diff options
Diffstat (limited to 'src')
14 files changed, 58 insertions, 26 deletions
diff --git a/src/cz/crcs/ectester/reader/ECTesterReader.java b/src/cz/crcs/ectester/reader/ECTesterReader.java index 2a931f5..7a9d3eb 100644 --- a/src/cz/crcs/ectester/reader/ECTesterReader.java +++ b/src/cz/crcs/ectester/reader/ECTesterReader.java @@ -285,6 +285,7 @@ public class ECTesterReader { * -ka/ --ka-type <type> * -sig/--sig-type <type> * -C / --color + * -to/ --test-options <opts> */ OptionGroup actions = new OptionGroup(); actions.setRequired(true); @@ -294,7 +295,7 @@ public class ECTesterReader { actions.addOption(Option.builder("ls").longOpt("list-suites").desc("List supported test suites.").build()); actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate <amount> of EC keys.").hasArg().argName("amount").optionalArg(true).build()); - actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support. Optionally specify a test number to run only a part of a test suite. <test_suite>:\n- default:\n- compression:\n- invalid:\n- twist:\n- degenerate:\n- cofactor:\n- wrong:\n- signature:\n- composite:\n- test-vectors:\n- edge-cases:\n- miscellaneous:").hasArg().argName("test_suite[:from[:to]]").optionalArg(true).build()); + actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support. Optionally specify a test number to run only a part of a test suite. <test_suite>:\n- default\n- compression\n- invalid\n- twist\n- degenerate\n- cofactor\n- wrong\n- signature\n- composite\n- test-vectors\n- edge-cases\n- miscellaneous").hasArg().argName("test_suite[:from[:to]]").optionalArg(true).build()); actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do EC KeyAgreement (ECDH...), [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("nf").longOpt("info").desc("Get applet info.").build()); @@ -340,7 +341,7 @@ public class ECTesterReader { opts.addOption(Option.builder().longOpt("cleanup").desc("Send the cleanup command trigerring JCSystem.requestObjectDeletion() after some operations.").build()); opts.addOption(Option.builder("s").longOpt("simulate").desc("Simulate a card with jcardsim instead of using a terminal.").build()); opts.addOption(Option.builder("y").longOpt("yes").desc("Accept all warnings and prompts.").build()); - opts.addOption(Option.builder("to").longOpt("test-options").desc("Test options to use.").hasArg().argName("options").build()); + opts.addOption(Option.builder("to").longOpt("test-options").desc("Test options to use:\n- preset: Use preset semi-random private keys instead of generating keypairs on the cards when the test needs one.").hasArg().argName("options").build()); opts.addOption(Option.builder("ka").longOpt("ka-type").desc("Set KeyAgreement object [type], corresponds to JC.KeyAgreement constants.").hasArg().argName("type").optionalArg(true).build()); opts.addOption(Option.builder("sig").longOpt("sig-type").desc("Set Signature object [type], corresponds to JC.Signature constants.").hasArg().argName("type").optionalArg(true).build()); @@ -369,6 +370,9 @@ public class ECTesterReader { for (String line : suite.getDescription()) { System.out.println("\t" + line); } + if (suite.getOptions() != null) { + System.out.println("\t" + Colors.underline("Options:") + " " + Arrays.toString(suite.getOptions())); + } } System.out.println(); System.out.println("For more information, look at the documentation at https://github.com/crocs-muni/ECTester."); @@ -620,7 +624,7 @@ public class ECTesterReader { int retry = 0; int done = 0; - while (done < cfg.ECKACount) { + while (done < cfg.ECKACount || cfg.ECKACount == 0) { if (generate != null) { Response regen = generate.send(); respWriter.outputResponse(regen); @@ -655,6 +659,7 @@ public class ECTesterReader { time += result.getDuration(); out.write(String.format("%d;%d;%s;%s;%s\n", done, time / 1000000, ByteUtil.bytesToHex(pubkey_bytes, false), ByteUtil.bytesToHex(privkey_bytes, false), ByteUtil.bytesToHex(result.getSecret(), false))); + out.flush(); } ++done; @@ -724,7 +729,7 @@ public class ECTesterReader { int retry = 0; int done = 0; - while (done < cfg.ECDSACount) { + while (done < cfg.ECDSACount || cfg.ECDSACount == 0) { if (!cfg.fixedKey) { respWriter.outputResponse(generate.send()); exported = export.send(); @@ -785,6 +790,7 @@ public class ECTesterReader { } } out.write(String.format("%d;%d;%d;%s;%s;%s;%s;%s;%d\n", done, signTime / 1000000, verifyTime / 1000000, dataString, pub, priv, ByteUtil.bytesToHex(signature, false), k, verifyResp.successful() ? 1 : 0)); + out.flush(); } ++done; @@ -984,14 +990,14 @@ public class ECTesterReader { try { testFrom = Integer.parseInt(parts[1]); } catch (NumberFormatException nfe) { - System.err.println("Invalid test from number: " + parts[1] + "."); + System.err.println("Invalid test_from number: " + parts[1] + "."); return false; } if (parts.length == 3) { try { testTo = Integer.parseInt(parts[2]); } catch (NumberFormatException nfe) { - System.err.println("Invalid test to number: " + parts[2] + "."); + System.err.println("Invalid test_to number: " + parts[2] + "."); return false; } } else if (parts.length != 2) { @@ -1005,10 +1011,24 @@ public class ECTesterReader { testFrom = 0; testTo = -1; } + String[] tests = new String[]{"default", "composite", "compression", "invalid", "degenerate", "test-vectors", "wrong", "twist", "cofactor", "edge-cases", "miscellaneous", "signature"}; - if (!Arrays.asList(tests).contains(testSuite)) { + String selected = null; + for (String test : tests) { + if (test.startsWith(testSuite)) { + if (selected != null) { + System.err.println(Colors.error("Test suite ambiguous " + test + " or " + selected + "?")); + return false; + } else { + selected = test; + } + } + } + if (selected == null) { System.err.println(Colors.error("Unknown test suite " + testSuite + ". Should be one of: " + Arrays.toString(tests))); return false; + } else { + testSuite = selected; } String[] opts = cli.getOptionValue("test-options", "").split(","); @@ -1036,8 +1056,8 @@ public class ECTesterReader { } ECKACount = Integer.parseInt(cli.getOptionValue("ecdh", "1")); - if (ECKACount <= 0) { - System.err.println(Colors.error("ECDH count cannot be <= 0.")); + if (ECKACount < 0) { + System.err.println(Colors.error("ECDH count cannot be < 0.")); return false; } @@ -1058,8 +1078,8 @@ public class ECTesterReader { } ECDSACount = Integer.parseInt(cli.getOptionValue("ecdsa", "1")); - if (ECDSACount <= 0) { - System.err.println(Colors.error("ECDSA count cannot be <= 0.")); + if (ECDSACount < 0) { + System.err.println(Colors.error("ECDSA count cannot be < 0.")); return false; } diff --git a/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java b/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java index 982e07a..4a8fcc0 100644 --- a/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardCofactorSuite.java @@ -25,7 +25,7 @@ import static cz.crcs.ectester.common.test.Result.ExpectedValue; */ public class CardCofactorSuite extends CardTestSuite { public CardCofactorSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "cofactor", "The cofactor test suite tests whether the card correctly rejects points on the curve", + super(writer, cfg, cardManager, "cofactor", new String[]{"preset"}, "The cofactor test suite tests whether the card correctly rejects points on the curve", "but not in the subgroup generated by the generator(so of small order, dividing the cofactor) during ECDH."); } diff --git a/src/cz/crcs/ectester/reader/test/CardCompositeSuite.java b/src/cz/crcs/ectester/reader/test/CardCompositeSuite.java index 93d50e8..2712184 100644 --- a/src/cz/crcs/ectester/reader/test/CardCompositeSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardCompositeSuite.java @@ -25,7 +25,7 @@ import static cz.crcs.ectester.common.test.Result.ExpectedValue; public class CardCompositeSuite extends CardTestSuite { public CardCompositeSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "composite", "The composite suite runs ECDH over curves with composite order.", + super(writer, cfg, cardManager, "composite", new String[]{"preset"}, "The composite suite runs ECDH over curves with composite order.", "Various types of compositeness is tested: smooth numbers, Carmichael pseudoprime, prime square, product of two large primes."); } diff --git a/src/cz/crcs/ectester/reader/test/CardCompressionSuite.java b/src/cz/crcs/ectester/reader/test/CardCompressionSuite.java index c86c0b1..9eed814 100644 --- a/src/cz/crcs/ectester/reader/test/CardCompressionSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardCompressionSuite.java @@ -28,7 +28,7 @@ import java.util.Map; */ public class CardCompressionSuite extends CardTestSuite { public CardCompressionSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "compression", "The compression test suite tests cards support for compressed points in ECDH (as per ANSI X9.62).", + super(writer, cfg, cardManager, "compression", null, "The compression test suite tests cards support for compressed points in ECDH (as per ANSI X9.62).", "It also tests for handling of bogus input in ECDH by using the point at infinity and a hybrid point with the y coordinate corrupted.", "It also tests handling of compressed point in ECDH, where the x coordinate is invalid and therefore", "a quadratic non-residue will be computed and (square root-ed) during decompression."); diff --git a/src/cz/crcs/ectester/reader/test/CardDefaultSuite.java b/src/cz/crcs/ectester/reader/test/CardDefaultSuite.java index ebece61..8814c37 100644 --- a/src/cz/crcs/ectester/reader/test/CardDefaultSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardDefaultSuite.java @@ -28,7 +28,7 @@ import static cz.crcs.ectester.common.test.Result.Value; public class CardDefaultSuite extends CardTestSuite { public CardDefaultSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "default", "The default test suite tests basic support and performance of ECDH and ECDSA."); + super(writer, cfg, cardManager, "default", null, "The default test suite tests basic support and performance of ECDH and ECDSA."); } @Override diff --git a/src/cz/crcs/ectester/reader/test/CardDegenerateSuite.java b/src/cz/crcs/ectester/reader/test/CardDegenerateSuite.java index 730c70b..f2e73b6 100644 --- a/src/cz/crcs/ectester/reader/test/CardDegenerateSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardDegenerateSuite.java @@ -24,7 +24,7 @@ import java.util.Map; public class CardDegenerateSuite extends CardTestSuite { public CardDegenerateSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "degenerate", "The degenerate suite tests whether the card rejects points outside of the curve during ECDH.", + super(writer, cfg, cardManager, "degenerate", null, "The degenerate suite tests whether the card rejects points outside of the curve during ECDH.", "The tested points lie on a part of the plane for which some Edwards, Hessian and Huff form addition formulas degenerate into exponentiation in the base finite field."); } diff --git a/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java b/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java index 53f3b6b..cc0f8d3 100644 --- a/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java @@ -31,7 +31,7 @@ import java.util.stream.Collectors; */ public class CardEdgeCasesSuite extends CardTestSuite { public CardEdgeCasesSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "edge-cases", "The edge-cases test suite tests various inputs to ECDH which may cause an implementation to achieve a certain edge-case state during it.", + super(writer, cfg, cardManager, "edge-cases", null, "The edge-cases test suite tests various inputs to ECDH which may cause an implementation to achieve a certain edge-case state during it.", "Some of the data is from the google/Wycheproof project. Tests include CVE-2017-10176 and CVE-2017-8932.", "Also tests values of the private key and public key that would trigger the OpenSSL modualr multiplication bug on the P-256 curve.", "Various edge private key values are also tested."); @@ -154,7 +154,7 @@ public class CardEdgeCasesSuite extends CardTestSuite { continue; } Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Result.ExpectedValue.SUCCESS); - Test generate = genOrPreset(curve, Result.ExpectedValue.SUCCESS); + Test generate = CommandTest.expect(new Command.Generate(this.card, ECTesterApplet.KEYPAIR_LOCAL), Result.ExpectedValue.SUCCESS); CommandTest export = CommandTest.expect(new Command.Export(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, EC_Consts.PARAMETER_W), Result.ExpectedValue.SUCCESS); Test setup = runTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "KeyPair setup.", key, set, generate, export)); diff --git a/src/cz/crcs/ectester/reader/test/CardInvalidSuite.java b/src/cz/crcs/ectester/reader/test/CardInvalidSuite.java index 9c4b54c..5df379e 100644 --- a/src/cz/crcs/ectester/reader/test/CardInvalidSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardInvalidSuite.java @@ -26,7 +26,7 @@ import static cz.crcs.ectester.common.test.Result.ExpectedValue; public class CardInvalidSuite extends CardTestSuite { public CardInvalidSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "invalid", "The invalid curve suite tests whether the card rejects points outside of the curve during ECDH."); + super(writer, cfg, cardManager, "invalid", null, "The invalid curve suite tests whether the card rejects points outside of the curve during ECDH."); } @Override diff --git a/src/cz/crcs/ectester/reader/test/CardMiscSuite.java b/src/cz/crcs/ectester/reader/test/CardMiscSuite.java index b1163c3..d1a5c0f 100644 --- a/src/cz/crcs/ectester/reader/test/CardMiscSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardMiscSuite.java @@ -23,7 +23,7 @@ import java.util.Map; public class CardMiscSuite extends CardTestSuite { public CardMiscSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "miscellaneous", "Some miscellaneous tests, tries ECDH and ECDSA over supersingular curves, anomalous curves,", + super(writer, cfg, cardManager, "miscellaneous",new String[]{"preset"}, "Some miscellaneous tests, tries ECDH and ECDSA over supersingular curves, anomalous curves,", "Barreto-Naehrig curves with small embedding degree and CM discriminant, MNT curves,", "some Montgomery curves transformed to short Weierstrass form and Curve25519 transformed to short Weierstrass form."); } diff --git a/src/cz/crcs/ectester/reader/test/CardSignatureSuite.java b/src/cz/crcs/ectester/reader/test/CardSignatureSuite.java index 0fa58d3..0e4ca8e 100644 --- a/src/cz/crcs/ectester/reader/test/CardSignatureSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardSignatureSuite.java @@ -22,7 +22,7 @@ import java.util.Map; */ public class CardSignatureSuite extends CardTestSuite { public CardSignatureSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "signature", "The signature test suite tests verifying various malformed and well-formed but invalid ECDSA signatures."); + super(writer, cfg, cardManager, "signature", null, "The signature test suite tests verifying various malformed and well-formed but invalid ECDSA signatures."); } @Override diff --git a/src/cz/crcs/ectester/reader/test/CardTestSuite.java b/src/cz/crcs/ectester/reader/test/CardTestSuite.java index 73acbe7..ed3dc3b 100644 --- a/src/cz/crcs/ectester/reader/test/CardTestSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardTestSuite.java @@ -13,17 +13,21 @@ import cz.crcs.ectester.reader.CardMngr; import cz.crcs.ectester.reader.ECTesterReader; import cz.crcs.ectester.reader.command.Command; +import java.util.Arrays; + /** * @author Jan Jancar johny@neuromancer.sk */ public abstract class CardTestSuite extends TestSuite { ECTesterReader.Config cfg; CardMngr card; + String[] options; - CardTestSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager, String name, String... description) { + CardTestSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager, String name, String[] options, String... description) { super(writer, name, description); this.card = cardManager; this.cfg = cfg; + this.options = options; } public CardMngr getCard() { @@ -34,8 +38,16 @@ public abstract class CardTestSuite extends TestSuite { return cfg; } + public String[] getOptions() { + if (options != null) { + return options.clone(); + } else { + return options; + } + } + public Test genOrPreset(EC_Curve curve, Result.ExpectedValue expected) { - if (cfg.testOptions.contains("preset")) { + if (Arrays.asList(options).contains("preset") && cfg.testOptions.contains("preset")) { byte[] presetPriv = ECUtil.semiRandomKey(curve); EC_Params privParms = new EC_Params(EC_Consts.PARAMETER_S, new byte[][]{presetPriv}); return CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, privParms.getParams(), privParms.flatten()), expected); diff --git a/src/cz/crcs/ectester/reader/test/CardTestVectorSuite.java b/src/cz/crcs/ectester/reader/test/CardTestVectorSuite.java index b6dc904..690425d 100644 --- a/src/cz/crcs/ectester/reader/test/CardTestVectorSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardTestVectorSuite.java @@ -42,7 +42,7 @@ import static cz.crcs.ectester.common.test.Result.Value; public class CardTestVectorSuite extends CardTestSuite { public CardTestVectorSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "test", "The test-vectors suite contains a collection of test vectors which test basic ECDH correctness."); + super(writer, cfg, cardManager, "test-vectors", null, "The test-vectors suite contains a collection of test vectors which test basic ECDH correctness."); } @Override diff --git a/src/cz/crcs/ectester/reader/test/CardTwistSuite.java b/src/cz/crcs/ectester/reader/test/CardTwistSuite.java index 4929d52..a6bca6c 100644 --- a/src/cz/crcs/ectester/reader/test/CardTwistSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardTwistSuite.java @@ -23,7 +23,7 @@ import java.util.Map; */ public class CardTwistSuite extends CardTestSuite { public CardTwistSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "twist", "The twist test suite tests whether the card correctly rejects points on the quadratic twist of the curve during ECDH."); + super(writer, cfg, cardManager, "twist", null, "The twist test suite tests whether the card correctly rejects points on the quadratic twist of the curve during ECDH."); } @Override diff --git a/src/cz/crcs/ectester/reader/test/CardWrongSuite.java b/src/cz/crcs/ectester/reader/test/CardWrongSuite.java index 8bc7c90..3ba0ee9 100644 --- a/src/cz/crcs/ectester/reader/test/CardWrongSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardWrongSuite.java @@ -31,7 +31,7 @@ import static cz.crcs.ectester.common.test.Result.ExpectedValue; public class CardWrongSuite extends CardTestSuite { public CardWrongSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "wrong", "The wrong curve suite tests whether the card rejects domain parameters which are not curves."); + super(writer, cfg, cardManager, "wrong", null, "The wrong curve suite tests whether the card rejects domain parameters which are not curves."); } @Override |