBh2TkN9czC2RFkgMb4FcqycN0jEQ0F6TSnVVhtNiAzKmc8s1 366POvWJZJDIzjkv/mP+JUeXAdD/bdjNc26EU126rA6KzGgsMPjYv9FymusDPybGGUc 367Qt5j5RcpNgEkn/5ZPyAlXjCfjz+RxChTfAyGHRmqU9qoLMIFir3pJ7llAoGBAMNH 368sIxENwlzqyafoUUlEq/pU7kZWuJmrO2FwqRDraYoCiM/NCRhxRQ/ng6NY1gejepw 369abD2alXiV4alBSxubne6rFmhvA00y2mG40c6Ezmxn2ZpbX3dMQ6bMcPKp7QnXtLc 370mCSL4FGK02ImUNDsd0RVVFw51DRId4rmsuJYMK9NAoGAKlYdc4784ixTD2ZICIOC 371ZWPxPAyQUEA7EkuUhAX1bVNG6UJTYA8kmGcUCG4jPTgWzi00IyUUr8jK7efyU/zs 372qiJuVs1bia+flYIQpysMl1VzZh8gW1nkB4SVPm5l2wBvVJDIr9Mc6rueC/oVNkh2 373fLVGuFoTVIu2bF0cWAjNNMg= 374-----END TESTING KEY-----`)) 375 376var test3072Key = parseKey(testingKey(`-----BEGIN TESTING KEY----- 377MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQDJrvevql7G07LM 378xQAwAA1Oo8qUAkWfmpgrpxIUZE1QTyMCDaspQJGBBR2+iStrzi2NnWvyBz3jJWFZ 379LepnsMUFSXj5Ez6bEt2x9YbLAAVGhI6USrGAKqRdJ77+F7yIVCJWcV4vtTyN86IO 380UaHObwCR8GX7MUwJiRxDUZtYxJcwTMHSs4OWxNnqc+A8yRKn85CsCx0X9I1DULq+ 3815BL8gF3MUXvb2zYzIOGI1s3lXOo9tHVcRVB1eV7dZHDyYGxZ4Exj9eKhiOL52hE6 382ZPTWCCKbQnyBV3HYe+t8DscOG/IzaAzLrx1s6xnqKEe5lUQ03Ty9QN3tpqqLsC4b 383CUkdk6Ma43KXGkCmoPaGCkssSc9qOrwHrqoMkOnZDWOJ5mKHhINKWV/U7p54T7tx 384FWI3PFvvYevoPf7cQdJcChbIBvQ+LEuVZvmljhONUjIGKBaqBz5Sjv7Fd5BNnBGz 3858NwH6tYdT9kdTkCZdfrazbuhLxN0mhhXp2sePRV2KZsB7i7cUJMCAwEAAQKCAYAT 386fqunbxmehhu237tUaHTg1e6WHvVu54kaUxm+ydvlTY5N5ldV801Sl4AtXjdJwjy0 387qcj430qpTarawsLxMezhcB2BlKLNEjucC5EeHIrmAEMt7LMP90868prAweJHRTv/ 388zLvfcwPURClf0Uk0L0Dyr7Y+hnXZ8scTb2x2M06FQdjMY+4Yy+oKgm05mEVgNv1p 389e+DcjhbSMRf+rVoeeSQCmhprATCnLDWmE1QEqIC7OoR2SPxC1rAHnhatfwo00nwz 390rciN5YSOqoGa1WMNv6ut0HJWZnu5nR1OuZpaf+zrxlthMxPwhhPq0211J4fZviTO 391WLnubXD3/G9TN1TszeFuO7Ty8HYYkTJ3RLRrTRrfwhOtOJ4tkuwSJol3QIs1asab 392wYabuqyTv4+6JeoMBSLnMoA8rXSW9ti4gvJ1h8xMqmMF6e91Z0Fn7fvP5MCn/t8H 3938cIPhYLOhdPH5JMqxozb/a1s+JKvRTLnAXxNjlmyXzNvC+3Ixp4q9O8dWJ8Gt+EC 394gcEA+12m6iMXU3tBw1cYDcs/Jc0hOVgMAMgtnWZ4+p8RSucO/74bq82kdyAOJxao 395spAcK03NnpRBDcYsSyuQrE6AXQYel1Gj98mMtOirwt2T9vH5fHT6oKsqEu03hYIB 3965cggeie4wqKAOb9tVdShJk7YBJUgIXnAcqqmkD4oeUGzUV0QseQtspEHUJSqBQ9n 397yR4DmyMECgLm47S9LwPMtgRh9ADLBaZeuIRdBEKCDPgNkdya/dLb8u8kE8Ox3T3R 398+r2hAoHBAM1m1ZNqP9bEa74jZkpMxDN+vUdN7rZcxcpHu1nyii8OzXEopB+jByFA 399lmMqnKt8z5DRD0dmHXzOggnKJGO2j63/XFaVmsaXcM2B8wlRCqwm4mBE/bYCEKJl 400xqkDveICzwb1paWSgmFkjc6DN2g1jUd3ptOORuU38onrSphPHFxgyNlNTcOcXvxb 401GW4R8iPinvpkY3shluWqRQTvai1+gNQlmKMdqXvreUjKqJFCOhoRUVG/MDv8IdP2 402tXq43+UZswKBwQDSErOzi74r25/bVAdbR9gvjF7O4OGvKZzNpd1HfvbhxXcIjuXr 403UEK5+AU777ju+ndATZahiD9R9qP/8pnHFxg6JiocxnMlW8EHVEhv4+SMBjA+Ljlj 404W4kfJjc3ka5qTjWuQVIs/8fv+yayC7DeJhhsxACFWY5Xhn0LoZcLt7fYMNIKCauT 405R5d4ZbYt4nEXaMkUt0/h2gkCloNhLmjAWatPU/ZYc3FH/f8K11Z+5jPZCihSJw4A 4062pEpH2yffNHnHuECgcEAmxIWEHNYuwYT6brEETgfsFjxAZI+tIMZ+HtrYJ8R4DEm 407vVXXguMMEPi4ESosmfNiqYyMInVfscgeuNFZ48YCd3Sg++V6so/G5ABFwjTi/9Fj 408exbbDLxGXrTD5PokMyu3rSNr6bLQqELIJK8/93bmsJwO4Q07TPaOL73p1U90s/GF 4098TjBivrVY2RLsKPv0VPYfmWoDV/wkneYH/+4g5xMGt4/fHZ6bEn8iQ4ncXM0dlW4 410tSTIf6D80RAjNwG4VzitAoHAA8GLh22w+Cx8RPsj6xdrUiVFE+nNMMgeY8Mdjsrq 411Fh4jJb+4zwSML9R6iJu/LH5B7Fre2Te8QrYP+k/jIHPYJtGesVt/WlAtpDCNsC3j 4128CBzxwL6zkN+46pph35jPKUSaQQ2r8euNMp/sirkYcP8PpbdtifXCjN08QQIKsqj 41317IGHe9jZX/EVnSshCkXOBHG31buV10k5GSkeKcoDrkpp25wQ6FjW9L3Q68y6Y8r 4148h02sdAMB9Yc2A4EgzOySWoD 415-----END TESTING KEY-----`)) 416 417var test4096Key = parseKey(testingKey(`-----BEGIN TESTING KEY----- 418MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCmH55T2e8fdUaL 419iWVL2yI7d/wOu/sxI4nVGoiRMiSMlMZlOEZ4oJY6l2y9N/b8ftwoIpjYO8CBk5au 420x2Odgpuz+FJyHppvKakUIeAn4940zoNkRe/iptybIuH5tCBygjs0y1617TlR/c5+ 421FF5YRkzsEJrGcLqXzj0hDyrwdplBOv1xz2oHYlvKWWcVMR/qgwoRuj65Ef262t/Q 422ELH3+fFLzIIstFTk2co2WaALquOsOB6xGOJSAAr8cIAWe+3MqWM8DOcgBuhABA42 4239IhbBBw0uqTXUv/TGi6tcF29H2buSxAx/Wm6h2PstLd6IJAbWHAa6oTz87H0S6XZ 424v42cYoFhHma1OJw4id1oOZMFDTPDbHxgUnr2puSU+Fpxrj9+FWwViKE4j0YatbG9 425cNVpx9xo4NdvOkejWUrqziRorMZTk/zWKz0AkGQzTN3PrX0yy61BoWfznH/NXZ+o 426j3PqVtkUs6schoIYvrUcdhTCrlLwGSHhU1VKNGAUlLbNrIYTQNgt2gqvjLEsn4/i 427PgS1IsuDHIc7nGjzvKcuR0UeYCDkmBQqKrdhGbdJ1BRohzLdm+woRpjrqmUCbMa5 428VWWldJen0YyAlxNILvXMD117azeduseM1sZeGA9L8MmE12auzNbKr371xzgANSXn 429jRuyrblAZKc10kYStrcEmJdfNlzYAwIDAQABAoICABdQBpsD0W/buFuqm2GKzgIE 430c4Xp0XVy5EvYnmOp4sEru6/GtvUErDBqwaLIMMv8TY8AU+y8beaBPLsoVg1rn8gg 431yAklzExfT0/49QkEDFHizUOMIP7wpbLLsWSmZ4tKRV7CT3c+ZDXiZVECML84lmDm 432b6H7feQB2EhEZaU7L4Sc76ZCEkIZBoKeCz5JF46EdyxHs7erE61eO9xqC1+eXsNh 433Xr9BS0yWV69K4o/gmnS3p2747AHP6brFWuRM3fFDsB5kPScccQlSyF/j7yK+r+qi 434arGg/y+z0+sZAr6gooQ8Wnh5dJXtnBNCxSDJYw/DWHAeiyvk/gsndo3ZONlCZZ9u 435bpwBYx3hA2wTa5GUQxFM0KlI7Ftr9Cescf2jN6Ia48C6FcQsepMzD3jaMkLir8Jk 436/YD/s5KPzNvwPAyLnf7x574JeWuuxTIPx6b/fHVtboDK6j6XQnzrN2Hy3ngvlEFo 437zuGYVvtrz5pJXWGVSjZWG1kc9iXCdHKpmFdPj7XhU0gugTzQ/e5uRIqdOqfNLI37 438fppSuWkWd5uaAg0Zuhd+2L4LG2GhVdfFa1UeHBe/ncFKz1km9Bmjvt04TpxlRnVG 439wHxJZKlxpxCZ3AuLNUMP/QazPXO8OIfGOCbwkgFiqRY32mKDUvmEADBBoYpk/wBv 440qV99g5gvYFC5Le4QLzOJAoIBAQDcnqnK2tgkISJhsLs2Oj8vEcT7dU9vVnPSxTcC 441M0F+8ITukn33K0biUlA+ktcQaF+eeLjfbjkn/H0f2Ajn++ldT56MgAFutZkYvwxJ 4422A6PVB3jesauSpe8aqoKMDIj8HSA3+AwH+yU+yA9r5EdUq1S6PscP+5Wj22+thAa 443l65CFD77C0RX0lly5zdjQo3Vyca2HYGm/cshFCPRZc66TPjNAHFthbqktKjMQ91H 444Hg+Gun2zv8KqeSzMDeHnef4rVaWMIyIBzpu3QdkKPUXMQQxvJ+RW7+MORV9VjE7Z 445KVnHa/6x9n+jvtQ0ydHc2n0NOp6BQghTCB2G3w3JJfmPcRSNAoIBAQDAw6mPddoz 446UUzANMOYcFtos4EaWfTQE2okSLVAmLY2gtAK6ldTv6X9xl0IiC/DmWqiNZJ/WmVI 447glkp6iZhxBSmqov0X9P0M+jdz7CRnbZDFhQWPxSPicurYuPKs52IC08HgIrwErzT 448/lh+qRXEqzT8rTdftywj5fE89w52NPHBsMS07VhFsJtU4aY2Yl8y1PHeumXU6h66 449yTvoCLLxJPiLIg9PgvbMF+RiYyomIg75gwfx4zWvIvWdXifQBC88fE7lP2u5gtWL 450JUJaMy6LNKHn8YezvwQp0dRecvvoqzoApOuHfsPASHb9cfvcy/BxDXFMJO4QWCi1 4516WLaR835nKLPAoIBAFw7IHSjxNRl3b/FaJ6k/yEoZpdRVaIQHF+y/uo2j10IJCqw 452p2SbfQjErLNcI/jCCadwhKkzpUVoMs8LO73v/IF79aZ7JR4pYRWNWQ/N+VhGLDCb 453dVAL8x9b4DZeK7gGoE34SfsUfY1S5wmiyiHeHIOazs/ikjsxvwmJh3X2j20klafR 4548AJe9/InY2plunHz5tTfxQIQ+8iaaNbzntcXsrPRSZol2/9bX231uR4wHQGQGVj6 455A+HMwsOT0is5Pt7S8WCCl4b13vdf2eKD9xgK4a3emYEWzG985PwYqiXzOYs7RMEV 456cgr8ji57aPbRiJHtPbJ/7ob3z5BA07yR2aDz/0kCggEAZDyajHYNLAhHr98AIuGy 457NsS5CpnietzNoeaJEfkXL0tgoXxwQqVyzH7827XtmHnLgGP5NO4tosHdWbVflhEf 458Z/dhZYb7MY5YthcMyvvGziXJ9jOBHo7Z8Nowd7Rk41x2EQGfve0QcfBd1idYoXch 459y47LL6OReW1Vv4z84Szw1fZ0o1yUPVDzxPS9uKP4uvcOevJUh53isuB3nVYArvK5 460p6fjbEY+zaxS33KPdVrajJa9Z+Ptg4/bRqSycTHr2jkN0ZnkC4hkQMH0OfFJb6vD 4610VfAaBCZOqHZG/AQ3FFFjRY1P7UEV5WXAn3mKU+HTVJfKug9PxSIvueIttcF3Zm8 4628wKCAQAM43+DnGW1w34jpsTAeOXC5mhIz7J8spU6Uq5bJIheEE2AbX1z+eRVErZX 4631WsRNPsNrQfdt/b5IKboBbSYKoGxxRMngJI1eJqyj4LxZrACccS3euAlcU1q+3oN 464T10qfQol54KjGld/HVDhzbsZJxzLDqvPlroWgwLdOLDMXhwJYfTnqMEQkaG4Aawr 4653P14+Zp/woLiPWw3iZFcL/bt23IOa9YI0NoLhp5MFNXfIuzx2FhVz6BUSeVfQ6Ko 466Nx2YZ03g6Kt6B6c43LJx1a/zEPYSZcPERgWOSHlcjmwRfTs6uoN9xt1qs4zEUaKv 467Axreud3rJ0rekUp6rI1joG717Wls 468-----END TESTING KEY-----`)) 469 470func BenchmarkDecryptPKCS1v15(b *testing.B) { 471 b.Run("2048", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test2048Key) }) 472 b.Run("3072", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test3072Key) }) 473 b.Run("4096", func(b *testing.B) { benchmarkDecryptPKCS1v15(b, test4096Key) }) 474} 475 476func benchmarkDecryptPKCS1v15(b *testing.B, k *PrivateKey) { 477 r := bufio.NewReaderSize(rand.Reader, 1<<15) 478 479 m := []byte("Hello Gophers") 480 c, err := EncryptPKCS1v15(r, &k.PublicKey, m) 481 if err != nil { 482 b.Fatal(err) 483 } 484 485 b.ResetTimer() 486 var sink byte 487 for i := 0; i < b.N; i++ { 488 p, err := DecryptPKCS1v15(r, k, c) 489 if err != nil { 490 b.Fatal(err) 491 } 492 if !bytes.Equal(p, m) { 493 b.Fatalf("unexpected output: %q", p) 494 } 495 sink ^= p[0] 496 } 497} 498 499func BenchmarkEncryptPKCS1v15(b *testing.B) { 500 b.Run("2048", func(b *testing.B) { 501 r := bufio.NewReaderSize(rand.Reader, 1<<15) 502 m := []byte("Hello Gophers") 503 504 var sink byte 505 for i := 0; i < b.N; i++ { 506 c, err := EncryptPKCS1v15(r, &test2048Key.PublicKey, m) 507 if err != nil { 508 b.Fatal(err) 509 } 510 sink ^= c[0] 511 } 512 }) 513} 514 515func BenchmarkDecryptOAEP(b *testing.B) { 516 b.Run("2048", func(b *testing.B) { 517 r := bufio.NewReaderSize(rand.Reader, 1<<15) 518 519 m := []byte("Hello Gophers") 520 c, err := EncryptOAEP(sha256.New(), r, &test2048Key.PublicKey, m, nil) 521 if err != nil { 522 b.Fatal(err) 523 } 524 525 b.ResetTimer() 526 var sink byte 527 for i := 0; i < b.N; i++ { 528 p, err := DecryptOAEP(sha256.New(), r, test2048Key, c, nil) 529 if err != nil { 530 b.Fatal(err) 531 } 532 if !bytes.Equal(p, m) { 533 b.Fatalf("unexpected output: %q", p) 534 } 535 sink ^= p[0] 536 } 537 }) 538} 539 540func BenchmarkEncryptOAEP(b *testing.B) { 541 b.Run("2048", func(b *testing.B) { 542 r := bufio.NewReaderSize(rand.Reader, 1<<15) 543 m := []byte("Hello Gophers") 544 545 var sink byte 546 for i := 0; i < b.N; i++ { 547 c, err := EncryptOAEP(sha256.New(), r, &test2048Key.PublicKey, m, nil) 548 if err != nil { 549 b.Fatal(err) 550 } 551 sink ^= c[0] 552 } 553 }) 554} 555 556func BenchmarkSignPKCS1v15(b *testing.B) { 557 b.Run("2048", func(b *testing.B) { 558 hashed := sha256.Sum256([]byte("testing")) 559 560 var sink byte 561 b.ResetTimer() 562 for i := 0; i < b.N; i++ { 563 s, err := SignPKCS1v15(rand.Reader, test2048Key, crypto.SHA256, hashed[:]) 564 if err != nil { 565 b.Fatal(err) 566 } 567 sink ^= s[0] 568 } 569 }) 570} 571 572func BenchmarkVerifyPKCS1v15(b *testing.B) { 573 b.Run("2048", func(b *testing.B) { 574 hashed := sha256.Sum256([]byte("testing")) 575 s, err := SignPKCS1v15(rand.Reader, test2048Key, crypto.SHA256, hashed[:]) 576 if err != nil { 577 b.Fatal(err) 578 } 579 580 b.ResetTimer() 581 for i := 0; i < b.N; i++ { 582 err := VerifyPKCS1v15(&test2048Key.PublicKey, crypto.SHA256, hashed[:], s) 583 if err != nil { 584 b.Fatal(err) 585 } 586 } 587 }) 588} 589 590func BenchmarkSignPSS(b *testing.B) { 591 b.Run("2048", func(b *testing.B) { 592 hashed := sha256.Sum256([]byte("testing")) 593 594 var sink byte 595 b.ResetTimer() 596 for i := 0; i < b.N; i++ { 597 s, err := SignPSS(rand.Reader, test2048Key, crypto.SHA256, hashed[:], nil) 598 if err != nil { 599 b.Fatal(err) 600 } 601 sink ^= s[0] 602 } 603 }) 604} 605 606func BenchmarkVerifyPSS(b *testing.B) { 607 b.Run("2048", func(b *testing.B) { 608 hashed := sha256.Sum256([]byte("testing")) 609 s, err := SignPSS(rand.Reader, test2048Key, crypto.SHA256, hashed[:], nil) 610 if err != nil { 611 b.Fatal(err) 612 } 613 614 b.ResetTimer() 615 for i := 0; i < b.N; i++ { 616 err := VerifyPSS(&test2048Key.PublicKey, crypto.SHA256, hashed[:], s, nil) 617 if err != nil { 618 b.Fatal(err) 619 } 620 } 621 }) 622} 623 624type testEncryptOAEPMessage struct { 625 in []byte 626 seed []byte 627 out []byte 628} 629 630type testEncryptOAEPStruct struct { 631 modulus string 632 e int 633 d string 634 msgs []testEncryptOAEPMessage 635} 636 637func TestEncryptOAEP(t *testing.T) { 638 sha1 := sha1.New() 639 n := new(big.Int) 640 for i, test := range testEncryptOAEPData { 641 n.SetString(test.modulus, 16) 642 public := PublicKey{N: n, E: test.e} 643 644 for j, message := range test.msgs { 645 randomSource := bytes.NewReader(message.seed) 646 out, err := EncryptOAEP(sha1, randomSource, &public, message.in, nil) 647 if err != nil { 648 t.Errorf("#%d,%d error: %s", i, j, err) 649 } 650 if !bytes.Equal(out, message.out) { 651 t.Errorf("#%d,%d bad result: %x (want %x)", i, j, out, message.out) 652 } 653 } 654 } 655} 656 657func TestDecryptOAEP(t *testing.T) { 658 random := rand.Reader 659 660 sha1 := sha1.New() 661 n := new(big.Int) 662 d := new(big.Int) 663 for i, test := range testEncryptOAEPData { 664 n.SetString(test.modulus, 16) 665 d.SetString(test.d, 16) 666 private := new(PrivateKey) 667 private.PublicKey = PublicKey{N: n, E: test.e} 668 private.D = d 669 670 for j, message := range test.msgs { 671 out, err := DecryptOAEP(sha1, nil, private, message.out, nil) 672 if err != nil { 673 t.Errorf("#%d,%d error: %s", i, j, err) 674 } else if !bytes.Equal(out, message.in) { 675 t.Errorf("#%d,%d bad result: %#v (want %#v)", i, j, out, message.in) 676 } 677 678 // Decrypt with blinding. 679 out, err = DecryptOAEP(sha1, random, private, message.out, nil) 680 if err != nil { 681 t.Errorf("#%d,%d (blind) error: %s", i, j, err) 682 } else if !bytes.Equal(out, message.in) { 683 t.Errorf("#%d,%d (blind) bad result: %#v (want %#v)", i, j, out, message.in) 684 } 685 } 686 if testing.Short() { 687 break 688 } 689 } 690} 691 692func Test2DecryptOAEP(t *testing.T) { 693 random := rand.Reader 694 695 msg := []byte{0xed, 0x36, 0x90, 0x8d, 0xbe, 0xfc, 0x35, 0x40, 0x70, 0x4f, 0xf5, 0x9d, 0x6e, 0xc2, 0xeb, 0xf5, 0x27, 0xae, 0x65, 0xb0, 0x59, 0x29, 0x45, 0x25, 0x8c, 0xc1, 0x91, 0x22} 696 in := []byte{0x72, 0x26, 0x84, 0xc9, 0xcf, 0xd6, 0xa8, 0x96, 0x04, 0x3e, 0x34, 0x07, 0x2c, 0x4f, 0xe6, 0x52, 0xbe, 0x46, 0x3c, 0xcf, 0x79, 0x21, 0x09, 0x64, 0xe7, 0x33, 0x66, 0x9b, 0xf8, 0x14, 0x22, 0x43, 0xfe, 0x8e, 0x52, 0x8b, 0xe0, 0x5f, 0x98, 0xef, 0x54, 0xac, 0x6b, 0xc6, 0x26, 0xac, 0x5b, 0x1b, 0x4b, 0x7d, 0x2e, 0xd7, 0x69, 0x28, 0x5a, 0x2f, 0x4a, 0x95, 0x89, 0x6c, 0xc7, 0x53, 0x95, 0xc7, 0xd2, 0x89, 0x04, 0x6f, 0x94, 0x74, 0x9b, 0x09, 0x0d, 0xf4, 0x61, 0x2e, 0xab, 0x48, 0x57, 0x4a, 0xbf, 0x95, 0xcb, 0xff, 0x15, 0xe2, 0xa0, 0x66, 0x58, 0xf7, 0x46, 0xf8, 0xc7, 0x0b, 0xb5, 0x1e, 0xa7, 0xba, 0x36, 0xce, 0xdd, 0x36, 0x41, 0x98, 0x6e, 0x10, 0xf9, 0x3b, 0x70, 0xbb, 0xa1, 0xda, 0x00, 0x40, 0xd5, 0xa5, 0x3f, 0x87, 0x64, 0x32, 0x7c, 0xbc, 0x50, 0x52, 0x0e, 0x4f, 0x21, 0xbd} 697 698 n := new(big.Int) 699 d := new(big.Int) 700 n.SetString(testEncryptOAEPData[0].modulus, 16) 701 d.SetString(testEncryptOAEPData[0].d, 16) 702 priv := new(PrivateKey) 703 priv.PublicKey = PublicKey{N: n, E: testEncryptOAEPData[0].e} 704 priv.D = d 705 sha1 := crypto.SHA1 706 sha256 := crypto.SHA256 707 708 out, err := priv.Decrypt(random, in, &OAEPOptions{MGFHash: sha1, Hash: sha256}) 709 710 if err != nil { 711 t.Errorf("error: %s", err) 712 } else if !bytes.Equal(out, msg) { 713 t.Errorf("bad result %#v (want %#v)", out, msg) 714 } 715} 716 717func TestEncryptDecryptOAEP(t *testing.T) { 718 sha256 := sha256.New() 719 n := new(big.Int) 720 d := new(big.Int) 721 for i, test := range testEncryptOAEPData { 722 n.SetString(test.modulus, 16) 723 d.SetString(test.d, 16) 724 priv := new(PrivateKey) 725 priv.PublicKey = PublicKey{N: n, E: test.e} 726 priv.D = d 727 728 for j, message := range test.msgs { 729 label := []byte(fmt.Sprintf("hi#%d", j)) 730 enc, err := EncryptOAEP(sha256, rand.Reader, &priv.PublicKey, message.in, label) 731 if err != nil { 732 t.Errorf("#%d,%d: EncryptOAEP: %v", i, j, err) 733 continue 734 } 735 dec, err := DecryptOAEP(sha256, rand.Reader, priv, enc, label) 736 if err != nil { 737 t.Errorf("#%d,%d: DecryptOAEP: %v", i, j, err) 738 continue 739 } 740 if !bytes.Equal(dec, message.in) { 741 t.Errorf("#%d,%d: round trip %q -> %q", i, j, message.in, dec) 742 } 743 } 744 } 745} 746 747// testEncryptOAEPData contains a subset of the vectors from RSA's "Test vectors for RSA-OAEP". 748var testEncryptOAEPData = []testEncryptOAEPStruct{ 749 // Key 1 750 {"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb", 751 65537, 752 "53339cfdb79fc8466a655c7316aca85c55fd8f6dd898fdaf119517ef4f52e8fd8e258df93fee180fa0e4ab29693cd83b152a553d4ac4d1812b8b9fa5af0e7f55fe7304df41570926f3311f15c4d65a732c483116ee3d3d2d0af3549ad9bf7cbfb78ad884f84d5beb04724dc7369b31def37d0cf539e9cfcdd3de653729ead5d1", 753 []testEncryptOAEPMessage{ 754 // Example 1.1 755 { 756 []byte{0x66, 0x28, 0x19, 0x4e, 0x12, 0x07, 0x3d, 0xb0, 757 0x3b, 0xa9, 0x4c, 0xda, 0x9e, 0xf9, 0x53, 0x23, 0x97, 758 0xd5, 0x0d, 0xba, 0x79, 0xb9, 0x87, 0x00, 0x4a, 0xfe, 759 0xfe, 0x34, 760 }, 761 []byte{0x18, 0xb7, 0x76, 0xea, 0x21, 0x06, 0x9d, 0x69, 762 0x77, 0x6a, 0x33, 0xe9, 0x6b, 0xad, 0x48, 0xe1, 0xdd, 763 0xa0, 0xa5, 0xef, 764 }, 765 []byte{0x35, 0x4f, 0xe6, 0x7b, 0x4a, 0x12, 0x6d, 0x5d, 766 0x35, 0xfe, 0x36, 0xc7, 0x77, 0x79, 0x1a, 0x3f, 0x7b, 767 0xa1, 0x3d, 0xef, 0x48, 0x4e, 0x2d, 0x39, 0x08, 0xaf, 768 0xf7, 0x22, 0xfa, 0xd4, 0x68, 0xfb, 0x21, 0x69, 0x6d, 769 0xe9, 0x5d, 0x0b, 0xe9, 0x11, 0xc2, 0xd3, 0x17, 0x4f, 770 0x8a, 0xfc, 0xc2, 0x01, 0x03, 0x5f, 0x7b, 0x6d, 0x8e, 771 0x69, 0x40, 0x2d, 0xe5, 0x45, 0x16, 0x18, 0xc2, 0x1a, 772 0x53, 0x5f, 0xa9, 0xd7, 0xbf, 0xc5, 0xb8, 0xdd, 0x9f, 773 0xc2, 0x43, 0xf8, 0xcf, 0x92, 0x7d, 0xb3, 0x13, 0x22, 774 0xd6, 0xe8, 0x81, 0xea, 0xa9, 0x1a, 0x99, 0x61, 0x70, 775 0xe6, 0x57, 0xa0, 0x5a, 0x26, 0x64, 0x26, 0xd9, 0x8c, 776 0x88, 0x00, 0x3f, 0x84, 0x77, 0xc1, 0x22, 0x70, 0x94, 777 0xa0, 0xd9, 0xfa, 0x1e, 0x8c, 0x40, 0x24, 0x30, 0x9c, 778 0xe1, 0xec, 0xcc, 0xb5, 0x21, 0x00, 0x35, 0xd4, 0x7a, 779 0xc7, 0x2e, 0x8a, 780 }, 781 }, 782 // Example 1.2 783 { 784 []byte{0x75, 0x0c, 0x40, 0x47, 0xf5, 0x47, 0xe8, 0xe4, 785 0x14, 0x11, 0x85, 0x65, 0x23, 0x29, 0x8a, 0xc9, 0xba, 786 0xe2, 0x45, 0xef, 0xaf, 0x13, 0x97, 0xfb, 0xe5, 0x6f, 787 0x9d, 0xd5, 788 }, 789 []byte{0x0c, 0xc7, 0x42, 0xce, 0x4a, 0x9b, 0x7f, 0x32, 790 0xf9, 0x51, 0xbc, 0xb2, 0x51, 0xef, 0xd9, 0x25, 0xfe, 791 0x4f, 0xe3, 0x5f, 792 }, 793 []byte{0x64, 0x0d, 0xb1, 0xac, 0xc5, 0x8e, 0x05, 0x68, 794 0xfe, 0x54, 0x07, 0xe5, 0xf9, 0xb7, 0x01, 0xdf, 0xf8, 795 0xc3, 0xc9, 0x1e, 0x71, 0x6c, 0x53, 0x6f, 0xc7, 0xfc, 796 0xec, 0x6c, 0xb5, 0xb7, 0x1c, 0x11, 0x65, 0x98, 0x8d, 797 0x4a, 0x27, 0x9e, 0x15, 0x77, 0xd7, 0x30, 0xfc, 0x7a, 798 0x29, 0x93, 0x2e, 0x3f, 0x00, 0xc8, 0x15, 0x15, 0x23, 799 0x6d, 0x8d, 0x8e, 0x31, 0x01, 0x7a, 0x7a, 0x09, 0xdf, 800 0x43, 0x52, 0xd9, 0x04, 0xcd, 0xeb, 0x79, 0xaa, 0x58, 801 0x3a, 0xdc, 0xc3, 0x1e, 0xa6, 0x98, 0xa4, 0xc0, 0x52, 802 0x83, 0xda, 0xba, 0x90, 0x89, 0xbe, 0x54, 0x91, 0xf6, 803 0x7c, 0x1a, 0x4e, 0xe4, 0x8d, 0xc7, 0x4b, 0xbb, 0xe6, 804 0x64, 0x3a, 0xef, 0x84, 0x66, 0x79, 0xb4, 0xcb, 0x39, 805 0x5a, 0x35, 0x2d, 0x5e, 0xd1, 0x15, 0x91, 0x2d, 0xf6, 806 0x96, 0xff, 0xe0, 0x70, 0x29, 0x32, 0x94, 0x6d, 0x71, 807 0x49, 0x2b, 0x44, 808 }, 809 }, 810 // Example 1.3 811 { 812 []byte{0xd9, 0x4a, 0xe0, 0x83, 0x2e, 0x64, 0x45, 0xce, 813 0x42, 0x33, 0x1c, 0xb0, 0x6d, 0x53, 0x1a, 0x82, 0xb1, 814 0xdb, 0x4b, 0xaa, 0xd3, 0x0f, 0x74, 0x6d, 0xc9, 0x16, 815 0xdf, 0x24, 0xd4, 0xe3, 0xc2, 0x45, 0x1f, 0xff, 0x59, 816 0xa6, 0x42, 0x3e, 0xb0, 0xe1, 0xd0, 0x2d, 0x4f, 0xe6, 817 0x46, 0xcf, 0x69, 0x9d, 0xfd, 0x81, 0x8c, 0x6e, 0x97, 818 0xb0, 0x51, 819 }, 820 []byte{0x25, 0x14, 0xdf, 0x46, 0x95, 0x75, 0x5a, 0x67, 821 0xb2, 0x88, 0xea, 0xf4, 0x90, 0x5c, 0x36, 0xee, 0xc6, 822 0x6f, 0xd2, 0xfd, 823 }, 824 []byte{0x42, 0x37, 0x36, 0xed, 0x03, 0x5f, 0x60, 0x26, 825 0xaf, 0x27, 0x6c, 0x35, 0xc0, 0xb3, 0x74, 0x1b, 0x36, 826 0x5e, 0x5f, 0x76, 0xca, 0x09, 0x1b, 0x4e, 0x8c, 0x29, 827 0xe2, 0xf0, 0xbe, 0xfe, 0xe6, 0x03, 0x59, 0x5a, 0xa8, 828 0x32, 0x2d, 0x60, 0x2d, 0x2e, 0x62, 0x5e, 0x95, 0xeb, 829 0x81, 0xb2, 0xf1, 0xc9, 0x72, 0x4e, 0x82, 0x2e, 0xca, 830 0x76, 0xdb, 0x86, 0x18, 0xcf, 0x09, 0xc5, 0x34, 0x35, 831 0x03, 0xa4, 0x36, 0x08, 0x35, 0xb5, 0x90, 0x3b, 0xc6, 832 0x37, 0xe3, 0x87, 0x9f, 0xb0, 0x5e, 0x0e, 0xf3, 0x26, 833 0x85, 0xd5, 0xae, 0xc5, 0x06, 0x7c, 0xd7, 0xcc, 0x96, 834 0xfe, 0x4b, 0x26, 0x70, 0xb6, 0xea, 0xc3, 0x06, 0x6b, 835 0x1f, 0xcf, 0x56, 0x86, 0xb6, 0x85, 0x89, 0xaa, 0xfb, 836 0x7d, 0x62, 0x9b, 0x02, 0xd8, 0xf8, 0x62, 0x5c, 0xa3, 837 0x83, 0x36, 0x24, 0xd4, 0x80, 0x0f, 0xb0, 0x81, 0xb1, 838 0xcf, 0x94, 0xeb, 839 }, 840 }, 841 }, 842 }, 843 // Key 10 844 {"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb", 845 65537, 846 "056b04216fe5f354ac77250a4b6b0c8525a85c59b0bd80c56450a22d5f438e596a333aa875e291dd43f48cb88b9d5fc0d499f9fcd1c397f9afc070cd9e398c8d19e61db7c7410a6b2675dfbf5d345b804d201add502d5ce2dfcb091ce9997bbebe57306f383e4d588103f036f7e85d1934d152a323e4a8db451d6f4a5b1b0f102cc150e02feee2b88dea4ad4c1baccb24d84072d14e1d24a6771f7408ee30564fb86d4393a34bcf0b788501d193303f13a2284b001f0f649eaf79328d4ac5c430ab4414920a9460ed1b7bc40ec653e876d09abc509ae45b525190116a0c26101848298509c1c3bf3a483e7274054e15e97075036e989f60932807b5257751e79", 847 []testEncryptOAEPMessage{ 848 // Example 10.1 849 { 850 []byte{0x8b, 0xba, 0x6b, 0xf8, 0x2a, 0x6c, 0x0f, 0x86, 851 0xd5, 0xf1, 0x75, 0x6e, 0x97, 0x95, 0x68, 0x70, 0xb0, 852 0x89, 0x53, 0xb0, 0x6b, 0x4e, 0xb2, 0x05, 0xbc, 0x16, 853 0x94, 0xee, 854 }, 855 []byte{0x47, 0xe1, 0xab, 0x71, 0x19, 0xfe, 0xe5, 0x6c, 856 0x95, 0xee, 0x5e, 0xaa, 0xd8, 0x6f, 0x40, 0xd0, 0xaa, 857 0x63, 0xbd, 0x33, 858 }, 859 []byte{0x53, 0xea, 0x5d, 0xc0, 0x8c, 0xd2, 0x60, 0xfb, 860 0x3b, 0x85, 0x85, 0x67, 0x28, 0x7f, 0xa9, 0x15, 0x52, 861 0xc3, 0x0b, 0x2f, 0xeb, 0xfb, 0xa2, 0x13, 0xf0, 0xae, 862 0x87, 0x70, 0x2d, 0x06, 0x8d, 0x19, 0xba, 0xb0, 0x7f, 863 0xe5, 0x74, 0x52, 0x3d, 0xfb, 0x42, 0x13, 0x9d, 0x68, 864 0xc3, 0xc5, 0xaf, 0xee, 0xe0, 0xbf, 0xe4, 0xcb, 0x79, 865 0x69, 0xcb, 0xf3, 0x82, 0xb8, 0x04, 0xd6, 0xe6, 0x13, 866 0x96, 0x14, 0x4e, 0x2d, 0x0e, 0x60, 0x74, 0x1f, 0x89, 867 0x93, 0xc3, 0x01, 0x4b, 0x58, 0xb9, 0xb1, 0x95, 0x7a, 868 0x8b, 0xab, 0xcd, 0x23, 0xaf, 0x85, 0x4f, 0x4c, 0x35, 869 0x6f, 0xb1, 0x66, 0x2a, 0xa7, 0x2b, 0xfc, 0xc7, 0xe5, 870 0x86, 0x55, 0x9d, 0xc4, 0x28, 0x0d, 0x16, 0x0c, 0x12, 871 0x67, 0x85, 0xa7, 0x23, 0xeb, 0xee, 0xbe, 0xff, 0x71, 872 0xf1, 0x15, 0x94, 0x44, 0x0a, 0xae, 0xf8, 0x7d, 0x10, 873 0x79, 0x3a, 0x87, 0x74, 0xa2, 0x39, 0xd4, 0xa0, 0x4c, 874 0x87, 0xfe, 0x14, 0x67, 0xb9, 0xda, 0xf8, 0x52, 0x08, 875 0xec, 0x6c, 0x72, 0x55, 0x79, 0x4a, 0x96, 0xcc, 0x29, 876 0x14, 0x2f, 0x9a, 0x8b, 0xd4, 0x18, 0xe3, 0xc1, 0xfd, 877 0x67, 0x34, 0x4b, 0x0c, 0xd0, 0x82, 0x9d, 0xf3, 0xb2, 878 0xbe, 0xc6, 0x02, 0x53, 0x19, 0x62, 0x93, 0xc6, 0xb3, 879 0x4d, 0x3f, 0x75, 0xd3, 0x2f, 0x21, 0x3d, 0xd4, 0x5c, 880 0x62, 0x73, 0xd5, 0x05, 0xad, 0xf4, 0xcc, 0xed, 0x10, 881 0x57, 0xcb, 0x75, 0x8f, 0xc2, 0x6a, 0xee, 0xfa, 0x44, 882 0x12, 0x55, 0xed, 0x4e, 0x64, 0xc1, 0x99, 0xee, 0x07, 883 0x5e, 0x7f, 0x16, 0x64, 0x61, 0x82, 0xfd, 0xb4, 0x64, 884 0x73, 0x9b, 0x68, 0xab, 0x5d, 0xaf, 0xf0, 0xe6, 0x3e, 885 0x95, 0x52, 0x01, 0x68, 0x24, 0xf0, 0x54, 0xbf, 0x4d, 886 0x3c, 0x8c, 0x90, 0xa9, 0x7b, 0xb6, 0xb6, 0x55, 0x32, 887 0x84, 0xeb, 0x42, 0x9f, 0xcc, 888 }, 889 }, 890 }, 891 }, 892} 893