From d50ea9bc1f736cf10925ab26a2810b1bec917fe4 Mon Sep 17 00:00:00 2001 From: Cole Brown Date: Wed, 28 Aug 2019 11:34:22 -0400 Subject: [PATCH] Ensure all tests pass without weak RSA key flag --- crypto/key_test.go | 8 +++++-- crypto/rsa_test.go | 6 +++--- peer/peer_test.go | 40 +++++++++++++++++++++++------------ sec/insecure/insecure_test.go | 2 +- 4 files changed, 37 insertions(+), 19 deletions(-) diff --git a/crypto/key_test.go b/crypto/key_test.go index 0134274..05e66ed 100644 --- a/crypto/key_test.go +++ b/crypto/key_test.go @@ -17,7 +17,11 @@ func TestKeys(t *testing.T) { } func testKeyType(typ int, t *testing.T) { - sk, pk, err := test.RandTestKeyPair(typ, 512) + bits := 512 + if typ == RSA { + bits = 2048 + } + sk, pk, err := test.RandTestKeyPair(typ, bits) if err != nil { t.Fatal(err) } @@ -115,7 +119,7 @@ func testKeyEquals(t *testing.T, k Key) { // t.Fatal("Key not equal to key with same bytes.") // } - sk, pk, err := test.RandTestKeyPair(RSA, 512) + sk, pk, err := test.RandTestKeyPair(RSA, 2048) if err != nil { t.Fatal(err) } diff --git a/crypto/rsa_test.go b/crypto/rsa_test.go index 7ee520a..08db136 100644 --- a/crypto/rsa_test.go +++ b/crypto/rsa_test.go @@ -6,7 +6,7 @@ import ( ) func TestRSABasicSignAndVerify(t *testing.T) { - priv, pub, err := GenerateRSAKeyPair(512, rand.Reader) + priv, pub, err := GenerateRSAKeyPair(2048, rand.Reader) if err != nil { t.Fatal(err) } @@ -47,7 +47,7 @@ func TestRSASmallKey(t *testing.T) { } func TestRSASignZero(t *testing.T) { - priv, pub, err := GenerateRSAKeyPair(512, rand.Reader) + priv, pub, err := GenerateRSAKeyPair(2048, rand.Reader) if err != nil { t.Fatal(err) } @@ -68,7 +68,7 @@ func TestRSASignZero(t *testing.T) { } func TestRSAMarshalLoop(t *testing.T) { - priv, pub, err := GenerateRSAKeyPair(512, rand.Reader) + priv, pub, err := GenerateRSAKeyPair(2048, rand.Reader) if err != nil { t.Fatal(err) } diff --git a/peer/peer_test.go b/peer/peer_test.go index 41f323d..757f085 100644 --- a/peer/peer_test.go +++ b/peer/peer_test.go @@ -47,7 +47,7 @@ type keyset struct { func (ks *keyset) generate() error { var err error - ks.sk, ks.pk, err = test.RandTestKeyPair(ic.RSA, 512) + ks.sk, ks.pk, err = test.RandTestKeyPair(ic.RSA, 2048) if err != nil { return err } @@ -226,17 +226,31 @@ func TestValidate(t *testing.T) { } } -var hpkpMan = `QmRK3JgmVEGiewxWbhpXLJyjWuGuLeSTMTndA1coMHEy5o` +var hpkpMan = `QmcJeseojbPW9hSejUM1sQ1a2QmbrryPK4Z8pWbRUPaYEn` var skManBytes = ` -CAAS4AQwggJcAgEAAoGBAL7w+Wc4VhZhCdM/+Hccg5Nrf4q9NXWwJylbSrXz/unFS24wyk6pEk0zi3W -7li+vSNVO+NtJQw9qGNAMtQKjVTP+3Vt/jfQRnQM3s6awojtjueEWuLYVt62z7mofOhCtj+VwIdZNBo -/EkLZ0ETfcvN5LVtLYa8JkXybnOPsLvK+PAgMBAAECgYBdk09HDM7zzL657uHfzfOVrdslrTCj6p5mo -DzvCxLkkjIzYGnlPuqfNyGjozkpSWgSUc+X+EGLLl3WqEOVdWJtbM61fewEHlRTM5JzScvwrJ39t7o6 -CCAjKA0cBWBd6UWgbN/t53RoWvh9HrA2AW5YrT0ZiAgKe9y7EMUaENVJ8QJBAPhpdmb4ZL4Fkm4OKia -NEcjzn6mGTlZtef7K/0oRC9+2JkQnCuf6HBpaRhJoCJYg7DW8ZY+AV6xClKrgjBOfERMCQQDExhnzu2 -dsQ9k8QChBlpHO0TRbZBiQfC70oU31kM1AeLseZRmrxv9Yxzdl8D693NNWS2JbKOXl0kMHHcuGQLMVA -kBZ7WvkmPV3aPL6jnwp2pXepntdVnaTiSxJ1dkXShZ/VSSDNZMYKY306EtHrIu3NZHtXhdyHKcggDXr -qkBrdgErAkAlpGPojUwemOggr4FD8sLX1ot2hDJyyV7OK2FXfajWEYJyMRL1Gm9Uk1+Un53RAkJneqp -JGAzKpyttXBTIDO51AkEA98KTiROMnnU8Y6Mgcvr68/SMIsvCYMt9/mtwSBGgl80VaTQ5Hpaktl6Xbh -VUt5Wv0tRxlXZiViCGCD1EtrrwTw== +CAASqAkwggSkAgEAAoIBAQC3hjPtPli71gFNzGJ6rUhYdb65BDwW7IrniEaZKi6z +tW4Iz0MouEJY8GPG1iQfqZKp5w9H2ENh4I1bk2dsezrJ7Nneg4Eqd78CmeHTAgaP +3PKsxohdMo/TOFNxwl8SkEF8FyVbio2TCoijYNHUuprZuq7MPEAJYr3Z1eEkM/xR +pMp3YI9S2SYsZQxbmmQ0/GfHOEvYajdow1qttreVTQkvmCppKtNLEU5InpX/W5fe +aQCj0pd7l74daZgM2WWz3juEUCVG7tdRUPg7ix1TYosbN96CKC3q2MJxe/wJ9gR5 +Jvjnaaaoon+mci5vrKzxdKBDmZ/ZbLiHDfVljMkbdOQLAgMBAAECggEAEULaF3JJ +vkD+lmamzIsHxuosKhKv5CgTWHuEyFsjUVu7IbD8zBOoidzyRX1WoHO+i6Rj14oL +rGUGZpqSm61rdhqE01zjBS+GE6SNjN8f5uANIxr5MGrVBDTEBGsXrhNLVXSH2vhJ +II9ZEqTEl5GFhvz7+9Ge5EMZQCfRqSoKjVMdrs+Rueuusr9p0wNg9PH1myA+cXGt +iNZA17Rj2IiWVZLDgYNo4DVQUt4mFb+wTJW4NSspGKaFebpn0hf4z21laoGoJqTC +cNETJw+QwQ0uDaRoYotTLT2/55e8XBFTdcTg5cmbZoKgMyGqZEHfRyD9reVDAZlM +EZwKtrm41kz94QKBgQDmPp5zVtFXQNONmje1NE0IjCaUKcqURXk4ZiILztfT9XLC +OXAUCs3TCq21jirCkZZ6gLfo12Wx0xJYmsKlaUOGNTa8FI5Xa7OyheYKixUvV6FW +J95P/sNuWscTjh7oZHgZk/L3yKrNzNBz7awComwV6qciXW7EP1uACHf5fS/RdQKB +gQDMDa38W9OeegRDrhCeYGsniJK7btOCzhNooruQKPPXxk+O4dyJm7VBbC/3Ch55 +a83W66T4k0Q7ysLVRT5Vqd5z3AM0sEM3ZoxUKCinG3NwPxVeXcoLasyEiq1vOFK6 +GqZKCMThCj7ZpbkWy0DPJagnYfZGC62lammuj+XQx7mvfwKBgQCTKhka/bXmgD/3 +9UeAIcLPIM2TzDZ4mQNHIjjGtVnMV8kXDaFung06xEuNjSYVoPq+qEFkqTCN/axv +R9P76BFJ2f93LehhRizggacsvAM5dFhh+i+lj+AYTBuMiz2EKpt9NcyJxhAuZKgk +QRi9wlU1mPtlArVG6HwylLcil3qV9QKBgQDJHtaU/KEY+2TGnIMuxxP2lEsjyLla +nOlOYc8C6Qpma8UwrHelfj5p7Eteb6/Xt6Tbp8kjZGuFj3T3plcpMdPbWEgkn3Kw +4TeBH0/qXUkrolHagBDLrglEvjbxf48ydV/fasM6l9GYzhofWFhZk+EoaArHwWz2 +tGrTrmsynBjt2wKBgErdYe+zZ2Wo+wXQGAoZi4pfcwiw4a97Kdh0dx+WZz7acHms +h+V20VRmEHm5h8WnJ/Wv5uK94t6NY17wzjQ7y2BN5mY5cA2cZAcpeqtv/N06tH4S +cn1UEuRB8VpwkjaPUNZhqtYK40qff2OTdJy8taFtQiN7fz9euWTC78zjph2s ` diff --git a/sec/insecure/insecure_test.go b/sec/insecure/insecure_test.go index a8b86f1..311cf4e 100644 --- a/sec/insecure/insecure_test.go +++ b/sec/insecure/insecure_test.go @@ -14,7 +14,7 @@ import ( // Run a set of sessions through the session setup and verification. func TestConnections(t *testing.T) { - clientTpt := newTestTransport(t, ci.RSA, 1024) + clientTpt := newTestTransport(t, ci.RSA, 2048) serverTpt := newTestTransport(t, ci.Ed25519, 1024) testConnection(t, clientTpt, serverTpt)