Skip to content

Commit

Permalink
Merge pull request #1385 from microsoft/dev/qmuntal/azl3-nogetrnd
Browse files Browse the repository at this point in the history
Fix testKeyBasics and testEverything
  • Loading branch information
karianna authored Nov 5, 2024
2 parents e3223ed + 671783f commit 9431c26
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 38 deletions.
30 changes: 27 additions & 3 deletions patches/0002-Add-crypto-backend-foundation.patch
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ Subject: [PATCH] Add crypto backend foundation
src/crypto/rsa/pkcs1v15_test.go | 5 +
src/crypto/rsa/pss.go | 8 +-
src/crypto/rsa/rsa.go | 21 +-
src/crypto/rsa/rsa_test.go | 2 +-
src/crypto/rsa/rsa_test.go | 12 +-
src/crypto/sha1/sha1.go | 2 +-
src/crypto/sha1/sha1_test.go | 12 +-
src/crypto/sha256/sha256.go | 6 +-
Expand All @@ -59,7 +59,7 @@ Subject: [PATCH] Add crypto backend foundation
src/hash/notboring_test.go | 5 +
src/net/smtp/smtp_test.go | 72 ++++---
src/runtime/runtime_boring.go | 5 +
55 files changed, 873 insertions(+), 106 deletions(-)
55 files changed, 883 insertions(+), 106 deletions(-)
create mode 100644 src/crypto/ed25519/boring.go
create mode 100644 src/crypto/ed25519/notboring.go
create mode 100644 src/crypto/internal/backend/backend_test.go
Expand Down Expand Up @@ -1258,7 +1258,7 @@ index 4d78d1eaaa6be0..a016c4f8362cf5 100644
if err != nil {
return nil, err
diff --git a/src/crypto/rsa/rsa_test.go b/src/crypto/rsa/rsa_test.go
index 2afa045a3a0bd2..86466e67e87eeb 100644
index 2afa045a3a0bd2..c6294694521c69 100644
--- a/src/crypto/rsa/rsa_test.go
+++ b/src/crypto/rsa/rsa_test.go
@@ -8,7 +8,7 @@ import (
Expand All @@ -1270,6 +1270,30 @@ index 2afa045a3a0bd2..86466e67e87eeb 100644
"crypto/rand"
. "crypto/rsa"
"crypto/sha1"
@@ -113,6 +113,11 @@ func testKeyBasics(t *testing.T, priv *PrivateKey) {
if priv.D.Cmp(priv.N) > 0 {
t.Errorf("private exponent too large")
}
+ if boring.Enabled && priv.N.BitLen() < 512 {
+ // Some crypto backends (e.g. CNG and OpenSSL with SymCrypt) don't support key sizes
+ // lower than 512 and intentionally fail rather than fall back to Go crypto.
+ t.Skip("skipping allocations test with BoringCrypto")
+ }

msg := []byte("hi!")
enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg)
@@ -187,6 +192,11 @@ func testEverything(t *testing.T, priv *PrivateKey) {
if err := priv.Validate(); err != nil {
t.Errorf("Validate() failed: %s", err)
}
+ if boring.Enabled && priv.N.BitLen() < 512 {
+ // Some crypto backends (e.g. CNG and OpenSSL with SymCrypt) don't support key sizes
+ // lower than 512 and intentionally fail rather than fall back to Go crypto.
+ t.Skip("skipping allocations test with BoringCrypto")
+ }

msg := []byte("test")
enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg)
diff --git a/src/crypto/sha1/sha1.go b/src/crypto/sha1/sha1.go
index 8189d1946d8ea5..8f5f7f27f26fea 100644
--- a/src/crypto/sha1/sha1.go
Expand Down
36 changes: 1 addition & 35 deletions patches/0005-Add-CNG-crypto-backend.patch
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@ Subject: [PATCH] Add CNG crypto backend
src/crypto/rsa/notboring.go | 2 +-
src/crypto/rsa/pss.go | 2 +-
src/crypto/rsa/pss_test.go | 2 +-
src/crypto/rsa/rsa_test.go | 8 +-
src/crypto/tls/boring.go | 2 +-
src/crypto/tls/boring_test.go | 2 +-
src/crypto/tls/fipsonly/fipsonly.go | 2 +-
Expand All @@ -42,7 +41,7 @@ Subject: [PATCH] Add CNG crypto backend
.../goexperiment/exp_cngcrypto_off.go | 9 +
src/internal/goexperiment/exp_cngcrypto_on.go | 9 +
src/internal/goexperiment/flags.go | 1 +
38 files changed, 392 insertions(+), 28 deletions(-)
37 files changed, 385 insertions(+), 27 deletions(-)
create mode 100644 src/crypto/ecdsa/badlinkname.go
create mode 100644 src/crypto/internal/backend/bbig/big_cng.go
create mode 100644 src/crypto/internal/backend/cng_windows.go
Expand Down Expand Up @@ -588,39 +587,6 @@ index 637d07e18cff2e..21435b86b52dad 100644
if err != nil {
t.Fatal(err)
}
diff --git a/src/crypto/rsa/rsa_test.go b/src/crypto/rsa/rsa_test.go
index dbcc1bec58bd46..b1e9d8e94c2c9e 100644
--- a/src/crypto/rsa/rsa_test.go
+++ b/src/crypto/rsa/rsa_test.go
@@ -17,6 +17,7 @@ import (
"encoding/pem"
"flag"
"fmt"
+ "internal/goexperiment"
"internal/testenv"
"math/big"
"strings"
@@ -113,6 +114,9 @@ func testKeyBasics(t *testing.T, priv *PrivateKey) {
if priv.D.Cmp(priv.N) > 0 {
t.Errorf("private exponent too large")
}
+ if goexperiment.CNGCrypto && priv.N.BitLen() < 512 {
+ t.Skip("CNGCrypto does not support key sizes lower than 512 and intentionally fails rather than fall back to Go crypto")
+ }

msg := []byte("hi!")
enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg)
@@ -187,7 +191,9 @@ func testEverything(t *testing.T, priv *PrivateKey) {
if err := priv.Validate(); err != nil {
t.Errorf("Validate() failed: %s", err)
}
-
+ if goexperiment.CNGCrypto && priv.N.BitLen() < 512 {
+ t.Skip("CNGCrypto does not support key sizes lower than 512 and intentionally fails rather than fall back to Go crypto")
+ }
msg := []byte("test")
enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg)
if err == ErrMessageTooLong {
diff --git a/src/crypto/tls/boring.go b/src/crypto/tls/boring.go
index 698efc6751e12c..575d51b02298c8 100644
--- a/src/crypto/tls/boring.go
Expand Down

0 comments on commit 9431c26

Please sign in to comment.