From 0c014879887c2414eff89d7625205d336c47bd96 Mon Sep 17 00:00:00 2001 From: Russ Cox Date: Wed, 13 Sep 2017 23:07:38 -0400 Subject: [dev.boringcrypto.go1.8] crypto/rsa: fix boring GenerateKey to set non-nil Precomputed.CRTValues This matches the standard GenerateKey and more importantly Precompute, so that if you generate a key and then store it, read it back, call Precompute on the new copy, and then do reflect.DeepEqual on the two copies, they will match. Before this CL, the original key had CRTValues == nil and the reconstituted key has CRTValues != nil (but len(CRTValues) == 0). Change-Id: I1ddc64342a50a1b65a48d827e4d564f1faab1945 Reviewed-on: https://go-review.googlesource.com/63914 Reviewed-by: Adam Langley Reviewed-on: https://go-review.googlesource.com/65485 Run-TryBot: Russ Cox Reviewed-by: Russ Cox --- src/crypto/rsa/boring_test.go | 5 +++++ src/crypto/rsa/rsa.go | 7 ++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/crypto/rsa/boring_test.go b/src/crypto/rsa/boring_test.go index b2395ee3ee..d6203c22a1 100644 --- a/src/crypto/rsa/boring_test.go +++ b/src/crypto/rsa/boring_test.go @@ -157,6 +157,11 @@ func TestBoringRandGenerateKey(t *testing.T) { t.Fatalf("GenerateKey: wrong N\nhave %x\nwant %x", k.N, n) } r.checkOffset(35200) + + // Non-Boring GenerateKey always sets CRTValues to a non-nil (possibly empty) slice. + if k.Precomputed.CRTValues == nil { + t.Fatalf("GenerateKey: Precomputed.CRTValues = nil") + } } func TestBoringRandGenerateMultiPrimeKey(t *testing.T) { diff --git a/src/crypto/rsa/rsa.go b/src/crypto/rsa/rsa.go index 2fd25dddcc..5b3124401c 100644 --- a/src/crypto/rsa/rsa.go +++ b/src/crypto/rsa/rsa.go @@ -233,9 +233,10 @@ func GenerateMultiPrimeKey(random io.Reader, nprimes int, bits int) (*PrivateKey D: D, Primes: []*big.Int{P, Q}, Precomputed: PrecomputedValues{ - Dp: Dp, - Dq: Dq, - Qinv: Qinv, + Dp: Dp, + Dq: Dq, + Qinv: Qinv, + CRTValues: make([]CRTValue, 0), // non-nil, to match Precompute }, } return key, nil -- cgit v1.2.3-54-g00ecf