Your message dated Tue, 18 Jun 2019 21:21:04 +0200 with message-id <92792fc1-e10e-3761-04c7-6ffb968eee87@debian.org> and subject line Re: Bug#930656: unblock: gokey/0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-3 has caused the Debian Bug report #930656, regarding unblock: gokey/0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 930656: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930656 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: gokey/0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-3
- From: Benjamin Drung <benjamin.drung@cloud.ionos.com>
- Date: Mon, 17 Jun 2019 20:20:25 +0200
- Message-id: <[🔎] 156079562588.20470.6608500584468349614.reportbug@fiftytwodotfive>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Please unblock package gokey The current version of gokey suffers the RC bug #930426 which makes the RSA key generation non-deterministic. The main purpose of gokey is to generate deterministic keys. The second upload to Debian unstable fixes the build failure by increasing the timeout for the tests, because the tests take very long on mips/mipsel. The gokey tests takes 11408.183 s (= 190 min) on minkus.debian.org (mips porter box). By the way, gokey 0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-2 is more or less the same version as 0.0~git20190103.40eba7e-1, because there are only two upstream commits between 20181023.b4e2780 and 20190103.40eba7e. The debdiff is attached. My email address changes and this is not mentioned in the changelog. unblock gokey/0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-3 -- Benjamin Drung System Developer Debian & Ubuntu Developer 1&1 IONOS Cloud GmbH | Greifswalder Str. 207 | 10405 Berlin | Germany E-mail: benjamin.drung@cloud.ionos.com | Web: www.ionos.de Head Office: Berlin, Germany District Court Berlin Charlottenburg, Registration number: HRB 125506 B Executive Management: Christoph Steffens, Matthias Steinberg, Achim Weiss Member of United Internetdiff -Nru gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/changelog gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/changelog --- gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/changelog 2019-06-04 20:53:29.000000000 +0200 +++ gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/changelog 2019-06-17 20:04:04.000000000 +0200 @@ -1,3 +1,18 @@ +gokey (0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-3) unstable; urgency=medium + + * Increase test timeout to six hours, because the tests need 190 minutes + on mips (Closes: #919759) + * Run tests for RSA2048 and RSA4096 again + + -- Benjamin Drung <benjamin.drung@cloud.ionos.com> Mon, 17 Jun 2019 20:04:04 +0200 + +gokey (0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-2) unstable; urgency=medium + + * Cherry-pick patch from upstream to import deterministic RSA key generation + code from Go 1.10 crypto/rsa package (Closes: #930426) + + -- Benjamin Drung <benjamin.drung@cloud.ionos.com> Thu, 13 Jun 2019 15:51:37 +0200 + gokey (0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-1) unstable; urgency=medium * Team upload. diff -Nru gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/control gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/control --- gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/control 2019-06-04 20:52:40.000000000 +0200 +++ gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/control 2019-06-13 15:53:37.000000000 +0200 @@ -1,6 +1,6 @@ Source: gokey Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org> -Uploaders: Benjamin Drung <benjamin.drung@profitbricks.com>, +Uploaders: Benjamin Drung <benjamin.drung@cloud.ionos.com>, Anthony Fok <foka@debian.org> Section: utils Testsuite: autopkgtest-pkg-go diff -Nru gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/0002-disable-TestGetKey-for-RSA.patch gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/0002-disable-TestGetKey-for-RSA.patch --- gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/0002-disable-TestGetKey-for-RSA.patch 2019-06-04 20:52:40.000000000 +0200 +++ gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/0002-disable-TestGetKey-for-RSA.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,24 +0,0 @@ -Description: Disable tests for RSA2048 and RSA4096 in TestGetKey - rsa.GenerateKey has been intentionally made non-deterministic since Go 1.11. - This patch fixes the "gokey_test.go:161: keys with same invocation options - do not match" error in TestGetKey with Go >= 1.11. -Author: Anthony Fok <foka@debian.org> -Origin: vendor -Bug: https://github.com/cloudflare/gokey/issues/17 -Last-Update: 2018-12-31 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ ---- a/gokey_test.go -+++ b/gokey_test.go -@@ -165,8 +165,9 @@ - func TestGetKey(t *testing.T) { - testGetKeyType(EC256, t) - testGetKeyType(EC521, t) -- testGetKeyType(RSA2048, t) -- testGetKeyType(RSA4096, t) -+ // rsa.GenerateKey is no longer deterministic in Go >= 1.11 -+ //testGetKeyType(RSA2048, t) -+ //testGetKeyType(RSA4096, t) - testGetKeyType(X25519, t) - testGetKeyType(ED25519, t) - } diff -Nru gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/Import-deterministic-RSA-key-generation-code-from-Go.patch gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/Import-deterministic-RSA-key-generation-code-from-Go.patch --- gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/Import-deterministic-RSA-key-generation-code-from-Go.patch 1970-01-01 01:00:00.000000000 +0100 +++ gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/Import-deterministic-RSA-key-generation-code-from-Go.patch 2019-06-13 15:53:37.000000000 +0200 @@ -0,0 +1,307 @@ +From 7fa426f8161136a02c3ab9aa7eca819a5f8b9157 Mon Sep 17 00:00:00 2001 +From: Ignat Korchagin <ignat.korchagin@gmail.com> +Date: Wed, 2 Jan 2019 10:57:04 +0000 +Subject: [PATCH] Import deterministic RSA key generation code from Go 1.10 + crypto/rsa package + +Go 1.11 introduced some explicit randomisation for some crypto routines, because +they don't want callers to rely on the fact that current algorithms are +deterministic with respect to the passed in pseudo-random stream (which is +exactly what this package does) to be able to change the underlying algorithms +in the future. + +Since we do need the key generation algorithms to be deterministic, we just +import the algorithm to our package. This will also ensure consistent output +for generated RSA keys should the standard crypto/rsa package change its +generation algorithm. +--- + keygen.go | 4 +- + rsa/keygen.go | 108 ++++++++++++++++++++++++++++++++++++ + rsa/keygen_test.go | 133 +++++++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 243 insertions(+), 2 deletions(-) + create mode 100644 rsa/keygen.go + create mode 100644 rsa/keygen_test.go + +diff --git a/keygen.go b/keygen.go +index e1398bf..00be7c9 100644 +--- a/keygen.go ++++ b/keygen.go +@@ -4,12 +4,12 @@ import ( + "crypto" + "crypto/ecdsa" + "crypto/elliptic" +- "crypto/rsa" + "errors" + "io" + "strings" + "unicode" + ++ deterministicRsaKeygen "github.com/cloudflare/gokey/rsa" + "golang.org/x/crypto/ed25519" + ) + +@@ -166,7 +166,7 @@ func (keygen *KeyGen) generateRsa(kt KeyType) (crypto.PrivateKey, error) { + return nil, errors.New("invalid RSA key size requested") + } + +- return rsa.GenerateKey(keygen.rng, bits) ++ return deterministicRsaKeygen.GenerateKey(keygen.rng, bits) + } + + func (keygen *KeyGen) generateEc(kt KeyType) (crypto.PrivateKey, error) { +diff --git a/rsa/keygen.go b/rsa/keygen.go +new file mode 100644 +index 0000000..e4ebe9d +--- /dev/null ++++ b/rsa/keygen.go +@@ -0,0 +1,108 @@ ++package rsa ++ ++import ( ++ "crypto/rand" ++ "crypto/rsa" ++ "errors" ++ "io" ++ "math" ++ "math/big" ++) ++ ++// below is taken from https://github.com/golang/go/blob/161874da2ab6d5372043a1f3938a81a19d1165ad/src/crypto/rsa/rsa.go#L220 ++// because later versions in standard crypto/rsa package are not deterministic ++var bigOne = big.NewInt(1) ++ ++func GenerateKey(random io.Reader, bits int) (*rsa.PrivateKey, error) { ++ return generateMultiPrimeKey(random, 2, bits) ++} ++ ++func generateMultiPrimeKey(random io.Reader, nprimes int, bits int) (*rsa.PrivateKey, error) { ++ priv := new(rsa.PrivateKey) ++ priv.E = 65537 ++ ++ if nprimes < 2 { ++ return nil, errors.New("gokey/rsa: GenerateMultiPrimeKey: nprimes must be >= 2") ++ } ++ ++ if bits < 64 { ++ primeLimit := float64(uint64(1) << uint(bits/nprimes)) ++ // pi approximates the number of primes less than primeLimit ++ pi := primeLimit / (math.Log(primeLimit) - 1) ++ // Generated primes start with 11 (in binary) so we can only ++ // use a quarter of them. ++ pi /= 4 ++ // Use a factor of two to ensure that key generation terminates ++ // in a reasonable amount of time. ++ pi /= 2 ++ if pi <= float64(nprimes) { ++ return nil, errors.New("gokey/rsa: too few primes of given length to generate an RSA key") ++ } ++ } ++ ++ primes := make([]*big.Int, nprimes) ++ ++NextSetOfPrimes: ++ for { ++ todo := bits ++ // crypto/rand should set the top two bits in each prime. ++ // Thus each prime has the form ++ // p_i = 2^bitlen(p_i) × 0.11... (in base 2). ++ // And the product is: ++ // P = 2^todo × α ++ // where α is the product of nprimes numbers of the form 0.11... ++ // ++ // If α < 1/2 (which can happen for nprimes > 2), we need to ++ // shift todo to compensate for lost bits: the mean value of 0.11... ++ // is 7/8, so todo + shift - nprimes * log2(7/8) ~= bits - 1/2 ++ // will give good results. ++ if nprimes >= 7 { ++ todo += (nprimes - 2) / 5 ++ } ++ for i := 0; i < nprimes; i++ { ++ var err error ++ primes[i], err = rand.Prime(random, todo/(nprimes-i)) ++ if err != nil { ++ return nil, err ++ } ++ todo -= primes[i].BitLen() ++ } ++ ++ // Make sure that primes is pairwise unequal. ++ for i, prime := range primes { ++ for j := 0; j < i; j++ { ++ if prime.Cmp(primes[j]) == 0 { ++ continue NextSetOfPrimes ++ } ++ } ++ } ++ ++ n := new(big.Int).Set(bigOne) ++ totient := new(big.Int).Set(bigOne) ++ pminus1 := new(big.Int) ++ for _, prime := range primes { ++ n.Mul(n, prime) ++ pminus1.Sub(prime, bigOne) ++ totient.Mul(totient, pminus1) ++ } ++ if n.BitLen() != bits { ++ // This should never happen for nprimes == 2 because ++ // crypto/rand should set the top two bits in each prime. ++ // For nprimes > 2 we hope it does not happen often. ++ continue NextSetOfPrimes ++ } ++ ++ priv.D = new(big.Int) ++ e := big.NewInt(int64(priv.E)) ++ ok := priv.D.ModInverse(e, totient) ++ ++ if ok != nil { ++ priv.Primes = primes ++ priv.N = n ++ break ++ } ++ } ++ ++ priv.Precompute() ++ return priv, nil ++} +diff --git a/rsa/keygen_test.go b/rsa/keygen_test.go +new file mode 100644 +index 0000000..960a58f +--- /dev/null ++++ b/rsa/keygen_test.go +@@ -0,0 +1,133 @@ ++package rsa_test ++ ++import ( ++ "bytes" ++ "encoding/pem" ++ "strings" ++ "testing" ++ ++ "github.com/cloudflare/gokey" ++) ++ ++func pemEqual(pem1, pem2 string, t *testing.T) bool { ++ b1, err := pem.Decode([]byte(pem1)) ++ if b1 == nil { ++ t.Fatalf("failed to decode %v: %v", pem1, err) ++ } ++ ++ b2, err := pem.Decode([]byte(pem2)) ++ if b2 == nil { ++ t.Fatalf("failed to decode %v: %v", pem2, err) ++ } ++ ++ return b1.Type == b2.Type && bytes.Equal(b1.Bytes, b2.Bytes) ++} ++ ++func getKey(kt gokey.KeyType, t *testing.T) string { ++ priv, err := gokey.GetKey("pass", "example.com", nil, kt, true) ++ if err != nil { ++ t.Fatal(err) ++ } ++ ++ var b strings.Builder ++ err = gokey.EncodeToPem(priv, &b) ++ if err != nil { ++ t.Fatal(err) ++ } ++ ++ return b.String() ++} ++ ++// generated by "$ gokey -p pass -r example.com -u -t rsa2048" with Go < 1.11 ++var knownRsa2048 = `-----BEGIN RSA PRIVATE KEY----- ++MIIEowIBAAKCAQEAqIT/jlQnJAIxS2h/AEz6RSiN9/GWY8lh9V81vfpzjZ069NOH ++fVL0rQiRj11GqReHTUOjuOiCwYn6d6tPSCVC8fDyBjQ6cf9tm0G+lMf8LsMCPFTL ++PDivqH8KwXLgC2+Zmm906nGkGUZ79AdOa6A2k07PbQ791/7s6ghWU6Dx6lPqiHC+ ++jFfQctQWNUdIchYt1X9eARNTcJQAYBAikH0X+dZwcm9sfTRtJCo7WvjOBwxIk/XA ++k9GcoR2bbGrN8wnVGO2Luw9exg/GavfpkWI1jRx82Hfqfd+Ux3478yOS2Z1kbve1 ++g3DI8qscaN8oZugw4R/EBg0jOOinDwE9oISZ3wIDAQABAoIBAGJooE/+RokZmq29 ++jQSg7zl5sEYNV1RYYpMGkXyqh9Y37hjQefuueOGe8lm1D7Fo4wM0r6Qoa0sYByLg ++8EBiOhDNMph64XJ2xgv3PZLmohawnFqc7b3yIGoWHjLPoZQsDJgJ5E2QJVL5PSNJ ++LPteqOAnEqxOJ+B9pt4YFklp4DuE6H21pgM8tn0azH5Hf4w6LDrkjk4+WVAFrQqj ++UJFSVVQ6Vq54BxnBUJzGCmlKCqDbUrOLQ2TrDodDVPHzmzxX69WVtwqtkiJ6X7HH ++pnodlRV9LwLMkZwgQBEcoZnQkWLimGBRBaO/uuZewmXJ9u6HgXIL9+VVHFnkcdZs ++S6QwLxECgYEA3ghowXxlR7GsC8+07YJUJV+KvKNK4qEZVp2MMscxOPWjcO1tWO88 ++8K/E54Gp8ktsqmejQjnUD7749h2pEUZHfy2sCpWOHjXzLouCkZlSZQpsWVcFkFLL ++qZvwv+pCV9osxpf8o2n/ZuKGP3VgKeSlql6eHLdRV6edEUEJogwFgykCgYEAwkzR ++d5uqToUlbz3fKTs9c4bTt+xnhlOyXPdnbRph/N96Yp0eIi2v7F0FBB5qzKZKy72M ++4+DHvWrpAruh14nryXolQ/OesT27R00auxjOAWM2v2BFeNjBadwnlYfbzCtM+1Wd ++6U+Ahd6Nkdk5tAkMvP03RwPxOTPXuXOtJNFgHccCgYEApbq1JqdJmegeuXpCXH5J ++fNQB5KgmP19sYGCcw1I3hYKkiqhOVHHOlQE+AmegiMCPzeopzEcJ6O7tOhgNmF1T ++BLT8k7HqMNaoO/fab/93pv/OvCjeeEm0x1ckrruW5ahuf5X296so/ozbFAbyzpJi ++rfaOInUa/EiaTsSzAgfjHXECgYA13opsuPHc1zlrwCGxEsWU1Bq68YY6TdYzxDwe ++maP1MhiCYsFKBJSz2Y5cd/pwRuKR3jnDrDx0ncGAinjyg0CmGYFfd5nV1iGoQQ5a ++NSRYaiNxp8VbHe1x5iHraUFdN9weCry/RNWDSBLEDw/ahG/Nrf63Z7Znf6Idvp6Q ++iKQ3XQKBgGpKBezvB82Jk0suZZdqZIs3OVDy7i6SIwS3MgABRE5pYgDWhlnEzGFS ++Tk4zAHR2tIeN4RjOcanspxKbN+Qfm1TkeFwRq5553f0ypMz7xkCdUCKIAeCfTkbs ++qkciBuCm/Oa4RlB/LwH+paBV3RvQOYLXw50/uzAr5S2+2wPx4wMT ++-----END RSA PRIVATE KEY-----` ++ ++// generated by "$ gokey -p pass -r example.com -u -t rsa4096" with Go < 1.11 ++var knownRsa4096 = `-----BEGIN RSA PRIVATE KEY----- ++MIIJKQIBAAKCAgEAxVvkLK1k8W62pevv0YTpS5AzWTGKnKAcoE/ysAcDpTnpkEut ++FLqQPqSBeMoWliD17DeMTFq76BNbEB4H+K7Gb+UZ4VA+wH2v7e0FegDt576fWatV ++A9FaL3Dt4QvaqUtDD/7aDCL11IA4eAGQn7gb4ACd/MzBCSY9UAJ4OXkmKnMGfwLS ++4mjTM6/Y4QGZgR71c8weCsbk+T0VVhcBS9rrpmDibpSDIOCjc9eKGzAPAVdY97fh ++JkUfCKkHJVqzdZvXUqWs4DOYhXoxbX9yQ/9Y4kzKnxbiq0Vs0+LKi5TaUVNtT7B0 ++cDIjHCZtmTno7v+IM3Hropf76nFf5mSRV248rnNsjb9kiV8MbIIE4yCJXdpfcRGC ++DNX8I7hgRfR+BffntGL8k6zBro+N7ElsCTLvXlfBlFgnnuPZw57HHLZVR7I1HbOv ++sGIWKP806fiar2ka51+M0JIdOJbyiw3byEMpOjsSeIpTgcV3SLxmrk/0yE+Mdokl ++Uv38AQ5svekP1Htk0qbwod8CzvumYV7GLmBUac9hKwIX0xnoKv/9yZY2ELMz9Zoa ++Sds3eJRK3D3nAUYjrCWTTLevd67Idsu0iJGjQ1haLR9jcFKqLo/4SiAxM3CeqZdD ++ExnyoM9caQvfnwGpgwRXyEdO1Zt2g1kJ8OBlrLlz5YM3qwEUrQ+4lGSastsCAwEA ++AQKCAgA4NUCZ/NQ38qkwPi7yBCGRdMM7DuIEU5FzkvFycrz2DLVZdEQaGDxGqwF4 ++zk16em6v1O4vPNQxd3nC8Fqi19wKODyTsA//MIyvfYbGxYb8Lo0hs6slyDUgN9B3 ++/LFM7/Nslc+yDy7mU5JBk2iGJKBDvslAG2yK14o0xE9LRxa4lkPuXnaDJwmnudhR ++1OvMG24aibKwrQ6/cUcnWqvy16mvm/5BMijabz/+GQ/rSFetsRvUiVklViBNjh5L ++5DYiM70ye57tx6QTt8ZmAhsgBJRi9y3p+1GZJ8+j1P6MnFtFODZ0sLOo1I6tUMB8 ++GEMf9kTrKfHLP+/uSFXgvxmpxeqf4B8hEoHe82K5lu8YVs2tsXFemcNrrsFaPBfS ++vCOpuhXLfA+JLOY4E1yMeW49lSRP9cobyNr/Sr2RROuazKg3CVsPwIt9p1JD2pIv ++U/5fu94qiT2EgXp3QOKn11iTYw6lzSsE+cPFx+Dd9AB0eIoWPUNtxBF8VnQZpZxk ++0BPm+CaqOXB3Qmn3jEFl41AC9I5AGvWLPZPNROWfSfGJa2qJkeMbFtvY5GeX+Sc3 ++abHn0KACtAKONpSgPw50cSJhwlL2GAQnnRQYOR8lXeUwYb1t7ikCPRHPqH+f+Ehb ++aPYWwGQikJ9XYo7iWD93I+jIycGa7gX+cVdRkO0lLCy0EaPtIQKCAQEA9Kf8DbbM ++euLtzx+9itydUZJvkgQhs+GhE7aG8YH2LwgBR2GuK2gPw0i1DfZpLBmr10g0e/mr ++wQB5OmvNv5mNUltI4hKWnlNsUqWjilSdpY99Hp/W+gHQONhCGoRHzU2e/oMZlQQJ ++qk9CuF0rQU/NaOtdwa+pGIXWDr5V6/H30ppMDtzWjCoGH+QXsDQPqgSo+w/k5PEW ++YNMhtaCXkPeL+iP5yyKJGiISJKFPgOlzWuPFtt4IQ2to4OxoNYzr0VwJ9lHIMs6S ++vTkMJEubszgH39FzIGEO6KE4h3JaGkcG7S3REELaiU62YjaveFbXnT+HnRIi9gye ++39hgEKsB674l0QKCAQEAzoJ/tEySJnQfELMmaLOP17gPyapBLpIKh8cEdCxbFhXC ++JFrzmU5AICHU/QREJ6vPB1n8STUC3xUXD9fq7tjBFlIZ5UA+cUpag6/Z0K/DzTOh ++V975lJwoqv46DjRr0tW17fH4Qmwnj0bUslQJGVW8IkhX5B8gfsR+8Q9a91wrvgOX ++QciYoftxuILE8npHW24DqYQkWDkzTDW+x7Liiizvc4B3AG1B09N26XeXETaJCuvO ++SvnCdOmlxm4NP4CnpS4h/A33wlr+5VDldGBSxBHEQJgZz8W9HVgmIdzsUkiYbhaS ++PxtcdIXV95+K+YMSNIJYTV/t7dMa1FmxFnQQmGE86wKCAQEA1uz/43hT+ByE93EV ++zPh0B6YR939DsEelfrDZqS4XfEeXAANSw3Uea9rim0p+KCzBJlWbLdIuzVVCKk1s ++KUaWvOPOijP0N1BoF87FdY9SEpCURSP78hNHvbhVkf/lJ/lplILNJXivmPsaTOYk ++SrL1a5dg/Pb5IL7qRnd0+drOcCf2axQcMnP0f22cVcHWhPClFjFnTqxwkUzJD0rt +++39Ma8nQ9l/3e4q0z5MaSdBL82unVDeHoNqp/vYPsgODYp9tbQN5URDiHfMQtI3r ++US0G1dulPKunMjv3ch3GA9GjxxZ508Q3QWpxlKQf0CLSNaUK2LSHHAoIQ/NMqTfh ++bxzTEQKCAQBNQQqPI5oFIqnAcJSs1Ie6NpRJaBTMXDvuQWiMIU/N+kPPn+rDbj+V ++BbMNGDx67s4bPPGhXWB+ngAroCW2RoYtWHdxiNATR7KG0xFT/XztViREoBiUHLsm ++BMcpKzku/V367utlxdoiwmetcryYqrcfyBqBL5fTdKTcf1cTdHq0sdky9d0Ls+n+ ++EYWmBFKPhJ+AGfwSuQtUtkJxqJ0Q/fByMBvUoArhOJmii2eLO/CWklJxP/AcFpA6 ++pE72c6XDqHd0OLF4FtyGYvYDzEkKKm9VjtERJjMyOBjD0EbkHV5QyMbbLtwuhybd ++ZOTzpLH5zM1F3N5AexntWMRj1vWiW7YTAoIBAQC3Rs1pQkMFfbi6izdUBfWBdm3q ++iAsltebEWOZWyEFGoOrXw2wBbglq2Q/X3m1uajnx862cReggoRj/g3kOrJg7XCBF ++Ql+E5ia0GJNevW7T1Aw4Lee1xb5icf6LTHmdZu1HHj41stvDqptRwXcB3uwrhRZq ++nH5GeAEk9ABOPMhz2p6y9qJP0pPC5XSUosCuk+Hrcug/jLDLEbWo15WCdjzXN8fF ++IvI5ZWJf0uWn9lBfoCHXP1aRgI7aXbjOvUsKQd+yXYWn710oll55mG5UR+M8TCB4 ++PdfdeaG2sFFBX0tIDg9sAcCStbp1x7rbt9tcI9bACZgq3rQ5EXs8AlKTXzUe ++-----END RSA PRIVATE KEY-----` ++ ++func TestKnownKey(t *testing.T) { ++ rsa2048 := getKey(gokey.RSA2048, t) ++ if !pemEqual(rsa2048, knownRsa2048, t) { ++ t.Fatal("generated RSA 2048 does not match the expected result") ++ } ++ ++ rsa4096 := getKey(gokey.RSA4096, t) ++ if !pemEqual(rsa4096, knownRsa4096, t) { ++ t.Fatal("generated RSA 4096 does not match the expected result") ++ } ++} +-- +2.20.1 + diff -Nru gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/series gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/series --- gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/series 2019-06-04 20:52:40.000000000 +0200 +++ gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/patches/series 2019-06-17 13:59:49.000000000 +0200 @@ -1 +1 @@ -0002-disable-TestGetKey-for-RSA.patch +Import-deterministic-RSA-key-generation-code-from-Go.patch diff -Nru gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/rules gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/rules --- gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/rules 2019-06-04 20:46:43.000000000 +0200 +++ gokey-0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780/debian/rules 2019-06-17 19:59:50.000000000 +0200 @@ -16,5 +16,8 @@ dh_auto_build pandoc -s -t man gokey.1.md -o gokey.1 +override_dh_auto_test: + dh_auto_test -- -timeout 6h + override_dh_missing: dh_missing --fail-missing
--- End Message ---
--- Begin Message ---
- To: Benjamin Drung <benjamin.drung@cloud.ionos.com>, 930656-done@bugs.debian.org
- Subject: Re: Bug#930656: unblock: gokey/0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-3
- From: Paul Gevers <elbrus@debian.org>
- Date: Tue, 18 Jun 2019 21:21:04 +0200
- Message-id: <92792fc1-e10e-3761-04c7-6ffb968eee87@debian.org>
- In-reply-to: <[🔎] 156079562588.20470.6608500584468349614.reportbug@fiftytwodotfive>
- References: <[🔎] 156079562588.20470.6608500584468349614.reportbug@fiftytwodotfive>
Hi Benjamin, On 17-06-2019 20:20, Benjamin Drung wrote: > unblock gokey/0.0~git20190103.40eba7e+really0.0~git20181023.b4e2780-3 Unblocked, thanks. PaulAttachment: signature.asc
Description: OpenPGP digital signature
--- End Message ---