aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--!uploader/ectester.capbin14353 -> 14586 bytes
-rw-r--r--dist/ECTester.jarbin322457 -> 323844 bytes
-rw-r--r--src/cz/crcs/ectester/applet/ECKeyGenerator.java12
-rw-r--r--src/cz/crcs/ectester/applet/ECKeyTester.java27
-rw-r--r--src/cz/crcs/ectester/applet/ECTesterApplet.java8
-rw-r--r--src/cz/crcs/ectester/applet/ECUtil.java24
-rw-r--r--src/cz/crcs/ectester/applet/EC_Consts.java1
-rw-r--r--src/cz/crcs/ectester/data/EC_Store.java23
-rw-r--r--src/cz/crcs/ectester/data/schema.xsd4
-rw-r--r--src/cz/crcs/ectester/data/test/results.xml10
-rw-r--r--src/cz/crcs/ectester/reader/ECTester.java5
-rw-r--r--src/cz/crcs/ectester/reader/Response.java4
-rw-r--r--src/cz/crcs/ectester/reader/TestSuite.java1
-rw-r--r--src/cz/crcs/ectester/reader/Util.java18
14 files changed, 103 insertions, 34 deletions
diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap
index 1e7235d..ea66c8f 100644
--- a/!uploader/ectester.cap
+++ b/!uploader/ectester.cap
Binary files differ
diff --git a/dist/ECTester.jar b/dist/ECTester.jar
index 58f44b9..adfa6d4 100644
--- a/dist/ECTester.jar
+++ b/dist/ECTester.jar
Binary files differ
diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java
index a36bd0c..a602ab1 100644
--- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java
+++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java
@@ -40,7 +40,7 @@ public class ECKeyGenerator {
public short clearPair(KeyPair keypair, byte key) {
try {
- sw = ECUtil.nullCheck(keypair);
+ sw = ECUtil.keypairCheck(keypair);
if ((key & EC_Consts.KEY_PUBLIC) != 0) keypair.getPublic().clearKey();
if ((key & EC_Consts.KEY_PRIVATE) != 0) keypair.getPrivate().clearKey();
} catch (CardRuntimeException ce) {
@@ -55,7 +55,7 @@ public class ECKeyGenerator {
*/
public short generatePair(KeyPair keypair) {
try {
- sw = ECUtil.nullCheck(keypair);
+ sw = ECUtil.keypairCheck(keypair);
keypair.genKeyPair();
} catch (CardRuntimeException ce) {
sw = ce.getReason();
@@ -156,7 +156,7 @@ public class ECKeyGenerator {
*/
public short setParameter(KeyPair keypair, byte key, short param, byte[] data, short offset, short length) {
try {
- sw = ECUtil.nullCheck(keypair);
+ sw = ECUtil.keypairCheck(keypair);
ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
@@ -281,7 +281,7 @@ public class ECKeyGenerator {
public short exportParameter(KeyPair keypair, byte key, short param, byte[] outputBuffer, short outputOffset) {
short length = 0;
try {
- sw = ECUtil.nullCheck(keypair);
+ sw = ECUtil.keypairCheck(keypair);
ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic();
ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate();
@@ -390,8 +390,8 @@ public class ECKeyGenerator {
*/
public short copyCurve(KeyPair from, KeyPair to, short params, byte[] buffer, short offset) {
try {
- sw = ECUtil.nullCheck(from);
- sw = ECUtil.nullCheck(to);
+ sw = ECUtil.keypairCheck(from);
+ sw = ECUtil.keypairCheck(to);
short param = EC_Consts.PARAMETER_FP;
while (param <= EC_Consts.PARAMETER_K) {
diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java
index c4b58e0..aac4656 100644
--- a/src/cz/crcs/ectester/applet/ECKeyTester.java
+++ b/src/cz/crcs/ectester/applet/ECKeyTester.java
@@ -53,8 +53,9 @@ public class ECKeyTester {
private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
short length = 0;
try {
- sw = ECUtil.nullCheck(privatePair);
- sw = ECUtil.nullCheck(publicPair);
+ sw = ECUtil.kaCheck(ka);
+ sw = ECUtil.keypairCheck(privatePair);
+ sw = ECUtil.keypairCheck(publicPair);
ka.init(privatePair.getPrivate());
short pubkeyLength = ((ECPublicKey) publicPair.getPublic()).getW(pubkeyBuffer, pubkeyOffset);
@@ -113,7 +114,7 @@ public class ECKeyTester {
* @param corruption
* @return
*/
- public short testECDH_ECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
+ public short testBOTH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) {
short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
if (sw != ISO7816.SW_NO_ERROR) {
return ecdhLength;
@@ -131,6 +132,23 @@ public class ECKeyTester {
}
/**
+ *
+ * @param privatePair
+ * @param publicPair
+ * @param pubkeyBuffer
+ * @param pubkeyOffset
+ * @param outputBuffer
+ * @param outputOffset
+ * @param corruption
+ * @return
+ */
+ public short testANY(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[]outputBuffer, short outputOffset, byte corruption) {
+ short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
+ if (sw == ISO7816.SW_NO_ERROR)
+ return ecdhLength;
+ return testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption);
+ }
+ /**
* Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}.
* Then checks for correct signature length.
* Then tries verifying the data with {@code verifyKey}.
@@ -145,9 +163,10 @@ public class ECKeyTester {
* @return signature length
*/
public short testECDSA(ECPrivateKey signKey, ECPublicKey verifyKey, byte[] inputBuffer, short inputOffset, short inputLength, byte[] sigBuffer, short sigOffset) {
- sw = ISO7816.SW_NO_ERROR;
short length = 0;
try {
+ sw = ECUtil.signCheck(ecdsaSignature);
+
ecdsaSignature.init(signKey, Signature.MODE_SIGN);
length = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset);
diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java
index f802233..88d1b8c 100644
--- a/src/cz/crcs/ectester/applet/ECTesterApplet.java
+++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java
@@ -65,6 +65,9 @@ public class ECTesterApplet extends Applet {
public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1;
public static final short SW_DH_DHC_MISMATCH = (short) 0x0ee2;
public static final short SW_KEYPAIR_NULL = (short) 0x0ee3;
+ public static final short SW_KA_NULL = (short) 0x0ee4;
+ public static final short SW_SIGNATURE_NULL = (short) 0x0ee5;
+ public static final short SW_OBJECT_NULL = (short) 0x0ee6;
private static final short ARRAY_LENGTH = (short) 0xff;
@@ -558,7 +561,10 @@ public class ECTesterApplet extends Applet {
secretLength = keyTester.testECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
break;
case EC_Consts.KA_BOTH:
- secretLength = keyTester.testECDH_ECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
+ secretLength = keyTester.testBOTH(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption);
+ break;
+ case EC_Consts.KA_ANY:
+ secretLength = keyTester.testANY(priv, pub, ramArray, (short) 0, ramArray2, (short)0, corruption);
break;
default:
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
diff --git a/src/cz/crcs/ectester/applet/ECUtil.java b/src/cz/crcs/ectester/applet/ECUtil.java
index e7e4a8a..5d5c4d2 100644
--- a/src/cz/crcs/ectester/applet/ECUtil.java
+++ b/src/cz/crcs/ectester/applet/ECUtil.java
@@ -2,16 +2,34 @@ package cz.crcs.ectester.applet;
import javacard.framework.ISO7816;
import javacard.framework.ISOException;
+import javacard.security.KeyAgreement;
import javacard.security.KeyPair;
+import javacard.security.Signature;
/**
* @author Jan Jancar johny@neuromancer.sk
*/
public class ECUtil {
- static short nullCheck(KeyPair keyPair) {
- if (keyPair == null)
- ISOException.throwIt(ECTesterApplet.SW_KEYPAIR_NULL);
+ private static short nullCheck(Object obj, short sw) {
+ if (obj == null)
+ ISOException.throwIt(sw);
return ISO7816.SW_NO_ERROR;
}
+
+ static short objCheck(Object obj) {
+ return nullCheck(obj, ECTesterApplet.SW_OBJECT_NULL);
+ }
+
+ static short keypairCheck(KeyPair keyPair) {
+ return nullCheck(keyPair, ECTesterApplet.SW_KEYPAIR_NULL);
+ }
+
+ static short kaCheck(KeyAgreement keyAgreement) {
+ return nullCheck(keyAgreement, ECTesterApplet.SW_KA_NULL);
+ }
+
+ static short signCheck(Signature signature) {
+ return nullCheck(signature, ECTesterApplet.SW_SIGNATURE_NULL);
+ }
}
diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java
index 534d552..1334541 100644
--- a/src/cz/crcs/ectester/applet/EC_Consts.java
+++ b/src/cz/crcs/ectester/applet/EC_Consts.java
@@ -64,6 +64,7 @@ public class EC_Consts {
public static final byte KA_ECDH = 0x01;
public static final byte KA_ECDHC = 0x02;
public static final byte KA_BOTH = KA_ECDH | KA_ECDHC;
+ public static final byte KA_ANY = 0x04;
public static RandomData randomData = null;
diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java
index ccd3586..906eb8d 100644
--- a/src/cz/crcs/ectester/data/EC_Store.java
+++ b/src/cz/crcs/ectester/data/EC_Store.java
@@ -227,11 +227,22 @@ public class EC_Store {
descs = descc.item(0).getTextContent();
}
- byte kab;
- if (ka.getTextContent().equals("DH")) {
- kab = EC_Consts.KA_ECDH;
- } else {
- kab = EC_Consts.KA_ECDHC;
+ byte kab = EC_Consts.KA_ANY;
+ switch (ka.getTextContent()) {
+ case "DH":
+ case "ECDH":
+ kab = EC_Consts.KA_ECDH;
+ break;
+ case "DHC":
+ case "ECDHC":
+ kab = EC_Consts.KA_ECDHC;
+ break;
+ case "ANY":
+ kab = EC_Consts.KA_ANY;
+ break;
+ case "BOTH":
+ kab = EC_Consts.KA_BOTH;
+ break;
}
EC_KAResult kaResult = new EC_KAResult(id.getTextContent(), kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs);
@@ -254,7 +265,7 @@ public class EC_Store {
}
private EC_Params parseKeylike(String dir, Element elem) throws SAXException, IOException {
- Node file = elem.getElementsByTagName("file").item(0);
+ Node id = elem.getElementsByTagName("id").item(0);
Node curve = elem.getElementsByTagName("curve").item(0);
NodeList desc = elem.getElementsByTagName("desc");
diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd
index 33b9acd..2fe7892 100644
--- a/src/cz/crcs/ectester/data/schema.xsd
+++ b/src/cz/crcs/ectester/data/schema.xsd
@@ -61,7 +61,11 @@
<xs:simpleType name="kaType">
<xs:restriction base="xs:string">
<xs:enumeration value="DH"/>
+ <xs:enumeration value="ECDH"/>
<xs:enumeration value="DHC"/>
+ <xs:enumeration value="ECDHC"/>
+ <xs:enumeration value="BOTH"/>
+ <xs:enumeration value="ANY"/>
</xs:restriction>
</xs:simpleType>
diff --git a/src/cz/crcs/ectester/data/test/results.xml b/src/cz/crcs/ectester/data/test/results.xml
index e382cd4..1146500 100644
--- a/src/cz/crcs/ectester/data/test/results.xml
+++ b/src/cz/crcs/ectester/data/test/results.xml
@@ -133,7 +133,7 @@
</result>
<result>
<id>p192-dhc</id>
- <ka>DHC</ka>
+ <ka>ANY</ka>
<file>nist/p192-dhc-sha1.csv</file>
<curve>nist/P-192</curve>
<onekey>test/p192-A</onekey>
@@ -141,7 +141,7 @@
</result>
<result>
<id>p224-dhc</id>
- <ka>DHC</ka>
+ <ka>ANY</ka>
<file>nist/p224-dhc-sha1.csv</file>
<curve>nist/P-224</curve>
<onekey>test/p224-A</onekey>
@@ -149,7 +149,7 @@
</result>
<result>
<id>p256-dhc</id>
- <ka>DHC</ka>
+ <ka>ANY</ka>
<file>nist/p256-dhc-sha1.csv</file>
<curve>nist/P-256</curve>
<onekey>test/p256-A</onekey>
@@ -157,7 +157,7 @@
</result>
<result>
<id>p384-dhc</id>
- <ka>DHC</ka>
+ <ka>ANY</ka>
<file>nist/p384-dhc-sha1.csv</file>
<curve>nist/P-384</curve>
<onekey>test/p384-A</onekey>
@@ -165,7 +165,7 @@
</result>
<result>
<id>p521-dhc</id>
- <ka>DHC</ka>
+ <ka>ANY</ka>
<file>nist/p521-dhc-sha1.csv</file>
<curve>nist/P-521</curve>
<onekey>test/p521-A</onekey>
diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java
index 8afda17..9191b70 100644
--- a/src/cz/crcs/ectester/reader/ECTester.java
+++ b/src/cz/crcs/ectester/reader/ECTester.java
@@ -471,10 +471,7 @@ public class ECTester {
List<Response> test = Command.sendAll(commands);
if (suite != null) {
- List<Test> tests = suite.run(cardManager);
- for (Test t : tests) {
- System.out.println(t);
- }
+ suite.run(cardManager);
}
systemOutLogger.println(Response.toString(test, cfg.testSuite));
diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java
index e5b8c1c..89dce9c 100644
--- a/src/cz/crcs/ectester/reader/Response.java
+++ b/src/cz/crcs/ectester/reader/Response.java
@@ -140,9 +140,7 @@ public abstract class Response {
out.append(prefix);
String message = r.toString();
- String full = r.toString(message);
-
- out.append(full);
+ out.append(message);
if (i < responses.size() - 1) {
out.append("\n");
}
diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java
index 892e853..56e0a4a 100644
--- a/src/cz/crcs/ectester/reader/TestSuite.java
+++ b/src/cz/crcs/ectester/reader/TestSuite.java
@@ -63,6 +63,7 @@ public abstract class TestSuite {
}
public static class TestVectors extends TestSuite {
+
public TestVectors(EC_Store dataStore, ECTester.Config cfg) {
super(dataStore, cfg, "test");
}
diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java
index 3a6a8ae..6fe3b8e 100644
--- a/src/cz/crcs/ectester/reader/Util.java
+++ b/src/cz/crcs/ectester/reader/Util.java
@@ -157,6 +157,9 @@ public class Util {
case ECTesterApplet.SW_SIG_VERIFY_FAIL:
case ECTesterApplet.SW_DH_DHC_MISMATCH:
case ECTesterApplet.SW_KEYPAIR_NULL:
+ case ECTesterApplet.SW_KA_NULL:
+ case ECTesterApplet.SW_SIGNATURE_NULL:
+ case ECTesterApplet.SW_OBJECT_NULL:
return "ECTesterApplet";
default:
return "?";
@@ -259,6 +262,15 @@ public class Util {
case ECTesterApplet.SW_KEYPAIR_NULL:
str = "KEYPAIR_NULL";
break;
+ case ECTesterApplet.SW_KA_NULL:
+ str = "KA_NULL";
+ break;
+ case ECTesterApplet.SW_SIGNATURE_NULL:
+ str = "SIGNATURE_NULL";
+ break;
+ case ECTesterApplet.SW_OBJECT_NULL:
+ str = "OBJECT_NULL";
+ break;
default:
str = "unknown";
break;
@@ -303,13 +315,15 @@ public class Util {
public static String getKA(byte ka) {
String algo = "";
- if ((ka & EC_Consts.KA_ECDH) != 0) {
+ if ((ka & EC_Consts.KA_ECDH) != 0 || ka == EC_Consts.KA_ANY) {
algo += "ECDH";
}
if (ka == EC_Consts.KA_BOTH) {
algo += "+";
+ } else if (ka == EC_Consts.KA_ANY) {
+ algo += "/";
}
- if ((ka & EC_Consts.KA_ECDHC) != 0) {
+ if ((ka & EC_Consts.KA_ECDHC) != 0 || ka == EC_Consts.KA_ANY) {
algo += "ECDHC";
}
return algo;
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 21:00:01 +0000