Skip to content

Commit 56fb11d

Browse files
committed
fix
1 parent 965cda0 commit 56fb11d

66 files changed

Lines changed: 7631 additions & 57 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/workflows/test.yml

Lines changed: 27 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -6,41 +6,51 @@ on:
66
pull_request:
77
branches: [ main ]
88

9-
permissions:
10-
contents: write
11-
packages: write
12-
139
jobs:
14-
test:
10+
test_only:
1511
runs-on: ubuntu-latest
16-
strategy:
17-
fail-fast: false
18-
1912
steps:
2013
- name: Checkout
2114
uses: actions/checkout@v3
15+
with:
16+
fetch-depth: 0
2217

2318
- name: Set timezone
2419
uses: szenius/set-timezone@v1.0
2520
with:
2621
timezoneLinux: "Asia/Shanghai"
2722

2823
- name: Set up Go
29-
uses: actions/setup-go@v4
24+
uses: actions/setup-go@v2
3025
with:
31-
go-version: 1.21
32-
33-
- name: Go mod tidy
34-
run: go mod tidy
26+
go-version: 1.25.0
3527

3628
- name: Unit tests
37-
run: go test -short -covermode=atomic -coverprofile=cover.out ./...
29+
run: go test ./...
30+
31+
test_cover:
32+
runs-on: ubuntu-latest
33+
steps:
34+
- name: Checkout
35+
uses: actions/checkout@v3
36+
with:
37+
fetch-depth: 0
3838

39-
- name: Test Generic
40-
run: go test -short -tags=purego -covermode=atomic ./...
39+
- name: Set timezone
40+
uses: szenius/set-timezone@v1.0
41+
with:
42+
timezoneLinux: "Asia/Shanghai"
43+
44+
- name: Set up Go
45+
uses: actions/setup-go@v2
46+
with:
47+
go-version: 1.26.4
48+
49+
- name: Unit tests
50+
run: go test -coverprofile=cover.out ./...
4151

4252
- name: Upload coverage reports to Codecov
43-
uses: codecov/codecov-action@v3
53+
uses: codecov/codecov-action@v5
4454
env:
4555
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
4656
with:

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ English | [中文](README_CN.md)
2424

2525
### Env
2626

27-
- Go >= 1.20
27+
- Go >= 1.25
2828

2929

3030
### Download

README_CN.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ go-cryptobin 是一个简单易用并且兼容性高的 go 语言加密解密库
2424

2525
### 环境要求
2626

27-
- Go >= 1.20
27+
- Go >= 1.25
2828

2929

3030
### 下载安装

SECURITY.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
# Security Policy
2+
3+
## Reporting a Vulnerability
4+
5+
If you think you found a vulnerability, and even if you are not sure, please report it to [go-cryptobin issues](github.com/deatil/go-cryptobin/issues). Please try be explicit, describe steps to reproduce the security issue with code example(s).
6+
7+
You will receive a response within a timely manner. If the issue is confirmed, we will do our best to release a patch as soon as possible given the complexity of the problem.
8+
9+
## Public Discussions
10+
11+
Please avoid publicly discussing a potential security vulnerability.
12+
13+
Let's take this offline and find a solution first, this limits the potential impact as much as possible.
14+
15+
We appreciate your help!

bencode/multiple_torrent.go

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -11,24 +11,24 @@ import (
1111
type MultipleTorrent struct {
1212
// `bencode:""`
1313
// tracker服务器的URL 字符串
14-
Announce string `bencode:"announce"`
14+
Announce string `bencode:"announce"`
1515
// 备用tracker服务器列表 列表
1616
// 发现 announce-list 后面跟了两个l(ll) announce-listll
17-
AnnounceList [][]string `bencode:"announce-list,omitempty"`
17+
AnnounceList [][]string `bencode:"announce-list,omitempty"`
1818
// 种子的创建时间 整数
19-
CreatDate int64 `bencode:"creation date"`
19+
CreatDate int64 `bencode:"creation date"`
2020
// 备注 字符串
21-
Comment string `bencode:"comment"`
21+
Comment string `bencode:"comment"`
2222
// 创建者 字符串
23-
CreatedBy string `bencode:"created by"`
23+
CreatedBy string `bencode:"created by"`
2424
// 详情
25-
Info MultipleInfo `bencode:"info"`
25+
Info MultipleInfo `bencode:"info"`
2626
// 包含一系列ip和相应端口的列表,是用于连接DHT初始node
27-
Nodes [][]any `bencode:"nodes,omitempty"`
27+
Nodes [][]any `bencode:"nodes,omitempty"`
2828
// 文件的默认编码
29-
Encoding string `bencode:"encoding,omitempty"`
29+
Encoding string `bencode:"encoding,omitempty"`
3030
// 备注的utf-8编码
31-
CommentUtf8 string `bencode:"comment.utf-8,omitempty"`
31+
CommentUtf8 string `bencode:"comment.utf-8,omitempty"`
3232
}
3333

3434
// 获取备用节点

bencode/single_torrent.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -89,8 +89,8 @@ type SingleInfo struct {
8989
PieceLength int `bencode:"piece length"`
9090
Length int `bencode:"length"`
9191

92-
Name string `bencode:"name"`
93-
NameUtf8 string `bencode:"name.utf-8,omitempty"`
92+
Name string `bencode:"name"`
93+
NameUtf8 string `bencode:"name.utf-8,omitempty"`
9494

9595
// 文件发布者
9696
Publisher string `bencode:"publisher,omitempty"`
@@ -100,8 +100,8 @@ type SingleInfo struct {
100100
PublisherUrl string `bencode:"publisher-url,omitempty"`
101101
PublisherUrlUtf8 string `bencode:"publisher-url.utf-8,omitempty"`
102102

103-
MD5Sum string `bencode:"md5sum,omitempty"`
104-
Private bool `bencode:"private,omitempty"`
103+
MD5Sum string `bencode:"md5sum,omitempty"`
104+
Private bool `bencode:"private,omitempty"`
105105
}
106106

107107
// 每个分片的 SHA-1 hash 长度是20 把他们从Pieces中切出来

go.mod

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
module github.com/deatil/go-cryptobin
22

3-
go 1.20
3+
go 1.25.0
44

55
require (
6-
golang.org/x/crypto v0.31.0
7-
golang.org/x/text v0.21.0
6+
golang.org/x/crypto v0.53.0
7+
golang.org/x/text v0.38.0
88
)
99

10-
require golang.org/x/sys v0.28.0
10+
require golang.org/x/sys v0.46.0

go.sum

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
1-
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
2-
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
3-
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
4-
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
5-
golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
6-
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
7-
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
1+
golang.org/x/crypto v0.53.0 h1:QZ4Muo8THX6CizN2vPPd5fBGHyogrdK9fG4wLPFUsto=
2+
golang.org/x/crypto v0.53.0/go.mod h1:DNLU434OwVakk9PzuwV8w62mAJpRJL3vsgcfp4Qnsio=
3+
golang.org/x/sys v0.46.0 h1:noSf2Fq6F8DBgS+LysIkx7rIExoNHJsxOAtPp4rthXw=
4+
golang.org/x/sys v0.46.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
5+
golang.org/x/term v0.44.0 h1:0rLvDRCtNj0gZkyIXhCyOb2OAzEhLVqc4B+hrsBhrmc=
6+
golang.org/x/term v0.44.0/go.mod h1:7ze4MdzUzLXpSAoFP1H0bOI9aXDqveSvatT5vKcFh2Y=
7+
golang.org/x/text v0.38.0 h1:sXmwo9DwP3OK9EZ7PqAdaooSGozfl/3a6/xJcbzPRhE=
8+
golang.org/x/text v0.38.0/go.mod h1:YXZt3QhHUKYT53r2lLKFIVi6Ao1jdzrTR/KQ09qyxF4=

pkcs12/p12_safebags.go

Lines changed: 25 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package pkcs12
33
import (
44
"io"
55
"fmt"
6+
"bytes"
67
"errors"
78
"encoding/pem"
89
"encoding/asn1"
@@ -122,18 +123,39 @@ func (this *PKCS12) getSafeContents(p12Data, password []byte) (bags []SafeBag, u
122123
return nil, nil, err
123124
}
124125

126+
var authenticatedSafes []byte
127+
if pfx.AuthSafe.Content.IsCompound {
128+
var buf bytes.Buffer
129+
authSafeBytes := pfx.AuthSafe.Content.Bytes
130+
131+
for {
132+
var part []byte
133+
authSafeBytes, _ = asn1.Unmarshal(authSafeBytes, &part)
134+
135+
buf.Write(part)
136+
137+
if authSafeBytes == nil {
138+
break
139+
}
140+
}
141+
142+
authenticatedSafes = buf.Bytes()
143+
} else {
144+
authenticatedSafes = pfx.AuthSafe.Content.Bytes
145+
}
146+
125147
if len(pfx.MacData.Mac.Algorithm.Algorithm) == 0 {
126148
if !(len(password) == 2 && password[0] == 0 && password[1] == 0) {
127149
return nil, nil, errors.New("go-cryptobin/pkcs12: no MAC in data")
128150
}
129151
} else {
130-
if err := pfx.MacData.Verify(pfx.AuthSafe.Content.Bytes, password); err != nil {
152+
if err := pfx.MacData.Verify(authenticatedSafes, password); err != nil {
131153
if err == ErrIncorrectPassword && len(password) == 2 && password[0] == 0 && password[1] == 0 {
132154
// some implementations use an empty byte array
133155
// for the empty string password try one more
134156
// time with empty-empty password
135157
password = nil
136-
err = pfx.MacData.Verify(pfx.AuthSafe.Content.Bytes, password)
158+
err = pfx.MacData.Verify(authenticatedSafes, password)
137159
}
138160

139161
if err != nil {
@@ -143,7 +165,7 @@ func (this *PKCS12) getSafeContents(p12Data, password []byte) (bags []SafeBag, u
143165
}
144166

145167
var authenticatedSafe []ContentInfo
146-
if err := unmarshal(pfx.AuthSafe.Content.Bytes, &authenticatedSafe); err != nil {
168+
if err := unmarshal(authenticatedSafes, &authenticatedSafe); err != nil {
147169
return nil, nil, err
148170
}
149171

rsa/equal_test.go

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
// Copyright 2020 The Go Authors. All rights reserved.
2+
// Use of this source code is governed by a BSD-style
3+
// license that can be found in the LICENSE file.
4+
5+
package rsa_test
6+
7+
import (
8+
"crypto"
9+
"crypto/rand"
10+
"crypto/rsa"
11+
"crypto/x509"
12+
"testing"
13+
)
14+
15+
func TestEqual(t *testing.T) {
16+
private, _ := rsa.GenerateKey(rand.Reader, 512)
17+
public := &private.PublicKey
18+
19+
if !public.Equal(public) {
20+
t.Errorf("public key is not equal to itself: %v", public)
21+
}
22+
if !public.Equal(crypto.Signer(private).Public().(*rsa.PublicKey)) {
23+
t.Errorf("private.Public() is not Equal to public: %q", public)
24+
}
25+
if !private.Equal(private) {
26+
t.Errorf("private key is not equal to itself: %v", private)
27+
}
28+
29+
enc, err := x509.MarshalPKCS8PrivateKey(private)
30+
if err != nil {
31+
t.Fatal(err)
32+
}
33+
decoded, err := x509.ParsePKCS8PrivateKey(enc)
34+
if err != nil {
35+
t.Fatal(err)
36+
}
37+
if !public.Equal(decoded.(crypto.Signer).Public()) {
38+
t.Errorf("public key is not equal to itself after decoding: %v", public)
39+
}
40+
if !private.Equal(decoded) {
41+
t.Errorf("private key is not equal to itself after decoding: %v", private)
42+
}
43+
44+
other, _ := rsa.GenerateKey(rand.Reader, 512)
45+
if public.Equal(other.Public()) {
46+
t.Errorf("different public keys are Equal")
47+
}
48+
if private.Equal(other) {
49+
t.Errorf("different private keys are Equal")
50+
}
51+
}

0 commit comments

Comments
 (0)