aboutsummaryrefslogtreecommitdiff
path: root/standalone
diff options
context:
space:
mode:
authorJ08nY2024-08-07 13:02:34 +0200
committerJ08nY2024-08-07 13:02:34 +0200
commitb8054933b3d07ef8bfc3bec56b2bb795c1d01e5e (patch)
treecfc93aad4a047d952c21a02e25c09740d8daca64 /standalone
parent97d8fccebd06004a2a4f4e6ff3eaaf154a05cabc (diff)
downloadECTester-b8054933b3d07ef8bfc3bec56b2bb795c1d01e5e.tar.gz
ECTester-b8054933b3d07ef8bfc3bec56b2bb795c1d01e5e.tar.zst
ECTester-b8054933b3d07ef8bfc3bec56b2bb795c1d01e5e.zip
Diffstat (limited to 'standalone')
-rw-r--r--standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java113
-rw-r--r--standalone/src/main/java/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java12
-rw-r--r--standalone/src/main/java/cz/crcs/ectester/standalone/libs/SunECLib.java12
-rw-r--r--standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java2
-rw-r--r--standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java3
-rw-r--r--standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java2
6 files changed, 99 insertions, 45 deletions
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java
index 3194796..f358662 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java
@@ -415,12 +415,26 @@ public class ECTesterStandalone {
throw new NoSuchAlgorithmException(algo);
}
+ SecureRandom random;
+ if (cli.hasOption("ecdh.prng-seed")) {
+ String seedString = cli.getOptionValue("ecdh.prng-seed");
+ byte[] seed = ByteUtil.hexToBytes(seedString, true);
+ random = SecureRandom.getInstance("DRBG");
+ random.setSeed(seed);
+ if (!lib.setupDeterministicPRNG(seed)) {
+ System.err.println("Couldn't set PRNG seed.");
+ return;
+ }
+ } else {
+ random = new SecureRandom();
+ }
+
KeyAgreement ka = kaIdent.getInstance(lib.getProvider());
KeyPairGenerator kpg = kpIdent.getInstance(lib.getProvider());
AlgorithmParameterSpec spec = null;
if (cli.hasOption("ecdh.bits")) {
int bits = Integer.parseInt(cli.getOptionValue("ecdh.bits"));
- kpg.initialize(bits);
+ kpg.initialize(bits, random);
} else if (cli.hasOption("ecdh.named-curve")) {
String curveName = cli.getOptionValue("ecdh.named-curve");
EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, curveName);
@@ -429,20 +443,15 @@ public class ECTesterStandalone {
return;
}
spec = curve.toSpec();
- kpg.initialize(spec);
+ kpg.initialize(spec, random);
} else if (cli.hasOption("ecdh.curve-name")) {
String curveName = cli.getOptionValue("ecdh.curve-name");
spec = new ECGenParameterSpec(curveName);
- kpg.initialize(spec);
- }
-
- if (cli.hasOption("ecdh.prng-seed")) {
- String seedString = cli.getOptionValue("ecdh.prng-seed");
- byte[] seed = ByteUtil.hexToBytes(seedString, true);
- if (!lib.setupDeterministicPRNG(seed)) {
- System.err.println("Couldn't set PRNG seed.");
- return;
- }
+ kpg.initialize(spec, random);
+ } else if (cli.hasOption("ecdh.prng-seed") && !(lib instanceof NativeECLibrary)) {
+ // TODO: This only happens if at least one of the (pubkey and privkey) needs to be generated.
+ System.err.println("Unable to pass PRNG seed to a non-native library without specifying either key-size, named curve or curve name options.");
+ return;
}
if (cli.hasOption("ecdh.time-source")) {
@@ -498,9 +507,9 @@ public class ECTesterStandalone {
long elapsed = -System.nanoTime();
if (spec instanceof ECParameterSpec && lib instanceof NativeECLibrary) {
- ka.init(privkey, spec);
+ ka.init(privkey, spec, random);
} else {
- ka.init(privkey);
+ ka.init(privkey, random);
}
ka.doPhase(pubkey, true);
elapsed += System.nanoTime();
@@ -534,6 +543,22 @@ public class ECTesterStandalone {
*
*/
private void ecdsa() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, IOException, SignatureException {
+ ProviderECLibrary lib = cfg.selected;
+
+ SecureRandom random;
+ if (cli.hasOption("ecdsa.prng-seed")) {
+ String seedString = cli.getOptionValue("ecdsa.prng-seed");
+ byte[] seed = ByteUtil.hexToBytes(seedString, true);
+ random = SecureRandom.getInstance("DRBG");
+ random.setSeed(seed);
+ if (!lib.setupDeterministicPRNG(seed)) {
+ System.err.println("Couldn't set PRNG seed.");
+ return;
+ }
+ } else {
+ random = new SecureRandom();
+ }
+
byte[] data;
String dataString;
if (cli.hasOption("ecdsa.file")) {
@@ -546,12 +571,12 @@ public class ECTesterStandalone {
data = Files.readAllBytes(in.toPath());
dataString = "";
} else {
- Random random = new Random();
+ Random dataRandom = new Random();
data = new byte[32];
- random.nextBytes(data);
+ dataRandom.nextBytes(data);
dataString = ByteUtil.bytesToHex(data, false);
}
- ProviderECLibrary lib = cfg.selected;
+
String algo = cli.getOptionValue("ecdsa.type", "ECDSA");
SignatureIdent sigIdent = lib.getSigs().stream()
.filter((ident) -> ident.contains(algo))
@@ -586,7 +611,7 @@ public class ECTesterStandalone {
ECParameterSpec spec = null;
if (cli.hasOption("ecdsa.bits")) {
int bits = Integer.parseInt(cli.getOptionValue("ecdsa.bits"));
- kpg.initialize(bits);
+ kpg.initialize(bits, random);
} else if (cli.hasOption("ecdsa.named-curve")) {
String curveName = cli.getOptionValue("ecdsa.named-curve");
EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, curveName);
@@ -595,19 +620,14 @@ public class ECTesterStandalone {
return;
}
spec = curve.toSpec();
- kpg.initialize(spec);
+ kpg.initialize(spec, random);
} else if (cli.hasOption("ecdsa.curve-name")) {
String curveName = cli.getOptionValue("ecdsa.curve-name");
- kpg.initialize(new ECGenParameterSpec(curveName));
- }
-
- if (cli.hasOption("ecdsa.prng-seed")) {
- String seedString = cli.getOptionValue("ecdsa.prng-seed");
- byte[] seed = ByteUtil.hexToBytes(seedString, true);
- if (!lib.setupDeterministicPRNG(seed)) {
- System.err.println("Couldn't set PRNG seed.");
- return;
- }
+ kpg.initialize(new ECGenParameterSpec(curveName), random);
+ } else if (cli.hasOption("ecdsa.prng-seed") && !(lib instanceof NativeECLibrary)) {
+ // TODO: This only happens if at least one of the (pubkey and privkey) needs to be generated.
+ System.err.println("Unable to pass PRNG seed to a non-native library without specifying either key-size, named curve or curve name options.");
+ return;
}
if (cli.hasOption("ecdsa.time-source")) {
@@ -660,7 +680,7 @@ public class ECTesterStandalone {
}
}
- sig.initSign(privkey);
+ sig.initSign(privkey, random);
sig.update(data);
long signTime = -System.nanoTime();
@@ -729,10 +749,25 @@ public class ECTesterStandalone {
if (ident == null) {
throw new NoSuchAlgorithmException(algo);
}
+
+ SecureRandom random;
+ if (cli.hasOption("generate.prng-seed")) {
+ String seedString = cli.getOptionValue("generate.prng-seed");
+ byte[] seed = ByteUtil.hexToBytes(seedString, true);
+ random = SecureRandom.getInstance("DRBG");
+ random.setSeed(seed);
+ if (!lib.setupDeterministicPRNG(seed)) {
+ System.err.println("Couldn't set PRNG seed.");
+ return;
+ }
+ } else {
+ random = new SecureRandom();
+ }
+
KeyPairGenerator kpg = ident.getInstance(lib.getProvider());
if (cli.hasOption("generate.bits")) {
int bits = Integer.parseInt(cli.getOptionValue("generate.bits"));
- kpg.initialize(bits);
+ kpg.initialize(bits, random);
} else if (cli.hasOption("generate.named-curve")) {
String curveName = cli.getOptionValue("generate.named-curve");
EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, curveName);
@@ -740,19 +775,13 @@ public class ECTesterStandalone {
System.err.println("Curve not found: " + curveName);
return;
}
- kpg.initialize(curve.toSpec());
+ kpg.initialize(curve.toSpec(), random);
} else if (cli.hasOption("generate.curve-name")) {
String curveName = cli.getOptionValue("generate.curve-name");
- kpg.initialize(new ECGenParameterSpec(curveName));
- }
-
- if (cli.hasOption("generate.prng-seed")) {
- String seedString = cli.getOptionValue("generate.prng-seed");
- byte[] seed = ByteUtil.hexToBytes(seedString, true);
- if (!lib.setupDeterministicPRNG(seed)) {
- System.err.println("Couldn't set PRNG seed.");
- return;
- }
+ kpg.initialize(new ECGenParameterSpec(curveName), random);
+ } else if (cli.hasOption("generate.prng-seed") && !(lib instanceof NativeECLibrary)) {
+ System.err.println("Unable to pass PRNG seed to a non-native library without specifying either key-size, named curve or curve name options.");
+ return;
}
if (cli.hasOption("generate.time-source")) {
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java
index e8a4d30..0a7ea8c 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java
@@ -25,4 +25,16 @@ public class BouncyCastleLib extends ProviderECLibrary {
}
return result;
}
+
+ @Override
+ public boolean supportsDeterministicPRNG() {
+ return true;
+ }
+
+ @Override
+ public boolean setupDeterministicPRNG(byte[] seed) {
+ // This is done by passing the SecureRandom into the individual KeyPairGenerator, KeyAgreement and Signature
+ // instances. Thus, this does nothing.
+ return true;
+ }
}
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/SunECLib.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/SunECLib.java
index 7209dc3..c38300d 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/SunECLib.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/SunECLib.java
@@ -25,4 +25,16 @@ public class SunECLib extends ProviderECLibrary {
}
return result;
}
+
+ @Override
+ public boolean supportsDeterministicPRNG() {
+ return true;
+ }
+
+ @Override
+ public boolean setupDeterministicPRNG(byte[] seed) {
+ // This is done by passing the SecureRandom into the individual KeyPairGenerator, KeyAgreement and Signature
+ // instances. Thus, this does nothing.
+ return true;
+ }
}
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java
index 01c3a53..12a9f16 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java
@@ -129,7 +129,7 @@ public class StandaloneEdgeCasesSuite extends StandaloneTestSuite {
e.getKey().endsWith("r1") && e.getValue().getField() == javacard.security.KeyPair.ALG_EC_FP).map(Map.Entry::getValue).collect(Collectors.toList());
curves.add(EC_Store.getInstance().getObject(EC_Curve.class, "cofactor/cofactor128p2"));
curves.add(EC_Store.getInstance().getObject(EC_Curve.class, "cofactor/cofactor160p4"));
- Random rand = new Random();
+ Random rand = getRandom();
for (EC_Curve curve : curves) {
ECParameterSpec spec = curve.toSpec();
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java
index 284194c..3ce58e1 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java
@@ -4,6 +4,7 @@ import cz.crcs.ectester.common.cli.TreeCommandLine;
import cz.crcs.ectester.common.output.TestWriter;
import cz.crcs.ectester.common.test.TestSuite;
import cz.crcs.ectester.common.util.ByteUtil;
+import cz.crcs.ectester.common.util.Util;
import cz.crcs.ectester.standalone.ECTesterStandalone;
import cz.crcs.ectester.standalone.consts.Ident;
import cz.crcs.ectester.standalone.consts.KeyAgreementIdent;
@@ -34,7 +35,7 @@ public abstract class StandaloneTestSuite extends TestSuite {
} else {
seed = new SecureRandom().generateSeed(16);
}
- this.random = new SecureRandom(seed);
+ this.random = Util.getRandom(seed);
}
public ProviderECLibrary getLibrary() {
diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java
index fe954a8..1a18188 100644
--- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java
+++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java
@@ -96,7 +96,7 @@ public class StandaloneWrongSuite extends StandaloneTestSuite {
Map<String, EC_Curve> curveMap = EC_Store.getInstance().getObjects(EC_Curve.class, "secg");
List<EC_Curve> curves = curveMap.entrySet().stream().filter((e) -> e.getKey().endsWith("r1") &&
e.getValue().getField() == javacard.security.KeyPair.ALG_EC_FP).map(Map.Entry::getValue).collect(Collectors.toList());
- Random r = new Random();
+ Random r = getRandom();
for (EC_Curve curve : curves) {
short bits = curve.getBits();
final byte[] originalp = curve.getParam(EC_Consts.PARAMETER_FP)[0];
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 09:13:46 +0000