Implement collecting of supported KeyAgreement and Signature objects.

9 files changed, 353 insertions, 14 deletions

diff --git a/src/cz/crcs/ectester/standalone/ECTesterStandalone.java b/src/cz/crcs/ectester/standalone/ECTesterStandalone.java
index d2cbce1..47b7121 100644
--- a/src/cz/crcs/ectester/standalone/ECTesterStandalone.java
+++ b/src/cz/crcs/ectester/standalone/ECTesterStandalone.java
@@ -1,12 +1,15 @@
 package cz.crcs.ectester.standalone;
 
-import cz.crcs.ectester.common.Util;
 import cz.crcs.ectester.applet.EC_Consts;
 import cz.crcs.ectester.common.ec.EC_Curve;
 import cz.crcs.ectester.data.EC_Store;
+import cz.crcs.ectester.standalone.libs.BouncyCastleLib;
+import cz.crcs.ectester.standalone.libs.ECLibrary;
+import cz.crcs.ectester.standalone.libs.SunECLib;
 import org.apache.commons.cli.*;
 
 import java.io.IOException;
+import java.util.Arrays;
 
 /**
  * Standalone part of ECTester, a tool for testing Elliptic curve implementations in software libraries.
@@ -16,6 +19,7 @@ import java.io.IOException;
  */
 public class ECTesterStandalone {
 
+    private ECLibrary[] libs = new ECLibrary[]{new SunECLib(), new BouncyCastleLib()};
     private EC_Store dataStore;
     private Config cfg;
 
@@ -40,9 +44,17 @@ public class ECTesterStandalone {
 
             cfg = new Config();
             dataStore = new EC_Store();
+            for (ECLibrary lib : libs) {
+                lib.initialize();
+                lib.getECKAs();
+                lib.getECSigs();
+            }
+            System.out.println(Arrays.toString(libs));
 
             if (cli.hasOption("generate")) {
                 generate();
+            } else if (cli.hasOption("libs")) {
+                listLibraries();
             }
 
         } catch (ParseException | IOException ex) {
@@ -56,6 +68,7 @@ public class ECTesterStandalone {
         actions.addOption(Option.builder("V").longOpt("version").desc("Print version info.").build());
         actions.addOption(Option.builder("h").longOpt("help").desc("Print help.").build());
         actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build());
+        actions.addOption(Option.builder("ls").longOpt("libs").desc("List supported libraries.").build());
         opts.addOptionGroup(actions);
 
         CommandLineParser parser = new DefaultParser();
@@ -88,6 +101,17 @@ public class ECTesterStandalone {
 
     }
 
+    /**
+     *
+     */
+    private void listLibraries() {
+        for (ECLibrary lib : libs) {
+            if (lib.isInitialized()) {
+                System.out.println(lib.name());
+            }
+        }
+    }
+
     public static void main(String[] args) {
         ECTesterStandalone app = new ECTesterStandalone();
         app.run(args);
diff --git a/src/cz/crcs/ectester/standalone/consts/Ident.java b/src/cz/crcs/ectester/standalone/consts/Ident.java
new file mode 100644
index 0000000..3228c37
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/consts/Ident.java
@@ -0,0 +1,41 @@
+package cz.crcs.ectester.standalone.consts;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Set;
+import java.util.TreeSet;
+
+public abstract class Ident {
+    private Set<String> idents;
+
+    public Ident(String... names) {
+        this.idents = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
+        this.idents.addAll(Arrays.asList(names));
+    }
+
+    public Set<String> getIdents() {
+        return Collections.unmodifiableSet(idents);
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (this == obj) {
+            return true;
+        }
+        if (!(obj instanceof Ident)) {
+            return false;
+        }
+        Ident other = (Ident) obj;
+        return idents.equals(other.getIdents());
+    }
+
+    @Override
+    public int hashCode() {
+        return idents.hashCode() + 37;
+    }
+
+    @Override
+    public String toString() {
+        return "(" + String.join("|", idents) + ")";
+    }
+}
diff --git a/src/cz/crcs/ectester/standalone/consts/KeyAgreementIdent.java b/src/cz/crcs/ectester/standalone/consts/KeyAgreementIdent.java
new file mode 100644
index 0000000..9dc9797
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/consts/KeyAgreementIdent.java
@@ -0,0 +1,53 @@
+package cz.crcs.ectester.standalone.consts;
+
+import java.util.LinkedList;
+import java.util.List;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public class KeyAgreementIdent extends Ident {
+    private static final List<KeyAgreementIdent> ALL = new LinkedList<>();
+
+    static {
+        //https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html
+        // Basic ECDH and ECDHC (plain/raw)
+        ALL.add(new KeyAgreementIdent("ECDH"));
+        ALL.add(new KeyAgreementIdent("ECDHC", "ECCDH"));
+        // ECDH and ECDHC with SHA as KDF, OIDs from RFC 3278
+        ALL.add(new KeyAgreementIdent("ECDHwithSHA1KDF", "1.3.133.16.840.63.0.2"));
+        ALL.add(new KeyAgreementIdent("ECCDHwithSHA1KDF", "1.3.133.16.840.63.0.3"));
+        ALL.add(new KeyAgreementIdent("ECDHwithSHA224KDF", "1.3.132.1.11.0"));
+        ALL.add(new KeyAgreementIdent("ECCDHwithSHA224KDF", "1.3.132.1.14.0"));
+        ALL.add(new KeyAgreementIdent("ECDHwithSHA256KDF", "1.3.132.1.11.1"));
+        ALL.add(new KeyAgreementIdent("ECCDHwithSHA256KDF", "1.3.132.1.14.1"));
+        ALL.add(new KeyAgreementIdent("ECDHwithSHA384KDF", "1.3.132.1.11.2"));
+        ALL.add(new KeyAgreementIdent("ECCDHwithSHA384KDF", "1.3.132.1.14.2"));
+        ALL.add(new KeyAgreementIdent("ECDHwithSHA512KDF", "1.3.132.1.11.3"));
+        ALL.add(new KeyAgreementIdent("ECCDHwithSHA512KDF", "1.3.132.1.14.3"));
+        // ECMQV
+        ALL.add(new KeyAgreementIdent("ECMQV"));
+        ALL.add(new KeyAgreementIdent("ECMQVwithSHA1CKDF", "1.3.133.16.840.63.0.16"));
+        ALL.add(new KeyAgreementIdent("ECMQVwithSHA224CKDF", "1.3.132.1.15.0"));
+        ALL.add(new KeyAgreementIdent("ECMQVwithSHA256CKDF", "1.3.132.1.15.1"));
+        ALL.add(new KeyAgreementIdent("ECMQVwithSHA384CKDF", "1.3.132.1.15.2"));
+        ALL.add(new KeyAgreementIdent("ECMQVwithSHA512CKDF", "1.3.132.1.15.3"));
+        // ECVKO
+        ALL.add(new KeyAgreementIdent("ECVKO", "ECGOST3410", "1.2.643.2.2.19", "GOST-3410-2001", "1.2.643.2.2.96"));
+        ALL.add(new KeyAgreementIdent("ECVKO256", "ECGOST3410-2012-256", "1.2.643.7.1.1.6.1", "1.2.643.7.1.1.1.1"));
+        ALL.add(new KeyAgreementIdent("ECVKO512", "ECGOST3410-2012-512", "1.2.643.7.1.1.6.2", "1.2.643.7.1.1.1.2"));
+    }
+
+    public static KeyAgreementIdent get(String ident) {
+        for (KeyAgreementIdent ka : ALL) {
+            if (ka.getIdents().contains(ident)) {
+                return ka;
+            }
+        }
+        return null;
+    }
+
+    private KeyAgreementIdent(String... names) {
+        super(names);
+    }
+}
diff --git a/src/cz/crcs/ectester/standalone/consts/SignatureIdent.java b/src/cz/crcs/ectester/standalone/consts/SignatureIdent.java
new file mode 100644
index 0000000..b41e9e4
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/consts/SignatureIdent.java
@@ -0,0 +1,77 @@
+package cz.crcs.ectester.standalone.consts;
+
+import java.util.LinkedList;
+import java.util.List;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public class SignatureIdent extends Ident {
+    private static final List<SignatureIdent> ALL = new LinkedList<>();
+
+    static {
+        //https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html
+        // ECDSA
+        ALL.add(new SignatureIdent("ECDSA", "SHA1withECDSA", "ECDSAwithSHA1", "1.2.840.10045.4.1", "1.3.36.3.3.2.1"));
+        ALL.add(new SignatureIdent("NONEwithECDSA"));
+        ALL.add(new SignatureIdent("SHA224withECDSA", "SHA224/ECDSA", "1.2.840.10045.4.3.1"));
+        ALL.add(new SignatureIdent("SHA256withECDSA", "SHA256/ECDSA", "1.2.840.10045.4.3.2"));
+        ALL.add(new SignatureIdent("SHA384withECDSA", "SHA384/ECDSA", "1.2.840.10045.4.3.3"));
+        ALL.add(new SignatureIdent("SHA512withECDSA", "SHA512/ECDSA", "1.2.840.10045.4.3.4"));
+        ALL.add(new SignatureIdent("SHA3-224withECDSA", "SHA3-224/ECDSA", "2.16.840.1.101.3.4.3.9"));
+        ALL.add(new SignatureIdent("SHA3-256withECDSA", "SHA3-256/ECDSA", "2.16.840.1.101.3.4.3.10"));
+        ALL.add(new SignatureIdent("SHA3-384withECDSA", "SHA3-384/ECDSA", "2.16.840.1.101.3.4.3.11"));
+        ALL.add(new SignatureIdent("SHA3-512withECDSA", "SHA3-512/ECDSA", "2.16.840.1.101.3.4.3.12"));
+        ALL.add(new SignatureIdent("RIPEMD160withECDSA", "RIPEMD160/ECDSA", "1.3.36.3.3.2.2"));
+        // ECNR
+        ALL.add(new SignatureIdent("SHA1withECNR"));
+        ALL.add(new SignatureIdent("SHA224withECNR"));
+        ALL.add(new SignatureIdent("SHA256withECNR"));
+        ALL.add(new SignatureIdent("SHA512withECNR"));
+        // CVC-ECDSA
+        ALL.add(new SignatureIdent("SHA1withCVC-ECDSA", "SHA1/CVC-ECDSA", "0.4.0.127.0.7.2.2.2.2.1"));
+        ALL.add(new SignatureIdent("SHA224withCVC-ECDSA", "SHA224/CVC-ECDSA", "0.4.0.127.0.7.2.2.2.2.2"));
+        ALL.add(new SignatureIdent("SHA256withCVC-ECDSA", "SHA256/CVC-ECDSA", "0.4.0.127.0.7.2.2.2.2.3"));
+        ALL.add(new SignatureIdent("SHA384withCVC-ECDSA", "SHA384/CVC-ECDSA", "0.4.0.127.0.7.2.2.2.2.4"));
+        ALL.add(new SignatureIdent("SHA512withCVC-ECDSA", "SHA512/CVC-ECDSA", "0.4.0.127.0.7.2.2.2.2.5"));
+        // PLAIN-ECDSA
+        ALL.add(new SignatureIdent("SHA1withPLAIN-ECDSA", "SHA1/PLAIN-ECDSA", "0.4.0.127.0.7.1.1.4.1.1"));
+        ALL.add(new SignatureIdent("SHA224withPLAIN-ECDSA", "SHA224/PLAIN-ECDSA", "0.4.0.127.0.7.1.1.4.1.2"));
+        ALL.add(new SignatureIdent("SHA256withPLAIN-ECDSA", "SHA256/PLAIN-ECDSA", "0.4.0.127.0.7.1.1.4.1.3"));
+        ALL.add(new SignatureIdent("SHA384withPLAIN-ECDSA", "SHA384/PLAIN-ECDSA", "0.4.0.127.0.7.1.1.4.1.4"));
+        ALL.add(new SignatureIdent("SHA512withPLAIN-ECDSA", "SHA512/PLAIN-ECDSA", "0.4.0.127.0.7.1.1.4.1.5"));
+        ALL.add(new SignatureIdent("RIPEMD160withPLAIN-ECDSA", "RIPEMD160/PLAIN-ECDSA", "0.4.0.127.0.7.1.1.4.1.6"));
+        // ECGOST
+        ALL.add(new SignatureIdent("ECGOST3410", "ECGOST-3410", "GOST-3410-2001"));
+        ALL.add(new SignatureIdent("GOST3411withECGOST3410", "GOST3411/ECGOST3410", "1.2.643.2.2.3"));
+        ALL.add(new SignatureIdent("ECGOST3410-2012-256", "GOST-3410-2012-256"));
+        ALL.add(new SignatureIdent("GOST3411-2012-256withECGOST3410-2012-256", "GOST3411-2012-256/ECGOST3410-2012-2560", "1.2.643.7.1.1.3.2"));
+        ALL.add(new SignatureIdent("ECGOST3410-2012-512", "GOST-3410-2012-512"));
+        ALL.add(new SignatureIdent("GOST3411-2012-512withECGOST3410-2012-512", "GOST3411-2012-512/ECGOST3410-2012-5120", "1.2.643.7.1.1.3.3"));
+        ALL.add(new SignatureIdent("SM3withSM2"));
+        // ECDDSA
+        ALL.add(new SignatureIdent("ECDDSA", "DETECDSA", "ECDETDSA"));
+        ALL.add(new SignatureIdent("SHA1withECDDSA", "SHA1withDETECDSA"));
+        ALL.add(new SignatureIdent("SHA224withECDDSA", "SHA224withDETECDSA"));
+        ALL.add(new SignatureIdent("SHA256withECDDSA", "SHA256withDETECDSA"));
+        ALL.add(new SignatureIdent("SHA384withECDDSA", "SHA384withDETECDSA"));
+        ALL.add(new SignatureIdent("SHA512withECDDSA", "SHA512withDETECDSA"));
+        ALL.add(new SignatureIdent("SHA3-224withECDDSA", "SHA3-224withDETECDSA"));
+        ALL.add(new SignatureIdent("SHA3-256withECDDSA", "SHA3-256withDETECDSA"));
+        ALL.add(new SignatureIdent("SHA3-384withECDDSA", "SHA3-384withDETECDSA"));
+        ALL.add(new SignatureIdent("SHA3-512withECDDSA", "SHA3-512withDETECDSA"));
+    }
+
+    public static SignatureIdent get(String ident) {
+        for (SignatureIdent sig : ALL) {
+            if (sig.getIdents().contains(ident)) {
+                return sig;
+            }
+        }
+        return null;
+    }
+
+    private SignatureIdent(String... names) {
+        super(names);
+    }
+}
diff --git a/src/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java b/src/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java
index 78da737..73cd197 100644
--- a/src/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java
+++ b/src/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java
@@ -1,21 +1,14 @@
 package cz.crcs.ectester.standalone.libs;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
-import java.security.Security;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
-public class BouncyCastleLib {
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public class BouncyCastleLib extends JavaECLibrary {
 
     public BouncyCastleLib() {
-
-    }
-
-    public boolean setUp() {
-        try {
-            Security.addProvider(new BouncyCastleProvider());
-        } catch (NullPointerException | SecurityException ignored) {
-            return false;
-        }
-        return true;
+        super(new BouncyCastleProvider());
     }
 
 }
diff --git a/src/cz/crcs/ectester/standalone/libs/CECLibrary.java b/src/cz/crcs/ectester/standalone/libs/CECLibrary.java
new file mode 100644
index 0000000..82a4555
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/libs/CECLibrary.java
@@ -0,0 +1,31 @@
+package cz.crcs.ectester.standalone.libs;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public abstract class CECLibrary implements ECLibrary {
+
+    private String resourcePath;
+    private String libname;
+
+    public CECLibrary(String resourcePath, String libname) {
+        this.resourcePath = resourcePath;
+        this.libname = libname;
+    }
+
+    @Override
+    public boolean initialize() {
+        // load the library here.
+        return false;
+    }
+
+    @Override
+    public String name() {
+        return libname;
+    }
+
+    @Override
+    public String toString() {
+        return name();
+    }
+}
diff --git a/src/cz/crcs/ectester/standalone/libs/ECLibrary.java b/src/cz/crcs/ectester/standalone/libs/ECLibrary.java
new file mode 100644
index 0000000..b2792bd
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/libs/ECLibrary.java
@@ -0,0 +1,21 @@
+package cz.crcs.ectester.standalone.libs;
+
+import cz.crcs.ectester.standalone.consts.KeyAgreementIdent;
+import cz.crcs.ectester.standalone.consts.SignatureIdent;
+
+import java.util.Set;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public interface ECLibrary {
+    boolean initialize();
+
+    boolean isInitialized();
+
+    Set<KeyAgreementIdent> getECKAs();
+
+    Set<SignatureIdent> getECSigs();
+
+    String name();
+}
diff --git a/src/cz/crcs/ectester/standalone/libs/JavaECLibrary.java b/src/cz/crcs/ectester/standalone/libs/JavaECLibrary.java
new file mode 100644
index 0000000..f8848da
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/libs/JavaECLibrary.java
@@ -0,0 +1,85 @@
+package cz.crcs.ectester.standalone.libs;
+
+import cz.crcs.ectester.standalone.consts.KeyAgreementIdent;
+import cz.crcs.ectester.standalone.consts.SignatureIdent;
+
+import java.security.Provider;
+import java.security.Security;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public abstract class JavaECLibrary implements ECLibrary {
+    private Provider provider;
+    private boolean initialized;
+
+    public JavaECLibrary(Provider provider) {
+        this.provider = provider;
+        this.initialized = false;
+    }
+
+    @Override
+    public boolean initialize() {
+        try {
+            int result = Security.addProvider(provider);
+            if (result == -1) {
+                provider = Security.getProvider(provider.getName());
+            }
+            initialized = true;
+        } catch (NullPointerException | SecurityException ignored) {
+            initialized = false;
+        }
+        return initialized;
+    }
+
+    @Override
+    public boolean isInitialized() {
+        return initialized;
+    }
+
+    @Override
+    public Set<KeyAgreementIdent> getECKAs() {
+        Set<KeyAgreementIdent> results = new HashSet<>();
+        for (Provider.Service service : provider.getServices()) {
+            if (service.getType().equals("KeyAgreement")) {
+                KeyAgreementIdent id = KeyAgreementIdent.get(service.getAlgorithm());
+                if (id != null) {
+                    results.add(id);
+                }
+            }
+        }
+        System.out.println(results);
+        return results;
+    }
+
+    @Override
+    public Set<SignatureIdent> getECSigs() {
+        Set<SignatureIdent> results = new HashSet<>();
+        for (Provider.Service service : provider.getServices()) {
+            if (service.getType().equals("Signature")) {
+                SignatureIdent id = SignatureIdent.get(service.getAlgorithm());
+                if (id != null) {
+                    results.add(id);
+                }
+            }
+        }
+        System.out.println(results);
+        return results;
+    }
+
+    @Override
+    public String name() {
+        return provider.getInfo();
+    }
+
+    public Provider getProvider() {
+        return provider;
+    }
+
+    @Override
+    public String toString() {
+        return name();
+    }
+}
diff --git a/src/cz/crcs/ectester/standalone/libs/SunECLib.java b/src/cz/crcs/ectester/standalone/libs/SunECLib.java
new file mode 100644
index 0000000..408908e
--- /dev/null
+++ b/src/cz/crcs/ectester/standalone/libs/SunECLib.java
@@ -0,0 +1,14 @@
+package cz.crcs.ectester.standalone.libs;
+
+import sun.security.ec.SunEC;
+
+/**
+ * @author Jan Jancar johny@neuromancer.sk
+ */
+public class SunECLib extends JavaECLibrary {
+
+    public SunECLib() {
+        super(new SunEC());
+    }
+
+}