Tree - rpms/golang - CentOS Git server

rpms / golang

Blame SOURCES/openssl_deprecated_algorithm_tests.patch

Blob History Raw

		19eaa6	`diff --git a/src/crypto/rsa/pkcs1v15_test.go b/src/crypto/rsa/pkcs1v15_test.go`
		a72611	`index a4f2e2dbbe..76701d2e2b 100644`
		19eaa6	`--- a/src/crypto/rsa/pkcs1v15_test.go`
		19eaa6	`+++ b/src/crypto/rsa/pkcs1v15_test.go`
		19eaa6	`@@ -52,6 +52,7 @@ var decryptPKCS1v15Tests = []DecryptPKCS1v15Test{`
		19eaa6	`}`
		19eaa6
		19eaa6	`func TestDecryptPKCS1v15(t *testing.T) {`
		19eaa6	`+ t.Skip("not supported in FIPS mode")`
		19eaa6	`decryptionFuncs := []func([]byte) ([]byte, error){`
		19eaa6	`func(ciphertext []byte) (plaintext []byte, err error) {`
		19eaa6	`return DecryptPKCS1v15(nil, testRSA2048PrivateKey, ciphertext)`
		19eaa6	`@@ -76,6 +77,7 @@ func TestDecryptPKCS1v15(t *testing.T) {`
		19eaa6	`}`
		19eaa6
		19eaa6	`func TestEncryptPKCS1v15(t *testing.T) {`
		19eaa6	`+ t.Skip("not supported in FIPS mode")`
		19eaa6	`random := rand.Reader`
		19eaa6	`k := (testRSA2048PrivateKey.N.BitLen() + 7) / 8`
		19eaa6
		19eaa6	`@@ -137,6 +139,7 @@ var decryptPKCS1v15SessionKeyTests = []DecryptPKCS1v15Test{`
		19eaa6	`}`
		19eaa6
		19eaa6	`func TestEncryptPKCS1v15SessionKey(t *testing.T) {`
		19eaa6	`+ t.Skip("not supported in FIPS mode")`
		19eaa6	`for i, test := range decryptPKCS1v15SessionKeyTests {`
		19eaa6	`key := []byte("FAIL")`
		19eaa6	`err := DecryptPKCS1v15SessionKey(nil, testRSA2048PrivateKey, decodeBase64(test.in), key)`
		19eaa6	`@@ -151,6 +154,7 @@ func TestEncryptPKCS1v15SessionKey(t *testing.T) {`
		19eaa6	`}`
		19eaa6
		19eaa6	`func TestEncryptPKCS1v15DecrypterSessionKey(t *testing.T) {`
		19eaa6	`+ t.Skip("not supported in FIPS mode")`
		19eaa6	`for i, test := range decryptPKCS1v15SessionKeyTests {`
		19eaa6	`plaintext, err := testRSA2048PrivateKey.Decrypt(rand.Reader, decodeBase64(test.in), &PKCS1v15DecryptOptions{SessionKeyLen: 4})`
		19eaa6	`if err != nil {`
		19eaa6	`@@ -270,6 +274,7 @@ func TestUnpaddedSignature(t *testing.T) {`
		19eaa6	`}`
		19eaa6
		19eaa6	`func TestShortSessionKey(t *testing.T) {`
		19eaa6	`+ t.Skip("not supported in FIPS mode")`
		19eaa6	`// This tests that attempting to decrypt a session key where the`
		19eaa6	`// ciphertext is too small doesn't run outside the array bounds.`
		a72611	`ciphertext, err := EncryptPKCS1v15(rand.Reader, &testRSA2048PrivateKey.PublicKey, []byte{1})`
		19eaa6	`diff --git a/src/crypto/rsa/pss_test.go b/src/crypto/rsa/pss_test.go`
		a72611	`index b547a87c71..99e7882866 100644`
		19eaa6	`--- a/src/crypto/rsa/pss_test.go`
		19eaa6	`+++ b/src/crypto/rsa/pss_test.go`
		19eaa6	`@@ -77,6 +77,7 @@ func TestEMSAPSS(t *testing.T) {`
		19eaa6	`// TestPSSGolden tests all the test vectors in pss-vect.txt from`
		19eaa6	`// ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip`
		19eaa6	`func TestPSSGolden(t *testing.T) {`
		19eaa6	`+ t.Skip("SHA1 not supported in boring mode")`
		19eaa6	`inFile, err := os.Open("testdata/pss-vect.txt.bz2")`
		19eaa6	`if err != nil {`
		19eaa6	`t.Fatalf("Failed to open input file: %s", err)`
		19eaa6	`diff --git a/src/crypto/rsa/rsa_test.go b/src/crypto/rsa/rsa_test.go`
		a72611	`index 9aa67655ab..2f4e666abb 100644`
		19eaa6	`--- a/src/crypto/rsa/rsa_test.go`
		19eaa6	`+++ b/src/crypto/rsa/rsa_test.go`
		a72611	`@@ -123,28 +123,29 @@ func testKeyBasics(t testing.T, priv PrivateKey) {`
		19eaa6	`t.Errorf("private exponent too large")`
		19eaa6	`}`
		19eaa6
		19eaa6	`- if boring.Enabled() {`
		19eaa6	`- // Cannot call encrypt/decrypt directly. Test via PKCS1v15.`
		19eaa6	`- msg := []byte("hi!")`
		19eaa6	`- if priv.Size() >= 256 {`
		19eaa6	`- enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg)`
		19eaa6	`- if err != nil {`
		19eaa6	`- t.Errorf("EncryptPKCS1v15: %v", err)`
		19eaa6	`- return`
		19eaa6	`- }`
		19eaa6	`- dec, err := DecryptPKCS1v15(rand.Reader, priv, enc)`
		19eaa6	`- if err != nil {`
		19eaa6	`- t.Errorf("DecryptPKCS1v15: %v", err)`
		19eaa6	`- return`
		19eaa6	`- }`
		19eaa6	`- if !bytes.Equal(dec, msg) {`
		19eaa6	`- t.Errorf("got:%x want:%x (%+v)", dec, msg, priv)`
		19eaa6	`- }`
		19eaa6	`- } else {`
		a72611	`- t.Logf("skipping check for unsupported key less than 2048 bits")`
		19eaa6	`- }`
		19eaa6	`- return`
		19eaa6	`- }`
		19eaa6	`+ if boring.Enabled() {`
		19eaa6	`+ // Cannot call encrypt/decrypt directly. Test via EncryptOAEP.`
		a72611	`+ sha256 := sha256.New()`
		19eaa6	`+ msg := []byte("hi!")`
		19eaa6	`+ if priv.Size() >= 256 {`
		19eaa6	`+ enc, err := EncryptOAEP(sha256, rand.Reader, &priv.PublicKey, msg, nil)`
		19eaa6	`+ if err != nil {`
		19eaa6	`+ t.Errorf("EncryptOAEP: %v", err)`
		19eaa6	`+ return`
		19eaa6	`+ }`
		19eaa6	`+ dec, err := DecryptOAEP(sha256, rand.Reader, priv, enc, nil)`
		19eaa6	`+ if err != nil {`
		19eaa6	`+ t.Errorf("DecryptOAEP: %v", err)`
		19eaa6	`+ return`
		19eaa6	`+ }`
		19eaa6	`+ if !bytes.Equal(dec, msg) {`
		19eaa6	`+ t.Errorf("got:%x want:%x (%+v)", dec, msg, priv)`
		19eaa6	`+ }`
		19eaa6	`+ } else {`
		19eaa6	`+ t.Logf("skipping check for unsupported key less than 2048 bits")`
		19eaa6	`+ }`
		19eaa6	`+ return`
		19eaa6	`+ }`
		19eaa6
		19eaa6	`pub := &priv.PublicKey`
		19eaa6	`m := big.NewInt(42)`
		a72611	`@@ -312,6 +312,11 @@ func TestDecryptOAEP(t *testing.T) {`
		19eaa6	`private.PublicKey = PublicKey{N: n, E: test.e}`
		19eaa6	`private.D = d`
		19eaa6
		19eaa6	`+ if boring.Enabled() && private.PublicKey.Size() < 256 {`
		19eaa6	`+ t.Logf("skipping check for unsupported key less than 2048 bits")`
		a72611	`+ continue`
		19eaa6	`+ }`
		19eaa6	`+ t.Logf("running check for supported key size")`
		19eaa6	`for j, message := range test.msgs {`
		19eaa6	`out, err := DecryptOAEP(sha1, nil, private, message.out, nil)`
		19eaa6	`if err != nil {`

rpms / golang

Source Code

Blame SOURCES/openssl_deprecated_algorithm_tests.patch