cloudflare · chris-wood · Jul 6, 2023 · Feb 7, 2023 · Jun 13, 2023 · Jun 14, 2023
diff --git a/blindsign/blindrsa/pbrsa.go b/blindsign/blindrsa/pbrsa.go
@@ -209,7 +209,10 @@ func (v PBRSAVerifier) Blind(random io.Reader, message, metadata []byte) ([]byte
 
 	// Pick a random string rand of length 32 bytes
 	rand := make([]byte, 32)
-	random.Read(rand)
+	_, err = random.Read(rand)
+	if err != nil {
+		return nil, PBRSAVerifierState{}, err
+	}
 
 	// M' = M || rand
 	msgPrime := append(rand, message...)

diff --git a/blindsign/blindrsa/pbrsa_test.go b/blindsign/blindrsa/pbrsa_test.go
@@ -4,13 +4,10 @@
 	"crypto"
 	"crypto/rand"
 	"crypto/rsa"
-	"crypto/x509"
 	"encoding/hex"
 	"encoding/json"
-	"encoding/pem"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"math/big"
 	"os"
 	"testing"
@@ -21,7 +18,7 @@
 	pbrsaTestVectorInEnvironmentKey  = "PBRSA_TEST_VECTORS_IN"
 )

 func loadStrongRSAKey() (*rsa.PrivateKey, error) {
 	// https://gist.github.com/chris-wood/b77536febb25a5a11af428afff77820a
 	pEnc := "dcd90af1be463632c0d5ea555256a20605af3db667475e190e3af12a34a3324c46a3094062c59fb4b249e0ee6afba8bee14e0276d126c99f4784b23009bf6168ff628ac1486e5ae8e23ce4d362889de4df63109cbd90ef93db5ae64372bfe1c55f832766f21e94ea3322eb2182f10a891546536ba907ad74b8d72469bea396f3"
 	qEnc := "f8ba5c89bd068f57234a3cf54a1c89d5b4cd0194f2633ca7c60b91a795a56fa8c8686c0e37b1c4498b851e3420d08bea29f71d195cfbd3671c6ddc49cf4c1db5b478231ea9d91377ffa98fe95685fca20ba4623212b2f2def4da5b281ed0100b651f6db32112e4017d831c0da668768afa7141d45bbc279f1e0f8735d74395b3"
@@ -131,7 +128,6 @@
 }
 
 type rawPBRSATestVector struct {
-	t           *testing.T
 	privateKey  *rsa.PrivateKey
 	message     []byte
 	metadata    []byte
@@ -148,28 +144,6 @@
 	return hex.EncodeToString(d)
 }
 
-func mustMarshalPrivateKey(key *rsa.PrivateKey) []byte {
-	der, err := x509.MarshalPKCS8PrivateKey(key)
-	if err != nil {
-		panic(err)
-	}
-
-	block := &pem.Block{
-		Type:  "PRIVATE KEY",
-		Bytes: der,
-	}
-
-	return pem.EncodeToMemory(block)
-}
-
-func mustMarshalPublicKey(key *rsa.PublicKey) []byte {
-	enc, err := x509.MarshalPKIXPublicKey(key)
-	if err != nil {
-		panic(err)
-	}
-	return enc
-}
-
 func (tv rawPBRSATestVector) MarshalJSON() ([]byte, error) {
 	pEnc := mustHex(tv.privateKey.Primes[0].Bytes())
 	qEnc := mustHex(tv.privateKey.Primes[1].Bytes())
@@ -244,7 +218,7 @@
 }

 func TestPBRSAGenerateTestVector(t *testing.T) {
 	var testCases = []struct {
 		msg      []byte
 		metadata []byte
 	}{
@@ -282,7 +256,7 @@
 
 	var outputFile string
 	if outputFile = os.Getenv(pbrsaTestVectorOutEnvironmentKey); len(outputFile) > 0 {
-		err := ioutil.WriteFile(outputFile, encoded, 0644)
+		err := os.WriteFile(outputFile, encoded, 0644)
 		if err != nil {
 			t.Fatalf("Error writing test vectors: %v", err)
 		}