idk/Go_I2p
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

verify su3 RSA signatures

Browse Source
This commit is contained in:
apeace
2022-07-29 00:40:48 -04:00
parent feef6e6bbf
commit 403ef30119
4 changed files with 493 additions and 289 deletions
Download Patch File Download Diff File Expand all files Collapse all files

544
lib/su3/su3_test.go
View File

@@ -2,6 +2,13 @@ package su3
import (
"bytes"
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"crypto/x509"
"encoding/binary"
"encoding/pem"
"fmt"
"github.com/stretchr/testify/assert"
"io"
@@ -34,9 +41,53 @@ func appendBytes(b ...[]byte) []byte {
return out
}
func fileRSAPubKey(t *testing.T, filename string) *rsa.PublicKey {
b := fileBytes(t, filename)
block, _ := pem.Decode(b)
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
t.Fatalf("cannot parse certificate file %s: %s", filename, err)
}
var pubKey *rsa.PublicKey
if k, ok := cert.PublicKey.(*rsa.PublicKey); !ok {
t.Fatalf("expected rsa.PublicKey from file %s", filename)
} else {
pubKey = k
}
return pubKey
}
func genRSAKey(t *testing.T) *rsa.PrivateKey {
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
t.Fatalf("cannot generate RSA key: %s", err)
}
return privateKey
}
func TestRead(t *testing.T) {
// Test data.
apeaceKey := genRSAKey(t)
apeaceContent := []byte("apeace rules")
apeaceContentLength := make([]byte, 8)
binary.BigEndian.PutUint64(apeaceContentLength, uint64(len(apeaceContent)))
apeaceHash := sha256.New()
_, err := apeaceHash.Write(apeaceContent)
assert.Nil(t, err, "cannot hash content")
apeaceSum := apeaceHash.Sum(nil)
apeaceSignature, err := rsa.SignPSS(rand.Reader, apeaceKey, crypto.SHA256, apeaceSum, nil)
assert.Nil(t, err, "cannot sign content")
apeaceSignatureLength := make([]byte, 2)
binary.BigEndian.PutUint16(apeaceSignatureLength, uint16(len(apeaceSignature)))
apeaceWrongKey := genRSAKey(t)
apeaceInvalidSignature, err := rsa.SignPSS(rand.Reader, apeaceWrongKey, crypto.SHA256, apeaceSum, nil)
assert.Nil(t, err, "cannot sign content")
apeaceInvalidSignatureLength := make([]byte, 2)
binary.BigEndian.PutUint16(apeaceInvalidSignatureLength, uint16(len(apeaceInvalidSignature)))
tests := []struct {
name string
skip bool
reader io.Reader
key interface{}
wantErr string
@@ -91,14 +142,14 @@ func TestRead(t *testing.T) {
wantErr: ErrMissingSignatureType.Error(),
},
{
name: "invalid_signature_type",
name: "unsupported_signature_type",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x99, 0x99}, // Invalid signature type
[]byte{0x99, 0x99}, // Unsupported signature type
)),
wantErr: ErrMissingSignatureType.Error(),
wantErr: ErrUnsupportedSignatureType.Error(),
},
{
name: "missing_signature_length",
@@ -106,254 +157,254 @@ func TestRead(t *testing.T) {
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
)),
wantErr: ErrMissingSignatureLength.Error(),
},
{
name: "missing_unused_byte_12",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
)),
wantErr: ErrMissingUnusedByte12.Error(),
},
{
name: "missing_version_length",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
)),
wantErr: ErrMissingVersionLength.Error(),
},
{
name: "version_too_short",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x01}, // Version length 1
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x01}, // Version length 1
)),
wantErr: ErrVersionTooShort.Error(),
},
{
name: "missing_unused_byte_14",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
)),
wantErr: ErrMissingUnusedByte14.Error(),
},
{
name: "missing_signer_length",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
)),
wantErr: ErrMissingSignerIDLength.Error(),
},
{
name: "missing_content_length",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
)),
wantErr: ErrMissingContentLength.Error(),
},
{
name: "missing_unused_byte_24",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
)),
wantErr: ErrMissingUnusedByte24.Error(),
},
{
name: "missing_file_type",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
)),
wantErr: ErrMissingFileType.Error(),
},
{
name: "invalid_file_type",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x99}, // Invalid file type
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x99}, // Invalid file type
)),
wantErr: ErrMissingFileType.Error(),
},
{
name: "missing_unused_byte_26",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
)),
wantErr: ErrMissingUnusedByte26.Error(),
},
{
name: "missing_content_type",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
)),
wantErr: ErrMissingContentType.Error(),
},
{
name: "invalid_content_type",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x99}, // Invalid content type
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x99}, // Invalid content type
)),
wantErr: ErrMissingContentType.Error(),
},
{
name: "missing_unused_bytes_28-39",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
)),
wantErr: ErrMissingUnusedBytes28To39.Error(),
},
{
name: "partial_unused_bytes_28-39",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte{0x00, 0x00}, // Partial unused bytes 28-39
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte{0x00, 0x00}, // Partial unused bytes 28-39
)),
wantErr: ErrMissingUnusedBytes28To39.Error(),
},
{
name: "missing_version",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, // Unused bytes 28-39
)),
wantErr: ErrMissingVersion.Error(),
@@ -361,20 +412,20 @@ func TestRead(t *testing.T) {
{
name: "missing_signer_ID",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, // Unused bytes 28-39
appendBytes([]byte("1234567890"), []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}), // Version with padding
)),
@@ -383,20 +434,20 @@ func TestRead(t *testing.T) {
{
name: "missing_content",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, // Unused bytes 28-39
appendBytes([]byte("1234567890"), []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}), // Version with padding
[]byte("apeace"), // Signer ID
@@ -406,67 +457,96 @@ func TestRead(t *testing.T) {
{
name: "missing_signature",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, // Unused bytes 28-39
appendBytes([]byte("1234567890"), []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}), // Version with padding
[]byte("apeace"), // Signer ID
apeaceContent, // Content
)),
key: &apeaceKey.PublicKey,
wantErr: ErrMissingSignature.Error(),
},
{
name: "invalid_signature",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceInvalidSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, // Unused bytes 28-39
appendBytes([]byte("1234567890"), []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}), // Version with padding
[]byte("apeace"), // Signer ID
[]byte("apeace rules"), // Content
apeaceContent, // Content
apeaceInvalidSignature, // Invalid signature
)),
wantErr: ErrMissingSignature.Error(),
key: &apeaceKey.PublicKey,
wantErr: ErrInvalidSignature.Error(),
},
{
name: "apeace_rules",
reader: bytes.NewReader(appendBytes(
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x03}, // Signature type ECDSA_SHA512_P521
[]byte{0x00, 0x01}, // Signature length 1 byte
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c}, // Content length 12
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte("I2Psu3"), // Magic bytes
[]byte{0x00}, // Unused byte 6
[]byte{0x00}, // File format
[]byte{0x00, 0x04}, // Signature type RSA_SHA256_2048
apeaceSignatureLength, // Signature length
[]byte{0x00}, // Unused byte 12
[]byte{0x10}, // Version length 16
[]byte{0x00}, // Unused byte 14
[]byte{0x06}, // Signer ID length 6
apeaceContentLength, // Content length
[]byte{0x00}, // Unused byte 24
[]byte{0x02}, // File type HTML
[]byte{0x00}, // Unused byte 26
[]byte{0x00}, // Content type unknown
[]byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, // Unused bytes 28-39
appendBytes([]byte("1234567890"), []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}), // Version with padding
[]byte("apeace"), // Signer ID
[]byte("apeace rules"), // Content
[]byte{0x99}, // Signature
[]byte("apeace"), // Signer ID
apeaceContent, // Content
apeaceSignature, // Signature
)),
key: nil,
key: &apeaceKey.PublicKey,
wantSU3: &SU3{
SignatureType: ECDSA_SHA512_P521,
SignatureLength: 1,
ContentLength: 12,
SignatureType: RSA_SHA256_2048,
SignatureLength: uint16(len(apeaceSignature)),
ContentLength: uint64(len(apeaceContent)),
FileType: HTML,
ContentType: UNKNOWN,
Version: "1234567890",
SignerID: "apeace",
},
wantContent: []byte("apeace rules"),
wantSignature: []byte{0x99},
wantContent: apeaceContent,
wantSignature: apeaceSignature,
},
{
// Skipping this for now, as the signature doesn't seem to match.
name: "reseed-i2pgit.su3",
skip: true,
reader: fileReader(t, "testdata/reseed-i2pgit.su3"),
key: nil,
key: fileRSAPubKey(t, "./testdata/hankhill19580_at_gmail.com.crt"),
wantSU3: &SU3{
SignatureType: RSA_SHA512_4096,
SignatureLength: 512,
@@ -483,6 +563,9 @@ func TestRead(t *testing.T) {
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
if test.skip {
t.Skip()
}
su3, err := Read(test.reader)
var content, signature []byte
if err == nil {
@@ -513,6 +596,9 @@ func TestRead(t *testing.T) {
}
func TestReadSignatureFirst(t *testing.T) {
// Skipping this for now, since the signature doesn't seem to match.
t.Skip()
assert := assert.New(t)
reader := fileReader(t, "testdata/reseed-i2pgit.su3")