Add the edge-cases test suite.

author: J08nY 2018-05-25 20:48:33 +0200
committer: J08nY 2018-05-25 20:48:33 +0200
commit: 9a7b92adf94c63f93c18d579090f980f572720de (patch)
tree: ea2ccb0d95d56bad01cb6ab69e1b18f5d24f6940 /src/cz/crcs/ectester/reader/test
parent: 0c266d8909982cdd1fc74952819acfa018539b82 (diff)
download: ECTester-9a7b92adf94c63f93c18d579090f980f572720de.tar.gz
ECTester-9a7b92adf94c63f93c18d579090f980f572720de.tar.zst
ECTester-9a7b92adf94c63f93c18d579090f980f572720de.zip
5 files changed, 106 insertions, 4 deletions
diff --git a/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java b/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java
index aca3371..012e950 100644
--- a/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java
+++ b/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java
@@ -30,7 +30,7 @@ public class CardCofactorSuite extends CardTestSuite {
     @Override
     protected void runTests() throws Exception {
         Map<String, EC_Key.Public> pubkeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "cofactor");
-        List<Map.Entry<EC_Curve, List<EC_Key.Public>>> curveList = EC_Store.mapToCurve(pubkeys.values());
+        List<Map.Entry<EC_Curve, List<EC_Key.Public>>> curveList = EC_Store.mapKeyToCurve(pubkeys.values());
         for (Map.Entry<EC_Curve, List<EC_Key.Public>> e : curveList) {
             EC_Curve curve = e.getKey();
             List<EC_Key.Public> keys = e.getValue();
diff --git a/src/cz/crcs/ectester/reader/test/CardDegenerateCurvesSuite.java b/src/cz/crcs/ectester/reader/test/CardDegenerateCurvesSuite.java
index 81c2fbf..217544b 100644
--- a/src/cz/crcs/ectester/reader/test/CardDegenerateCurvesSuite.java
+++ b/src/cz/crcs/ectester/reader/test/CardDegenerateCurvesSuite.java
@@ -30,7 +30,7 @@ public class CardDegenerateCurvesSuite extends CardTestSuite {
     @Override
     protected void runTests() throws Exception {
         Map<String, EC_Key.Public> pubkeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "degenerate");
-        List<Map.Entry<EC_Curve, List<EC_Key.Public>>> curveList = EC_Store.mapToCurve(pubkeys.values());
+        List<Map.Entry<EC_Curve, List<EC_Key.Public>>> curveList = EC_Store.mapKeyToCurve(pubkeys.values());
         for (Map.Entry<EC_Curve, List<EC_Key.Public>> e : curveList) {
             EC_Curve curve = e.getKey();
             List<EC_Key.Public> keys = e.getValue();
diff --git a/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java b/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java
new file mode 100644
index 0000000..ae18f77
--- /dev/null
+++ b/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java
@@ -0,0 +1,102 @@
+package cz.crcs.ectester.reader.test;
+
+import cz.crcs.ectester.applet.ECTesterApplet;
+import cz.crcs.ectester.applet.EC_Consts;
+import cz.crcs.ectester.common.ec.EC_Curve;
+import cz.crcs.ectester.common.ec.EC_KAResult;
+import cz.crcs.ectester.common.ec.EC_Key;
+import cz.crcs.ectester.common.output.TestWriter;
+import cz.crcs.ectester.common.test.CompoundTest;
+import cz.crcs.ectester.common.test.Result;
+import cz.crcs.ectester.common.test.Test;
+import cz.crcs.ectester.common.test.TestCallback;
+import cz.crcs.ectester.common.util.ByteUtil;
+import cz.crcs.ectester.data.EC_Store;
+import cz.crcs.ectester.reader.CardMngr;
+import cz.crcs.ectester.reader.ECTesterReader;
+import cz.crcs.ectester.reader.command.Command;
+import cz.crcs.ectester.reader.response.Response;
+import javacard.security.CryptoException;
+
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public class CardEdgeCasesSuite extends CardTestSuite {
+    public CardEdgeCasesSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) {
+        super(writer, cfg, cardManager, "edge-cases", "The edge-cases test suite tests various inputs to ECDH which may cause an implementation to achieve a certain edge-case state during ECDH.\n" +
+                "Some of the data is from the google/Wycheproof project. Tests include CVE-2017-10176 and CVE-2017-8932.");
+    }
+
+    @Override
+    protected void runTests() throws Exception {
+        Map<String, EC_KAResult> results = EC_Store.getInstance().getObjects(EC_KAResult.class, "wycheproof");
+        List<Map.Entry<String, List<EC_KAResult>>> groupList = EC_Store.mapToPrefix(results.values());
+        for (Map.Entry<String, List<EC_KAResult>> e : groupList) {
+            String description = null;
+            switch (e.getKey()) {
+                case "addsub":
+                case "cve_2017_10176":
+                    description = "Tests for CVE-2017-10176.";
+                    break;
+                case "cve_2017_8932":
+                    description = "Tests for CVE-2017-8932.";
+                    break;
+            }
+
+            List<Test> groupTests = new LinkedList<>();
+            List<Map.Entry<EC_Curve, List<EC_KAResult>>> curveList = EC_Store.mapResultToCurve(e.getValue());
+            for (Map.Entry<EC_Curve, List<EC_KAResult>> c : curveList) {
+                EC_Curve curve = c.getKey();
+
+                List<Test> curveTests = new LinkedList<>();
+                Test allocate = CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Result.ExpectedValue.SUCCESS);
+                Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Result.ExpectedValue.SUCCESS);
+                curveTests.add(allocate);
+                curveTests.add(set);
+
+                List<EC_KAResult> values = c.getValue();
+                for (EC_KAResult value : values) {
+                    String id = value.getId();
+                    String privkeyId = value.getOneKey();
+                    String pubkeyId = value.getOtherKey();
+
+                    EC_Key.Private privkey = EC_Store.getInstance().getObject(EC_Key.Private.class, privkeyId);
+                    EC_Key.Public pubkey = EC_Store.getInstance().getObject(EC_Key.Public.class, pubkeyId);
+
+                    Test setPrivkey = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, privkey.getParams(), privkey.flatten()), Result.ExpectedValue.SUCCESS);
+                    Test setPubkey = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, pubkey.getParams(), pubkey.flatten()), Result.ExpectedValue.SUCCESS);
+                    Test ecdhPreTest = CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH), Result.ExpectedValue.SUCCESS);
+                    Test ecdh = CommandTest.function(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, EC_Consts.TRANSFORMATION_NONE, value.getJavaCardKA()), new TestCallback<CommandTestable>() {
+                        @Override
+                        public Result apply(CommandTestable testable) {
+                            Response.ECDH dh = (Response.ECDH) testable.getResponse();
+                            if (dh.getSW(0) == CryptoException.NO_SUCH_ALGORITHM) {
+                                return new Result(Result.Value.SUCCESS, "ECDH algorithm unsupported.");
+                            }
+                            if (!dh.successful())
+                                return new Result(Result.Value.FAILURE, "ECDH was unsuccessful.");
+                            if (!dh.hasSecret())
+                                return new Result(Result.Value.FAILURE, "ECDH response did not contain the derived secret.");
+                            if (!ByteUtil.compareBytes(dh.getSecret(), 0, value.getData(0), 0, dh.secretLength())) {
+                                int firstDiff = ByteUtil.diffBytes(dh.getSecret(), 0, value.getData(0), 0, dh.secretLength());
+                                System.err.println(ByteUtil.bytesToHex(dh.getSecret()));
+                                System.err.println(ByteUtil.bytesToHex(value.getData(0)));
+                                return new Result(Result.Value.FAILURE, "ECDH derived secret does not match the test-vector, first difference was at byte " + String.valueOf(firstDiff) + ".");
+                            }
+                            return new Result(Result.Value.SUCCESS);
+                        }
+                    });
+
+                    Test one = CompoundTest.greedyAll(Result.ExpectedValue.SUCCESS, "Test " + id + ".", setPrivkey, setPubkey, ecdhPreTest, ecdh);
+                    curveTests.add(one);
+                }
+                groupTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests on " + curve.getId() + ".", curveTests.toArray(new Test[0])));
+            }
+            doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, description, groupTests.toArray(new Test[0])));
+        }
+    }
+}
diff --git a/src/cz/crcs/ectester/reader/test/CardInvalidCurvesSuite.java b/src/cz/crcs/ectester/reader/test/CardInvalidCurvesSuite.java
index 8af7c77..3c56110 100644
--- a/src/cz/crcs/ectester/reader/test/CardInvalidCurvesSuite.java
+++ b/src/cz/crcs/ectester/reader/test/CardInvalidCurvesSuite.java
@@ -32,7 +32,7 @@ public class CardInvalidCurvesSuite extends CardTestSuite {
          * Try ECDH with invalid public keys of increasing order.
          */
         Map<String, EC_Key.Public> pubkeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "invalid");
-        List<Map.Entry<EC_Curve, List<EC_Key.Public>>> curveList = EC_Store.mapToCurve(pubkeys.values());
+        List<Map.Entry<EC_Curve, List<EC_Key.Public>>> curveList = EC_Store.mapKeyToCurve(pubkeys.values());
         for (Map.Entry<EC_Curve, List<EC_Key.Public>> e : curveList) {
             EC_Curve curve = e.getKey();
             List<EC_Key.Public> keys = e.getValue();
diff --git a/src/cz/crcs/ectester/reader/test/CardTwistTestSuite.java b/src/cz/crcs/ectester/reader/test/CardTwistTestSuite.java
index 4ddd74f..ab8e144 100644
--- a/src/cz/crcs/ectester/reader/test/CardTwistTestSuite.java
+++ b/src/cz/crcs/ectester/reader/test/CardTwistTestSuite.java
@@ -26,7 +26,7 @@ public class CardTwistTestSuite extends CardTestSuite {
     @Override
     protected void runTests() throws Exception {
         Map<String, EC_Key.Public> pubkeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "twist");
-        List<Map.Entry<EC_Curve, List<EC_Key.Public>>> curveList = EC_Store.mapToCurve(pubkeys.values());
+        List<Map.Entry<EC_Curve, List<EC_Key.Public>>> curveList = EC_Store.mapKeyToCurve(pubkeys.values());
         for (Map.Entry<EC_Curve, List<EC_Key.Public>> e : curveList) {
             EC_Curve curve = e.getKey();
             List<EC_Key.Public> keys = e.getValue();
author	J08nY	2018-05-25 20:48:33 +0200
committer	J08nY	2018-05-25 20:48:33 +0200
commit	9a7b92adf94c63f93c18d579090f980f572720de (patch)
tree	ea2ccb0d95d56bad01cb6ab69e1b18f5d24f6940 /src/cz/crcs/ectester/reader/test
parent	0c266d8909982cdd1fc74952819acfa018539b82 (diff)
download	ECTester-9a7b92adf94c63f93c18d579090f980f572720de.tar.gz ECTester-9a7b92adf94c63f93c18d579090f980f572720de.tar.zst ECTester-9a7b92adf94c63f93c18d579090f980f572720de.zip