diff options
| author | J08nY | 2017-04-15 01:27:24 +0200 |
|---|---|---|
| committer | J08nY | 2017-04-15 01:32:41 +0200 |
| commit | 914931cfea79c7947b180069b0e67cc208971869 (patch) | |
| tree | 0654e07bc134ad9bfbf7661bee076aa4c0890436 | |
| parent | 45d1bb40cbc4c71e5b94e78f3a541e8f9cd8d62f (diff) | |
| download | ECTester-914931cfea79c7947b180069b0e67cc208971869.tar.gz ECTester-914931cfea79c7947b180069b0e67cc208971869.tar.zst ECTester-914931cfea79c7947b180069b0e67cc208971869.zip | |
19 files changed, 409 insertions, 179 deletions
diff --git a/dist/ECTester.jar b/dist/ECTester.jar Binary files differindex 5a8f64b..0126533 100644 --- a/dist/ECTester.jar +++ b/dist/ECTester.jar diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index e22094b..64f3024 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -3,6 +3,7 @@ package cz.crcs.ectester.applet; import javacard.framework.CardRuntimeException; import javacard.framework.ISO7816; +import javacard.framework.Util; import javacard.security.ECPrivateKey; import javacard.security.ECPublicKey; import javacard.security.KeyAgreement; @@ -105,6 +106,34 @@ public class ECKeyTester { } /** + * + * @param privateKey + * @param publicKey + * @param pubkeyBuffer + * @param pubkeyOffset + * @param outputBuffer + * @param outputOffset + * @param corruption + * @return + */ + public short testKA(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + short ecdhLength = testECDH(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); + if (sw != ISO7816.SW_NO_ERROR) { + return ecdhLength; + } + short ecdhcLength = testECDHC(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption); + short length = (short) (ecdhLength + ecdhcLength); + if (sw != ISO7816.SW_NO_ERROR) { + return length; + } + if (Util.arrayCompare(outputBuffer, outputOffset, outputBuffer, (short)(outputOffset + ecdhLength), ecdhLength) != 0) { + sw = ECTesterApplet.SW_DH_DHC_MISMATCH; + } + return length; + + } + + /** * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. * Then checks for correct signature length. * Then tries verifying the data with {@code verifyKey}. diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index f9fb5da..98f59c4 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -63,6 +63,7 @@ public class ECTesterApplet extends Applet { // STATUS WORDS public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1; + public static final short SW_DH_DHC_MISMATCH = (short) 0x0ee2; private static final short ARRAY_LENGTH = (short) 0xff; @@ -556,7 +557,7 @@ public class ECTesterApplet extends Applet { secretLength = keyTester.testECDHC((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); break; case EC_Consts.KA_BOTH: - // TODO + secretLength = keyTester.testKA((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); @@ -589,7 +590,7 @@ public class ECTesterApplet extends Applet { short dataLength = Util.getShort(buffer, inOffset); if (dataLength == 0) { //no data to sign //generate random - dataLength = 32; + dataLength = 64; randomData.generateData(ramArray, (short) 0, dataLength); } else { Util.arrayCopyNonAtomic(buffer, (short) (inOffset + 2), ramArray, (short) 0, dataLength); @@ -636,9 +637,21 @@ public class ECTesterApplet extends Applet { */ private short support(byte[] buffer, short offset) { - Util.setShort(buffer, offset, ecdhSW); - Util.setShort(buffer, (short) (offset+2), ecdhcSW); - Util.setShort(buffer, (short) (offset+4), ecdsaSW); + if (keyTester.hasECDH()) { + Util.setShort(buffer, offset, ecdhSW); + } else { + Util.setShort(buffer, offset, ISO7816.SW_INS_NOT_SUPPORTED); + } + if (keyTester.hasECDHC()) { + Util.setShort(buffer, (short) (offset+2), ecdhcSW); + } else { + Util.setShort(buffer, (short) (offset+2), ISO7816.SW_INS_NOT_SUPPORTED); + } + if (keyTester.hasECDSA()) { + Util.setShort(buffer, (short) (offset+4), ecdsaSW); + } else { + Util.setShort(buffer, (short) (offset+4), ISO7816.SW_INS_NOT_SUPPORTED); + } return 6; } diff --git a/src/cz/crcs/ectester/data/EC_Category.java b/src/cz/crcs/ectester/data/EC_Category.java deleted file mode 100644 index 57d9ca3..0000000 --- a/src/cz/crcs/ectester/data/EC_Category.java +++ /dev/null @@ -1,72 +0,0 @@ -package cz.crcs.ectester.data; - -import cz.crcs.ectester.reader.ec.EC_Data; -import cz.crcs.ectester.reader.ec.EC_Params; - -import java.util.Collections; -import java.util.TreeMap; -import java.util.Map; - -/** - * @author Jan Jancar johny@neuromancer.sk - */ -public class EC_Category { - - private String name; - private String directory; - private String desc; - - private Map<String, EC_Data> objects; - - - public EC_Category(String name, String directory) { - this.name = name; - this.directory = directory; - } - - public EC_Category(String name, String directory, String desc) { - this(name, directory); - this.desc = desc; - } - - public EC_Category(String name, String directory, String desc, Map<String, EC_Data> objects) { - this(name, directory, desc); - this.objects = objects; - } - - public String getName() { - return name; - } - - public String getDirectory() { - return directory; - } - - public String getDesc() { - return desc; - } - - public Map<String, EC_Data> getObjects() { - return Collections.unmodifiableMap(objects); - } - - public <T extends EC_Data> Map<String, T> getObjects(Class<T> cls) { - Map<String, T> objs = new TreeMap<>(); - for (Map.Entry<String, EC_Data> entry : objects.entrySet()) { - if (cls.isInstance(entry.getValue())) { - objs.put(entry.getKey(), cls.cast(entry.getValue())); - } - } - return Collections.unmodifiableMap(objs); - } - - public <T extends EC_Data> T getObject(Class<T> cls, String id) { - EC_Data obj = objects.get(id); - if (cls.isInstance(obj)) { - return cls.cast(obj); - } else { - return null; - } - } - -} diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index abf0a9b..0571cd8 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -8,8 +8,10 @@ import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.xml.sax.ErrorHandler; +import org.xml.sax.InputSource; import org.xml.sax.SAXException; import org.xml.sax.SAXParseException; +import org.xml.sax.ext.EntityResolver2; import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; @@ -17,10 +19,10 @@ import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import javax.xml.validation.Schema; import javax.xml.validation.SchemaFactory; +import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.util.Collections; -import java.util.HashMap; import java.util.Map; import java.util.TreeMap; @@ -61,6 +63,25 @@ public class EC_Store { throw new SAXException(exception); } }); + db.setEntityResolver(new EntityResolver2() { + @Override + public InputSource getExternalSubset(String name, String baseURI) throws SAXException, IOException { + return null; + } + + @Override + public InputSource resolveEntity(String name, String publicId, String baseURI, String systemId) throws SAXException, IOException { + InputSource is = new InputSource(); + is.setSystemId(systemId); + is.setByteStream(getClass().getClass().getResourceAsStream("/cz/crcs/ectester/data/" + systemId)); + return is; + } + + @Override + public InputSource resolveEntity(String publicId, String systemId) throws SAXException, IOException { + return null; + } + }); parse(); } catch (ParserConfigurationException | SAXException e) { @@ -80,7 +101,7 @@ public class EC_Store { NodeList catList = categoriesDoc.getElementsByTagName("category"); - this.categories = new HashMap<>(catList.getLength()); + this.categories = new TreeMap<>(); for (int i = 0; i < catList.getLength(); ++i) { Node catNode = catList.item(i); if (catNode instanceof Element) { @@ -115,7 +136,6 @@ public class EC_Store { Node id = curveElem.getElementsByTagName("id").item(0); Node bits = curveElem.getElementsByTagName("bits").item(0); Node field = curveElem.getElementsByTagName("field").item(0); - Node file = curveElem.getElementsByTagName("file").item(0); NodeList descc = curveElem.getElementsByTagName("desc"); String descs = null; @@ -132,7 +152,9 @@ public class EC_Store { short bitsize = Short.parseShort(bits.getTextContent()); EC_Curve curve = new EC_Curve(bitsize, alg, descs); - if (!curve.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + + InputStream csv = parseDataElement(dir, curveElem); + if (!curve.readCSV(csv)) { throw new IOException("Invalid csv data."); } @@ -194,7 +216,6 @@ public class EC_Store { Node id = elem.getElementsByTagName("id").item(0); Node ka = elem.getElementsByTagName("ka").item(0); - Node file = elem.getElementsByTagName("file").item(0); Node curve = elem.getElementsByTagName("curve").item(0); Node onekey = elem.getElementsByTagName("onekey").item(0); Node otherkey = elem.getElementsByTagName("otherkey").item(0); @@ -213,7 +234,9 @@ public class EC_Store { } EC_KAResult kaResult = new EC_KAResult(kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs); - if (!kaResult.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + + InputStream csv = parseDataElement(dir, elem); + if (!kaResult.readCSV(csv)) { throw new IOException("Invalid csv data."); } @@ -248,12 +271,29 @@ public class EC_Store { } else { throw new SAXException("?"); } - if (!result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + + InputStream csv = parseDataElement(dir, elem); + if (!result.readCSV(csv)) { throw new IOException("Invalid CSV data."); } return result; } + private InputStream parseDataElement(String dir, Element elem) throws SAXException { + NodeList file = elem.getElementsByTagName("file"); + NodeList inline = elem.getElementsByTagName("inline"); + + InputStream csv; + if (file.getLength() == 1) { + csv = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.item(0).getTextContent()); + } else if (inline.getLength() == 1) { + csv = new ByteArrayInputStream(inline.item(0).getTextContent().getBytes()); + } else { + throw new SAXException("?"); + } + return csv; + } + public Map<String, EC_Category> getCategories() { return Collections.unmodifiableMap(categories); } diff --git a/src/cz/crcs/ectester/data/categories.xml b/src/cz/crcs/ectester/data/categories.xml index 100d962..29dcba0 100644 --- a/src/cz/crcs/ectester/data/categories.xml +++ b/src/cz/crcs/ectester/data/categories.xml @@ -32,6 +32,11 @@ <desc>Wrong field curves. These should definitely give an error when used. Since the "prime" used for the field are not prime, and the field polynomials are also not irreducible. Simply put these parameters don't specify a valid elliptic curve.</desc> </category> <category> + <name>invalid</name> + <directory>invalid</directory> + <desc></desc> + </category> + <category> <name>test</name> <directory>test</directory> <desc>Test vectors</desc> diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml b/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml new file mode 100644 index 0000000..985fab6 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml @@ -0,0 +1,108 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<pubkey> + <id>160r1-1</id> + <inline>0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0</inline> + <curve>brainpool/brainpoolP160r1</curve> + <desc>invalid order = 2</desc> +</pubkey> + +<pubkey> +<id>160r1-2</id> +<inline>0x55303e73394b0da59a85f48ad0ba78deee2df5d8,0x2874a5d9c08777c1151c87cd6d0577842ea68e13</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 3</desc> +</pubkey> + +<pubkey> +<id>160r1-3</id> +<inline>0x4381828db3ae0c10a51074929b60700f87b0337b,0x2a2a76a4af0a96106ba6fe9d2496f1908edd2a23</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 5</desc> +</pubkey> + +<pubkey> +<id>160r1-4</id> +<inline>0x68f115185e91815d9259714e7a7154300b8db314,0x3784f206684eb6c8c252ea4fe5453ff37b93eaf9</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 7</desc> +</pubkey> + +<pubkey> +<id>160r1-5</id> +<inline>0xcc521e5a0366ee48cc37e757b994afee2452015e,0x93e0e6c648b0f0b2e354425025041345beb35b3c</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 11</desc> +</pubkey> + +<pubkey> +<id>160r1-6</id> +<inline>0x2b4d92bf08d99b87767e40f46ba4ad3dc21e2302,0x72f3e483e7b2c562fba12bad2402a411af02a15c</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 13</desc> +</pubkey> + +<pubkey> +<id>160r1-7</id> +<inline>0x1397bfed0edd4c38019af46c6864d106bc1c7241,0xa78a13e065701c31796231ceeb2200b4459c92ad</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 17</desc> +</pubkey> + +<pubkey> +<id>160r1-8</id> +<inline>0x448604062905058037d0776f0111e25d44b1abe3,0x1337a58bb32dd2c34355b47dedce2014b53cb832</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 19</desc> +</pubkey> + +<pubkey> +<id>160r1-9</id> +<inline>0x64d734b3bf25c6546b963b43ece33fdc9347e66b,0xc311a5ed6b51380cada8c5c6658b633c4e40169e</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 23</desc> +</pubkey> + +<pubkey> +<id>160r1-10</id> +<inline>0x77c06cb540d349ebe61218241deb813c591f0509,0xd7eb002458fa0c38ae3528c9b3ec5e1117a84ff8</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 29</desc> +</pubkey> + +<pubkey> +<id>160r1-11</id> +<inline>0xbefde0dd07cb3ef5d189b15fd129ec564d194cf3,0x55106a2379e3eef9010f4d11239ea0d83039cb66</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 31</desc> +</pubkey> + +<pubkey> +<id>160r1-12</id> +<inline>0xe54d642cd1c68d018db437fb624b3595a5a9588c,0xae6165d75eec8e22072a0d7b800eae804e9b4136</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 37</desc> +</pubkey> + +<pubkey> +<id>160r1-13</id> +<inline>0x60d871f4fde332d00e183381d0e3cbbc586dcb80,0x10a9f5e2a238ab38a743f52645dbbff2b250a34a</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 41</desc> +</pubkey> + +<pubkey> +<id>160r1-14</id> +<inline>0x7e2901c9f5610e4230aa7a53e8553426073458e4,0x3ac1810d4beb3244d62343ea40a23324b67b442</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 43</desc> +</pubkey> + +<pubkey> +<id>160r1-15</id> +<inline>0x6b4d7bd164a2fb9fbb835a5ad5ee70adecf0cb37,0x22096241d3ec1f1ec072e10a04a731380fdedab5</inline> +<curve>brainpool/brainpoolP160r1</curve> +<desc>invalid order = 47</desc> +</pubkey> + + + diff --git a/src/cz/crcs/ectester/data/invalid/curves.xml b/src/cz/crcs/ectester/data/invalid/curves.xml deleted file mode 100644 index e87269f..0000000 --- a/src/cz/crcs/ectester/data/invalid/curves.xml +++ /dev/null @@ -1,4 +0,0 @@ -<?xml version="1.0" encoding="utf-8" ?> -<curves xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:noNamespaceSchemaLocation="../schema.xsd"> -</curves>
\ No newline at end of file diff --git a/src/cz/crcs/ectester/data/invalid/keys.xml b/src/cz/crcs/ectester/data/invalid/keys.xml new file mode 100644 index 0000000..9048518 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/keys.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE keys [ + <!ENTITY brainpool SYSTEM "invalid/brainpool/keys.xml"> + <!ENTITY nist SYSTEM "invalid/nist/keys.xml"> + <!ENTITY secg SYSTEM "invalid/secg/keys.xml"> + ]> +<keys xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:noNamespaceSchemaLocation="../schema.xsd" + category="invalid" + desc=""> + &brainpool; + &nist; + &secg; +</keys>
\ No newline at end of file diff --git a/src/cz/crcs/ectester/data/invalid/nist/keys.xml b/src/cz/crcs/ectester/data/invalid/nist/keys.xml new file mode 100644 index 0000000..5427845 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/nist/keys.xml @@ -0,0 +1,6 @@ +<pubkey> + <id>160r1-1</id> + <inline>0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0</inline> + <curve>brainpool/brainpoolP160r1</curve> + <desc>order = 2</desc> +</pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/secg/keys.xml b/src/cz/crcs/ectester/data/invalid/secg/keys.xml new file mode 100644 index 0000000..5427845 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/keys.xml @@ -0,0 +1,6 @@ +<pubkey> + <id>160r1-1</id> + <inline>0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0</inline> + <curve>brainpool/brainpoolP160r1</curve> + <desc>order = 2</desc> +</pubkey> diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd index 8f9427d..33b9acd 100644 --- a/src/cz/crcs/ectester/data/schema.xsd +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="UTF-8" ?> -<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsd="http://www.w3.org/2001/XMLSchema" +<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified"> <!-- /<category>/curves.xml --> @@ -11,12 +11,16 @@ </xs:restriction> </xs:simpleType> + <xs:element name="data" abstract="true"/> + <xs:element name="file" substitutionGroup="data" type="xs:string"/> + <xs:element name="inline" substitutionGroup="data" type="xs:string"/> + <xs:complexType name="curveType"> <xs:all> <xs:element name="id" type="xs:string"/> <xs:element name="bits" type="xs:positiveInteger"/> <xs:element name="field" type="fieldType"/> - <xs:element name="file" type="xs:string"/> + <xs:element ref="data" /> <xs:element name="desc" type="xs:string" minOccurs="0"/> </xs:all> </xs:complexType> @@ -34,7 +38,7 @@ <xs:complexType name="keyType"> <xs:all> <xs:element name="id" type="xs:string"/> - <xs:element name="file" type="xs:string"/> + <xs:element ref="data" /> <xs:element name="curve" type="xs:string"/> <xs:element name="desc" type="xs:string" minOccurs="0"/> </xs:all> @@ -65,7 +69,7 @@ <xs:all> <xs:element name="id" type="xs:string"/> <xs:element name="ka" type="kaType"/> - <xs:element name="file" type="xs:string"/> + <xs:element ref="data" /> <xs:element name="curve" type="xs:string"/> <xs:element name="onekey" type="xs:string"/> <xs:element name="otherkey" type="xs:string"/> diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index cb3d298..6965d14 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -23,7 +23,6 @@ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; -import cz.crcs.ectester.data.EC_Category; import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.reader.ec.*; import javacard.security.KeyPair; @@ -468,70 +467,18 @@ public class ECTester { if (optListNamed == null) { // print all categories, briefly for (EC_Category cat : categories.values()) { - System.out.println("\t- " + cat.getName() + ": " + (cat.getDesc() == null ? "" : cat.getDesc())); - - Map<String, EC_Curve> curves = cat.getObjects(EC_Curve.class); - int size = curves.size(); - if (size > 0) { - System.out.print("\t\tCurves: "); - for (Map.Entry<String, EC_Curve> curve : curves.entrySet()) { - System.out.print(curve.getKey()); - size--; - if (size > 0) - System.out.print(", "); - } - System.out.println(); - } - - Map<String, EC_Key> keys = cat.getObjects(EC_Key.class); - size = keys.size(); - if (size > 0) { - System.out.print("\t\tKeys: "); - for (Map.Entry<String, EC_Key> key : keys.entrySet()) { - System.out.print(key.getKey()); - size--; - if (size > 0) - System.out.print(", "); - } - System.out.println(); - } - - Map<String, EC_Keypair> keypairs = cat.getObjects(EC_Keypair.class); - size = keypairs.size(); - if (size > 0) { - System.out.print("\t\tKeypairs: "); - for (Map.Entry<String, EC_Keypair> key : keypairs.entrySet()) { - System.out.print(key.getKey()); - size--; - if (size > 0) - System.out.print(", "); - } - System.out.println(); - } - - Map<String, EC_KAResult> results = cat.getObjects(EC_KAResult.class); - size = results.size(); - if (size > 0) { - System.out.print("\t\tResults: "); - for (Map.Entry<String, EC_KAResult> result : results.entrySet()) { - System.out.print(result.getKey()); - size--; - if (size > 0) - System.out.print(", "); - } - System.out.println(); - } - - System.out.println(); + System.out.println(cat); } } else if (categories.containsKey(optListNamed)) { // print given category - //TODO + System.out.println(categories.get(optListNamed)); } else { // print given object EC_Data object = dataStore.getObject(EC_Data.class, optListNamed); if (object != null) { System.out.println(object); + } else { + System.err.println("Named object " + optListNamed + " not found!"); } } } @@ -562,9 +509,9 @@ public class ECTester { // Cofactor generally isn't set on the default curve parameters on cards, // since its not necessary for ECDH, only ECDHC which not many cards implement // TODO: check if its assumend to be == 1? - short domain_all = optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; - short domain = (short) (domain_all ^ EC_Consts.PARAMETER_K); - Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domain_all).send(); + short domainAll = optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; + short domain = (short) (domainAll ^ EC_Consts.PARAMETER_K); + Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domainAll).send(); if (!export.successful()) { export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domain).send(); } @@ -722,12 +669,13 @@ public class ECTester { // These tests are dangerous, prompt before them. System.out.println("The test you selected (" + optTestSuite + ") is potentially dangerous."); System.out.println("Some of these tests have caused temporary DoS of some cards."); - System.out.print("Do you want to proceed? (y/n):"); + System.out.print("Do you want to proceed? (y/n): "); Scanner in = new Scanner(System.in); String confirmation = in.nextLine(); if (!Arrays.asList("yes", "y", "Y").contains(confirmation)) { return; } + in.close(); if (optTestSuite.equals("wrong")) { /* Just do the default tests on the wrong curves. @@ -750,20 +698,35 @@ public class ECTester { EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); if ((curve.getBits() == optBits || optAll)) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); commands.add(new Command.Cleanup(cardManager)); } } } else if (optTestSuite.equals("invalid")) { - /* Set original curves (secg/nist/brainpool). Generate local. - * Try ECDH with invalid public keys of increasing (or decreasing) order. - * - */ - //TODO - System.err.println("Currently not yet implemented."); + /* Set original curves (secg/nist/brainpool). Generate local. + * Try ECDH with invalid public keys of increasing (or decreasing) order. + */ + Map<String, EC_Key.Public> pubkeys = dataStore.getObjects(EC_Key.Public.class, "invalid"); + for (EC_Key.Public key : pubkeys.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); + if (optNamedCurve != null && !(key.getCurve().startsWith(optNamedCurve) || key.getCurve().equals(optNamedCurve))) { + continue; + } + if (curve.getBits() != optBits && !optAll) { + continue; + } + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH)); + //commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDHC)); + commands.add(new Command.Cleanup(cardManager)); + + } } } @@ -771,14 +734,6 @@ public class ECTester { List<Response> test = Command.sendAll(commands); systemOutLogger.println(Response.toString(test, optTestSuite)); - for (Response response : test) { - if (response instanceof Response.ECDH) { - Response.ECDH ecdh = (Response.ECDH) response; - if (ecdh.hasSecret()) { - System.out.println(Util.bytesToHex(ecdh.getSecret(), false)); - } - } - } } /** @@ -1039,9 +994,8 @@ public class ECTester { } /** - * * @return - * @throws IOException if an IO error occurs when writing to key file. + * @throws IOException if an IO error occurs when writing to key file. */ private List<Command> testCurve() throws IOException { List<Command> commands = new LinkedList<>(); @@ -1056,11 +1010,10 @@ public class ECTester { } /** - * * @param category * @param field * @return - * @throws IOException if an IO error occurs when writing to key file. + * @throws IOException if an IO error occurs when writing to key file. */ private List<Command> testCurves(String category, byte field) throws IOException { List<Command> commands = new LinkedList<>(); diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index c3f2fe4..ee27260 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -137,7 +137,7 @@ public abstract class Response { if (prefix != null) out.append(prefix); - out.append(String.format("%-58s:%4d ms : %s", message, r.time / 1000000, suffix)); + out.append(String.format("%-62s:%4d ms : %s", message, r.time / 1000000, suffix)); if (i < responses.size() - 1) { out.append("\n"); } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Category.java b/src/cz/crcs/ectester/reader/ec/EC_Category.java new file mode 100644 index 0000000..a0c8755 --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_Category.java @@ -0,0 +1,128 @@ +package cz.crcs.ectester.reader.ec; + +import java.util.Collections; +import java.util.Map; +import java.util.TreeMap; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Category { + + private String name; + private String directory; + private String desc; + + private Map<String, EC_Data> objects; + + + public EC_Category(String name, String directory) { + this.name = name; + this.directory = directory; + } + + public EC_Category(String name, String directory, String desc) { + this(name, directory); + this.desc = desc; + } + + public EC_Category(String name, String directory, String desc, Map<String, EC_Data> objects) { + this(name, directory, desc); + this.objects = objects; + } + + public String getName() { + return name; + } + + public String getDirectory() { + return directory; + } + + public String getDesc() { + return desc; + } + + public Map<String, EC_Data> getObjects() { + return Collections.unmodifiableMap(objects); + } + + public <T extends EC_Data> Map<String, T> getObjects(Class<T> cls) { + Map<String, T> objs = new TreeMap<>(); + for (Map.Entry<String, EC_Data> entry : objects.entrySet()) { + if (cls.isInstance(entry.getValue())) { + objs.put(entry.getKey(), cls.cast(entry.getValue())); + } + } + return Collections.unmodifiableMap(objs); + } + + public <T extends EC_Data> T getObject(Class<T> cls, String id) { + EC_Data obj = objects.get(id); + if (cls.isInstance(obj)) { + return cls.cast(obj); + } else { + return null; + } + } + + @Override + public String toString() { + StringBuilder out = new StringBuilder(); + out.append("\t- ").append(name).append((desc == null || desc.equals("")) ? "" : ": " + desc); + out.append(System.lineSeparator()); + + Map<String, EC_Curve> curves = getObjects(EC_Curve.class); + int size = curves.size(); + if (size > 0) { + out.append("\t\tCurves: "); + for (Map.Entry<String, EC_Curve> curve : curves.entrySet()) { + out.append(curve.getKey()); + size--; + if (size > 0) + out.append(", "); + } + out.append(System.lineSeparator()); + } + + Map<String, EC_Key> keys = getObjects(EC_Key.class); + size = keys.size(); + if (size > 0) { + out.append("\t\tKeys: "); + for (Map.Entry<String, EC_Key> key : keys.entrySet()) { + out.append(key.getKey()); + size--; + if (size > 0) + out.append(", "); + } + out.append(System.lineSeparator()); + } + + Map<String, EC_Keypair> keypairs = getObjects(EC_Keypair.class); + size = keypairs.size(); + if (size > 0) { + out.append("\t\tKeypairs: "); + for (Map.Entry<String, EC_Keypair> key : keypairs.entrySet()) { + out.append(key.getKey()); + size--; + if (size > 0) + out.append(", "); + } + out.append(System.lineSeparator()); + } + + Map<String, EC_KAResult> results = getObjects(EC_KAResult.class); + size = results.size(); + if (size > 0) { + out.append("\t\tResults: "); + for (Map.Entry<String, EC_KAResult> result : results.entrySet()) { + out.append(result.getKey()); + size--; + if (size > 0) + out.append(", "); + } + out.append(System.lineSeparator()); + } + return out.toString(); + } +} diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java index 953884f..9b783ec 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -43,6 +43,6 @@ public class EC_Curve extends EC_Params { @Override public String toString() { - return "Elliptic curve (" + String.valueOf(bits) + "b): " + desc; + return "Elliptic curve (" + String.valueOf(bits) + "b)" + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java index f1be49a..1385f12 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -50,7 +50,7 @@ public class EC_KAResult extends EC_Data { @Override public String toString() { String agreement = ka == EC_Consts.KA_ECDH ? "ECDH" : "ECDHC"; - return agreement + " over " + curve + ", " + oneKey + " + " + otherKey + ": " + desc; + return agreement + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Key.java b/src/cz/crcs/ectester/reader/ec/EC_Key.java index 983ffa8..ad846b8 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Key.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Key.java @@ -40,7 +40,7 @@ public class EC_Key extends EC_Params { @Override public String toString() { - return "EC Public key, over " + getCurve() + ": " + getDesc(); + return "EC Public key, over " + getCurve() + (getDesc() == null ? "" : ": " + getDesc()); } } @@ -56,7 +56,7 @@ public class EC_Key extends EC_Params { @Override public String toString() { - return "EC Private key, over " + getCurve() + ": " + getDesc(); + return "EC Private key, over " + getCurve() + (getDesc() == null ? "" : ": " + getDesc()); } } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java index af4038a..bf87e9e 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java @@ -30,6 +30,6 @@ public class EC_Keypair extends EC_Params { @Override public String toString() { - return "EC Keypair, over " + curve + ": " + desc; + return "EC Keypair, over " + curve + (desc == null ? "" : ": " + desc); } } |