src - OpenBSD base system

diff options


context:
space:
mode:

author	Theo Buehler <tb@cvs.openbsd.org>	2023-11-07 16:46:13 +0000
committer	Theo Buehler <tb@cvs.openbsd.org>	2023-11-07 16:46:13 +0000
commit	4fc344aa5ce13985bdb95724d59e56569fd97641 (patch)
tree	cb9daeea8e2a8b5eae082e58abb3718309c4153b /regress
parent	5c3433080c376e2b3a9d2a2243d0d3c5e118919f (diff)

Wrap hex.DecodeString() into mustDecodeHexString()

The hex decoding is only done from the JSON files provided by the wycheproof-testvectors package. Failure is always fatal. So there is no need for repeated error checks, and we can use an ergonomic wrapper. Also rework the calculation of the message digest from input data this had a similar deficit. All in all this shaves off about 10% of the code and removes a lot of tedious repetition.

Diffstat (limited to 'regress')

-rw-r--r--

regress/lib/libcrypto/wycheproof/wycheproof.go

468

1 files changed, 78 insertions, 390 deletions

diff --git a/regress/lib/libcrypto/wycheproof/wycheproof.go b/regress/lib/libcrypto/wycheproof/wycheproof.go
index 6f33fe56c6a..dea2f2e5f8b 100644
--- a/regress/lib/libcrypto/wycheproof/wycheproof.go
+++ b/regress/lib/libcrypto/wycheproof/wycheproof.go

@@ -1,4 +1,4 @@

-/* $OpenBSD: wycheproof.go,v 1.154 2023/11/07 16:37:02 tb Exp $ */

+/* $OpenBSD: wycheproof.go,v 1.155 2023/11/07 16:46:12 tb Exp $ */

@@ -709,24 +709,33 @@ func aeadAes(size int) (*C.EVP_AEAD, error) {

return nil, fmt.Errorf("invalid key size: %d", size)

}

-func hashEvpDigestMessage(md *C.EVP_MD, msg []byte) ([]byte, int, error) {

+func mustHashHexMessage(md *C.EVP_MD, message string) ([]byte, int) {

size := C.EVP_MD_size(md)

if size <= 0 || size > C.EVP_MAX_MD_SIZE {

- return nil, 0, fmt.Errorf("unexpected MD size %d", size)

+ log.Fatalf("unexpected MD size %d", size)

}

- msgLen := len(msg)

- if msgLen == 0 {

- msg = append(msg, 0)

- }

+ msg, msgLen := mustDecodeHexString(message, "for hex message digest")

digest := make([]byte, size)

if C.EVP_Digest(unsafe.Pointer(&msg[0]), C.size_t(msgLen), (*C.uchar)(unsafe.Pointer(&digest[0])), nil, md, nil) != 1 {

- return nil, 0, fmt.Errorf("EVP_Digest failed")

+ log.Fatalf("EVP_Digest failed")

}

- return digest, int(size), nil

+ return digest, int(size)

+func mustDecodeHexString(str, descr string) (out []byte, outLen int) {

+ out, err := hex.DecodeString(str)

+ if err != nil {

+ log.Fatalf("Failed to decode %s %q: %v", descr, str, err)

+ }

+ outLen = len(out)

+ if outLen == 0 {

+ out = append(out, 0)

+ }

+ return out, outLen

}

func checkAesCbcPkcs5(ctx *C.EVP_CIPHER_CTX, doEncrypt int, key []byte, keyLen int,

@@ -790,37 +799,10 @@ func checkAesCbcPkcs5(ctx *C.EVP_CIPHER_CTX, doEncrypt int, key []byte, keyLen i

}

func runAesCbcPkcs5Test(ctx *C.EVP_CIPHER_CTX, wt *wycheproofTestAesCbcPkcs5) bool {

- key, err := hex.DecodeString(wt.Key)

- if err != nil {

- log.Fatalf("Failed to decode key %q: %v", wt.Key, err)

- }

- iv, err := hex.DecodeString(wt.IV)

- if err != nil {

- log.Fatalf("Failed to decode IV %q: %v", wt.IV, err)

- }

- ct, err := hex.DecodeString(wt.CT)

- if err != nil {

- log.Fatalf("Failed to decode CT %q: %v", wt.CT, err)

- }

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)

- }

- keyLen, ivLen, ctLen, msgLen := len(key), len(iv), len(ct), len(msg)

- if keyLen == 0 {

- key = append(key, 0)

- }

- if ivLen == 0 {

- iv = append(iv, 0)

- }

- if ctLen == 0 {

- ct = append(ct, 0)

- }

- if msgLen == 0 {

- msg = append(msg, 0)

- }

+ key, keyLen := mustDecodeHexString(wt.Key, "key")

+ iv, ivLen := mustDecodeHexString(wt.IV, "iv")

+ ct, ctLen := mustDecodeHexString(wt.CT, "ct")

+ msg, msgLen := mustDecodeHexString(wt.Msg, "message")

openSuccess := checkAesCbcPkcs5(ctx, 0, key, keyLen, iv, ivLen, ct, ctLen, msg, msgLen, wt)

sealSuccess := checkAesCbcPkcs5(ctx, 1, key, keyLen, iv, ivLen, msg, msgLen, ct, ctLen, wt)

@@ -997,56 +979,12 @@ func checkAesAead(algorithm string, ctx *C.EVP_CIPHER_CTX, doEncrypt int,

}

func runAesAeadTest(algorithm string, ctx *C.EVP_CIPHER_CTX, aead *C.EVP_AEAD, wt *wycheproofTestAead) bool {

- key, err := hex.DecodeString(wt.Key)

- if err != nil {

- log.Fatalf("Failed to decode key %q: %v", wt.Key, err)

- }

- iv, err := hex.DecodeString(wt.IV)

- if err != nil {

- log.Fatalf("Failed to decode IV %q: %v", wt.IV, err)

- }

- aad, err := hex.DecodeString(wt.AAD)

- if err != nil {

- log.Fatalf("Failed to decode AAD %q: %v", wt.AAD, err)

- }

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode msg %q: %v", wt.Msg, err)

- }

- ct, err := hex.DecodeString(wt.CT)

- if err != nil {

- log.Fatalf("Failed to decode CT %q: %v", wt.CT, err)

- }

- tag, err := hex.DecodeString(wt.Tag)

- if err != nil {

- log.Fatalf("Failed to decode tag %q: %v", wt.Tag, err)

- }

- keyLen, ivLen, aadLen, msgLen, ctLen, tagLen := len(key), len(iv), len(aad), len(msg), len(ct), len(tag)

- if keyLen == 0 {

- key = append(key, 0)

- }

- if ivLen == 0 {

- iv = append(iv, 0)

- }

- if aadLen == 0 {

- aad = append(aad, 0)

- }

- if msgLen == 0 {

- msg = append(msg, 0)

- }

- if ctLen == 0 {

- ct = append(ct, 0)

- }

- if tagLen == 0 {

- tag = append(tag, 0)

- }

+ key, keyLen := mustDecodeHexString(wt.Key, "key")

+ iv, ivLen := mustDecodeHexString(wt.IV, "iv")

+ aad, aadLen := mustDecodeHexString(wt.AAD, "aad")

+ msg, msgLen := mustDecodeHexString(wt.Msg, "msg")

+ ct, ctLen := mustDecodeHexString(wt.CT, "CT")

+ tag, tagLen := mustDecodeHexString(wt.Tag, "tag")

openEvp := checkAesAead(algorithm, ctx, 0, key, keyLen, iv, ivLen, aad, aadLen, ct, ctLen, msg, msgLen, tag, tagLen, wt)

sealEvp := checkAesAead(algorithm, ctx, 1, key, keyLen, iv, ivLen, aad, aadLen, msg, msgLen, ct, ctLen, tag, tagLen, wt)

@@ -1110,32 +1048,9 @@ func (wtg *wycheproofTestGroupAesAead) run(algorithm string, variant testVariant

}

func runAesCmacTest(cipher *C.EVP_CIPHER, wt *wycheproofTestAesCmac) bool {

- key, err := hex.DecodeString(wt.Key)

- if err != nil {

- log.Fatalf("Failed to decode key %q: %v", wt.Key, err)

- }

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode msg %q: %v", wt.Msg, err)

- }

- tag, err := hex.DecodeString(wt.Tag)

- if err != nil {

- log.Fatalf("Failed to decode tag %q: %v", wt.Tag, err)

- }

- keyLen, msgLen, tagLen := len(key), len(msg), len(tag)

- if keyLen == 0 {

- key = append(key, 0)

- }

- if msgLen == 0 {

- msg = append(msg, 0)

- }

- if tagLen == 0 {

- tag = append(tag, 0)

- }

+ key, keyLen := mustDecodeHexString(wt.Key, "key")

+ msg, msgLen := mustDecodeHexString(wt.Msg, "msg")

+ tag, tagLen := mustDecodeHexString(wt.Tag, "tag")

mdctx := C.EVP_MD_CTX_new()

if mdctx == nil {

@@ -1291,22 +1206,13 @@ func runChaCha20Poly1305Test(algorithm string, wt *wycheproofTestAead) bool {

aead = C.EVP_aead_xchacha20_poly1305()

}

- key, err := hex.DecodeString(wt.Key)

- if err != nil {

- log.Fatalf("Failed to decode key %q: %v", wt.Key, err)

- }

- iv, err := hex.DecodeString(wt.IV)

- if err != nil {

- log.Fatalf("Failed to decode key %q: %v", wt.IV, err)

- }

- aad, err := hex.DecodeString(wt.AAD)

- if err != nil {

- log.Fatalf("Failed to decode AAD %q: %v", wt.AAD, err)

- }

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode msg %q: %v", wt.Msg, err)

- }

+ key, keyLen := mustDecodeHexString(wt.Key, "key")

+ ct, ctLen := mustDecodeHexString(wt.CT, "CT")

+ iv, ivLen := mustDecodeHexString(wt.IV, "iv")

+ aad, aadLen := mustDecodeHexString(wt.AAD, "aad")

+ msg, msgLen := mustDecodeHexString(wt.Msg, "msg")

+ // ct and tag are concatenated in checkAeadOpen(), so don't use mustDecodeHexString()

ct, err := hex.DecodeString(wt.CT)

if err != nil {

log.Fatalf("Failed to decode ct %q: %v", wt.CT, err)

@@ -1315,18 +1221,7 @@ func runChaCha20Poly1305Test(algorithm string, wt *wycheproofTestAead) bool {

if err != nil {

log.Fatalf("Failed to decode tag %q: %v", wt.Tag, err)

}

- keyLen, ivLen, aadLen, msgLen, ctLen, tagLen := len(key), len(iv), len(aad), len(msg), len(ct), len(tag)

- if ivLen == 0 {

- iv = append(iv, 0)

- }

- if aadLen == 0 {

- aad = append(aad, 0)

- }

- if msgLen == 0 {

- msg = append(msg, 0)

- }

+ ctLen, tagLen := len(ct), len(tag)

ctx := C.EVP_AEAD_CTX_new()

if ctx == nil {

@@ -1410,15 +1305,7 @@ func encodeDSAP1363Sig(wtSig string) (*C.uchar, C.int) {

}

func runDSATest(dsa *C.DSA, md *C.EVP_MD, variant testVariant, wt *wycheproofTestDSA) bool {

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)

- }

- msg, msgLen, err := hashEvpDigestMessage(md, msg)

- if err != nil {

- log.Fatalf("%v", err)

- }

+ msg, msgLen := mustHashHexMessage(md, wt.Msg)

var ret C.int

if variant == P1363 {

@@ -1432,14 +1319,7 @@ func runDSATest(dsa *C.DSA, md *C.EVP_MD, variant testVariant, wt *wycheproofTes

ret = C.DSA_verify(0, (*C.uchar)(unsafe.Pointer(&msg[0])), C.int(msgLen),

(*C.uchar)(unsafe.Pointer(cDer)), C.int(derLen), dsa)

} else {

- sig, err := hex.DecodeString(wt.Sig)

- if err != nil {

- log.Fatalf("Failed to decode signature %q: %v", wt.Sig, err)

- }

- sigLen := len(sig)

- if sigLen == 0 {

- sig = append(msg, 0)

- }

+ sig, sigLen := mustDecodeHexString(wt.Sig, "sig")

ret = C.DSA_verify(0, (*C.uchar)(unsafe.Pointer(&msg[0])), C.int(msgLen),

(*C.uchar)(unsafe.Pointer(&sig[0])), C.int(sigLen), dsa)

}

@@ -1505,15 +1385,7 @@ func (wtg *wycheproofTestGroupDSA) run(algorithm string, variant testVariant) bo

log.Fatalf("Failed to get hash: %v", err)

}

- der, err := hex.DecodeString(wtg.KeyDER)

- if err != nil {

- log.Fatalf("Failed to decode DER encoded key: %v", err)

- }

- derLen := len(der)

- if derLen == 0 {

- der = append(der, 0)

- }

+ der, derLen := mustDecodeHexString(wtg.KeyDER, "DER encoded key")

Cder := (*C.uchar)(C.malloc(C.ulong(derLen)))

if Cder == nil {

@@ -1576,15 +1448,7 @@ func runECDHTest(nid int, variant testVariant, wt *wycheproofTestECDH) bool {

return false

}

- pub, err := hex.DecodeString(wt.Public)

- if err != nil {

- log.Fatalf("Failed to decode public key: %v", err)

- }

- pubLen := len(pub)

- if pubLen == 0 {

- pub = append(pub, 0)

- }

+ pub, pubLen := mustDecodeHexString(wt.Public, "public key")

Cpub := (*C.uchar)(C.malloc(C.ulong(pubLen)))

if Cpub == nil {

@@ -1634,13 +1498,10 @@ func runECDHTest(nid int, variant testVariant, wt *wycheproofTestECDH) bool {

return false

}

- shared, err := hex.DecodeString(wt.Shared)

- if err != nil {

- log.Fatalf("Failed to decode shared secret: %v", err)

- }

+ shared, sharedLen := mustDecodeHexString(wt.Shared, "shared secret")

// XXX The shared fields of the secp224k1 test cases have a 0 byte preprended.

- if len(shared) == int(secLen)+1 && shared[0] == 0 {

+ if sharedLen == int(secLen)+1 && shared[0] == 0 {

fmt.Printf("INFO: %s - prepending 0 byte.\n", wt)

// shared = shared[1:];

zero := make([]byte, 1, secLen+1)

@@ -1750,10 +1611,7 @@ func runECDHWebCryptoTest(nid int, wt *wycheproofTestECDHWebCrypto) bool {

return false

}

- shared, err := hex.DecodeString(wt.Shared)

- if err != nil {

- log.Fatalf("Failed to decode shared secret: %v", err)

- }

+ shared, _ := mustDecodeHexString(wt.Shared, "shared secret")

success := true

if !bytes.Equal(shared, secret) {

@@ -1782,15 +1640,7 @@ func (wtg *wycheproofTestGroupECDHWebCrypto) run(algorithm string, variant testV

}

func runECDSATest(ecKey *C.EC_KEY, md *C.EVP_MD, nid int, variant testVariant, wt *wycheproofTestECDSA) bool {

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)

- }

- msg, msgLen, err := hashEvpDigestMessage(md, msg)

- if err != nil {

- log.Fatalf("%v", err)

- }

+ msg, msgLen := mustHashHexMessage(md, wt.Msg)

var ret C.int

if variant == Webcrypto || variant == P1363 {

@@ -1804,15 +1654,8 @@ func runECDSATest(ecKey *C.EC_KEY, md *C.EVP_MD, nid int, variant testVariant, w

ret = C.ECDSA_verify(0, (*C.uchar)(unsafe.Pointer(&msg[0])), C.int(msgLen),

(*C.uchar)(unsafe.Pointer(cDer)), C.int(derLen), ecKey)

} else {

- sig, err := hex.DecodeString(wt.Sig)

- if err != nil {

- log.Fatalf("Failed to decode signature %q: %v", wt.Sig, err)

- }

+ sig, sigLen := mustDecodeHexString(wt.Sig, "sig")

- sigLen := len(sig)

- if sigLen == 0 {

- sig = append(sig, 0)

- }

ret = C.ECDSA_verify(0, (*C.uchar)(unsafe.Pointer(&msg[0])), C.int(msgLen),

(*C.uchar)(unsafe.Pointer(&sig[0])), C.int(sigLen), ecKey)

}

@@ -1993,23 +1836,8 @@ func runEdDSATest(pkey *C.EVP_PKEY, wt *wycheproofTestEdDSA) bool {

log.Fatal("EVP_DigestVerifyInit failed")

}

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode Message %q: %v", wt.Msg, err)

- }

- msgLen := len(msg)

- if msgLen == 0 {

- msg = append(msg, 0)

- }

- sig, err := hex.DecodeString(wt.Sig)

- if err != nil {

- log.Fatalf("Failed to decode Signature %q: %v", wt.Sig, err)

- }

- sigLen := len(sig)

- if sigLen == 0 {

- sig = append(sig, 0)

- }

+ msg, msgLen := mustDecodeHexString(wt.Msg, "msg")

+ sig, sigLen := mustDecodeHexString(wt.Sig, "sig")

ret := C.EVP_DigestVerify(mdctx, (*C.uchar)(unsafe.Pointer(&sig[0])), (C.size_t)(sigLen), (*C.uchar)(unsafe.Pointer(&msg[0])), (C.size_t)(msgLen))

@@ -2029,12 +1857,9 @@ func (wtg *wycheproofTestGroupEdDSA) run(algorithm string, variant testVariant)

return false

}

- pubKey, err := hex.DecodeString(wtg.Key.Pk)

- if err != nil {

- log.Fatalf("Failed to decode Pubkey %q: %v", wtg.Key.Pk, err)

- }

+ pubKey, pubKeyLen := mustDecodeHexString(wtg.Key.Pk, "pubkey")

- pkey := C.EVP_PKEY_new_raw_public_key(C.EVP_PKEY_ED25519, nil, (*C.uchar)(unsafe.Pointer(&pubKey[0])), (C.size_t)(len(pubKey)))

+ pkey := C.EVP_PKEY_new_raw_public_key(C.EVP_PKEY_ED25519, nil, (*C.uchar)(unsafe.Pointer(&pubKey[0])), (C.size_t)(pubKeyLen))

if pkey == nil {

log.Fatal("EVP_PKEY_new_raw_public_key failed")

}

@@ -2050,29 +1875,9 @@ func (wtg *wycheproofTestGroupEdDSA) run(algorithm string, variant testVariant)

}

func runHkdfTest(md *C.EVP_MD, wt *wycheproofTestHkdf) bool {

- ikm, err := hex.DecodeString(wt.Ikm)

- if err != nil {

- log.Fatalf("Failed to decode ikm %q: %v", wt.Ikm, err)

- }

- salt, err := hex.DecodeString(wt.Salt)

- if err != nil {

- log.Fatalf("Failed to decode salt %q: %v", wt.Salt, err)

- }

- info, err := hex.DecodeString(wt.Info)

- if err != nil {

- log.Fatalf("Failed to decode info %q: %v", wt.Info, err)

- }

- ikmLen, saltLen, infoLen := len(ikm), len(salt), len(info)

- if ikmLen == 0 {

- ikm = append(ikm, 0)

- }

- if saltLen == 0 {

- salt = append(salt, 0)

- }

- if infoLen == 0 {

- info = append(info, 0)

- }

+ ikm, ikmLen := mustDecodeHexString(wt.Ikm, "ikm")

+ salt, saltLen := mustDecodeHexString(wt.Salt, "salt")

+ info, infoLen := mustDecodeHexString(wt.Info, "info")

outLen := wt.Size

out := make([]byte, outLen)

@@ -2120,10 +1925,7 @@ func runHkdfTest(md *C.EVP_MD, wt *wycheproofTestHkdf) bool {

return success

}

- okm, err := hex.DecodeString(wt.Okm)

- if err != nil {

- log.Fatalf("Failed to decode okm %q: %v", wt.Okm, err)

- }

+ okm, _ := mustDecodeHexString(wt.Okm, "okm")

if !bytes.Equal(out[:outLen], okm) {

fmt.Printf("FAIL: %s - expected and computed output don't match.\n", wt)

}

@@ -2148,25 +1950,8 @@ func (wtg *wycheproofTestGroupHkdf) run(algorithm string, variant testVariant) b

}

func runHmacTest(md *C.EVP_MD, tagBytes int, wt *wycheproofTestHmac) bool {

- key, err := hex.DecodeString(wt.Key)

- if err != nil {

- log.Fatalf("failed to decode key %q: %v", wt.Key, err)

- }

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("failed to decode msg %q: %v", wt.Msg, err)

- }

- keyLen, msgLen := len(key), len(msg)

- if keyLen == 0 {

- key = append(key, 0)

- }

- if msgLen == 0 {

- msg = append(msg, 0)

- }

+ key, keyLen := mustDecodeHexString(wt.Key, "key")

+ msg, msgLen := mustDecodeHexString(wt.Msg, "msg")

got := make([]byte, C.EVP_MAX_MD_SIZE)

var gotLen C.uint

@@ -2187,11 +1972,7 @@ func runHmacTest(md *C.EVP_MD, tagBytes int, wt *wycheproofTestHmac) bool {

return false

}

- tag, err := hex.DecodeString(wt.Tag)

- if err != nil {

- log.Fatalf("failed to decode tag %q: %v", wt.Tag, err)

- }

+ tag, _ := mustDecodeHexString(wt.Tag, "tag")

success = bytes.Equal(got[:tagBytes], tag) == (wt.Result == "valid")

if !success {

@@ -2279,30 +2060,9 @@ func runKWTestUnWrap(keySize int, key []byte, keyLen int, msg []byte, msgLen int

}

func runKWTest(keySize int, wt *wycheproofTestKW) bool {

- key, err := hex.DecodeString(wt.Key)

- if err != nil {

- log.Fatalf("Failed to decode key %q: %v", wt.Key, err)

- }

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode msg %q: %v", wt.Msg, err)

- }

- ct, err := hex.DecodeString(wt.CT)

- if err != nil {

- log.Fatalf("Failed to decode ct %q: %v", wt.CT, err)

- }

- keyLen, msgLen, ctLen := len(key), len(msg), len(ct)

- if keyLen == 0 {

- key = append(key, 0)

- }

- if msgLen == 0 {

- msg = append(msg, 0)

- }

- if ctLen == 0 {

- ct = append(ct, 0)

- }

+ key, keyLen := mustDecodeHexString(wt.Key, "key")

+ msg, msgLen := mustDecodeHexString(wt.Msg, "msg")

+ ct, ctLen := mustDecodeHexString(wt.CT, "CT")

wrapSuccess := runKWTestWrap(keySize, key, keyLen, msg, msgLen, ct, ctLen, wt)

unwrapSuccess := runKWTestUnWrap(keySize, key, keyLen, msg, msgLen, ct, ctLen, wt)

@@ -2353,14 +2113,7 @@ func (wtg *wycheproofTestGroupPrimality) run(algorithm string, variant testVaria

}

func runRsaesOaepTest(rsa *C.RSA, sha *C.EVP_MD, mgfSha *C.EVP_MD, wt *wycheproofTestRsaes) bool {

- ct, err := hex.DecodeString(wt.CT)

- if err != nil {

- log.Fatalf("Failed to decode cipher text %q: %v", wt.CT, err)

- }

- ctLen := len(ct)

- if ctLen == 0 {

- ct = append(ct, 0)

- }

+ ct, ctLen := mustDecodeHexString(wt.CT, "CT")

rsaSize := C.RSA_size(rsa)

decrypted := make([]byte, rsaSize)

@@ -2378,20 +2131,8 @@ func runRsaesOaepTest(rsa *C.RSA, sha *C.EVP_MD, mgfSha *C.EVP_MD, wt *wycheproo

return success

}

- label, err := hex.DecodeString(wt.Label)

- if err != nil {

- log.Fatalf("Failed to decode label %q: %v", wt.Label, err)

- }

- labelLen := len(label)

- if labelLen == 0 {

- label = append(label, 0)

- }

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)

- }

- msgLen := len(msg)

+ label, labelLen := mustDecodeHexString(wt.Label, "label")

+ msg, msgLen := mustDecodeHexString(wt.Msg, "msg")

to := make([]byte, rsaSize)

@@ -2407,7 +2148,7 @@ func runRsaesOaepTest(rsa *C.RSA, sha *C.EVP_MD, mgfSha *C.EVP_MD, wt *wycheproo

}

to = to[:msgLen]

- if !bytes.Equal(msg, to) {

+ if !bytes.Equal(msg[:msgLen], to) {

success = false

fmt.Printf("FAIL: %s - expected and calculated message differ.\n", wt)

}

@@ -2476,14 +2217,7 @@ func (wtg *wycheproofTestGroupRsaesOaep) run(algorithm string, variant testVaria

}

func runRsaesPkcs1Test(rsa *C.RSA, wt *wycheproofTestRsaes) bool {

- ct, err := hex.DecodeString(wt.CT)

- if err != nil {

- log.Fatalf("Failed to decode cipher text %q: %v", wt.CT, err)

- }

- ctLen := len(ct)

- if ctLen == 0 {

- ct = append(ct, 0)

- }

+ ct, ctLen := mustDecodeHexString(wt.CT, "CT")

rsaSize := C.RSA_size(rsa)

decrypted := make([]byte, rsaSize)

@@ -2501,15 +2235,12 @@ func runRsaesPkcs1Test(rsa *C.RSA, wt *wycheproofTestRsaes) bool {

return success

}

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)

- }

+ msg, msgLen := mustDecodeHexString(wt.Msg, "msg")

- if int(ret) != len(msg) {

+ if int(ret) != msgLen {

success = false

- fmt.Printf("FAIL: %s - got %d, want %d.\n", wt, ret, len(msg))

- } else if !bytes.Equal(msg, decrypted[:len(msg)]) {

+ fmt.Printf("FAIL: %s - got %d, want %d\n", wt, ret, len(msg))

+ } else if !bytes.Equal(msg[:msgLen], decrypted[:msgLen]) {

success = false

fmt.Printf("FAIL: %s - expected and calculated message differ.\n", wt)

}

@@ -2566,25 +2297,8 @@ func (wtg *wycheproofTestGroupRsaesPkcs1) run(algorithm string, variant testVari

}

func runRsassaTest(rsa *C.RSA, sha *C.EVP_MD, mgfSha *C.EVP_MD, sLen int, wt *wycheproofTestRsassa) bool {

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)

- }

- msg, _, err = hashEvpDigestMessage(sha, msg)

- if err != nil {

- log.Fatalf("%v", err)

- }

- sig, err := hex.DecodeString(wt.Sig)

- if err != nil {

- log.Fatalf("Failed to decode signature %q: %v", wt.Sig, err)

- }

- sigLen := len(sig)

- if sigLen == 0 {

- sig = append(sig, 0)

- }

+ msg, _ := mustHashHexMessage(sha, wt.Msg)

+ sig, sigLen := mustDecodeHexString(wt.Sig, "sig")

sigOut := make([]byte, C.RSA_size(rsa)-11)

if sigLen == 0 {

@@ -2668,25 +2382,8 @@ func (wtg *wycheproofTestGroupRsassa) run(algorithm string, variant testVariant)

}

func runRSATest(rsa *C.RSA, md *C.EVP_MD, nid int, wt *wycheproofTestRSA) bool {

- msg, err := hex.DecodeString(wt.Msg)

- if err != nil {

- log.Fatalf("Failed to decode message %q: %v", wt.Msg, err)

- }

- msg, msgLen, err := hashEvpDigestMessage(md, msg)

- if err != nil {

- log.Fatalf("%v", err)

- }

- sig, err := hex.DecodeString(wt.Sig)

- if err != nil {

- log.Fatalf("Failed to decode signature %q: %v", wt.Sig, err)

- }

- sigLen := len(sig)

- if sigLen == 0 {

- sig = append(sig, 0)

- }

+ msg, msgLen := mustHashHexMessage(md, wt.Msg)

+ sig, sigLen := mustDecodeHexString(wt.Sig, "sig")

ret := C.RSA_verify(C.int(nid), (*C.uchar)(unsafe.Pointer(&msg[0])), C.uint(msgLen),

(*C.uchar)(unsafe.Pointer(&sig[0])), C.uint(sigLen), rsa)

@@ -2751,18 +2448,9 @@ func (wtg *wycheproofTestGroupRSA) run(algorithm string, variant testVariant) bo

}

func runX25519Test(wt *wycheproofTestX25519) bool {

- public, err := hex.DecodeString(wt.Public)

- if err != nil {

- log.Fatalf("Failed to decode public %q: %v", wt.Public, err)

- }

- private, err := hex.DecodeString(wt.Private)

- if err != nil {

- log.Fatalf("Failed to decode private %q: %v", wt.Private, err)

- }

- shared, err := hex.DecodeString(wt.Shared)

- if err != nil {

- log.Fatalf("Failed to decode shared %q: %v", wt.Shared, err)

- }

+ public, _ := mustDecodeHexString(wt.Public, "public")

+ private, _ := mustDecodeHexString(wt.Private, "private")

+ shared, _ := mustDecodeHexString(wt.Shared, "shared")

got := make([]byte, C.X25519_KEY_LENGTH)

result := true