diff options
61 files changed, 3142 insertions, 1169 deletions
@@ -24,6 +24,7 @@ /dist/*.degenerate /dist/*.edge-cases /dist/*.xml +/dist/*.yml # Built binaries in /src. /src/**/*.a @@ -34,3 +35,6 @@ /src/**/*.exp /src/**/*.lib /src/**/*.pdb + +# Python stuff +/util/__pycache__/
\ No newline at end of file @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2016-2018 +Copyright (c) 2016-2019 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -53,18 +53,18 @@ See `java -jar ECTesterReader.jar -h`, `java -jar ECTesterReader.jar -ls` and [D -t,--test <test_suite[:from[:to]]> Test ECC support. Optionally specify a test number to run only a part of a test suite. <test_suite>: - - default: - - compression: - - invalid: - - twist: - - degenerate: - - cofactor: - - wrong: - - signature: - - composite: - - test-vectors: - - edge-cases: - - miscellaneous: + - default + - compression + - invalid + - twist + - degenerate + - cofactor + - wrong + - signature + - composite + - test-vectors + - edge-cases + - miscellaneous -dh,--ecdh <count> Do EC KeyAgreement (ECDH...), [count] times. -dsa,--ecdsa <count> Sign data with ECDSA, [count] times. @@ -109,12 +109,21 @@ See `java -jar ECTesterReader.jar -h`, `java -jar ECTesterReader.jar -ls` and [D running command in dry run mode and normal mode, and subtracting the two. + --time-unit <unit> Use given time unit in measurement, + one of: milli, micro, nano. --cleanup Send the cleanup command trigerring JCSystem.requestObjectDeletion() after some operations. -s,--simulate Simulate a card with jcardsim instead of using a terminal. -y,--yes Accept all warnings and prompts. + -to,--test-options <options> Test options to use: + - preset: Use preset semi-random + private keys (derived from curve) + instead of generating keypairs on + the cards when the test needs one. + - random: Use fully random private + keys instead of generating keypairs. -ka,--ka-type <type> Set KeyAgreement object [type], corresponds to JC.KeyAgreement constants. @@ -198,7 +207,8 @@ Lists the implemented test suites and gives their short description. Get and print ECTester applet info from an applet installed on a card. Outputs: - + - Card ATR + - Negotiated protocol (T=0/T=1) - ECTester applet version - ECTester APDU support (basic/extended APDU) - JavaCard API version diff --git a/build-applet.xml b/build-applet.xml index cfd95e6..5c8da5c 100644 --- a/build-applet.xml +++ b/build-applet.xml @@ -16,13 +16,13 @@ <!-- applet properties --> <property name="pkg_aid" value="4543546573746572"/> - <property name="applet_aid" value="45435465737465723031"/> + <property name="applet_aid_221" value="454354657374657230333262"/> <!--// VERSION v0.3.2 --> + <property name="applet_aid_222" value="454354657374657230333278"/> <!--// VERSION v0.3.2 --> <property name="cap_221" value="ectester221.cap"/> <property name="cap_222" value="ectester222.cap"/> <property name="cap" value="${cap_222}"/> - <condition property="cap_extended"> <equals arg1="${cap}" arg2="${cap_222}"/> </condition> @@ -42,8 +42,8 @@ <target name="build-221" description="Builds the CAP file for JavaCard 2.2.1." unless="cap_extended"> <javacard jckit="${JC221}"> - <cap output="applet/ectester221.cap" sources="src/cz/crcs/ectester/applet" aid="${pkg_aid}" excludes="ECTesterAppletExtended.*"> - <applet class="cz.crcs.ectester.applet.ECTesterApplet" aid="${applet_aid}"/> + <cap verify="false" output="applet/ectester221.cap" sources="src/cz/crcs/ectester/applet" aid="${pkg_aid}" excludes="ECTesterAppletExtended.*"> + <applet class="cz.crcs.ectester.applet.ECTesterApplet" aid="${applet_aid_221}"/> </cap> </javacard> </target> @@ -51,7 +51,7 @@ <target name="build-222" description="Builds the CAP file for JavaCard 2.2.2." if="cap_extended"> <javacard jckit="${JC222}"> <cap output="applet/ectester222.cap" sources="src/cz/crcs/ectester/applet" aid="${pkg_aid}" excludes="ECTesterApplet.*"> - <applet class="cz.crcs.ectester.applet.ECTesterAppletExtended" aid="${applet_aid}"/> + <applet class="cz.crcs.ectester.applet.ECTesterAppletExtended" aid="${applet_aid_222}"/> </cap> </javacard> </target> @@ -10,6 +10,9 @@ <ant antfile="build-reader.xml" target="package"/> <ant antfile="build-standalone.xml" target="package"/> </target> + <target name="upload"> + <ant antfile="build-applet.xml" target="upload"/> + </target> <target name="clean"> <ant antfile="build-applet.xml" target="clean"/> <ant antfile="build-reader.xml" target="clean"/> diff --git a/docs/LIBS.md b/docs/LIBS.md index d41f98a..7cd8e3e 100644 --- a/docs/LIBS.md +++ b/docs/LIBS.md @@ -1,6 +1,6 @@ # Libraries with ECC support -Popular libraries with at least some ECC support: +Popular libraries with at least some ECC support, that ECTester does not yet support: - [NSS](https://hg.mozilla.org/projects/nss) - [mbedTLS](https://tls.mbed.org/) @@ -55,8 +55,11 @@ Libraries that ECTester can test. - Uses Lopez-Dahab (Montgomery) ladder, XZ coordinates (ec2_mont.c): Fast multiplication on elliptic curves over GF(2^m) without precomputation (Algorithm 2P) - Contains an implementation of IEEE P1363 algorithm A.10.3 using affine coordinates (ec2_aff.c) - Has some custom arithmetic for some of the NIST primes. - - [WolfCrypt](https://www.wolfssl.com) + - [WolfCrypt(WolfSSL)](https://www.wolfssl.com) - C + Java + - Prime field curves only. + - Jacobian coordinates: + - Uses sliding window scalar multiplication, (discards `b` parameter of curve), but validates points. - [OpenSSL](https://www.openssl.org/) - C - For prime field curves: diff --git a/src/cz/crcs/ectester/applet/AppletBase.java b/src/cz/crcs/ectester/applet/AppletBase.java index 199d76c..7e79dd6 100644 --- a/src/cz/crcs/ectester/applet/AppletBase.java +++ b/src/cz/crcs/ectester/applet/AppletBase.java @@ -3,6 +3,13 @@ package cz.crcs.ectester.applet; import javacard.framework.*; import javacard.security.*; +/** + * Applet base class, that handles instructions, given + * either basic or extended length APDUs. + * + * @author Petr Svenda petr@svenda.com + * @author Jan Jancar johny@neuromancer.sk + */ public abstract class AppletBase extends Applet { // MAIN INSTRUCTION CLASS @@ -25,6 +32,8 @@ public abstract class AppletBase extends Applet { public static final byte INS_ALLOCATE_SIG = (byte) 0x77; public static final byte INS_GET_INFO = (byte) 0x78; public static final byte INS_SET_DRY_RUN_MODE = (byte) 0x79; + public static final byte INS_BUFFER = (byte) 0x7a; + public static final byte INS_PERFORM = (byte) 0x7b; // PARAMETERS for P1 and P2 public static final byte KEYPAIR_LOCAL = (byte) 0x01; @@ -42,6 +51,7 @@ public abstract class AppletBase extends Applet { public static final short SW_KA_NULL = (short) 0x0ee4; public static final short SW_SIGNATURE_NULL = (short) 0x0ee5; public static final short SW_OBJECT_NULL = (short) 0x0ee6; + public static final short SW_CANNOT_FIT = (short) 0x0ee7; public static final short SW_Exception = (short) 0xff01; public static final short SW_ArrayIndexOutOfBoundsException = (short) 0xff02; public static final short SW_ArithmeticException = (short) 0xff03; @@ -59,6 +69,10 @@ public abstract class AppletBase extends Applet { public static final short BASE_222 = (short) 0x0222; // + public static final short CDATA_BASIC = (short) 5; + public static final short CDATA_EXTENDED = (short) 7; + + // public static final byte[] VERSION = {'v', '0', '.', '3', '.', '2'}; public static final short ARRAY_LENGTH = 0x100; @@ -68,6 +82,8 @@ public abstract class AppletBase extends Applet { byte[] ramArray = null; byte[] ramArray2 = null; byte[] apduArray = null; + short apduEnd = 0; + short cdata = 0; RandomData randomData = null; @@ -87,10 +103,13 @@ public abstract class AppletBase extends Applet { // go to proprietary data dataOffset++; */ + short resetMemory = JCSystem.getAvailableMemory(JCSystem.MEMORY_TYPE_TRANSIENT_RESET); + short deselectMemory = JCSystem.getAvailableMemory(JCSystem.MEMORY_TYPE_TRANSIENT_DESELECT); + byte memoryType = (resetMemory >= deselectMemory) ? JCSystem.CLEAR_ON_RESET : JCSystem.CLEAR_ON_DESELECT; - ramArray = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); - ramArray2 = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); - apduArray = JCSystem.makeTransientByteArray(APDU_MAX_LENGTH, JCSystem.CLEAR_ON_RESET); + ramArray = JCSystem.makeTransientByteArray(ARRAY_LENGTH, memoryType); + ramArray2 = JCSystem.makeTransientByteArray(ARRAY_LENGTH, memoryType); + apduArray = JCSystem.makeTransientByteArray(APDU_MAX_LENGTH, memoryType); randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); EC_Consts.randomData = randomData; @@ -113,7 +132,27 @@ public abstract class AppletBase extends Applet { if (cla == CLA_ECTESTERAPPLET) { try { - readAPDU(apdu, apduArray, APDU_MAX_LENGTH); + if (ins == INS_BUFFER) { + short read = readAPDU(apdu, true); + if (read == -1) { + ISOException.throwIt(SW_CANNOT_FIT); + return; + } + apduEnd += read; + apdu.setOutgoingAndSend((short) 0, (short) 0); + return; + } else { + apduEnd = 0; + if (ins == INS_PERFORM) { + ins = apduArray[ISO7816.OFFSET_INS]; + apdu.setIncomingAndReceive(); + } else { + if (readAPDU(apdu, false) == -1) { + ISOException.throwIt(SW_CANNOT_FIT); + return; + } + } + } short length = 0; switch (ins) { @@ -201,22 +240,40 @@ public abstract class AppletBase extends Applet { } else ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED); } - private void readAPDU(APDU apdu, byte[] buffer, short length) { + private short readAPDU(APDU apdu, boolean skipHeader) { + byte[] apduBuffer = apdu.getBuffer(); + + /* How much stuff is in apduBuffer */ short read = apdu.setIncomingAndReceive(); - read += getOffsetCdata(apdu); - short total = getIncomingLength(apdu); - if (total > length) { - return; + short cdataOffset = getOffsetCdata(apdu); + read += cdataOffset; + + /* Where to start reading from? */ + short offset = 0; + if (skipHeader) { + offset = cdataOffset; + cdata = CDATA_EXTENDED; + } else { + cdata = CDATA_BASIC; } - byte[] apduBuffer = apdu.getBuffer(); - short sum = 0; + /* How much stuff was really sent in this APDU? */ + short total = (short) (getIncomingLength(apdu) + cdataOffset); + short todo = (short) (total - offset); + /* Can we fit? */ + if (todo > (short) (apduArray.length - apduEnd)) { + return -1; + } - do { - Util.arrayCopyNonAtomic(apduBuffer, (short) 0, buffer, sum, read); - sum += read; + /* How much stuff was copied over. */ + short written = 0; + while (written < todo) { + Util.arrayCopyNonAtomic(apduBuffer, offset, apduArray, (short) (apduEnd + written), (short) (read - offset)); + written += (short) (read - offset); + offset = 0; read = apdu.receiveBytes((short) 0); - } while (sum < total); + } + return written; } abstract short getOffsetCdata(APDU apdu); @@ -232,7 +289,6 @@ public abstract class AppletBase extends Applet { * @return length of response */ private short insAllocateKA(APDU apdu) { - short cdata = getOffsetCdata(apdu); byte kaType = apduArray[cdata]; short sw = keyTester.allocateKA(kaType); Util.setShort(apdu.getBuffer(), (short) 0, sw); @@ -246,7 +302,6 @@ public abstract class AppletBase extends Applet { * @return length of response */ private short insAllocateSig(APDU apdu) { - short cdata = getOffsetCdata(apdu); byte sigType = apduArray[cdata]; short sw = keyTester.allocateSig(sigType); Util.setShort(apdu.getBuffer(), (short) 0, sw); @@ -265,7 +320,6 @@ public abstract class AppletBase extends Applet { */ private short insAllocate(APDU apdu) { byte keyPair = apduArray[ISO7816.OFFSET_P1]; - short cdata = getOffsetCdata(apdu); short keyLength = Util.getShort(apduArray, cdata); byte keyClass = apduArray[(short) (cdata + 2)]; @@ -311,7 +365,6 @@ public abstract class AppletBase extends Applet { private short insSet(APDU apdu) { byte keyPair = apduArray[ISO7816.OFFSET_P1]; byte curve = apduArray[ISO7816.OFFSET_P2]; - short cdata = getOffsetCdata(apdu); short params = Util.getShort(apduArray, cdata); short len = 0; @@ -339,7 +392,6 @@ public abstract class AppletBase extends Applet { private short insTransform(APDU apdu) { byte keyPair = apduArray[ISO7816.OFFSET_P1]; byte key = apduArray[ISO7816.OFFSET_P2]; - short cdata = getOffsetCdata(apdu); short params = Util.getShort(apduArray, cdata); short transformation = Util.getShort(apduArray, (short) (cdata + 2)); @@ -388,7 +440,6 @@ public abstract class AppletBase extends Applet { private short insExport(APDU apdu) { byte keyPair = apduArray[ISO7816.OFFSET_P1]; byte key = apduArray[ISO7816.OFFSET_P2]; - short cdata = getOffsetCdata(apdu); short params = Util.getShort(apduArray, cdata); short swOffset = 0; @@ -419,7 +470,6 @@ public abstract class AppletBase extends Applet { private short insECDH(APDU apdu) { byte pubkey = apduArray[ISO7816.OFFSET_P1]; byte privkey = apduArray[ISO7816.OFFSET_P2]; - short cdata = getOffsetCdata(apdu); byte export = apduArray[cdata]; short transformation = Util.getShort(apduArray, (short) (cdata + 1)); byte type = apduArray[(short) (cdata + 3)]; @@ -441,7 +491,6 @@ public abstract class AppletBase extends Applet { private short insECDH_direct(APDU apdu) { byte privkey = apduArray[ISO7816.OFFSET_P1]; byte export = apduArray[ISO7816.OFFSET_P2]; - short cdata = getOffsetCdata(apdu); short transformation = Util.getShort(apduArray, cdata); byte type = apduArray[(short) (cdata + 2)]; short length = Util.getShort(apduArray, (short) (cdata + 3)); @@ -463,7 +512,6 @@ public abstract class AppletBase extends Applet { private short insECDSA(APDU apdu) { byte keyPair = apduArray[ISO7816.OFFSET_P1]; byte export = apduArray[ISO7816.OFFSET_P2]; - short cdata = getOffsetCdata(apdu); byte sigType = apduArray[cdata]; short len = 0; @@ -488,7 +536,6 @@ public abstract class AppletBase extends Applet { private short insECDSA_sign(APDU apdu) { byte keyPair = apduArray[ISO7816.OFFSET_P1]; byte export = apduArray[ISO7816.OFFSET_P2]; - short cdata = getOffsetCdata(apdu); byte sigType = apduArray[cdata]; short len = 0; @@ -513,7 +560,6 @@ public abstract class AppletBase extends Applet { private short insECDSA_verify(APDU apdu) { byte keyPair = apduArray[ISO7816.OFFSET_P1]; byte sigType = apduArray[ISO7816.OFFSET_P2]; - short cdata = getOffsetCdata(apdu); short len = 0; if ((keyPair & KEYPAIR_LOCAL) != 0) { diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index 41bee9b..e9e7235 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -1,6 +1,7 @@ /* * ECTester, tool for testing Elliptic curve cryptography implementations. - * Copyright (c) 2016-2018 Petr Svenda <petr@svenda.com> + * Copyright (c) 2016-2019 Petr Svenda <petr@svenda.com> + * Copyright (c) 2016-2019 Jan Jancar <johny@neuromancer.sk> * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -22,7 +23,7 @@ */ /* * PACKAGEID: 4543546573746572 - * APPLETID: 45435465737465723031 + * APPLETID: 454354657374657230333262 // VERSION v0.3.2 */ package cz.crcs.ectester.applet; @@ -53,7 +54,7 @@ public class ECTesterApplet extends AppletBase { short getIncomingLength(APDU apdu) { byte[] apduBuffer = apdu.getBuffer(); - return apduBuffer[ISO7816.OFFSET_LC]; + return (short) (0xff & apduBuffer[ISO7816.OFFSET_LC]); } short getBase() { diff --git a/src/cz/crcs/ectester/applet/ECTesterAppletExtended.java b/src/cz/crcs/ectester/applet/ECTesterAppletExtended.java index 83e0851..cbbe650 100644 --- a/src/cz/crcs/ectester/applet/ECTesterAppletExtended.java +++ b/src/cz/crcs/ectester/applet/ECTesterAppletExtended.java @@ -1,6 +1,7 @@ /* * ECTester, tool for testing Elliptic curve cryptography implementations. - * Copyright (c) 2016-2018 Petr Svenda <petr@svenda.com> + * Copyright (c) 2016-2019 Petr Svenda <petr@svenda.com> + * Copyright (c) 2016-2019 Jan Jancar <johny@neuromancer.sk> * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -22,11 +23,13 @@ */ /* * PACKAGEID: 4543546573746572 - * APPLETID: 45435465737465723031 + * APPLETID: 454354657374657230333278 // VERSION v0.3.2 */ package cz.crcs.ectester.applet; import javacard.framework.APDU; +import javacard.framework.CardRuntimeException; +import javacard.framework.ISO7816; import javacard.framework.ISOException; import javacardx.apdu.ExtendedLength; diff --git a/src/cz/crcs/ectester/common/ec/EC_Category.java b/src/cz/crcs/ectester/common/ec/EC_Category.java index 1eb818f..154403e 100644 --- a/src/cz/crcs/ectester/common/ec/EC_Category.java +++ b/src/cz/crcs/ectester/common/ec/EC_Category.java @@ -2,10 +2,8 @@ package cz.crcs.ectester.common.ec; import cz.crcs.ectester.common.cli.Colors; -import java.util.Collections; -import java.util.Map; -import java.util.Objects; -import java.util.TreeMap; +import java.util.*; +import java.util.stream.Collectors; /** * A category of EC_Data objects, has a name, description and represents a directory in @@ -78,28 +76,17 @@ public class EC_Category { out.append("\t- ").append(Colors.bold(name)).append((desc == null || desc.equals("")) ? "" : ": " + desc); out.append(System.lineSeparator()); - Map<String, EC_Curve> curves = getObjects(EC_Curve.class); - int size = curves.size(); - if (size > 0) { - out.append(Colors.bold("\t\tCurves: ")); - for (Map.Entry<String, EC_Curve> curve : curves.entrySet()) { - out.append(curve.getKey()); - size--; - if (size > 0) - out.append(", "); - } - out.append(System.lineSeparator()); - } - - String[] headers = new String[]{"Public keys", "Private keys", "KeyPairs", "Results(KA)", "Results(SIG)"}; - Class<EC_Data>[] classes = new Class[]{EC_Key.Public.class, EC_Key.Private.class, EC_Keypair.class, EC_KAResult.class, EC_SigResult.class}; + String[] headers = new String[]{"Curves", "Public keys", "Private keys", "KeyPairs", "Results(KA)", "Results(SIG)"}; + Class<EC_Data>[] classes = new Class[]{EC_Curve.class, EC_Key.Public.class, EC_Key.Private.class, EC_Keypair.class, EC_KAResult.class, EC_SigResult.class}; for (int i = 0; i < headers.length; ++i) { Map<String, EC_Data> data = getObjects(classes[i]); - size = data.size(); + int size = data.size(); if (size > 0) { out.append(Colors.bold(String.format("\t\t%s: ", headers[i]))); - for (Map.Entry<String, EC_Data> key : data.entrySet()) { - out.append(key.getKey()); + List<EC_Data> sorted = new ArrayList<>(data.values()); + Collections.sort(sorted); + for (EC_Data element : sorted) { + out.append(element.getId()); size--; if (size > 0) out.append(", "); diff --git a/src/cz/crcs/ectester/common/ec/EC_Curve.java b/src/cz/crcs/ectester/common/ec/EC_Curve.java index 6c0d060..d5d1516 100644 --- a/src/cz/crcs/ectester/common/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/common/ec/EC_Curve.java @@ -3,6 +3,7 @@ package cz.crcs.ectester.common.ec; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.common.util.ByteUtil; import javacard.security.KeyPair; +import org.bouncycastle.math.ec.ECCurve; import java.math.BigInteger; import java.security.spec.*; @@ -64,7 +65,12 @@ public class EC_Curve extends EC_Params { int e1 = ByteUtil.getShort(fieldData[1], 0); int e2 = ByteUtil.getShort(fieldData[2], 0); int e3 = ByteUtil.getShort(fieldData[3], 0); - int[] powers = new int[]{e1, e2, e3}; + int[] powers; + if (e2 == 0 && e3 == 0) { + powers = new int[]{e1}; + } else { + powers = new int[]{e1, e2, e3}; + } field = new ECFieldF2m(m, powers); } @@ -74,6 +80,28 @@ public class EC_Curve extends EC_Params { return new EllipticCurve(field, a, b); } + public ECCurve toBCCurve() { + if (this.field == KeyPair.ALG_EC_FP) { + BigInteger p = new BigInteger(1, getParam(EC_Consts.PARAMETER_FP)[0]); + BigInteger a = new BigInteger(1, getParam(EC_Consts.PARAMETER_A)[0]); + BigInteger b = new BigInteger(1, getParam(EC_Consts.PARAMETER_B)[0]); + BigInteger r = new BigInteger(1, getParam(EC_Consts.PARAMETER_R)[0]); + BigInteger k = new BigInteger(1, getParam(EC_Consts.PARAMETER_K)[0]); + return new ECCurve.Fp(p, a, b, r, k); + } else { + byte[][] fieldData = getParam(EC_Consts.PARAMETER_F2M); + int m = ByteUtil.getShort(fieldData[0], 0); + int e1 = ByteUtil.getShort(fieldData[1], 0); + int e2 = ByteUtil.getShort(fieldData[2], 0); + int e3 = ByteUtil.getShort(fieldData[3], 0); + BigInteger a = new BigInteger(1, getParam(EC_Consts.PARAMETER_A)[0]); + BigInteger b = new BigInteger(1, getParam(EC_Consts.PARAMETER_B)[0]); + BigInteger r = new BigInteger(1, getParam(EC_Consts.PARAMETER_R)[0]); + BigInteger k = new BigInteger(1, getParam(EC_Consts.PARAMETER_K)[0]); + return new ECCurve.F2m(m, e1, e2, e3, a, b, r, k); + } + } + public ECParameterSpec toSpec() { EllipticCurve curve = toCurve(); diff --git a/src/cz/crcs/ectester/common/output/BaseTextTestWriter.java b/src/cz/crcs/ectester/common/output/BaseTextTestWriter.java index 8ad50c7..5c449db 100644 --- a/src/cz/crcs/ectester/common/output/BaseTextTestWriter.java +++ b/src/cz/crcs/ectester/common/output/BaseTextTestWriter.java @@ -123,11 +123,12 @@ public abstract class BaseTextTestWriter implements TestWriter { private String errorString(Throwable error) { StringBuilder sb = new StringBuilder(); + sb.append("═══ Exception: ═══").append(System.lineSeparator()); for (Throwable t = error; t != null; t = t.getCause()) { sb.append("═══ ").append(t.toString()).append(" ═══"); sb.append(System.lineSeparator()); } - sb.append("═══ ═══").append(System.lineSeparator()); + sb.append("═══ Stack trace: ═══").append(System.lineSeparator()); for (StackTraceElement s : error.getStackTrace()) { sb.append("═══ ").append(s.toString()).append(" ═══"); sb.append(System.lineSeparator()); diff --git a/src/cz/crcs/ectester/common/util/ECUtil.java b/src/cz/crcs/ectester/common/util/ECUtil.java index 511f93f..d5e8006 100644 --- a/src/cz/crcs/ectester/common/util/ECUtil.java +++ b/src/cz/crcs/ectester/common/util/ECUtil.java @@ -9,20 +9,26 @@ import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERSequenceParser; import org.bouncycastle.crypto.digests.SHA1Digest; +import java.io.FileInputStream; import java.io.IOException; import java.math.BigInteger; import java.nio.charset.StandardCharsets; import java.security.KeyPair; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import java.security.interfaces.ECKey; import java.security.interfaces.ECPrivateKey; import java.security.interfaces.ECPublicKey; import java.security.spec.*; +import java.util.LinkedList; +import java.util.List; +import java.util.Random; /** * @author Jan Jancar johny@neuromancer.sk */ public class ECUtil { + private static Random rand = new Random(); public static byte[] toByteArray(BigInteger what, int bits) { byte[] raw = what.toByteArray(); @@ -95,7 +101,7 @@ public class ECUtil { private static boolean isResidue(BigInteger a, BigInteger p) { BigInteger exponent = p.subtract(BigInteger.ONE).divide(BigInteger.valueOf(2)); BigInteger result = a.modPow(exponent, p); - return result.intValueExact() == 1; + return result.equals(BigInteger.ONE); } private static BigInteger modSqrt(BigInteger a, BigInteger p) { @@ -192,7 +198,7 @@ public class ECUtil { } } - public static byte[] semiRandomKey(EC_Curve curve) { + private static byte[] hashCurve(EC_Curve curve) { int bytes = (curve.getBits() + 7) / 8; byte[] result = new byte[bytes]; SHA1Digest digest = new SHA1Digest(); @@ -207,19 +213,102 @@ public class ECUtil { written += toWrite; digest.update(dig, 0, dig.length); } + return result; + } + + public static EC_Params fullRandomKey(EC_Curve curve) { + int bytes = (curve.getBits() + 7) / 8; + byte[] result = new byte[bytes]; + rand.nextBytes(result); BigInteger priv = new BigInteger(1, result); BigInteger order = new BigInteger(1, curve.getParam(EC_Consts.PARAMETER_R)[0]); priv = priv.mod(order); - return toByteArray(priv, curve.getBits()); + return new EC_Params(EC_Consts.PARAMETER_S, new byte[][]{toByteArray(priv, curve.getBits())}); + } + + public static EC_Params fixedRandomKey(EC_Curve curve) { + byte[] hash = hashCurve(curve); + BigInteger priv = new BigInteger(1, hash); + BigInteger order = new BigInteger(1, curve.getParam(EC_Consts.PARAMETER_R)[0]); + priv = priv.mod(order); + return new EC_Params(EC_Consts.PARAMETER_S, new byte[][]{toByteArray(priv, curve.getBits())}); + } + + private static BigInteger computeRHS(BigInteger x, BigInteger a, BigInteger b, BigInteger p) { + BigInteger rhs = x.modPow(BigInteger.valueOf(3), p); + rhs = rhs.add(a.multiply(x)).mod(p); + rhs = rhs.add(b).mod(p); + return rhs; + } + + public static EC_Params fullRandomPoint(EC_Curve curve) { + EllipticCurve ecCurve = curve.toCurve(); + + BigInteger p; + if (ecCurve.getField() instanceof ECFieldFp) { + ECFieldFp fp = (ECFieldFp) ecCurve.getField(); + p = fp.getP(); + if (!p.isProbablePrime(20)) { + return null; + } + } else { + //TODO + return null; + } + BigInteger x; + BigInteger rhs; + do { + x = new BigInteger(ecCurve.getField().getFieldSize(), rand).mod(p); + rhs = computeRHS(x, ecCurve.getA(), ecCurve.getB(), p); + } while (!isResidue(rhs, p)); + BigInteger y = modSqrt(rhs, p); + if (rand.nextBoolean()) { + y = p.subtract(y); + } + + byte[] xArr = toByteArray(x, ecCurve.getField().getFieldSize()); + byte[] yArr = toByteArray(y, ecCurve.getField().getFieldSize()); + return new EC_Params(EC_Consts.PARAMETER_W, new byte[][]{xArr, yArr}); + } + + public static EC_Params fixedRandomPoint(EC_Curve curve) { + EllipticCurve ecCurve = curve.toCurve(); + + BigInteger p; + if (ecCurve.getField() instanceof ECFieldFp) { + ECFieldFp fp = (ECFieldFp) ecCurve.getField(); + p = fp.getP(); + if (!p.isProbablePrime(20)) { + return null; + } + } else { + //TODO + return null; + } + + BigInteger x = new BigInteger(1, hashCurve(curve)).mod(p); + BigInteger rhs = computeRHS(x, ecCurve.getA(), ecCurve.getB(), p); + while (!isResidue(rhs, p)) { + x = x.add(BigInteger.ONE).mod(p); + rhs = computeRHS(x, ecCurve.getA(), ecCurve.getB(), p); + } + BigInteger y = modSqrt(rhs, p); + if (y.bitCount() % 2 == 0) { + y = p.subtract(y); + } + + byte[] xArr = toByteArray(x, ecCurve.getField().getFieldSize()); + byte[] yArr = toByteArray(y, ecCurve.getField().getFieldSize()); + return new EC_Params(EC_Consts.PARAMETER_W, new byte[][]{xArr, yArr}); } - private static ECPoint toPoint(EC_Params params) { + public static ECPoint toPoint(EC_Params params) { return new ECPoint( new BigInteger(1, params.getParam(EC_Consts.PARAMETER_W)[0]), new BigInteger(1, params.getParam(EC_Consts.PARAMETER_W)[1])); } - private static BigInteger toScalar(EC_Params params) { + public static BigInteger toScalar(EC_Params params) { return new BigInteger(1, params.getParam(EC_Consts.PARAMETER_S)[0]); } @@ -273,11 +362,22 @@ public class ECUtil { public static BigInteger recoverSignatureNonce(byte[] signature, byte[] data, BigInteger privkey, ECParameterSpec params, String hashType) { try { int bitSize = params.getOrder().bitLength(); - MessageDigest md = MessageDigest.getInstance(hashType); - byte[] hash = md.digest(data); + // Hash the data. + byte[] hash; + if (hashType.equals("NONE")) { + hash = data; + } else { + MessageDigest md = MessageDigest.getInstance(hashType); + hash = md.digest(data); + } + // Trim bitSize of rightmost bits. BigInteger hashInt = new BigInteger(1, hash); - hashInt = hashInt.and(BigInteger.ONE.shiftLeft(bitSize + 1).subtract(BigInteger.ONE)); + int hashBits = hashInt.bitLength(); + if (hashBits > bitSize) { + hashInt = hashInt.shiftRight(hashBits - bitSize); + } + // Parse DERSignature BigInteger[] sigPair = fromDERSignature(signature); BigInteger r = sigPair[0]; BigInteger s = sigPair[1]; @@ -290,4 +390,75 @@ public class ECUtil { return null; } } + + public static EC_Params joinParams(EC_Params... params) { + List<EC_Params> paramList = new LinkedList<>(); + short paramMask = 0; + int len = 0; + for (EC_Params param : params) { + if (param == null) { + continue; + } + int i = 0; + for (; i + 1 < paramList.size(); ++i) { + if (paramList.get(i + 1).getParams() == param.getParams()) { + throw new IllegalArgumentException(); + } + if (paramList.get(i + 1).getParams() < param.getParams()) { + break; + } + } + paramList.add(i, param); + paramMask |= param.getParams(); + len += param.numParams(); + } + + byte[][] res = new byte[len][]; + int i = 0; + for (EC_Params param : params) { + for (byte[] data : param.getData()) { + res[i++] = data.clone(); + } + } + return new EC_Params(paramMask, res); + } + + public static EC_Params loadParams(short params, String named, String file) throws IOException { + EC_Params result = null; + if (file != null) { + result = new EC_Params(params); + + FileInputStream in = new FileInputStream(file); + result.readCSV(in); + in.close(); + } else if (named != null) { + if (params == EC_Consts.PARAMETER_W) { + result = EC_Store.getInstance().getObject(EC_Key.Public.class, named); + } else if (params == EC_Consts.PARAMETER_S) { + result = EC_Store.getInstance().getObject(EC_Key.Private.class, named); + } + + if (result == null) { + result = EC_Store.getInstance().getObject(EC_Keypair.class, named); + } + } + return result; + } + + public static ECKey loadKey(short params, String named, String file, ECParameterSpec spec) throws IOException { + if (params == EC_Consts.PARAMETERS_KEYPAIR) { + throw new IllegalArgumentException(); + } + EC_Params param = loadParams(params, named, file); + if (param != null) { + if (params == EC_Consts.PARAMETER_W) { + return new RawECPublicKey(toPoint(param), spec); + } else if (params == EC_Consts.PARAMETER_S) { + return new RawECPrivateKey(toScalar(param), spec); + } + } + return null; + } + + } diff --git a/src/cz/crcs/ectester/common/util/Util.java b/src/cz/crcs/ectester/common/util/Util.java new file mode 100644 index 0000000..7f18368 --- /dev/null +++ b/src/cz/crcs/ectester/common/util/Util.java @@ -0,0 +1,15 @@ +package cz.crcs.ectester.common.util; + +public class Util { + public static long convertTime(long nanos, String timeUnit) { + switch (timeUnit) { + default: + case "nano": + return nanos; + case "micro": + return nanos / 1000; + case "milli": + return nanos / 1000000; + } + } +} diff --git a/src/cz/crcs/ectester/data/cofactor/cofactor160p56467.csv b/src/cz/crcs/ectester/data/cofactor/cofactor160p56467.csv new file mode 100644 index 0000000..f5355bf --- /dev/null +++ b/src/cz/crcs/ectester/data/cofactor/cofactor160p56467.csv @@ -0,0 +1 @@ +0x9e1cee7f5d94e89ef3fd2495a5f441e4d0089761,0x652a7627dced8c162fe2550b47f3a0244e378343,0x534fba94f02ffd658a31473600f5ec9a105f8e9a,0x045ac019464f3462ea668abafb5e4132b3143015,0x2a7ee80b1b2077e5efe8be68363b96326db5379d,0x0000b781d03d6dbd8c8ac3d780a2924dcec0bfb7,0xdc93
\ No newline at end of file diff --git a/src/cz/crcs/ectester/data/cofactor/cofactor160p65521.csv b/src/cz/crcs/ectester/data/cofactor/cofactor160p65521.csv new file mode 100644 index 0000000..10e3605 --- /dev/null +++ b/src/cz/crcs/ectester/data/cofactor/cofactor160p65521.csv @@ -0,0 +1 @@ +0x9e1cee7f5d94e89ef3fbf9957f0cd8e42c99184b,0x9035f448a33d8ea2e07bb4d25235f9b537cda8ad,0x95c5b09f7e391ba56198394f6bef2f78d1988c6e,0x57fa57b33a0bf68349a6458cc4c31bdba1537923,0x1f1a0a3d7250ecd7aaccb90be7a5748099c7b398,0x00009e2632bc569dfbe0b62653897822ea67197d,0xfff1
\ No newline at end of file diff --git a/src/cz/crcs/ectester/data/cofactor/cofactor160p65535.csv b/src/cz/crcs/ectester/data/cofactor/cofactor160p65535.csv new file mode 100644 index 0000000..bd47372 --- /dev/null +++ b/src/cz/crcs/ectester/data/cofactor/cofactor160p65535.csv @@ -0,0 +1 @@ +0x9e1cee7f5d94e89ef3fc6e6bc13cd2ed3d5b1a59,0x75cb167293650be7c3be3dedb92f06f1d0200135,0x218e827ae606230fe9b076bf8beb5421cb467839,0x55ab2088b77a9f79e050a9f0de962090d1de4157,0x0add088122fda90ecb2e84eded3aba2bf6db1e2b,0x00009e1d8c9cea31d2d0c6cc6e17012be1873f03,0xffff
\ No newline at end of file diff --git a/src/cz/crcs/ectester/data/cofactor/curves.xml b/src/cz/crcs/ectester/data/cofactor/curves.xml index 0b8c52e..30204e8 100644 --- a/src/cz/crcs/ectester/data/cofactor/curves.xml +++ b/src/cz/crcs/ectester/data/cofactor/curves.xml @@ -62,6 +62,24 @@ <field>prime</field> <file>cofactor128p65535.csv</file> </curve> + <curve> + <id>large/cofactor160p56467</id> + <bits>160</bits> + <field>prime</field> + <file>cofactor160p56467.csv</file> + </curve> + <curve> + <id>large/cofactor160p65521</id> + <bits>160</bits> + <field>prime</field> + <file>cofactor160p65521.csv</file> + </curve> + <curve> + <id>large/cofactor160p65535</id> + <bits>160</bits> + <field>prime</field> + <file>cofactor160p65535.csv</file> + </curve> <curve> <id>cofactor160p2</id> diff --git a/src/cz/crcs/ectester/data/cofactor/keys.xml b/src/cz/crcs/ectester/data/cofactor/keys.xml index 2be7238..d6058f0 100644 --- a/src/cz/crcs/ectester/data/cofactor/keys.xml +++ b/src/cz/crcs/ectester/data/cofactor/keys.xml @@ -721,4 +721,22 @@ <curve>cofactor/large/cofactor128p65535</curve> <desc>cofactor order = 0xffff</desc> </pubkey> + <pubkey> + <id>large/cofactor160p56467/0</id> + <inline>0x574d8a01e5ce61862b1f9504f81abe454ae30cf3,0x5c099446c1d7c24df133f85ecc0baa27a687c8e5</inline> + <curve>cofactor/large/cofactor160p56467</curve> + <desc>cofactor order = 0xdc93</desc> + </pubkey> + <pubkey> + <id>large/cofactor160p65521/0</id> + <inline>0x2567137bf265849618b13057f22ead81753bb39d,0x746c2fc9f040cf8ceeac2015f07522e9616bd094</inline> + <curve>cofactor/large/cofactor160p65521</curve> + <desc>cofactor order = 0xfff1</desc> + </pubkey> + <pubkey> + <id>large/cofactor160p65535/0</id> + <inline>0x0b16071db6d90823611ad35ed728b4f9a9abff9e,0x852a227d06c50d603cc4d8592770f535766927a2</inline> + <curve>cofactor/large/cofactor160p65535</curve> + <desc>cofactor order = 0xffff</desc> + </pubkey> </keys> diff --git a/src/cz/crcs/ectester/data/cofactor/secg_keys.xml b/src/cz/crcs/ectester/data/cofactor/secg_keys.xml index d9d3896..9634e9d 100644 --- a/src/cz/crcs/ectester/data/cofactor/secg_keys.xml +++ b/src/cz/crcs/ectester/data/cofactor/secg_keys.xml @@ -5,12 +5,12 @@ <curve>secg/sect163k1</curve> <desc>order = 2</desc> </pubkey> -<pubkey> +<!--<pubkey> <id>sect163k1/1</id> <inline>0x07759edd174e24fd20b34e6d43e51230f0f7f892ab,0x05e4bf4321769ea3f4dc92abe028069f8db0fc0dc1</inline> <curve>secg/sect163k1</curve> <desc>order = 0x800000000000000000004021145c1981b33f14bde</desc> -</pubkey> +</pubkey>--> <pubkey> <id>sect163r1/0</id> @@ -18,12 +18,12 @@ <curve>secg/sect163r1</curve> <desc>order = 2</desc> </pubkey> -<pubkey> +<!--<pubkey> <id>sect163r1/1</id> <inline>0x05a78dd5973d0d39a5970d49b7a13df98558981dcb,0x0340755fa31149f5bf1dd4bf1fa3ef38432babbe13</inline> <curve>secg/sect163r1</curve> <desc>order = 0x7fffffffffffffffffffe91556d1385394e204f36</desc> -</pubkey> +</pubkey>--> <pubkey> <id>sect163r2/0</id> @@ -31,12 +31,12 @@ <curve>secg/sect163r2</curve> <desc>order = 2</desc> </pubkey> -<pubkey> +<!--<pubkey> <id>sect163r2/1</id> <inline>0x00b8a6683b6d99c044e1086e4eef5d2bd80fd2df41,0x04f6dfa693e7017de96c6e002871b72b3eb6d77b83</inline> <curve>secg/sect163r2</curve> <desc>order = 0x80000000000000000000525fcefce182548469866</desc> -</pubkey> +</pubkey>--> <pubkey> <id>sect233k1/0</id> @@ -48,8 +48,9 @@ <id>sect233k1/1</id> <inline>0x000000000000000000000000000000000000000000000000000000000001,0x000000000000000000000000000000000000000000000000000000000001</inline> <curve>secg/sect233k1</curve> - <desc>order = 2</desc> + <desc>order = 4</desc> </pubkey> +<!-- <pubkey> <id>sect233k1/2</id> <inline>0x01c90d47aff1ed1172eb861cbc5f11ade07f775b1fdd89b1665c464a97d9,0x002b41324d806a174953fb4ccf8bbeb4fd36cef6f30ccc93618dd282a8e0</inline> @@ -62,6 +63,7 @@ <curve>secg/sect233k1</curve> <desc>order = 0x200000000000000000000000000001a756ee456f351bbec6b57c5ceaf7c</desc> </pubkey> +--> <pubkey> <id>sect233r1/0</id> @@ -69,12 +71,12 @@ <curve>secg/sect233r1</curve> <desc>order = 2</desc> </pubkey> -<pubkey> +<!--<pubkey> <id>sect233r1/1</id> <inline>0x00fe7bac18bdc41b4adbabaaa5dd95e7a170b63bb3519b5d897205fe779f,0x0109d0b6ef40d7f05129ee664be44ae57393716c0233857db6a3358926f7</inline> <curve>secg/sect233r1</curve> <desc>order = 0x2000000000000000000000000000027d2e9ce5f14d244063a4c079fc1ae</desc> -</pubkey> +</pubkey>--> <pubkey> <id>sect239k1/0</id> @@ -88,7 +90,7 @@ <curve>secg/sect239k1</curve> <desc>order = 4</desc> </pubkey> -<pubkey> +<!--<pubkey> <id>sect239k1/2</id> <inline>0x2e97f4bf96f4598e4dbbba188895e14b068d9c21ab8e261ffc7d43abc0f2,0x16e86c56595addfdaad811d4bc01df886838cb761332a5bd65f846d63dd3</inline> <curve>secg/sect239k1</curve> @@ -99,7 +101,7 @@ <inline>0x718e787b457b7baf3b58bf38c42dd3347802801386fbbe78c4dd5ea31cc0,0x180ad3b3a1182279d21cdd1de3067572c5fe64c3641cc171515c68128cb9</inline> <curve>secg/sect239k1</curve> <desc>order = 0x80000000000000000000000000000169e7fb19f2dba47c7076a00391e294</desc> -</pubkey> +</pubkey>--> <pubkey> <id>sect283k1/0</id> @@ -113,7 +115,7 @@ <curve>secg/sect283k1</curve> <desc>order = 4</desc> </pubkey> -<pubkey> +<!--<pubkey> <id>sect283k1/2</id> <inline>0x07801fcb7c8e5dd6f8c21c60dd7c13cd472dedffe20c3331d084eb4ba32f7b4b13a3510c,0x01960ead4b2a835d27a626fab5fc6e779b511c680a5e6af9b42d67228261a2add4220335</inline> <curve>secg/sect283k1</curve> @@ -124,7 +126,7 @@ <inline>0x00896ce7c7065cc160ca721127910f598edc8b1e9be077d4756f31aee5705a00302d2e1d,0x0381c6394dbf16cf75f9e79c830e57e5a398ba77258e6d224692940eb925ec0b78ece889</inline> <curve>secg/sect283k1</curve> <desc>order = 0x7ffffffffffffffffffffffffffffffffffa6b8bb41d5dc9977fdfe511478187858f184</desc> -</pubkey> +</pubkey>--> <pubkey> <id>sect283r1/0</id> @@ -132,12 +134,12 @@ <curve>secg/sect283r1</curve> <desc>order = 2</desc> </pubkey> -<pubkey> +<!--<pubkey> <id>sect283r1/1</id> <inline>0x0743efa0a997ab11f696f61403759fa6dac093afe26160fa6d4620dc10c73ecbd07d868d,0x013abc297e8c6568601a70a323208d22730b654374643683bb913daaf0910ff492cfb1c5</inline> <curve>secg/sect283r1</curve> <desc>order = 0x7ffffffffffffffffffffffffffffffffffdf20732cc1f92715202cb60854f9df5b660e</desc> -</pubkey> +</pubkey>--> <pubkey> <id>sect409k1/0</id> @@ -151,7 +153,7 @@ <curve>secg/sect409k1</curve> <desc>order = 4</desc> </pubkey> -<pubkey> +<!--<pubkey> <id>sect409k1/2</id> <inline>0x013b10b72703d774f4873f985742cce57b9377e5f89049e493eac66748870f718ae0f3ae227b6d75f7e5f810d91da79f985cefdc,0x001aea0d33e0ae234db866482308cbc579e9c7cab1fad1b62dac2a3ea16bec7ca504da1d86370fc748d1ddbc443c8a920c7b9d14</inline> <curve>secg/sect409k1</curve> @@ -162,7 +164,7 @@ <inline>0x00a6cc45b0ed549286beb3f391467dcd5106fed4fb850e0ca45ac7a5291fa1f73c2ebd66b5eb2fc6c3ad93a225c20e29d76172e1,0x019c34bda5074fe8c75e1017d8b64a87766467083fb6e17a4fc57ca39c6801a31eb71e824fa225922e361db0946c4a3e7445468d</inline> <curve>secg/sect409k1</curve> <desc>order = 0x1fffffffffffffffffffffffffffffffffffffffffffffffffff97e0ecb53a881003b1155f57b4f8f9f296d2d720ee380797f3c</desc> -</pubkey> +</pubkey>--> <pubkey> <id>sect409r1/0</id> @@ -170,12 +172,14 @@ <curve>secg/sect409r1</curve> <desc>order = 2</desc> </pubkey> +<!-- <pubkey> <id>sect409r1/1</id> <inline>0x01f8a55ff6e55b1d023eca11efc629aedba15e7683f948a84ef6e3746470b2fe9f9c694f862714ec8dbb35ae8e5b760f488ae84a,0x00c0bbc113adacdb9815bb210178b081ef4b40c949fe52345ad21eab210667cc10b5ac0e60d7bb44fee1d6c544b3cc3a18ad0a23</inline> <curve>secg/sect409r1</curve> <desc>order = 0x20000000000000000000000000000000000000000000000000003c555ad4c25e6660f7cbf48f8793c0a5f0702c99a6fb34422e6</desc> </pubkey> +--> <pubkey> <id>sect571k1/0</id> @@ -189,7 +193,7 @@ <curve>secg/sect571k1</curve> <desc>order = 4</desc> </pubkey> -<pubkey> +<!--<pubkey> <id>sect571k1/2</id> <inline>0x0311efd68e031548397fd197f3c9ea9ef2048b3835bbb52c06cc89fa29a609be1a4215805132ed6c30ed743e6221f34c5d43acd3777c88a42578a7b02d2a9af488c138b206832707,0x01692831faeb78797365873933fd9c5f5223d2bceba37aa6a4f6d128973e3263b124300568f039541e51c6214409523179aaecdf76e789921d84e12991113eacd03727d4c9754920</inline> <curve>secg/sect571k1</curve> @@ -200,7 +204,7 @@ <inline>0x0519146e2a901338dce58310d786d30fd6806c620f6a7a9ba4389534dcdf16c6becdacb853fad56e4b048465b4037450468fb9bc6259448ce84a92fd8bfe9c3663dad3da48089517,0x05671e892895ca17683107f21da7741a3fdf47e546dfc6b6d2ed83c970ac88c33b7b522b0a1fe9a7dda46a7075d4881e88b9fc7f3a2002883f6c7d651f9c94252340b59b8abc0aeb</inline> <curve>secg/sect571k1</curve> <desc>order = 0x800000000000000000000000000000000000000000000000000000000000000000000004c614387c6698f92ce46a36e45fd04e2d8c3612f9758e4e07a477ad173f9de3d8df04004</desc> -</pubkey> +</pubkey>--> <pubkey> <id>sect571r1/0</id> @@ -208,9 +212,10 @@ <curve>secg/sect571r1</curve> <desc>order = 2</desc> </pubkey> +<!-- <pubkey> <id>sect571r1/1</id> <inline>0x01e4b7514be19101ec1d9f032bdba65dd1d73465bc1425e3847f44b7b2c78669358ab7bb34dec5202db32c0e65f8f4e0c5c0db8ae19537307ba6391dfa7831375b1b3957d403477a,0x00f04eb4a9ce0f18f879143faea24107682602d9319105a62c2758da491014ae34280a32830a1e239d0e89b3a3ff60acb640afc01aa56dcb8344423f0ad9f071af3d95d7675578fc</inline> <curve>secg/sect571r1</curve> <desc>order = 0x7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffccc39c31feab30e6100b3630d0470a3d8fbb39422c3bd27aa2e9acdd0705d3765fd09c8e</desc> -</pubkey>
\ No newline at end of file +</pubkey>--> diff --git a/src/cz/crcs/ectester/data/composite/curves.xml b/src/cz/crcs/ectester/data/composite/curves.xml index d4ef2ce..34ad33a 100644 --- a/src/cz/crcs/ectester/data/composite/curves.xml +++ b/src/cz/crcs/ectester/data/composite/curves.xml @@ -524,7 +524,7 @@ <desc>r = 152 bit prime</desc> </curve> <curve> - <id>varying/160/first/152cofactor</id> + <id>varying/160/cofactor/152</id> <bits>160</bits> <field>prime</field> <file>varying/160/first/152_cofactor.csv</file> diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160r1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160r1.xml index b11c2c8..7656432 100644 --- a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160r1.xml +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160r1.xml @@ -97,7 +97,7 @@ </pubkey> <pubkey> <id>brainpoolP160r1/16</id> - <inline>0x5699ff94f28628b37b35afce2cfbe033946ec7b8,0x63f5d424359563aeb46cee26d8ba5e1bcc1e052</inline> + <inline>0x5699ff94f28628b37b35afce2cfbe033946ec7b8,0x063f5d424359563aeb46cee26d8ba5e1bcc1e052</inline> <curve>brainpool/brainpoolP160r1</curve> <desc>invalid order = 59</desc> </pubkey> @@ -121,13 +121,13 @@ </pubkey> <pubkey> <id>brainpoolP160r1/20</id> - <inline>0x301528c0245255342671904c643decf32a7a233,0x802721fa4911239d28825fc50d5bd85496d69305</inline> + <inline>0x0301528c0245255342671904c643decf32a7a233,0x802721fa4911239d28825fc50d5bd85496d69305</inline> <curve>brainpool/brainpoolP160r1</curve> <desc>invalid order = 73</desc> </pubkey> <pubkey> <id>brainpoolP160r1/21</id> - <inline>0xc4dab799a81f3397c487bafde8133e324244d5c,0x99d70a4f7bb2c62d34dd835f7da5df1ec31058d</inline> + <inline>0x0c4dab799a81f3397c487bafde8133e324244d5c,0x099d70a4f7bb2c62d34dd835f7da5df1ec31058d</inline> <curve>brainpool/brainpoolP160r1</curve> <desc>invalid order = 79</desc> </pubkey> @@ -169,7 +169,7 @@ </pubkey> <pubkey> <id>brainpoolP160r1/28</id> - <inline>0x8987c8fdcf194692bba9468ee6153bd561befef,0x76dda0681cf1b07f7cea5a233ff6cda45eaddd42</inline> + <inline>0x08987c8fdcf194692bba9468ee6153bd561befef,0x76dda0681cf1b07f7cea5a233ff6cda45eaddd42</inline> <curve>brainpool/brainpoolP160r1</curve> <desc>invalid order = 109</desc> </pubkey> @@ -181,7 +181,7 @@ </pubkey> <pubkey> <id>brainpoolP160r1/30</id> - <inline>0xdf1ffb84e573d940df790fe5f714aae6c7e25c2f,0x8b70760193ea02b29769b31be869fc6a500aeee</inline> + <inline>0xdf1ffb84e573d940df790fe5f714aae6c7e25c2f,0x08b70760193ea02b29769b31be869fc6a500aeee</inline> <curve>brainpool/brainpoolP160r1</curve> <desc>invalid order = 127</desc> </pubkey> @@ -241,7 +241,7 @@ </pubkey> <pubkey> <id>brainpoolP160r1/40</id> - <inline>0x4d55a23dd8da29f49de10385e052503223b57b2a,0x5d42f9e7b85df543c1d7583a6712af2d4cde554</inline> + <inline>0x4d55a23dd8da29f49de10385e052503223b57b2a,0x05d42f9e7b85df543c1d7583a6712af2d4cde554</inline> <curve>brainpool/brainpoolP160r1</curve> <desc>invalid order = 179</desc> </pubkey> @@ -259,7 +259,7 @@ </pubkey> <pubkey> <id>brainpoolP160r1/43</id> - <inline>0x64977b60eaefabd73d238d0bfe99a6b42aab0029,0x202d8d421cdc97bd18be388c1e4423b92ca5e09</inline> + <inline>0x64977b60eaefabd73d238d0bfe99a6b42aab0029,0x0202d8d421cdc97bd18be388c1e4423b92ca5e09</inline> <curve>brainpool/brainpoolP160r1</curve> <desc>invalid order = 193</desc> </pubkey> @@ -319,7 +319,7 @@ </pubkey> <pubkey> <id>brainpoolP160r1/53</id> - <inline>0x40892221b8291a17a70fef729b3d0958db3300,0xe613aa9e4991281f8618ebb73003aff70df87a14</inline> + <inline>0x0040892221b8291a17a70fef729b3d0958db3300,0xe613aa9e4991281f8618ebb73003aff70df87a14</inline> <curve>brainpool/brainpoolP160r1</curve> <desc>invalid order = 251</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160t1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160t1.xml index 5ef2693..ffac676 100644 --- a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160t1.xml +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160t1.xml @@ -163,7 +163,7 @@ </pubkey> <pubkey> <id>brainpoolP160t1/27</id> - <inline>0x9902830338496e4e2ff394e0c10410982afdd2ef,0x383c77a02e3c3add14c241cd6db01ae8bbabc94</inline> + <inline>0x9902830338496e4e2ff394e0c10410982afdd2ef,0x0383c77a02e3c3add14c241cd6db01ae8bbabc94</inline> <curve>brainpool/brainpoolP160t1</curve> <desc>invalid order = 107</desc> </pubkey> @@ -223,13 +223,13 @@ </pubkey> <pubkey> <id>brainpoolP160t1/37</id> - <inline>0x466fa585d429d7c810945310ffaec7fd08f77e,0x6681a71c0ddc36ba776081b0bbb04af90d1ef459</inline> + <inline>0x00466fa585d429d7c810945310ffaec7fd08f77e,0x6681a71c0ddc36ba776081b0bbb04af90d1ef459</inline> <curve>brainpool/brainpoolP160t1</curve> <desc>invalid order = 163</desc> </pubkey> <pubkey> <id>brainpoolP160t1/38</id> - <inline>0xefa98dc9008d32500f01781c2c1a5b69f80f6c3,0x5a8cf27b9732b4399e6bce12c238524667881c03</inline> + <inline>0x0efa98dc9008d32500f01781c2c1a5b69f80f6c3,0x5a8cf27b9732b4399e6bce12c238524667881c03</inline> <curve>brainpool/brainpoolP160t1</curve> <desc>invalid order = 167</desc> </pubkey> @@ -247,7 +247,7 @@ </pubkey> <pubkey> <id>brainpoolP160t1/41</id> - <inline>0xcec5ad185a118e567adf7911680764df3f6c0f2c,0x9b82c5f305bd8edfd410a1b3c2779f972ccc09b</inline> + <inline>0xcec5ad185a118e567adf7911680764df3f6c0f2c,0x09b82c5f305bd8edfd410a1b3c2779f972ccc09b</inline> <curve>brainpool/brainpoolP160t1</curve> <desc>invalid order = 181</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192r1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192r1.xml index 6458609..4ceb20c 100644 --- a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192r1.xml +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192r1.xml @@ -31,7 +31,7 @@ </pubkey> <pubkey> <id>brainpoolP192r1/5</id> - <inline>0x91f9ee514f7ba95b02f6a6a421e5c407aa98750f4800c489,0x75bc5be4e76df961ee39cde63e78e49969b2e4e08741a8e</inline> + <inline>0x91f9ee514f7ba95b02f6a6a421e5c407aa98750f4800c489,0x075bc5be4e76df961ee39cde63e78e49969b2e4e08741a8e</inline> <curve>brainpool/brainpoolP192r1</curve> <desc>invalid order = 13</desc> </pubkey> @@ -127,7 +127,7 @@ </pubkey> <pubkey> <id>brainpoolP192r1/21</id> - <inline>0xb775ff62b4cfd5938855b327ba4ed92b20102215b80593e7,0x1822fab9134b819adae394b401fdc995080542e1b131aad</inline> + <inline>0xb775ff62b4cfd5938855b327ba4ed92b20102215b80593e7,0x01822fab9134b819adae394b401fdc995080542e1b131aad</inline> <curve>brainpool/brainpoolP192r1</curve> <desc>invalid order = 79</desc> </pubkey> @@ -157,7 +157,7 @@ </pubkey> <pubkey> <id>brainpoolP192r1/26</id> - <inline>0x51262d2d0d43887a4913ebde0505c6f945d72588e786493e,0x947b3447c161eeb65c5d2ea0ce25f8538a3be5e9612580c</inline> + <inline>0x51262d2d0d43887a4913ebde0505c6f945d72588e786493e,0x0947b3447c161eeb65c5d2ea0ce25f8538a3be5e9612580c</inline> <curve>brainpool/brainpoolP192r1</curve> <desc>invalid order = 103</desc> </pubkey> @@ -247,7 +247,7 @@ </pubkey> <pubkey> <id>brainpoolP192r1/41</id> - <inline>0xbe28f2c028623f3b2cb5f52d796fcbd6de65a8f9428bf7b3,0x6c186203b8cb15ce01d002cf9f47fcce9f67939131ce3dd</inline> + <inline>0xbe28f2c028623f3b2cb5f52d796fcbd6de65a8f9428bf7b3,0x06c186203b8cb15ce01d002cf9f47fcce9f67939131ce3dd</inline> <curve>brainpool/brainpoolP192r1</curve> <desc>invalid order = 181</desc> </pubkey> @@ -337,7 +337,7 @@ </pubkey> <pubkey> <id>brainpoolP192r1/56</id> - <inline>0x6152805a62d2ba015dac702fe4688efb34a5ca3c11b88e5b,0x349428b8179e041affa4311ead89de00d508fc7d3c8d9fb</inline> + <inline>0x6152805a62d2ba015dac702fe4688efb34a5ca3c11b88e5b,0x0349428b8179e041affa4311ead89de00d508fc7d3c8d9fb</inline> <curve>brainpool/brainpoolP192r1</curve> <desc>invalid order = 269</desc> </pubkey> @@ -355,13 +355,13 @@ </pubkey> <pubkey> <id>brainpoolP192r1/59</id> - <inline>0x940d62366df60884cb2d482a00ef24d4195d2242c65e29f,0x90c75f89c3809dd80be41e8c72265d6c8f21db8294cf970b</inline> + <inline>0x0940d62366df60884cb2d482a00ef24d4195d2242c65e29f,0x90c75f89c3809dd80be41e8c72265d6c8f21db8294cf970b</inline> <curve>brainpool/brainpoolP192r1</curve> <desc>invalid order = 281</desc> </pubkey> <pubkey> <id>brainpoolP192r1/60</id> - <inline>0x129bca166096f206be151fa2e61dfd89c0da5abb093f373,0x545b00cb1201b786fe6361e1bd606819707b2b929a70c5a5</inline> + <inline>0x0129bca166096f206be151fa2e61dfd89c0da5abb093f373,0x545b00cb1201b786fe6361e1bd606819707b2b929a70c5a5</inline> <curve>brainpool/brainpoolP192r1</curve> <desc>invalid order = 283</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192t1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192t1.xml index cf90464..fe06dcf 100644 --- a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192t1.xml +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192t1.xml @@ -145,7 +145,7 @@ </pubkey> <pubkey> <id>brainpoolP192t1/24</id> - <inline>0x39701cde7695ba5f45b70dd3698004daaca12eb6365be6b,0x7888943d187330eed979330f7bb597b145c96d944d93bfff</inline> + <inline>0x039701cde7695ba5f45b70dd3698004daaca12eb6365be6b,0x7888943d187330eed979330f7bb597b145c96d944d93bfff</inline> <curve>brainpool/brainpoolP192t1</curve> <desc>invalid order = 97</desc> </pubkey> @@ -199,7 +199,7 @@ </pubkey> <pubkey> <id>brainpoolP192t1/33</id> - <inline>0x50e3ceed3ec28c2cb201c954698f1c0092c7ac6b5a42a46,0x94c9ef437dfda2ee40fce97a8949a3b9cea5452122def043</inline> + <inline>0x050e3ceed3ec28c2cb201c954698f1c0092c7ac6b5a42a46,0x94c9ef437dfda2ee40fce97a8949a3b9cea5452122def043</inline> <curve>brainpool/brainpoolP192t1</curve> <desc>invalid order = 139</desc> </pubkey> @@ -325,7 +325,7 @@ </pubkey> <pubkey> <id>brainpoolP192t1/54</id> - <inline>0x9aab4fa1bd8c55746f2584eec54118f400815e5b2b0290a3,0xd1b9110aed6e79c0c2951f02609ea62df69d6f2193f54c3</inline> + <inline>0x9aab4fa1bd8c55746f2584eec54118f400815e5b2b0290a3,0x0d1b9110aed6e79c0c2951f02609ea62df69d6f2193f54c3</inline> <curve>brainpool/brainpoolP192t1</curve> <desc>invalid order = 257</desc> </pubkey> @@ -355,7 +355,7 @@ </pubkey> <pubkey> <id>brainpoolP192t1/59</id> - <inline>0x5a1d82fe88b392b28aafd1960a576092f05baf3d5c04164c,0x118cad17735949799602bc4ccb8170e34cb9e7fb2f76959</inline> + <inline>0x5a1d82fe88b392b28aafd1960a576092f05baf3d5c04164c,0x0118cad17735949799602bc4ccb8170e34cb9e7fb2f76959</inline> <curve>brainpool/brainpoolP192t1</curve> <desc>invalid order = 281</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224r1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224r1.xml index 7a12145..c708160 100644 --- a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224r1.xml +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224r1.xml @@ -313,7 +313,7 @@ </pubkey> <pubkey> <id>brainpoolP224r1/52</id> - <inline>0x89b90b886ed09591c182478b66a3b1cb19ae01fe529897a2a2d5c8,0xc4650cc96a78639f5f33b7b05f48a72e5c49e7cccf916ed5638f22bc</inline> + <inline>0x0089b90b886ed09591c182478b66a3b1cb19ae01fe529897a2a2d5c8,0xc4650cc96a78639f5f33b7b05f48a72e5c49e7cccf916ed5638f22bc</inline> <curve>brainpool/brainpoolP224r1</curve> <desc>invalid order = 241</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256r1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256r1.xml index ebd8f6b..30343e6 100644 --- a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256r1.xml +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256r1.xml @@ -37,13 +37,13 @@ </pubkey> <pubkey> <id>brainpoolP256r1/6</id> - <inline>0xb9f03197a680d49ad3e7b4d40d95340d5e1a46e57e2f961703137eea8e61653,0x681b44c0540f64f8fa77166a1c95002a7a7ae4f53a4317d57800cb3c8146310a</inline> + <inline>0x0b9f03197a680d49ad3e7b4d40d95340d5e1a46e57e2f961703137eea8e61653,0x681b44c0540f64f8fa77166a1c95002a7a7ae4f53a4317d57800cb3c8146310a</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 17</desc> </pubkey> <pubkey> <id>brainpoolP256r1/7</id> - <inline>0x2d4b3dc4f3d3a9f4f4843637eb1ad271ffcf49bf6a2a837bb89b81920022899d,0x9ec63d7131dad83633aac03d648fc8b9c5016a403a3e4266a7b859337d00c31</inline> + <inline>0x2d4b3dc4f3d3a9f4f4843637eb1ad271ffcf49bf6a2a837bb89b81920022899d,0x09ec63d7131dad83633aac03d648fc8b9c5016a403a3e4266a7b859337d00c31</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 19</desc> </pubkey> @@ -79,7 +79,7 @@ </pubkey> <pubkey> <id>brainpoolP256r1/13</id> - <inline>0xabbdab45a30470fe34f79aa752b068daa8356a198fb171293109ee87fc5b9e4,0x6daf3a42a1c7f7e3fe75649caf1bbc7e36260a4bcdef5b900fca1b7795a35a87</inline> + <inline>0x0abbdab45a30470fe34f79aa752b068daa8356a198fb171293109ee87fc5b9e4,0x6daf3a42a1c7f7e3fe75649caf1bbc7e36260a4bcdef5b900fca1b7795a35a87</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 43</desc> </pubkey> @@ -97,7 +97,7 @@ </pubkey> <pubkey> <id>brainpoolP256r1/16</id> - <inline>0x80070fcc7e01481ac8f408d3fffd8bbb3abb719868ead0629115698dafbb073d,0x4015e9e8842bf388a967129a4a8a203840e96297cc2bac91828e35ae6b6bafc</inline> + <inline>0x80070fcc7e01481ac8f408d3fffd8bbb3abb719868ead0629115698dafbb073d,0x04015e9e8842bf388a967129a4a8a203840e96297cc2bac91828e35ae6b6bafc</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 59</desc> </pubkey> @@ -181,7 +181,7 @@ </pubkey> <pubkey> <id>brainpoolP256r1/30</id> - <inline>0xa3084e293cbc36389c7641dbd1b9fe978e0d4bf80b0c76e0c1c621c2f759ce1,0x77109db8c35585c9717cf8678663b32a11c9e0ec37ed665a777ec74ed69330ff</inline> + <inline>0x0a3084e293cbc36389c7641dbd1b9fe978e0d4bf80b0c76e0c1c621c2f759ce1,0x77109db8c35585c9717cf8678663b32a11c9e0ec37ed665a777ec74ed69330ff</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 127</desc> </pubkey> @@ -199,13 +199,13 @@ </pubkey> <pubkey> <id>brainpoolP256r1/33</id> - <inline>0x907d254851cdceba689917f23e95d0f97ec4cb1a70e00f61dc0a21f14dda70f1,0xc51bbdc4ef9b0b10c385d1fa1583c2756960d640190e3b06891c4643ded97dc</inline> + <inline>0x907d254851cdceba689917f23e95d0f97ec4cb1a70e00f61dc0a21f14dda70f1,0x0c51bbdc4ef9b0b10c385d1fa1583c2756960d640190e3b06891c4643ded97dc</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 139</desc> </pubkey> <pubkey> <id>brainpoolP256r1/34</id> - <inline>0xb3ca29e79bf55c9f4f902d8e6ef976cfd91a4c11d2cebe829507d9703280cf3,0x41bcaaf1f9e02d469f2ece950730d01f842c00270e489299c4d12af9b257b2f6</inline> + <inline>0x0b3ca29e79bf55c9f4f902d8e6ef976cfd91a4c11d2cebe829507d9703280cf3,0x41bcaaf1f9e02d469f2ece950730d01f842c00270e489299c4d12af9b257b2f6</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 149</desc> </pubkey> @@ -259,13 +259,13 @@ </pubkey> <pubkey> <id>brainpoolP256r1/43</id> - <inline>0x92bc20e7aee1d18d017916336ba8c5d0366a429d31033c2801c0f295b93acda1,0xbc03be75c78342563a9667e000744fb8895724d013f08caddcadd8576326cba</inline> + <inline>0x92bc20e7aee1d18d017916336ba8c5d0366a429d31033c2801c0f295b93acda1,0x0bc03be75c78342563a9667e000744fb8895724d013f08caddcadd8576326cba</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 193</desc> </pubkey> <pubkey> <id>brainpoolP256r1/44</id> - <inline>0x188c91fe6a08837cad3c31eef72411cf16277dba8062d16cff1fd01fd8a43d98,0x8e5102f93db66e44867626315f98e488bef161c25d979388b9d6cdf5c64dc94</inline> + <inline>0x188c91fe6a08837cad3c31eef72411cf16277dba8062d16cff1fd01fd8a43d98,0x08e5102f93db66e44867626315f98e488bef161c25d979388b9d6cdf5c64dc94</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 197</desc> </pubkey> @@ -283,7 +283,7 @@ </pubkey> <pubkey> <id>brainpoolP256r1/47</id> - <inline>0xa86083f363bb7aabb79b0757d52a77f3ef17975e7e8e1ac7e19ac3382750a769,0x74372f3343c2fa6011fbde39cdb23e2d253a7d9102e4d52e5769687abda1432</inline> + <inline>0xa86083f363bb7aabb79b0757d52a77f3ef17975e7e8e1ac7e19ac3382750a769,0x074372f3343c2fa6011fbde39cdb23e2d253a7d9102e4d52e5769687abda1432</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 223</desc> </pubkey> @@ -295,13 +295,13 @@ </pubkey> <pubkey> <id>brainpoolP256r1/49</id> - <inline>0x5317d56926ab92ae38597afcf2ba6bf20c4fe981421c87de2f50d4d2356b8ff,0x8ad21c1c871e2b68948971039ea6095fe368572180ef360103c6fa5d9230c164</inline> + <inline>0x05317d56926ab92ae38597afcf2ba6bf20c4fe981421c87de2f50d4d2356b8ff,0x8ad21c1c871e2b68948971039ea6095fe368572180ef360103c6fa5d9230c164</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 229</desc> </pubkey> <pubkey> <id>brainpoolP256r1/50</id> - <inline>0x33d7fffa35bbfd951ba1a3a974b962f3f8acb0f4b2bfe72f5cc6cc2054b23e36,0x84503cb28c332e2ecd08304f8f09d5f6409dc67d7737991ddea997449c55728</inline> + <inline>0x33d7fffa35bbfd951ba1a3a974b962f3f8acb0f4b2bfe72f5cc6cc2054b23e36,0x084503cb28c332e2ecd08304f8f09d5f6409dc67d7737991ddea997449c55728</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 233</desc> </pubkey> @@ -313,7 +313,7 @@ </pubkey> <pubkey> <id>brainpoolP256r1/52</id> - <inline>0x5d2ff3680dfeef97a037e99ec79afd4cac7861fa441c2fe756d8f6494213bc,0x3ba863cd56155d7dd20d37f38e6d977a76eed84233b1240ae2c8fdf210529442</inline> + <inline>0x005d2ff3680dfeef97a037e99ec79afd4cac7861fa441c2fe756d8f6494213bc,0x3ba863cd56155d7dd20d37f38e6d977a76eed84233b1240ae2c8fdf210529442</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 241</desc> </pubkey> @@ -325,7 +325,7 @@ </pubkey> <pubkey> <id>brainpoolP256r1/54</id> - <inline>0x5e1648b24e5ea32a9a32b51bf3b1bb6b13db50b435c4893c3683f07fb467e9e7,0xef62afba115ce527c39ea43c8d6873f37610878937781549adb9b79efd635b1</inline> + <inline>0x5e1648b24e5ea32a9a32b51bf3b1bb6b13db50b435c4893c3683f07fb467e9e7,0x0ef62afba115ce527c39ea43c8d6873f37610878937781549adb9b79efd635b1</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 257</desc> </pubkey> @@ -355,7 +355,7 @@ </pubkey> <pubkey> <id>brainpoolP256r1/59</id> - <inline>0x6d3eb141c8057de9e03e8b6b0bf6f6151f1cf493c45ab7d417f09e66cd1c6fcc,0xd9304a6fff3410873d18e43f44bf4a68740542bb1f936fb6df723b0ada2bc5f</inline> + <inline>0x6d3eb141c8057de9e03e8b6b0bf6f6151f1cf493c45ab7d417f09e66cd1c6fcc,0x0d9304a6fff3410873d18e43f44bf4a68740542bb1f936fb6df723b0ada2bc5f</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 281</desc> </pubkey> @@ -445,7 +445,7 @@ </pubkey> <pubkey> <id>brainpoolP256r1/74</id> - <inline>0x55d7cd53bd7775a0cb719e75741efc69d207b7ded1b1a6a74285ecbfd14dd555,0xfdd325700cbecf7d4323bd7cf8d5894f1ca4d80a85523dbd4982f55638fce12</inline> + <inline>0x55d7cd53bd7775a0cb719e75741efc69d207b7ded1b1a6a74285ecbfd14dd555,0x0fdd325700cbecf7d4323bd7cf8d5894f1ca4d80a85523dbd4982f55638fce12</inline> <curve>brainpool/brainpoolP256r1</curve> <desc>invalid order = 379</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256t1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256t1.xml index c2cf345..8b0a544 100644 --- a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256t1.xml +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256t1.xml @@ -79,7 +79,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/13</id> - <inline>0xa8d85e8357da11efd22ba80da4bb125f0d8b6189845133b2bc3be81da2de87cb,0xc73e6d8d720a55e1c74206a8662503fc8b487391c29d510744e54fdd98eeb4</inline> + <inline>0xa8d85e8357da11efd22ba80da4bb125f0d8b6189845133b2bc3be81da2de87cb,0x00c73e6d8d720a55e1c74206a8662503fc8b487391c29d510744e54fdd98eeb4</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 43</desc> </pubkey> @@ -139,7 +139,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/23</id> - <inline>0x1c4a352bac2efde91d52ad41ea4bc3525d78da0061b04eb08b81912be0a0acc2,0xc7fbe998338b83e7567cee01a88b465c032b8ee6b58c631966921d67b0dd3ae</inline> + <inline>0x1c4a352bac2efde91d52ad41ea4bc3525d78da0061b04eb08b81912be0a0acc2,0x0c7fbe998338b83e7567cee01a88b465c032b8ee6b58c631966921d67b0dd3ae</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 89</desc> </pubkey> @@ -151,19 +151,19 @@ </pubkey> <pubkey> <id>brainpoolP256t1/25</id> - <inline>0x61cd1350205127d6a83c42b424e103bd1c4d804a81ff1f524886f8b719ded2d7,0x17d8f7969f9b850e82b35078c4303b4b6a94c79459cde47a766724a79e83c1d</inline> + <inline>0x61cd1350205127d6a83c42b424e103bd1c4d804a81ff1f524886f8b719ded2d7,0x017d8f7969f9b850e82b35078c4303b4b6a94c79459cde47a766724a79e83c1d</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 101</desc> </pubkey> <pubkey> <id>brainpoolP256t1/26</id> - <inline>0x461fbc9128ce57e13a8e9414a053c5477d0bcf1889c48f5c0218510d40f99962,0x57f14edee8af46b61a8054a304923c3fad612e3b4d2e0fbd82d8562c49a4042</inline> + <inline>0x461fbc9128ce57e13a8e9414a053c5477d0bcf1889c48f5c0218510d40f99962,0x057f14edee8af46b61a8054a304923c3fad612e3b4d2e0fbd82d8562c49a4042</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 103</desc> </pubkey> <pubkey> <id>brainpoolP256t1/27</id> - <inline>0x5a4d44a36b9e91778da732db19c59deb3ad1f865eaa8362a0b9596ed4519f417,0x76e32264277f2d80d3fb2f2cd4d12657209b52da7d07e910072bce22749ec14</inline> + <inline>0x5a4d44a36b9e91778da732db19c59deb3ad1f865eaa8362a0b9596ed4519f417,0x076e32264277f2d80d3fb2f2cd4d12657209b52da7d07e910072bce22749ec14</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 107</desc> </pubkey> @@ -205,7 +205,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/34</id> - <inline>0x3fbdc402d055a8bda9cb808f8ff9bb112b315da546784925b020925df99c6cc,0x9f73b9e859d544caa731ba70c65da08d3e791da4f2913ba5dcca0a811a6349bd</inline> + <inline>0x03fbdc402d055a8bda9cb808f8ff9bb112b315da546784925b020925df99c6cc,0x9f73b9e859d544caa731ba70c65da08d3e791da4f2913ba5dcca0a811a6349bd</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 149</desc> </pubkey> @@ -223,7 +223,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/37</id> - <inline>0x657fd424b17e5e7e65391bd734e2d123943011f72a551c56c1599a3ae51b752,0x259fe7af5aa7ba34a936ee859ae3b6d730a9b575c9e6603ea34fc083ce89d310</inline> + <inline>0x0657fd424b17e5e7e65391bd734e2d123943011f72a551c56c1599a3ae51b752,0x259fe7af5aa7ba34a936ee859ae3b6d730a9b575c9e6603ea34fc083ce89d310</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 163</desc> </pubkey> @@ -247,7 +247,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/41</id> - <inline>0x8becdae261b104d9ee78948780b555eb86cc7035b73a3a367b7f8a1be8cd01c0,0x36de4eee57440062907c8c1284ff925c497c0574c6cace8e4a38805161f11e8</inline> + <inline>0x8becdae261b104d9ee78948780b555eb86cc7035b73a3a367b7f8a1be8cd01c0,0x036de4eee57440062907c8c1284ff925c497c0574c6cace8e4a38805161f11e8</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 181</desc> </pubkey> @@ -283,7 +283,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/47</id> - <inline>0x91712468bd01e16c5d608a10951d4d82e6ae49ef66485e8754c22cdfc7259808,0xbac428282adb922c0c5ac23f8c0bb9767eed1dddeab194ea5de9ccb1401513</inline> + <inline>0x91712468bd01e16c5d608a10951d4d82e6ae49ef66485e8754c22cdfc7259808,0x00bac428282adb922c0c5ac23f8c0bb9767eed1dddeab194ea5de9ccb1401513</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 223</desc> </pubkey> @@ -325,7 +325,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/54</id> - <inline>0x8e66cf003c13d492f5bba32bb933792335379812f7edcb69f61889d09fcc694,0x492bd824e57d53cfd01961703ad0344527df78f8e2f7f0a6f51eb06461f77121</inline> + <inline>0x08e66cf003c13d492f5bba32bb933792335379812f7edcb69f61889d09fcc694,0x492bd824e57d53cfd01961703ad0344527df78f8e2f7f0a6f51eb06461f77121</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 257</desc> </pubkey> @@ -337,7 +337,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/56</id> - <inline>0x5df0571aabfb0d3cb734ab0f6623cb1a22f0f227b463dbd5cbfa0f8ebfe37b3,0x3a3250e75db55543c76d92eee205349953e7c53d0dc505baf70802805f5c78c2</inline> + <inline>0x05df0571aabfb0d3cb734ab0f6623cb1a22f0f227b463dbd5cbfa0f8ebfe37b3,0x3a3250e75db55543c76d92eee205349953e7c53d0dc505baf70802805f5c78c2</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 269</desc> </pubkey> @@ -349,7 +349,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/58</id> - <inline>0x3b0f68153ec7a3641e6693f34cd80ebd20181305b8951ea04911d8022f588b96,0x15c1e08b84503b6b81be5212ddf5385d79d2e09bcb3942eeed3eeb766428b73</inline> + <inline>0x3b0f68153ec7a3641e6693f34cd80ebd20181305b8951ea04911d8022f588b96,0x015c1e08b84503b6b81be5212ddf5385d79d2e09bcb3942eeed3eeb766428b73</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 277</desc> </pubkey> @@ -385,7 +385,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/64</id> - <inline>0x9784b99751dca1564983e97ea9dc117c88a0cc7d8b4a8fe571b8f767feadbd2,0xa34ee01a891dc707e96a00c75b2f7fb803429290ed3bff15ae8d4810aaeb4f67</inline> + <inline>0x09784b99751dca1564983e97ea9dc117c88a0cc7d8b4a8fe571b8f767feadbd2,0xa34ee01a891dc707e96a00c75b2f7fb803429290ed3bff15ae8d4810aaeb4f67</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 313</desc> </pubkey> @@ -403,7 +403,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/67</id> - <inline>0x694ea76457f3856cd64cbffd2e960fa63674555645e49a0eb11c0bb23058fc4,0x3d474292d44f14c6d64200aa49590b1a4cad714d3af2e14f4d6e38dedd1909a4</inline> + <inline>0x0694ea76457f3856cd64cbffd2e960fa63674555645e49a0eb11c0bb23058fc4,0x3d474292d44f14c6d64200aa49590b1a4cad714d3af2e14f4d6e38dedd1909a4</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 337</desc> </pubkey> @@ -445,7 +445,7 @@ </pubkey> <pubkey> <id>brainpoolP256t1/74</id> - <inline>0x546fc53be826e6ee5ee1c10ae2e8a652ea238b7d4c5045a17fd9fdc423bc9a1,0x4db945865e98861802a29e82cbab586ff44ebb8d9e9252e709eea7c55b9a9d0d</inline> + <inline>0x0546fc53be826e6ee5ee1c10ae2e8a652ea238b7d4c5045a17fd9fdc423bc9a1,0x4db945865e98861802a29e82cbab586ff44ebb8d9e9252e709eea7c55b9a9d0d</inline> <curve>brainpool/brainpoolP256t1</curve> <desc>invalid order = 379</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/nist/b163.xml b/src/cz/crcs/ectester/data/invalid/nist/b163.xml index 0528478..e3df992 100644 --- a/src/cz/crcs/ectester/data/invalid/nist/b163.xml +++ b/src/cz/crcs/ectester/data/invalid/nist/b163.xml @@ -7,7 +7,7 @@ </pubkey> <pubkey> <id>b163/1</id> - <inline>0x45b3d6fcd766c378c2902a8907873bf6b006b8e5,0x1b1c588c4a90232f42cedd09a85b970ce80e378cf</inline> + <inline>0x045b3d6fcd766c378c2902a8907873bf6b006b8e5,0x1b1c588c4a90232f42cedd09a85b970ce80e378cf</inline> <curve>nist/B-163</curve> <desc>invalid order = 3</desc> </pubkey> @@ -85,7 +85,7 @@ </pubkey> <pubkey> <id>b163/14</id> - <inline>0x585a273a49648802956b8750d28a4d3b929a4a0dd,0x62535933a6053690db15e68b67d1f478a7e8ca5a</inline> + <inline>0x585a273a49648802956b8750d28a4d3b929a4a0dd,0x062535933a6053690db15e68b67d1f478a7e8ca5a</inline> <curve>nist/B-163</curve> <desc>invalid order = 47</desc> </pubkey> @@ -97,13 +97,13 @@ </pubkey> <pubkey> <id>b163/16</id> - <inline>0x9821fe834eafa79fee668eb5a6051c1eac9a24bb,0x104c1e025660c7793dbcba6df198e5ae96b39d38e</inline> + <inline>0x09821fe834eafa79fee668eb5a6051c1eac9a24bb,0x104c1e025660c7793dbcba6df198e5ae96b39d38e</inline> <curve>nist/B-163</curve> <desc>invalid order = 59</desc> </pubkey> <pubkey> <id>b163/17</id> - <inline>0x2f0edfb1c99b770fceb9c0c184e37bbc776f625f8,0x4e3621e11a3bd72b963469dbd1154814f34cec49</inline> + <inline>0x2f0edfb1c99b770fceb9c0c184e37bbc776f625f8,0x04e3621e11a3bd72b963469dbd1154814f34cec49</inline> <curve>nist/B-163</curve> <desc>invalid order = 61</desc> </pubkey> @@ -121,7 +121,7 @@ </pubkey> <pubkey> <id>b163/20</id> - <inline>0x5e1b875eed86b553a826c44d874106ec3e854a314,0x844512b3e490bf39e58edb4127ad42cd7c1f70fd</inline> + <inline>0x5e1b875eed86b553a826c44d874106ec3e854a314,0x0844512b3e490bf39e58edb4127ad42cd7c1f70fd</inline> <curve>nist/B-163</curve> <desc>invalid order = 73</desc> </pubkey> @@ -133,7 +133,7 @@ </pubkey> <pubkey> <id>b163/22</id> - <inline>0xc07a8d77f761144c45e014d83580a9fc2df43929,0x497a39580224e73d35b4360f5f0b4d27d5839034f</inline> + <inline>0x0c07a8d77f761144c45e014d83580a9fc2df43929,0x497a39580224e73d35b4360f5f0b4d27d5839034f</inline> <curve>nist/B-163</curve> <desc>invalid order = 83</desc> </pubkey> @@ -163,7 +163,7 @@ </pubkey> <pubkey> <id>b163/27</id> - <inline>0x66e2c6ae2142e89b997c6f4293255103a85879478,0x2ef17266d907b9bfcedd59f44b9aa86045cc4eac</inline> + <inline>0x66e2c6ae2142e89b997c6f4293255103a85879478,0x02ef17266d907b9bfcedd59f44b9aa86045cc4eac</inline> <curve>nist/B-163</curve> <desc>invalid order = 107</desc> </pubkey> @@ -205,13 +205,13 @@ </pubkey> <pubkey> <id>b163/34</id> - <inline>0x511fcbfc4ea3b784c972c693217990a482651fdbd,0x8f5af041a0cd38c8e5233fd337132d0790a64094</inline> + <inline>0x511fcbfc4ea3b784c972c693217990a482651fdbd,0x08f5af041a0cd38c8e5233fd337132d0790a64094</inline> <curve>nist/B-163</curve> <desc>invalid order = 149</desc> </pubkey> <pubkey> <id>b163/35</id> - <inline>0x4370489b8303a1a185002ae9a55caac7fc4488f8e,0x6f730b7215ddd79a24ab0fac279bc3058b5e445e</inline> + <inline>0x4370489b8303a1a185002ae9a55caac7fc4488f8e,0x06f730b7215ddd79a24ab0fac279bc3058b5e445e</inline> <curve>nist/B-163</curve> <desc>invalid order = 151</desc> </pubkey> @@ -229,7 +229,7 @@ </pubkey> <pubkey> <id>b163/38</id> - <inline>0x224919d34800d87e7ef1cc287b916f67fac637c02,0x81e855181cfbdeb78d4c1e9a8f77625759179d72</inline> + <inline>0x224919d34800d87e7ef1cc287b916f67fac637c02,0x081e855181cfbdeb78d4c1e9a8f77625759179d72</inline> <curve>nist/B-163</curve> <desc>invalid order = 167</desc> </pubkey> @@ -253,19 +253,19 @@ </pubkey> <pubkey> <id>b163/42</id> - <inline>0x12c1da1e25f230ac4f295aa2013e234b25009555,0x2bdde79422714912a9f202c5a9daa21ba7c694716</inline> + <inline>0x012c1da1e25f230ac4f295aa2013e234b25009555,0x2bdde79422714912a9f202c5a9daa21ba7c694716</inline> <curve>nist/B-163</curve> <desc>invalid order = 191</desc> </pubkey> <pubkey> <id>b163/43</id> - <inline>0xb96b5eb1a665be0e736909d2083a447afdaff1a6,0x75e1d2a6fd75471c1edb0f571e20d31632905ad0d</inline> + <inline>0x0b96b5eb1a665be0e736909d2083a447afdaff1a6,0x75e1d2a6fd75471c1edb0f571e20d31632905ad0d</inline> <curve>nist/B-163</curve> <desc>invalid order = 193</desc> </pubkey> <pubkey> <id>b163/44</id> - <inline>0x1603ee9c642fb0b9cbbaa8656e74083808b374f06,0x35c10e5af2937eb8d8a7142a5cfd0f2a1a78772b</inline> + <inline>0x1603ee9c642fb0b9cbbaa8656e74083808b374f06,0x035c10e5af2937eb8d8a7142a5cfd0f2a1a78772b</inline> <curve>nist/B-163</curve> <desc>invalid order = 197</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/nist/b233.xml b/src/cz/crcs/ectester/data/invalid/nist/b233.xml index d990881..f1ebb74 100644 --- a/src/cz/crcs/ectester/data/invalid/nist/b233.xml +++ b/src/cz/crcs/ectester/data/invalid/nist/b233.xml @@ -1,427 +1,427 @@ <?xml version="1.0" encoding="UTF-8" ?> <pubkey> <id>b233/0</id> - <inline>0x0000000000000000000000000000000000000000000000000000000000,0x0000000000000000000000000000000000000000000000000000000000</inline> + <inline>0x000000000000000000000000000000000000000000000000000000000000,0x000000000000000000000000000000000000000000000000000000000000</inline> <curve>nist/B-233</curve> <desc>invalid order = 2</desc> </pubkey> <pubkey> <id>b233/1</id> - <inline>0x13a61f298b7e519c7b910134eede4195fd888c1f62939f23974f107a393,0xf8b6ef4601b1d3e6b1879fe7e81a4fd14c7318f6d0491e636567aa8d68</inline> + <inline>0x013a61f298b7e519c7b910134eede4195fd888c1f62939f23974f107a393,0x00f8b6ef4601b1d3e6b1879fe7e81a4fd14c7318f6d0491e636567aa8d68</inline> <curve>nist/B-233</curve> <desc>invalid order = 3</desc> </pubkey> <pubkey> <id>b233/2</id> - <inline>0x146de15ac541eeb2db0c93ba9ad99f507ba180d83ace52cf4f97417802a,0xfd6268bee78aec3a672d864ab7662e65ee846e0f0a14d311d6cc336d1</inline> + <inline>0x0146de15ac541eeb2db0c93ba9ad99f507ba180d83ace52cf4f97417802a,0x000fd6268bee78aec3a672d864ab7662e65ee846e0f0a14d311d6cc336d1</inline> <curve>nist/B-233</curve> <desc>invalid order = 5</desc> </pubkey> <pubkey> <id>b233/3</id> - <inline>0x17611bebf3eaa0103cacb7dd06d4a5154b0d428bb20b8ca255876dd7992,0x703553aada662bfea2ff73b660d6ab4c16068b5009532dff97f116ddc0</inline> + <inline>0x017611bebf3eaa0103cacb7dd06d4a5154b0d428bb20b8ca255876dd7992,0x00703553aada662bfea2ff73b660d6ab4c16068b5009532dff97f116ddc0</inline> <curve>nist/B-233</curve> <desc>invalid order = 7</desc> </pubkey> <pubkey> <id>b233/4</id> - <inline>0x10260e6dfd076cebc1fab83c9dbc96c1bd2685f92d9f6e291e0f95adf5a,0x166a50761a27b9a8254888127e3b4999cf3d8aa75bbcb254d6494043506</inline> + <inline>0x010260e6dfd076cebc1fab83c9dbc96c1bd2685f92d9f6e291e0f95adf5a,0x0166a50761a27b9a8254888127e3b4999cf3d8aa75bbcb254d6494043506</inline> <curve>nist/B-233</curve> <desc>invalid order = 11</desc> </pubkey> <pubkey> <id>b233/5</id> - <inline>0x25c78cde1a14398e7fe4adf0cf94e99b56d534b25f8b17538ba5f80702,0x1749fd4b9633885b5d5bc11b0d438ac02b5d6a0ca85f7a44d61c56c4538</inline> + <inline>0x0025c78cde1a14398e7fe4adf0cf94e99b56d534b25f8b17538ba5f80702,0x01749fd4b9633885b5d5bc11b0d438ac02b5d6a0ca85f7a44d61c56c4538</inline> <curve>nist/B-233</curve> <desc>invalid order = 13</desc> </pubkey> <pubkey> <id>b233/6</id> - <inline>0x6e5eda59c7ae482e532e5acf653145a7f39091e46a21a2738b3cb73209,0x1220025e82726431a53db8549ba32fa855071aa6e99f8058ac253ac572c</inline> + <inline>0x006e5eda59c7ae482e532e5acf653145a7f39091e46a21a2738b3cb73209,0x01220025e82726431a53db8549ba32fa855071aa6e99f8058ac253ac572c</inline> <curve>nist/B-233</curve> <desc>invalid order = 17</desc> </pubkey> <pubkey> <id>b233/7</id> - <inline>0x5c4c2bddedf2cea25485beb2f6863ab6f2a073598fb35edee66272f902,0xae511ad5ba50dafedd9c930b62c651bdc71d6dbc0801d15f527660b73a</inline> + <inline>0x005c4c2bddedf2cea25485beb2f6863ab6f2a073598fb35edee66272f902,0x00ae511ad5ba50dafedd9c930b62c651bdc71d6dbc0801d15f527660b73a</inline> <curve>nist/B-233</curve> <desc>invalid order = 19</desc> </pubkey> <pubkey> <id>b233/8</id> - <inline>0x1d941f2b318f675ae24ccd0d1483f3896533bce731ece06e5fc3b429a0c,0x6c13573ec2fe1dd96c91181a9d62ea2a195277b187c98e34f7f8d0e347</inline> + <inline>0x01d941f2b318f675ae24ccd0d1483f3896533bce731ece06e5fc3b429a0c,0x006c13573ec2fe1dd96c91181a9d62ea2a195277b187c98e34f7f8d0e347</inline> <curve>nist/B-233</curve> <desc>invalid order = 23</desc> </pubkey> <pubkey> <id>b233/9</id> - <inline>0x141b9261b0a3451e8bfd6f6635d664dc23bbd4b6f6b818a142f6dff909c,0x132a06a292db906618c725baf9316f78bef273cd8858cc79716cbf27fc9</inline> + <inline>0x0141b9261b0a3451e8bfd6f6635d664dc23bbd4b6f6b818a142f6dff909c,0x0132a06a292db906618c725baf9316f78bef273cd8858cc79716cbf27fc9</inline> <curve>nist/B-233</curve> <desc>invalid order = 29</desc> </pubkey> <pubkey> <id>b233/10</id> - <inline>0x11a3626951821f09c3c5bfc035e615dca196fc92eb582efc86ecf328fa3,0xf666c998b9b4a43e59042fb59ec72a553348a94fdac84ad0ea04732d15</inline> + <inline>0x011a3626951821f09c3c5bfc035e615dca196fc92eb582efc86ecf328fa3,0x00f666c998b9b4a43e59042fb59ec72a553348a94fdac84ad0ea04732d15</inline> <curve>nist/B-233</curve> <desc>invalid order = 31</desc> </pubkey> <pubkey> <id>b233/11</id> - <inline>0x17825f6fa1d64bdd1bec4937e8ea305bb1c29195cd8e06fa3f7af7bc98c,0x1098d0c2867f23ba94a06eec1f5332a9d8ffe4ca987a80da4c1a43e02b</inline> + <inline>0x017825f6fa1d64bdd1bec4937e8ea305bb1c29195cd8e06fa3f7af7bc98c,0x001098d0c2867f23ba94a06eec1f5332a9d8ffe4ca987a80da4c1a43e02b</inline> <curve>nist/B-233</curve> <desc>invalid order = 37</desc> </pubkey> <pubkey> <id>b233/12</id> - <inline>0x5de91b32d971a5a8ecfd95c92daf72c5b81f00b1f5bbb9c95a857f2796,0x1e58fab4058d731422250da1e26772c627c6f259772dfa12b534c3e605e</inline> + <inline>0x005de91b32d971a5a8ecfd95c92daf72c5b81f00b1f5bbb9c95a857f2796,0x01e58fab4058d731422250da1e26772c627c6f259772dfa12b534c3e605e</inline> <curve>nist/B-233</curve> <desc>invalid order = 41</desc> </pubkey> <pubkey> <id>b233/13</id> - <inline>0xc8c98dec5a06b5a0ac2a9465d86dcdf5b22d1abb41fa4b8ce6c153ea2f,0xe7ed172d04a95c6314011f92d1fb46ba3790c0c9fa4ae73f25126ab954</inline> + <inline>0x00c8c98dec5a06b5a0ac2a9465d86dcdf5b22d1abb41fa4b8ce6c153ea2f,0x00e7ed172d04a95c6314011f92d1fb46ba3790c0c9fa4ae73f25126ab954</inline> <curve>nist/B-233</curve> <desc>invalid order = 43</desc> </pubkey> <pubkey> <id>b233/14</id> - <inline>0x745aafbf0bc0e1a91b339ccb3436c35819b495bacc65a757d268f74de5,0x8674f6ad5cdf5d3eef078f7aa1df59538c30466ad5086f761ed3f97f60</inline> + <inline>0x00745aafbf0bc0e1a91b339ccb3436c35819b495bacc65a757d268f74de5,0x008674f6ad5cdf5d3eef078f7aa1df59538c30466ad5086f761ed3f97f60</inline> <curve>nist/B-233</curve> <desc>invalid order = 47</desc> </pubkey> <pubkey> <id>b233/15</id> - <inline>0x90faea35c31b1913233c0fec7de027786823375898680fccae9cdf8097,0x4709283502d7d90bfe03354d43d4ec52b1c308aaf023db5d29dea1cb86</inline> + <inline>0x0090faea35c31b1913233c0fec7de027786823375898680fccae9cdf8097,0x004709283502d7d90bfe03354d43d4ec52b1c308aaf023db5d29dea1cb86</inline> <curve>nist/B-233</curve> <desc>invalid order = 53</desc> </pubkey> <pubkey> <id>b233/16</id> - <inline>0x1ffd653fc049c01e68c47016c8586b56241b7b2500b1939891cd2e329ef,0x1d0a374d61711553eb4e04082471a18d0e957622ce7e54666aeff6d230</inline> + <inline>0x01ffd653fc049c01e68c47016c8586b56241b7b2500b1939891cd2e329ef,0x001d0a374d61711553eb4e04082471a18d0e957622ce7e54666aeff6d230</inline> <curve>nist/B-233</curve> <desc>invalid order = 59</desc> </pubkey> <pubkey> <id>b233/17</id> - <inline>0x1b6f619592c7b815056f145bc3277751c36eac301a74c634937fe617228,0xcf22a0871bc26a05454890e82c182149732d72ca217e48de4919cff32</inline> + <inline>0x01b6f619592c7b815056f145bc3277751c36eac301a74c634937fe617228,0x000cf22a0871bc26a05454890e82c182149732d72ca217e48de4919cff32</inline> <curve>nist/B-233</curve> <desc>invalid order = 61</desc> </pubkey> <pubkey> <id>b233/18</id> - <inline>0xe1d27dfc8f81183d082deabeeaccb34d49abe66a6d1eb34b5e948e0767,0xa9034b2d3204fb9c287773348566bbf625b90297e0bb1c0ab50af1403f</inline> + <inline>0x00e1d27dfc8f81183d082deabeeaccb34d49abe66a6d1eb34b5e948e0767,0x00a9034b2d3204fb9c287773348566bbf625b90297e0bb1c0ab50af1403f</inline> <curve>nist/B-233</curve> <desc>invalid order = 67</desc> </pubkey> <pubkey> <id>b233/19</id> - <inline>0xdbddde662796c524b1f4aa2e3fb5d8067db008566d8152159213c82630,0x1b9c02e503c3c351d576f88390fc446995c1f2edde121836a3944f9cdde</inline> + <inline>0x00dbddde662796c524b1f4aa2e3fb5d8067db008566d8152159213c82630,0x01b9c02e503c3c351d576f88390fc446995c1f2edde121836a3944f9cdde</inline> <curve>nist/B-233</curve> <desc>invalid order = 71</desc> </pubkey> <pubkey> <id>b233/20</id> - <inline>0x484dae384338142048d671f3286cfbc3fa41d5822b2058e3576b350684,0x15acb48ca2463f5c0055be83d8fc9f97e00561b8f57e365b85324c80ddb</inline> + <inline>0x00484dae384338142048d671f3286cfbc3fa41d5822b2058e3576b350684,0x015acb48ca2463f5c0055be83d8fc9f97e00561b8f57e365b85324c80ddb</inline> <curve>nist/B-233</curve> <desc>invalid order = 73</desc> </pubkey> <pubkey> <id>b233/21</id> - <inline>0x334677faca155a8998be6120e200f7ae099a18c89a84404a360b3b9da0,0x1d64fb72c5796a1e41a8bea71cf89cca82333305fb16da4fb444904320b</inline> + <inline>0x00334677faca155a8998be6120e200f7ae099a18c89a84404a360b3b9da0,0x01d64fb72c5796a1e41a8bea71cf89cca82333305fb16da4fb444904320b</inline> <curve>nist/B-233</curve> <desc>invalid order = 79</desc> </pubkey> <pubkey> <id>b233/22</id> - <inline>0x8e4ad3ad13c14e9c95b93a8b014a73739a4d3acc8ade3330cfc4b51444,0x14c11fb315848a7c4d9aaa5ef907705d389a42d2219cdac1a769d968940</inline> + <inline>0x008e4ad3ad13c14e9c95b93a8b014a73739a4d3acc8ade3330cfc4b51444,0x014c11fb315848a7c4d9aaa5ef907705d389a42d2219cdac1a769d968940</inline> <curve>nist/B-233</curve> <desc>invalid order = 83</desc> </pubkey> <pubkey> <id>b233/23</id> - <inline>0x1d0962af6e134d7fd5dabfabb81804e0fcd8f5dd3752b74a69e7208478c,0xb18a2cd7d7540b4642ea7e4f1eb072c8c92113b38dd165e44185998874</inline> + <inline>0x01d0962af6e134d7fd5dabfabb81804e0fcd8f5dd3752b74a69e7208478c,0x00b18a2cd7d7540b4642ea7e4f1eb072c8c92113b38dd165e44185998874</inline> <curve>nist/B-233</curve> <desc>invalid order = 89</desc> </pubkey> <pubkey> <id>b233/24</id> - <inline>0x148ec17a9ee2431be36f1c49a5b323517e6a5c1681a974176c6ce114f5e,0x9810f5b0b5cbd9806ee31617abb0f2def4df180b5a477c2144c706a6b</inline> + <inline>0x0148ec17a9ee2431be36f1c49a5b323517e6a5c1681a974176c6ce114f5e,0x0009810f5b0b5cbd9806ee31617abb0f2def4df180b5a477c2144c706a6b</inline> <curve>nist/B-233</curve> <desc>invalid order = 97</desc> </pubkey> <pubkey> <id>b233/25</id> - <inline>0x19c7e3306323fd7040d789e55872b508372f372b25efa12f81cc03e4087,0x102afeb2eddd38b7911b081f0e098d81a422e884b4dc909c6daa0a41709</inline> + <inline>0x019c7e3306323fd7040d789e55872b508372f372b25efa12f81cc03e4087,0x0102afeb2eddd38b7911b081f0e098d81a422e884b4dc909c6daa0a41709</inline> <curve>nist/B-233</curve> <desc>invalid order = 101</desc> </pubkey> <pubkey> <id>b233/26</id> - <inline>0xe4478302364bbcab0bf570139caf4f2698fccb76778a7f6bf8bcda05d2,0xc012e6a2e75e3af727abeb710d6e1c950c6c0d1d2e82277f54ff2a3f04</inline> + <inline>0x00e4478302364bbcab0bf570139caf4f2698fccb76778a7f6bf8bcda05d2,0x00c012e6a2e75e3af727abeb710d6e1c950c6c0d1d2e82277f54ff2a3f04</inline> <curve>nist/B-233</curve> <desc>invalid order = 103</desc> </pubkey> <pubkey> <id>b233/27</id> - <inline>0xe0e00aa5926e85ed48e945ad3dc08fbdd677a422ec24559d079c73c6a6,0x112f2f830eaa3dca34eb8b11585032e6e9f0233345009d1e7505b978bec</inline> + <inline>0x00e0e00aa5926e85ed48e945ad3dc08fbdd677a422ec24559d079c73c6a6,0x0112f2f830eaa3dca34eb8b11585032e6e9f0233345009d1e7505b978bec</inline> <curve>nist/B-233</curve> <desc>invalid order = 107</desc> </pubkey> <pubkey> <id>b233/28</id> - <inline>0x3c0f3774ee63de1846f71fa6e5b13c2e032a40af314150cd2a4fb25328,0xc7c802d23d895aedb7aac6852e7a724432a11a6bca5bc6b40266f961c8</inline> + <inline>0x003c0f3774ee63de1846f71fa6e5b13c2e032a40af314150cd2a4fb25328,0x00c7c802d23d895aedb7aac6852e7a724432a11a6bca5bc6b40266f961c8</inline> <curve>nist/B-233</curve> <desc>invalid order = 109</desc> </pubkey> <pubkey> <id>b233/29</id> - <inline>0xd7c6b7b9d0c06f504329ef1fb5d7b1f7453757779cdc1d2f79a5a833c9,0xa4a97203210d3627e0c9e24061d9bcdcd819deba60e177b4f2cb48e81a</inline> + <inline>0x00d7c6b7b9d0c06f504329ef1fb5d7b1f7453757779cdc1d2f79a5a833c9,0x00a4a97203210d3627e0c9e24061d9bcdcd819deba60e177b4f2cb48e81a</inline> <curve>nist/B-233</curve> <desc>invalid order = 113</desc> </pubkey> <pubkey> <id>b233/30</id> - <inline>0x5e15a61f0d25279caac0e100e03525c7d849ac2ec5fcf3935e566cdd04,0x1c495a2408787296f331a104c3c69b51fa05115b8d2e54f6e587ff427bd</inline> + <inline>0x005e15a61f0d25279caac0e100e03525c7d849ac2ec5fcf3935e566cdd04,0x01c495a2408787296f331a104c3c69b51fa05115b8d2e54f6e587ff427bd</inline> <curve>nist/B-233</curve> <desc>invalid order = 127</desc> </pubkey> <pubkey> <id>b233/31</id> - <inline>0xbb21afe14f9cb7e1adb101f2438306aa885fc815055e91eec9d6e136fa,0xd24cf32294ec6d3565da5eb79838c75892447b54bf7a49b79c9e85a25c</inline> + <inline>0x00bb21afe14f9cb7e1adb101f2438306aa885fc815055e91eec9d6e136fa,0x00d24cf32294ec6d3565da5eb79838c75892447b54bf7a49b79c9e85a25c</inline> <curve>nist/B-233</curve> <desc>invalid order = 131</desc> </pubkey> <pubkey> <id>b233/32</id> - <inline>0x3944e542d63a37a72fdb50b29eb4c8d494adfa03503fb51d1066c47168,0x116a0ae7be3a949fb1a2e2336d1a4a624e44dfbbf74428239ff97ee9443</inline> + <inline>0x003944e542d63a37a72fdb50b29eb4c8d494adfa03503fb51d1066c47168,0x0116a0ae7be3a949fb1a2e2336d1a4a624e44dfbbf74428239ff97ee9443</inline> <curve>nist/B-233</curve> <desc>invalid order = 137</desc> </pubkey> <pubkey> <id>b233/33</id> - <inline>0xfb5c14d4e7452d44ce2d382f98cf029a0c8586f03cfd5bc3c1a390655b,0xd0f39e7fe1c5d585b580688fbcf2d102fba3934638dff9dbc514428e57</inline> + <inline>0x00fb5c14d4e7452d44ce2d382f98cf029a0c8586f03cfd5bc3c1a390655b,0x00d0f39e7fe1c5d585b580688fbcf2d102fba3934638dff9dbc514428e57</inline> <curve>nist/B-233</curve> <desc>invalid order = 139</desc> </pubkey> <pubkey> <id>b233/34</id> - <inline>0xeec38248d3363a60746704b37306d76ba6e8cfdf7a796ccd7cb65672e3,0x6acaa25692e9fdb8f0e2bbc851019837273bf4a8e12e6df0a38ac47ad1</inline> + <inline>0x00eec38248d3363a60746704b37306d76ba6e8cfdf7a796ccd7cb65672e3,0x006acaa25692e9fdb8f0e2bbc851019837273bf4a8e12e6df0a38ac47ad1</inline> <curve>nist/B-233</curve> <desc>invalid order = 149</desc> </pubkey> <pubkey> <id>b233/35</id> - <inline>0xc2562d62b3605a31f7afa3f5fd711c5958eac6101057b043fbf18c6cd6,0x6ddaaadabac82cee6a492b3cb2ecee479599d04342fe9509ae9cac18b3</inline> + <inline>0x00c2562d62b3605a31f7afa3f5fd711c5958eac6101057b043fbf18c6cd6,0x006ddaaadabac82cee6a492b3cb2ecee479599d04342fe9509ae9cac18b3</inline> <curve>nist/B-233</curve> <desc>invalid order = 151</desc> </pubkey> <pubkey> <id>b233/36</id> - <inline>0x16f8ef95d8f22bf720501e73921fed1581430e1ab7b06ddaa5e044cb079,0x89feb037be4b1fc618fd7f957f2350b787d5753e7348922e99a91ba4a8</inline> + <inline>0x016f8ef95d8f22bf720501e73921fed1581430e1ab7b06ddaa5e044cb079,0x0089feb037be4b1fc618fd7f957f2350b787d5753e7348922e99a91ba4a8</inline> <curve>nist/B-233</curve> <desc>invalid order = 157</desc> </pubkey> <pubkey> <id>b233/37</id> - <inline>0x78f41a800d4aa475ef45c589958bb0852114e97b1a2c7d820de703045d,0xd779bb6d8f47bd49ef7212c64b48ec530ab247c6e59de4b29fb90e1c78</inline> + <inline>0x0078f41a800d4aa475ef45c589958bb0852114e97b1a2c7d820de703045d,0x00d779bb6d8f47bd49ef7212c64b48ec530ab247c6e59de4b29fb90e1c78</inline> <curve>nist/B-233</curve> <desc>invalid order = 163</desc> </pubkey> <pubkey> <id>b233/38</id> - <inline>0x151157235224df03b15eda11d543f0bdfca29255cae93befae039d26f1,0x97e5f3e126d011d74d5adde85cef50d732e1f19706414e7e04578e8bd7</inline> + <inline>0x00151157235224df03b15eda11d543f0bdfca29255cae93befae039d26f1,0x0097e5f3e126d011d74d5adde85cef50d732e1f19706414e7e04578e8bd7</inline> <curve>nist/B-233</curve> <desc>invalid order = 167</desc> </pubkey> <pubkey> <id>b233/39</id> - <inline>0xf4a907b89e0cc3a6fa88396d3c9f35ab6d962a57b2de84734fe953bb6a,0x1f013dc6185a80690aebf2585533fb7471ed26e649bd6384dde6d26c1eb</inline> + <inline>0x00f4a907b89e0cc3a6fa88396d3c9f35ab6d962a57b2de84734fe953bb6a,0x01f013dc6185a80690aebf2585533fb7471ed26e649bd6384dde6d26c1eb</inline> <curve>nist/B-233</curve> <desc>invalid order = 173</desc> </pubkey> <pubkey> <id>b233/40</id> - <inline>0xcb402c2b66394b51001110ad3059fa75d9438dc9a604e12dacc1b47715,0x116b718a01fbdab9b56d76beaa55f305de1a533b2809ed6cdb1409c8f31</inline> + <inline>0x00cb402c2b66394b51001110ad3059fa75d9438dc9a604e12dacc1b47715,0x0116b718a01fbdab9b56d76beaa55f305de1a533b2809ed6cdb1409c8f31</inline> <curve>nist/B-233</curve> <desc>invalid order = 179</desc> </pubkey> <pubkey> <id>b233/41</id> - <inline>0x1daca87abe60bebf2a159cf3e35e77e0c9c74c75319dc2f45c2ea616f1d,0x101229c0ccf9847ca6a58836ff24f0a9a901810257f3b53b8862d03d1f9</inline> + <inline>0x01daca87abe60bebf2a159cf3e35e77e0c9c74c75319dc2f45c2ea616f1d,0x0101229c0ccf9847ca6a58836ff24f0a9a901810257f3b53b8862d03d1f9</inline> <curve>nist/B-233</curve> <desc>invalid order = 181</desc> </pubkey> <pubkey> <id>b233/42</id> - <inline>0x178341dd2dd67dd8f2a1ab426ba16309e449185421edcc444d85e73107f,0xa539c68d39afd4b470fa7f2a3bfadd0e8a1bbc4625b76a8e0ce43583fd</inline> + <inline>0x0178341dd2dd67dd8f2a1ab426ba16309e449185421edcc444d85e73107f,0x00a539c68d39afd4b470fa7f2a3bfadd0e8a1bbc4625b76a8e0ce43583fd</inline> <curve>nist/B-233</curve> <desc>invalid order = 191</desc> </pubkey> <pubkey> <id>b233/43</id> - <inline>0x16220f7f3527411203509bf61afd5a8b171949091181ebe0b14fa08f149,0x8a6e1dd11c4da31674143f6fbb841b13b129c4449ee9f0d4f722c74456</inline> + <inline>0x016220f7f3527411203509bf61afd5a8b171949091181ebe0b14fa08f149,0x008a6e1dd11c4da31674143f6fbb841b13b129c4449ee9f0d4f722c74456</inline> <curve>nist/B-233</curve> <desc>invalid order = 193</desc> </pubkey> <pubkey> <id>b233/44</id> - <inline>0x1ff577a6b82f2088e316c733284b14a848f88785e3ddbd879d5144aee27,0x620d782522db8f52a0e218d4d9afc09b5c4e76b523fe7d506094fa8c7e</inline> + <inline>0x01ff577a6b82f2088e316c733284b14a848f88785e3ddbd879d5144aee27,0x00620d782522db8f52a0e218d4d9afc09b5c4e76b523fe7d506094fa8c7e</inline> <curve>nist/B-233</curve> <desc>invalid order = 197</desc> </pubkey> <pubkey> <id>b233/45</id> - <inline>0x7455b60b0d26344fb1f41677712d86feeddb6ad08bfcead240fea9430c,0x895398f3616f864368c2b56a56f8c8b089d7fa79174864aafaad64037c</inline> + <inline>0x007455b60b0d26344fb1f41677712d86feeddb6ad08bfcead240fea9430c,0x00895398f3616f864368c2b56a56f8c8b089d7fa79174864aafaad64037c</inline> <curve>nist/B-233</curve> <desc>invalid order = 199</desc> </pubkey> <pubkey> <id>b233/46</id> - <inline>0xb281040f67d8067163a7800667b35fb85cec6f9ffae8fccfa286ccdd0e,0x79d4eb67f6899e8f98bdbe42c2472f89e2686ce45e96043e180709f284</inline> + <inline>0x00b281040f67d8067163a7800667b35fb85cec6f9ffae8fccfa286ccdd0e,0x0079d4eb67f6899e8f98bdbe42c2472f89e2686ce45e96043e180709f284</inline> <curve>nist/B-233</curve> <desc>invalid order = 211</desc> </pubkey> <pubkey> <id>b233/47</id> - <inline>0x10601dc66b747e868f51af10aebea3447c39936bac553b6ccbdee69b08b,0x1a498e6d86ae6307e727ee4e67ee1991c3bfd79f74d5fa46df69a3fe334</inline> + <inline>0x010601dc66b747e868f51af10aebea3447c39936bac553b6ccbdee69b08b,0x01a498e6d86ae6307e727ee4e67ee1991c3bfd79f74d5fa46df69a3fe334</inline> <curve>nist/B-233</curve> <desc>invalid order = 223</desc> </pubkey> <pubkey> <id>b233/48</id> - <inline>0x1837c6bf9a6a02d6d241edf8cfa90ac5bbe90f581dee113567d68862907,0x1bf79288a7cfacd8bc29732786ab5d1af4f58bb29ad97d61fc15757506</inline> + <inline>0x01837c6bf9a6a02d6d241edf8cfa90ac5bbe90f581dee113567d68862907,0x001bf79288a7cfacd8bc29732786ab5d1af4f58bb29ad97d61fc15757506</inline> <curve>nist/B-233</curve> <desc>invalid order = 227</desc> </pubkey> <pubkey> <id>b233/49</id> - <inline>0x1b311700a99d6b31d9251efc31245620ec60f202af9323aa9cf8e38533d,0x5a8d1c7c839803e029369ce4b9246eae061d4d73d153a34b06a70bb61e</inline> + <inline>0x01b311700a99d6b31d9251efc31245620ec60f202af9323aa9cf8e38533d,0x005a8d1c7c839803e029369ce4b9246eae061d4d73d153a34b06a70bb61e</inline> <curve>nist/B-233</curve> <desc>invalid order = 229</desc> </pubkey> <pubkey> <id>b233/50</id> - <inline>0x1e94f42f0bce9ae4a672ebd1780ff590853d2d96d150fd44a97e7d7c5cd,0xe1d1f7be7b761fe8b1beb36e224cda555d8b54393fc4309e52480c1458</inline> + <inline>0x01e94f42f0bce9ae4a672ebd1780ff590853d2d96d150fd44a97e7d7c5cd,0x00e1d1f7be7b761fe8b1beb36e224cda555d8b54393fc4309e52480c1458</inline> <curve>nist/B-233</curve> <desc>invalid order = 233</desc> </pubkey> <pubkey> <id>b233/51</id> - <inline>0x10307e2db628c6ff18c50a4dc25b9b11fdd47d6027b0ea67dd325c6f23d,0x17f8d26565fe4f9fd18f2f1c476b0caba04ca1ab80b8214ba27b073b3c8</inline> + <inline>0x010307e2db628c6ff18c50a4dc25b9b11fdd47d6027b0ea67dd325c6f23d,0x017f8d26565fe4f9fd18f2f1c476b0caba04ca1ab80b8214ba27b073b3c8</inline> <curve>nist/B-233</curve> <desc>invalid order = 239</desc> </pubkey> <pubkey> <id>b233/52</id> - <inline>0x8d0248af4654952a3a2a466969facc49e69d4867426e665540ee62c907,0x169a05a914ceacab932de16d795c1454fc74a28d9738a0823a74005c135</inline> + <inline>0x008d0248af4654952a3a2a466969facc49e69d4867426e665540ee62c907,0x0169a05a914ceacab932de16d795c1454fc74a28d9738a0823a74005c135</inline> <curve>nist/B-233</curve> <desc>invalid order = 241</desc> </pubkey> <pubkey> <id>b233/53</id> - <inline>0xb56c6105b2dc5943132675aba5b40929074b443af7471cf194b4b5d881,0x45650ab9b4dc065760eae9f4c3f448a41166c1a73e07980b46fd96d3c5</inline> + <inline>0x00b56c6105b2dc5943132675aba5b40929074b443af7471cf194b4b5d881,0x0045650ab9b4dc065760eae9f4c3f448a41166c1a73e07980b46fd96d3c5</inline> <curve>nist/B-233</curve> <desc>invalid order = 251</desc> </pubkey> <pubkey> <id>b233/54</id> - <inline>0xe3f3d96fef27970c3c5ba6ee57ebe31abe446680700cd892e70e1cca95,0xaf6328f558bec54600a0d1a201b3f94b8153c37414b23dbc50c652b3b</inline> + <inline>0x00e3f3d96fef27970c3c5ba6ee57ebe31abe446680700cd892e70e1cca95,0x000af6328f558bec54600a0d1a201b3f94b8153c37414b23dbc50c652b3b</inline> <curve>nist/B-233</curve> <desc>invalid order = 257</desc> </pubkey> <pubkey> <id>b233/55</id> - <inline>0x16ae7f6e8c353f11b0f0249f7ada4a932f718b3a3decd2db7591d3c8f15,0x1f5d81df15c8e9bc2c0927823fa69834e95a7eb24235bdcfee523e36ec2</inline> + <inline>0x016ae7f6e8c353f11b0f0249f7ada4a932f718b3a3decd2db7591d3c8f15,0x01f5d81df15c8e9bc2c0927823fa69834e95a7eb24235bdcfee523e36ec2</inline> <curve>nist/B-233</curve> <desc>invalid order = 263</desc> </pubkey> <pubkey> <id>b233/56</id> - <inline>0x11345c0b7ca4a9e3315bd6a117ea4cb0195937bfca72973423590cc651e,0x73dbbd1c11a49a9a5bd699db6f2009ecb772a3653f9f456b3ed57f328a</inline> + <inline>0x011345c0b7ca4a9e3315bd6a117ea4cb0195937bfca72973423590cc651e,0x0073dbbd1c11a49a9a5bd699db6f2009ecb772a3653f9f456b3ed57f328a</inline> <curve>nist/B-233</curve> <desc>invalid order = 269</desc> </pubkey> <pubkey> <id>b233/57</id> - <inline>0xcb7db7ebe450db630d9d11f3e78aaf1db1404ffc8fd62240869625d294,0x196248488700595a86886592d902a1ff614d7375ca23957a36316cb9998</inline> + <inline>0x00cb7db7ebe450db630d9d11f3e78aaf1db1404ffc8fd62240869625d294,0x0196248488700595a86886592d902a1ff614d7375ca23957a36316cb9998</inline> <curve>nist/B-233</curve> <desc>invalid order = 271</desc> </pubkey> <pubkey> <id>b233/58</id> - <inline>0xb1204b44f6dc452ae8dcbb6bf162b9da57fce5883a9d59d11a38e20598,0x172cc9cacd371b24565e88d5d520fee07e4d154ddc595681cb770bc87fc</inline> + <inline>0x00b1204b44f6dc452ae8dcbb6bf162b9da57fce5883a9d59d11a38e20598,0x0172cc9cacd371b24565e88d5d520fee07e4d154ddc595681cb770bc87fc</inline> <curve>nist/B-233</curve> <desc>invalid order = 277</desc> </pubkey> <pubkey> <id>b233/59</id> - <inline>0x16ac8da498b9874d97e0a3f4e31e025d80727b7f51a39c9bc6d589fcd0f,0x29387493d1ae79f2a1a34684cd03e9dda2c3ac0341a3d62b294dbb9cc</inline> + <inline>0x016ac8da498b9874d97e0a3f4e31e025d80727b7f51a39c9bc6d589fcd0f,0x00029387493d1ae79f2a1a34684cd03e9dda2c3ac0341a3d62b294dbb9cc</inline> <curve>nist/B-233</curve> <desc>invalid order = 281</desc> </pubkey> <pubkey> <id>b233/60</id> - <inline>0x93588d66c3501b0242a694a16fced131970c7d36f305542a320f988fac,0x1b4786ca34ae0a3c075638bc456e9452c56932f5466e3d6eae37965a290</inline> + <inline>0x0093588d66c3501b0242a694a16fced131970c7d36f305542a320f988fac,0x01b4786ca34ae0a3c075638bc456e9452c56932f5466e3d6eae37965a290</inline> <curve>nist/B-233</curve> <desc>invalid order = 283</desc> </pubkey> <pubkey> <id>b233/61</id> - <inline>0x2a52c14a2170c4cfb51fc7ae3178a8aba06af950eb9876df4a36a87c21,0x90b0eb0eadcb2aa525e18f82e61aadc6569f5a723e00bcf13e5a97a0b9</inline> + <inline>0x002a52c14a2170c4cfb51fc7ae3178a8aba06af950eb9876df4a36a87c21,0x0090b0eb0eadcb2aa525e18f82e61aadc6569f5a723e00bcf13e5a97a0b9</inline> <curve>nist/B-233</curve> <desc>invalid order = 293</desc> </pubkey> <pubkey> <id>b233/62</id> - <inline>0x1d7bf63e3f74777a5ab19abe5b79f9a3e12fb39aa0596b14ded008f0fbd,0xbdfbee7583de11891bbd61704636c5a666e347c32f847113ed6b6e727b</inline> + <inline>0x01d7bf63e3f74777a5ab19abe5b79f9a3e12fb39aa0596b14ded008f0fbd,0x00bdfbee7583de11891bbd61704636c5a666e347c32f847113ed6b6e727b</inline> <curve>nist/B-233</curve> <desc>invalid order = 307</desc> </pubkey> <pubkey> <id>b233/63</id> - <inline>0x1df3668c18241829a8a164689bb0daefcf2cbf5b4ac0cc203956e2e0a4d,0x146fc0b29ae85fe07e86195c08f551e93cea75e2a484058d2ea90f5a189</inline> + <inline>0x01df3668c18241829a8a164689bb0daefcf2cbf5b4ac0cc203956e2e0a4d,0x0146fc0b29ae85fe07e86195c08f551e93cea75e2a484058d2ea90f5a189</inline> <curve>nist/B-233</curve> <desc>invalid order = 311</desc> </pubkey> <pubkey> <id>b233/64</id> - <inline>0xebe59683062dd9dcca8ce68d049fd46a75d8bd33390f974e5c3e8e8758,0x19f7805689698d14059b80ba6007cc112d9a693153f35355a5d1e3855a6</inline> + <inline>0x00ebe59683062dd9dcca8ce68d049fd46a75d8bd33390f974e5c3e8e8758,0x019f7805689698d14059b80ba6007cc112d9a693153f35355a5d1e3855a6</inline> <curve>nist/B-233</curve> <desc>invalid order = 313</desc> </pubkey> <pubkey> <id>b233/65</id> - <inline>0x15437ed2698d53bf0e0512d4a3cf4adba1d3bf6b98e299839354430dc47,0x125b9abc1e1180af80363551e5ce87e84c2d154768dba046db98d0d7132</inline> + <inline>0x015437ed2698d53bf0e0512d4a3cf4adba1d3bf6b98e299839354430dc47,0x0125b9abc1e1180af80363551e5ce87e84c2d154768dba046db98d0d7132</inline> <curve>nist/B-233</curve> <desc>invalid order = 317</desc> </pubkey> <pubkey> <id>b233/66</id> - <inline>0x1ff3fe7fc0c131d929b0f209d32488fd839ae43aea783594b406c96dd47,0x13c6190ae1fc24c45a978e5bd95492266521aa33fd1a2b70ffbe2b86ece</inline> + <inline>0x01ff3fe7fc0c131d929b0f209d32488fd839ae43aea783594b406c96dd47,0x013c6190ae1fc24c45a978e5bd95492266521aa33fd1a2b70ffbe2b86ece</inline> <curve>nist/B-233</curve> <desc>invalid order = 331</desc> </pubkey> <pubkey> <id>b233/67</id> - <inline>0x124244e94af744cfd8c51fb9aa310cb0f6c2a9e2f9eecaa838de8e10a17,0x72e4138f50626f9657e6733d188feb6cda6e8192fee3ef55ad5ed34653</inline> + <inline>0x0124244e94af744cfd8c51fb9aa310cb0f6c2a9e2f9eecaa838de8e10a17,0x0072e4138f50626f9657e6733d188feb6cda6e8192fee3ef55ad5ed34653</inline> <curve>nist/B-233</curve> <desc>invalid order = 337</desc> </pubkey> <pubkey> <id>b233/68</id> - <inline>0x1771ed15ca630599b4d9b73e685cee69c1da19d792c60831b827510d648,0x92e00d5c743b169fd6518caa3805d951d0015c9f88b754a5aeffbab242</inline> + <inline>0x01771ed15ca630599b4d9b73e685cee69c1da19d792c60831b827510d648,0x0092e00d5c743b169fd6518caa3805d951d0015c9f88b754a5aeffbab242</inline> <curve>nist/B-233</curve> <desc>invalid order = 347</desc> </pubkey> <pubkey> <id>b233/69</id> - <inline>0x7c16da7bec7fe551a76ed180e2a6fce5e27582b5ea54b0b94bd5224831,0x1e0fe02498b1fb08141abc52d2f2d6b7fc132ab6dc610408f24dcf22867</inline> + <inline>0x007c16da7bec7fe551a76ed180e2a6fce5e27582b5ea54b0b94bd5224831,0x01e0fe02498b1fb08141abc52d2f2d6b7fc132ab6dc610408f24dcf22867</inline> <curve>nist/B-233</curve> <desc>invalid order = 349</desc> </pubkey> <pubkey> <id>b233/70</id> - <inline>0x1f84ce2bd84fb36bdd5d22146408de2360a60619c236af69598e3b0abb8,0x1908b380205678d7b311888704cd36be535d8603b1d41584e58106dd606</inline> + <inline>0x01f84ce2bd84fb36bdd5d22146408de2360a60619c236af69598e3b0abb8,0x01908b380205678d7b311888704cd36be535d8603b1d41584e58106dd606</inline> <curve>nist/B-233</curve> <desc>invalid order = 353</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/nist/b283.xml b/src/cz/crcs/ectester/data/invalid/nist/b283.xml index 8d8a4db..b925891 100644 --- a/src/cz/crcs/ectester/data/invalid/nist/b283.xml +++ b/src/cz/crcs/ectester/data/invalid/nist/b283.xml @@ -1,499 +1,499 @@ <?xml version="1.0" encoding="UTF-8" ?> <pubkey> <id>b283/0</id> - <inline>0x00000000000000000000000000000000000000000000000000000000000000000000000,0x00000000000000000000000000000000000000000000000000000000000000000000000</inline> + <inline>0x000000000000000000000000000000000000000000000000000000000000000000000000,0x000000000000000000000000000000000000000000000000000000000000000000000000</inline> <curve>nist/B-283</curve> <desc>invalid order = 2</desc> </pubkey> <pubkey> <id>b283/1</id> - <inline>0x779193c415a3c0d34c37b9e8b87f053465b922c8d819f43f6b1d91545130d298176ce3d,0x38d3c16e1633d4da8994827f4e8e3ecfd245bdad6c9ac93816a487bb54b734673c0fe13</inline> + <inline>0x0779193c415a3c0d34c37b9e8b87f053465b922c8d819f43f6b1d91545130d298176ce3d,0x038d3c16e1633d4da8994827f4e8e3ecfd245bdad6c9ac93816a487bb54b734673c0fe13</inline> <curve>nist/B-283</curve> <desc>invalid order = 3</desc> </pubkey> <pubkey> <id>b283/2</id> - <inline>0x37d13f4d3ca4dec934b2b3138804b29a77da41c39f34bb29558d12203be7f0e86e37049,0x594926a5a06080ff4bd331affa5b59cfda7552a38a7e9c3132cca8aad852e6ca303f0f2</inline> + <inline>0x037d13f4d3ca4dec934b2b3138804b29a77da41c39f34bb29558d12203be7f0e86e37049,0x0594926a5a06080ff4bd331affa5b59cfda7552a38a7e9c3132cca8aad852e6ca303f0f2</inline> <curve>nist/B-283</curve> <desc>invalid order = 5</desc> </pubkey> <pubkey> <id>b283/3</id> - <inline>0x152aa9ce607c66a2b44b28311762036b2d3ee9ea4ec79c573366ac662aaf19bc61054ec,0x6e74a7e7368dc3da894478c59b9265eee01b6b6e0784da6c1e7e62bb2fbf365e209297c</inline> + <inline>0x0152aa9ce607c66a2b44b28311762036b2d3ee9ea4ec79c573366ac662aaf19bc61054ec,0x06e74a7e7368dc3da894478c59b9265eee01b6b6e0784da6c1e7e62bb2fbf365e209297c</inline> <curve>nist/B-283</curve> <desc>invalid order = 7</desc> </pubkey> <pubkey> <id>b283/4</id> - <inline>0x271fd22eb5e7ac3854bf59d0600e20a87eb3b5310ca402e4e41e4cdaff7ca26755bf192,0x1ff5c1b024d3a730c3fd7cf1a2977d43cd639902799ffb8b960341d1ac4cf70267d9a40</inline> + <inline>0x0271fd22eb5e7ac3854bf59d0600e20a87eb3b5310ca402e4e41e4cdaff7ca26755bf192,0x01ff5c1b024d3a730c3fd7cf1a2977d43cd639902799ffb8b960341d1ac4cf70267d9a40</inline> <curve>nist/B-283</curve> <desc>invalid order = 11</desc> </pubkey> <pubkey> <id>b283/5</id> - <inline>0x2a092d1617d747bfaaeda7821996c3b8cd389a55e8d960ae03727ceadbce11ffd61a4fc,0x463511218a36bd118f153d5bb41f1dd8b884707a2ceb0be80ae9ee69d026d1add4f09f8</inline> + <inline>0x02a092d1617d747bfaaeda7821996c3b8cd389a55e8d960ae03727ceadbce11ffd61a4fc,0x0463511218a36bd118f153d5bb41f1dd8b884707a2ceb0be80ae9ee69d026d1add4f09f8</inline> <curve>nist/B-283</curve> <desc>invalid order = 13</desc> </pubkey> <pubkey> <id>b283/6</id> - <inline>0x16f68482087c2bddda5168afc00dbfa30bcd2efca2caccad5d51b10c1180bbafab93add,0x707f82fdedaff347a44ee7b115d268dce2c8b2b053776b8c53b2d40af853ef33db3cf5f</inline> + <inline>0x016f68482087c2bddda5168afc00dbfa30bcd2efca2caccad5d51b10c1180bbafab93add,0x0707f82fdedaff347a44ee7b115d268dce2c8b2b053776b8c53b2d40af853ef33db3cf5f</inline> <curve>nist/B-283</curve> <desc>invalid order = 17</desc> </pubkey> <pubkey> <id>b283/7</id> - <inline>0x1a3f116c19957e20c3a3ffe04da2564b0b1d19f9983acaed782413475418ede905e4cf0,0x30e1b11b18cb98d6ff9bb221e2c32097ef12bedacbffbf9becb8cc44a61155bd1d937ba</inline> + <inline>0x01a3f116c19957e20c3a3ffe04da2564b0b1d19f9983acaed782413475418ede905e4cf0,0x030e1b11b18cb98d6ff9bb221e2c32097ef12bedacbffbf9becb8cc44a61155bd1d937ba</inline> <curve>nist/B-283</curve> <desc>invalid order = 19</desc> </pubkey> <pubkey> <id>b283/8</id> - <inline>0x6b0473c54063241a828554215fffda26ed98d6f7e84fe09b4d67a94b066ce0641d34a99,0x430a3d4df4f29f55066e66b69dfcfd19a2a4b13ab3f2be0c6c7345263de8850b71ab52f</inline> + <inline>0x06b0473c54063241a828554215fffda26ed98d6f7e84fe09b4d67a94b066ce0641d34a99,0x0430a3d4df4f29f55066e66b69dfcfd19a2a4b13ab3f2be0c6c7345263de8850b71ab52f</inline> <curve>nist/B-283</curve> <desc>invalid order = 23</desc> </pubkey> <pubkey> <id>b283/9</id> - <inline>0x225dddeb810414b5adfc2cc761efd1d4bd2497460fe61016bd4ec1d1cb654e2f9470920,0x7134e4486e830040adb0d485c0b3b5632723641e5225503a1906dfae4b59ea0204477e9</inline> + <inline>0x0225dddeb810414b5adfc2cc761efd1d4bd2497460fe61016bd4ec1d1cb654e2f9470920,0x07134e4486e830040adb0d485c0b3b5632723641e5225503a1906dfae4b59ea0204477e9</inline> <curve>nist/B-283</curve> <desc>invalid order = 29</desc> </pubkey> <pubkey> <id>b283/10</id> - <inline>0x6fa135e4634fee87fcb088f519f05d35a6d712b96d0b82ccb946892022b3d933a70e7cf,0x4d1ca88059c59819aea772f8498a9b433369c2bab128e5e7959d23572b353df0b748723</inline> + <inline>0x06fa135e4634fee87fcb088f519f05d35a6d712b96d0b82ccb946892022b3d933a70e7cf,0x04d1ca88059c59819aea772f8498a9b433369c2bab128e5e7959d23572b353df0b748723</inline> <curve>nist/B-283</curve> <desc>invalid order = 31</desc> </pubkey> <pubkey> <id>b283/11</id> - <inline>0x62ebc8ba30dca383ce283a8d6bfa0b30550bc5eef0933381248924000639a8c9d143e46,0x3c6420eacb629eeabd60bed83a4c3ad8517e1e61991d775742bc5dcbf718ae8199cfeee</inline> + <inline>0x062ebc8ba30dca383ce283a8d6bfa0b30550bc5eef0933381248924000639a8c9d143e46,0x03c6420eacb629eeabd60bed83a4c3ad8517e1e61991d775742bc5dcbf718ae8199cfeee</inline> <curve>nist/B-283</curve> <desc>invalid order = 37</desc> </pubkey> <pubkey> <id>b283/12</id> - <inline>0x2f4543cc81bd449551d0bfc31c4b9f941707cff893c82fbc9bb3e63a7a0c04998d13c3,0x20b3e6f1546b67e8c40484bb89b207ed5acdba600a686a8e407b23339865b0a63dafcef</inline> + <inline>0x002f4543cc81bd449551d0bfc31c4b9f941707cff893c82fbc9bb3e63a7a0c04998d13c3,0x020b3e6f1546b67e8c40484bb89b207ed5acdba600a686a8e407b23339865b0a63dafcef</inline> <curve>nist/B-283</curve> <desc>invalid order = 41</desc> </pubkey> <pubkey> <id>b283/13</id> - <inline>0x423a193fec53465dba0c71c55a6eb5b376ea7deadfd25f73c43440f683c25cd4588d2b4,0x497c847e4e7f2b4690c9e677631e822d455f74a3107d5147ef813d929dad644d5d30911</inline> + <inline>0x0423a193fec53465dba0c71c55a6eb5b376ea7deadfd25f73c43440f683c25cd4588d2b4,0x0497c847e4e7f2b4690c9e677631e822d455f74a3107d5147ef813d929dad644d5d30911</inline> <curve>nist/B-283</curve> <desc>invalid order = 43</desc> </pubkey> <pubkey> <id>b283/14</id> - <inline>0x2e3f839479dbb78170690c7ef04f194f6947ad37842f3f1440fa95244f7fa64d951d22a,0x422135f2bcc3dc18aa21032bd462368ff0f45815b94664d5a9d85396a1391c1f4486cc3</inline> + <inline>0x02e3f839479dbb78170690c7ef04f194f6947ad37842f3f1440fa95244f7fa64d951d22a,0x0422135f2bcc3dc18aa21032bd462368ff0f45815b94664d5a9d85396a1391c1f4486cc3</inline> <curve>nist/B-283</curve> <desc>invalid order = 47</desc> </pubkey> <pubkey> <id>b283/15</id> - <inline>0x25aab829e8acce7f0d6ceaa8d2a55d869342df6d8a429a54f141c5d43026052e3645430,0x75a8554a97a51f638aab7a9cf167d6c6c10af0ab2eb7504b917e02e65d0ded0f2da4782</inline> + <inline>0x025aab829e8acce7f0d6ceaa8d2a55d869342df6d8a429a54f141c5d43026052e3645430,0x075a8554a97a51f638aab7a9cf167d6c6c10af0ab2eb7504b917e02e65d0ded0f2da4782</inline> <curve>nist/B-283</curve> <desc>invalid order = 53</desc> </pubkey> <pubkey> <id>b283/16</id> - <inline>0x486be9b697e87aa12c3fd5de9c8fd68c23ac81095b2e14cd055e45e56e0886a06c7108c,0x5664fb0a4ba93f62d2bb8e381422cfca68c5dfa72c22dfbc13e04a8c0fd548dc3a10cb2</inline> + <inline>0x0486be9b697e87aa12c3fd5de9c8fd68c23ac81095b2e14cd055e45e56e0886a06c7108c,0x05664fb0a4ba93f62d2bb8e381422cfca68c5dfa72c22dfbc13e04a8c0fd548dc3a10cb2</inline> <curve>nist/B-283</curve> <desc>invalid order = 59</desc> </pubkey> <pubkey> <id>b283/17</id> - <inline>0x68b93138c130c4d8148f93f06c77fc0074d2c7772eeb37dd9a3eb4ef5c38979d787c6c,0x3ac061e69880affea110270e521a3247322815557ea8959b692cc23c5dc8e7ed9f08312</inline> + <inline>0x0068b93138c130c4d8148f93f06c77fc0074d2c7772eeb37dd9a3eb4ef5c38979d787c6c,0x03ac061e69880affea110270e521a3247322815557ea8959b692cc23c5dc8e7ed9f08312</inline> <curve>nist/B-283</curve> <desc>invalid order = 61</desc> </pubkey> <pubkey> <id>b283/18</id> - <inline>0x5c9e3366f3d5494eb4670fe76fbede508f7ebc2a6a3c8bad5087909feab4358ae73c1ae,0x974848bf262a1ee1be59f7e5a81a979f0ef63333d29ed1d21ba94614ddf907f6bb78a5</inline> + <inline>0x05c9e3366f3d5494eb4670fe76fbede508f7ebc2a6a3c8bad5087909feab4358ae73c1ae,0x00974848bf262a1ee1be59f7e5a81a979f0ef63333d29ed1d21ba94614ddf907f6bb78a5</inline> <curve>nist/B-283</curve> <desc>invalid order = 67</desc> </pubkey> <pubkey> <id>b283/19</id> - <inline>0x2aec67bda90b6e51947da6082abc44a0563e12c7deda93bd5d3d2e5f0cd71ca9af67c84,0x710595c75d5e04d629169082538e1014b5e0a554b8b0c765402f8e4d5377876a8a8802a</inline> + <inline>0x02aec67bda90b6e51947da6082abc44a0563e12c7deda93bd5d3d2e5f0cd71ca9af67c84,0x0710595c75d5e04d629169082538e1014b5e0a554b8b0c765402f8e4d5377876a8a8802a</inline> <curve>nist/B-283</curve> <desc>invalid order = 71</desc> </pubkey> <pubkey> <id>b283/20</id> - <inline>0x78f9b0a80fae8b66c521eae9d68f625e8d922844d5b5d953fd00e66090a858835679974,0x3a0a9600ac3c78bd170000757239563d526e05c60c35fee556cf04e7cb59b5b27d1a2f8</inline> + <inline>0x078f9b0a80fae8b66c521eae9d68f625e8d922844d5b5d953fd00e66090a858835679974,0x03a0a9600ac3c78bd170000757239563d526e05c60c35fee556cf04e7cb59b5b27d1a2f8</inline> <curve>nist/B-283</curve> <desc>invalid order = 73</desc> </pubkey> <pubkey> <id>b283/21</id> - <inline>0xbf69153274ed1a81ce9626d78e755cc68f4aa1ed7c6d96b331d2fe79f7bf25c5717299,0x8e0ed0842b1df5dc8cdcb62ac0e5f60b9a58a64a60f183672b7f98d4756052ea10abe7</inline> + <inline>0x00bf69153274ed1a81ce9626d78e755cc68f4aa1ed7c6d96b331d2fe79f7bf25c5717299,0x008e0ed0842b1df5dc8cdcb62ac0e5f60b9a58a64a60f183672b7f98d4756052ea10abe7</inline> <curve>nist/B-283</curve> <desc>invalid order = 79</desc> </pubkey> <pubkey> <id>b283/22</id> - <inline>0x7f38778f2e63af0463a2fd5e19fda1866e9c74d74b9e6957b4df5aeb3c6a74b187cf79,0x6a059ef1357ab447139d99237b878a85c7b0e62a9bb6c1b35327471fd530ab50c80a61a</inline> + <inline>0x007f38778f2e63af0463a2fd5e19fda1866e9c74d74b9e6957b4df5aeb3c6a74b187cf79,0x06a059ef1357ab447139d99237b878a85c7b0e62a9bb6c1b35327471fd530ab50c80a61a</inline> <curve>nist/B-283</curve> <desc>invalid order = 83</desc> </pubkey> <pubkey> <id>b283/23</id> - <inline>0x203f947e69b4d797300e26f25f0414d6d4eb2092b129b1f1e647567af071ad0384aa148,0x538142081632653d38abb90c112389aa7b1cb31426e9742c66f7b2cd36b8b286730c990</inline> + <inline>0x0203f947e69b4d797300e26f25f0414d6d4eb2092b129b1f1e647567af071ad0384aa148,0x0538142081632653d38abb90c112389aa7b1cb31426e9742c66f7b2cd36b8b286730c990</inline> <curve>nist/B-283</curve> <desc>invalid order = 89</desc> </pubkey> <pubkey> <id>b283/24</id> - <inline>0x3e9b8abb2f3e7da72e5d72d49111a200d253a891cbf890f1b83da78f709b04c56ad6234,0x4b601d4e9fe8d0d96ad339bbad542adb4fded566ae2d350da7a15d3ec1d994d75a60038</inline> + <inline>0x03e9b8abb2f3e7da72e5d72d49111a200d253a891cbf890f1b83da78f709b04c56ad6234,0x04b601d4e9fe8d0d96ad339bbad542adb4fded566ae2d350da7a15d3ec1d994d75a60038</inline> <curve>nist/B-283</curve> <desc>invalid order = 97</desc> </pubkey> <pubkey> <id>b283/25</id> - <inline>0x7f7159eef2ed67a54e10dc165c87a258cc97d27d690366ddb622494be1df2d962f978c7,0x4437102e16c942d832c4169b9742d73f94e431bfae9b48661f8b87c52155273db646a40</inline> + <inline>0x07f7159eef2ed67a54e10dc165c87a258cc97d27d690366ddb622494be1df2d962f978c7,0x04437102e16c942d832c4169b9742d73f94e431bfae9b48661f8b87c52155273db646a40</inline> <curve>nist/B-283</curve> <desc>invalid order = 101</desc> </pubkey> <pubkey> <id>b283/26</id> - <inline>0x25247593b3fcab041ec1b817f94773b62c2ccbea9354321749671945f60e57e98788b47,0x33b34aee6adad081c225c1f052d0f0c0cdb3f0e187be87ce3fa0668c131aeb0c3fea875</inline> + <inline>0x025247593b3fcab041ec1b817f94773b62c2ccbea9354321749671945f60e57e98788b47,0x033b34aee6adad081c225c1f052d0f0c0cdb3f0e187be87ce3fa0668c131aeb0c3fea875</inline> <curve>nist/B-283</curve> <desc>invalid order = 103</desc> </pubkey> <pubkey> <id>b283/27</id> - <inline>0x26e774058489e479d0be98f24f26d9e709ffc9dab9f843e02ea357294d5f03414196077,0x69218178fc907fcd4cd22a9b2cf48f26d8b0e35e9dd577d81ce7232ec48e83d8740d38</inline> + <inline>0x026e774058489e479d0be98f24f26d9e709ffc9dab9f843e02ea357294d5f03414196077,0x0069218178fc907fcd4cd22a9b2cf48f26d8b0e35e9dd577d81ce7232ec48e83d8740d38</inline> <curve>nist/B-283</curve> <desc>invalid order = 107</desc> </pubkey> <pubkey> <id>b283/28</id> - <inline>0x617a10f29294a07d0ddac53676cf3ca62fbb6fdc3dffeaa8ea569b761ffad6be2d770d,0x5057cff525ca5c135a2c4ee5148e4e3dd1d4db1c3d887f1fbbed518f0b280a23858a56f</inline> + <inline>0x00617a10f29294a07d0ddac53676cf3ca62fbb6fdc3dffeaa8ea569b761ffad6be2d770d,0x05057cff525ca5c135a2c4ee5148e4e3dd1d4db1c3d887f1fbbed518f0b280a23858a56f</inline> <curve>nist/B-283</curve> <desc>invalid order = 109</desc> </pubkey> <pubkey> <id>b283/29</id> - <inline>0x32550e2755a589ef6564ca00f50a33549edadaf4ded6d3c243dd5cab76248e0bede9ac7,0x467f5a007aba4fb5548719ccb82c245d95d510c0971d8ed5f31ee6e86af6aa9d63578c</inline> + <inline>0x032550e2755a589ef6564ca00f50a33549edadaf4ded6d3c243dd5cab76248e0bede9ac7,0x00467f5a007aba4fb5548719ccb82c245d95d510c0971d8ed5f31ee6e86af6aa9d63578c</inline> <curve>nist/B-283</curve> <desc>invalid order = 113</desc> </pubkey> <pubkey> <id>b283/30</id> - <inline>0x406de77255926a17b15d8119555ac1ae8ddf2d84ab96eb51be8330b0d173ea362ac70d2,0x13ecd50b43a8b062c9e61d2c2c6f4058ffd892e58eb69b3ae5574f2d12d918ce6c5c15e</inline> + <inline>0x0406de77255926a17b15d8119555ac1ae8ddf2d84ab96eb51be8330b0d173ea362ac70d2,0x013ecd50b43a8b062c9e61d2c2c6f4058ffd892e58eb69b3ae5574f2d12d918ce6c5c15e</inline> <curve>nist/B-283</curve> <desc>invalid order = 127</desc> </pubkey> <pubkey> <id>b283/31</id> - <inline>0x3b1cde83e5cf5d9a88d42aaab8e2083447a1065d2747fc5b8bacc93f46001a06328e5fa,0x7bbaa152649a7342f2cf5b0d7e30079238b4f6b090183dadd4caea336c580966e127410</inline> + <inline>0x03b1cde83e5cf5d9a88d42aaab8e2083447a1065d2747fc5b8bacc93f46001a06328e5fa,0x07bbaa152649a7342f2cf5b0d7e30079238b4f6b090183dadd4caea336c580966e127410</inline> <curve>nist/B-283</curve> <desc>invalid order = 131</desc> </pubkey> <pubkey> <id>b283/32</id> - <inline>0x7a6fb99f100cbea439b9c75223463557ca148fe25aaa1c93c1af3743a69bf1a8c550026,0x71ffe60341b0a6b8b39b55c1e9c7a127ad171a4840f7e7982abf200218db8187998ee0e</inline> + <inline>0x07a6fb99f100cbea439b9c75223463557ca148fe25aaa1c93c1af3743a69bf1a8c550026,0x071ffe60341b0a6b8b39b55c1e9c7a127ad171a4840f7e7982abf200218db8187998ee0e</inline> <curve>nist/B-283</curve> <desc>invalid order = 137</desc> </pubkey> <pubkey> <id>b283/33</id> - <inline>0x333240d76b343bf26568ced4a423848da65b59a1466dfa9f4ca49e1ca88bd93b68616fb,0xbc723cc82c0a4dee174fd5790fa082c6364fb1b4e9a038ad358828d134875bdf7fb1c1</inline> + <inline>0x0333240d76b343bf26568ced4a423848da65b59a1466dfa9f4ca49e1ca88bd93b68616fb,0x00bc723cc82c0a4dee174fd5790fa082c6364fb1b4e9a038ad358828d134875bdf7fb1c1</inline> <curve>nist/B-283</curve> <desc>invalid order = 139</desc> </pubkey> <pubkey> <id>b283/34</id> - <inline>0x6985984f915452fc08eaf0223388502fd5146c6e0aaa0a2ce075c1ee69ed709c3714707,0x70d3e1ebef193964ed905daf78a355bc3bbf4e730fd74c523cdf30a05220abaf3208d22</inline> + <inline>0x06985984f915452fc08eaf0223388502fd5146c6e0aaa0a2ce075c1ee69ed709c3714707,0x070d3e1ebef193964ed905daf78a355bc3bbf4e730fd74c523cdf30a05220abaf3208d22</inline> <curve>nist/B-283</curve> <desc>invalid order = 149</desc> </pubkey> <pubkey> <id>b283/35</id> - <inline>0x21fae0cb04cfb777c5528b7aaa0b0d2f8c2490341fa1ba1757fedbd1a83eb7c98ef068a,0xa95f7f13ae547973e81003594ab84d14b7cf0c91770df568ae1a24ecde723377bdfb51</inline> + <inline>0x021fae0cb04cfb777c5528b7aaa0b0d2f8c2490341fa1ba1757fedbd1a83eb7c98ef068a,0x00a95f7f13ae547973e81003594ab84d14b7cf0c91770df568ae1a24ecde723377bdfb51</inline> <curve>nist/B-283</curve> <desc>invalid order = 151</desc> </pubkey> <pubkey> <id>b283/36</id> - <inline>0x69c7c94d9e11fae6d94a3f419248ba0e1d62bfc0f24f4d526df9cd7d0707489d8cece43,0x6a0e890e9caceb72ba88162641035a2ba2a0be2c41081d2d85418263ae2ee75f49b984c</inline> + <inline>0x069c7c94d9e11fae6d94a3f419248ba0e1d62bfc0f24f4d526df9cd7d0707489d8cece43,0x06a0e890e9caceb72ba88162641035a2ba2a0be2c41081d2d85418263ae2ee75f49b984c</inline> <curve>nist/B-283</curve> <desc>invalid order = 157</desc> </pubkey> <pubkey> <id>b283/37</id> - <inline>0x683f02b9cd5727c7119311b37afbd056cec28ce4011f4a6bdcec8222f1ca2404e1d19d4,0x1ce3fb1464cb24bdb950b847d87d0d67f2587964edc8352630d361e9b588e62be995cf1</inline> + <inline>0x0683f02b9cd5727c7119311b37afbd056cec28ce4011f4a6bdcec8222f1ca2404e1d19d4,0x01ce3fb1464cb24bdb950b847d87d0d67f2587964edc8352630d361e9b588e62be995cf1</inline> <curve>nist/B-283</curve> <desc>invalid order = 163</desc> </pubkey> <pubkey> <id>b283/38</id> - <inline>0x20e43e328f95a17ea4be65ed6568a4d4275d023954b67cd7fb6fcc1d8f817db98d49cf7,0xdd28ed97a4d06a55e054b488151a1862dee0427be38c97f720df01652b14a383c1d03d</inline> + <inline>0x020e43e328f95a17ea4be65ed6568a4d4275d023954b67cd7fb6fcc1d8f817db98d49cf7,0x00dd28ed97a4d06a55e054b488151a1862dee0427be38c97f720df01652b14a383c1d03d</inline> <curve>nist/B-283</curve> <desc>invalid order = 167</desc> </pubkey> <pubkey> <id>b283/39</id> - <inline>0x7f06a42952df102d35f0ea3f6438be3e64c24a9c3ab6f9f8f64cda8d0dcb7edab4241d9,0x62ceaae5d01b1342e6e700108d88d9ea8f94a88122fa34e13ff38bc1fecaa555d1d861d</inline> + <inline>0x07f06a42952df102d35f0ea3f6438be3e64c24a9c3ab6f9f8f64cda8d0dcb7edab4241d9,0x062ceaae5d01b1342e6e700108d88d9ea8f94a88122fa34e13ff38bc1fecaa555d1d861d</inline> <curve>nist/B-283</curve> <desc>invalid order = 173</desc> </pubkey> <pubkey> <id>b283/40</id> - <inline>0x61e9811646891d8249b80f50376095e68a7a234453fa396b2d9fabce36349bf5d02f2e0,0x1d00381750db14dd2210634e4a8a21fe168441322aa45e8a4f88db4c71e578f107dd49b</inline> + <inline>0x061e9811646891d8249b80f50376095e68a7a234453fa396b2d9fabce36349bf5d02f2e0,0x01d00381750db14dd2210634e4a8a21fe168441322aa45e8a4f88db4c71e578f107dd49b</inline> <curve>nist/B-283</curve> <desc>invalid order = 179</desc> </pubkey> <pubkey> <id>b283/41</id> - <inline>0x765cd95edc6254f3217dbb3368a286ac7fcfe32040348e2b23a0f2339d40a67a73a6ae8,0x6c8947571d2f572755b36e3e6379f241cf307a939b04a434a2074e9a6f67a1b57544d0b</inline> + <inline>0x0765cd95edc6254f3217dbb3368a286ac7fcfe32040348e2b23a0f2339d40a67a73a6ae8,0x06c8947571d2f572755b36e3e6379f241cf307a939b04a434a2074e9a6f67a1b57544d0b</inline> <curve>nist/B-283</curve> <desc>invalid order = 181</desc> </pubkey> <pubkey> <id>b283/42</id> - <inline>0x1a7db868ec7d5a564fe4fc5c34e83ff39abefec3f6ef0739dbb77a90c437dff0638dbac,0x5bae2e8a1d5d880fe44c65da05c3efb924bb9c26dc6182a94aa883d75cc1c7d5483545c</inline> + <inline>0x01a7db868ec7d5a564fe4fc5c34e83ff39abefec3f6ef0739dbb77a90c437dff0638dbac,0x05bae2e8a1d5d880fe44c65da05c3efb924bb9c26dc6182a94aa883d75cc1c7d5483545c</inline> <curve>nist/B-283</curve> <desc>invalid order = 191</desc> </pubkey> <pubkey> <id>b283/43</id> - <inline>0x902323c53020ded0701b41849b05b19bce3d06f56aad207620169fef5ebb798e417801,0x4a424b06641ec05bc86db1befa0142d3ffaab09ffd7196b25e745028179e92cdd39add6</inline> + <inline>0x00902323c53020ded0701b41849b05b19bce3d06f56aad207620169fef5ebb798e417801,0x04a424b06641ec05bc86db1befa0142d3ffaab09ffd7196b25e745028179e92cdd39add6</inline> <curve>nist/B-283</curve> <desc>invalid order = 193</desc> </pubkey> <pubkey> <id>b283/44</id> - <inline>0x33c0bafeec6c8c380c9134b1e9e1f3183aea3c4590cf3f90b11dc271965ba3eb83ed16d,0x2a934ec1562788d57d23e41eb7b6daf099c1717a8c566959f33805caf61d91c129ecd02</inline> + <inline>0x033c0bafeec6c8c380c9134b1e9e1f3183aea3c4590cf3f90b11dc271965ba3eb83ed16d,0x02a934ec1562788d57d23e41eb7b6daf099c1717a8c566959f33805caf61d91c129ecd02</inline> <curve>nist/B-283</curve> <desc>invalid order = 197</desc> </pubkey> <pubkey> <id>b283/45</id> - <inline>0x221ac15a50a04cc3fee82be8fe906684bf2da74644a2e5f4332a7abfa0c2381eaec77d,0x60b3eadd4ed1669aa9282c9209629e39cc98a4ebfbfed874903c3fa467cadb7dc04d9e5</inline> + <inline>0x00221ac15a50a04cc3fee82be8fe906684bf2da74644a2e5f4332a7abfa0c2381eaec77d,0x060b3eadd4ed1669aa9282c9209629e39cc98a4ebfbfed874903c3fa467cadb7dc04d9e5</inline> <curve>nist/B-283</curve> <desc>invalid order = 199</desc> </pubkey> <pubkey> <id>b283/46</id> - <inline>0xfd9b7191c9b55161e08b95897b2914e62736a5e77a99a5522f594d6c257babd89512f4,0x791a3660eb760a6cbd5c5c9fd7b6e17384b108ce3faec15425675c4c1853a9f5259bb58</inline> + <inline>0x00fd9b7191c9b55161e08b95897b2914e62736a5e77a99a5522f594d6c257babd89512f4,0x0791a3660eb760a6cbd5c5c9fd7b6e17384b108ce3faec15425675c4c1853a9f5259bb58</inline> <curve>nist/B-283</curve> <desc>invalid order = 211</desc> </pubkey> <pubkey> <id>b283/47</id> - <inline>0x341d823854fdf93c7acefdcd76fc2cc4fe81654c72d39efe9da6d42e9665d3ab383bb26,0x7cbd2dcaf11a0e9287a572e19129b2255c2a57902b0310330eab56ed6f03d2ed5fefe3b</inline> + <inline>0x0341d823854fdf93c7acefdcd76fc2cc4fe81654c72d39efe9da6d42e9665d3ab383bb26,0x07cbd2dcaf11a0e9287a572e19129b2255c2a57902b0310330eab56ed6f03d2ed5fefe3b</inline> <curve>nist/B-283</curve> <desc>invalid order = 223</desc> </pubkey> <pubkey> <id>b283/48</id> - <inline>0x463a6f5f6eb8acd9e1ba6b2d22511ed47a62e607ffca881de05c9980ac80b1e727a8b8c,0x278af82017c37596bc1b1f1382c4d9ce345038f77b904e35584c9a650f5cf668ce357ff</inline> + <inline>0x0463a6f5f6eb8acd9e1ba6b2d22511ed47a62e607ffca881de05c9980ac80b1e727a8b8c,0x0278af82017c37596bc1b1f1382c4d9ce345038f77b904e35584c9a650f5cf668ce357ff</inline> <curve>nist/B-283</curve> <desc>invalid order = 227</desc> </pubkey> <pubkey> <id>b283/49</id> - <inline>0x6ecd46254dbe5368afa88b0152a6f35bd57e3e068215b888f86c96431e80ab99e09dde6,0x5f2de25d8691859e076faea519796069738f9ec06413e8261f41494095ef4f33e9fbda0</inline> + <inline>0x06ecd46254dbe5368afa88b0152a6f35bd57e3e068215b888f86c96431e80ab99e09dde6,0x05f2de25d8691859e076faea519796069738f9ec06413e8261f41494095ef4f33e9fbda0</inline> <curve>nist/B-283</curve> <desc>invalid order = 229</desc> </pubkey> <pubkey> <id>b283/50</id> - <inline>0x6b20b5dcad5d8de60b61be1459272b29be536f90f3ae964ef060459128951e5a74a5aef,0xa9ae88145df307a1bac2edf6ae46c409480b5dd57cb92f73bc70cd709e6f73cebcb721</inline> + <inline>0x06b20b5dcad5d8de60b61be1459272b29be536f90f3ae964ef060459128951e5a74a5aef,0x00a9ae88145df307a1bac2edf6ae46c409480b5dd57cb92f73bc70cd709e6f73cebcb721</inline> <curve>nist/B-283</curve> <desc>invalid order = 233</desc> </pubkey> <pubkey> <id>b283/51</id> - <inline>0x73f7871894db376e42ebea88fe0b8aaa93dd831bc6c22030f4b7c82ad9a244c13422ef3,0x76bd7597ead6f781a79ce8f8819db6f6adda0a4750d330d0b77f5fa5f8c68a66824d550</inline> + <inline>0x073f7871894db376e42ebea88fe0b8aaa93dd831bc6c22030f4b7c82ad9a244c13422ef3,0x076bd7597ead6f781a79ce8f8819db6f6adda0a4750d330d0b77f5fa5f8c68a66824d550</inline> <curve>nist/B-283</curve> <desc>invalid order = 239</desc> </pubkey> <pubkey> <id>b283/52</id> - <inline>0x62e46e74c2e53af85dae1c5558fd8c8fb3f79d037fcdf6692c988f6f58df46440ee1313,0x1d228a4e12fb85460cea9a2ea8b2c4cd2d3194906157191d3021dda40d80999f55b14f6</inline> + <inline>0x062e46e74c2e53af85dae1c5558fd8c8fb3f79d037fcdf6692c988f6f58df46440ee1313,0x01d228a4e12fb85460cea9a2ea8b2c4cd2d3194906157191d3021dda40d80999f55b14f6</inline> <curve>nist/B-283</curve> <desc>invalid order = 241</desc> </pubkey> <pubkey> <id>b283/53</id> - <inline>0x793df16b39ee47a9bacb66560a918e58b8140730dbc9f33960cbc41af093ecbc9760d10,0x3198d52a72198fc96f977007b84b6c8565963332aa27489cee99b5b318cd4878c9216d7</inline> + <inline>0x0793df16b39ee47a9bacb66560a918e58b8140730dbc9f33960cbc41af093ecbc9760d10,0x03198d52a72198fc96f977007b84b6c8565963332aa27489cee99b5b318cd4878c9216d7</inline> <curve>nist/B-283</curve> <desc>invalid order = 251</desc> </pubkey> <pubkey> <id>b283/54</id> - <inline>0x4369b393651060e372ecb20b63357dd941eee5136bab6895c7792219fd969efb67fa626,0x63f7c186872a590637229e45dd6d75f540879b0b7d4730807f5211a365023707966cb87</inline> + <inline>0x04369b393651060e372ecb20b63357dd941eee5136bab6895c7792219fd969efb67fa626,0x063f7c186872a590637229e45dd6d75f540879b0b7d4730807f5211a365023707966cb87</inline> <curve>nist/B-283</curve> <desc>invalid order = 257</desc> </pubkey> <pubkey> <id>b283/55</id> - <inline>0x6153cb0fea7bf7c023a2de70d5265ce2d2b6ec7037eba43fb98fbeb51481a4cf063e81b,0x7c7d016290f63c044aa63cc1c115fa952c79cafa07b5d9beb87fe0d4ac90f05aae1b763</inline> + <inline>0x06153cb0fea7bf7c023a2de70d5265ce2d2b6ec7037eba43fb98fbeb51481a4cf063e81b,0x07c7d016290f63c044aa63cc1c115fa952c79cafa07b5d9beb87fe0d4ac90f05aae1b763</inline> <curve>nist/B-283</curve> <desc>invalid order = 263</desc> </pubkey> <pubkey> <id>b283/56</id> - <inline>0x42d0270b15356ace95f11ee5b81e0573ba05b64a4448c41d83295552798af8bc7961a9b,0x13e4d3877100e7447fddcadf1468cc883bb4122b3ddbadd42472ab725914db55a736705</inline> + <inline>0x042d0270b15356ace95f11ee5b81e0573ba05b64a4448c41d83295552798af8bc7961a9b,0x013e4d3877100e7447fddcadf1468cc883bb4122b3ddbadd42472ab725914db55a736705</inline> <curve>nist/B-283</curve> <desc>invalid order = 269</desc> </pubkey> <pubkey> <id>b283/57</id> - <inline>0x265280e6d39e382ca199d6a1ef7d5bb978a0c27f84ce9e7fca3901c8f2db29ad167443b,0x1481094878cd62a731252e59172ef200a60f4d1b054631e422f892cc61a6677c4e9808f</inline> + <inline>0x0265280e6d39e382ca199d6a1ef7d5bb978a0c27f84ce9e7fca3901c8f2db29ad167443b,0x01481094878cd62a731252e59172ef200a60f4d1b054631e422f892cc61a6677c4e9808f</inline> <curve>nist/B-283</curve> <desc>invalid order = 271</desc> </pubkey> <pubkey> <id>b283/58</id> - <inline>0x20dfdc3f3f67aa0015d0565183c117868d9694a188d5a24038cc65e2d84fd7270603c8c,0x6eb4749c4102c98b511e52dd7a3931ebc6cb463ad03932a330878542912e95d88814112</inline> + <inline>0x020dfdc3f3f67aa0015d0565183c117868d9694a188d5a24038cc65e2d84fd7270603c8c,0x06eb4749c4102c98b511e52dd7a3931ebc6cb463ad03932a330878542912e95d88814112</inline> <curve>nist/B-283</curve> <desc>invalid order = 277</desc> </pubkey> <pubkey> <id>b283/59</id> - <inline>0x659a4e55b4ac1d62d14c0c53300dddcef75a40bff76a4d741e05827ec4547ad58e4de98,0x7dd8933042a46fcfc2e5c45de83f0ed6bcd1c52e39ee4427d3d8719a121be1426a68e48</inline> + <inline>0x0659a4e55b4ac1d62d14c0c53300dddcef75a40bff76a4d741e05827ec4547ad58e4de98,0x07dd8933042a46fcfc2e5c45de83f0ed6bcd1c52e39ee4427d3d8719a121be1426a68e48</inline> <curve>nist/B-283</curve> <desc>invalid order = 281</desc> </pubkey> <pubkey> <id>b283/60</id> - <inline>0x45aa971cc5ed1b1a56bc195b5ccb4f886916e4ea6c1dfac99fe2139051acf3fd16d06de,0x5de6dac1a923a6b061e5b32f6b57a5c4c9fe73caf13cfe499c12194eee7f2dcdb9c9df3</inline> + <inline>0x045aa971cc5ed1b1a56bc195b5ccb4f886916e4ea6c1dfac99fe2139051acf3fd16d06de,0x05de6dac1a923a6b061e5b32f6b57a5c4c9fe73caf13cfe499c12194eee7f2dcdb9c9df3</inline> <curve>nist/B-283</curve> <desc>invalid order = 283</desc> </pubkey> <pubkey> <id>b283/61</id> - <inline>0x130088a907114aaa34aa39059cb461506a872d0a0d25b1e6a8bd325dcdc287c8da2e9c5,0x1e343820d57b4838f1129a56b90bf4bcbf651ee0ffd16fce241577c8a6ea6e35ed282bb</inline> + <inline>0x0130088a907114aaa34aa39059cb461506a872d0a0d25b1e6a8bd325dcdc287c8da2e9c5,0x01e343820d57b4838f1129a56b90bf4bcbf651ee0ffd16fce241577c8a6ea6e35ed282bb</inline> <curve>nist/B-283</curve> <desc>invalid order = 293</desc> </pubkey> <pubkey> <id>b283/62</id> - <inline>0x7ca612e322d6870162a673ebdd6f67974368db7e66e45132d22cbbf00987e88aa29761d,0x34846538ad144ea55e8e4c63833ac130ca99fdf50443c145d96ff2a33ffa76543b9a0fb</inline> + <inline>0x07ca612e322d6870162a673ebdd6f67974368db7e66e45132d22cbbf00987e88aa29761d,0x034846538ad144ea55e8e4c63833ac130ca99fdf50443c145d96ff2a33ffa76543b9a0fb</inline> <curve>nist/B-283</curve> <desc>invalid order = 307</desc> </pubkey> <pubkey> <id>b283/63</id> - <inline>0x40701cd44834cb567bcb41a9403ea03f6afa71f2683deccfb7c9e619b39ff8495d0dd4d,0x34795b48595f0ec339967624ec3706392cc88aaa59919ee9309993dbf501c457362f8ca</inline> + <inline>0x040701cd44834cb567bcb41a9403ea03f6afa71f2683deccfb7c9e619b39ff8495d0dd4d,0x034795b48595f0ec339967624ec3706392cc88aaa59919ee9309993dbf501c457362f8ca</inline> <curve>nist/B-283</curve> <desc>invalid order = 311</desc> </pubkey> <pubkey> <id>b283/64</id> - <inline>0x712fff63ba8e1d59c26b838d98f4328e981400eafac50c5a60ada6bc44802b0ff1a4858,0x60fe5667ab12ae49dc1596f62fedc825df052e085605ed49b60a7c7565b24ad296f1e60</inline> + <inline>0x0712fff63ba8e1d59c26b838d98f4328e981400eafac50c5a60ada6bc44802b0ff1a4858,0x060fe5667ab12ae49dc1596f62fedc825df052e085605ed49b60a7c7565b24ad296f1e60</inline> <curve>nist/B-283</curve> <desc>invalid order = 313</desc> </pubkey> <pubkey> <id>b283/65</id> - <inline>0x2e836679a914cf63f8ff95f326555c67d465dee1912c0e341e837c7fce107c8f7f192d9,0x73260ed1c19dedeaa4ead2a83d1a61fe159fcd73e6b4a26fa87967028db7b6cf9b4aac7</inline> + <inline>0x02e836679a914cf63f8ff95f326555c67d465dee1912c0e341e837c7fce107c8f7f192d9,0x073260ed1c19dedeaa4ead2a83d1a61fe159fcd73e6b4a26fa87967028db7b6cf9b4aac7</inline> <curve>nist/B-283</curve> <desc>invalid order = 317</desc> </pubkey> <pubkey> <id>b283/66</id> - <inline>0x343e85fd37cc47fbdfa92808fb1efbaffb685d76c5a164214991a776fae225bc2af5662,0x7d3e9f8578ffcc4ecfb0e0122ac5c1e98223b32ab7b10f92628281dcdc1a5b6a7a1cff</inline> + <inline>0x0343e85fd37cc47fbdfa92808fb1efbaffb685d76c5a164214991a776fae225bc2af5662,0x007d3e9f8578ffcc4ecfb0e0122ac5c1e98223b32ab7b10f92628281dcdc1a5b6a7a1cff</inline> <curve>nist/B-283</curve> <desc>invalid order = 331</desc> </pubkey> <pubkey> <id>b283/67</id> - <inline>0x4b0c72fba220a9c62d01e0cb5c6416068b25161dff24cc94d7978ba6549254ab471bca6,0x4ba2b148f6d248b0d4698fcaf0f86367f44db9dae1398c4e5bc9b935c1ff1d4bcaf7b62</inline> + <inline>0x04b0c72fba220a9c62d01e0cb5c6416068b25161dff24cc94d7978ba6549254ab471bca6,0x04ba2b148f6d248b0d4698fcaf0f86367f44db9dae1398c4e5bc9b935c1ff1d4bcaf7b62</inline> <curve>nist/B-283</curve> <desc>invalid order = 337</desc> </pubkey> <pubkey> <id>b283/68</id> - <inline>0x5691ea4ace4e6a6c07b446b06299bddd2e54a80cabd2d88e4e970e718640d516edeecb1,0x2d43cfce6aff06c52568985a8e9e56c6467d92a2d1d1304de66e16bec1a94f99b31a616</inline> + <inline>0x05691ea4ace4e6a6c07b446b06299bddd2e54a80cabd2d88e4e970e718640d516edeecb1,0x02d43cfce6aff06c52568985a8e9e56c6467d92a2d1d1304de66e16bec1a94f99b31a616</inline> <curve>nist/B-283</curve> <desc>invalid order = 347</desc> </pubkey> <pubkey> <id>b283/69</id> - <inline>0x2a0ad1766fdec21d914dd4abe6a5086fa34fdecfb53b3e231950360f9a040436e86b7ee,0x6a2e2671dc3aaeddb261591ffb0d84928c987f2a809e28d98ab8dc89a8d22b12fac7a6d</inline> + <inline>0x02a0ad1766fdec21d914dd4abe6a5086fa34fdecfb53b3e231950360f9a040436e86b7ee,0x06a2e2671dc3aaeddb261591ffb0d84928c987f2a809e28d98ab8dc89a8d22b12fac7a6d</inline> <curve>nist/B-283</curve> <desc>invalid order = 349</desc> </pubkey> <pubkey> <id>b283/70</id> - <inline>0x7aaaf8f52a6924f37c5424d27a7cc0969003bbad4af560e9e17a42b1008c86b6ad1621c,0x2a62a220df144c4da621b008838a6861675d98ec39484c69c9d95f2315944ed697fe4c7</inline> + <inline>0x07aaaf8f52a6924f37c5424d27a7cc0969003bbad4af560e9e17a42b1008c86b6ad1621c,0x02a62a220df144c4da621b008838a6861675d98ec39484c69c9d95f2315944ed697fe4c7</inline> <curve>nist/B-283</curve> <desc>invalid order = 353</desc> </pubkey> <pubkey> <id>b283/71</id> - <inline>0x75fb07766947a3204f605e058fd88130561c4fd95ca136d38c7fe7964329e9756c7f632,0x3ea7651dd694e345c34d0c4aca1401e9e96bbd9760158dd76b691ba8cb619dc7840fb74</inline> + <inline>0x075fb07766947a3204f605e058fd88130561c4fd95ca136d38c7fe7964329e9756c7f632,0x03ea7651dd694e345c34d0c4aca1401e9e96bbd9760158dd76b691ba8cb619dc7840fb74</inline> <curve>nist/B-283</curve> <desc>invalid order = 359</desc> </pubkey> <pubkey> <id>b283/72</id> - <inline>0x7be5fb1c73f07056d19bbb8d201b4c92d6488e1054c35ae2ef9df5f9bdd5d7ce02299eb,0x31e7a9295c4f19324d0d455454ff69c33a6890b3dcfa18e0dc776572bed8aed4004cf33</inline> + <inline>0x07be5fb1c73f07056d19bbb8d201b4c92d6488e1054c35ae2ef9df5f9bdd5d7ce02299eb,0x031e7a9295c4f19324d0d455454ff69c33a6890b3dcfa18e0dc776572bed8aed4004cf33</inline> <curve>nist/B-283</curve> <desc>invalid order = 367</desc> </pubkey> <pubkey> <id>b283/73</id> - <inline>0x4d7f5b8c2eef6a3ca195e92276b79c9090609d9448d964be2ba9ebc1793dba3b2c7b09,0x16830ca772d9c96a6a01efb6624e9864275f0792e5b2d0b60ae2d0deeff2ba0d837d896</inline> + <inline>0x004d7f5b8c2eef6a3ca195e92276b79c9090609d9448d964be2ba9ebc1793dba3b2c7b09,0x016830ca772d9c96a6a01efb6624e9864275f0792e5b2d0b60ae2d0deeff2ba0d837d896</inline> <curve>nist/B-283</curve> <desc>invalid order = 373</desc> </pubkey> <pubkey> <id>b283/74</id> - <inline>0x7edcbe1f3d610cdd018597d78389122733b22f0a41dac394db45c0c46b835b1d71ab12e,0x5951ff19691e93ff27446a1dea9f2aa6347c290b7f50ba0777edde63c445001fad60ec7</inline> + <inline>0x07edcbe1f3d610cdd018597d78389122733b22f0a41dac394db45c0c46b835b1d71ab12e,0x05951ff19691e93ff27446a1dea9f2aa6347c290b7f50ba0777edde63c445001fad60ec7</inline> <curve>nist/B-283</curve> <desc>invalid order = 379</desc> </pubkey> <pubkey> <id>b283/75</id> - <inline>0x65c729d7f61139fbe759be3cee769ab95d08a136a9fd545f20a7d972a239112e15cf3f3,0x70e74af3ec0380c129bf4742710f47b966a78a033f9ce5b14e88a45002d818329c7fd83</inline> + <inline>0x065c729d7f61139fbe759be3cee769ab95d08a136a9fd545f20a7d972a239112e15cf3f3,0x070e74af3ec0380c129bf4742710f47b966a78a033f9ce5b14e88a45002d818329c7fd83</inline> <curve>nist/B-283</curve> <desc>invalid order = 383</desc> </pubkey> <pubkey> <id>b283/76</id> - <inline>0x513d61373d78ca6cdda79f6298e08702fcdb619ce1493f1ed76f4cf22118816c4257aae,0x7276a32ad4054de563e21ef86ec0520785a2dd5816480db9291b6c4ed728e601487a019</inline> + <inline>0x0513d61373d78ca6cdda79f6298e08702fcdb619ce1493f1ed76f4cf22118816c4257aae,0x07276a32ad4054de563e21ef86ec0520785a2dd5816480db9291b6c4ed728e601487a019</inline> <curve>nist/B-283</curve> <desc>invalid order = 389</desc> </pubkey> <pubkey> <id>b283/77</id> - <inline>0x7ea64416b7e5c4f206a8d48634dd3ca860bb446b461d9b5946a5c71346c45767658dfa1,0x1564ae32bc6baeaab67cfc87204aa1daa183dcf2f47fb6d74f733d87900e1343edd858c</inline> + <inline>0x07ea64416b7e5c4f206a8d48634dd3ca860bb446b461d9b5946a5c71346c45767658dfa1,0x01564ae32bc6baeaab67cfc87204aa1daa183dcf2f47fb6d74f733d87900e1343edd858c</inline> <curve>nist/B-283</curve> <desc>invalid order = 397</desc> </pubkey> <pubkey> <id>b283/78</id> - <inline>0x4a4e83e1f9c9000a6a1f2cae5eea2bc365919d7e5dd54c3408aa96c66c0574aa552844a,0x5470ff52f0046b54061ccb0271939499743cae5edfc9cb1c8ac01ac9dc1f8728e56021</inline> + <inline>0x04a4e83e1f9c9000a6a1f2cae5eea2bc365919d7e5dd54c3408aa96c66c0574aa552844a,0x005470ff52f0046b54061ccb0271939499743cae5edfc9cb1c8ac01ac9dc1f8728e56021</inline> <curve>nist/B-283</curve> <desc>invalid order = 401</desc> </pubkey> <pubkey> <id>b283/79</id> - <inline>0x401910133e4dee00a43c663d692345a84c2ebdd288db2e83ea712a17d6c3e4cf2fd1840,0xcb4dce0552ac93f9d14e062bb00503e44325a0323d2449c54ea0f63786b9db139d3696</inline> + <inline>0x0401910133e4dee00a43c663d692345a84c2ebdd288db2e83ea712a17d6c3e4cf2fd1840,0x00cb4dce0552ac93f9d14e062bb00503e44325a0323d2449c54ea0f63786b9db139d3696</inline> <curve>nist/B-283</curve> <desc>invalid order = 409</desc> </pubkey> <pubkey> <id>b283/80</id> - <inline>0x4162b540ca358555104c31200c876ce4f0fc347316d5b037265e6593dd4e1f0631c56a5,0x413245d7bbe2d358f71116159320c452fb596feb70e7ec9bdd9a691476f3a5c034c7bfd</inline> + <inline>0x04162b540ca358555104c31200c876ce4f0fc347316d5b037265e6593dd4e1f0631c56a5,0x0413245d7bbe2d358f71116159320c452fb596feb70e7ec9bdd9a691476f3a5c034c7bfd</inline> <curve>nist/B-283</curve> <desc>invalid order = 419</desc> </pubkey> <pubkey> <id>b283/81</id> - <inline>0x218149b619e455e54056dd0a822ff01671d65091d630c06b5c492c86c4d6db7bd3babc9,0x607515ded6d4b424e8e0ad3e35873f7f7673be71639681bb1a5c2abc962e6ce74ac6d66</inline> + <inline>0x0218149b619e455e54056dd0a822ff01671d65091d630c06b5c492c86c4d6db7bd3babc9,0x0607515ded6d4b424e8e0ad3e35873f7f7673be71639681bb1a5c2abc962e6ce74ac6d66</inline> <curve>nist/B-283</curve> <desc>invalid order = 421</desc> </pubkey> <pubkey> <id>b283/82</id> - <inline>0x24a130051a5b598e0e231f798400df676c5a2f6ccd84573ae5c47441c5ed65bf9991d53,0x5c7024abeae8ad4d5899b7dd025c135127d45211780ac5512033fb62e26a1cbd445d93a</inline> + <inline>0x024a130051a5b598e0e231f798400df676c5a2f6ccd84573ae5c47441c5ed65bf9991d53,0x05c7024abeae8ad4d5899b7dd025c135127d45211780ac5512033fb62e26a1cbd445d93a</inline> <curve>nist/B-283</curve> <desc>invalid order = 431</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/nist/k163.xml b/src/cz/crcs/ectester/data/invalid/nist/k163.xml index ae4efc6..baa9ef5 100644 --- a/src/cz/crcs/ectester/data/invalid/nist/k163.xml +++ b/src/cz/crcs/ectester/data/invalid/nist/k163.xml @@ -1,325 +1,325 @@ <?xml version="1.0" encoding="UTF-8" ?> <pubkey> <id>k163/0</id> - <inline>0x00000000000000000000000000000000000000000,0x00000000000000000000000000000000000000000</inline> + <inline>0x000000000000000000000000000000000000000000,0x000000000000000000000000000000000000000000</inline> <curve>nist/K-163</curve> <desc>invalid order = 2</desc> </pubkey> <pubkey> <id>k163/1</id> - <inline>0x7ae172096ef461faf74b167ce85c69172bf83be8e,0x39a323b9cf58f1d93b34c22a410e483ad88ad2fd8</inline> + <inline>0x07ae172096ef461faf74b167ce85c69172bf83be8e,0x039a323b9cf58f1d93b34c22a410e483ad88ad2fd8</inline> <curve>nist/K-163</curve> <desc>invalid order = 3</desc> </pubkey> <pubkey> <id>k163/2</id> - <inline>0x57fed3954476d4154a0724e4a0cf168d121c397aa,0x4da7d3a1f7897b395698b282dcff999d5abb15124</inline> + <inline>0x057fed3954476d4154a0724e4a0cf168d121c397aa,0x04da7d3a1f7897b395698b282dcff999d5abb15124</inline> <curve>nist/K-163</curve> <desc>invalid order = 5</desc> </pubkey> <pubkey> <id>k163/3</id> - <inline>0x28c42859c3070ecd2cfe3ccece08fb8eb50ca9079,0x50f823bc96b23c7982835305c6e792c4953b5cc50</inline> + <inline>0x028c42859c3070ecd2cfe3ccece08fb8eb50ca9079,0x050f823bc96b23c7982835305c6e792c4953b5cc50</inline> <curve>nist/K-163</curve> <desc>invalid order = 7</desc> </pubkey> <pubkey> <id>k163/4</id> - <inline>0x3d71ee6bdd35c854d0349940ae8a6e790a24a5e61,0x15d70a4b1e2fd11b0604996e4353ed5fd4f313b75</inline> + <inline>0x03d71ee6bdd35c854d0349940ae8a6e790a24a5e61,0x015d70a4b1e2fd11b0604996e4353ed5fd4f313b75</inline> <curve>nist/K-163</curve> <desc>invalid order = 11</desc> </pubkey> <pubkey> <id>k163/5</id> - <inline>0x4e1538f88276d915580b6dedffe34fcb10af63326,0x33317fdc52c146be042a5c0e826d9d9186843f13c</inline> + <inline>0x04e1538f88276d915580b6dedffe34fcb10af63326,0x033317fdc52c146be042a5c0e826d9d9186843f13c</inline> <curve>nist/K-163</curve> <desc>invalid order = 13</desc> </pubkey> <pubkey> <id>k163/6</id> - <inline>0x7e3c2b73496db537b43f9566501a3c509887f53cc,0x12fcb35ad9e8ec93ae78460a0546ae80c8f2645</inline> + <inline>0x07e3c2b73496db537b43f9566501a3c509887f53cc,0x00012fcb35ad9e8ec93ae78460a0546ae80c8f2645</inline> <curve>nist/K-163</curve> <desc>invalid order = 17</desc> </pubkey> <pubkey> <id>k163/7</id> - <inline>0x419b8a01fb28523088100647c336ff2089bd6071d,0x132db3289e526e6bbabb95d964361350ca42c2fbb</inline> + <inline>0x0419b8a01fb28523088100647c336ff2089bd6071d,0x0132db3289e526e6bbabb95d964361350ca42c2fbb</inline> <curve>nist/K-163</curve> <desc>invalid order = 19</desc> </pubkey> <pubkey> <id>k163/8</id> - <inline>0x721f4ada90b02dc6e95216f85bbdb4d5a2bf08254,0x117328a80b45c43f1ece7639fea23a31ac1b86983</inline> + <inline>0x0721f4ada90b02dc6e95216f85bbdb4d5a2bf08254,0x0117328a80b45c43f1ece7639fea23a31ac1b86983</inline> <curve>nist/K-163</curve> <desc>invalid order = 23</desc> </pubkey> <pubkey> <id>k163/9</id> - <inline>0x204ab1429c0f090f8048e0ea807e2d116209665b1,0x7f7ace820fdff791d2133af214b3495535690fb56</inline> + <inline>0x0204ab1429c0f090f8048e0ea807e2d116209665b1,0x07f7ace820fdff791d2133af214b3495535690fb56</inline> <curve>nist/K-163</curve> <desc>invalid order = 29</desc> </pubkey> <pubkey> <id>k163/10</id> - <inline>0x2ff03f381ef24a00e9df514b4e8b4c2baf270bc10,0x51aabfbd97f726d713fd784938bd94c441d565e23</inline> + <inline>0x02ff03f381ef24a00e9df514b4e8b4c2baf270bc10,0x051aabfbd97f726d713fd784938bd94c441d565e23</inline> <curve>nist/K-163</curve> <desc>invalid order = 31</desc> </pubkey> <pubkey> <id>k163/11</id> - <inline>0x21c9f0e6d473c4a10262f2d16f9afb4905d404aeb,0x3f70861bb4e071409fdd7ea601607bdf01f8e009f</inline> + <inline>0x021c9f0e6d473c4a10262f2d16f9afb4905d404aeb,0x03f70861bb4e071409fdd7ea601607bdf01f8e009f</inline> <curve>nist/K-163</curve> <desc>invalid order = 37</desc> </pubkey> <pubkey> <id>k163/12</id> - <inline>0x758cc28f062bc91b264e46ebc389b885ce0773121,0x7cbe9f3e52e52e76c6a617837cc693f3fd75881d9</inline> + <inline>0x0758cc28f062bc91b264e46ebc389b885ce0773121,0x07cbe9f3e52e52e76c6a617837cc693f3fd75881d9</inline> <curve>nist/K-163</curve> <desc>invalid order = 41</desc> </pubkey> <pubkey> <id>k163/13</id> - <inline>0x1658f9407cea1ce114e4f816187df57d2302a5da4,0x1152a87ee8baaa48fb11aca8451c9aee45ad7edf9</inline> + <inline>0x01658f9407cea1ce114e4f816187df57d2302a5da4,0x01152a87ee8baaa48fb11aca8451c9aee45ad7edf9</inline> <curve>nist/K-163</curve> <desc>invalid order = 43</desc> </pubkey> <pubkey> <id>k163/14</id> - <inline>0x1f162cf4d0a5eb71bd304ace21ee744bd3e262ebe,0x4860340d67e525e92e04bfba5e6114aa468b535b</inline> + <inline>0x01f162cf4d0a5eb71bd304ace21ee744bd3e262ebe,0x004860340d67e525e92e04bfba5e6114aa468b535b</inline> <curve>nist/K-163</curve> <desc>invalid order = 47</desc> </pubkey> <pubkey> <id>k163/15</id> - <inline>0x2f773c3d82717ee684c49587869b400b45c843642,0x3af4adc783d2a013dcff16fe41b2ad88170fe08f8</inline> + <inline>0x02f773c3d82717ee684c49587869b400b45c843642,0x03af4adc783d2a013dcff16fe41b2ad88170fe08f8</inline> <curve>nist/K-163</curve> <desc>invalid order = 53</desc> </pubkey> <pubkey> <id>k163/16</id> - <inline>0x4df600f39bb49c246ed7c6477d304b9d022dac62b,0x7536b27cae5cab302775ffe13b6eb2e0923aacbb0</inline> + <inline>0x04df600f39bb49c246ed7c6477d304b9d022dac62b,0x07536b27cae5cab302775ffe13b6eb2e0923aacbb0</inline> <curve>nist/K-163</curve> <desc>invalid order = 59</desc> </pubkey> <pubkey> <id>k163/17</id> - <inline>0x4e49dd1e0da3242e92316c8477441a8fa01c2bad4,0x350ebae2177979faa6907e348a6802773610eb0bd</inline> + <inline>0x04e49dd1e0da3242e92316c8477441a8fa01c2bad4,0x0350ebae2177979faa6907e348a6802773610eb0bd</inline> <curve>nist/K-163</curve> <desc>invalid order = 61</desc> </pubkey> <pubkey> <id>k163/18</id> - <inline>0x33f28f48ffb6dc2e4d8d752ee4de6faf8f8626b36,0x1496d4abd17ef95c7750d4ec86a2d158c3b602ac9</inline> + <inline>0x033f28f48ffb6dc2e4d8d752ee4de6faf8f8626b36,0x01496d4abd17ef95c7750d4ec86a2d158c3b602ac9</inline> <curve>nist/K-163</curve> <desc>invalid order = 67</desc> </pubkey> <pubkey> <id>k163/19</id> - <inline>0x3a43712a11475ee1f4631a699ae34aa86d105a940,0x1267c79cb580b3198e29c9199c6b957932d213abf</inline> + <inline>0x03a43712a11475ee1f4631a699ae34aa86d105a940,0x01267c79cb580b3198e29c9199c6b957932d213abf</inline> <curve>nist/K-163</curve> <desc>invalid order = 71</desc> </pubkey> <pubkey> <id>k163/20</id> - <inline>0x2ca647249e2a13572df59a22d1878a4671a9c9be,0x5632dbab230be29975ac059b6bb6f5ee00e1714fc</inline> + <inline>0x002ca647249e2a13572df59a22d1878a4671a9c9be,0x05632dbab230be29975ac059b6bb6f5ee00e1714fc</inline> <curve>nist/K-163</curve> <desc>invalid order = 73</desc> </pubkey> <pubkey> <id>k163/21</id> - <inline>0x5dbfa1b44d6984cb9c51e9ef59ff2158f8941e6b1,0xa825db948cdc7d3d93f3ab51df2b3f372d747b3c</inline> + <inline>0x05dbfa1b44d6984cb9c51e9ef59ff2158f8941e6b1,0x00a825db948cdc7d3d93f3ab51df2b3f372d747b3c</inline> <curve>nist/K-163</curve> <desc>invalid order = 79</desc> </pubkey> <pubkey> <id>k163/22</id> - <inline>0x4307cc2c9b20822fa1967b7596805621f2695d156,0x145d76be145905f4d78fc6c14871fd0b868998158</inline> + <inline>0x04307cc2c9b20822fa1967b7596805621f2695d156,0x0145d76be145905f4d78fc6c14871fd0b868998158</inline> <curve>nist/K-163</curve> <desc>invalid order = 83</desc> </pubkey> <pubkey> <id>k163/23</id> - <inline>0x462b532a7cc4b6e6191e784732713d0448ea28dc6,0x72e7978852e17c0330494b4bea23681ec4954ded9</inline> + <inline>0x0462b532a7cc4b6e6191e784732713d0448ea28dc6,0x072e7978852e17c0330494b4bea23681ec4954ded9</inline> <curve>nist/K-163</curve> <desc>invalid order = 89</desc> </pubkey> <pubkey> <id>k163/24</id> - <inline>0x764f3fe54ace84998d9e188721f56f40551bb0fdc,0x227391ba4d03259c62b22254804d222a2a9a701ae</inline> + <inline>0x0764f3fe54ace84998d9e188721f56f40551bb0fdc,0x0227391ba4d03259c62b22254804d222a2a9a701ae</inline> <curve>nist/K-163</curve> <desc>invalid order = 97</desc> </pubkey> <pubkey> <id>k163/25</id> - <inline>0x7dd6bfb18e715d37753ab109ea87adc0697ce2b05,0xe3aa74a10b1a38e746932c82b39106326f9f9247</inline> + <inline>0x07dd6bfb18e715d37753ab109ea87adc0697ce2b05,0x00e3aa74a10b1a38e746932c82b39106326f9f9247</inline> <curve>nist/K-163</curve> <desc>invalid order = 101</desc> </pubkey> <pubkey> <id>k163/26</id> - <inline>0xe796873bde33109ba48dc3c6bbde46679b8acd,0x1319683af2bd39fa71d68a0919a6c92df11b1e0c5</inline> + <inline>0x0000e796873bde33109ba48dc3c6bbde46679b8acd,0x01319683af2bd39fa71d68a0919a6c92df11b1e0c5</inline> <curve>nist/K-163</curve> <desc>invalid order = 103</desc> </pubkey> <pubkey> <id>k163/27</id> - <inline>0x1a1d6e8c6437b08366e04b750081703e32d422432,0x189c8bdec90db00b915563e5374864bb16f38c220</inline> + <inline>0x01a1d6e8c6437b08366e04b750081703e32d422432,0x0189c8bdec90db00b915563e5374864bb16f38c220</inline> <curve>nist/K-163</curve> <desc>invalid order = 107</desc> </pubkey> <pubkey> <id>k163/28</id> - <inline>0x240855798f8585441919cc0f099bfc1fbd0f94099,0x4e4c74631e6fe3b6a83a8677ac376acc614119b9e</inline> + <inline>0x0240855798f8585441919cc0f099bfc1fbd0f94099,0x04e4c74631e6fe3b6a83a8677ac376acc614119b9e</inline> <curve>nist/K-163</curve> <desc>invalid order = 109</desc> </pubkey> <pubkey> <id>k163/29</id> - <inline>0x963875e3dc6560148c6e7f644ff25297051046cf,0x6cf0a43da9a62ddbb8529028f8a7cc06f30cd4e8a</inline> + <inline>0x00963875e3dc6560148c6e7f644ff25297051046cf,0x06cf0a43da9a62ddbb8529028f8a7cc06f30cd4e8a</inline> <curve>nist/K-163</curve> <desc>invalid order = 113</desc> </pubkey> <pubkey> <id>k163/30</id> - <inline>0x13e441383291dd95921d5ef8b35299a0d2bc04872,0xb2f6e5726f0c29a71233be44f6276d2b94ad5648</inline> + <inline>0x013e441383291dd95921d5ef8b35299a0d2bc04872,0x00b2f6e5726f0c29a71233be44f6276d2b94ad5648</inline> <curve>nist/K-163</curve> <desc>invalid order = 127</desc> </pubkey> <pubkey> <id>k163/31</id> - <inline>0x657d829869083e194b74ec178aa9f240599f8e52d,0x3cfc11433d0c4bbe1dfbd8d91869e20efa5e047df</inline> + <inline>0x0657d829869083e194b74ec178aa9f240599f8e52d,0x03cfc11433d0c4bbe1dfbd8d91869e20efa5e047df</inline> <curve>nist/K-163</curve> <desc>invalid order = 131</desc> </pubkey> <pubkey> <id>k163/32</id> - <inline>0x1c01ebc988af5c70dd0c75e0a2b348173d8ce7f5,0x5869a17e48d87d17ff700d6f628372a7c22260ecf</inline> + <inline>0x001c01ebc988af5c70dd0c75e0a2b348173d8ce7f5,0x05869a17e48d87d17ff700d6f628372a7c22260ecf</inline> <curve>nist/K-163</curve> <desc>invalid order = 137</desc> </pubkey> <pubkey> <id>k163/33</id> - <inline>0x2f2b0b3036e807c90a266d1ba2318204feb59b7be,0x42c7c6df82a53bea60ad60654bc9500217b5593ac</inline> + <inline>0x02f2b0b3036e807c90a266d1ba2318204feb59b7be,0x042c7c6df82a53bea60ad60654bc9500217b5593ac</inline> <curve>nist/K-163</curve> <desc>invalid order = 139</desc> </pubkey> <pubkey> <id>k163/34</id> - <inline>0x781c91afdc3c0751c425f331eb3a6afb7e376044f,0x71196a4a86dbbc75ccf372d20158b8cad91ce0716</inline> + <inline>0x0781c91afdc3c0751c425f331eb3a6afb7e376044f,0x071196a4a86dbbc75ccf372d20158b8cad91ce0716</inline> <curve>nist/K-163</curve> <desc>invalid order = 149</desc> </pubkey> <pubkey> <id>k163/35</id> - <inline>0x7caf54cc2bb338c18ae8eb96c4b695a4d453ab94d,0x41e38c4c35b264f5fc0d874167c8c8583c10255f7</inline> + <inline>0x07caf54cc2bb338c18ae8eb96c4b695a4d453ab94d,0x041e38c4c35b264f5fc0d874167c8c8583c10255f7</inline> <curve>nist/K-163</curve> <desc>invalid order = 151</desc> </pubkey> <pubkey> <id>k163/36</id> - <inline>0x58ee7e528716b5cdf6205ffe06175b87ef6a9846b,0x683dd173b7e650510c563ecd884dff7b99ea6f8c1</inline> + <inline>0x058ee7e528716b5cdf6205ffe06175b87ef6a9846b,0x0683dd173b7e650510c563ecd884dff7b99ea6f8c1</inline> <curve>nist/K-163</curve> <desc>invalid order = 157</desc> </pubkey> <pubkey> <id>k163/37</id> - <inline>0x5a2d624c51ab39b73c5399106c444e08bd39e366e,0xf4ab5b06e367ab09538ab32fd175bd296882e3bf</inline> + <inline>0x05a2d624c51ab39b73c5399106c444e08bd39e366e,0x00f4ab5b06e367ab09538ab32fd175bd296882e3bf</inline> <curve>nist/K-163</curve> <desc>invalid order = 163</desc> </pubkey> <pubkey> <id>k163/38</id> - <inline>0x3f336d7c29952d370aecae7b90a8b1e951dfe8f3a,0x21a9c25c158c57e4ecea978f6b44881daf404ae48</inline> + <inline>0x03f336d7c29952d370aecae7b90a8b1e951dfe8f3a,0x021a9c25c158c57e4ecea978f6b44881daf404ae48</inline> <curve>nist/K-163</curve> <desc>invalid order = 167</desc> </pubkey> <pubkey> <id>k163/39</id> - <inline>0x2d3305a2d3469216ebdc2c2ff779afc04a012abe3,0x47f464df98cec545a82b7d358ae875ab5e37347a3</inline> + <inline>0x02d3305a2d3469216ebdc2c2ff779afc04a012abe3,0x047f464df98cec545a82b7d358ae875ab5e37347a3</inline> <curve>nist/K-163</curve> <desc>invalid order = 173</desc> </pubkey> <pubkey> <id>k163/40</id> - <inline>0x30c2c794f889e72ecee25d5ac5c1abf0939fa87f9,0x5f2d6c263224847c58706820dd3e7bf7c5d2e0787</inline> + <inline>0x030c2c794f889e72ecee25d5ac5c1abf0939fa87f9,0x05f2d6c263224847c58706820dd3e7bf7c5d2e0787</inline> <curve>nist/K-163</curve> <desc>invalid order = 179</desc> </pubkey> <pubkey> <id>k163/41</id> - <inline>0x5be67c51e14feb41639bceaf9ce8cfdd6c3e58168,0x4676ec0ab03838c4e6495c76563b572d2a0cce2ef</inline> + <inline>0x05be67c51e14feb41639bceaf9ce8cfdd6c3e58168,0x04676ec0ab03838c4e6495c76563b572d2a0cce2ef</inline> <curve>nist/K-163</curve> <desc>invalid order = 181</desc> </pubkey> <pubkey> <id>k163/42</id> - <inline>0x6ac6188a225b467bf3c52259b10b580cd8b50040,0x4aca2a58fefa61cb2095c17ec28136b3e6911347f</inline> + <inline>0x006ac6188a225b467bf3c52259b10b580cd8b50040,0x04aca2a58fefa61cb2095c17ec28136b3e6911347f</inline> <curve>nist/K-163</curve> <desc>invalid order = 191</desc> </pubkey> <pubkey> <id>k163/43</id> - <inline>0x180872dc72ac55748324c3f5e284d13faf0924c67,0x48895028a1a0a639400ae5f64ab4075f6cddc97c</inline> + <inline>0x0180872dc72ac55748324c3f5e284d13faf0924c67,0x0048895028a1a0a639400ae5f64ab4075f6cddc97c</inline> <curve>nist/K-163</curve> <desc>invalid order = 193</desc> </pubkey> <pubkey> <id>k163/44</id> - <inline>0x7c6ad13ec3f441bf9b044ec5c6dea2d97931ba055,0x48aebb47664dcb5cd151c1a0a75794fb3bd95576b</inline> + <inline>0x07c6ad13ec3f441bf9b044ec5c6dea2d97931ba055,0x048aebb47664dcb5cd151c1a0a75794fb3bd95576b</inline> <curve>nist/K-163</curve> <desc>invalid order = 197</desc> </pubkey> <pubkey> <id>k163/45</id> - <inline>0x7ddf92a5fdae42abb69ac16effb5b490bcd9d227f,0x54cba3811aad6a68bc5315cb4a7211060cbe1fe36</inline> + <inline>0x07ddf92a5fdae42abb69ac16effb5b490bcd9d227f,0x054cba3811aad6a68bc5315cb4a7211060cbe1fe36</inline> <curve>nist/K-163</curve> <desc>invalid order = 199</desc> </pubkey> <pubkey> <id>k163/46</id> - <inline>0x3159acd03e5cb566183271b4cc69e233d10f60aa7,0x6c225da0617fc30fbcbfe7316317b8fa604a7ae70</inline> + <inline>0x03159acd03e5cb566183271b4cc69e233d10f60aa7,0x06c225da0617fc30fbcbfe7316317b8fa604a7ae70</inline> <curve>nist/K-163</curve> <desc>invalid order = 211</desc> </pubkey> <pubkey> <id>k163/47</id> - <inline>0x150d07395554bb30f89c2ae1b077c2d08db17cf19,0x1216494f1a85627594e98352c2ae5ffd717e0d754</inline> + <inline>0x0150d07395554bb30f89c2ae1b077c2d08db17cf19,0x01216494f1a85627594e98352c2ae5ffd717e0d754</inline> <curve>nist/K-163</curve> <desc>invalid order = 223</desc> </pubkey> <pubkey> <id>k163/48</id> - <inline>0x5bd14dc19215e372e27db63bf7ad69077db7ecd2e,0x5c9470edff53bee9be27070c25da993a6b63fbfeb</inline> + <inline>0x05bd14dc19215e372e27db63bf7ad69077db7ecd2e,0x05c9470edff53bee9be27070c25da993a6b63fbfeb</inline> <curve>nist/K-163</curve> <desc>invalid order = 227</desc> </pubkey> <pubkey> <id>k163/49</id> - <inline>0x1369e74091a56b27baf27931ebf227e69a09eeb00,0x5e404b5c0084c117fa8db37c42e2f5d606c2ea92c</inline> + <inline>0x01369e74091a56b27baf27931ebf227e69a09eeb00,0x05e404b5c0084c117fa8db37c42e2f5d606c2ea92c</inline> <curve>nist/K-163</curve> <desc>invalid order = 229</desc> </pubkey> <pubkey> <id>k163/50</id> - <inline>0x244683f23734bc731d0966bf901da5a75643b6757,0x1c128ce1f126926898a5f47be7fca98401ef8875e</inline> + <inline>0x0244683f23734bc731d0966bf901da5a75643b6757,0x01c128ce1f126926898a5f47be7fca98401ef8875e</inline> <curve>nist/K-163</curve> <desc>invalid order = 233</desc> </pubkey> <pubkey> <id>k163/51</id> - <inline>0x4696b2286a4c2adf90d504ada7f932b947ff5c1e6,0x4fdf518b9c69045f0d7e7fe732299c3587c9373f1</inline> + <inline>0x04696b2286a4c2adf90d504ada7f932b947ff5c1e6,0x04fdf518b9c69045f0d7e7fe732299c3587c9373f1</inline> <curve>nist/K-163</curve> <desc>invalid order = 239</desc> </pubkey> <pubkey> <id>k163/52</id> - <inline>0x50d73d1c8de565612a4db976427ae43c155c4e29d,0x1eccc79d0eaba13263ef9b133561ca59d7b1bbc75</inline> + <inline>0x050d73d1c8de565612a4db976427ae43c155c4e29d,0x01eccc79d0eaba13263ef9b133561ca59d7b1bbc75</inline> <curve>nist/K-163</curve> <desc>invalid order = 241</desc> </pubkey> <pubkey> <id>k163/53</id> - <inline>0x64a96d22b4b43a307d4a1282ddefa701f75ecff39,0x5528cff88e88b2973b507f0d50a9a8131f7f65a9e</inline> + <inline>0x064a96d22b4b43a307d4a1282ddefa701f75ecff39,0x05528cff88e88b2973b507f0d50a9a8131f7f65a9e</inline> <curve>nist/K-163</curve> <desc>invalid order = 251</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/nist/k233.xml b/src/cz/crcs/ectester/data/invalid/nist/k233.xml index 56332cb..250c9df 100644 --- a/src/cz/crcs/ectester/data/invalid/nist/k233.xml +++ b/src/cz/crcs/ectester/data/invalid/nist/k233.xml @@ -1,427 +1,427 @@ <?xml version="1.0" encoding="UTF-8" ?> <pubkey> <id>k233/0</id> - <inline>0x0000000000000000000000000000000000000000000000000000000000,0x0000000000000000000000000000000000000000000000000000000000</inline> + <inline>0x00000000000000000000000000000000000000000000000000000000000,0x00000000000000000000000000000000000000000000000000000000000</inline> <curve>nist/K-233</curve> <desc>invalid order = 2</desc> </pubkey> <pubkey> <id>k233/1</id> - <inline>0x665910471e7c8069040cd6c56f155108e98951c42a8715229ec1b07478,0xc2ddbb9d27282bb89ab53ca60c5bdb1c870b0b3cc77a2860961b84ed63</inline> + <inline>0x0665910471e7c8069040cd6c56f155108e98951c42a8715229ec1b07478,0x0c2ddbb9d27282bb89ab53ca60c5bdb1c870b0b3cc77a2860961b84ed63</inline> <curve>nist/K-233</curve> <desc>invalid order = 3</desc> </pubkey> <pubkey> <id>k233/2</id> - <inline>0x1b28d9d1c625d693013e63222ae2f28eea9de53667605e268b446c69a99,0xd81ae0dc707dd6a7ed7c1ad13d149a8b671ccb1450a8e4eee29629c3a4</inline> + <inline>0x01b28d9d1c625d693013e63222ae2f28eea9de53667605e268b446c69a99,0x0d81ae0dc707dd6a7ed7c1ad13d149a8b671ccb1450a8e4eee29629c3a4</inline> <curve>nist/K-233</curve> <desc>invalid order = 5</desc> </pubkey> <pubkey> <id>k233/3</id> - <inline>0x158298dbafe03ac28cbc7a2c4494f43f453593f6eb2162663e2cbf886a7,0x1ba54211282501a8c76039a081972e17c15d634f828aecca69bae916813</inline> + <inline>0x0158298dbafe03ac28cbc7a2c4494f43f453593f6eb2162663e2cbf886a7,0x01ba54211282501a8c76039a081972e17c15d634f828aecca69bae916813</inline> <curve>nist/K-233</curve> <desc>invalid order = 7</desc> </pubkey> <pubkey> <id>k233/4</id> - <inline>0x8050533a5bb38c0575c0f569a698dd4aec10752e7b2a9899b439259877,0x1886464d57deb6726c0798f2e21dee8e57c6563ba4efe172a313161d91</inline> + <inline>0x08050533a5bb38c0575c0f569a698dd4aec10752e7b2a9899b439259877,0x01886464d57deb6726c0798f2e21dee8e57c6563ba4efe172a313161d91</inline> <curve>nist/K-233</curve> <desc>invalid order = 11</desc> </pubkey> <pubkey> <id>k233/5</id> - <inline>0x14da58bffd9541bcd8176d66fccc440864c56ec8da466e102b1f621ad94,0x1ef1bc065af5a8eb5b99b449b461ffdfd25d7b8a34436734c60de8446e</inline> + <inline>0x014da58bffd9541bcd8176d66fccc440864c56ec8da466e102b1f621ad94,0x01ef1bc065af5a8eb5b99b449b461ffdfd25d7b8a34436734c60de8446e</inline> <curve>nist/K-233</curve> <desc>invalid order = 13</desc> </pubkey> <pubkey> <id>k233/6</id> - <inline>0xe0d800fbec84ecc512f35de8c6a5363aa35c21cbdbf51ee176cd625f7b,0x5a75cf71da3f079ed663e8334d04f49a19cc337ce3955efd0d11f8075c</inline> + <inline>0x0e0d800fbec84ecc512f35de8c6a5363aa35c21cbdbf51ee176cd625f7b,0x05a75cf71da3f079ed663e8334d04f49a19cc337ce3955efd0d11f8075c</inline> <curve>nist/K-233</curve> <desc>invalid order = 17</desc> </pubkey> <pubkey> <id>k233/7</id> - <inline>0x1a2b7512c32d10d1965bb7fe2a737fe59f7db2ea455617d0191e84b6445,0x16dcd68bc3a9abe5a00efbf930f84dbd676a4c595314088669976dca20a</inline> + <inline>0x01a2b7512c32d10d1965bb7fe2a737fe59f7db2ea455617d0191e84b6445,0x016dcd68bc3a9abe5a00efbf930f84dbd676a4c595314088669976dca20a</inline> <curve>nist/K-233</curve> <desc>invalid order = 19</desc> </pubkey> <pubkey> <id>k233/8</id> - <inline>0xd6814b441bc498c9cbcd375b6a4d54f1f732f2628f1509650ec647ad87,0x13cc74e4b939b446b63c7ff6b7e7571fa01a1432bc7958a28773ae64bff</inline> + <inline>0x0d6814b441bc498c9cbcd375b6a4d54f1f732f2628f1509650ec647ad87,0x013cc74e4b939b446b63c7ff6b7e7571fa01a1432bc7958a28773ae64bff</inline> <curve>nist/K-233</curve> <desc>invalid order = 23</desc> </pubkey> <pubkey> <id>k233/9</id> - <inline>0x193d8ff00ac50effd52134acd2f15c51e452727a948b310c367328dcc,0x1bed4420061e99f86f9e4f87092dde4f9a0f8ffb91164f175619ed01f8d</inline> + <inline>0x0193d8ff00ac50effd52134acd2f15c51e452727a948b310c367328dcc,0x01bed4420061e99f86f9e4f87092dde4f9a0f8ffb91164f175619ed01f8d</inline> <curve>nist/K-233</curve> <desc>invalid order = 29</desc> </pubkey> <pubkey> <id>k233/10</id> - <inline>0x128dc1bb2c7f691269c91c2c3a97375352b4ae89aedc3e9b70c27e8cb37,0x15f05aa4e9437b4991b2532f59aa91784b4cc3edb7df747447b33cb5b31</inline> + <inline>0x0128dc1bb2c7f691269c91c2c3a97375352b4ae89aedc3e9b70c27e8cb37,0x015f05aa4e9437b4991b2532f59aa91784b4cc3edb7df747447b33cb5b31</inline> <curve>nist/K-233</curve> <desc>invalid order = 31</desc> </pubkey> <pubkey> <id>k233/11</id> - <inline>0x71e34b19c6201b3d71ec452af201eaf8639c37f0a0100cfe1bb78de703,0x733c5ea24a38b2c2bfb7ff73d5df7f926421671fb60a1525574f8b400d</inline> + <inline>0x071e34b19c6201b3d71ec452af201eaf8639c37f0a0100cfe1bb78de703,0x0733c5ea24a38b2c2bfb7ff73d5df7f926421671fb60a1525574f8b400d</inline> <curve>nist/K-233</curve> <desc>invalid order = 37</desc> </pubkey> <pubkey> <id>k233/12</id> - <inline>0x13bea689c338fbfdf713b1ff8d71bf5580c700cbbbf911eccb765520cfc,0xf6c0ad7dd750e8ee565dcb3a40a3c07c21e111c8a91c2ff2776fba6516</inline> + <inline>0x013bea689c338fbfdf713b1ff8d71bf5580c700cbbbf911eccb765520cfc,0x0f6c0ad7dd750e8ee565dcb3a40a3c07c21e111c8a91c2ff2776fba6516</inline> <curve>nist/K-233</curve> <desc>invalid order = 41</desc> </pubkey> <pubkey> <id>k233/13</id> - <inline>0x9b3d92f94ae04fa0f83ca0da7f57ddc4cc528cd77381a7c3657268573c,0xec46a8e3eabd81376a808ccec0a098e3544abdd6114a4aafdbbfcb2397</inline> + <inline>0x09b3d92f94ae04fa0f83ca0da7f57ddc4cc528cd77381a7c3657268573c,0x0ec46a8e3eabd81376a808ccec0a098e3544abdd6114a4aafdbbfcb2397</inline> <curve>nist/K-233</curve> <desc>invalid order = 43</desc> </pubkey> <pubkey> <id>k233/14</id> - <inline>0x3fa2195cd936ea8e00ca032b61b855790b8d6354f26dfe9b577553f8fb,0x44e64e8ce820c5555cbeedeafedc0e1898939db86f1c60c0f9d89f9fbf</inline> + <inline>0x03fa2195cd936ea8e00ca032b61b855790b8d6354f26dfe9b577553f8fb,0x044e64e8ce820c5555cbeedeafedc0e1898939db86f1c60c0f9d89f9fbf</inline> <curve>nist/K-233</curve> <desc>invalid order = 47</desc> </pubkey> <pubkey> <id>k233/15</id> - <inline>0x1619638dfc7d66ad6d28b49b4e66d2293f6aa1d9aa57ddc4886de0317f3,0x4b92e3c95d4087215a644330c11c3364782b09a2414263f7ab8df90d76</inline> + <inline>0x01619638dfc7d66ad6d28b49b4e66d2293f6aa1d9aa57ddc4886de0317f3,0x04b92e3c95d4087215a644330c11c3364782b09a2414263f7ab8df90d76</inline> <curve>nist/K-233</curve> <desc>invalid order = 53</desc> </pubkey> <pubkey> <id>k233/16</id> - <inline>0xbd6d464d93d162a372823080998b761ac66de8bf4ceb4f1a3091697945,0xb12d5ef510c99127506af2067eac58c7e3dccac4349795ac3ea6008e58</inline> + <inline>0x0bd6d464d93d162a372823080998b761ac66de8bf4ceb4f1a3091697945,0x0b12d5ef510c99127506af2067eac58c7e3dccac4349795ac3ea6008e58</inline> <curve>nist/K-233</curve> <desc>invalid order = 59</desc> </pubkey> <pubkey> <id>k233/17</id> - <inline>0x1c5424b19abd81a0bac3371c4e0a3364350a9126f359b178560f4fde00a,0x32a99c3aadf52c6ceedb9b786dc6e5fa3db8b769922f86baddbc7c4c79</inline> + <inline>0x01c5424b19abd81a0bac3371c4e0a3364350a9126f359b178560f4fde00a,0x032a99c3aadf52c6ceedb9b786dc6e5fa3db8b769922f86baddbc7c4c79</inline> <curve>nist/K-233</curve> <desc>invalid order = 61</desc> </pubkey> <pubkey> <id>k233/18</id> - <inline>0xa7c293e9677eb6b78d05b0cd42992fe21e74abfd00bb1402bdcfc9c6b4,0x1e4b93345b4c0cde539aa980998447567ababd8b62bf3c309882180d0fb</inline> + <inline>0x0a7c293e9677eb6b78d05b0cd42992fe21e74abfd00bb1402bdcfc9c6b4,0x01e4b93345b4c0cde539aa980998447567ababd8b62bf3c309882180d0fb</inline> <curve>nist/K-233</curve> <desc>invalid order = 67</desc> </pubkey> <pubkey> <id>k233/19</id> - <inline>0x109f61ac8bb31f61e910c8f081a03213753f157b06de71d3da460e8bf02,0x1cb85fef71d116dadaf4cb08a6fa7bd9b044cbc9da4d46bdb6ee8c79fe</inline> + <inline>0x0109f61ac8bb31f61e910c8f081a03213753f157b06de71d3da460e8bf02,0x01cb85fef71d116dadaf4cb08a6fa7bd9b044cbc9da4d46bdb6ee8c79fe</inline> <curve>nist/K-233</curve> <desc>invalid order = 71</desc> </pubkey> <pubkey> <id>k233/20</id> - <inline>0x1cb157a75ba450b59b6d214c7e0cad9bdbe640cea05c0a617acf50a53d7,0x64fd4ed91ed4089e71c1d299f935a8743505b73ed6725e24d277566c20</inline> + <inline>0x01cb157a75ba450b59b6d214c7e0cad9bdbe640cea05c0a617acf50a53d7,0x064fd4ed91ed4089e71c1d299f935a8743505b73ed6725e24d277566c20</inline> <curve>nist/K-233</curve> <desc>invalid order = 73</desc> </pubkey> <pubkey> <id>k233/21</id> - <inline>0x13b849674baacd6a03daa62d2d1909f299df47735d6911bfa1a8ebdf31b,0x497be0480d5e672890d73fd9ab83e891c5bdc5ce22e73079d708dd4d97</inline> + <inline>0x013b849674baacd6a03daa62d2d1909f299df47735d6911bfa1a8ebdf31b,0x0497be0480d5e672890d73fd9ab83e891c5bdc5ce22e73079d708dd4d97</inline> <curve>nist/K-233</curve> <desc>invalid order = 79</desc> </pubkey> <pubkey> <id>k233/22</id> - <inline>0x8450d7779fe02fbe0311f842da5681032aaff9402b0d2c439c207c854c,0x1f57464bccdf31fb004f315e3960a3466a5852fcb15fcfbacef0f95fa90</inline> + <inline>0x08450d7779fe02fbe0311f842da5681032aaff9402b0d2c439c207c854c,0x01f57464bccdf31fb004f315e3960a3466a5852fcb15fcfbacef0f95fa90</inline> <curve>nist/K-233</curve> <desc>invalid order = 83</desc> </pubkey> <pubkey> <id>k233/23</id> - <inline>0xdfa2f479313558610b47f089572dbce1c3737cc8d41f907c47b896068e,0xb94423bf46ff2581652bfd16e621678987507053095596fb103368a9a6</inline> + <inline>0x0dfa2f479313558610b47f089572dbce1c3737cc8d41f907c47b896068e,0x0b94423bf46ff2581652bfd16e621678987507053095596fb103368a9a6</inline> <curve>nist/K-233</curve> <desc>invalid order = 89</desc> </pubkey> <pubkey> <id>k233/24</id> - <inline>0x87adc0a66a15da581182a42c9018218502813a151c0c4a711b4e124d99,0x6cc9cd9198191cedc27a3d9ada6f56a799720fa9cce56b403165ba0170</inline> + <inline>0x087adc0a66a15da581182a42c9018218502813a151c0c4a711b4e124d99,0x06cc9cd9198191cedc27a3d9ada6f56a799720fa9cce56b403165ba0170</inline> <curve>nist/K-233</curve> <desc>invalid order = 97</desc> </pubkey> <pubkey> <id>k233/25</id> - <inline>0x3759086db1168f4dbdb82a8ed8bfc81c471c838e6894c134179a30fd91,0x8919a53ddfff6cc766b46bb44d1a9e6aba434605162f77c812f45167cc</inline> + <inline>0x003759086db1168f4dbdb82a8ed8bfc81c471c838e6894c134179a30fd91,0x008919a53ddfff6cc766b46bb44d1a9e6aba434605162f77c812f45167cc</inline> <curve>nist/K-233</curve> <desc>invalid order = 101</desc> </pubkey> <pubkey> <id>k233/26</id> - <inline>0xaeaee6bbf3e5db3666c68833f45fa70acfcae0cfc47dd52e8f9cc047f7,0x51ce23fbd60e86ae8b024bd3fc7cea2903feb09cddb37b998e4337b287</inline> + <inline>0x00aeaee6bbf3e5db3666c68833f45fa70acfcae0cfc47dd52e8f9cc047f7,0x0051ce23fbd60e86ae8b024bd3fc7cea2903feb09cddb37b998e4337b287</inline> <curve>nist/K-233</curve> <desc>invalid order = 103</desc> </pubkey> <pubkey> <id>k233/27</id> - <inline>0xec34221ea56f7cba306d293218cdcb5b779c748f7efe6f04af292d64b6,0x6991b62bf8950308d3276a4371e2b3d447a06332a778d133982380c298</inline> + <inline>0x00ec34221ea56f7cba306d293218cdcb5b779c748f7efe6f04af292d64b6,0x006991b62bf8950308d3276a4371e2b3d447a06332a778d133982380c298</inline> <curve>nist/K-233</curve> <desc>invalid order = 107</desc> </pubkey> <pubkey> <id>k233/28</id> - <inline>0x1b3e98707e5fea3ea2e9af10fa2b80a69da00044bae4131c534de67ebfd,0xbce8e3d468c29078c94b603a6f5904d0c8dc3e788e8aa036883e54c6ba</inline> + <inline>0x01b3e98707e5fea3ea2e9af10fa2b80a69da00044bae4131c534de67ebfd,0x00bce8e3d468c29078c94b603a6f5904d0c8dc3e788e8aa036883e54c6ba</inline> <curve>nist/K-233</curve> <desc>invalid order = 109</desc> </pubkey> <pubkey> <id>k233/29</id> - <inline>0x13334a5a14c1c76db51a9c2631ab8ecb7459be4b7f9f83bb9dfafe4f5b5,0x543f2a0b3c73eb03fb7fd42001a932cfa9483b8f6128fa82e3d7385a91</inline> + <inline>0x013334a5a14c1c76db51a9c2631ab8ecb7459be4b7f9f83bb9dfafe4f5b5,0x00543f2a0b3c73eb03fb7fd42001a932cfa9483b8f6128fa82e3d7385a91</inline> <curve>nist/K-233</curve> <desc>invalid order = 113</desc> </pubkey> <pubkey> <id>k233/30</id> - <inline>0x253ff4f67bdca75a25d07f725aaaeb721ecbd6a503eed131903fd2df7f,0xf83ff87668775647e56a5a34ea56993994123bbe7ecf9e33f11ef95f1c</inline> + <inline>0x00253ff4f67bdca75a25d07f725aaaeb721ecbd6a503eed131903fd2df7f,0x00f83ff87668775647e56a5a34ea56993994123bbe7ecf9e33f11ef95f1c</inline> <curve>nist/K-233</curve> <desc>invalid order = 127</desc> </pubkey> <pubkey> <id>k233/31</id> - <inline>0x1c6c3178990ef63b0d80dcedd8ee60a8fa3690cd1e2cfa1fb1da0b0e274,0x6b3856de656973844f666b87fe84381680f3f4e57e46969b92d4a5a800</inline> + <inline>0x01c6c3178990ef63b0d80dcedd8ee60a8fa3690cd1e2cfa1fb1da0b0e274,0x006b3856de656973844f666b87fe84381680f3f4e57e46969b92d4a5a800</inline> <curve>nist/K-233</curve> <desc>invalid order = 131</desc> </pubkey> <pubkey> <id>k233/32</id> - <inline>0x1280b5cf701d2d3e2e070a1b53aee76fda1e28395fe7559bb43b9f76fd6,0x1ca372d4eb9580f4b1e05815948cf6b2d182d696b892ad13c54fd13a845</inline> + <inline>0x01280b5cf701d2d3e2e070a1b53aee76fda1e28395fe7559bb43b9f76fd6,0x01ca372d4eb9580f4b1e05815948cf6b2d182d696b892ad13c54fd13a845</inline> <curve>nist/K-233</curve> <desc>invalid order = 137</desc> </pubkey> <pubkey> <id>k233/33</id> - <inline>0x61f096f7841265275bdd459b13f4232f995ba0545103eb228883cf8bb7,0x6d485bcc52137cacc384e46276969debc22fe0c29dd5a6f369214decb6</inline> + <inline>0x0061f096f7841265275bdd459b13f4232f995ba0545103eb228883cf8bb7,0x006d485bcc52137cacc384e46276969debc22fe0c29dd5a6f369214decb6</inline> <curve>nist/K-233</curve> <desc>invalid order = 139</desc> </pubkey> <pubkey> <id>k233/34</id> - <inline>0xf80bfe6b38d3e179dacab6bf20afacee932b94039c58520f323d1a2189,0x11eca4d5dec4e22f4180f99afcee1c8eae6ac864484c152a0e454eb6bef</inline> + <inline>0x00f80bfe6b38d3e179dacab6bf20afacee932b94039c58520f323d1a2189,0x011eca4d5dec4e22f4180f99afcee1c8eae6ac864484c152a0e454eb6bef</inline> <curve>nist/K-233</curve> <desc>invalid order = 149</desc> </pubkey> <pubkey> <id>k233/35</id> - <inline>0x15d62b25ac88bf56f1289055eea46cd2600ed16bf05f10b5e3002f5c31b,0x3e163c1182c7ab31f1ada5f34e7e9ad014550db98fb01bd33f4f63c7d</inline> + <inline>0x015d62b25ac88bf56f1289055eea46cd2600ed16bf05f10b5e3002f5c31b,0x0003e163c1182c7ab31f1ada5f34e7e9ad014550db98fb01bd33f4f63c7d</inline> <curve>nist/K-233</curve> <desc>invalid order = 151</desc> </pubkey> <pubkey> <id>k233/36</id> - <inline>0x10cf0e5722e529b777a8ac57bc11fb55836c542fe23dd9ff2e326c2831,0x1bd34ec7982de5a7290c7f17a7d5d99c035abf3a54ac1cfd15dd11fcb19</inline> + <inline>0x0010cf0e5722e529b777a8ac57bc11fb55836c542fe23dd9ff2e326c2831,0x01bd34ec7982de5a7290c7f17a7d5d99c035abf3a54ac1cfd15dd11fcb19</inline> <curve>nist/K-233</curve> <desc>invalid order = 157</desc> </pubkey> <pubkey> <id>k233/37</id> - <inline>0x111b77e99b3fab22fba1d28f214a6feeb0d4f9539f34d3401ee7511aa4c,0x13bb7d343a1e3f7834d12e4e25d55dbccf44498e2222e12efe3fe4ec072</inline> + <inline>0x0111b77e99b3fab22fba1d28f214a6feeb0d4f9539f34d3401ee7511aa4c,0x013bb7d343a1e3f7834d12e4e25d55dbccf44498e2222e12efe3fe4ec072</inline> <curve>nist/K-233</curve> <desc>invalid order = 163</desc> </pubkey> <pubkey> <id>k233/38</id> - <inline>0x1809d02b28528f2a605e1c59b79c262336fa8fe54b7a6ec901f0e7e0295,0x160c58b96c23bd34cb1336ae409933f5b088e0ce3ac7fe7a0df2b406dad</inline> + <inline>0x01809d02b28528f2a605e1c59b79c262336fa8fe54b7a6ec901f0e7e0295,0x0160c58b96c23bd34cb1336ae409933f5b088e0ce3ac7fe7a0df2b406dad</inline> <curve>nist/K-233</curve> <desc>invalid order = 167</desc> </pubkey> <pubkey> <id>k233/39</id> - <inline>0x1a482b426161d2517af9a33eb392d2bc07d9b44051fb209f76de41c2bc1,0x1be48f5e6546195c453a646f631ea003044ee80d12062984e29c84c13ba</inline> + <inline>0x01a482b426161d2517af9a33eb392d2bc07d9b44051fb209f76de41c2bc1,0x01be48f5e6546195c453a646f631ea003044ee80d12062984e29c84c13ba</inline> <curve>nist/K-233</curve> <desc>invalid order = 173</desc> </pubkey> <pubkey> <id>k233/40</id> - <inline>0x10481fb1a84ad81a39a0e5c7ddf76a06110ddf7a059dcc1faa272febc1,0x1f4a3edbf9dd7394bec4345f1a406b9e603a8ba051b8e8846dbc6efb4fb</inline> + <inline>0x0010481fb1a84ad81a39a0e5c7ddf76a06110ddf7a059dcc1faa272febc1,0x01f4a3edbf9dd7394bec4345f1a406b9e603a8ba051b8e8846dbc6efb4fb</inline> <curve>nist/K-233</curve> <desc>invalid order = 179</desc> </pubkey> <pubkey> <id>k233/41</id> - <inline>0x40d7ca7b4dc19ef788b99fcd071a0c528c43fac1af077ff3dd90de763b,0xb3dbb8d2f52c0ce8dc671d8f3e88f9aa81553c5022c464f69bfe41c01b</inline> + <inline>0x0040d7ca7b4dc19ef788b99fcd071a0c528c43fac1af077ff3dd90de763b,0x00b3dbb8d2f52c0ce8dc671d8f3e88f9aa81553c5022c464f69bfe41c01b</inline> <curve>nist/K-233</curve> <desc>invalid order = 181</desc> </pubkey> <pubkey> <id>k233/42</id> - <inline>0x1b515fec3d612339ef64182ab9170b31f0846c097674dce4e65fa25cd7a,0x1e61bbd05569e358b48d9e0092185c6c929f0dac0e319f11bd88f98b825</inline> + <inline>0x01b515fec3d612339ef64182ab9170b31f0846c097674dce4e65fa25cd7a,0x01e61bbd05569e358b48d9e0092185c6c929f0dac0e319f11bd88f98b825</inline> <curve>nist/K-233</curve> <desc>invalid order = 191</desc> </pubkey> <pubkey> <id>k233/43</id> - <inline>0xe5ab97b9baf539437e5121d0c7bf5c5a27981ed3754a097d3f70ea2c14,0x1ada3138dd3f0b6619886364d7aac358345a213fa0c5329cdd4f80bceeb</inline> + <inline>0x00e5ab97b9baf539437e5121d0c7bf5c5a27981ed3754a097d3f70ea2c14,0x01ada3138dd3f0b6619886364d7aac358345a213fa0c5329cdd4f80bceeb</inline> <curve>nist/K-233</curve> <desc>invalid order = 193</desc> </pubkey> <pubkey> <id>k233/44</id> - <inline>0xa72b6e55e1671dc3495682c3e61f59f42f213d138c743b28cb47acee16,0x1660cd9b3bde41058737fe268f190e56f650b7a26d69d54d6729ee5f7cf</inline> + <inline>0x00a72b6e55e1671dc3495682c3e61f59f42f213d138c743b28cb47acee16,0x01660cd9b3bde41058737fe268f190e56f650b7a26d69d54d6729ee5f7cf</inline> <curve>nist/K-233</curve> <desc>invalid order = 197</desc> </pubkey> <pubkey> <id>k233/45</id> - <inline>0x1f4fc414e30e6a62af37a9f2182ec257040cfae45dbabbd91e94854372e,0x439167fa5ef5268f7dec7e283b0bb0901df3a019e2d05522cda022af</inline> + <inline>0x01f4fc414e30e6a62af37a9f2182ec257040cfae45dbabbd91e94854372e,0x0000439167fa5ef5268f7dec7e283b0bb0901df3a019e2d05522cda022af</inline> <curve>nist/K-233</curve> <desc>invalid order = 199</desc> </pubkey> <pubkey> <id>k233/46</id> - <inline>0xfd92f8cc957799a6992df609b4b4686067296e55c7d40fecbf2ae73446,0x1a1b81ed1c2343fb871140a35250f208f7b5866d707b9eaea32f201bfbd</inline> + <inline>0x00fd92f8cc957799a6992df609b4b4686067296e55c7d40fecbf2ae73446,0x01a1b81ed1c2343fb871140a35250f208f7b5866d707b9eaea32f201bfbd</inline> <curve>nist/K-233</curve> <desc>invalid order = 211</desc> </pubkey> <pubkey> <id>k233/47</id> - <inline>0x862c30c196db1ff2cb5c2a0658ce1dc71fc9a1c806c9403a0bdb7124a8,0xe27b48f59e5c2b6d80ab13fbf731a573379f6f0eec2137f15db3d4cfa8</inline> + <inline>0x00862c30c196db1ff2cb5c2a0658ce1dc71fc9a1c806c9403a0bdb7124a8,0x00e27b48f59e5c2b6d80ab13fbf731a573379f6f0eec2137f15db3d4cfa8</inline> <curve>nist/K-233</curve> <desc>invalid order = 223</desc> </pubkey> <pubkey> <id>k233/48</id> - <inline>0x15664849942fd80559f6106996263e873a84e443ad6326a94d87afac60e,0x1fc71fccaded3864613c51319cf82c590025ae8a8cd1bc599dc068d6cf2</inline> + <inline>0x015664849942fd80559f6106996263e873a84e443ad6326a94d87afac60e,0x01fc71fccaded3864613c51319cf82c590025ae8a8cd1bc599dc068d6cf2</inline> <curve>nist/K-233</curve> <desc>invalid order = 227</desc> </pubkey> <pubkey> <id>k233/49</id> - <inline>0x197a0e7c5be80f7d93585ce09b3ad6ddd1af17b120944d8f901def9e57d,0x4a8d32875236444c95646768552bc22f50ae34d2d233d861c700aa8718</inline> + <inline>0x0197a0e7c5be80f7d93585ce09b3ad6ddd1af17b120944d8f901def9e57d,0x004a8d32875236444c95646768552bc22f50ae34d2d233d861c700aa8718</inline> <curve>nist/K-233</curve> <desc>invalid order = 229</desc> </pubkey> <pubkey> <id>k233/50</id> - <inline>0x31a468a02abf854bcfd030a4e0bfd428651d53cb979acf79bb886c9d53,0x14b7dd1a68001c25947182184d76ad901f6f52da7e9834867c742532f42</inline> + <inline>0x0031a468a02abf854bcfd030a4e0bfd428651d53cb979acf79bb886c9d53,0x014b7dd1a68001c25947182184d76ad901f6f52da7e9834867c742532f42</inline> <curve>nist/K-233</curve> <desc>invalid order = 233</desc> </pubkey> <pubkey> <id>k233/51</id> - <inline>0x4ffb6c6c40e18a26c86ae9f454efbc6a11cd5b7e2045a0ba1c27fdd73a,0x1524360ad03e1191faeb9da9f45cce204221d06d4eb6b5de21a8c572b92</inline> + <inline>0x004ffb6c6c40e18a26c86ae9f454efbc6a11cd5b7e2045a0ba1c27fdd73a,0x01524360ad03e1191faeb9da9f45cce204221d06d4eb6b5de21a8c572b92</inline> <curve>nist/K-233</curve> <desc>invalid order = 239</desc> </pubkey> <pubkey> <id>k233/52</id> - <inline>0x17dd43136faec3526ef448ebd1bcb57e532cff31eaa2251cb03b40ab1f0,0xb43e5518404f534e7d5607a22d0d69e364a0ae0edcae133806555376be</inline> + <inline>0x017dd43136faec3526ef448ebd1bcb57e532cff31eaa2251cb03b40ab1f0,0x00b43e5518404f534e7d5607a22d0d69e364a0ae0edcae133806555376be</inline> <curve>nist/K-233</curve> <desc>invalid order = 241</desc> </pubkey> <pubkey> <id>k233/53</id> - <inline>0x166fefca250ad4b636d8fa99303c8e9b7b1daca1d47d08173948c4806bb,0x16524e665a5edc829a767ca6fbbab76a252028f85122f08296956ccac76</inline> + <inline>0x0166fefca250ad4b636d8fa99303c8e9b7b1daca1d47d08173948c4806bb,0x016524e665a5edc829a767ca6fbbab76a252028f85122f08296956ccac76</inline> <curve>nist/K-233</curve> <desc>invalid order = 251</desc> </pubkey> <pubkey> <id>k233/54</id> - <inline>0x4aa9b7e02161e984051d587f09661f391d3a3db225b6283070412c4c66,0x1ca90eb55786a0555976dfbced6160f1dcca52d051c8f12f138ff268e4d</inline> + <inline>0x004aa9b7e02161e984051d587f09661f391d3a3db225b6283070412c4c66,0x01ca90eb55786a0555976dfbced6160f1dcca52d051c8f12f138ff268e4d</inline> <curve>nist/K-233</curve> <desc>invalid order = 257</desc> </pubkey> <pubkey> <id>k233/55</id> - <inline>0xc351dfccee35e89ce463c7a40f521f46a0777345237a50c487d88e962c,0x106d0b50d08c7c16107767d8ccac32238dbd2539317487d8f8fda44432a</inline> + <inline>0x00c351dfccee35e89ce463c7a40f521f46a0777345237a50c487d88e962c,0x0106d0b50d08c7c16107767d8ccac32238dbd2539317487d8f8fda44432a</inline> <curve>nist/K-233</curve> <desc>invalid order = 263</desc> </pubkey> <pubkey> <id>k233/56</id> - <inline>0xf0d2b7c68e062b70aa8b51c745bdf4e941d1736ec4fca525003c1684dd,0x1723f640c4b75aa4b98f5ef3e08ac2bc64404b1c843d66408db71beebc6</inline> + <inline>0x00f0d2b7c68e062b70aa8b51c745bdf4e941d1736ec4fca525003c1684dd,0x01723f640c4b75aa4b98f5ef3e08ac2bc64404b1c843d66408db71beebc6</inline> <curve>nist/K-233</curve> <desc>invalid order = 269</desc> </pubkey> <pubkey> <id>k233/57</id> - <inline>0x75b00fbe53ba943498601e5b3c1283684dcdc923e011a44e738de58a86,0x490c152282d6cad043ebcff0303ccdea1cb92bd2998746d3319a500908</inline> + <inline>0x0075b00fbe53ba943498601e5b3c1283684dcdc923e011a44e738de58a86,0x00490c152282d6cad043ebcff0303ccdea1cb92bd2998746d3319a500908</inline> <curve>nist/K-233</curve> <desc>invalid order = 271</desc> </pubkey> <pubkey> <id>k233/58</id> - <inline>0x15340e79b9913116f2b13dcdf19dce4e862df49bb24526c355059180f8c,0x1426db6fd4183ab0d0cb10cdb89104907da90c0a56cf77db0f5d52f1211</inline> + <inline>0x015340e79b9913116f2b13dcdf19dce4e862df49bb24526c355059180f8c,0x01426db6fd4183ab0d0cb10cdb89104907da90c0a56cf77db0f5d52f1211</inline> <curve>nist/K-233</curve> <desc>invalid order = 277</desc> </pubkey> <pubkey> <id>k233/59</id> - <inline>0x12869ab756cf31b721eec0b6bd3a1b5f66858150bae5bcaf156dabbc265,0x149731cf7d13202a338fce6f903049c14ff13bef535418f3625f9b3ebf3</inline> + <inline>0x012869ab756cf31b721eec0b6bd3a1b5f66858150bae5bcaf156dabbc265,0x0149731cf7d13202a338fce6f903049c14ff13bef535418f3625f9b3ebf3</inline> <curve>nist/K-233</curve> <desc>invalid order = 281</desc> </pubkey> <pubkey> <id>k233/60</id> - <inline>0x1bcaedec07cd7804abdcaed85ae15406fc7717758f06a77c61b5d5ba73b,0x3c809ca8961fe74476a678238f097ebb685677888306fdb616642ba12f</inline> + <inline>0x01bcaedec07cd7804abdcaed85ae15406fc7717758f06a77c61b5d5ba73b,0x003c809ca8961fe74476a678238f097ebb685677888306fdb616642ba12f</inline> <curve>nist/K-233</curve> <desc>invalid order = 283</desc> </pubkey> <pubkey> <id>k233/61</id> - <inline>0x79a405e6eac612c9e76fb540b41ed73fe31c940d642e101cf1277a5d60,0x1451e53092911841afd8c9e3b3b0515b44680840b874ba347a2debd7c1e</inline> + <inline>0x0079a405e6eac612c9e76fb540b41ed73fe31c940d642e101cf1277a5d60,0x01451e53092911841afd8c9e3b3b0515b44680840b874ba347a2debd7c1e</inline> <curve>nist/K-233</curve> <desc>invalid order = 293</desc> </pubkey> <pubkey> <id>k233/62</id> - <inline>0xf5a3b8d0544b10b7a0cd95bf931acfa23d3003a0d85eeb3eef0715bb0b,0xaed1ccfc130cbcb46ec7f923ff68d2712226588967a3fd7b469b3431de</inline> + <inline>0x00f5a3b8d0544b10b7a0cd95bf931acfa23d3003a0d85eeb3eef0715bb0b,0x00aed1ccfc130cbcb46ec7f923ff68d2712226588967a3fd7b469b3431de</inline> <curve>nist/K-233</curve> <desc>invalid order = 307</desc> </pubkey> <pubkey> <id>k233/63</id> - <inline>0x11de1b82bc3409a58758e2f5f4e34dab9a52ab98762577657f10cfe5533,0x1886640e5b820404753c11995ddff63ea6e9cb16f9cf6d65dacc243aeb9</inline> + <inline>0x011de1b82bc3409a58758e2f5f4e34dab9a52ab98762577657f10cfe5533,0x01886640e5b820404753c11995ddff63ea6e9cb16f9cf6d65dacc243aeb9</inline> <curve>nist/K-233</curve> <desc>invalid order = 311</desc> </pubkey> <pubkey> <id>k233/64</id> - <inline>0x9360a0162c7e80b22f9bbd251e4dad4de143957703844f8b5cc6dd8691,0x1551f1dc308d1ba13a4c567c8d9ba378050540d3659d888dd1fb925aee2</inline> + <inline>0x009360a0162c7e80b22f9bbd251e4dad4de143957703844f8b5cc6dd8691,0x01551f1dc308d1ba13a4c567c8d9ba378050540d3659d888dd1fb925aee2</inline> <curve>nist/K-233</curve> <desc>invalid order = 313</desc> </pubkey> <pubkey> <id>k233/65</id> - <inline>0x11b7ca56f15932a072c2974d893ef13454a60f4540db009367b475d5d0e,0x1ffc609a5d34c624949f09838f4371950dbc79dff0aef485c6d3c5f5f4a</inline> + <inline>0x011b7ca56f15932a072c2974d893ef13454a60f4540db009367b475d5d0e,0x01ffc609a5d34c624949f09838f4371950dbc79dff0aef485c6d3c5f5f4a</inline> <curve>nist/K-233</curve> <desc>invalid order = 317</desc> </pubkey> <pubkey> <id>k233/66</id> - <inline>0x10c1c2585b0b77a3b9726996f090fa83d937aef46c4800b39632f29e3c8,0x1749ea8aee37239d24a71ac80b40352d16ef03192e6c8f9c7a1756a8727</inline> + <inline>0x010c1c2585b0b77a3b9726996f090fa83d937aef46c4800b39632f29e3c8,0x01749ea8aee37239d24a71ac80b40352d16ef03192e6c8f9c7a1756a8727</inline> <curve>nist/K-233</curve> <desc>invalid order = 331</desc> </pubkey> <pubkey> <id>k233/67</id> - <inline>0x14b01a5c4b4154760ba46f00e2bd40ad9c96fef6da596a8ed1fe8050fd,0x13b9db83176fee073099294b4c15e1dc2fb65fff22499ba187e96862128</inline> + <inline>0x0014b01a5c4b4154760ba46f00e2bd40ad9c96fef6da596a8ed1fe8050fd,0x013b9db83176fee073099294b4c15e1dc2fb65fff22499ba187e96862128</inline> <curve>nist/K-233</curve> <desc>invalid order = 337</desc> </pubkey> <pubkey> <id>k233/68</id> - <inline>0x57f9ec1cf4c06588b90ed7932b614d0446a539449ee2b2e8548b38c30a,0x132995ab8dad93de7e37b459e00cf693fd500cf0f3a76351d80943a58a</inline> + <inline>0x0057f9ec1cf4c06588b90ed7932b614d0446a539449ee2b2e8548b38c30a,0x00132995ab8dad93de7e37b459e00cf693fd500cf0f3a76351d80943a58a</inline> <curve>nist/K-233</curve> <desc>invalid order = 347</desc> </pubkey> <pubkey> <id>k233/69</id> - <inline>0x15c9d67e834aeea98c852dbde13cc0007d8004becdee67676cae6cc5630,0x1c1e9662b93c85c1255f70f0df15534a08898db505140c36c7dcd1ef242</inline> + <inline>0x015c9d67e834aeea98c852dbde13cc0007d8004becdee67676cae6cc5630,0x01c1e9662b93c85c1255f70f0df15534a08898db505140c36c7dcd1ef242</inline> <curve>nist/K-233</curve> <desc>invalid order = 349</desc> </pubkey> <pubkey> <id>k233/70</id> - <inline>0x15521da657de63d02cc03dcf4a1416d16e75d627e2660358b9fb7658d1c,0x697153844ab2917d908b756529ee8b8cf6ef7b1bab46ae7f422b57a899</inline> + <inline>0x015521da657de63d02cc03dcf4a1416d16e75d627e2660358b9fb7658d1c,0x00697153844ab2917d908b756529ee8b8cf6ef7b1bab46ae7f422b57a899</inline> <curve>nist/K-233</curve> <desc>invalid order = 353</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/nist/k283.xml b/src/cz/crcs/ectester/data/invalid/nist/k283.xml index 34a794d..38e3659 100644 --- a/src/cz/crcs/ectester/data/invalid/nist/k283.xml +++ b/src/cz/crcs/ectester/data/invalid/nist/k283.xml @@ -1,499 +1,499 @@ <?xml version="1.0" encoding="UTF-8" ?> <pubkey> <id>k283/0</id> - <inline>0x00000000000000000000000000000000000000000000000000000000000000000000000,0x00000000000000000000000000000000000000000000000000000000000000000000000</inline> + <inline>0x000000000000000000000000000000000000000000000000000000000000000000000000,0x000000000000000000000000000000000000000000000000000000000000000000000000</inline> <curve>nist/K-283</curve> <desc>invalid order = 2</desc> </pubkey> <pubkey> <id>k283/1</id> - <inline>0x3520239d5711e6da0766bd315b6bab3e9b3dc861018cd18be176416633de044405f68a0,0x24dceb466657371942f5e8ee691285b54e1fd6c624592bff1ff0bf3f1d1704d4dcdb0ab</inline> + <inline>0x03520239d5711e6da0766bd315b6bab3e9b3dc861018cd18be176416633de044405f68a0,0x024dceb466657371942f5e8ee691285b54e1fd6c624592bff1ff0bf3f1d1704d4dcdb0ab</inline> <curve>nist/K-283</curve> <desc>invalid order = 3</desc> </pubkey> <pubkey> <id>k283/2</id> - <inline>0x1005789e764397c1cd351854505cfaaf02522a1eba9521581416db7e103c5cfccdc7a3c,0x72e96807a5a395fad9544c91d927dbff547cfc59ce1a79268eb98e1cba2a18760d02835</inline> + <inline>0x01005789e764397c1cd351854505cfaaf02522a1eba9521581416db7e103c5cfccdc7a3c,0x072e96807a5a395fad9544c91d927dbff547cfc59ce1a79268eb98e1cba2a18760d02835</inline> <curve>nist/K-283</curve> <desc>invalid order = 5</desc> </pubkey> <pubkey> <id>k283/3</id> - <inline>0x5db42ce8d49b94354cf83be446f6a852f13419d567bde4872954feba26ab90730b0ba7e,0x67ad7bd0a19ac54d7a18d10c3758cd82a724be53258ab486f1d04a21e9c763fa8a8a0b9</inline> + <inline>0x05db42ce8d49b94354cf83be446f6a852f13419d567bde4872954feba26ab90730b0ba7e,0x067ad7bd0a19ac54d7a18d10c3758cd82a724be53258ab486f1d04a21e9c763fa8a8a0b9</inline> <curve>nist/K-283</curve> <desc>invalid order = 7</desc> </pubkey> <pubkey> <id>k283/4</id> - <inline>0x5023aa320422183f2f5b54ec0e43077321a76cb54c4ccbb2a80433c4f5b062023bc08ea,0x7c1b1d3b352bf0ae6bc63ea9fea78511c8ded6b432ba6aca48d5be9682e7e88ea1f678e</inline> + <inline>0x05023aa320422183f2f5b54ec0e43077321a76cb54c4ccbb2a80433c4f5b062023bc08ea,0x07c1b1d3b352bf0ae6bc63ea9fea78511c8ded6b432ba6aca48d5be9682e7e88ea1f678e</inline> <curve>nist/K-283</curve> <desc>invalid order = 11</desc> </pubkey> <pubkey> <id>k283/5</id> - <inline>0x2b83282f33031ecf864d7381ad97bed0c5731c0742d4d08dcf62f9442551f0cccd23cda,0x3e3aad26816adbd0da54334a0c5e0d533442c3f50e1ef1bb6775fed51fb431cea6539b6</inline> + <inline>0x02b83282f33031ecf864d7381ad97bed0c5731c0742d4d08dcf62f9442551f0cccd23cda,0x03e3aad26816adbd0da54334a0c5e0d533442c3f50e1ef1bb6775fed51fb431cea6539b6</inline> <curve>nist/K-283</curve> <desc>invalid order = 13</desc> </pubkey> <pubkey> <id>k283/6</id> - <inline>0x69cf151b88c37ad012667207ac96126870ef533f6ade97b7e599e5187e4fe862f4852cb,0x11421965bf8fadb99d7842065ef8b534f8c4b0b2e8926b778e2db8ce18e4377ca687840</inline> + <inline>0x069cf151b88c37ad012667207ac96126870ef533f6ade97b7e599e5187e4fe862f4852cb,0x011421965bf8fadb99d7842065ef8b534f8c4b0b2e8926b778e2db8ce18e4377ca687840</inline> <curve>nist/K-283</curve> <desc>invalid order = 17</desc> </pubkey> <pubkey> <id>k283/7</id> - <inline>0x31539e2a896bdafe7667552705e3e5a3b239ddc5dfc947fdd6e156c2d647cc0cf260876,0x6511462b1f32edf3d97aba01f11edce3ac09100d6f1d88a96fdd3b9571b10642f3584e8</inline> + <inline>0x031539e2a896bdafe7667552705e3e5a3b239ddc5dfc947fdd6e156c2d647cc0cf260876,0x06511462b1f32edf3d97aba01f11edce3ac09100d6f1d88a96fdd3b9571b10642f3584e8</inline> <curve>nist/K-283</curve> <desc>invalid order = 19</desc> </pubkey> <pubkey> <id>k283/8</id> - <inline>0x2a9bca8a330b05ae93fe1d3a1765e217b0a0b1d5ac33964a56a82b0761feb0ea1e14e5d,0xac6dafc567e9deee00f46f85c99ae0e2833d85f4ae2f93da103e31bb919d9511d0bc13</inline> + <inline>0x02a9bca8a330b05ae93fe1d3a1765e217b0a0b1d5ac33964a56a82b0761feb0ea1e14e5d,0x00ac6dafc567e9deee00f46f85c99ae0e2833d85f4ae2f93da103e31bb919d9511d0bc13</inline> <curve>nist/K-283</curve> <desc>invalid order = 23</desc> </pubkey> <pubkey> <id>k283/9</id> - <inline>0x204bf246ac49a43786011ed88294ef64e81d619c2a3adab1a1d5486374297bec4f5f417,0x5047e68a57270f5d06151e5945a21a1eb5ebf7003eaa8f7cc0a73e151cac393be42555</inline> + <inline>0x0204bf246ac49a43786011ed88294ef64e81d619c2a3adab1a1d5486374297bec4f5f417,0x005047e68a57270f5d06151e5945a21a1eb5ebf7003eaa8f7cc0a73e151cac393be42555</inline> <curve>nist/K-283</curve> <desc>invalid order = 29</desc> </pubkey> <pubkey> <id>k283/10</id> - <inline>0x66a58d2c5e5f359e07b8aba0f51bf265506ad6ea9056b4960054f97d09ed804b2fd832a,0xc3a94674299e3f172c0dcdee6862564b066cbdd0d7ea8ec3a56b4a4b888645021c3dc8</inline> + <inline>0x066a58d2c5e5f359e07b8aba0f51bf265506ad6ea9056b4960054f97d09ed804b2fd832a,0x00c3a94674299e3f172c0dcdee6862564b066cbdd0d7ea8ec3a56b4a4b888645021c3dc8</inline> <curve>nist/K-283</curve> <desc>invalid order = 31</desc> </pubkey> <pubkey> <id>k283/11</id> - <inline>0x4e986c1d88aaccc3ccf9c2127c95ee94f62a3da616520d4d576d7760d6da5f73746079,0x48dcee8e0060ab212e41e7e0690716cf8f08a95da4f04ea5bff9d0a53ff1082490ea227</inline> + <inline>0x004e986c1d88aaccc3ccf9c2127c95ee94f62a3da616520d4d576d7760d6da5f73746079,0x048dcee8e0060ab212e41e7e0690716cf8f08a95da4f04ea5bff9d0a53ff1082490ea227</inline> <curve>nist/K-283</curve> <desc>invalid order = 37</desc> </pubkey> <pubkey> <id>k283/12</id> - <inline>0x1cae445b2514fed0c5de888af2bc78ca2b027afa89fdbf4369dcbb8ef72dde0a4a11e2b,0x68dadaac2b5f3f4537673f15ab60bedfad85ed572d52ea5ca442588c04f8d1381ca798c</inline> + <inline>0x01cae445b2514fed0c5de888af2bc78ca2b027afa89fdbf4369dcbb8ef72dde0a4a11e2b,0x068dadaac2b5f3f4537673f15ab60bedfad85ed572d52ea5ca442588c04f8d1381ca798c</inline> <curve>nist/K-283</curve> <desc>invalid order = 41</desc> </pubkey> <pubkey> <id>k283/13</id> - <inline>0x5f7d635e6746d7c9eea829d04d9745048695065cd511a58b8464d24a44fc5e71e1def95,0x76ca018a1e1c2a70adc6b71c0962bc0c9ea2d1547c5ca144707b69eee89568e27203b9d</inline> + <inline>0x05f7d635e6746d7c9eea829d04d9745048695065cd511a58b8464d24a44fc5e71e1def95,0x076ca018a1e1c2a70adc6b71c0962bc0c9ea2d1547c5ca144707b69eee89568e27203b9d</inline> <curve>nist/K-283</curve> <desc>invalid order = 43</desc> </pubkey> <pubkey> <id>k283/14</id> - <inline>0x75da5e02dbcf8aa297d29a864337933da2ea4878a3204b48bbb61382534df18e42e277b,0x28be753fe94b786153bb2cf39d99d003ee21854cec804c94ea80d4921ad8242459b33c9</inline> + <inline>0x075da5e02dbcf8aa297d29a864337933da2ea4878a3204b48bbb61382534df18e42e277b,0x028be753fe94b786153bb2cf39d99d003ee21854cec804c94ea80d4921ad8242459b33c9</inline> <curve>nist/K-283</curve> <desc>invalid order = 47</desc> </pubkey> <pubkey> <id>k283/15</id> - <inline>0x746ad67f584bfb0966b460415b2f759b3cc26b170701330c179112be3548d37f834e855,0x286f49938aead51f1b16340fb7e4c456d277b631258d3b23d0bc61eab287bbfc37664b</inline> + <inline>0x0746ad67f584bfb0966b460415b2f759b3cc26b170701330c179112be3548d37f834e855,0x00286f49938aead51f1b16340fb7e4c456d277b631258d3b23d0bc61eab287bbfc37664b</inline> <curve>nist/K-283</curve> <desc>invalid order = 53</desc> </pubkey> <pubkey> <id>k283/16</id> - <inline>0x40f67d68533c2e8fb935fbdb961e97da93a6b41a563d328be0f7741d0fa8bfeaf20c400,0x70bab7b93f1da2a817371cd811900e1bce63c8c45036f01a817c4cfcaecead368a39261</inline> + <inline>0x040f67d68533c2e8fb935fbdb961e97da93a6b41a563d328be0f7741d0fa8bfeaf20c400,0x070bab7b93f1da2a817371cd811900e1bce63c8c45036f01a817c4cfcaecead368a39261</inline> <curve>nist/K-283</curve> <desc>invalid order = 59</desc> </pubkey> <pubkey> <id>k283/17</id> - <inline>0x6784fd10e5f7bd7ffc70f6985286d763ea5210b7d9900d92f5f7a7924ad8323acd7b21a,0x197adb44a915cff68f134cf7195ad98ccfee67347ae69966b7e223507da0fb4c3195e4c</inline> + <inline>0x06784fd10e5f7bd7ffc70f6985286d763ea5210b7d9900d92f5f7a7924ad8323acd7b21a,0x0197adb44a915cff68f134cf7195ad98ccfee67347ae69966b7e223507da0fb4c3195e4c</inline> <curve>nist/K-283</curve> <desc>invalid order = 61</desc> </pubkey> <pubkey> <id>k283/18</id> - <inline>0x205aa25a9844d29700a7265e241c1a812f750e4f2482f2f8b26aa093e5254bc46752e77,0x2fea8b057b083bbc332067f628dc16237f01257dbd4375faff91cb699eb4fe564370c01</inline> + <inline>0x0205aa25a9844d29700a7265e241c1a812f750e4f2482f2f8b26aa093e5254bc46752e77,0x02fea8b057b083bbc332067f628dc16237f01257dbd4375faff91cb699eb4fe564370c01</inline> <curve>nist/K-283</curve> <desc>invalid order = 67</desc> </pubkey> <pubkey> <id>k283/19</id> - <inline>0x36cc5407e19b9297b0b15658592c9318b2dccdc4bbea7ea130edc793185c6b1f839d9d,0x5728bbd3ac6b74ef047fd5e4bf96e54597bb73801351e8b6a35217ea5c050cf32fe2006</inline> + <inline>0x0036cc5407e19b9297b0b15658592c9318b2dccdc4bbea7ea130edc793185c6b1f839d9d,0x05728bbd3ac6b74ef047fd5e4bf96e54597bb73801351e8b6a35217ea5c050cf32fe2006</inline> <curve>nist/K-283</curve> <desc>invalid order = 71</desc> </pubkey> <pubkey> <id>k283/20</id> - <inline>0x139a00b65d9f55e36e6b3f49130a1d3df797b225f00c5ff76d7ec0b29cebb8fc18657ef,0x1c685b02d9aab76656a57887a63b3748f11b9076450803dc777827e712dacc73e64d92a</inline> + <inline>0x0139a00b65d9f55e36e6b3f49130a1d3df797b225f00c5ff76d7ec0b29cebb8fc18657ef,0x01c685b02d9aab76656a57887a63b3748f11b9076450803dc777827e712dacc73e64d92a</inline> <curve>nist/K-283</curve> <desc>invalid order = 73</desc> </pubkey> <pubkey> <id>k283/21</id> - <inline>0x267423b3e9e222ac6375df239dc8a4ed23cc0c2dcb2643f2f695f625de1300a2a161b38,0x3604a1d43ee84b4bf941ed237a19e307bf4d8f01a12b3d15775d41cba862b66c2c17a09</inline> + <inline>0x0267423b3e9e222ac6375df239dc8a4ed23cc0c2dcb2643f2f695f625de1300a2a161b38,0x03604a1d43ee84b4bf941ed237a19e307bf4d8f01a12b3d15775d41cba862b66c2c17a09</inline> <curve>nist/K-283</curve> <desc>invalid order = 79</desc> </pubkey> <pubkey> <id>k283/22</id> - <inline>0x22c5840d8b2785fd6ab192edba8b0ad54e278d11220d349d30590407347dedead51ed36,0x59fe27815e9e9614b80cd0ca3f7e326d28ec008f7aaf71007b98be67bc269ee611e8c62</inline> + <inline>0x022c5840d8b2785fd6ab192edba8b0ad54e278d11220d349d30590407347dedead51ed36,0x059fe27815e9e9614b80cd0ca3f7e326d28ec008f7aaf71007b98be67bc269ee611e8c62</inline> <curve>nist/K-283</curve> <desc>invalid order = 83</desc> </pubkey> <pubkey> <id>k283/23</id> - <inline>0x2fcf47ff9b36efe8f592e975593fcac0822c333c6e81215303cd5d79084cd23a1121c07,0x5dbbf6ad00a100ba6d78c47858eb30f4fff4c810ac24ecdb84fc05960c4f7e2a2378732</inline> + <inline>0x02fcf47ff9b36efe8f592e975593fcac0822c333c6e81215303cd5d79084cd23a1121c07,0x05dbbf6ad00a100ba6d78c47858eb30f4fff4c810ac24ecdb84fc05960c4f7e2a2378732</inline> <curve>nist/K-283</curve> <desc>invalid order = 89</desc> </pubkey> <pubkey> <id>k283/24</id> - <inline>0x6e4252ebed88afd0b37f96e6bb745c399d5ef50eb1eb146bf565e2ca5480e5462989f04,0x1e729c375dd3a162fa76e3cb371ab753c2a154608b2a23a0e99a241a093d7330861a10</inline> + <inline>0x06e4252ebed88afd0b37f96e6bb745c399d5ef50eb1eb146bf565e2ca5480e5462989f04,0x001e729c375dd3a162fa76e3cb371ab753c2a154608b2a23a0e99a241a093d7330861a10</inline> <curve>nist/K-283</curve> <desc>invalid order = 97</desc> </pubkey> <pubkey> <id>k283/25</id> - <inline>0x215a1e2e6470a86248b313db5e95721518a91396c648ce9c9a29469f2aafe9e9a821a7f,0x61b56cf94747d65432e13c3fd1489f3616e8055e03f7981dfe6157c2f4e6f15b6909cad</inline> + <inline>0x0215a1e2e6470a86248b313db5e95721518a91396c648ce9c9a29469f2aafe9e9a821a7f,0x061b56cf94747d65432e13c3fd1489f3616e8055e03f7981dfe6157c2f4e6f15b6909cad</inline> <curve>nist/K-283</curve> <desc>invalid order = 101</desc> </pubkey> <pubkey> <id>k283/26</id> - <inline>0x1ee87fff02d953ab6ef3960153057a9b7928264cf95e0500eb03d6850c90b3f222a8c3f,0x3bc2c2b2adaeff8e8c75eb747674544af02635e2e869cedfdf1e0bab2da6bd3f3592196</inline> + <inline>0x01ee87fff02d953ab6ef3960153057a9b7928264cf95e0500eb03d6850c90b3f222a8c3f,0x03bc2c2b2adaeff8e8c75eb747674544af02635e2e869cedfdf1e0bab2da6bd3f3592196</inline> <curve>nist/K-283</curve> <desc>invalid order = 103</desc> </pubkey> <pubkey> <id>k283/27</id> - <inline>0x7e0698ded14808847196b84625619a39c7f4851413551b7ce31ec78dc2681e6da09fc52,0x4290a333d8e7535b14a3134bba5f322cde3ced0188527a73ed3722b85df6f3bca79deb3</inline> + <inline>0x07e0698ded14808847196b84625619a39c7f4851413551b7ce31ec78dc2681e6da09fc52,0x04290a333d8e7535b14a3134bba5f322cde3ced0188527a73ed3722b85df6f3bca79deb3</inline> <curve>nist/K-283</curve> <desc>invalid order = 107</desc> </pubkey> <pubkey> <id>k283/28</id> - <inline>0x2b3dd6ccb194b93ab25df65698b4b5fd9015b7f0b9839a06c07a78130d1d4b39d2296a9,0x498a7d308d06d3b82e68564ec530c440f3af854188073717ab35273044556fc90556cc5</inline> + <inline>0x02b3dd6ccb194b93ab25df65698b4b5fd9015b7f0b9839a06c07a78130d1d4b39d2296a9,0x0498a7d308d06d3b82e68564ec530c440f3af854188073717ab35273044556fc90556cc5</inline> <curve>nist/K-283</curve> <desc>invalid order = 109</desc> </pubkey> <pubkey> <id>k283/29</id> - <inline>0x3c951be5d86312d67f1bd0d39f6c34f156b438ccae509652d66c06c2d2fc9522829714a,0x613cabce8c954e5d9bc4c23e3e1f5dfbe361f19e48c227cebcb0983fde98266a79b30ca</inline> + <inline>0x03c951be5d86312d67f1bd0d39f6c34f156b438ccae509652d66c06c2d2fc9522829714a,0x0613cabce8c954e5d9bc4c23e3e1f5dfbe361f19e48c227cebcb0983fde98266a79b30ca</inline> <curve>nist/K-283</curve> <desc>invalid order = 113</desc> </pubkey> <pubkey> <id>k283/30</id> - <inline>0x1735d42a2e9ea59f48531e68f2bc0eb5cff12534860c8ef773fc9fa528bb896c24f17b4,0x5a73ee796d1f4d751f291ad7ee880952d380d64d7fe32d478734b9f2f1396e2b2d8d3e7</inline> + <inline>0x01735d42a2e9ea59f48531e68f2bc0eb5cff12534860c8ef773fc9fa528bb896c24f17b4,0x05a73ee796d1f4d751f291ad7ee880952d380d64d7fe32d478734b9f2f1396e2b2d8d3e7</inline> <curve>nist/K-283</curve> <desc>invalid order = 127</desc> </pubkey> <pubkey> <id>k283/31</id> - <inline>0x45ef742138e33bd592d5a53b00f7d61814a68e2576c518c90bb64ef12195d6516860d4f,0x3da85db791285f032ea0fefd5cb6a9a0b371f00270d108549fa7363eb8824cf6d53afa3</inline> + <inline>0x045ef742138e33bd592d5a53b00f7d61814a68e2576c518c90bb64ef12195d6516860d4f,0x03da85db791285f032ea0fefd5cb6a9a0b371f00270d108549fa7363eb8824cf6d53afa3</inline> <curve>nist/K-283</curve> <desc>invalid order = 131</desc> </pubkey> <pubkey> <id>k283/32</id> - <inline>0x38d6b2080c7e19ec8011fc1c4f0957524ea71babd3993220776a4d9a8dc7b0cca05d638,0x34190739a5065de70bfeff1b3176c75d90858ad63e6f9078f32cc97d5c2a1c0bb0be775</inline> + <inline>0x038d6b2080c7e19ec8011fc1c4f0957524ea71babd3993220776a4d9a8dc7b0cca05d638,0x034190739a5065de70bfeff1b3176c75d90858ad63e6f9078f32cc97d5c2a1c0bb0be775</inline> <curve>nist/K-283</curve> <desc>invalid order = 137</desc> </pubkey> <pubkey> <id>k283/33</id> - <inline>0x3f9a414344e88096515b6bce427f0cad2aa7d08f41cbd7d1072d939a033f2b9bdaa705f,0x55c2a28cc02b64228b59a7115f244d0ed86ef72d35e5fdb4a7e8e514746f0164326dda</inline> + <inline>0x03f9a414344e88096515b6bce427f0cad2aa7d08f41cbd7d1072d939a033f2b9bdaa705f,0x0055c2a28cc02b64228b59a7115f244d0ed86ef72d35e5fdb4a7e8e514746f0164326dda</inline> <curve>nist/K-283</curve> <desc>invalid order = 139</desc> </pubkey> <pubkey> <id>k283/34</id> - <inline>0x3866a5cf304aca769e4ba87e00491679a22dd73ebe0e831f91fa2a766ede55791ea6114,0x6d407001a2108571bbf87f0c97ee6161860f1da477f72ced58651206766a0d40d297b9a</inline> + <inline>0x03866a5cf304aca769e4ba87e00491679a22dd73ebe0e831f91fa2a766ede55791ea6114,0x06d407001a2108571bbf87f0c97ee6161860f1da477f72ced58651206766a0d40d297b9a</inline> <curve>nist/K-283</curve> <desc>invalid order = 149</desc> </pubkey> <pubkey> <id>k283/35</id> - <inline>0x15e790dce7c01d569a6a4e83c7d0b4e0b3611813edc92f329f8eb813b5a484e82ffa30a,0x728a46e00818615945625af56cd2e3eb97ca2c7b6094565a03b18197426fe3f4a335b4b</inline> + <inline>0x015e790dce7c01d569a6a4e83c7d0b4e0b3611813edc92f329f8eb813b5a484e82ffa30a,0x0728a46e00818615945625af56cd2e3eb97ca2c7b6094565a03b18197426fe3f4a335b4b</inline> <curve>nist/K-283</curve> <desc>invalid order = 151</desc> </pubkey> <pubkey> <id>k283/36</id> - <inline>0x71bb5c037fcd2cafa8f4ab94aad61cb75ae960de5c2a3742c56c86d4cf73bba4788e161,0x3aa0c2bb3e5cd30b982c4d4890763f827d63fb4f7db81c049ff9696f449434520d2361f</inline> + <inline>0x071bb5c037fcd2cafa8f4ab94aad61cb75ae960de5c2a3742c56c86d4cf73bba4788e161,0x03aa0c2bb3e5cd30b982c4d4890763f827d63fb4f7db81c049ff9696f449434520d2361f</inline> <curve>nist/K-283</curve> <desc>invalid order = 157</desc> </pubkey> <pubkey> <id>k283/37</id> - <inline>0x3d7caa3d27bbce12fc9f8cb6ede8075360b16482fe6f2449e09923b6983ea6e2010b2d1,0x126fa7e0e8ce1c8d248b99759c728031cb7ee6e757f5064a5472715bea5eaeb9c7a19a5</inline> + <inline>0x03d7caa3d27bbce12fc9f8cb6ede8075360b16482fe6f2449e09923b6983ea6e2010b2d1,0x0126fa7e0e8ce1c8d248b99759c728031cb7ee6e757f5064a5472715bea5eaeb9c7a19a5</inline> <curve>nist/K-283</curve> <desc>invalid order = 163</desc> </pubkey> <pubkey> <id>k283/38</id> - <inline>0x87dfc115b8b453ba77ec658599debf75b6f6f7436051733bf0582651f994085a9f94e1,0x54e2ad467a2f4b751fdc4dcc524ff6ea7fe6b26ba49e1760543b7f537d015c24318d77d</inline> + <inline>0x0087dfc115b8b453ba77ec658599debf75b6f6f7436051733bf0582651f994085a9f94e1,0x054e2ad467a2f4b751fdc4dcc524ff6ea7fe6b26ba49e1760543b7f537d015c24318d77d</inline> <curve>nist/K-283</curve> <desc>invalid order = 167</desc> </pubkey> <pubkey> <id>k283/39</id> - <inline>0xeba36a3ecc111c1438df4d9f39a9d64f18d0ed35401b691e0f7c29ce21bd65eb6d6e0d,0x1585df01551fdc0cfc206b0dc7490237c9e8d5548687a1a6c0b8556508bdff27b1f9927</inline> + <inline>0x00eba36a3ecc111c1438df4d9f39a9d64f18d0ed35401b691e0f7c29ce21bd65eb6d6e0d,0x01585df01551fdc0cfc206b0dc7490237c9e8d5548687a1a6c0b8556508bdff27b1f9927</inline> <curve>nist/K-283</curve> <desc>invalid order = 173</desc> </pubkey> <pubkey> <id>k283/40</id> - <inline>0xeabd41943fb772b790ebb1f22c07da6aced704b75f38b48bd84469c1a73c82c547ec31,0x13ecdeb327ee1bcf235c8e6769540b84231721daf090b6707c7949d58af96f1cfb98b8a</inline> + <inline>0x00eabd41943fb772b790ebb1f22c07da6aced704b75f38b48bd84469c1a73c82c547ec31,0x013ecdeb327ee1bcf235c8e6769540b84231721daf090b6707c7949d58af96f1cfb98b8a</inline> <curve>nist/K-283</curve> <desc>invalid order = 179</desc> </pubkey> <pubkey> <id>k283/41</id> - <inline>0x5031d17a2fdd89ca888ab817cfd7180585bfa3a68c0ce2dd149bcc79b26bbe46ad58d1c,0x3d0741ebb1cfd7134ebd26d4bd558252d91510fb3543dabaa2777b6a5283faf35a9d9ba</inline> + <inline>0x05031d17a2fdd89ca888ab817cfd7180585bfa3a68c0ce2dd149bcc79b26bbe46ad58d1c,0x03d0741ebb1cfd7134ebd26d4bd558252d91510fb3543dabaa2777b6a5283faf35a9d9ba</inline> <curve>nist/K-283</curve> <desc>invalid order = 181</desc> </pubkey> <pubkey> <id>k283/42</id> - <inline>0x33935f57cf8f2b81f6865f3f6b904d302842f23278a4a338096de30430fc6f1bbf83fb6,0x132f461c93d373f41fe985dbc5aaee79cc93bb761164244f0689eaa88dd2c3d69061ec3</inline> + <inline>0x033935f57cf8f2b81f6865f3f6b904d302842f23278a4a338096de30430fc6f1bbf83fb6,0x0132f461c93d373f41fe985dbc5aaee79cc93bb761164244f0689eaa88dd2c3d69061ec3</inline> <curve>nist/K-283</curve> <desc>invalid order = 191</desc> </pubkey> <pubkey> <id>k283/43</id> - <inline>0xdb03ca6af0780f4a2f3e11dccfbff969b2dbf8b80c7adc1abc97a0624e936eed835be8,0x38c43f05f76cb717fb5369af974da70dfa56b1748e891201ae78f0420b6f9442bf142ea</inline> + <inline>0x00db03ca6af0780f4a2f3e11dccfbff969b2dbf8b80c7adc1abc97a0624e936eed835be8,0x038c43f05f76cb717fb5369af974da70dfa56b1748e891201ae78f0420b6f9442bf142ea</inline> <curve>nist/K-283</curve> <desc>invalid order = 193</desc> </pubkey> <pubkey> <id>k283/44</id> - <inline>0x47f0e5229522fc4b7d100fd89e34969edf03e51cade01da9027469f4676615bc9a10aae,0x1ba20b98a6cca3ab4ef69af34627266f8c3846990c4c81af95a3cbef307e18f32b4235f</inline> + <inline>0x047f0e5229522fc4b7d100fd89e34969edf03e51cade01da9027469f4676615bc9a10aae,0x01ba20b98a6cca3ab4ef69af34627266f8c3846990c4c81af95a3cbef307e18f32b4235f</inline> <curve>nist/K-283</curve> <desc>invalid order = 197</desc> </pubkey> <pubkey> <id>k283/45</id> - <inline>0x34c036dd7609844a2af553432d1e6ae7e76acf264ea74cf9e3ddbe1c87e8982a837150e,0x4fa41cdcd8ca21ceb5c1def1a951798de9c9fcc6e3c9314519d8acf8a1c5dc7f48fd3a6</inline> + <inline>0x034c036dd7609844a2af553432d1e6ae7e76acf264ea74cf9e3ddbe1c87e8982a837150e,0x04fa41cdcd8ca21ceb5c1def1a951798de9c9fcc6e3c9314519d8acf8a1c5dc7f48fd3a6</inline> <curve>nist/K-283</curve> <desc>invalid order = 199</desc> </pubkey> <pubkey> <id>k283/46</id> - <inline>0x3be5716392d8d0e7f06a61ce734300152d1e6c0dfe67273a71dbb53e7372de85a411144,0xb5b4c319f77918dd4f8a6816e03432e8a4e48c2c9bc2f634453196f400cf948d8d8729</inline> + <inline>0x03be5716392d8d0e7f06a61ce734300152d1e6c0dfe67273a71dbb53e7372de85a411144,0x00b5b4c319f77918dd4f8a6816e03432e8a4e48c2c9bc2f634453196f400cf948d8d8729</inline> <curve>nist/K-283</curve> <desc>invalid order = 211</desc> </pubkey> <pubkey> <id>k283/47</id> - <inline>0x152dfcf46706d794166ae93b3243fcdea735fc0adff7c5d04a561ed72efb09bdaeb8a99,0x16bb4eafc64cefefd17799e5e95ec1a7c477d4bb6c40319c78a090ce865e6740feabe80</inline> + <inline>0x0152dfcf46706d794166ae93b3243fcdea735fc0adff7c5d04a561ed72efb09bdaeb8a99,0x016bb4eafc64cefefd17799e5e95ec1a7c477d4bb6c40319c78a090ce865e6740feabe80</inline> <curve>nist/K-283</curve> <desc>invalid order = 223</desc> </pubkey> <pubkey> <id>k283/48</id> - <inline>0x1b61d9a7ec9d5735221b2024698b395c9b514961a9950e8905156a1bd340027e8f24a0,0x30b64d5fc76e480a2e6540ead5c5b6792db5f30113f1f7648cad89cf9906db225c27c11</inline> + <inline>0x001b61d9a7ec9d5735221b2024698b395c9b514961a9950e8905156a1bd340027e8f24a0,0x030b64d5fc76e480a2e6540ead5c5b6792db5f30113f1f7648cad89cf9906db225c27c11</inline> <curve>nist/K-283</curve> <desc>invalid order = 227</desc> </pubkey> <pubkey> <id>k283/49</id> - <inline>0x9a80217581cb5a3b9a9bebfff26df4eca8dd9cb6400328056b4cc98bd4f63da2abebb5,0x2f0139f643dabae905a11f6daf19cf343ff4ffb3fbf32e9170af0074616f34822f1cca0</inline> + <inline>0x009a80217581cb5a3b9a9bebfff26df4eca8dd9cb6400328056b4cc98bd4f63da2abebb5,0x02f0139f643dabae905a11f6daf19cf343ff4ffb3fbf32e9170af0074616f34822f1cca0</inline> <curve>nist/K-283</curve> <desc>invalid order = 229</desc> </pubkey> <pubkey> <id>k283/50</id> - <inline>0x74707ed5fb2387c70bd4e6904361ed287c26da4c219e11c0e6f1aacccdf646a81ebd65e,0x13e1f4f50388e98213e585a258441876ab20597be1b09bde0164498cda65e780cec4e1f</inline> + <inline>0x074707ed5fb2387c70bd4e6904361ed287c26da4c219e11c0e6f1aacccdf646a81ebd65e,0x013e1f4f50388e98213e585a258441876ab20597be1b09bde0164498cda65e780cec4e1f</inline> <curve>nist/K-283</curve> <desc>invalid order = 233</desc> </pubkey> <pubkey> <id>k283/51</id> - <inline>0x64af07c046462a89c07e2d885807ad572a9a4fb105fa8b2568222036362a1e7b6d07cb1,0x39c1e0f266b2ad2038453afe9bbf50a79eac46a1a5b223a0182f502619c9c8b8e26f15e</inline> + <inline>0x064af07c046462a89c07e2d885807ad572a9a4fb105fa8b2568222036362a1e7b6d07cb1,0x039c1e0f266b2ad2038453afe9bbf50a79eac46a1a5b223a0182f502619c9c8b8e26f15e</inline> <curve>nist/K-283</curve> <desc>invalid order = 239</desc> </pubkey> <pubkey> <id>k283/52</id> - <inline>0x56c5dbcdde389b503d537affd651a35e51df20361438e503ddebe9cbbcc5b92bb24a898,0x58634c14ac8853a3936aebcc638a1a0c449e4f6344f45b8bdd0b34b628a61c7c24d6ed6</inline> + <inline>0x056c5dbcdde389b503d537affd651a35e51df20361438e503ddebe9cbbcc5b92bb24a898,0x058634c14ac8853a3936aebcc638a1a0c449e4f6344f45b8bdd0b34b628a61c7c24d6ed6</inline> <curve>nist/K-283</curve> <desc>invalid order = 241</desc> </pubkey> <pubkey> <id>k283/53</id> - <inline>0x5e033c49007c1200d78a43a5ac1b92a063f217d3cc5448180cd2d0abc3ed6f4d0a28c7c,0x72f2c8eb5711e3953524dbed610a7e2e474bd6cd83bb02b14dcb66ab8bfd545489f4747</inline> + <inline>0x05e033c49007c1200d78a43a5ac1b92a063f217d3cc5448180cd2d0abc3ed6f4d0a28c7c,0x072f2c8eb5711e3953524dbed610a7e2e474bd6cd83bb02b14dcb66ab8bfd545489f4747</inline> <curve>nist/K-283</curve> <desc>invalid order = 251</desc> </pubkey> <pubkey> <id>k283/54</id> - <inline>0x7756b00d6643155e6fa08055485db9dfd44bcfbffa346b563f5508681225e4076777cc2,0x4257635918005d8f622d0bef4ae4fa77c8ba31c1bd641017c96bb49d87da63148e958fc</inline> + <inline>0x07756b00d6643155e6fa08055485db9dfd44bcfbffa346b563f5508681225e4076777cc2,0x04257635918005d8f622d0bef4ae4fa77c8ba31c1bd641017c96bb49d87da63148e958fc</inline> <curve>nist/K-283</curve> <desc>invalid order = 257</desc> </pubkey> <pubkey> <id>k283/55</id> - <inline>0x69614948a5bb9f3c7c08bab2cdb789e04ff0698365f7911a15c475718d984acd1185164,0x2469f3d1e149f38fea73b08ef745f9535f0efdee4ec6875780a13324342ee291e672bd9</inline> + <inline>0x069614948a5bb9f3c7c08bab2cdb789e04ff0698365f7911a15c475718d984acd1185164,0x02469f3d1e149f38fea73b08ef745f9535f0efdee4ec6875780a13324342ee291e672bd9</inline> <curve>nist/K-283</curve> <desc>invalid order = 263</desc> </pubkey> <pubkey> <id>k283/56</id> - <inline>0x45c409e181b2702ba016ba742efc6bb26b13c167bfdf3fb8ffe388c6670aba7ea4aecde,0x47a00b60562c782e96e0d8ef77a222dd1bad984798c62508a1dbc4d584bf52aec76f5f4</inline> + <inline>0x045c409e181b2702ba016ba742efc6bb26b13c167bfdf3fb8ffe388c6670aba7ea4aecde,0x047a00b60562c782e96e0d8ef77a222dd1bad984798c62508a1dbc4d584bf52aec76f5f4</inline> <curve>nist/K-283</curve> <desc>invalid order = 269</desc> </pubkey> <pubkey> <id>k283/57</id> - <inline>0x1776fee2ffe3be472596778cdcf4f7e85040ac22422800e55198736de7baeb9e442df8a,0x7228f25bb3bad587012e84081b22e618c997bf4d670033073188eb32e508b2aabbd5394</inline> + <inline>0x01776fee2ffe3be472596778cdcf4f7e85040ac22422800e55198736de7baeb9e442df8a,0x07228f25bb3bad587012e84081b22e618c997bf4d670033073188eb32e508b2aabbd5394</inline> <curve>nist/K-283</curve> <desc>invalid order = 271</desc> </pubkey> <pubkey> <id>k283/58</id> - <inline>0x1989ab5f540f531878302e5af67be36edb3047a2fecc14209a4891df98f5f1172ce94a1,0x2d31b77182c691ada9dc13d7f8a0d6d33449aae51d1399651f11ed29e8bf8876d9601de</inline> + <inline>0x01989ab5f540f531878302e5af67be36edb3047a2fecc14209a4891df98f5f1172ce94a1,0x02d31b77182c691ada9dc13d7f8a0d6d33449aae51d1399651f11ed29e8bf8876d9601de</inline> <curve>nist/K-283</curve> <desc>invalid order = 277</desc> </pubkey> <pubkey> <id>k283/59</id> - <inline>0x2e720a463ab0d7169633d509eee85f1d01af7db38f1321611df44c289f4b30f582644ee,0x67cc0488ebe9018efeb41fbebdc78aa16273e3a374b727ef37f4ba98e0d5b22c2bf93f1</inline> + <inline>0x02e720a463ab0d7169633d509eee85f1d01af7db38f1321611df44c289f4b30f582644ee,0x067cc0488ebe9018efeb41fbebdc78aa16273e3a374b727ef37f4ba98e0d5b22c2bf93f1</inline> <curve>nist/K-283</curve> <desc>invalid order = 281</desc> </pubkey> <pubkey> <id>k283/60</id> - <inline>0x45abb40da72a6a2e1d339341cb0196714df4781ab2b6125fe57c515f57f0e87083b1563,0x25fb584e3114e09e59a3b790f0dce6d1a05fdf92184c61c08c9bc583340a222fa2ba65a</inline> + <inline>0x045abb40da72a6a2e1d339341cb0196714df4781ab2b6125fe57c515f57f0e87083b1563,0x025fb584e3114e09e59a3b790f0dce6d1a05fdf92184c61c08c9bc583340a222fa2ba65a</inline> <curve>nist/K-283</curve> <desc>invalid order = 283</desc> </pubkey> <pubkey> <id>k283/61</id> - <inline>0x18d1a29ee3b45e46ce2123716e8eac99a72d3f82265c62fb3475c1dba95c084e4d2cf70,0x4bbc68c393af4338ec9789ad0ee42698ebf77f917bcfd54d36f37e717e77665e2e58377</inline> + <inline>0x018d1a29ee3b45e46ce2123716e8eac99a72d3f82265c62fb3475c1dba95c084e4d2cf70,0x04bbc68c393af4338ec9789ad0ee42698ebf77f917bcfd54d36f37e717e77665e2e58377</inline> <curve>nist/K-283</curve> <desc>invalid order = 293</desc> </pubkey> <pubkey> <id>k283/62</id> - <inline>0x7a20cc4cb733b1517db885aae0c6b727a0bb48287621e28a86cbcb662b95d878576cb08,0x6beb9ed1b77020083c106e83bd8c4a583922066a9ed2c3701097d37154062b8069e6535</inline> + <inline>0x07a20cc4cb733b1517db885aae0c6b727a0bb48287621e28a86cbcb662b95d878576cb08,0x06beb9ed1b77020083c106e83bd8c4a583922066a9ed2c3701097d37154062b8069e6535</inline> <curve>nist/K-283</curve> <desc>invalid order = 307</desc> </pubkey> <pubkey> <id>k283/63</id> - <inline>0x6e09c1e09d707ae19515d9740511055a31a4cb81ab76fb3700ace52b0f4eb9a582ecec,0x5eaa33f749f96a24642b9d1a4aa4c72bd586524bf9f38c0b7eebcd7cc7ae9ca472b8b25</inline> + <inline>0x006e09c1e09d707ae19515d9740511055a31a4cb81ab76fb3700ace52b0f4eb9a582ecec,0x05eaa33f749f96a24642b9d1a4aa4c72bd586524bf9f38c0b7eebcd7cc7ae9ca472b8b25</inline> <curve>nist/K-283</curve> <desc>invalid order = 311</desc> </pubkey> <pubkey> <id>k283/64</id> - <inline>0x7776474e70c432a4ea47d2c467f4f1dabefbcd72f2f29a69f89e58de40f38ae4c7be1c6,0x4fc23f823175c19f193c1451989a50a1d4809ee5eb92a889f7e994073336e35c7314a09</inline> + <inline>0x07776474e70c432a4ea47d2c467f4f1dabefbcd72f2f29a69f89e58de40f38ae4c7be1c6,0x04fc23f823175c19f193c1451989a50a1d4809ee5eb92a889f7e994073336e35c7314a09</inline> <curve>nist/K-283</curve> <desc>invalid order = 313</desc> </pubkey> <pubkey> <id>k283/65</id> - <inline>0x7f593e5ac6260073a5e437247a787d6f0c0b85a0ec56333677132142b287668aab1d379,0x15ee4c48f9bb3dd25051715366175915a303755a977c6e4efc1af3c81d59c784d75dc5a</inline> + <inline>0x07f593e5ac6260073a5e437247a787d6f0c0b85a0ec56333677132142b287668aab1d379,0x015ee4c48f9bb3dd25051715366175915a303755a977c6e4efc1af3c81d59c784d75dc5a</inline> <curve>nist/K-283</curve> <desc>invalid order = 317</desc> </pubkey> <pubkey> <id>k283/66</id> - <inline>0x7f8798f7767ff59143d2d4ab30244ac831edef69be00c2b565a561d7f78ace112bb9230,0x2e451e724182b7d0d7868ba28db451f4f31eaccc4a88528f37652eb2a882bd519d9178f</inline> + <inline>0x07f8798f7767ff59143d2d4ab30244ac831edef69be00c2b565a561d7f78ace112bb9230,0x02e451e724182b7d0d7868ba28db451f4f31eaccc4a88528f37652eb2a882bd519d9178f</inline> <curve>nist/K-283</curve> <desc>invalid order = 331</desc> </pubkey> <pubkey> <id>k283/67</id> - <inline>0xef234ba82ae60338ad03aad81346e5a9b32fe948f419955104fb10d2a77c2e6c3d2bce,0x53de1b2f1c223efe0a55df95bf3466247208414febb5819e08251a59946688dc8a6675b</inline> + <inline>0x00ef234ba82ae60338ad03aad81346e5a9b32fe948f419955104fb10d2a77c2e6c3d2bce,0x053de1b2f1c223efe0a55df95bf3466247208414febb5819e08251a59946688dc8a6675b</inline> <curve>nist/K-283</curve> <desc>invalid order = 337</desc> </pubkey> <pubkey> <id>k283/68</id> - <inline>0x21f71e6831b0bcbbc608eba8a9e910ef9866712389cb94a11b6b9e90e8368fc8c5c42a4,0x7651bec0bfaf5a5d6f8b17f3c6b50ab27df6490465bad17b561a11d16ec650bf63e3219</inline> + <inline>0x021f71e6831b0bcbbc608eba8a9e910ef9866712389cb94a11b6b9e90e8368fc8c5c42a4,0x07651bec0bfaf5a5d6f8b17f3c6b50ab27df6490465bad17b561a11d16ec650bf63e3219</inline> <curve>nist/K-283</curve> <desc>invalid order = 347</desc> </pubkey> <pubkey> <id>k283/69</id> - <inline>0x73e9492a7dba813e205c5aa01ac963b66d429626af949657a9fb6b6f7ddde8e941fa9e9,0x3acef3843cb0fdc18414707cff0fe4cccf5925bd2e5390aa997f4745e510753ac7bbdcf</inline> + <inline>0x073e9492a7dba813e205c5aa01ac963b66d429626af949657a9fb6b6f7ddde8e941fa9e9,0x03acef3843cb0fdc18414707cff0fe4cccf5925bd2e5390aa997f4745e510753ac7bbdcf</inline> <curve>nist/K-283</curve> <desc>invalid order = 349</desc> </pubkey> <pubkey> <id>k283/70</id> - <inline>0x6a20dff7cd6caccb1fd3d0ba39eb85ce93463379c8729d00230d39a09c656c4e3602a24,0x6bd2968f953b8558e192449c0ab9fbc8af0e79219ad68a1a01c2575af93fc33e3a2ed8</inline> + <inline>0x06a20dff7cd6caccb1fd3d0ba39eb85ce93463379c8729d00230d39a09c656c4e3602a24,0x006bd2968f953b8558e192449c0ab9fbc8af0e79219ad68a1a01c2575af93fc33e3a2ed8</inline> <curve>nist/K-283</curve> <desc>invalid order = 353</desc> </pubkey> <pubkey> <id>k283/71</id> - <inline>0x529d961d987f3646b94dc65cb569f7318cf16ee1e070d833dec3baca88f2c173fd2a5f3,0x4d6cfe4a9bae00eadca759010fd58c6e9641e57831b12f79490620cd6b577b3aa68ef</inline> + <inline>0x0529d961d987f3646b94dc65cb569f7318cf16ee1e070d833dec3baca88f2c173fd2a5f3,0x0004d6cfe4a9bae00eadca759010fd58c6e9641e57831b12f79490620cd6b577b3aa68ef</inline> <curve>nist/K-283</curve> <desc>invalid order = 359</desc> </pubkey> <pubkey> <id>k283/72</id> - <inline>0x49680beed139a9bbe22b9f94f6616661a1af69b64e3bdb94b4647ec4c4b5aa21a1f8267,0x61e6f12374a4e23ccdfb871e80c3cc3323a8e3c61362639cd4bd0c0b1ce0f34afe1f52f</inline> + <inline>0x049680beed139a9bbe22b9f94f6616661a1af69b64e3bdb94b4647ec4c4b5aa21a1f8267,0x061e6f12374a4e23ccdfb871e80c3cc3323a8e3c61362639cd4bd0c0b1ce0f34afe1f52f</inline> <curve>nist/K-283</curve> <desc>invalid order = 367</desc> </pubkey> <pubkey> <id>k283/73</id> - <inline>0x35a8d86570b0d875aac35da377cc81dc353d5b374876487d0aff8985e8a78d42e29e1ad,0x28825e8a703adef5db340cdb05c4a9efe1d905c30984b32eb9e516691c260c2aa741e1b</inline> + <inline>0x035a8d86570b0d875aac35da377cc81dc353d5b374876487d0aff8985e8a78d42e29e1ad,0x028825e8a703adef5db340cdb05c4a9efe1d905c30984b32eb9e516691c260c2aa741e1b</inline> <curve>nist/K-283</curve> <desc>invalid order = 373</desc> </pubkey> <pubkey> <id>k283/74</id> - <inline>0x503d7f311405772516b2249a62227da0f153ff0a674342448cc072a7415c9d26a147177,0xb4977d7814592a3ada046ec12c1b746caa943d01da276c2b1e971ba2d95d68814bd368</inline> + <inline>0x0503d7f311405772516b2249a62227da0f153ff0a674342448cc072a7415c9d26a147177,0x00b4977d7814592a3ada046ec12c1b746caa943d01da276c2b1e971ba2d95d68814bd368</inline> <curve>nist/K-283</curve> <desc>invalid order = 379</desc> </pubkey> <pubkey> <id>k283/75</id> - <inline>0x28e92f2d80c749260fb98b06407e49658da4c610305b198b39d14481c62684b36d10681,0x13623a6fcc41ca22b9158bfd4b850612569ac0b85ce39fbb584c3499b4ab4308c157b9f</inline> + <inline>0x028e92f2d80c749260fb98b06407e49658da4c610305b198b39d14481c62684b36d10681,0x013623a6fcc41ca22b9158bfd4b850612569ac0b85ce39fbb584c3499b4ab4308c157b9f</inline> <curve>nist/K-283</curve> <desc>invalid order = 383</desc> </pubkey> <pubkey> <id>k283/76</id> - <inline>0x5c443b6c6d1552c8fd4974be4d85c89129b5f546d7910df96e2421bdfefa37e15a725e4,0x71ed0290df854c4e90e06dad658ec95450e94d25e284555f783d21b151b8128c01a6644</inline> + <inline>0x05c443b6c6d1552c8fd4974be4d85c89129b5f546d7910df96e2421bdfefa37e15a725e4,0x071ed0290df854c4e90e06dad658ec95450e94d25e284555f783d21b151b8128c01a6644</inline> <curve>nist/K-283</curve> <desc>invalid order = 389</desc> </pubkey> <pubkey> <id>k283/77</id> - <inline>0x4cf6f337eda2408d0af8b6577839ad988a4f112ed89052a00172bccd8585313a871efe0,0xd38f0db3a4adf6c7bd80bfde00f786503045f96904e86838d333e60912f757b4371933</inline> + <inline>0x04cf6f337eda2408d0af8b6577839ad988a4f112ed89052a00172bccd8585313a871efe0,0x00d38f0db3a4adf6c7bd80bfde00f786503045f96904e86838d333e60912f757b4371933</inline> <curve>nist/K-283</curve> <desc>invalid order = 397</desc> </pubkey> <pubkey> <id>k283/78</id> - <inline>0x61c9f66679bfa8dc01503e2c6b8e0cdbda6046a9ab761aa0de82e114f6181419f71cc63,0x555862ec4ace16a89e0f0a368034475d71c170524e7fc45736240df596eeb4d200258a1</inline> + <inline>0x061c9f66679bfa8dc01503e2c6b8e0cdbda6046a9ab761aa0de82e114f6181419f71cc63,0x0555862ec4ace16a89e0f0a368034475d71c170524e7fc45736240df596eeb4d200258a1</inline> <curve>nist/K-283</curve> <desc>invalid order = 401</desc> </pubkey> <pubkey> <id>k283/79</id> - <inline>0x26e9cae9cf92172ce5a8b144a45b608b71e94b4c2e36ef4153eac64f2186cfcdb31473b,0x71179370a5607981e5c77ef487f363d785f2175b0665357f9d53063222236f30dff7cc</inline> + <inline>0x026e9cae9cf92172ce5a8b144a45b608b71e94b4c2e36ef4153eac64f2186cfcdb31473b,0x0071179370a5607981e5c77ef487f363d785f2175b0665357f9d53063222236f30dff7cc</inline> <curve>nist/K-283</curve> <desc>invalid order = 409</desc> </pubkey> <pubkey> <id>k283/80</id> - <inline>0x225b65c4e10b8c08732d190d36c4b81f3256c4638d08e43b5d40487f9993934a3ad77cd,0x7db18e8af40291d4f8d370c5356e7ea5a64d445177338a0fb025f0c0b23dac1af163fc6</inline> + <inline>0x0225b65c4e10b8c08732d190d36c4b81f3256c4638d08e43b5d40487f9993934a3ad77cd,0x07db18e8af40291d4f8d370c5356e7ea5a64d445177338a0fb025f0c0b23dac1af163fc6</inline> <curve>nist/K-283</curve> <desc>invalid order = 419</desc> </pubkey> <pubkey> <id>k283/81</id> - <inline>0x7d9621f70c83c44f37753a6fecd9117be6114c04a6cabf4eae3ab2660d17db7869687b8,0xe0f5221d994f3cedcb6c1fabdeaff6e02a34ab5a9ba93380bf570e013e3e51227ddf3c</inline> + <inline>0x07d9621f70c83c44f37753a6fecd9117be6114c04a6cabf4eae3ab2660d17db7869687b8,0x00e0f5221d994f3cedcb6c1fabdeaff6e02a34ab5a9ba93380bf570e013e3e51227ddf3c</inline> <curve>nist/K-283</curve> <desc>invalid order = 421</desc> </pubkey> <pubkey> <id>k283/82</id> - <inline>0x43a92779e79981073bbcf449ff68180fdd4cb491a6731de2a2dd285f232617863336847,0x500f0252d5def9185311e8f7655a38645fb5aa241b78b3871b9feafff5c68f8bf2f83e7</inline> + <inline>0x043a92779e79981073bbcf449ff68180fdd4cb491a6731de2a2dd285f232617863336847,0x0500f0252d5def9185311e8f7655a38645fb5aa241b78b3871b9feafff5c68f8bf2f83e7</inline> <curve>nist/K-283</curve> <desc>invalid order = 431</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp112r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp112r1.xml index b326bc5..c93b236 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/secp112r1.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/secp112r1.xml @@ -67,7 +67,7 @@ </pubkey> <pubkey> <id>secp112r1/11</id> - <inline>0x8b3adbcdcdb18c2cbf0cf9c6b781,0xe60359cd04af6683496efada8dc</inline> + <inline>0x8b3adbcdcdb18c2cbf0cf9c6b781,0x0e60359cd04af6683496efada8dc</inline> <curve>secg/secp112r1</curve> <desc>invalid order = 37</desc> </pubkey> @@ -91,7 +91,7 @@ </pubkey> <pubkey> <id>secp112r1/15</id> - <inline>0x3f5b2a97e4f7d4f73b5771e9d72,0x7be7bdfe3e6d7de20145e0fab394</inline> + <inline>0x03f5b2a97e4f7d4f73b5771e9d72,0x7be7bdfe3e6d7de20145e0fab394</inline> <curve>secg/secp112r1</curve> <desc>invalid order = 53</desc> </pubkey> @@ -121,7 +121,7 @@ </pubkey> <pubkey> <id>secp112r1/20</id> - <inline>0x1723919870a0d80077d9a1e450cb,0x428173a0d15ea25f5a6cfdfc97b</inline> + <inline>0x1723919870a0d80077d9a1e450cb,0x0428173a0d15ea25f5a6cfdfc97b</inline> <curve>secg/secp112r1</curve> <desc>invalid order = 73</desc> </pubkey> @@ -151,7 +151,7 @@ </pubkey> <pubkey> <id>secp112r1/25</id> - <inline>0x34c5f199ba83347d9a8b10f59bf3,0x964245d35298161bd23ff7d6446</inline> + <inline>0x34c5f199ba83347d9a8b10f59bf3,0x0964245d35298161bd23ff7d6446</inline> <curve>secg/secp112r1</curve> <desc>invalid order = 101</desc> </pubkey> @@ -175,7 +175,7 @@ </pubkey> <pubkey> <id>secp112r1/29</id> - <inline>0x566dc7a41511b7c2d47d7ec8f7e6,0xe7ab43ef12082342a02a78555cd</inline> + <inline>0x566dc7a41511b7c2d47d7ec8f7e6,0x0e7ab43ef12082342a02a78555cd</inline> <curve>secg/secp112r1</curve> <desc>invalid order = 113</desc> </pubkey> @@ -187,7 +187,7 @@ </pubkey> <pubkey> <id>secp112r1/31</id> - <inline>0xf821a24ffb775fafc53bbd61542,0x198812c3fb415ada5310065b2741</inline> + <inline>0x0f821a24ffb775fafc53bbd61542,0x198812c3fb415ada5310065b2741</inline> <curve>secg/secp112r1</curve> <desc>invalid order = 131</desc> </pubkey> @@ -223,7 +223,7 @@ </pubkey> <pubkey> <id>secp112r1/37</id> - <inline>0x1d7750f2e60a9a24916bd0c4334,0x11c38ae3984a3a1188f2b84ff483</inline> + <inline>0x01d7750f2e60a9a24916bd0c4334,0x11c38ae3984a3a1188f2b84ff483</inline> <curve>secg/secp112r1</curve> <desc>invalid order = 163</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp112r2.xml b/src/cz/crcs/ectester/data/invalid/secg/secp112r2.xml index 78e84b2..49f869a 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/secp112r2.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/secp112r2.xml @@ -19,7 +19,7 @@ </pubkey> <pubkey> <id>secp112r2/3</id> - <inline>0x4d927ecb2f7087ea26fa0e59ccc,0xb1dec25114c1755c063c03dbe1cc</inline> + <inline>0x04d927ecb2f7087ea26fa0e59ccc,0xb1dec25114c1755c063c03dbe1cc</inline> <curve>secg/secp112r2</curve> <desc>invalid order = 7</desc> </pubkey> @@ -37,13 +37,13 @@ </pubkey> <pubkey> <id>secp112r2/6</id> - <inline>0x3b7c03b728345d173f6c865c7c2,0x3243914c4944301261ae61b17801</inline> + <inline>0x03b7c03b728345d173f6c865c7c2,0x3243914c4944301261ae61b17801</inline> <curve>secg/secp112r2</curve> <desc>invalid order = 17</desc> </pubkey> <pubkey> <id>secp112r2/7</id> - <inline>0xd857dd6ac32e4249d082c706a95,0x482c8af26f0ede2b945f24787152</inline> + <inline>0x0d857dd6ac32e4249d082c706a95,0x482c8af26f0ede2b945f24787152</inline> <curve>secg/secp112r2</curve> <desc>invalid order = 19</desc> </pubkey> @@ -229,7 +229,7 @@ </pubkey> <pubkey> <id>secp112r2/38</id> - <inline>0x79352d8c9aaca8602bdc2bcdd784,0xb3f20709e4f2953af0b9e86a94f</inline> + <inline>0x79352d8c9aaca8602bdc2bcdd784,0x0b3f20709e4f2953af0b9e86a94f</inline> <curve>secg/secp112r2</curve> <desc>invalid order = 167</desc> </pubkey> @@ -241,7 +241,7 @@ </pubkey> <pubkey> <id>secp112r2/40</id> - <inline>0x9910c45778f1efa1c9f3154d44a,0xc5393764eb6184d869ad9677fb1d</inline> + <inline>0x09910c45778f1efa1c9f3154d44a,0xc5393764eb6184d869ad9677fb1d</inline> <curve>secg/secp112r2</curve> <desc>invalid order = 179</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp128r2.xml b/src/cz/crcs/ectester/data/invalid/secg/secp128r2.xml index 11fc0d8..1bf0e19 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/secp128r2.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/secp128r2.xml @@ -37,7 +37,7 @@ </pubkey> <pubkey> <id>secp128r2/6</id> - <inline>0x31122c136cdb52adb5d38ca620a6d1a,0x49a0430f0c465c8cca890f1cb3d57c40</inline> + <inline>0x031122c136cdb52adb5d38ca620a6d1a,0x49a0430f0c465c8cca890f1cb3d57c40</inline> <curve>secg/secp128r2</curve> <desc>invalid order = 17</desc> </pubkey> @@ -103,7 +103,7 @@ </pubkey> <pubkey> <id>secp128r2/17</id> - <inline>0xf8d91c30849157dd24629c59c6912e2,0x9ffa7b719eea1b279dd5681fe454eb05</inline> + <inline>0x0f8d91c30849157dd24629c59c6912e2,0x9ffa7b719eea1b279dd5681fe454eb05</inline> <curve>secg/secp128r2</curve> <desc>invalid order = 61</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp160r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp160r1.xml index 83271f0..c0ac9f5 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/secp160r1.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/secp160r1.xml @@ -31,7 +31,7 @@ </pubkey> <pubkey> <id>secp160r1/5</id> - <inline>0x92e841552d45365c8105205fe5597874f482d79,0x14c61971092c78ffc9d5e121a495f9d42d52af51</inline> + <inline>0x092e841552d45365c8105205fe5597874f482d79,0x14c61971092c78ffc9d5e121a495f9d42d52af51</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 13</desc> </pubkey> @@ -43,13 +43,13 @@ </pubkey> <pubkey> <id>secp160r1/7</id> - <inline>0x21bf7455ca142c7c6a59c24cffe65b6aa6dc42cb,0x972dc2bba67209a47ce309c86862688e31bdf5f</inline> + <inline>0x21bf7455ca142c7c6a59c24cffe65b6aa6dc42cb,0x0972dc2bba67209a47ce309c86862688e31bdf5f</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 19</desc> </pubkey> <pubkey> <id>secp160r1/8</id> - <inline>0x2d69e72509b72192f75091bd3dcd412713c881a6,0x8d04b92d51d65f1103031fd951ad5f70d8986e0</inline> + <inline>0x2d69e72509b72192f75091bd3dcd412713c881a6,0x08d04b92d51d65f1103031fd951ad5f70d8986e0</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 23</desc> </pubkey> @@ -103,7 +103,7 @@ </pubkey> <pubkey> <id>secp160r1/17</id> - <inline>0xd0960a7a153fc358e86f6044681a05ba8bc9f431,0x430225547258f8fec4a8b453cfc393e97e70b40</inline> + <inline>0xd0960a7a153fc358e86f6044681a05ba8bc9f431,0x0430225547258f8fec4a8b453cfc393e97e70b40</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 61</desc> </pubkey> @@ -133,7 +133,7 @@ </pubkey> <pubkey> <id>secp160r1/22</id> - <inline>0xae6ae7fcc5ed7a0fdf86f6bf1e57aa311fd6e3a,0x47fab4fc9498882999fbfc3c5530ddda857878d4</inline> + <inline>0x0ae6ae7fcc5ed7a0fdf86f6bf1e57aa311fd6e3a,0x47fab4fc9498882999fbfc3c5530ddda857878d4</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 83</desc> </pubkey> @@ -181,7 +181,7 @@ </pubkey> <pubkey> <id>secp160r1/30</id> - <inline>0x8c891d78027199b1c628ba92dae118c48dc2a02e,0xc24f0183bbf72703763b8fbc8e02a93e3ec6643</inline> + <inline>0x8c891d78027199b1c628ba92dae118c48dc2a02e,0x0c24f0183bbf72703763b8fbc8e02a93e3ec6643</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 127</desc> </pubkey> @@ -223,7 +223,7 @@ </pubkey> <pubkey> <id>secp160r1/37</id> - <inline>0x96c29a0df5b40c161811e4d7daa72e1ea918e2b0,0x155b8b6ec7a647840d02bd45fea9dc765e5b5fe</inline> + <inline>0x96c29a0df5b40c161811e4d7daa72e1ea918e2b0,0x0155b8b6ec7a647840d02bd45fea9dc765e5b5fe</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 163</desc> </pubkey> @@ -235,7 +235,7 @@ </pubkey> <pubkey> <id>secp160r1/39</id> - <inline>0x2d8edbf75cb446acf73461f4342c598d9f21d7c,0xeda4148d6daae6cebaf4adf03a65eef569a76baa</inline> + <inline>0x02d8edbf75cb446acf73461f4342c598d9f21d7c,0xeda4148d6daae6cebaf4adf03a65eef569a76baa</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 173</desc> </pubkey> @@ -265,7 +265,7 @@ </pubkey> <pubkey> <id>secp160r1/44</id> - <inline>0x9332eb605bcbfc193da360069c2e4ecb8309008,0xf3a2c4839f590128ef53ef58fb59edfbd823571a</inline> + <inline>0x09332eb605bcbfc193da360069c2e4ecb8309008,0xf3a2c4839f590128ef53ef58fb59edfbd823571a</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 197</desc> </pubkey> @@ -301,7 +301,7 @@ </pubkey> <pubkey> <id>secp160r1/50</id> - <inline>0x947ede3f9f0a8bc262e5c07e30d65665e5b844b6,0x395d63bb0ff9de9cb0feabc0fe1dd6dca4b8571</inline> + <inline>0x947ede3f9f0a8bc262e5c07e30d65665e5b844b6,0x0395d63bb0ff9de9cb0feabc0fe1dd6dca4b8571</inline> <curve>secg/secp160r1</curve> <desc>invalid order = 233</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp160r2.xml b/src/cz/crcs/ectester/data/invalid/secg/secp160r2.xml index 21fa51b..5a0afdc 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/secp160r2.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/secp160r2.xml @@ -31,7 +31,7 @@ </pubkey> <pubkey> <id>secp160r2/5</id> - <inline>0x1e7216915613480077c0381287be4904291915a3,0xa958ec774c031e88ac21bb297700c2444e385ab</inline> + <inline>0x1e7216915613480077c0381287be4904291915a3,0x0a958ec774c031e88ac21bb297700c2444e385ab</inline> <curve>secg/secp160r2</curve> <desc>invalid order = 13</desc> </pubkey> @@ -55,7 +55,7 @@ </pubkey> <pubkey> <id>secp160r2/9</id> - <inline>0xe04b0d49bd17dd1fcda82f78f150ad787c2256f8,0x472c3237c80ff56199f3e5b88c939546a41899a</inline> + <inline>0xe04b0d49bd17dd1fcda82f78f150ad787c2256f8,0x0472c3237c80ff56199f3e5b88c939546a41899a</inline> <curve>secg/secp160r2</curve> <desc>invalid order = 29</desc> </pubkey> @@ -127,7 +127,7 @@ </pubkey> <pubkey> <id>secp160r2/21</id> - <inline>0xdb7f0d2d8aecb1f0878aa4b189325d9585b6d41e,0xc774a4effc83552d7429142c26f1edd56d4e3cd</inline> + <inline>0xdb7f0d2d8aecb1f0878aa4b189325d9585b6d41e,0x0c774a4effc83552d7429142c26f1edd56d4e3cd</inline> <curve>secg/secp160r2</curve> <desc>invalid order = 79</desc> </pubkey> @@ -145,7 +145,7 @@ </pubkey> <pubkey> <id>secp160r2/24</id> - <inline>0x1bced2defc53496b0d5df32f2eeea5223e26743d,0x891db7d17f24bab45f7f9cde87cb7ca496a941</inline> + <inline>0x1bced2defc53496b0d5df32f2eeea5223e26743d,0x00891db7d17f24bab45f7f9cde87cb7ca496a941</inline> <curve>secg/secp160r2</curve> <desc>invalid order = 97</desc> </pubkey> @@ -175,7 +175,7 @@ </pubkey> <pubkey> <id>secp160r2/29</id> - <inline>0x4d9cd970c3c6d9d95569f6992f55b133eed6d2e,0x22f743b5121876787d91519d3571014a974b5bbc</inline> + <inline>0x04d9cd970c3c6d9d95569f6992f55b133eed6d2e,0x22f743b5121876787d91519d3571014a974b5bbc</inline> <curve>secg/secp160r2</curve> <desc>invalid order = 113</desc> </pubkey> @@ -199,7 +199,7 @@ </pubkey> <pubkey> <id>secp160r2/33</id> - <inline>0x9f34f052e51242db1e02eacdef0368407e7ed6a,0x2357e99d4b1c4317c5897d8f4b49b8d4ac538c80</inline> + <inline>0x09f34f052e51242db1e02eacdef0368407e7ed6a,0x2357e99d4b1c4317c5897d8f4b49b8d4ac538c80</inline> <curve>secg/secp160r2</curve> <desc>invalid order = 139</desc> </pubkey> @@ -223,7 +223,7 @@ </pubkey> <pubkey> <id>secp160r2/37</id> - <inline>0x3c54495ae78d30eeba044e74b4a16a1b2e346dd,0x4bef711b01e38128af6acbaf06944aafc5942a61</inline> + <inline>0x03c54495ae78d30eeba044e74b4a16a1b2e346dd,0x4bef711b01e38128af6acbaf06944aafc5942a61</inline> <curve>secg/secp160r2</curve> <desc>invalid order = 163</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp192r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp192r1.xml index feff091..6ecf018 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/secp192r1.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/secp192r1.xml @@ -31,7 +31,7 @@ </pubkey> <pubkey> <id>secp192r1/5</id> - <inline>0x7ff851e2e594729c4d826ecd4e5c0a5647151cda6a3498ae,0xfccd1ad5544abe3dbe1ddc50d497e13a5ae5c33e898ae38</inline> + <inline>0x7ff851e2e594729c4d826ecd4e5c0a5647151cda6a3498ae,0x0fccd1ad5544abe3dbe1ddc50d497e13a5ae5c33e898ae38</inline> <curve>secg/secp192r1</curve> <desc>invalid order = 13</desc> </pubkey> @@ -127,7 +127,7 @@ </pubkey> <pubkey> <id>secp192r1/21</id> - <inline>0x870c9a3146fa0ce54f033214490c0bb5b3d856e719320a3e,0xc444ac22b325d17d52537399257f169d5f157edfb5c9c46</inline> + <inline>0x870c9a3146fa0ce54f033214490c0bb5b3d856e719320a3e,0x0c444ac22b325d17d52537399257f169d5f157edfb5c9c46</inline> <curve>secg/secp192r1</curve> <desc>invalid order = 79</desc> </pubkey> @@ -145,7 +145,7 @@ </pubkey> <pubkey> <id>secp192r1/24</id> - <inline>0x81c41c99457f44f65913ab53dd2518e082a52d3826d2dda9,0xb54f5a2d43f127ea0ce8824fc0da310f28d2be55b872424</inline> + <inline>0x81c41c99457f44f65913ab53dd2518e082a52d3826d2dda9,0x0b54f5a2d43f127ea0ce8824fc0da310f28d2be55b872424</inline> <curve>secg/secp192r1</curve> <desc>invalid order = 97</desc> </pubkey> @@ -307,7 +307,7 @@ </pubkey> <pubkey> <id>secp192r1/51</id> - <inline>0xf477da92061d0495d772c5f23710493cc64f26cc1837b218,0xff7dc6300eaaf184d5bb6f41c72f851364f9bac01d60bf9</inline> + <inline>0xf477da92061d0495d772c5f23710493cc64f26cc1837b218,0x0ff7dc6300eaaf184d5bb6f41c72f851364f9bac01d60bf9</inline> <curve>secg/secp192r1</curve> <desc>invalid order = 239</desc> </pubkey> @@ -325,7 +325,7 @@ </pubkey> <pubkey> <id>secp192r1/54</id> - <inline>0x7f328cb98d777490d0694a4b00fe401c016a92bee0d301d,0x1f9d23be48389e174fbd388e749a53a5d5877ca32818603b</inline> + <inline>0x07f328cb98d777490d0694a4b00fe401c016a92bee0d301d,0x1f9d23be48389e174fbd388e749a53a5d5877ca32818603b</inline> <curve>secg/secp192r1</curve> <desc>invalid order = 257</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp224r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp224r1.xml index c25d79b..9ce561d 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/secp224r1.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/secp224r1.xml @@ -13,7 +13,7 @@ </pubkey> <pubkey> <id>secp224r1/2</id> - <inline>0x4ac5b04b59265bc031c6663c3a2bd5d9d978ea4348f38594ba102b42,0x1bad806f66ba85b636a5fe8ae202af25763792b7a65efb29bc724b3</inline> + <inline>0x4ac5b04b59265bc031c6663c3a2bd5d9d978ea4348f38594ba102b42,0x01bad806f66ba85b636a5fe8ae202af25763792b7a65efb29bc724b3</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 5</desc> </pubkey> @@ -43,13 +43,13 @@ </pubkey> <pubkey> <id>secp224r1/7</id> - <inline>0x824e1f1f1eac192e59b334ba5b3186192d45dc609026906665a9301,0x50cc932ab26b523635a38066c547fe008d694cf898eb342165d21f98</inline> + <inline>0x0824e1f1f1eac192e59b334ba5b3186192d45dc609026906665a9301,0x50cc932ab26b523635a38066c547fe008d694cf898eb342165d21f98</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 19</desc> </pubkey> <pubkey> <id>secp224r1/8</id> - <inline>0x406a44b18f68c1477569eb78bf730cef74109de101f8a114e6819990,0x58f1c0bfefa5a5a5d1399249b4ee4ca857a3567cfd974d661905fd6</inline> + <inline>0x406a44b18f68c1477569eb78bf730cef74109de101f8a114e6819990,0x058f1c0bfefa5a5a5d1399249b4ee4ca857a3567cfd974d661905fd6</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 23</desc> </pubkey> @@ -127,7 +127,7 @@ </pubkey> <pubkey> <id>secp224r1/21</id> - <inline>0x45367d8d7c681d35ceab3f15380a33fd10174e6ff1e88cebf2133635,0x112cbec1609557cd62280f32c027f1414bd8b1c89b24d74d809351f</inline> + <inline>0x45367d8d7c681d35ceab3f15380a33fd10174e6ff1e88cebf2133635,0x0112cbec1609557cd62280f32c027f1414bd8b1c89b24d74d809351f</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 79</desc> </pubkey> @@ -145,7 +145,7 @@ </pubkey> <pubkey> <id>secp224r1/24</id> - <inline>0xd738337ead10988ce050d4c0ad7a9ac329bea7a1bd9baa698cdbeba,0xf4b661264be680c8b732f61d016a4ff6ac1c8240a01f70cfadfba0c2</inline> + <inline>0x0d738337ead10988ce050d4c0ad7a9ac329bea7a1bd9baa698cdbeba,0xf4b661264be680c8b732f61d016a4ff6ac1c8240a01f70cfadfba0c2</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 97</desc> </pubkey> @@ -175,7 +175,7 @@ </pubkey> <pubkey> <id>secp224r1/29</id> - <inline>0xc73a93624d3b93c8687806a7715a0425dddd69d420eb0beaca6493bc,0x70b627906ae4bb34d3c803bcc23a838129b77f38cf0469d1ebee278</inline> + <inline>0xc73a93624d3b93c8687806a7715a0425dddd69d420eb0beaca6493bc,0x070b627906ae4bb34d3c803bcc23a838129b77f38cf0469d1ebee278</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 113</desc> </pubkey> @@ -193,7 +193,7 @@ </pubkey> <pubkey> <id>secp224r1/32</id> - <inline>0xc90c47c2670cc93e27efcfbafc50fedba823525e3e5cf0fd357f3c4a,0x73040196665f86296f2a911be78b5054ddcd99d24194b17c95958fe</inline> + <inline>0xc90c47c2670cc93e27efcfbafc50fedba823525e3e5cf0fd357f3c4a,0x073040196665f86296f2a911be78b5054ddcd99d24194b17c95958fe</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 137</desc> </pubkey> @@ -205,7 +205,7 @@ </pubkey> <pubkey> <id>secp224r1/34</id> - <inline>0x38cb9b0889e3f593bde90601152c68206e55c34edc509475117b25e,0x38b9b003caf68c778057c3c2eb87e829b3f6d8ed5b4bf554b45b9d7c</inline> + <inline>0x038cb9b0889e3f593bde90601152c68206e55c34edc509475117b25e,0x38b9b003caf68c778057c3c2eb87e829b3f6d8ed5b4bf554b45b9d7c</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 149</desc> </pubkey> @@ -247,7 +247,7 @@ </pubkey> <pubkey> <id>secp224r1/41</id> - <inline>0x7cddf880261a8570d8c14546edc91806e6b298c77527cd7af6cf2112,0x8fd5caff7e4b046ad7b660829eafaf115d1395e998ac62f75c1bf9</inline> + <inline>0x7cddf880261a8570d8c14546edc91806e6b298c77527cd7af6cf2112,0x008fd5caff7e4b046ad7b660829eafaf115d1395e998ac62f75c1bf9</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 181</desc> </pubkey> @@ -289,7 +289,7 @@ </pubkey> <pubkey> <id>secp224r1/48</id> - <inline>0x39820deb6a5e58b71d72d28a7da99d578a833f70e9a4bdd930d7954,0x2a1ad5207d1aa4123ae6d2999c7569c39487ffc26288384d2503f551</inline> + <inline>0x039820deb6a5e58b71d72d28a7da99d578a833f70e9a4bdd930d7954,0x2a1ad5207d1aa4123ae6d2999c7569c39487ffc26288384d2503f551</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 227</desc> </pubkey> @@ -361,13 +361,13 @@ </pubkey> <pubkey> <id>secp224r1/60</id> - <inline>0x551a3b2581584f4a3bbc119a940e7c9f3a84e29625ded75b88f39282,0x9b970d228646f1f436eadca0318239e8636aac259c115c963e7f17c</inline> + <inline>0x551a3b2581584f4a3bbc119a940e7c9f3a84e29625ded75b88f39282,0x09b970d228646f1f436eadca0318239e8636aac259c115c963e7f17c</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 283</desc> </pubkey> <pubkey> <id>secp224r1/61</id> - <inline>0xc6950fecb2f41eb7e85410809ca3902d14f95197e3c8288ddad92725,0xe6267afd50d294fec6c7b5281fb4aee90bb186582ab3f372ac443a5</inline> + <inline>0xc6950fecb2f41eb7e85410809ca3902d14f95197e3c8288ddad92725,0x0e6267afd50d294fec6c7b5281fb4aee90bb186582ab3f372ac443a5</inline> <curve>secg/secp224r1</curve> <desc>invalid order = 293</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp256r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp256r1.xml index 8e137f2..6a30210 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/secp256r1.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/secp256r1.xml @@ -73,7 +73,7 @@ </pubkey> <pubkey> <id>secp256r1/12</id> - <inline>0x4de812700bc95a04975f89bc0f6981e71a003ee72d09aa82a9a5bd8570b02b,0x5b591897cc2c01346d2a3c09214bcb4d10e46dd0fe19eb9dfbc6cb81dd9eb2b7</inline> + <inline>0x004de812700bc95a04975f89bc0f6981e71a003ee72d09aa82a9a5bd8570b02b,0x5b591897cc2c01346d2a3c09214bcb4d10e46dd0fe19eb9dfbc6cb81dd9eb2b7</inline> <curve>secg/secp256r1</curve> <desc>invalid order = 41</desc> </pubkey> @@ -133,7 +133,7 @@ </pubkey> <pubkey> <id>secp256r1/22</id> - <inline>0x702ef740f465c7e8e2731431ff25787bb70bca7c95b42504978b505f6720eb86,0x873d9ba564e5d3bcdf070718616854b3bfce6aaff50fcdca68f94e5778dc194</inline> + <inline>0x702ef740f465c7e8e2731431ff25787bb70bca7c95b42504978b505f6720eb86,0x0873d9ba564e5d3bcdf070718616854b3bfce6aaff50fcdca68f94e5778dc194</inline> <curve>secg/secp256r1</curve> <desc>invalid order = 83</desc> </pubkey> @@ -229,19 +229,19 @@ </pubkey> <pubkey> <id>secp256r1/38</id> - <inline>0x3a591ada3f9c7803e6da77cb1b9adfd349d80dfac04829b7ccbd0767b50006e8,0xb5eb79cd757583bb44385e902b9dcf14a321f6cbbccaf83c631abe34f2e996d</inline> + <inline>0x3a591ada3f9c7803e6da77cb1b9adfd349d80dfac04829b7ccbd0767b50006e8,0x0b5eb79cd757583bb44385e902b9dcf14a321f6cbbccaf83c631abe34f2e996d</inline> <curve>secg/secp256r1</curve> <desc>invalid order = 167</desc> </pubkey> <pubkey> <id>secp256r1/39</id> - <inline>0x7a277a5debbf3da308d7cf83cb46ecaaa79c1b02bfd40ae3b911e879d576e9aa,0x54946996938f9af0f326e109f44ab5317605cb1a1d59464f3a695c05a4904c9</inline> + <inline>0x7a277a5debbf3da308d7cf83cb46ecaaa79c1b02bfd40ae3b911e879d576e9aa,0x054946996938f9af0f326e109f44ab5317605cb1a1d59464f3a695c05a4904c9</inline> <curve>secg/secp256r1</curve> <desc>invalid order = 173</desc> </pubkey> <pubkey> <id>secp256r1/40</id> - <inline>0xc7b3cd34083b9edb2e79b74129d38dba1e287c294fb5eefc5b88d0cdd53ee70c,0xd29c58435ab03277891c7c53f283e7f096a14da33303cfbd4f6934131c6cece</inline> + <inline>0xc7b3cd34083b9edb2e79b74129d38dba1e287c294fb5eefc5b88d0cdd53ee70c,0x0d29c58435ab03277891c7c53f283e7f096a14da33303cfbd4f6934131c6cece</inline> <curve>secg/secp256r1</curve> <desc>invalid order = 179</desc> </pubkey> @@ -331,7 +331,7 @@ </pubkey> <pubkey> <id>secp256r1/55</id> - <inline>0xe3b247021a52f27f88bd01ea44a018eeafaca6cc6bc05e7951ab3429f79511f,0x28b782453e402d75b1caa5b30f97345649afd010d3e7c4acf96ec9bb3d8833e</inline> + <inline>0x0e3b247021a52f27f88bd01ea44a018eeafaca6cc6bc05e7951ab3429f79511f,0x028b782453e402d75b1caa5b30f97345649afd010d3e7c4acf96ec9bb3d8833e</inline> <curve>secg/secp256r1</curve> <desc>invalid order = 263</desc> </pubkey> @@ -415,7 +415,7 @@ </pubkey> <pubkey> <id>secp256r1/69</id> - <inline>0xa732788d93a5c81202b3f7bcb74b09fd69345e0345ffc833317c5895ec074de,0xfb9dc56e4cbd7176b4b7023e565d244638fb9e3b8184356850f4da6be9b755d0</inline> + <inline>0x0a732788d93a5c81202b3f7bcb74b09fd69345e0345ffc833317c5895ec074de,0xfb9dc56e4cbd7176b4b7023e565d244638fb9e3b8184356850f4da6be9b755d0</inline> <curve>secg/secp256r1</curve> <desc>invalid order = 349</desc> </pubkey> diff --git a/src/cz/crcs/ectester/data/wycheproof/keys.xml b/src/cz/crcs/ectester/data/wycheproof/keys.xml index 7ca174d..ee7280c 100644 --- a/src/cz/crcs/ectester/data/wycheproof/keys.xml +++ b/src/cz/crcs/ectester/data/wycheproof/keys.xml @@ -3,7 +3,7 @@ xsi:noNamespaceSchemaLocation="../schema.xsd"> <privkey> <id>addsub/secp224r1/1s</id> - <inline>0x0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c29b7</inline> + <inline>0xffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c29b7</inline> <curve>secg/secp224r1</curve> <desc>tcId = 34</desc> </privkey> @@ -16,7 +16,7 @@ </pubkey> <privkey> <id>addsub/secp224r1/2s</id> - <inline>0x0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a37</inline> + <inline>0xffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a37</inline> <curve>secg/secp224r1</curve> <desc>tcId = 35</desc> </privkey> @@ -29,7 +29,7 @@ </pubkey> <privkey> <id>addsub/secp224r1/3s</id> - <inline>0x0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3b</inline> + <inline>0xffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3b</inline> <curve>secg/secp224r1</curve> <desc>tcId = 37</desc> </privkey> @@ -42,7 +42,7 @@ </pubkey> <privkey> <id>addsub/secp256r1/1s</id> - <inline>0x0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6324f3</inline> + <inline>0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6324f3</inline> <curve>secg/secp256r1</curve> <desc>tcId = 106</desc> </privkey> @@ -55,7 +55,7 @@ </pubkey> <privkey> <id>addsub/secp256r1/2s</id> - <inline>0x0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632533</inline> + <inline>0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632533</inline> <curve>secg/secp256r1</curve> <desc>tcId = 107</desc> </privkey> @@ -68,7 +68,7 @@ </pubkey> <privkey> <id>addsub/secp256r1/3s</id> - <inline>0x0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632543</inline> + <inline>0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632543</inline> <curve>secg/secp256r1</curve> <desc>tcId = 108</desc> </privkey> @@ -81,7 +81,7 @@ </pubkey> <privkey> <id>addsub/secp256r1/4s</id> - <inline>0x0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254b</inline> + <inline>0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254b</inline> <curve>secg/secp256r1</curve> <desc>tcId = 109</desc> </privkey> @@ -94,7 +94,7 @@ </pubkey> <privkey> <id>addsub/secp256r1/5s</id> - <inline>0x0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f</inline> + <inline>0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f</inline> <curve>secg/secp256r1</curve> <desc>tcId = 111</desc> </privkey> @@ -107,7 +107,7 @@ </pubkey> <privkey> <id>addsub/secp384r1/1s</id> - <inline>0x0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52959</inline> + <inline>0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52959</inline> <curve>secg/secp384r1</curve> <desc>tcId = 192</desc> </privkey> @@ -120,7 +120,7 @@ </pubkey> <privkey> <id>addsub/secp384r1/2s</id> - <inline>0x0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52969</inline> + <inline>0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52969</inline> <curve>secg/secp384r1</curve> <desc>tcId = 193</desc> </privkey> @@ -133,7 +133,7 @@ </pubkey> <privkey> <id>addsub/secp384r1/3s</id> - <inline>0x0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52971</inline> + <inline>0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52971</inline> <curve>secg/secp384r1</curve> <desc>tcId = 195</desc> </privkey> @@ -224,7 +224,7 @@ </pubkey> <privkey> <id>addsub/secp256k1/1s</id> - <inline>0x0fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd03640c3</inline> + <inline>0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd03640c3</inline> <curve>secg/secp256k1</curve> <desc>tcId = 362</desc> </privkey> @@ -237,7 +237,7 @@ </pubkey> <privkey> <id>addsub/secp256k1/2s</id> - <inline>0x0fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364103</inline> + <inline>0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364103</inline> <curve>secg/secp256k1</curve> <desc>tcId = 363</desc> </privkey> @@ -250,7 +250,7 @@ </pubkey> <privkey> <id>addsub/secp256k1/3s</id> - <inline>0x0fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364123</inline> + <inline>0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364123</inline> <curve>secg/secp256k1</curve> <desc>tcId = 364</desc> </privkey> @@ -263,7 +263,7 @@ </pubkey> <privkey> <id>addsub/secp256k1/4s</id> - <inline>0x0fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364133</inline> + <inline>0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364133</inline> <curve>secg/secp256k1</curve> <desc>tcId = 365</desc> </privkey> @@ -276,7 +276,7 @@ </pubkey> <privkey> <id>addsub/secp256k1/5s</id> - <inline>0x0fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd036413b</inline> + <inline>0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd036413b</inline> <curve>secg/secp256k1</curve> <desc>tcId = 366</desc> </privkey> @@ -289,7 +289,7 @@ </pubkey> <privkey> <id>addsub/secp256k1/6s</id> - <inline>0x0fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd036413f</inline> + <inline>0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd036413f</inline> <curve>secg/secp256k1</curve> <desc>tcId = 368</desc> </privkey> diff --git a/src/cz/crcs/ectester/reader/CardMngr.java b/src/cz/crcs/ectester/reader/CardMngr.java index 8b6241d..0a01d9e 100644 --- a/src/cz/crcs/ectester/reader/CardMngr.java +++ b/src/cz/crcs/ectester/reader/CardMngr.java @@ -23,6 +23,7 @@ public class CardMngr { private boolean simulate = false; private boolean verbose = true; + private boolean chunking = false; private final byte[] selectCM = { (byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x07, (byte) 0xa0, (byte) 0x00, (byte) 0x00, @@ -51,6 +52,19 @@ public class CardMngr { this.simulate = simulate; } + private void connectWithHighest() throws CardException { + try { + card = terminal.connect("T=1"); + } catch (CardException ex) { + if (verbose) + System.out.println("T=1 failed, trying protocol '*'"); + card = terminal.connect("*"); + if (card.getProtocol().equals("T=0")) { + chunking = true; + } + } + } + public boolean connectToCard() throws CardException { if (simulate) return true; @@ -72,13 +86,7 @@ public class CardMngr { terminal = terminalList.get(i); if (terminal.isCardPresent()) { - try { - card = terminal.connect("T=1"); - } catch (CardException ex) { - if (verbose) - System.out.println("T=1 failed, trying protocol '*'"); - card = terminal.connect("*"); - } + connectWithHighest(); if (verbose) System.out.println("card: " + card); @@ -132,7 +140,7 @@ public class CardMngr { } if (terminal != null) { - card = terminal.connect("*"); + connectWithHighest(); if (verbose) System.out.println("card: " + card); channel = card.getBasicChannel(); @@ -171,6 +179,22 @@ public class CardMngr { } } + public void setChunking(boolean state) { + chunking = state; + } + + public String getProtocol() { + if (simulate) { + return simulator.getProtocol(); + } else { + if (card != null) { + return card.getProtocol(); + } else { + return null; + } + } + } + // Functions for CPLC taken and modified from https://github.com/martinpaljak/GlobalPlatformPro private static final byte CLA_GP = (byte) 0x80; private static final byte ISO7816_INS_GET_DATA = (byte) 0xCA; @@ -267,6 +291,18 @@ public class CardMngr { } } + public ATR getATR() { + if (simulate) { + return new ATR(simulator.getATR()); + } else { + if (card != null) { + return card.getATR(); + } else { + return null; + } + } + } + public CPLC getCPLC() throws CardException { byte[] data = fetchCPLC(); return new CPLC(data); @@ -298,13 +334,6 @@ public class CardMngr { } } - public ATR getATR() { - if (simulate) { - return new ATR(simulator.getATR()); - } else { - return card.getATR(); - } - } public static List<CardTerminal> getReaderList() { try { @@ -316,6 +345,39 @@ public class CardMngr { } } + private CommandAPDU chunk(CommandAPDU apdu) throws CardException { + if (verbose) { + System.out.print("Chunking:"); + } + byte[] data = apdu.getBytes(); + int numChunks = (data.length + 254) / 255; + for (int i = 0; i < numChunks; ++i) { + int chunkStart = i * 255; + int chunkLength = 255; + if (chunkStart + chunkLength > data.length) { + chunkLength = data.length - chunkStart; + } + if (verbose) { + System.out.print(" " + chunkLength); + } + byte[] chunk = new byte[chunkLength]; + System.arraycopy(data, chunkStart, chunk, 0, chunkLength); + CommandAPDU cmd = new CommandAPDU(apdu.getCLA(), 0x7a, 0, 0, chunk); + ResponseAPDU resp; + if (simulate) { + resp = simulator.transmitCommand(cmd); + } else { + resp = channel.transmit(cmd); + } + if ((short) resp.getSW() != ISO7816.SW_NO_ERROR) { + throw new CardException("Chunking failed!"); + } + } + if (verbose) + System.out.println(); + return new CommandAPDU(apdu.getCLA(), 0x7b, 0, 0, 0xff); + } + public ResponseAPDU sendAPDU(CommandAPDU apdu) throws CardException { if (verbose) { System.out.println(">>>>"); @@ -324,7 +386,12 @@ public class CardMngr { System.out.println(ByteUtil.bytesToHex(apdu.getBytes())); } - long elapsed = -System.nanoTime(); + long elapsed; + if (chunking && apdu.getNc() >= 0xff) { + apdu = chunk(apdu); + } + + elapsed = -System.nanoTime(); ResponseAPDU responseAPDU = channel.transmit(apdu); @@ -348,6 +415,7 @@ public class CardMngr { if (verbose) { System.out.println("<<<<"); System.out.println("Elapsed time (ms): " + elapsed / 1000000); + System.out.println("---------------------------------------------------------"); } return responseAPDU; } @@ -365,13 +433,17 @@ public class CardMngr { return simulator.selectApplet(appletAID); } - public ResponseAPDU sendAPDUSimulator(CommandAPDU apdu) { + public ResponseAPDU sendAPDUSimulator(CommandAPDU apdu) throws CardException { if (verbose) { System.out.println(">>>>"); System.out.println(apdu); System.out.println(ByteUtil.bytesToHex(apdu.getBytes())); } + if (chunking && apdu.getNc() >= 0xff) { + apdu = chunk(apdu); + } + ResponseAPDU response = simulator.transmitCommand(apdu); byte[] responseBytes = response.getBytes(); @@ -384,7 +456,7 @@ public class CardMngr { return response; } - public ResponseAPDU sendAPDUSimulator(byte[] apdu) { + public ResponseAPDU sendAPDUSimulator(byte[] apdu) throws CardException { CommandAPDU commandAPDU = new CommandAPDU(apdu); return sendAPDUSimulator(commandAPDU); } diff --git a/src/cz/crcs/ectester/reader/ECTesterReader.java b/src/cz/crcs/ectester/reader/ECTesterReader.java index 7a9d3eb..cb64b4c 100644 --- a/src/cz/crcs/ectester/reader/ECTesterReader.java +++ b/src/cz/crcs/ectester/reader/ECTesterReader.java @@ -1,6 +1,7 @@ /* * ECTester, tool for testing Elliptic curve cryptography implementations. - * Copyright (c) 2016-2018 Petr Svenda <petr@svenda.com> + * Copyright (c) 2016-2019 Petr Svenda <petr@svenda.com> + * Copyright (c) 2016-2019 Jan Jancar <johny@neuromancer.sk> * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,10 +30,8 @@ import cz.crcs.ectester.common.cli.Colors; import cz.crcs.ectester.common.ec.EC_Curve; import cz.crcs.ectester.common.output.OutputLogger; import cz.crcs.ectester.common.output.TestWriter; -import cz.crcs.ectester.common.util.ByteUtil; -import cz.crcs.ectester.common.util.CardUtil; -import cz.crcs.ectester.common.util.ECUtil; -import cz.crcs.ectester.common.util.FileUtil; +import cz.crcs.ectester.common.util.Util; +import cz.crcs.ectester.common.util.*; import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.reader.command.Command; import cz.crcs.ectester.reader.output.FileTestWriter; @@ -77,13 +76,13 @@ public class ECTesterReader { public static final String VERSION = "v0.3.2"; public static String GIT_COMMIT = ""; private static String DESCRIPTION; - private static String LICENSE = "MIT Licensed\nCopyright (c) 2016-2018 Petr Svenda <petr@svenda.com>"; + private static String LICENSE = "MIT Licensed\nCopyright © 2016-2019 Petr Svenda <petr@svenda.com>\nCopyright © 2016-2019 Jan Jancar <johny@neuromancer.sk>"; private static String CLI_HEADER; private static String CLI_FOOTER = "\n" + LICENSE; - private static final byte[] SELECT_ECTESTERAPPLET = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, - (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; - private static final byte[] AID = {(byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; + private static final byte[] SELECT_PREFIX = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0c}; + private static final byte[] AID_221 = {(byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x33, (byte) 0x32, (byte) 0x62}; // VERSION v0.3.2 + private static final byte[] AID_222 = {(byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x33, (byte) 0x32, (byte) 0x78}; // VERSION v0.3.2 private static final byte[] INSTALL_DATA = new byte[10]; static { @@ -137,20 +136,27 @@ public class ECTesterReader { //connect or simulate connection if (cfg.simulate) { - if (!cardManager.prepareLocalSimulatorApplet(AID, INSTALL_DATA, ECTesterApplet.class)) { + if (!cardManager.prepareLocalSimulatorApplet(AID_221, INSTALL_DATA, ECTesterApplet.class)) { System.err.println(Colors.error("Failed to establish a simulator.")); System.exit(1); + } else { + cardManager.setChunking(true); } } else { if (!cardManager.connectToCardSelect()) { System.err.println(Colors.error("Failed to connect to card.")); System.exit(1); } - ResponseAPDU selectResp = cardManager.send(SELECT_ECTESTERAPPLET); + ResponseAPDU selectResp = cardManager.send(ByteUtil.concatenate(SELECT_PREFIX, AID_222)); if ((short) selectResp.getSW() != ISO7816.SW_NO_ERROR) { - System.err.println(Colors.error("Failed to select ECTester applet, is it installed?")); - cardManager.disconnectFromCard(); - System.exit(1); + selectResp = cardManager.send(ByteUtil.concatenate(SELECT_PREFIX, AID_221)); + if ((short) selectResp.getSW() != ISO7816.SW_NO_ERROR) { + System.err.println(Colors.error("Failed to select ECTester applet, is it installed?")); + cardManager.disconnectFromCard(); + System.exit(1); + } else { + cardManager.setChunking(true); + } } } @@ -163,6 +169,9 @@ public class ECTesterReader { Security.addProvider(new BouncyCastleProvider()); } catch (SecurityException | NoClassDefFoundError ignored) { } + // Make BouncyCastle more lenient when we work with signatures in ASN.1 DER format, + // cards sometimes are not fully compliant. + System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "true"); //do action if (cli.hasOption("export")) { @@ -239,54 +248,6 @@ public class ECTesterReader { * @throws ParseException if there are any problems encountered while parsing the command line tokens */ private CommandLine parseArgs(String[] args) throws ParseException { - /* - * Actions: - * -V / --version - * -h / --help - * -e / --export - * -g / --generate [amount] - * -t / --test [test_suite] - * -dh / --ecdh [count]] - * -dsa / --ecdsa [count] - * -ln / --list-named [obj] - * -ls / --list-suites - * -nfo / --info - * - * Options: - * -b / --bit-size <b> // -a / --all - * - * -fp / --prime-field - * -f2m / --binary-field - * - * -u / --custom - * -nc / --named-curve <cat/id> - * -c / --curve <curve_file> field,a,b,gx,gy,r,k - * - * -pub / --public <pubkey_file> wx,wy - * -npub / --named-public <cat/id> - * - * -priv / --private <privkey_file> s - * -npriv / --named-private <cat/id> - * - * -k / --key <key_file> wx,wy,s - * -nk / --named-key <cat/id> - * - * -v / --verbose - * - * -i / --input <input_file> - * -o / --output <output_file> - * --format <format> - * -l / --log [log_file] - * - * -f / --fresh - * --cleanup - * -s / --simulate - * -y / --yes - * -ka/ --ka-type <type> - * -sig/--sig-type <type> - * -C / --color - * -to/ --test-options <opts> - */ OptionGroup actions = new OptionGroup(); actions.setRequired(true); actions.addOption(Option.builder("V").longOpt("version").desc("Print version info.").build()); @@ -338,10 +299,11 @@ public class ECTesterReader { opts.addOption(Option.builder().longOpt("fixed-public").desc("Generate public key only once, keep it for later ECDH.").build()); opts.addOption(Option.builder("f").longOpt("fresh").desc("Generate fresh keys (set domain parameters before every generation).").build()); opts.addOption(Option.builder().longOpt("time").desc("Output better timing values, by running command in dry run mode and normal mode, and subtracting the two.").build()); + opts.addOption(Option.builder().longOpt("time-unit").desc("Use given time unit in measurement, one of: milli, micro, nano.").hasArg().argName("unit").build()); opts.addOption(Option.builder().longOpt("cleanup").desc("Send the cleanup command trigerring JCSystem.requestObjectDeletion() after some operations.").build()); opts.addOption(Option.builder("s").longOpt("simulate").desc("Simulate a card with jcardsim instead of using a terminal.").build()); opts.addOption(Option.builder("y").longOpt("yes").desc("Accept all warnings and prompts.").build()); - opts.addOption(Option.builder("to").longOpt("test-options").desc("Test options to use:\n- preset: Use preset semi-random private keys instead of generating keypairs on the cards when the test needs one.").hasArg().argName("options").build()); + opts.addOption(Option.builder("to").longOpt("test-options").desc("Test options to use:\n- preset: Use preset semi-random private keys (derived from curve) instead of generating keypairs on the cards when the test needs one.\n- random: Use fully random private keys instead of generating keypairs.").hasArg().argName("options").build()); opts.addOption(Option.builder("ka").longOpt("ka-type").desc("Set KeyAgreement object [type], corresponds to JC.KeyAgreement constants.").hasArg().argName("type").optionalArg(true).build()); opts.addOption(Option.builder("sig").longOpt("sig-type").desc("Set Signature object [type], corresponds to JC.Signature constants.").hasArg().argName("type").optionalArg(true).build()); @@ -380,11 +342,13 @@ public class ECTesterReader { private void info() throws CardException { Response.GetInfo info = new Command.GetInfo(cardManager).send(); - System.out.println(String.format("ECTester applet version: %s", info.getVersion())); - System.out.println(String.format("ECTester applet APDU support: %s", (info.getBase() == ECTesterApplet.BASE_221) ? "basic" : "extended length")); - System.out.println(String.format("JavaCard API version: %.1f", info.getJavaCardVersion())); - System.out.println(String.format("JavaCard supports system cleanup: %s", info.getCleanupSupport())); - System.out.println(String.format("Array sizes (apduBuf, ram, ram2, apduArr): %d %d %d %d", info.getApduBufferLength(), info.getRamArrayLength(), info.getRamArray2Length(), info.getApduArrayLength())); + System.out.println(String.format("Card ATR:\t\t\t\t%s", ByteUtil.bytesToHex(cardManager.getATR().getBytes(), false))); + System.out.println(String.format("Card protocol:\t\t\t\t%s", cardManager.getProtocol())); + System.out.println(String.format("ECTester applet version:\t\t%s", info.getVersion())); + System.out.println(String.format("ECTester applet APDU support:\t\t%s", (info.getBase() == ECTesterApplet.BASE_221) ? "basic" : "extended length")); + System.out.println(String.format("JavaCard API version:\t\t\t%.1f", info.getJavaCardVersion())); + System.out.println(String.format("JavaCard supports system cleanup:\t%s", info.getCleanupSupport())); + System.out.println(String.format("Array sizes (apduBuf,ram,ram2,apduArr):\t%d %d %d %d", info.getApduBufferLength(), info.getRamArrayLength(), info.getRamArray2Length(), info.getApduArrayLength())); } /** @@ -402,7 +366,7 @@ public class ECTesterReader { sent.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); // Also support exporting set parameters, to verify they are set correctly. - Command curve = Command.prepareCurve(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass); + Command curve = Command.prepareCurve(cardManager, cfg, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass); if (curve != null) { sent.add(curve.send()); } @@ -445,13 +409,13 @@ public class ECTesterReader { */ private void generate() throws CardException, IOException { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - Command curve = Command.prepareCurve(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass); + Command curve = Command.prepareCurve(cardManager, cfg, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass); Response allocate = new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass).send(); respWriter.outputResponse(allocate); OutputStreamWriter keysFile = FileUtil.openFiles(cfg.outputs); - keysFile.write("index;genTime[milli];exportTime[milli];pubW;privS\n"); + keysFile.write(String.format("index;genTime[%s];exportTime[%s];pubW;privS\n", cfg.timeUnit, cfg.timeUnit)); int generated = 0; int retry = 0; @@ -485,7 +449,7 @@ public class ECTesterReader { String pub = ByteUtil.bytesToHex(export.getParameter(ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_W), false); String priv = ByteUtil.bytesToHex(export.getParameter(ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_S), false); - String line = String.format("%d;%d;%d;%s;%s\n", generated, time / 1000000, export.getDuration() / 1000000, pub, priv); + String line = String.format("%d;%d;%d;%s;%s\n", generated, Util.convertTime(time, cfg.timeUnit), Util.convertTime(export.getDuration(), cfg.timeUnit), pub, priv); keysFile.write(line); keysFile.flush(); generated++; @@ -518,7 +482,6 @@ public class ECTesterReader { case "compression": suite = new CardCompressionSuite(writer, cfg, cardManager); break; - case "misc": case "miscellaneous": suite = new CardMiscSuite(writer, cfg, cardManager); break; @@ -578,7 +541,7 @@ public class ECTesterReader { */ private void ecdh() throws IOException, CardException { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - Command curve = Command.prepareCurve(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_BOTH, cfg.bits, keyClass); + Command curve = Command.prepareCurve(cardManager, cfg, ECTesterApplet.KEYPAIR_BOTH, cfg.bits, keyClass); List<Response> prepare = new LinkedList<>(); prepare.add(new Command.AllocateKeyAgreement(cardManager, cfg.ECKAType).send()); // Prepare KeyAgreement or required type prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, cfg.bits, keyClass).send()); @@ -592,17 +555,17 @@ public class ECTesterReader { OutputStreamWriter out = null; if (cfg.outputs != null) { out = FileUtil.openFiles(cfg.outputs); - out.write("index;time[milli];pubW;privS;secret\n"); + out.write(String.format("index;time[%s];pubW;privS;secret\n", cfg.timeUnit)); } Response gen = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH).send(); respWriter.outputResponse(gen); if (cfg.anyPublicKey || cfg.anyKey) { - Response prep = Command.prepareKey(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_REMOTE).send(); + Response prep = Command.prepareKey(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.PARAMETER_W).send(); respWriter.outputResponse(prep); } if (cfg.anyPrivateKey || cfg.anyKey) { - Response prep = Command.prepareKey(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_LOCAL).send(); + Response prep = Command.prepareKey(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_S).send(); respWriter.outputResponse(prep); } @@ -630,10 +593,12 @@ public class ECTesterReader { respWriter.outputResponse(regen); } - Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.KEY_BOTH, EC_Consts.PARAMETERS_KEYPAIR).send(); - respWriter.outputResponse(export); - byte[] pubkey_bytes = export.getParameter(ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.PARAMETER_W); - byte[] privkey_bytes = export.getParameter(ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_S); + Response.Export exportRemote = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.KEY_PUBLIC, EC_Consts.PARAMETER_W).send(); + respWriter.outputResponse(exportRemote); + Response.Export exportLocal = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PRIVATE, EC_Consts.PARAMETER_S).send(); + respWriter.outputResponse(exportLocal); + byte[] pubkey_bytes = exportRemote.getParameter(ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.PARAMETER_W); + byte[] privkey_bytes = exportLocal.getParameter(ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_S); Command.ECDH perform = new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, EC_Consts.TRANSFORMATION_NONE, cfg.ECKAType); @@ -658,7 +623,7 @@ public class ECTesterReader { if (out != null) { time += result.getDuration(); - out.write(String.format("%d;%d;%s;%s;%s\n", done, time / 1000000, ByteUtil.bytesToHex(pubkey_bytes, false), ByteUtil.bytesToHex(privkey_bytes, false), ByteUtil.bytesToHex(result.getSecret(), false))); + out.write(String.format("%d;%d;%s;%s;%s\n", done, Util.convertTime(time, cfg.timeUnit), ByteUtil.bytesToHex(pubkey_bytes, false), ByteUtil.bytesToHex(privkey_bytes, false), ByteUtil.bytesToHex(result.getSecret(), false))); out.flush(); } @@ -697,7 +662,7 @@ public class ECTesterReader { Command generate; if (cfg.anyKeypart) { - generate = Command.prepareKey(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_LOCAL); + generate = Command.prepareKey(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETERS_KEYPAIR); } else { generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL); } @@ -706,7 +671,7 @@ public class ECTesterReader { List<Response> prepare = new LinkedList<>(); prepare.add(new Command.AllocateSignature(cardManager, cfg.ECDSAType).send()); prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass).send()); - Command curve = Command.prepareCurve(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass); + Command curve = Command.prepareCurve(cardManager, cfg, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass); if (curve != null) prepare.add(curve.send()); @@ -716,7 +681,7 @@ public class ECTesterReader { OutputStreamWriter out = FileUtil.openFiles(cfg.outputs); if (out != null) { - out.write("index;signTime[milli];verifyTime[milli];data;pubW;privS;signature;nonce;valid\n"); + out.write(String.format("index;signTime[%s];verifyTime[%s];data;pubW;privS;signature;nonce;valid\n", cfg.timeUnit, cfg.timeUnit)); } Command.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_BOTH, EC_Consts.PARAMETERS_KEYPAIR); @@ -780,7 +745,7 @@ public class ECTesterReader { String priv = ByteUtil.bytesToHex(exported.getParameter(ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_S), false); String dataString = (cfg.input != null) ? "" : ByteUtil.bytesToHex(data, false); BigInteger privkey = new BigInteger(1, exported.getParameter(ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_S)); - EC_Curve actualCurve = Command.findCurve(EC_Store.getInstance(), cfg, cfg.bits, keyClass); + EC_Curve actualCurve = Command.findCurve(cfg, cfg.bits, keyClass); String k = ""; if (actualCurve != null) { ECParameterSpec params = actualCurve.toSpec(); @@ -789,7 +754,7 @@ public class ECTesterReader { k = ByteUtil.bytesToHex(kValue.toByteArray(), false); } } - out.write(String.format("%d;%d;%d;%s;%s;%s;%s;%s;%d\n", done, signTime / 1000000, verifyTime / 1000000, dataString, pub, priv, ByteUtil.bytesToHex(signature, false), k, verifyResp.successful() ? 1 : 0)); + out.write(String.format("%d;%d;%d;%s;%s;%s;%s;%s;%d\n", done, Util.convertTime(signTime, cfg.timeUnit), Util.convertTime(verifyTime, cfg.timeUnit), dataString, pub, priv, ByteUtil.bytesToHex(signature, false), k, verifyResp.successful() ? 1 : 0)); out.flush(); } @@ -845,6 +810,7 @@ public class ECTesterReader { public String[] outputs; public boolean fresh = false; public boolean time = false; + public String timeUnit; public boolean cleanup = false; public boolean simulate = false; public boolean yes = false; @@ -911,6 +877,13 @@ public class ECTesterReader { color = cli.hasOption("color"); Colors.enabled = color; + timeUnit = cli.getOptionValue("time-unit", "micro"); + String[] times = new String[]{"milli", "micro", "nano"}; + if (!Arrays.asList(times).contains(timeUnit)) { + System.err.println(Colors.error("Wrong time unit " + timeUnit + ". Should be one of " + Arrays.toString(times))); + return false; + } + if (cli.hasOption("list-named")) { listNamed = cli.getOptionValue("list-named"); return true; @@ -1011,40 +984,45 @@ public class ECTesterReader { testFrom = 0; testTo = -1; } - + String[] tests = new String[]{"default", "composite", "compression", "invalid", "degenerate", "test-vectors", "wrong", "twist", "cofactor", "edge-cases", "miscellaneous", "signature"}; - String selected = null; - for (String test : tests) { - if (test.startsWith(testSuite)) { - if (selected != null) { - System.err.println(Colors.error("Test suite ambiguous " + test + " or " + selected + "?")); - return false; - } else { - selected = test; - } - } - } - if (selected == null) { + String selected = null; + for (String test : tests) { + if (test.startsWith(testSuite)) { + if (selected != null) { + System.err.println(Colors.error("Test suite ambiguous " + test + " or " + selected + "?")); + return false; + } else { + selected = test; + } + } + } + if (selected == null) { System.err.println(Colors.error("Unknown test suite " + testSuite + ". Should be one of: " + Arrays.toString(tests))); return false; } else { - testSuite = selected; + testSuite = selected; } String[] opts = cli.getOptionValue("test-options", "").split(","); - List<String> validOpts = Arrays.asList("preset"); + List<String> validOpts = Arrays.asList("preset", "random"); testOptions = new HashSet<>(); for (String opt : opts) { if (opt.equals("")) { continue; } if (!validOpts.contains(opt)) { - System.err.println(Colors.error("Unknown test option " + opt + ". Should be one of: " + "preset.")); + System.err.println(Colors.error("Unknown test option " + opt + ". Should be one of: " + Arrays.toString(validOpts.toArray()))); return false; } else { testOptions.add(opt); } } + + if (testOptions.contains("preset") && testOptions.contains("random")) { + System.err.println("Cannot have both preset and random option enabled."); + return false; + } } else if (cli.hasOption("ecdh")) { if (primeField == binaryField) { System.err.print(Colors.error("Need to specify field with -fp or -f2m. (not both)")); diff --git a/src/cz/crcs/ectester/reader/command/Command.java b/src/cz/crcs/ectester/reader/command/Command.java index bf2441f..1789451 100644 --- a/src/cz/crcs/ectester/reader/command/Command.java +++ b/src/cz/crcs/ectester/reader/command/Command.java @@ -3,11 +3,10 @@ package cz.crcs.ectester.reader.command; import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.common.ec.EC_Curve; -import cz.crcs.ectester.common.ec.EC_Key; -import cz.crcs.ectester.common.ec.EC_Keypair; import cz.crcs.ectester.common.ec.EC_Params; import cz.crcs.ectester.common.util.ByteUtil; import cz.crcs.ectester.common.util.CardUtil; +import cz.crcs.ectester.common.util.ECUtil; import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.reader.CardMngr; import cz.crcs.ectester.reader.ECTesterReader; @@ -60,12 +59,12 @@ public abstract class Command implements Cloneable { return (Command) super.clone(); } - public static EC_Curve findCurve(EC_Store dataStore, ECTesterReader.Config cfg, short keyLength, byte keyClass) throws IOException { + public static EC_Curve findCurve(ECTesterReader.Config cfg, short keyLength, byte keyClass) throws IOException { if (cfg.customCurve) { byte curveId = EC_Consts.getCurve(keyLength, keyClass); - return dataStore.getObject(EC_Curve.class, "secg", CardUtil.getCurveName(curveId)); + return EC_Store.getInstance().getObject(EC_Curve.class, "secg", CardUtil.getCurveName(curveId)); } else if (cfg.namedCurve != null) { - EC_Curve curve = dataStore.getObject(EC_Curve.class, cfg.namedCurve); + EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, cfg.namedCurve); if (curve == null) { throw new IOException("Curve could no be found."); } @@ -96,14 +95,14 @@ public abstract class Command implements Cloneable { * @return a Command to send in order to prepare the curve on the keypairs. * @throws IOException if curve file cannot be found/opened */ - public static Command prepareCurve(CardMngr cardManager, EC_Store dataStore, ECTesterReader.Config cfg, byte keyPair, short keyLength, byte keyClass) throws IOException { + public static Command prepareCurve(CardMngr cardManager, ECTesterReader.Config cfg, byte keyPair, short keyLength, byte keyClass) throws IOException { if (cfg.customCurve) { // Set custom curve (one of the SECG curves embedded applet-side) short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; return new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null); } - EC_Curve curve = findCurve(dataStore, cfg, keyLength, keyClass); + EC_Curve curve = findCurve(cfg, keyLength, keyClass); if ((curve == null || curve.flatten() == null) && (cfg.namedCurve != null || cfg.curveFile != null)) { if (cfg.namedCurve != null) { throw new IOException("Couldn't read named curve data."); @@ -117,26 +116,21 @@ public abstract class Command implements Cloneable { /** - * @param keyPair which keyPair/s to set the key params on + * @param cardManager + * @param dataStore + * @param cfg + * @param keyPair which keyPair/s to set the key params on + * @param allowedParams * @return a CommandAPDU setting params loaded on the keyPair/s * @throws IOException if any of the key files cannot be found/opened */ - public static Command prepareKey(CardMngr cardManager, EC_Store dataStore, ECTesterReader.Config cfg, byte keyPair) throws IOException { + public static Command prepareKey(CardMngr cardManager, EC_Store dataStore, ECTesterReader.Config cfg, byte keyPair, short allowedParams) throws IOException { short params = EC_Consts.PARAMETERS_NONE; byte[] data = null; if (cfg.key != null || cfg.namedKey != null) { params |= EC_Consts.PARAMETERS_KEYPAIR; - EC_Params keypair; - if (cfg.key != null) { - keypair = new EC_Params(EC_Consts.PARAMETERS_KEYPAIR); - - FileInputStream in = new FileInputStream(cfg.key); - keypair.readCSV(in); - in.close(); - } else { - keypair = dataStore.getObject(EC_Keypair.class, cfg.namedKey); - } + EC_Params keypair = ECUtil.loadParams(EC_Consts.PARAMETERS_KEYPAIR, cfg.namedKey, cfg.key); if (keypair == null) { throw new IOException("KeyPair not found."); } @@ -147,21 +141,9 @@ public abstract class Command implements Cloneable { } } - if (cfg.publicKey != null || cfg.namedPublicKey != null) { + if ((cfg.publicKey != null || cfg.namedPublicKey != null) && ((allowedParams & EC_Consts.PARAMETER_W) != 0)) { params |= EC_Consts.PARAMETER_W; - EC_Params pub; - if (cfg.publicKey != null) { - pub = new EC_Params(EC_Consts.PARAMETER_W); - - FileInputStream in = new FileInputStream(cfg.publicKey); - pub.readCSV(in); - in.close(); - } else { - pub = dataStore.getObject(EC_Key.Public.class, cfg.namedPublicKey); - if (pub == null) { - pub = dataStore.getObject(EC_Keypair.class, cfg.namedPublicKey); - } - } + EC_Params pub = ECUtil.loadParams(EC_Consts.PARAMETER_W, cfg.namedPublicKey, cfg.publicKey); if (pub == null) { throw new IOException("Public key not found."); } @@ -172,21 +154,10 @@ public abstract class Command implements Cloneable { } data = pubkey; } - if (cfg.privateKey != null || cfg.namedPrivateKey != null) { - params |= EC_Consts.PARAMETER_S; - EC_Params priv; - if (cfg.privateKey != null) { - priv = new EC_Params(EC_Consts.PARAMETER_S); - FileInputStream in = new FileInputStream(cfg.privateKey); - priv.readCSV(in); - in.close(); - } else { - priv = dataStore.getObject(EC_Key.Private.class, cfg.namedPrivateKey); - if (priv == null) { - priv = dataStore.getObject(EC_Keypair.class, cfg.namedPrivateKey); - } - } + if ((cfg.privateKey != null || cfg.namedPrivateKey != null) && ((allowedParams & EC_Consts.PARAMETER_S) != 0)) { + params |= EC_Consts.PARAMETER_S; + EC_Params priv = ECUtil.loadParams(EC_Consts.PARAMETER_S, cfg.namedPrivateKey, cfg.privateKey); if (priv == null) { throw new IOException("Private key not found."); } diff --git a/src/cz/crcs/ectester/reader/response/Response.java b/src/cz/crcs/ectester/reader/response/Response.java index 6232423..f36d087 100644 --- a/src/cz/crcs/ectester/reader/response/Response.java +++ b/src/cz/crcs/ectester/reader/response/Response.java @@ -26,7 +26,7 @@ public abstract class Response { this.time = time; } - void parse(int numSW, int numParams) { + boolean parse(int numSW, int numParams) { this.numSW = numSW; this.sws = new short[numSW]; @@ -73,6 +73,7 @@ public abstract class Response { System.arraycopy(data, offset, params[i], 0, paramLength); offset += paramLength; } + return success; } public ResponseAPDU getAPDU() { @@ -376,6 +377,14 @@ public abstract class Response { parse(1, (export == ECTesterApplet.EXPORT_TRUE) ? 1 : 0); } + public short getTransformation() { + return transformation; + } + + public byte getType() { + return type; + } + public boolean hasSecret() { return hasParam(0); } diff --git a/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java b/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java index 4a8fcc0..d1eb2b1 100644 --- a/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java @@ -25,7 +25,7 @@ import static cz.crcs.ectester.common.test.Result.ExpectedValue; */ public class CardCofactorSuite extends CardTestSuite { public CardCofactorSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "cofactor", new String[]{"preset"}, "The cofactor test suite tests whether the card correctly rejects points on the curve", + super(writer, cfg, cardManager, "cofactor", new String[]{"preset", "random"}, "The cofactor test suite tests whether the card correctly rejects points on the curve", "but not in the subgroup generated by the generator(so of small order, dividing the cofactor) during ECDH."); } @@ -39,7 +39,7 @@ public class CardCofactorSuite extends CardTestSuite { Test allocate = CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), ExpectedValue.SUCCESS); Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), ExpectedValue.SUCCESS); - Test generate = genOrPreset(curve, ExpectedValue.SUCCESS); + Test generate = setupKeypairs(curve, ExpectedValue.SUCCESS, ECTesterApplet.KEYPAIR_LOCAL); Test prepare = CompoundTest.all(ExpectedValue.SUCCESS, "Prepare and generate keypair on " + curve.getId() + ".", allocate, set, generate); @@ -47,7 +47,7 @@ public class CardCofactorSuite extends CardTestSuite { for (EC_Key.Public pub : keys) { Test setPub = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, pub.getParams(), pub.flatten()), Result.ExpectedValue.FAILURE); Test ecdh = CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH), Result.ExpectedValue.FAILURE); - Test objectEcdh = CompoundTest.any(Result.ExpectedValue.SUCCESS, CardUtil.getKATypeString(EC_Consts.KeyAgreement_ALG_EC_SVDP_DH) + " test with degenerate pubkey.", setPub, ecdh); + Test objectEcdh = CompoundTest.any(Result.ExpectedValue.SUCCESS, CardUtil.getKATypeString(EC_Consts.KeyAgreement_ALG_EC_SVDP_DH) + " test with cofactor pubkey.", setPub, ecdh); Command ecdhCommand = new Command.ECDH_direct(this.card, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH, pub.flatten()); Test rawEcdh = CommandTest.expect(ecdhCommand, ExpectedValue.FAILURE, "Card correctly rejected point on non-generator subgroup.", "Card incorrectly accepted point on non-generator subgroup."); ecdhTests.add(CompoundTest.all(Result.ExpectedValue.SUCCESS, pub.getId() + " cofactor key test.", objectEcdh, rawEcdh)); diff --git a/src/cz/crcs/ectester/reader/test/CardCompositeSuite.java b/src/cz/crcs/ectester/reader/test/CardCompositeSuite.java index 2712184..babe732 100644 --- a/src/cz/crcs/ectester/reader/test/CardCompositeSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardCompositeSuite.java @@ -25,18 +25,12 @@ import static cz.crcs.ectester.common.test.Result.ExpectedValue; public class CardCompositeSuite extends CardTestSuite { public CardCompositeSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "composite", new String[]{"preset"}, "The composite suite runs ECDH over curves with composite order.", - "Various types of compositeness is tested: smooth numbers, Carmichael pseudoprime, prime square, product of two large primes."); + super(writer, cfg, cardManager, "composite", new String[]{"preset", "random"}, "The composite suite runs ECDH over curves with composite order.", + "Various types of compositeness is tested: smooth numbers, Carmichael pseudo-prime, prime square, product of two large primes."); } @Override protected void runTests() throws Exception { - /* Do the default run with the public keys set to provided smallorder keys - * over composite order curves. Essentially small subgroup attacks. - * These should fail, the curves aren't safe so that if the computation with - * a small order public key succeeds the private key modulo the public key order - * is revealed. - */ Map<String, EC_Key> keys = EC_Store.getInstance().getObjects(EC_Key.class, "composite"); Map<EC_Curve, List<EC_Key>> mappedKeys = EC_Store.mapKeyToCurve(keys.values()); for (Map.Entry<EC_Curve, List<EC_Key>> curveKeys : mappedKeys.entrySet()) { @@ -52,11 +46,11 @@ public class CardCompositeSuite extends CardTestSuite { String name; if (cfg.testOptions.contains("preset")) { - name = "preset semi-random key"; + name = "preset semi-random private key"; } else { - name = "generated key"; + name = "generated private key"; } - tests.add(genOrPreset(curve, ExpectedValue.ANY)); + tests.add(setupKeypairs(curve, ExpectedValue.ANY, ECTesterApplet.KEYPAIR_LOCAL)); for (EC_Key key : curveKeys.getValue()) { Command ecdhCommand = new Command.ECDH_direct(this.card, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH, key.flatten()); Test ecdh = CommandTest.expect(ecdhCommand, ExpectedValue.FAILURE, "Card correctly rejected to do ECDH over a composite order curve.", "Card incorrectly does ECDH over a composite order curve, leaks bits of private key."); @@ -91,7 +85,7 @@ public class CardCompositeSuite extends CardTestSuite { /* Also test having G or large order being a Carmichael pseudoprime, R = p * q * r, */ List<EC_Curve> ppCurves = groups.entrySet().stream().filter((e) -> e.getKey().equals("pp")).findFirst().get().getValue(); - testGroup(ppCurves, "Generator order = Carmichael pseudoprime", ExpectedValue.ANY, "", ""); + testGroup(ppCurves, "Generator order = Carmichael pseudo-prime", ExpectedValue.ANY, "", ""); /* Also test rg0 curves. */ @@ -103,9 +97,9 @@ public class CardCompositeSuite extends CardTestSuite { for (EC_Curve curve : curves) { Test allocate = CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), ExpectedValue.SUCCESS); Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), ExpectedValue.ANY); - Test generate = CommandTest.expect(new Command.Generate(this.card, ECTesterApplet.KEYPAIR_BOTH), ExpectedValue.ANY); - Test ecdh = CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH), dhValue, ok, nok); - Test ecdsa = CommandTest.expect(new Command.ECDSA(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.Signature_ALG_ECDSA_SHA, ECTesterApplet.EXPORT_FALSE, null), dhValue, ok, nok); + Test generate = setupKeypairs(curve, ExpectedValue.ANY, ECTesterApplet.KEYPAIR_BOTH); + Test ecdh = CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH), dhValue, ok, nok); + Test ecdsa = CommandTest.expect(new Command.ECDSA_sign(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.Signature_ALG_ECDSA_SHA, ECTesterApplet.EXPORT_FALSE, null), dhValue, ok, nok); String description; if (testName == null) { diff --git a/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java b/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java index cc0f8d3..9257b3d 100644 --- a/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java @@ -33,7 +33,7 @@ public class CardEdgeCasesSuite extends CardTestSuite { public CardEdgeCasesSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { super(writer, cfg, cardManager, "edge-cases", null, "The edge-cases test suite tests various inputs to ECDH which may cause an implementation to achieve a certain edge-case state during it.", "Some of the data is from the google/Wycheproof project. Tests include CVE-2017-10176 and CVE-2017-8932.", - "Also tests values of the private key and public key that would trigger the OpenSSL modualr multiplication bug on the P-256 curve.", + "Also tests values of the private key and public key that would trigger the OpenSSL modular multiplication bug on the P-256 curve.", "Various edge private key values are also tested."); } @@ -158,18 +158,21 @@ public class CardEdgeCasesSuite extends CardTestSuite { CommandTest export = CommandTest.expect(new Command.Export(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, EC_Consts.PARAMETER_W), Result.ExpectedValue.SUCCESS); Test setup = runTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "KeyPair setup.", key, set, generate, export)); + /* byte[] pParam = curve.getParam(EC_Consts.PARAMETER_FP)[0]; BigInteger p = new BigInteger(1, pParam); byte[] wParam = ((Response.Export) export.getResponse()).getParameter(ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_W); + byte[] xValue = new byte[(wParam.length - 1) / 2]; byte[] yValue = new byte[(wParam.length - 1) / 2]; + System.arraycopy(wParam, 1, xValue, 0, xValue.length); System.arraycopy(wParam, (wParam.length / 2) + 1, yValue, 0, yValue.length); BigInteger y = new BigInteger(1, yValue); BigInteger negY = p.subtract(y); byte[] newY = ECUtil.toByteArray(negY, curve.getBits()); - System.arraycopy(newY, 0, wParam, (wParam.length / 2) + 1, newY.length); - EC_Params negYParams = makeParams(newY); + EC_Params negYParams = new EC_Params(EC_Consts.PARAMETER_W, new byte[][]{xValue, newY}); Test negYTest = ecdhTest(new Command.Set(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, negYParams.getParams(), negYParams.flatten()), "ECDH with pubkey negated.", Result.ExpectedValue.FAILURE, Result.ExpectedValue.FAILURE); + */ Test zeroS = ecdhTest(new Command.Transform(this.card, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, EC_Consts.PARAMETER_S, EC_Consts.TRANSFORMATION_ZERO), "ECDH with S = 0.", Result.ExpectedValue.FAILURE, Result.ExpectedValue.FAILURE); Test oneS = ecdhTest(new Command.Transform(this.card, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, EC_Consts.PARAMETER_S, EC_Consts.TRANSFORMATION_ONE), "ECDH with S = 1.", Result.ExpectedValue.FAILURE, Result.ExpectedValue.FAILURE); @@ -236,9 +239,9 @@ public class CardEdgeCasesSuite extends CardTestSuite { if (cfg.cleanup) { Test cleanup = CommandTest.expect(new Command.Cleanup(this.card), Result.ExpectedValue.ANY); - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests with edge-case private key values over " + curve.getId() + ".", setup, negYTest, zeroS, oneS, alternateS, alternateOtherS, fullS, smallerS, exactS, largerS, rm1S, rp1S, krS, krm1S, krp1S, cleanup)); + doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests with edge-case private key values over " + curve.getId() + ".", setup, zeroS, oneS, alternateS, alternateOtherS, fullS, smallerS, exactS, largerS, rm1S, rp1S, krS, krm1S, krp1S, cleanup)); } else { - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests with edge-case private key values over " + curve.getId() + ".", setup, negYTest, zeroS, oneS, alternateS, alternateOtherS, fullS, smallerS, exactS, largerS, rm1S, rp1S, krS, krm1S, krp1S)); + doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "Tests with edge-case private key values over " + curve.getId() + ".", setup, zeroS, oneS, alternateS, alternateOtherS, fullS, smallerS, exactS, largerS, rm1S, rp1S, krS, krm1S, krp1S)); } } diff --git a/src/cz/crcs/ectester/reader/test/CardMiscSuite.java b/src/cz/crcs/ectester/reader/test/CardMiscSuite.java index d1a5c0f..dd49708 100644 --- a/src/cz/crcs/ectester/reader/test/CardMiscSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardMiscSuite.java @@ -23,7 +23,7 @@ import java.util.Map; public class CardMiscSuite extends CardTestSuite { public CardMiscSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "miscellaneous",new String[]{"preset"}, "Some miscellaneous tests, tries ECDH and ECDSA over supersingular curves, anomalous curves,", + super(writer, cfg, cardManager, "miscellaneous", new String[]{"preset", "random"}, "Some miscellaneous tests, tries ECDH and ECDSA over supersingular curves, anomalous curves,", "Barreto-Naehrig curves with small embedding degree and CM discriminant, MNT curves,", "some Montgomery curves transformed to short Weierstrass form and Curve25519 transformed to short Weierstrass form."); } @@ -56,16 +56,16 @@ public class CardMiscSuite extends CardTestSuite { } Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Result.ExpectedValue.SUCCESS); - Test generate = genOrPreset(curve, Result.ExpectedValue.ANY); - Test ka = CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH), expected); - Test sig = CommandTest.expect(new Command.ECDSA(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.Signature_ALG_ECDSA_SHA, ECTesterApplet.EXPORT_FALSE, null), expected); + Test generate = setupKeypairs(curve, Result.ExpectedValue.ANY, ECTesterApplet.KEYPAIR_BOTH); + Test ka = CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH), expected); + Test sig = CommandTest.expect(new Command.ECDSA_sign(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.Signature_ALG_ECDSA_SHA, ECTesterApplet.EXPORT_FALSE, null), expected); Test perform = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform ECDH and ECDSA.", ka, sig); if (cfg.cleanup) { Test cleanup = CommandTest.expect(new Command.Cleanup(this.card), Result.ExpectedValue.ANY); doTest(CompoundTest.greedyAll(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + "b " + catName + " curve: " + curve.getId() + ".", allocateFirst, set, generate, perform, cleanup)); } else { - doTest(CompoundTest.greedyAll(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + "b " + catName + " curve: " + curve.getId() + ".", allocateFirst, set, generate, perform)); + doTest(CompoundTest.greedyAll(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + "b " + catName + " curve: " + curve.getId() + ".", allocateFirst, set, generate, perform)); } } diff --git a/src/cz/crcs/ectester/reader/test/CardTestSuite.java b/src/cz/crcs/ectester/reader/test/CardTestSuite.java index ed3dc3b..fc60ae5 100644 --- a/src/cz/crcs/ectester/reader/test/CardTestSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardTestSuite.java @@ -5,6 +5,7 @@ import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.common.ec.EC_Curve; import cz.crcs.ectester.common.ec.EC_Params; import cz.crcs.ectester.common.output.TestWriter; +import cz.crcs.ectester.common.test.CompoundTest; import cz.crcs.ectester.common.test.Result; import cz.crcs.ectester.common.test.Test; import cz.crcs.ectester.common.test.TestSuite; @@ -46,13 +47,48 @@ public abstract class CardTestSuite extends TestSuite { } } - public Test genOrPreset(EC_Curve curve, Result.ExpectedValue expected) { - if (Arrays.asList(options).contains("preset") && cfg.testOptions.contains("preset")) { - byte[] presetPriv = ECUtil.semiRandomKey(curve); - EC_Params privParms = new EC_Params(EC_Consts.PARAMETER_S, new byte[][]{presetPriv}); - return CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, privParms.getParams(), privParms.flatten()), expected); + public Test setupKeypairs(EC_Curve curve, Result.ExpectedValue expected, byte keyPair) { + if ((Arrays.asList(options).contains("preset") && cfg.testOptions.contains("preset")) || (Arrays.asList(options).contains("random") && cfg.testOptions.contains("random"))) { + Test setLocal = null; + if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) { + EC_Params priv; + if (cfg.testOptions.contains("preset")) { + priv = ECUtil.fixedRandomKey(curve); + } else { + priv = ECUtil.fullRandomKey(curve); + } + setLocal = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, priv.getParams(), priv.flatten()), expected); + } + Test setRemote = null; + if ((keyPair & ECTesterApplet.KEYPAIR_REMOTE) != 0) { + EC_Params pub; + if (cfg.testOptions.contains("preset")) { + pub = ECUtil.fixedRandomPoint(curve); + } else { + pub = ECUtil.fullRandomPoint(curve); + } + if (pub == null) { + setRemote = CommandTest.expect(new Command.Generate(this.card, ECTesterApplet.KEYPAIR_REMOTE), expected); + } else { + setRemote = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, pub.getParams(), pub.flatten()), expected); + } + } + + if (keyPair == ECTesterApplet.KEYPAIR_LOCAL) { + return setLocal; + } else if (keyPair == ECTesterApplet.KEYPAIR_REMOTE) { + return setRemote; + } else { + String desc; + if (cfg.testOptions.contains("preset")) { + desc = "Set semi-random parameters."; + } else { + desc = "Set fully-random parameters."; + } + return CompoundTest.all(expected, desc, setLocal, setRemote); + } } else { - return CommandTest.expect(new Command.Generate(this.card, ECTesterApplet.KEYPAIR_LOCAL), expected); + return CommandTest.expect(new Command.Generate(this.card, keyPair), expected); } } } diff --git a/src/cz/crcs/ectester/reader/test/CardTestVectorSuite.java b/src/cz/crcs/ectester/reader/test/CardTestVectorSuite.java index 690425d..d143852 100644 --- a/src/cz/crcs/ectester/reader/test/CardTestVectorSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardTestVectorSuite.java @@ -163,14 +163,16 @@ public class CardTestVectorSuite extends CardTestSuite { try { ka.init(privKey); ka.doPhase(pubKey, true); - byte[] rawDerived = ka.generateSecret(); + byte[] derived = ka.generateSecret(); int fieldSize = (curve.getBits() + 7) / 8; - if (rawDerived.length < fieldSize) { + if (derived.length < fieldSize) { byte[] padded = new byte[fieldSize]; - System.arraycopy(rawDerived, 0, padded, fieldSize - rawDerived.length, rawDerived.length); - rawDerived = padded; + System.arraycopy(derived, 0, padded, fieldSize - derived.length, derived.length); + derived = padded; + } + if (ecdhData.getType() == EC_Consts.KeyAgreement_ALG_EC_SVDP_DH || ecdhData.getType() == EC_Consts.KeyAgreement_ALG_EC_SVDP_DHC) { + derived = md.digest(derived); } - byte[] derived = md.digest(rawDerived); if (secret.length != derived.length) { if (secret.length < derived.length) { return new Result(Value.FAILURE, String.format("Derived secret was shorter than expected: %d vs %d (expected).", secret.length, derived.length)); @@ -190,6 +192,7 @@ public class CardTestVectorSuite extends CardTestSuite { } }; Test ecdhTest = CommandTest.function(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_TRUE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH), kaCallback); + Test ecdhRawTest = CommandTest.function(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_TRUE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH_PLAIN), kaCallback); byte[] data = new byte[32]; TestCallback<CommandTestable> sigCallback = new TestCallback<CommandTestable>() { @Override @@ -222,7 +225,7 @@ public class CardTestVectorSuite extends CardTestSuite { } }; Test ecdsaTest = CommandTest.function(new Command.ECDSA_sign(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.Signature_ALG_ECDSA_SHA, ECTesterApplet.EXPORT_TRUE, data), sigCallback); - testVector.add(CompoundTest.all(ExpectedValue.SUCCESS, "", ecdhTest, ecdsaTest)); + testVector.add(CompoundTest.all(ExpectedValue.SUCCESS, "Test.", ecdhTest, ecdhRawTest, ecdsaTest)); if (cfg.cleanup) { testVector.add(CommandTest.expect(new Command.Cleanup(this.card), ExpectedValue.ANY)); } diff --git a/src/cz/crcs/ectester/reader/test/CardWrongSuite.java b/src/cz/crcs/ectester/reader/test/CardWrongSuite.java index 3ba0ee9..13a3f8b 100644 --- a/src/cz/crcs/ectester/reader/test/CardWrongSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardWrongSuite.java @@ -31,7 +31,7 @@ import static cz.crcs.ectester.common.test.Result.ExpectedValue; public class CardWrongSuite extends CardTestSuite { public CardWrongSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "wrong", null, "The wrong curve suite tests whether the card rejects domain parameters which are not curves."); + super(writer, cfg, cardManager, "wrong", new String[]{"preset", "random"}, "The wrong curve suite tests whether the card rejects domain parameters which are not curves."); } @Override @@ -50,14 +50,14 @@ public class CardWrongSuite extends CardTestSuite { } tests.add(key); Test set = runTest(CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), ExpectedValue.FAILURE)); - Test generate = runTest(CommandTest.expect(new Command.Generate(this.card, ECTesterApplet.KEYPAIR_BOTH), ExpectedValue.FAILURE)); + Test generate = runTest(setupKeypairs(curve, ExpectedValue.SUCCESS, ECTesterApplet.KEYPAIR_BOTH)); Test setup = runTest(CompoundTest.any(ExpectedValue.SUCCESS, "Set wrong curve and generate keypairs.", set, generate)); tests.add(setup); for (byte kaType : EC_Consts.KA_TYPES) { Test allocate = runTest(CommandTest.expect(new Command.AllocateKeyAgreement(this.card, kaType), ExpectedValue.SUCCESS)); if (allocate.ok()) { - Test ka = runTest(CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, kaType), ExpectedValue.FAILURE)); + Test ka = runTest(CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, kaType), ExpectedValue.FAILURE)); Test kaTest = runTest(CompoundTest.all(ExpectedValue.SUCCESS, "Allocate and perform KA.", allocate, ka)); tests.add(kaTest); } @@ -117,8 +117,13 @@ public class CardWrongSuite extends CardTestSuite { Test zeroG = ecdhTest(new Command.Transform(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.KEY_BOTH, EC_Consts.PARAMETER_G, EC_Consts.TRANSFORMATION_INFINITY), "Set G = inifnity.", "ECDH with G = infinity."); Test wrongG = CompoundTest.all(ExpectedValue.SUCCESS, "Tests with corrupted G parameter.", randomG, fullRandomG, zeroG); - byte[] originalR = new byte[keyLength]; - EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_R, originalR, (short) 0); + byte[] originalR = new byte[((keyLength + 7) / 8) + 1]; + short origRlen = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_R, originalR, (short) 0); + if (origRlen != originalR.length) { + byte[] copyR = new byte[origRlen]; + System.arraycopy(originalR, 0, copyR, 0, origRlen); + originalR = copyR; + } BigInteger originalBigR = new BigInteger(1, originalR); Test zeroR = ecdhTest(new Command.Transform(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, EC_Consts.PARAMETER_R, EC_Consts.TRANSFORMATION_ZERO), "Set R = 0.", "ECDH with R = 0."); @@ -138,7 +143,7 @@ public class CardWrongSuite extends CardTestSuite { Test nextprimeWrongR = ecdhTest(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, nextRData.getParams(), nextRData.flatten()), "Set R = some prime (but [r]G != infinity) larger than original R.", "ECDH with wrong R, nextprime."); byte[] nonprimeRBytes = nextRBytes.clone(); - nonprimeRBytes[0] ^= 1; + nonprimeRBytes[nonprimeRBytes.length - 1] ^= 1; EC_Params nonprimeWrongRData = new EC_Params(EC_Consts.PARAMETER_R, new byte[][]{nonprimeRBytes}); Test nonprimeWrongR = ecdhTest(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, nonprimeWrongRData.getParams(), nonprimeWrongRData.flatten()), "Set R = some composite (but [r]G != infinity).", "ECDH with wrong R, composite."); diff --git a/src/cz/crcs/ectester/standalone/ECTesterStandalone.java b/src/cz/crcs/ectester/standalone/ECTesterStandalone.java index d61475c..e39944b 100644 --- a/src/cz/crcs/ectester/standalone/ECTesterStandalone.java +++ b/src/cz/crcs/ectester/standalone/ECTesterStandalone.java @@ -1,6 +1,7 @@ /* * ECTester, tool for testing Elliptic curve cryptography implementations. * Copyright (c) 2016-2018 Petr Svenda <petr@svenda.com> + * Copyright (c) 2016-2019 Jan Jancar <johny@neuromancer.sk> * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -22,10 +23,9 @@ */ package cz.crcs.ectester.standalone; +import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.common.cli.*; import cz.crcs.ectester.common.ec.EC_Curve; -import cz.crcs.ectester.common.ec.EC_Key; -import cz.crcs.ectester.common.ec.EC_Keypair; import cz.crcs.ectester.common.output.TestWriter; import cz.crcs.ectester.common.test.TestException; import cz.crcs.ectester.common.util.ByteUtil; @@ -41,10 +41,7 @@ import cz.crcs.ectester.standalone.output.XMLTestWriter; import cz.crcs.ectester.standalone.output.YAMLTestWriter; import cz.crcs.ectester.standalone.test.suites.StandaloneDefaultSuite; import cz.crcs.ectester.standalone.test.suites.StandaloneTestSuite; -import org.apache.commons.cli.DefaultParser; -import org.apache.commons.cli.Option; -import org.apache.commons.cli.Options; -import org.apache.commons.cli.ParseException; +import org.apache.commons.cli.*; import javax.crypto.KeyAgreement; import javax.crypto.SecretKey; @@ -89,7 +86,7 @@ public class ECTesterStandalone { private TreeCommandLine cli; public static final String VERSION = "v0.3.2"; private static final String DESCRIPTION = "ECTesterStandalone " + VERSION + ", an Elliptic Curve Cryptography support tester/utility."; - private static final String LICENSE = "MIT Licensed\nCopyright (c) 2016-2018 Petr Svenda <petr@svenda.com>"; + private static final String LICENSE = "MIT Licensed\nCopyright © 2016-2019 Petr Svenda <petr@svenda.com>\nCopyright © 2016-2019 Jan Jancar <johny@neuromancer.sk>"; private static final String CLI_HEADER = "\n" + DESCRIPTION + "\n\n"; private static final String CLI_FOOTER = "\n" + LICENSE; @@ -153,7 +150,15 @@ public class ECTesterStandalone { Option namedCurve = Option.builder("nc").longOpt("named-curve").desc("Use a named curve, from CurveDB: <cat/id>").hasArg().argName("cat/id").optionalArg(false).build(); Option namedPublic = Option.builder("npub").longOpt("named-public").desc("Use a named public key, from CurveDB: <cat/id>").hasArg().argName("cat/id").optionalArg(false).build(); + Option filePublic = Option.builder("pub").longOpt("public").desc("Use a given public key from file.").hasArg().argName("pubkey").optionalArg(false).build(); + OptionGroup publicKey = new OptionGroup(); + publicKey.addOption(namedPublic); + publicKey.addOption(filePublic); Option namedPrivate = Option.builder("npriv").longOpt("named-private").desc("Use a named private key, from CurveDB: <cat/id>").hasArg().argName("cat/id").optionalArg(false).build(); + Option filePrivate = Option.builder("priv").longOpt("private").desc("Use a given private key from file.").hasArg().argName("privkey").optionalArg(false).build(); + OptionGroup privateKey = new OptionGroup(); + privateKey.addOption(namedPrivate); + privateKey.addOption(filePrivate); Option curveName = Option.builder("cn").longOpt("curve-name").desc("Use a named curve, search from curves supported by the library: <name>").hasArg().argName("name").optionalArg(false).build(); Option bits = Option.builder("b").longOpt("bits").hasArg().argName("n").optionalArg(false).desc("What size of curve to use.").build(); Option output = Option.builder("o").longOpt("output").desc("Output into file <output_file>.").hasArgs().argName("output_file").optionalArg(false).build(); @@ -180,9 +185,9 @@ public class ECTesterStandalone { ecdhOpts.addOption(Option.builder("t").longOpt("type").desc("Set KeyAgreement object [type].").hasArg().argName("type").optionalArg(false).build()); ecdhOpts.addOption(Option.builder().longOpt("key-type").desc("Set the key [algorithm] for which the key should be derived in KeyAgreements with KDF. Default is \"AES\".").hasArg().argName("algorithm").optionalArg(false).build()); ecdhOpts.addOption(Option.builder("n").longOpt("amount").hasArg().argName("amount").optionalArg(false).desc("Do ECDH [amount] times.").build()); - ecdhOpts.addOption(namedPrivate); + ecdhOpts.addOptionGroup(publicKey); ecdhOpts.addOption(Option.builder().longOpt("fixed-private").desc("Perform ECDH with fixed private key.").build()); - ecdhOpts.addOption(namedPublic); + ecdhOpts.addOptionGroup(privateKey); ecdhOpts.addOption(Option.builder().longOpt("fixed-public").desc("Perform ECDH with fixed public key.").build()); ParserOptions ecdh = new ParserOptions(new DefaultParser(), ecdhOpts, "Perform EC based KeyAgreement."); actions.put("ecdh", ecdh); @@ -192,8 +197,8 @@ public class ECTesterStandalone { ecdsaOpts.addOption(namedCurve); ecdsaOpts.addOption(curveName); ecdsaOpts.addOption(output); - ecdsaOpts.addOption(namedPrivate); - ecdsaOpts.addOption(namedPublic); + ecdsaOpts.addOptionGroup(privateKey); + ecdsaOpts.addOptionGroup(publicKey); ecdsaOpts.addOption(Option.builder("t").longOpt("type").desc("Set Signature object [type].").hasArg().argName("type").optionalArg(false).build()); ecdsaOpts.addOption(Option.builder("n").longOpt("amount").hasArg().argName("amount").optionalArg(false).desc("Do ECDSA [amount] times.").build()); ecdsaOpts.addOption(Option.builder("f").longOpt("file").hasArg().argName("file").optionalArg(false).desc("Input [file] to sign.").build()); @@ -287,7 +292,7 @@ public class ECTesterStandalone { /** * */ - private void ecdh() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, FileNotFoundException { + private void ecdh() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, IOException { ProviderECLibrary lib = cfg.selected; String algo = cli.getOptionValue("ecdh.type", "ECDH"); @@ -353,43 +358,31 @@ public class ECTesterStandalone { out.println("index;time[nano];pubW;privS;secret"); KeyPair one = null; - if (cli.hasOption("ecdh.fixed-private") && !cli.hasOption("ecdh.named-private")) { + if (cli.hasOption("ecdh.fixed-private") && !cli.hasOption("ecdh.named-private") && !cli.hasOption("ecdh.private")) { one = kpg.genKeyPair(); } KeyPair other = null; - if (cli.hasOption("ecdh.fixed-public") && !cli.hasOption("ecdh.named-public")) { + if (cli.hasOption("ecdh.fixed-public") && !cli.hasOption("ecdh.named-public") && !cli.hasOption("ecdh.public")) { other = kpg.genKeyPair(); } - ECPrivateKey privkey = null; - if (cli.hasOption("ecdh.named-private")) { - privkey = ECUtil.toPrivateKey(EC_Store.getInstance().getObject(EC_Key.Private.class, cli.getOptionValue("ecdh.named-private"))); - if (privkey == null) { - privkey = (ECPrivateKey) ECUtil.toKeyPair(EC_Store.getInstance().getObject(EC_Keypair.class, cli.getOptionValue("ecdh.named-private"))).getPrivate(); - } - } - ECPublicKey pubkey = null; - if (cli.hasOption("ecdh.named-public")) { - pubkey = ECUtil.toPublicKey(EC_Store.getInstance().getObject(EC_Key.Public.class, cli.getOptionValue("ecdh.named-public"))); - if (pubkey == null) { - pubkey = (ECPublicKey) ECUtil.toKeyPair(EC_Store.getInstance().getObject(EC_Keypair.class, cli.getOptionValue("ecdh.named-public"))).getPublic(); - } - } + ECPrivateKey privkey = (ECPrivateKey) ECUtil.loadKey(EC_Consts.PARAMETER_S, cli.getOptionValue("ecdh.named-private"), cli.getOptionValue("ecdh.private"), (ECParameterSpec) spec); + ECPublicKey pubkey = (ECPublicKey) ECUtil.loadKey(EC_Consts.PARAMETER_W, cli.getOptionValue("ecdh.named-public"), cli.getOptionValue("ecdh.public"), (ECParameterSpec) spec); int amount = Integer.parseInt(cli.getOptionValue("ecdh.amount", "1")); - for (int i = 0; i < amount; ++i) { - if (!cli.hasOption("ecdh.fixed-private") && !cli.hasOption("ecdh.named-private")) { + for (int i = 0; i < amount || amount == 0; ++i) { + if (!cli.hasOption("ecdh.fixed-private") && !cli.hasOption("ecdh.named-private") && !cli.hasOption("ecdh.private")) { one = kpg.genKeyPair(); } - if (!cli.hasOption("ecdh.fixed-public") && !cli.hasOption("ecdh.named-public")) { + if (!cli.hasOption("ecdh.fixed-public") && !cli.hasOption("ecdh.named-public") && !cli.hasOption("ecdh.public")) { other = kpg.genKeyPair(); } - if (!cli.hasOption("ecdh.named-private")) { + if (!cli.hasOption("ecdh.named-private") && !cli.hasOption("ecdh.private")) { privkey = (ECPrivateKey) one.getPrivate(); } - if (!cli.hasOption("ecdh.named-public")) { + if (!cli.hasOption("ecdh.named-public") && !cli.hasOption("ecdh.public")) { pubkey = (ECPublicKey) other.getPublic(); } @@ -510,23 +503,11 @@ public class ECTesterStandalone { out.println("index;signTime[nano];verifyTime[nano];data;pubW;privS;signature;nonce;verified"); - ECPrivateKey privkey = null; - if (cli.hasOption("ecdsa.named-private")) { - privkey = ECUtil.toPrivateKey(EC_Store.getInstance().getObject(EC_Key.Private.class, cli.getOptionValue("ecdsa.named-private"))); - if (privkey == null) { - privkey = (ECPrivateKey) ECUtil.toKeyPair(EC_Store.getInstance().getObject(EC_Keypair.class, cli.getOptionValue("ecdsa.named-private"))).getPrivate(); - } - } - ECPublicKey pubkey = null; - if (cli.hasOption("ecdsa.named-public")) { - pubkey = ECUtil.toPublicKey(EC_Store.getInstance().getObject(EC_Key.Public.class, cli.getOptionValue("ecdsa.named-public"))); - if (pubkey == null) { - pubkey = (ECPublicKey) ECUtil.toKeyPair(EC_Store.getInstance().getObject(EC_Keypair.class, cli.getOptionValue("ecdsa.named-public"))).getPublic(); - } - } + ECPrivateKey privkey = (ECPrivateKey) ECUtil.loadKey(EC_Consts.PARAMETER_S, cli.getOptionValue("ecdsa.named-private"), cli.getOptionValue("ecdsa.private"), spec); + ECPublicKey pubkey = (ECPublicKey) ECUtil.loadKey(EC_Consts.PARAMETER_W, cli.getOptionValue("ecdsa.named-public"), cli.getOptionValue("ecdsa.public"), spec); int amount = Integer.parseInt(cli.getOptionValue("ecdsa.amount", "1")); - for (int i = 0; i < amount; ++i) { + for (int i = 0; i < amount || amount == 0; ++i) { if (!cli.hasOption("ecdsa.named-private") || !cli.hasOption("ecdsa.named-public")) { KeyPair one = kpg.genKeyPair(); @@ -754,13 +735,27 @@ public class ECTesterStandalone { if (cli.hasOption("test.format")) { String fmt = cli.getOptionValue("test.format"); - String formats[] = new String[]{"text", "xml", "yaml", "yml"}; + String[] formats = new String[]{"text", "xml", "yaml", "yml"}; if (!Arrays.asList(formats).contains(fmt.toLowerCase())) { System.err.println("Invalid format specified."); return false; } } + if (cli.isNext("ecdh")) { + if ((cli.hasOption("ecdh.public") || cli.hasOption("ecdh.private")) && !cli.hasOption("ecdh.named-curve")) { + System.err.println("Need to specify a named curve when specifying public/private key in file."); + return false; + } + } + + if (cli.isNext("ecdsa")) { + if ((cli.hasOption("ecdsa.public") || cli.hasOption("ecdsa.private")) && !cli.hasOption("ecdsa.named-curve")) { + System.err.println("Need to specify a named curve when specifying public/private key in file."); + return false; + } + } + return true; } } diff --git a/util/plot_dh.ipynb b/util/plot_dh.ipynb new file mode 100644 index 0000000..4d4edbc --- /dev/null +++ b/util/plot_dh.ipynb @@ -0,0 +1,616 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "# Analysis of key generation data" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:51:29.892989Z", + "start_time": "2019-03-17T19:51:29.557783Z" + } + }, + "outputs": [], + "source": [ + " %matplotlib notebook \n", + "import numpy as np\n", + "from scipy.stats import describe\n", + "from scipy.stats import norm as norm_dist\n", + "from scipy.stats.mstats import mquantiles\n", + "from math import log, sqrt\n", + "import matplotlib.pyplot as plt\n", + "from matplotlib import ticker, colors, gridspec\n", + "from copy import deepcopy\n", + "from utils import plot_hist, moving_average, hw\n", + "from binascii import unhexlify\n", + "from IPython.display import display, HTML\n", + "from ipywidgets import interact, interactive, fixed, interact_manual\n", + "import ipywidgets as widgets\n", + "import tabulate" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Settings\n", + "Enter your input below." + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:57:52.012826Z", + "start_time": "2019-03-17T19:57:52.008374Z" + } + }, + "outputs": [], + "source": [ + "# File name with output from ECTesterReader or ECTesterStandalone ECDH.\n", + "fname = \"filename.csv\"\n", + "\n", + "# The amount of entries skipped from the beginning of the file, as they are usually outliers.\n", + "skip_first = 10\n", + "\n", + "# Whether to plot things in logarithmic scale or not.\n", + "log_scale = False\n", + "\n", + "# Whether to trim the time data outside the 1 - 99 percentile range (adjust below). Quite useful.\n", + "trim = True\n", + "\n", + "# How much to trim? Either a number in [0,1] signifying a quantile, or an absolute value signifying a threshold\n", + "trim_low = 0.01\n", + "trim_high = 0.99\n", + "\n", + "# Graphical (matplotlib) style name\n", + "style = \"ggplot\"\n", + "\n", + "# Color map to use, and what color to assign to \"bad\" values (necessary for log_scale)\n", + "color_map = plt.cm.plasma\n", + "color_map_bad = \"black\"\n", + "\n", + "# What function to use to calculate number of histogram bins of time\n", + "# one of \"sqrt\", \"sturges\", \"rice\", \"scott\" and \"fd\" or a number specifying the number of bins\n", + "hist_size = \"rice\"" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Data processing" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:51:36.973070Z", + "start_time": "2019-03-17T19:51:36.967369Z" + } + }, + "outputs": [], + "source": [ + "# Setup plot style\n", + "\n", + "plt.style.use(style)\n", + "\n", + "cmap = deepcopy(color_map)\n", + "cmap.set_bad(color_map_bad)\n", + "\n", + "# Normalization, linear or log.\n", + "if log_scale:\n", + " norm = colors.LogNorm()\n", + "else:\n", + " norm = colors.Normalize()" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:51:39.208449Z", + "start_time": "2019-03-17T19:51:37.430702Z" + } + }, + "outputs": [], + "source": [ + "# Read the header line.\n", + "\n", + "with open(fname, \"r\") as f:\n", + " header = f.readline()\n", + "header_names = header.split(\";\")\n", + "if len(header_names) != 5:\n", + " print(\"Bad data?\")\n", + " exit(1)\n", + "\n", + "# Load the data\n", + "\n", + "hx = lambda x: int(x, 16)\n", + "data = np.genfromtxt(fname, delimiter=\";\", skip_header=1, converters={2: unhexlify, 3: hx, 4: hx},\n", + " dtype=np.dtype([(\"index\", \"u4\"), (\"time\", \"u4\"), (\"pub\", \"O\"), (\"priv\", \"O\"), (\"secret\", \"O\")]))\n", + "\n", + "time_unit = \"ms\"" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:57:56.363502Z", + "start_time": "2019-03-17T19:57:56.331005Z" + } + }, + "outputs": [], + "source": [ + "# Setup the data\n", + "\n", + "# Skip first (outliers?)\n", + "\n", + "data = data[skip_first:]\n", + "\n", + "# If in nanoseconds, scale to microseconds\n", + "if header_names[1].endswith(\"[nano]\") and time_unit == \"ms\":\n", + " time_unit = r\"$\\mu s$\"\n", + " np.floor_divide(data[\"time\"], 1000, out=data[\"time\"])\n", + "\n", + "\n", + "# Trim times\n", + "quant_low_bound = trim_low if 0 <= trim_low <= 1 else 0.01\n", + "quant_high_bound = trim_high if 0 <= trim_high <= 1 else 0.95\n", + "quantiles = mquantiles(data[\"time\"], prob=(quant_low_bound, 0.25, 0.5, 0.75, quant_high_bound))\n", + "if trim:\n", + " low_bound = quantiles[0] if 0 <= trim_low <= 1 else trim_low\n", + " high_bound = quantiles[4] if 0 <= trim_high <= 1 else trim_high\n", + " data_trimmed = data[np.logical_and(data[\"time\"] >= low_bound,\n", + " data[\"time\"] <= high_bound)]\n", + " quantiles_trim = mquantiles(data_trimmed[\"time\"], prob=(quant_low_bound, 0.25, 0.5, 0.75, quant_high_bound))\n", + "else:\n", + " low_bound = None\n", + " high_bound = None\n", + " data_trimmed = data\n", + " quantiles_trim = quantiles_gen\n", + "\n", + "description = describe(data[\"time\"])\n", + "description_trim = describe(data_trimmed[\"time\"])\n", + "\n", + "max_time = description.minmax[1]\n", + "min_time = description.minmax[0]\n", + "bit_size = len(bin(max(data[\"priv\"]))) - 2\n", + "byte_size = (bit_size + 7) // 8\n", + "\n", + "if hist_size == \"sqrt\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: int(sqrt(n)) + 1\n", + "elif hist_size == \"sturges\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: int(log(n, 2)) + 1\n", + "elif hist_size == \"rice\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: int(2 * n**(1/3))\n", + "elif hist_size == \"scott\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: (xmax - xmin) // int((3.5 * sqrt(var)) / (n**(1/3)))\n", + "elif hist_size == \"fd\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: (xmax - xmin) // int(2 * (xupper - xlower) / (n**(1/3)))\n", + "else:\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: hist_size\n", + "\n", + "hist_size_time = hist_size_func(description.nobs, min_time, max_time, description.variance, quantiles[1], quantiles[3])\n", + "hist_size_time_trim = hist_size_func(description_trim.nobs, description_trim.minmax[0], description_trim.minmax[1], description_trim.variance, quantiles_trim[1], quantiles_trim[3])\n", + "\n", + "if hist_size_time < 30:\n", + " hist_size_time = max_time - min_time\n", + "if hist_size_time_trim < 30:\n", + " hist_size_time_trim = description_trim.minmax[1] - description_trim.minmax[0]" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Analysis" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Summary" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:57:59.534102Z", + "start_time": "2019-03-17T19:57:59.507172Z" + } + }, + "outputs": [], + "source": [ + "display(\"Raw\")\n", + "desc = [(\"N\", \"min, max\", \"mean\", \"variance\", \"skewness\", \"kurtosis\"),\n", + " description]\n", + "display(HTML(tabulate.tabulate(desc, tablefmt=\"html\")))\n", + "display(\"Trimmed\")\n", + "desc = [(\"N\", \"min, max\", \"mean\", \"variance\", \"skewness\", \"kurtosis\"),\n", + " description_trim]\n", + "display(HTML(tabulate.tabulate(desc, tablefmt=\"html\")))" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Selected quantiles" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:58:00.833677Z", + "start_time": "2019-03-17T19:58:00.827736Z" + } + }, + "outputs": [], + "source": [ + "tbl = [(quant_low_bound, \"0.25\", \"0.5\", \"0.75\", quant_high_bound),\n", + " list(map(lambda x: \"{} {}\".format(x, time_unit), quantiles))]\n", + "display(HTML(tabulate.tabulate(tbl, tablefmt=\"html\")))" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Info" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:58:01.954382Z", + "start_time": "2019-03-17T19:58:01.947339Z" + } + }, + "outputs": [], + "source": [ + "display(\"Bitsize: {}\".format(bit_size))\n", + "display(\"Histogram time bins: {}\".format(hist_size_time))\n", + "display(\"Histogram time bins(trimmed): {}\".format(hist_size_time_trim))" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Plots" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Private key MSB vs time heatmap" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:58:03.641387Z", + "start_time": "2019-03-17T19:58:03.572612Z" + } + }, + "outputs": [], + "source": [ + "fig_private = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "axe_private = fig_private.add_subplot(1, 1, 1)\n", + "priv_msb = np.array(list(map(lambda x: x >> (bit_size - 8), data_trimmed[\"priv\"])), dtype=np.dtype(\"u1\"))\n", + "max_msb = max(priv_msb)\n", + "min_msb = min(priv_msb)\n", + "heatmap, xedges, yedges = np.histogram2d(priv_msb, data_trimmed[\"time\"],\n", + " bins=[max_msb - min_msb + 1, hist_size_time_trim])\n", + "extent = [min_msb, max_msb, yedges[0], yedges[-1]]\n", + "im = axe_private.imshow(heatmap.T, extent=extent, aspect=\"auto\", cmap=cmap, origin=\"low\",\n", + " interpolation=\"nearest\", norm=norm)\n", + "axe_private.set_xlabel(\"private key MSB value\")\n", + "axe_private.set_ylabel(\"key agreement time ({})\".format(time_unit))\n", + "fig_private.colorbar(im, ax=axe_private)\n", + "\n", + "del priv_msb" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Private key Hamming Weight vs time heatmap" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:58:07.768683Z", + "start_time": "2019-03-17T19:58:06.938237Z" + } + }, + "outputs": [], + "source": [ + "fig_priv_hist = plt.figure(figsize=(10.5, 12), dpi=90)\n", + "gs = gridspec.GridSpec(2, 1, height_ratios=[2.5, 1])\n", + "axe_priv_hist = fig_priv_hist.add_subplot(gs[0])\n", + "axe_priv_hist_hw = fig_priv_hist.add_subplot(gs[1], sharex = axe_priv_hist)\n", + "priv_hw = np.array(list(map(hw, data_trimmed[\"priv\"])), dtype=np.dtype(\"u2\"))\n", + "h, xe, ye = np.histogram2d(priv_hw, data_trimmed[\"time\"], bins=[max(priv_hw) - min(priv_hw), hist_size_time_trim])\n", + "im = axe_priv_hist.imshow(h.T, origin=\"low\", cmap=cmap, aspect=\"auto\", extent=[xe[0], xe[-1], ye[0], ye[-1]], norm=norm)\n", + "axe_priv_hist.axvline(x=bit_size//2, alpha=0.7, linestyle=\"dotted\", color=\"white\", label=str(bit_size//2) + \" bits\")\n", + "axe_priv_hist.set_xlabel(\"private key Hamming weight\")\n", + "axe_priv_hist.set_ylabel(\"key agreement time ({})\".format(time_unit))\n", + "axe_priv_hist.legend(loc=\"best\")\n", + "\n", + "plot_hist(axe_priv_hist_hw, priv_hw, \"private key Hamming weight\", log_scale, None)\n", + "\n", + "param = norm_dist.fit(priv_hw)\n", + "pdf_range = np.arange(min(priv_hw), max(priv_hw))\n", + "norm_pdf = norm_dist.pdf(pdf_range, *param[:-2], loc=param[-2], scale=param[-1]) * description_trim.nobs\n", + "axe_priv_hist_hw.plot(pdf_range, norm_pdf, label=\"fitted normal distribution\")\n", + "axe_priv_hist_hw.legend(loc=\"best\")\n", + "fig_priv_hist.colorbar(im, ax=[axe_priv_hist, axe_priv_hist_hw])\n", + "\n", + "display(HTML(\"<b>Private key Hamming weight fitted with normal distribution:</b>\"))\n", + "display(HTML(tabulate.tabulate([(\"Mean\", \"Variance\"), param], tablefmt=\"html\")))\n", + "\n", + "del priv_hw" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Key agreement time histogram" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:58:17.986917Z", + "start_time": "2019-03-17T19:58:11.101449Z" + } + }, + "outputs": [], + "source": [ + "fig_ka_hist = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "axe_hist_full = fig_ka_hist.add_subplot(2, 1, 1)\n", + "axe_hist_trim = fig_ka_hist.add_subplot(2, 1, 2)\n", + "plot_hist(axe_hist_full, data[\"time\"], \"key agreement time ({})\".format(time_unit), log_scale, hist_size_time);\n", + "plot_hist(axe_hist_trim, data_trimmed[\"time\"], \"key agreement time ({})\".format(time_unit), log_scale, hist_size_time_trim);" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Moving averages of key agreement time" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:51:57.934476Z", + "start_time": "2019-03-17T19:51:57.877729Z" + } + }, + "outputs": [], + "source": [ + "fig_avg = plt.figure(figsize=(10.5, 7), dpi=90)\n", + "axe_avg = fig_avg.add_subplot(1, 1, 1)\n", + "avg_100 = moving_average(data[\"time\"], 100)\n", + "avg_1000 = moving_average(data[\"time\"], 1000)\n", + "axe_avg.plot(avg_100, label=\"window = 100\")\n", + "axe_avg.plot(avg_1000, label=\"window = 1000\")\n", + "if low_bound is not None:\n", + " axe_avg.axhline(y=low_bound, alpha=0.7, linestyle=\"dotted\", color=\"green\", label=\"Low trim bound = {}\".format(low_bound))\n", + "if high_bound is not None:\n", + " axe_avg.axhline(y=high_bound, alpha=0.7, linestyle=\"dotted\", color=\"orange\", label=\"Hight trim bound = {}\".format(high_bound))\n", + "axe_avg.set_ylabel(\"key agreement time ({})\".format(time_unit))\n", + "axe_avg.set_xlabel(\"index\")\n", + "axe_avg.legend(loc=\"best\")\n", + "\n", + "del avg_100, avg_1000" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Private key MSB and LSB histograms" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:51:58.466578Z", + "start_time": "2019-03-17T19:51:57.937797Z" + }, + "hide_input": false + }, + "outputs": [], + "source": [ + "fig_priv_hists = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "priv_msb = np.array(list(map(lambda x: x >> (bit_size - 8), data[\"priv\"])), dtype=np.dtype(\"u1\"))\n", + "priv_lsb = np.array(list(map(lambda x: x & 0xff, data[\"priv\"])), dtype=np.dtype(\"u1\"))\n", + "axe_msb_s_hist = fig_priv_hists.add_subplot(2, 1, 1)\n", + "axe_lsb_s_hist = fig_priv_hists.add_subplot(2, 1, 2)\n", + "msb_h = plot_hist(axe_msb_s_hist, priv_msb, \"private key MSB\", log_scale, False, False)\n", + "lsb_h = plot_hist(axe_lsb_s_hist, priv_lsb, \"private key LSB\", log_scale, False, False)\n", + "\n", + "del priv_msb, priv_lsb" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Public key coordinate MSB and LSB histograms" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:52:21.184705Z", + "start_time": "2019-03-17T19:52:20.589707Z" + } + }, + "outputs": [], + "source": [ + "def _split(xy):\n", + " x = int.from_bytes(xy[1:byte_size + 1], byteorder=\"big\")\n", + " y = int.from_bytes(xy[1 + byte_size:], byteorder=\"big\")\n", + " return (x, y)\n", + "\n", + "pub_coords = np.array(list(map(_split, data[\"pub\"])), dtype=np.dtype(\"O\"))\n", + "xs = pub_coords[...,0]\n", + "ys = pub_coords[...,1]\n", + "fig_pub_hists = plt.figure(figsize=(10.5, 14), dpi=90)\n", + "\n", + "def _plot_coord(data, name, offset):\n", + " axe_msb_pub_hist = fig_pub_hists.add_subplot(4, 1, offset)\n", + " axe_lsb_pub_hist = fig_pub_hists.add_subplot(4, 1, offset + 1)\n", + " pub_msb = np.array(list(map(lambda x: x >> (bit_size - 8), data)))\n", + " pub_lsb = np.array(list(map(lambda x: x & 0xff, data)))\n", + " plot_hist(axe_msb_pub_hist, pub_msb, \"{} coordinate MSB\".format(name), log_scale)\n", + " plot_hist(axe_lsb_pub_hist, pub_lsb, \"{} coordinate LSB\".format(name), log_scale)\n", + " del pub_msb, pub_lsb\n", + "\n", + "_plot_coord(xs, \"X\", 1)\n", + "_plot_coord(ys, \"Y\", 3)\n", + "\n", + "del pub_coords, xs, ys" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Private key bit length histogram" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:52:07.657216Z", + "start_time": "2019-03-17T19:52:07.549731Z" + } + }, + "outputs": [], + "source": [ + "fig_bl = plt.figure(figsize=(10.5, 12), dpi=90)\n", + "gs = gridspec.GridSpec(2, 1, height_ratios=[2.5, 1])\n", + "axe_bl_heat = fig_bl.add_subplot(gs[0])\n", + "axe_bl_hist = fig_bl.add_subplot(gs[1], sharex=axe_bl_heat)\n", + "bl_data = np.array(list(map(lambda x: x.bit_length(), data_trimmed[\"priv\"])), dtype=np.dtype(\"u2\"))\n", + "\n", + "h, xe, ye = np.histogram2d(bl_data, data_trimmed[\"time\"], bins=[max(bl_data) - min(bl_data), hist_size_time_trim])\n", + "im = axe_bl_heat.imshow(h.T, origin=\"low\", cmap=cmap, aspect=\"auto\", extent=[xe[0], xe[-1], ye[0], ye[-1]], norm=norm)\n", + "axe_bl_heat.set_xlabel(\"private key bit length\")\n", + "axe_bl_heat.set_ylabel(\"key agreement time ({})\".format(time_unit))\n", + "\n", + "plot_hist(axe_bl_hist, bl_data, \"Private key bit length\", log_scale, align=\"right\")\n", + "fig_bl.colorbar(im, ax=[axe_bl_heat, axe_bl_hist])\n", + "\n", + "del bl_data" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [] + } + ], + "metadata": { + "@webio": { + "lastCommId": "954c1f99782e402895d668a42553e22f", + "lastKernelId": "0b8e59f0-d640-4f72-ae7f-1b327e75910b" + }, + "hide_input": false, + "kernelspec": { + "display_name": "Python 3", + "language": "python", + "name": "python3" + }, + "language_info": { + "codemirror_mode": { + "name": "ipython", + "version": 3 + }, + "file_extension": ".py", + "mimetype": "text/x-python", + "name": "python", + "nbconvert_exporter": "python", + "pygments_lexer": "ipython3", + "version": "3.7.2" + }, + "latex_envs": { + "LaTeX_envs_menu_present": true, + "autoclose": false, + "autocomplete": true, + "bibliofile": "biblio.bib", + "cite_by": "apalike", + "current_citInitial": 1, + "eqLabelWithNumbers": true, + "eqNumInitial": 1, + "hotkeys": { + "equation": "Ctrl-E", + "itemize": "Ctrl-I" + }, + "labels_anchors": false, + "latex_user_defs": false, + "report_style_numbering": false, + "user_envs_cfg": false + }, + "toc": { + "base_numbering": 1, + "nav_menu": {}, + "number_sections": true, + "sideBar": true, + "skip_h1_title": false, + "title_cell": "Table of Contents", + "title_sidebar": "Contents", + "toc_cell": false, + "toc_position": {}, + "toc_section_display": true, + "toc_window_display": false + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/util/plot_dh.py b/util/plot_dh.py deleted file mode 100755 index 60e20ae..0000000 --- a/util/plot_dh.py +++ /dev/null @@ -1,107 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: UTF-8 -*- -# -# Script for plotting ECTester ECDH results. -# -# Example usage: -# -# > java -jar ECTesterReader.jar -dh 10000 -b 192 -fp -o dh.csv -# ... -# > ./plot_dh.py dh.csv -# ... -# - -import numpy as np -import matplotlib.pyplot as plt -from matplotlib import ticker, colors -import argparse -from copy import deepcopy -from operator import itemgetter - -from utils import hw, moving_average, plot_hist - -if __name__ == "__main__": - parser = argparse.ArgumentParser(description="Plot ECTester ECDH timing.") - parser.add_argument("-o", "--output", dest="output", type=argparse.FileType("wb"), help="Write image to [file], do not display.", metavar="file") - parser.add_argument("--priv", dest="priv", action="store_true", help="Show private key MSB heatmap plot.") - parser.add_argument("--hist", dest="hist", action="store_true", help="Show time histogram.") - parser.add_argument("--hw-hist", dest="hw_hist", action="store_true", help="Show Hamming weight heatmap (private key Hamming weight and time).") - parser.add_argument("--avg", dest="avg", action="store_true", help="Show moving average of time.") - parser.add_argument("--log", dest="log", action="store_true", help="Use logarithmic scale.") - parser.add_argument("--skip-first", dest="skip_first", nargs="?", const=1, type=int, help="Skip first entry, as it's usually a large outlier.") - parser.add_argument("-t", "--title", dest="title", nargs="?", default="", type=str, help="What title to give the figure.") - parser.add_argument("file", type=str, help="The file to plot(csv).") - - opts = parser.parse_args() - - with open(opts.file, "r") as f: - header = f.readline() - header_names = header.split(";") - - hx = lambda x: int(x, 16) - data = np.genfromtxt(opts.file, delimiter=";", skip_header=1, converters={2: hx, 3: hx, 4: hx}, dtype=np.dtype([("index","u4"), ("time","u4"), ("pub", "O"), ("priv", "O"), ("secret","O")])) - if opts.skip_first: - data = data[opts.skip_first:] - - time_data = data["time"] - if "nano" in header_names[1]: - unit = r"$\mu s$" - time_data = np.array(list(map(lambda x: x//1000, time_data))) - else: - unit = r"ms" - priv_data = data["priv"] - pub_data = data["pub"] - secret_data = data["secret"] - - plt.style.use("ggplot") - fig = plt.figure() - layout_kwargs = {} - if opts.title is None: - fig.suptitle(opts.file) - layout_kwargs["rect"] = [0, 0.02, 1, 0.98] - elif opts.title: - fig.suptitle(opts.title) - layout_kwargs["rect"] = [0, 0.02, 1, 0.98] - fig.tight_layout(**layout_kwargs) - - time_max = max(time_data) - time_min = min(time_data) - bit_size = len(bin(max(priv_data))) - 2 - - cmap = deepcopy(plt.cm.plasma) - cmap.set_bad("black") - - norm = colors.Normalize() - if opts.log: - norm = colors.LogNorm() - - axe_private = fig.add_subplot(3,1,1) - priv_msb = np.array(list(map(lambda x: x >> (bit_size - 8), priv_data)), dtype=np.dtype("u1")) - heatmap, xedges, yedges = np.histogram2d(priv_msb, time_data, bins=[128, time_max - time_min]) - extent = [xedges[0], xedges[-1], yedges[0], yedges[-1]] - axe_private.imshow(heatmap.T, extent=extent, aspect="auto", cmap=cmap, origin="low", interpolation="nearest", norm=norm) - axe_private.set_xlabel("private key MSB value") - axe_private.set_ylabel("ECDH time ({})".format(unit)) - - axe_hist = fig.add_subplot(3,1,2) - plot_hist(axe_hist, time_data, "ECDH time ({})".format(unit), opts.log) - axe_hist.legend(loc="best") - - axe_priv_hist = fig.add_subplot(3,1,3) - priv_hw = np.array(list(map(hw, priv_data)), dtype=np.dtype("u2")) - h, xe, ye = np.histogram2d(priv_hw, time_data, bins=[max(priv_hw) - min(priv_hw), time_max - time_min]) - im = axe_priv_hist.imshow(h.T, origin="low", cmap=cmap, aspect="auto", extent=[xe[0], xe[-1], ye[0], ye[-1]], norm=colors.LogNorm()) - axe_priv_hist.axvline(x=bit_size//2, alpha=0.7, linestyle="dotted", color="white", label=str(bit_size//2) + " bits") - axe_priv_hist.set_xlabel("private key Hamming weight") - axe_priv_hist.set_ylabel("time ({})".format(unit)) - axe_priv_hist.legend(loc="best") - fig.colorbar(im, ax=axe_priv_hist) - - fig.text(0.01, 0.02, "Data size: {}".format(len(time_data)), size="small") - - if opts.output is None: - plt.show() - else: - fig.set_size_inches(12, 10) - ext = opts.output.name.split(".")[-1] - plt.savefig(opts.output, format=ext, dpi=400, bbox_inches='tight') diff --git a/util/plot_dsa.ipynb b/util/plot_dsa.ipynb new file mode 100644 index 0000000..dbfb38b --- /dev/null +++ b/util/plot_dsa.ipynb @@ -0,0 +1,613 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "# Analysis of key generation data" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:00:25.518989Z", + "start_time": "2019-03-17T23:00:24.501601Z" + } + }, + "outputs": [], + "source": [ + " %matplotlib notebook \n", + "import numpy as np\n", + "from scipy.stats import describe\n", + "from scipy.stats import norm as norm_dist\n", + "from scipy.stats.mstats import mquantiles\n", + "from math import log, sqrt\n", + "import matplotlib.pyplot as plt\n", + "from matplotlib import ticker, colors, gridspec\n", + "from copy import deepcopy\n", + "from utils import plot_hist, moving_average, hw\n", + "from binascii import unhexlify\n", + "from IPython.display import display, HTML\n", + "from ipywidgets import interact, interactive, fixed, interact_manual\n", + "import ipywidgets as widgets\n", + "import tabulate" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Settings\n", + "Enter your input below." + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:06:29.704432Z", + "start_time": "2019-03-17T23:06:29.694540Z" + } + }, + "outputs": [], + "source": [ + "# File name with output from ECTesterReader or ECTesterStandalone signatures.\n", + "fname = \"filename.csv\"\n", + "\n", + "# The amount of entries skipped from the beginning of the file, as they are usually outliers.\n", + "skip_first = 10\n", + "\n", + "# Whether to plot things in logarithmic scale or not.\n", + "log_scale = False\n", + "\n", + "# Whether to trim the time data outside the 1 - 99 percentile range (adjust below). Quite useful.\n", + "trim = True\n", + "\n", + "# How much to trim? Either a number in [0,1] signifying a quantile, or an absolute value signifying a threshold\n", + "trim_low = 0.01\n", + "trim_high = 0.99\n", + "\n", + "# Graphical (matplotlib) style name\n", + "style = \"ggplot\"\n", + "\n", + "# Color map to use, and what color to assign to \"bad\" values (necessary for log_scale)\n", + "color_map = plt.cm.plasma\n", + "color_map_bad = \"black\"\n", + "\n", + "# What function to use to calculate number of histogram bins of time\n", + "# one of \"sqrt\", \"sturges\", \"rice\", \"scott\" and \"fd\" or a number specifying the number of bins\n", + "hist_size = \"sturges\"" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Data processing" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:06:30.551732Z", + "start_time": "2019-03-17T23:06:30.545202Z" + } + }, + "outputs": [], + "source": [ + "# Setup plot style\n", + "\n", + "plt.style.use(style)\n", + "\n", + "cmap = deepcopy(color_map)\n", + "cmap.set_bad(color_map_bad)\n", + "\n", + "# Normalization, linear or log.\n", + "if log_scale:\n", + " norm = colors.LogNorm()\n", + "else:\n", + " norm = colors.Normalize()" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:00:38.023486Z", + "start_time": "2019-03-17T23:00:27.178465Z" + } + }, + "outputs": [], + "source": [ + "# Read the header line.\n", + "\n", + "with open(fname, \"r\") as f:\n", + " header = f.readline()\n", + "header_names = header.split(\";\")\n", + "if len(header_names) != 9:\n", + " print(\"Bad data?\")\n", + " exit(1)\n", + "\n", + "# Load the data\n", + "\n", + "hx = lambda x: int(x, 16)\n", + "data = np.genfromtxt(fname, delimiter=\";\", skip_header=1, converters={3: unhexlify, 4: unhexlify,\n", + " 5: hx, 6: unhexlify, 7: hx,\n", + " 8: lambda b: bool(int(b))},\n", + " dtype=np.dtype([(\"index\", \"u4\"), (\"sign_time\", \"u4\"), (\"verify_time\", \"u4\"),\n", + " (\"data\", \"O\"), (\"pub\", \"O\"), (\"priv\", \"O\"), (\"signature\", \"O\"),\n", + " (\"nonce\", \"O\"), (\"valid\", \"b\")]))\n", + "\n", + " \n", + "sign_unit = \"ms\"\n", + "verify_unit = \"ms\"\n", + "# Setup the datatrimmed = False" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:00:38.465677Z", + "start_time": "2019-03-17T23:00:38.025692Z" + } + }, + "outputs": [], + "source": [ + "# Setup the data\n", + "\n", + "# Skip first (outliers?)\n", + "\n", + "data = data[skip_first:]\n", + "\n", + "# If in nanoseconds, scale to microseconds\n", + "if header_names[1].endswith(\"[nano]\") and sign_unit == \"ms\":\n", + " sign_unit = r\"$\\mu s$\"\n", + " np.floor_divide(data[\"sign_time\"], 1000, out=data[\"sign_time\"])\n", + "\n", + "if header_names[2].endswith(\"[nano]\") and verify_unit == \"ms\":\n", + " verify_unit = r\"$\\mu s$\"\n", + " np.floor_divide(data[\"verify_time\"], 1000, out=data[\"verify_time\"])\n", + "\n", + "# Trim times\n", + "quant_low_bound = trim_low if 0 <= trim_low <= 1 else 0.01\n", + "quant_high_bound = trim_high if 0 <= trim_high <= 1 else 0.95\n", + "quantiles_sign = mquantiles(data[\"sign_time\"], prob=(quant_low_bound, 0.25, 0.5, 0.75, quant_high_bound))\n", + "if trim:\n", + " low_bound = quantiles_sign[0] if 0 <= trim_low <= 1 else trim_low\n", + " high_bound = quantiles_sign[4] if 0 <= trim_high <= 1 else trim_high\n", + " data_trimmed = data[np.logical_and(data[\"sign_time\"] >= low_bound,\n", + " data[\"sign_time\"] <= high_bound)]\n", + " quantiles_sign_trim = mquantiles(data_trimmed[\"sign_time\"], prob=(quant_low_bound, 0.25, 0.5, 0.75, quant_high_bound))\n", + "else:\n", + " low_bound = None\n", + " high_bound = None\n", + " data_trimmed = data\n", + " quantiles_sign_trim = quantiles_sign\n", + "\n", + "description_sign = describe(data[\"sign_time\"])\n", + "description_sign_trim = describe(data_trimmed[\"sign_time\"])\n", + "\n", + "max_sign_time = description_sign.minmax[1]\n", + "min_sign_time = description_sign.minmax[0]\n", + "bit_size = len(bin(max(data[\"priv\"]))) - 2\n", + "byte_size = (bit_size + 7) // 8\n", + "bit_size = byte_size * 8\n", + "\n", + "if hist_size == \"sqrt\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: int(sqrt(n)) + 1\n", + "elif hist_size == \"sturges\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: int(log(n, 2)) + 1\n", + "elif hist_size == \"rice\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: int(2 * n**(1/3))\n", + "elif hist_size == \"scott\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: (xmax - xmin) // int((3.5 * sqrt(var)) / (n**(1/3)))\n", + "elif hist_size == \"fd\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: (xmax - xmin) // int(2 * (xupper - xlower) / (n**(1/3)))\n", + "else:\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: hist_size\n", + "\n", + "hist_size_sign_time = hist_size_func(description_sign.nobs, min_sign_time, max_sign_time, description_sign.variance, quantiles_sign[1], quantiles_sign[3])\n", + "hist_size_sign_time_trim = hist_size_func(description_sign_trim.nobs, description_sign_trim.minmax[0], description_sign_trim.minmax[1], description_sign_trim.variance, quantiles_sign_trim[1], quantiles_sign_trim[3])\n", + "\n", + "if hist_size_sign_time < 30:\n", + " hist_size_sign_time = max_sign_time - min_sign_time\n", + "if hist_size_sign_time_trim < 30:\n", + " hist_size_sign_time_trim = description_sign_trim.minmax[1] - description_sign_trim.minmax[0]" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Analysis" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Summary" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:00:39.540701Z", + "start_time": "2019-03-17T23:00:39.511019Z" + } + }, + "outputs": [], + "source": [ + "display(\"Raw\")\n", + "desc = [(\"N\", \"min, max\", \"mean\", \"variance\", \"skewness\", \"kurtosis\"),\n", + " description_sign]\n", + "display(HTML(tabulate.tabulate(desc, tablefmt=\"html\")))\n", + "display(\"Trimmed\")\n", + "desc = [(\"N\", \"min, max\", \"mean\", \"variance\", \"skewness\", \"kurtosis\"),\n", + " description_sign_trim]\n", + "display(HTML(tabulate.tabulate(desc, tablefmt=\"html\")))" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Selected quantiles" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:00:40.974497Z", + "start_time": "2019-03-17T23:00:40.953755Z" + } + }, + "outputs": [], + "source": [ + "tbl = [(quant_low_bound, \"0.25\", \"0.5\", \"0.75\", quant_high_bound),\n", + " list(map(lambda x: \"{} {}\".format(x, sign_unit), quantiles_sign))]\n", + "display(HTML(tabulate.tabulate(tbl, tablefmt=\"html\")))" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Info" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:00:41.961541Z", + "start_time": "2019-03-17T23:00:41.949385Z" + } + }, + "outputs": [], + "source": [ + "display(\"Bitsize:\", bit_size)" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Plots" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Nonce MSB vs signature time heatmap" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:06:34.030472Z", + "start_time": "2019-03-17T23:06:33.761991Z" + } + }, + "outputs": [], + "source": [ + "fig_nonce = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "axe_nonce = fig_nonce.add_subplot(1, 1, 1)\n", + "nonce_msb = np.array(list(map(lambda x: x >> (bit_size - 8), data_trimmed[\"nonce\"])), dtype=np.dtype(\"u1\"))\n", + "max_msb = max(nonce_msb)\n", + "min_msb = min(nonce_msb)\n", + "heatmap, xedges, yedges = np.histogram2d(nonce_msb, data_trimmed[\"sign_time\"],\n", + " bins=[max_msb - min_msb + 1, hist_size_sign_time_trim])\n", + "extent = [min_msb, max_msb, yedges[0], yedges[-1]]\n", + "im = axe_nonce.imshow(heatmap.T, extent=extent, aspect=\"auto\", cmap=cmap, origin=\"low\",\n", + " interpolation=\"nearest\", norm=norm)\n", + "axe_nonce.set_xlabel(\"nonce key MSB value\")\n", + "axe_nonce.set_ylabel(\"signature time ({})\".format(sign_unit))\n", + "fig_nonce.colorbar(im, ax=axe_nonce)\n", + "\n", + "del nonce_msb" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Nonce Hamming Weight vs signature time heatmap" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:05:26.804859Z", + "start_time": "2019-03-17T23:05:18.214110Z" + } + }, + "outputs": [], + "source": [ + "fig_nonce_hist = plt.figure(figsize=(10.5, 12), dpi=90)\n", + "gs = gridspec.GridSpec(2, 1, height_ratios=[2.5, 1])\n", + "axe_nonce_hist = fig_nonce_hist.add_subplot(gs[0])\n", + "axe_nonce_hist_hw = fig_nonce_hist.add_subplot(gs[1], sharex = axe_nonce_hist)\n", + "nonce_hw = np.array(list(map(hw, data_trimmed[\"nonce\"])), dtype=np.dtype(\"u2\"))\n", + "h, xe, ye = np.histogram2d(nonce_hw, data_trimmed[\"sign_time\"], bins=[max(nonce_hw) - min(nonce_hw), hist_size_sign_time_trim])\n", + "im = axe_nonce_hist.imshow(h.T, origin=\"low\", cmap=cmap, aspect=\"auto\", extent=[xe[0], xe[-1], ye[0], ye[-1]], norm=norm)\n", + "axe_nonce_hist.axvline(x=bit_size//2, alpha=0.7, linestyle=\"dotted\", color=\"white\", label=str(bit_size//2) + \" bits\")\n", + "axe_nonce_hist.set_xlabel(\"nonce Hamming weight\")\n", + "axe_nonce_hist.set_ylabel(\"signature time ({})\".format(sign_unit))\n", + "axe_nonce_hist.legend(loc=\"best\")\n", + "\n", + "plot_hist(axe_nonce_hist_hw, nonce_hw, \"nonce Hamming weight\", log_scale, True, True)\n", + "\n", + "param = norm_dist.fit(nonce_hw)\n", + "pdf_range = np.arange(min(nonce_hw), max(nonce_hw))\n", + "norm_pdf = norm_dist.pdf(pdf_range, *param[:-2], loc=param[-2], scale=param[-1]) * description_sign_trim.nobs\n", + "axe_nonce_hist_hw.plot(pdf_range, norm_pdf, label=\"fitted normal distribution\")\n", + "axe_nonce_hist_hw.legend(loc=\"best\")\n", + "fig_nonce_hist.colorbar(im, ax=[axe_nonce_hist, axe_nonce_hist_hw])\n", + "\n", + "display(HTML(\"<b>Nonce Hamming weight fitted with normal distribution:</b>\"))\n", + "display(HTML(tabulate.tabulate([(\"Mean\", \"Variance\"), param], tablefmt=\"html\")))\n", + "\n", + "del nonce_hw" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Signature time histogram" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:05:32.395983Z", + "start_time": "2019-03-17T23:05:32.068823Z" + } + }, + "outputs": [], + "source": [ + "fig_sig_hist = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "axe_hist_full = fig_sig_hist.add_subplot(2, 1, 1)\n", + "axe_hist_trim = fig_sig_hist.add_subplot(2, 1, 2)\n", + "plot_hist(axe_hist_full, data[\"sign_time\"], \"signature time ({})\".format(sign_unit), log_scale, hist_size_sign_time);\n", + "plot_hist(axe_hist_trim, data_trimmed[\"sign_time\"], \"signature time ({})\".format(sign_unit), log_scale, hist_size_sign_time_trim);" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Verification time histogram" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:05:33.358613Z", + "start_time": "2019-03-17T23:05:32.963791Z" + } + }, + "outputs": [], + "source": [ + "fig_vrfy_hist = plt.figure(figsize=(10.5, 5), dpi=90)\n", + "axe_hist_full = fig_vrfy_hist.add_subplot(1, 1, 1)\n", + "plot_hist(axe_hist_full, data[\"verify_time\"], \"verification time ({})\".format(verify_unit), log_scale, hist_size_sign_time);" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Moving averages of signature and verification times" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:05:33.971385Z", + "start_time": "2019-03-17T23:05:33.732857Z" + } + }, + "outputs": [], + "source": [ + "fig_avg = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "axe_sign_avg = fig_avg.add_subplot(2, 1, 1)\n", + "axe_vrfy_avg = fig_avg.add_subplot(2, 1, 2, sharex=axe_sign_avg)\n", + "avg_sign_100 = moving_average(data[\"sign_time\"], 100)\n", + "avg_sign_1000 = moving_average(data[\"sign_time\"], 1000)\n", + "axe_sign_avg.plot(avg_sign_100, label=\"window = 100\")\n", + "axe_sign_avg.plot(avg_sign_1000, label=\"window = 1000\")\n", + "if low_bound is not None:\n", + " axe_sign_avg.axhline(y=low_bound, alpha=0.7, linestyle=\"dotted\", color=\"green\", label=\"Low trim bound = {}\".format(low_bound))\n", + "if high_bound is not None:\n", + " axe_sign_avg.axhline(y=high_bound, alpha=0.7, linestyle=\"dotted\", color=\"orange\", label=\"Hight trim bound = {}\".format(high_bound))\n", + "axe_sign_avg.set_ylabel(\"signature time ({})\".format(sign_unit))\n", + "axe_sign_avg.set_xlabel(\"index\")\n", + "axe_sign_avg.legend(loc=\"best\")\n", + "\n", + "avg_vrfy_100 = moving_average(data[\"verify_time\"], 100)\n", + "avg_vrfy_1000 = moving_average(data[\"verify_time\"], 1000)\n", + "axe_vrfy_avg.plot(avg_vrfy_100, label=\"window = 100\")\n", + "axe_vrfy_avg.plot(avg_vrfy_1000, label=\"window = 1000\")\n", + "axe_vrfy_avg.set_ylabel(\"verification time ({})\".format(verify_unit))\n", + "axe_vrfy_avg.set_xlabel(\"index\")\n", + "axe_vrfy_avg.legend(loc=\"best\")\n", + "\n", + "del avg_sign_100, avg_sign_1000, avg_vrfy_100, avg_vrfy_1000" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Nonce MSB and LSB histograms" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:05:36.256032Z", + "start_time": "2019-03-17T23:05:35.302194Z" + } + }, + "outputs": [], + "source": [ + "fig_nonce_hists = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "nonce_msb = np.array(list(map(lambda x: x >> (bit_size - 8), data[\"nonce\"])), dtype=np.dtype(\"u1\"))\n", + "nonce_lsb = np.array(list(map(lambda x: x & 0xff, data[\"nonce\"])), dtype=np.dtype(\"u1\"))\n", + "axe_msb_n_hist = fig_nonce_hists.add_subplot(2, 1, 1)\n", + "axe_lsb_n_hist = fig_nonce_hists.add_subplot(2, 1, 2)\n", + "plot_hist(axe_msb_n_hist, nonce_msb, \"nonce MSB\", log_scale, False, False)\n", + "plot_hist(axe_lsb_n_hist, nonce_lsb, \"nonce LSB\", log_scale, False, False)\n", + "\n", + "del nonce_msb, nonce_lsb" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Nonce bit length histogram" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T23:05:45.320760Z", + "start_time": "2019-03-17T23:05:44.951189Z" + } + }, + "outputs": [], + "source": [ + "fig_bl = plt.figure(figsize=(10.5, 12), dpi=90)\n", + "gs = gridspec.GridSpec(2, 1, height_ratios=[2.5, 1])\n", + "axe_bl_heat = fig_bl.add_subplot(gs[0])\n", + "axe_bl_hist = fig_bl.add_subplot(gs[1], sharex=axe_bl_heat)\n", + "bl_data = np.array(list(map(lambda x: x.bit_length(), data_trimmed[\"nonce\"])), dtype=np.dtype(\"u2\"))\n", + "\n", + "h, xe, ye = np.histogram2d(bl_data, data_trimmed[\"sign_time\"], bins=[max(bl_data) - min(bl_data), hist_size_sign_time_trim])\n", + "im = axe_bl_heat.imshow(h.T, origin=\"low\", cmap=cmap, aspect=\"auto\", extent=[xe[0], xe[-1], ye[0], ye[-1]], norm=norm)\n", + "axe_bl_heat.set_xlabel(\"nonce bit length\")\n", + "axe_bl_heat.set_ylabel(\"signature time ({})\".format(sign_unit))\n", + "\n", + "plot_hist(axe_bl_hist, bl_data, \"nonce bit length\", log_scale, align=\"right\")\n", + "fig_bl.colorbar(im, ax=[axe_bl_heat, axe_bl_hist])\n", + "\n", + "del bl_data" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [] + } + ], + "metadata": { + "@webio": { + "lastCommId": "2218f80b2f784436bce6ffed5d971ea3", + "lastKernelId": "1c06331a-17dd-4743-9e31-832000e597c8" + }, + "hide_input": false, + "kernelspec": { + "display_name": "Python 3", + "language": "python", + "name": "python3" + }, + "language_info": { + "codemirror_mode": { + "name": "ipython", + "version": 3 + }, + "file_extension": ".py", + "mimetype": "text/x-python", + "name": "python", + "nbconvert_exporter": "python", + "pygments_lexer": "ipython3", + "version": "3.7.2" + }, + "latex_envs": { + "LaTeX_envs_menu_present": true, + "autoclose": false, + "autocomplete": true, + "bibliofile": "biblio.bib", + "cite_by": "apalike", + "current_citInitial": 1, + "eqLabelWithNumbers": true, + "eqNumInitial": 1, + "hotkeys": { + "equation": "Ctrl-E", + "itemize": "Ctrl-I" + }, + "labels_anchors": false, + "latex_user_defs": false, + "report_style_numbering": false, + "user_envs_cfg": false + }, + "toc": { + "base_numbering": 1, + "nav_menu": {}, + "number_sections": true, + "sideBar": true, + "skip_h1_title": false, + "title_cell": "Table of Contents", + "title_sidebar": "Contents", + "toc_cell": false, + "toc_position": {}, + "toc_section_display": true, + "toc_window_display": false + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/util/plot_gen.ipynb b/util/plot_gen.ipynb new file mode 100644 index 0000000..5f02a00 --- /dev/null +++ b/util/plot_gen.ipynb @@ -0,0 +1,649 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "# Analysis of key generation data" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:38.893311Z", + "start_time": "2019-03-17T19:16:37.845017Z" + } + }, + "outputs": [], + "source": [ + " %matplotlib notebook \n", + "import numpy as np\n", + "from scipy.stats import describe\n", + "from scipy.stats import norm as norm_dist\n", + "from scipy.stats.mstats import mquantiles\n", + "from math import log, sqrt\n", + "import matplotlib.pyplot as plt\n", + "from matplotlib import ticker, colors, gridspec\n", + "from copy import deepcopy\n", + "from utils import plot_hist, moving_average, hw\n", + "from binascii import unhexlify\n", + "from IPython.display import display, HTML\n", + "from ipywidgets import interact, interactive, fixed, interact_manual\n", + "import ipywidgets as widgets\n", + "import tabulate" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Settings\n", + "Enter your input below." + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:38.911566Z", + "start_time": "2019-03-17T19:16:38.900168Z" + } + }, + "outputs": [], + "source": [ + "# File name with output from ECTesterReader or ECTesterStandalone key generation.\n", + "fname = \"filename.csv\"\n", + "\n", + "# The amount of entries skipped from the beginning of the file, as they are usually outliers.\n", + "skip_first = 10\n", + "\n", + "# Whether to plot things in logarithmic scale or not.\n", + "log_scale = False\n", + "\n", + "# Whether to trim the time data outside the 1 - 99 percentile range (adjust below). Quite useful.\n", + "trim = True\n", + "\n", + "# How much to trim? Either a number in [0,1] signifying a quantile, or an absolute value signifying a threshold\n", + "trim_low = 0.01\n", + "trim_high = 0.99\n", + "\n", + "# Graphical (matplotlib) style name\n", + "style = \"ggplot\"\n", + "\n", + "# Color map to use, and what color to assign to \"bad\" values (necessary for log_scale)\n", + "color_map = plt.cm.plasma\n", + "color_map_bad = \"black\"\n", + "\n", + "# What function to use to calculate number of histogram bins of time\n", + "# one of \"sqrt\", \"sturges\", \"rice\", \"scott\" and \"fd\" or a number specifying the number of bins\n", + "hist_size = \"sturges\"" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Data processing" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:39.733575Z", + "start_time": "2019-03-17T19:16:39.728385Z" + } + }, + "outputs": [], + "source": [ + "# Setup plot style\n", + "\n", + "plt.style.use(style)\n", + "\n", + "cmap = deepcopy(color_map)\n", + "cmap.set_bad(color_map_bad)\n", + "\n", + "# Normalization, linear or log.\n", + "if log_scale:\n", + " norm = colors.LogNorm()\n", + "else:\n", + " norm = colors.Normalize()" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:42.300146Z", + "start_time": "2019-03-17T19:16:40.259135Z" + } + }, + "outputs": [], + "source": [ + "# Read the header line.\n", + "\n", + "with open(fname, \"r\") as f:\n", + " header = f.readline()\n", + "header_names = header.split(\";\")\n", + "if len(header_names) not in (4, 5):\n", + " print(\"Bad data?\")\n", + " exit(1)\n", + "\n", + "# Load the data\n", + "\n", + "hx = lambda x: int(x, 16)\n", + "if len(header_names) == 4:\n", + " data = np.genfromtxt(fname, delimiter=\";\", skip_header=1, converters={2: unhexlify, 3: hx},\n", + " dtype=np.dtype([(\"index\", \"u4\"), (\"gen_time\", \"u4\"), (\"pub\", \"O\"), (\"priv\", \"O\")]))\n", + "else:\n", + " data = np.genfromtxt(fname, delimiter=\";\", skip_header=1, converters={3: unhexlify, 4: hx},\n", + " dtype=np.dtype([(\"index\", \"u4\"), (\"gen_time\", \"u4\"), (\"export_time\", \"u4\"),\n", + " (\"pub\", \"O\"), (\"priv\", \"O\")]))\n", + " \n", + "gen_unit = \"ms\"\n", + "export_unit = \"ms\"\n", + "# Setup the datatrimmed = False" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:42.417415Z", + "start_time": "2019-03-17T19:16:42.302353Z" + } + }, + "outputs": [], + "source": [ + "# Setup the data\n", + "\n", + "# Skip first (outliers?)\n", + "\n", + "data = data[skip_first:]\n", + "\n", + "# If in nanoseconds, scale to microseconds\n", + "if header_names[1].endswith(\"[nano]\") and gen_unit == \"ms\":\n", + " gen_unit = r\"$\\mu s$\"\n", + " np.floor_divide(data[\"gen_time\"], 1000, out=data[\"gen_time\"])\n", + "\n", + "if len(header_names) == 5 and header_names[2].endswith(\"[nano]\") and export_unit == \"ms\":\n", + " export_unit = r\"$\\mu s$\"\n", + " np.floor_divide(data[\"export_time\"], 1000, out=data[\"export_time\"])\n", + "\n", + "# Trim gen times\n", + "quant_low_bound = trim_low if 0 <= trim_low <= 1 else 0.01\n", + "quant_high_bound = trim_high if 0 <= trim_high <= 1 else 0.95\n", + "quantiles_gen = mquantiles(data[\"gen_time\"], prob=(quant_low_bound, 0.25, 0.5, 0.75, quant_high_bound))\n", + "if trim:\n", + " low_bound = quantiles_gen[0] if 0 <= trim_low <= 1 else trim_low\n", + " high_bound = quantiles_gen[4] if 0 <= trim_high <= 1 else trim_high\n", + " data_trimmed = data[np.logical_and(data[\"gen_time\"] >= low_bound,\n", + " data[\"gen_time\"] <= high_bound)]\n", + " quantiles_gen_trim = mquantiles(data_trimmed[\"gen_time\"], prob=(quant_low_bound, 0.25, 0.5, 0.75, quant_high_bound))\n", + "else:\n", + " low_bound = None\n", + " high_bound = None\n", + " data_trimmed = data\n", + " quantiles_gen_trim = quantiles_gen\n", + "\n", + "description_gen = describe(data[\"gen_time\"])\n", + "description_gen_trim = describe(data_trimmed[\"gen_time\"])\n", + "\n", + "max_gen_time = description_gen.minmax[1]\n", + "min_gen_time = description_gen.minmax[0]\n", + "bit_size = len(bin(max(data[\"priv\"]))) - 2\n", + "byte_size = (bit_size + 7) // 8\n", + "\n", + "if hist_size == \"sqrt\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: int(sqrt(n)) + 1\n", + "elif hist_size == \"sturges\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: int(log(n, 2)) + 1\n", + "elif hist_size == \"rice\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: int(2 * n**(1/3))\n", + "elif hist_size == \"scott\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: (xmax - xmin) // int((3.5 * sqrt(var)) / (n**(1/3)))\n", + "elif hist_size == \"fd\":\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: (xmax - xmin) // int(2 * (xupper - xlower) / (n**(1/3)))\n", + "else:\n", + " hist_size_func = lambda n, xmin, xmax, var, xlower, xupper: hist_size\n", + "\n", + "hist_size_gen_time = hist_size_func(description_gen.nobs, min_gen_time, max_gen_time, description_gen.variance, quantiles_gen[1], quantiles_gen[3])\n", + "hist_size_gen_time_trim = hist_size_func(description_gen_trim.nobs, description_gen_trim.minmax[0], description_gen_trim.minmax[1], description_gen_trim.variance, quantiles_gen_trim[1], quantiles_gen_trim[3])\n", + "\n", + "if hist_size_gen_time < 30:\n", + " hist_size_gen_time = max_gen_time - min_gen_time\n", + "if hist_size_gen_time_trim < 30:\n", + " hist_size_gen_time_trim = description_gen_trim.minmax[1] - description_gen_trim.minmax[0]" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Analysis" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Summary" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:43.343937Z", + "start_time": "2019-03-17T19:16:43.329900Z" + } + }, + "outputs": [], + "source": [ + "display(\"Raw\")\n", + "desc = [(\"N\", \"min, max\", \"mean\", \"variance\", \"skewness\", \"kurtosis\"),\n", + " description_gen]\n", + "display(HTML(tabulate.tabulate(desc, tablefmt=\"html\")))\n", + "display(\"Trimmed\")\n", + "desc = [(\"N\", \"min, max\", \"mean\", \"variance\", \"skewness\", \"kurtosis\"),\n", + " description_gen_trim]\n", + "display(HTML(tabulate.tabulate(desc, tablefmt=\"html\")))" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Selected quantiles" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:44.058425Z", + "start_time": "2019-03-17T19:16:44.043877Z" + } + }, + "outputs": [], + "source": [ + "tbl = [(quant_low_bound, \"0.25\", \"0.5\", \"0.75\", quant_high_bound),\n", + " list(map(lambda x: \"{} {}\".format(x, gen_unit), quantiles_gen))]\n", + "display(HTML(tabulate.tabulate(tbl, tablefmt=\"html\")))" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Info" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:44.688872Z", + "start_time": "2019-03-17T19:16:44.684485Z" + } + }, + "outputs": [], + "source": [ + "display(\"Bitsize:\", bit_size)" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "## Plots" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Private key MSB vs time heatmap" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:45.995145Z", + "start_time": "2019-03-17T19:16:45.802741Z" + } + }, + "outputs": [], + "source": [ + "fig_private = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "axe_private = fig_private.add_subplot(1, 1, 1)\n", + "priv_msb = np.array(list(map(lambda x: x >> (bit_size - 8), data_trimmed[\"priv\"])), dtype=np.dtype(\"u1\"))\n", + "max_msb = max(priv_msb)\n", + "min_msb = min(priv_msb)\n", + "heatmap, xedges, yedges = np.histogram2d(priv_msb, data_trimmed[\"gen_time\"],\n", + " bins=[max_msb - min_msb + 1, hist_size_gen_time_trim])\n", + "extent = [min_msb, max_msb, yedges[0], yedges[-1]]\n", + "im = axe_private.imshow(heatmap.T, extent=extent, aspect=\"auto\", cmap=cmap, origin=\"low\",\n", + " interpolation=\"nearest\", norm=norm)\n", + "axe_private.set_xlabel(\"private key MSB value\")\n", + "axe_private.set_ylabel(\"keygen time ({})\".format(gen_unit))\n", + "fig_private.colorbar(im, ax=axe_private)\n", + "\n", + "del priv_msb" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Private key Hamming Weight vs time heatmap" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:49.890330Z", + "start_time": "2019-03-17T19:16:47.357225Z" + } + }, + "outputs": [], + "source": [ + "fig_priv_hist = plt.figure(figsize=(10.5, 12), dpi=90)\n", + "gs = gridspec.GridSpec(2, 1, height_ratios=[2.5, 1])\n", + "axe_priv_hist = fig_priv_hist.add_subplot(gs[0])\n", + "axe_priv_hist_hw = fig_priv_hist.add_subplot(gs[1], sharex = axe_priv_hist)\n", + "priv_hw = np.array(list(map(hw, data_trimmed[\"priv\"])), dtype=np.dtype(\"u2\"))\n", + "h, xe, ye = np.histogram2d(priv_hw, data_trimmed[\"gen_time\"], bins=[max(priv_hw) - min(priv_hw), hist_size_gen_time_trim])\n", + "im = axe_priv_hist.imshow(h.T, origin=\"low\", cmap=cmap, aspect=\"auto\", extent=[xe[0], xe[-1], ye[0], ye[-1]], norm=norm)\n", + "axe_priv_hist.axvline(x=bit_size//2, alpha=0.7, linestyle=\"dotted\", color=\"white\", label=str(bit_size//2) + \" bits\")\n", + "axe_priv_hist.set_xlabel(\"private key Hamming weight\")\n", + "axe_priv_hist.set_ylabel(\"keygen time ({})\".format(gen_unit))\n", + "axe_priv_hist.legend(loc=\"best\")\n", + "\n", + "plot_hist(axe_priv_hist_hw, priv_hw, \"private key Hamming weight\", log_scale, None)\n", + "\n", + "param = norm_dist.fit(priv_hw)\n", + "pdf_range = np.arange(min(priv_hw), max(priv_hw))\n", + "norm_pdf = norm_dist.pdf(pdf_range, *param[:-2], loc=param[-2], scale=param[-1]) * description_gen_trim.nobs\n", + "axe_priv_hist_hw.plot(pdf_range, norm_pdf, label=\"fitted normal distribution\")\n", + "axe_priv_hist_hw.legend(loc=\"best\")\n", + "fig_priv_hist.colorbar(im, ax=[axe_priv_hist, axe_priv_hist_hw])\n", + "\n", + "display(HTML(\"<b>Private key Hamming weight fitted with normal distribution:</b>\"))\n", + "display(HTML(tabulate.tabulate([(\"Mean\", \"Variance\"), param], tablefmt=\"html\")))\n", + "\n", + "del priv_hw" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Key generation time histogram" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:52.605277Z", + "start_time": "2019-03-17T19:16:50.114281Z" + } + }, + "outputs": [], + "source": [ + "fig_kg_hist = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "axe_hist_full = fig_kg_hist.add_subplot(2, 1, 1)\n", + "axe_hist_trim = fig_kg_hist.add_subplot(2, 1, 2)\n", + "plot_hist(axe_hist_full, data[\"gen_time\"], \"keygen time ({})\".format(gen_unit), log_scale, hist_size_gen_time);\n", + "plot_hist(axe_hist_trim, data_trimmed[\"gen_time\"], \"keygen time ({})\".format(gen_unit), log_scale, hist_size_gen_time_trim);" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Key export time histogram\n", + "*Available only for ECTesterReader and keys generated on cards.*" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:52.610858Z", + "start_time": "2019-03-17T19:16:52.607191Z" + } + }, + "outputs": [], + "source": [ + "if \"export_time\" in data.dtype.names:\n", + " fig_exp_hist = plt.figure(figsize=(10.5, 8), dpi=90)\n", + " axe_hist_full = fig_exp_hist.add_subplot(2, 1, 1)\n", + " axe_hist_trim = fig_exp_hist.add_subplot(2, 1, 2)\n", + " plot_hist(axe_hist_full, data[\"export_time\"], \"export time ({})\".format(export_unit), log_scale, hist_size_gen_time);\n", + " plot_hist(axe_hist_trim, data_trimmed[\"export_time\"], \"export time ({})\".format(export_unit), log_scale, hist_size_gen_time_trim);" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Moving averages of key generation time" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:54.504830Z", + "start_time": "2019-03-17T19:16:54.409189Z" + } + }, + "outputs": [], + "source": [ + "fig_avg = plt.figure(figsize=(10.5, 7), dpi=90)\n", + "axe_avg = fig_avg.add_subplot(1, 1, 1)\n", + "avg_100 = moving_average(data[\"gen_time\"], 100)\n", + "avg_1000 = moving_average(data[\"gen_time\"], 1000)\n", + "axe_avg.plot(avg_100, label=\"window = 100\")\n", + "axe_avg.plot(avg_1000, label=\"window = 1000\")\n", + "if low_bound is not None:\n", + " axe_avg.axhline(y=low_bound, alpha=0.7, linestyle=\"dotted\", color=\"green\", label=\"Low trim bound = {}\".format(low_bound))\n", + "if high_bound is not None:\n", + " axe_avg.axhline(y=high_bound, alpha=0.7, linestyle=\"dotted\", color=\"orange\", label=\"Hight trim bound = {}\".format(high_bound))\n", + "axe_avg.set_ylabel(\"keygen time ({})\".format(gen_unit))\n", + "axe_avg.set_xlabel(\"index\")\n", + "axe_avg.legend(loc=\"best\")\n", + "del avg_100, avg_1000" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Private key MSB and LSB histograms" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:16:55.155285Z", + "start_time": "2019-03-17T19:16:54.508407Z" + } + }, + "outputs": [], + "source": [ + "fig_priv_hists = plt.figure(figsize=(10.5, 8), dpi=90)\n", + "priv_msb = np.array(list(map(lambda x: x >> (bit_size - 8), data[\"priv\"])), dtype=np.dtype(\"u1\"))\n", + "priv_lsb = np.array(list(map(lambda x: x & 0xff, data[\"priv\"])), dtype=np.dtype(\"u1\"))\n", + "axe_msb_s_hist = fig_priv_hists.add_subplot(2, 1, 1)\n", + "axe_lsb_s_hist = fig_priv_hists.add_subplot(2, 1, 2)\n", + "plot_hist(axe_msb_s_hist, priv_msb, \"private key MSB\", log_scale)\n", + "plot_hist(axe_lsb_s_hist, priv_lsb, \"private key LSB\", log_scale)\n", + "del priv_msb, priv_lsb" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Public key coordinate MSB and LSB histograms" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:17:06.443596Z", + "start_time": "2019-03-17T19:17:05.516616Z" + } + }, + "outputs": [], + "source": [ + "def _split(xy):\n", + " x = int.from_bytes(xy[1:byte_size + 1], byteorder=\"big\")\n", + " y = int.from_bytes(xy[1 + byte_size:], byteorder=\"big\")\n", + " return (x, y)\n", + "\n", + "pub_coords = np.array(list(map(_split, data[\"pub\"])), dtype=np.dtype(\"O\"))\n", + "xs = pub_coords[...,0]\n", + "ys = pub_coords[...,1]\n", + "fig_pub_hists = plt.figure(figsize=(10.5, 14), dpi=90)\n", + "\n", + "def _plot_coord(data, name, offset):\n", + " axe_msb_pub_hist = fig_pub_hists.add_subplot(4, 1, offset)\n", + " axe_lsb_pub_hist = fig_pub_hists.add_subplot(4, 1, offset + 1)\n", + " pub_msb = np.array(list(map(lambda x: x >> (bit_size - 8), data)))\n", + " pub_lsb = np.array(list(map(lambda x: x & 0xff, data)))\n", + " plot_hist(axe_msb_pub_hist, pub_msb, \"{} coordinate MSB\".format(name), log_scale)\n", + " plot_hist(axe_lsb_pub_hist, pub_lsb, \"{} coordinate LSB\".format(name), log_scale)\n", + " del pub_msb, pub_lsb\n", + "\n", + "_plot_coord(xs, \"X\", 1)\n", + "_plot_coord(ys, \"Y\", 3)\n", + "\n", + "del pub_coords, xs, ys" + ] + }, + { + "cell_type": "markdown", + "metadata": {}, + "source": [ + "### Private key bit length vs time heatmap" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": { + "ExecuteTime": { + "end_time": "2019-03-17T19:25:51.126642Z", + "start_time": "2019-03-17T19:25:50.929170Z" + } + }, + "outputs": [], + "source": [ + "fig_bl = plt.figure(figsize=(10.5, 12), dpi=90)\n", + "gs = gridspec.GridSpec(2, 1, height_ratios=[2.5, 1])\n", + "axe_bl_heat = fig_bl.add_subplot(gs[0])\n", + "axe_bl_hist = fig_bl.add_subplot(gs[1], sharex=axe_bl_heat)\n", + "\n", + "bl_data = np.array(list(map(lambda x: x.bit_length(), data_trimmed[\"priv\"])), dtype=np.dtype(\"u2\"))\n", + "\n", + "h, xe, ye = np.histogram2d(bl_data, data_trimmed[\"gen_time\"], bins=[max(bl_data) - min(bl_data), hist_size_gen_time_trim])\n", + "im = axe_bl_heat.imshow(h.T, origin=\"low\", cmap=cmap, aspect=\"auto\", extent=[xe[0], xe[-1], ye[0], ye[-1]], norm=norm)\n", + "axe_bl_heat.set_xlabel(\"private key bit length\")\n", + "axe_bl_heat.set_ylabel(\"keygen time ({})\".format(gen_unit))\n", + "\n", + "plot_hist(axe_bl_hist, bl_data, \"Private key bit length\", log_scale, align=\"right\")\n", + "fig_priv_hist.colorbar(im, ax=[axe_bl_heat, axe_bl_hist])\n", + "\n", + "del bl_data" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "metadata": {}, + "outputs": [], + "source": [] + } + ], + "metadata": { + "@webio": { + "lastCommId": "eaf134b2342a4b71afa1ac9334e37e07", + "lastKernelId": "95d0d16c-1dde-451e-94cb-8bd0fefb8378" + }, + "hide_input": false, + "kernelspec": { + "display_name": "Python 3", + "language": "python", + "name": "python3" + }, + "language_info": { + "codemirror_mode": { + "name": "ipython", + "version": 3 + }, + "file_extension": ".py", + "mimetype": "text/x-python", + "name": "python", + "nbconvert_exporter": "python", + "pygments_lexer": "ipython3", + "version": "3.7.2" + }, + "latex_envs": { + "LaTeX_envs_menu_present": true, + "autoclose": false, + "autocomplete": true, + "bibliofile": "biblio.bib", + "cite_by": "apalike", + "current_citInitial": 1, + "eqLabelWithNumbers": true, + "eqNumInitial": 1, + "hotkeys": { + "equation": "Ctrl-E", + "itemize": "Ctrl-I" + }, + "labels_anchors": false, + "latex_user_defs": false, + "report_style_numbering": false, + "user_envs_cfg": false + }, + "toc": { + "base_numbering": 1, + "nav_menu": {}, + "number_sections": true, + "sideBar": true, + "skip_h1_title": false, + "title_cell": "Table of Contents", + "title_sidebar": "Contents", + "toc_cell": false, + "toc_position": {}, + "toc_section_display": true, + "toc_window_display": false + } + }, + "nbformat": 4, + "nbformat_minor": 2 +} diff --git a/util/plot_gen.py b/util/plot_gen.py deleted file mode 100755 index 4ee1ddc..0000000 --- a/util/plot_gen.py +++ /dev/null @@ -1,186 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: UTF-8 -*- -# -# Script for plotting ECTester key generation results. -# -# Example usage: -# -# > java -jar ECTesterReader.jar -g 10000 -b 192 -fp -o gen.csv -# ... -# > ./plot_gen.py gen.csv -# ... -# - -import numpy as np -from scipy.stats import entropy -import matplotlib.pyplot as plt -from matplotlib import ticker, colors -from copy import deepcopy -import argparse - -from utils import hw, moving_average, plot_hist, miller_correction - -if __name__ == "__main__": - parser = argparse.ArgumentParser(description="Plot results of ECTester key generation timing.") - parser.add_argument("-o", "--output", dest="output", type=argparse.FileType("wb"), help="Write image to [file], do not display.", metavar="file") - parser.add_argument("--priv", dest="priv", action="store_true", help="Show private key MSB heatmap plot.") - parser.add_argument("--entropy", dest="entropy", action="store_true", help="Show estimated entropy of private key MSB conditioned on time of generation.") - parser.add_argument("--hist", dest="hist", action="store_true", help="Show keygen time histogram.") - parser.add_argument("--export-hist", dest="export_hist", action="store_true", help="Show export time histogram.") - parser.add_argument("--avg", dest="avg", action="store_true", help="Show moving average of keygen time.") - parser.add_argument("--hw-hist", dest="hw_hist", action="store_true", help="Show Hamming weight heatmap (private key Hamming weight and keygen time).") - parser.add_argument("--log", dest="log", action="store_true", help="Use logarithmic scale.") - parser.add_argument("--skip-first", dest="skip_first", nargs="?", const=1, type=int, help="Skip first entry, as it's usually a large outlier.") - parser.add_argument("-t", "--title", dest="title", type=str, nargs="?", default="", help="What title to give the figure.") - parser.add_argument("file", type=str, help="The file to plot(csv).") - - opts = parser.parse_args() - - with open(opts.file, "r") as f: - header = f.readline() - header_names = header.split(";") - if len(header_names) not in (4, 5): - print("Bad data?") - exit(1) - - plots = [opts.priv, opts.hist, opts.export_hist, opts.avg, opts.hw_hist] - n_plots = sum(plots) - if n_plots == 0: - plots = [True for _ in range(5)] - if len(header_names) == 4: - n_plots = 4 - plots[2] = False - else: - n_plots = 5 - - - if plots[2] and len(header_names) != 5: - n_plots = n_plots - 1 - if n_plots == 0: - print("Nothing to plot.") - exit(1) - plots[2] = False - - hx = lambda x: int(x, 16) - if len(header_names) == 4: - data = np.genfromtxt(opts.file, delimiter=";", skip_header=1, converters={2: hx, 3: hx}, dtype=np.dtype([("index", "u4"), ("gen_time", "u4"), ("pub", "O"), ("priv", "O")])) - else: - data = np.genfromtxt(opts.file, delimiter=";", skip_header=1, converters={3: hx, 4: hx}, dtype=np.dtype([("index", "u4"), ("gen_time", "u4"), ("export_time", "u4"), ("pub", "O"), ("priv", "O")])) - - if opts.skip_first: - data = data[opts.skip_first:] - - - gen_time_data = data["gen_time"] - export_time_data = None - if "export_time" in data.dtype.names: - export_time_data = data["export_time"] - pub_data = data["pub"] - priv_data = data["priv"] - - gen_unit = "ms" - if header_names[1].endswith("[nano]"): - gen_unit = r"$\mu s$" - np.floor_divide(gen_time_data, 1000, out=gen_time_data) - export_unit = "ms" - if len(header_names) == 5 and header_names[2].endswith("[nano]"): - export_unit = r"$\mu s$" - np.floor_divide(export_time_data, 1000, out=export_time_data) - - plt.style.use("ggplot") - fig = plt.figure() - layout_kwargs = {} - if opts.title is None: - fig.suptitle(opts.file) - layout_kwargs["rect"] = [0, 0.02, 1, 0.98] - elif opts.title: - fig.suptitle(opts.title) - layout_kwargs["rect"] = [0, 0.02, 1, 0.98] - fig.tight_layout(**layout_kwargs) - - max_gen_time = max(gen_time_data) - min_gen_time = min(gen_time_data) - bit_size = len(bin(max(priv_data))) - 2 - - sorted_data = np.sort(data, order="gen_time") - - cmap = deepcopy(plt.cm.plasma) - cmap.set_bad("black") - - norm = colors.Normalize() - if opts.log: - norm = colors.LogNorm() - - plot_i = 1 - if plots[0]: - axe_private = fig.add_subplot(n_plots, 1, plot_i) - priv_msb = np.array(list(map(lambda x: x >> (bit_size - 8), priv_data)), dtype=np.dtype("u1")) - max_msb = max(priv_msb) - min_msb = min(priv_msb) - heatmap, xedges, yedges = np.histogram2d(priv_msb, gen_time_data, bins=[max_msb - min_msb, max_gen_time - min_gen_time]) - extent = [min_msb, max_msb, yedges[0], yedges[-1]] - axe_private.imshow(heatmap.T, extent=extent, aspect="auto", cmap=cmap, origin="low", interpolation="nearest", norm=norm) - axe_private.set_xlabel("private key MSB value") - axe_private.set_ylabel("keygen time ({})".format(gen_unit)) - plot_i += 1 - - if plots[1]: - axe_hist = fig.add_subplot(n_plots, 1, plot_i) - plot_hist(axe_hist, gen_time_data, "keygen time ({})".format(gen_unit), opts.log) - plot_i += 1 - - if plots[2]: - axe_hist = fig.add_subplot(n_plots, 1, plot_i) - plot_hist(axe_hist, export_time_data, "export time ({})".format(export_unit), opts.log) - plot_i += 1 - - if plots[3]: - axe_avg = fig.add_subplot(n_plots, 1, plot_i) - #if len(header_names) == 5: - # axe_other = axe_avg.twinx() - # axe_other.plot(moving_average(export_time_data, 100), color="green", alpha=0.6, label="export, window = 100") - # axe_other.plot(moving_average(export_time_data, 1000), color="yellow", alpha=0.6, label="export, window = 1000") - # axe_other.legend(loc="lower right") - axe_avg.plot(moving_average(gen_time_data, 100), label="window = 100") - axe_avg.plot(moving_average(gen_time_data, 1000), label="window = 1000") - axe_avg.set_ylabel("keygen time ({})".format(gen_unit)) - axe_avg.set_xlabel("index") - axe_avg.legend(loc="best") - plot_i += 1 - - if plots[4]: - axe_priv_hist = fig.add_subplot(n_plots, 1, plot_i) - priv_hw = np.array(list(map(hw, priv_data)), dtype=np.dtype("u2")) - h, xe, ye = np.histogram2d(priv_hw, gen_time_data, bins=[max(priv_hw) - min(priv_hw), max_gen_time - min_gen_time]) - im = axe_priv_hist.imshow(h.T, origin="low", cmap=cmap, aspect="auto", extent=[xe[0], xe[-1], ye[0], ye[-1]], norm=norm) - axe_priv_hist.axvline(x=bit_size//2, alpha=0.7, linestyle="dotted", color="white", label=str(bit_size//2) + " bits") - axe_priv_hist.set_xlabel("private key Hamming weight") - axe_priv_hist.set_ylabel("keygen time ({})".format(gen_unit)) - axe_priv_hist.legend(loc="best") - fig.colorbar(im, ax=axe_priv_hist) - - fig.text(0.01, 0.02, "Data size: {}".format(len(gen_time_data)), size="small") - - if opts.entropy: - i = 0 - entropies = {} - while i < len(data): - time_val = sorted_data["gen_time"][i] - j = i - msbs = [0 for _ in range(256)] - while j < len(data) and sorted_data["gen_time"][j] == time_val: - msbs[(sorted_data["priv"][j] >> (bit_size - 8)) & 0xff] += 1 - j += 1 - if j - 100 > i: - entropies[time_val] = miller_correction(entropy(msbs, base=2), j - i, 256) - i = j - - entropy = sum(entropies.values())/len(entropies) - fig.text(0.01, 0.04, "Entropy of privkey MSB(estimated): {:.2f} b".format(entropy), size="small") - - if opts.output is None: - plt.show() - else: - fig.set_size_inches(12, 10) - ext = opts.output.name.split(".")[-1] - plt.savefig(opts.output, format=ext, dpi=400, bbox_inches='tight') diff --git a/util/utils.py b/util/utils.py index bddfc35..d6b9aed 100644 --- a/util/utils.py +++ b/util/utils.py @@ -16,18 +16,24 @@ def moving_average(a, n) : return ret[n - 1:] / n -def plot_hist(axes, data, xlabel=None, log=False): +def plot_hist(axes, data, xlabel=None, log=False, avg=True, median=True, bins=None, **kwargs): time_max = max(data) time_min = min(data) time_avg = np.average(data) time_median = np.median(data) - axes.hist(data, bins=time_max - time_min, log=log) - axes.axvline(x=time_avg, alpha=0.7, linestyle="dotted", color="blue", label="avg = {}".format(time_avg)) - axes.axvline(x=time_median, alpha=0.7, linestyle="dotted", color="green", label="median = {}".format(time_median)) + if bins is None: + bins = time_max - time_min + 1 + hist = axes.hist(data, bins=bins, log=log, **kwargs) + if avg: + axes.axvline(x=time_avg, alpha=0.7, linestyle="dotted", color="blue", label="avg = {}".format(time_avg)) + if median: + axes.axvline(x=time_median, alpha=0.7, linestyle="dotted", color="green", label="median = {}".format(time_median)) axes.set_ylabel("count" + ("\n(log)" if log else "")) axes.set_xlabel("time" if xlabel is None else xlabel) axes.xaxis.set_major_locator(ticker.MaxNLocator()) - axes.legend(loc="best") + if avg or median: + axes.legend(loc="best") + return hist def miller_correction(entropy, samples, bins): |