Add XDH and EdDSA keygen.

3 files changed, 58 insertions, 11 deletions

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index ab2a2ee..8ad7bcd 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -88,7 +88,7 @@ jobs:
 
     strategy:
       matrix:
-        java: [ "11", "17", "21" ]
+        java: [ "17", "21" ]
     env:
       # ffs: https://github.com/adoptium/adoptium-support/issues/485 !!!
       # also, add the wolfcrypt JNI path
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java
index c702dee..bf9a9ef 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java
@@ -37,11 +37,14 @@ import cz.crcs.ectester.standalone.consts.KeyPairGeneratorIdent;
 import cz.crcs.ectester.standalone.consts.SignatureIdent;
 import cz.crcs.ectester.standalone.libs.*;
 import cz.crcs.ectester.standalone.output.FileTestWriter;
-import cz.crcs.ectester.standalone.output.TextTestWriter;
-import cz.crcs.ectester.standalone.output.XMLTestWriter;
-import cz.crcs.ectester.standalone.output.YAMLTestWriter;
 import cz.crcs.ectester.standalone.test.suites.*;
 import org.apache.commons.cli.*;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import org.bouncycastle.jcajce.interfaces.EdDSAPrivateKey;
+import org.bouncycastle.jcajce.interfaces.EdDSAPublicKey;
+import org.bouncycastle.jcajce.interfaces.XDHPrivateKey;
+import org.bouncycastle.jcajce.interfaces.XDHPublicKey;
 
 import javax.crypto.KeyAgreement;
 import javax.crypto.SecretKey;
@@ -55,8 +58,7 @@ import java.math.BigInteger;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.security.*;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
+import java.security.interfaces.*;
 import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.ECGenParameterSpec;
 import java.security.spec.ECParameterSpec;
@@ -158,6 +160,8 @@ public class ECTesterStandalone {
                 listIdents();
             } else if (cli.isNext("ecdh")) {
                 ecdh();
+            } else if (cli.isNext("xdh")) {
+                xdh();
             } else if (cli.isNext("ecdsa")) {
                 ecdsa();
             } else if (cli.isNext("generate")) {
@@ -232,6 +236,11 @@ public class ECTesterStandalone {
         ParserOptions ecdh = new ParserOptions(new DefaultParser(), ecdhOpts, "Perform EC based KeyAgreement.");
         actions.put("ecdh", ecdh);
 
+        Options xdhOpts = new Options();
+        xdhOpts.addOption(Option.builder("n").longOpt("amount").hasArg().argName("amount").optionalArg(false).desc("Do XDH [amount] times.").build());
+        ParserOptions xdh = new ParserOptions(new DefaultParser(), xdhOpts, "Perform XDH (x25519/x448).");
+        actions.put("xdh", xdh);
+
         Options ecdsaOpts = new Options();
         ecdsaOpts.addOption(bits);
         ecdsaOpts.addOption(namedCurve);
@@ -512,6 +521,10 @@ public class ECTesterStandalone {
         }
     }
 
+    private void xdh() {
+
+    }
+
     /**
      *
      */
@@ -744,11 +757,36 @@ public class ECTesterStandalone {
             if (!lib.getNativeTimingSupport().isEmpty()) {
                 elapsed = lib.getLastNativeTiming();
             }
-            ECPublicKey publicKey = (ECPublicKey) kp.getPublic();
-            ECPrivateKey privateKey = (ECPrivateKey) kp.getPrivate();
-
-            String pub = ByteUtil.bytesToHex(ECUtil.toX962Uncompressed(publicKey.getW(), publicKey.getParams()), false);
-            String priv = ByteUtil.bytesToHex(privateKey.getS().toByteArray(), false);
+            PublicKey pubkey = kp.getPublic();
+            PrivateKey privkey = kp.getPrivate();
+            String pub;
+            String priv;
+            if (pubkey instanceof ECPublicKey && privkey instanceof ECPrivateKey) {
+                ECPublicKey publicKey = (ECPublicKey) pubkey;
+                ECPrivateKey privateKey = (ECPrivateKey) privkey;
+                pub = ByteUtil.bytesToHex(ECUtil.toX962Uncompressed(publicKey.getW(), publicKey.getParams()), false);
+                priv = ByteUtil.bytesToHex(privateKey.getS().toByteArray(), false);
+            } else if (pubkey instanceof XECPublicKey && privkey instanceof XECPrivateKey) {
+                pub = ByteUtil.bytesToHex(((XECPublicKey) pubkey).getU().toByteArray(), false);
+                priv = ByteUtil.bytesToHex(((XECPrivateKey) privkey).getScalar().get(), false);
+            } else if (pubkey instanceof EdECPublicKey && privkey instanceof EdECPrivateKey) {
+                pub = ByteUtil.bytesToHex(((EdECPublicKey) pubkey).getPoint().getY().toByteArray(), false);
+                priv = ByteUtil.bytesToHex(((EdECPrivateKey) privkey).getBytes().get(), false);
+            } else if (pubkey instanceof XDHPublicKey && privkey instanceof XDHPrivateKey) {
+                // Special-case BouncyCastle XDH
+                pub = ByteUtil.bytesToHex(((XDHPublicKey) pubkey).getU().toByteArray(), false);
+                PrivateKeyInfo pkinfo = PrivateKeyInfo.getInstance(privkey.getEncoded());
+                priv = ByteUtil.bytesToHex(ASN1OctetString.getInstance(pkinfo.getPrivateKey().getOctets()).getOctets(), false);
+            } else if (pubkey instanceof EdDSAPublicKey && privkey instanceof EdDSAPrivateKey) {
+                // Special-case BouncyCastle EdDSA
+                pub = ByteUtil.bytesToHex(((EdDSAPublicKey) pubkey).getPointEncoding(), false);
+                PrivateKeyInfo pkinfo = PrivateKeyInfo.getInstance(privkey.getEncoded());
+                priv = ByteUtil.bytesToHex(ASN1OctetString.getInstance(pkinfo.getPrivateKey().getOctets()).getOctets(), false);
+            } else {
+                System.err.println(pubkey.getClass().getCanonicalName());
+                System.err.println(privkey.getClass().getCanonicalName());
+                break;
+            }
             out.printf("%d;%d;%s;%s%n", i, elapsed, pub, priv);
         }
 
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/consts/KeyPairGeneratorIdent.java b/standalone/src/main/java/cz/crcs/ectester/standalone/consts/KeyPairGeneratorIdent.java
index 83eef75..49b982b 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/consts/KeyPairGeneratorIdent.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/consts/KeyPairGeneratorIdent.java
@@ -11,6 +11,7 @@ public class KeyPairGeneratorIdent extends Ident {
     private static final List<KeyPairGeneratorIdent> ALL = new LinkedList<>();
 
     static {
+        // Short-Weierstrass
         ALL.add(new KeyPairGeneratorIdent("EC"));
         ALL.add(new KeyPairGeneratorIdent("ECDH"));
         ALL.add(new KeyPairGeneratorIdent("ECDSA"));
@@ -22,6 +23,14 @@ public class KeyPairGeneratorIdent extends Ident {
         ALL.add(new KeyPairGeneratorIdent("ECKCDSA"));
         // ECGDSA? Botan provides.
         ALL.add(new KeyPairGeneratorIdent("ECGDSA"));
+        // Montgomery
+        ALL.add(new KeyPairGeneratorIdent("XDH"));
+        ALL.add(new KeyPairGeneratorIdent("X25519"));
+        ALL.add(new KeyPairGeneratorIdent("X448"));
+        // Twisted-Edwards
+        ALL.add(new KeyPairGeneratorIdent("EdDSA"));
+        ALL.add(new KeyPairGeneratorIdent("Ed25519"));
+        ALL.add(new KeyPairGeneratorIdent("Ed448"));
     }
 
     public static KeyPairGeneratorIdent get(String ident) {