crypto: fix megacheck warnings (#14917)

* crypto: fix megacheck warnings

* crypto/ecies: remove ASN.1 support

crypto/ecies/ecies_test.go

@@ -37,7 +37,6 @@ import (
 	"encoding/hex"
 	"flag"
 	"fmt"
-	"io/ioutil"
 	"math/big"
 	"testing"
 
@@ -63,8 +62,7 @@ func TestKDF(t *testing.T) {
 		t.FailNow()
 	}
 	if len(k) != 64 {
-		fmt.Printf("KDF: generated key is the wrong size (%d instead of 64\n",
-			len(k))
+		fmt.Printf("KDF: generated key is the wrong size (%d instead of 64\n", len(k))
 		t.FailNow()
 	}
 }
@@ -74,14 +72,9 @@ var ErrBadSharedKeys = fmt.Errorf("ecies: shared keys don't match")
 // cmpParams compares a set of ECIES parameters. We assume, as per the
 // docs, that AES is the only supported symmetric encryption algorithm.
 func cmpParams(p1, p2 *ECIESParams) bool {
-	if p1.hashAlgo != p2.hashAlgo {
-		return false
-	} else if p1.KeyLen != p2.KeyLen {
-		return false
-	} else if p1.BlockSize != p2.BlockSize {
-		return false
-	}
-	return true
+	return p1.hashAlgo == p2.hashAlgo &&
+		p1.KeyLen == p2.KeyLen &&
+		p1.BlockSize == p2.BlockSize
 }
 
 // cmpPublic returns true if the two public keys represent the same pojnt.
@@ -212,118 +205,6 @@ func TestTooBigSharedKey(t *testing.T) {
 	}
 }
 
-// Ensure a public key can be successfully marshalled and unmarshalled, and
-// that the decoded key is the same as the original.
-func TestMarshalPublic(t *testing.T) {
-	prv, err := GenerateKey(rand.Reader, DefaultCurve, nil)
-	if err != nil {
-		t.Fatalf("GenerateKey error: %s", err)
-	}
-
-	out, err := MarshalPublic(&prv.PublicKey)
-	if err != nil {
-		t.Fatalf("MarshalPublic error: %s", err)
-	}
-
-	pub, err := UnmarshalPublic(out)
-	if err != nil {
-		t.Fatalf("UnmarshalPublic error: %s", err)
-	}
-
-	if !cmpPublic(prv.PublicKey, *pub) {
-		t.Fatal("ecies: failed to unmarshal public key")
-	}
-}
-
-// Ensure that a private key can be encoded into DER format, and that
-// the resulting key is properly parsed back into a public key.
-func TestMarshalPrivate(t *testing.T) {
-	prv, err := GenerateKey(rand.Reader, DefaultCurve, nil)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	out, err := MarshalPrivate(prv)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	if dumpEnc {
-		ioutil.WriteFile("test.out", out, 0644)
-	}
-
-	prv2, err := UnmarshalPrivate(out)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	if !cmpPrivate(prv, prv2) {
-		fmt.Println("ecdh: private key import failed")
-		t.FailNow()
-	}
-}
-
-// Ensure that a private key can be successfully encoded to PEM format, and
-// the resulting key is properly parsed back in.
-func TestPrivatePEM(t *testing.T) {
-	prv, err := GenerateKey(rand.Reader, DefaultCurve, nil)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	out, err := ExportPrivatePEM(prv)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	if dumpEnc {
-		ioutil.WriteFile("test.key", out, 0644)
-	}
-
-	prv2, err := ImportPrivatePEM(out)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	} else if !cmpPrivate(prv, prv2) {
-		fmt.Println("ecdh: import from PEM failed")
-		t.FailNow()
-	}
-}
-
-// Ensure that a public key can be successfully encoded to PEM format, and
-// the resulting key is properly parsed back in.
-func TestPublicPEM(t *testing.T) {
-	prv, err := GenerateKey(rand.Reader, DefaultCurve, nil)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	out, err := ExportPublicPEM(&prv.PublicKey)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	if dumpEnc {
-		ioutil.WriteFile("test.pem", out, 0644)
-	}
-
-	pub2, err := ImportPublicPEM(out)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	} else if !cmpPublic(prv.PublicKey, *pub2) {
-		fmt.Println("ecdh: import from PEM failed")
-		t.FailNow()
-	}
-}
-
 // Benchmark the generation of P256 keys.
 func BenchmarkGenerateKeyP256(b *testing.B) {
 	for i := 0; i < b.N; i++ {
@@ -437,74 +318,27 @@ func TestDecryptShared2(t *testing.T) {
 	}
 }
 
-// TestMarshalEncryption validates the encode/decode produces a valid
-// ECIES encryption key.
-func TestMarshalEncryption(t *testing.T) {
-	prv1, err := GenerateKey(rand.Reader, DefaultCurve, nil)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	out, err := MarshalPrivate(prv1)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	prv2, err := UnmarshalPrivate(out)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	message := []byte("Hello, world.")
-	ct, err := Encrypt(rand.Reader, &prv2.PublicKey, message, nil, nil)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	pt, err := prv2.Decrypt(rand.Reader, ct, nil, nil)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-	if !bytes.Equal(pt, message) {
-		fmt.Println("ecies: plaintext doesn't match message")
-		t.FailNow()
-	}
-
-	_, err = prv1.Decrypt(rand.Reader, ct, nil, nil)
-	if err != nil {
-		fmt.Println(err.Error())
-		t.FailNow()
-	}
-
-}
-
 type testCase struct {
 	Curve    elliptic.Curve
 	Name     string
-	Expected bool
+	Expected *ECIESParams
 }
 
 var testCases = []testCase{
 	{
 		Curve:    elliptic.P256(),
 		Name:     "P256",
-		Expected: true,
+		Expected: ECIES_AES128_SHA256,
 	},
 	{
 		Curve:    elliptic.P384(),
 		Name:     "P384",
-		Expected: true,
+		Expected: ECIES_AES256_SHA384,
 	},
 	{
 		Curve:    elliptic.P521(),
 		Name:     "P521",
-		Expected: true,
+		Expected: ECIES_AES256_SHA512,
 	},
 }
 
@@ -519,10 +353,10 @@ func TestParamSelection(t *testing.T) {
 
 func testParamSelection(t *testing.T, c testCase) {
 	params := ParamsFromCurve(c.Curve)
-	if params == nil && c.Expected {
+	if params == nil && c.Expected != nil {
 		fmt.Printf("%s (%s)\n", ErrInvalidParams.Error(), c.Name)
 		t.FailNow()
-	} else if params != nil && !c.Expected {
+	} else if params != nil && !cmpParams(params, c.Expected) {
 		fmt.Printf("ecies: parameters should be invalid (%s)\n",
 			c.Name)
 		t.FailNow()