diff options
| author | Ján Jančár | 2024-03-27 17:44:43 +0100 |
|---|---|---|
| committer | GitHub | 2024-03-27 17:44:43 +0100 |
| commit | 14bb8dce2ec147970c3ad1d0433d59b0e0c55450 (patch) | |
| tree | d269c72270caa8123620c0a10e3ae99de7c24284 /standalone/src | |
| parent | 96f21ccff6cc3daa5728e4700459d655238f5b93 (diff) | |
| parent | 88e480904c24d4c93ef6420acb6bf92ae95871af (diff) | |
| download | ECTester-14bb8dce2ec147970c3ad1d0433d59b0e0c55450.tar.gz ECTester-14bb8dce2ec147970c3ad1d0433d59b0e0c55450.tar.zst ECTester-14bb8dce2ec147970c3ad1d0433d59b0e0c55450.zip | |
Diffstat (limited to 'standalone/src')
7 files changed, 320 insertions, 57 deletions
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java index 57ab98f..cfdb964 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java @@ -839,9 +839,13 @@ public class ECTesterStandalone { KeyPair kp = kpg.genKeyPair(); ECPrivateKey privateKey = (ECPrivateKey) kp.getPrivate(); ECParameterSpec params = privateKey.getParams(); - System.out.println(params); - EC_Curve curve = EC_Curve.fromSpec(params); - curve.writeCSV(System.out); + if (params == null) { + System.err.println("Parameters could not be exported (they are NULL)."); + } else { + System.out.println(params); + EC_Curve curve = EC_Curve.fromSpec(params); + curve.writeCSV(System.out); + } } public static void main(String[] args) { diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/WolfCryptLib.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/WolfCryptLib.java index b58eb91..ff592d1 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/WolfCryptLib.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/WolfCryptLib.java @@ -12,6 +12,16 @@ public class WolfCryptLib extends ProviderECLibrary { } @Override + public boolean initialize() { + try { + System.loadLibrary("wolfcryptjni"); + return super.initialize(); + } catch (UnsatisfiedLinkError ule) { + return false; + } + } + + @Override public Set<String> getCurves() { return new HashSet<>(); } diff --git a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/nettle.c b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/nettle.c index e8d874a..d4fa0a5 100644 --- a/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/nettle.c +++ b/standalone/src/main/resources/cz/crcs/ectester/standalone/libs/jni/nettle.c @@ -75,27 +75,42 @@ JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPa return JNI_FALSE; } -static const struct ecc_curve* create_curve(JNIEnv *env, const char* curve_name) { - const struct ecc_curve* curve = NULL; - if (curve_name) { - if (strcasecmp("secp192r1", curve_name) == 0) { - curve = nettle_get_secp_192r1(); - } - if (strcasecmp("secp224r1", curve_name) == 0) { - curve = nettle_get_secp_224r1(); - } - if (strcasecmp("secp256r1", curve_name) == 0) { - curve = nettle_get_secp_256r1(); - } - if (strcasecmp("secp384r1", curve_name) == 0) { - curve = nettle_get_secp_384r1(); - } - if (strcasecmp("secp521r1", curve_name) == 0) { - curve = nettle_get_secp_521r1(); - } - return curve; - } - return NULL; +static const struct ecc_curve* create_curve_from_name(JNIEnv *env, const char* curve_name) { + if (!curve_name) { + return NULL; + } + if (strcasecmp("secp192r1", curve_name) == 0) { + return nettle_get_secp_192r1(); + } + if (strcasecmp("secp224r1", curve_name) == 0) { + return nettle_get_secp_224r1(); + } + if (strcasecmp("secp256r1", curve_name) == 0) { + return nettle_get_secp_256r1(); + } + if (strcasecmp("secp384r1", curve_name) == 0) { + return nettle_get_secp_384r1(); + } + if (strcasecmp("secp521r1", curve_name) == 0) { + return nettle_get_secp_521r1(); + } +} + +static const struct ecc_curve* create_curve_from_size(JNIEnv *env, jint keysize) { + switch (keysize) { + case 192: + return nettle_get_secp_192r1(); + case 224: + return nettle_get_secp_224r1(); + case 256: + return nettle_get_secp_256r1(); + case 384: + return nettle_get_secp_384r1(); + case 521: + return nettle_get_secp_521r1(); + default: + return NULL; + } } JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Nettle_paramsSupported(JNIEnv *env, jobject self, jobject params){ @@ -153,7 +168,6 @@ static jobject generate_from_curve(JNIEnv *env, const struct ecc_curve* curve, j mpz_export((unsigned char*) key_priv + diff, &size, 1, sizeof(unsigned char), 0, 0, private_value); (*env)->ReleaseByteArrayElements(env, priv_bytes, key_priv, 0); - unsigned long key_len = 2*byte_size + 1; jbyteArray pub_bytes = (*env)->NewByteArray(env, key_len); mpz_t pub_value_x; @@ -175,7 +189,6 @@ static jobject generate_from_curve(JNIEnv *env, const struct ecc_curve* curve, j mpz_export((unsigned char*) key_pub + 1 + byte_size + diff, &yLen, 1, sizeof(unsigned char), 0, 0, pub_value_y); (*env)->ReleaseByteArrayElements(env, pub_bytes, key_pub, 0); - jobject ec_pub_param_spec = (*env)->NewLocalRef(env, spec); jmethodID ec_pub_init = (*env)->GetMethodID(env, pubkey_class, "<init>", "([BLjava/security/spec/ECParameterSpec;)V"); jobject pubkey = (*env)->NewObject(env, pubkey_class, ec_pub_init, pub_bytes, ec_pub_param_spec); @@ -189,39 +202,41 @@ static jobject generate_from_curve(JNIEnv *env, const struct ecc_curve* curve, j ecc_point_clear(&pub); ecc_scalar_clear(&priv); return (*env)->NewObject(env, keypair_class, keypair_init, pubkey, privkey); - - } JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Nettle_generate__ILjava_security_SecureRandom_2(JNIEnv *env, jobject self, jint keysize, jobject random) { - throw_new(env, "java/lang/UnsupportedOperationException", "Not supported."); + const struct ecc_curve* curve = create_curve_from_size(env, keysize); + if (!curve) { + throw_new(env, "java/lang/UnsupportedOperationException", "Not supported."); + return NULL; + } + int byte_size = (keysize + 7) / 8; + jobject result = generate_from_curve(env, curve, NULL, byte_size); + return result; return NULL; } - - JNIEXPORT jobject JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKeyPairGeneratorSpi_00024Nettle_generate__Ljava_security_spec_AlgorithmParameterSpec_2Ljava_security_SecureRandom_2Ljava_security_spec_AlgorithmParameterSpec_2(JNIEnv *env, jobject self, jobject params, jobject random, jobject spec) { - if ((*env)->IsInstanceOf(env, params, ec_parameter_spec_class)) { return NULL; } else if ((*env)->IsInstanceOf(env, params, ecgen_parameter_spec_class)) { jmethodID get_name = (*env)->GetMethodID(env, ecgen_parameter_spec_class, "getName", "()Ljava/lang/String;"); jstring name = (*env)->CallObjectMethod(env, params, get_name); const char* utf_name = (*env)->GetStringUTFChars(env, name, NULL); - const struct ecc_curve* curve; + const struct ecc_curve* curve = NULL; int byte_size; char *curve_name[5] = {"secp192r1", "secp224r1", "secp256r1", "secp384r1", "secp521r1"}; int byte_sizes[] = {24, 28, 32, 48, 66}; for (int i = 0; i < sizeof(curve_name); i++) { if (strcasecmp(utf_name, curve_name[i]) == 0) { - curve = create_curve(env, curve_name[i]); + curve = create_curve_from_name(env, curve_name[i]); byte_size = byte_sizes[i]; break; } } (*env)->ReleaseStringUTFChars(env, name, utf_name); if (!curve) { - throw_new(env, "java/security/InvalidAlgorithmParameterException", "Curve for given bitsize not found."); + throw_new(env, "java/security/InvalidAlgorithmParameterException", "Curve with given name not found."); return NULL; } jobject result = generate_from_curve(env, curve, spec, byte_size); @@ -263,13 +278,13 @@ JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeKey jmethodID get_name = (*env)->GetMethodID(env, ecgen_parameter_spec_class, "getName", "()Ljava/lang/String;"); jstring name = (*env)->CallObjectMethod(env, params, get_name); const char* utf_name = (*env)->GetStringUTFChars(env, name, NULL); - const struct ecc_curve* curve; + const struct ecc_curve* curve = NULL; char *curve_name[5] = {"secp192r1", "secp224r1", "secp256r1", "secp384r1", "secp521r1"}; int byte_sizes[] = {24, 28, 32, 48, 66}; int byte_size; for (int i = 0; i < sizeof(curve_name); i++) { if (strcasecmp(utf_name, curve_name[i]) == 0) { - curve = create_curve(env, curve_name[i]); + curve = create_curve_from_name(env, curve_name[i]); byte_size = byte_sizes[i]; break; } @@ -412,20 +427,19 @@ int der_to_signature(struct dsa_signature* signature, unsigned char* der) { size_t sLength = der[index++]; mpz_import(signature->s, sLength, 1, sizeof(unsigned char), 0, 0, der + index); return 1; - } JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSignatureSpi_00024Nettle_sign(JNIEnv *env, jobject self, jbyteArray data, jbyteArray privkey, jobject params) { jmethodID get_name = (*env)->GetMethodID(env, ecgen_parameter_spec_class, "getName", "()Ljava/lang/String;"); jstring name = (*env)->CallObjectMethod(env, params, get_name); const char* utf_name = (*env)->GetStringUTFChars(env, name, NULL); - const struct ecc_curve* curve; + const struct ecc_curve* curve = NULL; int byte_size; char *curve_name[5] = {"secp192r1", "secp224r1", "secp256r1", "secp384r1", "secp521r1"}; int byte_sizes[] = {24, 28, 32, 48, 66}; for (int i = 0; i < sizeof(curve_name); i++) { if (strcasecmp(utf_name, curve_name[i]) == 0) { - curve = create_curve(env, curve_name[i]); + curve = create_curve_from_name(env, curve_name[i]); byte_size = byte_sizes[i] + 1; break; } @@ -451,7 +465,6 @@ JNIEXPORT jbyteArray JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSig (*env)->ReleaseByteArrayElements(env, data, data_data, JNI_ABORT); - jsize sig_len = signature_to_der(&signature, NULL, byte_size); jbyteArray result = (*env)->NewByteArray(env, sig_len); jbyte *result_data = (*env)->GetByteArrayElements(env, result, NULL); @@ -467,11 +480,11 @@ JNIEXPORT jboolean JNICALL Java_cz_crcs_ectester_standalone_libs_jni_NativeSigna jmethodID get_name = (*env)->GetMethodID(env, ecgen_parameter_spec_class, "getName", "()Ljava/lang/String;"); jstring name = (*env)->CallObjectMethod(env, params, get_name); const char* utf_name = (*env)->GetStringUTFChars(env, name, NULL); - const struct ecc_curve* curve; + const struct ecc_curve* curve = NULL; char *curve_name[5] = {"secp192r1", "secp224r1", "secp256r1", "secp384r1", "secp521r1"}; for (int i = 0; i < sizeof(curve_name); i++) { if (strcasecmp(utf_name, curve_name[i]) == 0) { - curve = create_curve(env, curve_name[i]); + curve = create_curve_from_name(env, curve_name[i]); break; } } diff --git a/standalone/src/test/java/cz/crcs/ectester/reader/IdentTests.java b/standalone/src/test/java/cz/crcs/ectester/reader/IdentTests.java deleted file mode 100644 index 2940f1e..0000000 --- a/standalone/src/test/java/cz/crcs/ectester/reader/IdentTests.java +++ /dev/null @@ -1,14 +0,0 @@ -package cz.crcs.ectester.reader; - -import cz.crcs.ectester.standalone.consts.KeyAgreementIdent; -import org.junit.jupiter.api.Test; - -import static org.junit.jupiter.api.Assertions.assertNotNull; -public class IdentTests { - @Test - void kaIdents() { - for (KeyAgreementIdent keyAgreementIdent : KeyAgreementIdent.list()) { - assertNotNull(keyAgreementIdent.getBaseAlgo()); - } - } -} diff --git a/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java b/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java new file mode 100644 index 0000000..1fdde0c --- /dev/null +++ b/standalone/src/test/java/cz/crcs/ectester/standalone/AppTests.java @@ -0,0 +1,147 @@ +package cz.crcs.ectester.standalone; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.ValueSource; +import org.junitpioneer.jupiter.StdIo; +import org.junitpioneer.jupiter.StdOut; + +import static org.junit.jupiter.api.Assertions.*; + +public class AppTests { + + @Test + @StdIo() + public void help(StdOut out) { + ECTesterStandalone.main(new String[]{"-h"}); + String s = out.capturedString(); + assertTrue(s.contains("ECTesterStandalone")); + } + + @Test + @StdIo() + public void listLibraries(StdOut out) { + ECTesterStandalone.main(new String[]{"list-libs"}); + String s = out.capturedString(); + assertTrue(s.contains("BouncyCastle")); + } + + @Test + @StdIo() + public void listData(StdOut out) { + ECTesterStandalone.main(new String[]{"list-data"}); + String s = out.capturedString(); + assertTrue(s.contains("secg")); + } + + @Test + @StdIo() + public void listSuites(StdOut out) { + ECTesterStandalone.main(new String[]{"list-suites"}); + String s = out.capturedString(); + assertTrue(s.contains("default test suite")); + } + + @Test + @StdIo() + public void listIdents(StdOut out) { + ECTesterStandalone.main(new String[]{"list-types"}); + String s = out.capturedString(); + assertTrue(s.contains("NONEwithECDSA")); + } + + @SuppressWarnings("JUnitMalformedDeclaration") + @ParameterizedTest + @ValueSource(strings = {"Bouncy", "Sun", "libtomcrypt", "Botan", "Crypto++", "OpenSSL 3", "BoringSSL", "libgcrypt", "mbed TLS", "2021" /* IPPCP */, "Nettle", "LibreSSL", "wolfCrypt"}) + @StdIo() + public void defaultSuite(String libName, StdOut out) { + String[] args = new String[]{"test", "default", libName}; + if (libName.equals("Botan") || libName.equals("Crypto++")) { + args = new String[]{"test", "--kpg-type", "ECDH", "default", libName}; + } + ECTesterStandalone.main(args); + String sout = out.capturedString(); + if (sout.contains("Exception")) { + System.err.printf("%s: Default suite has exceptions.%n", libName); + } + } + + @SuppressWarnings("JUnitMalformedDeclaration") + @ParameterizedTest + @ValueSource(strings = {"Bouncy", "Sun", "libtomcrypt", "Botan", "Crypto++", "OpenSSL 3", "BoringSSL", "libgcrypt", "mbed TLS", "2021" /* IPPCP */, "Nettle", "LibreSSL", "wolfCrypt"}) + @StdIo() + public void generate(String libName, StdOut out) { + String[] args = new String[]{"generate", "-n", "10", "-nc", "secg/secp256r1", libName}; + switch (libName) { + case "Botan": + case "Crypto++": + args = new String[]{"generate", "-n", "10", "-nc", "secg/secp256r1", "-t", "ECDH", libName}; + break; + case "Nettle": + case "libgcrypt": + args = new String[]{"generate", "-n", "10", "-cn", "secp256r1", libName}; + break; + case "BoringSSL": + args = new String[]{"generate", "-n", "10", "-cn", "prime256v1", libName}; + break; + } + ECTesterStandalone.main(args); + } + + @SuppressWarnings("JUnitMalformedDeclaration") + @ParameterizedTest + @ValueSource(strings = {"Bouncy", "Sun", "libtomcrypt", "Botan", "Crypto++", "OpenSSL 3", "BoringSSL", "libgcrypt", "mbed TLS", "2021" /* IPPCP */, "Nettle", "LibreSSL", "wolfCrypt"}) + @StdIo() + public void ecdh(String libName, StdOut out) { + String[] args = new String[]{"ecdh", "-n", "10", "-nc", "secg/secp256r1", libName}; + switch (libName) { + case "Nettle": + case "libgcrypt": + args = new String[]{"ecdh", "-n", "10", "-cn", "secp256r1", libName}; + break; + case "BoringSSL": + args = new String[]{"ecdh", "-n", "10", "-cn", "prime256v1", libName}; + break; + } + ECTesterStandalone.main(args); + } + + @SuppressWarnings("JUnitMalformedDeclaration") + @ParameterizedTest + @ValueSource(strings = {"Bouncy", "Sun", "libtomcrypt", "Botan", "Crypto++", "OpenSSL 3", "BoringSSL", "libgcrypt", "mbed TLS", "2021" /* IPPCP */, "Nettle", "LibreSSL", "wolfCrypt"}) + @StdIo() + public void ecdsa(String libName, StdOut out) { + String[] args = new String[]{"ecdsa", "-n", "10", "-nc", "secg/secp256r1", libName}; + switch (libName) { + case "Nettle": + case "libgcrypt": + args = new String[]{"ecdsa", "-n", "10", "-cn", "secp256r1", "-t", "NONEwithECDSA", libName}; + break; + case "BoringSSL": + args = new String[]{"ecdsa", "-n", "10", "-cn", "prime256v1", "-t", "NONEwithECDSA", libName}; + break; + case "OpenSSL 3": + case "libtomcrypt": + case "LibreSSL": + case "2021": + args = new String[]{"ecdsa", "-n", "10", "-nc", "secg/secp256r1", "-t", "NONEwithECDSA", libName}; + break; + } + ECTesterStandalone.main(args); + } + + @SuppressWarnings("JUnitMalformedDeclaration") + @ParameterizedTest + @ValueSource(strings = {"Bouncy", "Sun", "libtomcrypt", "Botan", "Crypto++", "OpenSSL 3", "BoringSSL", "libgcrypt", "mbed TLS", "2021" /* IPPCP */, "Nettle", "LibreSSL", "wolfCrypt"}) + @StdIo() + public void export(String libName, StdOut out) { + String[] args = new String[]{"export", "-b", "256", libName}; + switch (libName) { + case "Botan": + case "Crypto++": + args = new String[]{"export", "-b", "256", "-t", "ECDH", libName}; + break; + } + ECTesterStandalone.main(args); + System.err.println(out.capturedString()); + } +} diff --git a/standalone/src/test/java/cz/crcs/ectester/standalone/IdentTests.java b/standalone/src/test/java/cz/crcs/ectester/standalone/IdentTests.java new file mode 100644 index 0000000..e6f520e --- /dev/null +++ b/standalone/src/test/java/cz/crcs/ectester/standalone/IdentTests.java @@ -0,0 +1,49 @@ +package cz.crcs.ectester.standalone; + +import cz.crcs.ectester.standalone.consts.KeyAgreementIdent; +import cz.crcs.ectester.standalone.consts.KeyPairGeneratorIdent; +import cz.crcs.ectester.standalone.consts.SignatureIdent; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.junit.jupiter.api.Test; + +import javax.crypto.KeyAgreement; +import java.security.KeyPairGenerator; +import java.security.NoSuchAlgorithmException; +import java.security.Provider; +import java.security.Signature; + +import static org.junit.jupiter.api.Assertions.*; + +public class IdentTests { + + Provider bc = new BouncyCastleProvider(); + + @Test + void kaIdents() throws NoSuchAlgorithmException { + for (KeyAgreementIdent keyAgreementIdent : KeyAgreementIdent.list()) { + assertNotNull(keyAgreementIdent.getBaseAlgo()); + } + KeyAgreementIdent ecdh = KeyAgreementIdent.get("ECDH"); + assertNotNull(ecdh); + KeyAgreement instance = ecdh.getInstance(bc); + assertNotNull(instance); + } + + @Test + void kpgIdents() throws NoSuchAlgorithmException { + assertFalse(KeyPairGeneratorIdent.list().isEmpty()); + KeyPairGeneratorIdent kpg = KeyPairGeneratorIdent.get("ECDH"); + assertNotNull(kpg); + KeyPairGenerator instance = kpg.getInstance(bc); + assertNotNull(instance); + } + + @Test + void sigIdents() throws NoSuchAlgorithmException { + assertFalse(SignatureIdent.list().isEmpty()); + SignatureIdent ecdsa = SignatureIdent.get("NONEwithECDSA"); + assertNotNull(ecdsa); + Signature instance = ecdsa.getInstance(bc); + assertNotNull(instance); + } +} diff --git a/standalone/src/test/java/cz/crcs/ectester/standalone/LibTests.java b/standalone/src/test/java/cz/crcs/ectester/standalone/LibTests.java new file mode 100644 index 0000000..6e11ccd --- /dev/null +++ b/standalone/src/test/java/cz/crcs/ectester/standalone/LibTests.java @@ -0,0 +1,54 @@ +package cz.crcs.ectester.standalone; +import cz.crcs.ectester.standalone.libs.*; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.TestInstance; + +import java.lang.reflect.InvocationTargetException; +import java.util.LinkedList; +import java.util.List; + +@TestInstance(TestInstance.Lifecycle.PER_CLASS) +public class LibTests { + + ProviderECLibrary[] libs; + + @BeforeAll + public void loadLibs() { + List<ProviderECLibrary> libObjects = new LinkedList<>(); + Class<?>[] libClasses = new Class[]{SunECLib.class, + BouncyCastleLib.class, + TomcryptLib.class, + BotanLib.class, + CryptoppLib.class, + OpensslLib.class, + BoringsslLib.class, + GcryptLib.class, + MscngLib.class, + WolfCryptLib.class, + MbedTLSLib.class, + IppcpLib.class, + MatrixsslLib.class, + NettleLib.class, + LibresslLib.class}; + for (Class<?> c : libClasses) { + try { + libObjects.add((ProviderECLibrary) c.getDeclaredConstructor().newInstance()); + } catch (NoSuchMethodException | InstantiationException | IllegalAccessException | + InvocationTargetException ignored) { + } + } + libs = libObjects.toArray(new ProviderECLibrary[0]); + for (ProviderECLibrary lib : libs) { + lib.initialize(); + } + } + + @Test + public void loaded() { + for (ProviderECLibrary lib : libs) { + System.err.printf("%s: %b%n", lib.getClass().getSimpleName(), lib.isInitialized()); + } + + } +} |