diff options
| -rw-r--r-- | docs/CURVES.md | 7 | ||||
| -rw-r--r-- | docs/TESTS.md | 17 |
2 files changed, 22 insertions, 2 deletions
diff --git a/docs/CURVES.md b/docs/CURVES.md index a0454a3..78a5a4c 100644 --- a/docs/CURVES.md +++ b/docs/CURVES.md @@ -71,4 +71,9 @@ Generate manually using [PARI/GP](http://pari.math.u-bordeaux.fr/). ### cofactor Contains curves that are composite order, with points not on the subgroup generated by the generator. -Generated using [ecgen](https://github.com/J08nY/ecgen).
\ No newline at end of file +Generated using [ecgen](https://github.com/J08nY/ecgen). + +## Other + +### Wycheproof +Contains some test vectors from the [google/Wycheproof](https://github.com/google/wycheproof) project.
\ No newline at end of file diff --git a/docs/TESTS.md b/docs/TESTS.md index d2c3ab5..ebb8150 100644 --- a/docs/TESTS.md +++ b/docs/TESTS.md @@ -9,8 +9,9 @@ - `twist`* - `degenerate`* - `cofactor`* + - `edge-cases`* -**\*NOTE: The `wrong`, `composite`, `invalid`,`twist`, `cofactor` and `degenerate` test suites caused temporary/permanent DoS of some cards. These test suites prompt you for +**\*NOTE: The `wrong`, `composite`, `invalid`,`twist`, `cofactor`, `edge-cases` and `degenerate` test suites caused temporary/permanent DoS of some cards. These test suites prompt you for confirmation before running, be cautious.** ## Default @@ -132,4 +133,18 @@ during ECDH. For example: ```bash java -jar ECTester.jar -t cofactor +``` + +## Edge-Cases +Tests various inputs to ECDH which may cause an implementation to achieve a certain edge-case state during ECDH. +Some of the data is from the google/Wycheproof project. Tests include [CVE-2017-10176](https://nvd.nist.gov/vuln/detail/CVE-2017-10176) and [CVE-2017-8932](https://nvd.nist.gov/vuln/detail/CVE-2017-8932). + +CVE-2017-10176 was in implementation issue in the SunEC Java library that caused the implementation to reach the point at infinity during ECDH computation. + +CVE-2017-8932 was an implementation issue in the Go standard library, in particular its scalar multiplication algorithm on the +P-256 curve which leaked information about the private key. + +For example: +```bash +java -jar ECTester.jar -t edge-cases ```
\ No newline at end of file |