diff options
| author | J08nY | 2018-08-12 17:34:18 +0200 |
|---|---|---|
| committer | J08nY | 2018-08-12 17:34:18 +0200 |
| commit | 6d1c1b920ce719bfe7998618648daa1f20859f2c (patch) | |
| tree | aee887bcba3aaa12d4ca81235e0f00e58c66a7e3 | |
| parent | 926b8aa8a67fa646a195f3ce66734ec2b331bdae (diff) | |
| download | ECTester-6d1c1b920ce719bfe7998618648daa1f20859f2c.tar.gz ECTester-6d1c1b920ce719bfe7998618648daa1f20859f2c.tar.zst ECTester-6d1c1b920ce719bfe7998618648daa1f20859f2c.zip | |
| -rw-r--r-- | src/cz/crcs/ectester/common/ec/EC_Data.java | 2 | ||||
| -rw-r--r-- | src/cz/crcs/ectester/common/ec/EC_SigResult.java | 22 | ||||
| -rw-r--r-- | src/cz/crcs/ectester/data/EC_Store.java | 7 | ||||
| -rw-r--r-- | src/cz/crcs/ectester/data/schema.xsd | 1 | ||||
| -rw-r--r-- | src/cz/crcs/ectester/data/wrong/keys.xml | 12 | ||||
| -rw-r--r-- | src/cz/crcs/ectester/data/wrong/results.xml | 71 | ||||
| -rw-r--r-- | src/cz/crcs/ectester/reader/test/CardSignatureSuite.java | 37 |
7 files changed, 117 insertions, 35 deletions
diff --git a/src/cz/crcs/ectester/common/ec/EC_Data.java b/src/cz/crcs/ectester/common/ec/EC_Data.java index abe6e93..14ae1c5 100644 --- a/src/cz/crcs/ectester/common/ec/EC_Data.java +++ b/src/cz/crcs/ectester/common/ec/EC_Data.java @@ -95,7 +95,7 @@ public abstract class EC_Data implements Comparable<EC_Data> { return null; } - private static byte[] parse(String param) { + protected static byte[] parse(String param) { byte[] data; if (param.startsWith("0x") || param.startsWith("0X")) { data = ByteUtil.hexToBytes(param.substring(2)); diff --git a/src/cz/crcs/ectester/common/ec/EC_SigResult.java b/src/cz/crcs/ectester/common/ec/EC_SigResult.java index 0595944..f1ab0f5 100644 --- a/src/cz/crcs/ectester/common/ec/EC_SigResult.java +++ b/src/cz/crcs/ectester/common/ec/EC_SigResult.java @@ -13,23 +13,25 @@ public class EC_SigResult extends EC_Data { private String signKey; private String verifyKey; + private String data; private String desc; - public EC_SigResult(String sig, String curve, String signKey, String verifyKey) { + public EC_SigResult(String sig, String curve, String signKey, String verifyKey, String raw) { super(1); this.sig = sig; this.curve = curve; this.signKey = signKey; this.verifyKey = verifyKey; + this.data = raw; } - public EC_SigResult(String id, String sig, String curve, String signKey, String verifyKey) { - this(sig, curve, signKey, verifyKey); + public EC_SigResult(String id, String sig, String curve, String signKey, String verifyKey, String data) { + this(sig, curve, signKey, verifyKey, data); this.id = id; } - public EC_SigResult(String id, String sig, String curve, String signKey, String verifyKey, String desc) { - this(id, sig, curve, signKey, verifyKey); + public EC_SigResult(String id, String sig, String curve, String signKey, String verifyKey, String data, String desc) { + this(id, sig, curve, signKey, verifyKey, data); this.desc = desc; } @@ -53,13 +55,21 @@ public class EC_SigResult extends EC_Data { return verifyKey; } + public byte[] getSigData() { + if (data == null) { + return null; + } else { + return parse(data); + } + } + public String getDesc() { return desc; } @Override public String toString() { - return "<" + getId() + "> " + sig + " result over " + curve + ", " + signKey + " + " + verifyKey + (desc == null ? "" : ": " + desc) + System.lineSeparator() + super.toString(); + return "<" + getId() + "> " + sig + " result over " + curve + ", " + signKey + " + " + verifyKey + (data == null ? "" : " of data \"" + data + "\"") + (desc == null ? "" : ": " + desc) + System.lineSeparator() + super.toString(); } } diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index 3eaef27..f1d4260 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -245,8 +245,13 @@ public class EC_Store { Node sig = elem.getElementsByTagName("sig").item(0); Node signkey = elem.getElementsByTagName("signkey").item(0); Node verifykey = elem.getElementsByTagName("verifykey").item(0); + NodeList datas = elem.getElementsByTagName("raw"); + String data = null; + if (datas.getLength() != 0) { + data = datas.item(0).getTextContent(); + } - result = new EC_SigResult(id.getTextContent(), sig.getTextContent(), curve.getTextContent(), signkey.getTextContent(), verifykey.getTextContent()); + result = new EC_SigResult(id.getTextContent(), sig.getTextContent(), curve.getTextContent(), signkey.getTextContent(), verifykey.getTextContent(), data, descs); } else { throw new SAXException("?"); } diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd index 631d2f2..99c9b76 100644 --- a/src/cz/crcs/ectester/data/schema.xsd +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -95,6 +95,7 @@ <xs:element name="id" type="xs:string"/> <xs:element name="sig" type="sigType"/> <xs:element ref="data"/> + <xs:element name="raw" type="xs:string" minOccurs="0"/> <xs:element name="curve" type="xs:string"/> <xs:element name="signkey" type="xs:string"/> <xs:element name="verifykey" type="xs:string"/> diff --git a/src/cz/crcs/ectester/data/wrong/keys.xml b/src/cz/crcs/ectester/data/wrong/keys.xml index a122bc1..4be8b4d 100644 --- a/src/cz/crcs/ectester/data/wrong/keys.xml +++ b/src/cz/crcs/ectester/data/wrong/keys.xml @@ -13,4 +13,16 @@ <curve>secg/secp256r1</curve> <desc>A random private key for default_pub.</desc> </privkey> + <pubkey> + <id>negated_pub</id> + <inline>0x116d77bea845d4bd0204cb8b954c957431c23a7111a0eda94d41a3c774260e37,0x6a766ad133dfcb42634c9bee3a61768703bf581531a23d6927396c5da49c8696</inline> + <curve>secg/secp256r1</curve> + <desc>A negation of default_pub(public key for negated_priv).</desc> + </pubkey> + <privkey> + <id>negated_priv</id> + <inline>0x6d2c8a50443dcc44649fedb00852069c2b6c4331aaf25a6c63aa4f1ddfdd5948</inline> + <curve>secg/secp256r1</curve> + <desc>A negation of default_priv(private key for negated_pub).</desc> + </privkey> </keys>
\ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/results.xml b/src/cz/crcs/ectester/data/wrong/results.xml index a1ac470..385bc38 100644 --- a/src/cz/crcs/ectester/data/wrong/results.xml +++ b/src/cz/crcs/ectester/data/wrong/results.xml @@ -2,139 +2,176 @@ <results xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../schema.xsd"> <sigResult> - <id>random</id> + <id>ok/random</id> + <sig>SHA1</sig> + <inline>0x304402203988322ab9f52c7f11d5d1aa92a2ac0b00275bcad8e934682257323fda672482022052231597382268e8f3b82b99e386ebb7c7db1a8b4a8bdacd496190314e4c5bad</inline> + <raw>0xABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABAB</raw> + <curve>secg/secp256r1</curve> + <signkey>wrong/default_priv</signkey> + <verifykey>wrong/default_pub</verifykey> + <desc>A correct signature by the default key.</desc> + </sigResult> + <sigResult> + <id>nok/random_negated</id> + <sig>SHA1</sig> + <inline>0x304402203988322ab9f52c7f11d5d1aa92a2ac0b00275bcad8e934682257323fda672482022052231597382268e8f3b82b99e386ebb7c7db1a8b4a8bdacd496190314e4c5bad</inline> + <raw>0xABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABAB</raw> + <curve>secg/secp256r1</curve> + <signkey>wrong/negated_priv</signkey> + <verifykey>wrong/negated_pub</verifykey> + <desc>A signature made by the default key, to be verified by the negated one.</desc> + </sigResult> + <sigResult> + <id>nok/random</id> <sig>SHA1</sig> <inline>0x30440220e641671e6415629dc8398e35ae1362cb647f293a92553b1594d57fff58df302c02206baafface035e3758eea0dd9ef734976c70b6dd06f4d81d33f5e28bfb8730624</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>A random, well-formed but invalid signature.</desc> </sigResult> <sigResult> - <id>r0</id> + <id>nok/r0</id> <sig>SHA1</sig> <inline>0x3044022000000000000000000000000000000000000000000000000000000000000000000220d0837b07fe63d225733391e6808a081fd8aeb1359511feba7ca4f266727f968e</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature with r = 0.</desc> </sigResult> <sigResult> - <id>s0</id> + <id>nok/s0</id> <sig>SHA1</sig> <inline>0x304402206bea66d439da6b0b4a0e45b51e76d53336f27f7aa8e35f2008b77a8e021eff0a02200000000000000000000000000000000000000000000000000000000000000000</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature with s = 0.</desc> </sigResult> <sigResult> - <id>r1</id> + <id>nok/r1</id> <sig>SHA1</sig> <inline>0x3044022000000000000000000000000000000000000000000000000000000000000000010220e660f19ddc20a30adda6ca175577b492e238ef8734b904a31045d453825974d4</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature with r = 1.</desc> </sigResult> <sigResult> - <id>s1</id> + <id>nok/s1</id> <sig>SHA1</sig> <inline>0x30440220d30ab3301d7132edbead77c0d622bbb7be8626c9ac5ee6c536281e6c18e79ab002200000000000000000000000000000000000000000000000000000000000000001</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature with s = 1.</desc> </sigResult> <sigResult> - <id>r0s0</id> + <id>nok/r0s0</id> <sig>SHA1</sig> <inline>0x30440220000000000000000000000000000000000000000000000000000000000000000002200000000000000000000000000000000000000000000000000000000000000000</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature with r = 0 and s = 0.</desc> </sigResult> <sigResult> - <id>r0s1</id> + <id>nok/r0s1</id> <sig>SHA1</sig> <inline>0x30440220000000000000000000000000000000000000000000000000000000000000000002200000000000000000000000000000000000000000000000000000000000000001</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature with r = 0 and s = 1.</desc> </sigResult> <sigResult> - <id>r1s0</id> + <id>nok/r1s0</id> <sig>SHA1</sig> <inline>0x30440220000000000000000000000000000000000000000000000000000000000000000102200000000000000000000000000000000000000000000000000000000000000000</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature with r = 1 and s = 0.</desc> </sigResult> <sigResult> - <id>r1s1</id> + <id>nok/r1s1</id> <sig>SHA1</sig> <inline>0x30440220000000000000000000000000000000000000000000000000000000000000000102200000000000000000000000000000000000000000000000000000000000000001</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature with r = 1 and s = 1.</desc> </sigResult> <sigResult> - <id>sp</id> + <id>nok/sp</id> <sig>SHA1</sig> <inline>0x30440220fc48281b60b73752f3e20c25e8a06b335122d5890db28d2969d3145fcd384e7b0220ffffffff00000001000000000000000000000000ffffffffffffffffffffffff</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature s = p.</desc> </sigResult> <sigResult> - <id>s2p</id> + <id>nok/s2p</id> <sig>SHA1</sig> <inline>0x30450220feba982489753a51a69fd582673d2e62b6b07cc6374237c1424f1e469cb00a98022101fffffffe00000002000000000000000000000001fffffffffffffffffffffffe</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Well-formed invalid signature with s = 2 * p.</desc> </sigResult> <sigResult> - <id>long</id> + <id>nok/long</id> <sig>SHA1</sig> <inline>0x30420220e641671e6415629dc8398e35ae1362cb647f293a92553b1594d57fff58df302c02206baafface035e3758eea0dd9ef734976c70b6dd06f4d81d33f5e28bfb8730624</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Invalid signature, that is longer than specified in its ASN.1 SEQUENCE length header.</desc> </sigResult> <sigResult> - <id>short</id> + <id>nok/short</id> <sig>SHA1</sig> <inline>0x30460220e641671e6415629dc8398e35ae1362cb647f293a92553b1594d57fff58df302c02206baafface035e3758eea0dd9ef734976c70b6dd06f4d81d33f5e28bfb8730624</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Invalid signature, that is shorter than specified in its ASN.1 SEQUENCE length header.</desc> </sigResult> <sigResult> - <id>long_r</id> + <id>nok/long_r</id> <sig>SHA1</sig> <inline>0x3044021ee641671e6415629dc8398e35ae1362cb647f293a92553b1594d57fff58df302c02206baafface035e3758eea0dd9ef734976c70b6dd06f4d81d33f5e28bfb8730624</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Invalid signature, where r is longer than specified in its ASN.1 length header.</desc> </sigResult> <sigResult> - <id>long_s</id> + <id>nok/long_s</id> <sig>SHA1</sig> <inline>0x30440220e641671e6415629dc8398e35ae1362cb647f293a92553b1594d57fff58df302c021e6baafface035e3758eea0dd9ef734976c70b6dd06f4d81d33f5e28bfb8730624</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Invalid signature, where s is longer than specified in its ASN.1 length header.</desc> </sigResult> <sigResult> - <id>short_r</id> + <id>nok/short_r</id> <sig>SHA1</sig> <inline>0x30440222e641671e6415629dc8398e35ae1362cb647f293a92553b1594d57fff58df302c02206baafface035e3758eea0dd9ef734976c70b6dd06f4d81d33f5e28bfb8730624</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Invalid signature, where r is shorter than specified in its ASN.1 length header.</desc> </sigResult> <sigResult> - <id>short_s</id> + <id>nok/short_s</id> <sig>SHA1</sig> <inline>0x30440220e641671e6415629dc8398e35ae1362cb647f293a92553b1594d57fff58df302c02226baafface035e3758eea0dd9ef734976c70b6dd06f4d81d33f5e28bfb8730624</inline> <curve>secg/secp256r1</curve> <signkey>wrong/default_priv</signkey> <verifykey>wrong/default_pub</verifykey> + <desc>Invalid signature, where s is shorter than specified in its ASN.1 length header.</desc> </sigResult> </results>
\ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/test/CardSignatureSuite.java b/src/cz/crcs/ectester/reader/test/CardSignatureSuite.java index 23b6bce..d8f335f 100644 --- a/src/cz/crcs/ectester/reader/test/CardSignatureSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardSignatureSuite.java @@ -14,6 +14,7 @@ import cz.crcs.ectester.reader.CardMngr; import cz.crcs.ectester.reader.ECTesterReader; import cz.crcs.ectester.reader.command.Command; +import java.util.List; import java.util.Map; /** @@ -27,19 +28,35 @@ public class CardSignatureSuite extends CardTestSuite { @Override protected void runTests() throws Exception { Map<String, EC_SigResult> results = EC_Store.getInstance().getObjects(EC_SigResult.class, "wrong"); - for (Map.Entry<String, EC_SigResult> result : results.entrySet()) { - EC_SigResult sig = result.getValue(); + List<Map.Entry<String, List<EC_SigResult>>> groupList = EC_Store.mapToPrefix(results.values()); - EC_Key.Public pubkey = EC_Store.getInstance().getObject(EC_Key.Public.class, sig.getVerifyKey()); - byte[] data = new byte[128]; + List<EC_SigResult> nok = groupList.stream().filter((e) -> e.getKey().equals("nok")).findFirst().get().getValue(); - EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, sig.getCurve()); - Test allocate = CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_LOCAL, curve.getBits(), curve.getField()), Result.ExpectedValue.SUCCESS); - Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Result.ExpectedValue.SUCCESS); - Test setVerifyKey = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, pubkey.getParams(), pubkey.flatten()), Result.ExpectedValue.SUCCESS); - Test ecdsaVerify = CommandTest.expect(new Command.ECDSA_verify(this.card, ECTesterApplet.KEYPAIR_LOCAL, sig.getJavaCardSig(), data, sig.getData(0)), Result.ExpectedValue.FAILURE); + byte[] data = "Some stuff that is not the actual data".getBytes(); + for (EC_SigResult sig : nok) { + ecdsaTest(sig, Result.ExpectedValue.FAILURE, data); + } - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "ECDSA test of " + result.getKey() + ".", allocate, set, setVerifyKey, ecdsaVerify)); + List<EC_SigResult> ok = groupList.stream().filter((e) -> e.getKey().equals("ok")).findFirst().get().getValue(); + for (EC_SigResult sig : ok) { + ecdsaTest(sig, Result.ExpectedValue.SUCCESS, null); } } + + private void ecdsaTest(EC_SigResult sig, Result.ExpectedValue expected, byte[] defaultData) { + EC_Key.Public pubkey = EC_Store.getInstance().getObject(EC_Key.Public.class, sig.getVerifyKey()); + + byte[] data = sig.getSigData(); + if (data == null) { + data = defaultData; + } + + EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, sig.getCurve()); + Test allocate = CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_LOCAL, curve.getBits(), curve.getField()), Result.ExpectedValue.SUCCESS); + Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Result.ExpectedValue.SUCCESS); + Test setVerifyKey = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, pubkey.getParams(), pubkey.flatten()), Result.ExpectedValue.SUCCESS); + Test ecdsaVerify = CommandTest.expect(new Command.ECDSA_verify(this.card, ECTesterApplet.KEYPAIR_LOCAL, sig.getJavaCardSig(), data, sig.getData(0)), expected); + + doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "ECDSA test of " + sig.getId() + ".", allocate, set, setVerifyKey, ecdsaVerify)); + } } |