diff options
8 files changed, 122 insertions, 50 deletions
diff --git a/common/src/main/java/cz/crcs/ectester/common/util/Util.java b/common/src/main/java/cz/crcs/ectester/common/util/Util.java index 5b0cd79..9e6daa2 100644 --- a/common/src/main/java/cz/crcs/ectester/common/util/Util.java +++ b/common/src/main/java/cz/crcs/ectester/common/util/Util.java @@ -1,5 +1,8 @@ package cz.crcs.ectester.common.util; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; + /** * @author Jan Jancar johny@neuromancer.sk */ @@ -18,11 +21,25 @@ public class Util { public static int getVersion() { String version = System.getProperty("java.version"); - if(version.startsWith("1.")) { + if (version.startsWith("1.")) { version = version.substring(2, 3); } else { int dot = version.indexOf("."); - if(dot != -1) { version = version.substring(0, dot); } - } return Integer.parseInt(version); + if (dot != -1) { + version = version.substring(0, dot); + } + } + return Integer.parseInt(version); + } + + public static SecureRandom getRandom(byte[] seed) { + SecureRandom random; + try { + random = SecureRandom.getInstance("DRBG"); + } catch (NoSuchAlgorithmException ignored) { + return null; + } + random.setSeed(seed); + return random; } } diff --git a/reader/src/main/java/cz/crcs/ectester/reader/test/CardTestSuite.java b/reader/src/main/java/cz/crcs/ectester/reader/test/CardTestSuite.java index af66a75..e2d9dd1 100644 --- a/reader/src/main/java/cz/crcs/ectester/reader/test/CardTestSuite.java +++ b/reader/src/main/java/cz/crcs/ectester/reader/test/CardTestSuite.java @@ -10,6 +10,7 @@ import cz.crcs.ectester.common.test.Test; import cz.crcs.ectester.common.test.TestSuite; import cz.crcs.ectester.common.util.CardConsts; import cz.crcs.ectester.common.util.ECUtil; +import cz.crcs.ectester.common.util.Util; import cz.crcs.ectester.reader.CardMngr; import cz.crcs.ectester.reader.ECTesterReader; import cz.crcs.ectester.reader.command.Command; @@ -93,7 +94,7 @@ public abstract class CardTestSuite extends TestSuite { if (cfg.testDataSetup.equals("random")) { return new SecureRandom(); } else { - return new SecureRandom(ECUtil.hashCurve(curve)); + return Util.getRandom(ECUtil.hashCurve(curve)); } } @@ -103,7 +104,7 @@ public abstract class CardTestSuite extends TestSuite { } else { ByteBuffer b = ByteBuffer.allocate(4); b.putInt(seed); - return new SecureRandom(b.array()); + return Util.getRandom(b.array()); } } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java index 3194796..f358662 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/ECTesterStandalone.java @@ -415,12 +415,26 @@ public class ECTesterStandalone { throw new NoSuchAlgorithmException(algo); } + SecureRandom random; + if (cli.hasOption("ecdh.prng-seed")) { + String seedString = cli.getOptionValue("ecdh.prng-seed"); + byte[] seed = ByteUtil.hexToBytes(seedString, true); + random = SecureRandom.getInstance("DRBG"); + random.setSeed(seed); + if (!lib.setupDeterministicPRNG(seed)) { + System.err.println("Couldn't set PRNG seed."); + return; + } + } else { + random = new SecureRandom(); + } + KeyAgreement ka = kaIdent.getInstance(lib.getProvider()); KeyPairGenerator kpg = kpIdent.getInstance(lib.getProvider()); AlgorithmParameterSpec spec = null; if (cli.hasOption("ecdh.bits")) { int bits = Integer.parseInt(cli.getOptionValue("ecdh.bits")); - kpg.initialize(bits); + kpg.initialize(bits, random); } else if (cli.hasOption("ecdh.named-curve")) { String curveName = cli.getOptionValue("ecdh.named-curve"); EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, curveName); @@ -429,20 +443,15 @@ public class ECTesterStandalone { return; } spec = curve.toSpec(); - kpg.initialize(spec); + kpg.initialize(spec, random); } else if (cli.hasOption("ecdh.curve-name")) { String curveName = cli.getOptionValue("ecdh.curve-name"); spec = new ECGenParameterSpec(curveName); - kpg.initialize(spec); - } - - if (cli.hasOption("ecdh.prng-seed")) { - String seedString = cli.getOptionValue("ecdh.prng-seed"); - byte[] seed = ByteUtil.hexToBytes(seedString, true); - if (!lib.setupDeterministicPRNG(seed)) { - System.err.println("Couldn't set PRNG seed."); - return; - } + kpg.initialize(spec, random); + } else if (cli.hasOption("ecdh.prng-seed") && !(lib instanceof NativeECLibrary)) { + // TODO: This only happens if at least one of the (pubkey and privkey) needs to be generated. + System.err.println("Unable to pass PRNG seed to a non-native library without specifying either key-size, named curve or curve name options."); + return; } if (cli.hasOption("ecdh.time-source")) { @@ -498,9 +507,9 @@ public class ECTesterStandalone { long elapsed = -System.nanoTime(); if (spec instanceof ECParameterSpec && lib instanceof NativeECLibrary) { - ka.init(privkey, spec); + ka.init(privkey, spec, random); } else { - ka.init(privkey); + ka.init(privkey, random); } ka.doPhase(pubkey, true); elapsed += System.nanoTime(); @@ -534,6 +543,22 @@ public class ECTesterStandalone { * */ private void ecdsa() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, IOException, SignatureException { + ProviderECLibrary lib = cfg.selected; + + SecureRandom random; + if (cli.hasOption("ecdsa.prng-seed")) { + String seedString = cli.getOptionValue("ecdsa.prng-seed"); + byte[] seed = ByteUtil.hexToBytes(seedString, true); + random = SecureRandom.getInstance("DRBG"); + random.setSeed(seed); + if (!lib.setupDeterministicPRNG(seed)) { + System.err.println("Couldn't set PRNG seed."); + return; + } + } else { + random = new SecureRandom(); + } + byte[] data; String dataString; if (cli.hasOption("ecdsa.file")) { @@ -546,12 +571,12 @@ public class ECTesterStandalone { data = Files.readAllBytes(in.toPath()); dataString = ""; } else { - Random random = new Random(); + Random dataRandom = new Random(); data = new byte[32]; - random.nextBytes(data); + dataRandom.nextBytes(data); dataString = ByteUtil.bytesToHex(data, false); } - ProviderECLibrary lib = cfg.selected; + String algo = cli.getOptionValue("ecdsa.type", "ECDSA"); SignatureIdent sigIdent = lib.getSigs().stream() .filter((ident) -> ident.contains(algo)) @@ -586,7 +611,7 @@ public class ECTesterStandalone { ECParameterSpec spec = null; if (cli.hasOption("ecdsa.bits")) { int bits = Integer.parseInt(cli.getOptionValue("ecdsa.bits")); - kpg.initialize(bits); + kpg.initialize(bits, random); } else if (cli.hasOption("ecdsa.named-curve")) { String curveName = cli.getOptionValue("ecdsa.named-curve"); EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, curveName); @@ -595,19 +620,14 @@ public class ECTesterStandalone { return; } spec = curve.toSpec(); - kpg.initialize(spec); + kpg.initialize(spec, random); } else if (cli.hasOption("ecdsa.curve-name")) { String curveName = cli.getOptionValue("ecdsa.curve-name"); - kpg.initialize(new ECGenParameterSpec(curveName)); - } - - if (cli.hasOption("ecdsa.prng-seed")) { - String seedString = cli.getOptionValue("ecdsa.prng-seed"); - byte[] seed = ByteUtil.hexToBytes(seedString, true); - if (!lib.setupDeterministicPRNG(seed)) { - System.err.println("Couldn't set PRNG seed."); - return; - } + kpg.initialize(new ECGenParameterSpec(curveName), random); + } else if (cli.hasOption("ecdsa.prng-seed") && !(lib instanceof NativeECLibrary)) { + // TODO: This only happens if at least one of the (pubkey and privkey) needs to be generated. + System.err.println("Unable to pass PRNG seed to a non-native library without specifying either key-size, named curve or curve name options."); + return; } if (cli.hasOption("ecdsa.time-source")) { @@ -660,7 +680,7 @@ public class ECTesterStandalone { } } - sig.initSign(privkey); + sig.initSign(privkey, random); sig.update(data); long signTime = -System.nanoTime(); @@ -729,10 +749,25 @@ public class ECTesterStandalone { if (ident == null) { throw new NoSuchAlgorithmException(algo); } + + SecureRandom random; + if (cli.hasOption("generate.prng-seed")) { + String seedString = cli.getOptionValue("generate.prng-seed"); + byte[] seed = ByteUtil.hexToBytes(seedString, true); + random = SecureRandom.getInstance("DRBG"); + random.setSeed(seed); + if (!lib.setupDeterministicPRNG(seed)) { + System.err.println("Couldn't set PRNG seed."); + return; + } + } else { + random = new SecureRandom(); + } + KeyPairGenerator kpg = ident.getInstance(lib.getProvider()); if (cli.hasOption("generate.bits")) { int bits = Integer.parseInt(cli.getOptionValue("generate.bits")); - kpg.initialize(bits); + kpg.initialize(bits, random); } else if (cli.hasOption("generate.named-curve")) { String curveName = cli.getOptionValue("generate.named-curve"); EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, curveName); @@ -740,19 +775,13 @@ public class ECTesterStandalone { System.err.println("Curve not found: " + curveName); return; } - kpg.initialize(curve.toSpec()); + kpg.initialize(curve.toSpec(), random); } else if (cli.hasOption("generate.curve-name")) { String curveName = cli.getOptionValue("generate.curve-name"); - kpg.initialize(new ECGenParameterSpec(curveName)); - } - - if (cli.hasOption("generate.prng-seed")) { - String seedString = cli.getOptionValue("generate.prng-seed"); - byte[] seed = ByteUtil.hexToBytes(seedString, true); - if (!lib.setupDeterministicPRNG(seed)) { - System.err.println("Couldn't set PRNG seed."); - return; - } + kpg.initialize(new ECGenParameterSpec(curveName), random); + } else if (cli.hasOption("generate.prng-seed") && !(lib instanceof NativeECLibrary)) { + System.err.println("Unable to pass PRNG seed to a non-native library without specifying either key-size, named curve or curve name options."); + return; } if (cli.hasOption("generate.time-source")) { diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java index e8a4d30..0a7ea8c 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/BouncyCastleLib.java @@ -25,4 +25,16 @@ public class BouncyCastleLib extends ProviderECLibrary { } return result; } + + @Override + public boolean supportsDeterministicPRNG() { + return true; + } + + @Override + public boolean setupDeterministicPRNG(byte[] seed) { + // This is done by passing the SecureRandom into the individual KeyPairGenerator, KeyAgreement and Signature + // instances. Thus, this does nothing. + return true; + } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/SunECLib.java b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/SunECLib.java index 7209dc3..c38300d 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/libs/SunECLib.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/libs/SunECLib.java @@ -25,4 +25,16 @@ public class SunECLib extends ProviderECLibrary { } return result; } + + @Override + public boolean supportsDeterministicPRNG() { + return true; + } + + @Override + public boolean setupDeterministicPRNG(byte[] seed) { + // This is done by passing the SecureRandom into the individual KeyPairGenerator, KeyAgreement and Signature + // instances. Thus, this does nothing. + return true; + } } diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java index 01c3a53..12a9f16 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneEdgeCasesSuite.java @@ -129,7 +129,7 @@ public class StandaloneEdgeCasesSuite extends StandaloneTestSuite { e.getKey().endsWith("r1") && e.getValue().getField() == javacard.security.KeyPair.ALG_EC_FP).map(Map.Entry::getValue).collect(Collectors.toList()); curves.add(EC_Store.getInstance().getObject(EC_Curve.class, "cofactor/cofactor128p2")); curves.add(EC_Store.getInstance().getObject(EC_Curve.class, "cofactor/cofactor160p4")); - Random rand = new Random(); + Random rand = getRandom(); for (EC_Curve curve : curves) { ECParameterSpec spec = curve.toSpec(); diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java index 284194c..3ce58e1 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneTestSuite.java @@ -4,6 +4,7 @@ import cz.crcs.ectester.common.cli.TreeCommandLine; import cz.crcs.ectester.common.output.TestWriter; import cz.crcs.ectester.common.test.TestSuite; import cz.crcs.ectester.common.util.ByteUtil; +import cz.crcs.ectester.common.util.Util; import cz.crcs.ectester.standalone.ECTesterStandalone; import cz.crcs.ectester.standalone.consts.Ident; import cz.crcs.ectester.standalone.consts.KeyAgreementIdent; @@ -34,7 +35,7 @@ public abstract class StandaloneTestSuite extends TestSuite { } else { seed = new SecureRandom().generateSeed(16); } - this.random = new SecureRandom(seed); + this.random = Util.getRandom(seed); } public ProviderECLibrary getLibrary() { diff --git a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java index fe954a8..1a18188 100644 --- a/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java +++ b/standalone/src/main/java/cz/crcs/ectester/standalone/test/suites/StandaloneWrongSuite.java @@ -96,7 +96,7 @@ public class StandaloneWrongSuite extends StandaloneTestSuite { Map<String, EC_Curve> curveMap = EC_Store.getInstance().getObjects(EC_Curve.class, "secg"); List<EC_Curve> curves = curveMap.entrySet().stream().filter((e) -> e.getKey().endsWith("r1") && e.getValue().getField() == javacard.security.KeyPair.ALG_EC_FP).map(Map.Entry::getValue).collect(Collectors.toList()); - Random r = new Random(); + Random r = getRandom(); for (EC_Curve curve : curves) { short bits = curve.getBits(); final byte[] originalp = curve.getParam(EC_Consts.PARAMETER_FP)[0]; |