diff options
| author | J08nY | 2024-08-07 20:59:22 +0200 |
|---|---|---|
| committer | J08nY | 2024-08-07 20:59:22 +0200 |
| commit | c447744282771b4922faf3fbd4080ed7b31adc02 (patch) | |
| tree | 0e767ae74bbbe822d57a3c09b06030135092a39d | |
| parent | 50c576e0f28eac393985073d7d91dac1262bf5da (diff) | |
| download | ECTester-c447744282771b4922faf3fbd4080ed7b31adc02.tar.gz ECTester-c447744282771b4922faf3fbd4080ed7b31adc02.tar.zst ECTester-c447744282771b4922faf3fbd4080ed7b31adc02.zip | |
3 files changed, 162 insertions, 53 deletions
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java index 44fc1b4..dc61192 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java @@ -193,7 +193,14 @@ public class ECTesterStandalone { Option outputRaw = Option.builder("o").longOpt("output").desc("Output CSV into file <output_file>.").hasArgs().argName("output_file").optionalArg(false).numberOfArgs(1).build(); Option quiet = Option.builder("q").longOpt("quiet").desc("Do not output to stdout.").build(); Option timeSource = Option.builder("ts").longOpt("time-source").desc("Use a given native timing source: {rdtsc, monotonic, monotonic-raw, cputime-process, cputime-thread}").hasArgs().argName("source").optionalArg(false).numberOfArgs(1).build(); - Option prngSeed = Option.builder("ps").longOpt("prng-seed").desc("Use a deterministic PRNG with the given seed (hexadecimal).").hasArgs().argName("seed").optionalArg(false).numberOfArgs(1).build(); + Option prngSeed = Option.builder("ps").longOpt("prng-seed").desc("Use a deterministic PRNG with the given [seed] (hexadecimal) in the library.").hasArgs().argName("seed").optionalArg(false).numberOfArgs(1).build(); + Option file = Option.builder("f").longOpt("file").hasArg().argName("file").optionalArg(false).desc("Input [file] to sign.").build(); + Option message = Option.builder("d").longOpt("data").desc("Sign the given [message].").hasArgs().argName("message").optionalArg(false).numberOfArgs(1).build(); + Option messageSeed = Option.builder("ds").longOpt("data-seed").desc("Use a deterministic PRNG with the given [seed] (hexadecimal) to generate the messages.").hasArgs().argName("seed").optionalArg(false).numberOfArgs(1).build(); + OptionGroup ecdsaMessage = new OptionGroup(); + ecdsaMessage.addOption(file); + ecdsaMessage.addOption(message); + ecdsaMessage.addOption(messageSeed); Options testOpts = new Options(); testOpts.addOption(bits); @@ -241,7 +248,7 @@ public class ECTesterStandalone { ecdsaOpts.addOption(Option.builder().longOpt("fixed").desc("Perform all ECDSA with fixed keypair.").build()); ecdsaOpts.addOption(Option.builder("t").longOpt("type").desc("Set Signature object [type].").hasArg().argName("type").optionalArg(false).build()); ecdsaOpts.addOption(Option.builder("n").longOpt("amount").hasArg().argName("amount").optionalArg(false).desc("Do ECDSA [amount] times.").build()); - ecdsaOpts.addOption(Option.builder("f").longOpt("file").hasArg().argName("file").optionalArg(false).desc("Input [file] to sign.").build()); + ecdsaOpts.addOptionGroup(ecdsaMessage); ParserOptions ecdsa = new ParserOptions(new DefaultParser(), ecdsaOpts, "Perform EC based Signature."); actions.put("ecdsa", ecdsa); @@ -558,8 +565,9 @@ public class ECTesterStandalone { random = new SecureRandom(); } - byte[] data; - String dataString; + byte[] data = null; + String dataString = null; + SecureRandom dataRandom = null; if (cli.hasOption("ecdsa.file")) { String fileName = cli.getOptionValue("ecdsa.file"); File in = new File(fileName); @@ -569,11 +577,15 @@ public class ECTesterStandalone { } data = Files.readAllBytes(in.toPath()); dataString = ""; + } else if (cli.hasOption("ecdsa.data")) { + dataString = cli.getOptionValue("ecdsa.data"); + data = ByteUtil.hexToBytes(dataString); + } else if (cli.hasOption("ecdsa.data-seed")) { + String seedString = cli.getOptionValue("ecdsa.prng-seed"); + byte[] seed = ByteUtil.hexToBytes(seedString, true); + dataRandom = Util.getRandom(seed); } else { - Random dataRandom = new Random(); - data = new byte[32]; - dataRandom.nextBytes(data); - dataString = ByteUtil.bytesToHex(data, false); + dataRandom = new SecureRandom(); } String algo = cli.getOptionValue("ecdsa.type", "ECDSA"); @@ -679,6 +691,11 @@ public class ECTesterStandalone { } } + if (dataRandom != null) { + data = dataRandom.generateSeed(16); + dataString = ByteUtil.bytesToHex(data, false); + } + sig.initSign(privkey, random); sig.update(data); diff --git a/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java b/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java index 6e8ec76..1ff9556 100644 --- a/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java +++ b/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java @@ -1,6 +1,5 @@ package cz.crcs.ectester.standalone; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; @@ -10,11 +9,9 @@ import org.junitpioneer.jupiter.StdOut; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.PrintStream; -import java.util.Arrays; import java.util.Collections; import java.util.LinkedList; import java.util.List; -import java.util.stream.Collectors; import java.util.stream.Stream; import static org.junit.jupiter.api.Assertions.*; @@ -91,48 +88,6 @@ public class AppTests { @ParameterizedTest @MethodSource("libs") @StdIo() - public void deterministicGenerate(String libName, StdOut out) { - String[] args = new String[]{"generate", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-n", "10", "-nc", "secg/secp256r1", libName}; - switch (libName) { - case "Botan": - args = new String[]{"generate", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-n", "10", "-nc", "secg/secp256r1", "-t", "ECDH", libName}; - break; - case "Crypto++": - args = new String[]{"generate", "-ps", "12345678", "-n", "10", "-nc", "secg/secp256r1", "-t", "ECDH", libName}; - break; - case "Nettle": - case "libgcrypt": - case "wolfCrypt": - args = new String[]{"generate", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-n", "10", "-cn", "secp256r1", libName}; - break; - case "BoringSSL": - args = new String[]{"generate", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-n", "10", "-cn", "prime256v1", libName}; - break; - case "mbedTLS": - args = new String[]{"generate", "-ps", "12345678", "-n", "10", "-nc", "secg/secp256r1", libName}; - break; - } - ECTesterStandalone.main(args); - String out1 = out.capturedString(); - ECTesterStandalone.main(args); - String out2 = out.capturedString().substring(out1.length()); - if (!out1.contains(";")) - return; - List<String> lines1 = out1.lines().collect(Collectors.toList()); - List<String> lines2 = out2.lines().collect(Collectors.toList()); - assertEquals(lines1.size(), lines2.size()); - for (int i = 0; i < lines1.size(); ++i) { - String[] parts1 = lines1.get(i).split(";"); - String[] parts2 = lines2.get(i).split(";"); - assertEquals(parts1[2], parts2[2]); - assertEquals(parts1[3], parts2[3]); - } - } - - @SuppressWarnings("JUnitMalformedDeclaration") - @ParameterizedTest - @MethodSource("libs") - @StdIo() public void defaultSuite(String libName, StdOut out) { String[] args = buildCLIArgs(libName, "default"); if (libName.equals("Botan") || libName.equals("Crypto++")) { diff --git a/standalone/src/test/java/cz/crcs/ectester/standalone/DeterministicTests.java b/standalone/src/test/java/cz/crcs/ectester/standalone/DeterministicTests.java new file mode 100644 index 0000000..de9e65f --- /dev/null +++ b/standalone/src/test/java/cz/crcs/ectester/standalone/DeterministicTests.java @@ -0,0 +1,137 @@ +package cz.crcs.ectester.standalone; + +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.MethodSource; +import org.junitpioneer.jupiter.StdIo; +import org.junitpioneer.jupiter.StdOut; + +import java.util.Arrays; +import java.util.List; +import java.util.stream.Collectors; +import java.util.stream.Stream; + +import static org.junit.jupiter.api.Assertions.assertEquals; + +public class DeterministicTests { + + static Stream<String> libs() { + return Stream.of("Botan", "BouncyCastle", "Crypto++", "IPPCP", "mbedTLS", "Nettle", "OpenSSL", "SunEC", "tomcrypt"); + } + + @SuppressWarnings("JUnitMalformedDeclaration") + @ParameterizedTest + @MethodSource("libs") + @StdIo() + public void generate(String libName, StdOut out) { + String[] args = new String[]{"generate", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-n", "10", "-nc", "secg/secp256r1", libName}; + switch (libName) { + case "Botan": + args = new String[]{"generate", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-n", "10", "-nc", "secg/secp256r1", "-t", "ECDH", libName}; + break; + case "Crypto++": + args = new String[]{"generate", "-ps", "12345678", "-n", "10", "-nc", "secg/secp256r1", "-t", "ECDH", libName}; + break; + case "Nettle": + args = new String[]{"generate", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-n", "10", "-cn", "secp256r1", libName}; + break; + case "mbedTLS": + args = new String[]{"generate", "-ps", "12345678", "-n", "10", "-nc", "secg/secp256r1", libName}; + break; + } + ECTesterStandalone.main(args); + String out1 = out.capturedString(); + ECTesterStandalone.main(args); + String out2 = out.capturedString().substring(out1.length()); + if (!out1.contains(";")) + return; + List<String> lines1 = out1.lines().collect(Collectors.toList()); + List<String> lines2 = out2.lines().collect(Collectors.toList()); + assertEquals(lines1.size(), lines2.size()); + for (int i = 0; i < lines1.size(); ++i) { + String[] parts1 = lines1.get(i).split(";"); + String[] parts2 = lines2.get(i).split(";"); + assertEquals(parts1[2], parts2[2]); + assertEquals(parts1[3], parts2[3]); + } + } + + @SuppressWarnings("JUnitMalformedDeclaration") + @ParameterizedTest + @MethodSource("libs") + @StdIo() + public void ecdh(String libName, StdOut out) { + String[] args = new String[]{"ecdh", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-n", "10", "-nc", "secg/secp256r1", libName}; + switch (libName) { + case "Nettle": + args = new String[]{"ecdh", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-n", "10", "-cn", "secp256r1", libName}; + break; + case "Crypto++": + args = new String[]{"ecdh", "-ps", "12345678", "-n", "10", "-nc", "secg/secp256r1", "-t", "ECDH", libName}; + break; + case "mbedTLS": + args = new String[]{"ecdh", "-ps", "12345678", "-n", "10", "-nc", "secg/secp256r1", libName}; + break; + } + ECTesterStandalone.main(args); + String out1 = out.capturedString(); + ECTesterStandalone.main(args); + String out2 = out.capturedString().substring(out1.length()); + if (!out1.contains(";")) + return; + List<String> lines1 = out1.lines().collect(Collectors.toList()); + List<String> lines2 = out2.lines().collect(Collectors.toList()); + assertEquals(lines1.size(), lines2.size()); + for (int i = 0; i < lines1.size(); ++i) { + String[] parts1 = lines1.get(i).split(";"); + String[] parts2 = lines2.get(i).split(";"); + assertEquals(parts1[2], parts2[2]); // pubkey + assertEquals(parts1[3], parts2[3]); // privkey + assertEquals(parts1[4], parts2[4]); // secret + } + } + + @SuppressWarnings("JUnitMalformedDeclaration") + @ParameterizedTest + @MethodSource("libs") + @StdIo() + public void ecdsa(String libName, StdOut out) { + String[] args = new String[]{"ecdsa", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-d", "1234", "-n", "10", "-nc", "secg/secp256r1", libName}; + switch (libName) { + case "Nettle": + args = new String[]{"ecdsa", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-d", "1234", "-n", "10", "-cn", "secp256r1", "-t", "NONEwithECDSA", libName}; + break; + case "OpenSSL": + case "tomcrypt": + args = new String[]{"ecdsa", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-d", "1234", "-n", "10", "-nc", "secg/secp256r1", "-t", "NONEwithECDSA", libName}; + break; + case "IPPCP": + // TODO: Weird, IPPCP cannot sign less than 4 bytes. + args = new String[]{"ecdsa", "-ps", "123412341234123412341234123412341234123412341234123412341234123412341234123412341234123412341234", "-d", "12345678", "-n", "10", "-nc", "secg/secp256r1", "-t", "NONEwithECDSA", libName}; + break; + case "Crypto++": + args = new String[]{"ecdsa", "-ps", "12345678", "-d", "1234", "-n", "10", "-nc", "secg/secp256r1", "-t", "ECDSA", libName}; + break; + case "mbedTLS": + args = new String[]{"ecdsa", "-ps", "12345678", "-d", "1234", "-n", "10", "-nc", "secg/secp256r1", "-t", "NONEwithECDSA", libName}; + break; + } + ECTesterStandalone.main(args); + String out1 = out.capturedString(); + ECTesterStandalone.main(args); + String out2 = out.capturedString().substring(out1.length()); + if (!out1.contains(";")) + return; + List<String> lines1 = out1.lines().collect(Collectors.toList()); + List<String> lines2 = out2.lines().collect(Collectors.toList()); + assertEquals(lines1.size(), lines2.size()); + for (int i = 0; i < lines1.size(); ++i) { + String[] parts1 = lines1.get(i).split(";"); + String[] parts2 = lines2.get(i).split(";"); + assertEquals(parts1[3], parts2[3]); // data + assertEquals(parts1[4], parts2[4]); // pubkey + assertEquals(parts1[5], parts2[5]); // privkey + assertEquals(parts1[6], parts2[6]); // signature + assertEquals(parts1[7], parts2[7]); // nonce + } + } +} |