3 files changed, 147 insertions, 43 deletions

diff --git a/src/cz/crcs/ectester/standalone/ECTesterStandalone.java b/src/cz/crcs/ectester/standalone/ECTesterStandalone.java
index 55f264b..1be0df4 100644
--- a/src/cz/crcs/ectester/standalone/ECTesterStandalone.java
+++ b/src/cz/crcs/ectester/standalone/ECTesterStandalone.java
@@ -316,6 +316,7 @@ public class ECTesterStandalone {
                 new StandaloneInvalidSuite(null, null, null),
                 new StandaloneDegenerateSuite(null, null, null),
                 new StandaloneCofactorSuite(null, null, null),
+                new StandaloneSignatureSuite(null, null, null),
                 new StandaloneCompositeSuite(null, null, null),
                 new StandaloneTwistSuite(null, null, null),
                 new StandaloneMiscSuite(null, null, null)};
@@ -764,6 +765,9 @@ public class ECTesterStandalone {
             case "invalid":
                 suite = new StandaloneInvalidSuite(writer, cfg, cli);
                 break;
+            case "signature":
+                suite = new StandaloneSignatureSuite(writer, cfg, cli);
+                break;
             case "twist":
                 suite = new StandaloneTwistSuite(writer, cfg, cli);
                 break;
diff --git a/src/cz/crcs/ectester/standalone/test/base/SignatureTestable.java b/src/cz/crcs/ectester/standalone/test/base/SignatureTestable.java
index b8db7b8..fe81b10 100644
--- a/src/cz/crcs/ectester/standalone/test/base/SignatureTestable.java
+++ b/src/cz/crcs/ectester/standalone/test/base/SignatureTestable.java
@@ -31,8 +31,15 @@ public class SignatureTestable extends StandaloneTestable<SignatureTestable.Sign
         }
     }
 
+    public SignatureTestable(Signature sig, ECPublicKey verifyKey, byte[] data, byte[] signature) {
+        this.sig = sig;
+        this.verifyKey = verifyKey;
+        this.data = data;
+        this.signature = signature;
+    }
+
     public SignatureTestable(Signature sig, KeyGeneratorTestable kgt, byte[] data) {
-        this(sig, null, null, data);
+        this(sig, (ECPrivateKey) null, null, data);
         this.kgt = kgt;
     }
 
@@ -61,55 +68,61 @@ public class SignatureTestable extends StandaloneTestable<SignatureTestable.Sign
                 verifyKey = (ECPublicKey) kgt.getKeyPair().getPublic();
             }
 
-            stage = SignatureStage.InitSign;
-            try {
-                sig.initSign(signKey);
-            } catch (InvalidKeyException e) {
-                failOnException(e);
-                return;
-            }
+            if(signKey != null) {
+                stage = SignatureStage.InitSign;
+                try {
+                    sig.initSign(signKey);
+                } catch (InvalidKeyException e) {
+                    failOnException(e);
+                    return;
+                }
 
-            stage = SignatureStage.UpdateSign;
-            try {
-                sig.update(data);
-            } catch (SignatureException e) {
-                failOnException(e);
-                return;
-            }
+                stage = SignatureStage.UpdateSign;
+                try {
+                    sig.update(data);
+                } catch (SignatureException e) {
+                    failOnException(e);
+                    return;
+                }
 
-            stage = SignatureStage.Sign;
-            try {
-                signature = sig.sign();
-            } catch (SignatureException e) {
-                failOnException(e);
-                return;
-            }
+                stage = SignatureStage.Sign;
+                try {
+                    signature = sig.sign();
+                } catch (SignatureException e) {
+                    failOnException(e);
+                    return;
+                }
 
-            stage = SignatureStage.InitVerify;
-            try {
-                sig.initVerify(verifyKey);
-            } catch (InvalidKeyException e) {
-                failOnException(e);
-                return;
+                ok = true;
             }
 
-            stage = SignatureStage.UpdateVerify;
-            try {
-                sig.update(data);
-            } catch (SignatureException e) {
-                failOnException(e);
-                return;
-            }
+            if (verifyKey != null) {
+                stage = SignatureStage.InitVerify;
+                try {
+                    sig.initVerify(verifyKey);
+                } catch (InvalidKeyException e) {
+                    failOnException(e);
+                    return;
+                }
 
-            stage = SignatureStage.Verify;
-            try {
-                verified = sig.verify(signature);
-            } catch (SignatureException e) {
-                failOnException(e);
-                return;
-            }
+                stage = SignatureStage.UpdateVerify;
+                try {
+                    sig.update(data);
+                } catch (SignatureException e) {
+                    failOnException(e);
+                    return;
+                }
+
+                stage = SignatureStage.Verify;
+                try {
+                    verified = sig.verify(signature);
+                } catch (SignatureException e) {
+                    failOnException(e);
+                    return;
+                }
 
-            ok = verified;
+                ok = verified;
+            }
         } catch (Exception ex) {
             ok = false;
             error = true;
diff --git a/src/cz/crcs/ectester/standalone/test/suites/StandaloneSignatureSuite.java b/src/cz/crcs/ectester/standalone/test/suites/StandaloneSignatureSuite.java
new file mode 100644
index 0000000..94e810e
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/test/suites/StandaloneSignatureSuite.java
@@ -0,0 +1,87 @@
+package cz.crcs.ectester.standalone.test.suites;
+
+import cz.crcs.ectester.common.cli.TreeCommandLine;
+import cz.crcs.ectester.common.ec.EC_Key;
+import cz.crcs.ectester.common.ec.EC_SigResult;
+import cz.crcs.ectester.common.output.TestWriter;
+import cz.crcs.ectester.common.test.CompoundTest;
+import cz.crcs.ectester.common.test.Result;
+import cz.crcs.ectester.common.util.ECUtil;
+import cz.crcs.ectester.data.EC_Store;
+import cz.crcs.ectester.standalone.ECTesterStandalone;
+import cz.crcs.ectester.standalone.consts.SignatureIdent;
+import cz.crcs.ectester.standalone.test.base.SignatureTest;
+import cz.crcs.ectester.standalone.test.base.SignatureTestable;
+
+import java.security.NoSuchAlgorithmException;
+import java.security.Signature;
+import java.security.interfaces.ECPublicKey;
+import java.util.*;
+
+/**
+ * @author David Hofman
+ */
+public class StandaloneSignatureSuite extends StandaloneTestSuite {
+    public StandaloneSignatureSuite(TestWriter writer, ECTesterStandalone.Config cfg, TreeCommandLine cli) {
+        super(writer, cfg, cli, "signature", "The signature test suite tests verifying various malformed and well-formed but invalid ECDSA signatures.",
+                "Supports options:", "\t - st/sig-type");
+    }
+
+    @Override
+    protected void runTests() throws Exception {
+        String sigAlgo = cli.getOptionValue("test.sig-type");
+
+        SignatureIdent sigIdent;
+        if (sigAlgo == null) {
+            // try ECDSA, if not, fail with: need to specify sig algo.
+            Optional<SignatureIdent> sigIdentOpt = cfg.selected.getSigs().stream()
+                    .filter((ident) -> ident.contains("ECDSA"))
+                    .findFirst();
+            if (sigIdentOpt.isPresent()) {
+                sigIdent = sigIdentOpt.get();
+            } else {
+                System.err.println("The default Signature algorithm type of \"ECDSA\" was not found. Need to specify a type.");
+                return;
+            }
+        } else {
+            // try the specified, if not, fail with: wrong sig algo/not found.
+            Optional<SignatureIdent> sigIdentOpt = cfg.selected.getSigs().stream()
+                    .filter((ident) -> ident.contains(sigAlgo))
+                    .findFirst();
+            if (sigIdentOpt.isPresent()) {
+                sigIdent = sigIdentOpt.get();
+            } else {
+                System.err.println("The Signature algorithm type of \"" + sigAlgo + "\" was not found.");
+                return;
+            }
+        }
+
+        Map<String, EC_SigResult> results = EC_Store.getInstance().getObjects(EC_SigResult.class, "wrong");
+        Map<String, List<EC_SigResult>> groups = EC_Store.mapToPrefix(results.values());
+
+        List<EC_SigResult> nok = groups.entrySet().stream().filter((e) -> e.getKey().equals("nok")).findFirst().get().getValue();
+
+        byte[] data = "Some stuff that is not the actual data".getBytes();
+        for (EC_SigResult sig : nok) {
+            ecdsaTest(sig, sigIdent, Result.ExpectedValue.FAILURE, data);
+        }
+
+        List<EC_SigResult> ok = groups.entrySet().stream().filter((e) -> e.getKey().equals("ok")).findFirst().get().getValue();
+        for (EC_SigResult sig : ok) {
+            ecdsaTest(sig, sigIdent, Result.ExpectedValue.SUCCESS, null);
+        }
+    }
+
+    private void ecdsaTest(EC_SigResult sig, SignatureIdent sigIdent, Result.ExpectedValue expected, byte[] defaultData) throws NoSuchAlgorithmException {
+        ECPublicKey ecpub = ECUtil.toPublicKey(EC_Store.getInstance().getObject(EC_Key.Public.class, sig.getVerifyKey()));
+
+        byte[] data = sig.getSigData();
+        if (data == null) {
+            data = defaultData;
+        }
+
+        Signature signature = sigIdent.getInstance(cfg.selected.getProvider());
+        SignatureTestable testable = new SignatureTestable(signature, ecpub, data, sig.getData(0));
+        doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "ECDSA test of " + sig.getId() + ".", SignatureTest.expectError(testable, expected)));
+    }
+}