Skip to content

x/crypto/openpgp/clearsign: TestMultiSign fails with "random source is broken" at Go tip #70682

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dmitshur opened this issue Dec 4, 2024 · 5 comments
Closed

x/crypto/openpgp/clearsign: TestMultiSign fails with "random source is broken" at Go tip #70682

dmitshur opened this issue Dec 4, 2024 · 5 comments
Labels
FixPending Issues that have a fix which has not yet been reviewed or submitted. NeedsFix The path to resolution is known, but the work has not been done. Soon This needs action soon. (recent regressions, service outages, unusual time-sensitive situations) Testing An issue that has been verified to require only test changes, not just a test failure.
Milestone
Unreleased

Comments

@dmitshur
Copy link
Member

dmitshur commented Dec 4, 2024

At Go tip, TestMultiSign fails when run without -short flag, including on first class ports like linux/amd64:

=== RUN   TestMultiSign
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
    clearsign_test.go:155: cannot create key: rsa: generated p == q, random source is broken
--- FAIL: TestMultiSign (6.93s)

(E.g., build 8729461560583552209.)

Though it started failing earlier, as of go.dev/cl/632477, with a different error ("clearsign_test.go:155: cannot create key: crypto/rsa: decryption error").

CC @FiloSottile, @rolandshoemaker.
@dmitshur dmitshur added NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. Soon This needs action soon. (recent regressions, service outages, unusual time-sensitive situations) labels Dec 4, 2024
@dmitshur dmitshur added this to the Unreleased milestone Dec 4, 2024
@gabyhelp
Copy link

gabyhelp commented Dec 4, 2024

Related Issues

Related Code Changes

(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)

@FiloSottile FiloSottile added the Testing An issue that has been verified to require only test changes, not just a test failure. label Dec 4, 2024
@FiloSottile
Copy link
Contributor

The test is indeed broken, and needs fixing.

@rolandshoemaker
Copy link
Member

It's unclear if that test actually needs to generate deterministic keys? rand.Reader should just be fast enough for this use case, surely?

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/633655 mentions this issue: openpgp/clearsign: just use rand.Reader

@dmitshur dmitshur added NeedsFix The path to resolution is known, but the work has not been done. FixPending Issues that have a fix which has not yet been reviewed or submitted. and removed NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. labels Dec 4, 2024
@dmitshur
Copy link
Member Author

dmitshur commented Dec 4, 2024
edited
Loading

Thanks for the quick fix! The monthly golang.org/x tagging workflow ran into this, and the fix enabled it to keep going (https://go.googlesource.com/crypto/+/refs/tags/v0.30.0).

@dmitshur dmitshur mentioned this issue Dec 5, 2024
Closed
mdosch added a commit to mdosch/go-crypto that referenced this issue Feb 22, 2025
@mdosch
openpgp/clearsign: just use rand.Reader in tests
5bf7dd6 
See
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098562
golang/go#70682
golang/crypto@7042ebc
@mdosch mdosch mentioned this issue Feb 22, 2025
Merged
lubux pushed a commit to mdosch/go-crypto that referenced this issue Feb 27, 2025
@mdosch @lubux
openpgp/clearsign: just use rand.Reader in tests
2b2dbe9 
See
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098562
golang/go#70682
golang/crypto@7042ebc
lubux added a commit to ProtonMail/go-crypto that referenced this issue Feb 27, 2025
@lubux
Merge pull request #276 from mdosch/fix-random-source-is-broken
44ef98c 
openpgp/clearsign: just use rand.Reader in tests

See
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098562
golang/go#70682
golang/crypto@7042ebc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
FixPending Issues that have a fix which has not yet been reviewed or submitted. NeedsFix The path to resolution is known, but the work has not been done. Soon This needs action soon. (recent regressions, service outages, unusual time-sensitive situations) Testing An issue that has been verified to require only test changes, not just a test failure.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
5 participants
@FiloSottile @dmitshur @rolandshoemaker @gopherbot @gabyhelp