diff options
| author | Ján Jančár | 2024-08-02 18:45:08 +0200 |
|---|---|---|
| committer | GitHub | 2024-08-02 18:45:08 +0200 |
| commit | 7647d4b6aa641ac97c58f47b40e4474cae3c619e (patch) | |
| tree | b0113eeb4451cb6639c58db1cae55301a1a04a94 /standalone/src/main/java/cz | |
| parent | e8cdbe98cb65ab35b45da818e6b4d4e0b1db5f0d (diff) | |
| parent | 6ed466cdeab999abd4c62a824106ab1078053934 (diff) | |
| download | ECTester-7647d4b6aa641ac97c58f47b40e4474cae3c619e.tar.gz ECTester-7647d4b6aa641ac97c58f47b40e4474cae3c619e.tar.zst ECTester-7647d4b6aa641ac97c58f47b40e4474cae3c619e.zip | |
Merge pull request #33 from crocs-muni/fix/card-runtest
Fix test selection
Diffstat (limited to 'standalone/src/main/java/cz')
19 files changed, 352 insertions, 745 deletions
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java index e6d8188..4f76639 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java @@ -71,7 +71,7 @@ public class ECTesterStandalone { private ProviderECLibrary[] libs; private Config cfg; - private Options opts = new Options(); + private final Options opts = new Options(); private TreeParser optParser; private TreeCommandLine cli; public static final String VERSION = "v0.3.3"; @@ -903,7 +903,7 @@ public class ECTesterStandalone { * */ public static class Config { - private ProviderECLibrary[] libs; + private final ProviderECLibrary[] libs; public ProviderECLibrary selected = null; public boolean color = false; diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/output/TextTestWriter.java b/standalone/src/main/java/cz/crcs/ectester/standalone/output/TextTestWriter.java index c53adb2..13a9e72 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/output/TextTestWriter.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/output/TextTestWriter.java @@ -46,10 +46,9 @@ public class TextTestWriter extends BaseTextTestWriter { protected String deviceString(TestSuite suite) { if (suite instanceof StandaloneTestSuite) { StandaloneTestSuite standaloneSuite = (StandaloneTestSuite) suite; - StringBuilder sb = new StringBuilder(); - sb.append("═══ ").append(Colors.underline("ECTester version:")).append(" ").append(ECTesterStandalone.VERSION).append(System.lineSeparator()); - sb.append("═══ ").append(Colors.underline("Library:")).append(" ").append(standaloneSuite.getLibrary().fullName()).append(System.lineSeparator()); - return sb.toString(); + String sb = "═══ " + Colors.underline("ECTester version:") + " " + ECTesterStandalone.VERSION + System.lineSeparator() + + "═══ " + Colors.underline("Library:") + " " + standaloneSuite.getLibrary().fullName() + System.lineSeparator(); + return sb; } return ""; } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/KeyAgreementTestable.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/KeyAgreementTestable.java index 7fd1c5a..579904c 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/KeyAgreementTestable.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/KeyAgreementTestable.java @@ -66,7 +66,7 @@ public class KeyAgreementTestable extends StandaloneTestable<KeyAgreementTestabl } public KeyAgreementTestable(KeyAgreement ka, KeyGeneratorTestable privKgt, KeyGeneratorTestable pubKgt, ECParameterSpec spec) { - this(ka, (ECPrivateKey) null, null, spec); + this(ka, null, (ECPublicKey) null, spec); this.kgtPrivate = privKgt; this.kgtPublic = pubKgt; } @@ -76,6 +76,37 @@ public class KeyAgreementTestable extends StandaloneTestable<KeyAgreementTestabl this.keyAlgo = keyAlgo; } + public KeyAgreementTestable(KeyAgreement ka, KeyGeneratorTestable kgt, ECPrivateKey privateKey) { + this(ka, privateKey, null, (ECParameterSpec) null); + this.kgtPublic = kgt; + } + + public KeyAgreementTestable(KeyAgreement ka, KeyGeneratorTestable kgt, ECPrivateKey privateKey, String keyAlgo) { + this(ka, kgt, privateKey, (ECParameterSpec) null); + this.keyAlgo = keyAlgo; + } + + public KeyAgreementTestable(KeyAgreement ka, ECPublicKey publicKey, KeyGeneratorTestable kgt) { + this(ka, null, publicKey, (ECParameterSpec) null); + this.kgtPrivate = kgt; + } + + public KeyAgreementTestable(KeyAgreement ka, ECPublicKey publicKey, KeyGeneratorTestable kgt, String keyAlgo) { + this(ka, publicKey, kgt, (ECParameterSpec) null); + this.keyAlgo = keyAlgo; + } + + public KeyAgreementTestable(KeyAgreement ka, KeyGeneratorTestable privKgt, KeyGeneratorTestable pubKgt) { + this(ka, null, (ECPublicKey) null, (ECParameterSpec) null); + this.kgtPrivate = privKgt; + this.kgtPublic = pubKgt; + } + + public KeyAgreementTestable(KeyAgreement ka, KeyGeneratorTestable privKgt, KeyGeneratorTestable pubKgt, String keyAlgo) { + this(ka, privKgt, pubKgt, (ECParameterSpec) null); + this.keyAlgo = keyAlgo; + } + public String getKeyAlgorithm() { return keyAlgo; } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/KeyGeneratorTest.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/KeyGeneratorTest.java index 8c49224..f35741a 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/KeyGeneratorTest.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/KeyGeneratorTest.java @@ -43,13 +43,13 @@ public class KeyGeneratorTest extends SimpleTest<KeyGeneratorTestable> { public String getDescription() { String params = ""; if (testable.getKeysize() != 0) { - params = String.format("(default %d-bit curve)", testable.getKeysize()); + params = String.format("on (default %d-bit curve)", testable.getKeysize()); } else if (testable.getSpec() instanceof ECGenParameterSpec) { String name = ((ECGenParameterSpec)testable.getSpec()).getName(); - params = String.format("(%s)", name); + params = String.format("on (%s)", name); } else if (testable.getSpec() instanceof ECParameterSpec) { - params = "(custom curve)"; + params = "on (custom curve)"; } - return "KeyPairGenerator " + testable.getKpg().getAlgorithm() + " on " + params; + return "KeyPairGenerator " + testable.getKpg().getAlgorithm() + " " + params; } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/PerformanceTest.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/PerformanceTest.java index d50c7e9..3b15c94 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/PerformanceTest.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/PerformanceTest.java @@ -13,7 +13,7 @@ import java.util.Arrays; */ public class PerformanceTest extends SimpleTest<BaseTestable> { - private ProviderECLibrary library; + private final ProviderECLibrary library; private long[] times; private long mean; private long median; diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/SignatureTestable.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/SignatureTestable.java index fe81b10..76074e4 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/SignatureTestable.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/base/SignatureTestable.java @@ -11,7 +11,7 @@ import java.security.interfaces.ECPublicKey; * @author Jan Jancar johny@neuromancer.sk */ public class SignatureTestable extends StandaloneTestable<SignatureTestable.SignatureStage> { - private Signature sig; + private final Signature sig; private ECPrivateKey signKey; private ECPublicKey verifyKey; private KeyGeneratorTestable kgt; diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneCofactorSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneCofactorSuite.java index bb9a509..003d510 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneCofactorSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneCofactorSuite.java @@ -24,6 +24,8 @@ import java.security.interfaces.ECPrivateKey; import java.security.interfaces.ECPublicKey; import java.security.spec.ECParameterSpec; import java.util.*; +import java.util.function.Consumer; +import java.util.function.Function; /** * @author David Hofman @@ -41,29 +43,9 @@ public class StandaloneCofactorSuite extends StandaloneTestSuite { String kaAlgo = cli.getOptionValue("test.ka-type"); List<String> kaTypes = kaAlgo != null ? Arrays.asList(kaAlgo.split(",")) : new ArrayList<>(); - KeyPairGeneratorIdent kpgIdent; - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains(kpgAlgo)) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The KeyPairGenerator algorithm type of \"" + kpgAlgo + "\" was not found."); - return; - } + KeyPairGeneratorIdent kpgIdent = getKeyPairGeneratorIdent(kpgAlgo); + if (kpgIdent == null) { + return; } Map<String, EC_Key.Public> pubkeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "cofactor"); @@ -77,15 +59,6 @@ public class StandaloneCofactorSuite extends StandaloneTestSuite { KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp == null) { - Test generateFail = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " + curve.getId() + ". " + "KeyAgreement tests will be skipped.", generate); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Cofactor test of " + curve.getId() + ".", generateFail)); - continue; - } - Test generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair.", generate); - ECPrivateKey ecpriv = (ECPrivateKey) kp.getPrivate(); List<Test> allKaTests = new LinkedList<>(); for (KeyAgreementIdent kaIdent : cfg.selected.getKAs()) { @@ -94,7 +67,7 @@ public class StandaloneCofactorSuite extends StandaloneTestSuite { for (EC_Key.Public pub : keys) { ECPublicKey ecpub = ECUtil.toPublicKey(pub); KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpriv, ecpub); + KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpub, kgt); Test keyAgreement = KeyAgreementTest.expectError(testable, Result.ExpectedValue.FAILURE); specificKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, pub.getId() + " cofactor key test.", keyAgreement)); } @@ -104,8 +77,8 @@ public class StandaloneCofactorSuite extends StandaloneTestSuite { if (allKaTests.isEmpty()) { allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "None of the specified key agreement types is supported by the library.")); } - Test tests = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Do tests.", allKaTests.toArray(new Test[0])); - doTest(CompoundTest.greedyAllTry(Result.ExpectedValue.SUCCESS, "Cofactor test of " + curve.getId() + ".", generateSuccess, tests)); + Test kaTests = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Do tests.", allKaTests.toArray(new Test[0])); + doTest(CompoundTest.function(CompoundTest.EXPECT_ALL_SUCCESS, CompoundTest.RUN_ALL_IF_FIRST, "Cofactor test of " + curve.getId() + ".", generate, kaTests)); } } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneCompositeSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneCompositeSuite.java index 839bb40..38d76bc 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneCompositeSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneCompositeSuite.java @@ -51,29 +51,9 @@ public class StandaloneCompositeSuite extends StandaloneTestSuite { kaTypes = kaAlgo != null ? Arrays.asList(kaAlgo.split(",")) : new ArrayList<>(); sigTypes = sigAlgo != null ? Arrays.asList(sigAlgo.split(",")) : new ArrayList<>(); - KeyPairGeneratorIdent kpgIdent; - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains(kpgAlgo)) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The KeyPairGenerator algorithm type of \"" + kpgAlgo + "\" was not found."); - return; - } + KeyPairGeneratorIdent kpgIdent = getKeyPairGeneratorIdent(kpgAlgo); + if (kpgIdent == null) { + return; } KeyPairGenerator kpg = kpgIdent.getInstance(cfg.selected.getProvider()); @@ -86,15 +66,6 @@ public class StandaloneCompositeSuite extends StandaloneTestSuite { //Generate KeyPair KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp == null) { - Test generateFail = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " + curve.getId() + ". " + "KeyAgreement tests will be skipped.", generate); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Composite test of " + curve.getId() + ".", generateFail)); - continue; - } - Test generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair.", generate); - ECPrivateKey ecpriv = (ECPrivateKey) kp.getPrivate(); //Perform KeyAgreement tests List<Test> allKaTests = new LinkedList<>(); @@ -104,7 +75,7 @@ public class StandaloneCompositeSuite extends StandaloneTestSuite { for (EC_Key.Public pub : curveKeys.getValue()) { ECPublicKey ecpub = ECUtil.toPublicKey(pub); KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpriv, ecpub); + KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpub, kgt); Test keyAgreement = KeyAgreementTest.expectError(testable, Result.ExpectedValue.FAILURE); specificKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Composite test of " + curve.getId() + ", with generated private key, " + pub.getDesc(), keyAgreement)); } @@ -115,7 +86,7 @@ public class StandaloneCompositeSuite extends StandaloneTestSuite { allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "None of the specified key agreement types is supported by the library.")); } Test tests = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Do tests.", allKaTests.toArray(new Test[0])); - doTest(CompoundTest.greedyAllTry(Result.ExpectedValue.SUCCESS, "Composite test of " + curve.getId() + ".", generateSuccess, tests)); + doTest(CompoundTest.greedyAllTry(Result.ExpectedValue.SUCCESS, "Composite test of " + curve.getId() + ".", generate, tests)); } @@ -164,24 +135,13 @@ public class StandaloneCompositeSuite extends StandaloneTestSuite { //generate KeyPair KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, curve.toSpec()); Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp == null) { - Test generateFail = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " + curve.getId() + - ". " + " Other tests will be skipped.", generate); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, description, generateFail)); - continue; - } - Test generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair.", generate); - ECPrivateKey ecpriv = (ECPrivateKey) kp.getPrivate(); - ECPublicKey ecpub = (ECPublicKey) kp.getPublic(); //perform KeyAgreement tests List<Test> kaTests = new LinkedList<>(); for (KeyAgreementIdent kaIdent : cfg.selected.getKAs()) { if (kaAlgo == null || kaIdent.containsAny(kaTypes)) { KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpriv, ecpub); + KeyAgreementTestable testable = new KeyAgreementTestable(ka, kgt, kgt); kaTests.add(KeyAgreementTest.expectError(testable, dhValue)); } } @@ -194,7 +154,7 @@ public class StandaloneCompositeSuite extends StandaloneTestSuite { for (SignatureIdent sigIdent : cfg.selected.getSigs()) { if (sigAlgo == null || sigIdent.containsAny(sigTypes)) { Signature sig = sigIdent.getInstance(cfg.selected.getProvider()); - SignatureTestable testable = new SignatureTestable(sig, ecpriv, ecpub, null); + SignatureTestable testable = new SignatureTestable(sig, kgt, null); sigTests.add(SignatureTest.expectError(testable, dhValue)); } } @@ -204,7 +164,7 @@ public class StandaloneCompositeSuite extends StandaloneTestSuite { Test performKeyAgreements = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform specified KeyAgreements.", kaTests.toArray(new Test[0])); Test performSignatures = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform specified Signatures.", sigTests.toArray(new Test[0])); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, description, generateSuccess, performKeyAgreements, performSignatures)); + doTest(CompoundTest.function(CompoundTest.EXPECT_ALL_SUCCESS, CompoundTest.RUN_ALL_IF_FIRST, description, generate, performKeyAgreements, performSignatures)); } } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneDefaultSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneDefaultSuite.java index 1c14ecc..ef9d434 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneDefaultSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneDefaultSuite.java @@ -33,32 +33,10 @@ public class StandaloneDefaultSuite extends StandaloneTestSuite { String sigAlgo = cli.getOptionValue("test.sig-type"); String keyAlgo = cli.getOptionValue("test.key-type", "AES"); - - KeyPairGeneratorIdent kpgIdent; - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains(kpgAlgo)) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The KeyPairGenerator algorithm type of \"" + kpgAlgo + "\" was not found."); - return; - } + KeyPairGeneratorIdent kpgIdent = getKeyPairGeneratorIdent(kpgAlgo); + if (kpgIdent == null) { + return; } - KeyPairGenerator kpg = kpgIdent.getInstance(cfg.selected.getProvider()); KeyGeneratorTestable kgtOne; diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneDegenerateSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneDegenerateSuite.java index d822a83..5a27f95 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneDegenerateSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneDegenerateSuite.java @@ -1,134 +1,16 @@ package cz.crcs.ectester.standalone.test.suites; import cz.crcs.ectester.common.cli.TreeCommandLine; -import cz.crcs.ectester.common.ec.EC_Curve; -import cz.crcs.ectester.common.ec.EC_Key; import cz.crcs.ectester.common.output.TestWriter; -import cz.crcs.ectester.common.test.CompoundTest; -import cz.crcs.ectester.common.test.Result; -import cz.crcs.ectester.common.test.Test; -import cz.crcs.ectester.common.util.ECUtil; -import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.standalone.ECTesterStandalone; -import cz.crcs.ectester.standalone.consts.KeyAgreementIdent; -import cz.crcs.ectester.standalone.consts.KeyPairGeneratorIdent; -import cz.crcs.ectester.standalone.test.base.KeyAgreementTest; -import cz.crcs.ectester.standalone.test.base.KeyAgreementTestable; -import cz.crcs.ectester.standalone.test.base.KeyGeneratorTest; -import cz.crcs.ectester.standalone.test.base.KeyGeneratorTestable; - -import javax.crypto.KeyAgreement; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.interfaces.ECPrivateKey; -import java.security.interfaces.ECPublicKey; -import java.security.spec.ECGenParameterSpec; -import java.security.spec.ECParameterSpec; -import java.util.*; /** * @author David Hofman */ -public class StandaloneDegenerateSuite extends StandaloneTestSuite { +public class StandaloneDegenerateSuite extends StandaloneForeignSuite { public StandaloneDegenerateSuite(TestWriter writer, ECTesterStandalone.Config cfg, TreeCommandLine cli) { super(writer, cfg, cli, "degenerate", "The degenerate suite tests whether the library rejects points outside of the curve during ECDH.", "The tested points lie on a part of the plane for which some Edwards, Hessian and Huff form addition formulas degenerate into exponentiation in the base finite field.", "Supports options:", "\t - gt/kpg-type", "\t - kt/ka-type (select multiple types by separating them with commas)"); } - - @Override - protected void runTests() throws Exception { - String kpgAlgo = cli.getOptionValue("test.kpg-type"); - String kaAlgo = cli.getOptionValue("test.ka-type"); - List<String> kaTypes = kaAlgo != null ? Arrays.asList(kaAlgo.split(",")) : new ArrayList<>(); - - KeyPairGeneratorIdent kpgIdent; - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains(kpgAlgo)) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The KeyPairGenerator algorithm type of \"" + kpgAlgo + "\" was not found."); - return; - } - } - - Map<String, EC_Key.Public> pubkeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "degenerate"); - Map<EC_Curve, List<EC_Key.Public>> curveList = EC_Store.mapKeyToCurve(pubkeys.values()); - for (Map.Entry<EC_Curve, List<EC_Key.Public>> e : curveList.entrySet()) { - EC_Curve curve = e.getKey(); - List<EC_Key.Public> keys = e.getValue(); - - KeyPairGenerator kpg = kpgIdent.getInstance(cfg.selected.getProvider()); - ECParameterSpec spec = curve.toSpec(); - KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); - - Test generateSuccess; - Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp != null) { - generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair.", generate); - } else { - // If KeyPair generation fails, try generating it on named curve instead. - ECGenParameterSpec namedSpec = new ECGenParameterSpec(curve.getId()); - KeyGeneratorTestable kgtOnNamedCurve = new KeyGeneratorTestable(kpg, namedSpec); - Test generateOnNamedCurve = KeyGeneratorTest.expectError(kgtOnNamedCurve, Result.ExpectedValue.ANY); - runTest(generateOnNamedCurve); - kp = kgtOnNamedCurve.getKeyPair(); - if (kp != null) { - generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair (named curve).", generateOnNamedCurve); - } else { - // If even the named curve generation fails, try generating with the default curve instead. Use this key only if it has the same domain parameters as our public key. - KeyGeneratorTestable kgtOnDefaultCurve = new KeyGeneratorTestable(kpg, curve.getBits()); - Test generateOnDefaultCurve = KeyGeneratorTest.expectError(kgtOnDefaultCurve, Result.ExpectedValue.ANY); - runTest(generateOnDefaultCurve); - kp = kgtOnDefaultCurve.getKeyPair(); - if (kp != null && ECUtil.equalKeyPairParameters((ECPrivateKey) kp.getPrivate(), ECUtil.toPublicKey(keys.get(0)))) { - generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair (default curve).", generateOnDefaultCurve); - } else { - Test generateNotEqual = CompoundTest.function(tests -> new Result(Result.Value.FAILURE, "Default parameters do not match the curve " + curve.getId()), "Default parameters do not match the curve " + curve.getId(), generateOnDefaultCurve); - Test generateFail = CompoundTest.any(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " + curve.getId() + ". " + "KeyAgreement tests will be skipped.", generate, generateOnNamedCurve, generateNotEqual); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Degenerate curve test of " + curve.getId() + ".", generateFail)); - continue; - } - } - } - ECPrivateKey ecpriv = (ECPrivateKey) kp.getPrivate(); - - List<Test> allKaTests = new LinkedList<>(); - for (KeyAgreementIdent kaIdent : cfg.selected.getKAs()) { - if (kaAlgo == null || kaIdent.containsAny(kaTypes)) { - List<Test> specificKaTests = new LinkedList<>(); - for (EC_Key.Public pub : keys) { - ECPublicKey ecpub = ECUtil.toPublicKey(pub); - KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpriv, ecpub); - Test keyAgreement = KeyAgreementTest.expectError(testable, Result.ExpectedValue.FAILURE); - specificKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, pub.getId() + " degenerate key test.", keyAgreement)); - } - allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform " + kaIdent.getName() + " with degenerate public points..", specificKaTests.toArray(new Test[0]))); - } - } - if (allKaTests.isEmpty()) { - allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "None of the specified key agreement types is supported by the library.")); - } - Test tests = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Do tests.", allKaTests.toArray(new Test[0])); - doTest(CompoundTest.greedyAllTry(Result.ExpectedValue.SUCCESS, "Degenerate curve test of " + curve.getId() + ".", generateSuccess, tests)); - } - } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java index 7c46f02..d441235 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java @@ -51,53 +51,13 @@ public class StandaloneEdgeCasesSuite extends StandaloneTestSuite { String kaAlgo = cli.getOptionValue("test.ka-type"); String kpgAlgo = cli.getOptionValue("test.kpg-type"); - if (kaAlgo == null) { - // try ECDH, if not, fail with: need to specify ka algo. - Optional<KeyAgreementIdent> kaIdentOpt = cfg.selected.getKAs().stream() - .filter((ident) -> ident.contains("ECDH")) - .findFirst(); - if (kaIdentOpt.isPresent()) { - kaIdent = kaIdentOpt.get(); - } else { - System.err.println("The default KeyAgreement algorithm type of \"ECDH\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong ka algo/not found. - Optional<KeyAgreementIdent> kaIdentOpt = cfg.selected.getKAs().stream() - .filter((ident) -> ident.contains(kaAlgo)) - .findFirst(); - if (kaIdentOpt.isPresent()) { - kaIdent = kaIdentOpt.get(); - } else { - System.err.println("The KeyAgreement algorithm type of \"" + kaAlgo + "\" was not found."); - return; - } + kaIdent = getKeyAgreementIdent(kaAlgo); + if (kaIdent == null) { + return; } - - KeyPairGeneratorIdent kpgIdent; - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains(kpgAlgo)) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The KeyPairGenerator algorithm type of \"" + kpgAlgo + "\" was not found."); - return; - } + KeyPairGeneratorIdent kpgIdent = getKeyPairGeneratorIdent(kpgAlgo); + if (kpgIdent == null) { + return; } KeyPairGenerator kpg = kpgIdent.getInstance(cfg.selected.getProvider()); @@ -176,20 +136,10 @@ public class StandaloneEdgeCasesSuite extends StandaloneTestSuite { //generate KeyPair KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp == null) { - Test generateFail = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " + curve.getId() + - ". " + " Other tests will be skipped.", generate); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests with edge-case private key values over" + curve.getId() + ".", generateFail)); - continue; - } - Test generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate KeyPair.", generate); - ECPublicKey ecpub = (ECPublicKey) kp.getPublic(); //perform ECDH tests - Test zeroS = ecdhTest(ecpub, BigInteger.ZERO, spec, "ECDH with S = 0.", Result.ExpectedValue.FAILURE); - Test oneS = ecdhTest(ecpub, BigInteger.ONE, spec, "ECDH with S = 1.", Result.ExpectedValue.FAILURE); + Test zeroS = ecdhTest(kgt, BigInteger.ZERO, spec, "ECDH with S = 0.", Result.ExpectedValue.FAILURE); + Test oneS = ecdhTest(kgt, BigInteger.ONE, spec, "ECDH with S = 1.", Result.ExpectedValue.FAILURE); byte[] rParam = curve.getParam(EC_Consts.PARAMETER_R)[0]; BigInteger R = new BigInteger(1, rParam); @@ -208,14 +158,14 @@ public class StandaloneEdgeCasesSuite extends StandaloneTestSuite { BigInteger rm1 = R.subtract(BigInteger.ONE); BigInteger rp1 = R.add(BigInteger.ONE); - Test alternateS = ecdhTest(ecpub, alternate, spec, "ECDH with S = 101010101...01010.", Result.ExpectedValue.SUCCESS); - Test alternateOtherS = ecdhTest(ecpub, alternateOther, spec, "ECDH with S = 010101010...10101.", Result.ExpectedValue.SUCCESS); - Test fullS = ecdhTest(ecpub, full, spec, "ECDH with S = 111111111...11111 (but < r).", Result.ExpectedValue.SUCCESS); - Test smallerS = ecdhTest(ecpub, smaller, spec, "ECDH with S < r.", Result.ExpectedValue.SUCCESS); - Test exactS = ecdhTest(ecpub, R, spec, "ECDH with S = r.", Result.ExpectedValue.FAILURE); - Test largeS = ecdhTest(ecpub, larger, spec, "ECDH with S > r.", Result.ExpectedValue.ANY); - Test rm1S = ecdhTest(ecpub, rm1, spec, "ECDH with S = r - 1.", Result.ExpectedValue.SUCCESS); - Test rp1S = ecdhTest(ecpub, rp1, spec, "ECDH with S = r + 1.", Result.ExpectedValue.ANY); + Test alternateS = ecdhTest(kgt, alternate, spec, "ECDH with S = 101010101...01010.", Result.ExpectedValue.SUCCESS); + Test alternateOtherS = ecdhTest(kgt, alternateOther, spec, "ECDH with S = 010101010...10101.", Result.ExpectedValue.SUCCESS); + Test fullS = ecdhTest(kgt, full, spec, "ECDH with S = 111111111...11111 (but < r).", Result.ExpectedValue.SUCCESS); + Test smallerS = ecdhTest(kgt, smaller, spec, "ECDH with S < r.", Result.ExpectedValue.SUCCESS); + Test exactS = ecdhTest(kgt, R, spec, "ECDH with S = r.", Result.ExpectedValue.FAILURE); + Test largeS = ecdhTest(kgt, larger, spec, "ECDH with S > r.", Result.ExpectedValue.ANY); + Test rm1S = ecdhTest(kgt, rm1, spec, "ECDH with S = r - 1.", Result.ExpectedValue.SUCCESS); + Test rp1S = ecdhTest(kgt, rp1, spec, "ECDH with S = r + 1.", Result.ExpectedValue.ANY); byte[] k = curve.getParam(EC_Consts.PARAMETER_K)[0]; BigInteger K = new BigInteger(1, k); @@ -225,12 +175,12 @@ public class StandaloneEdgeCasesSuite extends StandaloneTestSuite { Result.ExpectedValue kExpected = K.equals(BigInteger.ONE) ? Result.ExpectedValue.SUCCESS : Result.ExpectedValue.FAILURE; - Test krS /*ONE!*/ = ecdhTest(ecpub, kr, spec, "ECDH with S = k * r.", Result.ExpectedValue.FAILURE); - Test krm1S = ecdhTest(ecpub, krm1, spec, "ECDH with S = (k * r) - 1.", kExpected); - Test krp1S = ecdhTest(ecpub, krp1, spec, "ECDH with S = (k * r) + 1.", Result.ExpectedValue.ANY); + Test krS /*ONE!*/ = ecdhTest(kgt, kr, spec, "ECDH with S = k * r.", Result.ExpectedValue.FAILURE); + Test krm1S = ecdhTest(kgt, krm1, spec, "ECDH with S = (k * r) - 1.", kExpected); + Test krp1S = ecdhTest(kgt, krp1, spec, "ECDH with S = (k * r) + 1.", Result.ExpectedValue.ANY); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests with edge-case private key values over " + curve.getId() + ".", - generateSuccess, zeroS, oneS, alternateS, alternateOtherS, fullS, smallerS, exactS, largeS, rm1S, rp1S, krS, krm1S, krp1S)); + doTest(CompoundTest.function(CompoundTest.EXPECT_ALL_SUCCESS, CompoundTest.RUN_ALL_IF_FIRST, "Tests with edge-case private key values over " + curve.getId() + ".", + generate, zeroS, oneS, alternateS, alternateOtherS, fullS, smallerS, exactS, largeS, rm1S, rp1S, krS, krm1S, krp1S)); } EC_Curve secp160r1 = EC_Store.getInstance().getObject(EC_Curve.class, "secg/secp160r1"); @@ -265,29 +215,19 @@ public class StandaloneEdgeCasesSuite extends StandaloneTestSuite { //generate KeyPair KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp == null) { - Test generateFail = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " - + secp160r1.getBits() + "b secp160r1." + " Other tests will be skipped.", generate); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Test private key values near zero, near p and near/larger than the order on" + secp160r1.getId() + ".", generateFail)); - return; - } - Test generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate KeyPair.", generate); - ECPublicKey ecpub = (ECPublicKey) kp.getPublic(); //perform ECDH tests Test[] zeroTests = new Test[n]; int i = 0; for (BigInteger nearZero : zeros) { - zeroTests[i++] = ecdhTest(ecpub, nearZero, spec, nearZero.toString(16), Result.ExpectedValue.SUCCESS); + zeroTests[i++] = ecdhTest(kgt, nearZero, spec, nearZero.toString(16), Result.ExpectedValue.SUCCESS); } Test zeroTest = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Near zero.", zeroTests); Test[] pTests = new Test[n]; i = 0; for (BigInteger nearP : ps) { - pTests[i++] = ecdhTest(ecpub, nearP, spec, nearP.toString(16) + (nearP.compareTo(p) > 0 ? " (>p)" : " (<=p)"), Result.ExpectedValue.SUCCESS); + pTests[i++] = ecdhTest(kgt, nearP, spec, nearP.toString(16) + (nearP.compareTo(p) > 0 ? " (>p)" : " (<=p)"), Result.ExpectedValue.SUCCESS); } Test pTest = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Near p.", pTests); @@ -295,19 +235,19 @@ public class StandaloneEdgeCasesSuite extends StandaloneTestSuite { i = 0; for (BigInteger nearR : rs) { if (nearR.compareTo(r) >= 0) { - rTests[i++] = ecdhTest(ecpub, nearR, spec, nearR.toString(16) + " (>=r)", Result.ExpectedValue.FAILURE); + rTests[i++] = ecdhTest(kgt, nearR, spec, nearR.toString(16) + " (>=r)", Result.ExpectedValue.FAILURE); } else { - rTests[i++] = ecdhTest(ecpub, nearR, spec, nearR.toString(16) + " (<r)", Result.ExpectedValue.SUCCESS); + rTests[i++] = ecdhTest(kgt, nearR, spec, nearR.toString(16) + " (<r)", Result.ExpectedValue.SUCCESS); } } Test rTest = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Near r.", rTests); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Test private key values near zero, near p and near/larger than the order.", generateSuccess, zeroTest, pTest, rTest)); + doTest(CompoundTest.function(CompoundTest.EXPECT_ALL_SUCCESS, CompoundTest.RUN_ALL_IF_FIRST, "Test private key values near zero, near p and near/larger than the order.", generate, zeroTest, pTest, rTest)); } - private Test ecdhTest(ECPublicKey pub, BigInteger SParam, ECParameterSpec spec, String desc, Result.ExpectedValue expect) throws NoSuchAlgorithmException { + private Test ecdhTest(KeyGeneratorTestable kgt, BigInteger SParam, ECParameterSpec spec, String desc, Result.ExpectedValue expect) throws NoSuchAlgorithmException { ECPrivateKey priv = new RawECPrivateKey(SParam, spec); KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, priv, pub); + KeyAgreementTestable testable = new KeyAgreementTestable(ka, kgt, priv); return CompoundTest.all(Result.ExpectedValue.SUCCESS, desc, KeyAgreementTest.expectError(testable, expect)); } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneForeignSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneForeignSuite.java new file mode 100644 index 0000000..21431ae --- /dev/null +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneForeignSuite.java @@ -0,0 +1,173 @@ +package cz.crcs.ectester.standalone.test.suites; + +import cz.crcs.ectester.common.cli.TreeCommandLine; +import cz.crcs.ectester.common.ec.EC_Curve; +import cz.crcs.ectester.common.ec.EC_Key; +import cz.crcs.ectester.common.output.TestWriter; +import cz.crcs.ectester.common.test.CompoundTest; +import cz.crcs.ectester.common.test.Result; +import cz.crcs.ectester.common.test.Test; +import cz.crcs.ectester.common.util.ECUtil; +import cz.crcs.ectester.data.EC_Store; +import cz.crcs.ectester.standalone.ECTesterStandalone; +import cz.crcs.ectester.standalone.consts.KeyAgreementIdent; +import cz.crcs.ectester.standalone.consts.KeyPairGeneratorIdent; +import cz.crcs.ectester.standalone.test.base.KeyAgreementTest; +import cz.crcs.ectester.standalone.test.base.KeyAgreementTestable; +import cz.crcs.ectester.standalone.test.base.KeyGeneratorTest; +import cz.crcs.ectester.standalone.test.base.KeyGeneratorTestable; + +import javax.crypto.KeyAgreement; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.interfaces.ECPrivateKey; +import java.security.interfaces.ECPublicKey; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.ECGenParameterSpec; +import java.security.spec.ECParameterSpec; +import java.util.*; + +public abstract class StandaloneForeignSuite extends StandaloneTestSuite { + private String capName; + + public StandaloneForeignSuite(TestWriter writer, ECTesterStandalone.Config cfg, TreeCommandLine cli, String name, String... description) { + super(writer, cfg, cli, name, description); + this.capName = name.substring(0, 1).toUpperCase() + name.substring(1); + } + + @Override + protected void runTests() throws Exception { + String kpgAlgo = cli.getOptionValue("test.kpg-type"); + String kaAlgo = cli.getOptionValue("test.ka-type"); + List<String> kaTypes = kaAlgo != null ? Arrays.asList(kaAlgo.split(",")) : new ArrayList<>(); + + KeyPairGeneratorIdent kpgIdent = getKeyPairGeneratorIdent(kpgAlgo); + if (kpgIdent == null) { + return; + } + + Map<String, EC_Key.Public> pubkeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, this.name); + Map<EC_Curve, List<EC_Key.Public>> curveList = EC_Store.mapKeyToCurve(pubkeys.values()); + for (Map.Entry<EC_Curve, List<EC_Key.Public>> e : curveList.entrySet()) { + EC_Curve curve = e.getKey(); + List<EC_Key.Public> keys = e.getValue(); + ECPublicKey singlePkey = ECUtil.toPublicKey(keys.get(0)); + + KeyPairGenerator kpg = kpgIdent.getInstance(cfg.selected.getProvider()); + ECParameterSpec spec = curve.toSpec(); + ECGenParameterSpec namedSpec = new ECGenParameterSpec(curve.getId()); + + KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); + KeyGeneratorTestable kgtOnNamedCurve = new KeyGeneratorTestable(kpg, namedSpec); + KeyGeneratorTestable kgtOnDefaultCurve = new KeyGeneratorTestable(kpg, curve.getBits()); + + // This is some nasty hacking... + KeyGeneratorTestable theKgt = new KeyGeneratorTestable(kpg) { + private KeyGeneratorTestable current = null; + + @Override + public Exception getException() { + if (current != null) { + return current.getException(); + } + return super.getException(); + } + + @Override + public KeyGeneratorStage getStage() { + if (current != null) { + return current.getStage(); + } + return super.getStage(); + } + + @Override + public void run() { + stage = KeyGeneratorStage.Init; + kgt.run(); + if (kgt.ok()) { + ok = true; + error = false; + current = kgt; + hasRun = true; + return; + } + kgtOnNamedCurve.run(); + if (kgtOnNamedCurve.ok()) { + ok = true; + error = false; + current = kgtOnNamedCurve; + hasRun = true; + return; + } + kgtOnDefaultCurve.run(); + if (kgtOnDefaultCurve.ok() && ECUtil.equalKeyPairParameters((ECPrivateKey) kgtOnDefaultCurve.getKeyPair().getPrivate(), singlePkey)) { + ok = true; + error = false; + current = kgtOnDefaultCurve; + hasRun = true; + } + } + + @Override + public KeyPair getKeyPair() { + if (current != null) { + return current.getKeyPair(); + } + return super.getKeyPair(); + } + + @Override + public KeyPairGenerator getKpg() { + if (current != null) { + return current.getKpg(); + } + return super.getKpg(); + } + + @Override + public AlgorithmParameterSpec getSpec() { + if (current != null) { + return current.getSpec(); + } + return super.getSpec(); + } + + @Override + public int getKeysize() { + if (current != null) { + return current.getKeysize(); + } + return super.getKeysize(); + } + }; + + Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.SUCCESS); + Test generateOnNamedCurve = KeyGeneratorTest.expectError(kgtOnNamedCurve, Result.ExpectedValue.SUCCESS); + Test generateOnDefaultCurve = KeyGeneratorTest.expectError(kgtOnDefaultCurve, Result.ExpectedValue.SUCCESS); + Test generateFinal = KeyGeneratorTest.expectError(theKgt, Result.ExpectedValue.SUCCESS); + //generate, generateOnNamedCurve, generateOnDefaultCurve, + Test generateAny = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate a keypair on the standard curve.", generateFinal); + + List<Test> allKaTests = new LinkedList<>(); + for (KeyAgreementIdent kaIdent : cfg.selected.getKAs()) { + if (kaAlgo == null || kaIdent.containsAny(kaTypes)) { + List<Test> specificKaTests = new LinkedList<>(); + for (EC_Key.Public pub : keys) { + ECPublicKey ecpub = ECUtil.toPublicKey(pub); + KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); + KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpub, theKgt); + Test keyAgreement = KeyAgreementTest.expectError(testable, Result.ExpectedValue.FAILURE); + specificKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, pub.getId() + " invalid key test.", keyAgreement)); + } + allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform " + kaIdent.getName() + " with invalid public points.", specificKaTests.toArray(new Test[0]))); + } + } + if (allKaTests.isEmpty()) { + allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "None of the specified key agreement types is supported by the library.")); + } + Test tests = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Do tests.", allKaTests.toArray(new Test[0])); + doTest(CompoundTest.greedyAllTry(Result.ExpectedValue.SUCCESS, this.capName + " curve test of " + curve.getId() + ".", generateAny, tests)); + } + } +} diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneInvalidSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneInvalidSuite.java index 48dfc37..d1b9a88 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneInvalidSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneInvalidSuite.java @@ -1,133 +1,16 @@ package cz.crcs.ectester.standalone.test.suites; import cz.crcs.ectester.common.cli.TreeCommandLine; -import cz.crcs.ectester.common.ec.EC_Curve; -import cz.crcs.ectester.common.ec.EC_Key; import cz.crcs.ectester.common.output.TestWriter; -import cz.crcs.ectester.common.test.CompoundTest; -import cz.crcs.ectester.common.test.Result; -import cz.crcs.ectester.common.test.Test; -import cz.crcs.ectester.common.util.ECUtil; -import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.standalone.ECTesterStandalone; -import cz.crcs.ectester.standalone.consts.KeyAgreementIdent; -import cz.crcs.ectester.standalone.consts.KeyPairGeneratorIdent; -import cz.crcs.ectester.standalone.test.base.KeyAgreementTest; -import cz.crcs.ectester.standalone.test.base.KeyAgreementTestable; -import cz.crcs.ectester.standalone.test.base.KeyGeneratorTest; -import cz.crcs.ectester.standalone.test.base.KeyGeneratorTestable; -import javax.crypto.KeyAgreement; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.interfaces.ECPrivateKey; -import java.security.interfaces.ECPublicKey; -import java.security.spec.ECGenParameterSpec; -import java.security.spec.ECParameterSpec; -import java.util.*; /** * @author David Hofman */ -public class StandaloneInvalidSuite extends StandaloneTestSuite { +public class StandaloneInvalidSuite extends StandaloneForeignSuite { public StandaloneInvalidSuite(TestWriter writer, ECTesterStandalone.Config cfg, TreeCommandLine cli) { super(writer, cfg, cli, "invalid", "The invalid curve suite tests whether the library rejects points outside of the curve during ECDH.", "Supports options:", "\t - gt/kpg-type", "\t - kt/ka-type (select multiple types by separating them with commas)"); } - - @Override - protected void runTests() throws Exception { - String kpgAlgo = cli.getOptionValue("test.kpg-type"); - String kaAlgo = cli.getOptionValue("test.ka-type"); - List<String> kaTypes = kaAlgo != null ? Arrays.asList(kaAlgo.split(",")) : new ArrayList<>(); - - KeyPairGeneratorIdent kpgIdent; - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains(kpgAlgo)) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The KeyPairGenerator algorithm type of \"" + kpgAlgo + "\" was not found."); - return; - } - } - - Map<String, EC_Key.Public> pubkeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "invalid"); - Map<EC_Curve, List<EC_Key.Public>> curveList = EC_Store.mapKeyToCurve(pubkeys.values()); - for (Map.Entry<EC_Curve, List<EC_Key.Public>> e : curveList.entrySet()) { - EC_Curve curve = e.getKey(); - List<EC_Key.Public> keys = e.getValue(); - - KeyPairGenerator kpg = kpgIdent.getInstance(cfg.selected.getProvider()); - ECParameterSpec spec = curve.toSpec(); - KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); - - Test generateSuccess; - Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp != null) { - generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair.", generate); - } else { - // If KeyPair generation fails, try generating it on named curve instead. - ECGenParameterSpec namedSpec = new ECGenParameterSpec(curve.getId()); - KeyGeneratorTestable kgtOnNamedCurve = new KeyGeneratorTestable(kpg, namedSpec); - Test generateOnNamedCurve = KeyGeneratorTest.expectError(kgtOnNamedCurve, Result.ExpectedValue.ANY); - runTest(generateOnNamedCurve); - kp = kgtOnNamedCurve.getKeyPair(); - if (kp != null) { - generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair (named curve).", generateOnNamedCurve); - } else { - // If even the named curve generation fails, try generating with the default curve instead. Use this key only if it has the same domain parameters as our public key. - KeyGeneratorTestable kgtOnDefaultCurve = new KeyGeneratorTestable(kpg, curve.getBits()); - Test generateOnDefaultCurve = KeyGeneratorTest.expectError(kgtOnDefaultCurve, Result.ExpectedValue.ANY); - runTest(generateOnDefaultCurve); - kp = kgtOnDefaultCurve.getKeyPair(); - if (kp != null && ECUtil.equalKeyPairParameters((ECPrivateKey) kp.getPrivate(), ECUtil.toPublicKey(keys.get(0)))) { - generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair (default curve).", generateOnDefaultCurve); - } else { - Test generateNotEqual = CompoundTest.function(tests -> new Result(Result.Value.FAILURE, "Default parameters do not match the curve " + curve.getId()), "Default parameters do not match the curve " + curve.getId(), generateOnDefaultCurve); - Test generateFail = CompoundTest.any(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " + curve.getId() + ". " + "KeyAgreement tests will be skipped.", generate, generateOnNamedCurve, generateNotEqual); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Invalid curve test of " + curve.getId() + ".", generateFail)); - continue; - } - } - } - ECPrivateKey ecpriv = (ECPrivateKey) kp.getPrivate(); - - List<Test> allKaTests = new LinkedList<>(); - for (KeyAgreementIdent kaIdent : cfg.selected.getKAs()) { - if (kaAlgo == null || kaIdent.containsAny(kaTypes)) { - List<Test> specificKaTests = new LinkedList<>(); - for (EC_Key.Public pub : keys) { - ECPublicKey ecpub = ECUtil.toPublicKey(pub); - KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpriv, ecpub); - Test keyAgreement = KeyAgreementTest.expectError(testable, Result.ExpectedValue.FAILURE); - specificKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, pub.getId() + " invalid key test.", keyAgreement)); - } - allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform " + kaIdent.getName() + " with invalid public points.", specificKaTests.toArray(new Test[0]))); - } - } - if (allKaTests.isEmpty()) { - allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "None of the specified key agreement types is supported by the library.")); - } - Test tests = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Do tests.", allKaTests.toArray(new Test[0])); - doTest(CompoundTest.greedyAllTry(Result.ExpectedValue.SUCCESS, "Invalid curve test of " + curve.getId() + ".", generateSuccess, tests)); - } - } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneMiscSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneMiscSuite.java index f3a10eb..657c2ff 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneMiscSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneMiscSuite.java @@ -6,6 +6,7 @@ import cz.crcs.ectester.common.output.TestWriter; import cz.crcs.ectester.common.test.CompoundTest; import cz.crcs.ectester.common.test.Result; import cz.crcs.ectester.common.test.Test; +import cz.crcs.ectester.common.util.ByteUtil; import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.standalone.ECTesterStandalone; import cz.crcs.ectester.standalone.consts.KeyAgreementIdent; @@ -22,6 +23,8 @@ import java.security.interfaces.ECPrivateKey; import java.security.interfaces.ECPublicKey; import java.util.*; +import static cz.crcs.ectester.common.util.ECUtil.hashCurve; + /** * @author David Hofman */ @@ -50,30 +53,10 @@ public class StandaloneMiscSuite extends StandaloneTestSuite { kaTypes = kaAlgo != null ? Arrays.asList(kaAlgo.split(",")) : new ArrayList<>(); sigTypes = sigAlgo != null ? Arrays.asList(sigAlgo.split(",")) : new ArrayList<>(); - - KeyPairGeneratorIdent kpgIdent; - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains(kpgAlgo)) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The KeyPairGenerator algorithm type of \"" + kpgAlgo + "\" was not found."); - return; - } + + KeyPairGeneratorIdent kpgIdent = getKeyPairGeneratorIdent(kpgAlgo); + if (kpgIdent == null) { + return; } KeyPairGenerator kpg = kpgIdent.getInstance(cfg.selected.getProvider()); @@ -98,29 +81,18 @@ public class StandaloneMiscSuite extends StandaloneTestSuite { private void testCurve(EC_Curve curve, String catName, KeyPairGenerator kpg, Result.ExpectedValue expected) throws NoSuchAlgorithmException { //generate KeyPair KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, curve.toSpec()); - Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if(kp == null) { - Test generateFail = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " + curve.getId() + - ". " + " Other tests will be skipped.", generate); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + "b " + catName + " curve: " + curve.getId() + ".", generateFail)); - return; - } - Test generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair.", generate); - ECPrivateKey ecpriv = (ECPrivateKey) kp.getPrivate(); - ECPublicKey ecpub = (ECPublicKey) kp.getPublic(); + Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); //perform KeyAgreement tests List<Test> kaTests = new LinkedList<>(); for (KeyAgreementIdent kaIdent : cfg.selected.getKAs()) { if (kaAlgo == null || kaIdent.containsAny(kaTypes)) { KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpriv, ecpub); + KeyAgreementTestable testable = new KeyAgreementTestable(ka, kgt, kgt); kaTests.add(KeyAgreementTest.expectError(testable, expected)); } } - if(kaTests.isEmpty()) { + if (kaTests.isEmpty()) { kaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "None of the specified KeyAgreement types is supported by the library.")); } @@ -129,17 +101,17 @@ public class StandaloneMiscSuite extends StandaloneTestSuite { for (SignatureIdent sigIdent : cfg.selected.getSigs()) { if (sigAlgo == null || sigIdent.containsAny(sigTypes)) { Signature sig = sigIdent.getInstance(cfg.selected.getProvider()); - SignatureTestable testable = new SignatureTestable(sig, ecpriv, ecpub, null); + SignatureTestable testable = new SignatureTestable(sig, kgt, hashCurve(curve)); sigTests.add(SignatureTest.expectError(testable, expected)); } } - if(sigTests.isEmpty()) { + if (sigTests.isEmpty()) { sigTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "None of the specified Signature types is supported by the library.")); } Test performKeyAgreements = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform specified KeyAgreements.", kaTests.toArray(new Test[0])); Test performSignatures = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform specified Signatures.", sigTests.toArray(new Test[0])); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + "b " + catName + " curve: " + curve.getId() + ".", generateSuccess, performKeyAgreements, performSignatures)); + doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + "b " + catName + " curve: " + curve.getId() + ".", generate, performKeyAgreements, performSignatures)); } private void testCurves(Collection<EC_Curve> curves, String catName, KeyPairGenerator kpg, Result.ExpectedValue expected) throws NoSuchAlgorithmException { diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandalonePerformanceSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandalonePerformanceSuite.java index a1b4d75..30a0c0f 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandalonePerformanceSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandalonePerformanceSuite.java @@ -48,26 +48,16 @@ public class StandalonePerformanceSuite extends StandaloneTestSuite { List<String> sigTypes = sigAlgo != null ? Arrays.asList(sigAlgo.split(",")) : new ArrayList<>(); List<KeyPairGeneratorIdent> kpgIdents = new LinkedList<>(); - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdents.add(kpgIdentOpt.get()); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - kpgIdents = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.containsAny(kpgTypes)).collect(Collectors.toList()); - if (kpgIdents.isEmpty()) { - System.err.println("No KeyPairGenerator algorithms of specified types were found."); - return; + for (String kpgChoice : kpgTypes) { + KeyPairGeneratorIdent ident = getKeyPairGeneratorIdent(kpgChoice); + if (ident != null && !kpgIdents.contains(ident)) { + kpgIdents.add(ident); } } + if (kpgIdents.isEmpty()) { + System.err.println("Need some KeyPairGenerators to be able to generate keys. Select at least one supported one using the -gt/--kpg-type option."); + return; + } KeyGeneratorTestable kgtOne = null; KeyGeneratorTestable kgtOther = null; @@ -94,8 +84,8 @@ public class StandalonePerformanceSuite extends StandaloneTestSuite { kgtOther = new KeyGeneratorTestable(kpg); } kpgTests.add(PerformanceTest.repeat(kgtOne, cfg.selected, kpgIdent.getName(), count)); + kpgTests.add(PerformanceTest.repeat(kgtOther, cfg.selected, kpgIdent.getName(), count)); } - runTest(KeyGeneratorTest.expect(kgtOther, Result.ExpectedValue.SUCCESS)); doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "KeyPairGenerator performance tests", kpgTests.toArray(new Test[0]))); List<Test> kaTests = new LinkedList<>(); diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneSignatureSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneSignatureSuite.java index 8e5e452..43feb23 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneSignatureSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneSignatureSuite.java @@ -31,29 +31,9 @@ public class StandaloneSignatureSuite extends StandaloneTestSuite { protected void runTests() throws Exception { String sigAlgo = cli.getOptionValue("test.sig-type"); - SignatureIdent sigIdent; - if (sigAlgo == null) { - // try ECDSA, if not, fail with: need to specify sig algo. - Optional<SignatureIdent> sigIdentOpt = cfg.selected.getSigs().stream() - .filter((ident) -> ident.contains("ECDSA")) - .findFirst(); - if (sigIdentOpt.isPresent()) { - sigIdent = sigIdentOpt.get(); - } else { - System.err.println("The default Signature algorithm type of \"ECDSA\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong sig algo/not found. - Optional<SignatureIdent> sigIdentOpt = cfg.selected.getSigs().stream() - .filter((ident) -> ident.contains(sigAlgo)) - .findFirst(); - if (sigIdentOpt.isPresent()) { - sigIdent = sigIdentOpt.get(); - } else { - System.err.println("The Signature algorithm type of \"" + sigAlgo + "\" was not found."); - return; - } + SignatureIdent sigIdent = getSignatureIdent(sigAlgo); + if (sigIdent == null) { + return; } Map<String, EC_SigResult> results = EC_Store.getInstance().getObjects(EC_SigResult.class, "wrong"); diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java index e4e0013..ac164e1 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java @@ -4,8 +4,15 @@ import cz.crcs.ectester.common.cli.TreeCommandLine; import cz.crcs.ectester.common.output.TestWriter; import cz.crcs.ectester.common.test.TestSuite; import cz.crcs.ectester.standalone.ECTesterStandalone; +import cz.crcs.ectester.standalone.consts.Ident; +import cz.crcs.ectester.standalone.consts.KeyAgreementIdent; +import cz.crcs.ectester.standalone.consts.KeyPairGeneratorIdent; +import cz.crcs.ectester.standalone.consts.SignatureIdent; import cz.crcs.ectester.standalone.libs.ProviderECLibrary; +import java.util.Optional; +import java.util.Set; + /** * @author Jan Jancar johny@neuromancer.sk */ @@ -22,4 +29,44 @@ public abstract class StandaloneTestSuite extends TestSuite { public ProviderECLibrary getLibrary() { return cfg.selected; } + + private <T extends Ident> T getIdent(Set<T> options, String choice, String identName, String defaultChoice) { + T ident; + if (choice == null) { + // try EC, if not, fail with: need to specify kpg algo. + Optional<T> identOpt = options.stream() + .filter((i) -> i.contains(defaultChoice)) + .findFirst(); + if (identOpt.isPresent()) { + ident = identOpt.get(); + } else { + System.err.printf("The default %s algorithm type of \"%s\" (default) was not found. Need to specify a type.", identName, defaultChoice); + return null; + } + } else { + // try the specified, if not, fail with: wrong kpg algo/not found. + Optional<T> identOpt = options.stream() + .filter((i) -> i.contains(choice)) + .findFirst(); + if (identOpt.isPresent()) { + ident = identOpt.get(); + } else { + System.err.printf("The %s algorithm type of \"%s\" was not found.", identName, choice); + return null; + } + } + return ident; + } + + KeyPairGeneratorIdent getKeyPairGeneratorIdent(String kpgAlgo) { + return getIdent(cfg.selected.getKPGs(), kpgAlgo, "KeyPairGenerator", "EC"); + } + + KeyAgreementIdent getKeyAgreementIdent(String kaAlgo) { + return getIdent(cfg.selected.getKAs(), kaAlgo, "KeyAgreement", "ECDH"); + } + + SignatureIdent getSignatureIdent(String sigAlgo) { + return getIdent(cfg.selected.getSigs(), sigAlgo, "Signature", "ECDSA"); + } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTwistSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTwistSuite.java index 37adbb2..1f08a80 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTwistSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTwistSuite.java @@ -1,133 +1,15 @@ package cz.crcs.ectester.standalone.test.suites; import cz.crcs.ectester.common.cli.TreeCommandLine; -import cz.crcs.ectester.common.ec.EC_Curve; -import cz.crcs.ectester.common.ec.EC_Key; import cz.crcs.ectester.common.output.TestWriter; -import cz.crcs.ectester.common.test.CompoundTest; -import cz.crcs.ectester.common.test.Result; -import cz.crcs.ectester.common.test.Test; -import cz.crcs.ectester.common.util.ECUtil; -import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.standalone.ECTesterStandalone; -import cz.crcs.ectester.standalone.consts.KeyAgreementIdent; -import cz.crcs.ectester.standalone.consts.KeyPairGeneratorIdent; -import cz.crcs.ectester.standalone.test.base.KeyAgreementTest; -import cz.crcs.ectester.standalone.test.base.KeyAgreementTestable; -import cz.crcs.ectester.standalone.test.base.KeyGeneratorTest; -import cz.crcs.ectester.standalone.test.base.KeyGeneratorTestable; - -import javax.crypto.KeyAgreement; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.interfaces.ECPrivateKey; -import java.security.interfaces.ECPublicKey; -import java.security.spec.ECGenParameterSpec; -import java.security.spec.ECParameterSpec; -import java.util.*; /** * @author David Hofman */ -public class StandaloneTwistSuite extends StandaloneTestSuite { +public class StandaloneTwistSuite extends StandaloneForeignSuite { public StandaloneTwistSuite(TestWriter writer, ECTesterStandalone.Config cfg, TreeCommandLine cli) { super(writer, cfg, cli, "twist", "The twist test suite tests whether the library correctly rejects points on the quadratic twist of the curve during ECDH.", "Supports options:", "\t - gt/kpg-type", "\t - kt/ka-type (select multiple types by separating them with commas)"); } - - @Override - protected void runTests() throws Exception { - String kpgAlgo = cli.getOptionValue("test.kpg-type"); - String kaAlgo = cli.getOptionValue("test.ka-type"); - List<String> kaTypes = kaAlgo != null ? Arrays.asList(kaAlgo.split(",")) : new ArrayList<>(); - - KeyPairGeneratorIdent kpgIdent; - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains(kpgAlgo)) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The KeyPairGenerator algorithm type of \"" + kpgAlgo + "\" was not found."); - return; - } - } - - Map<String, EC_Key.Public> pubkeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "twist"); - Map<EC_Curve, List<EC_Key.Public>> curveList = EC_Store.mapKeyToCurve(pubkeys.values()); - for (Map.Entry<EC_Curve, List<EC_Key.Public>> e : curveList.entrySet()) { - EC_Curve curve = e.getKey(); - List<EC_Key.Public> keys = e.getValue(); - - KeyPairGenerator kpg = kpgIdent.getInstance(cfg.selected.getProvider()); - ECParameterSpec spec = curve.toSpec(); - KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); - - Test generateSuccess; - Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp != null) { - generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair.", generate); - } else { - // If KeyPair generation fails, try generating it on named curve instead. - ECGenParameterSpec namedSpec = new ECGenParameterSpec(curve.getId()); - KeyGeneratorTestable kgtOnNamedCurve = new KeyGeneratorTestable(kpg, namedSpec); - Test generateOnNamedCurve = KeyGeneratorTest.expectError(kgtOnNamedCurve, Result.ExpectedValue.ANY); - runTest(generateOnNamedCurve); - kp = kgtOnNamedCurve.getKeyPair(); - if (kp != null) { - generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair (named curve).", generateOnNamedCurve); - } else { - // If even the named curve generation fails, try generating with the default curve instead. Use this key only if it has the same domain parameters as our public key. - KeyGeneratorTestable kgtOnDefaultCurve = new KeyGeneratorTestable(kpg, curve.getBits()); - Test generateOnDefaultCurve = KeyGeneratorTest.expectError(kgtOnDefaultCurve, Result.ExpectedValue.ANY); - runTest(generateOnDefaultCurve); - kp = kgtOnDefaultCurve.getKeyPair(); - if (kp != null && ECUtil.equalKeyPairParameters((ECPrivateKey) kp.getPrivate(), ECUtil.toPublicKey(keys.get(0)))) { - generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair (default curve).", generateOnDefaultCurve); - } else { - Test generateNotEqual = CompoundTest.function(tests -> new Result(Result.Value.FAILURE, "Default parameters do not match the curve " + curve.getId()), "Default parameters do not match the curve " + curve.getId(), generateOnDefaultCurve); - Test generateFail = CompoundTest.any(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " + curve.getId() + ". " + "KeyAgreement tests will be skipped.", generate, generateOnNamedCurve, generateNotEqual); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Twist test of " + curve.getId() + ".", generateFail)); - continue; - } - } - } - ECPrivateKey ecpriv = (ECPrivateKey) kp.getPrivate(); - - List<Test> allKaTests = new LinkedList<>(); - for (KeyAgreementIdent kaIdent : cfg.selected.getKAs()) { - if (kaAlgo == null || kaIdent.containsAny(kaTypes)) { - List<Test> specificKaTests = new LinkedList<>(); - for (EC_Key.Public pub : keys) { - ECPublicKey ecpub = ECUtil.toPublicKey(pub); - KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpriv, ecpub); - Test keyAgreement = KeyAgreementTest.expectError(testable, Result.ExpectedValue.FAILURE); - specificKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, pub.getId() + " twist key test.", keyAgreement)); - } - allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform " + kaIdent.getName() + " with public points on twist.", specificKaTests.toArray(new Test[0]))); - } - } - if (allKaTests.isEmpty()) { - allKaTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, "None of the specified key agreement types is supported by the library.")); - } - Test tests = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Do tests.", allKaTests.toArray(new Test[0])); - doTest(CompoundTest.greedyAllTry(Result.ExpectedValue.SUCCESS, "Twist test of " + curve.getId() + ".", generateSuccess, tests)); - } - } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java index 1aae9d5..4634ab0 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java @@ -50,54 +50,15 @@ public class StandaloneWrongSuite extends StandaloneTestSuite { String kaAlgo = cli.getOptionValue("test.ka-type"); boolean skip = cli.getArg(1).equalsIgnoreCase("-skip"); - KeyPairGeneratorIdent kpgIdent; - if (kpgAlgo == null) { - // try EC, if not, fail with: need to specify kpg algo. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains("EC")) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The default KeyPairGenerator algorithm type of \"EC\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong kpg algo/not found. - Optional<KeyPairGeneratorIdent> kpgIdentOpt = cfg.selected.getKPGs().stream() - .filter((ident) -> ident.contains(kpgAlgo)) - .findFirst(); - if (kpgIdentOpt.isPresent()) { - kpgIdent = kpgIdentOpt.get(); - } else { - System.err.println("The KeyPairGenerator algorithm type of \"" + kpgAlgo + "\" was not found."); - return; - } + KeyPairGeneratorIdent kpgIdent = getKeyPairGeneratorIdent(kpgAlgo); + if (kpgIdent == null) { + return; } kpg = kpgIdent.getInstance(cfg.selected.getProvider()); - if (kaAlgo == null) { - // try ECDH, if not, fail with: need to specify ka algo. - Optional<KeyAgreementIdent> kaIdentOpt = cfg.selected.getKAs().stream() - .filter((ident) -> ident.contains("ECDH")) - .findFirst(); - if (kaIdentOpt.isPresent()) { - kaIdent = kaIdentOpt.get(); - } else { - System.err.println("The default KeyAgreement algorithm type of \"ECDH\" was not found. Need to specify a type."); - return; - } - } else { - // try the specified, if not, fail with: wrong ka algo/not found. - Optional<KeyAgreementIdent> kaIdentOpt = cfg.selected.getKAs().stream() - .filter((ident) -> ident.contains(kaAlgo)) - .findFirst(); - if (kaIdentOpt.isPresent()) { - kaIdent = kaIdentOpt.get(); - } else { - System.err.println("The KeyAgreement algorithm type of \"" + kaAlgo + "\" was not found."); - return; - } + kaIdent = getKeyAgreementIdent(kaAlgo); + if (kaIdent == null) { + return; } /* Just do the default run on the wrong curves. @@ -108,29 +69,18 @@ public class StandaloneWrongSuite extends StandaloneTestSuite { for (Map.Entry<String, EC_Curve> e : wrongCurves.entrySet()) { EC_Curve curve = e.getValue(); - ECParameterSpec spec = curve.toSpec(); + ECParameterSpec spec = toCustomSpec(curve); String type = curve.getField() == javacard.security.KeyPair.ALG_EC_FP ? "FP" : "F2M"; //try generating a keypair KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.ANY); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp == null) { - Test generateFail = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generating KeyPair has failed on " + curve.getId() + ".", generate); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Wrong curve test of " + curve.getBits() - + "b " + type + ". " + curve.getDesc(), generateFail)); - continue; - } - Test generateSuccess = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Generate keypair.", generate); - ECPrivateKey ecpriv = (ECPrivateKey) kp.getPrivate(); - ECPublicKey ecpub = (ECPublicKey) kp.getPublic(); KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, ecpriv, ecpub); + KeyAgreementTestable testable = new KeyAgreementTestable(ka, kgt, kgt); Test ecdh = KeyAgreementTest.expectError(testable, Result.ExpectedValue.FAILURE); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Wrong curve test of " + curve.getBits() - + "b " + type + ". " + curve.getDesc(), generateSuccess, ecdh)); + doTest(CompoundTest.function(CompoundTest.EXPECT_ALL_SUCCESS, CompoundTest.RUN_ALL_IF_FIRST, "Wrong curve test of " + curve.getBits() + + "b " + type + ". " + curve.getDesc(), generate, ecdh)); } } @@ -264,7 +214,7 @@ public class StandaloneWrongSuite extends StandaloneTestSuite { ByteUtil.shortToBytes((short) 0), ByteUtil.shortToBytes((short) 0)}; curve.setParam(EC_Consts.PARAMETER_F2M, coeffBytes); - Test coeff0 = ecdhTest(toCustomSpec(curve), "ECDH with wrong field polynomial: x^"); + Test coeff0 = ecdhTest(toCustomSpec(curve), "ECDH with wrong field polynomial: 0"); short e1 = (short) (2 * bits); short e2 = (short) (3 * bits); @@ -285,50 +235,17 @@ public class StandaloneWrongSuite extends StandaloneTestSuite { //generate KeyPair KeyGeneratorTestable kgt = new KeyGeneratorTestable(kpg, spec); Test generate = KeyGeneratorTest.expectError(kgt, Result.ExpectedValue.FAILURE); - runTest(generate); - KeyPair kp = kgt.getKeyPair(); - if (kp == null) { - return CompoundTest.all(Result.ExpectedValue.SUCCESS, desc, generate); - } - ECPublicKey pub = (ECPublicKey) kp.getPublic(); - ECPrivateKey priv = (ECPrivateKey) kp.getPrivate(); //perform ECDH KeyAgreement ka = kaIdent.getInstance(cfg.selected.getProvider()); - KeyAgreementTestable testable = new KeyAgreementTestable(ka, priv, pub); + KeyAgreementTestable testable = new KeyAgreementTestable(ka, kgt, kgt); Test ecdh = KeyAgreementTest.expect(testable, Result.ExpectedValue.FAILURE); - return CompoundTest.all(Result.ExpectedValue.SUCCESS, desc, generate, ecdh); - } - - //constructs EllipticCurve from EC_Curve even if the parameters of the curve are wrong - private EllipticCurve toCustomCurve(EC_Curve curve) { - ECField field; - if (curve.getField() == javacard.security.KeyPair.ALG_EC_FP) { - field = new CustomECFieldFp(new BigInteger(1, curve.getData(0))); - } else { - byte[][] fieldData = curve.getParam(EC_Consts.PARAMETER_F2M); - int m = ByteUtil.getShort(fieldData[0], 0); - int e1 = ByteUtil.getShort(fieldData[1], 0); - int e2 = ByteUtil.getShort(fieldData[2], 0); - int e3 = ByteUtil.getShort(fieldData[3], 0); - int[] powers; - if (e2 == 0 && e3 == 0) { - powers = new int[]{e1}; - } else { - powers = new int[]{e1, e2, e3}; - } - field = new CustomECFieldF2m(m, powers); - } - - BigInteger a = new BigInteger(1, curve.getParam(EC_Consts.PARAMETER_A)[0]); - BigInteger b = new BigInteger(1, curve.getParam(EC_Consts.PARAMETER_B)[0]); - - return new CustomEllipticCurve(field, a, b); + return CompoundTest.function(CompoundTest.EXPECT_ALL_SUCCESS, CompoundTest.RUN_ALL_IF_FIRST, desc, generate, ecdh); } //constructs ECParameterSpec from EC_Curve even if the parameters of the curve are wrong private ECParameterSpec toCustomSpec(EC_Curve curve) { - EllipticCurve customCurve = toCustomCurve(curve); + EllipticCurve customCurve = curve.toCustomCurve(); byte[][] G = curve.getParam(EC_Consts.PARAMETER_G); BigInteger gx = new BigInteger(1, G[0]); |