mirror
/
go-ethereum
mirror of https://github.com/ethereum/go-ethereum
2
0
Fork 1
Code Issues Releases Wiki Activity

crypto: fix megacheck warnings (#14917)

Browse Source 
* crypto: fix megacheck warnings

* crypto/ecies: remove ASN.1 support
pull/14707/merge
Egon Elbre 7 years ago committed by Péter Szilágyi
parent 9a7e99f75d
commit 10ce8b0e3c
6 changed files with 19 additions and 870 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 584
      crypto/ecies/asn1.go
  2. 10
      crypto/ecies/ecies.go
  3. 186
      crypto/ecies/ecies_test.go
  4. 93
      crypto/ecies/params.go
  5. 5
      crypto/sha3/sha3.go
  6. 11
      crypto/sha3/sha3_test.go

584
crypto/ecies/asn1.go
Unescape View File

@ -1,584 +0,0 @@
// Copyright (c) 2013 Kyle Isom <kyle@tyrfingr.is>
// Copyright (c) 2012 The Go Authors. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following disclaimer
// in the documentation and/or other materials provided with the
// distribution.
// * Neither the name of Google Inc. nor the names of its
// contributors may be used to endorse or promote products derived from
// this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
package ecies
import (
"bytes"
"crypto"
"crypto/elliptic"
"crypto/sha1"
"crypto/sha256"
"crypto/sha512"
"encoding/asn1"
"encoding/pem"
"fmt"
"hash"
"math/big"
ethcrypto "github.com/ethereum/go-ethereum/crypto"
)
var (
secgScheme = []int{1, 3, 132, 1}
shaScheme = []int{2, 16, 840, 1, 101, 3, 4, 2}
ansiX962Scheme = []int{1, 2, 840, 10045}
x963Scheme = []int{1, 2, 840, 63, 0}
)
var ErrInvalidPrivateKey = fmt.Errorf("ecies: invalid private key")
func doScheme(base, v []int) asn1.ObjectIdentifier {
var oidInts asn1.ObjectIdentifier
oidInts = append(oidInts, base...)
return append(oidInts, v...)
}
// curve OID code taken from crypto/x509, including
// - oidNameCurve*
// - namedCurveFromOID
// - oidFromNamedCurve
// RFC 5480, 2.1.1.1. Named Curve
//
// secp224r1 OBJECT IDENTIFIER ::= {
// iso(1) identified-organization(3) certicom(132) curve(0) 33 }
//
// secp256r1 OBJECT IDENTIFIER ::= {
// iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3)
// prime(1) 7 }
//
// secp384r1 OBJECT IDENTIFIER ::= {
// iso(1) identified-organization(3) certicom(132) curve(0) 34 }
//
// secp521r1 OBJECT IDENTIFIER ::= {
// iso(1) identified-organization(3) certicom(132) curve(0) 35 }
//
// NB: secp256r1 is equivalent to prime256v1
type secgNamedCurve asn1.ObjectIdentifier
var (
secgNamedCurveS256 = secgNamedCurve{1, 3, 132, 0, 10}
secgNamedCurveP256 = secgNamedCurve{1, 2, 840, 10045, 3, 1, 7}
secgNamedCurveP384 = secgNamedCurve{1, 3, 132, 0, 34}
secgNamedCurveP521 = secgNamedCurve{1, 3, 132, 0, 35}
rawCurveP256 = []byte{6, 8, 4, 2, 1, 3, 4, 7, 2, 2, 0, 6, 6, 1, 3, 1, 7}
rawCurveP384 = []byte{6, 5, 4, 3, 1, 2, 9, 4, 0, 3, 4}
rawCurveP521 = []byte{6, 5, 4, 3, 1, 2, 9, 4, 0, 3, 5}
)
func rawCurve(curve elliptic.Curve) []byte {
switch curve {
case elliptic.P256():
return rawCurveP256
case elliptic.P384():
return rawCurveP384
case elliptic.P521():
return rawCurveP521
default:
return nil
}
}
func (curve secgNamedCurve) Equal(curve2 secgNamedCurve) bool {
if len(curve) != len(curve2) {
return false
}
for i := range curve {
if curve[i] != curve2[i] {
return false
}
}
return true
}
func namedCurveFromOID(curve secgNamedCurve) elliptic.Curve {
switch {
case curve.Equal(secgNamedCurveS256):
return ethcrypto.S256()
case curve.Equal(secgNamedCurveP256):
return elliptic.P256()
case curve.Equal(secgNamedCurveP384):
return elliptic.P384()
case curve.Equal(secgNamedCurveP521):
return elliptic.P521()
}
return nil
}
func oidFromNamedCurve(curve elliptic.Curve) (secgNamedCurve, bool) {
switch curve {
case elliptic.P256():
return secgNamedCurveP256, true
case elliptic.P384():
return secgNamedCurveP384, true
case elliptic.P521():
return secgNamedCurveP521, true
case ethcrypto.S256():
return secgNamedCurveS256, true
}
return nil, false
}
// asnAlgorithmIdentifier represents the ASN.1 structure of the same name. See RFC
// 5280, section 4.1.1.2.
type asnAlgorithmIdentifier struct {
Algorithm asn1.ObjectIdentifier
Parameters asn1.RawValue `asn1:"optional"`
}
func (a asnAlgorithmIdentifier) Cmp(b asnAlgorithmIdentifier) bool {
if len(a.Algorithm) != len(b.Algorithm) {
return false
}
for i := range a.Algorithm {
if a.Algorithm[i] != b.Algorithm[i] {
return false
}
}
return true
}
type asnHashFunction asnAlgorithmIdentifier
var (
oidSHA1 = asn1.ObjectIdentifier{1, 3, 14, 3, 2, 26}
oidSHA224 = doScheme(shaScheme, []int{4})
oidSHA256 = doScheme(shaScheme, []int{1})
oidSHA384 = doScheme(shaScheme, []int{2})
oidSHA512 = doScheme(shaScheme, []int{3})
)
func hashFromOID(oid asn1.ObjectIdentifier) func() hash.Hash {
switch {
case oid.Equal(oidSHA1):
return sha1.New
case oid.Equal(oidSHA224):
return sha256.New224
case oid.Equal(oidSHA256):
return sha256.New
case oid.Equal(oidSHA384):
return sha512.New384
case oid.Equal(oidSHA512):
return sha512.New
}
return nil
}
func oidFromHash(hash crypto.Hash) (asn1.ObjectIdentifier, bool) {
switch hash {
case crypto.SHA1:
return oidSHA1, true
case crypto.SHA224:
return oidSHA224, true
case crypto.SHA256:
return oidSHA256, true
case crypto.SHA384:
return oidSHA384, true
case crypto.SHA512:
return oidSHA512, true
default:
return nil, false
}
}
var (
asnAlgoSHA1 = asnHashFunction{
Algorithm: oidSHA1,
}
asnAlgoSHA224 = asnHashFunction{
Algorithm: oidSHA224,
}
asnAlgoSHA256 = asnHashFunction{
Algorithm: oidSHA256,
}
asnAlgoSHA384 = asnHashFunction{
Algorithm: oidSHA384,
}
asnAlgoSHA512 = asnHashFunction{
Algorithm: oidSHA512,
}
)
// type ASNasnSubjectPublicKeyInfo struct {
//
// }
//
type asnSubjectPublicKeyInfo struct {
Algorithm asn1.ObjectIdentifier
PublicKey asn1.BitString
Supplements ecpksSupplements `asn1:"optional"`
}
type asnECPKAlgorithms struct {
Type asn1.ObjectIdentifier
}
var idPublicKeyType = doScheme(ansiX962Scheme, []int{2})
var idEcPublicKey = doScheme(idPublicKeyType, []int{1})
var idEcPublicKeySupplemented = doScheme(idPublicKeyType, []int{0})
func curveToRaw(curve elliptic.Curve) (rv asn1.RawValue, ok bool) {
switch curve {
case elliptic.P256(), elliptic.P384(), elliptic.P521():
raw := rawCurve(curve)
return asn1.RawValue{
Tag: 30,
Bytes: raw[2:],
FullBytes: raw,
}, true
default:
return rv, false
}
}
func asnECPublicKeyType(curve elliptic.Curve) (algo asnAlgorithmIdentifier, ok bool) {
raw, ok := curveToRaw(curve)
if !ok {
return
} else {
return asnAlgorithmIdentifier{Algorithm: idEcPublicKey,
Parameters: raw}, true
}
}
type asnECPrivKeyVer int
var asnECPrivKeyVer1 asnECPrivKeyVer = 1
type asnPrivateKey struct {
Version asnECPrivKeyVer
Private []byte
Curve secgNamedCurve `asn1:"optional"`
Public asn1.BitString
}
var asnECDH = doScheme(secgScheme, []int{12})
type asnECDHAlgorithm asnAlgorithmIdentifier
var (
dhSinglePass_stdDH_sha1kdf = asnECDHAlgorithm{
Algorithm: doScheme(x963Scheme, []int{2}),
}
dhSinglePass_stdDH_sha256kdf = asnECDHAlgorithm{
Algorithm: doScheme(secgScheme, []int{11, 1}),
}
dhSinglePass_stdDH_sha384kdf = asnECDHAlgorithm{
Algorithm: doScheme(secgScheme, []int{11, 2}),
}
dhSinglePass_stdDH_sha224kdf = asnECDHAlgorithm{
Algorithm: doScheme(secgScheme, []int{11, 0}),
}
dhSinglePass_stdDH_sha512kdf = asnECDHAlgorithm{
Algorithm: doScheme(secgScheme, []int{11, 3}),
}
)
func (a asnECDHAlgorithm) Cmp(b asnECDHAlgorithm) bool {
if len(a.Algorithm) != len(b.Algorithm) {
return false
}
for i := range a.Algorithm {
if a.Algorithm[i] != b.Algorithm[i] {
return false
}
}
return true
}
// asnNISTConcatenation is the only supported KDF at this time.
type asnKeyDerivationFunction asnAlgorithmIdentifier
var asnNISTConcatenationKDF = asnKeyDerivationFunction{
Algorithm: doScheme(secgScheme, []int{17, 1}),
}
func (a asnKeyDerivationFunction) Cmp(b asnKeyDerivationFunction) bool {
if len(a.Algorithm) != len(b.Algorithm) {
return false
}
for i := range a.Algorithm {
if a.Algorithm[i] != b.Algorithm[i] {
return false
}
}
return true
}
var eciesRecommendedParameters = doScheme(secgScheme, []int{7})
var eciesSpecifiedParameters = doScheme(secgScheme, []int{8})
type asnECIESParameters struct {
KDF asnKeyDerivationFunction `asn1:"optional"`
Sym asnSymmetricEncryption `asn1:"optional"`
MAC asnMessageAuthenticationCode `asn1:"optional"`
}
type asnSymmetricEncryption asnAlgorithmIdentifier
var (
aes128CTRinECIES = asnSymmetricEncryption{
Algorithm: doScheme(secgScheme, []int{21, 0}),
}
aes192CTRinECIES = asnSymmetricEncryption{
Algorithm: doScheme(secgScheme, []int{21, 1}),
}
aes256CTRinECIES = asnSymmetricEncryption{
Algorithm: doScheme(secgScheme, []int{21, 2}),
}
)
func (a asnSymmetricEncryption) Cmp(b asnSymmetricEncryption) bool {
if len(a.Algorithm) != len(b.Algorithm) {
return false
}
for i := range a.Algorithm {
if a.Algorithm[i] != b.Algorithm[i] {
return false
}
}
return true
}
type asnMessageAuthenticationCode asnAlgorithmIdentifier
var (
hmacFull = asnMessageAuthenticationCode{
Algorithm: doScheme(secgScheme, []int{22}),
}
)
func (a asnMessageAuthenticationCode) Cmp(b asnMessageAuthenticationCode) bool {
if len(a.Algorithm) != len(b.Algorithm) {
return false
}
for i := range a.Algorithm {
if a.Algorithm[i] != b.Algorithm[i] {
return false
}
}
return true
}
type ecpksSupplements struct {
ECDomain secgNamedCurve
ECCAlgorithms eccAlgorithmSet
}
type eccAlgorithmSet struct {
ECDH asnECDHAlgorithm `asn1:"optional"`
ECIES asnECIESParameters `asn1:"optional"`
}
func marshalSubjectPublicKeyInfo(pub *PublicKey) (subj asnSubjectPublicKeyInfo, err error) {
subj.Algorithm = idEcPublicKeySupplemented
curve, ok := oidFromNamedCurve(pub.Curve)
if !ok {
err = ErrInvalidPublicKey
return
}
subj.Supplements.ECDomain = curve
if pub.Params != nil {
subj.Supplements.ECCAlgorithms.ECDH = paramsToASNECDH(pub.Params)
subj.Supplements.ECCAlgorithms.ECIES = paramsToASNECIES(pub.Params)
}
pubkey := elliptic.Marshal(pub.Curve, pub.X, pub.Y)
subj.PublicKey = asn1.BitString{
BitLength: len(pubkey) * 8,
Bytes: pubkey,
}
return
}
// Encode a public key to DER format.
func MarshalPublic(pub *PublicKey) ([]byte, error) {
subj, err := marshalSubjectPublicKeyInfo(pub)
if err != nil {
return nil, err
}
return asn1.Marshal(subj)
}
// Decode a DER-encoded public key.
func UnmarshalPublic(in []byte) (pub *PublicKey, err error) {
var subj asnSubjectPublicKeyInfo
if _, err = asn1.Unmarshal(in, &subj); err != nil {
return
}
if !subj.Algorithm.Equal(idEcPublicKeySupplemented) {
err = ErrInvalidPublicKey
return
}
pub = new(PublicKey)
pub.Curve = namedCurveFromOID(subj.Supplements.ECDomain)
x, y := elliptic.Unmarshal(pub.Curve, subj.PublicKey.Bytes)
if x == nil {
err = ErrInvalidPublicKey
return
}
pub.X = x
pub.Y = y
pub.Params = new(ECIESParams)
asnECIEStoParams(subj.Supplements.ECCAlgorithms.ECIES, pub.Params)
asnECDHtoParams(subj.Supplements.ECCAlgorithms.ECDH, pub.Params)
if pub.Params == nil {
if pub.Params = ParamsFromCurve(pub.Curve); pub.Params == nil {
err = ErrInvalidPublicKey
}
}
return
}
func marshalPrivateKey(prv *PrivateKey) (ecprv asnPrivateKey, err error) {
ecprv.Version = asnECPrivKeyVer1
ecprv.Private = prv.D.Bytes()
var ok bool
ecprv.Curve, ok = oidFromNamedCurve(prv.PublicKey.Curve)
if !ok {
err = ErrInvalidPrivateKey
return
}
var pub []byte
if pub, err = MarshalPublic(&prv.PublicKey); err != nil {
return
} else {
ecprv.Public = asn1.BitString{
BitLength: len(pub) * 8,
Bytes: pub,
}
}
return
}
// Encode a private key to DER format.
func MarshalPrivate(prv *PrivateKey) ([]byte, error) {
ecprv, err := marshalPrivateKey(prv)
if err != nil {
return nil, err
}
return asn1.Marshal(ecprv)
}
// Decode a private key from a DER-encoded format.
func UnmarshalPrivate(in []byte) (prv *PrivateKey, err error) {
var ecprv asnPrivateKey
if _, err = asn1.Unmarshal(in, &ecprv); err != nil {
return
} else if ecprv.Version != asnECPrivKeyVer1 {
err = ErrInvalidPrivateKey
return
}
privateCurve := namedCurveFromOID(ecprv.Curve)
if privateCurve == nil {
err = ErrInvalidPrivateKey
return
}
prv = new(PrivateKey)
prv.D = new(big.Int).SetBytes(ecprv.Private)
if pub, err := UnmarshalPublic(ecprv.Public.Bytes); err != nil {
return nil, err
} else {
prv.PublicKey = *pub
}
return
}
// Export a public key to PEM format.
func ExportPublicPEM(pub *PublicKey) (out []byte, err error) {
der, err := MarshalPublic(pub)
if err != nil {
return
}
var block pem.Block
block.Type = "ELLIPTIC CURVE PUBLIC KEY"
block.Bytes = der
buf := new(bytes.Buffer)
err = pem.Encode(buf, &block)
if err != nil {
return
} else {
out = buf.Bytes()
}
return
}
// Export a private key to PEM format.
func ExportPrivatePEM(prv *PrivateKey) (out []byte, err error) {
der, err := MarshalPrivate(prv)
if err != nil {
return
}
var block pem.Block
block.Type = "ELLIPTIC CURVE PRIVATE KEY"
block.Bytes = der
buf := new(bytes.Buffer)
err = pem.Encode(buf, &block)
if err != nil {
return
} else {
out = buf.Bytes()
}
return
}
// Import a PEM-encoded public key.
func ImportPublicPEM(in []byte) (pub *PublicKey, err error) {
p, _ := pem.Decode(in)
if p == nil || p.Type != "ELLIPTIC CURVE PUBLIC KEY" {
return nil, ErrInvalidPublicKey
}
pub, err = UnmarshalPublic(p.Bytes)
return
}
// Import a PEM-encoded private key.
func ImportPrivatePEM(in []byte) (prv *PrivateKey, err error) {
p, _ := pem.Decode(in)
if p == nil || p.Type != "ELLIPTIC CURVE PRIVATE KEY" {
return nil, ErrInvalidPrivateKey
}
prv, err = UnmarshalPrivate(p.Bytes)
return
}

10
crypto/ecies/ecies.go
Unescape View File

@ -151,14 +151,16 @@ var (
func incCounter(ctr []byte) {
if ctr[3]++; ctr[3] != 0 {
return
} else if ctr[2]++; ctr[2] != 0 {
}
if ctr[2]++; ctr[2] != 0 {
return
} else if ctr[1]++; ctr[1] != 0 {
}
if ctr[1]++; ctr[1] != 0 {
return
} else if ctr[0]++; ctr[0] != 0 {
}
if ctr[0]++; ctr[0] != 0 {
return
}
return
}
// NIST SP 800-56 Concatenation Key Derivation Function (see section 5.8.1).

186
crypto/ecies/ecies_test.go
Unescape View File

@ -37,7 +37,6 @@ import (
"encoding/hex"
"flag"
"fmt"
"io/ioutil"
"math/big"
"testing"
@ -63,8 +62,7 @@ func TestKDF(t *testing.T) {
t.FailNow()
}
if len(k) != 64 {
fmt.Printf("KDF: generated key is the wrong size (%d instead of 64\n",
len(k))
fmt.Printf("KDF: generated key is the wrong size (%d instead of 64\n", len(k))
t.FailNow()
}
}
@ -74,14 +72,9 @@ var ErrBadSharedKeys = fmt.Errorf("ecies: shared keys don't match")
// cmpParams compares a set of ECIES parameters. We assume, as per the
// docs, that AES is the only supported symmetric encryption algorithm.
func cmpParams(p1, p2 *ECIESParams) bool {
if p1.hashAlgo != p2.hashAlgo {
return false
} else if p1.KeyLen != p2.KeyLen {
return false
} else if p1.BlockSize != p2.BlockSize {
return false
}
return true
return p1.hashAlgo == p2.hashAlgo &&
p1.KeyLen == p2.KeyLen &&
p1.BlockSize == p2.BlockSize
}
// cmpPublic returns true if the two public keys represent the same pojnt.
@ -212,118 +205,6 @@ func TestTooBigSharedKey(t *testing.T) {
}
}
// Ensure a public key can be successfully marshalled and unmarshalled, and
// that the decoded key is the same as the original.
func TestMarshalPublic(t *testing.T) {
prv, err := GenerateKey(rand.Reader, DefaultCurve, nil)
if err != nil {
t.Fatalf("GenerateKey error: %s", err)
}
out, err := MarshalPublic(&prv.PublicKey)
if err != nil {
t.Fatalf("MarshalPublic error: %s", err)
}
pub, err := UnmarshalPublic(out)
if err != nil {
t.Fatalf("UnmarshalPublic error: %s", err)
}
if !cmpPublic(prv.PublicKey, *pub) {
t.Fatal("ecies: failed to unmarshal public key")
}
}
// Ensure that a private key can be encoded into DER format, and that
// the resulting key is properly parsed back into a public key.
func TestMarshalPrivate(t *testing.T) {
prv, err := GenerateKey(rand.Reader, DefaultCurve, nil)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
out, err := MarshalPrivate(prv)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
if dumpEnc {
ioutil.WriteFile("test.out", out, 0644)
}
prv2, err := UnmarshalPrivate(out)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
if !cmpPrivate(prv, prv2) {
fmt.Println("ecdh: private key import failed")
t.FailNow()
}
}
// Ensure that a private key can be successfully encoded to PEM format, and
// the resulting key is properly parsed back in.
func TestPrivatePEM(t *testing.T) {
prv, err := GenerateKey(rand.Reader, DefaultCurve, nil)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
out, err := ExportPrivatePEM(prv)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
if dumpEnc {
ioutil.WriteFile("test.key", out, 0644)
}
prv2, err := ImportPrivatePEM(out)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
} else if !cmpPrivate(prv, prv2) {
fmt.Println("ecdh: import from PEM failed")
t.FailNow()
}
}
// Ensure that a public key can be successfully encoded to PEM format, and
// the resulting key is properly parsed back in.
func TestPublicPEM(t *testing.T) {
prv, err := GenerateKey(rand.Reader, DefaultCurve, nil)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
out, err := ExportPublicPEM(&prv.PublicKey)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
if dumpEnc {
ioutil.WriteFile("test.pem", out, 0644)
}
pub2, err := ImportPublicPEM(out)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
} else if !cmpPublic(prv.PublicKey, *pub2) {
fmt.Println("ecdh: import from PEM failed")
t.FailNow()
}
}
// Benchmark the generation of P256 keys.
func BenchmarkGenerateKeyP256(b *testing.B) {
for i := 0; i < b.N; i++ {
@ -437,74 +318,27 @@ func TestDecryptShared2(t *testing.T) {
}
}
// TestMarshalEncryption validates the encode/decode produces a valid
// ECIES encryption key.
func TestMarshalEncryption(t *testing.T) {
prv1, err := GenerateKey(rand.Reader, DefaultCurve, nil)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
out, err := MarshalPrivate(prv1)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
prv2, err := UnmarshalPrivate(out)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
message := []byte("Hello, world.")
ct, err := Encrypt(rand.Reader, &prv2.PublicKey, message, nil, nil)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
pt, err := prv2.Decrypt(rand.Reader, ct, nil, nil)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
if !bytes.Equal(pt, message) {
fmt.Println("ecies: plaintext doesn't match message")
t.FailNow()
}
_, err = prv1.Decrypt(rand.Reader, ct, nil, nil)
if err != nil {
fmt.Println(err.Error())
t.FailNow()
}
}
type testCase struct {
Curve elliptic.Curve
Name string
Expected bool
Expected *ECIESParams
}
var testCases = []testCase{
{
Curve: elliptic.P256(),
Name: "P256",
Expected: true,
Expected: ECIES_AES128_SHA256,
},
{
Curve: elliptic.P384(),
Name: "P384",
Expected: true,
Expected: ECIES_AES256_SHA384,
},
{
Curve: elliptic.P521(),
Name: "P521",
Expected: true,
Expected: ECIES_AES256_SHA512,
},
}
@ -519,10 +353,10 @@ func TestParamSelection(t *testing.T) {
func testParamSelection(t *testing.T, c testCase) {
params := ParamsFromCurve(c.Curve)
if params == nil && c.Expected {
if params == nil && c.Expected != nil {
fmt.Printf("%s (%s)\n", ErrInvalidParams.Error(), c.Name)
t.FailNow()
} else if params != nil && !c.Expected {
} else if params != nil && !cmpParams(params, c.Expected) {
fmt.Printf("ecies: parameters should be invalid (%s)\n",
c.Name)
t.FailNow()

93
crypto/ecies/params.go
Unescape View File

@ -114,97 +114,4 @@ func AddParamsForCurve(curve elliptic.Curve, params *ECIESParams) {
// Only the curves P256, P384, and P512 are supported.
func ParamsFromCurve(curve elliptic.Curve) (params *ECIESParams) {
return paramsFromCurve[curve]
/*
switch curve {
case elliptic.P256():
return ECIES_AES128_SHA256
case elliptic.P384():
return ECIES_AES256_SHA384
case elliptic.P521():
return ECIES_AES256_SHA512
default:
return nil
}
*/
}
// ASN.1 encode the ECIES parameters relevant to the encryption operations.
func paramsToASNECIES(params *ECIESParams) (asnParams asnECIESParameters) {
if nil == params {
return
}
asnParams.KDF = asnNISTConcatenationKDF
asnParams.MAC = hmacFull
switch params.KeyLen {
case 16:
asnParams.Sym = aes128CTRinECIES
case 24:
asnParams.Sym = aes192CTRinECIES
case 32:
asnParams.Sym = aes256CTRinECIES
}
return
}
// ASN.1 encode the ECIES parameters relevant to ECDH.
func paramsToASNECDH(params *ECIESParams) (algo asnECDHAlgorithm) {
switch params.hashAlgo {
case crypto.SHA224:
algo = dhSinglePass_stdDH_sha224kdf
case crypto.SHA256:
algo = dhSinglePass_stdDH_sha256kdf
case crypto.SHA384:
algo = dhSinglePass_stdDH_sha384kdf
case crypto.SHA512:
algo = dhSinglePass_stdDH_sha512kdf
}
return
}
// ASN.1 decode the ECIES parameters relevant to the encryption stage.
func asnECIEStoParams(asnParams asnECIESParameters, params *ECIESParams) {
if !asnParams.KDF.Cmp(asnNISTConcatenationKDF) {
params = nil
return
} else if !asnParams.MAC.Cmp(hmacFull) {
params = nil
return
}
switch {
case asnParams.Sym.Cmp(aes128CTRinECIES):
params.KeyLen = 16
params.BlockSize = 16
params.Cipher = aes.NewCipher
case asnParams.Sym.Cmp(aes192CTRinECIES):
params.KeyLen = 24
params.BlockSize = 16
params.Cipher = aes.NewCipher
case asnParams.Sym.Cmp(aes256CTRinECIES):
params.KeyLen = 32
params.BlockSize = 16
params.Cipher = aes.NewCipher
default:
params = nil
}
}
// ASN.1 decode the ECIES parameters relevant to ECDH.
func asnECDHtoParams(asnParams asnECDHAlgorithm, params *ECIESParams) {
if asnParams.Cmp(dhSinglePass_stdDH_sha224kdf) {
params.hashAlgo = crypto.SHA224
params.Hash = sha256.New224
} else if asnParams.Cmp(dhSinglePass_stdDH_sha256kdf) {
params.hashAlgo = crypto.SHA256
params.Hash = sha256.New
} else if asnParams.Cmp(dhSinglePass_stdDH_sha384kdf) {
params.hashAlgo = crypto.SHA384
params.Hash = sha512.New384
} else if asnParams.Cmp(dhSinglePass_stdDH_sha512kdf) {
params.hashAlgo = crypto.SHA512
params.Hash = sha512.New
} else {
params = nil
}
}

5
crypto/sha3/sha3.go
Unescape View File

@ -42,9 +42,8 @@ type state struct {
storage [maxRate]byte
// Specific to SHA-3 and SHAKE.
fixedOutput bool // whether this is a fixed-output-length instance
outputLen int // the default output size in bytes
state spongeDirection // whether the sponge is absorbing or squeezing
outputLen int // the default output size in bytes
state spongeDirection // whether the sponge is absorbing or squeezing
}
// BlockSize returns the rate of sponge underlying this hash function.

11
crypto/sha3/sha3_test.go
Unescape View File

@ -53,15 +53,6 @@ var testShakes = map[string]func() ShakeHash{
"SHAKE256": NewShake256,
}
// decodeHex converts a hex-encoded string into a raw byte string.
func decodeHex(s string) []byte {
b, err := hex.DecodeString(s)
if err != nil {
panic(err)
}
return b
}
// structs used to marshal JSON test-cases.
type KeccakKats struct {
Kats map[string][]struct {
@ -125,7 +116,7 @@ func TestKeccakKats(t *testing.T) {
// TestUnalignedWrite tests that writing data in an arbitrary pattern with
// small input buffers.
func testUnalignedWrite(t *testing.T) {
func TestUnalignedWrite(t *testing.T) {
testUnalignedAndGeneric(t, func(impl string) {
buf := sequentialBytes(0x10000)
for alg, df := range testDigests {

Write Preview
Loading…
Cancel
Save