This is an automated email from the git hooks/post-receive script.
meskio pushed a commit to branch main in repository pluggable-transports/snowflake.
The following commit(s) were added to refs/heads/main by this push: new f38c91f Don't use entropy for test f38c91f is described below
commit f38c91f906af5b806f463e790eddc134961abf1f Author: meskio meskio@torproject.org AuthorDate: Thu Jun 2 11:19:47 2022 +0200
Don't use entropy for test
Use math/rand instead of crypto/rand, so entropy is not a blocker when running the tests. --- common/amp/armor_test.go | 2 +- common/utls/roundtripper_test.go | 14 +++++++++++--- 2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/common/amp/armor_test.go b/common/amp/armor_test.go index 594ae65..fc7561e 100644 --- a/common/amp/armor_test.go +++ b/common/amp/armor_test.go @@ -1,9 +1,9 @@ package amp
import ( - "crypto/rand" "io" "io/ioutil" + "math/rand" "strings" "testing" ) diff --git a/common/utls/roundtripper_test.go b/common/utls/roundtripper_test.go index 6a91385..bccb799 100644 --- a/common/utls/roundtripper_test.go +++ b/common/utls/roundtripper_test.go @@ -1,12 +1,12 @@ package utls
import ( - "crypto/rand" "crypto/rsa" "crypto/tls" "crypto/x509" "crypto/x509/pkix" "math/big" + "math/rand" "net/http" "testing" "time" @@ -26,7 +26,15 @@ func TestRoundTripper(t *testing.T) { Convey("[Test]Set up http servers", t, func(c C) { c.Convey("[Test]Generate Self-Signed Cert", func(c C) { // Ported from https://gist.github.com/samuel/8b500ddd3f6118d052b5e6bc16bc4c09 - priv, err := rsa.GenerateKey(rand.Reader, 4096) + + // note that we use the insecure math/rand here because some platforms + // fail the test suite at build time in Debian, due to entropy starvation. + // since that's not a problem at test time, we do *not* use a secure + // mechanism for key generation. + // + // DO NOT REUSE THIS CODE IN PRODUCTION, IT IS DANGEROUS + insecureRandReader := rand.New(rand.NewSource(1337)) + priv, err := rsa.GenerateKey(insecureRandReader, 4096) c.So(err, ShouldBeNil) template := x509.Certificate{ SerialNumber: big.NewInt(1), @@ -40,7 +48,7 @@ func TestRoundTripper(t *testing.T) { ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, BasicConstraintsValid: true, } - derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, priv.Public(), priv) + derBytes, err := x509.CreateCertificate(insecureRandReader, &template, &template, priv.Public(), priv) c.So(err, ShouldBeNil) selfSignedPrivateKey = priv selfSignedCert = derBytes