From 0ae3b300c51a9c6bbde103076f089428bbe3e55e Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 24 Oct 2016 19:04:25 +0200 Subject: fixed ant build on linux, added utility scripts in bash --- !uploader/gppro_upload.sh | 7 +++++++ !uploader/gppro_upload_emv.sh | 8 ++++++++ jcbuild.xml | 2 +- 3 files changed, 16 insertions(+), 1 deletion(-) create mode 100755 !uploader/gppro_upload.sh create mode 100755 !uploader/gppro_upload_emv.sh diff --git a/!uploader/gppro_upload.sh b/!uploader/gppro_upload.sh new file mode 100755 index 0000000..faeaf24 --- /dev/null +++ b/!uploader/gppro_upload.sh @@ -0,0 +1,7 @@ +#!/bin/bash +java -jar gp.jar -delete 4543546573746572 -deletedeps -verbose +java -jar gp.jar -deletedeps -verbose -delete 4A43416C6754657374 + +java -jar gp.jar -install simpleECC.cap -verbose + + diff --git a/!uploader/gppro_upload_emv.sh b/!uploader/gppro_upload_emv.sh new file mode 100755 index 0000000..9a51cd9 --- /dev/null +++ b/!uploader/gppro_upload_emv.sh @@ -0,0 +1,8 @@ +java -jar gp.jar -deletedeps -verbose -emv -delete 4C6162616B417070 +java -jar gp.jar -deletedeps -verbose -emv -delete 4A43416C6754657374 +java -jar gp.jar -deletedeps -verbose -emv -delete 4543546573746572 + + +java -jar gp.jar -install simpleECC.cap -verbose -emv -d + + diff --git a/jcbuild.xml b/jcbuild.xml index 014117c..70d5370 100644 --- a/jcbuild.xml +++ b/jcbuild.xml @@ -16,7 +16,7 @@ - + -- cgit v1.2.3-70-g09d2 From b1b21aae218bec813a853938563234ad4e2d8668 Mon Sep 17 00:00:00 2001 From: petrs Date: Fri, 18 Nov 2016 21:18:22 +0100 Subject: Added support for multiple readers Added support for mass gathering of ECC keys (refactoring needed) --- !uploader/simpleECC.cap | Bin 9542 -> 9854 bytes dist/SimpleAPDU.jar | Bin 47118 -> 52783 bytes src/applets/EC_Consts.java | 3 + src/applets/SimpleECCApplet.java | 88 ++++++++++++++++++++-------- src/simpleapdu/CardMngr.java | 67 +++++++++++++++++---- src/simpleapdu/DirtyLogger.java | 50 ++++++++++++++++ src/simpleapdu/SimpleAPDU.java | 123 +++++++++++++++++++++++++++++---------- 7 files changed, 266 insertions(+), 65 deletions(-) create mode 100644 src/simpleapdu/DirtyLogger.java diff --git a/!uploader/simpleECC.cap b/!uploader/simpleECC.cap index ee8fefd..9d36664 100644 Binary files a/!uploader/simpleECC.cap and b/!uploader/simpleECC.cap differ diff --git a/dist/SimpleAPDU.jar b/dist/SimpleAPDU.jar index c1fcaba..3a13dc6 100644 Binary files a/dist/SimpleAPDU.jar and b/dist/SimpleAPDU.jar differ diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index b7128dc..b607921 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -9,6 +9,9 @@ import javacard.security.KeyPair; import javacard.security.RandomData; public class EC_Consts { + public static final byte TAG_ECPUBKEY = (byte) 0x41; + public static final byte TAG_ECPRIVKEY = (byte) 0x42; + public static byte[] EC_FP_P = null; public static byte[] EC_FP_A = null; public static byte[] EC_FP_B = null; diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 720ee4e..18eec5a 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -27,6 +27,8 @@ public class SimpleECCApplet extends javacard.framework.Applet final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; + public final static byte P1_SETCURVE = (byte) 0x01; + public final static byte P1_GENERATEKEYPAIR = (byte) 0x02; final static short ARRAY_LENGTH = (short) 0xff; @@ -192,10 +194,10 @@ public class SimpleECCApplet extends javacard.framework.Applet case INS_ALLOCATEKEYPAIRS: AllocateKeyPairs(apdu); break; +*/ case INS_GENERATEKEY: - GenerateKey(apdu); + GenerateAndReturnKey(apdu); break; -*/ default : // The INS code is not supported by the dispatcher ISOException.throwIt( ISO7816.SW_INS_NOT_SUPPORTED ) ; @@ -741,7 +743,7 @@ public class SimpleECCApplet extends javacard.framework.Applet short bitLen = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); - // Note: all locations shoudl happen in constructor. But here it is intentional + // Note: all locations should happen in constructor. But here it is intentional // as we like to test for result of allocation ecKeyPair = new KeyPair(KeyPair.ALG_EC_FP, bitLen); @@ -827,7 +829,64 @@ public class SimpleECCApplet extends javacard.framework.Applet apdu.setOutgoingAndSend((short) 0, secretLen); } - + void GenerateAndReturnKey(APDU apdu) { + byte[] apdubuf = apdu.getBuffer(); + apdu.setIncomingAndReceive(); + + short bitLen = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); + + short offset = 0; + + switch (apdubuf[ISO7816.OFFSET_P1]) { + case P1_SETCURVE: { + ecKeyPair = new KeyPair(KeyPair.ALG_EC_FP, bitLen); + + ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); + ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); + // Some implementation wil not return valid pub key until ecKeyPair.genKeyPair() is called + // Other implementation will fail with exception if same is called => try catch + try { + if (ecPubKey == null) { + ecKeyPair.genKeyPair(); + } + } catch (Exception e) { + } // do nothing + + // If required, initialize curve parameters first + EC_Consts.setValidECKeyParams(ecPubKey, ecPrivKey, KeyPair.ALG_EC_FP, bitLen, m_ramArray); + + break; + } + case P1_GENERATEKEYPAIR: { + // Assumption: proper EC keyPair is already allocated and initialized + ecKeyPair.genKeyPair(); + ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); + ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); + + offset = 0; + apdubuf[offset] = EC_Consts.TAG_ECPUBKEY; + offset++; + offset += 2; // reserve space for length + short len = ecPubKey.getW(apdubuf, offset); + Util.setShort(apdubuf, (short) (offset - 2), len); + offset += len; + apdubuf[offset] = EC_Consts.TAG_ECPRIVKEY; + offset++; + offset += 2; // reserve space for length + len = ecPrivKey.getS(apdubuf, offset); + Util.setShort(apdubuf, (short) (offset - 2), len); + offset += len; + + break; + } + default: + ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2); + } + + + + apdu.setOutgoingAndSend((short) 0, offset); + } @@ -891,28 +950,7 @@ public class SimpleECCApplet extends javacard.framework.Applet EC_Consts.setValidECKeyParams(ecPubKey, ecPrivKey, KeyPair.ALG_EC_FP, bitLen, m_ramArray); } - void GenerateAndReturnKey(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - apdu.setIncomingAndReceive(); - - // Assumption: proper EC keyPair is already allocated and initialized - - ecKeyPair.genKeyPair(); - ecPubKey = (ECPublicKey) ecKeyPair.getPrivate(); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); - - short offset = 0; - offset += 2; // reserve space for length - short len = ecPubKey.getW(apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - offset += 2; // reserve space for length - len = ecPrivKey.getS(apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - apdu.setOutgoingAndSend((short) 0, offset); - } */ } diff --git a/src/simpleapdu/CardMngr.java b/src/simpleapdu/CardMngr.java index 1ab6408..d778bc8 100644 --- a/src/simpleapdu/CardMngr.java +++ b/src/simpleapdu/CardMngr.java @@ -3,6 +3,7 @@ package simpleapdu; import com.licel.jcardsim.io.CAD; import com.licel.jcardsim.io.JavaxSmartCardInterface; import java.util.List; +import java.util.Scanner; import javacard.framework.AID; import javax.smartcardio.*; @@ -11,9 +12,9 @@ import javax.smartcardio.*; * @author xsvenda */ public class CardMngr { - CardTerminal m_terminal = null; - CardChannel m_channel = null; - Card m_card = null; + static CardTerminal m_terminal = null; + static CardChannel m_channel = null; + static Card m_card = null; // Simulator related attributes private static CAD m_cad = null; @@ -62,6 +63,49 @@ public class CardMngr { return cardFound; } + + static boolean ConnectToCardSelect() throws CardException { + // Test available card - if more present, let user to select one + List terminalList = CardMngr.GetReaderList(); + if (terminalList.isEmpty()) { + System.out.println("ERROR: No suitable reader with card detected. Please check your reader connection"); + return false; + } else { + if (terminalList.size() == 1) { + m_terminal = terminalList.get(0); // return first and only reader + } else { + int terminalIndex = 1; + // Let user select target terminal + for (CardTerminal terminal : terminalList) { + Card card; + try { + card = terminal.connect("*"); + ATR atr = card.getATR(); + System.out.println(terminalIndex + " : " + terminal.getName() + " - " + CardMngr.bytesToHex(atr.getBytes())); + terminalIndex++; + } catch (CardException ex) { + System.out.println(ex); + } + } + System.out.print("Select index of target reader you like to use 1.." + (terminalIndex - 1) + ": "); + Scanner sc = new Scanner(System.in); + int answ = sc.nextInt(); + System.out.println(String.format("%d", answ)); + answ--; // is starting with 0 + // BUGBUG; verify allowed index range + m_terminal = terminalList.get(answ); + } + } + + if (m_terminal != null) { + m_card = m_terminal.connect("*"); + System.out.println("card: " + m_card); + m_channel = m_card.getBasicChannel(); + } + + return true; + } + public void DisconnectFromCard() throws Exception { if (m_card != null) { @@ -116,7 +160,7 @@ public class CardMngr { } } - public List GetReaderList() { + public static List GetReaderList() { try { TerminalFactory factory = TerminalFactory.getDefault(); List readersList = factory.terminals().list(); @@ -158,7 +202,7 @@ public class CardMngr { return (responseAPDU); } - public String byteToHex(byte data) { + public static String byteToHex(byte data) { StringBuilder buf = new StringBuilder(); buf.append(toHexChar((data >>> 4) & 0x0F)); buf.append(toHexChar(data & 0x0F)); @@ -166,7 +210,7 @@ public class CardMngr { } - public char toHexChar(int i) { + public static char toHexChar(int i) { if ((0 <= i) && (i <= 9)) { return (char) ('0' + i); } else { @@ -174,16 +218,19 @@ public class CardMngr { } } - public String bytesToHex(byte[] data) { + public static String bytesToHex(byte[] data) { + return bytesToHex(data, 0, data.length, true); + } + + public static String bytesToHex(byte[] data, int offset, int len, boolean bAddSpace) { StringBuilder buf = new StringBuilder(); - for (int i = 0; i < data.length; i++) { + for (int i = offset; i < (offset + len); i++) { buf.append(byteToHex(data[i])); - buf.append(" "); + if (bAddSpace) { buf.append(" "); } } return (buf.toString()); } - public boolean prepareLocalSimulatorApplet(byte[] appletAIDArray, byte[] installData, Class appletClass) { System.setProperty("com.licel.jcardsim.terminal.type", "2"); m_cad = new CAD(System.getProperties()); diff --git a/src/simpleapdu/DirtyLogger.java b/src/simpleapdu/DirtyLogger.java new file mode 100644 index 0000000..69e5e65 --- /dev/null +++ b/src/simpleapdu/DirtyLogger.java @@ -0,0 +1,50 @@ +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ +package simpleapdu; + +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.logging.Level; +import java.util.logging.Logger; + +/** + * + * @author xsvenda + */ +public class DirtyLogger { + FileOutputStream m_logFile; + boolean m_bOutputSystemOut = true; + public DirtyLogger(FileOutputStream logFile, boolean bOutputSystemOut) { + m_logFile = logFile; + m_bOutputSystemOut = bOutputSystemOut; + } + public void println() { + String logLine = "\n"; + print(logLine); + } + public void println(String logLine) { + logLine += "\n"; + print(logLine); + } + public void print(String logLine) { + if (m_bOutputSystemOut) { + System.out.print(logLine); + } + if (m_logFile != null) { + try { + m_logFile.write(logLine.getBytes()); + } catch (IOException ex) { + } + } + } + + void flush() { + try { + m_logFile.flush(); + } catch (IOException ex) { + } + } +} diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 0ea9ca3..575f562 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -1,13 +1,15 @@ package simpleapdu; +import applets.EC_Consts; import applets.SimpleECCApplet; -import static applets.SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; -import static applets.SimpleECCApplet.ECTEST_SET_INVALIDCURVE; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.Arrays; import javacard.framework.ISO7816; import javacard.security.CryptoException; import javacard.security.KeyPair; import javax.smartcardio.ResponseAPDU; -import org.bouncycastle.util.Arrays; /** * @@ -15,7 +17,8 @@ import org.bouncycastle.util.Arrays; */ public class SimpleAPDU { static CardMngr cardManager = new CardMngr(); - + static DirtyLogger m_SystemOutLogger = null; + private final static byte SELECT_ECTESTERAPPLET[] = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; @@ -32,6 +35,8 @@ public class SimpleAPDU { private static final short INVALIDCURVEB_CORRUPTIONTYPE_OFFSET = 7; private static final short INVALIDCURVEB_REWINDONSUCCESS_OFFSET = 9; + private static final byte TESTECSUPPORT_GENERATEECCKEY[] = {(byte) 0xB0, (byte) 0x5a, (byte) 0x00, (byte) 0x00, (byte) 0x02, (byte) 0x00, (byte) 0x00}; + static short getShort(byte[] array, int offset) { return (short) (((array[offset] & 0xFF) << 8) | (array[offset + 1] & 0xFF)); } @@ -64,7 +69,7 @@ public class SimpleAPDU { PrintECSupport(resp); } static void testSupportECAll(CardMngr cardManager) throws Exception { - byte[] testAPDU = Arrays.clone(TESTECSUPPORT_GIVENALG); + byte[] testAPDU = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); testAPDU[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_FP; setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 128); @@ -93,17 +98,73 @@ public class SimpleAPDU { testSupportECGivenAlg(testAPDU, cardManager); } - public static void main(String[] args) { + public static void main(String[] args) throws FileNotFoundException, IOException { + String logFileName = String.format("ECTESTER_log_%d.log", System.currentTimeMillis()); + FileOutputStream systemOutLogger = new FileOutputStream(logFileName); + m_SystemOutLogger = new DirtyLogger(systemOutLogger, true); + try { - // - // REAL CARDS - // - if (cardManager.ConnectToCard()) { + // Gather large number of ECC keypairs + if (cardManager.ConnectToCardSelect()) { + cardManager.sendAPDU(SELECT_ECTESTERAPPLET); + + String keyFileName = String.format("ECKEYS_%d.log", System.currentTimeMillis()); + FileOutputStream keysFile = new FileOutputStream(keyFileName); + + String message = "index;pubW;privS\n"; + keysFile.write(message.getBytes()); + byte[] gatherKeyAPDU = Arrays.copyOf(TESTECSUPPORT_GENERATEECCKEY, TESTECSUPPORT_GENERATEECCKEY.length); + // Prepare keypair object + gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_SETCURVE; + setShort(gatherKeyAPDU, (short) 5, (short) 192); // ecc length + ResponseAPDU respGather = cardManager.sendAPDU(gatherKeyAPDU); + // Generate new keypair + gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_GENERATEKEYPAIR; + int counter = 0; + while (true) { + counter++; + long elapsed = -System.nanoTime(); + respGather = cardManager.sendAPDU(gatherKeyAPDU); + elapsed += System.nanoTime(); + + byte[] data = respGather.getData(); + int offset = 0; + String pubKeyW = ""; + String privKeyS = ""; + if (data[offset] == EC_Consts.TAG_ECPUBKEY) { + offset++; + short len = getShort(data, offset); + offset += 2; + pubKeyW = CardMngr.bytesToHex(data, offset, len, false); + offset += len; + } + if (data[offset] == EC_Consts.TAG_ECPRIVKEY) { + offset++; + short len = getShort(data, offset); + offset += 2; + privKeyS = CardMngr.bytesToHex(data, offset, len, false); + offset += len; + } + + message = String.format("%d;%d;%s;%s\n", counter, elapsed / 1000000, pubKeyW, privKeyS); + keysFile.write(message.getBytes()); + + m_SystemOutLogger.flush(); + keysFile.flush(); + } + } + + if (cardManager.ConnectToCard()) { + byte[] testAPDU2 = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); + testAPDU2[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_FP; + setShort(testAPDU2, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 384); + testSupportECGivenAlg(testAPDU2, cardManager); + testSupportECAll(cardManager); // Test setting invalid parameter B of curve - byte[] testAPDU = Arrays.clone(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB); + byte[] testAPDU = Arrays.copyOf(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB, TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB.length); //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_LASTBYTEINCREMENT); testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_ONEBYTERANDOM); //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_FULLRANDOM); @@ -127,11 +188,13 @@ public class SimpleAPDU { cardManager.DisconnectFromCard(); } else { - System.out.println("Failed to connect to card"); + m_SystemOutLogger.println("Failed to connect to card"); } } catch (Exception ex) { - System.out.println("Exception : " + ex); + m_SystemOutLogger.println("Exception : " + ex); } + + systemOutLogger.close(); } static String getPrintError(short code) { @@ -175,11 +238,11 @@ public class SimpleAPDU { } static int VerifyPrintResult(String message, byte expectedTag, byte[] buffer, int bufferOffset, ExpResult expRes) { if (bufferOffset >= buffer.length) { - System.out.println(" No more data returned"); + m_SystemOutLogger.println(" No more data returned"); } else { if (buffer[bufferOffset] != expectedTag) { - System.out.println(" ERROR: mismatched tag"); + m_SystemOutLogger.println(" ERROR: mismatched tag"); assert(buffer[bufferOffset] == expectedTag); } bufferOffset++; @@ -194,10 +257,10 @@ public class SimpleAPDU { bHiglight = true; } if (bHiglight) { - System.out.println(String.format("!! %-50s%s", message, getPrintError(resCode))); + m_SystemOutLogger.println(String.format("!! %-50s%s", message, getPrintError(resCode))); } else { - System.out.println(String.format(" %-50s%s", message, getPrintError(resCode))); + m_SystemOutLogger.println(String.format(" %-50s%s", message, getPrintError(resCode))); } } return bufferOffset; @@ -205,8 +268,8 @@ public class SimpleAPDU { static void PrintECSupport(ResponseAPDU resp) { byte[] buffer = resp.getData(); - System.out.println(); - System.out.println("### Test for support and with valid and invalid EC curves"); + m_SystemOutLogger.println(); + m_SystemOutLogger.println("### Test for support and with valid and invalid EC curves"); int bufferOffset = 0; while (bufferOffset < buffer.length) { assert(buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); @@ -218,10 +281,10 @@ public class SimpleAPDU { if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { ecType = "ALG_EC_F2M"; } - System.out.println(String.format("%-53s%s", "EC type:", ecType)); + m_SystemOutLogger.println(String.format("%-53s%s", "EC type:", ecType)); bufferOffset++; short keyLen = getShort(buffer, bufferOffset); - System.out.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); + m_SystemOutLogger.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); bufferOffset += 2; bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); @@ -233,14 +296,14 @@ public class SimpleAPDU { bufferOffset = VerifyPrintResult("Set invalid custom curve (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); - System.out.println(); + m_SystemOutLogger.println(); } } static void PrintECKeyGenInvalidCurveB(ResponseAPDU resp) { byte[] buffer = resp.getData(); - System.out.println(); - System.out.println("### Test for computation with invalid parameter B for EC curve"); + m_SystemOutLogger.println(); + m_SystemOutLogger.println("### Test for computation with invalid parameter B for EC curve"); int bufferOffset = 0; while (bufferOffset < buffer.length) { assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); @@ -252,15 +315,15 @@ public class SimpleAPDU { if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { ecType = "ALG_EC_F2M"; } - System.out.println(String.format("%-53s%s", "EC type:", ecType)); + m_SystemOutLogger.println(String.format("%-53s%s", "EC type:", ecType)); bufferOffset++; short keyLen = getShort(buffer, bufferOffset); - System.out.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); + m_SystemOutLogger.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); bufferOffset += 2; short numRepeats = getShort(buffer, bufferOffset); bufferOffset += 2; - System.out.println(String.format("%-53s%d times", "Executed repeats before unexpected error: ", numRepeats)); + m_SystemOutLogger.println(String.format("%-53s%d times", "Executed repeats before unexpected error: ", numRepeats)); bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); @@ -274,16 +337,16 @@ public class SimpleAPDU { bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); } - System.out.println(); + m_SystemOutLogger.println(); } } static void PrintECKeyGenInvalidCurveB_lastUserParams(ResponseAPDU resp) { byte[] buffer = resp.getData(); short offset = 0; - System.out.print("Last used value of B: "); + m_SystemOutLogger.print("Last used value of B: "); while (offset < buffer.length) { - System.out.print(String.format("%x ", buffer[offset])); + m_SystemOutLogger.print(String.format("%x ", buffer[offset])); offset++; } -- cgit v1.2.3-70-g09d2 From 48c54c5520382b3d2bc4899b7e2197afba976a04 Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 26 Oct 2016 01:12:07 +0200 Subject: refactoring ECTester: created ECKeyGenerator, ECKeyTester --- src/applets/ECKeyGenerator.java | 179 +++++++++++++++++++++++++++++++++++++++ src/applets/ECKeyTester.java | 180 ++++++++++++++++++++++++++++++++++++++++ src/applets/EC_Consts.java | 7 +- 3 files changed, 363 insertions(+), 3 deletions(-) create mode 100644 src/applets/ECKeyGenerator.java create mode 100644 src/applets/ECKeyTester.java diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java new file mode 100644 index 0000000..ff2193c --- /dev/null +++ b/src/applets/ECKeyGenerator.java @@ -0,0 +1,179 @@ +package applets; + +import javacard.framework.ISO7816; +import javacard.framework.Util; +import javacard.security.CryptoException; +import javacard.security.ECPrivateKey; +import javacard.security.ECPublicKey; +import javacard.security.KeyPair; + +/** + * + */ +public class ECKeyGenerator { + + private KeyPair ecKeyPair = null; + private ECPrivateKey ecPrivateKey = null; + private ECPublicKey ecPublicKey = null; + + public static final byte PARAMETER_FP = 1; + public static final byte PARAMETER_F2M_ONE = 2; + public static final byte PARAMETER_F2M_THREE = 3; + public static final byte PARAMETER_A = 4; + public static final byte PARAMETER_B = 5; + public static final byte PARAMETER_G = 6; + public static final byte PARAMETER_R = 7; + public static final byte PARAMETER_K = 8; + + private static final byte PARAMETER_S = 9; //private key + private static final byte PARAMETER_W = 10;//public key + + public static final byte KEY_PUBLIC = 0x1; + public static final byte KEY_PRIVATE = 0x2; + public static final byte KEY_BOTH = KEY_PUBLIC & KEY_PRIVATE; + + public short allocatePair(byte algorithm, short keyLength) { + short result = ISO7816.SW_NO_ERROR; + try { + ecKeyPair = new KeyPair(algorithm, keyLength); + } catch (CryptoException ce) { + result = ce.getReason(); + } catch (Exception e) { + result = ISO7816.SW_UNKNOWN; + } + return result; + } + + public boolean isAlocated() { + return ecKeyPair != null && ecPrivateKey != null && ecPublicKey != null; + } + + public short generatePair() { + short result = ISO7816.SW_NO_ERROR; + try { + ecKeyPair.genKeyPair(); + ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); //TODO, do I want to keep private and pubkey separate from the keypair? + ecPublicKey = (ECPublicKey) ecKeyPair.getPublic(); + } catch (CryptoException ce) { + result = ce.getReason(); + } catch (Exception e) { + result = ISO7816.SW_UNKNOWN; + } + return result; + } + + public short setCustomCurve(byte keyClass, short keyLength) { + //TODO + return 0; + } + + public short setCustomCurve(byte curve) { + //TODO + return 0; + } + + public short setExternalParameter(byte key, byte param, byte[] data, short offset, short length) { + short result = ISO7816.SW_NO_ERROR; + try { + switch (param) { + case PARAMETER_FP: + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); + break; + case PARAMETER_F2M_ONE: + if (length != 2) { + result = ISO7816.SW_UNKNOWN; + } else { + short i = Util.makeShort(data[offset], data[(short) (offset + 1)]); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); + } + break; + case PARAMETER_F2M_THREE: + if (length != 6) { + result = ISO7816.SW_UNKNOWN; + } else { + short i1 = Util.makeShort(data[offset], data[(short) (offset + 1)]); + short i2 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); + short i3 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); + } + break; + case PARAMETER_A: + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setA(data, offset, length); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setA(data, offset, length); + break; + case PARAMETER_B: + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setB(data, offset, length); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setB(data, offset, length); + break; + case PARAMETER_G: + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setG(data, offset, length); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setG(data, offset, length); + break; + case PARAMETER_R: + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setR(data, offset, length); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setR(data, offset, length); + break; + case PARAMETER_K: + if (length != 2) { + result = ISO7816.SW_UNKNOWN; + } else { + short k = Util.makeShort(data[offset], data[(short) (offset + 1)]); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setK(k); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setK(k); + } + break; + case PARAMETER_S: + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); + break; + case PARAMETER_W: + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); + break; + default: + result = ISO7816.SW_UNKNOWN; + } + } catch (CryptoException ce) { + result = ce.getReason(); + } catch (Exception e) { + result = ISO7816.SW_UNKNOWN; + } + return result; + } + + public short exportParameter(byte key, byte param, byte[] outputBuffer, short outputOffset) { + if (key == KEY_BOTH) { + return ISO7816.SW_UNKNOWN; + } + short result = ISO7816.SW_NO_ERROR; + try { + switch(param){ + case PARAMETER_FP: + + break; + + default: + + } + } catch (CryptoException ce) { + + } catch (Exception e) { + + } + //TODO + return result; + } + + public ECPrivateKey getPrivateKey() { + return ecPrivateKey; + } + + public ECPublicKey getPublicKey() { + return ecPublicKey; + } + + public KeyPair getKeyPair() { + return ecKeyPair; + } +} diff --git a/src/applets/ECKeyTester.java b/src/applets/ECKeyTester.java new file mode 100644 index 0000000..91d7a8b --- /dev/null +++ b/src/applets/ECKeyTester.java @@ -0,0 +1,180 @@ +package applets; + + +import javacard.framework.ISO7816; +import javacard.security.*; + +/** + * Class capable of testing ECDH/C and ECDSA. + * Note that ECDH and ECDHC output should equal, only the algorithm is different. + */ +public class ECKeyTester { + private KeyAgreement ecdhKeyAgreement = null; + private KeyAgreement ecdhcKeyAgreement = null; + private Signature ecdsaSignature = null; + + public final static short SW_SIG_LENGTH_MISMATCH = (short) 0xee4; + public final static short SW_SIG_VERIFY_FAIL = (short) 0xee5; + + public short allocateECDH() { + short result = ISO7816.SW_NO_ERROR; + try { + ecdhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); + } catch (CryptoException ce) { + result = ce.getReason(); + } catch (Exception e) { + result = ISO7816.SW_UNKNOWN; + } + return result; + } + + public short allocateECDHC() { + short result = ISO7816.SW_NO_ERROR; + try { + ecdhcKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DHC, false); + } catch (CryptoException ce) { + result = ce.getReason(); + } catch (Exception e) { + result = ISO7816.SW_UNKNOWN; + } + return result; + } + + public short allocateECDSA() { + short result = ISO7816.SW_NO_ERROR; + try { + ecdsaSignature = Signature.getInstance(Signature.ALG_ECDSA_SHA, false); + } catch (CryptoException ce) { + result = ce.getReason(); + } catch (Exception e) { + result = ISO7816.SW_UNKNOWN; + } + return result; + } + + private short testDH(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + short result = ISO7816.SW_NO_ERROR; + try { + ka.init(privateKey); + + short secretLength = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + //TODO, figure out how to separate the return value of this method (short) error, and return the secretLenght.. + } catch (CryptoException ce) { + result = ce.getReason(); + } catch (Exception e) { + result = ISO7816.SW_UNKNOWN; + } + return result; + } + + private short testDH_validPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + return testDH(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + } + + private short testDH_invalidPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + pubkeyBuffer[(short)(pubkeyLength - 2)] += 0xcc; + pubkeyBuffer[(short)(pubkeyLength - 3)] += 0xcc; + short result = testDH(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + pubkeyBuffer[(short)(pubkeyLength - 2)] -= 0xcc; + pubkeyBuffer[(short)(pubkeyLength - 3)] -= 0xcc; + return result; + } + + /** + * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}. + * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. + * Output should equal with ECDHC output. + * @param privateKey + * @param publicKey + * @param pubkeyBuffer + * @param pubkeyOffset + * @param outputBuffer + * @param outputOffset + * @return ISO7816.SW_NO_ERROR on correct operation, + * exception reason otherwise + **/ + public short testECDH_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testDH_validPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, (short) pubkeyBuffer.length, outputBuffer, outputOffset); + } + + public short testECDH_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testDH_invalidPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, (short) pubkeyBuffer.length, outputBuffer, outputOffset); + } + + + /** + * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}. + * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. + * Output should equal to ECDH output. + * @param privateKey + * @param publicKey + * @param pubkeyBuffer + * @param pubkeyOffset + * @param outputBuffer + * @param outputOffset + * @return ISO7816.SW_NO_ERROR on correct operation, + * exception reason otherwise + */ + public short testECDHC_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testDH_validPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, (short) pubkeyBuffer.length, outputBuffer, outputOffset); + } + + public short testECDHC_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testDH_invalidPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, (short) pubkeyBuffer.length, outputBuffer, outputOffset); + } + + /** + * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. + * Then checks for correct signature length. + * Then tries verifying the data with {@code verifyKey}. + * @param signKey + * @param verifyKey + * @param inputBuffer + * @param inputOffset + * @param inputLength + * @param sigBuffer + * @param sigOffset + * @return ISO7816.SW_NO_ERROR on correct operation, + * SW_SIG_VERIFY_FAIL, + * SW_SIG_LENGTH_MISMATCH + */ + public short testECDSA(ECPrivateKey signKey, ECPublicKey verifyKey, byte[] inputBuffer, short inputOffset, short inputLength, byte[] sigBuffer, short sigOffset) { + short result = ISO7816.SW_NO_ERROR; + try { + ecdsaSignature.init(signKey, Signature.MODE_SIGN); + + short sigLength = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset); + if (sigLength != 20) { // per javacard.security.Signature an ALG_ECDSA_SHA should be 20 bytes. + result = ECKeyTester.SW_SIG_LENGTH_MISMATCH; + } else { + ecdsaSignature.init(verifyKey, Signature.MODE_VERIFY); + boolean correct = ecdsaSignature.verify(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset, sigLength); + if (!correct) { + result = ECKeyTester.SW_SIG_VERIFY_FAIL; + } + } + } catch (CryptoException ce) { + result = ce.getReason(); + } catch (Exception e) { + result = ISO7816.SW_UNKNOWN; + } + return result; + } + + public KeyAgreement getECDH() { + return ecdhKeyAgreement; + } + + public KeyAgreement getECDHC() { + return ecdhcKeyAgreement; + } + + public Signature getECDSA() { + return ecdsaSignature; + } + +} diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index b7128dc..3758f0b 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -485,14 +485,15 @@ public class EC_Consts { (byte) 0x91, (byte) 0x38, (byte) 0x64, (byte) 0x09}; // cofactor of G - public static final short EC521_FP_K = 1; + public static final short EC521_FP_K = 1; + + public static final byte VALID_KEY = 1; public static final byte INVALIDB_FIXED = 2; public static final byte INVALIDB_RANDOM = 3; - - + public static void setValidECKeyParams(ECPublicKey ecPubKey, ECPrivateKey ecPrivKey, byte ecClass, short ecLength, byte[] auxBuffer) { setECKeyParams(ecPubKey, ecPrivKey, ecClass, ecLength, auxBuffer, VALID_KEY); } -- cgit v1.2.3-70-g09d2 From b4d72715e7d770b4925fef70a192665744a6273d Mon Sep 17 00:00:00 2001 From: J08nY Date: Sun, 30 Oct 2016 17:58:27 +0100 Subject: EC_Consts: added F2M curve support, + F2M curve sect163r1 to start --- src/applets/ECKeyGenerator.java | 143 +++-- src/applets/ECKeyTester.java | 1 + src/applets/EC_Consts.java | 1238 ++++++++++++++++++++++---------------- src/applets/SimpleECCApplet.java | 699 ++++++++------------- src/simpleapdu/SimpleAPDU.java | 75 +-- 5 files changed, 1087 insertions(+), 1069 deletions(-) diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java index ff2193c..c7155de 100644 --- a/src/applets/ECKeyGenerator.java +++ b/src/applets/ECKeyGenerator.java @@ -16,26 +16,17 @@ public class ECKeyGenerator { private ECPrivateKey ecPrivateKey = null; private ECPublicKey ecPublicKey = null; - public static final byte PARAMETER_FP = 1; - public static final byte PARAMETER_F2M_ONE = 2; - public static final byte PARAMETER_F2M_THREE = 3; - public static final byte PARAMETER_A = 4; - public static final byte PARAMETER_B = 5; - public static final byte PARAMETER_G = 6; - public static final byte PARAMETER_R = 7; - public static final byte PARAMETER_K = 8; - - private static final byte PARAMETER_S = 9; //private key - private static final byte PARAMETER_W = 10;//public key - public static final byte KEY_PUBLIC = 0x1; public static final byte KEY_PRIVATE = 0x2; public static final byte KEY_BOTH = KEY_PUBLIC & KEY_PRIVATE; + public short allocatePair(byte algorithm, short keyLength) { short result = ISO7816.SW_NO_ERROR; try { ecKeyPair = new KeyPair(algorithm, keyLength); + ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); + ecPublicKey = (ECPublicKey) ecKeyPair.getPublic(); } catch (CryptoException ce) { result = ce.getReason(); } catch (Exception e) { @@ -44,7 +35,7 @@ public class ECKeyGenerator { return result; } - public boolean isAlocated() { + public boolean isAllocated() { return ecKeyPair != null && ecPrivateKey != null && ecPublicKey != null; } @@ -52,7 +43,7 @@ public class ECKeyGenerator { short result = ISO7816.SW_NO_ERROR; try { ecKeyPair.genKeyPair(); - ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); //TODO, do I want to keep private and pubkey separate from the keypair? + ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); ecPublicKey = (ECPublicKey) ecKeyPair.getPublic(); } catch (CryptoException ce) { result = ce.getReason(); @@ -62,61 +53,84 @@ public class ECKeyGenerator { return result; } - public short setCustomCurve(byte keyClass, short keyLength) { - //TODO - return 0; + public short setCustomCurve(byte keyClass, short keyLength, byte[] buffer, short offset) { + return setCustomCurve(EC_Consts.getCurve(keyClass, keyLength), buffer, offset); + } + + public short setCustomCurve(byte curve, byte[] buffer, short offset) { + byte alg = EC_Consts.getCurveType(curve); + short sw = ISO7816.SW_NO_ERROR; + short length; + if (alg == KeyPair.ALG_EC_FP) { + length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_FP, buffer, offset); + sw = setExternalParameter(KEY_BOTH, EC_Consts.PARAMETER_FP, buffer, offset, length); + } else if (alg == KeyPair.ALG_EC_F2M) { + length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_F2M, buffer, offset); + sw = setExternalParameter(KEY_BOTH, EC_Consts.PARAMETER_F2M, buffer, offset, length); + } + if (sw != ISO7816.SW_NO_ERROR) return sw; + + for (byte param = EC_Consts.PARAMETER_A; param < EC_Consts.PARAMETER_K; ++param) { + length = EC_Consts.getCurveParameter(curve, param, buffer, offset); + sw = setExternalParameter(KEY_BOTH, param, buffer, offset, length); + if (sw != ISO7816.SW_NO_ERROR) break; + } + return sw; + } + + public short setCustomInvalidCurve(short keyClass, short keyLength, byte key, byte param, short corruptionType, byte[] buffer, short offset) { + return setCustomInvalidCurve(EC_Consts.getCurve(keyClass, keyLength), key, param, corruptionType, buffer, offset); } - public short setCustomCurve(byte curve) { - //TODO - return 0; + public short setCustomInvalidCurve(byte curve, byte key, byte param, short corruptionType, byte[] buffer, short offset) { + short sw = setCustomCurve(curve, buffer, offset); + if (sw != ISO7816.SW_NO_ERROR) return sw; + + short length = EC_Consts.getCorruptCurveParameter(curve, param, buffer, offset, corruptionType); + sw = setExternalParameter(key, param, buffer, offset, length); + return sw; } public short setExternalParameter(byte key, byte param, byte[] data, short offset, short length) { short result = ISO7816.SW_NO_ERROR; try { switch (param) { - case PARAMETER_FP: + case EC_Consts.PARAMETER_FP: if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); break; - case PARAMETER_F2M_ONE: - if (length != 2) { - result = ISO7816.SW_UNKNOWN; - } else { + case EC_Consts.PARAMETER_F2M: + if (length == 2) { short i = Util.makeShort(data[offset], data[(short) (offset + 1)]); if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); - } - break; - case PARAMETER_F2M_THREE: - if (length != 6) { - result = ISO7816.SW_UNKNOWN; - } else { + } else if (length == 6) { short i1 = Util.makeShort(data[offset], data[(short) (offset + 1)]); short i2 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); short i3 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); + } else { + result = ISO7816.SW_UNKNOWN; } break; - case PARAMETER_A: + case EC_Consts.PARAMETER_A: if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setA(data, offset, length); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setA(data, offset, length); break; - case PARAMETER_B: + case EC_Consts.PARAMETER_B: if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setB(data, offset, length); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setB(data, offset, length); break; - case PARAMETER_G: + case EC_Consts.PARAMETER_G: if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setG(data, offset, length); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setG(data, offset, length); break; - case PARAMETER_R: + case EC_Consts.PARAMETER_R: if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setR(data, offset, length); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setR(data, offset, length); break; - case PARAMETER_K: + case EC_Consts.PARAMETER_K: if (length != 2) { result = ISO7816.SW_UNKNOWN; } else { @@ -125,10 +139,10 @@ public class ECKeyGenerator { if ((key & KEY_PUBLIC) != 0) ecPublicKey.setK(k); } break; - case PARAMETER_S: + case EC_Consts.PARAMETER_S: if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); break; - case PARAMETER_W: + case EC_Consts.PARAMETER_W: if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); break; default: @@ -142,27 +156,54 @@ public class ECKeyGenerator { return result; } - public short exportParameter(byte key, byte param, byte[] outputBuffer, short outputOffset) { + public short exportParameter(byte key, short param, byte[] outputBuffer, short outputOffset) { if (key == KEY_BOTH) { - return ISO7816.SW_UNKNOWN; - } - short result = ISO7816.SW_NO_ERROR; + return -1; + }//TODO: change error handling. + short length = 0; try { - switch(param){ - case PARAMETER_FP: - + switch (param) { + case EC_Consts.PARAMETER_FP: + case EC_Consts.PARAMETER_F2M: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getField(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_A: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getA(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getA(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_B: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getB(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getB(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_G: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getG(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getG(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_R: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getR(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getR(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_K: + if ((key & KEY_PUBLIC) != 0) Util.setShort(outputBuffer, outputOffset, ecPublicKey.getK()); + if ((key & KEY_PRIVATE) != 0) Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK()); + length = 2; + break; + case EC_Consts.PARAMETER_S: + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_W: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset); break; - default: - + length = -1; } } catch (CryptoException ce) { - + length = -1; } catch (Exception e) { - + length = -1; } - //TODO - return result; + return length; } public ECPrivateKey getPrivateKey() { diff --git a/src/applets/ECKeyTester.java b/src/applets/ECKeyTester.java index 91d7a8b..757ece7 100644 --- a/src/applets/ECKeyTester.java +++ b/src/applets/ECKeyTester.java @@ -13,6 +13,7 @@ public class ECKeyTester { private KeyAgreement ecdhcKeyAgreement = null; private Signature ecdsaSignature = null; + //TODO: move these SW definitions to the main applet class. public final static short SW_SIG_LENGTH_MISMATCH = (short) 0xee4; public final static short SW_SIG_VERIFY_FAIL = (short) 0xee5; diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index 3758f0b..7521979 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -3,642 +3,812 @@ package applets; import javacard.framework.ISO7816; import javacard.framework.ISOException; import javacard.framework.Util; -import javacard.security.ECPrivateKey; -import javacard.security.ECPublicKey; import javacard.security.KeyPair; import javacard.security.RandomData; public class EC_Consts { - public static byte[] EC_FP_P = null; - public static byte[] EC_FP_A = null; - public static byte[] EC_FP_B = null; - public static byte[] EC_FP_G_X = null; - public static byte[] EC_FP_G_Y = null; - public static byte[] EC_FP_R = null; - public static short EC_FP_K = 1; - - public static RandomData m_random = null; + private static byte[] EC_FP_P = null; //p + private static byte[] EC_A = null; //a + private static byte[] EC_B = null; //b + private static byte[] EC_G_X = null; //G[x,y] + private static byte[] EC_G_Y = null; // + private static byte[] EC_R = null; //n + private static short EC_K = 1; //h + + private static byte[] EC_F2M_F2M = null; //[short ii, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 + + public static final byte PARAMETER_FP = 1; + public static final byte PARAMETER_F2M = 2; + + public static final byte PARAMETER_A = 3; + public static final byte PARAMETER_B = 4; + public static final byte PARAMETER_G = 5; + public static final byte PARAMETER_R = 6; + public static final byte PARAMETER_K = 7; + + //TODO make params maskable, to allow for PARAMETER_A | PARAMETER_B passed to for example ECKeyGenerator.setInvalidCustomCurve + public static final byte PARAMETER_S = 8; //private key + public static final byte PARAMETER_W = 9; //public key + + + public static RandomData m_random = null; // secp128r1 public static final byte[] EC128_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + public static final byte[] EC128_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + public static final byte[] EC128_FP_B = new byte[]{ - (byte) 0xE8, (byte) 0x75, (byte) 0x79, (byte) 0xC1, - (byte) 0x10, (byte) 0x79, (byte) 0xF4, (byte) 0x3D, - (byte) 0xD8, (byte) 0x24, (byte) 0x99, (byte) 0x3C, - (byte) 0x2C, (byte) 0xEE, (byte) 0x5E, (byte) 0xD3}; - + (byte) 0xE8, (byte) 0x75, (byte) 0x79, (byte) 0xC1, + (byte) 0x10, (byte) 0x79, (byte) 0xF4, (byte) 0x3D, + (byte) 0xD8, (byte) 0x24, (byte) 0x99, (byte) 0x3C, + (byte) 0x2C, (byte) 0xEE, (byte) 0x5E, (byte) 0xD3}; + // G in compressed form / first part of ucompressed public static final byte[] EC128_FP_G_X = new byte[]{ - (byte) 0x16, (byte) 0x1F, (byte) 0xF7, (byte) 0x52, - (byte) 0x8B, (byte) 0x89, (byte) 0x9B, (byte) 0x2D, - (byte) 0x0C, (byte) 0x28, (byte) 0x60, (byte) 0x7C, - (byte) 0xA5, (byte) 0x2C, (byte) 0x5B, (byte) 0x86 }; - + (byte) 0x16, (byte) 0x1F, (byte) 0xF7, (byte) 0x52, + (byte) 0x8B, (byte) 0x89, (byte) 0x9B, (byte) 0x2D, + (byte) 0x0C, (byte) 0x28, (byte) 0x60, (byte) 0x7C, + (byte) 0xA5, (byte) 0x2C, (byte) 0x5B, (byte) 0x86}; + // second part of G uncompressed public static final byte[] EC128_FP_G_Y = new byte[]{ - (byte) 0xCF, (byte) 0x5A, (byte) 0xC8, (byte) 0x39, - (byte) 0x5B, (byte) 0xAF, (byte) 0xEB, (byte) 0x13, - (byte) 0xC0, (byte) 0x2D, (byte) 0xA2, (byte) 0x92, - (byte) 0xDD, (byte) 0xED, (byte) 0x7A, (byte) 0x83}; + (byte) 0xCF, (byte) 0x5A, (byte) 0xC8, (byte) 0x39, + (byte) 0x5B, (byte) 0xAF, (byte) 0xEB, (byte) 0x13, + (byte) 0xC0, (byte) 0x2D, (byte) 0xA2, (byte) 0x92, + (byte) 0xDD, (byte) 0xED, (byte) 0x7A, (byte) 0x83}; // Order of G public static final byte[] EC128_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x75, (byte) 0xA3, (byte) 0x0D, (byte) 0x1B, - (byte) 0x90, (byte) 0x38, (byte) 0xA1, (byte) 0x15}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x75, (byte) 0xA3, (byte) 0x0D, (byte) 0x1B, + (byte) 0x90, (byte) 0x38, (byte) 0xA1, (byte) 0x15}; // cofactor of G public static final short EC128_FP_K = 1; - + // secp160r1 public static final byte[] EC160_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; public static final byte[] EC160_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; public static final byte[] EC160_FP_B = new byte[]{ - (byte) 0x1C, (byte) 0x97, (byte) 0xBE, (byte) 0xFC, - (byte) 0x54, (byte) 0xBD, (byte) 0x7A, (byte) 0x8B, - (byte) 0x65, (byte) 0xAC, (byte) 0xF8, (byte) 0x9F, - (byte) 0x81, (byte) 0xD4, (byte) 0xD4, (byte) 0xAD, - (byte) 0xC5, (byte) 0x65, (byte) 0xFA, (byte) 0x45}; + (byte) 0x1C, (byte) 0x97, (byte) 0xBE, (byte) 0xFC, + (byte) 0x54, (byte) 0xBD, (byte) 0x7A, (byte) 0x8B, + (byte) 0x65, (byte) 0xAC, (byte) 0xF8, (byte) 0x9F, + (byte) 0x81, (byte) 0xD4, (byte) 0xD4, (byte) 0xAD, + (byte) 0xC5, (byte) 0x65, (byte) 0xFA, (byte) 0x45}; // G in compressed form / first part of ucompressed public static final byte[] EC160_FP_G_X = new byte[]{ - (byte) 0x4A, (byte) 0x96, (byte) 0xB5, (byte) 0x68, - (byte) 0x8E, (byte) 0xF5, (byte) 0x73, (byte) 0x28, - (byte) 0x46, (byte) 0x64, (byte) 0x69, (byte) 0x89, - (byte) 0x68, (byte) 0xC3, (byte) 0x8B, (byte) 0xB9, - (byte) 0x13, (byte) 0xCB, (byte) 0xFC, (byte) 0x82}; + (byte) 0x4A, (byte) 0x96, (byte) 0xB5, (byte) 0x68, + (byte) 0x8E, (byte) 0xF5, (byte) 0x73, (byte) 0x28, + (byte) 0x46, (byte) 0x64, (byte) 0x69, (byte) 0x89, + (byte) 0x68, (byte) 0xC3, (byte) 0x8B, (byte) 0xB9, + (byte) 0x13, (byte) 0xCB, (byte) 0xFC, (byte) 0x82}; // second part of G uncompressed public static final byte[] EC160_FP_G_Y = new byte[]{ - (byte) 0x23, (byte) 0xA6, (byte) 0x28, (byte) 0x55, - (byte) 0x31, (byte) 0x68, (byte) 0x94, (byte) 0x7D, - (byte) 0x59, (byte) 0xDC, (byte) 0xC9, (byte) 0x12, - (byte) 0x04, (byte) 0x23, (byte) 0x51, (byte) 0x37, - (byte) 0x7A, (byte) 0xC5, (byte) 0xFB, (byte) 0x32}; + (byte) 0x23, (byte) 0xA6, (byte) 0x28, (byte) 0x55, + (byte) 0x31, (byte) 0x68, (byte) 0x94, (byte) 0x7D, + (byte) 0x59, (byte) 0xDC, (byte) 0xC9, (byte) 0x12, + (byte) 0x04, (byte) 0x23, (byte) 0x51, (byte) 0x37, + (byte) 0x7A, (byte) 0xC5, (byte) 0xFB, (byte) 0x32}; // Order of G public static final byte[] EC160_FP_R = new byte[]{ - (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x01, (byte) 0xF4, (byte) 0xC8, - (byte) 0xF9, (byte) 0x27, (byte) 0xAE, (byte) 0xD3, - (byte) 0xCA, (byte) 0x75, (byte) 0x22, (byte) 0x57}; + (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x01, (byte) 0xF4, (byte) 0xC8, + (byte) 0xF9, (byte) 0x27, (byte) 0xAE, (byte) 0xD3, + (byte) 0xCA, (byte) 0x75, (byte) 0x22, (byte) 0x57}; // cofactor of G - public static final short EC160_FP_K = 1; - - + public static final short EC160_FP_K = 1; + + // secp192r1 from http://www.secg.org/sec2-v2.pdf public static final byte[] EC192_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; public static final byte[] EC192_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; public static final byte[] EC192_FP_B = new byte[]{ - (byte) 0x64, (byte) 0x21, (byte) 0x05, (byte) 0x19, - (byte) 0xE5, (byte) 0x9C, (byte) 0x80, (byte) 0xE7, - (byte) 0x0F, (byte) 0xA7, (byte) 0xE9, (byte) 0xAB, - (byte) 0x72, (byte) 0x24, (byte) 0x30, (byte) 0x49, - (byte) 0xFE, (byte) 0xB8, (byte) 0xDE, (byte) 0xEC, - (byte) 0xC1, (byte) 0x46, (byte) 0xB9, (byte) 0xB1}; + (byte) 0x64, (byte) 0x21, (byte) 0x05, (byte) 0x19, + (byte) 0xE5, (byte) 0x9C, (byte) 0x80, (byte) 0xE7, + (byte) 0x0F, (byte) 0xA7, (byte) 0xE9, (byte) 0xAB, + (byte) 0x72, (byte) 0x24, (byte) 0x30, (byte) 0x49, + (byte) 0xFE, (byte) 0xB8, (byte) 0xDE, (byte) 0xEC, + (byte) 0xC1, (byte) 0x46, (byte) 0xB9, (byte) 0xB1}; // G in compressed form / first part of ucompressed public static final byte[] EC192_FP_G_X = new byte[]{ - (byte) 0x18, (byte) 0x8D, (byte) 0xA8, (byte) 0x0E, - (byte) 0xB0, (byte) 0x30, (byte) 0x90, (byte) 0xF6, - (byte) 0x7C, (byte) 0xBF, (byte) 0x20, (byte) 0xEB, - (byte) 0x43, (byte) 0xA1, (byte) 0x88, (byte) 0x00, - (byte) 0xF4, (byte) 0xFF, (byte) 0x0A, (byte) 0xFD, - (byte) 0x82, (byte) 0xFF, (byte) 0x10, (byte) 0x12}; + (byte) 0x18, (byte) 0x8D, (byte) 0xA8, (byte) 0x0E, + (byte) 0xB0, (byte) 0x30, (byte) 0x90, (byte) 0xF6, + (byte) 0x7C, (byte) 0xBF, (byte) 0x20, (byte) 0xEB, + (byte) 0x43, (byte) 0xA1, (byte) 0x88, (byte) 0x00, + (byte) 0xF4, (byte) 0xFF, (byte) 0x0A, (byte) 0xFD, + (byte) 0x82, (byte) 0xFF, (byte) 0x10, (byte) 0x12}; // second part of G uncompressed - public static final byte[] EC192_FP_G_Y = new byte[]{ - (byte) 0x07, (byte) 0x19, (byte) 0x2B, (byte) 0x95, - (byte) 0xFF, (byte) 0xC8, (byte) 0xDA, (byte) 0x78, - (byte) 0x63, (byte) 0x10, (byte) 0x11, (byte) 0xED, - (byte) 0x6B, (byte) 0x24, (byte) 0xCD, (byte) 0xD5, - (byte) 0x73, (byte) 0xF9, (byte) 0x77, (byte) 0xA1, - (byte) 0x1E, (byte) 0x79, (byte) 0x48, (byte) 0x11}; + public static final byte[] EC192_FP_G_Y = new byte[]{ + (byte) 0x07, (byte) 0x19, (byte) 0x2B, (byte) 0x95, + (byte) 0xFF, (byte) 0xC8, (byte) 0xDA, (byte) 0x78, + (byte) 0x63, (byte) 0x10, (byte) 0x11, (byte) 0xED, + (byte) 0x6B, (byte) 0x24, (byte) 0xCD, (byte) 0xD5, + (byte) 0x73, (byte) 0xF9, (byte) 0x77, (byte) 0xA1, + (byte) 0x1E, (byte) 0x79, (byte) 0x48, (byte) 0x11}; // Order of G public static final byte[] EC192_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x99, (byte) 0xDE, (byte) 0xF8, (byte) 0x36, - (byte) 0x14, (byte) 0x6B, (byte) 0xC9, (byte) 0xB1, - (byte) 0xB4, (byte) 0xD2, (byte) 0x28, (byte) 0x31}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x99, (byte) 0xDE, (byte) 0xF8, (byte) 0x36, + (byte) 0x14, (byte) 0x6B, (byte) 0xC9, (byte) 0xB1, + (byte) 0xB4, (byte) 0xD2, (byte) 0x28, (byte) 0x31}; // cofactor of G - public static final short EC192_FP_K = 1; - + public static final short EC192_FP_K = 1; + // secp224r1 from http://www.secg.org/sec2-v2.pdf public static final byte[] EC224_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01}; - + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01}; + public static final byte[] EC224_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE}; - + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE}; + public static final byte[] EC224_FP_B = new byte[]{ - (byte) 0xB4, (byte) 0x05, (byte) 0x0A, (byte) 0x85, - (byte) 0x0C, (byte) 0x04, (byte) 0xB3, (byte) 0xAB, - (byte) 0xF5, (byte) 0x41, (byte) 0x32, (byte) 0x56, - (byte) 0x50, (byte) 0x44, (byte) 0xB0, (byte) 0xB7, - (byte) 0xD7, (byte) 0xBF, (byte) 0xD8, (byte) 0xBA, - (byte) 0x27, (byte) 0x0B, (byte) 0x39, (byte) 0x43, - (byte) 0x23, (byte) 0x55, (byte) 0xFF, (byte) 0xB4}; - + (byte) 0xB4, (byte) 0x05, (byte) 0x0A, (byte) 0x85, + (byte) 0x0C, (byte) 0x04, (byte) 0xB3, (byte) 0xAB, + (byte) 0xF5, (byte) 0x41, (byte) 0x32, (byte) 0x56, + (byte) 0x50, (byte) 0x44, (byte) 0xB0, (byte) 0xB7, + (byte) 0xD7, (byte) 0xBF, (byte) 0xD8, (byte) 0xBA, + (byte) 0x27, (byte) 0x0B, (byte) 0x39, (byte) 0x43, + (byte) 0x23, (byte) 0x55, (byte) 0xFF, (byte) 0xB4}; + // G in compressed form / first part of ucompressed public static final byte[] EC224_FP_G_X = new byte[]{ - (byte) 0xB7, (byte) 0x0E, (byte) 0x0C, (byte) 0xBD, - (byte) 0x6B, (byte) 0xB4, (byte) 0xBF, (byte) 0x7F, - (byte) 0x32, (byte) 0x13, (byte) 0x90, (byte) 0xB9, - (byte) 0x4A, (byte) 0x03, (byte) 0xC1, (byte) 0xD3, - (byte) 0x56, (byte) 0xC2, (byte) 0x11, (byte) 0x22, - (byte) 0x34, (byte) 0x32, (byte) 0x80, (byte) 0xD6, - (byte) 0x11, (byte) 0x5C, (byte) 0x1D, (byte) 0x21}; + (byte) 0xB7, (byte) 0x0E, (byte) 0x0C, (byte) 0xBD, + (byte) 0x6B, (byte) 0xB4, (byte) 0xBF, (byte) 0x7F, + (byte) 0x32, (byte) 0x13, (byte) 0x90, (byte) 0xB9, + (byte) 0x4A, (byte) 0x03, (byte) 0xC1, (byte) 0xD3, + (byte) 0x56, (byte) 0xC2, (byte) 0x11, (byte) 0x22, + (byte) 0x34, (byte) 0x32, (byte) 0x80, (byte) 0xD6, + (byte) 0x11, (byte) 0x5C, (byte) 0x1D, (byte) 0x21}; // second part of G uncompressed public static final byte[] EC224_FP_G_Y = new byte[]{ - (byte) 0xBD, (byte) 0x37, (byte) 0x63, (byte) 0x88, - (byte) 0xB5, (byte) 0xF7, (byte) 0x23, (byte) 0xFB, - (byte) 0x4C, (byte) 0x22, (byte) 0xDF, (byte) 0xE6, - (byte) 0xCD, (byte) 0x43, (byte) 0x75, (byte) 0xA0, - (byte) 0x5A, (byte) 0x07, (byte) 0x47, (byte) 0x64, - (byte) 0x44, (byte) 0xD5, (byte) 0x81, (byte) 0x99, - (byte) 0x85, (byte) 0x00, (byte) 0x7E, (byte) 0x34}; + (byte) 0xBD, (byte) 0x37, (byte) 0x63, (byte) 0x88, + (byte) 0xB5, (byte) 0xF7, (byte) 0x23, (byte) 0xFB, + (byte) 0x4C, (byte) 0x22, (byte) 0xDF, (byte) 0xE6, + (byte) 0xCD, (byte) 0x43, (byte) 0x75, (byte) 0xA0, + (byte) 0x5A, (byte) 0x07, (byte) 0x47, (byte) 0x64, + (byte) 0x44, (byte) 0xD5, (byte) 0x81, (byte) 0x99, + (byte) 0x85, (byte) 0x00, (byte) 0x7E, (byte) 0x34}; // Order of G public static final byte[] EC224_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0x16, (byte) 0xA2, - (byte) 0xE0, (byte) 0xB8, (byte) 0xF0, (byte) 0x3E, - (byte) 0x13, (byte) 0xDD, (byte) 0x29, (byte) 0x45, - (byte) 0x5C, (byte) 0x5C, (byte) 0x2A, (byte) 0x3D}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0x16, (byte) 0xA2, + (byte) 0xE0, (byte) 0xB8, (byte) 0xF0, (byte) 0x3E, + (byte) 0x13, (byte) 0xDD, (byte) 0x29, (byte) 0x45, + (byte) 0x5C, (byte) 0x5C, (byte) 0x2A, (byte) 0x3D}; // cofactor of G - public static final short EC224_FP_K = 1; - + public static final short EC224_FP_K = 1; + // secp256r1 from http://www.secg.org/sec2-v2.pdf public static final byte[] EC256_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; public static final byte[] EC256_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; public static final byte[] EC256_FP_B = new byte[]{ - (byte) 0x5A, (byte) 0xC6, (byte) 0x35, (byte) 0xD8, - (byte) 0xAA, (byte) 0x3A, (byte) 0x93, (byte) 0xE7, - (byte) 0xB3, (byte) 0xEB, (byte) 0xBD, (byte) 0x55, - (byte) 0x76, (byte) 0x98, (byte) 0x86, (byte) 0xBC, - (byte) 0x65, (byte) 0x1D, (byte) 0x06, (byte) 0xB0, - (byte) 0xCC, (byte) 0x53, (byte) 0xB0, (byte) 0xF6, - (byte) 0x3B, (byte) 0xCE, (byte) 0x3C, (byte) 0x3E, - (byte) 0x27, (byte) 0xD2, (byte) 0x60, (byte) 0x4B}; + (byte) 0x5A, (byte) 0xC6, (byte) 0x35, (byte) 0xD8, + (byte) 0xAA, (byte) 0x3A, (byte) 0x93, (byte) 0xE7, + (byte) 0xB3, (byte) 0xEB, (byte) 0xBD, (byte) 0x55, + (byte) 0x76, (byte) 0x98, (byte) 0x86, (byte) 0xBC, + (byte) 0x65, (byte) 0x1D, (byte) 0x06, (byte) 0xB0, + (byte) 0xCC, (byte) 0x53, (byte) 0xB0, (byte) 0xF6, + (byte) 0x3B, (byte) 0xCE, (byte) 0x3C, (byte) 0x3E, + (byte) 0x27, (byte) 0xD2, (byte) 0x60, (byte) 0x4B}; // G in compressed form / first part of ucompressed public static final byte[] EC256_FP_G_X = new byte[]{ - (byte) 0x6B, (byte) 0x17, (byte) 0xD1, (byte) 0xF2, - (byte) 0xE1, (byte) 0x2C, (byte) 0x42, (byte) 0x47, - (byte) 0xF8, (byte) 0xBC, (byte) 0xE6, (byte) 0xE5, - (byte) 0x63, (byte) 0xA4, (byte) 0x40, (byte) 0xF2, - (byte) 0x77, (byte) 0x03, (byte) 0x7D, (byte) 0x81, - (byte) 0x2D, (byte) 0xEB, (byte) 0x33, (byte) 0xA0, - (byte) 0xF4, (byte) 0xA1, (byte) 0x39, (byte) 0x45, - (byte) 0xD8, (byte) 0x98, (byte) 0xC2, (byte) 0x96}; + (byte) 0x6B, (byte) 0x17, (byte) 0xD1, (byte) 0xF2, + (byte) 0xE1, (byte) 0x2C, (byte) 0x42, (byte) 0x47, + (byte) 0xF8, (byte) 0xBC, (byte) 0xE6, (byte) 0xE5, + (byte) 0x63, (byte) 0xA4, (byte) 0x40, (byte) 0xF2, + (byte) 0x77, (byte) 0x03, (byte) 0x7D, (byte) 0x81, + (byte) 0x2D, (byte) 0xEB, (byte) 0x33, (byte) 0xA0, + (byte) 0xF4, (byte) 0xA1, (byte) 0x39, (byte) 0x45, + (byte) 0xD8, (byte) 0x98, (byte) 0xC2, (byte) 0x96}; // second part of G uncompressed public static final byte[] EC256_FP_G_Y = new byte[]{ - (byte) 0x4F, (byte) 0xE3, (byte) 0x42, (byte) 0xE2, - (byte) 0xFE, (byte) 0x1A, (byte) 0x7F, (byte) 0x9B, - (byte) 0x8E, (byte) 0xE7, (byte) 0xEB, (byte) 0x4A, - (byte) 0x7C, (byte) 0x0F, (byte) 0x9E, (byte) 0x16, - (byte) 0x2B, (byte) 0xCE, (byte) 0x33, (byte) 0x57, - (byte) 0x6B, (byte) 0x31, (byte) 0x5E, (byte) 0xCE, - (byte) 0xCB, (byte) 0xB6, (byte) 0x40, (byte) 0x68, - (byte) 0x37, (byte) 0xBF, (byte) 0x51, (byte) 0xF5}; + (byte) 0x4F, (byte) 0xE3, (byte) 0x42, (byte) 0xE2, + (byte) 0xFE, (byte) 0x1A, (byte) 0x7F, (byte) 0x9B, + (byte) 0x8E, (byte) 0xE7, (byte) 0xEB, (byte) 0x4A, + (byte) 0x7C, (byte) 0x0F, (byte) 0x9E, (byte) 0x16, + (byte) 0x2B, (byte) 0xCE, (byte) 0x33, (byte) 0x57, + (byte) 0x6B, (byte) 0x31, (byte) 0x5E, (byte) 0xCE, + (byte) 0xCB, (byte) 0xB6, (byte) 0x40, (byte) 0x68, + (byte) 0x37, (byte) 0xBF, (byte) 0x51, (byte) 0xF5}; // Order of G public static final byte[] EC256_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xBC, (byte) 0xE6, (byte) 0xFA, (byte) 0xAD, - (byte) 0xA7, (byte) 0x17, (byte) 0x9E, (byte) 0x84, - (byte) 0xF3, (byte) 0xB9, (byte) 0xCA, (byte) 0xC2, - (byte) 0xFC, (byte) 0x63, (byte) 0x25, (byte) 0x51}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xBC, (byte) 0xE6, (byte) 0xFA, (byte) 0xAD, + (byte) 0xA7, (byte) 0x17, (byte) 0x9E, (byte) 0x84, + (byte) 0xF3, (byte) 0xB9, (byte) 0xCA, (byte) 0xC2, + (byte) 0xFC, (byte) 0x63, (byte) 0x25, (byte) 0x51}; // cofactor of G - public static final short EC256_FP_K = 1; - + public static final short EC256_FP_K = 1; + // secp384r1 from http://www.secg.org/sec2-v2.pdf public static final byte[] EC384_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + public static final byte[] EC384_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + public static final byte[] EC384_FP_B = new byte[]{ - (byte) 0xB3, (byte) 0x31, (byte) 0x2F, (byte) 0xA7, - (byte) 0xE2, (byte) 0x3E, (byte) 0xE7, (byte) 0xE4, - (byte) 0x98, (byte) 0x8E, (byte) 0x05, (byte) 0x6B, - (byte) 0xE3, (byte) 0xF8, (byte) 0x2D, (byte) 0x19, - (byte) 0x18, (byte) 0x1D, (byte) 0x9C, (byte) 0x6E, - (byte) 0xFE, (byte) 0x81, (byte) 0x41, (byte) 0x12, - (byte) 0x03, (byte) 0x14, (byte) 0x08, (byte) 0x8F, - (byte) 0x50, (byte) 0x13, (byte) 0x87, (byte) 0x5A, - (byte) 0xC6, (byte) 0x56, (byte) 0x39, (byte) 0x8D, - (byte) 0x8A, (byte) 0x2E, (byte) 0xD1, (byte) 0x9D, - (byte) 0x2A, (byte) 0x85, (byte) 0xC8, (byte) 0xED, - (byte) 0xD3, (byte) 0xEC, (byte) 0x2A, (byte) 0xEF}; - + (byte) 0xB3, (byte) 0x31, (byte) 0x2F, (byte) 0xA7, + (byte) 0xE2, (byte) 0x3E, (byte) 0xE7, (byte) 0xE4, + (byte) 0x98, (byte) 0x8E, (byte) 0x05, (byte) 0x6B, + (byte) 0xE3, (byte) 0xF8, (byte) 0x2D, (byte) 0x19, + (byte) 0x18, (byte) 0x1D, (byte) 0x9C, (byte) 0x6E, + (byte) 0xFE, (byte) 0x81, (byte) 0x41, (byte) 0x12, + (byte) 0x03, (byte) 0x14, (byte) 0x08, (byte) 0x8F, + (byte) 0x50, (byte) 0x13, (byte) 0x87, (byte) 0x5A, + (byte) 0xC6, (byte) 0x56, (byte) 0x39, (byte) 0x8D, + (byte) 0x8A, (byte) 0x2E, (byte) 0xD1, (byte) 0x9D, + (byte) 0x2A, (byte) 0x85, (byte) 0xC8, (byte) 0xED, + (byte) 0xD3, (byte) 0xEC, (byte) 0x2A, (byte) 0xEF}; + // G in compressed form / first part of ucompressed public static final byte[] EC384_FP_G_X = new byte[]{ - (byte) 0xAA, (byte) 0x87, (byte) 0xCA, (byte) 0x22, - (byte) 0xBE, (byte) 0x8B, (byte) 0x05, (byte) 0x37, - (byte) 0x8E, (byte) 0xB1, (byte) 0xC7, (byte) 0x1E, - (byte) 0xF3, (byte) 0x20, (byte) 0xAD, (byte) 0x74, - (byte) 0x6E, (byte) 0x1D, (byte) 0x3B, (byte) 0x62, - (byte) 0x8B, (byte) 0xA7, (byte) 0x9B, (byte) 0x98, - (byte) 0x59, (byte) 0xF7, (byte) 0x41, (byte) 0xE0, - (byte) 0x82, (byte) 0x54, (byte) 0x2A, (byte) 0x38, - (byte) 0x55, (byte) 0x02, (byte) 0xF2, (byte) 0x5D, - (byte) 0xBF, (byte) 0x55, (byte) 0x29, (byte) 0x6C, - (byte) 0x3A, (byte) 0x54, (byte) 0x5E, (byte) 0x38, - (byte) 0x72, (byte) 0x76, (byte) 0x0A, (byte) 0xB7}; + (byte) 0xAA, (byte) 0x87, (byte) 0xCA, (byte) 0x22, + (byte) 0xBE, (byte) 0x8B, (byte) 0x05, (byte) 0x37, + (byte) 0x8E, (byte) 0xB1, (byte) 0xC7, (byte) 0x1E, + (byte) 0xF3, (byte) 0x20, (byte) 0xAD, (byte) 0x74, + (byte) 0x6E, (byte) 0x1D, (byte) 0x3B, (byte) 0x62, + (byte) 0x8B, (byte) 0xA7, (byte) 0x9B, (byte) 0x98, + (byte) 0x59, (byte) 0xF7, (byte) 0x41, (byte) 0xE0, + (byte) 0x82, (byte) 0x54, (byte) 0x2A, (byte) 0x38, + (byte) 0x55, (byte) 0x02, (byte) 0xF2, (byte) 0x5D, + (byte) 0xBF, (byte) 0x55, (byte) 0x29, (byte) 0x6C, + (byte) 0x3A, (byte) 0x54, (byte) 0x5E, (byte) 0x38, + (byte) 0x72, (byte) 0x76, (byte) 0x0A, (byte) 0xB7}; // second part of G uncompressed public static final byte[] EC384_FP_G_Y = new byte[]{ - (byte) 0x36, (byte) 0x17, (byte) 0xDE, (byte) 0x4A, - (byte) 0x96, (byte) 0x26, (byte) 0x2C, (byte) 0x6F, - (byte) 0x5D, (byte) 0x9E, (byte) 0x98, (byte) 0xBF, - (byte) 0x92, (byte) 0x92, (byte) 0xDC, (byte) 0x29, - (byte) 0xF8, (byte) 0xF4, (byte) 0x1D, (byte) 0xBD, - (byte) 0x28, (byte) 0x9A, (byte) 0x14, (byte) 0x7C, - (byte) 0xE9, (byte) 0xDA, (byte) 0x31, (byte) 0x13, - (byte) 0xB5, (byte) 0xF0, (byte) 0xB8, (byte) 0xC0, - (byte) 0x0A, (byte) 0x60, (byte) 0xB1, (byte) 0xCE, - (byte) 0x1D, (byte) 0x7E, (byte) 0x81, (byte) 0x9D, - (byte) 0x7A, (byte) 0x43, (byte) 0x1D, (byte) 0x7C, - (byte) 0x90, (byte) 0xEA, (byte) 0x0E, (byte) 0x5F}; - + (byte) 0x36, (byte) 0x17, (byte) 0xDE, (byte) 0x4A, + (byte) 0x96, (byte) 0x26, (byte) 0x2C, (byte) 0x6F, + (byte) 0x5D, (byte) 0x9E, (byte) 0x98, (byte) 0xBF, + (byte) 0x92, (byte) 0x92, (byte) 0xDC, (byte) 0x29, + (byte) 0xF8, (byte) 0xF4, (byte) 0x1D, (byte) 0xBD, + (byte) 0x28, (byte) 0x9A, (byte) 0x14, (byte) 0x7C, + (byte) 0xE9, (byte) 0xDA, (byte) 0x31, (byte) 0x13, + (byte) 0xB5, (byte) 0xF0, (byte) 0xB8, (byte) 0xC0, + (byte) 0x0A, (byte) 0x60, (byte) 0xB1, (byte) 0xCE, + (byte) 0x1D, (byte) 0x7E, (byte) 0x81, (byte) 0x9D, + (byte) 0x7A, (byte) 0x43, (byte) 0x1D, (byte) 0x7C, + (byte) 0x90, (byte) 0xEA, (byte) 0x0E, (byte) 0x5F}; + // Order of G public static final byte[] EC384_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xC7, (byte) 0x63, (byte) 0x4D, (byte) 0x81, - (byte) 0xF4, (byte) 0x37, (byte) 0x2D, (byte) 0xDF, - (byte) 0x58, (byte) 0x1A, (byte) 0x0D, (byte) 0xB2, - (byte) 0x48, (byte) 0xB0, (byte) 0xA7, (byte) 0x7A, - (byte) 0xEC, (byte) 0xEC, (byte) 0x19, (byte) 0x6A, - (byte) 0xCC, (byte) 0xC5, (byte) 0x29, (byte) 0x73}; + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xC7, (byte) 0x63, (byte) 0x4D, (byte) 0x81, + (byte) 0xF4, (byte) 0x37, (byte) 0x2D, (byte) 0xDF, + (byte) 0x58, (byte) 0x1A, (byte) 0x0D, (byte) 0xB2, + (byte) 0x48, (byte) 0xB0, (byte) 0xA7, (byte) 0x7A, + (byte) 0xEC, (byte) 0xEC, (byte) 0x19, (byte) 0x6A, + (byte) 0xCC, (byte) 0xC5, (byte) 0x29, (byte) 0x73}; // cofactor of G - public static final short EC384_FP_K = 1; - - + public static final short EC384_FP_K = 1; + + // secp521r1 from http://www.secg.org/sec2-v2.pdf public static final byte[] EC521_FP_P = new byte[]{ - (byte) 0x01, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + (byte) 0x01, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; public static final byte[] EC521_FP_A = new byte[]{ - (byte) 0x01, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + (byte) 0x01, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; public static final byte[] EC521_FP_B = new byte[]{ - (byte) 0x00, (byte) 0x51, (byte) 0x95, (byte) 0x3E, - (byte) 0xB9, (byte) 0x61, (byte) 0x8E, (byte) 0x1C, - (byte) 0x9A, (byte) 0x1F, (byte) 0x92, (byte) 0x9A, - (byte) 0x21, (byte) 0xA0, (byte) 0xB6, (byte) 0x85, - (byte) 0x40, (byte) 0xEE, (byte) 0xA2, (byte) 0xDA, - (byte) 0x72, (byte) 0x5B, (byte) 0x99, (byte) 0xB3, - (byte) 0x15, (byte) 0xF3, (byte) 0xB8, (byte) 0xB4, - (byte) 0x89, (byte) 0x91, (byte) 0x8E, (byte) 0xF1, - (byte) 0x09, (byte) 0xE1, (byte) 0x56, (byte) 0x19, - (byte) 0x39, (byte) 0x51, (byte) 0xEC, (byte) 0x7E, - (byte) 0x93, (byte) 0x7B, (byte) 0x16, (byte) 0x52, - (byte) 0xC0, (byte) 0xBD, (byte) 0x3B, (byte) 0xB1, - (byte) 0xBF, (byte) 0x07, (byte) 0x35, (byte) 0x73, - (byte) 0xDF, (byte) 0x88, (byte) 0x3D, (byte) 0x2C, - (byte) 0x34, (byte) 0xF1, (byte) 0xEF, (byte) 0x45, - (byte) 0x1F, (byte) 0xD4, (byte) 0x6B, (byte) 0x50, - (byte) 0x3F, (byte) 0x00}; + (byte) 0x00, (byte) 0x51, (byte) 0x95, (byte) 0x3E, + (byte) 0xB9, (byte) 0x61, (byte) 0x8E, (byte) 0x1C, + (byte) 0x9A, (byte) 0x1F, (byte) 0x92, (byte) 0x9A, + (byte) 0x21, (byte) 0xA0, (byte) 0xB6, (byte) 0x85, + (byte) 0x40, (byte) 0xEE, (byte) 0xA2, (byte) 0xDA, + (byte) 0x72, (byte) 0x5B, (byte) 0x99, (byte) 0xB3, + (byte) 0x15, (byte) 0xF3, (byte) 0xB8, (byte) 0xB4, + (byte) 0x89, (byte) 0x91, (byte) 0x8E, (byte) 0xF1, + (byte) 0x09, (byte) 0xE1, (byte) 0x56, (byte) 0x19, + (byte) 0x39, (byte) 0x51, (byte) 0xEC, (byte) 0x7E, + (byte) 0x93, (byte) 0x7B, (byte) 0x16, (byte) 0x52, + (byte) 0xC0, (byte) 0xBD, (byte) 0x3B, (byte) 0xB1, + (byte) 0xBF, (byte) 0x07, (byte) 0x35, (byte) 0x73, + (byte) 0xDF, (byte) 0x88, (byte) 0x3D, (byte) 0x2C, + (byte) 0x34, (byte) 0xF1, (byte) 0xEF, (byte) 0x45, + (byte) 0x1F, (byte) 0xD4, (byte) 0x6B, (byte) 0x50, + (byte) 0x3F, (byte) 0x00}; // G in compressed form / first part of ucompressed public static final byte[] EC521_FP_G_X = new byte[]{ - (byte) 0x00, (byte) 0xC6, (byte) 0x85, (byte) 0x8E, - (byte) 0x06, (byte) 0xB7, (byte) 0x04, (byte) 0x04, - (byte) 0xE9, (byte) 0xCD, (byte) 0x9E, (byte) 0x3E, - (byte) 0xCB, (byte) 0x66, (byte) 0x23, (byte) 0x95, - (byte) 0xB4, (byte) 0x42, (byte) 0x9C, (byte) 0x64, - (byte) 0x81, (byte) 0x39, (byte) 0x05, (byte) 0x3F, - (byte) 0xB5, (byte) 0x21, (byte) 0xF8, (byte) 0x28, - (byte) 0xAF, (byte) 0x60, (byte) 0x6B, (byte) 0x4D, - (byte) 0x3D, (byte) 0xBA, (byte) 0xA1, (byte) 0x4B, - (byte) 0x5E, (byte) 0x77, (byte) 0xEF, (byte) 0xE7, - (byte) 0x59, (byte) 0x28, (byte) 0xFE, (byte) 0x1D, - (byte) 0xC1, (byte) 0x27, (byte) 0xA2, (byte) 0xFF, - (byte) 0xA8, (byte) 0xDE, (byte) 0x33, (byte) 0x48, - (byte) 0xB3, (byte) 0xC1, (byte) 0x85, (byte) 0x6A, - (byte) 0x42, (byte) 0x9B, (byte) 0xF9, (byte) 0x7E, - (byte) 0x7E, (byte) 0x31, (byte) 0xC2, (byte) 0xE5, - (byte) 0xBD, (byte) 0x66}; - + (byte) 0x00, (byte) 0xC6, (byte) 0x85, (byte) 0x8E, + (byte) 0x06, (byte) 0xB7, (byte) 0x04, (byte) 0x04, + (byte) 0xE9, (byte) 0xCD, (byte) 0x9E, (byte) 0x3E, + (byte) 0xCB, (byte) 0x66, (byte) 0x23, (byte) 0x95, + (byte) 0xB4, (byte) 0x42, (byte) 0x9C, (byte) 0x64, + (byte) 0x81, (byte) 0x39, (byte) 0x05, (byte) 0x3F, + (byte) 0xB5, (byte) 0x21, (byte) 0xF8, (byte) 0x28, + (byte) 0xAF, (byte) 0x60, (byte) 0x6B, (byte) 0x4D, + (byte) 0x3D, (byte) 0xBA, (byte) 0xA1, (byte) 0x4B, + (byte) 0x5E, (byte) 0x77, (byte) 0xEF, (byte) 0xE7, + (byte) 0x59, (byte) 0x28, (byte) 0xFE, (byte) 0x1D, + (byte) 0xC1, (byte) 0x27, (byte) 0xA2, (byte) 0xFF, + (byte) 0xA8, (byte) 0xDE, (byte) 0x33, (byte) 0x48, + (byte) 0xB3, (byte) 0xC1, (byte) 0x85, (byte) 0x6A, + (byte) 0x42, (byte) 0x9B, (byte) 0xF9, (byte) 0x7E, + (byte) 0x7E, (byte) 0x31, (byte) 0xC2, (byte) 0xE5, + (byte) 0xBD, (byte) 0x66}; + // second part of G uncompressed public static final byte[] EC521_FP_G_Y = new byte[]{ - (byte) 0x01, (byte) 0x18, (byte) 0x39, (byte) 0x29, - (byte) 0x6A, (byte) 0x78, (byte) 0x9A, (byte) 0x3B, - (byte) 0xC0, (byte) 0x04, (byte) 0x5C, (byte) 0x8A, - (byte) 0x5F, (byte) 0xB4, (byte) 0x2C, (byte) 0x7D, - (byte) 0x1B, (byte) 0xD9, (byte) 0x98, (byte) 0xF5, - (byte) 0x44, (byte) 0x49, (byte) 0x57, (byte) 0x9B, - (byte) 0x44, (byte) 0x68, (byte) 0x17, (byte) 0xAF, - (byte) 0xBD, (byte) 0x17, (byte) 0x27, (byte) 0x3E, - (byte) 0x66, (byte) 0x2C, (byte) 0x97, (byte) 0xEE, - (byte) 0x72, (byte) 0x99, (byte) 0x5E, (byte) 0xF4, - (byte) 0x26, (byte) 0x40, (byte) 0xC5, (byte) 0x50, - (byte) 0xB9, (byte) 0x01, (byte) 0x3F, (byte) 0xAD, - (byte) 0x07, (byte) 0x61, (byte) 0x35, (byte) 0x3C, - (byte) 0x70, (byte) 0x86, (byte) 0xA2, (byte) 0x72, - (byte) 0xC2, (byte) 0x40, (byte) 0x88, (byte) 0xBE, - (byte) 0x94, (byte) 0x76, (byte) 0x9F, (byte) 0xD1, - (byte) 0x66, (byte) 0x50}; + (byte) 0x01, (byte) 0x18, (byte) 0x39, (byte) 0x29, + (byte) 0x6A, (byte) 0x78, (byte) 0x9A, (byte) 0x3B, + (byte) 0xC0, (byte) 0x04, (byte) 0x5C, (byte) 0x8A, + (byte) 0x5F, (byte) 0xB4, (byte) 0x2C, (byte) 0x7D, + (byte) 0x1B, (byte) 0xD9, (byte) 0x98, (byte) 0xF5, + (byte) 0x44, (byte) 0x49, (byte) 0x57, (byte) 0x9B, + (byte) 0x44, (byte) 0x68, (byte) 0x17, (byte) 0xAF, + (byte) 0xBD, (byte) 0x17, (byte) 0x27, (byte) 0x3E, + (byte) 0x66, (byte) 0x2C, (byte) 0x97, (byte) 0xEE, + (byte) 0x72, (byte) 0x99, (byte) 0x5E, (byte) 0xF4, + (byte) 0x26, (byte) 0x40, (byte) 0xC5, (byte) 0x50, + (byte) 0xB9, (byte) 0x01, (byte) 0x3F, (byte) 0xAD, + (byte) 0x07, (byte) 0x61, (byte) 0x35, (byte) 0x3C, + (byte) 0x70, (byte) 0x86, (byte) 0xA2, (byte) 0x72, + (byte) 0xC2, (byte) 0x40, (byte) 0x88, (byte) 0xBE, + (byte) 0x94, (byte) 0x76, (byte) 0x9F, (byte) 0xD1, + (byte) 0x66, (byte) 0x50}; // Order of G public static final byte[] EC521_FP_R = new byte[]{ - (byte) 0x01, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFA, - (byte) 0x51, (byte) 0x86, (byte) 0x87, (byte) 0x83, - (byte) 0xBF, (byte) 0x2F, (byte) 0x96, (byte) 0x6B, - (byte) 0x7F, (byte) 0xCC, (byte) 0x01, (byte) 0x48, - (byte) 0xF7, (byte) 0x09, (byte) 0xA5, (byte) 0xD0, - (byte) 0x3B, (byte) 0xB5, (byte) 0xC9, (byte) 0xB8, - (byte) 0x89, (byte) 0x9C, (byte) 0x47, (byte) 0xAE, - (byte) 0xBB, (byte) 0x6F, (byte) 0xB7, (byte) 0x1E, - (byte) 0x91, (byte) 0x38, (byte) 0x64, (byte) 0x09}; - + (byte) 0x01, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFA, + (byte) 0x51, (byte) 0x86, (byte) 0x87, (byte) 0x83, + (byte) 0xBF, (byte) 0x2F, (byte) 0x96, (byte) 0x6B, + (byte) 0x7F, (byte) 0xCC, (byte) 0x01, (byte) 0x48, + (byte) 0xF7, (byte) 0x09, (byte) 0xA5, (byte) 0xD0, + (byte) 0x3B, (byte) 0xB5, (byte) 0xC9, (byte) 0xB8, + (byte) 0x89, (byte) 0x9C, (byte) 0x47, (byte) 0xAE, + (byte) 0xBB, (byte) 0x6F, (byte) 0xB7, (byte) 0x1E, + (byte) 0x91, (byte) 0x38, (byte) 0x64, (byte) 0x09}; + // cofactor of G public static final short EC521_FP_K = 1; + //sect163r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^163 + x^i1 + x^i2 + x^i3 + 1 + public static final byte[] EC163_F2M_F = new byte[]{ + (byte) 0, (byte) 7, (byte) 0, (byte) 6, (byte) 0, (byte) 3 + }; + public static final byte[] EC163_F2M_A = new byte[]{ + (byte) 0x07, (byte) 0xB6, (byte) 0x88, (byte) 0x2C, + (byte) 0xAA, (byte) 0xEF, (byte) 0xA8, (byte) 0x4F, + (byte) 0x95, (byte) 0x54, (byte) 0xFF, (byte) 0x84, + (byte) 0x28, (byte) 0xBD, (byte) 0x88, (byte) 0xE2, + (byte) 0x46, (byte) 0xD2, (byte) 0x78, (byte) 0x2A, + (byte) 0xE2 + }; - - public static final byte VALID_KEY = 1; - public static final byte INVALIDB_FIXED = 2; - public static final byte INVALIDB_RANDOM = 3; + public static final byte[] EC163_F2M_B = new byte[]{ + (byte) 0x07, (byte) 0x13, (byte) 0x61, (byte) 0x2D, + (byte) 0xCD, (byte) 0xDC, (byte) 0xB4, (byte) 0x0A, + (byte) 0xAB, (byte) 0x94, (byte) 0x6B, (byte) 0xDA, + (byte) 0x29, (byte) 0xCA, (byte) 0x91, (byte) 0xF7, + (byte) 0x3A, (byte) 0xF9, (byte) 0x58, (byte) 0xAF, + (byte) 0xD9 + }; - public static void setValidECKeyParams(ECPublicKey ecPubKey, ECPrivateKey ecPrivKey, byte ecClass, short ecLength, byte[] auxBuffer) { - setECKeyParams(ecPubKey, ecPrivKey, ecClass, ecLength, auxBuffer, VALID_KEY); - } - public static void setInValidECKeyParams(ECPublicKey ecPubKey, ECPrivateKey ecPrivKey, byte ecClass, short ecLength, byte[] auxBuffer) { - setECKeyParams(ecPubKey, ecPrivKey, ecClass, ecLength, auxBuffer, INVALIDB_FIXED); - } - public static void setInValidECKeyParamsRandomB(ECPublicKey ecPubKey, ECPrivateKey ecPrivKey, byte ecClass, short ecLength, byte[] auxBuffer) { - setECKeyParams(ecPubKey, ecPrivKey, ecClass, ecLength, auxBuffer, INVALIDB_RANDOM); - } - private static void setECKeyParams(ECPublicKey ecPubKey, ECPrivateKey ecPrivKey, byte ecClass, short ecLength, byte[] auxBuffer, byte bInvalidKeyType) { - if (ecClass == KeyPair.ALG_EC_FP) { - // Select proper courve parameters - switch (ecLength) { - case (short) 128: { - EC_FP_P = EC128_FP_P; - EC_FP_A = EC128_FP_A; - EC_FP_B = EC128_FP_B; - EC_FP_G_X = EC128_FP_G_X; - EC_FP_G_Y = EC128_FP_G_Y; - EC_FP_R = EC128_FP_R; - EC_FP_K = EC128_FP_K; - break; - } - case (short) 160: { - EC_FP_P = EC160_FP_P; - EC_FP_A = EC160_FP_A; - EC_FP_B = EC160_FP_B; - EC_FP_G_X = EC160_FP_G_X; - EC_FP_G_Y = EC160_FP_G_Y; - EC_FP_R = EC160_FP_R; - EC_FP_K = EC160_FP_K; - break; - } - case (short) 192: { - EC_FP_P = EC192_FP_P; - EC_FP_A = EC192_FP_A; - EC_FP_B = EC192_FP_B; - EC_FP_G_X = EC192_FP_G_X; - EC_FP_G_Y = EC192_FP_G_Y; - EC_FP_R = EC192_FP_R; - EC_FP_K = EC192_FP_K; - break; - } - case (short) 224: { - EC_FP_P = EC224_FP_P; - EC_FP_A = EC224_FP_A; - EC_FP_B = EC224_FP_B; - EC_FP_G_X = EC224_FP_G_X; - EC_FP_G_Y = EC224_FP_G_Y; - EC_FP_R = EC224_FP_R; - EC_FP_K = EC224_FP_K; - break; - } - case (short) 256: { - EC_FP_P = EC256_FP_P; - EC_FP_A = EC256_FP_A; - EC_FP_B = EC256_FP_B; - EC_FP_G_X = EC256_FP_G_X; - EC_FP_G_Y = EC256_FP_G_Y; - EC_FP_R = EC256_FP_R; - EC_FP_K = EC256_FP_K; - break; - } - case (short) 384: { - EC_FP_P = EC384_FP_P; - EC_FP_A = EC384_FP_A; - EC_FP_B = EC384_FP_B; - EC_FP_G_X = EC384_FP_G_X; - EC_FP_G_Y = EC384_FP_G_Y; - EC_FP_R = EC384_FP_R; - EC_FP_K = EC384_FP_K; - break; - } - case (short) 521: { - EC_FP_P = EC521_FP_P; - EC_FP_A = EC521_FP_A; - EC_FP_B = EC521_FP_B; - EC_FP_G_X = EC521_FP_G_X; - EC_FP_G_Y = EC521_FP_G_Y; - EC_FP_R = EC521_FP_R; - EC_FP_K = EC521_FP_K; - break; - } - default: { + // G in compressed form / first part of ucompressed + public static final byte[] EC163_F2M_G_X = new byte[]{ + (byte) 0x03, (byte) 0x69, (byte) 0x97, (byte) 0x96, + (byte) 0x97, (byte) 0xAB, (byte) 0x43, (byte) 0x89, + (byte) 0x77, (byte) 0x89, (byte) 0x56, (byte) 0x67, + (byte) 0x89, (byte) 0x56, (byte) 0x7F, (byte) 0x78, + (byte) 0x7A, (byte) 0x78, (byte) 0x76, (byte) 0xA6, + (byte) 0x54 + }; + + // second part of G uncompressed + public static final byte[] EC163_F2M_G_Y = new byte[]{ + (byte) 0x00, (byte) 0x43, (byte) 0x5E, (byte) 0xDB, + (byte) 0x42, (byte) 0xEF, (byte) 0xAF, (byte) 0xB2, + (byte) 0x98, (byte) 0x9D, (byte) 0x51, (byte) 0xFE, + (byte) 0xFC, (byte) 0xE3, (byte) 0xC8, (byte) 0x09, + (byte) 0x88, (byte) 0xF4, (byte) 0x1F, (byte) 0xF8, + (byte) 0x83 + }; + + // order of G + public static final byte[] EC163_F2M_R = new byte[]{ + (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x48, + (byte) 0xAA, (byte) 0xB6, (byte) 0x89, (byte) 0xC2, + (byte) 0x9C, (byte) 0xA7, (byte) 0x10, (byte) 0x27, + (byte) 0x9B + }; + + // cofactor of G + public static final short EC163_F2M_K = 2; + + // getCorruptCurveParameter PARAMETER_CORRUPTION TYPES + public static final short CORRUPTION_NONE = 0x01; + public static final short CORRUPTION_FIXED = 0x02; + public static final short CORRUPTION_FULLRANDOM = 0x03; + public static final short CORRUPTION_ONEBYTERANDOM = 0x04; + public static final short CORRUPTION_ZERO = 0x05; + public static final short CORRUPTION_ONE = 0x06; + + // Supported embedded curves, getCurveParameter + // SECP recommended curves over FP + public static final byte CURVE_secp128r1 = 1; + public static final byte CURVE_secp160r1 = 2; + public static final byte CURVE_secp192r1 = 3; + public static final byte CURVE_secp224r1 = 4; + public static final byte CURVE_secp256r1 = 5; + public static final byte CURVE_secp384r1 = 6; + public static final byte CURVE_secp521r1 = 7; + + public static final byte FP_CURVES = 7; + + // SECP recommended curves over F2M + public static final byte CURVE_sect163r1 = 8; + public static final byte CURVE_sect233r1 = 9; + public static final byte CURVE_sect283r1 = 10; + public static final byte CURVE_sect409r1 = 11; + public static final byte CURVE_sect571r1 = 12; + + public static final byte F2M_CURVES = 12; + + public static byte getCurve(short keyClass, short keyLength) { + if (keyClass == KeyPair.ALG_EC_FP) { + switch (keyLength) { + case (short) 128: + return CURVE_secp128r1; + case (short) 160: + return CURVE_secp160r1; + case (short) 192: + return CURVE_secp192r1; + case (short) 224: + return CURVE_secp224r1; + case (short) 256: + return CURVE_secp256r1; + case (short) 384: + return CURVE_secp384r1; + case (short) 521: + return CURVE_secp521r1; + default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } } - - // prepare an ANSI X9.62 uncompressed EC point representation for G - short gSize = (short) 1; - gSize += (short) EC_FP_G_X.length; - gSize += (short) EC_FP_G_Y.length; - auxBuffer[0] = 0x04; - short off = 1; - off = Util.arrayCopyNonAtomic(EC_FP_G_X, (short) 0, auxBuffer, off, (short) EC_FP_G_X.length); - Util.arrayCopyNonAtomic(EC_FP_G_Y, (short) 0, auxBuffer, off, (short) EC_FP_G_Y.length); - ecPubKey.setG(auxBuffer, (short) 0, gSize); - ecPrivKey.setG(auxBuffer, (short) 0, gSize); - - // pre-set basic EC parameters: - ecPubKey.setFieldFP(EC_FP_P, (short) 0, (short) EC_FP_P.length); - ecPrivKey.setFieldFP(EC_FP_P, (short) 0, (short) EC_FP_P.length); - ecPubKey.setA(EC_FP_A, (short) 0, (short) EC_FP_A.length); - ecPrivKey.setA(EC_FP_A, (short) 0, (short) EC_FP_A.length); - - if (bInvalidKeyType == VALID_KEY) { - // No corruption - ecPubKey.setB(EC_FP_B, (short) 0, (short) EC_FP_B.length); + } else if (keyClass == KeyPair.ALG_EC_F2M) { + switch (keyLength) { + case (short) 163: + return CURVE_sect163r1; + case (short) 233: + return CURVE_sect233r1; + case (short) 283: + return CURVE_sect283r1; + case (short) 409: + return CURVE_sect409r1; + case (short) 571: + return CURVE_sect571r1; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + } else { + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + return 0; //will not be reached + } + + public static short getCurveParameter(byte curve, byte param, byte[] outputBuffer, short outputOffset) { + byte alg = getCurveType(curve); + switch (curve) { + case CURVE_secp128r1: { + EC_FP_P = EC128_FP_P; + EC_A = EC128_FP_A; + EC_B = EC128_FP_B; + EC_G_X = EC128_FP_G_X; + EC_G_Y = EC128_FP_G_Y; + EC_R = EC128_FP_R; + EC_K = EC128_FP_K; + break; + } + case CURVE_secp160r1: { + EC_FP_P = EC160_FP_P; + EC_A = EC160_FP_A; + EC_B = EC160_FP_B; + EC_G_X = EC160_FP_G_X; + EC_G_Y = EC160_FP_G_Y; + EC_R = EC160_FP_R; + EC_K = EC160_FP_K; + break; + } + case CURVE_secp192r1: { + EC_FP_P = EC192_FP_P; + EC_A = EC192_FP_A; + EC_B = EC192_FP_B; + EC_G_X = EC192_FP_G_X; + EC_G_Y = EC192_FP_G_Y; + EC_R = EC192_FP_R; + EC_K = EC192_FP_K; + break; + } + case CURVE_secp224r1: { + EC_FP_P = EC224_FP_P; + EC_A = EC224_FP_A; + EC_B = EC224_FP_B; + EC_G_X = EC224_FP_G_X; + EC_G_Y = EC224_FP_G_Y; + EC_R = EC224_FP_R; + EC_K = EC224_FP_K; + break; + } + case CURVE_secp256r1: { + EC_FP_P = EC256_FP_P; + EC_A = EC256_FP_A; + EC_B = EC256_FP_B; + EC_G_X = EC256_FP_G_X; + EC_G_Y = EC256_FP_G_Y; + EC_R = EC256_FP_R; + EC_K = EC256_FP_K; + break; + } + case CURVE_secp384r1: { + EC_FP_P = EC384_FP_P; + EC_A = EC384_FP_A; + EC_B = EC384_FP_B; + EC_G_X = EC384_FP_G_X; + EC_G_Y = EC384_FP_G_Y; + EC_R = EC384_FP_R; + EC_K = EC384_FP_K; + break; } - if (bInvalidKeyType == INVALIDB_FIXED) { - // corrupt curve if required for testing - Util.arrayCopyNonAtomic(EC_FP_B, (short) 0, auxBuffer, (short) 0, (short) EC_FP_B.length); - auxBuffer[(byte) 10] = (byte) 0xcc; - auxBuffer[(byte) 11] = (byte) 0xcc; - ecPubKey.setB(auxBuffer, (short) 0, (short) EC_FP_B.length); + case CURVE_secp521r1: { + EC_FP_P = EC521_FP_P; + EC_A = EC521_FP_A; + EC_B = EC521_FP_B; + EC_G_X = EC521_FP_G_X; + EC_G_Y = EC521_FP_G_Y; + EC_R = EC521_FP_R; + EC_K = EC521_FP_K; + break; } - if (bInvalidKeyType == INVALIDB_RANDOM) { - // corrupt curve if required for testing - m_random.generateData(auxBuffer, (short) 0, (short) EC_FP_B.length); - ecPubKey.setB(auxBuffer, (short) 0, (short) EC_FP_B.length); + case CURVE_sect163r1: { + EC_F2M_F2M = EC163_F2M_F; + EC_A = EC163_F2M_A; + EC_B = EC163_F2M_B; + EC_G_X = EC163_F2M_G_X; + EC_G_Y = EC163_F2M_G_Y; + EC_R = EC163_F2M_R; + EC_K = EC163_F2M_K; + break; } - ecPrivKey.setB(EC_FP_B, (short) 0, (short) EC_FP_B.length); - - ecPubKey.setR(EC_FP_R, (short) 0, (short) EC_FP_R.length); - ecPrivKey.setR(EC_FP_R, (short) 0, (short) EC_FP_R.length); + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + short length = 0; + switch (param) { + case PARAMETER_FP: + if (alg == KeyPair.ALG_EC_FP) { + length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_FP_P, (short) 0, (short) EC_FP_P.length); + } + break; + case PARAMETER_F2M: + if (alg == KeyPair.ALG_EC_F2M) { + length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_F2M_F2M, (short) 0, (short) EC_F2M_F2M.length); + } + break; + case PARAMETER_A: + length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_A, (short) 0, (short) EC_A.length); + break; + case PARAMETER_B: + length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_B, (short) 0, (short) EC_B.length); + break; + case PARAMETER_G: + length = decompressG(outputBuffer, outputOffset, EC_G_X, (short) 0, (short) EC_G_X.length, EC_G_Y, (short) 0, (short) EC_G_Y.length); + break; + case PARAMETER_R: + length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_R, (short) 0, (short) EC_R.length); + break; + case PARAMETER_K: + length = 2; + Util.setShort(outputBuffer, outputOffset, EC_K); + break; + default: + length = -1; + } + return length; + } - ecPubKey.setK(EC_FP_K); - ecPrivKey.setK(EC_FP_K); + public static short getCorruptCurveParameter(byte curve, byte param, byte[] outputBuffer, short outputOffset, short corruptionType) { + short length = getCurveParameter(curve, param, outputBuffer, outputOffset); + if (length <= 0) { + return length; } - if (ecClass == KeyPair.ALG_EC_F2M) { - // Not supported yet - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + switch (corruptionType) { + case CORRUPTION_NONE: + break; + case CORRUPTION_FIXED: + if (length >= 1) { + outputBuffer[outputOffset] = (byte) 0xcc; + outputBuffer[(short) (outputOffset + length - 1)] = (byte) 0xcc; + } + break; + case CORRUPTION_FULLRANDOM: + m_random.generateData(outputBuffer, outputOffset, length); + break; + case CORRUPTION_ONEBYTERANDOM: + short first = Util.getShort(outputBuffer, (short) 0); // save first two bytes + + m_random.generateData(outputBuffer, (short) 0, (short) 2); // generate position + short rngPos = Util.getShort(outputBuffer, (short) 0); // save generated position + + Util.setShort(outputBuffer, (short) 0, first); // restore first two bytes + + if (rngPos < 0) { // make positive + rngPos = (short) -rngPos; + } + rngPos %= length; // make < param length + + byte original = outputBuffer[rngPos]; + while (original != outputBuffer[rngPos]){ + m_random.generateData(outputBuffer, rngPos, (short) 1); + } + break; + case CORRUPTION_ZERO: + Util.arrayFillNonAtomic(outputBuffer, outputOffset, length, (byte) 0); + break; + case CORRUPTION_ONE: + Util.arrayFillNonAtomic(outputBuffer, outputOffset, length, (byte) 1); + break; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } - - } -/* - void setFPCurveParams(ECPublicKey ecPubKey, byte[] EC_FP_P, byte[] EC_FP_A, EC_FP_B) { - ecPubKey.setFieldFP(EC_FP_P, (short) 0, (short) EC_FP_P.length); - ecPrivKey.setA(EC_FP_A, (short) 0, (short) EC_FP_A.length); - ecPrivKey.setB(EC_FP_B, (short) 0, (short) EC_FP_B.length); - ecPrivKey.setG(auxBuffer, (short) 0, gSize); - ecPrivKey.setR(EC_FP_R, (short) 0, (short) EC_FP_R.length); - ecPrivKey.setK(EC_FP_K); + return length; + } + + public static byte getCurveType(byte curve) { + return curve <= FP_CURVES ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + } + + private static short decompressG(byte[] outputBuffer, short outputOffset, byte[] gx, short gxOffset, short gxLength, byte[] gy, short gyOffset, short gyLength) { + short size = 1; + size += gxLength; + size += gyLength; + short offset = outputOffset; + offset += 1; + + outputBuffer[offset] = 0x04; + offset = Util.arrayCopyNonAtomic(gx, gxOffset, outputBuffer, offset, gxLength); + Util.arrayCopyNonAtomic(gy, gyOffset, outputBuffer, offset, gyLength); + return size; } - - , ECPrivateKey ecPrivKey , -*/ } diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 720ee4e..79abd0e 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -6,97 +6,85 @@ package applets; import javacard.framework.*; import javacard.security.*; -import javacardx.crypto.*; -public class SimpleECCApplet extends javacard.framework.Applet -{ +import javax.print.attribute.standard.MediaSize; + +public class SimpleECCApplet extends javacard.framework.Applet { // MAIN INSTRUCTION CLASS - final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; + final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; // INSTRUCTIONS - final static byte INS_GENERATEKEY = (byte) 0x5a; - final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; - - final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; - final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; - - final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; - final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; - final static byte INS_TESTEC_GENERATEINVALID_FP = (byte) 0x70; - final static byte INS_TESTECSUPPORT_GIVENALG = (byte) 0x71; - final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; - - - + final static byte INS_GENERATEKEY = (byte) 0x5a; + final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; + + final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; + final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; - final static short ARRAY_LENGTH = (short) 0xff; - final static byte AES_BLOCK_LENGTH = (short) 0x16; + final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; + final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; + final static byte INS_TESTEC_GENERATEINVALID_FP = (byte) 0x70; + final static byte INS_TESTECSUPPORT_GIVENALG = (byte) 0x71; + final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; + + + final static short ARRAY_LENGTH = (short) 0xff; + final static byte AES_BLOCK_LENGTH = (short) 0x16; final static short EC_LENGTH_BITS = KeyBuilder.LENGTH_EC_FP_192; //final static short EC_LENGTH_BITS = KeyBuilder.LENGTH_EC_FP_160; //final static short EC_LENGTH_BITS = (short) 256; - - public final static byte ECTEST_SEPARATOR = (byte) 0xff; - public final static byte ECTEST_ALLOCATE_KEYPAIR = (byte) 0xc1; - public final static byte ECTEST_GENERATE_KEYPAIR_DEFCURVE = (byte) 0xc2; - public final static byte ECTEST_SET_VALIDCURVE = (byte) 0xc3; + + public final static byte ECTEST_SEPARATOR = (byte) 0xff; + public final static byte ECTEST_ALLOCATE_KEYPAIR = (byte) 0xc1; + public final static byte ECTEST_GENERATE_KEYPAIR_DEFCURVE = (byte) 0xc2; + public final static byte ECTEST_SET_VALIDCURVE = (byte) 0xc3; public final static byte ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE = (byte) 0xc4; - public final static byte ECTEST_SET_INVALIDCURVE = (byte) 0xc5; + public final static byte ECTEST_SET_INVALIDCURVE = (byte) 0xc5; public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE = (byte) 0xc6; public final static byte ECTEST_ECDH_AGREEMENT_VALID_POINT = (byte) 0xc7; public final static byte ECTEST_ECDH_AGREEMENT_INVALID_POINT = (byte) 0xc8; public final static byte ECTEST_EXECUTED_REPEATS = (byte) 0xc9; public final static byte ECTEST_DH_GENERATESECRET = (byte) 0xca; - public final static short FLAG_ECTEST_ALLOCATE_KEYPAIR = (short) 0x0001; + public final static short FLAG_ECTEST_ALLOCATE_KEYPAIR = (short) 0x0001; public final static short FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE = (short) 0x0002; - public final static short FLAG_ECTEST_SET_VALIDCURVE = (short) 0x0004; + public final static short FLAG_ECTEST_SET_VALIDCURVE = (short) 0x0004; public final static short FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE = (short) 0x0008; - public final static short FLAG_ECTEST_SET_INVALIDCURVE = (short) 0x0010; + public final static short FLAG_ECTEST_SET_INVALIDCURVE = (short) 0x0010; public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE = (short) 0x0020; public final static short FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT = (short) 0x0040; public final static short FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT = (short) 0x0080; - + public final static short FLAG_ECTEST_ALL = (short) 0x00ff; - - public final static short CORRUPT_B_FULLRANDOM = (short) 0x0001; - public final static short CORRUPT_B_ONEBYTERANDOM = (short) 0x0002; - public final static short CORRUPT_B_LASTBYTEINCREMENT = (short) 0x0003; - - - + + public final static short SW_SKIPPED = (short) 0x0ee1; public final static short SW_KEYPAIR_GENERATED_INVALID = (short) 0x0ee2; public final static short SW_INVALID_CORRUPTION_TYPE = (short) 0x0ee3; -/* + /* + public static final byte[] EC192_FP_PUBLICW = new byte[]{ + (byte) 0x04, (byte) 0xC9, (byte) 0xC0, (byte) 0xED, (byte) 0xFB, (byte) 0x27, + (byte) 0xB7, (byte) 0x1E, (byte) 0xBE, (byte) 0x30, (byte) 0x93, (byte) 0xFC, + (byte) 0x4F, (byte) 0x33, (byte) 0x76, (byte) 0x38, (byte) 0xCE, (byte) 0xE0, + (byte) 0x2F, (byte) 0x78, (byte) 0xF6, (byte) 0x3C, (byte) 0xEA, (byte) 0x90, + (byte) 0x22, (byte) 0x61, (byte) 0x32, (byte) 0x8E, (byte) 0x9F, (byte) 0x03, + (byte) 0x8A, (byte) 0xFD, (byte) 0x60, (byte) 0xA0, (byte) 0xCE, (byte) 0x01, + (byte) 0x9B, (byte) 0x76, (byte) 0x34, (byte) 0x59, (byte) 0x79, (byte) 0x64, + (byte) 0xD7, (byte) 0x79, (byte) 0x8E, (byte) 0x3B, (byte) 0x16, (byte) 0xD5, + (byte) 0x15}; + */ public static final byte[] EC192_FP_PUBLICW = new byte[]{ - (byte) 0x04, (byte) 0xC9, (byte) 0xC0, (byte) 0xED, (byte) 0xFB, (byte) 0x27, - (byte) 0xB7, (byte) 0x1E, (byte) 0xBE, (byte) 0x30, (byte) 0x93, (byte) 0xFC, - (byte) 0x4F, (byte) 0x33, (byte) 0x76, (byte) 0x38, (byte) 0xCE, (byte) 0xE0, - (byte) 0x2F, (byte) 0x78, (byte) 0xF6, (byte) 0x3C, (byte) 0xEA, (byte) 0x90, - (byte) 0x22, (byte) 0x61, (byte) 0x32, (byte) 0x8E, (byte) 0x9F, (byte) 0x03, - (byte) 0x8A, (byte) 0xFD, (byte) 0x60, (byte) 0xA0, (byte) 0xCE, (byte) 0x01, - (byte) 0x9B, (byte) 0x76, (byte) 0x34, (byte) 0x59, (byte) 0x79, (byte) 0x64, - (byte) 0xD7, (byte) 0x79, (byte) 0x8E, (byte) 0x3B, (byte) 0x16, (byte) 0xD5, - (byte) 0x15}; - */ - public static final byte[] EC192_FP_PUBLICW = new byte[]{ - (byte) 0x04, - (byte) 0x9d, (byte) 0x42, (byte) 0x76, (byte) 0x9d, (byte) 0xfd, (byte) 0xbe, - (byte) 0x11, (byte) 0x3a, (byte) 0x85, (byte) 0x1b, (byte) 0xb6, (byte) 0xb0, - (byte) 0x1b, (byte) 0x1a, (byte) 0x51, (byte) 0x5d, (byte) 0x89, (byte) 0x3b, - (byte) 0x5a, (byte) 0xdb, (byte) 0xc1, (byte) 0xf6, (byte) 0x13, (byte) 0x29, - (byte) 0x74, (byte) 0x74, (byte) 0x9a, (byte) 0xc0, (byte) 0x96, (byte) 0x7a, - (byte) 0x8f, (byte) 0xf4, (byte) 0xcc, (byte) 0x54, (byte) 0xd9, (byte) 0x31, - (byte) 0x87, (byte) 0x60, (byte) 0x2d, (byte) 0xd6, (byte) 0x7e, (byte) 0xb3, - (byte) 0xd2, (byte) 0x29, (byte) 0x70a, (byte) 0xca, (byte) 0x2ca}; - - - private KeyPair ecKeyPair = null; - private KeyPair ecKeyPair128 = null; - private KeyPair ecKeyPair160 = null; - private KeyPair ecKeyPair192 = null; - private KeyPair ecKeyPair256 = null; + (byte) 0x04, + (byte) 0x9d, (byte) 0x42, (byte) 0x76, (byte) 0x9d, (byte) 0xfd, (byte) 0xbe, + (byte) 0x11, (byte) 0x3a, (byte) 0x85, (byte) 0x1b, (byte) 0xb6, (byte) 0xb0, + (byte) 0x1b, (byte) 0x1a, (byte) 0x51, (byte) 0x5d, (byte) 0x89, (byte) 0x3b, + (byte) 0x5a, (byte) 0xdb, (byte) 0xc1, (byte) 0xf6, (byte) 0x13, (byte) 0x29, + (byte) 0x74, (byte) 0x74, (byte) 0x9a, (byte) 0xc0, (byte) 0x96, (byte) 0x7a, + (byte) 0x8f, (byte) 0xf4, (byte) 0xcc, (byte) 0x54, (byte) 0xd9, (byte) 0x31, + (byte) 0x87, (byte) 0x60, (byte) 0x2d, (byte) 0xd6, (byte) 0x7e, (byte) 0xb3, + (byte) 0xd2, (byte) 0x29, (byte) 0x70a, (byte) 0xca, (byte) 0x2ca}; + + private ECPublicKey ecPubKey = null; private ECPublicKey ecPubKey128 = null; private ECPublicKey ecPubKey160 = null; @@ -107,56 +95,66 @@ public class SimpleECCApplet extends javacard.framework.Applet private ECPrivateKey ecPrivKey160 = null; private ECPrivateKey ecPrivKey192 = null; private ECPrivateKey ecPrivKey256 = null; - + + private ECKeyGenerator ecKeyGenerator = null; + private ECKeyTester ecKeyTester = null; + private KeyAgreement dhKeyAgreement = null; private RandomData randomData = null; - + // TEMPORARRY ARRAY IN RAM private byte m_ramArray[] = null; private byte m_ramArray2[] = null; // PERSISTENT ARRAY IN EEPROM - private byte m_dataArray[] = null; - - short m_lenB = 0; + private byte m_dataArray[] = null; + + short m_lenB = 0; protected SimpleECCApplet(byte[] buffer, short offset, byte length) { short dataOffset = offset; - if(length > 9) { + if (length > 9) { // shift to privilege offset - dataOffset += (short)( 1 + buffer[offset]); + dataOffset += (short) (1 + buffer[offset]); // finally shift to Application specific offset - dataOffset += (short)( 1 + buffer[dataOffset]); + dataOffset += (short) (1 + buffer[dataOffset]); // go to proprietary data dataOffset++; m_ramArray = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); m_ramArray2 = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); - + m_dataArray = new byte[ARRAY_LENGTH]; Util.arrayFillNonAtomic(m_dataArray, (short) 0, ARRAY_LENGTH, (byte) 0); - + randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); - } + EC_Consts.m_random = randomData; + + ecKeyGenerator = new ECKeyGenerator(); + ecKeyTester = new ECKeyTester(); + ecKeyTester.allocateECDH(); + ecKeyTester.allocateECDHC(); + ecKeyTester.allocateECDSA(); + + } register(); } public static void install(byte[] bArray, short bOffset, byte bLength) throws ISOException { // applet instance creation - new SimpleECCApplet (bArray, bOffset, bLength); + new SimpleECCApplet(bArray, bOffset, bLength); } public boolean select() { - return true; + return true; } public void deselect() { return; } - public void process(APDU apdu) throws ISOException - { + public void process(APDU apdu) throws ISOException { // get the APDU buffer byte[] apduBuffer = apdu.getBuffer(); @@ -165,8 +163,8 @@ public class SimpleECCApplet extends javacard.framework.Applet return; if (apduBuffer[ISO7816.OFFSET_CLA] == CLA_SIMPLEECCAPPLET) { - switch ( apduBuffer[ISO7816.OFFSET_INS] ) { - + switch (apduBuffer[ISO7816.OFFSET_INS]) { + case INS_TESTECSUPPORT_GIVENALG: TestEC_SupportGivenLength(apdu); break; @@ -177,7 +175,7 @@ public class SimpleECCApplet extends javacard.framework.Applet TestEC_F2M_SupportAllLengths(apdu); break; case INS_ALLOCATEKEYPAIR: - AllocateKeyPairReturnDefCourve(apdu); + AllocateKeyPairReturnDefCurve(apdu); break; case INS_DERIVEECDHSECRET: DeriveECDHSecret(apdu); @@ -185,7 +183,7 @@ public class SimpleECCApplet extends javacard.framework.Applet case INS_TESTEC_GENERATEINVALID_FP: TestEC_FP_GenerateInvalidCurve(apdu); break; - case INS_TESTEC_LASTUSEDPARAMS: + case INS_TESTEC_LASTUSEDPARAMS: TestECSupportInvalidCurve_lastUsedParams(apdu); break; /* @@ -195,264 +193,171 @@ public class SimpleECCApplet extends javacard.framework.Applet case INS_GENERATEKEY: GenerateKey(apdu); break; -*/ - default : +*/ + default: // The INS code is not supported by the dispatcher - ISOException.throwIt( ISO7816.SW_INS_NOT_SUPPORTED ) ; - break ; + ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); + break; } - } - else ISOException.throwIt( ISO7816.SW_CLA_NOT_SUPPORTED); + } else ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED); } - + short TestECSupport(byte keyClass, short keyLen, byte[] buffer, short bufferOffset) { short baseOffset = bufferOffset; - + short testFlags = FLAG_ECTEST_ALL; - ecKeyPair = null; ecPubKey = null; ecPrivKey = null; - - buffer[bufferOffset] = ECTEST_SEPARATOR; bufferOffset++; - buffer[bufferOffset] = keyClass; bufferOffset++; - Util.setShort(buffer, bufferOffset, keyLen); bufferOffset += 2; - + + buffer[bufferOffset] = ECTEST_SEPARATOR; + bufferOffset++; + buffer[bufferOffset] = keyClass; + bufferOffset++; + Util.setShort(buffer, bufferOffset, keyLen); + bufferOffset += 2; + + short sw; + // // 1. Allocate KeyPair object // - buffer[bufferOffset] = ECTEST_ALLOCATE_KEYPAIR; bufferOffset++; + buffer[bufferOffset] = ECTEST_ALLOCATE_KEYPAIR; + bufferOffset++; + sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ALLOCATE_KEYPAIR) != (short) 0) { - try { - ecKeyPair = new KeyPair(keyClass, keyLen); - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); bufferOffset += 2; - } - catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); bufferOffset += 2; - testFlags = 0; // Can't continue if keypair was not allocated - } - catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - testFlags = 0; // Can't continue if keypair was not allocated + sw = ecKeyGenerator.allocatePair(keyClass, keyLen); + + if (sw != ISO7816.SW_NO_ERROR) { + testFlags = 0; //keyPair allocation failed, cannot continue with tests } - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; - } + } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + // // 2. Test keypair generation without explicit curve (=> default curve preset) // buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_DEFCURVE; bufferOffset++; + sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE) != (short) 0) { - try { - ecKeyPair.genKeyPair(); - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - } - catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - } - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; + sw = ecKeyGenerator.generatePair(); } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; // // 3. Set valid custom curve // buffer[bufferOffset] = ECTEST_SET_VALIDCURVE; bufferOffset++; + sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_SET_VALIDCURVE) != (short) 0) { - try { - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); - // Some implementation wil not return valid pub key until ecKeyPair.genKeyPair() is called - // Other implementation will fail with exception if same is called => try catch - try { - if (ecPubKey == null) { - ecKeyPair.genKeyPair(); - } - } catch (Exception e) {} // do intentionally nothing - - // Initialize curve parameters - EC_Consts.setValidECKeyParams(ecPubKey, ecPrivKey, keyClass, keyLen, m_ramArray); - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; // Don't try generate keypair if valid custom curve was not set - } - catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; // Don't try generate keypair if valid custom curve was not set + sw = ecKeyGenerator.setCustomCurve(keyClass, keyLen, m_ramArray, (short) 0); + + if (sw != ISO7816.SW_NO_ERROR) { + testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; } - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; // // 4. Generate keypair with custom curve // buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; bufferOffset++; + sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE) != (short) 0) { - try { - ecKeyPair.genKeyPair(); - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - } catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - } - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; + sw = ecKeyGenerator.generatePair(); } - + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + // // 5. ECDH agreement with valid public key // buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_VALID_POINT; bufferOffset++; + sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT) != (short) 0) { - try { - // Generate fresh EC keypair - ecKeyPair.genKeyPair(); - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); - if (dhKeyAgreement == null) { - dhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); - } - dhKeyAgreement.init(ecPrivKey); - - short pubKeyLen = ecPubKey.getW(m_ramArray, (short) 0); - short secretLen = dhKeyAgreement.generateSecret(m_ramArray, (short) 0, pubKeyLen, m_ramArray2, (short) 0); - - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - } catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; + sw = ecKeyGenerator.generatePair(); + ecPubKey = ecKeyGenerator.getPublicKey(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); + if (sw == ISO7816.SW_NO_ERROR) { + sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1); } - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; } - + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + // // 6. ECDH agreement with invalid public key // buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_INVALID_POINT; bufferOffset++; + sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT) != (short) 0) { - try { - // Generate fresh EC keypair - ecKeyPair.genKeyPair(); - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); - dhKeyAgreement.init(ecPrivKey); - - short pubKeyLen = ecPubKey.getW(m_ramArray, (short) 0); - m_ramArray[(byte) 10] = (byte) 0xcc; // Corrupt public key - m_ramArray[(byte) 11] = (byte) 0xcc; - short secretLen = dhKeyAgreement.generateSecret(m_ramArray, (short) 0, pubKeyLen, m_ramArray2, (short) 0); - - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - } catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; + sw = ecKeyGenerator.generatePair(); + ecPubKey = ecKeyGenerator.getPublicKey(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); + if (sw == ISO7816.SW_NO_ERROR) { + sw = ecKeyTester.testECDH_invalidPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1); } - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; } - + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + // // 7. Set invalid custom curve // buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE; bufferOffset++; + sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_SET_INVALIDCURVE) != (short) 0) { - try { - // Initialize curve parameters - EC_Consts.setInValidECKeyParams(ecPubKey, ecPrivKey, keyClass, keyLen, m_ramArray); - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; // Don't try generate keypair if invalid custom curve was not set - } catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; // Don't try generate keypair if invalid custom curve was not set + sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_B, EC_Consts.CORRUPTION_FIXED, m_ramArray, (short) 0); + + if (sw != ISO7816.SW_NO_ERROR) { + testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; } - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; } - + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + // // 8. Generate keypair with invalid custom curve // buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; bufferOffset++; + sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE) != (short) 0) { - try { - ecKeyPair.genKeyPair(); - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - } catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - } - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; + sw = ecKeyGenerator.generatePair(); } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; return (short) (bufferOffset - baseOffset); } - + void TestEC_SupportGivenLength(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); short len = apdu.setIncomingAndReceive(); short dataOffset = ISO7816.OFFSET_CDATA; - byte algType = apdubuf[dataOffset]; dataOffset++; + byte algType = apdubuf[dataOffset]; + dataOffset++; short keyLength = Util.getShort(apdubuf, dataOffset); dataOffset += 2; dataOffset = 0; dataOffset += TestECSupport(algType, keyLength, apdubuf, dataOffset); - + apdu.setOutgoingAndSend((short) 0, dataOffset); } - + void TestEC_FP_SupportAllLengths(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); short len = apdu.setIncomingAndReceive(); @@ -468,7 +373,8 @@ public class SimpleECCApplet extends javacard.framework.Applet dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 521, apdubuf, dataOffset); apdu.setOutgoingAndSend((short) 0, dataOffset); - } + } + void TestEC_F2M_SupportAllLengths(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); short len = apdu.setIncomingAndReceive(); @@ -479,10 +385,10 @@ public class SimpleECCApplet extends javacard.framework.Applet dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 131, apdubuf, dataOffset); dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 163, apdubuf, dataOffset); dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 193, apdubuf, dataOffset); - + apdu.setOutgoingAndSend((short) 0, dataOffset); } - + void TestEC_FP_GenerateInvalidCurve(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); short len = apdu.setIncomingAndReceive(); @@ -494,7 +400,7 @@ public class SimpleECCApplet extends javacard.framework.Applet offset += 2; byte bRewindOnSuccess = apdubuf[offset]; offset++; - + short dataOffset = 0; // FP @@ -502,13 +408,12 @@ public class SimpleECCApplet extends javacard.framework.Applet apdu.setOutgoingAndSend((short) 0, dataOffset); } - + short TestECSupportInvalidCurve(byte keyClass, short keyLen, byte[] buffer, short bufferOffset, short repeats, short corruptionType, byte bRewindOnSuccess) { short baseOffset = bufferOffset; short testFlags = FLAG_ECTEST_ALL; - ecKeyPair = null; ecPubKey = null; ecPrivKey = null; @@ -518,53 +423,38 @@ public class SimpleECCApplet extends javacard.framework.Applet bufferOffset++; Util.setShort(buffer, bufferOffset, keyLen); bufferOffset += 2; - + short numExecutionsOffset = bufferOffset; // num executions to be stored later bufferOffset += 2; + short sw; + // // 1. Allocate KeyPair object // buffer[bufferOffset] = ECTEST_ALLOCATE_KEYPAIR; bufferOffset++; + sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ALLOCATE_KEYPAIR) != (short) 0) { - try { - ecKeyPair = new KeyPair(keyClass, keyLen); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - // Some implementation wil not return valid pub key until ecKeyPair.genKeyPair() is called - // Other implementation will fail with exception if same is called => try catch - try { - if (ecPubKey == null) { - ecKeyPair.genKeyPair(); - } - } catch (Exception e) { - } // do intentionally nothing - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - testFlags = 0; // Can't continue if keypair was not allocated - } catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - testFlags = 0; // Can't continue if keypair was not allocated + sw = ecKeyGenerator.allocatePair(keyClass, keyLen); + if (sw == ISO7816.SW_NO_ERROR) { + ecPrivKey = ecKeyGenerator.getPrivateKey(); + ecPubKey = ecKeyGenerator.getPublicKey(); + } else { + testFlags = 0; } - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; // // 2. Set invalid custom curve (many times) // - EC_Consts.m_random = randomData; - EC_Consts.setValidECKeyParams(ecPubKey, ecPrivKey, keyClass, keyLen, m_ramArray); + sw = ecKeyGenerator.setCustomCurve(keyClass, keyLen, m_ramArray, (short) 0); + ecPrivKey = ecKeyGenerator.getPrivateKey(); + ecPubKey = ecKeyGenerator.getPublicKey(); + - m_lenB = ecPubKey.getB(m_ramArray, (short) 0); // store valid B - Util.arrayCopyNonAtomic(m_ramArray, (short) 0, m_ramArray2, (short) 0, m_lenB); // also in m_ramArray2 - short startOffset = bufferOffset; short i; for (i = 0; i < repeats; i++) { @@ -572,41 +462,27 @@ public class SimpleECCApplet extends javacard.framework.Applet if (bRewindOnSuccess == 1) { // if nothing unexpected happened, rewind bufferOffset back again bufferOffset = startOffset; - } - - // Store valid curve B param - ecPubKey.getB(m_ramArray, (short) 0); // store valid B - Util.arrayCopyNonAtomic(m_ramArray, (short) 0, m_ramArray2, (short) 0, m_lenB); // also in m_ramArray2 + } // set invalid curve buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE; bufferOffset++; - + // Supported types of invalid curve: - // 1. Completely random B - // 2. Valid B but with one random byte randomly changed - // 3. Valid B but with last byte incremented - switch (corruptionType) { - case CORRUPT_B_FULLRANDOM: - randomData.generateData(m_ramArray2, (short) 0, m_lenB); - break; - case CORRUPT_B_ONEBYTERANDOM: - // Copy valid B into m_ramArray2 - Util.arrayCopyNonAtomic(m_ramArray, (short) 0, m_ramArray2, (short) 0, m_lenB); - // Generate random position and one random byte for subsequent change - // Note - we are using same array m_ramArray2, but in area unsued by stored B - randomData.generateData(m_ramArray2, m_lenB, (short) 2); - - short rngPos = m_ramArray2[m_lenB]; // random position (within B) - if (rngPos < 0) { rngPos = (short) -rngPos; } // make it positive - rngPos %= m_lenB; - m_ramArray2[rngPos] = m_ramArray2[(short) (m_lenB + 1)]; // set random byte on random position - // Make sure its not the valid byte again - if (m_ramArray[rngPos] == m_ramArray2[rngPos]) { - m_ramArray2[rngPos] += 1; // if yes, just increment - } - - break; + // CORRUPTION_NONE = 0x01, valid parameter + // CORRUPTION_FIXED = 0x02, first and last byte changed to a fixed value + // CORRUPTION_FULLRANDOM = 0x03, completely random parameter data + // CORRUPTION_ONEBYTERANDOM = 0x04, one random byte randomly changed + // CORRUPTION_ZERO = 0x05, parameter competely zero + // CORRUPTION_ONE = 0x06, parameter completely one + sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyClass, ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_B, corruptionType, m_ramArray, (short) 0); + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + if (sw != ISO7816.SW_NO_ERROR) { + // if we reach this line, we are interested in value of B that caused incorrect response + break; // stop execution, return B + } + /* //TODO implement CORRUPT_B_LASTBYTEINCREMENT somehow case CORRUPT_B_LASTBYTEINCREMENT: m_ramArray2[(short) (m_lenB - 1)] += 1; // Make sure its not the valid byte again @@ -614,101 +490,54 @@ public class SimpleECCApplet extends javacard.framework.Applet m_ramArray2[(short) (m_lenB - 1)] += 1; // if yes, increment once more } break; - default: - ISOException.throwIt(SW_INVALID_CORRUPTION_TYPE); - break; - } - - - // Set corrupted B parameter - try { - ecPubKey.setB(m_ramArray2, (short) 0, m_lenB); - ecPrivKey.setB(m_ramArray2, (short) 0, m_lenB); - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); // ok if setB itself will not emit exception - bufferOffset += 2; - }catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - // if we reach this line, we are interested in value of B that caused incorrect response - break; // stop execution, return B - }catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - // if we reach this line, we are interested in value of B that caused incorrect response - break; // stop execution, return B } + */ // Gen key pair with invalid curve - try { - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; - bufferOffset++; - // Should fail - ecKeyPair.genKeyPair(); + + buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; + bufferOffset++; + // Should fail + sw = ecKeyGenerator.generatePair(); + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + + if (sw == ISO7816.SW_NO_ERROR) { // If this line is reached, we generated key pair - what should not happen - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - - // if we reach this line, we are interested in value of B - try { - buffer[bufferOffset] = ECTEST_DH_GENERATESECRET; - bufferOffset++; - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); - if (dhKeyAgreement == null) { - dhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); - } - dhKeyAgreement.init(ecPrivKey); - short lenW = ecPubKey.getW(m_ramArray2, (short) 0); // store valid B - dhKeyAgreement.generateSecret(m_ramArray2, (short) 0, lenW, m_ramArray, (short) 0); - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - } catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - } - - break; // stop execution, return B - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - } catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); + buffer[bufferOffset] = ECTEST_DH_GENERATESECRET; + bufferOffset++; + + ecPrivKey = ecKeyGenerator.getPrivateKey(); + ecPubKey = ecKeyGenerator.getPublicKey(); + + sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); + Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; + break; //stop execution, return B } - - // + // Generate keypair with valid curve - to check that whole engine is not somehow blocked // after previous attempt with invalid curve // // set valid curve buffer[bufferOffset] = ECTEST_SET_VALIDCURVE; bufferOffset++; - EC_Consts.setValidECKeyParams(ecPubKey, ecPrivKey, keyClass, keyLen, m_ramArray); - - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); + sw = ecKeyGenerator.setCustomCurve(keyClass, keyLen, m_ramArray, (short) 0); + + Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; // Gen key pair with valid curve - try { - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; - bufferOffset++; - // Should succeed - ecKeyPair.genKeyPair(); - // If this line is reached, we generated valid key pair (expected) - Util.setShort(buffer, bufferOffset, ISO7816.SW_NO_ERROR); - bufferOffset += 2; - } catch (CryptoException e) { - Util.setShort(buffer, bufferOffset, e.getReason()); - bufferOffset += 2; - // if we reach this line, we are interested in value of B that caused incorrect response - break; // stop execution, return B - } catch (Exception e) { - Util.setShort(buffer, bufferOffset, ISO7816.SW_UNKNOWN); - bufferOffset += 2; - // if we reach this line, we are interested in value of B that caused incorrect response - break; // stop execution, return B + buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; + bufferOffset++; + + sw = ecKeyGenerator.generatePair(); + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + if (sw != ISO7816.SW_NO_ERROR) { + break; } - + // If we reach this line => everything was as expected // Rewind offset in array back (no storage of info about expected runs) // bufferOffset = startOffset; done at beginning @@ -717,76 +546,64 @@ public class SimpleECCApplet extends javacard.framework.Applet bufferOffset += 2; } } - + // Set number of executed repeats Util.setShort(buffer, numExecutionsOffset, i); - + return (short) (bufferOffset - baseOffset); } - + void TestECSupportInvalidCurve_lastUsedParams(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); apdu.setIncomingAndReceive(); - + short offset = 0; Util.arrayCopyNonAtomic(m_ramArray2, (short) 0, apdubuf, offset, m_lenB); offset += m_lenB; - + apdu.setOutgoingAndSend((short) 0, offset); } - - void AllocateKeyPairReturnDefCourve(APDU apdu) { + + void AllocateKeyPairReturnDefCurve(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); apdu.setIncomingAndReceive(); short bitLen = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); - // Note: all locations shoudl happen in constructor. But here it is intentional + // Note: all locations should happen in constructor. But here it is intentional // as we like to test for result of allocation - ecKeyPair = new KeyPair(KeyPair.ALG_EC_FP, bitLen); + ecKeyGenerator.allocatePair(KeyPair.ALG_EC_FP, bitLen); // If required, generate also new key pair if (apdubuf[ISO7816.OFFSET_P1] == (byte) 1) { - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); - // Some implementation wil not return valid pub key until ecKeyPair.genKeyPair() is called - // Other implementation will fail with exception if same is called => try catch - try { - if (ecPubKey == null) { - ecKeyPair.genKeyPair(); - } - } catch (Exception e) { - } // do nothing // If required, initialize curve parameters first if (apdubuf[ISO7816.OFFSET_P2] == (byte) 2) { - EC_Consts.setValidECKeyParams(ecPubKey, ecPrivKey, KeyPair.ALG_EC_FP, bitLen, m_ramArray); + ecKeyGenerator.setCustomCurve(KeyPair.ALG_EC_FP, bitLen, m_ramArray, (short) 0); } // Now generate new keypair with either default or custom curve - ecKeyPair.genKeyPair(); - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); + ecKeyGenerator.generatePair(); - short len = 0; + short len; short offset = 0; // Export curve public parameters offset += 2; // reserve space for length - len = ecPubKey.getField(apdubuf, offset); + len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_FP, apdubuf, offset); Util.setShort(apdubuf, (short) (offset - 2), len); offset += len; offset += 2; // reserve space for length - len = ecPubKey.getA(apdubuf, offset); + len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_A, apdubuf, offset); Util.setShort(apdubuf, (short) (offset - 2), len); offset += len; offset += 2; // reserve space for length - len = ecPubKey.getB(apdubuf, offset); + len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_B, apdubuf, offset); Util.setShort(apdubuf, (short) (offset - 2), len); offset += len; offset += 2; // reserve space for length - len = ecPubKey.getR(apdubuf, offset); + len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_R, apdubuf, offset); Util.setShort(apdubuf, (short) (offset - 2), len); offset += len; /* @@ -812,8 +629,8 @@ public class SimpleECCApplet extends javacard.framework.Applet } // Generate fresh EC keypair - ecKeyPair.genKeyPair(); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); + ecKeyGenerator.generatePair(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); if (dhKeyAgreement == null) { dhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); @@ -826,22 +643,6 @@ public class SimpleECCApplet extends javacard.framework.Applet apdu.setOutgoingAndSend((short) 0, secretLen); } - - - - - - - - - - - - - - - - /* void AllocateKeyPair(byte algorithm, short bitLen) { @@ -913,6 +714,6 @@ public class SimpleECCApplet extends javacard.framework.Applet apdu.setOutgoingAndSend((short) 0, offset); } -*/ +*/ } diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 0ea9ca3..5baf9a6 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -1,50 +1,53 @@ package simpleapdu; +import applets.EC_Consts; import applets.SimpleECCApplet; -import static applets.SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; -import static applets.SimpleECCApplet.ECTEST_SET_INVALIDCURVE; import javacard.framework.ISO7816; import javacard.security.CryptoException; import javacard.security.KeyPair; -import javax.smartcardio.ResponseAPDU; import org.bouncycastle.util.Arrays; +import javax.smartcardio.ResponseAPDU; + /** - * * @author Petr Svenda petr@svenda.com */ public class SimpleAPDU { static CardMngr cardManager = new CardMngr(); - private final static byte SELECT_ECTESTERAPPLET[] = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, - (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; + private final static byte SELECT_ECTESTERAPPLET[] = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, + (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; private static final byte TESTECSUPPORTALL_FP[] = {(byte) 0xB0, (byte) 0x5E, (byte) 0x00, (byte) 0x00, (byte) 0x00}; private static final byte TESTECSUPPORTALL_F2M[] = {(byte) 0xB0, (byte) 0x5F, (byte) 0x00, (byte) 0x00, (byte) 0x00}; private static final byte TESTECSUPPORT_GIVENALG[] = {(byte) 0xB0, (byte) 0x71, (byte) 0x00, (byte) 0x00, (byte) 0x03, (byte) 0x00, (byte) 0x00, (byte) 0x00}; private static final short TESTECSUPPORT_ALG_OFFSET = 5; private static final short TESTECSUPPORT_KEYLENGTH_OFFSET = 6; - + private static final byte TESTECSUPPORTALL_LASTUSEDPARAMS[] = {(byte) 0xB0, (byte) 0x40, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - + private static final byte TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB[] = {(byte) 0xB0, (byte) 0x70, (byte) 0x00, (byte) 0x00, (byte) 0x05, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00}; private static final short INVALIDCURVEB_NUMREPEATS_OFFSET = 5; private static final short INVALIDCURVEB_CORRUPTIONTYPE_OFFSET = 7; private static final short INVALIDCURVEB_REWINDONSUCCESS_OFFSET = 9; - + static short getShort(byte[] array, int offset) { - return (short) (((array[offset] & 0xFF) << 8) | (array[offset + 1] & 0xFF)); + return (short) (((array[offset] & 0xFF) << 8) | (array[offset + 1] & 0xFF)); } + static void setShort(byte[] array, int offset, short value) { array[offset + 1] = (byte) (value & 0xFF); array[offset] = (byte) ((value >> 8) & 0xFF); - } + } + static void testFPkeyGen_setNumRepeats(byte[] apduArray, short numRepeats) { setShort(apduArray, INVALIDCURVEB_NUMREPEATS_OFFSET, numRepeats); } + static void testFPkeyGen_setCorruptionType(byte[] apduArray, short corruptionType) { setShort(apduArray, INVALIDCURVEB_CORRUPTIONTYPE_OFFSET, corruptionType); } + static void testFPkeyGen_rewindOnSuccess(byte[] apduArray, boolean bRewind) { apduArray[INVALIDCURVEB_REWINDONSUCCESS_OFFSET] = bRewind ? (byte) 1 : (byte) 0; } @@ -57,16 +60,17 @@ public class SimpleAPDU { } return cardManager; } - + static void testSupportECGivenAlg(byte[] apdu, CardMngr cardManager) throws Exception { ReconnnectToCard(); ResponseAPDU resp = cardManager.sendAPDU(apdu); PrintECSupport(resp); } + static void testSupportECAll(CardMngr cardManager) throws Exception { byte[] testAPDU = Arrays.clone(TESTECSUPPORT_GIVENALG); - testAPDU[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_FP; + testAPDU[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_FP; setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 128); testSupportECGivenAlg(testAPDU, cardManager); setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 160); @@ -81,7 +85,7 @@ public class SimpleAPDU { testSupportECGivenAlg(testAPDU, cardManager); setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 521); testSupportECGivenAlg(testAPDU, cardManager); - + testAPDU[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_F2M; setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 113); testSupportECGivenAlg(testAPDU, cardManager); @@ -91,8 +95,9 @@ public class SimpleAPDU { testSupportECGivenAlg(testAPDU, cardManager); setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 193); testSupportECGivenAlg(testAPDU, cardManager); - + } + public static void main(String[] args) { try { // @@ -101,11 +106,11 @@ public class SimpleAPDU { if (cardManager.ConnectToCard()) { testSupportECAll(cardManager); - + // Test setting invalid parameter B of curve byte[] testAPDU = Arrays.clone(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB); //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_LASTBYTEINCREMENT); - testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_ONEBYTERANDOM); + testFPkeyGen_setCorruptionType(testAPDU, EC_Consts.CORRUPTION_ONEBYTERANDOM); //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_FULLRANDOM); testFPkeyGen_setNumRepeats(testAPDU, (short) 10); testFPkeyGen_rewindOnSuccess(testAPDU, true); @@ -124,7 +129,7 @@ public class SimpleAPDU { PrintECSupport(resp_fp); PrintECSupport(resp_f2m); */ - + cardManager.DisconnectFromCard(); } else { System.out.println("Failed to connect to card"); @@ -133,12 +138,11 @@ public class SimpleAPDU { System.out.println("Exception : " + ex); } } - + static String getPrintError(short code) { if (code == ISO7816.SW_NO_ERROR) { return "OK\t(0x9000)"; - } - else { + } else { String codeStr = "unknown"; if (code == CryptoException.ILLEGAL_VALUE) { codeStr = "ILLEGAL_VALUE"; @@ -165,22 +169,22 @@ public class SimpleAPDU { codeStr = "SW_INVALID_CORRUPTION_TYPE"; } return String.format("fail\t(%s,\t0x%4x)", codeStr, code); - } + } } - + enum ExpResult { SHOULD_SUCCEDD, MAY_FAIL, MUST_FAIL } + static int VerifyPrintResult(String message, byte expectedTag, byte[] buffer, int bufferOffset, ExpResult expRes) { if (bufferOffset >= buffer.length) { System.out.println(" No more data returned"); - } - else { + } else { if (buffer[bufferOffset] != expectedTag) { System.out.println(" ERROR: mismatched tag"); - assert(buffer[bufferOffset] == expectedTag); + assert (buffer[bufferOffset] == expectedTag); } bufferOffset++; short resCode = getShort(buffer, bufferOffset); @@ -195,13 +199,13 @@ public class SimpleAPDU { } if (bHiglight) { System.out.println(String.format("!! %-50s%s", message, getPrintError(resCode))); - } - else { + } else { System.out.println(String.format(" %-50s%s", message, getPrintError(resCode))); } } return bufferOffset; } + static void PrintECSupport(ResponseAPDU resp) { byte[] buffer = resp.getData(); @@ -209,7 +213,7 @@ public class SimpleAPDU { System.out.println("### Test for support and with valid and invalid EC curves"); int bufferOffset = 0; while (bufferOffset < buffer.length) { - assert(buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); + assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); bufferOffset++; String ecType = "unknown"; if (buffer[bufferOffset] == KeyPair.ALG_EC_FP) { @@ -232,10 +236,11 @@ public class SimpleAPDU { bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_INVALID_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); bufferOffset = VerifyPrintResult("Set invalid custom curve (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); - + System.out.println(); } } + static void PrintECKeyGenInvalidCurveB(ResponseAPDU resp) { byte[] buffer = resp.getData(); @@ -261,8 +266,8 @@ public class SimpleAPDU { short numRepeats = getShort(buffer, bufferOffset); bufferOffset += 2; System.out.println(String.format("%-53s%d times", "Executed repeats before unexpected error: ", numRepeats)); - - + + bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); while (bufferOffset < buffer.length) { bufferOffset = VerifyPrintResult("Set invalid custom curve:", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); @@ -277,7 +282,7 @@ public class SimpleAPDU { System.out.println(); } } - + static void PrintECKeyGenInvalidCurveB_lastUserParams(ResponseAPDU resp) { byte[] buffer = resp.getData(); short offset = 0; @@ -286,6 +291,6 @@ public class SimpleAPDU { System.out.print(String.format("%x ", buffer[offset])); offset++; } - - } + + } } -- cgit v1.2.3-70-g09d2 From 6a68401612f5e61f966def58ed60eaff52b6f7f6 Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 2 Nov 2016 00:21:42 +0100 Subject: EC_Consts: made parameters maskable ECKeyGenerator: since parameters are maskable, one can now setCustomInvalidCurve(curve, PARAMETER_A | PARAMETER_B,...) and the resulting curve will have both A and B invalid. --- src/applets/ECKeyGenerator.java | 27 ++++++++++++--------------- src/applets/ECKeyTester.java | 8 ++------ src/applets/EC_Consts.java | 20 ++++++++------------ src/applets/SimpleECCApplet.java | 23 ++++++++++++++--------- 4 files changed, 36 insertions(+), 42 deletions(-) diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java index c7155de..393c249 100644 --- a/src/applets/ECKeyGenerator.java +++ b/src/applets/ECKeyGenerator.java @@ -70,7 +70,7 @@ public class ECKeyGenerator { } if (sw != ISO7816.SW_NO_ERROR) return sw; - for (byte param = EC_Consts.PARAMETER_A; param < EC_Consts.PARAMETER_K; ++param) { + for (byte param = EC_Consts.PARAMETER_A; param <= EC_Consts.PARAMETER_K; param = (byte)(param << 1)) { length = EC_Consts.getCurveParameter(curve, param, buffer, offset); sw = setExternalParameter(KEY_BOTH, param, buffer, offset, length); if (sw != ISO7816.SW_NO_ERROR) break; @@ -86,8 +86,17 @@ public class ECKeyGenerator { short sw = setCustomCurve(curve, buffer, offset); if (sw != ISO7816.SW_NO_ERROR) return sw; - short length = EC_Consts.getCorruptCurveParameter(curve, param, buffer, offset, corruptionType); - sw = setExternalParameter(key, param, buffer, offset, length); + //go through param bit by bit, and invalidate all selected params + byte paramMask = 0x01; + while (paramMask <= EC_Consts.PARAMETER_K) { + byte masked = (byte)(paramMask & param); + if (masked != 0){ + short length = EC_Consts.getCorruptCurveParameter(curve, masked, buffer, offset, corruptionType); + sw = setExternalParameter(key, masked, buffer, offset, length); + if (sw != ISO7816.SW_NO_ERROR) return sw; + } + paramMask = (byte)(paramMask << 1); + } return sw; } @@ -139,12 +148,6 @@ public class ECKeyGenerator { if ((key & KEY_PUBLIC) != 0) ecPublicKey.setK(k); } break; - case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); - break; - case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); - break; default: result = ISO7816.SW_UNKNOWN; } @@ -189,12 +192,6 @@ public class ECKeyGenerator { if ((key & KEY_PRIVATE) != 0) Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK()); length = 2; break; - case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset); - break; default: length = -1; } diff --git a/src/applets/ECKeyTester.java b/src/applets/ECKeyTester.java index 757ece7..1031b06 100644 --- a/src/applets/ECKeyTester.java +++ b/src/applets/ECKeyTester.java @@ -13,10 +13,6 @@ public class ECKeyTester { private KeyAgreement ecdhcKeyAgreement = null; private Signature ecdsaSignature = null; - //TODO: move these SW definitions to the main applet class. - public final static short SW_SIG_LENGTH_MISMATCH = (short) 0xee4; - public final static short SW_SIG_VERIFY_FAIL = (short) 0xee5; - public short allocateECDH() { short result = ISO7816.SW_NO_ERROR; try { @@ -150,12 +146,12 @@ public class ECKeyTester { short sigLength = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset); if (sigLength != 20) { // per javacard.security.Signature an ALG_ECDSA_SHA should be 20 bytes. - result = ECKeyTester.SW_SIG_LENGTH_MISMATCH; + result = SimpleECCApplet.SW_SIG_LENGTH_MISMATCH; } else { ecdsaSignature.init(verifyKey, Signature.MODE_VERIFY); boolean correct = ecdsaSignature.verify(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset, sigLength); if (!correct) { - result = ECKeyTester.SW_SIG_VERIFY_FAIL; + result = SimpleECCApplet.SW_SIG_VERIFY_FAIL; } } } catch (CryptoException ce) { diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index 7521979..8bfa7ff 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -17,18 +17,14 @@ public class EC_Consts { private static byte[] EC_F2M_F2M = null; //[short ii, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 - public static final byte PARAMETER_FP = 1; - public static final byte PARAMETER_F2M = 2; - - public static final byte PARAMETER_A = 3; - public static final byte PARAMETER_B = 4; - public static final byte PARAMETER_G = 5; - public static final byte PARAMETER_R = 6; - public static final byte PARAMETER_K = 7; - - //TODO make params maskable, to allow for PARAMETER_A | PARAMETER_B passed to for example ECKeyGenerator.setInvalidCustomCurve - public static final byte PARAMETER_S = 8; //private key - public static final byte PARAMETER_W = 9; //public key + public static final byte PARAMETER_FP = 0x01; + public static final byte PARAMETER_F2M = 0x02; + + public static final byte PARAMETER_A = 0x04; + public static final byte PARAMETER_B = 0x08; + public static final byte PARAMETER_G = 0x10; + public static final byte PARAMETER_R = 0x20; + public static final byte PARAMETER_K = 0x40; public static RandomData m_random = null; diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 79abd0e..683e61d 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -7,24 +7,24 @@ package applets; import javacard.framework.*; import javacard.security.*; -import javax.print.attribute.standard.MediaSize; public class SimpleECCApplet extends javacard.framework.Applet { + // MAIN INSTRUCTION CLASS - final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; + final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; // INSTRUCTIONS - final static byte INS_GENERATEKEY = (byte) 0x5a; - final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; + final static byte INS_GENERATEKEY = (byte) 0x5a; + final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; - final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; - final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; + final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; + final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; - final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; - final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; + final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; + final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; final static byte INS_TESTEC_GENERATEINVALID_FP = (byte) 0x70; final static byte INS_TESTECSUPPORT_GIVENALG = (byte) 0x71; - final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; + final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; final static short ARRAY_LENGTH = (short) 0xff; @@ -61,6 +61,8 @@ public class SimpleECCApplet extends javacard.framework.Applet { public final static short SW_SKIPPED = (short) 0x0ee1; public final static short SW_KEYPAIR_GENERATED_INVALID = (short) 0x0ee2; public final static short SW_INVALID_CORRUPTION_TYPE = (short) 0x0ee3; + public final static short SW_SIG_LENGTH_MISMATCH = (short) 0xee4; + public final static short SW_SIG_VERIFY_FAIL = (short) 0xee5; /* public static final byte[] EC192_FP_PUBLICW = new byte[]{ (byte) 0x04, (byte) 0xC9, (byte) 0xC0, (byte) 0xED, (byte) 0xFB, (byte) 0x27, @@ -454,6 +456,7 @@ public class SimpleECCApplet extends javacard.framework.Applet { ecPrivKey = ecKeyGenerator.getPrivateKey(); ecPubKey = ecKeyGenerator.getPublicKey(); + m_lenB = ecPubKey.getB(m_ramArray2, (short) 0); //store valid B short startOffset = bufferOffset; short i; @@ -511,6 +514,7 @@ public class SimpleECCApplet extends javacard.framework.Applet { ecPubKey = ecKeyGenerator.getPublicKey(); sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); + m_lenB = ecPubKey.getB(m_ramArray2, (short) 0); //store B Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; break; //stop execution, return B @@ -553,6 +557,7 @@ public class SimpleECCApplet extends javacard.framework.Applet { return (short) (bufferOffset - baseOffset); } + //TODO: generalize invalid B setting to all curve params void TestECSupportInvalidCurve_lastUsedParams(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); apdu.setIncomingAndReceive(); -- cgit v1.2.3-70-g09d2 From c2be46f5881a3a8e63c0815de28f0516ceeb7bcc Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 2 Nov 2016 21:05:56 +0100 Subject: Implemented External curve setting on applet side SimpleECCApplet: added TestEC_SupportExternal which receives an FP or F2M elliptic curve parameters in an APDU, sets it and tries ECDH, ECDSA. ECKeyGenerator: added setExternalCurve, which reads and sets external parameters from one buffer, with data order: field | a | b | g | r | k --- src/applets/ECKeyGenerator.java | 33 ++++++++ src/applets/SimpleECCApplet.java | 169 +++++++++++++++++++++++++++++++++++++-- src/simpleapdu/SimpleAPDU.java | 6 ++ 3 files changed, 200 insertions(+), 8 deletions(-) diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java index 393c249..28b3ed3 100644 --- a/src/applets/ECKeyGenerator.java +++ b/src/applets/ECKeyGenerator.java @@ -70,6 +70,7 @@ public class ECKeyGenerator { } if (sw != ISO7816.SW_NO_ERROR) return sw; + //go through all params for (byte param = EC_Consts.PARAMETER_A; param <= EC_Consts.PARAMETER_K; param = (byte)(param << 1)) { length = EC_Consts.getCurveParameter(curve, param, buffer, offset); sw = setExternalParameter(KEY_BOTH, param, buffer, offset, length); @@ -159,6 +160,38 @@ public class ECKeyGenerator { return result; } + public short setExternalCurve(byte key, byte keyClass, byte[] buffer, short offset, short fieldLength, short aLength, short bLength, short gxLength, short gyLength, short rLength){ + short sw = ISO7816.SW_NO_ERROR; + if (keyClass == KeyPair.ALG_EC_FP) { + sw = setExternalParameter(key, EC_Consts.PARAMETER_FP, buffer, offset, fieldLength); + } else if (keyClass == KeyPair.ALG_EC_F2M) { + sw = setExternalParameter(key, EC_Consts.PARAMETER_F2M, buffer, offset, fieldLength); + } + if (sw != ISO7816.SW_NO_ERROR) return sw; + + offset += fieldLength; + + //go through all params + sw = setExternalParameter(key, EC_Consts.PARAMETER_A, buffer, offset, aLength); + if (sw != ISO7816.SW_NO_ERROR) return sw; + offset += aLength; + sw = setExternalParameter(key, EC_Consts.PARAMETER_B, buffer, offset, bLength); + if (sw != ISO7816.SW_NO_ERROR) return sw; + offset += bLength; + + sw = setExternalParameter(key, EC_Consts.PARAMETER_G, buffer, offset, (short) (gxLength + gyLength)); + if (sw != ISO7816.SW_NO_ERROR) return sw; + offset += gxLength + gyLength; + + + sw = setExternalParameter(key, EC_Consts.PARAMETER_R, buffer, offset, aLength); + if (sw != ISO7816.SW_NO_ERROR) return sw; + offset += rLength; + + sw = setExternalParameter(key, EC_Consts.PARAMETER_K, buffer, offset, (short) 2); + return sw; + } + public short exportParameter(byte key, short param, byte[] outputBuffer, short outputOffset) { if (key == KEY_BOTH) { return -1; diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 683e61d..3b5b514 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -11,20 +11,21 @@ import javacard.security.*; public class SimpleECCApplet extends javacard.framework.Applet { // MAIN INSTRUCTION CLASS - final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; + final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; // INSTRUCTIONS - final static byte INS_GENERATEKEY = (byte) 0x5a; - final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; + final static byte INS_GENERATEKEY = (byte) 0x5a; + final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; - final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; - final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; + final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; + final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; - final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; - final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; + final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; + final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; final static byte INS_TESTEC_GENERATEINVALID_FP = (byte) 0x70; final static byte INS_TESTECSUPPORT_GIVENALG = (byte) 0x71; - final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; + final static byte INS_TESTECSUPPORT_EXTERNAL = (byte) 0x72; + final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; final static short ARRAY_LENGTH = (short) 0xff; @@ -45,6 +46,9 @@ public class SimpleECCApplet extends javacard.framework.Applet { public final static byte ECTEST_ECDH_AGREEMENT_INVALID_POINT = (byte) 0xc8; public final static byte ECTEST_EXECUTED_REPEATS = (byte) 0xc9; public final static byte ECTEST_DH_GENERATESECRET = (byte) 0xca; + public final static byte ECTEST_SET_EXTERNALCURVE = (byte) 0xcb; + public final static byte ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE = (byte) 0xcc; + public final static byte ECTEST_ECDSA_SIGNATURE = (byte) 0xcd; public final static short FLAG_ECTEST_ALLOCATE_KEYPAIR = (short) 0x0001; public final static short FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE = (short) 0x0002; @@ -188,6 +192,9 @@ public class SimpleECCApplet extends javacard.framework.Applet { case INS_TESTEC_LASTUSEDPARAMS: TestECSupportInvalidCurve_lastUsedParams(apdu); break; + case INS_TESTECSUPPORT_EXTERNAL: + TestEC_SupportExternal(apdu); + break; /* case INS_ALLOCATEKEYPAIRS: AllocateKeyPairs(apdu); @@ -391,6 +398,152 @@ public class SimpleECCApplet extends javacard.framework.Applet { apdu.setOutgoingAndSend((short) 0, dataOffset); } + short TestECSupportExternalCurve(byte keyClass, short keyLength, byte[] buffer, short bufferOffset, short outputOffset) { + short startOffset = outputOffset; + + short fieldLength = Util.getShort(buffer, bufferOffset); + bufferOffset += 2; + short aLength = Util.getShort(buffer, bufferOffset); + bufferOffset += 2; + short bLength = Util.getShort(buffer, bufferOffset); + bufferOffset += 2; + short gxLength = Util.getShort(buffer, bufferOffset); + bufferOffset += 2; + short gyLength = Util.getShort(buffer, bufferOffset); + bufferOffset += 2; + short rLength = Util.getShort(buffer, bufferOffset); + bufferOffset += 2; + + buffer[outputOffset] = ECTEST_SEPARATOR; + outputOffset++; + + // allocatePair + buffer[outputOffset] = ECTEST_ALLOCATE_KEYPAIR; + outputOffset++; + short sw = ecKeyGenerator.allocatePair(keyClass, keyLength); + Util.setShort(buffer, outputOffset, sw); + outputOffset += 2; + if (sw != ISO7816.SW_NO_ERROR) { + return (short) (outputOffset - startOffset); + } + + // setExternalParam -> forall in {field, a, b, g, r, k} + buffer[outputOffset] = ECTEST_SET_EXTERNALCURVE; + outputOffset++; + sw = ecKeyGenerator.setExternalCurve(ECKeyGenerator.KEY_BOTH, keyClass, buffer, bufferOffset, fieldLength, aLength, bLength, gxLength, gyLength, rLength); + Util.setShort(buffer, outputOffset, sw); + outputOffset += 2; + if (sw != ISO7816.SW_NO_ERROR) { + return (short) (outputOffset - startOffset); + } + + // generatePair + buffer[outputOffset] = ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE; + outputOffset++; + sw = ecKeyGenerator.generatePair(); + Util.setShort(buffer, outputOffset, sw); + outputOffset += 2; + if (sw != ISO7816.SW_NO_ERROR) { + return (short) (outputOffset - startOffset); + } + + ecPubKey = ecKeyGenerator.getPublicKey(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); + + // test_ECDH + buffer[outputOffset] = ECTEST_ECDH_AGREEMENT_VALID_POINT; + outputOffset++; + sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); + Util.setShort(buffer, outputOffset, sw); + outputOffset += 2; + if (sw != ISO7816.SW_NO_ERROR) { + return (short) (outputOffset - startOffset); + } + + // test_ECDH invalid + buffer[outputOffset] = ECTEST_ECDH_AGREEMENT_INVALID_POINT; + outputOffset++; + sw = ecKeyTester.testECDH_invalidPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); + Util.setShort(buffer, outputOffset, sw); + outputOffset += 2; + if (sw != ISO7816.SW_NO_ERROR) { + return (short) (outputOffset - startOffset); + } + + // test_ECDSA + buffer[outputOffset] = ECTEST_ECDSA_SIGNATURE; + outputOffset++; + randomData.generateData(m_ramArray, (short) 0, (short) (ARRAY_LENGTH / 2)); + sw = ecKeyTester.testECDSA(ecPrivKey, ecPubKey, m_ramArray, (short) 0, (short) (ARRAY_LENGTH / 2), m_ramArray2, (short) 0); + Util.setShort(buffer, outputOffset, sw); + outputOffset += 2; + if (sw != ISO7816.SW_NO_ERROR) { + return (short) (outputOffset - startOffset); + } + + return (short) (outputOffset - startOffset); + } + + /** + * Receives an FP or F2M elliptic curve parameters in the APDU. + * Then allocates a new keypair, sets said curve and tries ECDH, ECDSA. + * APDU format: + * byte CLA = CLA_SIMPLEECCAPPLET + * byte INS = INS_TESTECSUPPORT_EXTERNAL + * byte P0 + * byte P1 + *

+ * CDATA: + * byte keyClass -> KeyPair.ALG_EC_FP or KeyPair.ALG_EC_F2\M + * short keyLength + * short fieldLength + * short aLength + * short bLength + * short gxLength + * short gyLength + * short rLength + * field -> FP: prime / F2M: three or one short representing the reduction polynomial + * a + * b + * gx + * gy + * r + * short k + *

+ * Response APDU format: + * CDATA: + * byte ECTEST_SEPARATOR + * byte ECTEST_ALLOCATE_KEYPAIR + * short sw + * byte ECTEST_SET_EXTERNALCURVE + * short sw + * byte ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE + * short sw + * byte ECTEST_ECDH_AGREEMENT_VALID_POINT + * short sw + * byte ECTEST_ECDH_AGREEMENT_INVALID_POINT + * short sw + * byte ECTEST_ECDSA_SIGNATURE + * short sw + * + * @param apdu + */ + void TestEC_SupportExternal(APDU apdu) { + byte[] apdubuf = apdu.getBuffer(); + short len = apdu.setIncomingAndReceive(); + + short offset = ISO7816.OFFSET_CDATA; + byte keyClass = apdubuf[offset]; + ++offset; + short keyLength = Util.getShort(apdubuf, offset); + offset += 2; + + short dataLength = TestECSupportExternalCurve(keyClass, keyLength, apdubuf, offset, (short) 0); + + apdu.setOutgoingAndSend((short) 0, dataLength); + } + + void TestEC_FP_GenerateInvalidCurve(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); short len = apdu.setIncomingAndReceive(); diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 5baf9a6..7401509 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -168,6 +168,12 @@ public class SimpleAPDU { if (code == SimpleECCApplet.SW_INVALID_CORRUPTION_TYPE) { codeStr = "SW_INVALID_CORRUPTION_TYPE"; } + if (code == SimpleECCApplet.SW_SIG_LENGTH_MISMATCH) { + codeStr = "SW_SIG_LENGTH_MISMATCH"; + } + if (code == SimpleECCApplet.SW_SIG_VERIFY_FAIL) { + codeStr = "SW_SIG_VERIFY_FAIL"; + } return String.format("fail\t(%s,\t0x%4x)", codeStr, code); } } -- cgit v1.2.3-70-g09d2 From 6266c0f990d1df45d5a7d4065ecc9887219ebf75 Mon Sep 17 00:00:00 2001 From: J08nY Date: Fri, 4 Nov 2016 00:21:45 +0100 Subject: EC_Consts: added sect233r1, sect283r1, sect409r1, sect571r1 --- src/applets/EC_Consts.java | 398 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 396 insertions(+), 2 deletions(-) diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index 8bfa7ff..e39570a 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -500,7 +500,9 @@ public class EC_Consts { //sect163r1 from http://www.secg.org/sec2-v2.pdf // [short i1, short i2, short i3] f = x^163 + x^i1 + x^i2 + x^i3 + 1 public static final byte[] EC163_F2M_F = new byte[]{ - (byte) 0, (byte) 7, (byte) 0, (byte) 6, (byte) 0, (byte) 3 + (byte) 0x00, (byte) 0x07, + (byte) 0x00, (byte) 0x06, + (byte) 0x00, (byte) 0x03 }; public static final byte[] EC163_F2M_A = new byte[]{ @@ -554,6 +556,358 @@ public class EC_Consts { // cofactor of G public static final short EC163_F2M_K = 2; + //sect233r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^233 + x^i1 + 1 + public static final byte[] EC233_F2M_F = new byte[]{ + (byte) 0x00, (byte) 0x4a + }; + + public static final byte[] EC233_F2M_A = new byte[]{ + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x01 + }; + + public static final byte[] EC233_F2M_B = new byte[]{ + (byte) 0x00, (byte) 0x66, (byte) 0x64, (byte) 0x7E, + (byte) 0xDE, (byte) 0x6C, (byte) 0x33, (byte) 0x2C, + (byte) 0x7F, (byte) 0x8C, (byte) 0x09, (byte) 0x23, + (byte) 0xBB, (byte) 0x58, (byte) 0x21, (byte) 0x3B, + (byte) 0x33, (byte) 0x3B, (byte) 0x20, (byte) 0xE9, + (byte) 0xCE, (byte) 0x42, (byte) 0x81, (byte) 0xFE, + (byte) 0x11, (byte) 0x5F, (byte) 0x7D, (byte) 0x8F, + (byte) 0x90, (byte) 0xAD + }; + + // G in compressed form / first part of ucompressed + public static final byte[] EC233_F2M_G_X = new byte[]{ + (byte) 0x00, (byte) 0xFA, (byte) 0xC9, (byte) 0xDF, + (byte) 0xCB, (byte) 0xAC, (byte) 0x83, (byte) 0x13, + (byte) 0xBB, (byte) 0x21, (byte) 0x39, (byte) 0xF1, + (byte) 0xBB, (byte) 0x75, (byte) 0x5F, (byte) 0xEF, + (byte) 0x65, (byte) 0xBC, (byte) 0x39, (byte) 0x1F, + (byte) 0x8B, (byte) 0x36, (byte) 0xF8, (byte) 0xF8, + (byte) 0xEB, (byte) 0x73, (byte) 0x71, (byte) 0xFD, + (byte) 0x55, (byte) 0x8B + }; + + // second part of G uncompressed + public static final byte[] EC233_F2M_G_Y = new byte[]{ + (byte) 0x01, (byte) 0x00, (byte) 0x6A, (byte) 0x08, + (byte) 0xA4, (byte) 0x19, (byte) 0x03, (byte) 0x35, + (byte) 0x06, (byte) 0x78, (byte) 0xE5, (byte) 0x85, + (byte) 0x28, (byte) 0xBE, (byte) 0xBF, (byte) 0x8A, + (byte) 0x0B, (byte) 0xEF, (byte) 0xF8, (byte) 0x67, + (byte) 0xA7, (byte) 0xCA, (byte) 0x36, (byte) 0x71, + (byte) 0x6F, (byte) 0x7E, (byte) 0x01, (byte) 0xF8, + (byte) 0x10, (byte) 0x52 + }; + + // order of G + public static final byte[] EC233_F2M_R = new byte[]{ + (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x13, + (byte) 0xE9, (byte) 0x74, (byte) 0xE7, (byte) 0x2F, + (byte) 0x8A, (byte) 0x69, (byte) 0x22, (byte) 0x03, + (byte) 0x1D, (byte) 0x26, (byte) 0x03, (byte) 0xCF, + (byte) 0xE0, (byte) 0xD7 + }; + + // cofactor of G + public static final short EC233_F2M_K = 2; + + //sect283r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^283 + x^i1 + x^i2 + x^i3 + 1 + public static final byte[] EC283_F2M_F = new byte[]{ + (byte) 0x00, (byte) 0x0c, + (byte) 0x00, (byte) 0x07, + (byte) 0x00, (byte) 0x05 + }; + + public static final byte[] EC283_F2M_A = new byte[]{ + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 + }; + + public static final byte[] EC283_F2M_B = new byte[]{ + (byte) 0x02, (byte) 0x7B, (byte) 0x68, (byte) 0x0A, + (byte) 0xC8, (byte) 0xB8, (byte) 0x59, (byte) 0x6D, + (byte) 0xA5, (byte) 0xA4, (byte) 0xAF, (byte) 0x8A, + (byte) 0x19, (byte) 0xA0, (byte) 0x30, (byte) 0x3F, + (byte) 0xCA, (byte) 0x97, (byte) 0xFD, (byte) 0x76, + (byte) 0x45, (byte) 0x30, (byte) 0x9F, (byte) 0xA2, + (byte) 0xA5, (byte) 0x81, (byte) 0x48, (byte) 0x5A, + (byte) 0xF6, (byte) 0x26, (byte) 0x3E, (byte) 0x31, + (byte) 0x3B, (byte) 0x79, (byte) 0xA2, (byte) 0xF5 + }; + + // G in compressed form / first part of ucompressed + public static final byte[] EC283_F2M_G_X = new byte[]{ + (byte) 0x05, (byte) 0xF9, (byte) 0x39, (byte) 0x25, + (byte) 0x8D, (byte) 0xB7, (byte) 0xDD, (byte) 0x90, + (byte) 0xE1, (byte) 0x93, (byte) 0x4F, (byte) 0x8C, + (byte) 0x70, (byte) 0xB0, (byte) 0xDF, (byte) 0xEC, + (byte) 0x2E, (byte) 0xED, (byte) 0x25, (byte) 0xB8, + (byte) 0x55, (byte) 0x7E, (byte) 0xAC, (byte) 0x9C, + (byte) 0x80, (byte) 0xE2, (byte) 0xE1, (byte) 0x98, + (byte) 0xF8, (byte) 0xCD, (byte) 0xBE, (byte) 0xCD, + (byte) 0x86, (byte) 0xB1, (byte) 0x20, (byte) 0x53 + }; + + // second part of G uncompressed + public static final byte[] EC283_F2M_G_Y = new byte[]{ + (byte) 0x03, (byte) 0x67, (byte) 0x68, (byte) 0x54, + (byte) 0xFE, (byte) 0x24, (byte) 0x14, (byte) 0x1C, + (byte) 0xB9, (byte) 0x8F, (byte) 0xE6, (byte) 0xD4, + (byte) 0xB2, (byte) 0x0D, (byte) 0x02, (byte) 0xB4, + (byte) 0x51, (byte) 0x6F, (byte) 0xF7, (byte) 0x02, + (byte) 0x35, (byte) 0x0E, (byte) 0xDD, (byte) 0xB0, + (byte) 0x82, (byte) 0x67, (byte) 0x79, (byte) 0xC8, + (byte) 0x13, (byte) 0xF0, (byte) 0xDF, (byte) 0x45, + (byte) 0xBE, (byte) 0x81, (byte) 0x12, (byte) 0xF4 + }; + + // order of G + public static final byte[] EC283_F2M_R = new byte[]{ + (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xEF, (byte) 0x90, + (byte) 0x39, (byte) 0x96, (byte) 0x60, (byte) 0xFC, + (byte) 0x93, (byte) 0x8A, (byte) 0x90, (byte) 0x16, + (byte) 0x5B, (byte) 0x04, (byte) 0x2A, (byte) 0x7C, + (byte) 0xEF, (byte) 0xAD, (byte) 0xB3, (byte) 0x07 + }; + + // cofactor of G + public static final short EC283_F2M_K = 2; + + //sect409r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^409 + x^i1 + 1 + public static final byte[] EC409_F2M_F = new byte[]{ + (byte) 0x00, (byte) 0x57 + }; + + public static final byte[] EC409_F2M_A = new byte[]{ + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 + }; + + public static final byte[] EC409_F2M_B = new byte[]{ + (byte) 0x00, (byte) 0x21, (byte) 0xA5, (byte) 0xC2, + (byte) 0xC8, (byte) 0xEE, (byte) 0x9F, (byte) 0xEB, + (byte) 0x5C, (byte) 0x4B, (byte) 0x9A, (byte) 0x75, + (byte) 0x3B, (byte) 0x7B, (byte) 0x47, (byte) 0x6B, + (byte) 0x7F, (byte) 0xD6, (byte) 0x42, (byte) 0x2E, + (byte) 0xF1, (byte) 0xF3, (byte) 0xDD, (byte) 0x67, + (byte) 0x47, (byte) 0x61, (byte) 0xFA, (byte) 0x99, + (byte) 0xD6, (byte) 0xAC, (byte) 0x27, (byte) 0xC8, + (byte) 0xA9, (byte) 0xA1, (byte) 0x97, (byte) 0xB2, + (byte) 0x72, (byte) 0x82, (byte) 0x2F, (byte) 0x6C, + (byte) 0xD5, (byte) 0x7A, (byte) 0x55, (byte) 0xAA, + (byte) 0x4F, (byte) 0x50, (byte) 0xAE, (byte) 0x31, + (byte) 0x7B, (byte) 0x13, (byte) 0x54, (byte) 0x5F + }; + + // G in compressed form / first part of ucompressed + public static final byte[] EC409_F2M_G_X = new byte[]{ + (byte) 0x01, (byte) 0x5D, (byte) 0x48, (byte) 0x60, + (byte) 0xD0, (byte) 0x88, (byte) 0xDD, (byte) 0xB3, + (byte) 0x49, (byte) 0x6B, (byte) 0x0C, (byte) 0x60, + (byte) 0x64, (byte) 0x75, (byte) 0x62, (byte) 0x60, + (byte) 0x44, (byte) 0x1C, (byte) 0xDE, (byte) 0x4A, + (byte) 0xF1, (byte) 0x77, (byte) 0x1D, (byte) 0x4D, + (byte) 0xB0, (byte) 0x1F, (byte) 0xFE, (byte) 0x5B, + (byte) 0x34, (byte) 0xE5, (byte) 0x97, (byte) 0x03, + (byte) 0xDC, (byte) 0x25, (byte) 0x5A, (byte) 0x86, + (byte) 0x8A, (byte) 0x11, (byte) 0x80, (byte) 0x51, + (byte) 0x56, (byte) 0x03, (byte) 0xAE, (byte) 0xAB, + (byte) 0x60, (byte) 0x79, (byte) 0x4E, (byte) 0x54, + (byte) 0xBB, (byte) 0x79, (byte) 0x96, (byte) 0xA7 + }; + + // second part of G uncompressed + public static final byte[] EC409_F2M_G_Y = new byte[]{ + (byte) 0x00, (byte) 0x61, (byte) 0xB1, (byte) 0xCF, + (byte) 0xAB, (byte) 0x6B, (byte) 0xE5, (byte) 0xF3, + (byte) 0x2B, (byte) 0xBF, (byte) 0xA7, (byte) 0x83, + (byte) 0x24, (byte) 0xED, (byte) 0x10, (byte) 0x6A, + (byte) 0x76, (byte) 0x36, (byte) 0xB9, (byte) 0xC5, + (byte) 0xA7, (byte) 0xBD, (byte) 0x19, (byte) 0x8D, + (byte) 0x01, (byte) 0x58, (byte) 0xAA, (byte) 0x4F, + (byte) 0x54, (byte) 0x88, (byte) 0xD0, (byte) 0x8F, + (byte) 0x38, (byte) 0x51, (byte) 0x4F, (byte) 0x1F, + (byte) 0xDF, (byte) 0x4B, (byte) 0x4F, (byte) 0x40, + (byte) 0xD2, (byte) 0x18, (byte) 0x1B, (byte) 0x36, + (byte) 0x81, (byte) 0xC3, (byte) 0x64, (byte) 0xBA, + (byte) 0x02, (byte) 0x73, (byte) 0xC7, (byte) 0x06 + }; + + // order of G + public static final byte[] EC409_F2M_R = new byte[]{ + (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0xE2, + (byte) 0xAA, (byte) 0xD6, (byte) 0xA6, (byte) 0x12, + (byte) 0xF3, (byte) 0x33, (byte) 0x07, (byte) 0xBE, + (byte) 0x5F, (byte) 0xA4, (byte) 0x7C, (byte) 0x3C, + (byte) 0x9E, (byte) 0x05, (byte) 0x2F, (byte) 0x83, + (byte) 0x81, (byte) 0x64, (byte) 0xCD, (byte) 0x37, + (byte) 0xD9, (byte) 0xA2, (byte) 0x11, (byte) 0x73 + }; + + // cofactor of G + public static final short EC409_F2M_K = 2; + + //sect571r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^571 + x^i1 + x^i2 + x^i3 + 1 + public static final byte[] EC571_F2M_F = new byte[]{ + (byte) 0x00, (byte) 0x0a, + (byte) 0x00, (byte) 0x05, + (byte) 0x00, (byte) 0x02, + }; + + public static final byte[] EC571_F2M_A = new byte[]{ + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 + }; + + public static final byte[] EC571_F2M_B = new byte[]{ + (byte) 0x02, (byte) 0xF4, (byte) 0x0E, (byte) 0x7E, + (byte) 0x22, (byte) 0x21, (byte) 0xF2, (byte) 0x95, + (byte) 0xDE, (byte) 0x29, (byte) 0x71, (byte) 0x17, + (byte) 0xB7, (byte) 0xF3, (byte) 0xD6, (byte) 0x2F, + (byte) 0x5C, (byte) 0x6A, (byte) 0x97, (byte) 0xFF, + (byte) 0xCB, (byte) 0x8C, (byte) 0xEF, (byte) 0xF1, + (byte) 0xCD, (byte) 0x6B, (byte) 0xA8, (byte) 0xCE, + (byte) 0x4A, (byte) 0x9A, (byte) 0x18, (byte) 0xAD, + (byte) 0x84, (byte) 0xFF, (byte) 0xAB, (byte) 0xBD, + (byte) 0x8E, (byte) 0xFA, (byte) 0x59, (byte) 0x33, + (byte) 0x2B, (byte) 0xE7, (byte) 0xAD, (byte) 0x67, + (byte) 0x56, (byte) 0xA6, (byte) 0x6E, (byte) 0x29, + (byte) 0x4A, (byte) 0xFD, (byte) 0x18, (byte) 0x5A, + (byte) 0x78, (byte) 0xFF, (byte) 0x12, (byte) 0xAA, + (byte) 0x52, (byte) 0x0E, (byte) 0x4D, (byte) 0xE7, + (byte) 0x39, (byte) 0xBA, (byte) 0xCA, (byte) 0x0C, + (byte) 0x7F, (byte) 0xFE, (byte) 0xFF, (byte) 0x7F, + (byte) 0x29, (byte) 0x55, (byte) 0x72, (byte) 0x7A + }; + + // G in compressed form / first part of ucompressed + public static final byte[] EC571_F2M_G_X = new byte[]{ + (byte) 0x03, (byte) 0x03, (byte) 0x00, (byte) 0x1D, + (byte) 0x34, (byte) 0xB8, (byte) 0x56, (byte) 0x29, + (byte) 0x6C, (byte) 0x16, (byte) 0xC0, (byte) 0xD4, + (byte) 0x0D, (byte) 0x3C, (byte) 0xD7, (byte) 0x75, + (byte) 0x0A, (byte) 0x93, (byte) 0xD1, (byte) 0xD2, + (byte) 0x95, (byte) 0x5F, (byte) 0xA8, (byte) 0x0A, + (byte) 0xA5, (byte) 0xF4, (byte) 0x0F, (byte) 0xC8, + (byte) 0xDB, (byte) 0x7B, (byte) 0x2A, (byte) 0xBD, + (byte) 0xBD, (byte) 0xE5, (byte) 0x39, (byte) 0x50, + (byte) 0xF4, (byte) 0xC0, (byte) 0xD2, (byte) 0x93, + (byte) 0xCD, (byte) 0xD7, (byte) 0x11, (byte) 0xA3, + (byte) 0x5B, (byte) 0x67, (byte) 0xFB, (byte) 0x14, + (byte) 0x99, (byte) 0xAE, (byte) 0x60, (byte) 0x03, + (byte) 0x86, (byte) 0x14, (byte) 0xF1, (byte) 0x39, + (byte) 0x4A, (byte) 0xBF, (byte) 0xA3, (byte) 0xB4, + (byte) 0xC8, (byte) 0x50, (byte) 0xD9, (byte) 0x27, + (byte) 0xE1, (byte) 0xE7, (byte) 0x76, (byte) 0x9C, + (byte) 0x8E, (byte) 0xEC, (byte) 0x2D, (byte) 0x19 + }; + + // second part of G uncompressed + public static final byte[] EC571_F2M_G_Y = new byte[]{ + (byte) 0x03, (byte) 0x7B, (byte) 0xF2, (byte) 0x73, + (byte) 0x42, (byte) 0xDA, (byte) 0x63, (byte) 0x9B, + (byte) 0x6D, (byte) 0xCC, (byte) 0xFF, (byte) 0xFE, + (byte) 0xB7, (byte) 0x3D, (byte) 0x69, (byte) 0xD7, + (byte) 0x8C, (byte) 0x6C, (byte) 0x27, (byte) 0xA6, + (byte) 0x00, (byte) 0x9C, (byte) 0xBB, (byte) 0xCA, + (byte) 0x19, (byte) 0x80, (byte) 0xF8, (byte) 0x53, + (byte) 0x39, (byte) 0x21, (byte) 0xE8, (byte) 0xA6, + (byte) 0x84, (byte) 0x42, (byte) 0x3E, (byte) 0x43, + (byte) 0xBA, (byte) 0xB0, (byte) 0x8A, (byte) 0x57, + (byte) 0x62, (byte) 0x91, (byte) 0xAF, (byte) 0x8F, + (byte) 0x46, (byte) 0x1B, (byte) 0xB2, (byte) 0xA8, + (byte) 0xB3, (byte) 0x53, (byte) 0x1D, (byte) 0x2F, + (byte) 0x04, (byte) 0x85, (byte) 0xC1, (byte) 0x9B, + (byte) 0x16, (byte) 0xE2, (byte) 0xF1, (byte) 0x51, + (byte) 0x6E, (byte) 0x23, (byte) 0xDD, (byte) 0x3C, + (byte) 0x1A, (byte) 0x48, (byte) 0x27, (byte) 0xAF, + (byte) 0x1B, (byte) 0x8A, (byte) 0xC1, (byte) 0x5B + }; + + // order of G + public static final byte[] EC571_F2M_R = new byte[]{ + (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xE6, (byte) 0x61, (byte) 0xCE, (byte) 0x18, + (byte) 0xFF, (byte) 0x55, (byte) 0x98, (byte) 0x73, + (byte) 0x08, (byte) 0x05, (byte) 0x9B, (byte) 0x18, + (byte) 0x68, (byte) 0x23, (byte) 0x85, (byte) 0x1E, + (byte) 0xC7, (byte) 0xDD, (byte) 0x9C, (byte) 0xA1, + (byte) 0x16, (byte) 0x1D, (byte) 0xE9, (byte) 0x3D, + (byte) 0x51, (byte) 0x74, (byte) 0xD6, (byte) 0x6E, + (byte) 0x83, (byte) 0x82, (byte) 0xE9, (byte) 0xBB, + (byte) 0x2F, (byte) 0xE8, (byte) 0x4E, (byte) 0x47 + }; + + // cofactor of G + public static final short EC571_F2M_K = 2; + // getCorruptCurveParameter PARAMETER_CORRUPTION TYPES public static final short CORRUPTION_NONE = 0x01; public static final short CORRUPTION_FIXED = 0x02; @@ -707,6 +1061,46 @@ public class EC_Consts { EC_K = EC163_F2M_K; break; } + case CURVE_sect233r1: { + EC_F2M_F2M = EC233_F2M_F; + EC_A = EC233_F2M_A; + EC_B = EC233_F2M_B; + EC_G_X = EC233_F2M_G_X; + EC_G_Y = EC233_F2M_G_Y; + EC_R = EC233_F2M_R; + EC_K = EC233_F2M_K; + break; + } + case CURVE_sect283r1: { + EC_F2M_F2M = EC283_F2M_F; + EC_A = EC283_F2M_A; + EC_B = EC283_F2M_B; + EC_G_X = EC283_F2M_G_X; + EC_G_Y = EC283_F2M_G_Y; + EC_R = EC283_F2M_R; + EC_K = EC283_F2M_K; + break; + } + case CURVE_sect409r1: { + EC_F2M_F2M = EC409_F2M_F; + EC_A = EC409_F2M_A; + EC_B = EC409_F2M_B; + EC_G_X = EC409_F2M_G_X; + EC_G_Y = EC409_F2M_G_Y; + EC_R = EC409_F2M_R; + EC_K = EC409_F2M_K; + break; + } + case CURVE_sect571r1: { + EC_F2M_F2M = EC571_F2M_F; + EC_A = EC571_F2M_A; + EC_B = EC571_F2M_B; + EC_G_X = EC571_F2M_G_X; + EC_G_Y = EC571_F2M_G_Y; + EC_R = EC571_F2M_R; + EC_K = EC571_F2M_K; + break; + } default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } @@ -775,7 +1169,7 @@ public class EC_Consts { rngPos %= length; // make < param length byte original = outputBuffer[rngPos]; - while (original != outputBuffer[rngPos]){ + while (original != outputBuffer[rngPos]) { m_random.generateData(outputBuffer, rngPos, (short) 1); } break; -- cgit v1.2.3-70-g09d2 From 7d946796d87638a5f54cc8562c9d3a95309cf3cc Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 7 Nov 2016 20:26:50 +0100 Subject: ECKeyGenerator: fixes to key genertion, ECKeyTester: fixed ECDH/ECDHC pubkey length issue. EC_Consts: fixed decompressG and getCurveParameter array copy mismatch SimpleECCApplet: fixed B parameter test All tests now pass as before. --- src/applets/ECKeyGenerator.java | 102 ++++++++++++++++++++++----------------- src/applets/ECKeyTester.java | 16 +++--- src/applets/EC_Consts.java | 31 ++++++++---- src/applets/SimpleECCApplet.java | 29 +++++------ src/simpleapdu/SimpleAPDU.java | 2 +- 5 files changed, 102 insertions(+), 78 deletions(-) diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java index 28b3ed3..e9bdfa6 100644 --- a/src/applets/ECKeyGenerator.java +++ b/src/applets/ECKeyGenerator.java @@ -1,6 +1,7 @@ package applets; import javacard.framework.ISO7816; +import javacard.framework.ISOException; import javacard.framework.Util; import javacard.security.CryptoException; import javacard.security.ECPrivateKey; @@ -16,17 +17,18 @@ public class ECKeyGenerator { private ECPrivateKey ecPrivateKey = null; private ECPublicKey ecPublicKey = null; - public static final byte KEY_PUBLIC = 0x1; - public static final byte KEY_PRIVATE = 0x2; - public static final byte KEY_BOTH = KEY_PUBLIC & KEY_PRIVATE; + public static final byte KEY_PUBLIC = 0x01; + public static final byte KEY_PRIVATE = 0x02; + public static final byte KEY_BOTH = KEY_PUBLIC | KEY_PRIVATE; - public short allocatePair(byte algorithm, short keyLength) { + //TODO: add something like allocateGenerate, or modify allocate to auto-generate a key-pair if it returns null key references after allocating + public short allocatePair(byte keyClass, short keyLength) { short result = ISO7816.SW_NO_ERROR; try { - ecKeyPair = new KeyPair(algorithm, keyLength); - ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); + ecKeyPair = new KeyPair(keyClass, keyLength); ecPublicKey = (ECPublicKey) ecKeyPair.getPublic(); + ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); } catch (CryptoException ce) { result = ce.getReason(); } catch (Exception e) { @@ -36,15 +38,15 @@ public class ECKeyGenerator { } public boolean isAllocated() { - return ecKeyPair != null && ecPrivateKey != null && ecPublicKey != null; + return ecKeyPair != null; } public short generatePair() { short result = ISO7816.SW_NO_ERROR; try { ecKeyPair.genKeyPair(); - ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); ecPublicKey = (ECPublicKey) ecKeyPair.getPublic(); + ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); } catch (CryptoException ce) { result = ce.getReason(); } catch (Exception e) { @@ -63,18 +65,20 @@ public class ECKeyGenerator { short length; if (alg == KeyPair.ALG_EC_FP) { length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_FP, buffer, offset); - sw = setExternalParameter(KEY_BOTH, EC_Consts.PARAMETER_FP, buffer, offset, length); + sw = setParameter(KEY_BOTH, EC_Consts.PARAMETER_FP, buffer, offset, length); } else if (alg == KeyPair.ALG_EC_F2M) { length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_F2M, buffer, offset); - sw = setExternalParameter(KEY_BOTH, EC_Consts.PARAMETER_F2M, buffer, offset, length); + sw = setParameter(KEY_BOTH, EC_Consts.PARAMETER_F2M, buffer, offset, length); } if (sw != ISO7816.SW_NO_ERROR) return sw; //go through all params - for (byte param = EC_Consts.PARAMETER_A; param <= EC_Consts.PARAMETER_K; param = (byte)(param << 1)) { + byte param = EC_Consts.PARAMETER_A; + while (param > 0) { length = EC_Consts.getCurveParameter(curve, param, buffer, offset); - sw = setExternalParameter(KEY_BOTH, param, buffer, offset, length); + sw = setParameter(KEY_BOTH, param, buffer, offset, length); if (sw != ISO7816.SW_NO_ERROR) break; + param = (byte) (param << 1); } return sw; } @@ -89,68 +93,76 @@ public class ECKeyGenerator { //go through param bit by bit, and invalidate all selected params byte paramMask = 0x01; - while (paramMask <= EC_Consts.PARAMETER_K) { - byte masked = (byte)(paramMask & param); - if (masked != 0){ + while (paramMask > 0) { + byte masked = (byte) (paramMask & param); + if (masked != 0) { short length = EC_Consts.getCorruptCurveParameter(curve, masked, buffer, offset, corruptionType); - sw = setExternalParameter(key, masked, buffer, offset, length); + sw = setParameter(key, masked, buffer, offset, length); if (sw != ISO7816.SW_NO_ERROR) return sw; } - paramMask = (byte)(paramMask << 1); + paramMask = (byte) (paramMask << 1); } return sw; } - public short setExternalParameter(byte key, byte param, byte[] data, short offset, short length) { + public short setParameter(byte key, byte param, byte[] data, short offset, short length) { short result = ISO7816.SW_NO_ERROR; try { switch (param) { - case EC_Consts.PARAMETER_FP: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); + case EC_Consts.PARAMETER_FP: { if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); break; - case EC_Consts.PARAMETER_F2M: + } + case EC_Consts.PARAMETER_F2M: { if (length == 2) { short i = Util.makeShort(data[offset], data[(short) (offset + 1)]); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); } else if (length == 6) { short i1 = Util.makeShort(data[offset], data[(short) (offset + 1)]); short i2 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); short i3 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); } else { result = ISO7816.SW_UNKNOWN; } break; - case EC_Consts.PARAMETER_A: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setA(data, offset, length); + } + case EC_Consts.PARAMETER_A: { if ((key & KEY_PUBLIC) != 0) ecPublicKey.setA(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setA(data, offset, length); break; - case EC_Consts.PARAMETER_B: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setB(data, offset, length); + } + case EC_Consts.PARAMETER_B: { if ((key & KEY_PUBLIC) != 0) ecPublicKey.setB(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setB(data, offset, length); break; - case EC_Consts.PARAMETER_G: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setG(data, offset, length); + } + case EC_Consts.PARAMETER_G: { if ((key & KEY_PUBLIC) != 0) ecPublicKey.setG(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setG(data, offset, length); break; - case EC_Consts.PARAMETER_R: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setR(data, offset, length); + } + case EC_Consts.PARAMETER_R: { if ((key & KEY_PUBLIC) != 0) ecPublicKey.setR(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setR(data, offset, length); break; - case EC_Consts.PARAMETER_K: + } + case EC_Consts.PARAMETER_K: { if (length != 2) { result = ISO7816.SW_UNKNOWN; } else { - short k = Util.makeShort(data[offset], data[(short) (offset + 1)]); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setK(k); + short k = Util.getShort(data, offset); if ((key & KEY_PUBLIC) != 0) ecPublicKey.setK(k); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setK(k); } break; - default: - result = ISO7816.SW_UNKNOWN; + } + default: { + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } } } catch (CryptoException ce) { result = ce.getReason(); @@ -160,35 +172,35 @@ public class ECKeyGenerator { return result; } - public short setExternalCurve(byte key, byte keyClass, byte[] buffer, short offset, short fieldLength, short aLength, short bLength, short gxLength, short gyLength, short rLength){ + public short setExternalCurve(byte key, byte keyClass, byte[] buffer, short offset, short fieldLength, short aLength, short bLength, short gxLength, short gyLength, short rLength) { short sw = ISO7816.SW_NO_ERROR; if (keyClass == KeyPair.ALG_EC_FP) { - sw = setExternalParameter(key, EC_Consts.PARAMETER_FP, buffer, offset, fieldLength); + sw = setParameter(key, EC_Consts.PARAMETER_FP, buffer, offset, fieldLength); } else if (keyClass == KeyPair.ALG_EC_F2M) { - sw = setExternalParameter(key, EC_Consts.PARAMETER_F2M, buffer, offset, fieldLength); + sw = setParameter(key, EC_Consts.PARAMETER_F2M, buffer, offset, fieldLength); } if (sw != ISO7816.SW_NO_ERROR) return sw; offset += fieldLength; //go through all params - sw = setExternalParameter(key, EC_Consts.PARAMETER_A, buffer, offset, aLength); + sw = setParameter(key, EC_Consts.PARAMETER_A, buffer, offset, aLength); if (sw != ISO7816.SW_NO_ERROR) return sw; offset += aLength; - sw = setExternalParameter(key, EC_Consts.PARAMETER_B, buffer, offset, bLength); + sw = setParameter(key, EC_Consts.PARAMETER_B, buffer, offset, bLength); if (sw != ISO7816.SW_NO_ERROR) return sw; offset += bLength; - sw = setExternalParameter(key, EC_Consts.PARAMETER_G, buffer, offset, (short) (gxLength + gyLength)); + sw = setParameter(key, EC_Consts.PARAMETER_G, buffer, offset, (short) (gxLength + gyLength)); if (sw != ISO7816.SW_NO_ERROR) return sw; offset += gxLength + gyLength; - sw = setExternalParameter(key, EC_Consts.PARAMETER_R, buffer, offset, aLength); + sw = setParameter(key, EC_Consts.PARAMETER_R, buffer, offset, aLength); if (sw != ISO7816.SW_NO_ERROR) return sw; offset += rLength; - sw = setExternalParameter(key, EC_Consts.PARAMETER_K, buffer, offset, (short) 2); + sw = setParameter(key, EC_Consts.PARAMETER_K, buffer, offset, (short) 2); return sw; } @@ -226,7 +238,7 @@ public class ECKeyGenerator { length = 2; break; default: - length = -1; + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } } catch (CryptoException ce) { length = -1; diff --git a/src/applets/ECKeyTester.java b/src/applets/ECKeyTester.java index 1031b06..d6ff6c1 100644 --- a/src/applets/ECKeyTester.java +++ b/src/applets/ECKeyTester.java @@ -91,13 +91,13 @@ public class ECKeyTester { * exception reason otherwise **/ public short testECDH_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testDH_validPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, (short) pubkeyBuffer.length, outputBuffer, outputOffset); + short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testDH_validPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } public short testECDH_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testDH_invalidPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, (short) pubkeyBuffer.length, outputBuffer, outputOffset); + short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testDH_invalidPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } @@ -115,13 +115,13 @@ public class ECKeyTester { * exception reason otherwise */ public short testECDHC_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testDH_validPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, (short) pubkeyBuffer.length, outputBuffer, outputOffset); + short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testDH_validPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } public short testECDHC_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testDH_invalidPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, (short) pubkeyBuffer.length, outputBuffer, outputOffset); + short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testDH_invalidPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } /** diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index e39570a..d5f23d1 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -70,7 +70,7 @@ public class EC_Consts { // cofactor of G public static final short EC128_FP_K = 1; - // secp160r1 + // secp160r1 public static final byte[] EC160_FP_P = new byte[]{ (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, @@ -1108,32 +1108,32 @@ public class EC_Consts { switch (param) { case PARAMETER_FP: if (alg == KeyPair.ALG_EC_FP) { - length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_FP_P, (short) 0, (short) EC_FP_P.length); + length = Util.arrayCopyNonAtomic(EC_FP_P, (short) 0, outputBuffer, outputOffset, (short) EC_FP_P.length); } break; case PARAMETER_F2M: if (alg == KeyPair.ALG_EC_F2M) { - length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_F2M_F2M, (short) 0, (short) EC_F2M_F2M.length); + length = Util.arrayCopyNonAtomic(EC_F2M_F2M, (short) 0, outputBuffer, outputOffset, (short) EC_F2M_F2M.length); } break; case PARAMETER_A: - length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_A, (short) 0, (short) EC_A.length); + length = Util.arrayCopyNonAtomic(EC_A, (short) 0, outputBuffer, outputOffset, (short) EC_A.length); break; case PARAMETER_B: - length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_B, (short) 0, (short) EC_B.length); + length = Util.arrayCopyNonAtomic(EC_B, (short) 0, outputBuffer, outputOffset, (short) EC_B.length); break; case PARAMETER_G: length = decompressG(outputBuffer, outputOffset, EC_G_X, (short) 0, (short) EC_G_X.length, EC_G_Y, (short) 0, (short) EC_G_Y.length); break; case PARAMETER_R: - length = Util.arrayCopyNonAtomic(outputBuffer, outputOffset, EC_R, (short) 0, (short) EC_R.length); + length = Util.arrayCopyNonAtomic(EC_R, (short) 0, outputBuffer, outputOffset, (short) EC_R.length); break; case PARAMETER_K: length = 2; Util.setShort(outputBuffer, outputOffset, EC_K); break; default: - length = -1; + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } return length; } @@ -1169,9 +1169,9 @@ public class EC_Consts { rngPos %= length; // make < param length byte original = outputBuffer[rngPos]; - while (original != outputBuffer[rngPos]) { + do { m_random.generateData(outputBuffer, rngPos, (short) 1); - } + } while (original == outputBuffer[rngPos]); break; case CORRUPTION_ZERO: Util.arrayFillNonAtomic(outputBuffer, outputOffset, length, (byte) 0); @@ -1181,6 +1181,16 @@ public class EC_Consts { break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + /* //TODO implement CORRUPT_B_LASTBYTEINCREMENT somehow + case CORRUPT_B_LASTBYTEINCREMENT: + m_ramArray2[(short) (m_lenB - 1)] += 1; + // Make sure its not the valid byte again + if (m_ramArray[(short) (m_lenB - 1)] == m_ramArray2[(short) (m_lenB - 1)]) { + m_ramArray2[(short) (m_lenB - 1)] += 1; // if yes, increment once more + } + break; + } + */ } return length; } @@ -1193,10 +1203,11 @@ public class EC_Consts { short size = 1; size += gxLength; size += gyLength; + short offset = outputOffset; + outputBuffer[offset] = 0x04; offset += 1; - outputBuffer[offset] = 0x04; offset = Util.arrayCopyNonAtomic(gx, gxOffset, outputBuffer, offset, gxLength); Util.arrayCopyNonAtomic(gy, gyOffset, outputBuffer, offset, gyLength); return size; diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 3b5b514..404bf00 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -8,7 +8,7 @@ import javacard.framework.*; import javacard.security.*; -public class SimpleECCApplet extends javacard.framework.Applet { +public class SimpleECCApplet extends Applet { // MAIN INSTRUCTION CLASS final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; @@ -297,7 +297,7 @@ public class SimpleECCApplet extends javacard.framework.Applet { ecPubKey = ecKeyGenerator.getPublicKey(); ecPrivKey = ecKeyGenerator.getPrivateKey(); if (sw == ISO7816.SW_NO_ERROR) { - sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1); + sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); } } Util.setShort(buffer, bufferOffset, sw); @@ -427,7 +427,7 @@ public class SimpleECCApplet extends javacard.framework.Applet { return (short) (outputOffset - startOffset); } - // setExternalParam -> forall in {field, a, b, g, r, k} + // setExternalCurve buffer[outputOffset] = ECTEST_SET_EXTERNALCURVE; outputOffset++; sw = ecKeyGenerator.setExternalCurve(ECKeyGenerator.KEY_BOTH, keyClass, buffer, bufferOffset, fieldLength, aLength, bLength, gxLength, gyLength, rLength); @@ -598,10 +598,18 @@ public class SimpleECCApplet extends javacard.framework.Applet { } else { testFlags = 0; } + + if (ecPubKey == null || ecPrivKey == null) { + ecKeyGenerator.generatePair(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); + ecPubKey = ecKeyGenerator.getPublicKey(); + } } Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; + + // // 2. Set invalid custom curve (many times) // @@ -620,6 +628,8 @@ public class SimpleECCApplet extends javacard.framework.Applet { bufferOffset = startOffset; } + ecPubKey.getB(m_ramArray2, (short) 0); //store valid B + // set invalid curve buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE; bufferOffset++; @@ -631,23 +641,13 @@ public class SimpleECCApplet extends javacard.framework.Applet { // CORRUPTION_ONEBYTERANDOM = 0x04, one random byte randomly changed // CORRUPTION_ZERO = 0x05, parameter competely zero // CORRUPTION_ONE = 0x06, parameter completely one - sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyClass, ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_B, corruptionType, m_ramArray, (short) 0); + sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_BOTH, EC_Consts.PARAMETER_B, corruptionType, m_ramArray, (short) 0); Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; if (sw != ISO7816.SW_NO_ERROR) { // if we reach this line, we are interested in value of B that caused incorrect response break; // stop execution, return B } - /* //TODO implement CORRUPT_B_LASTBYTEINCREMENT somehow - case CORRUPT_B_LASTBYTEINCREMENT: - m_ramArray2[(short) (m_lenB - 1)] += 1; - // Make sure its not the valid byte again - if (m_ramArray[(short) (m_lenB - 1)] == m_ramArray2[(short) (m_lenB - 1)]) { - m_ramArray2[(short) (m_lenB - 1)] += 1; // if yes, increment once more - } - break; - } - */ // Gen key pair with invalid curve @@ -668,6 +668,7 @@ public class SimpleECCApplet extends javacard.framework.Applet { sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); m_lenB = ecPubKey.getB(m_ramArray2, (short) 0); //store B + //TODO: note, according to the previous version of this method, sw should get appended to the buffer only if sw != SW_NO_ERROR Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; break; //stop execution, return B diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 7401509..ead8fb7 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -106,7 +106,7 @@ public class SimpleAPDU { if (cardManager.ConnectToCard()) { testSupportECAll(cardManager); - + // // Test setting invalid parameter B of curve byte[] testAPDU = Arrays.clone(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB); //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_LASTBYTEINCREMENT); -- cgit v1.2.3-70-g09d2 From 7ef646a52fe3e470a0d283d0fb0db5265f444794 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sat, 26 Nov 2016 18:02:26 +0100 Subject: SimpleAPDU: Added cli parsing Just a simple command line parsing for two options, should be changed to use some CLI parser lib in the future. -g [num] - generates [num] keys, if [num] is ommitted runs forever -a - runs the test suite for all standard key sizes and field types By default -a is run. --- src/simpleapdu/SimpleAPDU.java | 207 ++++++++++++++++++++++++----------------- 1 file changed, 123 insertions(+), 84 deletions(-) diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 56d5a4c..8775217 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -5,12 +5,12 @@ import applets.SimpleECCApplet; import javacard.framework.ISO7816; import javacard.security.CryptoException; import javacard.security.KeyPair; + +import javax.smartcardio.ResponseAPDU; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.util.Arrays; -import javax.smartcardio.ResponseAPDU; - /** @@ -39,6 +39,7 @@ public class SimpleAPDU { private static final byte TESTECSUPPORT_GENERATEECCKEY[] = {(byte) 0xB0, (byte) 0x5a, (byte) 0x00, (byte) 0x00, (byte) 0x02, (byte) 0x00, (byte) 0x00}; + static short getShort(byte[] array, int offset) { return (short) (((array[offset] & 0xFF) << 8) | (array[offset + 1] & 0xFF)); } @@ -106,85 +107,65 @@ public class SimpleAPDU { } + public static void main(String[] args) throws FileNotFoundException, IOException { - String logFileName = String.format("ECTESTER_log_%d.log", System.currentTimeMillis()); - FileOutputStream systemOutLogger = new FileOutputStream(logFileName); - m_SystemOutLogger = new DirtyLogger(systemOutLogger, true); - try { - // Gather large number of ECC keypairs - if (cardManager.ConnectToCardSelect()) { - cardManager.sendAPDU(SELECT_ECTESTERAPPLET); - - String keyFileName = String.format("ECKEYS_%d.log", System.currentTimeMillis()); - FileOutputStream keysFile = new FileOutputStream(keyFileName); - - String message = "index;pubW;privS\n"; - keysFile.write(message.getBytes()); - byte[] gatherKeyAPDU = Arrays.copyOf(TESTECSUPPORT_GENERATEECCKEY, TESTECSUPPORT_GENERATEECCKEY.length); - // Prepare keypair object - gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_SETCURVE; - setShort(gatherKeyAPDU, (short) 5, (short) 192); // ecc length - ResponseAPDU respGather = cardManager.sendAPDU(gatherKeyAPDU); - - // Generate new keypair - gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_GENERATEKEYPAIR; - int counter = 0; - while (true) { - counter++; - long elapsed = -System.nanoTime(); - respGather = cardManager.sendAPDU(gatherKeyAPDU); - elapsed += System.nanoTime(); - - byte[] data = respGather.getData(); - int offset = 0; - String pubKeyW = ""; - String privKeyS = ""; - if (data[offset] == EC_Consts.TAG_ECPUBKEY) { - offset++; - short len = getShort(data, offset); - offset += 2; - pubKeyW = CardMngr.bytesToHex(data, offset, len, false); - offset += len; - } - if (data[offset] == EC_Consts.TAG_ECPRIVKEY) { - offset++; - short len = getShort(data, offset); - offset += 2; - privKeyS = CardMngr.bytesToHex(data, offset, len, false); - offset += len; - } - - message = String.format("%d;%d;%s;%s\n", counter, elapsed / 1000000, pubKeyW, privKeyS); - keysFile.write(message.getBytes()); + boolean genKeys = false; + int genAmount = 0; + boolean testAll = false; + if (args.length > 0) { + for (int i = 0; i < args.length; i++) { + if (args[i].equals("-g")) { + genKeys = true; + if (args.length >= i + 1) { + try { + genAmount = Integer.parseInt(args[i + 1]); + }catch (NumberFormatException ignored) { + //is another param, genAmount = 0 by default + genAmount = 0; + } - m_SystemOutLogger.flush(); - keysFile.flush(); + } + } else if (args[i].equals("-a")) { + testAll = true; } } + } - if (cardManager.ConnectToCard()) { - byte[] testAPDU2 = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); - testAPDU2[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_FP; - setShort(testAPDU2, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 384); - testSupportECGivenAlg(testAPDU2, cardManager); - - testSupportECAll(cardManager); - // - // Test setting invalid parameter B of curve - byte[] testAPDU = Arrays.copyOf(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB, TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB.length); - //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_LASTBYTEINCREMENT); - testFPkeyGen_setCorruptionType(testAPDU, EC_Consts.CORRUPTION_ONEBYTERANDOM); - //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_FULLRANDOM); - testFPkeyGen_setNumRepeats(testAPDU, (short) 10); - testFPkeyGen_rewindOnSuccess(testAPDU, true); - ReconnnectToCard(); - ResponseAPDU resp_fp_keygen = cardManager.sendAPDU(testAPDU); - ResponseAPDU resp_keygen_params = cardManager.sendAPDU(TESTECSUPPORTALL_LASTUSEDPARAMS); - PrintECKeyGenInvalidCurveB(resp_fp_keygen); - PrintECKeyGenInvalidCurveB_lastUserParams(resp_keygen_params); - - /* + //by default do the test + if (!genKeys && !testAll) { + testAll = true; + } + + + String logFileName = String.format("ECTESTER_log_%d.log", System.currentTimeMillis()); + FileOutputStream systemOutLogger = new FileOutputStream(logFileName); + m_SystemOutLogger = new DirtyLogger(systemOutLogger, true); + + try { + if (testAll) { + if (cardManager.ConnectToCard()) { + byte[] testAPDU2 = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); + testAPDU2[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_FP; + setShort(testAPDU2, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 384); + testSupportECGivenAlg(testAPDU2, cardManager); + + testSupportECAll(cardManager); + // + // Test setting invalid parameter B of curve + byte[] testAPDU = Arrays.copyOf(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB, TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB.length); + //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_LASTBYTEINCREMENT); + testFPkeyGen_setCorruptionType(testAPDU, EC_Consts.CORRUPTION_ONEBYTERANDOM); + //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_FULLRANDOM); + testFPkeyGen_setNumRepeats(testAPDU, (short) 10); + testFPkeyGen_rewindOnSuccess(testAPDU, true); + ReconnnectToCard(); + ResponseAPDU resp_fp_keygen = cardManager.sendAPDU(testAPDU); + ResponseAPDU resp_keygen_params = cardManager.sendAPDU(TESTECSUPPORTALL_LASTUSEDPARAMS); + PrintECKeyGenInvalidCurveB(resp_fp_keygen); + PrintECKeyGenInvalidCurveB_lastUserParams(resp_keygen_params); + + /* // Test support for different types of curves ReconnnectToCard(); ResponseAPDU resp_fp = cardManager.sendAPDU(TESTECSUPPORTALL_FP); @@ -194,14 +175,74 @@ public class SimpleAPDU { PrintECSupport(resp_f2m); */ - cardManager.DisconnectFromCard(); - } else { - m_SystemOutLogger.println("Failed to connect to card"); + cardManager.DisconnectFromCard(); + } else { + m_SystemOutLogger.println("Failed to connect to card"); + } + } + + if (genKeys) { + // Gather large number of ECC keypairs + if (cardManager.ConnectToCardSelect()) { + cardManager.sendAPDU(SELECT_ECTESTERAPPLET); + + String keyFileName = String.format("ECKEYS_%d.log", System.currentTimeMillis()); + FileOutputStream keysFile = new FileOutputStream(keyFileName); + + String message = "index;time;pubW;privS\n"; + keysFile.write(message.getBytes()); + byte[] gatherKeyAPDU = Arrays.copyOf(TESTECSUPPORT_GENERATEECCKEY, TESTECSUPPORT_GENERATEECCKEY.length); + // Prepare keypair object + gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_SETCURVE; + setShort(gatherKeyAPDU, (short) 5, (short) 192); // ecc length + ResponseAPDU respGather = cardManager.sendAPDU(gatherKeyAPDU); + + // Generate new keypair + gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_GENERATEKEYPAIR; + int counter = 0; + while (true) { + counter++; + long elapsed = -System.nanoTime(); + respGather = cardManager.sendAPDU(gatherKeyAPDU); + elapsed += System.nanoTime(); + + byte[] data = respGather.getData(); + int offset = 0; + String pubKeyW = ""; + String privKeyS = ""; + if (data[offset] == EC_Consts.TAG_ECPUBKEY) { + offset++; + short len = getShort(data, offset); + offset += 2; + pubKeyW = CardMngr.bytesToHex(data, offset, len, false); + offset += len; + } + if (data[offset] == EC_Consts.TAG_ECPRIVKEY) { + offset++; + short len = getShort(data, offset); + offset += 2; + privKeyS = CardMngr.bytesToHex(data, offset, len, false); + offset += len; + } + + message = String.format("%d;%d;%s;%s\n", counter, elapsed / 1000000, pubKeyW, privKeyS); + keysFile.write(message.getBytes()); + + m_SystemOutLogger.flush(); + keysFile.flush(); + + //stop when we have enough keys, go on forever with 0 + if (counter >= genAmount && genAmount != 0) + break; + } + } } + + } catch (Exception ex) { m_SystemOutLogger.println("Exception : " + ex); } - + systemOutLogger.close(); } @@ -253,11 +294,10 @@ public class SimpleAPDU { static int VerifyPrintResult(String message, byte expectedTag, byte[] buffer, int bufferOffset, ExpResult expRes) { if (bufferOffset >= buffer.length) { m_SystemOutLogger.println(" No more data returned"); - } - else { + } else { if (buffer[bufferOffset] != expectedTag) { m_SystemOutLogger.println(" ERROR: mismatched tag"); - assert(buffer[bufferOffset] == expectedTag); + assert (buffer[bufferOffset] == expectedTag); } bufferOffset++; short resCode = getShort(buffer, bufferOffset); @@ -272,8 +312,7 @@ public class SimpleAPDU { } if (bHiglight) { m_SystemOutLogger.println(String.format("!! %-50s%s", message, getPrintError(resCode))); - } - else { + } else { m_SystemOutLogger.println(String.format(" %-50s%s", message, getPrintError(resCode))); } } -- cgit v1.2.3-70-g09d2 From 1a0d0b14ff7720b98ffdda4651bf1b58d34203bd Mon Sep 17 00:00:00 2001 From: J08nY Date: Sat, 26 Nov 2016 19:24:37 +0100 Subject: Added tests for non-prime p, ECDSA into the main test suite. Also fixed ECDSA test. --- !uploader/simpleECC.cap | Bin 9854 -> 14367 bytes dist/SimpleAPDU.jar | Bin 52783 -> 3071803 bytes src/applets/ECKeyTester.java | 14 ++++----- src/applets/SimpleECCApplet.java | 61 +++++++++++++++++++++++++++++++++++---- src/simpleapdu/SimpleAPDU.java | 52 ++++++++++++--------------------- 5 files changed, 79 insertions(+), 48 deletions(-) diff --git a/!uploader/simpleECC.cap b/!uploader/simpleECC.cap index 9d36664..7d019f4 100644 Binary files a/!uploader/simpleECC.cap and b/!uploader/simpleECC.cap differ diff --git a/dist/SimpleAPDU.jar b/dist/SimpleAPDU.jar index 3a13dc6..88b4ab9 100644 Binary files a/dist/SimpleAPDU.jar and b/dist/SimpleAPDU.jar differ diff --git a/src/applets/ECKeyTester.java b/src/applets/ECKeyTester.java index d6ff6c1..acfb64e 100644 --- a/src/applets/ECKeyTester.java +++ b/src/applets/ECKeyTester.java @@ -143,16 +143,12 @@ public class ECKeyTester { short result = ISO7816.SW_NO_ERROR; try { ecdsaSignature.init(signKey, Signature.MODE_SIGN); - short sigLength = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset); - if (sigLength != 20) { // per javacard.security.Signature an ALG_ECDSA_SHA should be 20 bytes. - result = SimpleECCApplet.SW_SIG_LENGTH_MISMATCH; - } else { - ecdsaSignature.init(verifyKey, Signature.MODE_VERIFY); - boolean correct = ecdsaSignature.verify(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset, sigLength); - if (!correct) { - result = SimpleECCApplet.SW_SIG_VERIFY_FAIL; - } + + ecdsaSignature.init(verifyKey, Signature.MODE_VERIFY); + boolean correct = ecdsaSignature.verify(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset, sigLength); + if (!correct) { + result = SimpleECCApplet.SW_SIG_VERIFY_FAIL; } } catch (CryptoException ce) { result = ce.getReason(); diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 8ec9e67..9901aee 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -53,6 +53,8 @@ public class SimpleECCApplet extends Applet { public final static byte ECTEST_SET_EXTERNALCURVE = (byte) 0xcb; public final static byte ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE = (byte) 0xcc; public final static byte ECTEST_ECDSA_SIGNATURE = (byte) 0xcd; + public final static byte ECTEST_SET_INVALIDFIELD = (byte) 0xce; + public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (byte) 0xcf; public final static short FLAG_ECTEST_ALLOCATE_KEYPAIR = (short) 0x0001; public final static short FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE = (short) 0x0002; @@ -62,15 +64,17 @@ public class SimpleECCApplet extends Applet { public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE = (short) 0x0020; public final static short FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT = (short) 0x0040; public final static short FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT = (short) 0x0080; + public final static short FLAG_ECTEST_ECDSA_SIGNATURE = (short) 0x0100; + public final static short FLAG_ECTEST_SET_INVALIDFIELD = (short) 0x0200; + public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (short) 0x0400; - public final static short FLAG_ECTEST_ALL = (short) 0x00ff; + public final static short FLAG_ECTEST_ALL = (short) 0xffff; public final static short SW_SKIPPED = (short) 0x0ee1; public final static short SW_KEYPAIR_GENERATED_INVALID = (short) 0x0ee2; public final static short SW_INVALID_CORRUPTION_TYPE = (short) 0x0ee3; - public final static short SW_SIG_LENGTH_MISMATCH = (short) 0xee4; - public final static short SW_SIG_VERIFY_FAIL = (short) 0xee5; + public final static short SW_SIG_VERIFY_FAIL = (short) 0xee4; /* public static final byte[] EC192_FP_PUBLICW = new byte[]{ (byte) 0x04, (byte) 0xC9, (byte) 0xC0, (byte) 0xED, (byte) 0xFB, (byte) 0x27, @@ -325,7 +329,25 @@ public class SimpleECCApplet extends Applet { bufferOffset += 2; // - // 7. Set invalid custom curve + // 7. ECDSA test + // + buffer[bufferOffset] = ECTEST_ECDSA_SIGNATURE; + bufferOffset++; + sw = SW_SKIPPED; + if ((testFlags & FLAG_ECTEST_ECDSA_SIGNATURE) != (short) 0) { + sw = ecKeyGenerator.generatePair(); + ecPubKey = ecKeyGenerator.getPublicKey(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); + if (sw == ISO7816.SW_NO_ERROR) { + sw = ecKeyTester.testECDSA(ecPrivKey, ecPubKey, m_ramArray2, (short) 0, (short) m_ramArray2.length, m_ramArray, (short) 0); + } + + } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + + // + // 8. Set invalid custom curve // buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE; bufferOffset++; @@ -341,7 +363,7 @@ public class SimpleECCApplet extends Applet { bufferOffset += 2; // - // 8. Generate keypair with invalid custom curve + // 9. Generate keypair with invalid custom curve // buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; bufferOffset++; @@ -352,6 +374,35 @@ public class SimpleECCApplet extends Applet { Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; + // + // 10. Set invalid field + // + buffer[bufferOffset] = ECTEST_SET_INVALIDFIELD; + bufferOffset++; + sw = SW_SKIPPED; + if ((testFlags & FLAG_ECTEST_SET_INVALIDFIELD) != (short) 0) { + if (keyClass == KeyPair.ALG_EC_FP) + sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_BOTH, EC_Consts.PARAMETER_FP, EC_Consts.CORRUPTION_FULLRANDOM, m_ramArray, (short) 0); + else + sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_BOTH, EC_Consts.PARAMETER_F2M, EC_Consts.CORRUPTION_FULLRANDOM, m_ramArray, (short) 0); + + if (sw != ISO7816.SW_NO_ERROR) { + testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD; + } + } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + + // 11. Generate key with invalid field + buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDFIELD; + bufferOffset++; + sw = SW_SKIPPED; + if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD) != (short) 0) { + sw = ecKeyGenerator.generatePair(); + } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + return (short) (bufferOffset - baseOffset); } diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 8775217..77478a0 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -107,9 +107,8 @@ public class SimpleAPDU { } - public static void main(String[] args) throws FileNotFoundException, IOException { - + //parse cli args. Should be replaced with some cli parsing library code in the future. boolean genKeys = false; int genAmount = 0; boolean testAll = false; @@ -120,7 +119,7 @@ public class SimpleAPDU { if (args.length >= i + 1) { try { genAmount = Integer.parseInt(args[i + 1]); - }catch (NumberFormatException ignored) { + }catch (NumberFormatException ignored) { //is another param, genAmount = 0 by default genAmount = 0; } @@ -145,36 +144,21 @@ public class SimpleAPDU { try { if (testAll) { if (cardManager.ConnectToCard()) { - byte[] testAPDU2 = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); - testAPDU2[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_FP; - setShort(testAPDU2, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 384); - testSupportECGivenAlg(testAPDU2, cardManager); - + // Test all default curves for both fields testSupportECAll(cardManager); - // + // Test setting invalid parameter B of curve byte[] testAPDU = Arrays.copyOf(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB, TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB.length); - //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_LASTBYTEINCREMENT); testFPkeyGen_setCorruptionType(testAPDU, EC_Consts.CORRUPTION_ONEBYTERANDOM); - //testFPkeyGen_setCorruptionType(testAPDU, SimpleECCApplet.CORRUPT_B_FULLRANDOM); testFPkeyGen_setNumRepeats(testAPDU, (short) 10); testFPkeyGen_rewindOnSuccess(testAPDU, true); + ReconnnectToCard(); ResponseAPDU resp_fp_keygen = cardManager.sendAPDU(testAPDU); ResponseAPDU resp_keygen_params = cardManager.sendAPDU(TESTECSUPPORTALL_LASTUSEDPARAMS); PrintECKeyGenInvalidCurveB(resp_fp_keygen); PrintECKeyGenInvalidCurveB_lastUserParams(resp_keygen_params); - /* - // Test support for different types of curves - ReconnnectToCard(); - ResponseAPDU resp_fp = cardManager.sendAPDU(TESTECSUPPORTALL_FP); - ReconnnectToCard(); - ResponseAPDU resp_f2m = cardManager.sendAPDU(TESTECSUPPORTALL_F2M); - PrintECSupport(resp_fp); - PrintECSupport(resp_f2m); - */ - cardManager.DisconnectFromCard(); } else { m_SystemOutLogger.println("Failed to connect to card"); @@ -275,9 +259,6 @@ public class SimpleAPDU { if (code == SimpleECCApplet.SW_INVALID_CORRUPTION_TYPE) { codeStr = "SW_INVALID_CORRUPTION_TYPE"; } - if (code == SimpleECCApplet.SW_SIG_LENGTH_MISMATCH) { - codeStr = "SW_SIG_LENGTH_MISMATCH"; - } if (code == SimpleECCApplet.SW_SIG_VERIFY_FAIL) { codeStr = "SW_SIG_VERIFY_FAIL"; } @@ -286,7 +267,7 @@ public class SimpleAPDU { } enum ExpResult { - SHOULD_SUCCEDD, + SHOULD_SUCCEED, MAY_FAIL, MUST_FAIL } @@ -307,7 +288,7 @@ public class SimpleAPDU { if ((expRes == ExpResult.MUST_FAIL) && (resCode == ISO7816.SW_NO_ERROR)) { bHiglight = true; } - if ((expRes == ExpResult.SHOULD_SUCCEDD) && (resCode != ISO7816.SW_NO_ERROR)) { + if ((expRes == ExpResult.SHOULD_SUCCEED) && (resCode != ISO7816.SW_NO_ERROR)) { bHiglight = true; } if (bHiglight) { @@ -341,14 +322,17 @@ public class SimpleAPDU { m_SystemOutLogger.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); bufferOffset += 2; - bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); + bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); bufferOffset = VerifyPrintResult("Generate key with def curve (fails if no def):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_DEFCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); - bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); - bufferOffset = VerifyPrintResult("ECDH agreement with valid point:", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_VALID_POINT, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); + bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("ECDH agreement with valid point:", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_VALID_POINT, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_INVALID_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); + bufferOffset = VerifyPrintResult("ECDSA signature on random data:", SimpleECCApplet.ECTEST_ECDSA_SIGNATURE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); bufferOffset = VerifyPrintResult("Set invalid custom curve (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); + bufferOffset = VerifyPrintResult("Set invalid field (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDFIELD, buffer, bufferOffset, ExpResult.MAY_FAIL); + bufferOffset = VerifyPrintResult("Generate key with invalid field (fail si good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDFIELD, buffer, bufferOffset, ExpResult.MUST_FAIL); m_SystemOutLogger.println(); } @@ -380,15 +364,15 @@ public class SimpleAPDU { bufferOffset += 2; m_SystemOutLogger.println(String.format("%-53s%d times", "Executed repeats before unexpected error: ", numRepeats)); - bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); + bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); while (bufferOffset < buffer.length) { - bufferOffset = VerifyPrintResult("Set invalid custom curve:", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); + bufferOffset = VerifyPrintResult("Set invalid custom curve:", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); if (buffer[bufferOffset] == SimpleECCApplet.ECTEST_DH_GENERATESECRET) { bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_DH_GENERATESECRET, buffer, bufferOffset, ExpResult.MUST_FAIL); } - bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); - bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEDD); + bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); } m_SystemOutLogger.println(); -- cgit v1.2.3-70-g09d2 From 0339a7ace66934d2aa21f7feccd16ae640c88b8d Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 28 Nov 2016 20:33:37 +0100 Subject: EC_Consts: addded anomalous curves, with ordinady base points and small order pubkeys --- src/applets/EC_Consts.java | 796 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 780 insertions(+), 16 deletions(-) diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index 4ecff8a..24d854c 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -16,7 +16,10 @@ public class EC_Consts { private static byte[] EC_R = null; //n private static short EC_K = 1; //h - private static byte[] EC_F2M_F2M = null; //[short ii, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 + private static byte[] EC_P_X = null; //Pubkey[x,y] + private static byte[] EC_P_Y = null; + + private static byte[] EC_F2M_F2M = null; //[short i1, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 public static final byte PARAMETER_FP = 0x01; public static final byte PARAMETER_F2M = 0x02; @@ -912,6 +915,674 @@ public class EC_Consts { // cofactor of G public static final short EC571_F2M_K = 2; + //Anomalous curve(small-pub-128), with pubkey of order 5 + public static final byte[] ECSP128_FP_P = { + (byte) 0xcf, (byte) 0xba, (byte) 0x21, (byte) 0xfd, + (byte) 0x04, (byte) 0x83, (byte) 0xb1, (byte) 0xf3, + (byte) 0x00, (byte) 0xfa, (byte) 0x25, (byte) 0x06, + (byte) 0xa5, (byte) 0xa5, (byte) 0x66, (byte) 0xef + }; + + public static final byte[] ECSP128_FP_A = { + (byte) 0x36, (byte) 0xd9, (byte) 0xa5, (byte) 0xac, + (byte) 0xac, (byte) 0x27, (byte) 0xa0, (byte) 0x08, + (byte) 0xe3, (byte) 0x6c, (byte) 0xbe, (byte) 0x3e, + (byte) 0x9f, (byte) 0x10, (byte) 0x3f, (byte) 0xde + }; + + public static final byte[] ECSP128_FP_B = { + (byte) 0xa6, (byte) 0x7c, (byte) 0xf5, (byte) 0xfa, + (byte) 0x09, (byte) 0xfb, (byte) 0x1d, (byte) 0xb9, + (byte) 0x02, (byte) 0x06, (byte) 0x8c, (byte) 0x87, + (byte) 0x04, (byte) 0x6a, (byte) 0xe2, (byte) 0x1e + }; + + public static final byte[] ECSP128_FP_G_X = { + (byte) 0x47, (byte) 0xd7, (byte) 0x83, (byte) 0x91, + (byte) 0xa4, (byte) 0xb9, (byte) 0xff, (byte) 0xf6, + (byte) 0xa0, (byte) 0xdb, (byte) 0x12, (byte) 0x92, + (byte) 0xf9, (byte) 0xcd, (byte) 0x0e, (byte) 0x6a + }; + + public static final byte[] ECSP128_FP_G_Y = { + (byte) 0x9a, (byte) 0xed, (byte) 0x9c, (byte) 0x92, + (byte) 0xf8, (byte) 0xbb, (byte) 0x3d, (byte) 0xbd, + (byte) 0x42, (byte) 0x40, (byte) 0x21, (byte) 0x65, + (byte) 0xa2, (byte) 0x70, (byte) 0xbd, (byte) 0x6f + }; + + public static final byte[] ECSP128_FP_R = { + (byte) 0xcf, (byte) 0xba, (byte) 0x21, (byte) 0xfd, + (byte) 0x04, (byte) 0x83, (byte) 0xb1, (byte) 0xf3, + (byte) 0x33, (byte) 0xd6, (byte) 0x1a, (byte) 0x5a, + (byte) 0xf6, (byte) 0xad, (byte) 0xa2, (byte) 0xc7 + }; + + public static final short ECSP128_FP_K = 1; + + public static final byte[] ECSP128_FP_P_X = { + (byte) 0x63, (byte) 0x90, (byte) 0x1e, (byte) 0x12, + (byte) 0x27, (byte) 0x61, (byte) 0xd9, (byte) 0xc1, + (byte) 0x65, (byte) 0x65, (byte) 0xb2, (byte) 0xf3, + (byte) 0x8e, (byte) 0x99, (byte) 0x1f, (byte) 0x71 + }; + + public static final byte[] ECSP128_FP_P_Y = { + (byte) 0xb9, (byte) 0xd9, (byte) 0x9f, (byte) 0xbc, + (byte) 0x31, (byte) 0x54, (byte) 0xa9, (byte) 0x6c, + (byte) 0xa2, (byte) 0x3e, (byte) 0xcf, (byte) 0xf7, + (byte) 0x70, (byte) 0xcb, (byte) 0xbe, (byte) 0x4f + }; + + + //Anomalous curve(small-pub-160), with pubkey of order 3 + public static final byte[] ECSP160_FP_P = { + (byte) 0xdc, (byte) 0x13, (byte) 0x49, (byte) 0x0f, + (byte) 0xf9, (byte) 0x85, (byte) 0x7b, (byte) 0x11, + (byte) 0x1f, (byte) 0x44, (byte) 0xc0, (byte) 0x50, + (byte) 0x07, (byte) 0x70, (byte) 0xa6, (byte) 0x45, + (byte) 0x7e, (byte) 0x68, (byte) 0x32, (byte) 0x23 + }; + + public static final byte[] ECSP160_FP_A = { + (byte) 0xa3, (byte) 0xec, (byte) 0xd7, (byte) 0xd5, + (byte) 0x1e, (byte) 0x79, (byte) 0xd7, (byte) 0x2d, + (byte) 0x27, (byte) 0x00, (byte) 0x18, (byte) 0x4c, + (byte) 0x79, (byte) 0x5a, (byte) 0xa8, (byte) 0xa6, + (byte) 0xb8, (byte) 0xe6, (byte) 0x65, (byte) 0x73 + }; + + public static final byte[] ECSP160_FP_B = { + (byte) 0x8a, (byte) 0xc4, (byte) 0x35, (byte) 0x92, + (byte) 0x90, (byte) 0x5f, (byte) 0x99, (byte) 0x5c, + (byte) 0xb1, (byte) 0x3f, (byte) 0x36, (byte) 0x94, + (byte) 0x31, (byte) 0x7b, (byte) 0xf4, (byte) 0x70, + (byte) 0xad, (byte) 0xaf, (byte) 0xb6, (byte) 0x45 + }; + + public static final byte[] ECSP160_FP_G_X = { + (byte) 0x5f, (byte) 0x8e, (byte) 0x88, (byte) 0xaf, + (byte) 0xc1, (byte) 0x17, (byte) 0xc7, (byte) 0x22, + (byte) 0x85, (byte) 0x9f, (byte) 0xe8, (byte) 0xe5, + (byte) 0x56, (byte) 0x47, (byte) 0xbc, (byte) 0xa6, + (byte) 0x9b, (byte) 0xa8, (byte) 0x21, (byte) 0x50 + }; + + public static final byte[] ECSP160_FP_G_Y = { + (byte) 0x93, (byte) 0xe6, (byte) 0xdc, (byte) 0xae, + (byte) 0xe2, (byte) 0x71, (byte) 0xe9, (byte) 0xf2, + (byte) 0x83, (byte) 0x8c, (byte) 0x98, (byte) 0xb7, + (byte) 0xd0, (byte) 0x6e, (byte) 0xcc, (byte) 0xc5, + (byte) 0xd7, (byte) 0xc8, (byte) 0x00, (byte) 0xe5 + }; + + public static final byte[] ECSP160_FP_R = { + (byte) 0xdc, (byte) 0x13, (byte) 0x49, (byte) 0x0f, + (byte) 0xf9, (byte) 0x85, (byte) 0x7b, (byte) 0x11, + (byte) 0x1f, (byte) 0x44, (byte) 0x6e, (byte) 0xf4, + (byte) 0xa6, (byte) 0xd1, (byte) 0xe1, (byte) 0x71, + (byte) 0x5f, (byte) 0x6a, (byte) 0x6d, (byte) 0xff + }; + + public static final short ECSP160_FP_K = 1; + + public static final byte[] ECSP160_FP_P_X = { + (byte) 0x59, (byte) 0xc9, (byte) 0xc3, (byte) 0xc8, + (byte) 0xae, (byte) 0xf2, (byte) 0x9f, (byte) 0x1c, + (byte) 0x1c, (byte) 0x50, (byte) 0x0c, (byte) 0xaf, + (byte) 0xb4, (byte) 0x72, (byte) 0x6d, (byte) 0xa6, + (byte) 0x08, (byte) 0x6e, (byte) 0x6e, (byte) 0xb0 + }; + + public static final byte[] ECSP160_FP_P_Y = { + (byte) 0xd6, (byte) 0x95, (byte) 0xa7, (byte) 0x60, + (byte) 0x05, (byte) 0xed, (byte) 0xdb, (byte) 0x26, + (byte) 0xaf, (byte) 0xd4, (byte) 0x0e, (byte) 0xe2, + (byte) 0x09, (byte) 0x04, (byte) 0x77, (byte) 0x8b, + (byte) 0xb3, (byte) 0x49, (byte) 0x7b, (byte) 0xb1 + }; + + + //Anomalous curve(small-pub-192), with pubkey of order 4 + public static final byte[] ECSP192_FP_P = { + (byte) 0xee, (byte) 0x8a, (byte) 0x97, (byte) 0x03, + (byte) 0x3b, (byte) 0xb1, (byte) 0x00, (byte) 0x60, + (byte) 0x0c, (byte) 0x3a, (byte) 0x9f, (byte) 0x9d, + (byte) 0x88, (byte) 0x2a, (byte) 0xca, (byte) 0xeb, + (byte) 0x6e, (byte) 0x24, (byte) 0xfc, (byte) 0x63, + (byte) 0x04, (byte) 0xd8, (byte) 0x60, (byte) 0x8f + }; + + public static final byte[] ECSP192_FP_A = { + (byte) 0xc3, (byte) 0xf5, (byte) 0x83, (byte) 0x61, + (byte) 0x41, (byte) 0x18, (byte) 0xd6, (byte) 0xc4, + (byte) 0x85, (byte) 0xde, (byte) 0x1c, (byte) 0xd9, + (byte) 0x0a, (byte) 0x86, (byte) 0xda, (byte) 0x7d, + (byte) 0xff, (byte) 0x3a, (byte) 0xa6, (byte) 0xbb, + (byte) 0x77, (byte) 0x5c, (byte) 0xe1, (byte) 0x24 + }; + + public static final byte[] ECSP192_FP_B = { + (byte) 0x96, (byte) 0x78, (byte) 0x63, (byte) 0x29, + (byte) 0x6d, (byte) 0x32, (byte) 0x01, (byte) 0x61, + (byte) 0xe6, (byte) 0x88, (byte) 0x0f, (byte) 0xa6, + (byte) 0xd9, (byte) 0xa4, (byte) 0x86, (byte) 0x79, + (byte) 0xdf, (byte) 0xdb, (byte) 0xb1, (byte) 0x2b, + (byte) 0xb7, (byte) 0xe3, (byte) 0x54, (byte) 0xb1 + }; + + public static final byte[] ECSP192_FP_G_X = { + (byte) 0x7d, (byte) 0x6e, (byte) 0x93, (byte) 0x4a, + (byte) 0xbb, (byte) 0x41, (byte) 0x6c, (byte) 0x64, + (byte) 0xd4, (byte) 0x28, (byte) 0x90, (byte) 0xea, + (byte) 0x64, (byte) 0x40, (byte) 0xf5, (byte) 0x8a, + (byte) 0x0a, (byte) 0x5c, (byte) 0x5b, (byte) 0x31, + (byte) 0x2f, (byte) 0x35, (byte) 0x6b, (byte) 0x29 + }; + + public static final byte[] ECSP192_FP_G_Y = { + (byte) 0x47, (byte) 0x37, (byte) 0x7f, (byte) 0xed, + (byte) 0x17, (byte) 0xe2, (byte) 0x31, (byte) 0x74, + (byte) 0xf1, (byte) 0xb1, (byte) 0xb9, (byte) 0x01, + (byte) 0x6e, (byte) 0x28, (byte) 0x5e, (byte) 0x9c, + (byte) 0xac, (byte) 0x39, (byte) 0xe3, (byte) 0xbc, + (byte) 0xaa, (byte) 0x65, (byte) 0x22, (byte) 0xfd + }; + + public static final byte[] ECSP192_FP_R = { + (byte) 0xee, (byte) 0x8a, (byte) 0x97, (byte) 0x03, + (byte) 0x3b, (byte) 0xb1, (byte) 0x00, (byte) 0x60, + (byte) 0x0c, (byte) 0x3a, (byte) 0x9f, (byte) 0x9e, + (byte) 0xcd, (byte) 0x2b, (byte) 0xb6, (byte) 0x46, + (byte) 0x75, (byte) 0x84, (byte) 0x34, (byte) 0xad, + (byte) 0xd3, (byte) 0xd0, (byte) 0xdf, (byte) 0xd0 + }; + + public static final short ECSP192_FP_K = 1; + + public static final byte[] ECSP192_FP_P_X = { + (byte) 0xaa, (byte) 0xd0, (byte) 0xdb, (byte) 0xf8, + (byte) 0xad, (byte) 0x1c, (byte) 0x2c, (byte) 0x4e, + (byte) 0xf0, (byte) 0x67, (byte) 0xda, (byte) 0x63, + (byte) 0x97, (byte) 0x23, (byte) 0xe2, (byte) 0x0d, + (byte) 0xcf, (byte) 0xb4, (byte) 0x53, (byte) 0x52, + (byte) 0xb7, (byte) 0x7a, (byte) 0x59, (byte) 0x9c + }; + + public static final byte[] ECSP192_FP_P_Y = { + (byte) 0xae, (byte) 0x28, (byte) 0xd7, (byte) 0xea, + (byte) 0xde, (byte) 0xba, (byte) 0x10, (byte) 0x48, + (byte) 0x40, (byte) 0x64, (byte) 0x0d, (byte) 0x9b, + (byte) 0x6e, (byte) 0x2c, (byte) 0x2d, (byte) 0x22, + (byte) 0x25, (byte) 0xd2, (byte) 0x5d, (byte) 0x79, + (byte) 0x3a, (byte) 0x65, (byte) 0x5f, (byte) 0xb1 + }; + + + public static final byte[] ECSP224_FP_P = { + (byte) 0xee, (byte) 0xd4, (byte) 0xc3, (byte) 0xd9, + (byte) 0x8f, (byte) 0x1c, (byte) 0x9b, (byte) 0x95, + (byte) 0x18, (byte) 0xf1, (byte) 0x16, (byte) 0x26, + (byte) 0x3d, (byte) 0xb7, (byte) 0x70, (byte) 0x36, + (byte) 0x68, (byte) 0x77, (byte) 0xd1, (byte) 0x2d, + (byte) 0xf6, (byte) 0xa9, (byte) 0xcf, (byte) 0x08, + (byte) 0xb9, (byte) 0x6d, (byte) 0xd4, (byte) 0xbb + }; + + //Anomalous curve(small-pub-224), with pubkey of order 5 + public static final byte[] ECSP224_FP_A = { + (byte) 0x8d, (byte) 0x4d, (byte) 0xdd, (byte) 0xb0, + (byte) 0x31, (byte) 0x7d, (byte) 0x6a, (byte) 0x6b, + (byte) 0xf9, (byte) 0xa4, (byte) 0xdb, (byte) 0xbe, + (byte) 0xd3, (byte) 0xa4, (byte) 0x3f, (byte) 0xa2, + (byte) 0x1f, (byte) 0x79, (byte) 0x86, (byte) 0x9c, + (byte) 0x5a, (byte) 0xb9, (byte) 0x72, (byte) 0x9d, + (byte) 0x23, (byte) 0x9e, (byte) 0x92, (byte) 0x82 + }; + + public static final byte[] ECSP224_FP_B = { + (byte) 0x46, (byte) 0x87, (byte) 0x36, (byte) 0x14, + (byte) 0xbe, (byte) 0x3d, (byte) 0xff, (byte) 0xc9, + (byte) 0x21, (byte) 0x80, (byte) 0x82, (byte) 0x32, + (byte) 0x22, (byte) 0x10, (byte) 0xc0, (byte) 0x61, + (byte) 0x61, (byte) 0x40, (byte) 0x28, (byte) 0x6f, + (byte) 0x2d, (byte) 0x16, (byte) 0x05, (byte) 0x03, + (byte) 0xc1, (byte) 0xa9, (byte) 0x25, (byte) 0x0d + }; + + public static final byte[] ECSP224_FP_G_X = { + (byte) 0x96, (byte) 0x1b, (byte) 0xbb, (byte) 0x1f, + (byte) 0xc9, (byte) 0x95, (byte) 0x5a, (byte) 0x71, + (byte) 0xc9, (byte) 0x1a, (byte) 0x50, (byte) 0xae, + (byte) 0xdc, (byte) 0xd2, (byte) 0xf1, (byte) 0x4f, + (byte) 0xcc, (byte) 0xb6, (byte) 0x60, (byte) 0xaf, + (byte) 0x99, (byte) 0x2b, (byte) 0x00, (byte) 0x30, + (byte) 0xb9, (byte) 0xc9, (byte) 0x0b, (byte) 0x36 + }; + + public static final byte[] ECSP224_FP_G_Y = { + (byte) 0x1c, (byte) 0x00, (byte) 0xf6, (byte) 0xd0, + (byte) 0xbd, (byte) 0x40, (byte) 0x5d, (byte) 0xd7, + (byte) 0xd3, (byte) 0x01, (byte) 0x6f, (byte) 0xb8, + (byte) 0xc0, (byte) 0xc7, (byte) 0x5e, (byte) 0x4e, + (byte) 0xce, (byte) 0xc7, (byte) 0x0f, (byte) 0xe6, + (byte) 0x12, (byte) 0x37, (byte) 0xf6, (byte) 0xd2, + (byte) 0x40, (byte) 0x08, (byte) 0xa5, (byte) 0xfd + }; + + public static final byte[] ECSP224_FP_R = { + (byte) 0xee, (byte) 0xd4, (byte) 0xc3, (byte) 0xd9, + (byte) 0x8f, (byte) 0x1c, (byte) 0x9b, (byte) 0x95, + (byte) 0x18, (byte) 0xf1, (byte) 0x16, (byte) 0x26, + (byte) 0x3d, (byte) 0xb8, (byte) 0x21, (byte) 0xc3, + (byte) 0x6a, (byte) 0x06, (byte) 0xad, (byte) 0xae, + (byte) 0x17, (byte) 0x16, (byte) 0x2a, (byte) 0xd3, + (byte) 0x16, (byte) 0x2f, (byte) 0x68, (byte) 0xc3 + }; + + public static final short ECSP224_FP_K = 1; + + public static final byte[] ECSP224_FP_P_X = { + (byte) 0xcf, (byte) 0xd9, (byte) 0x2a, (byte) 0xea, + (byte) 0x0f, (byte) 0x79, (byte) 0x19, (byte) 0x0c, + (byte) 0x48, (byte) 0xca, (byte) 0x70, (byte) 0x3e, + (byte) 0xb8, (byte) 0xa9, (byte) 0xba, (byte) 0xa7, + (byte) 0x09, (byte) 0x9a, (byte) 0x23, (byte) 0xbb, + (byte) 0x39, (byte) 0x57, (byte) 0x82, (byte) 0x61, + (byte) 0xfe, (byte) 0x4d, (byte) 0x0f, (byte) 0x04 + }; + + public static final byte[] ECSP224_FP_P_Y = { + (byte) 0x25, (byte) 0x7a, (byte) 0x3d, (byte) 0x98, + (byte) 0xde, (byte) 0x44, (byte) 0xbd, (byte) 0x25, + (byte) 0x40, (byte) 0x49, (byte) 0x77, (byte) 0xa4, + (byte) 0xac, (byte) 0x7f, (byte) 0xc5, (byte) 0x6d, + (byte) 0x3d, (byte) 0x4e, (byte) 0x82, (byte) 0x7f, + (byte) 0x08, (byte) 0x5b, (byte) 0x7c, (byte) 0xf5, + (byte) 0x24, (byte) 0x75, (byte) 0x24, (byte) 0xc4 + }; + + + //Anomalous curve(small-pub-256), with pubkey of order 3 + public static final byte[] ECSP256_FP_P = { + (byte) 0xc9, (byte) 0xa8, (byte) 0x03, (byte) 0xb1, + (byte) 0xea, (byte) 0xf8, (byte) 0x49, (byte) 0xf1, + (byte) 0xc0, (byte) 0x2c, (byte) 0xfd, (byte) 0x1d, + (byte) 0xbf, (byte) 0xac, (byte) 0x68, (byte) 0x62, + (byte) 0x39, (byte) 0x85, (byte) 0xc8, (byte) 0x8b, + (byte) 0x37, (byte) 0x10, (byte) 0x3b, (byte) 0x33, + (byte) 0x8a, (byte) 0xe1, (byte) 0x1d, (byte) 0x25, + (byte) 0x97, (byte) 0xee, (byte) 0x84, (byte) 0x45 + }; + + public static final byte[] ECSP256_FP_A = { + (byte) 0x48, (byte) 0x41, (byte) 0xc5, (byte) 0x77, + (byte) 0x5a, (byte) 0x24, (byte) 0xa8, (byte) 0x84, + (byte) 0xca, (byte) 0x36, (byte) 0xec, (byte) 0x36, + (byte) 0x2b, (byte) 0x44, (byte) 0x64, (byte) 0x5a, + (byte) 0x2f, (byte) 0x60, (byte) 0xb2, (byte) 0x5d, + (byte) 0x00, (byte) 0x2c, (byte) 0x4f, (byte) 0xc1, + (byte) 0xd9, (byte) 0xf1, (byte) 0x39, (byte) 0x87, + (byte) 0x0f, (byte) 0xe0, (byte) 0xcc, (byte) 0x71 + }; + + public static final byte[] ECSP256_FP_B = { + (byte) 0x1b, (byte) 0x09, (byte) 0x74, (byte) 0x56, + (byte) 0x75, (byte) 0x1f, (byte) 0x35, (byte) 0x34, + (byte) 0x19, (byte) 0x0d, (byte) 0xae, (byte) 0x56, + (byte) 0x8f, (byte) 0x80, (byte) 0xa2, (byte) 0xc6, + (byte) 0xff, (byte) 0x55, (byte) 0xdd, (byte) 0xdf, + (byte) 0xe0, (byte) 0x72, (byte) 0xa7, (byte) 0xdc, + (byte) 0x64, (byte) 0x67, (byte) 0xa4, (byte) 0xb6, + (byte) 0x47, (byte) 0x6b, (byte) 0x68, (byte) 0x80 + }; + + public static final byte[] ECSP256_FP_G_X = { + (byte) 0xa1, (byte) 0xfd, (byte) 0x34, (byte) 0xa2, + (byte) 0x7a, (byte) 0xfb, (byte) 0x13, (byte) 0x40, + (byte) 0xb8, (byte) 0xe4, (byte) 0xa7, (byte) 0xdb, + (byte) 0x2a, (byte) 0x5e, (byte) 0xc5, (byte) 0xa1, + (byte) 0x43, (byte) 0x2c, (byte) 0x6d, (byte) 0xc8, + (byte) 0x55, (byte) 0x5a, (byte) 0xf9, (byte) 0xf7, + (byte) 0x8f, (byte) 0xca, (byte) 0x2c, (byte) 0xf7, + (byte) 0x40, (byte) 0xca, (byte) 0xb2, (byte) 0xb7 + }; + + public static final byte[] ECSP256_FP_G_Y = { + (byte) 0x98, (byte) 0x41, (byte) 0x9c, (byte) 0x69, + (byte) 0x8c, (byte) 0xab, (byte) 0x6c, (byte) 0x7d, + (byte) 0xbb, (byte) 0x53, (byte) 0xeb, (byte) 0x27, + (byte) 0x51, (byte) 0x41, (byte) 0x7b, (byte) 0x52, + (byte) 0xcc, (byte) 0xde, (byte) 0xd4, (byte) 0x68, + (byte) 0x0c, (byte) 0x5e, (byte) 0x09, (byte) 0x54, + (byte) 0x3f, (byte) 0x93, (byte) 0xc7, (byte) 0x88, + (byte) 0x6c, (byte) 0x3a, (byte) 0x17, (byte) 0x3e + }; + + public static final byte[] ECSP256_FP_R = { + (byte) 0xc9, (byte) 0xa8, (byte) 0x03, (byte) 0xb1, + (byte) 0xea, (byte) 0xf8, (byte) 0x49, (byte) 0xf1, + (byte) 0xc0, (byte) 0x2c, (byte) 0xfd, (byte) 0x1d, + (byte) 0xbf, (byte) 0xac, (byte) 0x68, (byte) 0x63, + (byte) 0x12, (byte) 0x8c, (byte) 0x5b, (byte) 0x1f, + (byte) 0xc5, (byte) 0xac, (byte) 0xd5, (byte) 0xb5, + (byte) 0xe0, (byte) 0xfc, (byte) 0x0a, (byte) 0x73, + (byte) 0x11, (byte) 0xfb, (byte) 0x5b, (byte) 0x1d + }; + + public static final short ECSP256_FP_K = 1; + + public static final byte[] ECSP256_FP_P_X = { + (byte) 0x75, (byte) 0xfc, (byte) 0xe7, (byte) 0x09, + (byte) 0x68, (byte) 0x86, (byte) 0x2d, (byte) 0x53, + (byte) 0xe2, (byte) 0x95, (byte) 0x48, (byte) 0xaa, + (byte) 0xd7, (byte) 0x05, (byte) 0x82, (byte) 0x51, + (byte) 0x4e, (byte) 0x96, (byte) 0x0d, (byte) 0x81, + (byte) 0x28, (byte) 0xbd, (byte) 0x3c, (byte) 0x5f, + (byte) 0x8c, (byte) 0x4d, (byte) 0xbe, (byte) 0x2c, + (byte) 0xf8, (byte) 0xda, (byte) 0xd6, (byte) 0x53 + }; + + public static final byte[] ECSP256_FP_P_Y = { + (byte) 0x55, (byte) 0xaa, (byte) 0x4b, (byte) 0x7d, + (byte) 0x38, (byte) 0x82, (byte) 0xfb, (byte) 0x0a, + (byte) 0x83, (byte) 0xbd, (byte) 0x00, (byte) 0xc9, + (byte) 0xc3, (byte) 0xba, (byte) 0xe1, (byte) 0x7f, + (byte) 0x10, (byte) 0x24, (byte) 0xd6, (byte) 0x4a, + (byte) 0xec, (byte) 0x67, (byte) 0xe1, (byte) 0xdb, + (byte) 0x38, (byte) 0xef, (byte) 0x67, (byte) 0x1e, + (byte) 0x63, (byte) 0x50, (byte) 0xbe, (byte) 0xae + }; + + + //Anomalous curve(small-pub-384), with pubkey of order 3 + public static final byte[] ECSP384_FP_P = { + (byte) 0xd0, (byte) 0xdf, (byte) 0x6c, (byte) 0x96, + (byte) 0xcf, (byte) 0xf7, (byte) 0x08, (byte) 0x1b, + (byte) 0xe8, (byte) 0x0d, (byte) 0x22, (byte) 0xb0, + (byte) 0x05, (byte) 0x75, (byte) 0x8a, (byte) 0x2e, + (byte) 0x2f, (byte) 0x04, (byte) 0x6e, (byte) 0x15, + (byte) 0xfe, (byte) 0x02, (byte) 0x0e, (byte) 0xf8, + (byte) 0x86, (byte) 0xe2, (byte) 0x1b, (byte) 0x49, + (byte) 0x2a, (byte) 0xc5, (byte) 0x72, (byte) 0x57, + (byte) 0xa9, (byte) 0x23, (byte) 0x14, (byte) 0x4b, + (byte) 0xca, (byte) 0xd9, (byte) 0x89, (byte) 0xab, + (byte) 0x63, (byte) 0x41, (byte) 0xbd, (byte) 0x3b, + (byte) 0x70, (byte) 0x0f, (byte) 0x91, (byte) 0x4b + }; + + public static final byte[] ECSP384_FP_A = { + (byte) 0x45, (byte) 0xc6, (byte) 0x45, (byte) 0x03, + (byte) 0xbe, (byte) 0x01, (byte) 0x9a, (byte) 0xfd, + (byte) 0x34, (byte) 0x62, (byte) 0xb3, (byte) 0x61, + (byte) 0xad, (byte) 0x2b, (byte) 0x2a, (byte) 0x3b, + (byte) 0xca, (byte) 0x0a, (byte) 0xec, (byte) 0xcc, + (byte) 0x54, (byte) 0x94, (byte) 0xa6, (byte) 0x24, + (byte) 0xfb, (byte) 0x63, (byte) 0x24, (byte) 0x55, + (byte) 0xe6, (byte) 0x2b, (byte) 0x4f, (byte) 0x0c, + (byte) 0x98, (byte) 0xf9, (byte) 0x44, (byte) 0xfa, + (byte) 0x97, (byte) 0xc3, (byte) 0x78, (byte) 0x11, + (byte) 0xda, (byte) 0x03, (byte) 0x98, (byte) 0x23, + (byte) 0xcd, (byte) 0x77, (byte) 0xc9, (byte) 0x06 + }; + + public static final byte[] ECSP384_FP_B = { + (byte) 0xd8, (byte) 0x55, (byte) 0x83, (byte) 0xf7, + (byte) 0xf1, (byte) 0x1a, (byte) 0xd2, (byte) 0x3e, + (byte) 0xc7, (byte) 0x5e, (byte) 0xd5, (byte) 0xa4, + (byte) 0x14, (byte) 0x15, (byte) 0x3a, (byte) 0x06, + (byte) 0xd6, (byte) 0x64, (byte) 0x09, (byte) 0x36, + (byte) 0xb8, (byte) 0x10, (byte) 0x3f, (byte) 0x5d, + (byte) 0xf6, (byte) 0x91, (byte) 0xfa, (byte) 0x95, + (byte) 0xcf, (byte) 0x2a, (byte) 0xfa, (byte) 0x78, + (byte) 0xf3, (byte) 0xea, (byte) 0x5a, (byte) 0xdd, + (byte) 0xc2, (byte) 0x25, (byte) 0xb1, (byte) 0x44, + (byte) 0x96, (byte) 0x40, (byte) 0x48, (byte) 0xc9, + (byte) 0xf7, (byte) 0x59, (byte) 0x2a, (byte) 0xe4 + }; + + public static final byte[] ECSP384_FP_G_X = { + (byte) 0x2b, (byte) 0x13, (byte) 0x41, (byte) 0xd1, + (byte) 0x2d, (byte) 0xff, (byte) 0x4f, (byte) 0x9c, + (byte) 0xf9, (byte) 0x42, (byte) 0x7c, (byte) 0x47, + (byte) 0x52, (byte) 0x96, (byte) 0x2b, (byte) 0x4c, + (byte) 0x2b, (byte) 0xdc, (byte) 0x8f, (byte) 0xbc, + (byte) 0xd8, (byte) 0x06, (byte) 0x52, (byte) 0x51, + (byte) 0x6c, (byte) 0x42, (byte) 0x1c, (byte) 0xc5, + (byte) 0x23, (byte) 0x21, (byte) 0x2a, (byte) 0x01, + (byte) 0xea, (byte) 0x63, (byte) 0xc7, (byte) 0x9d, + (byte) 0x6e, (byte) 0x9a, (byte) 0x9c, (byte) 0x84, + (byte) 0x93, (byte) 0x3e, (byte) 0x35, (byte) 0x3e, + (byte) 0x21, (byte) 0x24, (byte) 0x16, (byte) 0xec + }; + + public static final byte[] ECSP384_FP_G_Y = { + (byte) 0xce, (byte) 0x41, (byte) 0x6c, (byte) 0x6e, + (byte) 0x75, (byte) 0xfa, (byte) 0x9f, (byte) 0xd2, + (byte) 0x05, (byte) 0xed, (byte) 0x48, (byte) 0xfc, + (byte) 0x4e, (byte) 0x30, (byte) 0x99, (byte) 0xcb, + (byte) 0xb1, (byte) 0xd6, (byte) 0xed, (byte) 0x03, + (byte) 0x1b, (byte) 0x7d, (byte) 0xdb, (byte) 0xff, + (byte) 0x1d, (byte) 0x63, (byte) 0x4e, (byte) 0xb9, + (byte) 0x7a, (byte) 0x83, (byte) 0xd9, (byte) 0xb7, + (byte) 0x80, (byte) 0xcf, (byte) 0xd4, (byte) 0xde, + (byte) 0xdf, (byte) 0xdd, (byte) 0x2c, (byte) 0x76, + (byte) 0x04, (byte) 0xd1, (byte) 0x43, (byte) 0x19, + (byte) 0x6c, (byte) 0x08, (byte) 0xd9, (byte) 0x33 + }; + + public static final byte[] ECSP384_FP_R = { + (byte) 0xd0, (byte) 0xdf, (byte) 0x6c, (byte) 0x96, + (byte) 0xcf, (byte) 0xf7, (byte) 0x08, (byte) 0x1b, + (byte) 0xe8, (byte) 0x0d, (byte) 0x22, (byte) 0xb0, + (byte) 0x05, (byte) 0x75, (byte) 0x8a, (byte) 0x2e, + (byte) 0x2f, (byte) 0x04, (byte) 0x6e, (byte) 0x15, + (byte) 0xfe, (byte) 0x02, (byte) 0x0e, (byte) 0xf7, + (byte) 0x66, (byte) 0x4e, (byte) 0xd5, (byte) 0x1d, + (byte) 0x77, (byte) 0x01, (byte) 0xc8, (byte) 0x6b, + (byte) 0xf2, (byte) 0xa1, (byte) 0xe9, (byte) 0xf3, + (byte) 0x00, (byte) 0x2c, (byte) 0x26, (byte) 0xfe, + (byte) 0x00, (byte) 0x23, (byte) 0x14, (byte) 0xc3, + (byte) 0xc9, (byte) 0x2f, (byte) 0x1c, (byte) 0xa9 + }; + + public static final short ECSP384_FP_K = 1; + + public static final byte[] ECSP384_FP_P_X = { + (byte) 0xa4, (byte) 0xbd, (byte) 0x57, (byte) 0x5b, + (byte) 0xf2, (byte) 0x03, (byte) 0x00, (byte) 0xb0, + (byte) 0xcf, (byte) 0x8a, (byte) 0x2f, (byte) 0x41, + (byte) 0xdd, (byte) 0x5a, (byte) 0x03, (byte) 0xe9, + (byte) 0x08, (byte) 0x96, (byte) 0x6a, (byte) 0x42, + (byte) 0x29, (byte) 0xa5, (byte) 0xf2, (byte) 0x2f, + (byte) 0x5c, (byte) 0x19, (byte) 0x0d, (byte) 0x36, + (byte) 0x41, (byte) 0xac, (byte) 0x2d, (byte) 0x32, + (byte) 0xb7, (byte) 0xb2, (byte) 0x4a, (byte) 0x63, + (byte) 0x48, (byte) 0x2c, (byte) 0xbb, (byte) 0xcd, + (byte) 0x0c, (byte) 0x22, (byte) 0x57, (byte) 0xf8, + (byte) 0x34, (byte) 0x83, (byte) 0x4e, (byte) 0xf1 + }; + + public static final byte[] ECSP384_FP_P_Y = { + (byte) 0x38, (byte) 0xd5, (byte) 0x1c, (byte) 0x8f, + (byte) 0x9e, (byte) 0x90, (byte) 0x59, (byte) 0x2f, + (byte) 0x56, (byte) 0x7e, (byte) 0x81, (byte) 0xd0, + (byte) 0xe4, (byte) 0x85, (byte) 0x5e, (byte) 0x79, + (byte) 0x73, (byte) 0x1b, (byte) 0x57, (byte) 0x97, + (byte) 0x85, (byte) 0x7a, (byte) 0x4c, (byte) 0x7d, + (byte) 0xc2, (byte) 0x70, (byte) 0x65, (byte) 0x3b, + (byte) 0xc9, (byte) 0xf0, (byte) 0xc3, (byte) 0x1e, + (byte) 0x84, (byte) 0x69, (byte) 0x30, (byte) 0x07, + (byte) 0xb0, (byte) 0x9c, (byte) 0xeb, (byte) 0xf7, + (byte) 0x10, (byte) 0xd5, (byte) 0xae, (byte) 0x32, + (byte) 0x37, (byte) 0x30, (byte) 0x39, (byte) 0x49 + }; + + + //Anomalous curve(small-pub-521), with pubkey of order 4 + public static final byte[] ECSP521_FP_P = { + (byte) 0x01, (byte) 0x9f, (byte) 0x9b, (byte) 0x18, + (byte) 0x84, (byte) 0x55, (byte) 0xfc, (byte) 0xb2, + (byte) 0x4e, (byte) 0x68, (byte) 0xee, (byte) 0xba, + (byte) 0xbf, (byte) 0x2a, (byte) 0xfd, (byte) 0xa0, + (byte) 0xb5, (byte) 0x11, (byte) 0x4e, (byte) 0xc5, + (byte) 0xe8, (byte) 0x2b, (byte) 0x6d, (byte) 0xa1, + (byte) 0x8f, (byte) 0xa2, (byte) 0x64, (byte) 0x31, + (byte) 0xee, (byte) 0x72, (byte) 0x03, (byte) 0xa2, + (byte) 0x3d, (byte) 0x8b, (byte) 0xd7, (byte) 0xc4, + (byte) 0x16, (byte) 0x9b, (byte) 0x73, (byte) 0x0d, + (byte) 0xbc, (byte) 0x9c, (byte) 0xff, (byte) 0xd8, + (byte) 0xc0, (byte) 0xe7, (byte) 0x9d, (byte) 0xc4, + (byte) 0x03, (byte) 0x74, (byte) 0x12, (byte) 0x8d, + (byte) 0xeb, (byte) 0x03, (byte) 0x44, (byte) 0x56, + (byte) 0x96, (byte) 0x0b, (byte) 0x87, (byte) 0x3d, + (byte) 0xfd, (byte) 0x26, (byte) 0x2b, (byte) 0xe0, + (byte) 0xb6, (byte) 0xd5 + }; + + public static final byte[] ECSP521_FP_A = { + (byte) 0x8e, (byte) 0xdc, (byte) 0x39, (byte) 0xcd, + (byte) 0xdd, (byte) 0x0f, (byte) 0x31, (byte) 0x73, + (byte) 0x71, (byte) 0x67, (byte) 0x46, (byte) 0xac, + (byte) 0x53, (byte) 0x94, (byte) 0xb6, (byte) 0x1e, + (byte) 0x11, (byte) 0xc0, (byte) 0x56, (byte) 0x67, + (byte) 0xec, (byte) 0xba, (byte) 0x2f, (byte) 0x25, + (byte) 0x05, (byte) 0xb7, (byte) 0x28, (byte) 0x6c, + (byte) 0x5b, (byte) 0xab, (byte) 0x09, (byte) 0x02, + (byte) 0x09, (byte) 0x1d, (byte) 0xf8, (byte) 0xa6, + (byte) 0xbe, (byte) 0x38, (byte) 0xcd, (byte) 0x4a, + (byte) 0x45, (byte) 0xa8, (byte) 0x17, (byte) 0xad, + (byte) 0x2a, (byte) 0xfd, (byte) 0x57, (byte) 0x6f, + (byte) 0xdc, (byte) 0xbd, (byte) 0x2f, (byte) 0x27, + (byte) 0x01, (byte) 0xc4, (byte) 0x5e, (byte) 0xae, + (byte) 0x1a, (byte) 0x55, (byte) 0x88, (byte) 0xee, + (byte) 0xc7, (byte) 0xd1, (byte) 0x08, (byte) 0x42, + (byte) 0x3d + }; + + public static final byte[] ECSP521_FP_B = { + (byte) 0x2d, (byte) 0x83, (byte) 0x7c, (byte) 0xac, + (byte) 0x89, (byte) 0x02, (byte) 0xfe, (byte) 0x65, + (byte) 0x1e, (byte) 0x81, (byte) 0x7f, (byte) 0x20, + (byte) 0x6d, (byte) 0x5c, (byte) 0x9e, (byte) 0xb7, + (byte) 0x8a, (byte) 0xed, (byte) 0xef, (byte) 0x80, + (byte) 0xd1, (byte) 0x6e, (byte) 0xa1, (byte) 0x67, + (byte) 0xbb, (byte) 0x37, (byte) 0x7c, (byte) 0xb7, + (byte) 0xff, (byte) 0xfc, (byte) 0x0c, (byte) 0x94, + (byte) 0x8e, (byte) 0xef, (byte) 0xea, (byte) 0x5f, + (byte) 0xd3, (byte) 0x46, (byte) 0xfe, (byte) 0x4c, + (byte) 0x82, (byte) 0xa1, (byte) 0x6d, (byte) 0x1a, + (byte) 0x46, (byte) 0xb8, (byte) 0xeb, (byte) 0x05, + (byte) 0xe5, (byte) 0x70, (byte) 0xcb, (byte) 0x76, + (byte) 0xe7, (byte) 0x1d, (byte) 0xb0, (byte) 0xad, + (byte) 0xc1, (byte) 0x99, (byte) 0xbd, (byte) 0xe2, + (byte) 0x83, (byte) 0x4a, (byte) 0xd6, (byte) 0x74, + (byte) 0x1f + }; + + public static final byte[] ECSP521_FP_G_X = { + (byte) 0xe5, (byte) 0xa6, (byte) 0x65, (byte) 0xfc, + (byte) 0x52, (byte) 0x93, (byte) 0xfa, (byte) 0xd7, + (byte) 0x05, (byte) 0x0f, (byte) 0x63, (byte) 0x31, + (byte) 0x18, (byte) 0xfb, (byte) 0x91, (byte) 0x55, + (byte) 0x23, (byte) 0x85, (byte) 0x71, (byte) 0xc8, + (byte) 0x17, (byte) 0xe6, (byte) 0x62, (byte) 0x6c, + (byte) 0xe5, (byte) 0x8e, (byte) 0x1c, (byte) 0xb5, + (byte) 0x11, (byte) 0x79, (byte) 0x3d, (byte) 0x03, + (byte) 0xab, (byte) 0x2e, (byte) 0x18, (byte) 0x0a, + (byte) 0x5d, (byte) 0xaf, (byte) 0xf4, (byte) 0x9c, + (byte) 0xfb, (byte) 0xb1, (byte) 0xf8, (byte) 0x88, + (byte) 0xc7, (byte) 0xd8, (byte) 0x06, (byte) 0x9a, + (byte) 0x60, (byte) 0xcd, (byte) 0x09, (byte) 0xcc, + (byte) 0x6a, (byte) 0xfc, (byte) 0x2b, (byte) 0x6b, + (byte) 0xb1, (byte) 0xea, (byte) 0x54, (byte) 0xea, + (byte) 0x98, (byte) 0x5e, (byte) 0x78, (byte) 0xd3, + (byte) 0x1f + }; + + public static final byte[] ECSP521_FP_G_Y = { + (byte) 0x01, (byte) 0x06, (byte) 0x7b, (byte) 0x42, + (byte) 0x85, (byte) 0x9e, (byte) 0x5c, (byte) 0x33, + (byte) 0x98, (byte) 0xab, (byte) 0xa9, (byte) 0xec, + (byte) 0xc0, (byte) 0x2b, (byte) 0xf2, (byte) 0x89, + (byte) 0xf9, (byte) 0xe3, (byte) 0x13, (byte) 0x37, + (byte) 0x1e, (byte) 0x70, (byte) 0x21, (byte) 0xbf, + (byte) 0x1d, (byte) 0xb5, (byte) 0xae, (byte) 0xbe, + (byte) 0x2d, (byte) 0x52, (byte) 0x9e, (byte) 0x2f, + (byte) 0x66, (byte) 0x23, (byte) 0xa0, (byte) 0x6f, + (byte) 0x3b, (byte) 0x10, (byte) 0xe7, (byte) 0xf9, + (byte) 0x2c, (byte) 0x3e, (byte) 0xcc, (byte) 0x18, + (byte) 0x3d, (byte) 0xe1, (byte) 0xe5, (byte) 0x91, + (byte) 0x9b, (byte) 0x0d, (byte) 0x6d, (byte) 0x2e, + (byte) 0xd6, (byte) 0x55, (byte) 0xec, (byte) 0x31, + (byte) 0xc3, (byte) 0x13, (byte) 0x15, (byte) 0x9f, + (byte) 0x2c, (byte) 0x9d, (byte) 0xf9, (byte) 0x15, + (byte) 0xfb, (byte) 0xe0 + }; + + public static final byte[] ECSP521_FP_R = { + (byte) 0x01, (byte) 0x9f, (byte) 0x9b, (byte) 0x18, + (byte) 0x84, (byte) 0x55, (byte) 0xfc, (byte) 0xb2, + (byte) 0x4e, (byte) 0x68, (byte) 0xee, (byte) 0xba, + (byte) 0xbf, (byte) 0x2a, (byte) 0xfd, (byte) 0xa0, + (byte) 0xb5, (byte) 0x11, (byte) 0x4e, (byte) 0xc5, + (byte) 0xe8, (byte) 0x2b, (byte) 0x6d, (byte) 0xa1, + (byte) 0x8f, (byte) 0xa2, (byte) 0x64, (byte) 0x31, + (byte) 0xee, (byte) 0x72, (byte) 0x03, (byte) 0xa2, + (byte) 0x3d, (byte) 0x75, (byte) 0xdd, (byte) 0xed, + (byte) 0x80, (byte) 0x28, (byte) 0x58, (byte) 0xff, + (byte) 0xab, (byte) 0x06, (byte) 0x8f, (byte) 0x74, + (byte) 0xf8, (byte) 0x9c, (byte) 0xc7, (byte) 0x73, + (byte) 0x85, (byte) 0x0e, (byte) 0x1b, (byte) 0x56, + (byte) 0x84, (byte) 0x3f, (byte) 0x76, (byte) 0x7c, + (byte) 0x15, (byte) 0xef, (byte) 0x65, (byte) 0xb4, + (byte) 0x12, (byte) 0xe6, (byte) 0x50, (byte) 0xc9, + (byte) 0x7b, (byte) 0xd0 + }; + + public static final short ECSP521_FP_K = 1; + + public static final byte[] ECSP521_FP_P_X = { + (byte) 0xfc, (byte) 0xcf, (byte) 0x5c, (byte) 0x11, + (byte) 0x3b, (byte) 0xec, (byte) 0x94, (byte) 0x61, + (byte) 0xdb, (byte) 0x3e, (byte) 0x56, (byte) 0x73, + (byte) 0x34, (byte) 0xcb, (byte) 0xf9, (byte) 0x8e, + (byte) 0x32, (byte) 0xde, (byte) 0x58, (byte) 0x12, + (byte) 0x92, (byte) 0x07, (byte) 0x74, (byte) 0xdb, + (byte) 0x40, (byte) 0xd2, (byte) 0x94, (byte) 0x18, + (byte) 0xd2, (byte) 0x92, (byte) 0xc3, (byte) 0xc4, + (byte) 0xf6, (byte) 0xce, (byte) 0x08, (byte) 0xb2, + (byte) 0x00, (byte) 0x21, (byte) 0xfe, (byte) 0x0f, + (byte) 0x07, (byte) 0xf0, (byte) 0xe4, (byte) 0xc9, + (byte) 0xc3, (byte) 0xd1, (byte) 0x43, (byte) 0xe7, + (byte) 0xd0, (byte) 0xf8, (byte) 0xcd, (byte) 0xb6, + (byte) 0x16, (byte) 0x71, (byte) 0xa7, (byte) 0xe4, + (byte) 0x46, (byte) 0x8a, (byte) 0x93, (byte) 0xde, + (byte) 0xe6, (byte) 0x0c, (byte) 0x1d, (byte) 0x29, + (byte) 0xde + }; + + public static final byte[] ECSP521_FP_P_Y = { + (byte) 0xc3, (byte) 0x6d, (byte) 0x08, (byte) 0x8f, + (byte) 0xc2, (byte) 0xfe, (byte) 0x3b, (byte) 0x42, + (byte) 0x90, (byte) 0x7b, (byte) 0xbf, (byte) 0x8a, + (byte) 0xf7, (byte) 0xf1, (byte) 0x9e, (byte) 0xda, + (byte) 0x94, (byte) 0x82, (byte) 0x10, (byte) 0x1d, + (byte) 0x4f, (byte) 0x73, (byte) 0xf8, (byte) 0xcd, + (byte) 0x46, (byte) 0x73, (byte) 0x6e, (byte) 0x06, + (byte) 0x35, (byte) 0xe1, (byte) 0xc5, (byte) 0xca, + (byte) 0xe1, (byte) 0x71, (byte) 0x09, (byte) 0x30, + (byte) 0x8c, (byte) 0x3a, (byte) 0xec, (byte) 0x74, + (byte) 0x10, (byte) 0xf7, (byte) 0xec, (byte) 0x06, + (byte) 0xfb, (byte) 0x78, (byte) 0xec, (byte) 0xa4, + (byte) 0xb8, (byte) 0xcb, (byte) 0xac, (byte) 0xb6, + (byte) 0x4d, (byte) 0xaf, (byte) 0x54, (byte) 0x8f, + (byte) 0x95, (byte) 0x02, (byte) 0xf4, (byte) 0x87, + (byte) 0x77, (byte) 0x53, (byte) 0xda, (byte) 0x15, + (byte) 0x2e + }; + + // getCorruptCurveParameter PARAMETER_CORRUPTION TYPES public static final short CORRUPTION_NONE = 0x01; public static final short CORRUPTION_FIXED = 0x02; @@ -930,14 +1601,22 @@ public class EC_Consts { public static final byte CURVE_secp384r1 = 6; public static final byte CURVE_secp521r1 = 7; - public static final byte FP_CURVES = 7; + public static final byte CURVE_sp128 = 8; + public static final byte CURVE_sp160 = 9; + public static final byte CURVE_sp192 = 10; + public static final byte CURVE_sp224 = 11; + public static final byte CURVE_sp256 = 12; + public static final byte CURVE_sp384 = 13; + public static final byte CURVE_sp521 = 14; + + public static final byte FP_CURVES = 14; // SECP recommended curves over F2M - public static final byte CURVE_sect163r1 = 8; - public static final byte CURVE_sect233r1 = 9; - public static final byte CURVE_sect283r1 = 10; - public static final byte CURVE_sect409r1 = 11; - public static final byte CURVE_sect571r1 = 12; + public static final byte CURVE_sect163r1 = 15; + public static final byte CURVE_sect233r1 = 16; + public static final byte CURVE_sect283r1 = 17; + public static final byte CURVE_sect409r1 = 18; + public static final byte CURVE_sect571r1 = 19; public static final byte F2M_CURVES = 12; @@ -1105,6 +1784,90 @@ public class EC_Consts { EC_K = EC571_F2M_K; break; } + case CURVE_sp128: { + EC_FP_P = ECSP128_FP_P; + EC_A = ECSP128_FP_A; + EC_B = ECSP128_FP_B; + EC_G_X = ECSP128_FP_G_X; + EC_G_Y = ECSP128_FP_G_Y; + EC_R = ECSP128_FP_R; + EC_K = ECSP128_FP_K; + EC_P_X = ECSP128_FP_P_X; + EC_P_Y = ECSP128_FP_P_Y; + break; + } + case CURVE_sp160: { + EC_FP_P = ECSP160_FP_P; + EC_A = ECSP160_FP_A; + EC_B = ECSP160_FP_B; + EC_G_X = ECSP160_FP_G_X; + EC_G_Y = ECSP160_FP_G_Y; + EC_R = ECSP160_FP_R; + EC_K = ECSP160_FP_K; + EC_P_X = ECSP160_FP_P_X; + EC_P_Y = ECSP160_FP_P_Y; + break; + } + case CURVE_sp192: { + EC_FP_P = ECSP192_FP_P; + EC_A = ECSP192_FP_A; + EC_B = ECSP192_FP_B; + EC_G_X = ECSP192_FP_G_X; + EC_G_Y = ECSP192_FP_G_Y; + EC_R = ECSP192_FP_R; + EC_K = ECSP192_FP_K; + EC_P_X = ECSP192_FP_P_X; + EC_P_Y = ECSP192_FP_P_Y; + break; + } + case CURVE_sp224: { + EC_FP_P = ECSP224_FP_P; + EC_A = ECSP224_FP_A; + EC_B = ECSP224_FP_B; + EC_G_X = ECSP224_FP_G_X; + EC_G_Y = ECSP224_FP_G_Y; + EC_R = ECSP224_FP_R; + EC_K = ECSP224_FP_K; + EC_P_X = ECSP224_FP_P_X; + EC_P_Y = ECSP224_FP_P_Y; + break; + } + case CURVE_sp256: { + EC_FP_P = ECSP256_FP_P; + EC_A = ECSP256_FP_A; + EC_B = ECSP256_FP_B; + EC_G_X = ECSP256_FP_G_X; + EC_G_Y = ECSP256_FP_G_Y; + EC_R = ECSP256_FP_R; + EC_K = ECSP256_FP_K; + EC_P_X = ECSP256_FP_P_X; + EC_P_Y = ECSP256_FP_P_Y; + break; + } + case CURVE_sp384: { + EC_FP_P = ECSP384_FP_P; + EC_A = ECSP384_FP_A; + EC_B = ECSP384_FP_B; + EC_G_X = ECSP384_FP_G_X; + EC_G_Y = ECSP384_FP_G_Y; + EC_R = ECSP384_FP_R; + EC_K = ECSP384_FP_K; + EC_P_X = ECSP384_FP_P_X; + EC_P_Y = ECSP384_FP_P_Y; + break; + } + case CURVE_sp521: { + EC_FP_P = ECSP521_FP_P; + EC_A = ECSP521_FP_A; + EC_B = ECSP521_FP_B; + EC_G_X = ECSP521_FP_G_X; + EC_G_Y = ECSP521_FP_G_Y; + EC_R = ECSP521_FP_R; + EC_K = ECSP521_FP_K; + EC_P_X = ECSP521_FP_P_X; + EC_P_Y = ECSP521_FP_P_Y; + break; + } default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } @@ -1117,17 +1880,17 @@ public class EC_Consts { break; case PARAMETER_F2M: if (alg == KeyPair.ALG_EC_F2M) { - length = Util.arrayCopyNonAtomic(EC_F2M_F2M, (short) 0, outputBuffer, outputOffset, (short) EC_F2M_F2M.length); + length = Util.arrayCopyNonAtomic(EC_F2M_F2M, (short) 0, outputBuffer, outputOffset, (short) EC_F2M_F2M.length); } break; case PARAMETER_A: - length = Util.arrayCopyNonAtomic(EC_A, (short) 0, outputBuffer, outputOffset, (short) EC_A.length); + length = Util.arrayCopyNonAtomic(EC_A, (short) 0, outputBuffer, outputOffset, (short) EC_A.length); break; case PARAMETER_B: - length = Util.arrayCopyNonAtomic(EC_B, (short) 0, outputBuffer, outputOffset, (short) EC_B.length); + length = Util.arrayCopyNonAtomic(EC_B, (short) 0, outputBuffer, outputOffset, (short) EC_B.length); break; case PARAMETER_G: - length = decompressG(outputBuffer, outputOffset, EC_G_X, (short) 0, (short) EC_G_X.length, EC_G_Y, (short) 0, (short) EC_G_Y.length); + length = toX962(outputBuffer, outputOffset, EC_G_X, (short) 0, (short) EC_G_X.length, EC_G_Y, (short) 0, (short) EC_G_Y.length); break; case PARAMETER_R: length = Util.arrayCopyNonAtomic(EC_R, (short) 0, outputBuffer, outputOffset, (short) EC_R.length); @@ -1203,17 +1966,18 @@ public class EC_Consts { return curve <= FP_CURVES ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; } - private static short decompressG(byte[] outputBuffer, short outputOffset, byte[] gx, short gxOffset, short gxLength, byte[] gy, short gyOffset, short gyLength) { + private static short toX962(byte[] outputBuffer, short outputOffset, byte[] xBuffer, short xOffset, short xLength, byte[] yBuffer, short yOffset, short yLength) { short size = 1; - size += gxLength; - size += gyLength; + size += xLength; + size += yLength; short offset = outputOffset; outputBuffer[offset] = 0x04; offset += 1; - offset = Util.arrayCopyNonAtomic(gx, gxOffset, outputBuffer, offset, gxLength); - Util.arrayCopyNonAtomic(gy, gyOffset, outputBuffer, offset, gyLength); + offset = Util.arrayCopyNonAtomic(xBuffer, xOffset, outputBuffer, offset, xLength); + Util.arrayCopyNonAtomic(yBuffer, yOffset, outputBuffer, offset, yLength); return size; } + } -- cgit v1.2.3-70-g09d2 From f4b67923063ca35ae1405d701b461bfda0c10515 Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 28 Nov 2016 22:34:50 +0100 Subject: Added test for small public key degree in ECDH --- !uploader/simpleECC.cap | Bin 14367 -> 18068 bytes dist/SimpleAPDU.jar | Bin 3071803 -> 3078811 bytes src/applets/ECKeyGenerator.java | 31 +++++++++++++------ src/applets/EC_Consts.java | 50 ++++++++++++++++++++++++------ src/applets/SimpleECCApplet.java | 64 ++++++++++++++++++++++++++++++++++----- src/simpleapdu/SimpleAPDU.java | 19 ++++++++++-- 6 files changed, 134 insertions(+), 30 deletions(-) diff --git a/!uploader/simpleECC.cap b/!uploader/simpleECC.cap index 7d019f4..d9c360b 100644 Binary files a/!uploader/simpleECC.cap and b/!uploader/simpleECC.cap differ diff --git a/dist/SimpleAPDU.jar b/dist/SimpleAPDU.jar index 88b4ab9..9bb85ff 100644 Binary files a/dist/SimpleAPDU.jar and b/dist/SimpleAPDU.jar differ diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java index e9bdfa6..c4b71c0 100644 --- a/src/applets/ECKeyGenerator.java +++ b/src/applets/ECKeyGenerator.java @@ -73,39 +73,39 @@ public class ECKeyGenerator { if (sw != ISO7816.SW_NO_ERROR) return sw; //go through all params - byte param = EC_Consts.PARAMETER_A; - while (param > 0) { + short param = EC_Consts.PARAMETER_A; + while (param <= EC_Consts.PARAMETER_K) { length = EC_Consts.getCurveParameter(curve, param, buffer, offset); sw = setParameter(KEY_BOTH, param, buffer, offset, length); if (sw != ISO7816.SW_NO_ERROR) break; - param = (byte) (param << 1); + param = (short) (param << 1); } return sw; } - public short setCustomInvalidCurve(short keyClass, short keyLength, byte key, byte param, short corruptionType, byte[] buffer, short offset) { + public short setCustomInvalidCurve(short keyClass, short keyLength, byte key, short param, short corruptionType, byte[] buffer, short offset) { return setCustomInvalidCurve(EC_Consts.getCurve(keyClass, keyLength), key, param, corruptionType, buffer, offset); } - public short setCustomInvalidCurve(byte curve, byte key, byte param, short corruptionType, byte[] buffer, short offset) { + public short setCustomInvalidCurve(byte curve, byte key, short param, short corruptionType, byte[] buffer, short offset) { short sw = setCustomCurve(curve, buffer, offset); if (sw != ISO7816.SW_NO_ERROR) return sw; //go through param bit by bit, and invalidate all selected params - byte paramMask = 0x01; - while (paramMask > 0) { - byte masked = (byte) (paramMask & param); + short paramMask = 0x01; + while (paramMask <= EC_Consts.PARAMETER_K) { + short masked = (short) (paramMask & param); if (masked != 0) { short length = EC_Consts.getCorruptCurveParameter(curve, masked, buffer, offset, corruptionType); sw = setParameter(key, masked, buffer, offset, length); if (sw != ISO7816.SW_NO_ERROR) return sw; } - paramMask = (byte) (paramMask << 1); + paramMask = (short) (paramMask << 1); } return sw; } - public short setParameter(byte key, byte param, byte[] data, short offset, short length) { + public short setParameter(byte key, short param, byte[] data, short offset, short length) { short result = ISO7816.SW_NO_ERROR; try { switch (param) { @@ -160,6 +160,12 @@ public class ECKeyGenerator { } break; } + case EC_Consts.PARAMETER_S: + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); + break; + case EC_Consts.PARAMETER_W: + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); + break; default: { ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } @@ -237,6 +243,11 @@ public class ECKeyGenerator { if ((key & KEY_PRIVATE) != 0) Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK()); length = 2; break; + case EC_Consts.PARAMETER_S: + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_W: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset); default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index 24d854c..bcf2b14 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -21,14 +21,16 @@ public class EC_Consts { private static byte[] EC_F2M_F2M = null; //[short i1, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 - public static final byte PARAMETER_FP = 0x01; - public static final byte PARAMETER_F2M = 0x02; + public static final short PARAMETER_FP = 0x0001; + public static final short PARAMETER_F2M = 0x0002; - public static final byte PARAMETER_A = 0x04; - public static final byte PARAMETER_B = 0x08; - public static final byte PARAMETER_G = 0x10; - public static final byte PARAMETER_R = 0x20; - public static final byte PARAMETER_K = 0x40; + public static final short PARAMETER_A = 0x0004; + public static final short PARAMETER_B = 0x0008; + public static final short PARAMETER_G = 0x0010; + public static final short PARAMETER_R = 0x0020; + public static final short PARAMETER_K = 0x0040; + public static final short PARAMETER_S = 0x0080; + public static final short PARAMETER_W = 0x0100; public static RandomData m_random = null; @@ -1658,10 +1660,38 @@ public class EC_Consts { } else { ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } - return 0; //will not be reached + return 0; } - public static short getCurveParameter(byte curve, byte param, byte[] outputBuffer, short outputOffset) { + public static byte getAnomalousCurve(short keyClass, short keyLength) { + if (keyClass == KeyPair.ALG_EC_FP) { + switch (keyLength) { + case (short) 128: + return CURVE_sp128; + case (short) 160: + return CURVE_sp160; + case (short) 192: + return CURVE_sp192; + case (short) 224: + return CURVE_sp224; + case (short) 256: + return CURVE_sp256; + case (short) 384: + return CURVE_sp384; + case (short) 521: + return CURVE_sp521; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + } else if (keyClass == KeyPair.ALG_EC_F2M) { + return 0; + } else { + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + return 0; + } + + public static short getCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset) { byte alg = getCurveType(curve); switch (curve) { case CURVE_secp128r1: { @@ -1905,7 +1935,7 @@ public class EC_Consts { return length; } - public static short getCorruptCurveParameter(byte curve, byte param, byte[] outputBuffer, short outputOffset, short corruptionType) { + public static short getCorruptCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset, short corruptionType) { short length = getCurveParameter(curve, param, outputBuffer, outputOffset); if (length <= 0) { return length; diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 9901aee..8cc4237 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -53,8 +53,11 @@ public class SimpleECCApplet extends Applet { public final static byte ECTEST_SET_EXTERNALCURVE = (byte) 0xcb; public final static byte ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE = (byte) 0xcc; public final static byte ECTEST_ECDSA_SIGNATURE = (byte) 0xcd; - public final static byte ECTEST_SET_INVALIDFIELD = (byte) 0xce; - public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (byte) 0xcf; + public final static byte ECTEST_SET_ANOMALOUSCURVE = (byte) 0xce; + public final static byte ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE = (byte) 0xcf; + public final static byte ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT = (byte) 0xd0; + public final static byte ECTEST_SET_INVALIDFIELD = (byte) 0xd1; + public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (byte) 0xd2; public final static short FLAG_ECTEST_ALLOCATE_KEYPAIR = (short) 0x0001; public final static short FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE = (short) 0x0002; @@ -65,8 +68,11 @@ public class SimpleECCApplet extends Applet { public final static short FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT = (short) 0x0040; public final static short FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT = (short) 0x0080; public final static short FLAG_ECTEST_ECDSA_SIGNATURE = (short) 0x0100; - public final static short FLAG_ECTEST_SET_INVALIDFIELD = (short) 0x0200; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (short) 0x0400; + public final static short FLAG_ECTEST_SET_ANOMALOUSCURVE = (short) 0x0200; + public final static short FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE = (short) 0x0400; + public final static short FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT = (short) 0x0800; + public final static short FLAG_ECTEST_SET_INVALIDFIELD = (short) 0x1000; + public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (short) 0x2000; public final static short FLAG_ECTEST_ALL = (short) 0xffff; @@ -341,13 +347,55 @@ public class SimpleECCApplet extends Applet { if (sw == ISO7816.SW_NO_ERROR) { sw = ecKeyTester.testECDSA(ecPrivKey, ecPubKey, m_ramArray2, (short) 0, (short) m_ramArray2.length, m_ramArray, (short) 0); } + } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + + // + // 8. Set anomalous custom curve + // + buffer[bufferOffset] = ECTEST_SET_ANOMALOUSCURVE; + bufferOffset++; + sw = SW_SKIPPED; + if ((testFlags & FLAG_ECTEST_SET_ANOMALOUSCURVE) != (short) 0) { + sw = ecKeyGenerator.setCustomCurve(EC_Consts.getAnomalousCurve(keyClass, keyLen), m_ramArray, (short) 0); + if (sw != ISO7816.SW_NO_ERROR) { + testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE; + } + } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + + // + // 9. Generate keypair with anomalous custom curve + // + + buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE; + bufferOffset++; + sw = SW_SKIPPED; + if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE) != (short) 0) { + sw = ecKeyGenerator.generatePair(); + } + Util.setShort(buffer, bufferOffset, sw); + bufferOffset += 2; + // + // 10. Test small degree pubkey + // + + buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT; + bufferOffset++; + sw = SW_SKIPPED; + if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT) != (short) 0) { + ecPubKey = ecKeyGenerator.getPublicKey(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); + sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1); } Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; // - // 8. Set invalid custom curve + // 11. Set invalid custom curve // buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE; bufferOffset++; @@ -363,7 +411,7 @@ public class SimpleECCApplet extends Applet { bufferOffset += 2; // - // 9. Generate keypair with invalid custom curve + // 12. Generate keypair with invalid custom curve // buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; bufferOffset++; @@ -375,7 +423,7 @@ public class SimpleECCApplet extends Applet { bufferOffset += 2; // - // 10. Set invalid field + // 13. Set invalid field // buffer[bufferOffset] = ECTEST_SET_INVALIDFIELD; bufferOffset++; @@ -393,7 +441,7 @@ public class SimpleECCApplet extends Applet { Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; - // 11. Generate key with invalid field + // 14. Generate key with invalid field buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDFIELD; bufferOffset++; sw = SW_SKIPPED; diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 77478a0..44bf302 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -5,6 +5,7 @@ import applets.SimpleECCApplet; import javacard.framework.ISO7816; import javacard.security.CryptoException; import javacard.security.KeyPair; +import sun.java2d.pipe.SpanShapeRenderer; import javax.smartcardio.ResponseAPDU; import java.io.FileNotFoundException; @@ -73,6 +74,7 @@ public class SimpleAPDU { static void testSupportECGivenAlg(byte[] apdu, CardMngr cardManager) throws Exception { ReconnnectToCard(); ResponseAPDU resp = cardManager.sendAPDU(apdu); + //byte[] resp = cardManager.sendAPDUSimulator(apdu); PrintECSupport(resp); } @@ -143,7 +145,11 @@ public class SimpleAPDU { try { if (testAll) { + //byte[] installData = new byte[10]; + //byte[] AID = {(byte) 0x4C, (byte) 0x61, (byte) 0x62, (byte) 0x61, (byte) 0x6B, (byte) 0x41, (byte) 0x70, (byte) 0x70, (byte) 0x6C, (byte) 0x65, (byte) 0x74}; + //cardManager.prepareLocalSimulatorApplet(AID, installData, SimpleECCApplet.class); if (cardManager.ConnectToCard()) { + // Test all default curves for both fields testSupportECAll(cardManager); @@ -301,7 +307,10 @@ public class SimpleAPDU { } static void PrintECSupport(ResponseAPDU resp) { - byte[] buffer = resp.getData(); + PrintECSupport(resp.getData()); + } + + static void PrintECSupport(byte[] buffer) { m_SystemOutLogger.println(); m_SystemOutLogger.println("### Test for support and with valid and invalid EC curves"); @@ -329,6 +338,9 @@ public class SimpleAPDU { bufferOffset = VerifyPrintResult("ECDH agreement with valid point:", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_VALID_POINT, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_INVALID_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); bufferOffset = VerifyPrintResult("ECDSA signature on random data:", SimpleECCApplet.ECTEST_ECDSA_SIGNATURE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("Set anomalous custom curve (may fail):", SimpleECCApplet.ECTEST_SET_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); + bufferOffset = VerifyPrintResult("Generate key with anomalous curve (may fail):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); + bufferOffset = VerifyPrintResult("ECDH agreement with small order point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); bufferOffset = VerifyPrintResult("Set invalid custom curve (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); bufferOffset = VerifyPrintResult("Set invalid field (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDFIELD, buffer, bufferOffset, ExpResult.MAY_FAIL); @@ -339,7 +351,10 @@ public class SimpleAPDU { } static void PrintECKeyGenInvalidCurveB(ResponseAPDU resp) { - byte[] buffer = resp.getData(); + PrintECKeyGenInvalidCurveB(resp.getData()); + } + + static void PrintECKeyGenInvalidCurveB(byte[] buffer) { m_SystemOutLogger.println(); m_SystemOutLogger.println("### Test for computation with invalid parameter B for EC curve"); -- cgit v1.2.3-70-g09d2 From 022f37b399583053fc256b9fcab397f828309ebf Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 28 Nov 2016 23:21:25 +0100 Subject: fixed small pubkey order test, this times out on some cards(SCARD_E_NOT_TRANSACTED) yet some cards run fine and report illegal value. --- src/applets/EC_Consts.java | 67 ++++++++++++++++++++++------------------ src/applets/SimpleECCApplet.java | 15 +++++---- 2 files changed, 46 insertions(+), 36 deletions(-) diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index bcf2b14..49eb59f 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -16,8 +16,9 @@ public class EC_Consts { private static byte[] EC_R = null; //n private static short EC_K = 1; //h - private static byte[] EC_P_X = null; //Pubkey[x,y] - private static byte[] EC_P_Y = null; + private static byte[] EC_W_X = null; //Pubkey[x,y] + private static byte[] EC_W_Y = null; + private static byte[] EC_S = null; //Private private static byte[] EC_F2M_F2M = null; //[short i1, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 @@ -962,14 +963,14 @@ public class EC_Consts { public static final short ECSP128_FP_K = 1; - public static final byte[] ECSP128_FP_P_X = { + public static final byte[] ECSP128_FP_W_X = { (byte) 0x63, (byte) 0x90, (byte) 0x1e, (byte) 0x12, (byte) 0x27, (byte) 0x61, (byte) 0xd9, (byte) 0xc1, (byte) 0x65, (byte) 0x65, (byte) 0xb2, (byte) 0xf3, (byte) 0x8e, (byte) 0x99, (byte) 0x1f, (byte) 0x71 }; - public static final byte[] ECSP128_FP_P_Y = { + public static final byte[] ECSP128_FP_W_Y = { (byte) 0xb9, (byte) 0xd9, (byte) 0x9f, (byte) 0xbc, (byte) 0x31, (byte) 0x54, (byte) 0xa9, (byte) 0x6c, (byte) 0xa2, (byte) 0x3e, (byte) 0xcf, (byte) 0xf7, @@ -1028,7 +1029,7 @@ public class EC_Consts { public static final short ECSP160_FP_K = 1; - public static final byte[] ECSP160_FP_P_X = { + public static final byte[] ECSP160_FP_W_X = { (byte) 0x59, (byte) 0xc9, (byte) 0xc3, (byte) 0xc8, (byte) 0xae, (byte) 0xf2, (byte) 0x9f, (byte) 0x1c, (byte) 0x1c, (byte) 0x50, (byte) 0x0c, (byte) 0xaf, @@ -1036,7 +1037,7 @@ public class EC_Consts { (byte) 0x08, (byte) 0x6e, (byte) 0x6e, (byte) 0xb0 }; - public static final byte[] ECSP160_FP_P_Y = { + public static final byte[] ECSP160_FP_W_Y = { (byte) 0xd6, (byte) 0x95, (byte) 0xa7, (byte) 0x60, (byte) 0x05, (byte) 0xed, (byte) 0xdb, (byte) 0x26, (byte) 0xaf, (byte) 0xd4, (byte) 0x0e, (byte) 0xe2, @@ -1102,7 +1103,7 @@ public class EC_Consts { public static final short ECSP192_FP_K = 1; - public static final byte[] ECSP192_FP_P_X = { + public static final byte[] ECSP192_FP_W_X = { (byte) 0xaa, (byte) 0xd0, (byte) 0xdb, (byte) 0xf8, (byte) 0xad, (byte) 0x1c, (byte) 0x2c, (byte) 0x4e, (byte) 0xf0, (byte) 0x67, (byte) 0xda, (byte) 0x63, @@ -1111,7 +1112,7 @@ public class EC_Consts { (byte) 0xb7, (byte) 0x7a, (byte) 0x59, (byte) 0x9c }; - public static final byte[] ECSP192_FP_P_Y = { + public static final byte[] ECSP192_FP_W_Y = { (byte) 0xae, (byte) 0x28, (byte) 0xd7, (byte) 0xea, (byte) 0xde, (byte) 0xba, (byte) 0x10, (byte) 0x48, (byte) 0x40, (byte) 0x64, (byte) 0x0d, (byte) 0x9b, @@ -1184,7 +1185,7 @@ public class EC_Consts { public static final short ECSP224_FP_K = 1; - public static final byte[] ECSP224_FP_P_X = { + public static final byte[] ECSP224_FP_W_X = { (byte) 0xcf, (byte) 0xd9, (byte) 0x2a, (byte) 0xea, (byte) 0x0f, (byte) 0x79, (byte) 0x19, (byte) 0x0c, (byte) 0x48, (byte) 0xca, (byte) 0x70, (byte) 0x3e, @@ -1194,7 +1195,7 @@ public class EC_Consts { (byte) 0xfe, (byte) 0x4d, (byte) 0x0f, (byte) 0x04 }; - public static final byte[] ECSP224_FP_P_Y = { + public static final byte[] ECSP224_FP_W_Y = { (byte) 0x25, (byte) 0x7a, (byte) 0x3d, (byte) 0x98, (byte) 0xde, (byte) 0x44, (byte) 0xbd, (byte) 0x25, (byte) 0x40, (byte) 0x49, (byte) 0x77, (byte) 0xa4, @@ -1274,7 +1275,7 @@ public class EC_Consts { public static final short ECSP256_FP_K = 1; - public static final byte[] ECSP256_FP_P_X = { + public static final byte[] ECSP256_FP_W_X = { (byte) 0x75, (byte) 0xfc, (byte) 0xe7, (byte) 0x09, (byte) 0x68, (byte) 0x86, (byte) 0x2d, (byte) 0x53, (byte) 0xe2, (byte) 0x95, (byte) 0x48, (byte) 0xaa, @@ -1285,7 +1286,7 @@ public class EC_Consts { (byte) 0xf8, (byte) 0xda, (byte) 0xd6, (byte) 0x53 }; - public static final byte[] ECSP256_FP_P_Y = { + public static final byte[] ECSP256_FP_W_Y = { (byte) 0x55, (byte) 0xaa, (byte) 0x4b, (byte) 0x7d, (byte) 0x38, (byte) 0x82, (byte) 0xfb, (byte) 0x0a, (byte) 0x83, (byte) 0xbd, (byte) 0x00, (byte) 0xc9, @@ -1390,7 +1391,7 @@ public class EC_Consts { public static final short ECSP384_FP_K = 1; - public static final byte[] ECSP384_FP_P_X = { + public static final byte[] ECSP384_FP_W_X = { (byte) 0xa4, (byte) 0xbd, (byte) 0x57, (byte) 0x5b, (byte) 0xf2, (byte) 0x03, (byte) 0x00, (byte) 0xb0, (byte) 0xcf, (byte) 0x8a, (byte) 0x2f, (byte) 0x41, @@ -1405,7 +1406,7 @@ public class EC_Consts { (byte) 0x34, (byte) 0x83, (byte) 0x4e, (byte) 0xf1 }; - public static final byte[] ECSP384_FP_P_Y = { + public static final byte[] ECSP384_FP_W_Y = { (byte) 0x38, (byte) 0xd5, (byte) 0x1c, (byte) 0x8f, (byte) 0x9e, (byte) 0x90, (byte) 0x59, (byte) 0x2f, (byte) 0x56, (byte) 0x7e, (byte) 0x81, (byte) 0xd0, @@ -1544,7 +1545,7 @@ public class EC_Consts { public static final short ECSP521_FP_K = 1; - public static final byte[] ECSP521_FP_P_X = { + public static final byte[] ECSP521_FP_W_X = { (byte) 0xfc, (byte) 0xcf, (byte) 0x5c, (byte) 0x11, (byte) 0x3b, (byte) 0xec, (byte) 0x94, (byte) 0x61, (byte) 0xdb, (byte) 0x3e, (byte) 0x56, (byte) 0x73, @@ -1564,7 +1565,7 @@ public class EC_Consts { (byte) 0xde }; - public static final byte[] ECSP521_FP_P_Y = { + public static final byte[] ECSP521_FP_W_Y = { (byte) 0xc3, (byte) 0x6d, (byte) 0x08, (byte) 0x8f, (byte) 0xc2, (byte) 0xfe, (byte) 0x3b, (byte) 0x42, (byte) 0x90, (byte) 0x7b, (byte) 0xbf, (byte) 0x8a, @@ -1822,8 +1823,8 @@ public class EC_Consts { EC_G_Y = ECSP128_FP_G_Y; EC_R = ECSP128_FP_R; EC_K = ECSP128_FP_K; - EC_P_X = ECSP128_FP_P_X; - EC_P_Y = ECSP128_FP_P_Y; + EC_W_X = ECSP128_FP_W_X; + EC_W_Y = ECSP128_FP_W_Y; break; } case CURVE_sp160: { @@ -1834,8 +1835,8 @@ public class EC_Consts { EC_G_Y = ECSP160_FP_G_Y; EC_R = ECSP160_FP_R; EC_K = ECSP160_FP_K; - EC_P_X = ECSP160_FP_P_X; - EC_P_Y = ECSP160_FP_P_Y; + EC_W_X = ECSP160_FP_W_X; + EC_W_Y = ECSP160_FP_W_Y; break; } case CURVE_sp192: { @@ -1846,8 +1847,8 @@ public class EC_Consts { EC_G_Y = ECSP192_FP_G_Y; EC_R = ECSP192_FP_R; EC_K = ECSP192_FP_K; - EC_P_X = ECSP192_FP_P_X; - EC_P_Y = ECSP192_FP_P_Y; + EC_W_X = ECSP192_FP_W_X; + EC_W_Y = ECSP192_FP_W_Y; break; } case CURVE_sp224: { @@ -1858,8 +1859,8 @@ public class EC_Consts { EC_G_Y = ECSP224_FP_G_Y; EC_R = ECSP224_FP_R; EC_K = ECSP224_FP_K; - EC_P_X = ECSP224_FP_P_X; - EC_P_Y = ECSP224_FP_P_Y; + EC_W_X = ECSP224_FP_W_X; + EC_W_Y = ECSP224_FP_W_Y; break; } case CURVE_sp256: { @@ -1870,8 +1871,8 @@ public class EC_Consts { EC_G_Y = ECSP256_FP_G_Y; EC_R = ECSP256_FP_R; EC_K = ECSP256_FP_K; - EC_P_X = ECSP256_FP_P_X; - EC_P_Y = ECSP256_FP_P_Y; + EC_W_X = ECSP256_FP_W_X; + EC_W_Y = ECSP256_FP_W_Y; break; } case CURVE_sp384: { @@ -1882,8 +1883,8 @@ public class EC_Consts { EC_G_Y = ECSP384_FP_G_Y; EC_R = ECSP384_FP_R; EC_K = ECSP384_FP_K; - EC_P_X = ECSP384_FP_P_X; - EC_P_Y = ECSP384_FP_P_Y; + EC_W_X = ECSP384_FP_W_X; + EC_W_Y = ECSP384_FP_W_Y; break; } case CURVE_sp521: { @@ -1894,8 +1895,8 @@ public class EC_Consts { EC_G_Y = ECSP521_FP_G_Y; EC_R = ECSP521_FP_R; EC_K = ECSP521_FP_K; - EC_P_X = ECSP521_FP_P_X; - EC_P_Y = ECSP521_FP_P_Y; + EC_W_X = ECSP521_FP_W_X; + EC_W_Y = ECSP521_FP_W_Y; break; } default: @@ -1929,6 +1930,12 @@ public class EC_Consts { length = 2; Util.setShort(outputBuffer, outputOffset, EC_K); break; + case PARAMETER_W: + length = toX962(outputBuffer, outputOffset, EC_W_X, (short) 0, (short) EC_W_X.length, EC_W_Y, (short) 0, (short) EC_W_Y.length); + break; + case PARAMETER_S: + length = Util.arrayCopyNonAtomic(EC_S, (short) 0, outputBuffer, outputOffset, (short) EC_S.length); + break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 8cc4237..8043153 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -308,9 +308,9 @@ public class SimpleECCApplet extends Applet { sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT) != (short) 0) { sw = ecKeyGenerator.generatePair(); - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); if (sw == ISO7816.SW_NO_ERROR) { + ecPubKey = ecKeyGenerator.getPublicKey(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); } } @@ -325,9 +325,9 @@ public class SimpleECCApplet extends Applet { sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT) != (short) 0) { sw = ecKeyGenerator.generatePair(); - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); if (sw == ISO7816.SW_NO_ERROR) { + ecPubKey = ecKeyGenerator.getPublicKey(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); sw = ecKeyTester.testECDH_invalidPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1); } } @@ -342,9 +342,9 @@ public class SimpleECCApplet extends Applet { sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ECDSA_SIGNATURE) != (short) 0) { sw = ecKeyGenerator.generatePair(); - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); if (sw == ISO7816.SW_NO_ERROR) { + ecPubKey = ecKeyGenerator.getPublicKey(); + ecPrivKey = ecKeyGenerator.getPrivateKey(); sw = ecKeyTester.testECDSA(ecPrivKey, ecPubKey, m_ramArray2, (short) 0, (short) m_ramArray2.length, m_ramArray, (short) 0); } } @@ -387,6 +387,9 @@ public class SimpleECCApplet extends Applet { bufferOffset++; sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT) != (short) 0) { + //TODO: this needs refactor, just quickly to see if it works + short pubLength = EC_Consts.getCurveParameter(EC_Consts.getAnomalousCurve(keyClass,keyLen), EC_Consts.PARAMETER_W, m_ramArray, (short) 0); + ecKeyGenerator.setParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_W, m_ramArray, (short)0, pubLength); ecPubKey = ecKeyGenerator.getPublicKey(); ecPrivKey = ecKeyGenerator.getPrivateKey(); sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1); -- cgit v1.2.3-70-g09d2 From 2a455c2a12f69d5dc81d2b1f78db011e92d7f754 Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 30 Nov 2016 00:23:29 +0100 Subject: Fixed small-pub degree test, still crashes most cards. --- !uploader/simpleECC.cap | Bin 18068 -> 18215 bytes dist/SimpleAPDU.jar | Bin 3078811 -> 3078963 bytes src/applets/ECKeyTester.java | 22 +++++++++++++--------- src/applets/SimpleECCApplet.java | 12 +++++++----- 4 files changed, 20 insertions(+), 14 deletions(-) diff --git a/!uploader/simpleECC.cap b/!uploader/simpleECC.cap index d9c360b..e76168c 100644 Binary files a/!uploader/simpleECC.cap and b/!uploader/simpleECC.cap differ diff --git a/dist/SimpleAPDU.jar b/dist/SimpleAPDU.jar index 9bb85ff..09b7e73 100644 Binary files a/dist/SimpleAPDU.jar and b/dist/SimpleAPDU.jar differ diff --git a/src/applets/ECKeyTester.java b/src/applets/ECKeyTester.java index acfb64e..9dd0fd5 100644 --- a/src/applets/ECKeyTester.java +++ b/src/applets/ECKeyTester.java @@ -49,7 +49,7 @@ public class ECKeyTester { return result; } - private short testDH(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + private short testKA(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { short result = ISO7816.SW_NO_ERROR; try { ka.init(privateKey); @@ -64,19 +64,23 @@ public class ECKeyTester { return result; } - private short testDH_validPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - return testDH(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + private short testKA_validPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + return testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); } - private short testDH_invalidPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + private short testKA_invalidPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { pubkeyBuffer[(short)(pubkeyLength - 2)] += 0xcc; pubkeyBuffer[(short)(pubkeyLength - 3)] += 0xcc; - short result = testDH(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + short result = testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); pubkeyBuffer[(short)(pubkeyLength - 2)] -= 0xcc; pubkeyBuffer[(short)(pubkeyLength - 3)] -= 0xcc; return result; } + public short testECDH(ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + } + /** * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. @@ -92,12 +96,12 @@ public class ECKeyTester { **/ public short testECDH_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testDH_validPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + return testKA_validPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } public short testECDH_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testDH_invalidPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + return testKA_invalidPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } @@ -116,12 +120,12 @@ public class ECKeyTester { */ public short testECDHC_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testDH_validPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + return testKA_validPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } public short testECDHC_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testDH_invalidPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + return testKA_invalidPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } /** diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index 8043153..d653c10 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -358,7 +358,9 @@ public class SimpleECCApplet extends Applet { bufferOffset++; sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_SET_ANOMALOUSCURVE) != (short) 0) { - sw = ecKeyGenerator.setCustomCurve(EC_Consts.getAnomalousCurve(keyClass, keyLen), m_ramArray, (short) 0); + if (keyClass == KeyPair.ALG_EC_FP) { //Only FP supported at the moment + sw = ecKeyGenerator.setCustomCurve(EC_Consts.getAnomalousCurve(keyClass, keyLen), m_ramArray, (short) 0); + } if (sw != ISO7816.SW_NO_ERROR) { testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE; } @@ -375,6 +377,9 @@ public class SimpleECCApplet extends Applet { sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE) != (short) 0) { sw = ecKeyGenerator.generatePair(); + if (sw != ISO7816.SW_NO_ERROR) { + testFlags &= ~FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT; + } } Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; @@ -387,12 +392,9 @@ public class SimpleECCApplet extends Applet { bufferOffset++; sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT) != (short) 0) { - //TODO: this needs refactor, just quickly to see if it works short pubLength = EC_Consts.getCurveParameter(EC_Consts.getAnomalousCurve(keyClass,keyLen), EC_Consts.PARAMETER_W, m_ramArray, (short) 0); - ecKeyGenerator.setParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_W, m_ramArray, (short)0, pubLength); - ecPubKey = ecKeyGenerator.getPublicKey(); ecPrivKey = ecKeyGenerator.getPrivateKey(); - sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1); + sw = ecKeyTester.testECDH(ecPrivKey, m_ramArray, (short) 0, pubLength, m_ramArray2, (short) 1); } Util.setShort(buffer, bufferOffset, sw); bufferOffset += 2; -- cgit v1.2.3-70-g09d2 From 31a9da5493cb5085354dbfa034cea4b1d45df3cb Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 30 Nov 2016 15:10:43 +0100 Subject: Changed ECSP curves, 192b and 521b, to ones that have a prime pubkey order. --- src/applets/EC_Consts.java | 368 +++++++++++++++++++-------------------- src/applets/SimpleECCApplet.java | 1 + 2 files changed, 185 insertions(+), 184 deletions(-) diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java index 49eb59f..d1f6842 100644 --- a/src/applets/EC_Consts.java +++ b/src/applets/EC_Consts.java @@ -1048,77 +1048,77 @@ public class EC_Consts { //Anomalous curve(small-pub-192), with pubkey of order 4 public static final byte[] ECSP192_FP_P = { - (byte) 0xee, (byte) 0x8a, (byte) 0x97, (byte) 0x03, - (byte) 0x3b, (byte) 0xb1, (byte) 0x00, (byte) 0x60, - (byte) 0x0c, (byte) 0x3a, (byte) 0x9f, (byte) 0x9d, - (byte) 0x88, (byte) 0x2a, (byte) 0xca, (byte) 0xeb, - (byte) 0x6e, (byte) 0x24, (byte) 0xfc, (byte) 0x63, - (byte) 0x04, (byte) 0xd8, (byte) 0x60, (byte) 0x8f + (byte) 0xce, (byte) 0x71, (byte) 0x4c, (byte) 0xc3, + (byte) 0xa1, (byte) 0x5c, (byte) 0xe7, (byte) 0xe5, + (byte) 0xda, (byte) 0xb0, (byte) 0x68, (byte) 0xc9, + (byte) 0xa1, (byte) 0xf8, (byte) 0xbe, (byte) 0x00, + (byte) 0xaa, (byte) 0xd4, (byte) 0x80, (byte) 0xab, + (byte) 0xcc, (byte) 0xae, (byte) 0xef, (byte) 0xc3 }; public static final byte[] ECSP192_FP_A = { - (byte) 0xc3, (byte) 0xf5, (byte) 0x83, (byte) 0x61, - (byte) 0x41, (byte) 0x18, (byte) 0xd6, (byte) 0xc4, - (byte) 0x85, (byte) 0xde, (byte) 0x1c, (byte) 0xd9, - (byte) 0x0a, (byte) 0x86, (byte) 0xda, (byte) 0x7d, - (byte) 0xff, (byte) 0x3a, (byte) 0xa6, (byte) 0xbb, - (byte) 0x77, (byte) 0x5c, (byte) 0xe1, (byte) 0x24 + (byte) 0x59, (byte) 0x7c, (byte) 0x78, (byte) 0x1f, + (byte) 0x64, (byte) 0xc3, (byte) 0x3e, (byte) 0xb8, + (byte) 0xef, (byte) 0x91, (byte) 0x9c, (byte) 0x41, + (byte) 0x59, (byte) 0x11, (byte) 0x51, (byte) 0x8e, + (byte) 0xa3, (byte) 0x23, (byte) 0xbe, (byte) 0x88, + (byte) 0xb9, (byte) 0x43, (byte) 0x7c, (byte) 0xaf }; public static final byte[] ECSP192_FP_B = { - (byte) 0x96, (byte) 0x78, (byte) 0x63, (byte) 0x29, - (byte) 0x6d, (byte) 0x32, (byte) 0x01, (byte) 0x61, - (byte) 0xe6, (byte) 0x88, (byte) 0x0f, (byte) 0xa6, - (byte) 0xd9, (byte) 0xa4, (byte) 0x86, (byte) 0x79, - (byte) 0xdf, (byte) 0xdb, (byte) 0xb1, (byte) 0x2b, - (byte) 0xb7, (byte) 0xe3, (byte) 0x54, (byte) 0xb1 + (byte) 0xf8, (byte) 0x15, (byte) 0x85, (byte) 0xa1, + (byte) 0xb1, (byte) 0x8f, (byte) 0x23, (byte) 0x3d, + (byte) 0x70, (byte) 0xad, (byte) 0xd7, (byte) 0xee, + (byte) 0x13, (byte) 0x42, (byte) 0xd2, (byte) 0x03, + (byte) 0x5c, (byte) 0x38, (byte) 0x6a, (byte) 0x92, + (byte) 0xe3, (byte) 0xab, (byte) 0x83, (byte) 0x20 }; public static final byte[] ECSP192_FP_G_X = { - (byte) 0x7d, (byte) 0x6e, (byte) 0x93, (byte) 0x4a, - (byte) 0xbb, (byte) 0x41, (byte) 0x6c, (byte) 0x64, - (byte) 0xd4, (byte) 0x28, (byte) 0x90, (byte) 0xea, - (byte) 0x64, (byte) 0x40, (byte) 0xf5, (byte) 0x8a, - (byte) 0x0a, (byte) 0x5c, (byte) 0x5b, (byte) 0x31, - (byte) 0x2f, (byte) 0x35, (byte) 0x6b, (byte) 0x29 + (byte) 0x15, (byte) 0x0f, (byte) 0xf0, (byte) 0xa4, + (byte) 0x0d, (byte) 0xea, (byte) 0xc6, (byte) 0x46, + (byte) 0x2b, (byte) 0x59, (byte) 0x87, (byte) 0x41, + (byte) 0x86, (byte) 0x17, (byte) 0xfd, (byte) 0xee, + (byte) 0xb6, (byte) 0xbf, (byte) 0xd7, (byte) 0x6d, + (byte) 0x4d, (byte) 0x60, (byte) 0xa0, (byte) 0x67 }; public static final byte[] ECSP192_FP_G_Y = { - (byte) 0x47, (byte) 0x37, (byte) 0x7f, (byte) 0xed, - (byte) 0x17, (byte) 0xe2, (byte) 0x31, (byte) 0x74, - (byte) 0xf1, (byte) 0xb1, (byte) 0xb9, (byte) 0x01, - (byte) 0x6e, (byte) 0x28, (byte) 0x5e, (byte) 0x9c, - (byte) 0xac, (byte) 0x39, (byte) 0xe3, (byte) 0xbc, - (byte) 0xaa, (byte) 0x65, (byte) 0x22, (byte) 0xfd + (byte) 0x84, (byte) 0x3d, (byte) 0x57, (byte) 0x73, + (byte) 0x71, (byte) 0xc5, (byte) 0xdc, (byte) 0xe1, + (byte) 0x22, (byte) 0xc2, (byte) 0xff, (byte) 0x20, + (byte) 0x6b, (byte) 0x2f, (byte) 0x42, (byte) 0xfa, + (byte) 0x0b, (byte) 0x84, (byte) 0x2b, (byte) 0x49, + (byte) 0xbd, (byte) 0xaf, (byte) 0x99, (byte) 0x0f }; public static final byte[] ECSP192_FP_R = { - (byte) 0xee, (byte) 0x8a, (byte) 0x97, (byte) 0x03, - (byte) 0x3b, (byte) 0xb1, (byte) 0x00, (byte) 0x60, - (byte) 0x0c, (byte) 0x3a, (byte) 0x9f, (byte) 0x9e, - (byte) 0xcd, (byte) 0x2b, (byte) 0xb6, (byte) 0x46, - (byte) 0x75, (byte) 0x84, (byte) 0x34, (byte) 0xad, - (byte) 0xd3, (byte) 0xd0, (byte) 0xdf, (byte) 0xd0 + (byte) 0xce, (byte) 0x71, (byte) 0x4c, (byte) 0xc3, + (byte) 0xa1, (byte) 0x5c, (byte) 0xe7, (byte) 0xe5, + (byte) 0xda, (byte) 0xb0, (byte) 0x68, (byte) 0xc9, + (byte) 0xa3, (byte) 0x0b, (byte) 0xc9, (byte) 0x29, + (byte) 0x15, (byte) 0xbd, (byte) 0x86, (byte) 0x62, + (byte) 0xae, (byte) 0x88, (byte) 0x28, (byte) 0x87 }; public static final short ECSP192_FP_K = 1; public static final byte[] ECSP192_FP_W_X = { - (byte) 0xaa, (byte) 0xd0, (byte) 0xdb, (byte) 0xf8, - (byte) 0xad, (byte) 0x1c, (byte) 0x2c, (byte) 0x4e, - (byte) 0xf0, (byte) 0x67, (byte) 0xda, (byte) 0x63, - (byte) 0x97, (byte) 0x23, (byte) 0xe2, (byte) 0x0d, - (byte) 0xcf, (byte) 0xb4, (byte) 0x53, (byte) 0x52, - (byte) 0xb7, (byte) 0x7a, (byte) 0x59, (byte) 0x9c + (byte) 0x17, (byte) 0x04, (byte) 0x7f, (byte) 0x91, + (byte) 0xdb, (byte) 0xe3, (byte) 0x30, (byte) 0x32, + (byte) 0xc9, (byte) 0xd0, (byte) 0x9b, (byte) 0xd2, + (byte) 0x9c, (byte) 0xea, (byte) 0xdd, (byte) 0x8a, + (byte) 0x09, (byte) 0xcc, (byte) 0xc3, (byte) 0x2a, + (byte) 0xc6, (byte) 0x30, (byte) 0x95, (byte) 0x41 }; public static final byte[] ECSP192_FP_W_Y = { - (byte) 0xae, (byte) 0x28, (byte) 0xd7, (byte) 0xea, - (byte) 0xde, (byte) 0xba, (byte) 0x10, (byte) 0x48, - (byte) 0x40, (byte) 0x64, (byte) 0x0d, (byte) 0x9b, - (byte) 0x6e, (byte) 0x2c, (byte) 0x2d, (byte) 0x22, - (byte) 0x25, (byte) 0xd2, (byte) 0x5d, (byte) 0x79, - (byte) 0x3a, (byte) 0x65, (byte) 0x5f, (byte) 0xb1 + (byte) 0x6a, (byte) 0x72, (byte) 0x6d, (byte) 0xe5, + (byte) 0x4f, (byte) 0xbd, (byte) 0x59, (byte) 0xcf, + (byte) 0xc3, (byte) 0x52, (byte) 0xe8, (byte) 0x38, + (byte) 0xb3, (byte) 0x37, (byte) 0xfa, (byte) 0x00, + (byte) 0x5a, (byte) 0x97, (byte) 0x18, (byte) 0x08, + (byte) 0x16, (byte) 0x13, (byte) 0x5e, (byte) 0x6a }; @@ -1424,165 +1424,165 @@ public class EC_Consts { //Anomalous curve(small-pub-521), with pubkey of order 4 public static final byte[] ECSP521_FP_P = { - (byte) 0x01, (byte) 0x9f, (byte) 0x9b, (byte) 0x18, - (byte) 0x84, (byte) 0x55, (byte) 0xfc, (byte) 0xb2, - (byte) 0x4e, (byte) 0x68, (byte) 0xee, (byte) 0xba, - (byte) 0xbf, (byte) 0x2a, (byte) 0xfd, (byte) 0xa0, - (byte) 0xb5, (byte) 0x11, (byte) 0x4e, (byte) 0xc5, - (byte) 0xe8, (byte) 0x2b, (byte) 0x6d, (byte) 0xa1, - (byte) 0x8f, (byte) 0xa2, (byte) 0x64, (byte) 0x31, - (byte) 0xee, (byte) 0x72, (byte) 0x03, (byte) 0xa2, - (byte) 0x3d, (byte) 0x8b, (byte) 0xd7, (byte) 0xc4, - (byte) 0x16, (byte) 0x9b, (byte) 0x73, (byte) 0x0d, - (byte) 0xbc, (byte) 0x9c, (byte) 0xff, (byte) 0xd8, - (byte) 0xc0, (byte) 0xe7, (byte) 0x9d, (byte) 0xc4, - (byte) 0x03, (byte) 0x74, (byte) 0x12, (byte) 0x8d, - (byte) 0xeb, (byte) 0x03, (byte) 0x44, (byte) 0x56, - (byte) 0x96, (byte) 0x0b, (byte) 0x87, (byte) 0x3d, - (byte) 0xfd, (byte) 0x26, (byte) 0x2b, (byte) 0xe0, - (byte) 0xb6, (byte) 0xd5 + (byte) 0x01, (byte) 0xd3, (byte) 0xdf, (byte) 0x43, + (byte) 0x09, (byte) 0x24, (byte) 0x95, (byte) 0x6e, + (byte) 0x21, (byte) 0x0a, (byte) 0x60, (byte) 0x5b, + (byte) 0x4d, (byte) 0xbf, (byte) 0x4a, (byte) 0x2e, + (byte) 0x90, (byte) 0x9d, (byte) 0x7a, (byte) 0x80, + (byte) 0x16, (byte) 0x58, (byte) 0x97, (byte) 0x8c, + (byte) 0x88, (byte) 0xff, (byte) 0xd6, (byte) 0x8d, + (byte) 0xcc, (byte) 0x81, (byte) 0x7f, (byte) 0x5c, + (byte) 0xc7, (byte) 0x9c, (byte) 0xf1, (byte) 0x88, + (byte) 0xd9, (byte) 0xee, (byte) 0x82, (byte) 0xd1, + (byte) 0xa5, (byte) 0x1c, (byte) 0x44, (byte) 0xcb, + (byte) 0xd3, (byte) 0x1e, (byte) 0x9c, (byte) 0xc5, + (byte) 0xb8, (byte) 0x16, (byte) 0xd7, (byte) 0x6d, + (byte) 0x5b, (byte) 0x13, (byte) 0x12, (byte) 0xb0, + (byte) 0x05, (byte) 0xf7, (byte) 0xb6, (byte) 0x89, + (byte) 0x19, (byte) 0xe2, (byte) 0x75, (byte) 0xda, + (byte) 0xc9, (byte) 0x9f }; public static final byte[] ECSP521_FP_A = { - (byte) 0x8e, (byte) 0xdc, (byte) 0x39, (byte) 0xcd, - (byte) 0xdd, (byte) 0x0f, (byte) 0x31, (byte) 0x73, - (byte) 0x71, (byte) 0x67, (byte) 0x46, (byte) 0xac, - (byte) 0x53, (byte) 0x94, (byte) 0xb6, (byte) 0x1e, - (byte) 0x11, (byte) 0xc0, (byte) 0x56, (byte) 0x67, - (byte) 0xec, (byte) 0xba, (byte) 0x2f, (byte) 0x25, - (byte) 0x05, (byte) 0xb7, (byte) 0x28, (byte) 0x6c, - (byte) 0x5b, (byte) 0xab, (byte) 0x09, (byte) 0x02, - (byte) 0x09, (byte) 0x1d, (byte) 0xf8, (byte) 0xa6, - (byte) 0xbe, (byte) 0x38, (byte) 0xcd, (byte) 0x4a, - (byte) 0x45, (byte) 0xa8, (byte) 0x17, (byte) 0xad, - (byte) 0x2a, (byte) 0xfd, (byte) 0x57, (byte) 0x6f, - (byte) 0xdc, (byte) 0xbd, (byte) 0x2f, (byte) 0x27, - (byte) 0x01, (byte) 0xc4, (byte) 0x5e, (byte) 0xae, - (byte) 0x1a, (byte) 0x55, (byte) 0x88, (byte) 0xee, - (byte) 0xc7, (byte) 0xd1, (byte) 0x08, (byte) 0x42, - (byte) 0x3d + (byte) 0x00, (byte) 0x40, (byte) 0x16, (byte) 0x39, + (byte) 0xf3, (byte) 0x6f, (byte) 0x2e, (byte) 0xe4, + (byte) 0x5f, (byte) 0xc1, (byte) 0x64, (byte) 0xea, + (byte) 0x3e, (byte) 0x1f, (byte) 0x14, (byte) 0xf4, + (byte) 0x80, (byte) 0x3f, (byte) 0xd7, (byte) 0xa7, + (byte) 0x7f, (byte) 0xfd, (byte) 0xfb, (byte) 0x39, + (byte) 0x2c, (byte) 0x3f, (byte) 0x8f, (byte) 0xe9, + (byte) 0x5d, (byte) 0x1a, (byte) 0xea, (byte) 0x33, + (byte) 0x14, (byte) 0x67, (byte) 0xf4, (byte) 0x61, + (byte) 0x8d, (byte) 0x59, (byte) 0xae, (byte) 0xee, + (byte) 0x49, (byte) 0xd5, (byte) 0xd7, (byte) 0xc7, + (byte) 0x0c, (byte) 0xaf, (byte) 0x32, (byte) 0x0f, + (byte) 0x7d, (byte) 0xd1, (byte) 0xac, (byte) 0x16, + (byte) 0x61, (byte) 0x14, (byte) 0xf5, (byte) 0x62, + (byte) 0x41, (byte) 0x34, (byte) 0x49, (byte) 0x99, + (byte) 0x1d, (byte) 0x3a, (byte) 0xa1, (byte) 0xa2, + (byte) 0xc4, (byte) 0x9e }; public static final byte[] ECSP521_FP_B = { - (byte) 0x2d, (byte) 0x83, (byte) 0x7c, (byte) 0xac, - (byte) 0x89, (byte) 0x02, (byte) 0xfe, (byte) 0x65, - (byte) 0x1e, (byte) 0x81, (byte) 0x7f, (byte) 0x20, - (byte) 0x6d, (byte) 0x5c, (byte) 0x9e, (byte) 0xb7, - (byte) 0x8a, (byte) 0xed, (byte) 0xef, (byte) 0x80, - (byte) 0xd1, (byte) 0x6e, (byte) 0xa1, (byte) 0x67, - (byte) 0xbb, (byte) 0x37, (byte) 0x7c, (byte) 0xb7, - (byte) 0xff, (byte) 0xfc, (byte) 0x0c, (byte) 0x94, - (byte) 0x8e, (byte) 0xef, (byte) 0xea, (byte) 0x5f, - (byte) 0xd3, (byte) 0x46, (byte) 0xfe, (byte) 0x4c, - (byte) 0x82, (byte) 0xa1, (byte) 0x6d, (byte) 0x1a, - (byte) 0x46, (byte) 0xb8, (byte) 0xeb, (byte) 0x05, - (byte) 0xe5, (byte) 0x70, (byte) 0xcb, (byte) 0x76, - (byte) 0xe7, (byte) 0x1d, (byte) 0xb0, (byte) 0xad, - (byte) 0xc1, (byte) 0x99, (byte) 0xbd, (byte) 0xe2, - (byte) 0x83, (byte) 0x4a, (byte) 0xd6, (byte) 0x74, - (byte) 0x1f + (byte) 0x00, (byte) 0x4a, (byte) 0x26, (byte) 0xa8, + (byte) 0xc4, (byte) 0x7f, (byte) 0xce, (byte) 0x20, + (byte) 0x4b, (byte) 0xa9, (byte) 0x53, (byte) 0x01, + (byte) 0x5f, (byte) 0xa8, (byte) 0x67, (byte) 0x08, + (byte) 0xc0, (byte) 0xde, (byte) 0x72, (byte) 0x0f, + (byte) 0x27, (byte) 0x52, (byte) 0x39, (byte) 0x88, + (byte) 0xb0, (byte) 0x97, (byte) 0xe7, (byte) 0x74, + (byte) 0x16, (byte) 0x8c, (byte) 0x15, (byte) 0xf7, + (byte) 0xa2, (byte) 0x15, (byte) 0xaa, (byte) 0xf1, + (byte) 0x8a, (byte) 0x5f, (byte) 0x1b, (byte) 0x95, + (byte) 0x79, (byte) 0xab, (byte) 0x3d, (byte) 0xb9, + (byte) 0x35, (byte) 0xd4, (byte) 0x5b, (byte) 0xe1, + (byte) 0x4c, (byte) 0x9a, (byte) 0x87, (byte) 0xb7, + (byte) 0x11, (byte) 0x70, (byte) 0x39, (byte) 0x69, + (byte) 0x09, (byte) 0xb1, (byte) 0x4d, (byte) 0x06, + (byte) 0xf7, (byte) 0xa0, (byte) 0x99, (byte) 0x75, + (byte) 0xb3, (byte) 0xa6 }; public static final byte[] ECSP521_FP_G_X = { - (byte) 0xe5, (byte) 0xa6, (byte) 0x65, (byte) 0xfc, - (byte) 0x52, (byte) 0x93, (byte) 0xfa, (byte) 0xd7, - (byte) 0x05, (byte) 0x0f, (byte) 0x63, (byte) 0x31, - (byte) 0x18, (byte) 0xfb, (byte) 0x91, (byte) 0x55, - (byte) 0x23, (byte) 0x85, (byte) 0x71, (byte) 0xc8, - (byte) 0x17, (byte) 0xe6, (byte) 0x62, (byte) 0x6c, - (byte) 0xe5, (byte) 0x8e, (byte) 0x1c, (byte) 0xb5, - (byte) 0x11, (byte) 0x79, (byte) 0x3d, (byte) 0x03, - (byte) 0xab, (byte) 0x2e, (byte) 0x18, (byte) 0x0a, - (byte) 0x5d, (byte) 0xaf, (byte) 0xf4, (byte) 0x9c, - (byte) 0xfb, (byte) 0xb1, (byte) 0xf8, (byte) 0x88, - (byte) 0xc7, (byte) 0xd8, (byte) 0x06, (byte) 0x9a, - (byte) 0x60, (byte) 0xcd, (byte) 0x09, (byte) 0xcc, - (byte) 0x6a, (byte) 0xfc, (byte) 0x2b, (byte) 0x6b, - (byte) 0xb1, (byte) 0xea, (byte) 0x54, (byte) 0xea, - (byte) 0x98, (byte) 0x5e, (byte) 0x78, (byte) 0xd3, - (byte) 0x1f + (byte) 0x01, (byte) 0xc8, (byte) 0x80, (byte) 0xae, + (byte) 0x0a, (byte) 0x35, (byte) 0x5a, (byte) 0x52, + (byte) 0x79, (byte) 0x1f, (byte) 0xc9, (byte) 0x60, + (byte) 0x0f, (byte) 0xd8, (byte) 0xb3, (byte) 0x57, + (byte) 0x26, (byte) 0xe9, (byte) 0xd7, (byte) 0x99, + (byte) 0x10, (byte) 0x14, (byte) 0x89, (byte) 0x16, + (byte) 0x1c, (byte) 0x8f, (byte) 0x90, (byte) 0xa9, + (byte) 0xc6, (byte) 0x63, (byte) 0x1d, (byte) 0x09, + (byte) 0xb3, (byte) 0xcb, (byte) 0x34, (byte) 0x75, + (byte) 0x84, (byte) 0x83, (byte) 0x7d, (byte) 0x9d, + (byte) 0xeb, (byte) 0x85, (byte) 0x66, (byte) 0xa9, + (byte) 0xc5, (byte) 0x84, (byte) 0x6a, (byte) 0xde, + (byte) 0xd0, (byte) 0xd0, (byte) 0x1e, (byte) 0xb9, + (byte) 0x47, (byte) 0xb4, (byte) 0xaf, (byte) 0xfd, + (byte) 0x34, (byte) 0xe8, (byte) 0xea, (byte) 0x7d, + (byte) 0xbe, (byte) 0x73, (byte) 0x3c, (byte) 0xbe, + (byte) 0xda, (byte) 0xfa }; public static final byte[] ECSP521_FP_G_Y = { - (byte) 0x01, (byte) 0x06, (byte) 0x7b, (byte) 0x42, - (byte) 0x85, (byte) 0x9e, (byte) 0x5c, (byte) 0x33, - (byte) 0x98, (byte) 0xab, (byte) 0xa9, (byte) 0xec, - (byte) 0xc0, (byte) 0x2b, (byte) 0xf2, (byte) 0x89, - (byte) 0xf9, (byte) 0xe3, (byte) 0x13, (byte) 0x37, - (byte) 0x1e, (byte) 0x70, (byte) 0x21, (byte) 0xbf, - (byte) 0x1d, (byte) 0xb5, (byte) 0xae, (byte) 0xbe, - (byte) 0x2d, (byte) 0x52, (byte) 0x9e, (byte) 0x2f, - (byte) 0x66, (byte) 0x23, (byte) 0xa0, (byte) 0x6f, - (byte) 0x3b, (byte) 0x10, (byte) 0xe7, (byte) 0xf9, - (byte) 0x2c, (byte) 0x3e, (byte) 0xcc, (byte) 0x18, - (byte) 0x3d, (byte) 0xe1, (byte) 0xe5, (byte) 0x91, - (byte) 0x9b, (byte) 0x0d, (byte) 0x6d, (byte) 0x2e, - (byte) 0xd6, (byte) 0x55, (byte) 0xec, (byte) 0x31, - (byte) 0xc3, (byte) 0x13, (byte) 0x15, (byte) 0x9f, - (byte) 0x2c, (byte) 0x9d, (byte) 0xf9, (byte) 0x15, - (byte) 0xfb, (byte) 0xe0 + (byte) 0x00, (byte) 0x05, (byte) 0x0f, (byte) 0x12, + (byte) 0x67, (byte) 0x2f, (byte) 0x16, (byte) 0x3f, + (byte) 0x19, (byte) 0xd5, (byte) 0xd4, (byte) 0x93, + (byte) 0xeb, (byte) 0x82, (byte) 0xef, (byte) 0x77, + (byte) 0x7b, (byte) 0x02, (byte) 0x13, (byte) 0xdd, + (byte) 0x4e, (byte) 0x0c, (byte) 0xf7, (byte) 0x5a, + (byte) 0x9b, (byte) 0x99, (byte) 0x72, (byte) 0x4f, + (byte) 0xbd, (byte) 0xb5, (byte) 0x4b, (byte) 0x0c, + (byte) 0xc4, (byte) 0xe0, (byte) 0x37, (byte) 0xbf, + (byte) 0x86, (byte) 0xa4, (byte) 0x8b, (byte) 0xac, + (byte) 0x28, (byte) 0x46, (byte) 0x7b, (byte) 0xdd, + (byte) 0x93, (byte) 0x6c, (byte) 0x31, (byte) 0x4c, + (byte) 0xe1, (byte) 0x3f, (byte) 0x6e, (byte) 0xc7, + (byte) 0xec, (byte) 0x69, (byte) 0xea, (byte) 0x09, + (byte) 0xae, (byte) 0x4f, (byte) 0x54, (byte) 0x44, + (byte) 0xdf, (byte) 0x4b, (byte) 0x2a, (byte) 0x11, + (byte) 0x7a, (byte) 0x66 }; public static final byte[] ECSP521_FP_R = { - (byte) 0x01, (byte) 0x9f, (byte) 0x9b, (byte) 0x18, - (byte) 0x84, (byte) 0x55, (byte) 0xfc, (byte) 0xb2, - (byte) 0x4e, (byte) 0x68, (byte) 0xee, (byte) 0xba, - (byte) 0xbf, (byte) 0x2a, (byte) 0xfd, (byte) 0xa0, - (byte) 0xb5, (byte) 0x11, (byte) 0x4e, (byte) 0xc5, - (byte) 0xe8, (byte) 0x2b, (byte) 0x6d, (byte) 0xa1, - (byte) 0x8f, (byte) 0xa2, (byte) 0x64, (byte) 0x31, - (byte) 0xee, (byte) 0x72, (byte) 0x03, (byte) 0xa2, - (byte) 0x3d, (byte) 0x75, (byte) 0xdd, (byte) 0xed, - (byte) 0x80, (byte) 0x28, (byte) 0x58, (byte) 0xff, - (byte) 0xab, (byte) 0x06, (byte) 0x8f, (byte) 0x74, - (byte) 0xf8, (byte) 0x9c, (byte) 0xc7, (byte) 0x73, - (byte) 0x85, (byte) 0x0e, (byte) 0x1b, (byte) 0x56, - (byte) 0x84, (byte) 0x3f, (byte) 0x76, (byte) 0x7c, - (byte) 0x15, (byte) 0xef, (byte) 0x65, (byte) 0xb4, - (byte) 0x12, (byte) 0xe6, (byte) 0x50, (byte) 0xc9, - (byte) 0x7b, (byte) 0xd0 + (byte) 0x01, (byte) 0xd3, (byte) 0xdf, (byte) 0x43, + (byte) 0x09, (byte) 0x24, (byte) 0x95, (byte) 0x6e, + (byte) 0x21, (byte) 0x0a, (byte) 0x60, (byte) 0x5b, + (byte) 0x4d, (byte) 0xbf, (byte) 0x4a, (byte) 0x2e, + (byte) 0x90, (byte) 0x9d, (byte) 0x7a, (byte) 0x80, + (byte) 0x16, (byte) 0x58, (byte) 0x97, (byte) 0x8c, + (byte) 0x88, (byte) 0xff, (byte) 0xd6, (byte) 0x8d, + (byte) 0xcc, (byte) 0x81, (byte) 0x7f, (byte) 0x5c, + (byte) 0xc7, (byte) 0xba, (byte) 0x08, (byte) 0x38, + (byte) 0x71, (byte) 0x7c, (byte) 0x19, (byte) 0x47, + (byte) 0xf9, (byte) 0x3c, (byte) 0xfd, (byte) 0xd3, + (byte) 0xed, (byte) 0x87, (byte) 0xec, (byte) 0x2c, + (byte) 0x2d, (byte) 0xf1, (byte) 0x81, (byte) 0xc7, + (byte) 0xad, (byte) 0xa5, (byte) 0x53, (byte) 0x34, + (byte) 0x6e, (byte) 0xc1, (byte) 0x49, (byte) 0x57, + (byte) 0x32, (byte) 0xa1, (byte) 0xe7, (byte) 0xff, + (byte) 0xe9, (byte) 0xb3 }; public static final short ECSP521_FP_K = 1; public static final byte[] ECSP521_FP_W_X = { - (byte) 0xfc, (byte) 0xcf, (byte) 0x5c, (byte) 0x11, - (byte) 0x3b, (byte) 0xec, (byte) 0x94, (byte) 0x61, - (byte) 0xdb, (byte) 0x3e, (byte) 0x56, (byte) 0x73, - (byte) 0x34, (byte) 0xcb, (byte) 0xf9, (byte) 0x8e, - (byte) 0x32, (byte) 0xde, (byte) 0x58, (byte) 0x12, - (byte) 0x92, (byte) 0x07, (byte) 0x74, (byte) 0xdb, - (byte) 0x40, (byte) 0xd2, (byte) 0x94, (byte) 0x18, - (byte) 0xd2, (byte) 0x92, (byte) 0xc3, (byte) 0xc4, - (byte) 0xf6, (byte) 0xce, (byte) 0x08, (byte) 0xb2, - (byte) 0x00, (byte) 0x21, (byte) 0xfe, (byte) 0x0f, - (byte) 0x07, (byte) 0xf0, (byte) 0xe4, (byte) 0xc9, - (byte) 0xc3, (byte) 0xd1, (byte) 0x43, (byte) 0xe7, - (byte) 0xd0, (byte) 0xf8, (byte) 0xcd, (byte) 0xb6, - (byte) 0x16, (byte) 0x71, (byte) 0xa7, (byte) 0xe4, - (byte) 0x46, (byte) 0x8a, (byte) 0x93, (byte) 0xde, - (byte) 0xe6, (byte) 0x0c, (byte) 0x1d, (byte) 0x29, - (byte) 0xde + (byte) 0x00, (byte) 0x28, (byte) 0x44, (byte) 0xdf, + (byte) 0x0f, (byte) 0x31, (byte) 0xf4, (byte) 0x6a, + (byte) 0x40, (byte) 0xe6, (byte) 0xc7, (byte) 0x00, + (byte) 0x6c, (byte) 0xde, (byte) 0x99, (byte) 0x15, + (byte) 0x5b, (byte) 0xd5, (byte) 0xd1, (byte) 0x8d, + (byte) 0x0e, (byte) 0x41, (byte) 0x50, (byte) 0x17, + (byte) 0x8a, (byte) 0x8e, (byte) 0x30, (byte) 0x7d, + (byte) 0x6a, (byte) 0xec, (byte) 0x08, (byte) 0xfd, + (byte) 0x02, (byte) 0xd4, (byte) 0x66, (byte) 0xc0, + (byte) 0x3c, (byte) 0x49, (byte) 0xb4, (byte) 0x9c, + (byte) 0x26, (byte) 0x54, (byte) 0xb7, (byte) 0xc9, + (byte) 0xa3, (byte) 0x2d, (byte) 0x88, (byte) 0xca, + (byte) 0x01, (byte) 0x40, (byte) 0x16, (byte) 0xa7, + (byte) 0xed, (byte) 0xdd, (byte) 0x44, (byte) 0x21, + (byte) 0x7b, (byte) 0xe9, (byte) 0x15, (byte) 0x50, + (byte) 0x5d, (byte) 0x22, (byte) 0x8e, (byte) 0xfb, + (byte) 0x93, (byte) 0x89 }; public static final byte[] ECSP521_FP_W_Y = { - (byte) 0xc3, (byte) 0x6d, (byte) 0x08, (byte) 0x8f, - (byte) 0xc2, (byte) 0xfe, (byte) 0x3b, (byte) 0x42, - (byte) 0x90, (byte) 0x7b, (byte) 0xbf, (byte) 0x8a, - (byte) 0xf7, (byte) 0xf1, (byte) 0x9e, (byte) 0xda, - (byte) 0x94, (byte) 0x82, (byte) 0x10, (byte) 0x1d, - (byte) 0x4f, (byte) 0x73, (byte) 0xf8, (byte) 0xcd, - (byte) 0x46, (byte) 0x73, (byte) 0x6e, (byte) 0x06, - (byte) 0x35, (byte) 0xe1, (byte) 0xc5, (byte) 0xca, - (byte) 0xe1, (byte) 0x71, (byte) 0x09, (byte) 0x30, - (byte) 0x8c, (byte) 0x3a, (byte) 0xec, (byte) 0x74, - (byte) 0x10, (byte) 0xf7, (byte) 0xec, (byte) 0x06, - (byte) 0xfb, (byte) 0x78, (byte) 0xec, (byte) 0xa4, - (byte) 0xb8, (byte) 0xcb, (byte) 0xac, (byte) 0xb6, - (byte) 0x4d, (byte) 0xaf, (byte) 0x54, (byte) 0x8f, - (byte) 0x95, (byte) 0x02, (byte) 0xf4, (byte) 0x87, - (byte) 0x77, (byte) 0x53, (byte) 0xda, (byte) 0x15, - (byte) 0x2e + (byte) 0x01, (byte) 0x05, (byte) 0x92, (byte) 0x1e, + (byte) 0x21, (byte) 0x72, (byte) 0xc3, (byte) 0x05, + (byte) 0x0b, (byte) 0xa4, (byte) 0xc9, (byte) 0xd2, + (byte) 0xe7, (byte) 0x44, (byte) 0xfc, (byte) 0x5b, + (byte) 0x7b, (byte) 0x5e, (byte) 0x84, (byte) 0x51, + (byte) 0x75, (byte) 0x1e, (byte) 0x67, (byte) 0x80, + (byte) 0xc6, (byte) 0xde, (byte) 0x88, (byte) 0x22, + (byte) 0x94, (byte) 0x97, (byte) 0xbe, (byte) 0x7d, + (byte) 0x23, (byte) 0x55, (byte) 0x0b, (byte) 0xee, + (byte) 0xfa, (byte) 0x0c, (byte) 0xb7, (byte) 0xfa, + (byte) 0xfe, (byte) 0xbb, (byte) 0x4d, (byte) 0xd9, + (byte) 0xfa, (byte) 0xd1, (byte) 0x24, (byte) 0x4c, + (byte) 0x67, (byte) 0x33, (byte) 0xbe, (byte) 0xfe, + (byte) 0x5a, (byte) 0x97, (byte) 0x71, (byte) 0x0f, + (byte) 0x0d, (byte) 0xc5, (byte) 0x6d, (byte) 0xc0, + (byte) 0x8d, (byte) 0x9d, (byte) 0x9d, (byte) 0xf9, + (byte) 0xd8, (byte) 0x46 }; diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index d653c10..e63bcf2 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -363,6 +363,7 @@ public class SimpleECCApplet extends Applet { } if (sw != ISO7816.SW_NO_ERROR) { testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE; + testFlags &= ~FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT; } } Util.setShort(buffer, bufferOffset, sw); -- cgit v1.2.3-70-g09d2 From 5f0ec2706a9dbb6aa72ea3c7eb798cd83045e867 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sat, 10 Dec 2016 23:32:41 +0100 Subject: Added CLI options, Apache commons-cli lib, anomalous curve key export - Added CLI options, see SimpleAPDU.jar -h - Added Apache commons-cli for CLI options, it uses Apache license - Added support for anomalous curve export both reader/applet side: `java -jar SimpleAPDU.jar -g 10 -b 256 -fp -s` generates 10 curves over ECSP256 an anomalous 256bit curve. --- !uploader/simpleECC.cap | Bin 18215 -> 18296 bytes README.md | 39 ++-- dist/SimpleAPDU.jar | Bin 3078963 -> 470966 bytes lib/commons-cli-1.3.1-javadoc.jar | Bin 0 -> 169756 bytes lib/commons-cli-1.3.1.jar | Bin 0 -> 52988 bytes src/applets/ECKeyGenerator.java | 5 +- src/applets/SimpleECCApplet.java | 23 ++- src/simpleapdu/CardMngr.java | 7 +- src/simpleapdu/DirtyLogger.java | 12 +- src/simpleapdu/SimpleAPDU.java | 419 +++++++++++++++++++++----------------- 10 files changed, 285 insertions(+), 220 deletions(-) create mode 100644 lib/commons-cli-1.3.1-javadoc.jar create mode 100644 lib/commons-cli-1.3.1.jar diff --git a/!uploader/simpleECC.cap b/!uploader/simpleECC.cap index e76168c..52fef17 100644 Binary files a/!uploader/simpleECC.cap and b/!uploader/simpleECC.cap differ diff --git a/README.md b/README.md index df80750..ad76fc1 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ Tests support and behavior of smartcards with JavaCard platform with focus on El Usage ------ 1. Upload simpleECC.cap using your favorite tool (e.g., [GlobalPlatformPro tool](https://github.com/martinpaljak/GlobalPlatform)) -2. Run java -jar SimpleAPDU.jar +2. Run `java -jar SimpleAPDU.jar` 3. Inspect output log with annotated results Following operations are tested: @@ -14,24 +14,33 @@ Following operations are tested: - Generation of keypair with default curve - Setting of custom curve and keypair generation - Generation of shared secret via ECDH -- Behavior of card when invalid curves/points are provided (shoudl fail) +- Signature via ECDSA +- Behavior of card when invalid curves/points are provided (should fail) + +See `java -jar SimpleAPDU.jar -h` for more. Example output -------------- - EC type: ALG_EC_FP - EC key length (bits): 224 bits - KeyPair object allocation: OK (0x9000) - Generate key with def curve (fails if no def): fail (ILLEGAL_VALUE, 0x1) - Set valid custom curve: OK (0x9000) - Generate key with valid curve: OK (0x9000) - !!ECDH agreement with valid point: fail (0x6f00) - ECDH agreement with invalid point (fail is good): fail (unknown, 0x6f00) - Set invalid custom curve (fail is good): fail (ILLEGAL_VALUE, 0x1) - Generate key with invalid curve (fail is good): fail (skipped, 0xee1) - - -*Explanation: ALG_EC_FP with 224b curve was tested. Is supported by card (KeyPair object allocation: OK), don't have preset default curve (Generate key with def curve: fail), custom curve can be set (Set valid custom curve: OK), new keypair can be generated (Generate key with valid curve: OK), ECDH key agreement failed to execute (ECDH agreement with valid point: fail) altough it was supposed to suceed (log line is therefore marked with !!), ECDH wil fail (expected behavior) if invalid point is provided (ECDH agreement with invalid point: fail), invalid custom curve cannot be set (expected behavior) (Set invalid custom curve: fail) and new keypair cannot be generated with invalid curve (Generate key with invalid curve: skipped) - last test was skipped as invalid curve canot be set.* + ### Test for support and with valid and invalid EC curves + EC type: ALG_EC_FP + EC key length (bits): 256 bits + KeyPair object allocation: OK (0x9000) + Generate key with def curve (fails if no def): OK (0x9000) + Set valid custom curve: OK (0x9000) + Generate key with valid curve: OK (0x9000) + !! ECDH agreement with valid point: fail (unknown, 0x6f00) + ECDH agreement with invalid point (fail is good): fail (ILLEGAL_VALUE, 0x 1) + ECDSA signature on random data: OK (0x9000) + Set anomalous custom curve (may fail): OK (0x9000) + Generate key with anomalous curve (may fail): fail (unknown, 0x6f00) + ECDH agreement with small order point (fail is good):fail (skipped, 0x ee1) + Set invalid custom curve (may fail): OK (0x9000) + Generate key with invalid curve (fail is good): fail (unknown, 0x6f00) + Set invalid field (may fail): OK (0x9000) + Generate key with invalid field (fail si good): fail (unknown, 0x6f00) + +*Explanation: ALG_EC_FP with 256b curve was tested. Is supported by card (KeyPair object allocation: OK), don't have preset default curve (Generate key with def curve: fail), custom curve can be set (Set valid custom curve: OK), new keypair can be generated (Generate key with valid curve: OK), ECDH key agreement failed to execute (ECDH agreement with valid point: fail) although it was supposed to succeed (log line is therefore marked with !!), ECDH wil fail (expected behavior) if invalid point is provided (ECDH agreement with invalid point: fail), ECDSA signature worked and verified correctly (ECDSA signature on random data: OK), anomalous curve can be set (Set anomalous custom curve: OK), however generating a key on it will fail (Generate key with anomalous curve: fail), ECDH with small-order public key provided will fail as intended (ECDH agreement with small order point: fail), invalid custom curve could be set (Set invalid custom curve: OK), new keypair cannot be generated with invalid curve (Generate key with invalid curve: fail), invalid field (non-prime) could be set (Set invalid field: OK), however a key could not be generated (Generate key with invalid field: fail).* If you are interested in testing support for other JavaCard algorithms, please visit JCAlgTester project: https://github.com/crocs-muni/JCAlgTest diff --git a/dist/SimpleAPDU.jar b/dist/SimpleAPDU.jar index 09b7e73..1e96259 100644 Binary files a/dist/SimpleAPDU.jar and b/dist/SimpleAPDU.jar differ diff --git a/lib/commons-cli-1.3.1-javadoc.jar b/lib/commons-cli-1.3.1-javadoc.jar new file mode 100644 index 0000000..c741ec4 Binary files /dev/null and b/lib/commons-cli-1.3.1-javadoc.jar differ diff --git a/lib/commons-cli-1.3.1.jar b/lib/commons-cli-1.3.1.jar new file mode 100644 index 0000000..c3e7a1f Binary files /dev/null and b/lib/commons-cli-1.3.1.jar differ diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java index c4b71c0..491cd86 100644 --- a/src/applets/ECKeyGenerator.java +++ b/src/applets/ECKeyGenerator.java @@ -22,7 +22,6 @@ public class ECKeyGenerator { public static final byte KEY_BOTH = KEY_PUBLIC | KEY_PRIVATE; - //TODO: add something like allocateGenerate, or modify allocate to auto-generate a key-pair if it returns null key references after allocating public short allocatePair(byte keyClass, short keyLength) { short result = ISO7816.SW_NO_ERROR; try { @@ -105,6 +104,10 @@ public class ECKeyGenerator { return sw; } + public short setCustomAnomalousCurve(short keyClass, short keyLength, byte[] buffer, short offset) { + return setCustomCurve(EC_Consts.getAnomalousCurve(keyClass, keyLength), buffer, offset); + } + public short setParameter(byte key, short param, byte[] data, short offset, short length) { short result = ISO7816.SW_NO_ERROR; try { diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index e63bcf2..ecdfa4e 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -359,7 +359,7 @@ public class SimpleECCApplet extends Applet { sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_SET_ANOMALOUSCURVE) != (short) 0) { if (keyClass == KeyPair.ALG_EC_FP) { //Only FP supported at the moment - sw = ecKeyGenerator.setCustomCurve(EC_Consts.getAnomalousCurve(keyClass, keyLen), m_ramArray, (short) 0); + sw = ecKeyGenerator.setCustomAnomalousCurve(keyClass, keyLen, m_ramArray, (short) 0); } if (sw != ISO7816.SW_NO_ERROR) { testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE; @@ -915,21 +915,30 @@ public class SimpleECCApplet extends Applet { void GenerateAndReturnKey(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); apdu.setIncomingAndReceive(); + + short offset = ISO7816.OFFSET_CDATA; + byte keyClass = apdubuf[offset]; + offset++; - short bitLen = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); + short keyLength = Util.getShort(apdubuf, offset); + offset+=2; - short offset = 0; + byte anomalous = apdubuf[offset]; + + offset = 0; switch (apdubuf[ISO7816.OFFSET_P1]) { case P1_SETCURVE: { - ecKeyGenerator.allocatePair(KeyPair.ALG_EC_FP, bitLen); + ecKeyGenerator.allocatePair(keyClass, keyLength); + if(anomalous != 0) { + ecKeyGenerator.setCustomAnomalousCurve(keyClass, keyLength, m_ramArray, (short) 0); + } else { + ecKeyGenerator.setCustomCurve(keyClass, keyLength, m_ramArray, (short) 0); + } ecKeyGenerator.generatePair(); ecPubKey = ecKeyGenerator.getPublicKey(); ecPrivKey = ecKeyGenerator.getPrivateKey(); - - // If required, initialize curve parameters first - ecKeyGenerator.setCustomCurve(KeyPair.ALG_EC_FP, bitLen, m_ramArray, (short) 0); break; } case P1_GENERATEKEYPAIR: { diff --git a/src/simpleapdu/CardMngr.java b/src/simpleapdu/CardMngr.java index d778bc8..ae8bd55 100644 --- a/src/simpleapdu/CardMngr.java +++ b/src/simpleapdu/CardMngr.java @@ -105,7 +105,10 @@ public class CardMngr { return true; } - + + public boolean isConnected() { + return m_card != null; + } public void DisconnectFromCard() throws Exception { if (m_card != null) { @@ -191,7 +194,7 @@ public class CardMngr { if (responseAPDU.getSW1() == (byte) 0x61) { CommandAPDU apduToSend = new CommandAPDU((byte) 0x00, (byte) 0xC0, (byte) 0x00, (byte) 0x00, - (int) responseAPDU.getSW1()); + responseAPDU.getSW1()); responseAPDU = m_channel.transmit(apduToSend); System.out.println(bytesToHex(responseAPDU.getBytes())); diff --git a/src/simpleapdu/DirtyLogger.java b/src/simpleapdu/DirtyLogger.java index 69e5e65..c06571b 100644 --- a/src/simpleapdu/DirtyLogger.java +++ b/src/simpleapdu/DirtyLogger.java @@ -1,14 +1,7 @@ -/* - * To change this license header, choose License Headers in Project Properties. - * To change this template file, choose Tools | Templates - * and open the template in the editor. - */ package simpleapdu; import java.io.FileOutputStream; import java.io.IOException; -import java.util.logging.Level; -import java.util.logging.Logger; /** * @@ -17,6 +10,7 @@ import java.util.logging.Logger; public class DirtyLogger { FileOutputStream m_logFile; boolean m_bOutputSystemOut = true; + public DirtyLogger(FileOutputStream logFile, boolean bOutputSystemOut) { m_logFile = logFile; m_bOutputSystemOut = bOutputSystemOut; @@ -47,4 +41,8 @@ public class DirtyLogger { } catch (IOException ex) { } } + + void close() throws IOException { + m_logFile.close(); + } } diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 44bf302..241ef4c 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -5,7 +5,13 @@ import applets.SimpleECCApplet; import javacard.framework.ISO7816; import javacard.security.CryptoException; import javacard.security.KeyPair; -import sun.java2d.pipe.SpanShapeRenderer; +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.CommandLineParser; +import org.apache.commons.cli.DefaultParser; +import org.apache.commons.cli.HelpFormatter; +import org.apache.commons.cli.Option; +import org.apache.commons.cli.Options; +import org.apache.commons.cli.ParseException; import javax.smartcardio.ResponseAPDU; import java.io.FileNotFoundException; @@ -18,13 +24,17 @@ import java.util.Arrays; * @author Petr Svenda petr@svenda.com */ public class SimpleAPDU { - static CardMngr cardManager = new CardMngr(); + private CardMngr cardManager = new CardMngr(); + private DirtyLogger systemOutLogger = null; + + private CommandLineParser cliParser = new DefaultParser(); + private Options opts = new Options(); + private static final String cliHeader = ""; + private static final String cliFooter = ""; private final static byte SELECT_ECTESTERAPPLET[] = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; - static DirtyLogger m_SystemOutLogger = null; - private static final byte TESTECSUPPORTALL_FP[] = {(byte) 0xB0, (byte) 0x5E, (byte) 0x00, (byte) 0x00, (byte) 0x00}; private static final byte TESTECSUPPORTALL_F2M[] = {(byte) 0xB0, (byte) 0x5F, (byte) 0x00, (byte) 0x00, (byte) 0x00}; private static final byte TESTECSUPPORT_GIVENALG[] = {(byte) 0xB0, (byte) 0x71, (byte) 0x00, (byte) 0x00, (byte) 0x03, (byte) 0x00, (byte) 0x00, (byte) 0x00}; @@ -38,8 +48,104 @@ public class SimpleAPDU { private static final short INVALIDCURVEB_CORRUPTIONTYPE_OFFSET = 7; private static final short INVALIDCURVEB_REWINDONSUCCESS_OFFSET = 9; - private static final byte TESTECSUPPORT_GENERATEECCKEY[] = {(byte) 0xB0, (byte) 0x5a, (byte) 0x00, (byte) 0x00, (byte) 0x02, (byte) 0x00, (byte) 0x00}; + private static final byte TESTECSUPPORT_GENERATEECCKEY[] = {(byte) 0xB0, (byte) 0x5a, (byte) 0x00, (byte) 0x00, (byte) 0x04, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00}; + private static final short GENERATEECKEY_ALG_OFFSET = 5; + private static final short GENERATEECKEY_KEYLENGTH_OFFSET = 6; + private static final short GENERATEECKEY_ANOMALOUS_OFFSET = 8; + + + public void run(String[] args) { + try { + //parse cmd args + CommandLine cli = parseArgs(args); + + //byte[] installData = new byte[10]; + //byte[] AID = {(byte) 0x4C, (byte) 0x61, (byte) 0x62, (byte) 0x61, (byte) 0x6B, (byte) 0x41, (byte) 0x70, (byte) 0x70, (byte) 0x6C, (byte) 0x65, (byte) 0x74}; + //cardManager.prepareLocalSimulatorApplet(AID, installData, SimpleECCApplet.class); + + //do stuff + if (cli.hasOption("help")) { + HelpFormatter help = new HelpFormatter(); + help.printHelp("SimpleAPDU", cliHeader, opts, cliFooter); + } else { + //open log(only when actually doing something) + String logFileName = cli.getOptionValue("output-file", String.format("ECTESTER_log_%d.log", System.currentTimeMillis())); + FileOutputStream stdoutStream = new FileOutputStream(logFileName); + systemOutLogger = new DirtyLogger(stdoutStream, true); + + boolean fp = cli.hasOption("fp"); + boolean f2m = cli.hasOption("f2m"); + if (!fp && !f2m) { + fp = true; + f2m = true; + } + int genAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); + int keyLength = Integer.parseInt(cli.getOptionValue("b", "192")); + + if (cli.hasOption("generate")) { + //generate EC keys + if (fp) { + generateECKeys(genAmount, KeyPair.ALG_EC_FP, (short) keyLength, cli.hasOption("anomalous")); + } + if (f2m) { + generateECKeys(genAmount, KeyPair.ALG_EC_F2M, (short) keyLength, cli.hasOption("anomalous")); + } + } else if (cli.hasOption("test")) { + if (cli.hasOption("bit-length")) { + //test only one bitsize + if (fp) { + testSupportECFp((short) keyLength); + } + if (f2m) { + testSupportECFp((short) keyLength); + } + } else { + //test default bit sizes + testSupportECAll(fp, f2m); + testFPkeyGen((short) 10, EC_Consts.CORRUPTION_ONEBYTERANDOM, true); + } + } else { + systemOutLogger.println("You need to specify one of -t / -g [num] commands."); + } + + //close log + systemOutLogger.close(); + } + + //disconnect + cardManager.DisconnectFromCard(); + } catch (Exception ex) { + if (systemOutLogger != null) { + systemOutLogger.println("Exception : " + ex); + } + } + } + private CommandLine parseArgs(String[] args) throws ParseException { + + opts.addOption("h", "help", false, "show this help"); + opts.addOption(Option.builder("g") + .longOpt("generate") + .hasArg() + .optionalArg(true) + .argName("num") + .desc("generate EC keys").build()); + opts.addOption("t", "test", false, "test EC support (default)"); + opts.addOption(Option.builder("b") + .longOpt("bit-length") + .hasArg() + .argName("bits") + .desc("set EC bit size").build()); + opts.addOption("f2m", "use EC over binary-fields"); + opts.addOption("fp", "user EC over prime-fields (default)"); + opts.addOption("s", "anomalous", false, "generate anomalous (non-prime order, small pubkey order) curves"); + opts.addOption(Option.builder("o") + .longOpt("output-file") + .hasArg() + .argName("file") + .desc("output file to log to").build()); + return cliParser.parse(opts, args); + } static short getShort(byte[] array, int offset) { return (short) (((array[offset] & 0xFF) << 8) | (array[offset + 1] & 0xFF)); @@ -50,190 +156,125 @@ public class SimpleAPDU { array[offset] = (byte) ((value >> 8) & 0xFF); } - static void testFPkeyGen_setNumRepeats(byte[] apduArray, short numRepeats) { - setShort(apduArray, INVALIDCURVEB_NUMREPEATS_OFFSET, numRepeats); - } - - static void testFPkeyGen_setCorruptionType(byte[] apduArray, short corruptionType) { - setShort(apduArray, INVALIDCURVEB_CORRUPTIONTYPE_OFFSET, corruptionType); - } - - static void testFPkeyGen_rewindOnSuccess(byte[] apduArray, boolean bRewind) { - apduArray[INVALIDCURVEB_REWINDONSUCCESS_OFFSET] = bRewind ? (byte) 1 : (byte) 0; - } + private boolean ReconnnectToCard() throws Exception { + if (cardManager.isConnected()) { + cardManager.DisconnectFromCard(); + } - static CardMngr ReconnnectToCard() throws Exception { - cardManager.DisconnectFromCard(); - if (cardManager.ConnectToCard()) { + boolean result = cardManager.ConnectToCard(); + if (result) { // Select our application on card cardManager.sendAPDU(SELECT_ECTESTERAPPLET); } - return cardManager; + return result; } - static void testSupportECGivenAlg(byte[] apdu, CardMngr cardManager) throws Exception { + private void testFPkeyGen(short numRepeats, short corruptionType, boolean bRewind) throws Exception { + byte[] apdu = Arrays.copyOf(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB, TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB.length); + setShort(apdu, INVALIDCURVEB_NUMREPEATS_OFFSET, numRepeats); + setShort(apdu, INVALIDCURVEB_CORRUPTIONTYPE_OFFSET, corruptionType); + apdu[INVALIDCURVEB_REWINDONSUCCESS_OFFSET] = bRewind ? (byte) 1 : (byte) 0; + + ReconnnectToCard(); + ResponseAPDU resp_fp_keygen = cardManager.sendAPDU(apdu); + ResponseAPDU resp_keygen_params = cardManager.sendAPDU(TESTECSUPPORTALL_LASTUSEDPARAMS); + PrintECKeyGenInvalidCurveB(resp_fp_keygen); + PrintECKeyGenInvalidCurveB_lastUserParams(resp_keygen_params); + } + + private void testSupportECGivenAlg(short keyLength, byte keyClass) throws Exception { + byte[] apdu = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); + apdu[TESTECSUPPORT_ALG_OFFSET] = keyClass; + setShort(apdu, TESTECSUPPORT_KEYLENGTH_OFFSET, keyLength); + ReconnnectToCard(); ResponseAPDU resp = cardManager.sendAPDU(apdu); //byte[] resp = cardManager.sendAPDUSimulator(apdu); PrintECSupport(resp); } - static void testSupportECAll(CardMngr cardManager) throws Exception { - byte[] testAPDU = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); - - testAPDU[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_FP; - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 128); - testSupportECGivenAlg(testAPDU, cardManager); - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 160); - testSupportECGivenAlg(testAPDU, cardManager); - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 192); - testSupportECGivenAlg(testAPDU, cardManager); - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 224); - testSupportECGivenAlg(testAPDU, cardManager); - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 256); - testSupportECGivenAlg(testAPDU, cardManager); - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 384); - testSupportECGivenAlg(testAPDU, cardManager); - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 521); - testSupportECGivenAlg(testAPDU, cardManager); - - testAPDU[TESTECSUPPORT_ALG_OFFSET] = KeyPair.ALG_EC_F2M; - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 113); - testSupportECGivenAlg(testAPDU, cardManager); - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 131); - testSupportECGivenAlg(testAPDU, cardManager); - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 163); - testSupportECGivenAlg(testAPDU, cardManager); - setShort(testAPDU, TESTECSUPPORT_KEYLENGTH_OFFSET, (short) 193); - testSupportECGivenAlg(testAPDU, cardManager); - + private void testSupportECFp(short keyLength) throws Exception { + testSupportECGivenAlg(keyLength, KeyPair.ALG_EC_FP); } - public static void main(String[] args) throws FileNotFoundException, IOException { - //parse cli args. Should be replaced with some cli parsing library code in the future. - boolean genKeys = false; - int genAmount = 0; - boolean testAll = false; - if (args.length > 0) { - for (int i = 0; i < args.length; i++) { - if (args[i].equals("-g")) { - genKeys = true; - if (args.length >= i + 1) { - try { - genAmount = Integer.parseInt(args[i + 1]); - }catch (NumberFormatException ignored) { - //is another param, genAmount = 0 by default - genAmount = 0; - } + private void testSupportECF2m(short keyLength) throws Exception { + testSupportECGivenAlg(keyLength, KeyPair.ALG_EC_F2M); + } - } - } else if (args[i].equals("-a")) { - testAll = true; - } - } + private void testSupportECAll(boolean testFp, boolean testF2m) throws Exception { + if (testFp) { + testSupportECFp((short) 128); + testSupportECFp((short) 192); + testSupportECFp((short) 224); + testSupportECFp((short) 256); + testSupportECFp((short) 384); + testSupportECFp((short) 521); } - //by default do the test - if (!genKeys && !testAll) { - testAll = true; + if (testF2m) { + testSupportECF2m((short) 113); + testSupportECF2m((short) 131); + testSupportECF2m((short) 163); + testSupportECF2m((short) 193); } + } + private void generateECKeys(int amount, byte keyClass, short keyLength, boolean anomalous) throws Exception { + if (cardManager.ConnectToCardSelect()) { + cardManager.sendAPDU(SELECT_ECTESTERAPPLET); - String logFileName = String.format("ECTESTER_log_%d.log", System.currentTimeMillis()); - FileOutputStream systemOutLogger = new FileOutputStream(logFileName); - m_SystemOutLogger = new DirtyLogger(systemOutLogger, true); - - try { - if (testAll) { - //byte[] installData = new byte[10]; - //byte[] AID = {(byte) 0x4C, (byte) 0x61, (byte) 0x62, (byte) 0x61, (byte) 0x6B, (byte) 0x41, (byte) 0x70, (byte) 0x70, (byte) 0x6C, (byte) 0x65, (byte) 0x74}; - //cardManager.prepareLocalSimulatorApplet(AID, installData, SimpleECCApplet.class); - if (cardManager.ConnectToCard()) { - - // Test all default curves for both fields - testSupportECAll(cardManager); - - // Test setting invalid parameter B of curve - byte[] testAPDU = Arrays.copyOf(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB, TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB.length); - testFPkeyGen_setCorruptionType(testAPDU, EC_Consts.CORRUPTION_ONEBYTERANDOM); - testFPkeyGen_setNumRepeats(testAPDU, (short) 10); - testFPkeyGen_rewindOnSuccess(testAPDU, true); - - ReconnnectToCard(); - ResponseAPDU resp_fp_keygen = cardManager.sendAPDU(testAPDU); - ResponseAPDU resp_keygen_params = cardManager.sendAPDU(TESTECSUPPORTALL_LASTUSEDPARAMS); - PrintECKeyGenInvalidCurveB(resp_fp_keygen); - PrintECKeyGenInvalidCurveB_lastUserParams(resp_keygen_params); - - cardManager.DisconnectFromCard(); - } else { - m_SystemOutLogger.println("Failed to connect to card"); + String keyFileName = String.format("ECKEYS_%s_%d.log", keyClass == KeyPair.ALG_EC_FP ? "fp" : "f2m", System.currentTimeMillis()); + FileOutputStream keysFile = new FileOutputStream(keyFileName); + + String message = "index;time;pubW;privS\n"; + keysFile.write(message.getBytes()); + byte[] gatherKeyAPDU = Arrays.copyOf(TESTECSUPPORT_GENERATEECCKEY, TESTECSUPPORT_GENERATEECCKEY.length); + // Prepare keypair object + gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_SETCURVE; + gatherKeyAPDU[GENERATEECKEY_ALG_OFFSET] = keyClass; + setShort(gatherKeyAPDU, GENERATEECKEY_KEYLENGTH_OFFSET, keyLength); + gatherKeyAPDU[GENERATEECKEY_ANOMALOUS_OFFSET] = anomalous ? (byte) 1 : (byte) 0; + ResponseAPDU respGather = cardManager.sendAPDU(gatherKeyAPDU); + + // Generate new keypair + gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_GENERATEKEYPAIR; + int counter = 0; + while (true) { + counter++; + long elapsed = -System.nanoTime(); + respGather = cardManager.sendAPDU(gatherKeyAPDU); + elapsed += System.nanoTime(); + + byte[] data = respGather.getData(); + int offset = 0; + String pubKeyW = ""; + String privKeyS = ""; + if (data[offset] == EC_Consts.TAG_ECPUBKEY) { + offset++; + short len = getShort(data, offset); + offset += 2; + pubKeyW = CardMngr.bytesToHex(data, offset, len, false); + offset += len; + } + if (data[offset] == EC_Consts.TAG_ECPRIVKEY) { + offset++; + short len = getShort(data, offset); + offset += 2; + privKeyS = CardMngr.bytesToHex(data, offset, len, false); + offset += len; } - } - - if (genKeys) { - // Gather large number of ECC keypairs - if (cardManager.ConnectToCardSelect()) { - cardManager.sendAPDU(SELECT_ECTESTERAPPLET); - - String keyFileName = String.format("ECKEYS_%d.log", System.currentTimeMillis()); - FileOutputStream keysFile = new FileOutputStream(keyFileName); - - String message = "index;time;pubW;privS\n"; - keysFile.write(message.getBytes()); - byte[] gatherKeyAPDU = Arrays.copyOf(TESTECSUPPORT_GENERATEECCKEY, TESTECSUPPORT_GENERATEECCKEY.length); - // Prepare keypair object - gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_SETCURVE; - setShort(gatherKeyAPDU, (short) 5, (short) 192); // ecc length - ResponseAPDU respGather = cardManager.sendAPDU(gatherKeyAPDU); - - // Generate new keypair - gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_GENERATEKEYPAIR; - int counter = 0; - while (true) { - counter++; - long elapsed = -System.nanoTime(); - respGather = cardManager.sendAPDU(gatherKeyAPDU); - elapsed += System.nanoTime(); - - byte[] data = respGather.getData(); - int offset = 0; - String pubKeyW = ""; - String privKeyS = ""; - if (data[offset] == EC_Consts.TAG_ECPUBKEY) { - offset++; - short len = getShort(data, offset); - offset += 2; - pubKeyW = CardMngr.bytesToHex(data, offset, len, false); - offset += len; - } - if (data[offset] == EC_Consts.TAG_ECPRIVKEY) { - offset++; - short len = getShort(data, offset); - offset += 2; - privKeyS = CardMngr.bytesToHex(data, offset, len, false); - offset += len; - } - message = String.format("%d;%d;%s;%s\n", counter, elapsed / 1000000, pubKeyW, privKeyS); - keysFile.write(message.getBytes()); + message = String.format("%d;%d;%s;%s\n", counter, elapsed / 1000000, pubKeyW, privKeyS); + keysFile.write(message.getBytes()); - m_SystemOutLogger.flush(); - keysFile.flush(); + this.systemOutLogger.flush(); + keysFile.flush(); - //stop when we have enough keys, go on forever with 0 - if (counter >= genAmount && genAmount != 0) - break; - } - } + //stop when we have enough keys, go on forever with 0 + if (counter >= amount && amount != 0) + break; } - - - } catch (Exception ex) { - m_SystemOutLogger.println("Exception : " + ex); } - - systemOutLogger.close(); } static String getPrintError(short code) { @@ -278,12 +319,12 @@ public class SimpleAPDU { MUST_FAIL } - static int VerifyPrintResult(String message, byte expectedTag, byte[] buffer, int bufferOffset, ExpResult expRes) { + private int VerifyPrintResult(String message, byte expectedTag, byte[] buffer, int bufferOffset, ExpResult expRes) { if (bufferOffset >= buffer.length) { - m_SystemOutLogger.println(" No more data returned"); + systemOutLogger.println(" No more data returned"); } else { if (buffer[bufferOffset] != expectedTag) { - m_SystemOutLogger.println(" ERROR: mismatched tag"); + systemOutLogger.println(" ERROR: mismatched tag"); assert (buffer[bufferOffset] == expectedTag); } bufferOffset++; @@ -298,22 +339,21 @@ public class SimpleAPDU { bHiglight = true; } if (bHiglight) { - m_SystemOutLogger.println(String.format("!! %-50s%s", message, getPrintError(resCode))); + systemOutLogger.println(String.format("!! %-53s%s", message, getPrintError(resCode))); } else { - m_SystemOutLogger.println(String.format(" %-50s%s", message, getPrintError(resCode))); + systemOutLogger.println(String.format(" %-53s%s", message, getPrintError(resCode))); } } return bufferOffset; } - static void PrintECSupport(ResponseAPDU resp) { + private void PrintECSupport(ResponseAPDU resp) { PrintECSupport(resp.getData()); } - static void PrintECSupport(byte[] buffer) { - - m_SystemOutLogger.println(); - m_SystemOutLogger.println("### Test for support and with valid and invalid EC curves"); + private void PrintECSupport(byte[] buffer) { + systemOutLogger.println(); + systemOutLogger.println("### Test for support and with valid and invalid EC curves"); int bufferOffset = 0; while (bufferOffset < buffer.length) { assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); @@ -325,10 +365,10 @@ public class SimpleAPDU { if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { ecType = "ALG_EC_F2M"; } - m_SystemOutLogger.println(String.format("%-53s%s", "EC type:", ecType)); + systemOutLogger.println(String.format("%-56s%s", "EC type:", ecType)); bufferOffset++; short keyLen = getShort(buffer, bufferOffset); - m_SystemOutLogger.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); + systemOutLogger.println(String.format("%-56s%d bits", "EC key length (bits):", keyLen)); bufferOffset += 2; bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); @@ -346,18 +386,17 @@ public class SimpleAPDU { bufferOffset = VerifyPrintResult("Set invalid field (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDFIELD, buffer, bufferOffset, ExpResult.MAY_FAIL); bufferOffset = VerifyPrintResult("Generate key with invalid field (fail si good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDFIELD, buffer, bufferOffset, ExpResult.MUST_FAIL); - m_SystemOutLogger.println(); + systemOutLogger.println(); } } - static void PrintECKeyGenInvalidCurveB(ResponseAPDU resp) { + private void PrintECKeyGenInvalidCurveB(ResponseAPDU resp) { PrintECKeyGenInvalidCurveB(resp.getData()); } - static void PrintECKeyGenInvalidCurveB(byte[] buffer) { - - m_SystemOutLogger.println(); - m_SystemOutLogger.println("### Test for computation with invalid parameter B for EC curve"); + private void PrintECKeyGenInvalidCurveB(byte[] buffer) { + systemOutLogger.println(); + systemOutLogger.println("### Test for computation with invalid parameter B for EC curve"); int bufferOffset = 0; while (bufferOffset < buffer.length) { assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); @@ -369,15 +408,15 @@ public class SimpleAPDU { if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { ecType = "ALG_EC_F2M"; } - m_SystemOutLogger.println(String.format("%-53s%s", "EC type:", ecType)); + systemOutLogger.println(String.format("%-53s%s", "EC type:", ecType)); bufferOffset++; short keyLen = getShort(buffer, bufferOffset); - m_SystemOutLogger.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); + systemOutLogger.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); bufferOffset += 2; short numRepeats = getShort(buffer, bufferOffset); bufferOffset += 2; - m_SystemOutLogger.println(String.format("%-53s%d times", "Executed repeats before unexpected error: ", numRepeats)); + systemOutLogger.println(String.format("%-53s%d times", "Executed repeats before unexpected error: ", numRepeats)); bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); while (bufferOffset < buffer.length) { @@ -390,18 +429,22 @@ public class SimpleAPDU { bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); } - m_SystemOutLogger.println(); + systemOutLogger.println(); } } - static void PrintECKeyGenInvalidCurveB_lastUserParams(ResponseAPDU resp) { + private void PrintECKeyGenInvalidCurveB_lastUserParams(ResponseAPDU resp) { byte[] buffer = resp.getData(); short offset = 0; - m_SystemOutLogger.print("Last used value of B: "); + systemOutLogger.print("Last used value of B: "); while (offset < buffer.length) { - m_SystemOutLogger.print(String.format("%x ", buffer[offset])); + systemOutLogger.print(String.format("%x ", buffer[offset])); offset++; } + } + public static void main(String[] args) throws FileNotFoundException, IOException { + SimpleAPDU app = new SimpleAPDU(); + app.run(args); } } -- cgit v1.2.3-70-g09d2 From da1ee8381f2f7eaf1cfcd4941ec9f95287435625 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sun, 11 Dec 2016 14:20:00 +0100 Subject: Fixed some issues with errors in key generation, and their propagation --- !uploader/simpleECC.cap | Bin 18296 -> 18330 bytes dist/SimpleAPDU.jar | Bin 470966 -> 471079 bytes src/applets/ECKeyGenerator.java | 8 ++--- src/applets/SimpleECCApplet.java | 63 ++++++++++++++++++++------------------- src/simpleapdu/SimpleAPDU.java | 11 +++++++ 5 files changed, 47 insertions(+), 35 deletions(-) diff --git a/!uploader/simpleECC.cap b/!uploader/simpleECC.cap index 52fef17..886ce88 100644 Binary files a/!uploader/simpleECC.cap and b/!uploader/simpleECC.cap differ diff --git a/dist/SimpleAPDU.jar b/dist/SimpleAPDU.jar index 1e96259..be5599a 100644 Binary files a/dist/SimpleAPDU.jar and b/dist/SimpleAPDU.jar differ diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java index 491cd86..2eb5679 100644 --- a/src/applets/ECKeyGenerator.java +++ b/src/applets/ECKeyGenerator.java @@ -215,8 +215,8 @@ public class ECKeyGenerator { public short exportParameter(byte key, short param, byte[] outputBuffer, short outputOffset) { if (key == KEY_BOTH) { - return -1; - }//TODO: change error handling. + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } short length = 0; try { switch (param) { @@ -255,9 +255,9 @@ public class ECKeyGenerator { ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } } catch (CryptoException ce) { - length = -1; + ISOException.throwIt(ce.getReason()); } catch (Exception e) { - length = -1; + ISOException.throwIt(ISO7816.SW_UNKNOWN); } return length; } diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java index ecdfa4e..a56250c 100644 --- a/src/applets/SimpleECCApplet.java +++ b/src/applets/SimpleECCApplet.java @@ -14,22 +14,22 @@ public class SimpleECCApplet extends Applet { final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; // INSTRUCTIONS - final static byte INS_GENERATEKEY = (byte) 0x5a; - final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; - - final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; - final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; - - final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; - final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; - final static byte INS_TESTEC_GENERATEINVALID_FP = (byte) 0x70; - final static byte INS_TESTECSUPPORT_GIVENALG = (byte) 0x71; - final static byte INS_TESTECSUPPORT_EXTERNAL = (byte) 0x72; - final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; - - - public final static byte P1_SETCURVE = (byte) 0x01; - public final static byte P1_GENERATEKEYPAIR = (byte) 0x02; + final static byte INS_GENERATEKEY = (byte) 0x5a; + final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; + + final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; + final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; + + final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; + final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; + final static byte INS_TESTEC_GENERATEINVALID_FP = (byte) 0x70; + final static byte INS_TESTECSUPPORT_GIVENALG = (byte) 0x71; + final static byte INS_TESTECSUPPORT_EXTERNAL = (byte) 0x72; + final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; + + + public final static byte P1_SETCURVE = (byte) 0x01; + public final static byte P1_GENERATEKEYPAIR = (byte) 0x02; final static short ARRAY_LENGTH = (short) 0xff; @@ -213,11 +213,11 @@ public class SimpleECCApplet extends Applet { case INS_ALLOCATEKEYPAIRS: AllocateKeyPairs(apdu); break; -*/ +*/ case INS_GENERATEKEY: GenerateAndReturnKey(apdu); break; - default : + default: // The INS code is not supported by the dispatcher ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); break; @@ -393,7 +393,7 @@ public class SimpleECCApplet extends Applet { bufferOffset++; sw = SW_SKIPPED; if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT) != (short) 0) { - short pubLength = EC_Consts.getCurveParameter(EC_Consts.getAnomalousCurve(keyClass,keyLen), EC_Consts.PARAMETER_W, m_ramArray, (short) 0); + short pubLength = EC_Consts.getCurveParameter(EC_Consts.getAnomalousCurve(keyClass, keyLen), EC_Consts.PARAMETER_W, m_ramArray, (short) 0); ecPrivKey = ecKeyGenerator.getPrivateKey(); sw = ecKeyTester.testECDH(ecPrivKey, m_ramArray, (short) 0, pubLength, m_ramArray2, (short) 1); } @@ -718,7 +718,6 @@ public class SimpleECCApplet extends Applet { bufferOffset += 2; - // // 2. Set invalid custom curve (many times) // @@ -919,23 +918,23 @@ public class SimpleECCApplet extends Applet { short offset = ISO7816.OFFSET_CDATA; byte keyClass = apdubuf[offset]; offset++; - + short keyLength = Util.getShort(apdubuf, offset); - offset+=2; + offset += 2; byte anomalous = apdubuf[offset]; offset = 0; - + switch (apdubuf[ISO7816.OFFSET_P1]) { case P1_SETCURVE: { ecKeyGenerator.allocatePair(keyClass, keyLength); - if(anomalous != 0) { + + if (anomalous != 0) { ecKeyGenerator.setCustomAnomalousCurve(keyClass, keyLength, m_ramArray, (short) 0); } else { ecKeyGenerator.setCustomCurve(keyClass, keyLength, m_ramArray, (short) 0); } - ecKeyGenerator.generatePair(); ecPubKey = ecKeyGenerator.getPublicKey(); ecPrivKey = ecKeyGenerator.getPrivateKey(); @@ -943,7 +942,10 @@ public class SimpleECCApplet extends Applet { } case P1_GENERATEKEYPAIR: { // Assumption: proper EC keyPair is already allocated and initialized - ecKeyGenerator.generatePair(); + short sw = ecKeyGenerator.generatePair(); + if (sw != ISO7816.SW_NO_ERROR) { + ISOException.throwIt(sw); + } ecPubKey = ecKeyGenerator.getPublicKey(); ecPrivKey = ecKeyGenerator.getPrivateKey(); @@ -951,19 +953,18 @@ public class SimpleECCApplet extends Applet { apdubuf[offset] = EC_Consts.TAG_ECPUBKEY; offset++; offset += 2; // reserve space for length - short len = ecPubKey.getW(apdubuf, offset); + short len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_W, apdubuf, offset); Util.setShort(apdubuf, (short) (offset - 2), len); offset += len; apdubuf[offset] = EC_Consts.TAG_ECPRIVKEY; offset++; offset += 2; // reserve space for length - len = ecPrivKey.getS(apdubuf, offset); + len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PRIVATE, EC_Consts.PARAMETER_S, apdubuf, offset); Util.setShort(apdubuf, (short) (offset - 2), len); offset += len; - break; } - default: + default: ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2); } @@ -1019,7 +1020,7 @@ public class SimpleECCApplet extends Applet { } -*/ +*/ } diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 241ef4c..4f291f0 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -234,7 +234,13 @@ public class SimpleAPDU { gatherKeyAPDU[GENERATEECKEY_ALG_OFFSET] = keyClass; setShort(gatherKeyAPDU, GENERATEECKEY_KEYLENGTH_OFFSET, keyLength); gatherKeyAPDU[GENERATEECKEY_ANOMALOUS_OFFSET] = anomalous ? (byte) 1 : (byte) 0; + ResponseAPDU respGather = cardManager.sendAPDU(gatherKeyAPDU); + if (respGather.getSW() != ISO7816.SW_NO_ERROR) { + systemOutLogger.println(String.format("Card error: %x", respGather.getSW())); + keysFile.close(); + return; + } // Generate new keypair gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_GENERATEKEYPAIR; @@ -245,6 +251,10 @@ public class SimpleAPDU { respGather = cardManager.sendAPDU(gatherKeyAPDU); elapsed += System.nanoTime(); + if (respGather.getSW() != ISO7816.SW_NO_ERROR) { + systemOutLogger.println(String.format("Card error: %x", respGather.getSW())); + break; + } byte[] data = respGather.getData(); int offset = 0; String pubKeyW = ""; @@ -274,6 +284,7 @@ public class SimpleAPDU { if (counter >= amount && amount != 0) break; } + keysFile.close(); } } -- cgit v1.2.3-70-g09d2 From 185e598ffcddf4e2a7341e4646f577a003c67263 Mon Sep 17 00:00:00 2001 From: petrs Date: Mon, 16 Jan 2017 07:56:48 +0100 Subject: nbproject files --- nbproject/build-impl.xml | 1413 +++++++++++++++++++++++++++++++++++++++++ nbproject/genfiles.properties | 8 + nbproject/project.properties | 76 +++ nbproject/project.xml | 15 + 4 files changed, 1512 insertions(+) create mode 100644 nbproject/build-impl.xml create mode 100644 nbproject/genfiles.properties create mode 100644 nbproject/project.properties create mode 100644 nbproject/project.xml diff --git a/nbproject/build-impl.xml b/nbproject/build-impl.xml new file mode 100644 index 0000000..e1da9f7 --- /dev/null +++ b/nbproject/build-impl.xml @@ -0,0 +1,1413 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must set src.dir + Must set test.src.dir + Must set build.dir + Must set dist.dir + Must set build.classes.dir + Must set dist.javadoc.dir + Must set build.test.classes.dir + Must set build.test.results.dir + Must set build.classes.excludes + Must set dist.jar + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must set javac.includes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + No tests executed. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must set JVM to use for profiling in profiler.info.jvm + Must set profiler agent JVM arguments in profiler.info.jvmargs.agent + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must select some files in the IDE or set javac.includes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + To run this application from the command line without Ant, try: + + java -jar "${dist.jar.resolved}" + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must select one file in the IDE or set run.class + + + + Must select one file in the IDE or set run.class + + + + + + + + + + + + + + + + + + + + + + + Must select one file in the IDE or set debug.class + + + + + Must select one file in the IDE or set debug.class + + + + + Must set fix.includes + + + + + + + + + + This target only works when run from inside the NetBeans IDE. + + + + + + + + + Must select one file in the IDE or set profile.class + This target only works when run from inside the NetBeans IDE. + + + + + + + + + This target only works when run from inside the NetBeans IDE. + + + + + + + + + + + + + This target only works when run from inside the NetBeans IDE. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must select one file in the IDE or set run.class + + + + + + Must select some files in the IDE or set test.includes + + + + + Must select one file in the IDE or set run.class + + + + + Must select one file in the IDE or set applet.url + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Must select some files in the IDE or set javac.includes + + + + + + + + + + + + + + + + + + + + Some tests failed; see details above. + + + + + + + + + Must select some files in the IDE or set test.includes + + + + Some tests failed; see details above. + + + + Must select some files in the IDE or set test.class + Must select some method in the IDE or set test.method + + + + Some tests failed; see details above. + + + + + Must select one file in the IDE or set test.class + + + + Must select one file in the IDE or set test.class + Must select some method in the IDE or set test.method + + + + + + + + + + + + + + Must select one file in the IDE or set applet.url + + + + + + + + + Must select one file in the IDE or set applet.url + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/nbproject/genfiles.properties b/nbproject/genfiles.properties new file mode 100644 index 0000000..133840f --- /dev/null +++ b/nbproject/genfiles.properties @@ -0,0 +1,8 @@ +build.xml.data.CRC32=314f40b8 +build.xml.script.CRC32=5d85f1b1 +build.xml.stylesheet.CRC32=8064a381@1.75.2.48 +# This file is used by a NetBeans-based IDE to track changes in generated files such as build-impl.xml. +# Do not edit this file. You may delete it but then the IDE will never regenerate such files for you. +nbproject/build-impl.xml.data.CRC32=667fcbc9 +nbproject/build-impl.xml.script.CRC32=e6bea23e +nbproject/build-impl.xml.stylesheet.CRC32=876e7a8f@1.75.2.48 diff --git a/nbproject/project.properties b/nbproject/project.properties new file mode 100644 index 0000000..49b2ea6 --- /dev/null +++ b/nbproject/project.properties @@ -0,0 +1,76 @@ +annotation.processing.enabled=true +annotation.processing.enabled.in.editor=false +annotation.processing.processors.list= +annotation.processing.run.all.processors=true +annotation.processing.source.output=${build.generated.sources.dir}/ap-source-output +application.title=ECTester +application.vendor=xsvenda +build.classes.dir=${build.dir}/classes +build.classes.excludes=**/*.java,**/*.form +# This directory is removed when the project is cleaned: +build.dir=build +build.generated.dir=${build.dir}/generated +build.generated.sources.dir=${build.dir}/generated-sources +# Only compile against the classpath explicitly listed here: +build.sysclasspath=ignore +build.test.classes.dir=${build.dir}/test/classes +build.test.results.dir=${build.dir}/test/results +# Uncomment to specify the preferred debugger connection transport: +#debug.transport=dt_socket +debug.classpath=\ + ${run.classpath} +debug.test.classpath=\ + ${run.test.classpath} +# Files in build.classes.dir which should be excluded from distribution jar +dist.archive.excludes= +# This directory is removed when the project is cleaned: +dist.dir=dist +dist.jar=${dist.dir}/SimpleAPDU.jar +dist.javadoc.dir=${dist.dir}/javadoc +endorsed.classpath= +excludes= +includes=** +jar.compress=false +javac.classpath=\ + ${libs.JCardSim2.2.classpath} +# Space-separated list of extra javac options +javac.compilerargs= +javac.deprecation=false +javac.processorpath=\ + ${javac.classpath} +javac.source=1.8 +javac.target=1.8 +javac.test.classpath=\ + ${javac.classpath}:\ + ${build.classes.dir} +javac.test.processorpath=\ + ${javac.test.classpath} +javadoc.additionalparam= +javadoc.author=false +javadoc.encoding=${source.encoding} +javadoc.noindex=false +javadoc.nonavbar=false +javadoc.notree=false +javadoc.private=false +javadoc.splitindex=true +javadoc.use=true +javadoc.version=false +javadoc.windowtitle= +main.class=simpleapdu.SimpleAPDU +manifest.file=manifest.mf +meta.inf.dir=${src.dir}/META-INF +mkdist.disabled=false +platform.active=default_platform +run.classpath=\ + ${javac.classpath}:\ + ${build.classes.dir} +# Space-separated list of JVM arguments used when running the project. +# You may also define separate properties like run-sys-prop.name=value instead of -Dname=value. +# To set system properties for unit tests define test-sys-prop.name=value: +run.jvmargs= +run.test.classpath=\ + ${javac.test.classpath}:\ + ${build.test.classes.dir} +source.encoding=UTF-8 +src.dir=src +test.src.dir=test diff --git a/nbproject/project.xml b/nbproject/project.xml new file mode 100644 index 0000000..6e5a48e --- /dev/null +++ b/nbproject/project.xml @@ -0,0 +1,15 @@ + + + org.netbeans.modules.java.j2seproject + + + ECTester + + + + + + + + + -- cgit v1.2.3-70-g09d2 From bffdcc6925d806d74179a76b2dc57a619e9c1886 Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 11 Jan 2017 19:49:00 +0100 Subject: SimpleAPDU: some cleanup --- src/simpleapdu/CardMngr.java | 24 ++++++++++++------------ src/simpleapdu/SimpleAPDU.java | 11 +++++------ 2 files changed, 17 insertions(+), 18 deletions(-) diff --git a/src/simpleapdu/CardMngr.java b/src/simpleapdu/CardMngr.java index ae8bd55..e60f695 100644 --- a/src/simpleapdu/CardMngr.java +++ b/src/simpleapdu/CardMngr.java @@ -12,13 +12,13 @@ import javax.smartcardio.*; * @author xsvenda */ public class CardMngr { - static CardTerminal m_terminal = null; - static CardChannel m_channel = null; - static Card m_card = null; + private CardTerminal m_terminal = null; + private CardChannel m_channel = null; + private Card m_card = null; // Simulator related attributes - private static CAD m_cad = null; - private static JavaxSmartCardInterface m_simulator = null; + private CAD m_cad = null; + private JavaxSmartCardInterface m_simulator = null; private final byte selectCM[] = { @@ -37,10 +37,11 @@ public class CardMngr { public boolean ConnectToCard() throws Exception { // TRY ALL READERS, FIND FIRST SELECTABLE - List terminalList = GetReaderList(); + List terminalList = GetReaderList(); - if (terminalList.isEmpty()) { + if (terminalList == null || terminalList.isEmpty()) { System.out.println("No terminals found"); + return false; } //List numbers of Card readers @@ -64,10 +65,10 @@ public class CardMngr { return cardFound; } - static boolean ConnectToCardSelect() throws CardException { + public boolean ConnectToCardSelect() throws CardException { // Test available card - if more present, let user to select one List terminalList = CardMngr.GetReaderList(); - if (terminalList.isEmpty()) { + if (terminalList == null || terminalList.isEmpty()) { System.out.println("ERROR: No suitable reader with card detected. Please check your reader connection"); return false; } else { @@ -163,11 +164,10 @@ public class CardMngr { } } - public static List GetReaderList() { + public static List GetReaderList() { try { TerminalFactory factory = TerminalFactory.getDefault(); - List readersList = factory.terminals().list(); - return readersList; + return factory.terminals().list(); } catch (Exception ex) { System.out.println("Exception : " + ex); return null; diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java index 4f291f0..5e51221 100644 --- a/src/simpleapdu/SimpleAPDU.java +++ b/src/simpleapdu/SimpleAPDU.java @@ -14,7 +14,6 @@ import org.apache.commons.cli.Options; import org.apache.commons.cli.ParseException; import javax.smartcardio.ResponseAPDU; -import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.util.Arrays; @@ -54,7 +53,7 @@ public class SimpleAPDU { private static final short GENERATEECKEY_ANOMALOUS_OFFSET = 8; - public void run(String[] args) { + private void run(String[] args) { try { //parse cmd args CommandLine cli = parseArgs(args); @@ -91,7 +90,7 @@ public class SimpleAPDU { generateECKeys(genAmount, KeyPair.ALG_EC_F2M, (short) keyLength, cli.hasOption("anomalous")); } } else if (cli.hasOption("test")) { - if (cli.hasOption("bit-length")) { + if (cli.hasOption("bit-size")) { //test only one bitsize if (fp) { testSupportECFp((short) keyLength); @@ -132,7 +131,7 @@ public class SimpleAPDU { .desc("generate EC keys").build()); opts.addOption("t", "test", false, "test EC support (default)"); opts.addOption(Option.builder("b") - .longOpt("bit-length") + .longOpt("bit-size") .hasArg() .argName("bits") .desc("set EC bit size").build()); @@ -288,7 +287,7 @@ public class SimpleAPDU { } } - static String getPrintError(short code) { + private static String getPrintError(short code) { if (code == ISO7816.SW_NO_ERROR) { return "OK\t(0x9000)"; } else { @@ -454,7 +453,7 @@ public class SimpleAPDU { } } - public static void main(String[] args) throws FileNotFoundException, IOException { + public static void main(String[] args) throws IOException { SimpleAPDU app = new SimpleAPDU(); app.run(args); } -- cgit v1.2.3-70-g09d2 From 4debe5adb4bb486f488878e348ee7bcf386c43f2 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 17 Jan 2017 02:55:31 +0100 Subject: major changes, ECTester rewrite, moved to valid package reader: ECTester, mostly rewritten SimpleAPDU - communication with applet now done through simpler instructions: allocate, set, generate, ecdh, ecdsa - moved to a valid Java package dir cz.crcs.ectester - SimpleAPDU: renamed to ECTester - CardMngr: seamlessly supports simulation vs real card - DirtyLogger: takes a nullable String and creates file - ECTester: currently only supports key generation, curve testing under way - supports external curve setting, example files in data package - tests can be done through files, to achieve a more modular approach - Util: static utility class - ParamReader: reads curve domain parameters and keys from simple csv-like human-readable files with hex strings applet: ECTesterApplet, rewrite of SimpleECCApplet - more granularity in instructions - moved complexity over to the reader side - ECKeyGenerator: now a class that takes KeyPair as param - ECKeyTester: now a class that takes KeyPair as param - EC_Consts: removed ecsp curves(now done externally), removed unused methods - ECTesterApplet: currently only tested instructions are: allocate, set, generate data: contains several curve and pubkey files in format supported by ParamReader - Prime field curves: p,a,b,gx,gy,r,k - Binary field curves: e1,a,b,gx,gy,r,k or e1,e2,e3,a,b,gx,gy,r,k - Public key: wx,wy - Private key: s - Key: wx,wy,s - all values are hex strings --- !uploader/ectester.cap | Bin 0 -> 13349 bytes !uploader/gppro_upload.bat | 2 +- !uploader/gppro_upload.sh | 2 +- !uploader/gppro_upload_emv.bat | 2 +- !uploader/gppro_upload_emv.sh | 8 +- README.md | 6 +- build.xml | 22 + dist/ECTester.jar | Bin 0 -> 190873 bytes dist/SimpleAPDU.jar | Bin 471079 -> 0 bytes dist/lib/commons-cli-1.3.1.jar | Bin 0 -> 52988 bytes jcardsim-2.2.2-all.jar | Bin 394661 -> 0 bytes jcbuild.xml | 20 +- manifest.mf | 2 + nbproject/project.properties | 17 + src/applets/ECKeyGenerator.java | 276 --- src/applets/ECKeyTester.java | 177 -- src/applets/EC_Consts.java | 2020 -------------------- src/applets/SimpleECCApplet.java | 1026 ---------- src/cz/crcs/ectester/applet/ECKeyGenerator.java | 381 ++++ src/cz/crcs/ectester/applet/ECKeyTester.java | 184 ++ src/cz/crcs/ectester/applet/ECTesterApplet.java | 427 +++++ src/cz/crcs/ectester/applet/EC_Consts.java | 1298 +++++++++++++ src/cz/crcs/ectester/data/ecsp128.csv | 7 + src/cz/crcs/ectester/data/ecsp128_pub.csv | 2 + src/cz/crcs/ectester/data/ecsp160.csv | 7 + src/cz/crcs/ectester/data/ecsp160_pub.csv | 2 + src/cz/crcs/ectester/data/ecsp192.csv | 7 + src/cz/crcs/ectester/data/ecsp192_pub.csv | 2 + src/cz/crcs/ectester/data/ecsp224.csv | 7 + src/cz/crcs/ectester/data/ecsp224_pub.csv | 2 + src/cz/crcs/ectester/data/ecsp256.csv | 7 + src/cz/crcs/ectester/data/ecsp256_pub.csv | 2 + src/cz/crcs/ectester/data/ecsp384.csv | 7 + src/cz/crcs/ectester/data/ecsp384_pub.csv | 2 + src/cz/crcs/ectester/data/ecsp521.csv | 7 + src/cz/crcs/ectester/data/ecsp521_pub.csv | 2 + src/cz/crcs/ectester/data/secp192k1.csv | 7 + src/cz/crcs/ectester/data/secp192r1.csv | 7 + src/cz/crcs/ectester/data/secp224r1.csv | 7 + src/cz/crcs/ectester/data/secp256k1.csv | 7 + src/cz/crcs/ectester/data/secp256r1.csv | 7 + src/cz/crcs/ectester/data/secp384r1.csv | 7 + src/cz/crcs/ectester/data/secp521r1.csv | 7 + src/cz/crcs/ectester/data/sect163k1.csv | 9 + src/cz/crcs/ectester/data/sect163r1.csv | 9 + src/cz/crcs/ectester/data/sect163r2.csv | 9 + src/cz/crcs/ectester/data/sect233k1.csv | 7 + src/cz/crcs/ectester/data/sect233r1.csv | 7 + src/cz/crcs/ectester/data/sect239k1.csv | 7 + src/cz/crcs/ectester/data/sect283k1.csv | 9 + src/cz/crcs/ectester/data/sect283r1.csv | 9 + src/cz/crcs/ectester/data/sect409k1.csv | 7 + src/cz/crcs/ectester/data/sect409r1.csv | 7 + src/cz/crcs/ectester/data/sect571k1.csv | 9 + src/cz/crcs/ectester/data/sect571r1.csv | 9 + src/cz/crcs/ectester/reader/CardMngr.java | 289 +++ src/cz/crcs/ectester/reader/DirtyLogger.java | 55 + src/cz/crcs/ectester/reader/ECTester.java | 489 +++++ .../crcs/ectester/reader/ISO7816_status_words.txt | 71 + src/cz/crcs/ectester/reader/ParamReader.java | 134 ++ src/cz/crcs/ectester/reader/SimpleAPDU.java | 459 +++++ src/cz/crcs/ectester/reader/Util.java | 82 + src/simpleapdu/CardMngr.java | 260 --- src/simpleapdu/DirtyLogger.java | 48 - src/simpleapdu/ISO7816_status_words.txt | 71 - src/simpleapdu/SimpleAPDU.java | 460 ----- 66 files changed, 4141 insertions(+), 4357 deletions(-) create mode 100644 !uploader/ectester.cap create mode 100644 dist/ECTester.jar delete mode 100644 dist/SimpleAPDU.jar create mode 100644 dist/lib/commons-cli-1.3.1.jar delete mode 100644 jcardsim-2.2.2-all.jar delete mode 100644 src/applets/ECKeyGenerator.java delete mode 100644 src/applets/ECKeyTester.java delete mode 100644 src/applets/EC_Consts.java delete mode 100644 src/applets/SimpleECCApplet.java create mode 100644 src/cz/crcs/ectester/applet/ECKeyGenerator.java create mode 100644 src/cz/crcs/ectester/applet/ECKeyTester.java create mode 100644 src/cz/crcs/ectester/applet/ECTesterApplet.java create mode 100644 src/cz/crcs/ectester/applet/EC_Consts.java create mode 100644 src/cz/crcs/ectester/data/ecsp128.csv create mode 100644 src/cz/crcs/ectester/data/ecsp128_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp160.csv create mode 100644 src/cz/crcs/ectester/data/ecsp160_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp192.csv create mode 100644 src/cz/crcs/ectester/data/ecsp192_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp224.csv create mode 100644 src/cz/crcs/ectester/data/ecsp224_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp256.csv create mode 100644 src/cz/crcs/ectester/data/ecsp256_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp384.csv create mode 100644 src/cz/crcs/ectester/data/ecsp384_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp521.csv create mode 100644 src/cz/crcs/ectester/data/ecsp521_pub.csv create mode 100644 src/cz/crcs/ectester/data/secp192k1.csv create mode 100644 src/cz/crcs/ectester/data/secp192r1.csv create mode 100644 src/cz/crcs/ectester/data/secp224r1.csv create mode 100644 src/cz/crcs/ectester/data/secp256k1.csv create mode 100644 src/cz/crcs/ectester/data/secp256r1.csv create mode 100644 src/cz/crcs/ectester/data/secp384r1.csv create mode 100644 src/cz/crcs/ectester/data/secp521r1.csv create mode 100644 src/cz/crcs/ectester/data/sect163k1.csv create mode 100644 src/cz/crcs/ectester/data/sect163r1.csv create mode 100644 src/cz/crcs/ectester/data/sect163r2.csv create mode 100644 src/cz/crcs/ectester/data/sect233k1.csv create mode 100644 src/cz/crcs/ectester/data/sect233r1.csv create mode 100644 src/cz/crcs/ectester/data/sect239k1.csv create mode 100644 src/cz/crcs/ectester/data/sect283k1.csv create mode 100644 src/cz/crcs/ectester/data/sect283r1.csv create mode 100644 src/cz/crcs/ectester/data/sect409k1.csv create mode 100644 src/cz/crcs/ectester/data/sect409r1.csv create mode 100644 src/cz/crcs/ectester/data/sect571k1.csv create mode 100644 src/cz/crcs/ectester/data/sect571r1.csv create mode 100644 src/cz/crcs/ectester/reader/CardMngr.java create mode 100644 src/cz/crcs/ectester/reader/DirtyLogger.java create mode 100644 src/cz/crcs/ectester/reader/ECTester.java create mode 100644 src/cz/crcs/ectester/reader/ISO7816_status_words.txt create mode 100644 src/cz/crcs/ectester/reader/ParamReader.java create mode 100644 src/cz/crcs/ectester/reader/SimpleAPDU.java create mode 100644 src/cz/crcs/ectester/reader/Util.java delete mode 100644 src/simpleapdu/CardMngr.java delete mode 100644 src/simpleapdu/DirtyLogger.java delete mode 100644 src/simpleapdu/ISO7816_status_words.txt delete mode 100644 src/simpleapdu/SimpleAPDU.java diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap new file mode 100644 index 0000000..f829de4 Binary files /dev/null and b/!uploader/ectester.cap differ diff --git a/!uploader/gppro_upload.bat b/!uploader/gppro_upload.bat index 0dd7864..cbfd5ae 100644 --- a/!uploader/gppro_upload.bat +++ b/!uploader/gppro_upload.bat @@ -1,6 +1,6 @@ gp.exe -delete 4543546573746572 -deletedeps -verbose gp.exe -deletedeps -verbose -delete 4A43416C6754657374 -gp.exe -install simpleECC.cap -verbose +gp.exe -install ectester.cap -verbose diff --git a/!uploader/gppro_upload.sh b/!uploader/gppro_upload.sh index faeaf24..47c7c97 100755 --- a/!uploader/gppro_upload.sh +++ b/!uploader/gppro_upload.sh @@ -2,6 +2,6 @@ java -jar gp.jar -delete 4543546573746572 -deletedeps -verbose java -jar gp.jar -deletedeps -verbose -delete 4A43416C6754657374 -java -jar gp.jar -install simpleECC.cap -verbose +java -jar gp.jar -install ectester.cap -verbose diff --git a/!uploader/gppro_upload_emv.bat b/!uploader/gppro_upload_emv.bat index a9b0b9c..737f8ac 100644 --- a/!uploader/gppro_upload_emv.bat +++ b/!uploader/gppro_upload_emv.bat @@ -3,6 +3,6 @@ gp.exe -deletedeps -verbose -emv -delete 4A43416C6754657374 gp.exe -deletedeps -verbose -emv -delete 4543546573746572 -gp.exe -install simpleECC.cap -verbose -emv -d +gp.exe -install ectester.cap -verbose -emv -d diff --git a/!uploader/gppro_upload_emv.sh b/!uploader/gppro_upload_emv.sh index 9a51cd9..8f0c994 100755 --- a/!uploader/gppro_upload_emv.sh +++ b/!uploader/gppro_upload_emv.sh @@ -1,8 +1,8 @@ -java -jar gp.jar -deletedeps -verbose -emv -delete 4C6162616B417070 -java -jar gp.jar -deletedeps -verbose -emv -delete 4A43416C6754657374 -java -jar gp.jar -deletedeps -verbose -emv -delete 4543546573746572 +java -jar gp.jar --deletedeps --verbose -emv --delete 4C6162616B417070 +java -jar gp.jar --deletedeps --verbose -emv --delete 4A43416C6754657374 +java -jar gp.jar --deletedeps --verbose -emv --delete 4543546573746572 -java -jar gp.jar -install simpleECC.cap -verbose -emv -d +java -jar gp.jar --install ectester.cap --verbose --emv -d diff --git a/README.md b/README.md index ad76fc1..c877a46 100644 --- a/README.md +++ b/README.md @@ -5,8 +5,8 @@ Tests support and behavior of smartcards with JavaCard platform with focus on El Usage ------ -1. Upload simpleECC.cap using your favorite tool (e.g., [GlobalPlatformPro tool](https://github.com/martinpaljak/GlobalPlatform)) -2. Run `java -jar SimpleAPDU.jar` +1. Upload ectester.cap using your favorite tool (e.g., [GlobalPlatformPro tool](https://github.com/martinpaljak/GlobalPlatform)) +2. Run `java -jar ectester.jar` 3. Inspect output log with annotated results Following operations are tested: @@ -17,7 +17,7 @@ Following operations are tested: - Signature via ECDSA - Behavior of card when invalid curves/points are provided (should fail) -See `java -jar SimpleAPDU.jar -h` for more. +See `java -jar ectester.jar -h` for more. Example output -------------- diff --git a/build.xml b/build.xml index d788ca5..1fd4fcd 100644 --- a/build.xml +++ b/build.xml @@ -70,4 +70,26 @@ nbproject/build-impl.xml file. --> + diff --git a/dist/ECTester.jar b/dist/ECTester.jar new file mode 100644 index 0000000..2c14e00 Binary files /dev/null and b/dist/ECTester.jar differ diff --git a/dist/SimpleAPDU.jar b/dist/SimpleAPDU.jar deleted file mode 100644 index be5599a..0000000 Binary files a/dist/SimpleAPDU.jar and /dev/null differ diff --git a/dist/lib/commons-cli-1.3.1.jar b/dist/lib/commons-cli-1.3.1.jar new file mode 100644 index 0000000..c3e7a1f Binary files /dev/null and b/dist/lib/commons-cli-1.3.1.jar differ diff --git a/jcardsim-2.2.2-all.jar b/jcardsim-2.2.2-all.jar deleted file mode 100644 index 0ac10c0..0000000 Binary files a/jcardsim-2.2.2-all.jar and /dev/null differ diff --git a/jcbuild.xml b/jcbuild.xml index 70d5370..9b1dabb 100644 --- a/jcbuild.xml +++ b/jcbuild.xml @@ -1,5 +1,5 @@ - + @@ -10,15 +10,17 @@ - - - - - + + - - + + - + + + + + + diff --git a/manifest.mf b/manifest.mf index 328e8e5..32571b3 100644 --- a/manifest.mf +++ b/manifest.mf @@ -1,3 +1,5 @@ Manifest-Version: 1.0 X-COMMENT: Main-Class will be added automatically by build +Class-Path: lib/jcardsim-2.2.2-all.jar lib/commons-cli-1.3.1.jar +Main-Class: cz.crcs.ectester.reader.ECTester diff --git a/nbproject/project.properties b/nbproject/project.properties index 49b2ea6..41e7d89 100644 --- a/nbproject/project.properties +++ b/nbproject/project.properties @@ -25,6 +25,7 @@ debug.test.classpath=\ dist.archive.excludes= # This directory is removed when the project is cleaned: dist.dir=dist +<<<<<<< HEAD dist.jar=${dist.dir}/SimpleAPDU.jar dist.javadoc.dir=${dist.dir}/javadoc endorsed.classpath= @@ -33,6 +34,18 @@ includes=** jar.compress=false javac.classpath=\ ${libs.JCardSim2.2.classpath} +======= +dist.jar=${dist.dir}/ECTester.jar +dist.javadoc.dir=${dist.dir}/javadoc +endorsed.classpath= +#TODO remove SimpleAPDU when replaced with ECtester,java +excludes=**/SimpleAPDU.java +includes=** +jar.compress=false +javac.classpath=\ + lib/jcardsim-2.2.2-all.jar:\ + lib/commons-cli-1.3.1.jar +>>>>>>> 14b5b42... major changes, ECTester rewrite, moved to valid package # Space-separated list of extra javac options javac.compilerargs= javac.deprecation=false @@ -56,7 +69,11 @@ javadoc.splitindex=true javadoc.use=true javadoc.version=false javadoc.windowtitle= +<<<<<<< HEAD main.class=simpleapdu.SimpleAPDU +======= +main.class=cz.crcs.ectester.reader.ECTester +>>>>>>> 14b5b42... major changes, ECTester rewrite, moved to valid package manifest.file=manifest.mf meta.inf.dir=${src.dir}/META-INF mkdist.disabled=false diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java deleted file mode 100644 index 2eb5679..0000000 --- a/src/applets/ECKeyGenerator.java +++ /dev/null @@ -1,276 +0,0 @@ -package applets; - -import javacard.framework.ISO7816; -import javacard.framework.ISOException; -import javacard.framework.Util; -import javacard.security.CryptoException; -import javacard.security.ECPrivateKey; -import javacard.security.ECPublicKey; -import javacard.security.KeyPair; - -/** - * - */ -public class ECKeyGenerator { - - private KeyPair ecKeyPair = null; - private ECPrivateKey ecPrivateKey = null; - private ECPublicKey ecPublicKey = null; - - public static final byte KEY_PUBLIC = 0x01; - public static final byte KEY_PRIVATE = 0x02; - public static final byte KEY_BOTH = KEY_PUBLIC | KEY_PRIVATE; - - - public short allocatePair(byte keyClass, short keyLength) { - short result = ISO7816.SW_NO_ERROR; - try { - ecKeyPair = new KeyPair(keyClass, keyLength); - ecPublicKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public boolean isAllocated() { - return ecKeyPair != null; - } - - public short generatePair() { - short result = ISO7816.SW_NO_ERROR; - try { - ecKeyPair.genKeyPair(); - ecPublicKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public short setCustomCurve(byte keyClass, short keyLength, byte[] buffer, short offset) { - return setCustomCurve(EC_Consts.getCurve(keyClass, keyLength), buffer, offset); - } - - public short setCustomCurve(byte curve, byte[] buffer, short offset) { - byte alg = EC_Consts.getCurveType(curve); - short sw = ISO7816.SW_NO_ERROR; - short length; - if (alg == KeyPair.ALG_EC_FP) { - length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_FP, buffer, offset); - sw = setParameter(KEY_BOTH, EC_Consts.PARAMETER_FP, buffer, offset, length); - } else if (alg == KeyPair.ALG_EC_F2M) { - length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_F2M, buffer, offset); - sw = setParameter(KEY_BOTH, EC_Consts.PARAMETER_F2M, buffer, offset, length); - } - if (sw != ISO7816.SW_NO_ERROR) return sw; - - //go through all params - short param = EC_Consts.PARAMETER_A; - while (param <= EC_Consts.PARAMETER_K) { - length = EC_Consts.getCurveParameter(curve, param, buffer, offset); - sw = setParameter(KEY_BOTH, param, buffer, offset, length); - if (sw != ISO7816.SW_NO_ERROR) break; - param = (short) (param << 1); - } - return sw; - } - - public short setCustomInvalidCurve(short keyClass, short keyLength, byte key, short param, short corruptionType, byte[] buffer, short offset) { - return setCustomInvalidCurve(EC_Consts.getCurve(keyClass, keyLength), key, param, corruptionType, buffer, offset); - } - - public short setCustomInvalidCurve(byte curve, byte key, short param, short corruptionType, byte[] buffer, short offset) { - short sw = setCustomCurve(curve, buffer, offset); - if (sw != ISO7816.SW_NO_ERROR) return sw; - - //go through param bit by bit, and invalidate all selected params - short paramMask = 0x01; - while (paramMask <= EC_Consts.PARAMETER_K) { - short masked = (short) (paramMask & param); - if (masked != 0) { - short length = EC_Consts.getCorruptCurveParameter(curve, masked, buffer, offset, corruptionType); - sw = setParameter(key, masked, buffer, offset, length); - if (sw != ISO7816.SW_NO_ERROR) return sw; - } - paramMask = (short) (paramMask << 1); - } - return sw; - } - - public short setCustomAnomalousCurve(short keyClass, short keyLength, byte[] buffer, short offset) { - return setCustomCurve(EC_Consts.getAnomalousCurve(keyClass, keyLength), buffer, offset); - } - - public short setParameter(byte key, short param, byte[] data, short offset, short length) { - short result = ISO7816.SW_NO_ERROR; - try { - switch (param) { - case EC_Consts.PARAMETER_FP: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); - break; - } - case EC_Consts.PARAMETER_F2M: { - if (length == 2) { - short i = Util.makeShort(data[offset], data[(short) (offset + 1)]); - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); - } else if (length == 6) { - short i1 = Util.makeShort(data[offset], data[(short) (offset + 1)]); - short i2 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); - short i3 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); - } else { - result = ISO7816.SW_UNKNOWN; - } - break; - } - case EC_Consts.PARAMETER_A: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setA(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setA(data, offset, length); - break; - } - case EC_Consts.PARAMETER_B: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setB(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setB(data, offset, length); - break; - } - case EC_Consts.PARAMETER_G: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setG(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setG(data, offset, length); - break; - } - case EC_Consts.PARAMETER_R: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setR(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setR(data, offset, length); - break; - } - case EC_Consts.PARAMETER_K: { - if (length != 2) { - result = ISO7816.SW_UNKNOWN; - } else { - short k = Util.getShort(data, offset); - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setK(k); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setK(k); - } - break; - } - case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); - break; - case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); - break; - default: { - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public short setExternalCurve(byte key, byte keyClass, byte[] buffer, short offset, short fieldLength, short aLength, short bLength, short gxLength, short gyLength, short rLength) { - short sw = ISO7816.SW_NO_ERROR; - if (keyClass == KeyPair.ALG_EC_FP) { - sw = setParameter(key, EC_Consts.PARAMETER_FP, buffer, offset, fieldLength); - } else if (keyClass == KeyPair.ALG_EC_F2M) { - sw = setParameter(key, EC_Consts.PARAMETER_F2M, buffer, offset, fieldLength); - } - if (sw != ISO7816.SW_NO_ERROR) return sw; - - offset += fieldLength; - - //go through all params - sw = setParameter(key, EC_Consts.PARAMETER_A, buffer, offset, aLength); - if (sw != ISO7816.SW_NO_ERROR) return sw; - offset += aLength; - sw = setParameter(key, EC_Consts.PARAMETER_B, buffer, offset, bLength); - if (sw != ISO7816.SW_NO_ERROR) return sw; - offset += bLength; - - sw = setParameter(key, EC_Consts.PARAMETER_G, buffer, offset, (short) (gxLength + gyLength)); - if (sw != ISO7816.SW_NO_ERROR) return sw; - offset += gxLength + gyLength; - - - sw = setParameter(key, EC_Consts.PARAMETER_R, buffer, offset, aLength); - if (sw != ISO7816.SW_NO_ERROR) return sw; - offset += rLength; - - sw = setParameter(key, EC_Consts.PARAMETER_K, buffer, offset, (short) 2); - return sw; - } - - public short exportParameter(byte key, short param, byte[] outputBuffer, short outputOffset) { - if (key == KEY_BOTH) { - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - short length = 0; - try { - switch (param) { - case EC_Consts.PARAMETER_FP: - case EC_Consts.PARAMETER_F2M: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getField(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_A: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getA(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getA(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_B: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getB(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getB(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_G: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getG(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getG(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_R: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getR(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getR(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_K: - if ((key & KEY_PUBLIC) != 0) Util.setShort(outputBuffer, outputOffset, ecPublicKey.getK()); - if ((key & KEY_PRIVATE) != 0) Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK()); - length = 2; - break; - case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset); - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } catch (CryptoException ce) { - ISOException.throwIt(ce.getReason()); - } catch (Exception e) { - ISOException.throwIt(ISO7816.SW_UNKNOWN); - } - return length; - } - - public ECPrivateKey getPrivateKey() { - return ecPrivateKey; - } - - public ECPublicKey getPublicKey() { - return ecPublicKey; - } - - public KeyPair getKeyPair() { - return ecKeyPair; - } -} diff --git a/src/applets/ECKeyTester.java b/src/applets/ECKeyTester.java deleted file mode 100644 index 9dd0fd5..0000000 --- a/src/applets/ECKeyTester.java +++ /dev/null @@ -1,177 +0,0 @@ -package applets; - - -import javacard.framework.ISO7816; -import javacard.security.*; - -/** - * Class capable of testing ECDH/C and ECDSA. - * Note that ECDH and ECDHC output should equal, only the algorithm is different. - */ -public class ECKeyTester { - private KeyAgreement ecdhKeyAgreement = null; - private KeyAgreement ecdhcKeyAgreement = null; - private Signature ecdsaSignature = null; - - public short allocateECDH() { - short result = ISO7816.SW_NO_ERROR; - try { - ecdhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public short allocateECDHC() { - short result = ISO7816.SW_NO_ERROR; - try { - ecdhcKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DHC, false); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public short allocateECDSA() { - short result = ISO7816.SW_NO_ERROR; - try { - ecdsaSignature = Signature.getInstance(Signature.ALG_ECDSA_SHA, false); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - private short testKA(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - short result = ISO7816.SW_NO_ERROR; - try { - ka.init(privateKey); - - short secretLength = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - //TODO, figure out how to separate the return value of this method (short) error, and return the secretLenght.. - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - private short testKA_validPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - return testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - } - - private short testKA_invalidPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - pubkeyBuffer[(short)(pubkeyLength - 2)] += 0xcc; - pubkeyBuffer[(short)(pubkeyLength - 3)] += 0xcc; - short result = testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - pubkeyBuffer[(short)(pubkeyLength - 2)] -= 0xcc; - pubkeyBuffer[(short)(pubkeyLength - 3)] -= 0xcc; - return result; - } - - public short testECDH(ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - } - - /** - * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}. - * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. - * Output should equal with ECDHC output. - * @param privateKey - * @param publicKey - * @param pubkeyBuffer - * @param pubkeyOffset - * @param outputBuffer - * @param outputOffset - * @return ISO7816.SW_NO_ERROR on correct operation, - * exception reason otherwise - **/ - public short testECDH_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_validPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - public short testECDH_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_invalidPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - - /** - * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}. - * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. - * Output should equal to ECDH output. - * @param privateKey - * @param publicKey - * @param pubkeyBuffer - * @param pubkeyOffset - * @param outputBuffer - * @param outputOffset - * @return ISO7816.SW_NO_ERROR on correct operation, - * exception reason otherwise - */ - public short testECDHC_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_validPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - public short testECDHC_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_invalidPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - /** - * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. - * Then checks for correct signature length. - * Then tries verifying the data with {@code verifyKey}. - * @param signKey - * @param verifyKey - * @param inputBuffer - * @param inputOffset - * @param inputLength - * @param sigBuffer - * @param sigOffset - * @return ISO7816.SW_NO_ERROR on correct operation, - * SW_SIG_VERIFY_FAIL, - * SW_SIG_LENGTH_MISMATCH - */ - public short testECDSA(ECPrivateKey signKey, ECPublicKey verifyKey, byte[] inputBuffer, short inputOffset, short inputLength, byte[] sigBuffer, short sigOffset) { - short result = ISO7816.SW_NO_ERROR; - try { - ecdsaSignature.init(signKey, Signature.MODE_SIGN); - short sigLength = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset); - - ecdsaSignature.init(verifyKey, Signature.MODE_VERIFY); - boolean correct = ecdsaSignature.verify(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset, sigLength); - if (!correct) { - result = SimpleECCApplet.SW_SIG_VERIFY_FAIL; - } - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public KeyAgreement getECDH() { - return ecdhKeyAgreement; - } - - public KeyAgreement getECDHC() { - return ecdhcKeyAgreement; - } - - public Signature getECDSA() { - return ecdsaSignature; - } - -} diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java deleted file mode 100644 index d1f6842..0000000 --- a/src/applets/EC_Consts.java +++ /dev/null @@ -1,2020 +0,0 @@ -package applets; - -import javacard.framework.ISO7816; -import javacard.framework.ISOException; -import javacard.framework.Util; -import javacard.security.KeyPair; -import javacard.security.RandomData; - -public class EC_Consts { - - private static byte[] EC_FP_P = null; //p - private static byte[] EC_A = null; //a - private static byte[] EC_B = null; //b - private static byte[] EC_G_X = null; //G[x,y] - private static byte[] EC_G_Y = null; // - private static byte[] EC_R = null; //n - private static short EC_K = 1; //h - - private static byte[] EC_W_X = null; //Pubkey[x,y] - private static byte[] EC_W_Y = null; - private static byte[] EC_S = null; //Private - - private static byte[] EC_F2M_F2M = null; //[short i1, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 - - public static final short PARAMETER_FP = 0x0001; - public static final short PARAMETER_F2M = 0x0002; - - public static final short PARAMETER_A = 0x0004; - public static final short PARAMETER_B = 0x0008; - public static final short PARAMETER_G = 0x0010; - public static final short PARAMETER_R = 0x0020; - public static final short PARAMETER_K = 0x0040; - public static final short PARAMETER_S = 0x0080; - public static final short PARAMETER_W = 0x0100; - - public static RandomData m_random = null; - - public static final byte TAG_ECPUBKEY = (byte) 0x41; - public static final byte TAG_ECPRIVKEY = (byte) 0x42; - - - // secp128r1 - public static final byte[] EC128_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - - public static final byte[] EC128_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - - public static final byte[] EC128_FP_B = new byte[]{ - (byte) 0xE8, (byte) 0x75, (byte) 0x79, (byte) 0xC1, - (byte) 0x10, (byte) 0x79, (byte) 0xF4, (byte) 0x3D, - (byte) 0xD8, (byte) 0x24, (byte) 0x99, (byte) 0x3C, - (byte) 0x2C, (byte) 0xEE, (byte) 0x5E, (byte) 0xD3}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC128_FP_G_X = new byte[]{ - (byte) 0x16, (byte) 0x1F, (byte) 0xF7, (byte) 0x52, - (byte) 0x8B, (byte) 0x89, (byte) 0x9B, (byte) 0x2D, - (byte) 0x0C, (byte) 0x28, (byte) 0x60, (byte) 0x7C, - (byte) 0xA5, (byte) 0x2C, (byte) 0x5B, (byte) 0x86}; - - // second part of G uncompressed - public static final byte[] EC128_FP_G_Y = new byte[]{ - (byte) 0xCF, (byte) 0x5A, (byte) 0xC8, (byte) 0x39, - (byte) 0x5B, (byte) 0xAF, (byte) 0xEB, (byte) 0x13, - (byte) 0xC0, (byte) 0x2D, (byte) 0xA2, (byte) 0x92, - (byte) 0xDD, (byte) 0xED, (byte) 0x7A, (byte) 0x83}; - // Order of G - public static final byte[] EC128_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x75, (byte) 0xA3, (byte) 0x0D, (byte) 0x1B, - (byte) 0x90, (byte) 0x38, (byte) 0xA1, (byte) 0x15}; - // cofactor of G - public static final short EC128_FP_K = 1; - - // secp160r1 - public static final byte[] EC160_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - - public static final byte[] EC160_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - - public static final byte[] EC160_FP_B = new byte[]{ - (byte) 0x1C, (byte) 0x97, (byte) 0xBE, (byte) 0xFC, - (byte) 0x54, (byte) 0xBD, (byte) 0x7A, (byte) 0x8B, - (byte) 0x65, (byte) 0xAC, (byte) 0xF8, (byte) 0x9F, - (byte) 0x81, (byte) 0xD4, (byte) 0xD4, (byte) 0xAD, - (byte) 0xC5, (byte) 0x65, (byte) 0xFA, (byte) 0x45}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC160_FP_G_X = new byte[]{ - (byte) 0x4A, (byte) 0x96, (byte) 0xB5, (byte) 0x68, - (byte) 0x8E, (byte) 0xF5, (byte) 0x73, (byte) 0x28, - (byte) 0x46, (byte) 0x64, (byte) 0x69, (byte) 0x89, - (byte) 0x68, (byte) 0xC3, (byte) 0x8B, (byte) 0xB9, - (byte) 0x13, (byte) 0xCB, (byte) 0xFC, (byte) 0x82}; - - // second part of G uncompressed - public static final byte[] EC160_FP_G_Y = new byte[]{ - (byte) 0x23, (byte) 0xA6, (byte) 0x28, (byte) 0x55, - (byte) 0x31, (byte) 0x68, (byte) 0x94, (byte) 0x7D, - (byte) 0x59, (byte) 0xDC, (byte) 0xC9, (byte) 0x12, - (byte) 0x04, (byte) 0x23, (byte) 0x51, (byte) 0x37, - (byte) 0x7A, (byte) 0xC5, (byte) 0xFB, (byte) 0x32}; - // Order of G - public static final byte[] EC160_FP_R = new byte[]{ - (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x01, (byte) 0xF4, (byte) 0xC8, - (byte) 0xF9, (byte) 0x27, (byte) 0xAE, (byte) 0xD3, - (byte) 0xCA, (byte) 0x75, (byte) 0x22, (byte) 0x57}; - // cofactor of G - public static final short EC160_FP_K = 1; - - - // secp192r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC192_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - public static final byte[] EC192_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - public static final byte[] EC192_FP_B = new byte[]{ - (byte) 0x64, (byte) 0x21, (byte) 0x05, (byte) 0x19, - (byte) 0xE5, (byte) 0x9C, (byte) 0x80, (byte) 0xE7, - (byte) 0x0F, (byte) 0xA7, (byte) 0xE9, (byte) 0xAB, - (byte) 0x72, (byte) 0x24, (byte) 0x30, (byte) 0x49, - (byte) 0xFE, (byte) 0xB8, (byte) 0xDE, (byte) 0xEC, - (byte) 0xC1, (byte) 0x46, (byte) 0xB9, (byte) 0xB1}; - // G in compressed form / first part of ucompressed - public static final byte[] EC192_FP_G_X = new byte[]{ - (byte) 0x18, (byte) 0x8D, (byte) 0xA8, (byte) 0x0E, - (byte) 0xB0, (byte) 0x30, (byte) 0x90, (byte) 0xF6, - (byte) 0x7C, (byte) 0xBF, (byte) 0x20, (byte) 0xEB, - (byte) 0x43, (byte) 0xA1, (byte) 0x88, (byte) 0x00, - (byte) 0xF4, (byte) 0xFF, (byte) 0x0A, (byte) 0xFD, - (byte) 0x82, (byte) 0xFF, (byte) 0x10, (byte) 0x12}; - // second part of G uncompressed - public static final byte[] EC192_FP_G_Y = new byte[]{ - (byte) 0x07, (byte) 0x19, (byte) 0x2B, (byte) 0x95, - (byte) 0xFF, (byte) 0xC8, (byte) 0xDA, (byte) 0x78, - (byte) 0x63, (byte) 0x10, (byte) 0x11, (byte) 0xED, - (byte) 0x6B, (byte) 0x24, (byte) 0xCD, (byte) 0xD5, - (byte) 0x73, (byte) 0xF9, (byte) 0x77, (byte) 0xA1, - (byte) 0x1E, (byte) 0x79, (byte) 0x48, (byte) 0x11}; - // Order of G - public static final byte[] EC192_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x99, (byte) 0xDE, (byte) 0xF8, (byte) 0x36, - (byte) 0x14, (byte) 0x6B, (byte) 0xC9, (byte) 0xB1, - (byte) 0xB4, (byte) 0xD2, (byte) 0x28, (byte) 0x31}; - // cofactor of G - public static final short EC192_FP_K = 1; - - // secp224r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC224_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01}; - - public static final byte[] EC224_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE}; - - public static final byte[] EC224_FP_B = new byte[]{ - (byte) 0xB4, (byte) 0x05, (byte) 0x0A, (byte) 0x85, - (byte) 0x0C, (byte) 0x04, (byte) 0xB3, (byte) 0xAB, - (byte) 0xF5, (byte) 0x41, (byte) 0x32, (byte) 0x56, - (byte) 0x50, (byte) 0x44, (byte) 0xB0, (byte) 0xB7, - (byte) 0xD7, (byte) 0xBF, (byte) 0xD8, (byte) 0xBA, - (byte) 0x27, (byte) 0x0B, (byte) 0x39, (byte) 0x43, - (byte) 0x23, (byte) 0x55, (byte) 0xFF, (byte) 0xB4}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC224_FP_G_X = new byte[]{ - (byte) 0xB7, (byte) 0x0E, (byte) 0x0C, (byte) 0xBD, - (byte) 0x6B, (byte) 0xB4, (byte) 0xBF, (byte) 0x7F, - (byte) 0x32, (byte) 0x13, (byte) 0x90, (byte) 0xB9, - (byte) 0x4A, (byte) 0x03, (byte) 0xC1, (byte) 0xD3, - (byte) 0x56, (byte) 0xC2, (byte) 0x11, (byte) 0x22, - (byte) 0x34, (byte) 0x32, (byte) 0x80, (byte) 0xD6, - (byte) 0x11, (byte) 0x5C, (byte) 0x1D, (byte) 0x21}; - // second part of G uncompressed - public static final byte[] EC224_FP_G_Y = new byte[]{ - (byte) 0xBD, (byte) 0x37, (byte) 0x63, (byte) 0x88, - (byte) 0xB5, (byte) 0xF7, (byte) 0x23, (byte) 0xFB, - (byte) 0x4C, (byte) 0x22, (byte) 0xDF, (byte) 0xE6, - (byte) 0xCD, (byte) 0x43, (byte) 0x75, (byte) 0xA0, - (byte) 0x5A, (byte) 0x07, (byte) 0x47, (byte) 0x64, - (byte) 0x44, (byte) 0xD5, (byte) 0x81, (byte) 0x99, - (byte) 0x85, (byte) 0x00, (byte) 0x7E, (byte) 0x34}; - // Order of G - public static final byte[] EC224_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0x16, (byte) 0xA2, - (byte) 0xE0, (byte) 0xB8, (byte) 0xF0, (byte) 0x3E, - (byte) 0x13, (byte) 0xDD, (byte) 0x29, (byte) 0x45, - (byte) 0x5C, (byte) 0x5C, (byte) 0x2A, (byte) 0x3D}; - // cofactor of G - public static final short EC224_FP_K = 1; - - // secp256r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC256_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - public static final byte[] EC256_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - public static final byte[] EC256_FP_B = new byte[]{ - (byte) 0x5A, (byte) 0xC6, (byte) 0x35, (byte) 0xD8, - (byte) 0xAA, (byte) 0x3A, (byte) 0x93, (byte) 0xE7, - (byte) 0xB3, (byte) 0xEB, (byte) 0xBD, (byte) 0x55, - (byte) 0x76, (byte) 0x98, (byte) 0x86, (byte) 0xBC, - (byte) 0x65, (byte) 0x1D, (byte) 0x06, (byte) 0xB0, - (byte) 0xCC, (byte) 0x53, (byte) 0xB0, (byte) 0xF6, - (byte) 0x3B, (byte) 0xCE, (byte) 0x3C, (byte) 0x3E, - (byte) 0x27, (byte) 0xD2, (byte) 0x60, (byte) 0x4B}; - // G in compressed form / first part of ucompressed - public static final byte[] EC256_FP_G_X = new byte[]{ - (byte) 0x6B, (byte) 0x17, (byte) 0xD1, (byte) 0xF2, - (byte) 0xE1, (byte) 0x2C, (byte) 0x42, (byte) 0x47, - (byte) 0xF8, (byte) 0xBC, (byte) 0xE6, (byte) 0xE5, - (byte) 0x63, (byte) 0xA4, (byte) 0x40, (byte) 0xF2, - (byte) 0x77, (byte) 0x03, (byte) 0x7D, (byte) 0x81, - (byte) 0x2D, (byte) 0xEB, (byte) 0x33, (byte) 0xA0, - (byte) 0xF4, (byte) 0xA1, (byte) 0x39, (byte) 0x45, - (byte) 0xD8, (byte) 0x98, (byte) 0xC2, (byte) 0x96}; - // second part of G uncompressed - public static final byte[] EC256_FP_G_Y = new byte[]{ - (byte) 0x4F, (byte) 0xE3, (byte) 0x42, (byte) 0xE2, - (byte) 0xFE, (byte) 0x1A, (byte) 0x7F, (byte) 0x9B, - (byte) 0x8E, (byte) 0xE7, (byte) 0xEB, (byte) 0x4A, - (byte) 0x7C, (byte) 0x0F, (byte) 0x9E, (byte) 0x16, - (byte) 0x2B, (byte) 0xCE, (byte) 0x33, (byte) 0x57, - (byte) 0x6B, (byte) 0x31, (byte) 0x5E, (byte) 0xCE, - (byte) 0xCB, (byte) 0xB6, (byte) 0x40, (byte) 0x68, - (byte) 0x37, (byte) 0xBF, (byte) 0x51, (byte) 0xF5}; - // Order of G - public static final byte[] EC256_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xBC, (byte) 0xE6, (byte) 0xFA, (byte) 0xAD, - (byte) 0xA7, (byte) 0x17, (byte) 0x9E, (byte) 0x84, - (byte) 0xF3, (byte) 0xB9, (byte) 0xCA, (byte) 0xC2, - (byte) 0xFC, (byte) 0x63, (byte) 0x25, (byte) 0x51}; - // cofactor of G - public static final short EC256_FP_K = 1; - - // secp384r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC384_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - - public static final byte[] EC384_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - - public static final byte[] EC384_FP_B = new byte[]{ - (byte) 0xB3, (byte) 0x31, (byte) 0x2F, (byte) 0xA7, - (byte) 0xE2, (byte) 0x3E, (byte) 0xE7, (byte) 0xE4, - (byte) 0x98, (byte) 0x8E, (byte) 0x05, (byte) 0x6B, - (byte) 0xE3, (byte) 0xF8, (byte) 0x2D, (byte) 0x19, - (byte) 0x18, (byte) 0x1D, (byte) 0x9C, (byte) 0x6E, - (byte) 0xFE, (byte) 0x81, (byte) 0x41, (byte) 0x12, - (byte) 0x03, (byte) 0x14, (byte) 0x08, (byte) 0x8F, - (byte) 0x50, (byte) 0x13, (byte) 0x87, (byte) 0x5A, - (byte) 0xC6, (byte) 0x56, (byte) 0x39, (byte) 0x8D, - (byte) 0x8A, (byte) 0x2E, (byte) 0xD1, (byte) 0x9D, - (byte) 0x2A, (byte) 0x85, (byte) 0xC8, (byte) 0xED, - (byte) 0xD3, (byte) 0xEC, (byte) 0x2A, (byte) 0xEF}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC384_FP_G_X = new byte[]{ - (byte) 0xAA, (byte) 0x87, (byte) 0xCA, (byte) 0x22, - (byte) 0xBE, (byte) 0x8B, (byte) 0x05, (byte) 0x37, - (byte) 0x8E, (byte) 0xB1, (byte) 0xC7, (byte) 0x1E, - (byte) 0xF3, (byte) 0x20, (byte) 0xAD, (byte) 0x74, - (byte) 0x6E, (byte) 0x1D, (byte) 0x3B, (byte) 0x62, - (byte) 0x8B, (byte) 0xA7, (byte) 0x9B, (byte) 0x98, - (byte) 0x59, (byte) 0xF7, (byte) 0x41, (byte) 0xE0, - (byte) 0x82, (byte) 0x54, (byte) 0x2A, (byte) 0x38, - (byte) 0x55, (byte) 0x02, (byte) 0xF2, (byte) 0x5D, - (byte) 0xBF, (byte) 0x55, (byte) 0x29, (byte) 0x6C, - (byte) 0x3A, (byte) 0x54, (byte) 0x5E, (byte) 0x38, - (byte) 0x72, (byte) 0x76, (byte) 0x0A, (byte) 0xB7}; - // second part of G uncompressed - public static final byte[] EC384_FP_G_Y = new byte[]{ - (byte) 0x36, (byte) 0x17, (byte) 0xDE, (byte) 0x4A, - (byte) 0x96, (byte) 0x26, (byte) 0x2C, (byte) 0x6F, - (byte) 0x5D, (byte) 0x9E, (byte) 0x98, (byte) 0xBF, - (byte) 0x92, (byte) 0x92, (byte) 0xDC, (byte) 0x29, - (byte) 0xF8, (byte) 0xF4, (byte) 0x1D, (byte) 0xBD, - (byte) 0x28, (byte) 0x9A, (byte) 0x14, (byte) 0x7C, - (byte) 0xE9, (byte) 0xDA, (byte) 0x31, (byte) 0x13, - (byte) 0xB5, (byte) 0xF0, (byte) 0xB8, (byte) 0xC0, - (byte) 0x0A, (byte) 0x60, (byte) 0xB1, (byte) 0xCE, - (byte) 0x1D, (byte) 0x7E, (byte) 0x81, (byte) 0x9D, - (byte) 0x7A, (byte) 0x43, (byte) 0x1D, (byte) 0x7C, - (byte) 0x90, (byte) 0xEA, (byte) 0x0E, (byte) 0x5F}; - - // Order of G - public static final byte[] EC384_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xC7, (byte) 0x63, (byte) 0x4D, (byte) 0x81, - (byte) 0xF4, (byte) 0x37, (byte) 0x2D, (byte) 0xDF, - (byte) 0x58, (byte) 0x1A, (byte) 0x0D, (byte) 0xB2, - (byte) 0x48, (byte) 0xB0, (byte) 0xA7, (byte) 0x7A, - (byte) 0xEC, (byte) 0xEC, (byte) 0x19, (byte) 0x6A, - (byte) 0xCC, (byte) 0xC5, (byte) 0x29, (byte) 0x73}; - // cofactor of G - public static final short EC384_FP_K = 1; - - - // secp521r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC521_FP_P = new byte[]{ - (byte) 0x01, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - - public static final byte[] EC521_FP_A = new byte[]{ - (byte) 0x01, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - - public static final byte[] EC521_FP_B = new byte[]{ - (byte) 0x00, (byte) 0x51, (byte) 0x95, (byte) 0x3E, - (byte) 0xB9, (byte) 0x61, (byte) 0x8E, (byte) 0x1C, - (byte) 0x9A, (byte) 0x1F, (byte) 0x92, (byte) 0x9A, - (byte) 0x21, (byte) 0xA0, (byte) 0xB6, (byte) 0x85, - (byte) 0x40, (byte) 0xEE, (byte) 0xA2, (byte) 0xDA, - (byte) 0x72, (byte) 0x5B, (byte) 0x99, (byte) 0xB3, - (byte) 0x15, (byte) 0xF3, (byte) 0xB8, (byte) 0xB4, - (byte) 0x89, (byte) 0x91, (byte) 0x8E, (byte) 0xF1, - (byte) 0x09, (byte) 0xE1, (byte) 0x56, (byte) 0x19, - (byte) 0x39, (byte) 0x51, (byte) 0xEC, (byte) 0x7E, - (byte) 0x93, (byte) 0x7B, (byte) 0x16, (byte) 0x52, - (byte) 0xC0, (byte) 0xBD, (byte) 0x3B, (byte) 0xB1, - (byte) 0xBF, (byte) 0x07, (byte) 0x35, (byte) 0x73, - (byte) 0xDF, (byte) 0x88, (byte) 0x3D, (byte) 0x2C, - (byte) 0x34, (byte) 0xF1, (byte) 0xEF, (byte) 0x45, - (byte) 0x1F, (byte) 0xD4, (byte) 0x6B, (byte) 0x50, - (byte) 0x3F, (byte) 0x00}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC521_FP_G_X = new byte[]{ - (byte) 0x00, (byte) 0xC6, (byte) 0x85, (byte) 0x8E, - (byte) 0x06, (byte) 0xB7, (byte) 0x04, (byte) 0x04, - (byte) 0xE9, (byte) 0xCD, (byte) 0x9E, (byte) 0x3E, - (byte) 0xCB, (byte) 0x66, (byte) 0x23, (byte) 0x95, - (byte) 0xB4, (byte) 0x42, (byte) 0x9C, (byte) 0x64, - (byte) 0x81, (byte) 0x39, (byte) 0x05, (byte) 0x3F, - (byte) 0xB5, (byte) 0x21, (byte) 0xF8, (byte) 0x28, - (byte) 0xAF, (byte) 0x60, (byte) 0x6B, (byte) 0x4D, - (byte) 0x3D, (byte) 0xBA, (byte) 0xA1, (byte) 0x4B, - (byte) 0x5E, (byte) 0x77, (byte) 0xEF, (byte) 0xE7, - (byte) 0x59, (byte) 0x28, (byte) 0xFE, (byte) 0x1D, - (byte) 0xC1, (byte) 0x27, (byte) 0xA2, (byte) 0xFF, - (byte) 0xA8, (byte) 0xDE, (byte) 0x33, (byte) 0x48, - (byte) 0xB3, (byte) 0xC1, (byte) 0x85, (byte) 0x6A, - (byte) 0x42, (byte) 0x9B, (byte) 0xF9, (byte) 0x7E, - (byte) 0x7E, (byte) 0x31, (byte) 0xC2, (byte) 0xE5, - (byte) 0xBD, (byte) 0x66}; - - // second part of G uncompressed - public static final byte[] EC521_FP_G_Y = new byte[]{ - (byte) 0x01, (byte) 0x18, (byte) 0x39, (byte) 0x29, - (byte) 0x6A, (byte) 0x78, (byte) 0x9A, (byte) 0x3B, - (byte) 0xC0, (byte) 0x04, (byte) 0x5C, (byte) 0x8A, - (byte) 0x5F, (byte) 0xB4, (byte) 0x2C, (byte) 0x7D, - (byte) 0x1B, (byte) 0xD9, (byte) 0x98, (byte) 0xF5, - (byte) 0x44, (byte) 0x49, (byte) 0x57, (byte) 0x9B, - (byte) 0x44, (byte) 0x68, (byte) 0x17, (byte) 0xAF, - (byte) 0xBD, (byte) 0x17, (byte) 0x27, (byte) 0x3E, - (byte) 0x66, (byte) 0x2C, (byte) 0x97, (byte) 0xEE, - (byte) 0x72, (byte) 0x99, (byte) 0x5E, (byte) 0xF4, - (byte) 0x26, (byte) 0x40, (byte) 0xC5, (byte) 0x50, - (byte) 0xB9, (byte) 0x01, (byte) 0x3F, (byte) 0xAD, - (byte) 0x07, (byte) 0x61, (byte) 0x35, (byte) 0x3C, - (byte) 0x70, (byte) 0x86, (byte) 0xA2, (byte) 0x72, - (byte) 0xC2, (byte) 0x40, (byte) 0x88, (byte) 0xBE, - (byte) 0x94, (byte) 0x76, (byte) 0x9F, (byte) 0xD1, - (byte) 0x66, (byte) 0x50}; - - // Order of G - public static final byte[] EC521_FP_R = new byte[]{ - (byte) 0x01, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFA, - (byte) 0x51, (byte) 0x86, (byte) 0x87, (byte) 0x83, - (byte) 0xBF, (byte) 0x2F, (byte) 0x96, (byte) 0x6B, - (byte) 0x7F, (byte) 0xCC, (byte) 0x01, (byte) 0x48, - (byte) 0xF7, (byte) 0x09, (byte) 0xA5, (byte) 0xD0, - (byte) 0x3B, (byte) 0xB5, (byte) 0xC9, (byte) 0xB8, - (byte) 0x89, (byte) 0x9C, (byte) 0x47, (byte) 0xAE, - (byte) 0xBB, (byte) 0x6F, (byte) 0xB7, (byte) 0x1E, - (byte) 0x91, (byte) 0x38, (byte) 0x64, (byte) 0x09}; - - // cofactor of G - public static final short EC521_FP_K = 1; - - //sect163r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^163 + x^i1 + x^i2 + x^i3 + 1 - public static final byte[] EC163_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x07, - (byte) 0x00, (byte) 0x06, - (byte) 0x00, (byte) 0x03 - }; - - public static final byte[] EC163_F2M_A = new byte[]{ - (byte) 0x07, (byte) 0xB6, (byte) 0x88, (byte) 0x2C, - (byte) 0xAA, (byte) 0xEF, (byte) 0xA8, (byte) 0x4F, - (byte) 0x95, (byte) 0x54, (byte) 0xFF, (byte) 0x84, - (byte) 0x28, (byte) 0xBD, (byte) 0x88, (byte) 0xE2, - (byte) 0x46, (byte) 0xD2, (byte) 0x78, (byte) 0x2A, - (byte) 0xE2 - }; - - public static final byte[] EC163_F2M_B = new byte[]{ - (byte) 0x07, (byte) 0x13, (byte) 0x61, (byte) 0x2D, - (byte) 0xCD, (byte) 0xDC, (byte) 0xB4, (byte) 0x0A, - (byte) 0xAB, (byte) 0x94, (byte) 0x6B, (byte) 0xDA, - (byte) 0x29, (byte) 0xCA, (byte) 0x91, (byte) 0xF7, - (byte) 0x3A, (byte) 0xF9, (byte) 0x58, (byte) 0xAF, - (byte) 0xD9 - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC163_F2M_G_X = new byte[]{ - (byte) 0x03, (byte) 0x69, (byte) 0x97, (byte) 0x96, - (byte) 0x97, (byte) 0xAB, (byte) 0x43, (byte) 0x89, - (byte) 0x77, (byte) 0x89, (byte) 0x56, (byte) 0x67, - (byte) 0x89, (byte) 0x56, (byte) 0x7F, (byte) 0x78, - (byte) 0x7A, (byte) 0x78, (byte) 0x76, (byte) 0xA6, - (byte) 0x54 - }; - - // second part of G uncompressed - public static final byte[] EC163_F2M_G_Y = new byte[]{ - (byte) 0x00, (byte) 0x43, (byte) 0x5E, (byte) 0xDB, - (byte) 0x42, (byte) 0xEF, (byte) 0xAF, (byte) 0xB2, - (byte) 0x98, (byte) 0x9D, (byte) 0x51, (byte) 0xFE, - (byte) 0xFC, (byte) 0xE3, (byte) 0xC8, (byte) 0x09, - (byte) 0x88, (byte) 0xF4, (byte) 0x1F, (byte) 0xF8, - (byte) 0x83 - }; - - // order of G - public static final byte[] EC163_F2M_R = new byte[]{ - (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x48, - (byte) 0xAA, (byte) 0xB6, (byte) 0x89, (byte) 0xC2, - (byte) 0x9C, (byte) 0xA7, (byte) 0x10, (byte) 0x27, - (byte) 0x9B - }; - - // cofactor of G - public static final short EC163_F2M_K = 2; - - //sect233r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^233 + x^i1 + 1 - public static final byte[] EC233_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x4a - }; - - public static final byte[] EC233_F2M_A = new byte[]{ - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x01 - }; - - public static final byte[] EC233_F2M_B = new byte[]{ - (byte) 0x00, (byte) 0x66, (byte) 0x64, (byte) 0x7E, - (byte) 0xDE, (byte) 0x6C, (byte) 0x33, (byte) 0x2C, - (byte) 0x7F, (byte) 0x8C, (byte) 0x09, (byte) 0x23, - (byte) 0xBB, (byte) 0x58, (byte) 0x21, (byte) 0x3B, - (byte) 0x33, (byte) 0x3B, (byte) 0x20, (byte) 0xE9, - (byte) 0xCE, (byte) 0x42, (byte) 0x81, (byte) 0xFE, - (byte) 0x11, (byte) 0x5F, (byte) 0x7D, (byte) 0x8F, - (byte) 0x90, (byte) 0xAD - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC233_F2M_G_X = new byte[]{ - (byte) 0x00, (byte) 0xFA, (byte) 0xC9, (byte) 0xDF, - (byte) 0xCB, (byte) 0xAC, (byte) 0x83, (byte) 0x13, - (byte) 0xBB, (byte) 0x21, (byte) 0x39, (byte) 0xF1, - (byte) 0xBB, (byte) 0x75, (byte) 0x5F, (byte) 0xEF, - (byte) 0x65, (byte) 0xBC, (byte) 0x39, (byte) 0x1F, - (byte) 0x8B, (byte) 0x36, (byte) 0xF8, (byte) 0xF8, - (byte) 0xEB, (byte) 0x73, (byte) 0x71, (byte) 0xFD, - (byte) 0x55, (byte) 0x8B - }; - - // second part of G uncompressed - public static final byte[] EC233_F2M_G_Y = new byte[]{ - (byte) 0x01, (byte) 0x00, (byte) 0x6A, (byte) 0x08, - (byte) 0xA4, (byte) 0x19, (byte) 0x03, (byte) 0x35, - (byte) 0x06, (byte) 0x78, (byte) 0xE5, (byte) 0x85, - (byte) 0x28, (byte) 0xBE, (byte) 0xBF, (byte) 0x8A, - (byte) 0x0B, (byte) 0xEF, (byte) 0xF8, (byte) 0x67, - (byte) 0xA7, (byte) 0xCA, (byte) 0x36, (byte) 0x71, - (byte) 0x6F, (byte) 0x7E, (byte) 0x01, (byte) 0xF8, - (byte) 0x10, (byte) 0x52 - }; - - // order of G - public static final byte[] EC233_F2M_R = new byte[]{ - (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x13, - (byte) 0xE9, (byte) 0x74, (byte) 0xE7, (byte) 0x2F, - (byte) 0x8A, (byte) 0x69, (byte) 0x22, (byte) 0x03, - (byte) 0x1D, (byte) 0x26, (byte) 0x03, (byte) 0xCF, - (byte) 0xE0, (byte) 0xD7 - }; - - // cofactor of G - public static final short EC233_F2M_K = 2; - - //sect283r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^283 + x^i1 + x^i2 + x^i3 + 1 - public static final byte[] EC283_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x0c, - (byte) 0x00, (byte) 0x07, - (byte) 0x00, (byte) 0x05 - }; - - public static final byte[] EC283_F2M_A = new byte[]{ - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 - }; - - public static final byte[] EC283_F2M_B = new byte[]{ - (byte) 0x02, (byte) 0x7B, (byte) 0x68, (byte) 0x0A, - (byte) 0xC8, (byte) 0xB8, (byte) 0x59, (byte) 0x6D, - (byte) 0xA5, (byte) 0xA4, (byte) 0xAF, (byte) 0x8A, - (byte) 0x19, (byte) 0xA0, (byte) 0x30, (byte) 0x3F, - (byte) 0xCA, (byte) 0x97, (byte) 0xFD, (byte) 0x76, - (byte) 0x45, (byte) 0x30, (byte) 0x9F, (byte) 0xA2, - (byte) 0xA5, (byte) 0x81, (byte) 0x48, (byte) 0x5A, - (byte) 0xF6, (byte) 0x26, (byte) 0x3E, (byte) 0x31, - (byte) 0x3B, (byte) 0x79, (byte) 0xA2, (byte) 0xF5 - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC283_F2M_G_X = new byte[]{ - (byte) 0x05, (byte) 0xF9, (byte) 0x39, (byte) 0x25, - (byte) 0x8D, (byte) 0xB7, (byte) 0xDD, (byte) 0x90, - (byte) 0xE1, (byte) 0x93, (byte) 0x4F, (byte) 0x8C, - (byte) 0x70, (byte) 0xB0, (byte) 0xDF, (byte) 0xEC, - (byte) 0x2E, (byte) 0xED, (byte) 0x25, (byte) 0xB8, - (byte) 0x55, (byte) 0x7E, (byte) 0xAC, (byte) 0x9C, - (byte) 0x80, (byte) 0xE2, (byte) 0xE1, (byte) 0x98, - (byte) 0xF8, (byte) 0xCD, (byte) 0xBE, (byte) 0xCD, - (byte) 0x86, (byte) 0xB1, (byte) 0x20, (byte) 0x53 - }; - - // second part of G uncompressed - public static final byte[] EC283_F2M_G_Y = new byte[]{ - (byte) 0x03, (byte) 0x67, (byte) 0x68, (byte) 0x54, - (byte) 0xFE, (byte) 0x24, (byte) 0x14, (byte) 0x1C, - (byte) 0xB9, (byte) 0x8F, (byte) 0xE6, (byte) 0xD4, - (byte) 0xB2, (byte) 0x0D, (byte) 0x02, (byte) 0xB4, - (byte) 0x51, (byte) 0x6F, (byte) 0xF7, (byte) 0x02, - (byte) 0x35, (byte) 0x0E, (byte) 0xDD, (byte) 0xB0, - (byte) 0x82, (byte) 0x67, (byte) 0x79, (byte) 0xC8, - (byte) 0x13, (byte) 0xF0, (byte) 0xDF, (byte) 0x45, - (byte) 0xBE, (byte) 0x81, (byte) 0x12, (byte) 0xF4 - }; - - // order of G - public static final byte[] EC283_F2M_R = new byte[]{ - (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xEF, (byte) 0x90, - (byte) 0x39, (byte) 0x96, (byte) 0x60, (byte) 0xFC, - (byte) 0x93, (byte) 0x8A, (byte) 0x90, (byte) 0x16, - (byte) 0x5B, (byte) 0x04, (byte) 0x2A, (byte) 0x7C, - (byte) 0xEF, (byte) 0xAD, (byte) 0xB3, (byte) 0x07 - }; - - // cofactor of G - public static final short EC283_F2M_K = 2; - - //sect409r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^409 + x^i1 + 1 - public static final byte[] EC409_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x57 - }; - - public static final byte[] EC409_F2M_A = new byte[]{ - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 - }; - - public static final byte[] EC409_F2M_B = new byte[]{ - (byte) 0x00, (byte) 0x21, (byte) 0xA5, (byte) 0xC2, - (byte) 0xC8, (byte) 0xEE, (byte) 0x9F, (byte) 0xEB, - (byte) 0x5C, (byte) 0x4B, (byte) 0x9A, (byte) 0x75, - (byte) 0x3B, (byte) 0x7B, (byte) 0x47, (byte) 0x6B, - (byte) 0x7F, (byte) 0xD6, (byte) 0x42, (byte) 0x2E, - (byte) 0xF1, (byte) 0xF3, (byte) 0xDD, (byte) 0x67, - (byte) 0x47, (byte) 0x61, (byte) 0xFA, (byte) 0x99, - (byte) 0xD6, (byte) 0xAC, (byte) 0x27, (byte) 0xC8, - (byte) 0xA9, (byte) 0xA1, (byte) 0x97, (byte) 0xB2, - (byte) 0x72, (byte) 0x82, (byte) 0x2F, (byte) 0x6C, - (byte) 0xD5, (byte) 0x7A, (byte) 0x55, (byte) 0xAA, - (byte) 0x4F, (byte) 0x50, (byte) 0xAE, (byte) 0x31, - (byte) 0x7B, (byte) 0x13, (byte) 0x54, (byte) 0x5F - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC409_F2M_G_X = new byte[]{ - (byte) 0x01, (byte) 0x5D, (byte) 0x48, (byte) 0x60, - (byte) 0xD0, (byte) 0x88, (byte) 0xDD, (byte) 0xB3, - (byte) 0x49, (byte) 0x6B, (byte) 0x0C, (byte) 0x60, - (byte) 0x64, (byte) 0x75, (byte) 0x62, (byte) 0x60, - (byte) 0x44, (byte) 0x1C, (byte) 0xDE, (byte) 0x4A, - (byte) 0xF1, (byte) 0x77, (byte) 0x1D, (byte) 0x4D, - (byte) 0xB0, (byte) 0x1F, (byte) 0xFE, (byte) 0x5B, - (byte) 0x34, (byte) 0xE5, (byte) 0x97, (byte) 0x03, - (byte) 0xDC, (byte) 0x25, (byte) 0x5A, (byte) 0x86, - (byte) 0x8A, (byte) 0x11, (byte) 0x80, (byte) 0x51, - (byte) 0x56, (byte) 0x03, (byte) 0xAE, (byte) 0xAB, - (byte) 0x60, (byte) 0x79, (byte) 0x4E, (byte) 0x54, - (byte) 0xBB, (byte) 0x79, (byte) 0x96, (byte) 0xA7 - }; - - // second part of G uncompressed - public static final byte[] EC409_F2M_G_Y = new byte[]{ - (byte) 0x00, (byte) 0x61, (byte) 0xB1, (byte) 0xCF, - (byte) 0xAB, (byte) 0x6B, (byte) 0xE5, (byte) 0xF3, - (byte) 0x2B, (byte) 0xBF, (byte) 0xA7, (byte) 0x83, - (byte) 0x24, (byte) 0xED, (byte) 0x10, (byte) 0x6A, - (byte) 0x76, (byte) 0x36, (byte) 0xB9, (byte) 0xC5, - (byte) 0xA7, (byte) 0xBD, (byte) 0x19, (byte) 0x8D, - (byte) 0x01, (byte) 0x58, (byte) 0xAA, (byte) 0x4F, - (byte) 0x54, (byte) 0x88, (byte) 0xD0, (byte) 0x8F, - (byte) 0x38, (byte) 0x51, (byte) 0x4F, (byte) 0x1F, - (byte) 0xDF, (byte) 0x4B, (byte) 0x4F, (byte) 0x40, - (byte) 0xD2, (byte) 0x18, (byte) 0x1B, (byte) 0x36, - (byte) 0x81, (byte) 0xC3, (byte) 0x64, (byte) 0xBA, - (byte) 0x02, (byte) 0x73, (byte) 0xC7, (byte) 0x06 - }; - - // order of G - public static final byte[] EC409_F2M_R = new byte[]{ - (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0xE2, - (byte) 0xAA, (byte) 0xD6, (byte) 0xA6, (byte) 0x12, - (byte) 0xF3, (byte) 0x33, (byte) 0x07, (byte) 0xBE, - (byte) 0x5F, (byte) 0xA4, (byte) 0x7C, (byte) 0x3C, - (byte) 0x9E, (byte) 0x05, (byte) 0x2F, (byte) 0x83, - (byte) 0x81, (byte) 0x64, (byte) 0xCD, (byte) 0x37, - (byte) 0xD9, (byte) 0xA2, (byte) 0x11, (byte) 0x73 - }; - - // cofactor of G - public static final short EC409_F2M_K = 2; - - //sect571r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^571 + x^i1 + x^i2 + x^i3 + 1 - public static final byte[] EC571_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x0a, - (byte) 0x00, (byte) 0x05, - (byte) 0x00, (byte) 0x02, - }; - - public static final byte[] EC571_F2M_A = new byte[]{ - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 - }; - - public static final byte[] EC571_F2M_B = new byte[]{ - (byte) 0x02, (byte) 0xF4, (byte) 0x0E, (byte) 0x7E, - (byte) 0x22, (byte) 0x21, (byte) 0xF2, (byte) 0x95, - (byte) 0xDE, (byte) 0x29, (byte) 0x71, (byte) 0x17, - (byte) 0xB7, (byte) 0xF3, (byte) 0xD6, (byte) 0x2F, - (byte) 0x5C, (byte) 0x6A, (byte) 0x97, (byte) 0xFF, - (byte) 0xCB, (byte) 0x8C, (byte) 0xEF, (byte) 0xF1, - (byte) 0xCD, (byte) 0x6B, (byte) 0xA8, (byte) 0xCE, - (byte) 0x4A, (byte) 0x9A, (byte) 0x18, (byte) 0xAD, - (byte) 0x84, (byte) 0xFF, (byte) 0xAB, (byte) 0xBD, - (byte) 0x8E, (byte) 0xFA, (byte) 0x59, (byte) 0x33, - (byte) 0x2B, (byte) 0xE7, (byte) 0xAD, (byte) 0x67, - (byte) 0x56, (byte) 0xA6, (byte) 0x6E, (byte) 0x29, - (byte) 0x4A, (byte) 0xFD, (byte) 0x18, (byte) 0x5A, - (byte) 0x78, (byte) 0xFF, (byte) 0x12, (byte) 0xAA, - (byte) 0x52, (byte) 0x0E, (byte) 0x4D, (byte) 0xE7, - (byte) 0x39, (byte) 0xBA, (byte) 0xCA, (byte) 0x0C, - (byte) 0x7F, (byte) 0xFE, (byte) 0xFF, (byte) 0x7F, - (byte) 0x29, (byte) 0x55, (byte) 0x72, (byte) 0x7A - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC571_F2M_G_X = new byte[]{ - (byte) 0x03, (byte) 0x03, (byte) 0x00, (byte) 0x1D, - (byte) 0x34, (byte) 0xB8, (byte) 0x56, (byte) 0x29, - (byte) 0x6C, (byte) 0x16, (byte) 0xC0, (byte) 0xD4, - (byte) 0x0D, (byte) 0x3C, (byte) 0xD7, (byte) 0x75, - (byte) 0x0A, (byte) 0x93, (byte) 0xD1, (byte) 0xD2, - (byte) 0x95, (byte) 0x5F, (byte) 0xA8, (byte) 0x0A, - (byte) 0xA5, (byte) 0xF4, (byte) 0x0F, (byte) 0xC8, - (byte) 0xDB, (byte) 0x7B, (byte) 0x2A, (byte) 0xBD, - (byte) 0xBD, (byte) 0xE5, (byte) 0x39, (byte) 0x50, - (byte) 0xF4, (byte) 0xC0, (byte) 0xD2, (byte) 0x93, - (byte) 0xCD, (byte) 0xD7, (byte) 0x11, (byte) 0xA3, - (byte) 0x5B, (byte) 0x67, (byte) 0xFB, (byte) 0x14, - (byte) 0x99, (byte) 0xAE, (byte) 0x60, (byte) 0x03, - (byte) 0x86, (byte) 0x14, (byte) 0xF1, (byte) 0x39, - (byte) 0x4A, (byte) 0xBF, (byte) 0xA3, (byte) 0xB4, - (byte) 0xC8, (byte) 0x50, (byte) 0xD9, (byte) 0x27, - (byte) 0xE1, (byte) 0xE7, (byte) 0x76, (byte) 0x9C, - (byte) 0x8E, (byte) 0xEC, (byte) 0x2D, (byte) 0x19 - }; - - // second part of G uncompressed - public static final byte[] EC571_F2M_G_Y = new byte[]{ - (byte) 0x03, (byte) 0x7B, (byte) 0xF2, (byte) 0x73, - (byte) 0x42, (byte) 0xDA, (byte) 0x63, (byte) 0x9B, - (byte) 0x6D, (byte) 0xCC, (byte) 0xFF, (byte) 0xFE, - (byte) 0xB7, (byte) 0x3D, (byte) 0x69, (byte) 0xD7, - (byte) 0x8C, (byte) 0x6C, (byte) 0x27, (byte) 0xA6, - (byte) 0x00, (byte) 0x9C, (byte) 0xBB, (byte) 0xCA, - (byte) 0x19, (byte) 0x80, (byte) 0xF8, (byte) 0x53, - (byte) 0x39, (byte) 0x21, (byte) 0xE8, (byte) 0xA6, - (byte) 0x84, (byte) 0x42, (byte) 0x3E, (byte) 0x43, - (byte) 0xBA, (byte) 0xB0, (byte) 0x8A, (byte) 0x57, - (byte) 0x62, (byte) 0x91, (byte) 0xAF, (byte) 0x8F, - (byte) 0x46, (byte) 0x1B, (byte) 0xB2, (byte) 0xA8, - (byte) 0xB3, (byte) 0x53, (byte) 0x1D, (byte) 0x2F, - (byte) 0x04, (byte) 0x85, (byte) 0xC1, (byte) 0x9B, - (byte) 0x16, (byte) 0xE2, (byte) 0xF1, (byte) 0x51, - (byte) 0x6E, (byte) 0x23, (byte) 0xDD, (byte) 0x3C, - (byte) 0x1A, (byte) 0x48, (byte) 0x27, (byte) 0xAF, - (byte) 0x1B, (byte) 0x8A, (byte) 0xC1, (byte) 0x5B - }; - - // order of G - public static final byte[] EC571_F2M_R = new byte[]{ - (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xE6, (byte) 0x61, (byte) 0xCE, (byte) 0x18, - (byte) 0xFF, (byte) 0x55, (byte) 0x98, (byte) 0x73, - (byte) 0x08, (byte) 0x05, (byte) 0x9B, (byte) 0x18, - (byte) 0x68, (byte) 0x23, (byte) 0x85, (byte) 0x1E, - (byte) 0xC7, (byte) 0xDD, (byte) 0x9C, (byte) 0xA1, - (byte) 0x16, (byte) 0x1D, (byte) 0xE9, (byte) 0x3D, - (byte) 0x51, (byte) 0x74, (byte) 0xD6, (byte) 0x6E, - (byte) 0x83, (byte) 0x82, (byte) 0xE9, (byte) 0xBB, - (byte) 0x2F, (byte) 0xE8, (byte) 0x4E, (byte) 0x47 - }; - - // cofactor of G - public static final short EC571_F2M_K = 2; - - //Anomalous curve(small-pub-128), with pubkey of order 5 - public static final byte[] ECSP128_FP_P = { - (byte) 0xcf, (byte) 0xba, (byte) 0x21, (byte) 0xfd, - (byte) 0x04, (byte) 0x83, (byte) 0xb1, (byte) 0xf3, - (byte) 0x00, (byte) 0xfa, (byte) 0x25, (byte) 0x06, - (byte) 0xa5, (byte) 0xa5, (byte) 0x66, (byte) 0xef - }; - - public static final byte[] ECSP128_FP_A = { - (byte) 0x36, (byte) 0xd9, (byte) 0xa5, (byte) 0xac, - (byte) 0xac, (byte) 0x27, (byte) 0xa0, (byte) 0x08, - (byte) 0xe3, (byte) 0x6c, (byte) 0xbe, (byte) 0x3e, - (byte) 0x9f, (byte) 0x10, (byte) 0x3f, (byte) 0xde - }; - - public static final byte[] ECSP128_FP_B = { - (byte) 0xa6, (byte) 0x7c, (byte) 0xf5, (byte) 0xfa, - (byte) 0x09, (byte) 0xfb, (byte) 0x1d, (byte) 0xb9, - (byte) 0x02, (byte) 0x06, (byte) 0x8c, (byte) 0x87, - (byte) 0x04, (byte) 0x6a, (byte) 0xe2, (byte) 0x1e - }; - - public static final byte[] ECSP128_FP_G_X = { - (byte) 0x47, (byte) 0xd7, (byte) 0x83, (byte) 0x91, - (byte) 0xa4, (byte) 0xb9, (byte) 0xff, (byte) 0xf6, - (byte) 0xa0, (byte) 0xdb, (byte) 0x12, (byte) 0x92, - (byte) 0xf9, (byte) 0xcd, (byte) 0x0e, (byte) 0x6a - }; - - public static final byte[] ECSP128_FP_G_Y = { - (byte) 0x9a, (byte) 0xed, (byte) 0x9c, (byte) 0x92, - (byte) 0xf8, (byte) 0xbb, (byte) 0x3d, (byte) 0xbd, - (byte) 0x42, (byte) 0x40, (byte) 0x21, (byte) 0x65, - (byte) 0xa2, (byte) 0x70, (byte) 0xbd, (byte) 0x6f - }; - - public static final byte[] ECSP128_FP_R = { - (byte) 0xcf, (byte) 0xba, (byte) 0x21, (byte) 0xfd, - (byte) 0x04, (byte) 0x83, (byte) 0xb1, (byte) 0xf3, - (byte) 0x33, (byte) 0xd6, (byte) 0x1a, (byte) 0x5a, - (byte) 0xf6, (byte) 0xad, (byte) 0xa2, (byte) 0xc7 - }; - - public static final short ECSP128_FP_K = 1; - - public static final byte[] ECSP128_FP_W_X = { - (byte) 0x63, (byte) 0x90, (byte) 0x1e, (byte) 0x12, - (byte) 0x27, (byte) 0x61, (byte) 0xd9, (byte) 0xc1, - (byte) 0x65, (byte) 0x65, (byte) 0xb2, (byte) 0xf3, - (byte) 0x8e, (byte) 0x99, (byte) 0x1f, (byte) 0x71 - }; - - public static final byte[] ECSP128_FP_W_Y = { - (byte) 0xb9, (byte) 0xd9, (byte) 0x9f, (byte) 0xbc, - (byte) 0x31, (byte) 0x54, (byte) 0xa9, (byte) 0x6c, - (byte) 0xa2, (byte) 0x3e, (byte) 0xcf, (byte) 0xf7, - (byte) 0x70, (byte) 0xcb, (byte) 0xbe, (byte) 0x4f - }; - - - //Anomalous curve(small-pub-160), with pubkey of order 3 - public static final byte[] ECSP160_FP_P = { - (byte) 0xdc, (byte) 0x13, (byte) 0x49, (byte) 0x0f, - (byte) 0xf9, (byte) 0x85, (byte) 0x7b, (byte) 0x11, - (byte) 0x1f, (byte) 0x44, (byte) 0xc0, (byte) 0x50, - (byte) 0x07, (byte) 0x70, (byte) 0xa6, (byte) 0x45, - (byte) 0x7e, (byte) 0x68, (byte) 0x32, (byte) 0x23 - }; - - public static final byte[] ECSP160_FP_A = { - (byte) 0xa3, (byte) 0xec, (byte) 0xd7, (byte) 0xd5, - (byte) 0x1e, (byte) 0x79, (byte) 0xd7, (byte) 0x2d, - (byte) 0x27, (byte) 0x00, (byte) 0x18, (byte) 0x4c, - (byte) 0x79, (byte) 0x5a, (byte) 0xa8, (byte) 0xa6, - (byte) 0xb8, (byte) 0xe6, (byte) 0x65, (byte) 0x73 - }; - - public static final byte[] ECSP160_FP_B = { - (byte) 0x8a, (byte) 0xc4, (byte) 0x35, (byte) 0x92, - (byte) 0x90, (byte) 0x5f, (byte) 0x99, (byte) 0x5c, - (byte) 0xb1, (byte) 0x3f, (byte) 0x36, (byte) 0x94, - (byte) 0x31, (byte) 0x7b, (byte) 0xf4, (byte) 0x70, - (byte) 0xad, (byte) 0xaf, (byte) 0xb6, (byte) 0x45 - }; - - public static final byte[] ECSP160_FP_G_X = { - (byte) 0x5f, (byte) 0x8e, (byte) 0x88, (byte) 0xaf, - (byte) 0xc1, (byte) 0x17, (byte) 0xc7, (byte) 0x22, - (byte) 0x85, (byte) 0x9f, (byte) 0xe8, (byte) 0xe5, - (byte) 0x56, (byte) 0x47, (byte) 0xbc, (byte) 0xa6, - (byte) 0x9b, (byte) 0xa8, (byte) 0x21, (byte) 0x50 - }; - - public static final byte[] ECSP160_FP_G_Y = { - (byte) 0x93, (byte) 0xe6, (byte) 0xdc, (byte) 0xae, - (byte) 0xe2, (byte) 0x71, (byte) 0xe9, (byte) 0xf2, - (byte) 0x83, (byte) 0x8c, (byte) 0x98, (byte) 0xb7, - (byte) 0xd0, (byte) 0x6e, (byte) 0xcc, (byte) 0xc5, - (byte) 0xd7, (byte) 0xc8, (byte) 0x00, (byte) 0xe5 - }; - - public static final byte[] ECSP160_FP_R = { - (byte) 0xdc, (byte) 0x13, (byte) 0x49, (byte) 0x0f, - (byte) 0xf9, (byte) 0x85, (byte) 0x7b, (byte) 0x11, - (byte) 0x1f, (byte) 0x44, (byte) 0x6e, (byte) 0xf4, - (byte) 0xa6, (byte) 0xd1, (byte) 0xe1, (byte) 0x71, - (byte) 0x5f, (byte) 0x6a, (byte) 0x6d, (byte) 0xff - }; - - public static final short ECSP160_FP_K = 1; - - public static final byte[] ECSP160_FP_W_X = { - (byte) 0x59, (byte) 0xc9, (byte) 0xc3, (byte) 0xc8, - (byte) 0xae, (byte) 0xf2, (byte) 0x9f, (byte) 0x1c, - (byte) 0x1c, (byte) 0x50, (byte) 0x0c, (byte) 0xaf, - (byte) 0xb4, (byte) 0x72, (byte) 0x6d, (byte) 0xa6, - (byte) 0x08, (byte) 0x6e, (byte) 0x6e, (byte) 0xb0 - }; - - public static final byte[] ECSP160_FP_W_Y = { - (byte) 0xd6, (byte) 0x95, (byte) 0xa7, (byte) 0x60, - (byte) 0x05, (byte) 0xed, (byte) 0xdb, (byte) 0x26, - (byte) 0xaf, (byte) 0xd4, (byte) 0x0e, (byte) 0xe2, - (byte) 0x09, (byte) 0x04, (byte) 0x77, (byte) 0x8b, - (byte) 0xb3, (byte) 0x49, (byte) 0x7b, (byte) 0xb1 - }; - - - //Anomalous curve(small-pub-192), with pubkey of order 4 - public static final byte[] ECSP192_FP_P = { - (byte) 0xce, (byte) 0x71, (byte) 0x4c, (byte) 0xc3, - (byte) 0xa1, (byte) 0x5c, (byte) 0xe7, (byte) 0xe5, - (byte) 0xda, (byte) 0xb0, (byte) 0x68, (byte) 0xc9, - (byte) 0xa1, (byte) 0xf8, (byte) 0xbe, (byte) 0x00, - (byte) 0xaa, (byte) 0xd4, (byte) 0x80, (byte) 0xab, - (byte) 0xcc, (byte) 0xae, (byte) 0xef, (byte) 0xc3 - }; - - public static final byte[] ECSP192_FP_A = { - (byte) 0x59, (byte) 0x7c, (byte) 0x78, (byte) 0x1f, - (byte) 0x64, (byte) 0xc3, (byte) 0x3e, (byte) 0xb8, - (byte) 0xef, (byte) 0x91, (byte) 0x9c, (byte) 0x41, - (byte) 0x59, (byte) 0x11, (byte) 0x51, (byte) 0x8e, - (byte) 0xa3, (byte) 0x23, (byte) 0xbe, (byte) 0x88, - (byte) 0xb9, (byte) 0x43, (byte) 0x7c, (byte) 0xaf - }; - - public static final byte[] ECSP192_FP_B = { - (byte) 0xf8, (byte) 0x15, (byte) 0x85, (byte) 0xa1, - (byte) 0xb1, (byte) 0x8f, (byte) 0x23, (byte) 0x3d, - (byte) 0x70, (byte) 0xad, (byte) 0xd7, (byte) 0xee, - (byte) 0x13, (byte) 0x42, (byte) 0xd2, (byte) 0x03, - (byte) 0x5c, (byte) 0x38, (byte) 0x6a, (byte) 0x92, - (byte) 0xe3, (byte) 0xab, (byte) 0x83, (byte) 0x20 - }; - - public static final byte[] ECSP192_FP_G_X = { - (byte) 0x15, (byte) 0x0f, (byte) 0xf0, (byte) 0xa4, - (byte) 0x0d, (byte) 0xea, (byte) 0xc6, (byte) 0x46, - (byte) 0x2b, (byte) 0x59, (byte) 0x87, (byte) 0x41, - (byte) 0x86, (byte) 0x17, (byte) 0xfd, (byte) 0xee, - (byte) 0xb6, (byte) 0xbf, (byte) 0xd7, (byte) 0x6d, - (byte) 0x4d, (byte) 0x60, (byte) 0xa0, (byte) 0x67 - }; - - public static final byte[] ECSP192_FP_G_Y = { - (byte) 0x84, (byte) 0x3d, (byte) 0x57, (byte) 0x73, - (byte) 0x71, (byte) 0xc5, (byte) 0xdc, (byte) 0xe1, - (byte) 0x22, (byte) 0xc2, (byte) 0xff, (byte) 0x20, - (byte) 0x6b, (byte) 0x2f, (byte) 0x42, (byte) 0xfa, - (byte) 0x0b, (byte) 0x84, (byte) 0x2b, (byte) 0x49, - (byte) 0xbd, (byte) 0xaf, (byte) 0x99, (byte) 0x0f - }; - - public static final byte[] ECSP192_FP_R = { - (byte) 0xce, (byte) 0x71, (byte) 0x4c, (byte) 0xc3, - (byte) 0xa1, (byte) 0x5c, (byte) 0xe7, (byte) 0xe5, - (byte) 0xda, (byte) 0xb0, (byte) 0x68, (byte) 0xc9, - (byte) 0xa3, (byte) 0x0b, (byte) 0xc9, (byte) 0x29, - (byte) 0x15, (byte) 0xbd, (byte) 0x86, (byte) 0x62, - (byte) 0xae, (byte) 0x88, (byte) 0x28, (byte) 0x87 - }; - - public static final short ECSP192_FP_K = 1; - - public static final byte[] ECSP192_FP_W_X = { - (byte) 0x17, (byte) 0x04, (byte) 0x7f, (byte) 0x91, - (byte) 0xdb, (byte) 0xe3, (byte) 0x30, (byte) 0x32, - (byte) 0xc9, (byte) 0xd0, (byte) 0x9b, (byte) 0xd2, - (byte) 0x9c, (byte) 0xea, (byte) 0xdd, (byte) 0x8a, - (byte) 0x09, (byte) 0xcc, (byte) 0xc3, (byte) 0x2a, - (byte) 0xc6, (byte) 0x30, (byte) 0x95, (byte) 0x41 - }; - - public static final byte[] ECSP192_FP_W_Y = { - (byte) 0x6a, (byte) 0x72, (byte) 0x6d, (byte) 0xe5, - (byte) 0x4f, (byte) 0xbd, (byte) 0x59, (byte) 0xcf, - (byte) 0xc3, (byte) 0x52, (byte) 0xe8, (byte) 0x38, - (byte) 0xb3, (byte) 0x37, (byte) 0xfa, (byte) 0x00, - (byte) 0x5a, (byte) 0x97, (byte) 0x18, (byte) 0x08, - (byte) 0x16, (byte) 0x13, (byte) 0x5e, (byte) 0x6a - }; - - - public static final byte[] ECSP224_FP_P = { - (byte) 0xee, (byte) 0xd4, (byte) 0xc3, (byte) 0xd9, - (byte) 0x8f, (byte) 0x1c, (byte) 0x9b, (byte) 0x95, - (byte) 0x18, (byte) 0xf1, (byte) 0x16, (byte) 0x26, - (byte) 0x3d, (byte) 0xb7, (byte) 0x70, (byte) 0x36, - (byte) 0x68, (byte) 0x77, (byte) 0xd1, (byte) 0x2d, - (byte) 0xf6, (byte) 0xa9, (byte) 0xcf, (byte) 0x08, - (byte) 0xb9, (byte) 0x6d, (byte) 0xd4, (byte) 0xbb - }; - - //Anomalous curve(small-pub-224), with pubkey of order 5 - public static final byte[] ECSP224_FP_A = { - (byte) 0x8d, (byte) 0x4d, (byte) 0xdd, (byte) 0xb0, - (byte) 0x31, (byte) 0x7d, (byte) 0x6a, (byte) 0x6b, - (byte) 0xf9, (byte) 0xa4, (byte) 0xdb, (byte) 0xbe, - (byte) 0xd3, (byte) 0xa4, (byte) 0x3f, (byte) 0xa2, - (byte) 0x1f, (byte) 0x79, (byte) 0x86, (byte) 0x9c, - (byte) 0x5a, (byte) 0xb9, (byte) 0x72, (byte) 0x9d, - (byte) 0x23, (byte) 0x9e, (byte) 0x92, (byte) 0x82 - }; - - public static final byte[] ECSP224_FP_B = { - (byte) 0x46, (byte) 0x87, (byte) 0x36, (byte) 0x14, - (byte) 0xbe, (byte) 0x3d, (byte) 0xff, (byte) 0xc9, - (byte) 0x21, (byte) 0x80, (byte) 0x82, (byte) 0x32, - (byte) 0x22, (byte) 0x10, (byte) 0xc0, (byte) 0x61, - (byte) 0x61, (byte) 0x40, (byte) 0x28, (byte) 0x6f, - (byte) 0x2d, (byte) 0x16, (byte) 0x05, (byte) 0x03, - (byte) 0xc1, (byte) 0xa9, (byte) 0x25, (byte) 0x0d - }; - - public static final byte[] ECSP224_FP_G_X = { - (byte) 0x96, (byte) 0x1b, (byte) 0xbb, (byte) 0x1f, - (byte) 0xc9, (byte) 0x95, (byte) 0x5a, (byte) 0x71, - (byte) 0xc9, (byte) 0x1a, (byte) 0x50, (byte) 0xae, - (byte) 0xdc, (byte) 0xd2, (byte) 0xf1, (byte) 0x4f, - (byte) 0xcc, (byte) 0xb6, (byte) 0x60, (byte) 0xaf, - (byte) 0x99, (byte) 0x2b, (byte) 0x00, (byte) 0x30, - (byte) 0xb9, (byte) 0xc9, (byte) 0x0b, (byte) 0x36 - }; - - public static final byte[] ECSP224_FP_G_Y = { - (byte) 0x1c, (byte) 0x00, (byte) 0xf6, (byte) 0xd0, - (byte) 0xbd, (byte) 0x40, (byte) 0x5d, (byte) 0xd7, - (byte) 0xd3, (byte) 0x01, (byte) 0x6f, (byte) 0xb8, - (byte) 0xc0, (byte) 0xc7, (byte) 0x5e, (byte) 0x4e, - (byte) 0xce, (byte) 0xc7, (byte) 0x0f, (byte) 0xe6, - (byte) 0x12, (byte) 0x37, (byte) 0xf6, (byte) 0xd2, - (byte) 0x40, (byte) 0x08, (byte) 0xa5, (byte) 0xfd - }; - - public static final byte[] ECSP224_FP_R = { - (byte) 0xee, (byte) 0xd4, (byte) 0xc3, (byte) 0xd9, - (byte) 0x8f, (byte) 0x1c, (byte) 0x9b, (byte) 0x95, - (byte) 0x18, (byte) 0xf1, (byte) 0x16, (byte) 0x26, - (byte) 0x3d, (byte) 0xb8, (byte) 0x21, (byte) 0xc3, - (byte) 0x6a, (byte) 0x06, (byte) 0xad, (byte) 0xae, - (byte) 0x17, (byte) 0x16, (byte) 0x2a, (byte) 0xd3, - (byte) 0x16, (byte) 0x2f, (byte) 0x68, (byte) 0xc3 - }; - - public static final short ECSP224_FP_K = 1; - - public static final byte[] ECSP224_FP_W_X = { - (byte) 0xcf, (byte) 0xd9, (byte) 0x2a, (byte) 0xea, - (byte) 0x0f, (byte) 0x79, (byte) 0x19, (byte) 0x0c, - (byte) 0x48, (byte) 0xca, (byte) 0x70, (byte) 0x3e, - (byte) 0xb8, (byte) 0xa9, (byte) 0xba, (byte) 0xa7, - (byte) 0x09, (byte) 0x9a, (byte) 0x23, (byte) 0xbb, - (byte) 0x39, (byte) 0x57, (byte) 0x82, (byte) 0x61, - (byte) 0xfe, (byte) 0x4d, (byte) 0x0f, (byte) 0x04 - }; - - public static final byte[] ECSP224_FP_W_Y = { - (byte) 0x25, (byte) 0x7a, (byte) 0x3d, (byte) 0x98, - (byte) 0xde, (byte) 0x44, (byte) 0xbd, (byte) 0x25, - (byte) 0x40, (byte) 0x49, (byte) 0x77, (byte) 0xa4, - (byte) 0xac, (byte) 0x7f, (byte) 0xc5, (byte) 0x6d, - (byte) 0x3d, (byte) 0x4e, (byte) 0x82, (byte) 0x7f, - (byte) 0x08, (byte) 0x5b, (byte) 0x7c, (byte) 0xf5, - (byte) 0x24, (byte) 0x75, (byte) 0x24, (byte) 0xc4 - }; - - - //Anomalous curve(small-pub-256), with pubkey of order 3 - public static final byte[] ECSP256_FP_P = { - (byte) 0xc9, (byte) 0xa8, (byte) 0x03, (byte) 0xb1, - (byte) 0xea, (byte) 0xf8, (byte) 0x49, (byte) 0xf1, - (byte) 0xc0, (byte) 0x2c, (byte) 0xfd, (byte) 0x1d, - (byte) 0xbf, (byte) 0xac, (byte) 0x68, (byte) 0x62, - (byte) 0x39, (byte) 0x85, (byte) 0xc8, (byte) 0x8b, - (byte) 0x37, (byte) 0x10, (byte) 0x3b, (byte) 0x33, - (byte) 0x8a, (byte) 0xe1, (byte) 0x1d, (byte) 0x25, - (byte) 0x97, (byte) 0xee, (byte) 0x84, (byte) 0x45 - }; - - public static final byte[] ECSP256_FP_A = { - (byte) 0x48, (byte) 0x41, (byte) 0xc5, (byte) 0x77, - (byte) 0x5a, (byte) 0x24, (byte) 0xa8, (byte) 0x84, - (byte) 0xca, (byte) 0x36, (byte) 0xec, (byte) 0x36, - (byte) 0x2b, (byte) 0x44, (byte) 0x64, (byte) 0x5a, - (byte) 0x2f, (byte) 0x60, (byte) 0xb2, (byte) 0x5d, - (byte) 0x00, (byte) 0x2c, (byte) 0x4f, (byte) 0xc1, - (byte) 0xd9, (byte) 0xf1, (byte) 0x39, (byte) 0x87, - (byte) 0x0f, (byte) 0xe0, (byte) 0xcc, (byte) 0x71 - }; - - public static final byte[] ECSP256_FP_B = { - (byte) 0x1b, (byte) 0x09, (byte) 0x74, (byte) 0x56, - (byte) 0x75, (byte) 0x1f, (byte) 0x35, (byte) 0x34, - (byte) 0x19, (byte) 0x0d, (byte) 0xae, (byte) 0x56, - (byte) 0x8f, (byte) 0x80, (byte) 0xa2, (byte) 0xc6, - (byte) 0xff, (byte) 0x55, (byte) 0xdd, (byte) 0xdf, - (byte) 0xe0, (byte) 0x72, (byte) 0xa7, (byte) 0xdc, - (byte) 0x64, (byte) 0x67, (byte) 0xa4, (byte) 0xb6, - (byte) 0x47, (byte) 0x6b, (byte) 0x68, (byte) 0x80 - }; - - public static final byte[] ECSP256_FP_G_X = { - (byte) 0xa1, (byte) 0xfd, (byte) 0x34, (byte) 0xa2, - (byte) 0x7a, (byte) 0xfb, (byte) 0x13, (byte) 0x40, - (byte) 0xb8, (byte) 0xe4, (byte) 0xa7, (byte) 0xdb, - (byte) 0x2a, (byte) 0x5e, (byte) 0xc5, (byte) 0xa1, - (byte) 0x43, (byte) 0x2c, (byte) 0x6d, (byte) 0xc8, - (byte) 0x55, (byte) 0x5a, (byte) 0xf9, (byte) 0xf7, - (byte) 0x8f, (byte) 0xca, (byte) 0x2c, (byte) 0xf7, - (byte) 0x40, (byte) 0xca, (byte) 0xb2, (byte) 0xb7 - }; - - public static final byte[] ECSP256_FP_G_Y = { - (byte) 0x98, (byte) 0x41, (byte) 0x9c, (byte) 0x69, - (byte) 0x8c, (byte) 0xab, (byte) 0x6c, (byte) 0x7d, - (byte) 0xbb, (byte) 0x53, (byte) 0xeb, (byte) 0x27, - (byte) 0x51, (byte) 0x41, (byte) 0x7b, (byte) 0x52, - (byte) 0xcc, (byte) 0xde, (byte) 0xd4, (byte) 0x68, - (byte) 0x0c, (byte) 0x5e, (byte) 0x09, (byte) 0x54, - (byte) 0x3f, (byte) 0x93, (byte) 0xc7, (byte) 0x88, - (byte) 0x6c, (byte) 0x3a, (byte) 0x17, (byte) 0x3e - }; - - public static final byte[] ECSP256_FP_R = { - (byte) 0xc9, (byte) 0xa8, (byte) 0x03, (byte) 0xb1, - (byte) 0xea, (byte) 0xf8, (byte) 0x49, (byte) 0xf1, - (byte) 0xc0, (byte) 0x2c, (byte) 0xfd, (byte) 0x1d, - (byte) 0xbf, (byte) 0xac, (byte) 0x68, (byte) 0x63, - (byte) 0x12, (byte) 0x8c, (byte) 0x5b, (byte) 0x1f, - (byte) 0xc5, (byte) 0xac, (byte) 0xd5, (byte) 0xb5, - (byte) 0xe0, (byte) 0xfc, (byte) 0x0a, (byte) 0x73, - (byte) 0x11, (byte) 0xfb, (byte) 0x5b, (byte) 0x1d - }; - - public static final short ECSP256_FP_K = 1; - - public static final byte[] ECSP256_FP_W_X = { - (byte) 0x75, (byte) 0xfc, (byte) 0xe7, (byte) 0x09, - (byte) 0x68, (byte) 0x86, (byte) 0x2d, (byte) 0x53, - (byte) 0xe2, (byte) 0x95, (byte) 0x48, (byte) 0xaa, - (byte) 0xd7, (byte) 0x05, (byte) 0x82, (byte) 0x51, - (byte) 0x4e, (byte) 0x96, (byte) 0x0d, (byte) 0x81, - (byte) 0x28, (byte) 0xbd, (byte) 0x3c, (byte) 0x5f, - (byte) 0x8c, (byte) 0x4d, (byte) 0xbe, (byte) 0x2c, - (byte) 0xf8, (byte) 0xda, (byte) 0xd6, (byte) 0x53 - }; - - public static final byte[] ECSP256_FP_W_Y = { - (byte) 0x55, (byte) 0xaa, (byte) 0x4b, (byte) 0x7d, - (byte) 0x38, (byte) 0x82, (byte) 0xfb, (byte) 0x0a, - (byte) 0x83, (byte) 0xbd, (byte) 0x00, (byte) 0xc9, - (byte) 0xc3, (byte) 0xba, (byte) 0xe1, (byte) 0x7f, - (byte) 0x10, (byte) 0x24, (byte) 0xd6, (byte) 0x4a, - (byte) 0xec, (byte) 0x67, (byte) 0xe1, (byte) 0xdb, - (byte) 0x38, (byte) 0xef, (byte) 0x67, (byte) 0x1e, - (byte) 0x63, (byte) 0x50, (byte) 0xbe, (byte) 0xae - }; - - - //Anomalous curve(small-pub-384), with pubkey of order 3 - public static final byte[] ECSP384_FP_P = { - (byte) 0xd0, (byte) 0xdf, (byte) 0x6c, (byte) 0x96, - (byte) 0xcf, (byte) 0xf7, (byte) 0x08, (byte) 0x1b, - (byte) 0xe8, (byte) 0x0d, (byte) 0x22, (byte) 0xb0, - (byte) 0x05, (byte) 0x75, (byte) 0x8a, (byte) 0x2e, - (byte) 0x2f, (byte) 0x04, (byte) 0x6e, (byte) 0x15, - (byte) 0xfe, (byte) 0x02, (byte) 0x0e, (byte) 0xf8, - (byte) 0x86, (byte) 0xe2, (byte) 0x1b, (byte) 0x49, - (byte) 0x2a, (byte) 0xc5, (byte) 0x72, (byte) 0x57, - (byte) 0xa9, (byte) 0x23, (byte) 0x14, (byte) 0x4b, - (byte) 0xca, (byte) 0xd9, (byte) 0x89, (byte) 0xab, - (byte) 0x63, (byte) 0x41, (byte) 0xbd, (byte) 0x3b, - (byte) 0x70, (byte) 0x0f, (byte) 0x91, (byte) 0x4b - }; - - public static final byte[] ECSP384_FP_A = { - (byte) 0x45, (byte) 0xc6, (byte) 0x45, (byte) 0x03, - (byte) 0xbe, (byte) 0x01, (byte) 0x9a, (byte) 0xfd, - (byte) 0x34, (byte) 0x62, (byte) 0xb3, (byte) 0x61, - (byte) 0xad, (byte) 0x2b, (byte) 0x2a, (byte) 0x3b, - (byte) 0xca, (byte) 0x0a, (byte) 0xec, (byte) 0xcc, - (byte) 0x54, (byte) 0x94, (byte) 0xa6, (byte) 0x24, - (byte) 0xfb, (byte) 0x63, (byte) 0x24, (byte) 0x55, - (byte) 0xe6, (byte) 0x2b, (byte) 0x4f, (byte) 0x0c, - (byte) 0x98, (byte) 0xf9, (byte) 0x44, (byte) 0xfa, - (byte) 0x97, (byte) 0xc3, (byte) 0x78, (byte) 0x11, - (byte) 0xda, (byte) 0x03, (byte) 0x98, (byte) 0x23, - (byte) 0xcd, (byte) 0x77, (byte) 0xc9, (byte) 0x06 - }; - - public static final byte[] ECSP384_FP_B = { - (byte) 0xd8, (byte) 0x55, (byte) 0x83, (byte) 0xf7, - (byte) 0xf1, (byte) 0x1a, (byte) 0xd2, (byte) 0x3e, - (byte) 0xc7, (byte) 0x5e, (byte) 0xd5, (byte) 0xa4, - (byte) 0x14, (byte) 0x15, (byte) 0x3a, (byte) 0x06, - (byte) 0xd6, (byte) 0x64, (byte) 0x09, (byte) 0x36, - (byte) 0xb8, (byte) 0x10, (byte) 0x3f, (byte) 0x5d, - (byte) 0xf6, (byte) 0x91, (byte) 0xfa, (byte) 0x95, - (byte) 0xcf, (byte) 0x2a, (byte) 0xfa, (byte) 0x78, - (byte) 0xf3, (byte) 0xea, (byte) 0x5a, (byte) 0xdd, - (byte) 0xc2, (byte) 0x25, (byte) 0xb1, (byte) 0x44, - (byte) 0x96, (byte) 0x40, (byte) 0x48, (byte) 0xc9, - (byte) 0xf7, (byte) 0x59, (byte) 0x2a, (byte) 0xe4 - }; - - public static final byte[] ECSP384_FP_G_X = { - (byte) 0x2b, (byte) 0x13, (byte) 0x41, (byte) 0xd1, - (byte) 0x2d, (byte) 0xff, (byte) 0x4f, (byte) 0x9c, - (byte) 0xf9, (byte) 0x42, (byte) 0x7c, (byte) 0x47, - (byte) 0x52, (byte) 0x96, (byte) 0x2b, (byte) 0x4c, - (byte) 0x2b, (byte) 0xdc, (byte) 0x8f, (byte) 0xbc, - (byte) 0xd8, (byte) 0x06, (byte) 0x52, (byte) 0x51, - (byte) 0x6c, (byte) 0x42, (byte) 0x1c, (byte) 0xc5, - (byte) 0x23, (byte) 0x21, (byte) 0x2a, (byte) 0x01, - (byte) 0xea, (byte) 0x63, (byte) 0xc7, (byte) 0x9d, - (byte) 0x6e, (byte) 0x9a, (byte) 0x9c, (byte) 0x84, - (byte) 0x93, (byte) 0x3e, (byte) 0x35, (byte) 0x3e, - (byte) 0x21, (byte) 0x24, (byte) 0x16, (byte) 0xec - }; - - public static final byte[] ECSP384_FP_G_Y = { - (byte) 0xce, (byte) 0x41, (byte) 0x6c, (byte) 0x6e, - (byte) 0x75, (byte) 0xfa, (byte) 0x9f, (byte) 0xd2, - (byte) 0x05, (byte) 0xed, (byte) 0x48, (byte) 0xfc, - (byte) 0x4e, (byte) 0x30, (byte) 0x99, (byte) 0xcb, - (byte) 0xb1, (byte) 0xd6, (byte) 0xed, (byte) 0x03, - (byte) 0x1b, (byte) 0x7d, (byte) 0xdb, (byte) 0xff, - (byte) 0x1d, (byte) 0x63, (byte) 0x4e, (byte) 0xb9, - (byte) 0x7a, (byte) 0x83, (byte) 0xd9, (byte) 0xb7, - (byte) 0x80, (byte) 0xcf, (byte) 0xd4, (byte) 0xde, - (byte) 0xdf, (byte) 0xdd, (byte) 0x2c, (byte) 0x76, - (byte) 0x04, (byte) 0xd1, (byte) 0x43, (byte) 0x19, - (byte) 0x6c, (byte) 0x08, (byte) 0xd9, (byte) 0x33 - }; - - public static final byte[] ECSP384_FP_R = { - (byte) 0xd0, (byte) 0xdf, (byte) 0x6c, (byte) 0x96, - (byte) 0xcf, (byte) 0xf7, (byte) 0x08, (byte) 0x1b, - (byte) 0xe8, (byte) 0x0d, (byte) 0x22, (byte) 0xb0, - (byte) 0x05, (byte) 0x75, (byte) 0x8a, (byte) 0x2e, - (byte) 0x2f, (byte) 0x04, (byte) 0x6e, (byte) 0x15, - (byte) 0xfe, (byte) 0x02, (byte) 0x0e, (byte) 0xf7, - (byte) 0x66, (byte) 0x4e, (byte) 0xd5, (byte) 0x1d, - (byte) 0x77, (byte) 0x01, (byte) 0xc8, (byte) 0x6b, - (byte) 0xf2, (byte) 0xa1, (byte) 0xe9, (byte) 0xf3, - (byte) 0x00, (byte) 0x2c, (byte) 0x26, (byte) 0xfe, - (byte) 0x00, (byte) 0x23, (byte) 0x14, (byte) 0xc3, - (byte) 0xc9, (byte) 0x2f, (byte) 0x1c, (byte) 0xa9 - }; - - public static final short ECSP384_FP_K = 1; - - public static final byte[] ECSP384_FP_W_X = { - (byte) 0xa4, (byte) 0xbd, (byte) 0x57, (byte) 0x5b, - (byte) 0xf2, (byte) 0x03, (byte) 0x00, (byte) 0xb0, - (byte) 0xcf, (byte) 0x8a, (byte) 0x2f, (byte) 0x41, - (byte) 0xdd, (byte) 0x5a, (byte) 0x03, (byte) 0xe9, - (byte) 0x08, (byte) 0x96, (byte) 0x6a, (byte) 0x42, - (byte) 0x29, (byte) 0xa5, (byte) 0xf2, (byte) 0x2f, - (byte) 0x5c, (byte) 0x19, (byte) 0x0d, (byte) 0x36, - (byte) 0x41, (byte) 0xac, (byte) 0x2d, (byte) 0x32, - (byte) 0xb7, (byte) 0xb2, (byte) 0x4a, (byte) 0x63, - (byte) 0x48, (byte) 0x2c, (byte) 0xbb, (byte) 0xcd, - (byte) 0x0c, (byte) 0x22, (byte) 0x57, (byte) 0xf8, - (byte) 0x34, (byte) 0x83, (byte) 0x4e, (byte) 0xf1 - }; - - public static final byte[] ECSP384_FP_W_Y = { - (byte) 0x38, (byte) 0xd5, (byte) 0x1c, (byte) 0x8f, - (byte) 0x9e, (byte) 0x90, (byte) 0x59, (byte) 0x2f, - (byte) 0x56, (byte) 0x7e, (byte) 0x81, (byte) 0xd0, - (byte) 0xe4, (byte) 0x85, (byte) 0x5e, (byte) 0x79, - (byte) 0x73, (byte) 0x1b, (byte) 0x57, (byte) 0x97, - (byte) 0x85, (byte) 0x7a, (byte) 0x4c, (byte) 0x7d, - (byte) 0xc2, (byte) 0x70, (byte) 0x65, (byte) 0x3b, - (byte) 0xc9, (byte) 0xf0, (byte) 0xc3, (byte) 0x1e, - (byte) 0x84, (byte) 0x69, (byte) 0x30, (byte) 0x07, - (byte) 0xb0, (byte) 0x9c, (byte) 0xeb, (byte) 0xf7, - (byte) 0x10, (byte) 0xd5, (byte) 0xae, (byte) 0x32, - (byte) 0x37, (byte) 0x30, (byte) 0x39, (byte) 0x49 - }; - - - //Anomalous curve(small-pub-521), with pubkey of order 4 - public static final byte[] ECSP521_FP_P = { - (byte) 0x01, (byte) 0xd3, (byte) 0xdf, (byte) 0x43, - (byte) 0x09, (byte) 0x24, (byte) 0x95, (byte) 0x6e, - (byte) 0x21, (byte) 0x0a, (byte) 0x60, (byte) 0x5b, - (byte) 0x4d, (byte) 0xbf, (byte) 0x4a, (byte) 0x2e, - (byte) 0x90, (byte) 0x9d, (byte) 0x7a, (byte) 0x80, - (byte) 0x16, (byte) 0x58, (byte) 0x97, (byte) 0x8c, - (byte) 0x88, (byte) 0xff, (byte) 0xd6, (byte) 0x8d, - (byte) 0xcc, (byte) 0x81, (byte) 0x7f, (byte) 0x5c, - (byte) 0xc7, (byte) 0x9c, (byte) 0xf1, (byte) 0x88, - (byte) 0xd9, (byte) 0xee, (byte) 0x82, (byte) 0xd1, - (byte) 0xa5, (byte) 0x1c, (byte) 0x44, (byte) 0xcb, - (byte) 0xd3, (byte) 0x1e, (byte) 0x9c, (byte) 0xc5, - (byte) 0xb8, (byte) 0x16, (byte) 0xd7, (byte) 0x6d, - (byte) 0x5b, (byte) 0x13, (byte) 0x12, (byte) 0xb0, - (byte) 0x05, (byte) 0xf7, (byte) 0xb6, (byte) 0x89, - (byte) 0x19, (byte) 0xe2, (byte) 0x75, (byte) 0xda, - (byte) 0xc9, (byte) 0x9f - }; - - public static final byte[] ECSP521_FP_A = { - (byte) 0x00, (byte) 0x40, (byte) 0x16, (byte) 0x39, - (byte) 0xf3, (byte) 0x6f, (byte) 0x2e, (byte) 0xe4, - (byte) 0x5f, (byte) 0xc1, (byte) 0x64, (byte) 0xea, - (byte) 0x3e, (byte) 0x1f, (byte) 0x14, (byte) 0xf4, - (byte) 0x80, (byte) 0x3f, (byte) 0xd7, (byte) 0xa7, - (byte) 0x7f, (byte) 0xfd, (byte) 0xfb, (byte) 0x39, - (byte) 0x2c, (byte) 0x3f, (byte) 0x8f, (byte) 0xe9, - (byte) 0x5d, (byte) 0x1a, (byte) 0xea, (byte) 0x33, - (byte) 0x14, (byte) 0x67, (byte) 0xf4, (byte) 0x61, - (byte) 0x8d, (byte) 0x59, (byte) 0xae, (byte) 0xee, - (byte) 0x49, (byte) 0xd5, (byte) 0xd7, (byte) 0xc7, - (byte) 0x0c, (byte) 0xaf, (byte) 0x32, (byte) 0x0f, - (byte) 0x7d, (byte) 0xd1, (byte) 0xac, (byte) 0x16, - (byte) 0x61, (byte) 0x14, (byte) 0xf5, (byte) 0x62, - (byte) 0x41, (byte) 0x34, (byte) 0x49, (byte) 0x99, - (byte) 0x1d, (byte) 0x3a, (byte) 0xa1, (byte) 0xa2, - (byte) 0xc4, (byte) 0x9e - }; - - public static final byte[] ECSP521_FP_B = { - (byte) 0x00, (byte) 0x4a, (byte) 0x26, (byte) 0xa8, - (byte) 0xc4, (byte) 0x7f, (byte) 0xce, (byte) 0x20, - (byte) 0x4b, (byte) 0xa9, (byte) 0x53, (byte) 0x01, - (byte) 0x5f, (byte) 0xa8, (byte) 0x67, (byte) 0x08, - (byte) 0xc0, (byte) 0xde, (byte) 0x72, (byte) 0x0f, - (byte) 0x27, (byte) 0x52, (byte) 0x39, (byte) 0x88, - (byte) 0xb0, (byte) 0x97, (byte) 0xe7, (byte) 0x74, - (byte) 0x16, (byte) 0x8c, (byte) 0x15, (byte) 0xf7, - (byte) 0xa2, (byte) 0x15, (byte) 0xaa, (byte) 0xf1, - (byte) 0x8a, (byte) 0x5f, (byte) 0x1b, (byte) 0x95, - (byte) 0x79, (byte) 0xab, (byte) 0x3d, (byte) 0xb9, - (byte) 0x35, (byte) 0xd4, (byte) 0x5b, (byte) 0xe1, - (byte) 0x4c, (byte) 0x9a, (byte) 0x87, (byte) 0xb7, - (byte) 0x11, (byte) 0x70, (byte) 0x39, (byte) 0x69, - (byte) 0x09, (byte) 0xb1, (byte) 0x4d, (byte) 0x06, - (byte) 0xf7, (byte) 0xa0, (byte) 0x99, (byte) 0x75, - (byte) 0xb3, (byte) 0xa6 - }; - - public static final byte[] ECSP521_FP_G_X = { - (byte) 0x01, (byte) 0xc8, (byte) 0x80, (byte) 0xae, - (byte) 0x0a, (byte) 0x35, (byte) 0x5a, (byte) 0x52, - (byte) 0x79, (byte) 0x1f, (byte) 0xc9, (byte) 0x60, - (byte) 0x0f, (byte) 0xd8, (byte) 0xb3, (byte) 0x57, - (byte) 0x26, (byte) 0xe9, (byte) 0xd7, (byte) 0x99, - (byte) 0x10, (byte) 0x14, (byte) 0x89, (byte) 0x16, - (byte) 0x1c, (byte) 0x8f, (byte) 0x90, (byte) 0xa9, - (byte) 0xc6, (byte) 0x63, (byte) 0x1d, (byte) 0x09, - (byte) 0xb3, (byte) 0xcb, (byte) 0x34, (byte) 0x75, - (byte) 0x84, (byte) 0x83, (byte) 0x7d, (byte) 0x9d, - (byte) 0xeb, (byte) 0x85, (byte) 0x66, (byte) 0xa9, - (byte) 0xc5, (byte) 0x84, (byte) 0x6a, (byte) 0xde, - (byte) 0xd0, (byte) 0xd0, (byte) 0x1e, (byte) 0xb9, - (byte) 0x47, (byte) 0xb4, (byte) 0xaf, (byte) 0xfd, - (byte) 0x34, (byte) 0xe8, (byte) 0xea, (byte) 0x7d, - (byte) 0xbe, (byte) 0x73, (byte) 0x3c, (byte) 0xbe, - (byte) 0xda, (byte) 0xfa - }; - - public static final byte[] ECSP521_FP_G_Y = { - (byte) 0x00, (byte) 0x05, (byte) 0x0f, (byte) 0x12, - (byte) 0x67, (byte) 0x2f, (byte) 0x16, (byte) 0x3f, - (byte) 0x19, (byte) 0xd5, (byte) 0xd4, (byte) 0x93, - (byte) 0xeb, (byte) 0x82, (byte) 0xef, (byte) 0x77, - (byte) 0x7b, (byte) 0x02, (byte) 0x13, (byte) 0xdd, - (byte) 0x4e, (byte) 0x0c, (byte) 0xf7, (byte) 0x5a, - (byte) 0x9b, (byte) 0x99, (byte) 0x72, (byte) 0x4f, - (byte) 0xbd, (byte) 0xb5, (byte) 0x4b, (byte) 0x0c, - (byte) 0xc4, (byte) 0xe0, (byte) 0x37, (byte) 0xbf, - (byte) 0x86, (byte) 0xa4, (byte) 0x8b, (byte) 0xac, - (byte) 0x28, (byte) 0x46, (byte) 0x7b, (byte) 0xdd, - (byte) 0x93, (byte) 0x6c, (byte) 0x31, (byte) 0x4c, - (byte) 0xe1, (byte) 0x3f, (byte) 0x6e, (byte) 0xc7, - (byte) 0xec, (byte) 0x69, (byte) 0xea, (byte) 0x09, - (byte) 0xae, (byte) 0x4f, (byte) 0x54, (byte) 0x44, - (byte) 0xdf, (byte) 0x4b, (byte) 0x2a, (byte) 0x11, - (byte) 0x7a, (byte) 0x66 - }; - - public static final byte[] ECSP521_FP_R = { - (byte) 0x01, (byte) 0xd3, (byte) 0xdf, (byte) 0x43, - (byte) 0x09, (byte) 0x24, (byte) 0x95, (byte) 0x6e, - (byte) 0x21, (byte) 0x0a, (byte) 0x60, (byte) 0x5b, - (byte) 0x4d, (byte) 0xbf, (byte) 0x4a, (byte) 0x2e, - (byte) 0x90, (byte) 0x9d, (byte) 0x7a, (byte) 0x80, - (byte) 0x16, (byte) 0x58, (byte) 0x97, (byte) 0x8c, - (byte) 0x88, (byte) 0xff, (byte) 0xd6, (byte) 0x8d, - (byte) 0xcc, (byte) 0x81, (byte) 0x7f, (byte) 0x5c, - (byte) 0xc7, (byte) 0xba, (byte) 0x08, (byte) 0x38, - (byte) 0x71, (byte) 0x7c, (byte) 0x19, (byte) 0x47, - (byte) 0xf9, (byte) 0x3c, (byte) 0xfd, (byte) 0xd3, - (byte) 0xed, (byte) 0x87, (byte) 0xec, (byte) 0x2c, - (byte) 0x2d, (byte) 0xf1, (byte) 0x81, (byte) 0xc7, - (byte) 0xad, (byte) 0xa5, (byte) 0x53, (byte) 0x34, - (byte) 0x6e, (byte) 0xc1, (byte) 0x49, (byte) 0x57, - (byte) 0x32, (byte) 0xa1, (byte) 0xe7, (byte) 0xff, - (byte) 0xe9, (byte) 0xb3 - }; - - public static final short ECSP521_FP_K = 1; - - public static final byte[] ECSP521_FP_W_X = { - (byte) 0x00, (byte) 0x28, (byte) 0x44, (byte) 0xdf, - (byte) 0x0f, (byte) 0x31, (byte) 0xf4, (byte) 0x6a, - (byte) 0x40, (byte) 0xe6, (byte) 0xc7, (byte) 0x00, - (byte) 0x6c, (byte) 0xde, (byte) 0x99, (byte) 0x15, - (byte) 0x5b, (byte) 0xd5, (byte) 0xd1, (byte) 0x8d, - (byte) 0x0e, (byte) 0x41, (byte) 0x50, (byte) 0x17, - (byte) 0x8a, (byte) 0x8e, (byte) 0x30, (byte) 0x7d, - (byte) 0x6a, (byte) 0xec, (byte) 0x08, (byte) 0xfd, - (byte) 0x02, (byte) 0xd4, (byte) 0x66, (byte) 0xc0, - (byte) 0x3c, (byte) 0x49, (byte) 0xb4, (byte) 0x9c, - (byte) 0x26, (byte) 0x54, (byte) 0xb7, (byte) 0xc9, - (byte) 0xa3, (byte) 0x2d, (byte) 0x88, (byte) 0xca, - (byte) 0x01, (byte) 0x40, (byte) 0x16, (byte) 0xa7, - (byte) 0xed, (byte) 0xdd, (byte) 0x44, (byte) 0x21, - (byte) 0x7b, (byte) 0xe9, (byte) 0x15, (byte) 0x50, - (byte) 0x5d, (byte) 0x22, (byte) 0x8e, (byte) 0xfb, - (byte) 0x93, (byte) 0x89 - }; - - public static final byte[] ECSP521_FP_W_Y = { - (byte) 0x01, (byte) 0x05, (byte) 0x92, (byte) 0x1e, - (byte) 0x21, (byte) 0x72, (byte) 0xc3, (byte) 0x05, - (byte) 0x0b, (byte) 0xa4, (byte) 0xc9, (byte) 0xd2, - (byte) 0xe7, (byte) 0x44, (byte) 0xfc, (byte) 0x5b, - (byte) 0x7b, (byte) 0x5e, (byte) 0x84, (byte) 0x51, - (byte) 0x75, (byte) 0x1e, (byte) 0x67, (byte) 0x80, - (byte) 0xc6, (byte) 0xde, (byte) 0x88, (byte) 0x22, - (byte) 0x94, (byte) 0x97, (byte) 0xbe, (byte) 0x7d, - (byte) 0x23, (byte) 0x55, (byte) 0x0b, (byte) 0xee, - (byte) 0xfa, (byte) 0x0c, (byte) 0xb7, (byte) 0xfa, - (byte) 0xfe, (byte) 0xbb, (byte) 0x4d, (byte) 0xd9, - (byte) 0xfa, (byte) 0xd1, (byte) 0x24, (byte) 0x4c, - (byte) 0x67, (byte) 0x33, (byte) 0xbe, (byte) 0xfe, - (byte) 0x5a, (byte) 0x97, (byte) 0x71, (byte) 0x0f, - (byte) 0x0d, (byte) 0xc5, (byte) 0x6d, (byte) 0xc0, - (byte) 0x8d, (byte) 0x9d, (byte) 0x9d, (byte) 0xf9, - (byte) 0xd8, (byte) 0x46 - }; - - - // getCorruptCurveParameter PARAMETER_CORRUPTION TYPES - public static final short CORRUPTION_NONE = 0x01; - public static final short CORRUPTION_FIXED = 0x02; - public static final short CORRUPTION_FULLRANDOM = 0x03; - public static final short CORRUPTION_ONEBYTERANDOM = 0x04; - public static final short CORRUPTION_ZERO = 0x05; - public static final short CORRUPTION_ONE = 0x06; - - // Supported embedded curves, getCurveParameter - // SECP recommended curves over FP - public static final byte CURVE_secp128r1 = 1; - public static final byte CURVE_secp160r1 = 2; - public static final byte CURVE_secp192r1 = 3; - public static final byte CURVE_secp224r1 = 4; - public static final byte CURVE_secp256r1 = 5; - public static final byte CURVE_secp384r1 = 6; - public static final byte CURVE_secp521r1 = 7; - - public static final byte CURVE_sp128 = 8; - public static final byte CURVE_sp160 = 9; - public static final byte CURVE_sp192 = 10; - public static final byte CURVE_sp224 = 11; - public static final byte CURVE_sp256 = 12; - public static final byte CURVE_sp384 = 13; - public static final byte CURVE_sp521 = 14; - - public static final byte FP_CURVES = 14; - - // SECP recommended curves over F2M - public static final byte CURVE_sect163r1 = 15; - public static final byte CURVE_sect233r1 = 16; - public static final byte CURVE_sect283r1 = 17; - public static final byte CURVE_sect409r1 = 18; - public static final byte CURVE_sect571r1 = 19; - - public static final byte F2M_CURVES = 12; - - public static byte getCurve(short keyClass, short keyLength) { - if (keyClass == KeyPair.ALG_EC_FP) { - switch (keyLength) { - case (short) 128: - return CURVE_secp128r1; - case (short) 160: - return CURVE_secp160r1; - case (short) 192: - return CURVE_secp192r1; - case (short) 224: - return CURVE_secp224r1; - case (short) 256: - return CURVE_secp256r1; - case (short) 384: - return CURVE_secp384r1; - case (short) 521: - return CURVE_secp521r1; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } else if (keyClass == KeyPair.ALG_EC_F2M) { - switch (keyLength) { - case (short) 163: - return CURVE_sect163r1; - case (short) 233: - return CURVE_sect233r1; - case (short) 283: - return CURVE_sect283r1; - case (short) 409: - return CURVE_sect409r1; - case (short) 571: - return CURVE_sect571r1; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } else { - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - return 0; - } - - public static byte getAnomalousCurve(short keyClass, short keyLength) { - if (keyClass == KeyPair.ALG_EC_FP) { - switch (keyLength) { - case (short) 128: - return CURVE_sp128; - case (short) 160: - return CURVE_sp160; - case (short) 192: - return CURVE_sp192; - case (short) 224: - return CURVE_sp224; - case (short) 256: - return CURVE_sp256; - case (short) 384: - return CURVE_sp384; - case (short) 521: - return CURVE_sp521; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } else if (keyClass == KeyPair.ALG_EC_F2M) { - return 0; - } else { - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - return 0; - } - - public static short getCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset) { - byte alg = getCurveType(curve); - switch (curve) { - case CURVE_secp128r1: { - EC_FP_P = EC128_FP_P; - EC_A = EC128_FP_A; - EC_B = EC128_FP_B; - EC_G_X = EC128_FP_G_X; - EC_G_Y = EC128_FP_G_Y; - EC_R = EC128_FP_R; - EC_K = EC128_FP_K; - break; - } - case CURVE_secp160r1: { - EC_FP_P = EC160_FP_P; - EC_A = EC160_FP_A; - EC_B = EC160_FP_B; - EC_G_X = EC160_FP_G_X; - EC_G_Y = EC160_FP_G_Y; - EC_R = EC160_FP_R; - EC_K = EC160_FP_K; - break; - } - case CURVE_secp192r1: { - EC_FP_P = EC192_FP_P; - EC_A = EC192_FP_A; - EC_B = EC192_FP_B; - EC_G_X = EC192_FP_G_X; - EC_G_Y = EC192_FP_G_Y; - EC_R = EC192_FP_R; - EC_K = EC192_FP_K; - break; - } - case CURVE_secp224r1: { - EC_FP_P = EC224_FP_P; - EC_A = EC224_FP_A; - EC_B = EC224_FP_B; - EC_G_X = EC224_FP_G_X; - EC_G_Y = EC224_FP_G_Y; - EC_R = EC224_FP_R; - EC_K = EC224_FP_K; - break; - } - case CURVE_secp256r1: { - EC_FP_P = EC256_FP_P; - EC_A = EC256_FP_A; - EC_B = EC256_FP_B; - EC_G_X = EC256_FP_G_X; - EC_G_Y = EC256_FP_G_Y; - EC_R = EC256_FP_R; - EC_K = EC256_FP_K; - break; - } - case CURVE_secp384r1: { - EC_FP_P = EC384_FP_P; - EC_A = EC384_FP_A; - EC_B = EC384_FP_B; - EC_G_X = EC384_FP_G_X; - EC_G_Y = EC384_FP_G_Y; - EC_R = EC384_FP_R; - EC_K = EC384_FP_K; - break; - } - case CURVE_secp521r1: { - EC_FP_P = EC521_FP_P; - EC_A = EC521_FP_A; - EC_B = EC521_FP_B; - EC_G_X = EC521_FP_G_X; - EC_G_Y = EC521_FP_G_Y; - EC_R = EC521_FP_R; - EC_K = EC521_FP_K; - break; - } - case CURVE_sect163r1: { - EC_F2M_F2M = EC163_F2M_F; - EC_A = EC163_F2M_A; - EC_B = EC163_F2M_B; - EC_G_X = EC163_F2M_G_X; - EC_G_Y = EC163_F2M_G_Y; - EC_R = EC163_F2M_R; - EC_K = EC163_F2M_K; - break; - } - case CURVE_sect233r1: { - EC_F2M_F2M = EC233_F2M_F; - EC_A = EC233_F2M_A; - EC_B = EC233_F2M_B; - EC_G_X = EC233_F2M_G_X; - EC_G_Y = EC233_F2M_G_Y; - EC_R = EC233_F2M_R; - EC_K = EC233_F2M_K; - break; - } - case CURVE_sect283r1: { - EC_F2M_F2M = EC283_F2M_F; - EC_A = EC283_F2M_A; - EC_B = EC283_F2M_B; - EC_G_X = EC283_F2M_G_X; - EC_G_Y = EC283_F2M_G_Y; - EC_R = EC283_F2M_R; - EC_K = EC283_F2M_K; - break; - } - case CURVE_sect409r1: { - EC_F2M_F2M = EC409_F2M_F; - EC_A = EC409_F2M_A; - EC_B = EC409_F2M_B; - EC_G_X = EC409_F2M_G_X; - EC_G_Y = EC409_F2M_G_Y; - EC_R = EC409_F2M_R; - EC_K = EC409_F2M_K; - break; - } - case CURVE_sect571r1: { - EC_F2M_F2M = EC571_F2M_F; - EC_A = EC571_F2M_A; - EC_B = EC571_F2M_B; - EC_G_X = EC571_F2M_G_X; - EC_G_Y = EC571_F2M_G_Y; - EC_R = EC571_F2M_R; - EC_K = EC571_F2M_K; - break; - } - case CURVE_sp128: { - EC_FP_P = ECSP128_FP_P; - EC_A = ECSP128_FP_A; - EC_B = ECSP128_FP_B; - EC_G_X = ECSP128_FP_G_X; - EC_G_Y = ECSP128_FP_G_Y; - EC_R = ECSP128_FP_R; - EC_K = ECSP128_FP_K; - EC_W_X = ECSP128_FP_W_X; - EC_W_Y = ECSP128_FP_W_Y; - break; - } - case CURVE_sp160: { - EC_FP_P = ECSP160_FP_P; - EC_A = ECSP160_FP_A; - EC_B = ECSP160_FP_B; - EC_G_X = ECSP160_FP_G_X; - EC_G_Y = ECSP160_FP_G_Y; - EC_R = ECSP160_FP_R; - EC_K = ECSP160_FP_K; - EC_W_X = ECSP160_FP_W_X; - EC_W_Y = ECSP160_FP_W_Y; - break; - } - case CURVE_sp192: { - EC_FP_P = ECSP192_FP_P; - EC_A = ECSP192_FP_A; - EC_B = ECSP192_FP_B; - EC_G_X = ECSP192_FP_G_X; - EC_G_Y = ECSP192_FP_G_Y; - EC_R = ECSP192_FP_R; - EC_K = ECSP192_FP_K; - EC_W_X = ECSP192_FP_W_X; - EC_W_Y = ECSP192_FP_W_Y; - break; - } - case CURVE_sp224: { - EC_FP_P = ECSP224_FP_P; - EC_A = ECSP224_FP_A; - EC_B = ECSP224_FP_B; - EC_G_X = ECSP224_FP_G_X; - EC_G_Y = ECSP224_FP_G_Y; - EC_R = ECSP224_FP_R; - EC_K = ECSP224_FP_K; - EC_W_X = ECSP224_FP_W_X; - EC_W_Y = ECSP224_FP_W_Y; - break; - } - case CURVE_sp256: { - EC_FP_P = ECSP256_FP_P; - EC_A = ECSP256_FP_A; - EC_B = ECSP256_FP_B; - EC_G_X = ECSP256_FP_G_X; - EC_G_Y = ECSP256_FP_G_Y; - EC_R = ECSP256_FP_R; - EC_K = ECSP256_FP_K; - EC_W_X = ECSP256_FP_W_X; - EC_W_Y = ECSP256_FP_W_Y; - break; - } - case CURVE_sp384: { - EC_FP_P = ECSP384_FP_P; - EC_A = ECSP384_FP_A; - EC_B = ECSP384_FP_B; - EC_G_X = ECSP384_FP_G_X; - EC_G_Y = ECSP384_FP_G_Y; - EC_R = ECSP384_FP_R; - EC_K = ECSP384_FP_K; - EC_W_X = ECSP384_FP_W_X; - EC_W_Y = ECSP384_FP_W_Y; - break; - } - case CURVE_sp521: { - EC_FP_P = ECSP521_FP_P; - EC_A = ECSP521_FP_A; - EC_B = ECSP521_FP_B; - EC_G_X = ECSP521_FP_G_X; - EC_G_Y = ECSP521_FP_G_Y; - EC_R = ECSP521_FP_R; - EC_K = ECSP521_FP_K; - EC_W_X = ECSP521_FP_W_X; - EC_W_Y = ECSP521_FP_W_Y; - break; - } - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - short length = 0; - switch (param) { - case PARAMETER_FP: - if (alg == KeyPair.ALG_EC_FP) { - length = Util.arrayCopyNonAtomic(EC_FP_P, (short) 0, outputBuffer, outputOffset, (short) EC_FP_P.length); - } - break; - case PARAMETER_F2M: - if (alg == KeyPair.ALG_EC_F2M) { - length = Util.arrayCopyNonAtomic(EC_F2M_F2M, (short) 0, outputBuffer, outputOffset, (short) EC_F2M_F2M.length); - } - break; - case PARAMETER_A: - length = Util.arrayCopyNonAtomic(EC_A, (short) 0, outputBuffer, outputOffset, (short) EC_A.length); - break; - case PARAMETER_B: - length = Util.arrayCopyNonAtomic(EC_B, (short) 0, outputBuffer, outputOffset, (short) EC_B.length); - break; - case PARAMETER_G: - length = toX962(outputBuffer, outputOffset, EC_G_X, (short) 0, (short) EC_G_X.length, EC_G_Y, (short) 0, (short) EC_G_Y.length); - break; - case PARAMETER_R: - length = Util.arrayCopyNonAtomic(EC_R, (short) 0, outputBuffer, outputOffset, (short) EC_R.length); - break; - case PARAMETER_K: - length = 2; - Util.setShort(outputBuffer, outputOffset, EC_K); - break; - case PARAMETER_W: - length = toX962(outputBuffer, outputOffset, EC_W_X, (short) 0, (short) EC_W_X.length, EC_W_Y, (short) 0, (short) EC_W_Y.length); - break; - case PARAMETER_S: - length = Util.arrayCopyNonAtomic(EC_S, (short) 0, outputBuffer, outputOffset, (short) EC_S.length); - break; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - return length; - } - - public static short getCorruptCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset, short corruptionType) { - short length = getCurveParameter(curve, param, outputBuffer, outputOffset); - if (length <= 0) { - return length; - } - switch (corruptionType) { - case CORRUPTION_NONE: - break; - case CORRUPTION_FIXED: - if (length >= 1) { - outputBuffer[outputOffset] = (byte) 0xcc; - outputBuffer[(short) (outputOffset + length - 1)] = (byte) 0xcc; - } - break; - case CORRUPTION_FULLRANDOM: - m_random.generateData(outputBuffer, outputOffset, length); - break; - case CORRUPTION_ONEBYTERANDOM: - short first = Util.getShort(outputBuffer, (short) 0); // save first two bytes - - m_random.generateData(outputBuffer, (short) 0, (short) 2); // generate position - short rngPos = Util.getShort(outputBuffer, (short) 0); // save generated position - - Util.setShort(outputBuffer, (short) 0, first); // restore first two bytes - - if (rngPos < 0) { // make positive - rngPos = (short) -rngPos; - } - rngPos %= length; // make < param length - - byte original = outputBuffer[rngPos]; - do { - m_random.generateData(outputBuffer, rngPos, (short) 1); - } while (original == outputBuffer[rngPos]); - break; - case CORRUPTION_ZERO: - Util.arrayFillNonAtomic(outputBuffer, outputOffset, length, (byte) 0); - break; - case CORRUPTION_ONE: - Util.arrayFillNonAtomic(outputBuffer, outputOffset, length, (byte) 1); - break; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - /* //TODO implement CORRUPT_B_LASTBYTEINCREMENT somehow - case CORRUPT_B_LASTBYTEINCREMENT: - m_ramArray2[(short) (m_lenB - 1)] += 1; - // Make sure its not the valid byte again - if (m_ramArray[(short) (m_lenB - 1)] == m_ramArray2[(short) (m_lenB - 1)]) { - m_ramArray2[(short) (m_lenB - 1)] += 1; // if yes, increment once more - } - break; - } - */ - } - return length; - } - - public static byte getCurveType(byte curve) { - return curve <= FP_CURVES ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - } - - private static short toX962(byte[] outputBuffer, short outputOffset, byte[] xBuffer, short xOffset, short xLength, byte[] yBuffer, short yOffset, short yLength) { - short size = 1; - size += xLength; - size += yLength; - - short offset = outputOffset; - outputBuffer[offset] = 0x04; - offset += 1; - - offset = Util.arrayCopyNonAtomic(xBuffer, xOffset, outputBuffer, offset, xLength); - Util.arrayCopyNonAtomic(yBuffer, yOffset, outputBuffer, offset, yLength); - return size; - } - -} diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java deleted file mode 100644 index a56250c..0000000 --- a/src/applets/SimpleECCApplet.java +++ /dev/null @@ -1,1026 +0,0 @@ -/* - * PACKAGEID: 4C6162616B417070 - * APPLETID: 4C6162616B4170706C6574 - */ -package applets; - -import javacard.framework.*; -import javacard.security.*; - - -public class SimpleECCApplet extends Applet { - - // MAIN INSTRUCTION CLASS - final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; - - // INSTRUCTIONS - final static byte INS_GENERATEKEY = (byte) 0x5a; - final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; - - final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; - final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; - - final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; - final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; - final static byte INS_TESTEC_GENERATEINVALID_FP = (byte) 0x70; - final static byte INS_TESTECSUPPORT_GIVENALG = (byte) 0x71; - final static byte INS_TESTECSUPPORT_EXTERNAL = (byte) 0x72; - final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; - - - public final static byte P1_SETCURVE = (byte) 0x01; - public final static byte P1_GENERATEKEYPAIR = (byte) 0x02; - - - final static short ARRAY_LENGTH = (short) 0xff; - final static byte AES_BLOCK_LENGTH = (short) 0x16; - - final static short EC_LENGTH_BITS = KeyBuilder.LENGTH_EC_FP_192; - //final static short EC_LENGTH_BITS = KeyBuilder.LENGTH_EC_FP_160; - //final static short EC_LENGTH_BITS = (short) 256; - - public final static byte ECTEST_SEPARATOR = (byte) 0xff; - public final static byte ECTEST_ALLOCATE_KEYPAIR = (byte) 0xc1; - public final static byte ECTEST_GENERATE_KEYPAIR_DEFCURVE = (byte) 0xc2; - public final static byte ECTEST_SET_VALIDCURVE = (byte) 0xc3; - public final static byte ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE = (byte) 0xc4; - public final static byte ECTEST_SET_INVALIDCURVE = (byte) 0xc5; - public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE = (byte) 0xc6; - public final static byte ECTEST_ECDH_AGREEMENT_VALID_POINT = (byte) 0xc7; - public final static byte ECTEST_ECDH_AGREEMENT_INVALID_POINT = (byte) 0xc8; - public final static byte ECTEST_EXECUTED_REPEATS = (byte) 0xc9; - public final static byte ECTEST_DH_GENERATESECRET = (byte) 0xca; - public final static byte ECTEST_SET_EXTERNALCURVE = (byte) 0xcb; - public final static byte ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE = (byte) 0xcc; - public final static byte ECTEST_ECDSA_SIGNATURE = (byte) 0xcd; - public final static byte ECTEST_SET_ANOMALOUSCURVE = (byte) 0xce; - public final static byte ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE = (byte) 0xcf; - public final static byte ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT = (byte) 0xd0; - public final static byte ECTEST_SET_INVALIDFIELD = (byte) 0xd1; - public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (byte) 0xd2; - - public final static short FLAG_ECTEST_ALLOCATE_KEYPAIR = (short) 0x0001; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE = (short) 0x0002; - public final static short FLAG_ECTEST_SET_VALIDCURVE = (short) 0x0004; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE = (short) 0x0008; - public final static short FLAG_ECTEST_SET_INVALIDCURVE = (short) 0x0010; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE = (short) 0x0020; - public final static short FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT = (short) 0x0040; - public final static short FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT = (short) 0x0080; - public final static short FLAG_ECTEST_ECDSA_SIGNATURE = (short) 0x0100; - public final static short FLAG_ECTEST_SET_ANOMALOUSCURVE = (short) 0x0200; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE = (short) 0x0400; - public final static short FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT = (short) 0x0800; - public final static short FLAG_ECTEST_SET_INVALIDFIELD = (short) 0x1000; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (short) 0x2000; - - public final static short FLAG_ECTEST_ALL = (short) 0xffff; - - - public final static short SW_SKIPPED = (short) 0x0ee1; - public final static short SW_KEYPAIR_GENERATED_INVALID = (short) 0x0ee2; - public final static short SW_INVALID_CORRUPTION_TYPE = (short) 0x0ee3; - public final static short SW_SIG_VERIFY_FAIL = (short) 0xee4; - /* - public static final byte[] EC192_FP_PUBLICW = new byte[]{ - (byte) 0x04, (byte) 0xC9, (byte) 0xC0, (byte) 0xED, (byte) 0xFB, (byte) 0x27, - (byte) 0xB7, (byte) 0x1E, (byte) 0xBE, (byte) 0x30, (byte) 0x93, (byte) 0xFC, - (byte) 0x4F, (byte) 0x33, (byte) 0x76, (byte) 0x38, (byte) 0xCE, (byte) 0xE0, - (byte) 0x2F, (byte) 0x78, (byte) 0xF6, (byte) 0x3C, (byte) 0xEA, (byte) 0x90, - (byte) 0x22, (byte) 0x61, (byte) 0x32, (byte) 0x8E, (byte) 0x9F, (byte) 0x03, - (byte) 0x8A, (byte) 0xFD, (byte) 0x60, (byte) 0xA0, (byte) 0xCE, (byte) 0x01, - (byte) 0x9B, (byte) 0x76, (byte) 0x34, (byte) 0x59, (byte) 0x79, (byte) 0x64, - (byte) 0xD7, (byte) 0x79, (byte) 0x8E, (byte) 0x3B, (byte) 0x16, (byte) 0xD5, - (byte) 0x15}; - */ - public static final byte[] EC192_FP_PUBLICW = new byte[]{ - (byte) 0x04, - (byte) 0x9d, (byte) 0x42, (byte) 0x76, (byte) 0x9d, (byte) 0xfd, (byte) 0xbe, - (byte) 0x11, (byte) 0x3a, (byte) 0x85, (byte) 0x1b, (byte) 0xb6, (byte) 0xb0, - (byte) 0x1b, (byte) 0x1a, (byte) 0x51, (byte) 0x5d, (byte) 0x89, (byte) 0x3b, - (byte) 0x5a, (byte) 0xdb, (byte) 0xc1, (byte) 0xf6, (byte) 0x13, (byte) 0x29, - (byte) 0x74, (byte) 0x74, (byte) 0x9a, (byte) 0xc0, (byte) 0x96, (byte) 0x7a, - (byte) 0x8f, (byte) 0xf4, (byte) 0xcc, (byte) 0x54, (byte) 0xd9, (byte) 0x31, - (byte) 0x87, (byte) 0x60, (byte) 0x2d, (byte) 0xd6, (byte) 0x7e, (byte) 0xb3, - (byte) 0xd2, (byte) 0x29, (byte) 0x70a, (byte) 0xca, (byte) 0x2ca}; - - - private ECPublicKey ecPubKey = null; - private ECPublicKey ecPubKey128 = null; - private ECPublicKey ecPubKey160 = null; - private ECPublicKey ecPubKey192 = null; - private ECPublicKey ecPubKey256 = null; - private ECPrivateKey ecPrivKey = null; - private ECPrivateKey ecPrivKey128 = null; - private ECPrivateKey ecPrivKey160 = null; - private ECPrivateKey ecPrivKey192 = null; - private ECPrivateKey ecPrivKey256 = null; - - private ECKeyGenerator ecKeyGenerator = null; - private ECKeyTester ecKeyTester = null; - - private KeyAgreement dhKeyAgreement = null; - private RandomData randomData = null; - - // TEMPORARRY ARRAY IN RAM - private byte m_ramArray[] = null; - private byte m_ramArray2[] = null; - // PERSISTENT ARRAY IN EEPROM - private byte m_dataArray[] = null; - - short m_lenB = 0; - - protected SimpleECCApplet(byte[] buffer, short offset, byte length) { - short dataOffset = offset; - - if (length > 9) { - // shift to privilege offset - dataOffset += (short) (1 + buffer[offset]); - // finally shift to Application specific offset - dataOffset += (short) (1 + buffer[dataOffset]); - // go to proprietary data - dataOffset++; - - m_ramArray = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); - m_ramArray2 = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); - - m_dataArray = new byte[ARRAY_LENGTH]; - Util.arrayFillNonAtomic(m_dataArray, (short) 0, ARRAY_LENGTH, (byte) 0); - - randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); - EC_Consts.m_random = randomData; - - ecKeyGenerator = new ECKeyGenerator(); - ecKeyTester = new ECKeyTester(); - ecKeyTester.allocateECDH(); - ecKeyTester.allocateECDHC(); - ecKeyTester.allocateECDSA(); - - } - - register(); - } - - public static void install(byte[] bArray, short bOffset, byte bLength) throws ISOException { - // applet instance creation - new SimpleECCApplet(bArray, bOffset, bLength); - } - - public boolean select() { - return true; - } - - public void deselect() { - return; - } - - public void process(APDU apdu) throws ISOException { - // get the APDU buffer - byte[] apduBuffer = apdu.getBuffer(); - - // ignore the applet select command dispached to the process - if (selectingApplet()) - return; - - if (apduBuffer[ISO7816.OFFSET_CLA] == CLA_SIMPLEECCAPPLET) { - switch (apduBuffer[ISO7816.OFFSET_INS]) { - - case INS_TESTECSUPPORT_GIVENALG: - TestEC_SupportGivenLength(apdu); - break; - case INS_TESTECSUPPORTALL_FP: - TestEC_FP_SupportAllLengths(apdu); - break; - case INS_TESTECSUPPORTALL_F2M: - TestEC_F2M_SupportAllLengths(apdu); - break; - case INS_ALLOCATEKEYPAIR: - AllocateKeyPairReturnDefCurve(apdu); - break; - case INS_DERIVEECDHSECRET: - DeriveECDHSecret(apdu); - break; - case INS_TESTEC_GENERATEINVALID_FP: - TestEC_FP_GenerateInvalidCurve(apdu); - break; - case INS_TESTEC_LASTUSEDPARAMS: - TestECSupportInvalidCurve_lastUsedParams(apdu); - break; - case INS_TESTECSUPPORT_EXTERNAL: - TestEC_SupportExternal(apdu); - break; -/* - case INS_ALLOCATEKEYPAIRS: - AllocateKeyPairs(apdu); - break; -*/ - case INS_GENERATEKEY: - GenerateAndReturnKey(apdu); - break; - default: - // The INS code is not supported by the dispatcher - ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); - break; - - } - } else ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED); - } - - - short TestECSupport(byte keyClass, short keyLen, byte[] buffer, short bufferOffset) { - short baseOffset = bufferOffset; - - short testFlags = FLAG_ECTEST_ALL; - - ecPubKey = null; - ecPrivKey = null; - - buffer[bufferOffset] = ECTEST_SEPARATOR; - bufferOffset++; - buffer[bufferOffset] = keyClass; - bufferOffset++; - Util.setShort(buffer, bufferOffset, keyLen); - bufferOffset += 2; - - short sw; - - // - // 1. Allocate KeyPair object - // - buffer[bufferOffset] = ECTEST_ALLOCATE_KEYPAIR; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ALLOCATE_KEYPAIR) != (short) 0) { - sw = ecKeyGenerator.allocatePair(keyClass, keyLen); - - if (sw != ISO7816.SW_NO_ERROR) { - testFlags = 0; //keyPair allocation failed, cannot continue with tests - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 2. Test keypair generation without explicit curve (=> default curve preset) - // - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_DEFCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 3. Set valid custom curve - // - buffer[bufferOffset] = ECTEST_SET_VALIDCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_SET_VALIDCURVE) != (short) 0) { - sw = ecKeyGenerator.setCustomCurve(keyClass, keyLen, m_ramArray, (short) 0); - - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 4. Generate keypair with custom curve - // - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 5. ECDH agreement with valid public key - // - buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_VALID_POINT; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - if (sw == ISO7816.SW_NO_ERROR) { - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 6. ECDH agreement with invalid public key - // - buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_INVALID_POINT; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - if (sw == ISO7816.SW_NO_ERROR) { - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - sw = ecKeyTester.testECDH_invalidPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1); - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 7. ECDSA test - // - buffer[bufferOffset] = ECTEST_ECDSA_SIGNATURE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ECDSA_SIGNATURE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - if (sw == ISO7816.SW_NO_ERROR) { - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - sw = ecKeyTester.testECDSA(ecPrivKey, ecPubKey, m_ramArray2, (short) 0, (short) m_ramArray2.length, m_ramArray, (short) 0); - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 8. Set anomalous custom curve - // - buffer[bufferOffset] = ECTEST_SET_ANOMALOUSCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_SET_ANOMALOUSCURVE) != (short) 0) { - if (keyClass == KeyPair.ALG_EC_FP) { //Only FP supported at the moment - sw = ecKeyGenerator.setCustomAnomalousCurve(keyClass, keyLen, m_ramArray, (short) 0); - } - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE; - testFlags &= ~FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 9. Generate keypair with anomalous custom curve - // - - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 10. Test small degree pubkey - // - - buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT) != (short) 0) { - short pubLength = EC_Consts.getCurveParameter(EC_Consts.getAnomalousCurve(keyClass, keyLen), EC_Consts.PARAMETER_W, m_ramArray, (short) 0); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - sw = ecKeyTester.testECDH(ecPrivKey, m_ramArray, (short) 0, pubLength, m_ramArray2, (short) 1); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 11. Set invalid custom curve - // - buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_SET_INVALIDCURVE) != (short) 0) { - sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_B, EC_Consts.CORRUPTION_FIXED, m_ramArray, (short) 0); - - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 12. Generate keypair with invalid custom curve - // - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 13. Set invalid field - // - buffer[bufferOffset] = ECTEST_SET_INVALIDFIELD; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_SET_INVALIDFIELD) != (short) 0) { - if (keyClass == KeyPair.ALG_EC_FP) - sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_BOTH, EC_Consts.PARAMETER_FP, EC_Consts.CORRUPTION_FULLRANDOM, m_ramArray, (short) 0); - else - sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_BOTH, EC_Consts.PARAMETER_F2M, EC_Consts.CORRUPTION_FULLRANDOM, m_ramArray, (short) 0); - - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // 14. Generate key with invalid field - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDFIELD; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - return (short) (bufferOffset - baseOffset); - } - - void TestEC_SupportGivenLength(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - short dataOffset = ISO7816.OFFSET_CDATA; - byte algType = apdubuf[dataOffset]; - dataOffset++; - short keyLength = Util.getShort(apdubuf, dataOffset); - dataOffset += 2; - - dataOffset = 0; - dataOffset += TestECSupport(algType, keyLength, apdubuf, dataOffset); - - apdu.setOutgoingAndSend((short) 0, dataOffset); - } - - void TestEC_FP_SupportAllLengths(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - short dataOffset = 0; - - // FP - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 128, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 160, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 192, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 224, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 256, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 384, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 521, apdubuf, dataOffset); - - apdu.setOutgoingAndSend((short) 0, dataOffset); - } - - void TestEC_F2M_SupportAllLengths(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - short dataOffset = 0; - // F2M - dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 113, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 131, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 163, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 193, apdubuf, dataOffset); - - apdu.setOutgoingAndSend((short) 0, dataOffset); - } - - short TestECSupportExternalCurve(byte keyClass, short keyLength, byte[] buffer, short bufferOffset, short outputOffset) { - short startOffset = outputOffset; - - short fieldLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short aLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short bLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short gxLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short gyLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short rLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - - buffer[outputOffset] = ECTEST_SEPARATOR; - outputOffset++; - - // allocatePair - buffer[outputOffset] = ECTEST_ALLOCATE_KEYPAIR; - outputOffset++; - short sw = ecKeyGenerator.allocatePair(keyClass, keyLength); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - // setExternalCurve - buffer[outputOffset] = ECTEST_SET_EXTERNALCURVE; - outputOffset++; - sw = ecKeyGenerator.setExternalCurve(ECKeyGenerator.KEY_BOTH, keyClass, buffer, bufferOffset, fieldLength, aLength, bLength, gxLength, gyLength, rLength); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - // generatePair - buffer[outputOffset] = ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE; - outputOffset++; - sw = ecKeyGenerator.generatePair(); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - - // test_ECDH - buffer[outputOffset] = ECTEST_ECDH_AGREEMENT_VALID_POINT; - outputOffset++; - sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - // test_ECDH invalid - buffer[outputOffset] = ECTEST_ECDH_AGREEMENT_INVALID_POINT; - outputOffset++; - sw = ecKeyTester.testECDH_invalidPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - // test_ECDSA - buffer[outputOffset] = ECTEST_ECDSA_SIGNATURE; - outputOffset++; - randomData.generateData(m_ramArray, (short) 0, (short) (ARRAY_LENGTH / 2)); - sw = ecKeyTester.testECDSA(ecPrivKey, ecPubKey, m_ramArray, (short) 0, (short) (ARRAY_LENGTH / 2), m_ramArray2, (short) 0); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - return (short) (outputOffset - startOffset); - } - - /** - * Receives an FP or F2M elliptic curve parameters in the APDU. - * Then allocates a new keypair, sets said curve and tries ECDH, ECDSA. - * APDU format: - * byte CLA = CLA_SIMPLEECCAPPLET - * byte INS = INS_TESTECSUPPORT_EXTERNAL - * byte P0 - * byte P1 - *

- * CDATA: - * byte keyClass -> KeyPair.ALG_EC_FP or KeyPair.ALG_EC_F2\M - * short keyLength - * short fieldLength - * short aLength - * short bLength - * short gxLength - * short gyLength - * short rLength - * field -> FP: prime / F2M: three or one short representing the reduction polynomial - * a - * b - * gx - * gy - * r - * short k - *

- * Response APDU format: - * CDATA: - * byte ECTEST_SEPARATOR - * byte ECTEST_ALLOCATE_KEYPAIR - * short sw - * byte ECTEST_SET_EXTERNALCURVE - * short sw - * byte ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE - * short sw - * byte ECTEST_ECDH_AGREEMENT_VALID_POINT - * short sw - * byte ECTEST_ECDH_AGREEMENT_INVALID_POINT - * short sw - * byte ECTEST_ECDSA_SIGNATURE - * short sw - * - * @param apdu - */ - void TestEC_SupportExternal(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - short offset = ISO7816.OFFSET_CDATA; - byte keyClass = apdubuf[offset]; - ++offset; - short keyLength = Util.getShort(apdubuf, offset); - offset += 2; - - short dataLength = TestECSupportExternalCurve(keyClass, keyLength, apdubuf, offset, (short) 0); - - apdu.setOutgoingAndSend((short) 0, dataLength); - } - - - void TestEC_FP_GenerateInvalidCurve(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - short offset = ISO7816.OFFSET_CDATA; - short repeats = Util.getShort(apdubuf, offset); - offset += 2; - short corruptionType = Util.getShort(apdubuf, offset); - offset += 2; - byte bRewindOnSuccess = apdubuf[offset]; - offset++; - - short dataOffset = 0; - - // FP - dataOffset += TestECSupportInvalidCurve(KeyPair.ALG_EC_FP, (short) 160, apdubuf, dataOffset, repeats, corruptionType, bRewindOnSuccess); - - apdu.setOutgoingAndSend((short) 0, dataOffset); - } - - short TestECSupportInvalidCurve(byte keyClass, short keyLen, byte[] buffer, short bufferOffset, short repeats, short corruptionType, byte bRewindOnSuccess) { - short baseOffset = bufferOffset; - - short testFlags = FLAG_ECTEST_ALL; - - ecPubKey = null; - ecPrivKey = null; - - buffer[bufferOffset] = ECTEST_SEPARATOR; - bufferOffset++; - buffer[bufferOffset] = keyClass; - bufferOffset++; - Util.setShort(buffer, bufferOffset, keyLen); - bufferOffset += 2; - - short numExecutionsOffset = bufferOffset; // num executions to be stored later - bufferOffset += 2; - - short sw; - - // - // 1. Allocate KeyPair object - // - buffer[bufferOffset] = ECTEST_ALLOCATE_KEYPAIR; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ALLOCATE_KEYPAIR) != (short) 0) { - sw = ecKeyGenerator.allocatePair(keyClass, keyLen); - if (sw == ISO7816.SW_NO_ERROR) { - ecPrivKey = ecKeyGenerator.getPrivateKey(); - ecPubKey = ecKeyGenerator.getPublicKey(); - } else { - testFlags = 0; - } - - if (ecPubKey == null || ecPrivKey == null) { - ecKeyGenerator.generatePair(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - ecPubKey = ecKeyGenerator.getPublicKey(); - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - - // - // 2. Set invalid custom curve (many times) - // - sw = ecKeyGenerator.setCustomCurve(keyClass, keyLen, m_ramArray, (short) 0); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - ecPubKey = ecKeyGenerator.getPublicKey(); - - m_lenB = ecPubKey.getB(m_ramArray2, (short) 0); //store valid B - - short startOffset = bufferOffset; - short i; - for (i = 0; i < repeats; i++) { - if ((testFlags & FLAG_ECTEST_SET_INVALIDCURVE) != (short) 0) { - if (bRewindOnSuccess == 1) { - // if nothing unexpected happened, rewind bufferOffset back again - bufferOffset = startOffset; - } - - ecPubKey.getB(m_ramArray2, (short) 0); //store valid B - - // set invalid curve - buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE; - bufferOffset++; - - // Supported types of invalid curve: - // CORRUPTION_NONE = 0x01, valid parameter - // CORRUPTION_FIXED = 0x02, first and last byte changed to a fixed value - // CORRUPTION_FULLRANDOM = 0x03, completely random parameter data - // CORRUPTION_ONEBYTERANDOM = 0x04, one random byte randomly changed - // CORRUPTION_ZERO = 0x05, parameter competely zero - // CORRUPTION_ONE = 0x06, parameter completely one - sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_BOTH, EC_Consts.PARAMETER_B, corruptionType, m_ramArray, (short) 0); - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - // if we reach this line, we are interested in value of B that caused incorrect response - break; // stop execution, return B - } - - // Gen key pair with invalid curve - - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; - bufferOffset++; - // Should fail - sw = ecKeyGenerator.generatePair(); - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - if (sw == ISO7816.SW_NO_ERROR) { - // If this line is reached, we generated key pair - what should not happen - buffer[bufferOffset] = ECTEST_DH_GENERATESECRET; - bufferOffset++; - - ecPrivKey = ecKeyGenerator.getPrivateKey(); - ecPubKey = ecKeyGenerator.getPublicKey(); - - sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); - m_lenB = ecPubKey.getB(m_ramArray2, (short) 0); //store B - //TODO: note, according to the previous version of this method, sw should get appended to the buffer only if sw != SW_NO_ERROR - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - break; //stop execution, return B - } - - // Generate keypair with valid curve - to check that whole engine is not somehow blocked - // after previous attempt with invalid curve - // - // set valid curve - buffer[bufferOffset] = ECTEST_SET_VALIDCURVE; - bufferOffset++; - sw = ecKeyGenerator.setCustomCurve(keyClass, keyLen, m_ramArray, (short) 0); - - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // Gen key pair with valid curve - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; - bufferOffset++; - - sw = ecKeyGenerator.generatePair(); - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - break; - } - - // If we reach this line => everything was as expected - // Rewind offset in array back (no storage of info about expected runs) - // bufferOffset = startOffset; done at beginning - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; - } - } - - // Set number of executed repeats - Util.setShort(buffer, numExecutionsOffset, i); - - return (short) (bufferOffset - baseOffset); - } - - //TODO: generalize invalid B setting to all curve params - void TestECSupportInvalidCurve_lastUsedParams(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - apdu.setIncomingAndReceive(); - - short offset = 0; - Util.arrayCopyNonAtomic(m_ramArray2, (short) 0, apdubuf, offset, m_lenB); - offset += m_lenB; - - apdu.setOutgoingAndSend((short) 0, offset); - } - - void AllocateKeyPairReturnDefCurve(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - apdu.setIncomingAndReceive(); - - short bitLen = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); - - // Note: all locations should happen in constructor. But here it is intentional - // as we like to test for result of allocation - ecKeyGenerator.allocatePair(KeyPair.ALG_EC_FP, bitLen); - - // If required, generate also new key pair - if (apdubuf[ISO7816.OFFSET_P1] == (byte) 1) { - - // If required, initialize curve parameters first - if (apdubuf[ISO7816.OFFSET_P2] == (byte) 2) { - ecKeyGenerator.setCustomCurve(KeyPair.ALG_EC_FP, bitLen, m_ramArray, (short) 0); - } - - // Now generate new keypair with either default or custom curve - ecKeyGenerator.generatePair(); - - short len; - short offset = 0; - - // Export curve public parameters - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_FP, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_A, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_B, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_R, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - /* - offset += 2; // reserve space for length - len = ecPubKey.getW(apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - */ - apdu.setOutgoingAndSend((short) 0, offset); - } - } - - void DeriveECDHSecret(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - // Assumption: proper EC keyPair is already allocated - // If public key point is provided, then use it - if (len == 0) { - // if not provided, use build-in one (valid only for 192 only) - Util.arrayCopyNonAtomic(EC192_FP_PUBLICW, (short) 0, apdubuf, ISO7816.OFFSET_CDATA, (short) EC192_FP_PUBLICW.length); - len = (short) EC192_FP_PUBLICW.length; - } - - // Generate fresh EC keypair - ecKeyGenerator.generatePair(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - - if (dhKeyAgreement == null) { - dhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); - } - dhKeyAgreement.init(ecPrivKey); - short secretLen = 0; - // Generate and export secret - secretLen = dhKeyAgreement.generateSecret(apdubuf, ISO7816.OFFSET_CDATA, len, m_ramArray, (short) 0); - Util.arrayCopyNonAtomic(m_ramArray, (short) 0, apdubuf, (short) 0, secretLen); - - apdu.setOutgoingAndSend((short) 0, secretLen); - } - - void GenerateAndReturnKey(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - apdu.setIncomingAndReceive(); - - short offset = ISO7816.OFFSET_CDATA; - byte keyClass = apdubuf[offset]; - offset++; - - short keyLength = Util.getShort(apdubuf, offset); - offset += 2; - - byte anomalous = apdubuf[offset]; - - offset = 0; - - switch (apdubuf[ISO7816.OFFSET_P1]) { - case P1_SETCURVE: { - ecKeyGenerator.allocatePair(keyClass, keyLength); - - if (anomalous != 0) { - ecKeyGenerator.setCustomAnomalousCurve(keyClass, keyLength, m_ramArray, (short) 0); - } else { - ecKeyGenerator.setCustomCurve(keyClass, keyLength, m_ramArray, (short) 0); - } - ecKeyGenerator.generatePair(); - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - break; - } - case P1_GENERATEKEYPAIR: { - // Assumption: proper EC keyPair is already allocated and initialized - short sw = ecKeyGenerator.generatePair(); - if (sw != ISO7816.SW_NO_ERROR) { - ISOException.throwIt(sw); - } - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - - offset = 0; - apdubuf[offset] = EC_Consts.TAG_ECPUBKEY; - offset++; - offset += 2; // reserve space for length - short len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_W, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - apdubuf[offset] = EC_Consts.TAG_ECPRIVKEY; - offset++; - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PRIVATE, EC_Consts.PARAMETER_S, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - break; - } - default: - ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2); - } - - apdu.setOutgoingAndSend((short) 0, offset); - } - -/* - void AllocateKeyPair(byte algorithm, short bitLen) { - // Select proper attributes - switch (bitLen) { - case (short) 128: { - ecKeyPair = ecKeyPair128; - ecKeyPair = ecKeyPair128; - ecPrivKey = ecPrivKey128; - break; - } - case (short) 160: { - ecKeyPair = ecKeyPair160; - ecKeyPair = ecKeyPair160; - ecPrivKey = ecPrivKey160; - break; - } - case (short) 192: { - ecKeyPair = ecKeyPair192; - ecKeyPair = ecKeyPair192; - ecPrivKey = ecPrivKey192; - break; - } - case (short) 256: { - ecKeyPair = ecKeyPair256; - ecKeyPair = ecKeyPair256; - ecPrivKey = ecPrivKey256; - break; - } - default: { - ISOException.throwIt((short) -1); - } - } - - // Allocate instance - ecKeyPair = new KeyPair(algorithm, bitLen); - ecKeyPair.genKeyPair(); - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - // sometimes null is returned and previous one call to genKeyPair() - // is required before we can get public key - if (ecPubKey == null) { - ecKeyPair.genKeyPair(); - } - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); - // Set required EC parameters - EC_Consts.setValidECKeyParams(ecPubKey, ecPrivKey, KeyPair.ALG_EC_FP, bitLen, m_ramArray); - } - - -*/ - -} - diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java new file mode 100644 index 0000000..47f9c94 --- /dev/null +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -0,0 +1,381 @@ +package cz.crcs.ectester.applet; + +import javacard.framework.ISO7816; +import javacard.framework.ISOException; +import javacard.framework.Util; +import javacard.security.CryptoException; +import javacard.security.ECPrivateKey; +import javacard.security.ECPublicKey; +import javacard.security.KeyPair; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class ECKeyGenerator { + + public static final byte KEY_PUBLIC = 0x01; + public static final byte KEY_PRIVATE = 0x02; + public static final byte KEY_BOTH = KEY_PUBLIC | KEY_PRIVATE; + + private short sw = ISO7816.SW_NO_ERROR; + + /** + * @param keyClass + * @param keyLength + * @return + */ + public KeyPair allocatePair(byte keyClass, short keyLength) { + sw = ISO7816.SW_NO_ERROR; + KeyPair ecKeyPair = null; + try { + ecKeyPair = new KeyPair(keyClass, keyLength); + + if (ecKeyPair.getPublic() == null || ecKeyPair.getPrivate() == null) { + try { + ecKeyPair.genKeyPair(); + } catch (Exception ignored) { + } + } + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return ecKeyPair; + } + + /** + * @param keypair + * @return + */ + public short generatePair(KeyPair keypair) { + sw = ISO7816.SW_NO_ERROR; + try { + keypair.genKeyPair(); + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return sw; + } + + public short setCurve(KeyPair keypair, byte curve, byte[] buffer, short offset) { + return setCurve(keypair, curve, EC_Consts.PARAMETERS_ALL, buffer, offset); + } + + public short setCurve(KeyPair keypair, byte curve, short params, byte[] buffer, short offset) { + return setCurve(keypair, KEY_BOTH, curve, params, buffer, offset); + } + + public short setCurve(KeyPair keypair, byte key, byte curve, short params, byte[] buffer, short offset) { + byte alg = EC_Consts.getCurveType(curve); + sw = ISO7816.SW_NO_ERROR; + + short length; + if (alg == KeyPair.ALG_EC_FP && (params & EC_Consts.PARAMETER_FP) != 0) { + length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_FP, buffer, offset); + sw = setParameter(keypair, key, EC_Consts.PARAMETER_FP, buffer, offset, length); + } else if (alg == KeyPair.ALG_EC_F2M && (params & EC_Consts.PARAMETER_F2M) != 0) { + length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_F2M, buffer, offset); + sw = setParameter(keypair, key, EC_Consts.PARAMETER_F2M, buffer, offset, length); + } + if (sw != ISO7816.SW_NO_ERROR) return sw; + + //go through all params + short paramMask = EC_Consts.PARAMETER_A; + while (paramMask <= EC_Consts.PARAMETER_S) { + short masked = (short) (paramMask & params); + if (masked != 0) { + length = EC_Consts.getCurveParameter(curve, masked, buffer, offset); + sw = setParameter(keypair, key, masked, buffer, offset, length); + if (sw != ISO7816.SW_NO_ERROR) break; + } + paramMask = (short) (paramMask << 1); + } + return sw; + } + + /** + * @param keypair + * @param corruptParams + * @param corruption + * @param buffer + * @param offset + * @return + */ + public short corruptCurve(KeyPair keypair, short corruptParams, byte corruption, byte[] buffer, short offset) { + return corruptCurve(keypair, KEY_BOTH, corruptParams, corruption, buffer, offset); + } + + /** + * @param keypair + * @param key + * @param corruptParams + * @param corruption + * @param buffer + * @param offset + * @return + */ + public short corruptCurve(KeyPair keypair, byte key, short corruptParams, byte corruption, byte[] buffer, short offset) { + sw = ISO7816.SW_NO_ERROR; + + //go through param bit by bit, and invalidate all selected params + short paramMask = EC_Consts.PARAMETER_FP; + while (paramMask <= EC_Consts.PARAMETER_S) { + short masked = (short) (paramMask & corruptParams); + if (masked != 0) { + short length = exportParameter(keypair, key, masked, buffer, offset); + EC_Consts.corruptParameter(corruption, buffer, offset, length); + sw = setParameter(keypair, key, masked, buffer, offset, length); + if (sw != ISO7816.SW_NO_ERROR) break; + } + paramMask = (short) (paramMask << 1); + } + return sw; + } + + /** + * @param key + * @param param + * @param data + * @param offset + * @param length + * @return + */ + public short setParameter(KeyPair keypair, byte key, short param, byte[] data, short offset, short length) { + sw = ISO7816.SW_NO_ERROR; + ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); + ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); + + try { + switch (param) { + case EC_Consts.PARAMETER_FP: { + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); + break; + } + case EC_Consts.PARAMETER_F2M: { + if (length == 2) { + short i = Util.makeShort(data[offset], data[(short) (offset + 1)]); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); + } else if (length == 6) { + short i1 = Util.makeShort(data[offset], data[(short) (offset + 1)]); + short i2 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); + short i3 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); + } else { + sw = ISO7816.SW_UNKNOWN; + } + break; + } + case EC_Consts.PARAMETER_A: { + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setA(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setA(data, offset, length); + break; + } + case EC_Consts.PARAMETER_B: { + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setB(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setB(data, offset, length); + break; + } + case EC_Consts.PARAMETER_G: { + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setG(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setG(data, offset, length); + break; + } + case EC_Consts.PARAMETER_R: { + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setR(data, offset, length); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setR(data, offset, length); + break; + } + case EC_Consts.PARAMETER_K: { + short k = 0; + if (length > 2 || length <= 0) { + sw = ISO7816.SW_UNKNOWN; + break; + } else if (length == 2) { + k = Util.getShort(data, offset); + } else if (length == 1) { + k = data[offset]; + } + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setK(k); + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setK(k); + break; + } + case EC_Consts.PARAMETER_S: + if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); + break; + case EC_Consts.PARAMETER_W: + if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); + break; + default: { + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + } + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return sw; + } + + /** + * @param keypair + * @param params + * @param inBuffer + * @param inOffset + * @return + */ + public short setExternalCurve(KeyPair keypair, short params, byte[] inBuffer, short inOffset) { + return setExternalCurve(keypair, KEY_BOTH, params, inBuffer, inOffset); + } + + /** + * @param keypair + * @param key + * @param params + * @param inBuffer + * @param inOffset + * @return + */ + public short setExternalCurve(KeyPair keypair, byte key, short params, byte[] inBuffer, short inOffset) { + sw = ISO7816.SW_NO_ERROR; + + short paramMask = EC_Consts.PARAMETER_FP; + while (paramMask <= EC_Consts.PARAMETER_S) { + short masked = (short) (paramMask & params); + if (masked != 0) { + short paramLength = Util.getShort(inBuffer, inOffset); + inOffset += 2; + sw = setParameter(keypair, key, masked, inBuffer, inOffset, paramLength); + inOffset += paramLength; + if (sw != ISO7816.SW_NO_ERROR) break; + } + paramMask = (short) (paramMask << 1); + } + return sw; + } + + /** + * @param key + * @param param + * @param outputBuffer + * @param outputOffset + * @return + */ + public short exportParameter(KeyPair keypair, byte key, short param, byte[] outputBuffer, short outputOffset) { + sw = ISO7816.SW_NO_ERROR; + ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); + ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); + + short length = 0; + try { + switch (param) { + case EC_Consts.PARAMETER_FP: + case EC_Consts.PARAMETER_F2M: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getField(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_A: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getA(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getA(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_B: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getB(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getB(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_G: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getG(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getG(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_R: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getR(outputBuffer, outputOffset); + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getR(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_K: + if ((key & KEY_PUBLIC) != 0) Util.setShort(outputBuffer, outputOffset, ecPublicKey.getK()); + if ((key & KEY_PRIVATE) != 0) Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK()); + length = 2; + break; + case EC_Consts.PARAMETER_W: + if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset); + break; + case EC_Consts.PARAMETER_S: + if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset); + break; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return length; + } + + /** + * @param keypair + * @param key + * @param params + * @param buffer + * @param offset + * @return + */ + public short exportParameters(KeyPair keypair, byte key, short params, byte[] buffer, short offset) { + sw = ISO7816.SW_NO_ERROR; + + short length = 0; + + short paramMask = EC_Consts.PARAMETER_FP; + while (paramMask <= EC_Consts.PARAMETER_S) { + short masked = (short) (paramMask & params); + if (masked != 0) { + short len = exportParameter(keypair, key, masked, buffer, (short) (offset + 2)); + if (len == 0) { + paramMask = (short) (paramMask << 1); + continue; + } + Util.setShort(buffer, offset, len); + offset += len + 2; + length += len + 2; + } + paramMask = (short) (paramMask << 1); + } + return length; + } + + /** + * Copies this KeyPairs curve parameters to another ECKeyGenerator. + * + * @param from + * @param to + * @param buffer + * @param offset + * @return + */ + public short copyCurve(KeyPair from, KeyPair to, byte[] buffer, short offset) { + sw = ISO7816.SW_NO_ERROR; + try { + short param = EC_Consts.PARAMETER_FP; + while (param <= EC_Consts.PARAMETER_K) { + short paramLength = exportParameter(from, KEY_PUBLIC, param, buffer, offset); + setParameter(to, KEY_BOTH, param, buffer, offset, paramLength); + param = (short) (param << 1); + } + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return sw; + } + + public short getSW() { + return sw; + } +} diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java new file mode 100644 index 0000000..72fa165 --- /dev/null +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -0,0 +1,184 @@ +package cz.crcs.ectester.applet; + + +import javacard.framework.ISO7816; +import javacard.security.*; + +/** + * Class capable of testing ECDH/C and ECDSA. + * Note that ECDH and ECDHC output should equal, only the algorithm is different. + * + * @author Jan Jancar johny@neuromancer.sk + */ +public class ECKeyTester { + + private KeyAgreement ecdhKeyAgreement = null; + private KeyAgreement ecdhcKeyAgreement = null; + private Signature ecdsaSignature = null; + + private short sw = ISO7816.SW_NO_ERROR; + + public short allocateECDH() { + sw = ISO7816.SW_NO_ERROR; + try { + ecdhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return sw; + } + + public short allocateECDHC() { + sw = ISO7816.SW_NO_ERROR; + try { + ecdhcKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DHC, false); + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return sw; + } + + public short allocateECDSA() { + sw = ISO7816.SW_NO_ERROR; + try { + ecdsaSignature = Signature.getInstance(Signature.ALG_ECDSA_SHA, false); + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return sw; + } + + private short testKA(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + sw = ISO7816.SW_NO_ERROR; + short length = 0; + try { + ka.init(privateKey); + length = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return length; + } + + private short testKA_validPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + return testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + } + + private short testKA_invalidPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + pubkeyBuffer[(short)(pubkeyLength - 2)] += 0xcc; + pubkeyBuffer[(short)(pubkeyLength - 3)] += 0xcc; + short result = testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + pubkeyBuffer[(short)(pubkeyLength - 2)] -= 0xcc; + pubkeyBuffer[(short)(pubkeyLength - 3)] -= 0xcc; + return result; + } + + public short testECDH(ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { + return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); + } + + /** + * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}. + * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. + * Output should equal with ECDHC output. + * @param privateKey + * @param publicKey + * @param pubkeyBuffer + * @param pubkeyOffset + * @param outputBuffer + * @param outputOffset + * @return derived secret length + * + **/ + public short testECDH_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testKA_validPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + } + + public short testECDH_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testKA_invalidPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + } + + + /** + * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}. + * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. + * Output should equal to ECDH output. + * @param privateKey + * @param publicKey + * @param pubkeyBuffer + * @param pubkeyOffset + * @param outputBuffer + * @param outputOffset + * @return ISO7816.SW_NO_ERROR on correct operation, + * exception reason otherwise + */ + public short testECDHC_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testKA_validPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + } + + public short testECDHC_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); + return testKA_invalidPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + } + + /** + * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. + * Then checks for correct signature length. + * Then tries verifying the data with {@code verifyKey}. + * @param signKey + * @param verifyKey + * @param inputBuffer + * @param inputOffset + * @param inputLength + * @param sigBuffer + * @param sigOffset + * @return signature length + */ + public short testECDSA(ECPrivateKey signKey, ECPublicKey verifyKey, byte[] inputBuffer, short inputOffset, short inputLength, byte[] sigBuffer, short sigOffset) { + sw = ISO7816.SW_NO_ERROR; + short length = 0; + try { + ecdsaSignature.init(signKey, Signature.MODE_SIGN); + length = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset); + + ecdsaSignature.init(verifyKey, Signature.MODE_VERIFY); + boolean correct = ecdsaSignature.verify(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset, length); + if (!correct) { + sw = ECTesterApplet.SW_SIG_VERIFY_FAIL; + } + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return length; + } + + public KeyAgreement getECDH() { + return ecdhKeyAgreement; + } + + public KeyAgreement getECDHC() { + return ecdhcKeyAgreement; + } + + public Signature getECDSA() { + return ecdsaSignature; + } + + public short getSW() { + return sw; + } + +} diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java new file mode 100644 index 0000000..b461688 --- /dev/null +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -0,0 +1,427 @@ +/* + * PACKAGEID: 4C6162616B417070 + * APPLETID: 4C6162616B4170706C6574 + */ +package cz.crcs.ectester.applet; + +import javacard.framework.*; +import javacard.security.ECPrivateKey; +import javacard.security.ECPublicKey; +import javacard.security.KeyPair; +import javacard.security.RandomData; + +/** + * @author Petr Svenda petr@svenda.com + * @author Jan Jancar johny@neuromancer.sk + */ +public class ECTesterApplet extends Applet { + + // MAIN INSTRUCTION CLASS + public static final byte CLA_ECTESTERAPPLET = (byte) 0xB0; + + //INSTRUCTIONS + public static final byte INS_ALLOCATE = (byte) 0x5a; + public static final byte INS_SET = (byte) 0x5b; + public static final byte INS_GENERATE = (byte) 0x5c; + public static final byte INS_ECDH = (byte) 0x5d; + public static final byte INS_ECDSA = (byte) 0x5e; + + //PARAMETERS for P1 and P2 + public static final byte KEYPAIR_LOCAL = (byte) 0x01; + public static final byte KEYPAIR_REMOTE = (byte) 0x02; + public static final byte KEYPAIR_BOTH = KEYPAIR_LOCAL | KEYPAIR_REMOTE; + public static final byte EXPORT_PUBLIC = (byte) 0x04; + public static final byte EXPORT_PRIVATE = (byte) 0x08; + public static final byte EXPORT_BOTH = EXPORT_PUBLIC | EXPORT_PRIVATE; + public static final byte EXPORT_ECDH = (byte) 0x10; + public static final byte EXPORT_SIG = (byte) 0x20; + + //STATUS WORDS + public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1; + + + private static final short ARRAY_LENGTH = (short) 0xff; + // TEMPORARRY ARRAY IN RAM + private byte ramArray[] = null; + private byte ramArray2[] = null; + // PERSISTENT ARRAY IN EEPROM + private byte dataArray[] = null; // unused + + + private RandomData randomData = null; + + private KeyPair localKeypair = null; + private KeyPair remoteKeypair = null; + private ECKeyTester keyTester = null; + private ECKeyGenerator keyGenerator = null; + + protected ECTesterApplet(byte[] buffer, short offset, byte length) { + if (length > 9) { + /* + short dataOffset = offset; + // shift to privilege offset + dataOffset += (short) (1 + buffer[offset]); + // finally shift to Application specific offset + dataOffset += (short) (1 + buffer[dataOffset]); + // go to proprietary data + dataOffset++; + */ + + ramArray = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); + ramArray2 = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); + + dataArray = new byte[ARRAY_LENGTH]; + Util.arrayFillNonAtomic(dataArray, (short) 0, ARRAY_LENGTH, (byte) 0); + + randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); + EC_Consts.randomData = randomData; + + keyGenerator = new ECKeyGenerator(); + keyTester = new ECKeyTester(); + keyTester.allocateECDH(); + keyTester.allocateECDHC(); + keyTester.allocateECDSA(); + } + register(); + } + + public static void install(byte[] bArray, short bOffset, byte bLength) throws ISOException { + // applet instance creation + new ECTesterApplet(bArray, bOffset, bLength); + } + + public void process(APDU apdu) throws ISOException { + // get the APDU buffer + byte[] apduBuffer = apdu.getBuffer(); + + // ignore the applet select command dispached to the process + if (selectingApplet()) + return; + + if (apduBuffer[ISO7816.OFFSET_CLA] == CLA_ECTESTERAPPLET) { + switch (apduBuffer[ISO7816.OFFSET_INS]) { + case INS_ALLOCATE: + insAllocate(apdu); + break; + case INS_SET: + insSet(apdu); + break; + case INS_GENERATE: + insGenerate(apdu); + break; + case INS_ECDH: + insECDH(apdu); + break; + case INS_ECDSA: + insECDSA(apdu); + break; + default: + // The INS code is not supported by the dispatcher + ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); + break; + } + } else ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED); + } + + /** + * Allocate local and remote keypairs. + * returns allocate SWs + * + * @param apdu P1 = byte keypair (KEYPAIR_* | ...) + * P2 = + * DATA = short keyLength + * byte keyClass + */ + private void insAllocate(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte keypair = apdubuf[ISO7816.OFFSET_P1]; + short keyLength = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); + byte keyClass = apdubuf[ISO7816.OFFSET_CDATA + 2]; + + short len = allocate(keypair, keyLength, keyClass, apdubuf, (short) 0); + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * @param keypair which keypair to use, local/remote (KEYPAIR_* | ...) + * @param keyLength key length to set + * @param keyClass key class to allocate + * @param buffer apdu buffer + * @param offset offset into apdu buffer + * @return length of data written to the buffer + */ + private short allocate(byte keypair, short keyLength, byte keyClass, byte[] buffer, short offset) { + short length = 0; + if ((keypair & KEYPAIR_LOCAL) != 0) { + localKeypair = keyGenerator.allocatePair(keyClass, keyLength); + Util.setShort(buffer, offset, keyGenerator.getSW()); + length += 2; + } + + if ((keypair & KEYPAIR_REMOTE) != 0) { + remoteKeypair = keyGenerator.allocatePair(keyClass, keyLength); + Util.setShort(buffer, (short) (offset + length), keyGenerator.getSW()); + length += 2; + } + + return length; + } + + /** + * Sets curve parameters on local and remote keypairs. + * returns setCurve SWs, set params if export + * + * @param apdu P1 = byte keypair (KEYPAIR_* | ...) + * P2 = byte export (EXPORT_* | KEYPAIR_*) + * DATA = byte curve (EC_Consts.CURVE_*) + * short params (EC_Consts.PARAMETER_* | ...) + * short corruptedParams (EC_Consts.PARAMETER_* | ...) + * byte corruptionType (EC_Consts.CORRUPTION_*) + *

+ * if curveID = CURVE_EXTERNAL: + * [short param_length, byte[] param], + * for all params in params, + * in order: field,a,b,g,r,k,w,s + */ + private void insSet(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte keypair = apdubuf[ISO7816.OFFSET_P1]; + byte export = apdubuf[ISO7816.OFFSET_P2]; + byte curve = apdubuf[ISO7816.OFFSET_CDATA]; + short params = Util.getShort(apdubuf, (short) (ISO7816.OFFSET_CDATA + 1)); + short corruptedParams = Util.getShort(apdubuf, (short) (ISO7816.OFFSET_CDATA + 3)); + byte corruptionType = apdubuf[(short) (ISO7816.OFFSET_CDATA + 5)]; + + short len = 0; + + if ((keypair & KEYPAIR_LOCAL) != 0) + len += set(localKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 6), (short) 0); + if ((keypair & KEYPAIR_REMOTE) != 0) + len += set(remoteKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 6), len); + if ((export & KEYPAIR_LOCAL) != 0) + len += export(localKeypair, export, params, apdubuf, len); + if ((export & KEYPAIR_REMOTE) != 0) + len += export(remoteKeypair, export, params, apdubuf, len); + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * @param keypair KeyPair to set params on + * @param curve curve to set (EC_Consts.CURVE_*) + * @param params parameters to set (EC_Consts.PARAMETER_* | ...) + * @param corrupted parameters to corrupt (EC_Consts.PARAMETER_* | ...) + * @param corruption corruption type (EC_Consts.CORRUPTION_*) + * @param buffer buffer to read params from and write sw to + * @param inOffset input offset in buffer + * @param outOffset output offset in buffer + * @return length of data written to the buffer + */ + private short set(KeyPair keypair, byte curve, short params, short corrupted, byte corruption, byte[] buffer, short inOffset, short outOffset) { + short sw = ISO7816.SW_NO_ERROR; + + switch (curve) { + case EC_Consts.CURVE_default: + //default, dont set anything + break; + case EC_Consts.CURVE_external: + //external + sw = keyGenerator.setExternalCurve(keypair, params, buffer, inOffset); + break; + default: + //custom + sw = keyGenerator.setCurve(keypair, curve, params, ramArray, (short) 0); + break; + } + + if (sw == ISO7816.SW_NO_ERROR) + sw = keyGenerator.corruptCurve(keypair, corrupted, corruption, ramArray, (short) 0); + Util.setShort(buffer, outOffset, sw); + return 2; + } + + /** + * Generates the local and remote keypairs. + * returns generate SWs, pubkey and privkey if export + * + * @param apdu P1 = byte keypair (KEYPAIR_* | ...) + * P2 = byte export (EXPORT_* | KEYPAIR_*) + */ + private void insGenerate(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte keypair = apdubuf[ISO7816.OFFSET_P1]; + byte export = apdubuf[ISO7816.OFFSET_P2]; + + short len = 0; + if ((keypair & KEYPAIR_LOCAL) != 0) + len += generate(localKeypair, apdubuf, (short) 0); + if ((keypair & KEYPAIR_REMOTE) != 0) + len += generate(remoteKeypair, apdubuf, len); + if ((export & KEYPAIR_LOCAL) != 0) + len += export(localKeypair, export, (short) (EC_Consts.PARAMETER_W | EC_Consts.PARAMETER_S), apdubuf, len); + if ((export & KEYPAIR_REMOTE) != 0) + len += export(remoteKeypair, export, (short) (EC_Consts.PARAMETER_W | EC_Consts.PARAMETER_S), apdubuf, len); + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * @param keypair KeyPair to generate + * @param buffer buffer to write sw to + * @param offset output offset in buffer + * @return length of data written to the buffer + */ + private short generate(KeyPair keypair, byte[] buffer, short offset) { + short sw = keyGenerator.generatePair(keypair); + Util.setShort(buffer, offset, sw); + + return 2; + } + + /** + * @param keypair KeyPair to export from + * @param export which key to export from (EXPORT_PUBLIC | EXPORT_PRIVATE) + * @param params which params to export (EC_Consts.PARAMETER_* | ...) + * @param buffer buffer to export params to + * @param offset output offset in buffer + * @return length of data written to the buffer + */ + private short export(KeyPair keypair, byte export, short params, byte[] buffer, short offset) { + short length = 0; + + if ((export & EXPORT_PUBLIC) != 0) { + //export params from public + length += keyGenerator.exportParameters(keypair, ECKeyGenerator.KEY_PUBLIC, params, buffer, offset); + } + + if ((export & EXPORT_PRIVATE) != 0) { + //export params from private + length += keyGenerator.exportParameters(keypair, ECKeyGenerator.KEY_PRIVATE, params, buffer, (short) (offset + length)); + + } + return length; + } + + /** + * Does ECDH, between the pubkey specified in P1(local/remote) and the privkey specified in P2(local/remote). + * returns deriveSecret SW, if export != 0 => short secretlen, byte[] secret + * + * @param apdu P1 = byte pubkey (KEYPAIR_*) + * P2 = byte privkey (KEYPAIR_*) + * DATA = byte export (EXPORT_ECDH || 0) + * byte invalid (00 = valid, !00 = invalid) + */ + private void insECDH(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte pubkey = apdubuf[ISO7816.OFFSET_P1]; + byte privkey = apdubuf[ISO7816.OFFSET_P2]; + byte export = apdubuf[ISO7816.OFFSET_CDATA]; + byte invalid = apdubuf[(short) (ISO7816.OFFSET_CDATA + 1)]; + + short len = ecdh(pubkey, privkey, export, invalid, apdubuf, (short) 0); + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * @param pubkey keypair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param privkey keypair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param export whether to export ECDH secret + * @param invalid whether to invalidate the pubkey before ECDH + * @param buffer buffer to write sw to, and export ECDH secret if (export & EXPORT_ECDH) != 0 + * @param offset output offset in buffer + * @return length of data written to the buffer + */ + private short ecdh(byte pubkey, byte privkey, byte export, byte invalid, byte[] buffer, short offset) { + short length = 0; + + KeyPair pub = ((pubkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; + KeyPair priv = ((privkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; + + short secretLength; + if (invalid != 0) { + secretLength = keyTester.testECDH_invalidPoint((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0); + } else { + secretLength = keyTester.testECDH_validPoint((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0); + } + + Util.setShort(buffer, offset, keyTester.getSW()); + length += 2; + + if ((export & EXPORT_ECDH) != 0) { + Util.setShort(buffer, (short) (offset + length), secretLength); + length += 2; + Util.arrayCopyNonAtomic(ramArray2, (short) 0, buffer, (short) (offset + length), secretLength); + length += secretLength; + } + + return length; + } + + /** + * Does and ECDSA signature and verification on data provided, using the keypair in P1(local/remote). + * returns ecdsa SW, if export != 0 => short signature_length, byte[] signature + * + * @param apdu P1 = byte keypair (KEYPAIR_*) + * P2 = byte export (EXPORT_SIG || 0) + * DATA = short data_length (00 = random data generated, !00 = data length) + * byte[] data + */ + private void insECDSA(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte keypair = apdubuf[ISO7816.OFFSET_P1]; + byte export = apdubuf[ISO7816.OFFSET_P2]; + + short len = ecdsa(keypair, export, apdubuf, ISO7816.OFFSET_CDATA, (short) 0); + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * @param keypair keypair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param export whether to export ECDSA signature + * @param buffer buffer to write sw to, and export ECDSA signature if (export & EXPORT_SIG) != 0 + * @param inOffset input offset in buffer + * @param outOffset output offset in buffer + * @return length of data written to the buffer + */ + private short ecdsa(byte keypair, byte export, byte[] buffer, short inOffset, short outOffset) { + short length = 0; + + short dataLength = Util.getShort(buffer, inOffset); + if (dataLength == 0) { //no data to sign + //generate random + dataLength = 32; + randomData.generateData(ramArray, (short) 0, dataLength); + } else { + Util.arrayCopyNonAtomic(buffer, (short) (inOffset + 2), ramArray, (short) 0, dataLength); + } + + KeyPair sign = ((keypair & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; + + short signatureLength = keyTester.testECDSA((ECPrivateKey) sign.getPrivate(), (ECPublicKey) sign.getPublic(), ramArray, (short) 0, dataLength, ramArray2, (short) 0); + Util.setShort(buffer, outOffset, keyTester.getSW()); + length += 2; + + if ((export & EXPORT_SIG) != 0) { + Util.setShort(buffer, (short) (outOffset + length), signatureLength); + length += 2; + + Util.arrayCopyNonAtomic(ramArray2, (short) 0, buffer, (short) (outOffset + length), signatureLength); + length += signatureLength; + } + + return length; + } +} diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java new file mode 100644 index 0000000..c70919c --- /dev/null +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -0,0 +1,1298 @@ +package cz.crcs.ectester.applet; + +import javacard.framework.ISO7816; +import javacard.framework.ISOException; +import javacard.framework.Util; +import javacard.security.KeyPair; +import javacard.security.RandomData; + +/** + * @author Petr Svenda petr@svenda.com + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Consts { + + private static byte[] EC_FP_P = null; //p + private static byte[] EC_A = null; //a + private static byte[] EC_B = null; //b + private static byte[] EC_G_X = null; //G[x,y] + private static byte[] EC_G_Y = null; // + private static byte[] EC_R = null; //n + private static short EC_K = 1; //h + + private static byte[] EC_W_X = null; //Pubkey[x,y] + private static byte[] EC_W_Y = null; + private static byte[] EC_S = null; //Private + + private static byte[] EC_F2M_F2M = null; //[short i1, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 + + + public static final short PARAMETER_FP = 0x0001; + public static final short PARAMETER_F2M = 0x0002; + + public static final short PARAMETER_A = 0x0004; + public static final short PARAMETER_B = 0x0008; + public static final short PARAMETER_G = 0x0010; + public static final short PARAMETER_R = 0x0020; + public static final short PARAMETER_K = 0x0040; + public static final short PARAMETER_W = 0x0080; + public static final short PARAMETER_S = 0x0100; + + public static final short PARAMETERS_NONE = 0x0000; + public static final short PARAMETERS_DOMAIN_FP = 0x007d; + /** + * FP,A,B,G,R,K + */ + public static final short PARAMETERS_DOMAIN_F2M = 0x007e; + /** + * F2M,A,B,G,R,K + */ + public static final short PARAMETERS_KEYPAIR = 0x0180; + public static final short PARAMETERS_ALL = 0x01ff; + + public static RandomData randomData = null; + + + // secp128r1 + public static final byte[] EC128_FP_P = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + + public static final byte[] EC128_FP_A = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + + public static final byte[] EC128_FP_B = new byte[]{ + (byte) 0xE8, (byte) 0x75, (byte) 0x79, (byte) 0xC1, + (byte) 0x10, (byte) 0x79, (byte) 0xF4, (byte) 0x3D, + (byte) 0xD8, (byte) 0x24, (byte) 0x99, (byte) 0x3C, + (byte) 0x2C, (byte) 0xEE, (byte) 0x5E, (byte) 0xD3}; + + // G in compressed form / first part of ucompressed + public static final byte[] EC128_FP_G_X = new byte[]{ + (byte) 0x16, (byte) 0x1F, (byte) 0xF7, (byte) 0x52, + (byte) 0x8B, (byte) 0x89, (byte) 0x9B, (byte) 0x2D, + (byte) 0x0C, (byte) 0x28, (byte) 0x60, (byte) 0x7C, + (byte) 0xA5, (byte) 0x2C, (byte) 0x5B, (byte) 0x86}; + + // second part of G uncompressed + public static final byte[] EC128_FP_G_Y = new byte[]{ + (byte) 0xCF, (byte) 0x5A, (byte) 0xC8, (byte) 0x39, + (byte) 0x5B, (byte) 0xAF, (byte) 0xEB, (byte) 0x13, + (byte) 0xC0, (byte) 0x2D, (byte) 0xA2, (byte) 0x92, + (byte) 0xDD, (byte) 0xED, (byte) 0x7A, (byte) 0x83}; + // Order of G + public static final byte[] EC128_FP_R = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x75, (byte) 0xA3, (byte) 0x0D, (byte) 0x1B, + (byte) 0x90, (byte) 0x38, (byte) 0xA1, (byte) 0x15}; + // cofactor of G + public static final short EC128_FP_K = 1; + + // secp160r1 + public static final byte[] EC160_FP_P = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + + public static final byte[] EC160_FP_A = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + + public static final byte[] EC160_FP_B = new byte[]{ + (byte) 0x1C, (byte) 0x97, (byte) 0xBE, (byte) 0xFC, + (byte) 0x54, (byte) 0xBD, (byte) 0x7A, (byte) 0x8B, + (byte) 0x65, (byte) 0xAC, (byte) 0xF8, (byte) 0x9F, + (byte) 0x81, (byte) 0xD4, (byte) 0xD4, (byte) 0xAD, + (byte) 0xC5, (byte) 0x65, (byte) 0xFA, (byte) 0x45}; + + // G in compressed form / first part of ucompressed + public static final byte[] EC160_FP_G_X = new byte[]{ + (byte) 0x4A, (byte) 0x96, (byte) 0xB5, (byte) 0x68, + (byte) 0x8E, (byte) 0xF5, (byte) 0x73, (byte) 0x28, + (byte) 0x46, (byte) 0x64, (byte) 0x69, (byte) 0x89, + (byte) 0x68, (byte) 0xC3, (byte) 0x8B, (byte) 0xB9, + (byte) 0x13, (byte) 0xCB, (byte) 0xFC, (byte) 0x82}; + + // second part of G uncompressed + public static final byte[] EC160_FP_G_Y = new byte[]{ + (byte) 0x23, (byte) 0xA6, (byte) 0x28, (byte) 0x55, + (byte) 0x31, (byte) 0x68, (byte) 0x94, (byte) 0x7D, + (byte) 0x59, (byte) 0xDC, (byte) 0xC9, (byte) 0x12, + (byte) 0x04, (byte) 0x23, (byte) 0x51, (byte) 0x37, + (byte) 0x7A, (byte) 0xC5, (byte) 0xFB, (byte) 0x32}; + // Order of G + public static final byte[] EC160_FP_R = new byte[]{ + (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x01, (byte) 0xF4, (byte) 0xC8, + (byte) 0xF9, (byte) 0x27, (byte) 0xAE, (byte) 0xD3, + (byte) 0xCA, (byte) 0x75, (byte) 0x22, (byte) 0x57}; + // cofactor of G + public static final short EC160_FP_K = 1; + + + // secp192r1 from http://www.secg.org/sec2-v2.pdf + public static final byte[] EC192_FP_P = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + public static final byte[] EC192_FP_A = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + public static final byte[] EC192_FP_B = new byte[]{ + (byte) 0x64, (byte) 0x21, (byte) 0x05, (byte) 0x19, + (byte) 0xE5, (byte) 0x9C, (byte) 0x80, (byte) 0xE7, + (byte) 0x0F, (byte) 0xA7, (byte) 0xE9, (byte) 0xAB, + (byte) 0x72, (byte) 0x24, (byte) 0x30, (byte) 0x49, + (byte) 0xFE, (byte) 0xB8, (byte) 0xDE, (byte) 0xEC, + (byte) 0xC1, (byte) 0x46, (byte) 0xB9, (byte) 0xB1}; + // G in compressed form / first part of ucompressed + public static final byte[] EC192_FP_G_X = new byte[]{ + (byte) 0x18, (byte) 0x8D, (byte) 0xA8, (byte) 0x0E, + (byte) 0xB0, (byte) 0x30, (byte) 0x90, (byte) 0xF6, + (byte) 0x7C, (byte) 0xBF, (byte) 0x20, (byte) 0xEB, + (byte) 0x43, (byte) 0xA1, (byte) 0x88, (byte) 0x00, + (byte) 0xF4, (byte) 0xFF, (byte) 0x0A, (byte) 0xFD, + (byte) 0x82, (byte) 0xFF, (byte) 0x10, (byte) 0x12}; + // second part of G uncompressed + public static final byte[] EC192_FP_G_Y = new byte[]{ + (byte) 0x07, (byte) 0x19, (byte) 0x2B, (byte) 0x95, + (byte) 0xFF, (byte) 0xC8, (byte) 0xDA, (byte) 0x78, + (byte) 0x63, (byte) 0x10, (byte) 0x11, (byte) 0xED, + (byte) 0x6B, (byte) 0x24, (byte) 0xCD, (byte) 0xD5, + (byte) 0x73, (byte) 0xF9, (byte) 0x77, (byte) 0xA1, + (byte) 0x1E, (byte) 0x79, (byte) 0x48, (byte) 0x11}; + // Order of G + public static final byte[] EC192_FP_R = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x99, (byte) 0xDE, (byte) 0xF8, (byte) 0x36, + (byte) 0x14, (byte) 0x6B, (byte) 0xC9, (byte) 0xB1, + (byte) 0xB4, (byte) 0xD2, (byte) 0x28, (byte) 0x31}; + // cofactor of G + public static final short EC192_FP_K = 1; + + // secp224r1 from http://www.secg.org/sec2-v2.pdf + public static final byte[] EC224_FP_P = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01}; + + public static final byte[] EC224_FP_A = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE}; + + public static final byte[] EC224_FP_B = new byte[]{ + (byte) 0xB4, (byte) 0x05, (byte) 0x0A, (byte) 0x85, + (byte) 0x0C, (byte) 0x04, (byte) 0xB3, (byte) 0xAB, + (byte) 0xF5, (byte) 0x41, (byte) 0x32, (byte) 0x56, + (byte) 0x50, (byte) 0x44, (byte) 0xB0, (byte) 0xB7, + (byte) 0xD7, (byte) 0xBF, (byte) 0xD8, (byte) 0xBA, + (byte) 0x27, (byte) 0x0B, (byte) 0x39, (byte) 0x43, + (byte) 0x23, (byte) 0x55, (byte) 0xFF, (byte) 0xB4}; + + // G in compressed form / first part of ucompressed + public static final byte[] EC224_FP_G_X = new byte[]{ + (byte) 0xB7, (byte) 0x0E, (byte) 0x0C, (byte) 0xBD, + (byte) 0x6B, (byte) 0xB4, (byte) 0xBF, (byte) 0x7F, + (byte) 0x32, (byte) 0x13, (byte) 0x90, (byte) 0xB9, + (byte) 0x4A, (byte) 0x03, (byte) 0xC1, (byte) 0xD3, + (byte) 0x56, (byte) 0xC2, (byte) 0x11, (byte) 0x22, + (byte) 0x34, (byte) 0x32, (byte) 0x80, (byte) 0xD6, + (byte) 0x11, (byte) 0x5C, (byte) 0x1D, (byte) 0x21}; + // second part of G uncompressed + public static final byte[] EC224_FP_G_Y = new byte[]{ + (byte) 0xBD, (byte) 0x37, (byte) 0x63, (byte) 0x88, + (byte) 0xB5, (byte) 0xF7, (byte) 0x23, (byte) 0xFB, + (byte) 0x4C, (byte) 0x22, (byte) 0xDF, (byte) 0xE6, + (byte) 0xCD, (byte) 0x43, (byte) 0x75, (byte) 0xA0, + (byte) 0x5A, (byte) 0x07, (byte) 0x47, (byte) 0x64, + (byte) 0x44, (byte) 0xD5, (byte) 0x81, (byte) 0x99, + (byte) 0x85, (byte) 0x00, (byte) 0x7E, (byte) 0x34}; + // Order of G + public static final byte[] EC224_FP_R = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0x16, (byte) 0xA2, + (byte) 0xE0, (byte) 0xB8, (byte) 0xF0, (byte) 0x3E, + (byte) 0x13, (byte) 0xDD, (byte) 0x29, (byte) 0x45, + (byte) 0x5C, (byte) 0x5C, (byte) 0x2A, (byte) 0x3D}; + // cofactor of G + public static final short EC224_FP_K = 1; + + // secp256r1 from http://www.secg.org/sec2-v2.pdf + public static final byte[] EC256_FP_P = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + public static final byte[] EC256_FP_A = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + public static final byte[] EC256_FP_B = new byte[]{ + (byte) 0x5A, (byte) 0xC6, (byte) 0x35, (byte) 0xD8, + (byte) 0xAA, (byte) 0x3A, (byte) 0x93, (byte) 0xE7, + (byte) 0xB3, (byte) 0xEB, (byte) 0xBD, (byte) 0x55, + (byte) 0x76, (byte) 0x98, (byte) 0x86, (byte) 0xBC, + (byte) 0x65, (byte) 0x1D, (byte) 0x06, (byte) 0xB0, + (byte) 0xCC, (byte) 0x53, (byte) 0xB0, (byte) 0xF6, + (byte) 0x3B, (byte) 0xCE, (byte) 0x3C, (byte) 0x3E, + (byte) 0x27, (byte) 0xD2, (byte) 0x60, (byte) 0x4B}; + // G in compressed form / first part of ucompressed + public static final byte[] EC256_FP_G_X = new byte[]{ + (byte) 0x6B, (byte) 0x17, (byte) 0xD1, (byte) 0xF2, + (byte) 0xE1, (byte) 0x2C, (byte) 0x42, (byte) 0x47, + (byte) 0xF8, (byte) 0xBC, (byte) 0xE6, (byte) 0xE5, + (byte) 0x63, (byte) 0xA4, (byte) 0x40, (byte) 0xF2, + (byte) 0x77, (byte) 0x03, (byte) 0x7D, (byte) 0x81, + (byte) 0x2D, (byte) 0xEB, (byte) 0x33, (byte) 0xA0, + (byte) 0xF4, (byte) 0xA1, (byte) 0x39, (byte) 0x45, + (byte) 0xD8, (byte) 0x98, (byte) 0xC2, (byte) 0x96}; + // second part of G uncompressed + public static final byte[] EC256_FP_G_Y = new byte[]{ + (byte) 0x4F, (byte) 0xE3, (byte) 0x42, (byte) 0xE2, + (byte) 0xFE, (byte) 0x1A, (byte) 0x7F, (byte) 0x9B, + (byte) 0x8E, (byte) 0xE7, (byte) 0xEB, (byte) 0x4A, + (byte) 0x7C, (byte) 0x0F, (byte) 0x9E, (byte) 0x16, + (byte) 0x2B, (byte) 0xCE, (byte) 0x33, (byte) 0x57, + (byte) 0x6B, (byte) 0x31, (byte) 0x5E, (byte) 0xCE, + (byte) 0xCB, (byte) 0xB6, (byte) 0x40, (byte) 0x68, + (byte) 0x37, (byte) 0xBF, (byte) 0x51, (byte) 0xF5}; + // Order of G + public static final byte[] EC256_FP_R = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xBC, (byte) 0xE6, (byte) 0xFA, (byte) 0xAD, + (byte) 0xA7, (byte) 0x17, (byte) 0x9E, (byte) 0x84, + (byte) 0xF3, (byte) 0xB9, (byte) 0xCA, (byte) 0xC2, + (byte) 0xFC, (byte) 0x63, (byte) 0x25, (byte) 0x51}; + // cofactor of G + public static final short EC256_FP_K = 1; + + // secp384r1 from http://www.secg.org/sec2-v2.pdf + public static final byte[] EC384_FP_P = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + + public static final byte[] EC384_FP_A = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + + public static final byte[] EC384_FP_B = new byte[]{ + (byte) 0xB3, (byte) 0x31, (byte) 0x2F, (byte) 0xA7, + (byte) 0xE2, (byte) 0x3E, (byte) 0xE7, (byte) 0xE4, + (byte) 0x98, (byte) 0x8E, (byte) 0x05, (byte) 0x6B, + (byte) 0xE3, (byte) 0xF8, (byte) 0x2D, (byte) 0x19, + (byte) 0x18, (byte) 0x1D, (byte) 0x9C, (byte) 0x6E, + (byte) 0xFE, (byte) 0x81, (byte) 0x41, (byte) 0x12, + (byte) 0x03, (byte) 0x14, (byte) 0x08, (byte) 0x8F, + (byte) 0x50, (byte) 0x13, (byte) 0x87, (byte) 0x5A, + (byte) 0xC6, (byte) 0x56, (byte) 0x39, (byte) 0x8D, + (byte) 0x8A, (byte) 0x2E, (byte) 0xD1, (byte) 0x9D, + (byte) 0x2A, (byte) 0x85, (byte) 0xC8, (byte) 0xED, + (byte) 0xD3, (byte) 0xEC, (byte) 0x2A, (byte) 0xEF}; + + // G in compressed form / first part of ucompressed + public static final byte[] EC384_FP_G_X = new byte[]{ + (byte) 0xAA, (byte) 0x87, (byte) 0xCA, (byte) 0x22, + (byte) 0xBE, (byte) 0x8B, (byte) 0x05, (byte) 0x37, + (byte) 0x8E, (byte) 0xB1, (byte) 0xC7, (byte) 0x1E, + (byte) 0xF3, (byte) 0x20, (byte) 0xAD, (byte) 0x74, + (byte) 0x6E, (byte) 0x1D, (byte) 0x3B, (byte) 0x62, + (byte) 0x8B, (byte) 0xA7, (byte) 0x9B, (byte) 0x98, + (byte) 0x59, (byte) 0xF7, (byte) 0x41, (byte) 0xE0, + (byte) 0x82, (byte) 0x54, (byte) 0x2A, (byte) 0x38, + (byte) 0x55, (byte) 0x02, (byte) 0xF2, (byte) 0x5D, + (byte) 0xBF, (byte) 0x55, (byte) 0x29, (byte) 0x6C, + (byte) 0x3A, (byte) 0x54, (byte) 0x5E, (byte) 0x38, + (byte) 0x72, (byte) 0x76, (byte) 0x0A, (byte) 0xB7}; + // second part of G uncompressed + public static final byte[] EC384_FP_G_Y = new byte[]{ + (byte) 0x36, (byte) 0x17, (byte) 0xDE, (byte) 0x4A, + (byte) 0x96, (byte) 0x26, (byte) 0x2C, (byte) 0x6F, + (byte) 0x5D, (byte) 0x9E, (byte) 0x98, (byte) 0xBF, + (byte) 0x92, (byte) 0x92, (byte) 0xDC, (byte) 0x29, + (byte) 0xF8, (byte) 0xF4, (byte) 0x1D, (byte) 0xBD, + (byte) 0x28, (byte) 0x9A, (byte) 0x14, (byte) 0x7C, + (byte) 0xE9, (byte) 0xDA, (byte) 0x31, (byte) 0x13, + (byte) 0xB5, (byte) 0xF0, (byte) 0xB8, (byte) 0xC0, + (byte) 0x0A, (byte) 0x60, (byte) 0xB1, (byte) 0xCE, + (byte) 0x1D, (byte) 0x7E, (byte) 0x81, (byte) 0x9D, + (byte) 0x7A, (byte) 0x43, (byte) 0x1D, (byte) 0x7C, + (byte) 0x90, (byte) 0xEA, (byte) 0x0E, (byte) 0x5F}; + + // Order of G + public static final byte[] EC384_FP_R = new byte[]{ + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xC7, (byte) 0x63, (byte) 0x4D, (byte) 0x81, + (byte) 0xF4, (byte) 0x37, (byte) 0x2D, (byte) 0xDF, + (byte) 0x58, (byte) 0x1A, (byte) 0x0D, (byte) 0xB2, + (byte) 0x48, (byte) 0xB0, (byte) 0xA7, (byte) 0x7A, + (byte) 0xEC, (byte) 0xEC, (byte) 0x19, (byte) 0x6A, + (byte) 0xCC, (byte) 0xC5, (byte) 0x29, (byte) 0x73}; + // cofactor of G + public static final short EC384_FP_K = 1; + + + // secp521r1 from http://www.secg.org/sec2-v2.pdf + public static final byte[] EC521_FP_P = new byte[]{ + (byte) 0x01, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; + + public static final byte[] EC521_FP_A = new byte[]{ + (byte) 0x01, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; + + public static final byte[] EC521_FP_B = new byte[]{ + (byte) 0x00, (byte) 0x51, (byte) 0x95, (byte) 0x3E, + (byte) 0xB9, (byte) 0x61, (byte) 0x8E, (byte) 0x1C, + (byte) 0x9A, (byte) 0x1F, (byte) 0x92, (byte) 0x9A, + (byte) 0x21, (byte) 0xA0, (byte) 0xB6, (byte) 0x85, + (byte) 0x40, (byte) 0xEE, (byte) 0xA2, (byte) 0xDA, + (byte) 0x72, (byte) 0x5B, (byte) 0x99, (byte) 0xB3, + (byte) 0x15, (byte) 0xF3, (byte) 0xB8, (byte) 0xB4, + (byte) 0x89, (byte) 0x91, (byte) 0x8E, (byte) 0xF1, + (byte) 0x09, (byte) 0xE1, (byte) 0x56, (byte) 0x19, + (byte) 0x39, (byte) 0x51, (byte) 0xEC, (byte) 0x7E, + (byte) 0x93, (byte) 0x7B, (byte) 0x16, (byte) 0x52, + (byte) 0xC0, (byte) 0xBD, (byte) 0x3B, (byte) 0xB1, + (byte) 0xBF, (byte) 0x07, (byte) 0x35, (byte) 0x73, + (byte) 0xDF, (byte) 0x88, (byte) 0x3D, (byte) 0x2C, + (byte) 0x34, (byte) 0xF1, (byte) 0xEF, (byte) 0x45, + (byte) 0x1F, (byte) 0xD4, (byte) 0x6B, (byte) 0x50, + (byte) 0x3F, (byte) 0x00}; + + // G in compressed form / first part of ucompressed + public static final byte[] EC521_FP_G_X = new byte[]{ + (byte) 0x00, (byte) 0xC6, (byte) 0x85, (byte) 0x8E, + (byte) 0x06, (byte) 0xB7, (byte) 0x04, (byte) 0x04, + (byte) 0xE9, (byte) 0xCD, (byte) 0x9E, (byte) 0x3E, + (byte) 0xCB, (byte) 0x66, (byte) 0x23, (byte) 0x95, + (byte) 0xB4, (byte) 0x42, (byte) 0x9C, (byte) 0x64, + (byte) 0x81, (byte) 0x39, (byte) 0x05, (byte) 0x3F, + (byte) 0xB5, (byte) 0x21, (byte) 0xF8, (byte) 0x28, + (byte) 0xAF, (byte) 0x60, (byte) 0x6B, (byte) 0x4D, + (byte) 0x3D, (byte) 0xBA, (byte) 0xA1, (byte) 0x4B, + (byte) 0x5E, (byte) 0x77, (byte) 0xEF, (byte) 0xE7, + (byte) 0x59, (byte) 0x28, (byte) 0xFE, (byte) 0x1D, + (byte) 0xC1, (byte) 0x27, (byte) 0xA2, (byte) 0xFF, + (byte) 0xA8, (byte) 0xDE, (byte) 0x33, (byte) 0x48, + (byte) 0xB3, (byte) 0xC1, (byte) 0x85, (byte) 0x6A, + (byte) 0x42, (byte) 0x9B, (byte) 0xF9, (byte) 0x7E, + (byte) 0x7E, (byte) 0x31, (byte) 0xC2, (byte) 0xE5, + (byte) 0xBD, (byte) 0x66}; + + // second part of G uncompressed + public static final byte[] EC521_FP_G_Y = new byte[]{ + (byte) 0x01, (byte) 0x18, (byte) 0x39, (byte) 0x29, + (byte) 0x6A, (byte) 0x78, (byte) 0x9A, (byte) 0x3B, + (byte) 0xC0, (byte) 0x04, (byte) 0x5C, (byte) 0x8A, + (byte) 0x5F, (byte) 0xB4, (byte) 0x2C, (byte) 0x7D, + (byte) 0x1B, (byte) 0xD9, (byte) 0x98, (byte) 0xF5, + (byte) 0x44, (byte) 0x49, (byte) 0x57, (byte) 0x9B, + (byte) 0x44, (byte) 0x68, (byte) 0x17, (byte) 0xAF, + (byte) 0xBD, (byte) 0x17, (byte) 0x27, (byte) 0x3E, + (byte) 0x66, (byte) 0x2C, (byte) 0x97, (byte) 0xEE, + (byte) 0x72, (byte) 0x99, (byte) 0x5E, (byte) 0xF4, + (byte) 0x26, (byte) 0x40, (byte) 0xC5, (byte) 0x50, + (byte) 0xB9, (byte) 0x01, (byte) 0x3F, (byte) 0xAD, + (byte) 0x07, (byte) 0x61, (byte) 0x35, (byte) 0x3C, + (byte) 0x70, (byte) 0x86, (byte) 0xA2, (byte) 0x72, + (byte) 0xC2, (byte) 0x40, (byte) 0x88, (byte) 0xBE, + (byte) 0x94, (byte) 0x76, (byte) 0x9F, (byte) 0xD1, + (byte) 0x66, (byte) 0x50}; + + // Order of G + public static final byte[] EC521_FP_R = new byte[]{ + (byte) 0x01, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFA, + (byte) 0x51, (byte) 0x86, (byte) 0x87, (byte) 0x83, + (byte) 0xBF, (byte) 0x2F, (byte) 0x96, (byte) 0x6B, + (byte) 0x7F, (byte) 0xCC, (byte) 0x01, (byte) 0x48, + (byte) 0xF7, (byte) 0x09, (byte) 0xA5, (byte) 0xD0, + (byte) 0x3B, (byte) 0xB5, (byte) 0xC9, (byte) 0xB8, + (byte) 0x89, (byte) 0x9C, (byte) 0x47, (byte) 0xAE, + (byte) 0xBB, (byte) 0x6F, (byte) 0xB7, (byte) 0x1E, + (byte) 0x91, (byte) 0x38, (byte) 0x64, (byte) 0x09}; + + // cofactor of G + public static final short EC521_FP_K = 1; + + //sect163r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^163 + x^i1 + x^i2 + x^i3 + 1 + public static final byte[] EC163_F2M_F = new byte[]{ + (byte) 0x00, (byte) 0x07, + (byte) 0x00, (byte) 0x06, + (byte) 0x00, (byte) 0x03 + }; + + public static final byte[] EC163_F2M_A = new byte[]{ + (byte) 0x07, (byte) 0xB6, (byte) 0x88, (byte) 0x2C, + (byte) 0xAA, (byte) 0xEF, (byte) 0xA8, (byte) 0x4F, + (byte) 0x95, (byte) 0x54, (byte) 0xFF, (byte) 0x84, + (byte) 0x28, (byte) 0xBD, (byte) 0x88, (byte) 0xE2, + (byte) 0x46, (byte) 0xD2, (byte) 0x78, (byte) 0x2A, + (byte) 0xE2 + }; + + public static final byte[] EC163_F2M_B = new byte[]{ + (byte) 0x07, (byte) 0x13, (byte) 0x61, (byte) 0x2D, + (byte) 0xCD, (byte) 0xDC, (byte) 0xB4, (byte) 0x0A, + (byte) 0xAB, (byte) 0x94, (byte) 0x6B, (byte) 0xDA, + (byte) 0x29, (byte) 0xCA, (byte) 0x91, (byte) 0xF7, + (byte) 0x3A, (byte) 0xF9, (byte) 0x58, (byte) 0xAF, + (byte) 0xD9 + }; + + // G in compressed form / first part of ucompressed + public static final byte[] EC163_F2M_G_X = new byte[]{ + (byte) 0x03, (byte) 0x69, (byte) 0x97, (byte) 0x96, + (byte) 0x97, (byte) 0xAB, (byte) 0x43, (byte) 0x89, + (byte) 0x77, (byte) 0x89, (byte) 0x56, (byte) 0x67, + (byte) 0x89, (byte) 0x56, (byte) 0x7F, (byte) 0x78, + (byte) 0x7A, (byte) 0x78, (byte) 0x76, (byte) 0xA6, + (byte) 0x54 + }; + + // second part of G uncompressed + public static final byte[] EC163_F2M_G_Y = new byte[]{ + (byte) 0x00, (byte) 0x43, (byte) 0x5E, (byte) 0xDB, + (byte) 0x42, (byte) 0xEF, (byte) 0xAF, (byte) 0xB2, + (byte) 0x98, (byte) 0x9D, (byte) 0x51, (byte) 0xFE, + (byte) 0xFC, (byte) 0xE3, (byte) 0xC8, (byte) 0x09, + (byte) 0x88, (byte) 0xF4, (byte) 0x1F, (byte) 0xF8, + (byte) 0x83 + }; + + // order of G + public static final byte[] EC163_F2M_R = new byte[]{ + (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x48, + (byte) 0xAA, (byte) 0xB6, (byte) 0x89, (byte) 0xC2, + (byte) 0x9C, (byte) 0xA7, (byte) 0x10, (byte) 0x27, + (byte) 0x9B + }; + + // cofactor of G + public static final short EC163_F2M_K = 2; + + //sect233r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^233 + x^i1 + 1 + public static final byte[] EC233_F2M_F = new byte[]{ + (byte) 0x00, (byte) 0x4a + }; + + public static final byte[] EC233_F2M_A = new byte[]{ + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x01 + }; + + public static final byte[] EC233_F2M_B = new byte[]{ + (byte) 0x00, (byte) 0x66, (byte) 0x64, (byte) 0x7E, + (byte) 0xDE, (byte) 0x6C, (byte) 0x33, (byte) 0x2C, + (byte) 0x7F, (byte) 0x8C, (byte) 0x09, (byte) 0x23, + (byte) 0xBB, (byte) 0x58, (byte) 0x21, (byte) 0x3B, + (byte) 0x33, (byte) 0x3B, (byte) 0x20, (byte) 0xE9, + (byte) 0xCE, (byte) 0x42, (byte) 0x81, (byte) 0xFE, + (byte) 0x11, (byte) 0x5F, (byte) 0x7D, (byte) 0x8F, + (byte) 0x90, (byte) 0xAD + }; + + // G in compressed form / first part of ucompressed + public static final byte[] EC233_F2M_G_X = new byte[]{ + (byte) 0x00, (byte) 0xFA, (byte) 0xC9, (byte) 0xDF, + (byte) 0xCB, (byte) 0xAC, (byte) 0x83, (byte) 0x13, + (byte) 0xBB, (byte) 0x21, (byte) 0x39, (byte) 0xF1, + (byte) 0xBB, (byte) 0x75, (byte) 0x5F, (byte) 0xEF, + (byte) 0x65, (byte) 0xBC, (byte) 0x39, (byte) 0x1F, + (byte) 0x8B, (byte) 0x36, (byte) 0xF8, (byte) 0xF8, + (byte) 0xEB, (byte) 0x73, (byte) 0x71, (byte) 0xFD, + (byte) 0x55, (byte) 0x8B + }; + + // second part of G uncompressed + public static final byte[] EC233_F2M_G_Y = new byte[]{ + (byte) 0x01, (byte) 0x00, (byte) 0x6A, (byte) 0x08, + (byte) 0xA4, (byte) 0x19, (byte) 0x03, (byte) 0x35, + (byte) 0x06, (byte) 0x78, (byte) 0xE5, (byte) 0x85, + (byte) 0x28, (byte) 0xBE, (byte) 0xBF, (byte) 0x8A, + (byte) 0x0B, (byte) 0xEF, (byte) 0xF8, (byte) 0x67, + (byte) 0xA7, (byte) 0xCA, (byte) 0x36, (byte) 0x71, + (byte) 0x6F, (byte) 0x7E, (byte) 0x01, (byte) 0xF8, + (byte) 0x10, (byte) 0x52 + }; + + // order of G + public static final byte[] EC233_F2M_R = new byte[]{ + (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x13, + (byte) 0xE9, (byte) 0x74, (byte) 0xE7, (byte) 0x2F, + (byte) 0x8A, (byte) 0x69, (byte) 0x22, (byte) 0x03, + (byte) 0x1D, (byte) 0x26, (byte) 0x03, (byte) 0xCF, + (byte) 0xE0, (byte) 0xD7 + }; + + // cofactor of G + public static final short EC233_F2M_K = 2; + + //sect283r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^283 + x^i1 + x^i2 + x^i3 + 1 + public static final byte[] EC283_F2M_F = new byte[]{ + (byte) 0x00, (byte) 0x0c, + (byte) 0x00, (byte) 0x07, + (byte) 0x00, (byte) 0x05 + }; + + public static final byte[] EC283_F2M_A = new byte[]{ + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 + }; + + public static final byte[] EC283_F2M_B = new byte[]{ + (byte) 0x02, (byte) 0x7B, (byte) 0x68, (byte) 0x0A, + (byte) 0xC8, (byte) 0xB8, (byte) 0x59, (byte) 0x6D, + (byte) 0xA5, (byte) 0xA4, (byte) 0xAF, (byte) 0x8A, + (byte) 0x19, (byte) 0xA0, (byte) 0x30, (byte) 0x3F, + (byte) 0xCA, (byte) 0x97, (byte) 0xFD, (byte) 0x76, + (byte) 0x45, (byte) 0x30, (byte) 0x9F, (byte) 0xA2, + (byte) 0xA5, (byte) 0x81, (byte) 0x48, (byte) 0x5A, + (byte) 0xF6, (byte) 0x26, (byte) 0x3E, (byte) 0x31, + (byte) 0x3B, (byte) 0x79, (byte) 0xA2, (byte) 0xF5 + }; + + // G in compressed form / first part of ucompressed + public static final byte[] EC283_F2M_G_X = new byte[]{ + (byte) 0x05, (byte) 0xF9, (byte) 0x39, (byte) 0x25, + (byte) 0x8D, (byte) 0xB7, (byte) 0xDD, (byte) 0x90, + (byte) 0xE1, (byte) 0x93, (byte) 0x4F, (byte) 0x8C, + (byte) 0x70, (byte) 0xB0, (byte) 0xDF, (byte) 0xEC, + (byte) 0x2E, (byte) 0xED, (byte) 0x25, (byte) 0xB8, + (byte) 0x55, (byte) 0x7E, (byte) 0xAC, (byte) 0x9C, + (byte) 0x80, (byte) 0xE2, (byte) 0xE1, (byte) 0x98, + (byte) 0xF8, (byte) 0xCD, (byte) 0xBE, (byte) 0xCD, + (byte) 0x86, (byte) 0xB1, (byte) 0x20, (byte) 0x53 + }; + + // second part of G uncompressed + public static final byte[] EC283_F2M_G_Y = new byte[]{ + (byte) 0x03, (byte) 0x67, (byte) 0x68, (byte) 0x54, + (byte) 0xFE, (byte) 0x24, (byte) 0x14, (byte) 0x1C, + (byte) 0xB9, (byte) 0x8F, (byte) 0xE6, (byte) 0xD4, + (byte) 0xB2, (byte) 0x0D, (byte) 0x02, (byte) 0xB4, + (byte) 0x51, (byte) 0x6F, (byte) 0xF7, (byte) 0x02, + (byte) 0x35, (byte) 0x0E, (byte) 0xDD, (byte) 0xB0, + (byte) 0x82, (byte) 0x67, (byte) 0x79, (byte) 0xC8, + (byte) 0x13, (byte) 0xF0, (byte) 0xDF, (byte) 0x45, + (byte) 0xBE, (byte) 0x81, (byte) 0x12, (byte) 0xF4 + }; + + // order of G + public static final byte[] EC283_F2M_R = new byte[]{ + (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xEF, (byte) 0x90, + (byte) 0x39, (byte) 0x96, (byte) 0x60, (byte) 0xFC, + (byte) 0x93, (byte) 0x8A, (byte) 0x90, (byte) 0x16, + (byte) 0x5B, (byte) 0x04, (byte) 0x2A, (byte) 0x7C, + (byte) 0xEF, (byte) 0xAD, (byte) 0xB3, (byte) 0x07 + }; + + // cofactor of G + public static final short EC283_F2M_K = 2; + + //sect409r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^409 + x^i1 + 1 + public static final byte[] EC409_F2M_F = new byte[]{ + (byte) 0x00, (byte) 0x57 + }; + + public static final byte[] EC409_F2M_A = new byte[]{ + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 + }; + + public static final byte[] EC409_F2M_B = new byte[]{ + (byte) 0x00, (byte) 0x21, (byte) 0xA5, (byte) 0xC2, + (byte) 0xC8, (byte) 0xEE, (byte) 0x9F, (byte) 0xEB, + (byte) 0x5C, (byte) 0x4B, (byte) 0x9A, (byte) 0x75, + (byte) 0x3B, (byte) 0x7B, (byte) 0x47, (byte) 0x6B, + (byte) 0x7F, (byte) 0xD6, (byte) 0x42, (byte) 0x2E, + (byte) 0xF1, (byte) 0xF3, (byte) 0xDD, (byte) 0x67, + (byte) 0x47, (byte) 0x61, (byte) 0xFA, (byte) 0x99, + (byte) 0xD6, (byte) 0xAC, (byte) 0x27, (byte) 0xC8, + (byte) 0xA9, (byte) 0xA1, (byte) 0x97, (byte) 0xB2, + (byte) 0x72, (byte) 0x82, (byte) 0x2F, (byte) 0x6C, + (byte) 0xD5, (byte) 0x7A, (byte) 0x55, (byte) 0xAA, + (byte) 0x4F, (byte) 0x50, (byte) 0xAE, (byte) 0x31, + (byte) 0x7B, (byte) 0x13, (byte) 0x54, (byte) 0x5F + }; + + // G in compressed form / first part of ucompressed + public static final byte[] EC409_F2M_G_X = new byte[]{ + (byte) 0x01, (byte) 0x5D, (byte) 0x48, (byte) 0x60, + (byte) 0xD0, (byte) 0x88, (byte) 0xDD, (byte) 0xB3, + (byte) 0x49, (byte) 0x6B, (byte) 0x0C, (byte) 0x60, + (byte) 0x64, (byte) 0x75, (byte) 0x62, (byte) 0x60, + (byte) 0x44, (byte) 0x1C, (byte) 0xDE, (byte) 0x4A, + (byte) 0xF1, (byte) 0x77, (byte) 0x1D, (byte) 0x4D, + (byte) 0xB0, (byte) 0x1F, (byte) 0xFE, (byte) 0x5B, + (byte) 0x34, (byte) 0xE5, (byte) 0x97, (byte) 0x03, + (byte) 0xDC, (byte) 0x25, (byte) 0x5A, (byte) 0x86, + (byte) 0x8A, (byte) 0x11, (byte) 0x80, (byte) 0x51, + (byte) 0x56, (byte) 0x03, (byte) 0xAE, (byte) 0xAB, + (byte) 0x60, (byte) 0x79, (byte) 0x4E, (byte) 0x54, + (byte) 0xBB, (byte) 0x79, (byte) 0x96, (byte) 0xA7 + }; + + // second part of G uncompressed + public static final byte[] EC409_F2M_G_Y = new byte[]{ + (byte) 0x00, (byte) 0x61, (byte) 0xB1, (byte) 0xCF, + (byte) 0xAB, (byte) 0x6B, (byte) 0xE5, (byte) 0xF3, + (byte) 0x2B, (byte) 0xBF, (byte) 0xA7, (byte) 0x83, + (byte) 0x24, (byte) 0xED, (byte) 0x10, (byte) 0x6A, + (byte) 0x76, (byte) 0x36, (byte) 0xB9, (byte) 0xC5, + (byte) 0xA7, (byte) 0xBD, (byte) 0x19, (byte) 0x8D, + (byte) 0x01, (byte) 0x58, (byte) 0xAA, (byte) 0x4F, + (byte) 0x54, (byte) 0x88, (byte) 0xD0, (byte) 0x8F, + (byte) 0x38, (byte) 0x51, (byte) 0x4F, (byte) 0x1F, + (byte) 0xDF, (byte) 0x4B, (byte) 0x4F, (byte) 0x40, + (byte) 0xD2, (byte) 0x18, (byte) 0x1B, (byte) 0x36, + (byte) 0x81, (byte) 0xC3, (byte) 0x64, (byte) 0xBA, + (byte) 0x02, (byte) 0x73, (byte) 0xC7, (byte) 0x06 + }; + + // order of G + public static final byte[] EC409_F2M_R = new byte[]{ + (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0xE2, + (byte) 0xAA, (byte) 0xD6, (byte) 0xA6, (byte) 0x12, + (byte) 0xF3, (byte) 0x33, (byte) 0x07, (byte) 0xBE, + (byte) 0x5F, (byte) 0xA4, (byte) 0x7C, (byte) 0x3C, + (byte) 0x9E, (byte) 0x05, (byte) 0x2F, (byte) 0x83, + (byte) 0x81, (byte) 0x64, (byte) 0xCD, (byte) 0x37, + (byte) 0xD9, (byte) 0xA2, (byte) 0x11, (byte) 0x73 + }; + + // cofactor of G + public static final short EC409_F2M_K = 2; + + //sect571r1 from http://www.secg.org/sec2-v2.pdf + // [short i1, short i2, short i3] f = x^571 + x^i1 + x^i2 + x^i3 + 1 + public static final byte[] EC571_F2M_F = new byte[]{ + (byte) 0x00, (byte) 0x0a, + (byte) 0x00, (byte) 0x05, + (byte) 0x00, (byte) 0x02, + }; + + public static final byte[] EC571_F2M_A = new byte[]{ + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 + }; + + public static final byte[] EC571_F2M_B = new byte[]{ + (byte) 0x02, (byte) 0xF4, (byte) 0x0E, (byte) 0x7E, + (byte) 0x22, (byte) 0x21, (byte) 0xF2, (byte) 0x95, + (byte) 0xDE, (byte) 0x29, (byte) 0x71, (byte) 0x17, + (byte) 0xB7, (byte) 0xF3, (byte) 0xD6, (byte) 0x2F, + (byte) 0x5C, (byte) 0x6A, (byte) 0x97, (byte) 0xFF, + (byte) 0xCB, (byte) 0x8C, (byte) 0xEF, (byte) 0xF1, + (byte) 0xCD, (byte) 0x6B, (byte) 0xA8, (byte) 0xCE, + (byte) 0x4A, (byte) 0x9A, (byte) 0x18, (byte) 0xAD, + (byte) 0x84, (byte) 0xFF, (byte) 0xAB, (byte) 0xBD, + (byte) 0x8E, (byte) 0xFA, (byte) 0x59, (byte) 0x33, + (byte) 0x2B, (byte) 0xE7, (byte) 0xAD, (byte) 0x67, + (byte) 0x56, (byte) 0xA6, (byte) 0x6E, (byte) 0x29, + (byte) 0x4A, (byte) 0xFD, (byte) 0x18, (byte) 0x5A, + (byte) 0x78, (byte) 0xFF, (byte) 0x12, (byte) 0xAA, + (byte) 0x52, (byte) 0x0E, (byte) 0x4D, (byte) 0xE7, + (byte) 0x39, (byte) 0xBA, (byte) 0xCA, (byte) 0x0C, + (byte) 0x7F, (byte) 0xFE, (byte) 0xFF, (byte) 0x7F, + (byte) 0x29, (byte) 0x55, (byte) 0x72, (byte) 0x7A + }; + + // G in compressed form / first part of ucompressed + public static final byte[] EC571_F2M_G_X = new byte[]{ + (byte) 0x03, (byte) 0x03, (byte) 0x00, (byte) 0x1D, + (byte) 0x34, (byte) 0xB8, (byte) 0x56, (byte) 0x29, + (byte) 0x6C, (byte) 0x16, (byte) 0xC0, (byte) 0xD4, + (byte) 0x0D, (byte) 0x3C, (byte) 0xD7, (byte) 0x75, + (byte) 0x0A, (byte) 0x93, (byte) 0xD1, (byte) 0xD2, + (byte) 0x95, (byte) 0x5F, (byte) 0xA8, (byte) 0x0A, + (byte) 0xA5, (byte) 0xF4, (byte) 0x0F, (byte) 0xC8, + (byte) 0xDB, (byte) 0x7B, (byte) 0x2A, (byte) 0xBD, + (byte) 0xBD, (byte) 0xE5, (byte) 0x39, (byte) 0x50, + (byte) 0xF4, (byte) 0xC0, (byte) 0xD2, (byte) 0x93, + (byte) 0xCD, (byte) 0xD7, (byte) 0x11, (byte) 0xA3, + (byte) 0x5B, (byte) 0x67, (byte) 0xFB, (byte) 0x14, + (byte) 0x99, (byte) 0xAE, (byte) 0x60, (byte) 0x03, + (byte) 0x86, (byte) 0x14, (byte) 0xF1, (byte) 0x39, + (byte) 0x4A, (byte) 0xBF, (byte) 0xA3, (byte) 0xB4, + (byte) 0xC8, (byte) 0x50, (byte) 0xD9, (byte) 0x27, + (byte) 0xE1, (byte) 0xE7, (byte) 0x76, (byte) 0x9C, + (byte) 0x8E, (byte) 0xEC, (byte) 0x2D, (byte) 0x19 + }; + + // second part of G uncompressed + public static final byte[] EC571_F2M_G_Y = new byte[]{ + (byte) 0x03, (byte) 0x7B, (byte) 0xF2, (byte) 0x73, + (byte) 0x42, (byte) 0xDA, (byte) 0x63, (byte) 0x9B, + (byte) 0x6D, (byte) 0xCC, (byte) 0xFF, (byte) 0xFE, + (byte) 0xB7, (byte) 0x3D, (byte) 0x69, (byte) 0xD7, + (byte) 0x8C, (byte) 0x6C, (byte) 0x27, (byte) 0xA6, + (byte) 0x00, (byte) 0x9C, (byte) 0xBB, (byte) 0xCA, + (byte) 0x19, (byte) 0x80, (byte) 0xF8, (byte) 0x53, + (byte) 0x39, (byte) 0x21, (byte) 0xE8, (byte) 0xA6, + (byte) 0x84, (byte) 0x42, (byte) 0x3E, (byte) 0x43, + (byte) 0xBA, (byte) 0xB0, (byte) 0x8A, (byte) 0x57, + (byte) 0x62, (byte) 0x91, (byte) 0xAF, (byte) 0x8F, + (byte) 0x46, (byte) 0x1B, (byte) 0xB2, (byte) 0xA8, + (byte) 0xB3, (byte) 0x53, (byte) 0x1D, (byte) 0x2F, + (byte) 0x04, (byte) 0x85, (byte) 0xC1, (byte) 0x9B, + (byte) 0x16, (byte) 0xE2, (byte) 0xF1, (byte) 0x51, + (byte) 0x6E, (byte) 0x23, (byte) 0xDD, (byte) 0x3C, + (byte) 0x1A, (byte) 0x48, (byte) 0x27, (byte) 0xAF, + (byte) 0x1B, (byte) 0x8A, (byte) 0xC1, (byte) 0x5B + }; + + // order of G + public static final byte[] EC571_F2M_R = new byte[]{ + (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, + (byte) 0xE6, (byte) 0x61, (byte) 0xCE, (byte) 0x18, + (byte) 0xFF, (byte) 0x55, (byte) 0x98, (byte) 0x73, + (byte) 0x08, (byte) 0x05, (byte) 0x9B, (byte) 0x18, + (byte) 0x68, (byte) 0x23, (byte) 0x85, (byte) 0x1E, + (byte) 0xC7, (byte) 0xDD, (byte) 0x9C, (byte) 0xA1, + (byte) 0x16, (byte) 0x1D, (byte) 0xE9, (byte) 0x3D, + (byte) 0x51, (byte) 0x74, (byte) 0xD6, (byte) 0x6E, + (byte) 0x83, (byte) 0x82, (byte) 0xE9, (byte) 0xBB, + (byte) 0x2F, (byte) 0xE8, (byte) 0x4E, (byte) 0x47 + }; + + // cofactor of G + public static final short EC571_F2M_K = 2; + + + // getCorruptCurveParameter PARAMETER_CORRUPTION TYPES + public static final byte CORRUPTION_NONE = (byte) 0x00; + public static final byte CORRUPTION_FIXED = (byte) 0x01; + public static final byte CORRUPTION_FULLRANDOM = (byte) 0x02; + public static final byte CORRUPTION_ONEBYTERANDOM = (byte) 0x03; + public static final byte CORRUPTION_ZERO = (byte) 0x04; + public static final byte CORRUPTION_ONE = (byte) 0x05; + + + // Supported embedded curves, getCurveParameter + public static final byte CURVE_default = (byte) 0; + public static final byte CURVE_external = (byte) 0xff; + + // SECP recommended curves over FP + public static final byte CURVE_secp128r1 = (byte) 1; + public static final byte CURVE_secp160r1 = (byte) 2; + public static final byte CURVE_secp192r1 = (byte) 3; + public static final byte CURVE_secp224r1 = (byte) 4; + public static final byte CURVE_secp256r1 = (byte) 5; + public static final byte CURVE_secp384r1 = (byte) 6; + public static final byte CURVE_secp521r1 = (byte) 7; + + public static final byte FP_CURVES = (byte) 7; + + // SECP recommended curves over F2M + public static final byte CURVE_sect163r1 = (byte) 8; + public static final byte CURVE_sect233r1 = (byte) 9; + public static final byte CURVE_sect283r1 = (byte) 10; + public static final byte CURVE_sect409r1 = (byte) 11; + public static final byte CURVE_sect571r1 = (byte) 12; + + public static final byte F2M_CURVES = (byte) 12; + + public static final short[] FP_SIZES = new short[]{128, 160, 192, 224, 256, 384, 521}; + public static final short[] F2M_SIZES = new short[]{163, 233, 283, 409, 571}; + + public static byte getCurve(short keyLength, byte keyClass) { + if (keyClass == KeyPair.ALG_EC_FP) { + switch (keyLength) { + case (short) 128: + return CURVE_secp128r1; + case (short) 160: + return CURVE_secp160r1; + case (short) 192: + return CURVE_secp192r1; + case (short) 224: + return CURVE_secp224r1; + case (short) 256: + return CURVE_secp256r1; + case (short) 384: + return CURVE_secp384r1; + case (short) 521: + return CURVE_secp521r1; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + } else if (keyClass == KeyPair.ALG_EC_F2M) { + switch (keyLength) { + case (short) 163: + return CURVE_sect163r1; + case (short) 233: + return CURVE_sect233r1; + case (short) 283: + return CURVE_sect283r1; + case (short) 409: + return CURVE_sect409r1; + case (short) 571: + return CURVE_sect571r1; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + } else { + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + return 0; + } + + public static short getCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset) { + byte alg = getCurveType(curve); + switch (curve) { + case CURVE_secp128r1: { + EC_FP_P = EC128_FP_P; + EC_A = EC128_FP_A; + EC_B = EC128_FP_B; + EC_G_X = EC128_FP_G_X; + EC_G_Y = EC128_FP_G_Y; + EC_R = EC128_FP_R; + EC_K = EC128_FP_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_secp160r1: { + EC_FP_P = EC160_FP_P; + EC_A = EC160_FP_A; + EC_B = EC160_FP_B; + EC_G_X = EC160_FP_G_X; + EC_G_Y = EC160_FP_G_Y; + EC_R = EC160_FP_R; + EC_K = EC160_FP_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_secp192r1: { + EC_FP_P = EC192_FP_P; + EC_A = EC192_FP_A; + EC_B = EC192_FP_B; + EC_G_X = EC192_FP_G_X; + EC_G_Y = EC192_FP_G_Y; + EC_R = EC192_FP_R; + EC_K = EC192_FP_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_secp224r1: { + EC_FP_P = EC224_FP_P; + EC_A = EC224_FP_A; + EC_B = EC224_FP_B; + EC_G_X = EC224_FP_G_X; + EC_G_Y = EC224_FP_G_Y; + EC_R = EC224_FP_R; + EC_K = EC224_FP_K; + EC_S = null; + break; + } + case CURVE_secp256r1: { + EC_FP_P = EC256_FP_P; + EC_A = EC256_FP_A; + EC_B = EC256_FP_B; + EC_G_X = EC256_FP_G_X; + EC_G_Y = EC256_FP_G_Y; + EC_R = EC256_FP_R; + EC_K = EC256_FP_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_secp384r1: { + EC_FP_P = EC384_FP_P; + EC_A = EC384_FP_A; + EC_B = EC384_FP_B; + EC_G_X = EC384_FP_G_X; + EC_G_Y = EC384_FP_G_Y; + EC_R = EC384_FP_R; + EC_K = EC384_FP_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_secp521r1: { + EC_FP_P = EC521_FP_P; + EC_A = EC521_FP_A; + EC_B = EC521_FP_B; + EC_G_X = EC521_FP_G_X; + EC_G_Y = EC521_FP_G_Y; + EC_R = EC521_FP_R; + EC_K = EC521_FP_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_sect163r1: { + EC_F2M_F2M = EC163_F2M_F; + EC_A = EC163_F2M_A; + EC_B = EC163_F2M_B; + EC_G_X = EC163_F2M_G_X; + EC_G_Y = EC163_F2M_G_Y; + EC_R = EC163_F2M_R; + EC_K = EC163_F2M_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_sect233r1: { + EC_F2M_F2M = EC233_F2M_F; + EC_A = EC233_F2M_A; + EC_B = EC233_F2M_B; + EC_G_X = EC233_F2M_G_X; + EC_G_Y = EC233_F2M_G_Y; + EC_R = EC233_F2M_R; + EC_K = EC233_F2M_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_sect283r1: { + EC_F2M_F2M = EC283_F2M_F; + EC_A = EC283_F2M_A; + EC_B = EC283_F2M_B; + EC_G_X = EC283_F2M_G_X; + EC_G_Y = EC283_F2M_G_Y; + EC_R = EC283_F2M_R; + EC_K = EC283_F2M_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_sect409r1: { + EC_F2M_F2M = EC409_F2M_F; + EC_A = EC409_F2M_A; + EC_B = EC409_F2M_B; + EC_G_X = EC409_F2M_G_X; + EC_G_Y = EC409_F2M_G_Y; + EC_R = EC409_F2M_R; + EC_K = EC409_F2M_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + case CURVE_sect571r1: { + EC_F2M_F2M = EC571_F2M_F; + EC_A = EC571_F2M_A; + EC_B = EC571_F2M_B; + EC_G_X = EC571_F2M_G_X; + EC_G_Y = EC571_F2M_G_Y; + EC_R = EC571_F2M_R; + EC_K = EC571_F2M_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + short length = 0; + switch (param) { + case PARAMETER_FP: + if (alg == KeyPair.ALG_EC_FP) { + length = Util.arrayCopyNonAtomic(EC_FP_P, (short) 0, outputBuffer, outputOffset, (short) EC_FP_P.length); + } + break; + case PARAMETER_F2M: + if (alg == KeyPair.ALG_EC_F2M) { + length = Util.arrayCopyNonAtomic(EC_F2M_F2M, (short) 0, outputBuffer, outputOffset, (short) EC_F2M_F2M.length); + } + break; + case PARAMETER_A: + length = Util.arrayCopyNonAtomic(EC_A, (short) 0, outputBuffer, outputOffset, (short) EC_A.length); + break; + case PARAMETER_B: + length = Util.arrayCopyNonAtomic(EC_B, (short) 0, outputBuffer, outputOffset, (short) EC_B.length); + break; + case PARAMETER_G: + length = toX962(outputBuffer, outputOffset, EC_G_X, (short) 0, (short) EC_G_X.length, EC_G_Y, (short) 0, (short) EC_G_Y.length); + break; + case PARAMETER_R: + length = Util.arrayCopyNonAtomic(EC_R, (short) 0, outputBuffer, outputOffset, (short) EC_R.length); + break; + case PARAMETER_K: + length = 2; + Util.setShort(outputBuffer, outputOffset, EC_K); + break; + case PARAMETER_W: + if (EC_W_X == null || EC_W_Y == null) { + return 0; + } + length = toX962(outputBuffer, outputOffset, EC_W_X, (short) 0, (short) EC_W_X.length, EC_W_Y, (short) 0, (short) EC_W_Y.length); + break; + case PARAMETER_S: + if (EC_S == null) { + return 0; + } + length = Util.arrayCopyNonAtomic(EC_S, (short) 0, outputBuffer, outputOffset, (short) EC_S.length); + break; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + return length; + } + + public static short getCorruptCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset, byte corruptionType) { + short length = getCurveParameter(curve, param, outputBuffer, outputOffset); + if (length <= 0) { + return length; + } + corruptParameter(corruptionType, outputBuffer, outputOffset, length); + return length; + } + + public static void corruptParameter(byte corruption, byte[] buffer, short offset, short length) { + switch (corruption) { + case CORRUPTION_NONE: + break; + case CORRUPTION_FIXED: + if (length >= 1) { + buffer[offset] = (byte) 0xcc; + buffer[(short) (offset + length - 1)] = (byte) 0xcc; + } + break; + case CORRUPTION_FULLRANDOM: + randomData.generateData(buffer, offset, length); + break; + case CORRUPTION_ONEBYTERANDOM: + short first = Util.getShort(buffer, (short) 0); // save first two bytes + + randomData.generateData(buffer, (short) 0, (short) 2); // generate position + short rngPos = Util.getShort(buffer, (short) 0); // save generated position + + Util.setShort(buffer, (short) 0, first); // restore first two bytes + + if (rngPos < 0) { // make positive + rngPos = (short) -rngPos; + } + rngPos %= length; // make < param length + + byte original = buffer[rngPos]; + do { + randomData.generateData(buffer, rngPos, (short) 1); + } while (original == buffer[rngPos]); + break; + case CORRUPTION_ZERO: + Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); + break; + case CORRUPTION_ONE: + Util.arrayFillNonAtomic(buffer, offset, length, (byte) 1); + break; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + /* //TODO implement CORRUPT_B_LASTBYTEINCREMENT somehow + case CORRUPT_B_LASTBYTEINCREMENT: + m_ramArray2[(short) (m_lenB - 1)] += 1; + // Make sure its not the valid byte again + if (m_ramArray[(short) (m_lenB - 1)] == m_ramArray2[(short) (m_lenB - 1)]) { + m_ramArray2[(short) (m_lenB - 1)] += 1; // if yes, increment once more + } + break; + } + */ + } + } + + public static byte getCurveType(byte curve) { + return curve <= FP_CURVES ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + } + + public static short toX962(byte[] outputBuffer, short outputOffset, byte[] xBuffer, short xOffset, short xLength, byte[] yBuffer, short yOffset, short yLength) { + short size = 1; + size += xLength; + size += yLength; + + short offset = outputOffset; + outputBuffer[offset] = 0x04; + offset += 1; + + offset = Util.arrayCopyNonAtomic(xBuffer, xOffset, outputBuffer, offset, xLength); + Util.arrayCopyNonAtomic(yBuffer, yOffset, outputBuffer, offset, yLength); + return size; + } + +} diff --git a/src/cz/crcs/ectester/data/ecsp128.csv b/src/cz/crcs/ectester/data/ecsp128.csv new file mode 100644 index 0000000..29cfe3b --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp128.csv @@ -0,0 +1,7 @@ +cfba21fd0483b1f300fa2506a5a566ef, +36d9a5acac27a008e36cbe3e9f103fde, +a67cf5fa09fb1db902068c87046ae21e, +47d78391a4b9fff6a0db1292f9cd0e6a, +9aed9c92f8bb3dbd42402165a270bd6f, +cfba21fd0483b1f333d61a5af6ada2c7, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp128_pub.csv b/src/cz/crcs/ectester/data/ecsp128_pub.csv new file mode 100644 index 0000000..ee1f34d --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp128_pub.csv @@ -0,0 +1,2 @@ +63901e122761d9c16565b2f38e991f71, +b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp160.csv b/src/cz/crcs/ectester/data/ecsp160.csv new file mode 100644 index 0000000..49824d9 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp160.csv @@ -0,0 +1,7 @@ +dc13490ff9857b111f44c0500770a6457e683223, +a3ecd7d51e79d72d2700184c795aa8a6b8e66573, +8ac43592905f995cb13f3694317bf470adafb645, +5f8e88afc117c722859fe8e55647bca69ba82150, +93e6dcaee271e9f2838c98b7d06eccc5d7c800e5, +dc13490ff9857b111f446ef4a6d1e1715f6a6dff, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp160_pub.csv b/src/cz/crcs/ectester/data/ecsp160_pub.csv new file mode 100644 index 0000000..e2e164e --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp160_pub.csv @@ -0,0 +1,2 @@ +59c9c3c8aef29f1c1c500cafb4726da6086e6eb0, +d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp192.csv b/src/cz/crcs/ectester/data/ecsp192.csv new file mode 100644 index 0000000..ccb5537 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp192.csv @@ -0,0 +1,7 @@ +ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3, +597c781f64c33eb8ef919c415911518ea323be88b9437caf, +f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320, +150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067, +843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f, +ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp192_pub.csv b/src/cz/crcs/ectester/data/ecsp192_pub.csv new file mode 100644 index 0000000..ec7f822 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp192_pub.csv @@ -0,0 +1,2 @@ +17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541, +6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp224.csv b/src/cz/crcs/ectester/data/ecsp224.csv new file mode 100644 index 0000000..894e669 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp224.csv @@ -0,0 +1,7 @@ +eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb, +8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282, +46873614be3dffc9218082322210c0616140286f2d160503c1a9250d, +961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36, +1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd, +eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp224_pub.csv b/src/cz/crcs/ectester/data/ecsp224_pub.csv new file mode 100644 index 0000000..0999b99 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp224_pub.csv @@ -0,0 +1,2 @@ +cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04, +257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp256.csv b/src/cz/crcs/ectester/data/ecsp256.csv new file mode 100644 index 0000000..17387a6 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp256.csv @@ -0,0 +1,7 @@ +c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445, +4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71, +1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880, +a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7, +98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e, +c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp256_pub.csv b/src/cz/crcs/ectester/data/ecsp256_pub.csv new file mode 100644 index 0000000..a8f0492 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp256_pub.csv @@ -0,0 +1,2 @@ +75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653, +55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp384.csv b/src/cz/crcs/ectester/data/ecsp384.csv new file mode 100644 index 0000000..9acae3f --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp384.csv @@ -0,0 +1,7 @@ +d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b, +45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906, +d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4, +2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec, +ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933, +d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp384_pub.csv b/src/cz/crcs/ectester/data/ecsp384_pub.csv new file mode 100644 index 0000000..4eb4a96 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp384_pub.csv @@ -0,0 +1,2 @@ +a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1, +38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp521.csv b/src/cz/crcs/ectester/data/ecsp521.csv new file mode 100644 index 0000000..1d36bd7 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp521.csv @@ -0,0 +1,7 @@ +01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f, +00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e, +004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6, +01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa, +00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66, +01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp521_pub.csv b/src/cz/crcs/ectester/data/ecsp521_pub.csv new file mode 100644 index 0000000..0e3f320 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp521_pub.csv @@ -0,0 +1,2 @@ +002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389, +0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp192k1.csv b/src/cz/crcs/ectester/data/secp192k1.csv new file mode 100644 index 0000000..c408b5e --- /dev/null +++ b/src/cz/crcs/ectester/data/secp192k1.csv @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFEE37, +00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000003, +DB4FF10E C057E9AE 26B07D02 80B7F434 1DA5D1B1 EAE06C7D, +9B2F2F6D 9C5628A7 844163D0 15BE8634 4082AA88 D95E2F9D, +FFFFFFFF FFFFFFFF FFFFFFFE 26F2FC17 0F69466A 74DEFD8D, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp192r1.csv b/src/cz/crcs/ectester/data/secp192r1.csv new file mode 100644 index 0000000..29305b0 --- /dev/null +++ b/src/cz/crcs/ectester/data/secp192r1.csv @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFC, +64210519 E59C80E7 0FA7E9AB 72243049 FEB8DEEC C146B9B1, +188DA80E B03090F6 7CBF20EB 43A18800 F4FF0AFD 82FF1012, +07192B95 FFC8DA78 631011ED 6B24CDD5 73F977A1 1E794811, +FFFFFFFF FFFFFFFF FFFFFFFF 99DEF836 146BC9B1 B4D22831, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp224r1.csv b/src/cz/crcs/ectester/data/secp224r1.csv new file mode 100644 index 0000000..f8f592e --- /dev/null +++ b/src/cz/crcs/ectester/data/secp224r1.csv @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 00000000 00000000 00000001, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF FFFFFFFE, +B4050A85 0C04B3AB F5413256 5044B0B7 D7BFD8BA 270B3943 2355FFB4, +B70E0CBD 6BB4BF7F 321390B9 4A03C1D3 56C21122 343280D6 115C1D21, +BD376388 B5F723FB 4C22DFE6 CD4375A0 5A074764 44D58199 85007E34, +FFFFFFFF FFFFFFFF FFFFFFFF FFFF16A2 E0B8F03E 13DD2945 5C5C2A3D, +1 diff --git a/src/cz/crcs/ectester/data/secp256k1.csv b/src/cz/crcs/ectester/data/secp256k1.csv new file mode 100644 index 0000000..19eeef7 --- /dev/null +++ b/src/cz/crcs/ectester/data/secp256k1.csv @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000007, +79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798, +483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141, +1 diff --git a/src/cz/crcs/ectester/data/secp256r1.csv b/src/cz/crcs/ectester/data/secp256r1.csv new file mode 100644 index 0000000..060f5aa --- /dev/null +++ b/src/cz/crcs/ectester/data/secp256r1.csv @@ -0,0 +1,7 @@ +FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFF, +FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFC, +5AC635D8 AA3A93E7 B3EBBD55 769886BC 651D06B0 CC53B0F6 3BCE3C3E 27D2604B, +6B17D1F2 E12C4247 F8BCE6E5 63A440F2 77037D81 2DEB33A0 F4A13945 D898C296, +4FE342E2 FE1A7F9B 8EE7EB4A 7C0F9E16 2BCE3357 6B315ECE CBB64068 37BF51F5, +FFFFFFFF 00000000 FFFFFFFF FFFFFFFF BCE6FAAD A7179E84 F3B9CAC2 FC632551, +1 diff --git a/src/cz/crcs/ectester/data/secp384r1.csv b/src/cz/crcs/ectester/data/secp384r1.csv new file mode 100644 index 0000000..08472ae --- /dev/null +++ b/src/cz/crcs/ectester/data/secp384r1.csv @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFF, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFC, +B3312FA7 E23EE7E4 988E056B E3F82D19 181D9C6E FE814112 0314088F 5013875A C656398D 8A2ED19D 2A85C8ED D3EC2AEF, +AA87CA22 BE8B0537 8EB1C71E F320AD74 6E1D3B62 8BA79B98 59F741E0 82542A38 5502F25D BF55296C 3A545E38 72760AB7, +3617DE4A 96262C6F 5D9E98BF 9292DC29 F8F41DBD 289A147C E9DA3113 B5F0B8C0 0A60B1CE 1D7E819D 7A431D7C 90EA0E5F, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF C7634D81 F4372DDF 581A0DB2 48B0A77A ECEC196A CCC52973, +1 diff --git a/src/cz/crcs/ectester/data/secp521r1.csv b/src/cz/crcs/ectester/data/secp521r1.csv new file mode 100644 index 0000000..9e0f5d3 --- /dev/null +++ b/src/cz/crcs/ectester/data/secp521r1.csv @@ -0,0 +1,7 @@ +01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF, +01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFC, +0051 953EB961 8E1C9A1F 929A21A0 B68540EE A2DA725B 99B315F3 B8B48991 8EF109E1 56193951 EC7E937B 1652C0BD 3BB1BF07 3573DF88 3D2C34F1 EF451FD4 6B503F00, +00C6 858E06B7 0404E9CD 9E3ECB66 2395B442 9C648139 053FB521 F828AF60 6B4D3DBA A14B5E77 EFE75928 FE1DC127 A2FFA8DE 3348B3C1 856A429B F97E7E31 C2E5BD66, +0118 39296A78 9A3BC004 5C8A5FB4 2C7D1BD9 98F54449 579B4468 17AFBD17 273E662C 97EE7299 5EF42640 C550B901 3FAD0761 353C7086 A272C240 88BE9476 9FD16650, +01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFA 51868783 BF2F966B 7FCC0148 F709A5D0 3BB5C9B8 899C47AE BB6FB71E 91386409, +1 diff --git a/src/cz/crcs/ectester/data/sect163k1.csv b/src/cz/crcs/ectester/data/sect163k1.csv new file mode 100644 index 0000000..6e5142e --- /dev/null +++ b/src/cz/crcs/ectester/data/sect163k1.csv @@ -0,0 +1,9 @@ +0007, +0006, +0003, +00 00000000 00000000 00000000 00000000 00000001, +00 00000000 00000000 00000000 00000000 00000001, +02 FE13C053 7BBC11AC AA07D793 DE4E6D5E 5C94EEE8, +02 89070FB0 5D38FF58 321F2E80 0536D538 CCDAA3D9, +04 00000000 00000000 00020108 A2E0CC0D 99F8A5EF, +2 diff --git a/src/cz/crcs/ectester/data/sect163r1.csv b/src/cz/crcs/ectester/data/sect163r1.csv new file mode 100644 index 0000000..879f79b --- /dev/null +++ b/src/cz/crcs/ectester/data/sect163r1.csv @@ -0,0 +1,9 @@ +0007, +0006, +0003, +07 B6882CAA EFA84F95 54FF8428 BD88E246 D2782AE2, +07 13612DCD DCB40AAB 946BDA29 CA91F73A F958AFD9, +03 69979697 AB438977 89566789 567F787A 7876A654, +00 435EDB42 EFAFB298 9D51FEFC E3C80988 F41FF883, +03 FFFFFFFF FFFFFFFF FFFF48AA B689C29C A710279B, +2 diff --git a/src/cz/crcs/ectester/data/sect163r2.csv b/src/cz/crcs/ectester/data/sect163r2.csv new file mode 100644 index 0000000..eb7d453 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect163r2.csv @@ -0,0 +1,9 @@ +0007, +0006, +0003, +00 00000000 00000000 00000000 00000000 00000001, +02 0A601907 B8C953CA 1481EB10 512F7874 4A3205FD, +03 F0EBA162 86A2D57E A0991168 D4994637 E8343E36, +00 D51FBC6C 71A0094F A2CDD545 B11C5C0C 797324F1, +04 00000000 00000000 000292FE 77E70C12 A4234C33, +2 diff --git a/src/cz/crcs/ectester/data/sect233k1.csv b/src/cz/crcs/ectester/data/sect233k1.csv new file mode 100644 index 0000000..b85fef0 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect233k1.csv @@ -0,0 +1,7 @@ +004A, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0172 32BA853A 7E731AF1 29F22FF4 149563A4 19C26BF5 0A4C9D6E EFAD6126, +01DB 537DECE8 19B7F70F 555A67C4 27A8CD9B F18AEB9B 56E0C110 56FAE6A3, +80 00000000 00000000 00000000 00069D5B B915BCD4 6EFB1AD5 F173ABDF, +4 diff --git a/src/cz/crcs/ectester/data/sect233r1.csv b/src/cz/crcs/ectester/data/sect233r1.csv new file mode 100644 index 0000000..d0c6f14 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect233r1.csv @@ -0,0 +1,7 @@ +004A, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0066 647EDE6C 332C7F8C 0923BB58 213B333B 20E9CE42 81FE115F 7D8F90AD, +00FA C9DFCBAC 8313BB21 39F1BB75 5FEF65BC 391F8B36 F8F8EB73 71FD558B, +0100 6A08A419 03350678 E58528BE BF8A0BEF F867A7CA 36716F7E 01F81052, +0100 00000000 00000000 00000000 0013E974 E72F8A69 22031D26 03CFE0D7, +2 diff --git a/src/cz/crcs/ectester/data/sect239k1.csv b/src/cz/crcs/ectester/data/sect239k1.csv new file mode 100644 index 0000000..d01bb08 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect239k1.csv @@ -0,0 +1,7 @@ +009E, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +29A0 B6A887A9 83E97309 88A68727 A8B2D126 C44CC2CC 7B2A6555 193035DC, +7631 0804F12E 549BDB01 1C103089 E73510AC B275FC31 2A5DC6B7 6553F0CA, +2000 00000000 00000000 00000000 005A79FE C67CB6E9 1F1C1DA8 00E478A5, +4 diff --git a/src/cz/crcs/ectester/data/sect283k1.csv b/src/cz/crcs/ectester/data/sect283k1.csv new file mode 100644 index 0000000..cc62698 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect283k1.csv @@ -0,0 +1,9 @@ +000C, +0007, +0005, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0503213F 78CA4488 3F1A3B81 62F188E5 53CD265F 23C1567A 16876913 B0C2AC24 58492836, +01CCDA38 0F1C9E31 8D90F95D 07E5426F E87E45C0 E8184698 E4596236 4E341161 77DD2259, +01FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFE9AE 2ED07577 265DFF7F 94451E06 1E163C61, +4 diff --git a/src/cz/crcs/ectester/data/sect283r1.csv b/src/cz/crcs/ectester/data/sect283r1.csv new file mode 100644 index 0000000..27e2ff2 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect283r1.csv @@ -0,0 +1,9 @@ +000C, +0007, +0005, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +027B680A C8B8596D A5A4AF8A 19A0303F CA97FD76 45309FA2 A581485A F6263E31 3B79A2F5, +05F93925 8DB7DD90 E1934F8C 70B0DFEC 2EED25B8 557EAC9C 80E2E198 F8CDBECD 86B12053, +03676854 FE24141C B98FE6D4 B20D02B4 516FF702 350EDDB0 826779C8 13F0DF45 BE8112F4, +03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFEF90 399660FC 938A9016 5B042A7C EFADB307, +2 diff --git a/src/cz/crcs/ectester/data/sect409k1.csv b/src/cz/crcs/ectester/data/sect409k1.csv new file mode 100644 index 0000000..aeb2e76 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect409k1.csv @@ -0,0 +1,7 @@ +0057, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0060F05F 658F49C1 AD3AB189 0F718421 0EFD0987 E307C84C 27ACCFB8 F9F67CC2 C460189E B5AAAA62 EE222EB1 B35540CF E9023746, +01E36905 0B7C4E42 ACBA1DAC BF04299C 3460782F 918EA427 E6325165 E9EA10E3 DA5F6C42 E9C55215 AA9CA27A 5863EC48 D8E0286B, +7FFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFE5F 83B2D4EA 20400EC4 557D5ED3 E3E7CA5B 4B5C83B8 E01E5FCF, +4 diff --git a/src/cz/crcs/ectester/data/sect409r1.csv b/src/cz/crcs/ectester/data/sect409r1.csv new file mode 100644 index 0000000..5ac19dc --- /dev/null +++ b/src/cz/crcs/ectester/data/sect409r1.csv @@ -0,0 +1,7 @@ +0057, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0021A5C2 C8EE9FEB 5C4B9A75 3B7B476B 7FD6422E F1F3DD67 4761FA99 D6AC27C8 A9A197B2 72822F6C D57A55AA 4F50AE31 7B13545F, +015D4860 D088DDB3 496B0C60 64756260 441CDE4A F1771D4D B01FFE5B 34E59703 DC255A86 8A118051 5603AEAB 60794E54 BB7996A7, +0061B1CF AB6BE5F3 2BBFA783 24ED106A 7636B9C5 A7BD198D 0158AA4F 5488D08F 38514F1F DF4B4F40 D2181B36 81C364BA 0273C706, +01000000 00000000 00000000 00000000 00000000 00000000 000001E2 AAD6A612 F33307BE 5FA47C3C 9E052F83 8164CD37 D9A21173, +2 diff --git a/src/cz/crcs/ectester/data/sect571k1.csv b/src/cz/crcs/ectester/data/sect571k1.csv new file mode 100644 index 0000000..7d5fdf4 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect571k1.csv @@ -0,0 +1,9 @@ +000A, +0005, +0002, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +026EB7A8 59923FBC 82189631 F8103FE4 AC9CA297 0012D5D4 60248048 01841CA4 43709584 93B205E6 47DA304D B4CEB08C BBD1BA39 494776FB 988B4717 4DCA88C7 E2945283 A01C8972, +0349DC80 7F4FBF37 4F4AEADE 3BCA9531 4DD58CEC 9F307A54 FFC61EFC 006D8A2C 9D4979C0 AC44AEA7 4FBEBBB9 F772AEDC B620B01A 7BA7AF1B 320430C8 591984F6 01CD4C14 3EF1C7A3, +02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850E1 F19A63E4 B391A8DB 917F4138 B630D84B E5D63938 1E91DEB4 5CFE778F 637C1001, +4 diff --git a/src/cz/crcs/ectester/data/sect571r1.csv b/src/cz/crcs/ectester/data/sect571r1.csv new file mode 100644 index 0000000..850f0b9 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect571r1.csv @@ -0,0 +1,9 @@ +000A, +0005, +0002, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +02F40E7E 2221F295 DE297117 B7F3D62F 5C6A97FF CB8CEFF1 CD6BA8CE 4A9A18AD 84FFABBD 8EFA5933 2BE7AD67 56A66E29 4AFD185A 78FF12AA 520E4DE7 39BACA0C 7FFEFF7F 2955727A, +0303001D 34B85629 6C16C0D4 0D3CD775 0A93D1D2 955FA80A A5F40FC8 DB7B2ABD BDE53950 F4C0D293 CDD711A3 5B67FB14 99AE6003 8614F139 4ABFA3B4 C850D927 E1E7769C 8EEC2D19, +037BF273 42DA639B 6DCCFFFE B73D69D7 8C6C27A6 009CBBCA 1980F853 3921E8A6 84423E43 BAB08A57 6291AF8F 461BB2A8 B3531D2F 0485C19B 16E2F151 6E23DD3C 1A4827AF 1B8AC15B, +03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF E661CE18 FF559873 08059B18 6823851E C7DD9CA1 161DE93D 5174D66E 8382E9BB 2FE84E47, +2 diff --git a/src/cz/crcs/ectester/reader/CardMngr.java b/src/cz/crcs/ectester/reader/CardMngr.java new file mode 100644 index 0000000..d7a5c5f --- /dev/null +++ b/src/cz/crcs/ectester/reader/CardMngr.java @@ -0,0 +1,289 @@ +package cz.crcs.ectester.reader; + +import com.licel.jcardsim.io.CAD; +import com.licel.jcardsim.io.JavaxSmartCardInterface; +import java.util.List; +import java.util.Scanner; +import javacard.framework.AID; + +import javax.smartcardio.*; + +/** + * @author Petr Svenda petr@svenda.com + * @author Jan Jancar johny@neuromancer.sk + */ +public class CardMngr { + private CardTerminal m_terminal = null; + private CardChannel m_channel = null; + private Card m_card = null; + + // Simulator related attributes + private CAD m_cad = null; + private JavaxSmartCardInterface m_simulator = null; + + private boolean simulate = false; + + private final byte selectCM[] = { + (byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x07, (byte) 0xa0, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x18, (byte) 0x43, (byte) 0x4d}; + + public static final byte OFFSET_CLA = 0x00; + public static final byte OFFSET_INS = 0x01; + public static final byte OFFSET_P1 = 0x02; + public static final byte OFFSET_P2 = 0x03; + public static final byte OFFSET_LC = 0x04; + public static final byte OFFSET_DATA = 0x05; + public static final byte HEADER_LENGTH = 0x05; + + public static final short DATA_RECORD_LENGTH = (short) 0x80; // 128B per record + public static final short NUMBER_OF_RECORDS = (short) 0x0a; // 10 records + + public CardMngr() { + this(false); + } + + public CardMngr(boolean simulate) { + this.simulate = simulate; + } + + public boolean connectToCard() throws CardException { + if (simulate) + return true; + + // TRY ALL READERS, FIND FIRST SELECTABLE + List terminalList = getReaderList(); + + if (terminalList == null || terminalList.isEmpty()) { + System.out.println("No terminals found"); + return false; + } + + //List numbers of Card readers + boolean cardFound = false; + for (int i = 0; i < terminalList.size(); i++) { + System.out.println(i + " : " + terminalList.get(i)); + m_terminal = terminalList.get(i); + if (m_terminal.isCardPresent()) { + m_card = m_terminal.connect("*"); + System.out.println("card: " + m_card); + m_channel = m_card.getBasicChannel(); + + //reset the card + System.out.println(Util.bytesToHex(m_card.getATR().getBytes())); + + cardFound = true; + } + } + + return cardFound; + } + + public boolean connectToCardSelect() throws CardException { + if (simulate) + return true; + + // Test available card - if more present, let user to select one + List terminalList = CardMngr.getReaderList(); + if (terminalList == null || terminalList.isEmpty()) { + System.out.println("ERROR: No suitable reader with card detected. Please check your reader connection"); + return false; + } else { + if (terminalList.size() == 1) { + m_terminal = terminalList.get(0); // return first and only reader + } else { + int terminalIndex = 1; + // Let user select target terminal + for (CardTerminal terminal : terminalList) { + Card card; + try { + card = terminal.connect("*"); + ATR atr = card.getATR(); + System.out.println(terminalIndex + " : " + terminal.getName() + " - " + Util.bytesToHex(atr.getBytes())); + terminalIndex++; + } catch (CardException ex) { + ex.printStackTrace(System.out); + } + } + System.out.print("Select index of target reader you like to use 1.." + (terminalIndex - 1) + ": "); + Scanner sc = new Scanner(System.in); + int answ = sc.nextInt(); + System.out.println(String.format("%d", answ)); + answ--; // is starting with 0 + // BUGBUG; verify allowed index range + m_terminal = terminalList.get(answ); + } + } + + if (m_terminal != null) { + m_card = m_terminal.connect("*"); + System.out.println("card: " + m_card); + m_channel = m_card.getBasicChannel(); + } + + return true; + } + + public boolean reconnectToCard(byte[] selectAPDU) throws CardException { + if (simulate) + return true; + + if (connected()) { + disconnectFromCard(); + } + + boolean result = connectToCard(); + if (result) { + // Select our application on card + send(selectAPDU); + } + return result; + } + + public boolean connected() { + return simulate || m_card != null; + } + + public void disconnectFromCard() throws CardException { + if (simulate) + return; + + if (m_card != null) { + m_card.disconnect(false); + m_card = null; + } + } + + public byte[] getCPLCData() throws Exception { + byte[] data; + + // TODO: Modify to obtain CPLC data + byte apdu[] = new byte[HEADER_LENGTH]; + apdu[OFFSET_CLA] = (byte) 0x00; + apdu[OFFSET_INS] = (byte) 0x00; + apdu[OFFSET_P1] = (byte) 0x00; + apdu[OFFSET_P2] = (byte) 0x00; + apdu[OFFSET_LC] = (byte) 0x00; + + ResponseAPDU resp = send(apdu); + if (resp.getSW() != 0x9000) { // 0x9000 is "OK" + System.out.println("Fail to obtain card's response data"); + data = null; + } else { + byte temp[] = resp.getBytes(); + data = new byte[temp.length - 2]; + System.arraycopy(temp, 0, data, 0, temp.length - 2); + // Last two bytes are status word (also obtainable by resp.getSW()) + // Take a look at ISO7816_status_words.txt for common codes + } + + return data; + } + + public void probeCardCommands() throws Exception { + // TODO: modify to probe for instruction + for (int i = 0; i <= 0; i++) { + byte apdu[] = new byte[HEADER_LENGTH]; + apdu[OFFSET_CLA] = (byte) 0x00; + apdu[OFFSET_INS] = (byte) 0x00; + apdu[OFFSET_P1] = (byte) 0x00; + apdu[OFFSET_P2] = (byte) 0x00; + apdu[OFFSET_LC] = (byte) 0x00; + + ResponseAPDU resp = send(apdu); + + System.out.println("Response: " + Integer.toHexString(resp.getSW())); + + if (resp.getSW() != 0x6D00) { // Note: 0x6D00 is SW_INS_NOT_SUPPORTED + // something? + } + } + } + + public static List getReaderList() { + try { + TerminalFactory factory = TerminalFactory.getDefault(); + return factory.terminals().list(); + } catch (CardException ex) { + System.out.println("Exception : " + ex); + return null; + } + } + + public ResponseAPDU sendAPDU(CommandAPDU apdu) throws CardException { + System.out.println(">>>>"); + System.out.println(apdu); + + System.out.println(Util.bytesToHex(apdu.getBytes())); + + long elapsed = -System.nanoTime(); + + ResponseAPDU responseAPDU = m_channel.transmit(apdu); + + elapsed += System.nanoTime(); + + System.out.println(responseAPDU); + System.out.println(Util.bytesToHex(responseAPDU.getBytes())); + + if (responseAPDU.getSW1() == (byte) 0x61) { + CommandAPDU apduToSend = new CommandAPDU((byte) 0x00, + (byte) 0xC0, (byte) 0x00, (byte) 0x00, + responseAPDU.getSW1()); + + responseAPDU = m_channel.transmit(apduToSend); + System.out.println(Util.bytesToHex(responseAPDU.getBytes())); + } + + System.out.println("<<<<"); + System.out.println("Elapsed time (ms): " + elapsed / 1000000); + return responseAPDU; + } + + public ResponseAPDU sendAPDU(byte apdu[]) throws CardException { + CommandAPDU commandAPDU = new CommandAPDU(apdu); + return sendAPDU(commandAPDU); + } + + public boolean prepareLocalSimulatorApplet(byte[] appletAIDArray, byte[] installData, Class appletClass) { + System.setProperty("com.licel.jcardsim.terminal.type", "2"); + m_cad = new CAD(System.getProperties()); + m_simulator = (JavaxSmartCardInterface) m_cad.getCardInterface(); + AID appletAID = new AID(appletAIDArray, (short) 0, (byte) appletAIDArray.length); + + AID appletAIDRes = m_simulator.installApplet(appletAID, appletClass, installData, (short) 0, (byte) installData.length); + return m_simulator.selectApplet(appletAID); + } + + public ResponseAPDU sendAPDUSimulator(CommandAPDU apdu) { + System.out.println(">>>>"); + System.out.println(Util.bytesToHex(apdu.getBytes())); + + ResponseAPDU response = m_simulator.transmitCommand(apdu); + byte[] responseBytes = response.getBytes(); + + System.out.println(Util.bytesToHex(responseBytes)); + System.out.println("<<<<"); + + return response; + } + + public ResponseAPDU sendAPDUSimulator(byte[] apdu) { + CommandAPDU commandAPDU = new CommandAPDU(apdu); + return sendAPDUSimulator(commandAPDU); + } + + public ResponseAPDU send(CommandAPDU apdu) throws CardException { + ResponseAPDU response; + if (simulate) { + response = sendAPDUSimulator(apdu); + } else { + response = sendAPDU(apdu); + } + return response; + } + + public ResponseAPDU send(byte[] apdu) throws CardException { + CommandAPDU commandAPDU = new CommandAPDU(apdu); + return send(commandAPDU); + } + +} diff --git a/src/cz/crcs/ectester/reader/DirtyLogger.java b/src/cz/crcs/ectester/reader/DirtyLogger.java new file mode 100644 index 0000000..f69557d --- /dev/null +++ b/src/cz/crcs/ectester/reader/DirtyLogger.java @@ -0,0 +1,55 @@ +package cz.crcs.ectester.reader; + +import java.io.FileWriter; +import java.io.IOException; + +/** + * @author Petr Svenda petr@svenda.com + * @author Jan Jancar johny@neuromancer.sk + */ +public class DirtyLogger { + FileWriter log; + boolean systemOut; + + public DirtyLogger(String filePath) throws IOException { + this(filePath, true); + } + + public DirtyLogger(String filePath, boolean systemOut) throws IOException { + if (filePath != null) + this.log = new FileWriter(filePath); + this.systemOut = systemOut; + } + + public void println() { + print("\n"); + } + + public void println(String logLine) { + logLine += "\n"; + print(logLine); + } + + public void print(String logLine) { + if (systemOut) { + System.out.print(logLine); + } + if (log != null) { + try { + log.write(logLine); + } catch (IOException ignored) { + } + } + } + + void flush() { + try { + if (log != null) log.flush(); + } catch (IOException ignored) { + } + } + + void close() throws IOException { + if (log != null) log.close(); + } +} diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java new file mode 100644 index 0000000..8c00ea9 --- /dev/null +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -0,0 +1,489 @@ +package cz.crcs.ectester.reader; + +import cz.crcs.ectester.applet.ECTesterApplet; +import cz.crcs.ectester.applet.EC_Consts; +import javacard.security.KeyPair; +import org.apache.commons.cli.*; + +import javax.smartcardio.CardException; +import javax.smartcardio.CommandAPDU; +import javax.smartcardio.ResponseAPDU; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.FileWriter; +import java.io.IOException; + +/** + * @author Petr Svenda petr@svenda.com + * @author Jan Jancar johny@neuromancer.sk + */ +public class ECTester { + + private CardMngr cardManager = null; + private DirtyLogger systemOutLogger = null; + private FileOutputStream outputFile = null; + + //Options + private int optBits; + private boolean optAll; + private boolean optPrimeField = false; + private boolean optBinaryField = false; + private boolean optNamed = false; + private String optCurve = null; + private String optPublic = null; + private String optPrivate = null; + private String optKey = null; + private String optLog = null; + private String optOutput = null; + private boolean optSimulate = false; + + private int optGenerateAmount; + private String optECDSASign; + + private Options opts = new Options(); + private static final String CLI_HEADER = ""; + private static final String CLI_FOOTER = ""; + + + private static final byte[] SELECT_ECTESTERAPPLET = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, + (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; + private static final byte[] AID = {(byte) 0x4C, (byte) 0x61, (byte) 0x62, (byte) 0x61, (byte) 0x6B, (byte) 0x41, (byte) 0x70, (byte) 0x70, (byte) 0x6C, (byte) 0x65, (byte) 0x74}; + private static final byte[] INSTALL_DATA = new byte[10]; + + /* + private static final byte[] ALLOCATE = { + (byte) 0xB0, + (byte) 0x5a, //INS ALLOCATE + (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P2 + (byte) 0x03, //LC + (byte) 0x00, //DATA *short keyLength + (byte) 0x00, + (byte) 0x00 // *byte keyClass + }; + + private static final byte[] SET = { + (byte) 0xB0, + (byte) 0x5B, //INS SET + (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P2 *byte export + (byte) 0x06, //LC + (byte) 0x00, //DATA *byte curve + (byte) 0x00, // *short params + (byte) 0x00, // + (byte) 0x00, // *short corruptedParams + (byte) 0x00, // + (byte) 0x00 // *byte corruptionType + // [short paramLength, byte[] param] for all params in params + }; + + private static final byte[] GENERATE = { + (byte) 0xB0, + (byte) 0x5C, //INS GENERATE + (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P2 *byte export + (byte) 0x00 //LC + }; + + private static final byte[] ECDH = { + (byte) 0xB0, + (byte) 0x5D, //INS ECDH + (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P2 *byte export + (byte) 0x01, //LC + (byte) 0x00 //DATA *byte valid + }; + + private static final byte[] ECDSA = { + (byte) 0xB0, + (byte) 0x5E, //INS ECDSA + (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P2 *byte export + (byte) 0x00, //LC + //DATA [*short dataLength, byte[] data] + }; + */ + + private void run(String[] args) { + try { + CommandLine cli = parseArgs(args); + + //if help, print and quit + if (cli.hasOption("help")) { + help(); + return; + } + //if not, read other options first, into attributes, then do action + if (!readOptions(cli)) { + return; + } + cardManager = new CardMngr(optSimulate); + + if (optSimulate) { + if (!cardManager.prepareLocalSimulatorApplet(AID, INSTALL_DATA, ECTesterApplet.class)) { + System.err.println("Failed to establish a simulator."); + return; + } + } else { + if (!cardManager.connectToCardSelect()) { + System.err.println("Failed to connect to card."); + return; + } + cardManager.send(SELECT_ECTESTERAPPLET); + } + + systemOutLogger = new DirtyLogger(optLog, true); + + //do action + if (cli.hasOption("generate")) { + generate(); + } else if (cli.hasOption("test")) { + test(); + } else if (cli.hasOption("ecdh")) { + ecdh(); + } else if (cli.hasOption("ecdsa")) { + ecdsa(); + } + + cardManager.disconnectFromCard(); + systemOutLogger.close(); + + } catch (MissingOptionException moex) { + System.err.println("Missing required options, one of:"); + for (Object opt : moex.getMissingOptions().toArray()) { + if (opt instanceof OptionGroup) { + for (Option o : ((OptionGroup) opt).getOptions()) { + System.err.println(o); + } + } else if (opt instanceof String) { + System.err.println(opt); + } + } + } catch (MissingArgumentException maex) { + System.err.println("Option, " + maex.getOption().getOpt() + " requires an argument: " + maex.getOption().getArgName()); + } catch (AlreadySelectedException asex) { + System.err.println(asex.getMessage()); + } catch (ParseException | CardException pex) { + pex.printStackTrace(); + } catch (NumberFormatException nfex) { + System.err.println("Not a number. " + nfex.getMessage()); + nfex.printStackTrace(System.err); + } catch (FileNotFoundException fnfe) { + System.err.println("File " + fnfe.getMessage() + " not found."); + } catch (IOException e) { + e.printStackTrace(); + } + } + + private CommandLine parseArgs(String[] args) throws ParseException { + /* + * Actions: + * -h / --help + * -g / --generate [amount] + * -t / --test + * -dh / --ecdh + * -dsa / --ecdsa [data_file] + * + * Options: + * -b / --bit-size [b] / -a / --all + * -fp / --prime-field + * -f2m / --binary-field + * -n / --named + * -c / --curve [curve_file] field,a,b,gx,gy,r,k + * --public [pubkey_file] wx,wy + * --private [privkey_file] s + * -k / --key [key_file] wx,wy,s + * -o / --output [output_file] + * -s / --simulate + */ + OptionGroup actions = new OptionGroup(); + actions.setRequired(true); + actions.addOption(Option.builder("h").longOpt("help").desc("Print help.").build()); + actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); + actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").build()); + actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH.").build()); + actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA.").hasArg().argName("data_file").optionalArg(true).build()); + opts.addOptionGroup(actions); + + OptionGroup size = new OptionGroup(); + size.addOption(Option.builder("b").longOpt("bit-size").desc("Set curve size.").hasArg().argName("b").build()); + size.addOption(Option.builder("a").longOpt("all").desc("Test all curve sizes.").build()); + opts.addOptionGroup(size); + + opts.addOption(Option.builder("fp").longOpt("prime-field").desc("Use prime field curve.").build()); + opts.addOption(Option.builder("f2m").longOpt("binary-field").desc("Use binary field curve.").build()); + opts.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").build()); + opts.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file [curve_file] (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); + opts.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file [pubkey_file] (wx,wy).").hasArg().argName("pubkey_file").build()); + opts.addOption(Option.builder("priv").longOpt("private").desc("Use private key from file [privkey_file] (s).").hasArg().argName("privkey_file").build()); + opts.addOption(Option.builder("k").longOpt("key").desc("Use keypair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); + opts.addOption(Option.builder("o").longOpt("output").desc("Output into file [output_file].").hasArg().argName("output_file").build()); + opts.addOption(Option.builder("l").longOpt("log").desc("Log output into file [log_file].").hasArg().argName("log_file").optionalArg(true).build()); + opts.addOption(Option.builder("s").longOpt("simulate").desc("Simulate a card with jcardsim instead of using a terminal.").build()); + + CommandLineParser parser = new DefaultParser(); + return parser.parse(opts, args); + } + + /** + * Reads and validates options. + * + * @param cli cli object, with parsed args + * @return whether the options are valid. + */ + private boolean readOptions(CommandLine cli) { + optBits = Integer.parseInt(cli.getOptionValue("bit-size", "0")); + optAll = cli.hasOption("all"); + optPrimeField = cli.hasOption("fp"); + optBinaryField = cli.hasOption("f2m"); + optNamed = cli.hasOption("named"); + optCurve = cli.getOptionValue("curve"); + optPublic = cli.getOptionValue("public"); + optPrivate = cli.getOptionValue("private"); + optKey = cli.getOptionValue("key"); + if (cli.hasOption("log")) { + optLog = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); + } + optOutput = cli.getOptionValue("output"); + optSimulate = cli.hasOption("simulate"); + + if (optKey != null && (optPublic != null || optPrivate != null)) { + System.err.print("Can only specify the whole key with --key or pubkey and privkey with --public and --private."); + return false; + } + if (optBits < 0) { + System.err.println("Bit-size must not be negative."); + return false; + } + if (optNamed && optCurve != null) { + System.err.println("Can only specify a named curve with --named or an external curve with --curve. (not both)"); + return false; + } + if (optBits == 0 || optAll) { + System.err.println("You have to specify curve bit-size."); + return false; + } + + if (cli.hasOption("generate")) { + if (optPrimeField == optBinaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (optKey != null || optPublic != null || optPrivate != null) { + System.err.println("Keys should not be specified when generating keys."); + return false; + } + + if (optOutput == null) { + System.err.println("You have to specify an output file for the key generation process."); + return false; + } + + optGenerateAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); + if (optGenerateAmount < 0) { + System.err.println("Amount of keys generated cant be negative."); + return false; + } + } else if (cli.hasOption("test")) { + if (!optBinaryField && !optPrimeField) { + optBinaryField = true; + optPrimeField = true; + } + + } else if (cli.hasOption("ecdh")) { + } else if (cli.hasOption("ecdsa")) { + optECDSASign = cli.getOptionValue("ecdsa"); + } + + return true; + } + + /** + * Prints help. + */ + private void help() { + HelpFormatter help = new HelpFormatter(); + help.printHelp("ECTester.jar", CLI_HEADER, opts, CLI_FOOTER); + } + + /** + * Generates EC keypairs and outputs them to log. + */ + private void generate() throws CardException, IOException { + ///// + short keyLength = (short) optBits; + byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + short params = optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; + + cmdAllocate(ECTesterApplet.KEYPAIR_LOCAL, keyLength, keyClass); + + if (optNamed) { + cmdSet(ECTesterApplet.KEYPAIR_LOCAL, (byte) 0, EC_Consts.getCurve(keyLength, keyClass), params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null); + } else if (optCurve != null) { + byte[] external = ParamReader.flatten(params, ParamReader.readFile(optCurve)); + cmdSet(ECTesterApplet.KEYPAIR_LOCAL, (byte) 0, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external); + } + ///// + + FileWriter keysFile = new FileWriter(optOutput); + keysFile.write("index;time;pubW;privS\n"); + + int generated = 0; + int retry = 0; + while (generated < optGenerateAmount || optGenerateAmount == 0) { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cmdGenerate(ECTesterApplet.KEYPAIR_LOCAL, (byte) (ECTesterApplet.EXPORT_BOTH | ECTesterApplet.KEYPAIR_LOCAL)); + elapsed += System.nanoTime(); + + byte[] bytes = response.getData(); + if (bytes.length <= 2) { + //error, retry 10 times + if (retry < 10) { + retry++; + } else { + System.err.println("Keys could not be generated."); + break; + } + } else { + short publicLength = Util.getShort(bytes, 2); + String pubkey = Util.bytesToHex(bytes, 4, publicLength, false); + short privateLength = Util.getShort(bytes, 4 + publicLength); + String privkey = Util.bytesToHex(bytes, 6 + publicLength, privateLength, false); + + keysFile.write(String.format("%d;%d;%s;%s\n", generated, elapsed / 1000000, pubkey, privkey)); + keysFile.flush(); + generated++; + } + } + keysFile.close(); + } + + /** + * + */ + private void test() { + //TODO + // allocate + // set custom + // generate + // ecdh local, local, valid + // ecdh local, local, invalid + // ecdsa local, local, 00? + + } + + /** + * + */ + private void ecdh() { + //TODO + //allocate local + remote + //set curve if specified + // + } + + /** + */ + private void ecdsa() { + //TODO + } + + /** + * Sends the INS_ALLOCATE instruction to the card/simulation. + * + * @param keypair + * @param keyLength + * @param keyClass + * @return card response + * @throws CardException + */ + private ResponseAPDU cmdAllocate(byte keypair, short keyLength, byte keyClass) throws CardException { + byte[] data = new byte[]{0, 0, keyClass}; + Util.setShort(data, 0, keyLength); + + CommandAPDU allocate = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ALLOCATE, keypair, 0x00, data); + return cardManager.send(allocate); + } + + /** + * Sends the INS_SET instruction to the card/simulation. + * + * @param keypair + * @param export + * @param curve + * @param params + * @param corrupted + * @param corruption + * @param external + * @return card response + * @throws CardException + */ + private ResponseAPDU cmdSet(byte keypair, byte export, byte curve, short params, short corrupted, byte corruption, byte[] external) throws CardException { + int len = external != null ? 6 + 2 + external.length : 6; + byte[] data = new byte[len]; + data[0] = curve; + Util.setShort(data, 1, params); + Util.setShort(data, 3, corrupted); + data[5] = corruption; + if (external != null) { + System.arraycopy(external, 0, data, 6, external.length); + } + + CommandAPDU set = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_SET, keypair, export, data); + return cardManager.send(set); + } + + /** + * Sends the INS_GENERATE instruction to the card/simulation. + * + * @param keypair + * @param export + * @return card response + */ + private ResponseAPDU cmdGenerate(byte keypair, byte export) throws CardException { + CommandAPDU generate = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_GENERATE, keypair, export); + return cardManager.send(generate); + } + + /** + * Sends the INS_ECDH instruction to the card/simulation. + * + * @param keypair + * @param export + * @param valid + * @return card response + * @throws CardException + */ + private ResponseAPDU cmdECDH(byte keypair, byte export, byte valid) throws CardException { + byte[] data = new byte[1]; + data[0] = valid; + + CommandAPDU ecdh = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDH, keypair, export, data); + return cardManager.send(ecdh); + } + + /** + * Sends the INS_ECDSA instruction to the card/simulation. + * + * @param keypair + * @param export + * @param raw + * @return card response + */ + private ResponseAPDU cmdECDSA(byte keypair, byte export, byte[] raw) throws CardException { + int len = raw != null ? raw.length : 0; + byte[] data = new byte[2 + len]; + Util.setShort(data, 0, (short) len); + if (raw != null) { + System.arraycopy(raw, 0, data, 2, len); + } + + CommandAPDU ecdsa = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDSA, keypair, export, data); + return cardManager.send(ecdsa); + } + + public static void main(String[] args) { + ECTester app = new ECTester(); + app.run(args); + } +} diff --git a/src/cz/crcs/ectester/reader/ISO7816_status_words.txt b/src/cz/crcs/ectester/reader/ISO7816_status_words.txt new file mode 100644 index 0000000..bf5af2b --- /dev/null +++ b/src/cz/crcs/ectester/reader/ISO7816_status_words.txt @@ -0,0 +1,71 @@ +public interface ISO7816 { + + // Fields + public static final byte INS_EXTERNAL_AUTHENTICATE = -126; + public static final byte INS_SELECT = -92; + public static final byte CLA_ISO7816 = 0; + public static final byte OFFSET_CDATA = 5; + public static final byte OFFSET_LC = 4; + public static final byte OFFSET_P2 = 3; + public static final byte OFFSET_P1 = 2; + public static final byte OFFSET_INS = 1; + public static final byte OFFSET_CLA = 0; + public static final short SW_FILE_FULL = 27268; 0x6A84 + public static final short SW_UNKNOWN = 28416; 0x6F00 + public static final short SW_CLA_NOT_SUPPORTED = 28160; 0x6E00 + public static final short SW_INS_NOT_SUPPORTED = 27904; 0x6D00 + public static final short SW_CORRECT_LENGTH_00 = 27648; 0x6C00 + public static final short SW_WRONG_P1P2 = 27392; 0x6B00 + public static final short SW_INCORRECT_P1P2 = 27270; 0x6A86 + public static final short SW_RECORD_NOT_FOUND = 27267; 0x6A83 + public static final short SW_FILE_NOT_FOUND = 27266; 0x6A82 + public static final short SW_FUNC_NOT_SUPPORTED = 27265; 0x6A81 + public static final short SW_WRONG_DATA = 27264; 0x6A80 + public static final short SW_APPLET_SELECT_FAILED = 27033; 0x6999 + public static final short SW_COMMAND_NOT_ALLOWED = 27014; 0x6986 + public static final short SW_CONDITIONS_NOT_SATISFIED = 27013; 0x6985 + public static final short SW_DATA_INVALID = 27012; 0x6984 + public static final short SW_FILE_INVALID = 27011; 0x6983 + public static final short SW_SECURITY_STATUS_NOT_SATISFIED = 27010; 0x6982 + public static final short SW_WRONG_LENGTH = 26368; 0x6700 + public static final short SW_BYTES_REMAINING_00 = 24832; 0x6100 + public static final short SW_NO_ERROR = -28672; 0x9000 +} + +public interface JCStatus { +static int ALGORITHM_NOT_SUPPORTED = 0x9484; +static int APPLET_INVALIDATED = 0x6283; +static int APPLET_SELECT_FAILED = 0x6999 +static int AUTHENTICATION_FAILED = 0x6300 +static int AUTHORIZATION_FAILED = 0x9482 +static int CHECKSUM_FAILED = 0x9584 +static int CLA_NOT_SUPPORTED = 0x6E00 +static int COMMAND_NOT_ALLOWED = 0x6986 +static int CONDITIONS_NOT_SATISFIED = 0x6985 +static int CORRECT_LENGTH_00 = 0x6C00 +static int DATA_INVALID = 0x6984 +static int DECRYPTION_FAILED = 0x9583 +static int FILE_FULL = 0x6A84 +static int FILE_INVALID = 0x6983 +static int FILE_NOT_FOUND = 0x6A82 +static int FUNC_NOT_SUPPORTED = 0x6A81 +static int INCORRECT_P1P2 = 0x6A86 +static int INS_NOT_SUPPORTED = 0x6D00 +static int INSTALLATION_FAILED = 0x9585 +static int INVALID_STATE = 0x9481 +static int NO_ERROR = 0x9000 +static int NO_SPECIFIC_DIAGNOSIS = 0x6400 +static int PIN_REQUIRED = 0x6982 +static int RECORD_NOT_FOUND = 0x6A83 +static int REFERENCE_DATA_NOT_FOUND = 0x6A88 +static int REGISTRATION_FAILED = 0x9586 +static int SECURITY_STATUS_NOT_SATISFIED = 0x6982 +static int SIGNATURE_CHECK_FAILED = 0x9582 +static int SM_INCORRECT = 0x6988 +static int SM_MISSING = 0x6987 +static int TRUNCATED_DATA = 0x6100 +static int UNKNOWN = 0x6F00 +static int WRONG_DATA = 0x6A80 +static int WRONG_LENGTH = 0x6700 +static int WRONG_P1P2 = 0x6B00 +} \ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/ParamReader.java b/src/cz/crcs/ectester/reader/ParamReader.java new file mode 100644 index 0000000..5232326 --- /dev/null +++ b/src/cz/crcs/ectester/reader/ParamReader.java @@ -0,0 +1,134 @@ +package cz.crcs.ectester.reader; + +import cz.crcs.ectester.applet.EC_Consts; + +import java.io.*; +import java.util.LinkedList; +import java.util.List; +import java.util.Scanner; +import java.util.regex.Pattern; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class ParamReader { + private static final Pattern hex = Pattern.compile("[a-fA-F\\d]+"); + + /** + * Flattens params read from String[] data into a byte[] with their lengths prepended as short entries. + * @param params (EC_Consts.PARAMETER_* | ...) + * @param data data read by readString, readFile, readResource + * @return byte[] with params flattened + */ + public static byte[] flatten(short params, String[] data) { + if (!validate(data)) { + return null; + } + + ByteArrayOutputStream out = new ByteArrayOutputStream(); + short paramMask = EC_Consts.PARAMETER_FP; + int i = 0; + while (paramMask <= EC_Consts.PARAMETER_S) { + short masked = (short) (params & paramMask); + if (masked != 0) { + byte[] param = parse(data[i]); + if (masked == EC_Consts.PARAMETER_F2M && data.length == 9) { + //read and pad and append e_2, e_3 + param = Util.concatenate(param, parse(data[i + 1]), parse(data[i + 2])); + i += 2; + if (param.length != 6) + return null; + } + if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { + //read another param (the y coord) and put into X962 format. + byte[] y = parse(data[i + 1]); + param = Util.concatenate(new byte[]{4}, param, y); + i++; + } + if (param.length == 0) + return null; + + //write length + byte[] length = new byte[2]; + Util.setShort(length, 0, (short) param.length); + out.write(length, 0, 2); + //write data + out.write(param, 0, param.length); + i++; + } + paramMask = (short) (paramMask << 1); + } + + return (out.size() == 0) ? null : out.toByteArray(); + } + + /** + * Reads hex params from a CSV String data. + * @param data String containing CSV data(hex) + * @return String array containing the CSV entries + */ + public static String[] readString(String data) { + return read(new ByteArrayInputStream(data.getBytes())); + } + + /** + * Reads hex params from a CSV Resource (inside jar). + * @param resourcePath path to the resourse + * @return String array containing the CSV entries + */ + public static String[] readResource(String resourcePath) { + return read(ParamReader.class.getResourceAsStream(resourcePath)); + } + + /** + * Reads hex params from a CSV file. + * @param filePath path to the file + * @return String array containing the CSV entries + * @throws FileNotFoundException if the file cannot be opened + */ + public static String[] readFile(String filePath) throws FileNotFoundException { + return read(new FileInputStream(filePath)); + } + + private static String[] read(InputStream in) { + Scanner s = new Scanner(in); + + s.useDelimiter(",|;"); + List data = new LinkedList(); + while (s.hasNext()) { + String field = s.next(); + data.add(field.replaceAll("\\s+", "")); + } + return data.toArray(new String[data.size()]); + } + + private static boolean validate(String[] data) { + if (data == null || data.length == 0) { + return false; + } + for (String param : data) { + if (!hex.matcher(param).matches()) { + return false; + } + } + return true; + } + + private static byte[] parse(String hex) { + byte[] data = Util.hexToBytes(hex); + if (data == null) + return new byte[0]; + if (data.length < 2) + return pad(data); + return data; + } + + private static byte[] pad(byte[] data) { + if (data.length == 1) { + return new byte[]{(byte) 0, data[0]}; + } else if (data.length == 0 || data.length > 2) { + return data; + } + return null; + } +} diff --git a/src/cz/crcs/ectester/reader/SimpleAPDU.java b/src/cz/crcs/ectester/reader/SimpleAPDU.java new file mode 100644 index 0000000..f120608 --- /dev/null +++ b/src/cz/crcs/ectester/reader/SimpleAPDU.java @@ -0,0 +1,459 @@ +package cz.crcs.ectester.reader; + +import cz.crcs.ectester.applet.EC_Consts; +import javacard.framework.ISO7816; +import javacard.security.CryptoException; +import javacard.security.KeyPair; +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.CommandLineParser; +import org.apache.commons.cli.DefaultParser; +import org.apache.commons.cli.HelpFormatter; +import org.apache.commons.cli.Option; +import org.apache.commons.cli.Options; +import org.apache.commons.cli.ParseException; + +import javax.smartcardio.ResponseAPDU; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.Arrays; + + +/** + * @author Petr Svenda petr@svenda.com + */ +public class SimpleAPDU { + private CardMngr cardManager = new CardMngr(); + private DirtyLogger systemOutLogger = null; + + private CommandLineParser cliParser = new DefaultParser(); + private Options opts = new Options(); + private static final String cliHeader = ""; + private static final String cliFooter = ""; + + private final static byte SELECT_ECTESTERAPPLET[] = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, + (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; + + private static final byte TESTECSUPPORTALL_FP[] = {(byte) 0xB0, (byte) 0x5E, (byte) 0x00, (byte) 0x00, (byte) 0x00}; + private static final byte TESTECSUPPORTALL_F2M[] = {(byte) 0xB0, (byte) 0x5F, (byte) 0x00, (byte) 0x00, (byte) 0x00}; + private static final byte TESTECSUPPORT_GIVENALG[] = {(byte) 0xB0, (byte) 0x71, (byte) 0x00, (byte) 0x00, (byte) 0x03, (byte) 0x00, (byte) 0x00, (byte) 0x00}; + private static final short TESTECSUPPORT_ALG_OFFSET = 5; + private static final short TESTECSUPPORT_KEYLENGTH_OFFSET = 6; + + private static final byte TESTECSUPPORTALL_LASTUSEDPARAMS[] = {(byte) 0xB0, (byte) 0x40, (byte) 0x00, (byte) 0x00, (byte) 0x00}; + + private static final byte TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB[] = {(byte) 0xB0, (byte) 0x70, (byte) 0x00, (byte) 0x00, (byte) 0x05, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00}; + private static final short INVALIDCURVEB_NUMREPEATS_OFFSET = 5; + private static final short INVALIDCURVEB_CORRUPTIONTYPE_OFFSET = 7; + private static final short INVALIDCURVEB_REWINDONSUCCESS_OFFSET = 9; + + private static final byte TESTECSUPPORT_GENERATEECCKEY[] = {(byte) 0xB0, (byte) 0x5a, (byte) 0x00, (byte) 0x00, (byte) 0x04, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00}; + private static final short GENERATEECKEY_ALG_OFFSET = 5; + private static final short GENERATEECKEY_KEYLENGTH_OFFSET = 6; + private static final short GENERATEECKEY_ANOMALOUS_OFFSET = 8; + + + private void run(String[] args) { + try { + //parse cmd args + CommandLine cli = parseArgs(args); + + //byte[] installData = new byte[10]; + //byte[] AID = {(byte) 0x4C, (byte) 0x61, (byte) 0x62, (byte) 0x61, (byte) 0x6B, (byte) 0x41, (byte) 0x70, (byte) 0x70, (byte) 0x6C, (byte) 0x65, (byte) 0x74}; + //cardManager.prepareLocalSimulatorApplet(AID, installData, SimpleECCApplet.class); + + //do stuff + if (cli.hasOption("help")) { + HelpFormatter help = new HelpFormatter(); + help.printHelp("SimpleAPDU", cliHeader, opts, cliFooter); + } else { + //open log(only when actually doing something) + String logFileName = cli.getOptionValue("output-file", String.format("ECTESTER_log_%d.log", System.currentTimeMillis())); + FileOutputStream stdoutStream = new FileOutputStream(logFileName); + systemOutLogger = new DirtyLogger(stdoutStream, true); + + boolean fp = cli.hasOption("fp"); + boolean f2m = cli.hasOption("f2m"); + if (!fp && !f2m) { + fp = true; + f2m = true; + } + int genAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); + int keyLength = Integer.parseInt(cli.getOptionValue("b", "192")); + + if (cli.hasOption("generate")) { + //generate EC keys + if (fp) { + generateECKeys(genAmount, KeyPair.ALG_EC_FP, (short) keyLength, cli.hasOption("anomalous")); + } + if (f2m) { + generateECKeys(genAmount, KeyPair.ALG_EC_F2M, (short) keyLength, cli.hasOption("anomalous")); + } + } else if (cli.hasOption("test")) { + if (cli.hasOption("bit-size")) { + //test only one bitsize + if (fp) { + testSupportECFp((short) keyLength); + } + if (f2m) { + testSupportECFp((short) keyLength); + } + } else { + //test default bit sizes + testSupportECAll(fp, f2m); + testFPkeyGen((short) 10, EC_Consts.CORRUPTION_ONEBYTERANDOM, true); + } + } else { + systemOutLogger.println("You need to specify one of -t / -g [num] commands."); + } + + //close log + systemOutLogger.close(); + } + + //disconnect + cardManager.disconnectFromCard(); + } catch (Exception ex) { + if (systemOutLogger != null) { + systemOutLogger.println("Exception : " + ex); + } + } + } + + private CommandLine parseArgs(String[] args) throws ParseException { + + opts.addOption("h", "help", false, "show this help"); + opts.addOption(Option.builder("g") + .longOpt("generate") + .hasArg() + .optionalArg(true) + .argName("num") + .desc("generate EC keys").build()); + opts.addOption("t", "test", false, "test EC support (default)"); + opts.addOption(Option.builder("b") + .longOpt("bit-size") + .hasArg() + .argName("bits") + .desc("set EC bit size").build()); + opts.addOption("f2m", "use EC over binary-fields"); + opts.addOption("fp", "user EC over prime-fields (default)"); + opts.addOption("s", "anomalous", false, "generate anomalous (non-prime order, small pubkey order) curves"); + opts.addOption(Option.builder("o") + .longOpt("output-file") + .hasArg() + .argName("file") + .desc("output file to log to").build()); + return cliParser.parse(opts, args); + } + + static short getShort(byte[] array, int offset) { + return (short) (((array[offset] & 0xFF) << 8) | (array[offset + 1] & 0xFF)); + } + + static void setShort(byte[] array, int offset, short value) { + array[offset + 1] = (byte) (value & 0xFF); + array[offset] = (byte) ((value >> 8) & 0xFF); + } + + private boolean ReconnnectToCard() throws Exception { + if (cardManager.connected()) { + cardManager.disconnectFromCard(); + } + + boolean result = cardManager.connectToCard(); + if (result) { + // Select our application on card + cardManager.sendAPDU(SELECT_ECTESTERAPPLET); + } + return result; + } + + private void testFPkeyGen(short numRepeats, short corruptionType, boolean bRewind) throws Exception { + byte[] apdu = Arrays.copyOf(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB, TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB.length); + setShort(apdu, INVALIDCURVEB_NUMREPEATS_OFFSET, numRepeats); + setShort(apdu, INVALIDCURVEB_CORRUPTIONTYPE_OFFSET, corruptionType); + apdu[INVALIDCURVEB_REWINDONSUCCESS_OFFSET] = bRewind ? (byte) 1 : (byte) 0; + + ReconnnectToCard(); + ResponseAPDU resp_fp_keygen = cardManager.sendAPDU(apdu); + ResponseAPDU resp_keygen_params = cardManager.sendAPDU(TESTECSUPPORTALL_LASTUSEDPARAMS); + PrintECKeyGenInvalidCurveB(resp_fp_keygen); + PrintECKeyGenInvalidCurveB_lastUserParams(resp_keygen_params); + } + + private void testSupportECGivenAlg(short keyLength, byte keyClass) throws Exception { + byte[] apdu = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); + apdu[TESTECSUPPORT_ALG_OFFSET] = keyClass; + setShort(apdu, TESTECSUPPORT_KEYLENGTH_OFFSET, keyLength); + + ReconnnectToCard(); + ResponseAPDU resp = cardManager.sendAPDU(apdu); + //byte[] resp = cardManager.sendAPDUSimulator(apdu); + PrintECSupport(resp); + } + + private void testSupportECFp(short keyLength) throws Exception { + testSupportECGivenAlg(keyLength, KeyPair.ALG_EC_FP); + } + + private void testSupportECF2m(short keyLength) throws Exception { + testSupportECGivenAlg(keyLength, KeyPair.ALG_EC_F2M); + } + + private void testSupportECAll(boolean testFp, boolean testF2m) throws Exception { + if (testFp) { + testSupportECFp((short) 128); + testSupportECFp((short) 192); + testSupportECFp((short) 224); + testSupportECFp((short) 256); + testSupportECFp((short) 384); + testSupportECFp((short) 521); + } + + if (testF2m) { + testSupportECF2m((short) 113); + testSupportECF2m((short) 131); + testSupportECF2m((short) 163); + testSupportECF2m((short) 193); + } + } + + private void generateECKeys(int amount, byte keyClass, short keyLength, boolean anomalous) throws Exception { + if (cardManager.connectToCardSelect()) { + cardManager.sendAPDU(SELECT_ECTESTERAPPLET); + + String keyFileName = String.format("ECKEYS_%s_%d.log", keyClass == KeyPair.ALG_EC_FP ? "fp" : "f2m", System.currentTimeMillis()); + FileOutputStream keysFile = new FileOutputStream(keyFileName); + + String message = "index;time;pubW;privS\n"; + keysFile.write(message.getBytes()); + byte[] gatherKeyAPDU = Arrays.copyOf(TESTECSUPPORT_GENERATEECCKEY, TESTECSUPPORT_GENERATEECCKEY.length); + // Prepare keypair object + gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_SETCURVE; + gatherKeyAPDU[GENERATEECKEY_ALG_OFFSET] = keyClass; + setShort(gatherKeyAPDU, GENERATEECKEY_KEYLENGTH_OFFSET, keyLength); + gatherKeyAPDU[GENERATEECKEY_ANOMALOUS_OFFSET] = anomalous ? (byte) 1 : (byte) 0; + + ResponseAPDU respGather = cardManager.sendAPDU(gatherKeyAPDU); + if (respGather.getSW() != ISO7816.SW_NO_ERROR) { + systemOutLogger.println(String.format("Card error: %x", respGather.getSW())); + keysFile.close(); + return; + } + + // Generate new keypair + gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_GENERATEKEYPAIR; + int counter = 0; + while (true) { + counter++; + long elapsed = -System.nanoTime(); + respGather = cardManager.sendAPDU(gatherKeyAPDU); + elapsed += System.nanoTime(); + + if (respGather.getSW() != ISO7816.SW_NO_ERROR) { + systemOutLogger.println(String.format("Card error: %x", respGather.getSW())); + break; + } + byte[] data = respGather.getData(); + int offset = 0; + String pubKeyW = ""; + String privKeyS = ""; + if (data[offset] == EC_Consts.TAG_ECPUBKEY) { + offset++; + short len = getShort(data, offset); + offset += 2; + pubKeyW = Util.bytesToHex(data, offset, len, false); + offset += len; + } + if (data[offset] == EC_Consts.TAG_ECPRIVKEY) { + offset++; + short len = getShort(data, offset); + offset += 2; + privKeyS = Util.bytesToHex(data, offset, len, false); + offset += len; + } + + message = String.format("%d;%d;%s;%s\n", counter, elapsed / 1000000, pubKeyW, privKeyS); + keysFile.write(message.getBytes()); + + this.systemOutLogger.flush(); + keysFile.flush(); + + //stop when we have enough keys, go on forever with 0 + if (counter >= amount && amount != 0) + break; + } + keysFile.close(); + } + } + + private static String getPrintError(short code) { + if (code == ISO7816.SW_NO_ERROR) { + return "OK\t(0x9000)"; + } else { + String codeStr = "unknown"; + if (code == CryptoException.ILLEGAL_VALUE) { + codeStr = "ILLEGAL_VALUE"; + } + if (code == CryptoException.UNINITIALIZED_KEY) { + codeStr = "UNINITIALIZED_KEY"; + } + if (code == CryptoException.NO_SUCH_ALGORITHM) { + codeStr = "NO_SUCH_ALG"; + } + if (code == CryptoException.INVALID_INIT) { + codeStr = "INVALID_INIT"; + } + if (code == CryptoException.ILLEGAL_USE) { + codeStr = "ILLEGAL_USE"; + } + if (code == SimpleECCApplet.SW_SKIPPED) { + codeStr = "skipped"; + } + if (code == SimpleECCApplet.SW_KEYPAIR_GENERATED_INVALID) { + codeStr = "SW_KEYPAIR_GENERATED_INVALID"; + } + if (code == SimpleECCApplet.SW_INVALID_CORRUPTION_TYPE) { + codeStr = "SW_INVALID_CORRUPTION_TYPE"; + } + if (code == SimpleECCApplet.SW_SIG_VERIFY_FAIL) { + codeStr = "SW_SIG_VERIFY_FAIL"; + } + return String.format("fail\t(%s,\t0x%4x)", codeStr, code); + } + } + + enum ExpResult { + SHOULD_SUCCEED, + MAY_FAIL, + MUST_FAIL + } + + private int VerifyPrintResult(String message, byte expectedTag, byte[] buffer, int bufferOffset, ExpResult expRes) { + if (bufferOffset >= buffer.length) { + systemOutLogger.println(" No more data returned"); + } else { + if (buffer[bufferOffset] != expectedTag) { + systemOutLogger.println(" ERROR: mismatched tag"); + assert (buffer[bufferOffset] == expectedTag); + } + bufferOffset++; + short resCode = getShort(buffer, bufferOffset); + bufferOffset += 2; + + boolean bHiglight = false; + if ((expRes == ExpResult.MUST_FAIL) && (resCode == ISO7816.SW_NO_ERROR)) { + bHiglight = true; + } + if ((expRes == ExpResult.SHOULD_SUCCEED) && (resCode != ISO7816.SW_NO_ERROR)) { + bHiglight = true; + } + if (bHiglight) { + systemOutLogger.println(String.format("!! %-53s%s", message, getPrintError(resCode))); + } else { + systemOutLogger.println(String.format(" %-53s%s", message, getPrintError(resCode))); + } + } + return bufferOffset; + } + + private void PrintECSupport(ResponseAPDU resp) { + PrintECSupport(resp.getData()); + } + + private void PrintECSupport(byte[] buffer) { + systemOutLogger.println(); + systemOutLogger.println("### Test for support and with valid and invalid EC curves"); + int bufferOffset = 0; + while (bufferOffset < buffer.length) { + assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); + bufferOffset++; + String ecType = "unknown"; + if (buffer[bufferOffset] == KeyPair.ALG_EC_FP) { + ecType = "ALG_EC_FP"; + } + if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { + ecType = "ALG_EC_F2M"; + } + systemOutLogger.println(String.format("%-56s%s", "EC type:", ecType)); + bufferOffset++; + short keyLen = getShort(buffer, bufferOffset); + systemOutLogger.println(String.format("%-56s%d bits", "EC key length (bits):", keyLen)); + bufferOffset += 2; + + bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("Generate key with def curve (fails if no def):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_DEFCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); + bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("ECDH agreement with valid point:", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_VALID_POINT, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_INVALID_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); + bufferOffset = VerifyPrintResult("ECDSA signature on random data:", SimpleECCApplet.ECTEST_ECDSA_SIGNATURE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("Set anomalous custom curve (may fail):", SimpleECCApplet.ECTEST_SET_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); + bufferOffset = VerifyPrintResult("Generate key with anomalous curve (may fail):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); + bufferOffset = VerifyPrintResult("ECDH agreement with small order point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); + bufferOffset = VerifyPrintResult("Set invalid custom curve (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); + bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); + bufferOffset = VerifyPrintResult("Set invalid field (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDFIELD, buffer, bufferOffset, ExpResult.MAY_FAIL); + bufferOffset = VerifyPrintResult("Generate key with invalid field (fail si good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDFIELD, buffer, bufferOffset, ExpResult.MUST_FAIL); + + systemOutLogger.println(); + } + } + + private void PrintECKeyGenInvalidCurveB(ResponseAPDU resp) { + PrintECKeyGenInvalidCurveB(resp.getData()); + } + + private void PrintECKeyGenInvalidCurveB(byte[] buffer) { + systemOutLogger.println(); + systemOutLogger.println("### Test for computation with invalid parameter B for EC curve"); + int bufferOffset = 0; + while (bufferOffset < buffer.length) { + assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); + bufferOffset++; + String ecType = "unknown"; + if (buffer[bufferOffset] == KeyPair.ALG_EC_FP) { + ecType = "ALG_EC_FP"; + } + if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { + ecType = "ALG_EC_F2M"; + } + systemOutLogger.println(String.format("%-53s%s", "EC type:", ecType)); + bufferOffset++; + short keyLen = getShort(buffer, bufferOffset); + systemOutLogger.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); + bufferOffset += 2; + + short numRepeats = getShort(buffer, bufferOffset); + bufferOffset += 2; + systemOutLogger.println(String.format("%-53s%d times", "Executed repeats before unexpected error: ", numRepeats)); + + bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + while (bufferOffset < buffer.length) { + bufferOffset = VerifyPrintResult("Set invalid custom curve:", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); + if (buffer[bufferOffset] == SimpleECCApplet.ECTEST_DH_GENERATESECRET) { + bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_DH_GENERATESECRET, buffer, bufferOffset, ExpResult.MUST_FAIL); + } + bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); + } + + systemOutLogger.println(); + } + } + + private void PrintECKeyGenInvalidCurveB_lastUserParams(ResponseAPDU resp) { + byte[] buffer = resp.getData(); + short offset = 0; + systemOutLogger.print("Last used value of B: "); + while (offset < buffer.length) { + systemOutLogger.print(String.format("%x ", buffer[offset])); + offset++; + } + } + + public static void main(String[] args) throws IOException { + SimpleAPDU app = new SimpleAPDU(); + app.run(args); + } +} diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java new file mode 100644 index 0000000..7af6e9c --- /dev/null +++ b/src/cz/crcs/ectester/reader/Util.java @@ -0,0 +1,82 @@ +package cz.crcs.ectester.reader; + +/** + * @author Petr Svenda petr@svenda.com + * @author Jan Jancar johny@neuromancer.sk + */ +public class Util { + + public static short getShort(byte[] array, int offset) { + return (short) (((array[offset] & 0xFF) << 8) | (array[offset + 1] & 0xFF)); + } + + public static void setShort(byte[] array, int offset, short value) { + array[offset + 1] = (byte) (value & 0xFF); + array[offset] = (byte) ((value >> 8) & 0xFF); + } + + public static byte[] hexToBytes(String hex) { + return hexToBytes(hex, true); + } + + public static byte[] hexToBytes(String hex, boolean bigEndian) { + StringBuilder sb = new StringBuilder(hex.replace(" ", "")); + if (!bigEndian) { + sb.reverse(); + } + int len = sb.length(); + if (len % 2 == 1) { + sb.insert(0, "0"); + ++len; + } + + String data = sb.toString(); + byte[] result = new byte[len / 2]; + for (int i = 0; i < len; i += 2) { + result[i / 2] = (byte) ((Character.digit(data.charAt(i), 16) << 4) + + (Character.digit(data.charAt(i + 1), 16))); + } + return result; + } + + public static String byteToHex(byte data) { + return String.format("%02x", data); + } + + public static String bytesToHex(byte[] data) { + return bytesToHex(data, 0, data.length, true); + } + + public static String bytesToHex(byte[] data, int offset, int len) { + return bytesToHex(data, offset, len, true); + } + + public static String bytesToHex(byte[] data, int offset, int len, boolean bAddSpace) { + StringBuilder buf = new StringBuilder(); + for (int i = offset; i < (offset + len); i++) { + buf.append(byteToHex(data[i])); + if (bAddSpace && i != (offset + len - 1)) { + buf.append(" "); + } + } + return (buf.toString()); + } + + public static byte[] concatenate(byte[]... arrays) { + int len = 0; + for (byte[] array : arrays) { + if (array == null) + continue; + len += array.length; + } + byte[] out = new byte[len]; + int offset = 0; + for (byte[] array : arrays) { + if (array == null) + continue; + System.arraycopy(array, 0, out, offset, array.length); + offset += array.length; + } + return out; + } +} diff --git a/src/simpleapdu/CardMngr.java b/src/simpleapdu/CardMngr.java deleted file mode 100644 index e60f695..0000000 --- a/src/simpleapdu/CardMngr.java +++ /dev/null @@ -1,260 +0,0 @@ -package simpleapdu; - -import com.licel.jcardsim.io.CAD; -import com.licel.jcardsim.io.JavaxSmartCardInterface; -import java.util.List; -import java.util.Scanner; -import javacard.framework.AID; -import javax.smartcardio.*; - -/** - * - * @author xsvenda - */ -public class CardMngr { - private CardTerminal m_terminal = null; - private CardChannel m_channel = null; - private Card m_card = null; - - // Simulator related attributes - private CAD m_cad = null; - private JavaxSmartCardInterface m_simulator = null; - - - private final byte selectCM[] = { - (byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x07, (byte) 0xa0, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x18, (byte) 0x43, (byte) 0x4d}; - - public static final byte OFFSET_CLA = 0x00; - public static final byte OFFSET_INS = 0x01; - public static final byte OFFSET_P1 = 0x02; - public static final byte OFFSET_P2 = 0x03; - public static final byte OFFSET_LC = 0x04; - public static final byte OFFSET_DATA = 0x05; - public static final byte HEADER_LENGTH = 0x05; - public final static short DATA_RECORD_LENGTH = (short) 0x80; // 128B per record - public final static short NUMBER_OF_RECORDS = (short) 0x0a; // 10 records - - public boolean ConnectToCard() throws Exception { - // TRY ALL READERS, FIND FIRST SELECTABLE - List terminalList = GetReaderList(); - - if (terminalList == null || terminalList.isEmpty()) { - System.out.println("No terminals found"); - return false; - } - - //List numbers of Card readers - boolean cardFound = false; - for (int i = 0; i < terminalList.size(); i++) { - System.out.println(i + " : " + terminalList.get(i)); - m_terminal = (CardTerminal) terminalList.get(i); - if (m_terminal.isCardPresent()) { - m_card = m_terminal.connect("*"); - System.out.println("card: " + m_card); - m_channel = m_card.getBasicChannel(); - - //reset the card - ATR atr = m_card.getATR(); - System.out.println(bytesToHex(m_card.getATR().getBytes())); - - cardFound = true; - } - } - - return cardFound; - } - - public boolean ConnectToCardSelect() throws CardException { - // Test available card - if more present, let user to select one - List terminalList = CardMngr.GetReaderList(); - if (terminalList == null || terminalList.isEmpty()) { - System.out.println("ERROR: No suitable reader with card detected. Please check your reader connection"); - return false; - } else { - if (terminalList.size() == 1) { - m_terminal = terminalList.get(0); // return first and only reader - } else { - int terminalIndex = 1; - // Let user select target terminal - for (CardTerminal terminal : terminalList) { - Card card; - try { - card = terminal.connect("*"); - ATR atr = card.getATR(); - System.out.println(terminalIndex + " : " + terminal.getName() + " - " + CardMngr.bytesToHex(atr.getBytes())); - terminalIndex++; - } catch (CardException ex) { - System.out.println(ex); - } - } - System.out.print("Select index of target reader you like to use 1.." + (terminalIndex - 1) + ": "); - Scanner sc = new Scanner(System.in); - int answ = sc.nextInt(); - System.out.println(String.format("%d", answ)); - answ--; // is starting with 0 - // BUGBUG; verify allowed index range - m_terminal = terminalList.get(answ); - } - } - - if (m_terminal != null) { - m_card = m_terminal.connect("*"); - System.out.println("card: " + m_card); - m_channel = m_card.getBasicChannel(); - } - - return true; - } - - public boolean isConnected() { - return m_card != null; - } - - public void DisconnectFromCard() throws Exception { - if (m_card != null) { - m_card.disconnect(false); - m_card = null; - } - } - - public byte[] GetCPLCData() throws Exception { - byte[] data; - - // TODO: Modify to obtain CPLC data - byte apdu[] = new byte[HEADER_LENGTH]; - apdu[OFFSET_CLA] = (byte) 0x00; - apdu[OFFSET_INS] = (byte) 0x00; - apdu[OFFSET_P1] = (byte) 0x00; - apdu[OFFSET_P2] = (byte) 0x00; - apdu[OFFSET_LC] = (byte) 0x00; - - ResponseAPDU resp = sendAPDU(apdu); - if (resp.getSW() != 0x9000) { // 0x9000 is "OK" - System.out.println("Fail to obtain card's response data"); - data = null; - } else { - byte temp[] = resp.getBytes(); - data = new byte[temp.length - 2]; - System.arraycopy(temp, 0, data, 0, temp.length - 2); - // Last two bytes are status word (also obtainable by resp.getSW()) - // Take a look at ISO7816_status_words.txt for common codes - } - - return data; - } - - public void ProbeCardCommands() throws Exception { - // TODO: modify to probe for instruction - for (int i = 0; i <= 0; i++) { - byte apdu[] = new byte[HEADER_LENGTH]; - apdu[OFFSET_CLA] = (byte) 0x00; - apdu[OFFSET_INS] = (byte) 0x00; - apdu[OFFSET_P1] = (byte) 0x00; - apdu[OFFSET_P2] = (byte) 0x00; - apdu[OFFSET_LC] = (byte) 0x00; - - ResponseAPDU resp = sendAPDU(apdu); - - System.out.println("Response: " + Integer.toHexString(resp.getSW())); - - if (resp.getSW() != 0x6D00) { // Note: 0x6D00 is SW_INS_NOT_SUPPORTED - // something? - } - } - } - - public static List GetReaderList() { - try { - TerminalFactory factory = TerminalFactory.getDefault(); - return factory.terminals().list(); - } catch (Exception ex) { - System.out.println("Exception : " + ex); - return null; - } - } - - public ResponseAPDU sendAPDU(byte apdu[]) throws Exception { - CommandAPDU commandAPDU = new CommandAPDU(apdu); - - System.out.println(">>>>"); - System.out.println(commandAPDU); - - System.out.println(bytesToHex(commandAPDU.getBytes())); - - long elapsed = -System.nanoTime(); - - ResponseAPDU responseAPDU = m_channel.transmit(commandAPDU); - - elapsed += System.nanoTime(); - - System.out.println(responseAPDU); - System.out.println(bytesToHex(responseAPDU.getBytes())); - - if (responseAPDU.getSW1() == (byte) 0x61) { - CommandAPDU apduToSend = new CommandAPDU((byte) 0x00, - (byte) 0xC0, (byte) 0x00, (byte) 0x00, - responseAPDU.getSW1()); - - responseAPDU = m_channel.transmit(apduToSend); - System.out.println(bytesToHex(responseAPDU.getBytes())); - } - - System.out.println("<<<<"); - System.out.println("Elapsed time (ms): " + elapsed / 1000000); - return (responseAPDU); - } - - public static String byteToHex(byte data) { - StringBuilder buf = new StringBuilder(); - buf.append(toHexChar((data >>> 4) & 0x0F)); - buf.append(toHexChar(data & 0x0F)); - return buf.toString(); - } - - - public static char toHexChar(int i) { - if ((0 <= i) && (i <= 9)) { - return (char) ('0' + i); - } else { - return (char) ('a' + (i - 10)); - } - } - - public static String bytesToHex(byte[] data) { - return bytesToHex(data, 0, data.length, true); - } - - public static String bytesToHex(byte[] data, int offset, int len, boolean bAddSpace) { - StringBuilder buf = new StringBuilder(); - for (int i = offset; i < (offset + len); i++) { - buf.append(byteToHex(data[i])); - if (bAddSpace) { buf.append(" "); } - } - return (buf.toString()); - } - - public boolean prepareLocalSimulatorApplet(byte[] appletAIDArray, byte[] installData, Class appletClass) { - System.setProperty("com.licel.jcardsim.terminal.type", "2"); - m_cad = new CAD(System.getProperties()); - m_simulator = (JavaxSmartCardInterface) m_cad.getCardInterface(); - AID appletAID = new AID(appletAIDArray, (short) 0, (byte) appletAIDArray.length); - - AID appletAIDRes = m_simulator.installApplet(appletAID, appletClass, installData, (short) 0, (byte) installData.length); - return m_simulator.selectApplet(appletAID); - } - - public byte[] sendAPDUSimulator(byte apdu[]) throws Exception { - System.out.println(">>>>"); - System.out.println(bytesToHex(apdu)); - - byte[] responseBytes = m_simulator.transmitCommand(apdu); - - System.out.println(bytesToHex(responseBytes)); - System.out.println("<<<<"); - - return responseBytes; - } - - -} diff --git a/src/simpleapdu/DirtyLogger.java b/src/simpleapdu/DirtyLogger.java deleted file mode 100644 index c06571b..0000000 --- a/src/simpleapdu/DirtyLogger.java +++ /dev/null @@ -1,48 +0,0 @@ -package simpleapdu; - -import java.io.FileOutputStream; -import java.io.IOException; - -/** - * - * @author xsvenda - */ -public class DirtyLogger { - FileOutputStream m_logFile; - boolean m_bOutputSystemOut = true; - - public DirtyLogger(FileOutputStream logFile, boolean bOutputSystemOut) { - m_logFile = logFile; - m_bOutputSystemOut = bOutputSystemOut; - } - public void println() { - String logLine = "\n"; - print(logLine); - } - public void println(String logLine) { - logLine += "\n"; - print(logLine); - } - public void print(String logLine) { - if (m_bOutputSystemOut) { - System.out.print(logLine); - } - if (m_logFile != null) { - try { - m_logFile.write(logLine.getBytes()); - } catch (IOException ex) { - } - } - } - - void flush() { - try { - m_logFile.flush(); - } catch (IOException ex) { - } - } - - void close() throws IOException { - m_logFile.close(); - } -} diff --git a/src/simpleapdu/ISO7816_status_words.txt b/src/simpleapdu/ISO7816_status_words.txt deleted file mode 100644 index bf5af2b..0000000 --- a/src/simpleapdu/ISO7816_status_words.txt +++ /dev/null @@ -1,71 +0,0 @@ -public interface ISO7816 { - - // Fields - public static final byte INS_EXTERNAL_AUTHENTICATE = -126; - public static final byte INS_SELECT = -92; - public static final byte CLA_ISO7816 = 0; - public static final byte OFFSET_CDATA = 5; - public static final byte OFFSET_LC = 4; - public static final byte OFFSET_P2 = 3; - public static final byte OFFSET_P1 = 2; - public static final byte OFFSET_INS = 1; - public static final byte OFFSET_CLA = 0; - public static final short SW_FILE_FULL = 27268; 0x6A84 - public static final short SW_UNKNOWN = 28416; 0x6F00 - public static final short SW_CLA_NOT_SUPPORTED = 28160; 0x6E00 - public static final short SW_INS_NOT_SUPPORTED = 27904; 0x6D00 - public static final short SW_CORRECT_LENGTH_00 = 27648; 0x6C00 - public static final short SW_WRONG_P1P2 = 27392; 0x6B00 - public static final short SW_INCORRECT_P1P2 = 27270; 0x6A86 - public static final short SW_RECORD_NOT_FOUND = 27267; 0x6A83 - public static final short SW_FILE_NOT_FOUND = 27266; 0x6A82 - public static final short SW_FUNC_NOT_SUPPORTED = 27265; 0x6A81 - public static final short SW_WRONG_DATA = 27264; 0x6A80 - public static final short SW_APPLET_SELECT_FAILED = 27033; 0x6999 - public static final short SW_COMMAND_NOT_ALLOWED = 27014; 0x6986 - public static final short SW_CONDITIONS_NOT_SATISFIED = 27013; 0x6985 - public static final short SW_DATA_INVALID = 27012; 0x6984 - public static final short SW_FILE_INVALID = 27011; 0x6983 - public static final short SW_SECURITY_STATUS_NOT_SATISFIED = 27010; 0x6982 - public static final short SW_WRONG_LENGTH = 26368; 0x6700 - public static final short SW_BYTES_REMAINING_00 = 24832; 0x6100 - public static final short SW_NO_ERROR = -28672; 0x9000 -} - -public interface JCStatus { -static int ALGORITHM_NOT_SUPPORTED = 0x9484; -static int APPLET_INVALIDATED = 0x6283; -static int APPLET_SELECT_FAILED = 0x6999 -static int AUTHENTICATION_FAILED = 0x6300 -static int AUTHORIZATION_FAILED = 0x9482 -static int CHECKSUM_FAILED = 0x9584 -static int CLA_NOT_SUPPORTED = 0x6E00 -static int COMMAND_NOT_ALLOWED = 0x6986 -static int CONDITIONS_NOT_SATISFIED = 0x6985 -static int CORRECT_LENGTH_00 = 0x6C00 -static int DATA_INVALID = 0x6984 -static int DECRYPTION_FAILED = 0x9583 -static int FILE_FULL = 0x6A84 -static int FILE_INVALID = 0x6983 -static int FILE_NOT_FOUND = 0x6A82 -static int FUNC_NOT_SUPPORTED = 0x6A81 -static int INCORRECT_P1P2 = 0x6A86 -static int INS_NOT_SUPPORTED = 0x6D00 -static int INSTALLATION_FAILED = 0x9585 -static int INVALID_STATE = 0x9481 -static int NO_ERROR = 0x9000 -static int NO_SPECIFIC_DIAGNOSIS = 0x6400 -static int PIN_REQUIRED = 0x6982 -static int RECORD_NOT_FOUND = 0x6A83 -static int REFERENCE_DATA_NOT_FOUND = 0x6A88 -static int REGISTRATION_FAILED = 0x9586 -static int SECURITY_STATUS_NOT_SATISFIED = 0x6982 -static int SIGNATURE_CHECK_FAILED = 0x9582 -static int SM_INCORRECT = 0x6988 -static int SM_MISSING = 0x6987 -static int TRUNCATED_DATA = 0x6100 -static int UNKNOWN = 0x6F00 -static int WRONG_DATA = 0x6A80 -static int WRONG_LENGTH = 0x6700 -static int WRONG_P1P2 = 0x6B00 -} \ No newline at end of file diff --git a/src/simpleapdu/SimpleAPDU.java b/src/simpleapdu/SimpleAPDU.java deleted file mode 100644 index 5e51221..0000000 --- a/src/simpleapdu/SimpleAPDU.java +++ /dev/null @@ -1,460 +0,0 @@ -package simpleapdu; - -import applets.EC_Consts; -import applets.SimpleECCApplet; -import javacard.framework.ISO7816; -import javacard.security.CryptoException; -import javacard.security.KeyPair; -import org.apache.commons.cli.CommandLine; -import org.apache.commons.cli.CommandLineParser; -import org.apache.commons.cli.DefaultParser; -import org.apache.commons.cli.HelpFormatter; -import org.apache.commons.cli.Option; -import org.apache.commons.cli.Options; -import org.apache.commons.cli.ParseException; - -import javax.smartcardio.ResponseAPDU; -import java.io.FileOutputStream; -import java.io.IOException; -import java.util.Arrays; - - -/** - * @author Petr Svenda petr@svenda.com - */ -public class SimpleAPDU { - private CardMngr cardManager = new CardMngr(); - private DirtyLogger systemOutLogger = null; - - private CommandLineParser cliParser = new DefaultParser(); - private Options opts = new Options(); - private static final String cliHeader = ""; - private static final String cliFooter = ""; - - private final static byte SELECT_ECTESTERAPPLET[] = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, - (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; - - private static final byte TESTECSUPPORTALL_FP[] = {(byte) 0xB0, (byte) 0x5E, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final byte TESTECSUPPORTALL_F2M[] = {(byte) 0xB0, (byte) 0x5F, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final byte TESTECSUPPORT_GIVENALG[] = {(byte) 0xB0, (byte) 0x71, (byte) 0x00, (byte) 0x00, (byte) 0x03, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final short TESTECSUPPORT_ALG_OFFSET = 5; - private static final short TESTECSUPPORT_KEYLENGTH_OFFSET = 6; - - private static final byte TESTECSUPPORTALL_LASTUSEDPARAMS[] = {(byte) 0xB0, (byte) 0x40, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - - private static final byte TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB[] = {(byte) 0xB0, (byte) 0x70, (byte) 0x00, (byte) 0x00, (byte) 0x05, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final short INVALIDCURVEB_NUMREPEATS_OFFSET = 5; - private static final short INVALIDCURVEB_CORRUPTIONTYPE_OFFSET = 7; - private static final short INVALIDCURVEB_REWINDONSUCCESS_OFFSET = 9; - - private static final byte TESTECSUPPORT_GENERATEECCKEY[] = {(byte) 0xB0, (byte) 0x5a, (byte) 0x00, (byte) 0x00, (byte) 0x04, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final short GENERATEECKEY_ALG_OFFSET = 5; - private static final short GENERATEECKEY_KEYLENGTH_OFFSET = 6; - private static final short GENERATEECKEY_ANOMALOUS_OFFSET = 8; - - - private void run(String[] args) { - try { - //parse cmd args - CommandLine cli = parseArgs(args); - - //byte[] installData = new byte[10]; - //byte[] AID = {(byte) 0x4C, (byte) 0x61, (byte) 0x62, (byte) 0x61, (byte) 0x6B, (byte) 0x41, (byte) 0x70, (byte) 0x70, (byte) 0x6C, (byte) 0x65, (byte) 0x74}; - //cardManager.prepareLocalSimulatorApplet(AID, installData, SimpleECCApplet.class); - - //do stuff - if (cli.hasOption("help")) { - HelpFormatter help = new HelpFormatter(); - help.printHelp("SimpleAPDU", cliHeader, opts, cliFooter); - } else { - //open log(only when actually doing something) - String logFileName = cli.getOptionValue("output-file", String.format("ECTESTER_log_%d.log", System.currentTimeMillis())); - FileOutputStream stdoutStream = new FileOutputStream(logFileName); - systemOutLogger = new DirtyLogger(stdoutStream, true); - - boolean fp = cli.hasOption("fp"); - boolean f2m = cli.hasOption("f2m"); - if (!fp && !f2m) { - fp = true; - f2m = true; - } - int genAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); - int keyLength = Integer.parseInt(cli.getOptionValue("b", "192")); - - if (cli.hasOption("generate")) { - //generate EC keys - if (fp) { - generateECKeys(genAmount, KeyPair.ALG_EC_FP, (short) keyLength, cli.hasOption("anomalous")); - } - if (f2m) { - generateECKeys(genAmount, KeyPair.ALG_EC_F2M, (short) keyLength, cli.hasOption("anomalous")); - } - } else if (cli.hasOption("test")) { - if (cli.hasOption("bit-size")) { - //test only one bitsize - if (fp) { - testSupportECFp((short) keyLength); - } - if (f2m) { - testSupportECFp((short) keyLength); - } - } else { - //test default bit sizes - testSupportECAll(fp, f2m); - testFPkeyGen((short) 10, EC_Consts.CORRUPTION_ONEBYTERANDOM, true); - } - } else { - systemOutLogger.println("You need to specify one of -t / -g [num] commands."); - } - - //close log - systemOutLogger.close(); - } - - //disconnect - cardManager.DisconnectFromCard(); - } catch (Exception ex) { - if (systemOutLogger != null) { - systemOutLogger.println("Exception : " + ex); - } - } - } - - private CommandLine parseArgs(String[] args) throws ParseException { - - opts.addOption("h", "help", false, "show this help"); - opts.addOption(Option.builder("g") - .longOpt("generate") - .hasArg() - .optionalArg(true) - .argName("num") - .desc("generate EC keys").build()); - opts.addOption("t", "test", false, "test EC support (default)"); - opts.addOption(Option.builder("b") - .longOpt("bit-size") - .hasArg() - .argName("bits") - .desc("set EC bit size").build()); - opts.addOption("f2m", "use EC over binary-fields"); - opts.addOption("fp", "user EC over prime-fields (default)"); - opts.addOption("s", "anomalous", false, "generate anomalous (non-prime order, small pubkey order) curves"); - opts.addOption(Option.builder("o") - .longOpt("output-file") - .hasArg() - .argName("file") - .desc("output file to log to").build()); - return cliParser.parse(opts, args); - } - - static short getShort(byte[] array, int offset) { - return (short) (((array[offset] & 0xFF) << 8) | (array[offset + 1] & 0xFF)); - } - - static void setShort(byte[] array, int offset, short value) { - array[offset + 1] = (byte) (value & 0xFF); - array[offset] = (byte) ((value >> 8) & 0xFF); - } - - private boolean ReconnnectToCard() throws Exception { - if (cardManager.isConnected()) { - cardManager.DisconnectFromCard(); - } - - boolean result = cardManager.ConnectToCard(); - if (result) { - // Select our application on card - cardManager.sendAPDU(SELECT_ECTESTERAPPLET); - } - return result; - } - - private void testFPkeyGen(short numRepeats, short corruptionType, boolean bRewind) throws Exception { - byte[] apdu = Arrays.copyOf(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB, TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB.length); - setShort(apdu, INVALIDCURVEB_NUMREPEATS_OFFSET, numRepeats); - setShort(apdu, INVALIDCURVEB_CORRUPTIONTYPE_OFFSET, corruptionType); - apdu[INVALIDCURVEB_REWINDONSUCCESS_OFFSET] = bRewind ? (byte) 1 : (byte) 0; - - ReconnnectToCard(); - ResponseAPDU resp_fp_keygen = cardManager.sendAPDU(apdu); - ResponseAPDU resp_keygen_params = cardManager.sendAPDU(TESTECSUPPORTALL_LASTUSEDPARAMS); - PrintECKeyGenInvalidCurveB(resp_fp_keygen); - PrintECKeyGenInvalidCurveB_lastUserParams(resp_keygen_params); - } - - private void testSupportECGivenAlg(short keyLength, byte keyClass) throws Exception { - byte[] apdu = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); - apdu[TESTECSUPPORT_ALG_OFFSET] = keyClass; - setShort(apdu, TESTECSUPPORT_KEYLENGTH_OFFSET, keyLength); - - ReconnnectToCard(); - ResponseAPDU resp = cardManager.sendAPDU(apdu); - //byte[] resp = cardManager.sendAPDUSimulator(apdu); - PrintECSupport(resp); - } - - private void testSupportECFp(short keyLength) throws Exception { - testSupportECGivenAlg(keyLength, KeyPair.ALG_EC_FP); - } - - private void testSupportECF2m(short keyLength) throws Exception { - testSupportECGivenAlg(keyLength, KeyPair.ALG_EC_F2M); - } - - private void testSupportECAll(boolean testFp, boolean testF2m) throws Exception { - if (testFp) { - testSupportECFp((short) 128); - testSupportECFp((short) 192); - testSupportECFp((short) 224); - testSupportECFp((short) 256); - testSupportECFp((short) 384); - testSupportECFp((short) 521); - } - - if (testF2m) { - testSupportECF2m((short) 113); - testSupportECF2m((short) 131); - testSupportECF2m((short) 163); - testSupportECF2m((short) 193); - } - } - - private void generateECKeys(int amount, byte keyClass, short keyLength, boolean anomalous) throws Exception { - if (cardManager.ConnectToCardSelect()) { - cardManager.sendAPDU(SELECT_ECTESTERAPPLET); - - String keyFileName = String.format("ECKEYS_%s_%d.log", keyClass == KeyPair.ALG_EC_FP ? "fp" : "f2m", System.currentTimeMillis()); - FileOutputStream keysFile = new FileOutputStream(keyFileName); - - String message = "index;time;pubW;privS\n"; - keysFile.write(message.getBytes()); - byte[] gatherKeyAPDU = Arrays.copyOf(TESTECSUPPORT_GENERATEECCKEY, TESTECSUPPORT_GENERATEECCKEY.length); - // Prepare keypair object - gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_SETCURVE; - gatherKeyAPDU[GENERATEECKEY_ALG_OFFSET] = keyClass; - setShort(gatherKeyAPDU, GENERATEECKEY_KEYLENGTH_OFFSET, keyLength); - gatherKeyAPDU[GENERATEECKEY_ANOMALOUS_OFFSET] = anomalous ? (byte) 1 : (byte) 0; - - ResponseAPDU respGather = cardManager.sendAPDU(gatherKeyAPDU); - if (respGather.getSW() != ISO7816.SW_NO_ERROR) { - systemOutLogger.println(String.format("Card error: %x", respGather.getSW())); - keysFile.close(); - return; - } - - // Generate new keypair - gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_GENERATEKEYPAIR; - int counter = 0; - while (true) { - counter++; - long elapsed = -System.nanoTime(); - respGather = cardManager.sendAPDU(gatherKeyAPDU); - elapsed += System.nanoTime(); - - if (respGather.getSW() != ISO7816.SW_NO_ERROR) { - systemOutLogger.println(String.format("Card error: %x", respGather.getSW())); - break; - } - byte[] data = respGather.getData(); - int offset = 0; - String pubKeyW = ""; - String privKeyS = ""; - if (data[offset] == EC_Consts.TAG_ECPUBKEY) { - offset++; - short len = getShort(data, offset); - offset += 2; - pubKeyW = CardMngr.bytesToHex(data, offset, len, false); - offset += len; - } - if (data[offset] == EC_Consts.TAG_ECPRIVKEY) { - offset++; - short len = getShort(data, offset); - offset += 2; - privKeyS = CardMngr.bytesToHex(data, offset, len, false); - offset += len; - } - - message = String.format("%d;%d;%s;%s\n", counter, elapsed / 1000000, pubKeyW, privKeyS); - keysFile.write(message.getBytes()); - - this.systemOutLogger.flush(); - keysFile.flush(); - - //stop when we have enough keys, go on forever with 0 - if (counter >= amount && amount != 0) - break; - } - keysFile.close(); - } - } - - private static String getPrintError(short code) { - if (code == ISO7816.SW_NO_ERROR) { - return "OK\t(0x9000)"; - } else { - String codeStr = "unknown"; - if (code == CryptoException.ILLEGAL_VALUE) { - codeStr = "ILLEGAL_VALUE"; - } - if (code == CryptoException.UNINITIALIZED_KEY) { - codeStr = "UNINITIALIZED_KEY"; - } - if (code == CryptoException.NO_SUCH_ALGORITHM) { - codeStr = "NO_SUCH_ALG"; - } - if (code == CryptoException.INVALID_INIT) { - codeStr = "INVALID_INIT"; - } - if (code == CryptoException.ILLEGAL_USE) { - codeStr = "ILLEGAL_USE"; - } - if (code == SimpleECCApplet.SW_SKIPPED) { - codeStr = "skipped"; - } - if (code == SimpleECCApplet.SW_KEYPAIR_GENERATED_INVALID) { - codeStr = "SW_KEYPAIR_GENERATED_INVALID"; - } - if (code == SimpleECCApplet.SW_INVALID_CORRUPTION_TYPE) { - codeStr = "SW_INVALID_CORRUPTION_TYPE"; - } - if (code == SimpleECCApplet.SW_SIG_VERIFY_FAIL) { - codeStr = "SW_SIG_VERIFY_FAIL"; - } - return String.format("fail\t(%s,\t0x%4x)", codeStr, code); - } - } - - enum ExpResult { - SHOULD_SUCCEED, - MAY_FAIL, - MUST_FAIL - } - - private int VerifyPrintResult(String message, byte expectedTag, byte[] buffer, int bufferOffset, ExpResult expRes) { - if (bufferOffset >= buffer.length) { - systemOutLogger.println(" No more data returned"); - } else { - if (buffer[bufferOffset] != expectedTag) { - systemOutLogger.println(" ERROR: mismatched tag"); - assert (buffer[bufferOffset] == expectedTag); - } - bufferOffset++; - short resCode = getShort(buffer, bufferOffset); - bufferOffset += 2; - - boolean bHiglight = false; - if ((expRes == ExpResult.MUST_FAIL) && (resCode == ISO7816.SW_NO_ERROR)) { - bHiglight = true; - } - if ((expRes == ExpResult.SHOULD_SUCCEED) && (resCode != ISO7816.SW_NO_ERROR)) { - bHiglight = true; - } - if (bHiglight) { - systemOutLogger.println(String.format("!! %-53s%s", message, getPrintError(resCode))); - } else { - systemOutLogger.println(String.format(" %-53s%s", message, getPrintError(resCode))); - } - } - return bufferOffset; - } - - private void PrintECSupport(ResponseAPDU resp) { - PrintECSupport(resp.getData()); - } - - private void PrintECSupport(byte[] buffer) { - systemOutLogger.println(); - systemOutLogger.println("### Test for support and with valid and invalid EC curves"); - int bufferOffset = 0; - while (bufferOffset < buffer.length) { - assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); - bufferOffset++; - String ecType = "unknown"; - if (buffer[bufferOffset] == KeyPair.ALG_EC_FP) { - ecType = "ALG_EC_FP"; - } - if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { - ecType = "ALG_EC_F2M"; - } - systemOutLogger.println(String.format("%-56s%s", "EC type:", ecType)); - bufferOffset++; - short keyLen = getShort(buffer, bufferOffset); - systemOutLogger.println(String.format("%-56s%d bits", "EC key length (bits):", keyLen)); - bufferOffset += 2; - - bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Generate key with def curve (fails if no def):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_DEFCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("ECDH agreement with valid point:", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_VALID_POINT, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_INVALID_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); - bufferOffset = VerifyPrintResult("ECDSA signature on random data:", SimpleECCApplet.ECTEST_ECDSA_SIGNATURE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Set anomalous custom curve (may fail):", SimpleECCApplet.ECTEST_SET_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("Generate key with anomalous curve (may fail):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("ECDH agreement with small order point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); - bufferOffset = VerifyPrintResult("Set invalid custom curve (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); - bufferOffset = VerifyPrintResult("Set invalid field (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDFIELD, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("Generate key with invalid field (fail si good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDFIELD, buffer, bufferOffset, ExpResult.MUST_FAIL); - - systemOutLogger.println(); - } - } - - private void PrintECKeyGenInvalidCurveB(ResponseAPDU resp) { - PrintECKeyGenInvalidCurveB(resp.getData()); - } - - private void PrintECKeyGenInvalidCurveB(byte[] buffer) { - systemOutLogger.println(); - systemOutLogger.println("### Test for computation with invalid parameter B for EC curve"); - int bufferOffset = 0; - while (bufferOffset < buffer.length) { - assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); - bufferOffset++; - String ecType = "unknown"; - if (buffer[bufferOffset] == KeyPair.ALG_EC_FP) { - ecType = "ALG_EC_FP"; - } - if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { - ecType = "ALG_EC_F2M"; - } - systemOutLogger.println(String.format("%-53s%s", "EC type:", ecType)); - bufferOffset++; - short keyLen = getShort(buffer, bufferOffset); - systemOutLogger.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); - bufferOffset += 2; - - short numRepeats = getShort(buffer, bufferOffset); - bufferOffset += 2; - systemOutLogger.println(String.format("%-53s%d times", "Executed repeats before unexpected error: ", numRepeats)); - - bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - while (bufferOffset < buffer.length) { - bufferOffset = VerifyPrintResult("Set invalid custom curve:", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); - if (buffer[bufferOffset] == SimpleECCApplet.ECTEST_DH_GENERATESECRET) { - bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_DH_GENERATESECRET, buffer, bufferOffset, ExpResult.MUST_FAIL); - } - bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - } - - systemOutLogger.println(); - } - } - - private void PrintECKeyGenInvalidCurveB_lastUserParams(ResponseAPDU resp) { - byte[] buffer = resp.getData(); - short offset = 0; - systemOutLogger.print("Last used value of B: "); - while (offset < buffer.length) { - systemOutLogger.print(String.format("%x ", buffer[offset])); - offset++; - } - } - - public static void main(String[] args) throws IOException { - SimpleAPDU app = new SimpleAPDU(); - app.run(args); - } -} -- cgit v1.2.3-70-g09d2 From cde377350e2b662c4983b78226043e0b6ca93932 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 17 Jan 2017 03:24:05 +0100 Subject: data: renamed curves, since they arent really saved in csv... --- src/cz/crcs/ectester/data/ecsp128.csv | 7 ------- src/cz/crcs/ectester/data/ecsp128.txt | 7 +++++++ src/cz/crcs/ectester/data/ecsp128_pub.csv | 2 -- src/cz/crcs/ectester/data/ecsp128_pub.txt | 2 ++ src/cz/crcs/ectester/data/ecsp160.csv | 7 ------- src/cz/crcs/ectester/data/ecsp160.txt | 7 +++++++ src/cz/crcs/ectester/data/ecsp160_pub.csv | 2 -- src/cz/crcs/ectester/data/ecsp160_pub.txt | 2 ++ src/cz/crcs/ectester/data/ecsp192.csv | 7 ------- src/cz/crcs/ectester/data/ecsp192.txt | 7 +++++++ src/cz/crcs/ectester/data/ecsp192_pub.csv | 2 -- src/cz/crcs/ectester/data/ecsp192_pub.txt | 2 ++ src/cz/crcs/ectester/data/ecsp224.csv | 7 ------- src/cz/crcs/ectester/data/ecsp224.txt | 7 +++++++ src/cz/crcs/ectester/data/ecsp224_pub.csv | 2 -- src/cz/crcs/ectester/data/ecsp224_pub.txt | 2 ++ src/cz/crcs/ectester/data/ecsp256.csv | 7 ------- src/cz/crcs/ectester/data/ecsp256.txt | 7 +++++++ src/cz/crcs/ectester/data/ecsp256_pub.csv | 2 -- src/cz/crcs/ectester/data/ecsp256_pub.txt | 2 ++ src/cz/crcs/ectester/data/ecsp384.csv | 7 ------- src/cz/crcs/ectester/data/ecsp384.txt | 7 +++++++ src/cz/crcs/ectester/data/ecsp384_pub.csv | 2 -- src/cz/crcs/ectester/data/ecsp384_pub.txt | 2 ++ src/cz/crcs/ectester/data/ecsp521.csv | 7 ------- src/cz/crcs/ectester/data/ecsp521.txt | 7 +++++++ src/cz/crcs/ectester/data/ecsp521_pub.csv | 2 -- src/cz/crcs/ectester/data/ecsp521_pub.txt | 2 ++ src/cz/crcs/ectester/data/secp192k1.csv | 7 ------- src/cz/crcs/ectester/data/secp192k1.txt | 7 +++++++ src/cz/crcs/ectester/data/secp192r1.csv | 7 ------- src/cz/crcs/ectester/data/secp192r1.txt | 7 +++++++ src/cz/crcs/ectester/data/secp224r1.csv | 7 ------- src/cz/crcs/ectester/data/secp224r1.txt | 7 +++++++ src/cz/crcs/ectester/data/secp256k1.csv | 7 ------- src/cz/crcs/ectester/data/secp256k1.txt | 7 +++++++ src/cz/crcs/ectester/data/secp256r1.csv | 7 ------- src/cz/crcs/ectester/data/secp256r1.txt | 7 +++++++ src/cz/crcs/ectester/data/secp384r1.csv | 7 ------- src/cz/crcs/ectester/data/secp384r1.txt | 7 +++++++ src/cz/crcs/ectester/data/secp521r1.csv | 7 ------- src/cz/crcs/ectester/data/secp521r1.txt | 7 +++++++ src/cz/crcs/ectester/data/sect163k1.csv | 9 --------- src/cz/crcs/ectester/data/sect163k1.txt | 9 +++++++++ src/cz/crcs/ectester/data/sect163r1.csv | 9 --------- src/cz/crcs/ectester/data/sect163r1.txt | 9 +++++++++ src/cz/crcs/ectester/data/sect163r2.csv | 9 --------- src/cz/crcs/ectester/data/sect163r2.txt | 9 +++++++++ src/cz/crcs/ectester/data/sect233k1.csv | 7 ------- src/cz/crcs/ectester/data/sect233k1.txt | 7 +++++++ src/cz/crcs/ectester/data/sect233r1.csv | 7 ------- src/cz/crcs/ectester/data/sect233r1.txt | 7 +++++++ src/cz/crcs/ectester/data/sect239k1.csv | 7 ------- src/cz/crcs/ectester/data/sect239k1.txt | 7 +++++++ src/cz/crcs/ectester/data/sect283k1.csv | 9 --------- src/cz/crcs/ectester/data/sect283k1.txt | 9 +++++++++ src/cz/crcs/ectester/data/sect283r1.csv | 9 --------- src/cz/crcs/ectester/data/sect283r1.txt | 9 +++++++++ src/cz/crcs/ectester/data/sect409k1.csv | 7 ------- src/cz/crcs/ectester/data/sect409k1.txt | 7 +++++++ src/cz/crcs/ectester/data/sect409r1.csv | 7 ------- src/cz/crcs/ectester/data/sect409r1.txt | 7 +++++++ src/cz/crcs/ectester/data/sect571k1.csv | 9 --------- src/cz/crcs/ectester/data/sect571k1.txt | 9 +++++++++ src/cz/crcs/ectester/data/sect571r1.csv | 9 --------- src/cz/crcs/ectester/data/sect571r1.txt | 9 +++++++++ 66 files changed, 210 insertions(+), 210 deletions(-) delete mode 100644 src/cz/crcs/ectester/data/ecsp128.csv create mode 100644 src/cz/crcs/ectester/data/ecsp128.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp128_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp128_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp160.csv create mode 100644 src/cz/crcs/ectester/data/ecsp160.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp160_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp160_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp192.csv create mode 100644 src/cz/crcs/ectester/data/ecsp192.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp192_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp192_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp224.csv create mode 100644 src/cz/crcs/ectester/data/ecsp224.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp224_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp224_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp256.csv create mode 100644 src/cz/crcs/ectester/data/ecsp256.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp256_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp256_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp384.csv create mode 100644 src/cz/crcs/ectester/data/ecsp384.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp384_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp384_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp521.csv create mode 100644 src/cz/crcs/ectester/data/ecsp521.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp521_pub.csv create mode 100644 src/cz/crcs/ectester/data/ecsp521_pub.txt delete mode 100644 src/cz/crcs/ectester/data/secp192k1.csv create mode 100644 src/cz/crcs/ectester/data/secp192k1.txt delete mode 100644 src/cz/crcs/ectester/data/secp192r1.csv create mode 100644 src/cz/crcs/ectester/data/secp192r1.txt delete mode 100644 src/cz/crcs/ectester/data/secp224r1.csv create mode 100644 src/cz/crcs/ectester/data/secp224r1.txt delete mode 100644 src/cz/crcs/ectester/data/secp256k1.csv create mode 100644 src/cz/crcs/ectester/data/secp256k1.txt delete mode 100644 src/cz/crcs/ectester/data/secp256r1.csv create mode 100644 src/cz/crcs/ectester/data/secp256r1.txt delete mode 100644 src/cz/crcs/ectester/data/secp384r1.csv create mode 100644 src/cz/crcs/ectester/data/secp384r1.txt delete mode 100644 src/cz/crcs/ectester/data/secp521r1.csv create mode 100644 src/cz/crcs/ectester/data/secp521r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect163k1.csv create mode 100644 src/cz/crcs/ectester/data/sect163k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect163r1.csv create mode 100644 src/cz/crcs/ectester/data/sect163r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect163r2.csv create mode 100644 src/cz/crcs/ectester/data/sect163r2.txt delete mode 100644 src/cz/crcs/ectester/data/sect233k1.csv create mode 100644 src/cz/crcs/ectester/data/sect233k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect233r1.csv create mode 100644 src/cz/crcs/ectester/data/sect233r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect239k1.csv create mode 100644 src/cz/crcs/ectester/data/sect239k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect283k1.csv create mode 100644 src/cz/crcs/ectester/data/sect283k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect283r1.csv create mode 100644 src/cz/crcs/ectester/data/sect283r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect409k1.csv create mode 100644 src/cz/crcs/ectester/data/sect409k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect409r1.csv create mode 100644 src/cz/crcs/ectester/data/sect409r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect571k1.csv create mode 100644 src/cz/crcs/ectester/data/sect571k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect571r1.csv create mode 100644 src/cz/crcs/ectester/data/sect571r1.txt diff --git a/src/cz/crcs/ectester/data/ecsp128.csv b/src/cz/crcs/ectester/data/ecsp128.csv deleted file mode 100644 index 29cfe3b..0000000 --- a/src/cz/crcs/ectester/data/ecsp128.csv +++ /dev/null @@ -1,7 +0,0 @@ -cfba21fd0483b1f300fa2506a5a566ef, -36d9a5acac27a008e36cbe3e9f103fde, -a67cf5fa09fb1db902068c87046ae21e, -47d78391a4b9fff6a0db1292f9cd0e6a, -9aed9c92f8bb3dbd42402165a270bd6f, -cfba21fd0483b1f333d61a5af6ada2c7, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp128.txt b/src/cz/crcs/ectester/data/ecsp128.txt new file mode 100644 index 0000000..29cfe3b --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp128.txt @@ -0,0 +1,7 @@ +cfba21fd0483b1f300fa2506a5a566ef, +36d9a5acac27a008e36cbe3e9f103fde, +a67cf5fa09fb1db902068c87046ae21e, +47d78391a4b9fff6a0db1292f9cd0e6a, +9aed9c92f8bb3dbd42402165a270bd6f, +cfba21fd0483b1f333d61a5af6ada2c7, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp128_pub.csv b/src/cz/crcs/ectester/data/ecsp128_pub.csv deleted file mode 100644 index ee1f34d..0000000 --- a/src/cz/crcs/ectester/data/ecsp128_pub.csv +++ /dev/null @@ -1,2 +0,0 @@ -63901e122761d9c16565b2f38e991f71, -b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp128_pub.txt b/src/cz/crcs/ectester/data/ecsp128_pub.txt new file mode 100644 index 0000000..ee1f34d --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp128_pub.txt @@ -0,0 +1,2 @@ +63901e122761d9c16565b2f38e991f71, +b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp160.csv b/src/cz/crcs/ectester/data/ecsp160.csv deleted file mode 100644 index 49824d9..0000000 --- a/src/cz/crcs/ectester/data/ecsp160.csv +++ /dev/null @@ -1,7 +0,0 @@ -dc13490ff9857b111f44c0500770a6457e683223, -a3ecd7d51e79d72d2700184c795aa8a6b8e66573, -8ac43592905f995cb13f3694317bf470adafb645, -5f8e88afc117c722859fe8e55647bca69ba82150, -93e6dcaee271e9f2838c98b7d06eccc5d7c800e5, -dc13490ff9857b111f446ef4a6d1e1715f6a6dff, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp160.txt b/src/cz/crcs/ectester/data/ecsp160.txt new file mode 100644 index 0000000..49824d9 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp160.txt @@ -0,0 +1,7 @@ +dc13490ff9857b111f44c0500770a6457e683223, +a3ecd7d51e79d72d2700184c795aa8a6b8e66573, +8ac43592905f995cb13f3694317bf470adafb645, +5f8e88afc117c722859fe8e55647bca69ba82150, +93e6dcaee271e9f2838c98b7d06eccc5d7c800e5, +dc13490ff9857b111f446ef4a6d1e1715f6a6dff, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp160_pub.csv b/src/cz/crcs/ectester/data/ecsp160_pub.csv deleted file mode 100644 index e2e164e..0000000 --- a/src/cz/crcs/ectester/data/ecsp160_pub.csv +++ /dev/null @@ -1,2 +0,0 @@ -59c9c3c8aef29f1c1c500cafb4726da6086e6eb0, -d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp160_pub.txt b/src/cz/crcs/ectester/data/ecsp160_pub.txt new file mode 100644 index 0000000..e2e164e --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp160_pub.txt @@ -0,0 +1,2 @@ +59c9c3c8aef29f1c1c500cafb4726da6086e6eb0, +d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp192.csv b/src/cz/crcs/ectester/data/ecsp192.csv deleted file mode 100644 index ccb5537..0000000 --- a/src/cz/crcs/ectester/data/ecsp192.csv +++ /dev/null @@ -1,7 +0,0 @@ -ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3, -597c781f64c33eb8ef919c415911518ea323be88b9437caf, -f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320, -150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067, -843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f, -ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp192.txt b/src/cz/crcs/ectester/data/ecsp192.txt new file mode 100644 index 0000000..ccb5537 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp192.txt @@ -0,0 +1,7 @@ +ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3, +597c781f64c33eb8ef919c415911518ea323be88b9437caf, +f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320, +150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067, +843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f, +ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp192_pub.csv b/src/cz/crcs/ectester/data/ecsp192_pub.csv deleted file mode 100644 index ec7f822..0000000 --- a/src/cz/crcs/ectester/data/ecsp192_pub.csv +++ /dev/null @@ -1,2 +0,0 @@ -17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541, -6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp192_pub.txt b/src/cz/crcs/ectester/data/ecsp192_pub.txt new file mode 100644 index 0000000..ec7f822 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp192_pub.txt @@ -0,0 +1,2 @@ +17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541, +6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp224.csv b/src/cz/crcs/ectester/data/ecsp224.csv deleted file mode 100644 index 894e669..0000000 --- a/src/cz/crcs/ectester/data/ecsp224.csv +++ /dev/null @@ -1,7 +0,0 @@ -eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb, -8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282, -46873614be3dffc9218082322210c0616140286f2d160503c1a9250d, -961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36, -1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd, -eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp224.txt b/src/cz/crcs/ectester/data/ecsp224.txt new file mode 100644 index 0000000..894e669 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp224.txt @@ -0,0 +1,7 @@ +eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb, +8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282, +46873614be3dffc9218082322210c0616140286f2d160503c1a9250d, +961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36, +1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd, +eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp224_pub.csv b/src/cz/crcs/ectester/data/ecsp224_pub.csv deleted file mode 100644 index 0999b99..0000000 --- a/src/cz/crcs/ectester/data/ecsp224_pub.csv +++ /dev/null @@ -1,2 +0,0 @@ -cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04, -257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp224_pub.txt b/src/cz/crcs/ectester/data/ecsp224_pub.txt new file mode 100644 index 0000000..0999b99 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp224_pub.txt @@ -0,0 +1,2 @@ +cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04, +257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp256.csv b/src/cz/crcs/ectester/data/ecsp256.csv deleted file mode 100644 index 17387a6..0000000 --- a/src/cz/crcs/ectester/data/ecsp256.csv +++ /dev/null @@ -1,7 +0,0 @@ -c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445, -4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71, -1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880, -a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7, -98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e, -c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp256.txt b/src/cz/crcs/ectester/data/ecsp256.txt new file mode 100644 index 0000000..17387a6 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp256.txt @@ -0,0 +1,7 @@ +c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445, +4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71, +1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880, +a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7, +98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e, +c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp256_pub.csv b/src/cz/crcs/ectester/data/ecsp256_pub.csv deleted file mode 100644 index a8f0492..0000000 --- a/src/cz/crcs/ectester/data/ecsp256_pub.csv +++ /dev/null @@ -1,2 +0,0 @@ -75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653, -55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp256_pub.txt b/src/cz/crcs/ectester/data/ecsp256_pub.txt new file mode 100644 index 0000000..a8f0492 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp256_pub.txt @@ -0,0 +1,2 @@ +75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653, +55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp384.csv b/src/cz/crcs/ectester/data/ecsp384.csv deleted file mode 100644 index 9acae3f..0000000 --- a/src/cz/crcs/ectester/data/ecsp384.csv +++ /dev/null @@ -1,7 +0,0 @@ -d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b, -45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906, -d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4, -2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec, -ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933, -d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp384.txt b/src/cz/crcs/ectester/data/ecsp384.txt new file mode 100644 index 0000000..9acae3f --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp384.txt @@ -0,0 +1,7 @@ +d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b, +45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906, +d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4, +2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec, +ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933, +d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp384_pub.csv b/src/cz/crcs/ectester/data/ecsp384_pub.csv deleted file mode 100644 index 4eb4a96..0000000 --- a/src/cz/crcs/ectester/data/ecsp384_pub.csv +++ /dev/null @@ -1,2 +0,0 @@ -a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1, -38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp384_pub.txt b/src/cz/crcs/ectester/data/ecsp384_pub.txt new file mode 100644 index 0000000..4eb4a96 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp384_pub.txt @@ -0,0 +1,2 @@ +a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1, +38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp521.csv b/src/cz/crcs/ectester/data/ecsp521.csv deleted file mode 100644 index 1d36bd7..0000000 --- a/src/cz/crcs/ectester/data/ecsp521.csv +++ /dev/null @@ -1,7 +0,0 @@ -01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f, -00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e, -004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6, -01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa, -00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66, -01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp521.txt b/src/cz/crcs/ectester/data/ecsp521.txt new file mode 100644 index 0000000..1d36bd7 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp521.txt @@ -0,0 +1,7 @@ +01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f, +00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e, +004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6, +01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa, +00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66, +01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp521_pub.csv b/src/cz/crcs/ectester/data/ecsp521_pub.csv deleted file mode 100644 index 0e3f320..0000000 --- a/src/cz/crcs/ectester/data/ecsp521_pub.csv +++ /dev/null @@ -1,2 +0,0 @@ -002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389, -0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp521_pub.txt b/src/cz/crcs/ectester/data/ecsp521_pub.txt new file mode 100644 index 0000000..0e3f320 --- /dev/null +++ b/src/cz/crcs/ectester/data/ecsp521_pub.txt @@ -0,0 +1,2 @@ +002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389, +0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp192k1.csv b/src/cz/crcs/ectester/data/secp192k1.csv deleted file mode 100644 index c408b5e..0000000 --- a/src/cz/crcs/ectester/data/secp192k1.csv +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFEE37, -00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000003, -DB4FF10E C057E9AE 26B07D02 80B7F434 1DA5D1B1 EAE06C7D, -9B2F2F6D 9C5628A7 844163D0 15BE8634 4082AA88 D95E2F9D, -FFFFFFFF FFFFFFFF FFFFFFFE 26F2FC17 0F69466A 74DEFD8D, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp192k1.txt b/src/cz/crcs/ectester/data/secp192k1.txt new file mode 100644 index 0000000..c408b5e --- /dev/null +++ b/src/cz/crcs/ectester/data/secp192k1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFEE37, +00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000003, +DB4FF10E C057E9AE 26B07D02 80B7F434 1DA5D1B1 EAE06C7D, +9B2F2F6D 9C5628A7 844163D0 15BE8634 4082AA88 D95E2F9D, +FFFFFFFF FFFFFFFF FFFFFFFE 26F2FC17 0F69466A 74DEFD8D, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp192r1.csv b/src/cz/crcs/ectester/data/secp192r1.csv deleted file mode 100644 index 29305b0..0000000 --- a/src/cz/crcs/ectester/data/secp192r1.csv +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFC, -64210519 E59C80E7 0FA7E9AB 72243049 FEB8DEEC C146B9B1, -188DA80E B03090F6 7CBF20EB 43A18800 F4FF0AFD 82FF1012, -07192B95 FFC8DA78 631011ED 6B24CDD5 73F977A1 1E794811, -FFFFFFFF FFFFFFFF FFFFFFFF 99DEF836 146BC9B1 B4D22831, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp192r1.txt b/src/cz/crcs/ectester/data/secp192r1.txt new file mode 100644 index 0000000..29305b0 --- /dev/null +++ b/src/cz/crcs/ectester/data/secp192r1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFC, +64210519 E59C80E7 0FA7E9AB 72243049 FEB8DEEC C146B9B1, +188DA80E B03090F6 7CBF20EB 43A18800 F4FF0AFD 82FF1012, +07192B95 FFC8DA78 631011ED 6B24CDD5 73F977A1 1E794811, +FFFFFFFF FFFFFFFF FFFFFFFF 99DEF836 146BC9B1 B4D22831, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp224r1.csv b/src/cz/crcs/ectester/data/secp224r1.csv deleted file mode 100644 index f8f592e..0000000 --- a/src/cz/crcs/ectester/data/secp224r1.csv +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 00000000 00000000 00000001, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF FFFFFFFE, -B4050A85 0C04B3AB F5413256 5044B0B7 D7BFD8BA 270B3943 2355FFB4, -B70E0CBD 6BB4BF7F 321390B9 4A03C1D3 56C21122 343280D6 115C1D21, -BD376388 B5F723FB 4C22DFE6 CD4375A0 5A074764 44D58199 85007E34, -FFFFFFFF FFFFFFFF FFFFFFFF FFFF16A2 E0B8F03E 13DD2945 5C5C2A3D, -1 diff --git a/src/cz/crcs/ectester/data/secp224r1.txt b/src/cz/crcs/ectester/data/secp224r1.txt new file mode 100644 index 0000000..f8f592e --- /dev/null +++ b/src/cz/crcs/ectester/data/secp224r1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 00000000 00000000 00000001, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF FFFFFFFE, +B4050A85 0C04B3AB F5413256 5044B0B7 D7BFD8BA 270B3943 2355FFB4, +B70E0CBD 6BB4BF7F 321390B9 4A03C1D3 56C21122 343280D6 115C1D21, +BD376388 B5F723FB 4C22DFE6 CD4375A0 5A074764 44D58199 85007E34, +FFFFFFFF FFFFFFFF FFFFFFFF FFFF16A2 E0B8F03E 13DD2945 5C5C2A3D, +1 diff --git a/src/cz/crcs/ectester/data/secp256k1.csv b/src/cz/crcs/ectester/data/secp256k1.csv deleted file mode 100644 index 19eeef7..0000000 --- a/src/cz/crcs/ectester/data/secp256k1.csv +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000007, -79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798, -483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141, -1 diff --git a/src/cz/crcs/ectester/data/secp256k1.txt b/src/cz/crcs/ectester/data/secp256k1.txt new file mode 100644 index 0000000..19eeef7 --- /dev/null +++ b/src/cz/crcs/ectester/data/secp256k1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000007, +79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798, +483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141, +1 diff --git a/src/cz/crcs/ectester/data/secp256r1.csv b/src/cz/crcs/ectester/data/secp256r1.csv deleted file mode 100644 index 060f5aa..0000000 --- a/src/cz/crcs/ectester/data/secp256r1.csv +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFF, -FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFC, -5AC635D8 AA3A93E7 B3EBBD55 769886BC 651D06B0 CC53B0F6 3BCE3C3E 27D2604B, -6B17D1F2 E12C4247 F8BCE6E5 63A440F2 77037D81 2DEB33A0 F4A13945 D898C296, -4FE342E2 FE1A7F9B 8EE7EB4A 7C0F9E16 2BCE3357 6B315ECE CBB64068 37BF51F5, -FFFFFFFF 00000000 FFFFFFFF FFFFFFFF BCE6FAAD A7179E84 F3B9CAC2 FC632551, -1 diff --git a/src/cz/crcs/ectester/data/secp256r1.txt b/src/cz/crcs/ectester/data/secp256r1.txt new file mode 100644 index 0000000..060f5aa --- /dev/null +++ b/src/cz/crcs/ectester/data/secp256r1.txt @@ -0,0 +1,7 @@ +FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFF, +FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFC, +5AC635D8 AA3A93E7 B3EBBD55 769886BC 651D06B0 CC53B0F6 3BCE3C3E 27D2604B, +6B17D1F2 E12C4247 F8BCE6E5 63A440F2 77037D81 2DEB33A0 F4A13945 D898C296, +4FE342E2 FE1A7F9B 8EE7EB4A 7C0F9E16 2BCE3357 6B315ECE CBB64068 37BF51F5, +FFFFFFFF 00000000 FFFFFFFF FFFFFFFF BCE6FAAD A7179E84 F3B9CAC2 FC632551, +1 diff --git a/src/cz/crcs/ectester/data/secp384r1.csv b/src/cz/crcs/ectester/data/secp384r1.csv deleted file mode 100644 index 08472ae..0000000 --- a/src/cz/crcs/ectester/data/secp384r1.csv +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFF, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFC, -B3312FA7 E23EE7E4 988E056B E3F82D19 181D9C6E FE814112 0314088F 5013875A C656398D 8A2ED19D 2A85C8ED D3EC2AEF, -AA87CA22 BE8B0537 8EB1C71E F320AD74 6E1D3B62 8BA79B98 59F741E0 82542A38 5502F25D BF55296C 3A545E38 72760AB7, -3617DE4A 96262C6F 5D9E98BF 9292DC29 F8F41DBD 289A147C E9DA3113 B5F0B8C0 0A60B1CE 1D7E819D 7A431D7C 90EA0E5F, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF C7634D81 F4372DDF 581A0DB2 48B0A77A ECEC196A CCC52973, -1 diff --git a/src/cz/crcs/ectester/data/secp384r1.txt b/src/cz/crcs/ectester/data/secp384r1.txt new file mode 100644 index 0000000..08472ae --- /dev/null +++ b/src/cz/crcs/ectester/data/secp384r1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFF, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFC, +B3312FA7 E23EE7E4 988E056B E3F82D19 181D9C6E FE814112 0314088F 5013875A C656398D 8A2ED19D 2A85C8ED D3EC2AEF, +AA87CA22 BE8B0537 8EB1C71E F320AD74 6E1D3B62 8BA79B98 59F741E0 82542A38 5502F25D BF55296C 3A545E38 72760AB7, +3617DE4A 96262C6F 5D9E98BF 9292DC29 F8F41DBD 289A147C E9DA3113 B5F0B8C0 0A60B1CE 1D7E819D 7A431D7C 90EA0E5F, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF C7634D81 F4372DDF 581A0DB2 48B0A77A ECEC196A CCC52973, +1 diff --git a/src/cz/crcs/ectester/data/secp521r1.csv b/src/cz/crcs/ectester/data/secp521r1.csv deleted file mode 100644 index 9e0f5d3..0000000 --- a/src/cz/crcs/ectester/data/secp521r1.csv +++ /dev/null @@ -1,7 +0,0 @@ -01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF, -01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFC, -0051 953EB961 8E1C9A1F 929A21A0 B68540EE A2DA725B 99B315F3 B8B48991 8EF109E1 56193951 EC7E937B 1652C0BD 3BB1BF07 3573DF88 3D2C34F1 EF451FD4 6B503F00, -00C6 858E06B7 0404E9CD 9E3ECB66 2395B442 9C648139 053FB521 F828AF60 6B4D3DBA A14B5E77 EFE75928 FE1DC127 A2FFA8DE 3348B3C1 856A429B F97E7E31 C2E5BD66, -0118 39296A78 9A3BC004 5C8A5FB4 2C7D1BD9 98F54449 579B4468 17AFBD17 273E662C 97EE7299 5EF42640 C550B901 3FAD0761 353C7086 A272C240 88BE9476 9FD16650, -01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFA 51868783 BF2F966B 7FCC0148 F709A5D0 3BB5C9B8 899C47AE BB6FB71E 91386409, -1 diff --git a/src/cz/crcs/ectester/data/secp521r1.txt b/src/cz/crcs/ectester/data/secp521r1.txt new file mode 100644 index 0000000..9e0f5d3 --- /dev/null +++ b/src/cz/crcs/ectester/data/secp521r1.txt @@ -0,0 +1,7 @@ +01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF, +01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFC, +0051 953EB961 8E1C9A1F 929A21A0 B68540EE A2DA725B 99B315F3 B8B48991 8EF109E1 56193951 EC7E937B 1652C0BD 3BB1BF07 3573DF88 3D2C34F1 EF451FD4 6B503F00, +00C6 858E06B7 0404E9CD 9E3ECB66 2395B442 9C648139 053FB521 F828AF60 6B4D3DBA A14B5E77 EFE75928 FE1DC127 A2FFA8DE 3348B3C1 856A429B F97E7E31 C2E5BD66, +0118 39296A78 9A3BC004 5C8A5FB4 2C7D1BD9 98F54449 579B4468 17AFBD17 273E662C 97EE7299 5EF42640 C550B901 3FAD0761 353C7086 A272C240 88BE9476 9FD16650, +01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFA 51868783 BF2F966B 7FCC0148 F709A5D0 3BB5C9B8 899C47AE BB6FB71E 91386409, +1 diff --git a/src/cz/crcs/ectester/data/sect163k1.csv b/src/cz/crcs/ectester/data/sect163k1.csv deleted file mode 100644 index 6e5142e..0000000 --- a/src/cz/crcs/ectester/data/sect163k1.csv +++ /dev/null @@ -1,9 +0,0 @@ -0007, -0006, -0003, -00 00000000 00000000 00000000 00000000 00000001, -00 00000000 00000000 00000000 00000000 00000001, -02 FE13C053 7BBC11AC AA07D793 DE4E6D5E 5C94EEE8, -02 89070FB0 5D38FF58 321F2E80 0536D538 CCDAA3D9, -04 00000000 00000000 00020108 A2E0CC0D 99F8A5EF, -2 diff --git a/src/cz/crcs/ectester/data/sect163k1.txt b/src/cz/crcs/ectester/data/sect163k1.txt new file mode 100644 index 0000000..6e5142e --- /dev/null +++ b/src/cz/crcs/ectester/data/sect163k1.txt @@ -0,0 +1,9 @@ +0007, +0006, +0003, +00 00000000 00000000 00000000 00000000 00000001, +00 00000000 00000000 00000000 00000000 00000001, +02 FE13C053 7BBC11AC AA07D793 DE4E6D5E 5C94EEE8, +02 89070FB0 5D38FF58 321F2E80 0536D538 CCDAA3D9, +04 00000000 00000000 00020108 A2E0CC0D 99F8A5EF, +2 diff --git a/src/cz/crcs/ectester/data/sect163r1.csv b/src/cz/crcs/ectester/data/sect163r1.csv deleted file mode 100644 index 879f79b..0000000 --- a/src/cz/crcs/ectester/data/sect163r1.csv +++ /dev/null @@ -1,9 +0,0 @@ -0007, -0006, -0003, -07 B6882CAA EFA84F95 54FF8428 BD88E246 D2782AE2, -07 13612DCD DCB40AAB 946BDA29 CA91F73A F958AFD9, -03 69979697 AB438977 89566789 567F787A 7876A654, -00 435EDB42 EFAFB298 9D51FEFC E3C80988 F41FF883, -03 FFFFFFFF FFFFFFFF FFFF48AA B689C29C A710279B, -2 diff --git a/src/cz/crcs/ectester/data/sect163r1.txt b/src/cz/crcs/ectester/data/sect163r1.txt new file mode 100644 index 0000000..879f79b --- /dev/null +++ b/src/cz/crcs/ectester/data/sect163r1.txt @@ -0,0 +1,9 @@ +0007, +0006, +0003, +07 B6882CAA EFA84F95 54FF8428 BD88E246 D2782AE2, +07 13612DCD DCB40AAB 946BDA29 CA91F73A F958AFD9, +03 69979697 AB438977 89566789 567F787A 7876A654, +00 435EDB42 EFAFB298 9D51FEFC E3C80988 F41FF883, +03 FFFFFFFF FFFFFFFF FFFF48AA B689C29C A710279B, +2 diff --git a/src/cz/crcs/ectester/data/sect163r2.csv b/src/cz/crcs/ectester/data/sect163r2.csv deleted file mode 100644 index eb7d453..0000000 --- a/src/cz/crcs/ectester/data/sect163r2.csv +++ /dev/null @@ -1,9 +0,0 @@ -0007, -0006, -0003, -00 00000000 00000000 00000000 00000000 00000001, -02 0A601907 B8C953CA 1481EB10 512F7874 4A3205FD, -03 F0EBA162 86A2D57E A0991168 D4994637 E8343E36, -00 D51FBC6C 71A0094F A2CDD545 B11C5C0C 797324F1, -04 00000000 00000000 000292FE 77E70C12 A4234C33, -2 diff --git a/src/cz/crcs/ectester/data/sect163r2.txt b/src/cz/crcs/ectester/data/sect163r2.txt new file mode 100644 index 0000000..eb7d453 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect163r2.txt @@ -0,0 +1,9 @@ +0007, +0006, +0003, +00 00000000 00000000 00000000 00000000 00000001, +02 0A601907 B8C953CA 1481EB10 512F7874 4A3205FD, +03 F0EBA162 86A2D57E A0991168 D4994637 E8343E36, +00 D51FBC6C 71A0094F A2CDD545 B11C5C0C 797324F1, +04 00000000 00000000 000292FE 77E70C12 A4234C33, +2 diff --git a/src/cz/crcs/ectester/data/sect233k1.csv b/src/cz/crcs/ectester/data/sect233k1.csv deleted file mode 100644 index b85fef0..0000000 --- a/src/cz/crcs/ectester/data/sect233k1.csv +++ /dev/null @@ -1,7 +0,0 @@ -004A, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0172 32BA853A 7E731AF1 29F22FF4 149563A4 19C26BF5 0A4C9D6E EFAD6126, -01DB 537DECE8 19B7F70F 555A67C4 27A8CD9B F18AEB9B 56E0C110 56FAE6A3, -80 00000000 00000000 00000000 00069D5B B915BCD4 6EFB1AD5 F173ABDF, -4 diff --git a/src/cz/crcs/ectester/data/sect233k1.txt b/src/cz/crcs/ectester/data/sect233k1.txt new file mode 100644 index 0000000..b85fef0 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect233k1.txt @@ -0,0 +1,7 @@ +004A, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0172 32BA853A 7E731AF1 29F22FF4 149563A4 19C26BF5 0A4C9D6E EFAD6126, +01DB 537DECE8 19B7F70F 555A67C4 27A8CD9B F18AEB9B 56E0C110 56FAE6A3, +80 00000000 00000000 00000000 00069D5B B915BCD4 6EFB1AD5 F173ABDF, +4 diff --git a/src/cz/crcs/ectester/data/sect233r1.csv b/src/cz/crcs/ectester/data/sect233r1.csv deleted file mode 100644 index d0c6f14..0000000 --- a/src/cz/crcs/ectester/data/sect233r1.csv +++ /dev/null @@ -1,7 +0,0 @@ -004A, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0066 647EDE6C 332C7F8C 0923BB58 213B333B 20E9CE42 81FE115F 7D8F90AD, -00FA C9DFCBAC 8313BB21 39F1BB75 5FEF65BC 391F8B36 F8F8EB73 71FD558B, -0100 6A08A419 03350678 E58528BE BF8A0BEF F867A7CA 36716F7E 01F81052, -0100 00000000 00000000 00000000 0013E974 E72F8A69 22031D26 03CFE0D7, -2 diff --git a/src/cz/crcs/ectester/data/sect233r1.txt b/src/cz/crcs/ectester/data/sect233r1.txt new file mode 100644 index 0000000..d0c6f14 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect233r1.txt @@ -0,0 +1,7 @@ +004A, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0066 647EDE6C 332C7F8C 0923BB58 213B333B 20E9CE42 81FE115F 7D8F90AD, +00FA C9DFCBAC 8313BB21 39F1BB75 5FEF65BC 391F8B36 F8F8EB73 71FD558B, +0100 6A08A419 03350678 E58528BE BF8A0BEF F867A7CA 36716F7E 01F81052, +0100 00000000 00000000 00000000 0013E974 E72F8A69 22031D26 03CFE0D7, +2 diff --git a/src/cz/crcs/ectester/data/sect239k1.csv b/src/cz/crcs/ectester/data/sect239k1.csv deleted file mode 100644 index d01bb08..0000000 --- a/src/cz/crcs/ectester/data/sect239k1.csv +++ /dev/null @@ -1,7 +0,0 @@ -009E, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -29A0 B6A887A9 83E97309 88A68727 A8B2D126 C44CC2CC 7B2A6555 193035DC, -7631 0804F12E 549BDB01 1C103089 E73510AC B275FC31 2A5DC6B7 6553F0CA, -2000 00000000 00000000 00000000 005A79FE C67CB6E9 1F1C1DA8 00E478A5, -4 diff --git a/src/cz/crcs/ectester/data/sect239k1.txt b/src/cz/crcs/ectester/data/sect239k1.txt new file mode 100644 index 0000000..d01bb08 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect239k1.txt @@ -0,0 +1,7 @@ +009E, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +29A0 B6A887A9 83E97309 88A68727 A8B2D126 C44CC2CC 7B2A6555 193035DC, +7631 0804F12E 549BDB01 1C103089 E73510AC B275FC31 2A5DC6B7 6553F0CA, +2000 00000000 00000000 00000000 005A79FE C67CB6E9 1F1C1DA8 00E478A5, +4 diff --git a/src/cz/crcs/ectester/data/sect283k1.csv b/src/cz/crcs/ectester/data/sect283k1.csv deleted file mode 100644 index cc62698..0000000 --- a/src/cz/crcs/ectester/data/sect283k1.csv +++ /dev/null @@ -1,9 +0,0 @@ -000C, -0007, -0005, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0503213F 78CA4488 3F1A3B81 62F188E5 53CD265F 23C1567A 16876913 B0C2AC24 58492836, -01CCDA38 0F1C9E31 8D90F95D 07E5426F E87E45C0 E8184698 E4596236 4E341161 77DD2259, -01FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFE9AE 2ED07577 265DFF7F 94451E06 1E163C61, -4 diff --git a/src/cz/crcs/ectester/data/sect283k1.txt b/src/cz/crcs/ectester/data/sect283k1.txt new file mode 100644 index 0000000..cc62698 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect283k1.txt @@ -0,0 +1,9 @@ +000C, +0007, +0005, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0503213F 78CA4488 3F1A3B81 62F188E5 53CD265F 23C1567A 16876913 B0C2AC24 58492836, +01CCDA38 0F1C9E31 8D90F95D 07E5426F E87E45C0 E8184698 E4596236 4E341161 77DD2259, +01FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFE9AE 2ED07577 265DFF7F 94451E06 1E163C61, +4 diff --git a/src/cz/crcs/ectester/data/sect283r1.csv b/src/cz/crcs/ectester/data/sect283r1.csv deleted file mode 100644 index 27e2ff2..0000000 --- a/src/cz/crcs/ectester/data/sect283r1.csv +++ /dev/null @@ -1,9 +0,0 @@ -000C, -0007, -0005, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -027B680A C8B8596D A5A4AF8A 19A0303F CA97FD76 45309FA2 A581485A F6263E31 3B79A2F5, -05F93925 8DB7DD90 E1934F8C 70B0DFEC 2EED25B8 557EAC9C 80E2E198 F8CDBECD 86B12053, -03676854 FE24141C B98FE6D4 B20D02B4 516FF702 350EDDB0 826779C8 13F0DF45 BE8112F4, -03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFEF90 399660FC 938A9016 5B042A7C EFADB307, -2 diff --git a/src/cz/crcs/ectester/data/sect283r1.txt b/src/cz/crcs/ectester/data/sect283r1.txt new file mode 100644 index 0000000..27e2ff2 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect283r1.txt @@ -0,0 +1,9 @@ +000C, +0007, +0005, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +027B680A C8B8596D A5A4AF8A 19A0303F CA97FD76 45309FA2 A581485A F6263E31 3B79A2F5, +05F93925 8DB7DD90 E1934F8C 70B0DFEC 2EED25B8 557EAC9C 80E2E198 F8CDBECD 86B12053, +03676854 FE24141C B98FE6D4 B20D02B4 516FF702 350EDDB0 826779C8 13F0DF45 BE8112F4, +03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFEF90 399660FC 938A9016 5B042A7C EFADB307, +2 diff --git a/src/cz/crcs/ectester/data/sect409k1.csv b/src/cz/crcs/ectester/data/sect409k1.csv deleted file mode 100644 index aeb2e76..0000000 --- a/src/cz/crcs/ectester/data/sect409k1.csv +++ /dev/null @@ -1,7 +0,0 @@ -0057, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0060F05F 658F49C1 AD3AB189 0F718421 0EFD0987 E307C84C 27ACCFB8 F9F67CC2 C460189E B5AAAA62 EE222EB1 B35540CF E9023746, -01E36905 0B7C4E42 ACBA1DAC BF04299C 3460782F 918EA427 E6325165 E9EA10E3 DA5F6C42 E9C55215 AA9CA27A 5863EC48 D8E0286B, -7FFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFE5F 83B2D4EA 20400EC4 557D5ED3 E3E7CA5B 4B5C83B8 E01E5FCF, -4 diff --git a/src/cz/crcs/ectester/data/sect409k1.txt b/src/cz/crcs/ectester/data/sect409k1.txt new file mode 100644 index 0000000..aeb2e76 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect409k1.txt @@ -0,0 +1,7 @@ +0057, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0060F05F 658F49C1 AD3AB189 0F718421 0EFD0987 E307C84C 27ACCFB8 F9F67CC2 C460189E B5AAAA62 EE222EB1 B35540CF E9023746, +01E36905 0B7C4E42 ACBA1DAC BF04299C 3460782F 918EA427 E6325165 E9EA10E3 DA5F6C42 E9C55215 AA9CA27A 5863EC48 D8E0286B, +7FFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFE5F 83B2D4EA 20400EC4 557D5ED3 E3E7CA5B 4B5C83B8 E01E5FCF, +4 diff --git a/src/cz/crcs/ectester/data/sect409r1.csv b/src/cz/crcs/ectester/data/sect409r1.csv deleted file mode 100644 index 5ac19dc..0000000 --- a/src/cz/crcs/ectester/data/sect409r1.csv +++ /dev/null @@ -1,7 +0,0 @@ -0057, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0021A5C2 C8EE9FEB 5C4B9A75 3B7B476B 7FD6422E F1F3DD67 4761FA99 D6AC27C8 A9A197B2 72822F6C D57A55AA 4F50AE31 7B13545F, -015D4860 D088DDB3 496B0C60 64756260 441CDE4A F1771D4D B01FFE5B 34E59703 DC255A86 8A118051 5603AEAB 60794E54 BB7996A7, -0061B1CF AB6BE5F3 2BBFA783 24ED106A 7636B9C5 A7BD198D 0158AA4F 5488D08F 38514F1F DF4B4F40 D2181B36 81C364BA 0273C706, -01000000 00000000 00000000 00000000 00000000 00000000 000001E2 AAD6A612 F33307BE 5FA47C3C 9E052F83 8164CD37 D9A21173, -2 diff --git a/src/cz/crcs/ectester/data/sect409r1.txt b/src/cz/crcs/ectester/data/sect409r1.txt new file mode 100644 index 0000000..5ac19dc --- /dev/null +++ b/src/cz/crcs/ectester/data/sect409r1.txt @@ -0,0 +1,7 @@ +0057, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0021A5C2 C8EE9FEB 5C4B9A75 3B7B476B 7FD6422E F1F3DD67 4761FA99 D6AC27C8 A9A197B2 72822F6C D57A55AA 4F50AE31 7B13545F, +015D4860 D088DDB3 496B0C60 64756260 441CDE4A F1771D4D B01FFE5B 34E59703 DC255A86 8A118051 5603AEAB 60794E54 BB7996A7, +0061B1CF AB6BE5F3 2BBFA783 24ED106A 7636B9C5 A7BD198D 0158AA4F 5488D08F 38514F1F DF4B4F40 D2181B36 81C364BA 0273C706, +01000000 00000000 00000000 00000000 00000000 00000000 000001E2 AAD6A612 F33307BE 5FA47C3C 9E052F83 8164CD37 D9A21173, +2 diff --git a/src/cz/crcs/ectester/data/sect571k1.csv b/src/cz/crcs/ectester/data/sect571k1.csv deleted file mode 100644 index 7d5fdf4..0000000 --- a/src/cz/crcs/ectester/data/sect571k1.csv +++ /dev/null @@ -1,9 +0,0 @@ -000A, -0005, -0002, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -026EB7A8 59923FBC 82189631 F8103FE4 AC9CA297 0012D5D4 60248048 01841CA4 43709584 93B205E6 47DA304D B4CEB08C BBD1BA39 494776FB 988B4717 4DCA88C7 E2945283 A01C8972, -0349DC80 7F4FBF37 4F4AEADE 3BCA9531 4DD58CEC 9F307A54 FFC61EFC 006D8A2C 9D4979C0 AC44AEA7 4FBEBBB9 F772AEDC B620B01A 7BA7AF1B 320430C8 591984F6 01CD4C14 3EF1C7A3, -02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850E1 F19A63E4 B391A8DB 917F4138 B630D84B E5D63938 1E91DEB4 5CFE778F 637C1001, -4 diff --git a/src/cz/crcs/ectester/data/sect571k1.txt b/src/cz/crcs/ectester/data/sect571k1.txt new file mode 100644 index 0000000..7d5fdf4 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect571k1.txt @@ -0,0 +1,9 @@ +000A, +0005, +0002, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +026EB7A8 59923FBC 82189631 F8103FE4 AC9CA297 0012D5D4 60248048 01841CA4 43709584 93B205E6 47DA304D B4CEB08C BBD1BA39 494776FB 988B4717 4DCA88C7 E2945283 A01C8972, +0349DC80 7F4FBF37 4F4AEADE 3BCA9531 4DD58CEC 9F307A54 FFC61EFC 006D8A2C 9D4979C0 AC44AEA7 4FBEBBB9 F772AEDC B620B01A 7BA7AF1B 320430C8 591984F6 01CD4C14 3EF1C7A3, +02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850E1 F19A63E4 B391A8DB 917F4138 B630D84B E5D63938 1E91DEB4 5CFE778F 637C1001, +4 diff --git a/src/cz/crcs/ectester/data/sect571r1.csv b/src/cz/crcs/ectester/data/sect571r1.csv deleted file mode 100644 index 850f0b9..0000000 --- a/src/cz/crcs/ectester/data/sect571r1.csv +++ /dev/null @@ -1,9 +0,0 @@ -000A, -0005, -0002, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -02F40E7E 2221F295 DE297117 B7F3D62F 5C6A97FF CB8CEFF1 CD6BA8CE 4A9A18AD 84FFABBD 8EFA5933 2BE7AD67 56A66E29 4AFD185A 78FF12AA 520E4DE7 39BACA0C 7FFEFF7F 2955727A, -0303001D 34B85629 6C16C0D4 0D3CD775 0A93D1D2 955FA80A A5F40FC8 DB7B2ABD BDE53950 F4C0D293 CDD711A3 5B67FB14 99AE6003 8614F139 4ABFA3B4 C850D927 E1E7769C 8EEC2D19, -037BF273 42DA639B 6DCCFFFE B73D69D7 8C6C27A6 009CBBCA 1980F853 3921E8A6 84423E43 BAB08A57 6291AF8F 461BB2A8 B3531D2F 0485C19B 16E2F151 6E23DD3C 1A4827AF 1B8AC15B, -03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF E661CE18 FF559873 08059B18 6823851E C7DD9CA1 161DE93D 5174D66E 8382E9BB 2FE84E47, -2 diff --git a/src/cz/crcs/ectester/data/sect571r1.txt b/src/cz/crcs/ectester/data/sect571r1.txt new file mode 100644 index 0000000..850f0b9 --- /dev/null +++ b/src/cz/crcs/ectester/data/sect571r1.txt @@ -0,0 +1,9 @@ +000A, +0005, +0002, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +02F40E7E 2221F295 DE297117 B7F3D62F 5C6A97FF CB8CEFF1 CD6BA8CE 4A9A18AD 84FFABBD 8EFA5933 2BE7AD67 56A66E29 4AFD185A 78FF12AA 520E4DE7 39BACA0C 7FFEFF7F 2955727A, +0303001D 34B85629 6C16C0D4 0D3CD775 0A93D1D2 955FA80A A5F40FC8 DB7B2ABD BDE53950 F4C0D293 CDD711A3 5B67FB14 99AE6003 8614F139 4ABFA3B4 C850D927 E1E7769C 8EEC2D19, +037BF273 42DA639B 6DCCFFFE B73D69D7 8C6C27A6 009CBBCA 1980F853 3921E8A6 84423E43 BAB08A57 6291AF8F 461BB2A8 B3531D2F 0485C19B 16E2F151 6E23DD3C 1A4827AF 1B8AC15B, +03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF E661CE18 FF559873 08059B18 6823851E C7DD9CA1 161DE93D 5174D66E 8382E9BB 2FE84E47, +2 -- cgit v1.2.3-70-g09d2 From e1a560ca817e7f22ef22ae1716e931b273420f3b Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 17 Jan 2017 03:26:47 +0100 Subject: ant: fix project.properties merge --- nbproject/project.properties | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/nbproject/project.properties b/nbproject/project.properties index 41e7d89..b9bfb7d 100644 --- a/nbproject/project.properties +++ b/nbproject/project.properties @@ -25,27 +25,16 @@ debug.test.classpath=\ dist.archive.excludes= # This directory is removed when the project is cleaned: dist.dir=dist -<<<<<<< HEAD -dist.jar=${dist.dir}/SimpleAPDU.jar -dist.javadoc.dir=${dist.dir}/javadoc -endorsed.classpath= -excludes= -includes=** -jar.compress=false -javac.classpath=\ - ${libs.JCardSim2.2.classpath} -======= dist.jar=${dist.dir}/ECTester.jar dist.javadoc.dir=${dist.dir}/javadoc endorsed.classpath= -#TODO remove SimpleAPDU when replaced with ECtester,java +#TODO remove SimpleAPDU when replaced with ECtester.java excludes=**/SimpleAPDU.java includes=** jar.compress=false javac.classpath=\ lib/jcardsim-2.2.2-all.jar:\ lib/commons-cli-1.3.1.jar ->>>>>>> 14b5b42... major changes, ECTester rewrite, moved to valid package # Space-separated list of extra javac options javac.compilerargs= javac.deprecation=false @@ -69,11 +58,7 @@ javadoc.splitindex=true javadoc.use=true javadoc.version=false javadoc.windowtitle= -<<<<<<< HEAD -main.class=simpleapdu.SimpleAPDU -======= main.class=cz.crcs.ectester.reader.ECTester ->>>>>>> 14b5b42... major changes, ECTester rewrite, moved to valid package manifest.file=manifest.mf meta.inf.dir=${src.dir}/META-INF mkdist.disabled=false -- cgit v1.2.3-70-g09d2 From e113197a41fc1961a9649cb3a96a18d7a9eab58f Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 17 Jan 2017 20:09:15 +0100 Subject: implemented ecdh testing reader side: ectester -dh -fp -b 192 --- !uploader/ectester.cap | Bin 13349 -> 13350 bytes dist/ECTester.jar | Bin 190873 -> 210499 bytes src/cz/crcs/ectester/applet/ECTesterApplet.java | 1 + src/cz/crcs/ectester/reader/CardMngr.java | 64 +++--- src/cz/crcs/ectester/reader/ECTester.java | 251 ++++++++++++++++-------- src/cz/crcs/ectester/reader/Util.java | 2 +- 6 files changed, 210 insertions(+), 108 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index f829de4..5eb763e 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 2c14e00..0bbc87c 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index b461688..f304196 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -30,6 +30,7 @@ public class ECTesterApplet extends Applet { public static final byte KEYPAIR_LOCAL = (byte) 0x01; public static final byte KEYPAIR_REMOTE = (byte) 0x02; public static final byte KEYPAIR_BOTH = KEYPAIR_LOCAL | KEYPAIR_REMOTE; + public static final byte EXPORT_NONE = (byte) 0x00; public static final byte EXPORT_PUBLIC = (byte) 0x04; public static final byte EXPORT_PRIVATE = (byte) 0x08; public static final byte EXPORT_BOTH = EXPORT_PUBLIC | EXPORT_PRIVATE; diff --git a/src/cz/crcs/ectester/reader/CardMngr.java b/src/cz/crcs/ectester/reader/CardMngr.java index d7a5c5f..aab7da9 100644 --- a/src/cz/crcs/ectester/reader/CardMngr.java +++ b/src/cz/crcs/ectester/reader/CardMngr.java @@ -13,13 +13,13 @@ import javax.smartcardio.*; * @author Jan Jancar johny@neuromancer.sk */ public class CardMngr { - private CardTerminal m_terminal = null; - private CardChannel m_channel = null; - private Card m_card = null; + private CardTerminal terminal = null; + private CardChannel channel = null; + private Card card = null; // Simulator related attributes - private CAD m_cad = null; - private JavaxSmartCardInterface m_simulator = null; + private CAD cad = null; + private JavaxSmartCardInterface simulator = null; private boolean simulate = false; @@ -62,14 +62,14 @@ public class CardMngr { boolean cardFound = false; for (int i = 0; i < terminalList.size(); i++) { System.out.println(i + " : " + terminalList.get(i)); - m_terminal = terminalList.get(i); - if (m_terminal.isCardPresent()) { - m_card = m_terminal.connect("*"); - System.out.println("card: " + m_card); - m_channel = m_card.getBasicChannel(); + terminal = terminalList.get(i); + if (terminal.isCardPresent()) { + card = terminal.connect("*"); + System.out.println("card: " + card); + channel = card.getBasicChannel(); //reset the card - System.out.println(Util.bytesToHex(m_card.getATR().getBytes())); + System.out.println(Util.bytesToHex(card.getATR().getBytes())); cardFound = true; } @@ -89,7 +89,7 @@ public class CardMngr { return false; } else { if (terminalList.size() == 1) { - m_terminal = terminalList.get(0); // return first and only reader + terminal = terminalList.get(0); // return first and only reader } else { int terminalIndex = 1; // Let user select target terminal @@ -110,14 +110,14 @@ public class CardMngr { System.out.println(String.format("%d", answ)); answ--; // is starting with 0 // BUGBUG; verify allowed index range - m_terminal = terminalList.get(answ); + terminal = terminalList.get(answ); } } - if (m_terminal != null) { - m_card = m_terminal.connect("*"); - System.out.println("card: " + m_card); - m_channel = m_card.getBasicChannel(); + if (terminal != null) { + card = terminal.connect("*"); + System.out.println("card: " + card); + channel = card.getBasicChannel(); } return true; @@ -140,16 +140,16 @@ public class CardMngr { } public boolean connected() { - return simulate || m_card != null; + return simulate || card != null; } public void disconnectFromCard() throws CardException { if (simulate) return; - if (m_card != null) { - m_card.disconnect(false); - m_card = null; + if (card != null) { + card.disconnect(false); + card = null; } } @@ -217,7 +217,7 @@ public class CardMngr { long elapsed = -System.nanoTime(); - ResponseAPDU responseAPDU = m_channel.transmit(apdu); + ResponseAPDU responseAPDU = channel.transmit(apdu); elapsed += System.nanoTime(); @@ -229,7 +229,7 @@ public class CardMngr { (byte) 0xC0, (byte) 0x00, (byte) 0x00, responseAPDU.getSW1()); - responseAPDU = m_channel.transmit(apduToSend); + responseAPDU = channel.transmit(apduToSend); System.out.println(Util.bytesToHex(responseAPDU.getBytes())); } @@ -245,19 +245,19 @@ public class CardMngr { public boolean prepareLocalSimulatorApplet(byte[] appletAIDArray, byte[] installData, Class appletClass) { System.setProperty("com.licel.jcardsim.terminal.type", "2"); - m_cad = new CAD(System.getProperties()); - m_simulator = (JavaxSmartCardInterface) m_cad.getCardInterface(); + cad = new CAD(System.getProperties()); + simulator = (JavaxSmartCardInterface) cad.getCardInterface(); AID appletAID = new AID(appletAIDArray, (short) 0, (byte) appletAIDArray.length); - AID appletAIDRes = m_simulator.installApplet(appletAID, appletClass, installData, (short) 0, (byte) installData.length); - return m_simulator.selectApplet(appletAID); + AID appletAIDRes = simulator.installApplet(appletAID, appletClass, installData, (short) 0, (byte) installData.length); + return simulator.selectApplet(appletAID); } public ResponseAPDU sendAPDUSimulator(CommandAPDU apdu) { System.out.println(">>>>"); System.out.println(Util.bytesToHex(apdu.getBytes())); - ResponseAPDU response = m_simulator.transmitCommand(apdu); + ResponseAPDU response = simulator.transmitCommand(apdu); byte[] responseBytes = response.getBytes(); System.out.println(Util.bytesToHex(responseBytes)); @@ -286,4 +286,12 @@ public class CardMngr { return send(commandAPDU); } + public ResponseAPDU[] send(CommandAPDU... apdus) throws CardException { + ResponseAPDU[] result = new ResponseAPDU[apdus.length]; + for (int i = 0; i < apdus.length; i++) { + result[i] = send(apdus[i]); + } + return result; + } + } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 8c00ea9..6d1be42 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -12,6 +12,8 @@ import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.FileWriter; import java.io.IOException; +import java.util.ArrayList; +import java.util.List; /** * @author Petr Svenda petr@svenda.com @@ -185,11 +187,10 @@ public class ECTester { * -dsa / --ecdsa [data_file] * * Options: - * -b / --bit-size [b] / -a / --all + * -b / --bit-size [b] // -a / --all * -fp / --prime-field * -f2m / --binary-field - * -n / --named - * -c / --curve [curve_file] field,a,b,gx,gy,r,k + * -n / --named // -c / --curve [curve_file] field,a,b,gx,gy,r,k * --public [pubkey_file] wx,wy * --private [privkey_file] s * -k / --key [key_file] wx,wy,s @@ -206,14 +207,18 @@ public class ECTester { opts.addOptionGroup(actions); OptionGroup size = new OptionGroup(); + size.setRequired(true); size.addOption(Option.builder("b").longOpt("bit-size").desc("Set curve size.").hasArg().argName("b").build()); size.addOption(Option.builder("a").longOpt("all").desc("Test all curve sizes.").build()); opts.addOptionGroup(size); + OptionGroup curve = new OptionGroup(); + curve.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").build()); + curve.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file [curve_file] (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); + opts.addOptionGroup(curve); + opts.addOption(Option.builder("fp").longOpt("prime-field").desc("Use prime field curve.").build()); opts.addOption(Option.builder("f2m").longOpt("binary-field").desc("Use binary field curve.").build()); - opts.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").build()); - opts.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file [curve_file] (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); opts.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file [pubkey_file] (wx,wy).").hasArg().argName("pubkey_file").build()); opts.addOption(Option.builder("priv").longOpt("private").desc("Use private key from file [privkey_file] (s).").hasArg().argName("privkey_file").build()); opts.addOption(Option.builder("k").longOpt("key").desc("Use keypair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); @@ -226,7 +231,7 @@ public class ECTester { } /** - * Reads and validates options. + * Reads and validates options, also sets defaults. * * @param cli cli object, with parsed args * @return whether the options are valid. @@ -255,14 +260,6 @@ public class ECTester { System.err.println("Bit-size must not be negative."); return false; } - if (optNamed && optCurve != null) { - System.err.println("Can only specify a named curve with --named or an external curve with --curve. (not both)"); - return false; - } - if (optBits == 0 || optAll) { - System.err.println("You have to specify curve bit-size."); - return false; - } if (cli.hasOption("generate")) { if (optPrimeField == optBinaryField) { @@ -273,11 +270,14 @@ public class ECTester { System.err.println("Keys should not be specified when generating keys."); return false; } - if (optOutput == null) { System.err.println("You have to specify an output file for the key generation process."); return false; } + if (optAll) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } optGenerateAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); if (optGenerateAmount < 0) { @@ -291,6 +291,15 @@ public class ECTester { } } else if (cli.hasOption("ecdh")) { + if (optPrimeField == optBinaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (optAll) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + } else if (cli.hasOption("ecdsa")) { optECDSASign = cli.getOptionValue("ecdsa"); } @@ -307,23 +316,14 @@ public class ECTester { } /** - * Generates EC keypairs and outputs them to log. + * Generates EC keypairs and outputs them to output file. + * @throws CardException + * @throws IOException */ private void generate() throws CardException, IOException { - ///// - short keyLength = (short) optBits; byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - short params = optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; - - cmdAllocate(ECTesterApplet.KEYPAIR_LOCAL, keyLength, keyClass); - - if (optNamed) { - cmdSet(ECTesterApplet.KEYPAIR_LOCAL, (byte) 0, EC_Consts.getCurve(keyLength, keyClass), params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null); - } else if (optCurve != null) { - byte[] external = ParamReader.flatten(params, ParamReader.readFile(optCurve)); - cmdSet(ECTesterApplet.KEYPAIR_LOCAL, (byte) 0, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external); - } - ///// + CommandAPDU[] prepare = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass); + cardManager.send(prepare); FileWriter keysFile = new FileWriter(optOutput); keysFile.write("index;time;pubW;privS\n"); @@ -331,8 +331,9 @@ public class ECTester { int generated = 0; int retry = 0; while (generated < optGenerateAmount || optGenerateAmount == 0) { + CommandAPDU generate = insGenerate(ECTesterApplet.KEYPAIR_LOCAL, (byte) (ECTesterApplet.EXPORT_BOTH | ECTesterApplet.KEYPAIR_LOCAL)); long elapsed = -System.nanoTime(); - ResponseAPDU response = cmdGenerate(ECTesterApplet.KEYPAIR_LOCAL, (byte) (ECTesterApplet.EXPORT_BOTH | ECTesterApplet.KEYPAIR_LOCAL)); + ResponseAPDU response = cardManager.send(generate); elapsed += System.nanoTime(); byte[] bytes = response.getData(); @@ -359,27 +360,72 @@ public class ECTester { } /** - * + * Tests */ private void test() { - //TODO - // allocate - // set custom - // generate - // ecdh local, local, valid - // ecdh local, local, invalid - // ecdsa local, local, 00? + if (optAll) { + if (optPrimeField) { + //iterate over prime curve sizes used: EC_Consts.FP_SIZES + for (short keyLength : EC_Consts.FP_SIZES) { + //prepareCurve(KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP); + //insGenerate(KEYPAIR_BOTH, EXPORT_NONE); + //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 00); + //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 01); + //insECDSA(KEYPAIR_LOCAL, EXPORT_NONE, null); + } + } + if (optBinaryField) { + //iterate over binary curve sizes used: EC_Consts.F2M_SIZES + for (short keyLength : EC_Consts.F2M_SIZES) { + //prepareCurve(KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M); + //insGenerate(KEYPAIR_BOTH, EXPORT_NONE); + //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 00); + //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 01); + //insECDSA(KEYPAIR_LOCAL, EXPORT_NONE, null); + } + } + } else { + if (optPrimeField) { + //test with prepareCurve(KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP) + //insGenerate(KEYPAIR_BOTH, EXPORT_NONE); + //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 00); + //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 01); + //insECDSA(KEYPAIR_LOCAL, EXPORT_NONE, null); + } + if (optBinaryField) { + //test with prepareCurve(KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M) + //insGenerate(KEYPAIR_BOTH, EXPORT_NONE); + //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 00); + //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 01); + //insECDSA(KEYPAIR_LOCAL, EXPORT_NONE, null); + } + } } /** * + * @throws IOException + * @throws CardException */ - private void ecdh() { - //TODO - //allocate local + remote - //set curve if specified - // + private void ecdh() throws IOException, CardException { + byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + CommandAPDU[] curve = prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass); + cardManager.send(curve); + + if (optPublic != null || optPrivate != null || optKey != null) { + CommandAPDU local = insGenerate(ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE); + cardManager.send(local); + CommandAPDU remote = prepareKey(ECTesterApplet.KEYPAIR_REMOTE); + cardManager.send(remote); + } else { + CommandAPDU both = insGenerate(ECTesterApplet.KEYPAIR_BOTH, ECTesterApplet.EXPORT_NONE); + cardManager.send(both); + } + + CommandAPDU ecdh = insECDH(ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_ECDH, (byte) 0); + ResponseAPDU response = cardManager.send(ecdh); + //TODO output ecdh } /** @@ -389,36 +435,33 @@ public class ECTester { } /** - * Sends the INS_ALLOCATE instruction to the card/simulation. + * Creates the INS_ALLOCATE instruction. * - * @param keypair + * @param keyPair * @param keyLength * @param keyClass - * @return card response - * @throws CardException + * @return apdu to send */ - private ResponseAPDU cmdAllocate(byte keypair, short keyLength, byte keyClass) throws CardException { + private CommandAPDU insAllocate(byte keyPair, short keyLength, byte keyClass) throws CardException { byte[] data = new byte[]{0, 0, keyClass}; Util.setShort(data, 0, keyLength); - CommandAPDU allocate = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ALLOCATE, keypair, 0x00, data); - return cardManager.send(allocate); + return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ALLOCATE, keyPair, 0x00, data); } /** - * Sends the INS_SET instruction to the card/simulation. + * Creates the INS_SET instruction. * - * @param keypair + * @param keyPair * @param export * @param curve * @param params * @param corrupted * @param corruption * @param external - * @return card response - * @throws CardException + * @return apdu to send */ - private ResponseAPDU cmdSet(byte keypair, byte export, byte curve, short params, short corrupted, byte corruption, byte[] external) throws CardException { + private CommandAPDU insSet(byte keyPair, byte export, byte curve, short params, short corrupted, byte corruption, byte[] external) { int len = external != null ? 6 + 2 + external.length : 6; byte[] data = new byte[len]; data[0] = curve; @@ -429,48 +472,44 @@ public class ECTester { System.arraycopy(external, 0, data, 6, external.length); } - CommandAPDU set = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_SET, keypair, export, data); - return cardManager.send(set); + return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_SET, keyPair, export, data); } /** - * Sends the INS_GENERATE instruction to the card/simulation. + * Creates the INS_GENERATE instruction. * - * @param keypair + * @param keyPair * @param export - * @return card response + * @return apdu to send */ - private ResponseAPDU cmdGenerate(byte keypair, byte export) throws CardException { - CommandAPDU generate = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_GENERATE, keypair, export); - return cardManager.send(generate); + private CommandAPDU insGenerate(byte keyPair, byte export) { + return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_GENERATE, keyPair, export); } /** - * Sends the INS_ECDH instruction to the card/simulation. + * Creates the INS_ECDH instruction. * - * @param keypair + * @param pubkey + * @param privkey * @param export - * @param valid - * @return card response - * @throws CardException + * @param invalid + * @return apdu to send */ - private ResponseAPDU cmdECDH(byte keypair, byte export, byte valid) throws CardException { - byte[] data = new byte[1]; - data[0] = valid; + private CommandAPDU insECDH(byte pubkey, byte privkey, byte export, byte invalid) { + byte[] data = new byte[]{export, invalid}; - CommandAPDU ecdh = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDH, keypair, export, data); - return cardManager.send(ecdh); + return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDH, pubkey, privkey, data); } /** - * Sends the INS_ECDSA instruction to the card/simulation. + * Creates the INS_ECDSA instruction. * - * @param keypair + * @param keyPair * @param export * @param raw - * @return card response + * @return apdu to send */ - private ResponseAPDU cmdECDSA(byte keypair, byte export, byte[] raw) throws CardException { + private CommandAPDU insECDSA(byte keyPair, byte export, byte[] raw) { int len = raw != null ? raw.length : 0; byte[] data = new byte[2 + len]; Util.setShort(data, 0, (short) len); @@ -478,8 +517,62 @@ public class ECTester { System.arraycopy(raw, 0, data, 2, len); } - CommandAPDU ecdsa = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDSA, keypair, export, data); - return cardManager.send(ecdsa); + return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDSA, keyPair, export, data); + } + + /** + * @param keyPair + * @param keyLength + * @param keyClass + * @return + * @throws CardException + * @throws FileNotFoundException + */ + private CommandAPDU[] prepareCurve(byte keyPair, short keyLength, byte keyClass) throws CardException, IOException { + List commands = new ArrayList<>(); + commands.add(insAllocate(keyPair, keyLength, keyClass)); + + short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; + if (optNamed) { + commands.add(insSet(keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.getCurve(keyLength, keyClass), domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null)); + } + if (optCurve != null) { + byte[] external = ParamReader.flatten(domainParams, ParamReader.readFile(optCurve)); + if (external == null) { + throw new IOException("Couldn't read the curve file correctly."); + } + commands.add(insSet(keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + } + + return commands.toArray(new CommandAPDU[commands.size()]); + } + + /** + * @param keypair + * @return + * @throws IOException + */ + private CommandAPDU prepareKey(byte keypair) throws IOException { + short params = EC_Consts.PARAMETERS_NONE; + byte[] data = null; + if (optKey != null) { + params |= EC_Consts.PARAMETERS_KEYPAIR; + data = ParamReader.flatten(EC_Consts.PARAMETERS_KEYPAIR, ParamReader.readFile(optKey)); + } + + if (optPublic != null) { + params |= EC_Consts.PARAMETER_W; + data = ParamReader.flatten(EC_Consts.PARAMETER_W, ParamReader.readFile(optPublic)); + } + if (optPrivate != null) { + params |= EC_Consts.PARAMETER_S; + data = Util.concatenate(data, ParamReader.flatten(EC_Consts.PARAMETER_S, ParamReader.readFile(optPrivate))); + } + + if (data == null && params != EC_Consts.PARAMETERS_NONE) { + throw new IOException("Couldn't read the key file correctly."); + } + return insSet(keypair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, data); } public static void main(String[] args) { diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 7af6e9c..aa0dfd5 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -72,7 +72,7 @@ public class Util { byte[] out = new byte[len]; int offset = 0; for (byte[] array : arrays) { - if (array == null) + if (array == null || array.length == 0) continue; System.arraycopy(array, 0, out, offset, array.length); offset += array.length; -- cgit v1.2.3-70-g09d2 From b99a1484397cc1b64a4798fa4a73b0782d99f18e Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 17 Jan 2017 22:35:02 +0100 Subject: reader: implemented ecdh and ecdsa actions, also added some docs - ecdh and ecdsa instructions now work, although without output to file, yet. - added MIT license headers to main classes --- !uploader/ectester.cap | Bin 13350 -> 13350 bytes dist/ECTester.jar | Bin 210499 -> 211786 bytes src/cz/crcs/ectester/applet/ECTesterApplet.java | 107 ++++++++------ src/cz/crcs/ectester/reader/CardMngr.java | 32 ++--- src/cz/crcs/ectester/reader/ECTester.java | 178 +++++++++++++++++------- src/cz/crcs/ectester/reader/ParamReader.java | 5 +- src/cz/crcs/ectester/reader/Util.java | 35 +++++ 7 files changed, 248 insertions(+), 109 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 5eb763e..63dd209 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 0bbc87c..bffc912 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index f304196..dd13fc3 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -1,3 +1,24 @@ +/* + * Copyright (c) 2016-2017 Petr Svenda + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ /* * PACKAGEID: 4C6162616B417070 * APPLETID: 4C6162616B4170706C6574 @@ -11,6 +32,8 @@ import javacard.security.KeyPair; import javacard.security.RandomData; /** + * Reader part of ECTester, a tool for testing Elliptic curve support on javacards. + * * @author Petr Svenda petr@svenda.com * @author Jan Jancar johny@neuromancer.sk */ @@ -125,10 +148,10 @@ public class ECTesterApplet extends Applet { } /** - * Allocate local and remote keypairs. + * Allocates local and remote keyPairs. * returns allocate SWs * - * @param apdu P1 = byte keypair (KEYPAIR_* | ...) + * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) * P2 = * DATA = short keyLength * byte keyClass @@ -137,32 +160,32 @@ public class ECTesterApplet extends Applet { apdu.setIncomingAndReceive(); byte[] apdubuf = apdu.getBuffer(); - byte keypair = apdubuf[ISO7816.OFFSET_P1]; + byte keyPair = apdubuf[ISO7816.OFFSET_P1]; short keyLength = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); byte keyClass = apdubuf[ISO7816.OFFSET_CDATA + 2]; - short len = allocate(keypair, keyLength, keyClass, apdubuf, (short) 0); + short len = allocate(keyPair, keyLength, keyClass, apdubuf, (short) 0); apdu.setOutgoingAndSend((short) 0, len); } /** - * @param keypair which keypair to use, local/remote (KEYPAIR_* | ...) + * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) * @param keyLength key length to set * @param keyClass key class to allocate * @param buffer apdu buffer * @param offset offset into apdu buffer * @return length of data written to the buffer */ - private short allocate(byte keypair, short keyLength, byte keyClass, byte[] buffer, short offset) { + private short allocate(byte keyPair, short keyLength, byte keyClass, byte[] buffer, short offset) { short length = 0; - if ((keypair & KEYPAIR_LOCAL) != 0) { + if ((keyPair & KEYPAIR_LOCAL) != 0) { localKeypair = keyGenerator.allocatePair(keyClass, keyLength); Util.setShort(buffer, offset, keyGenerator.getSW()); length += 2; } - if ((keypair & KEYPAIR_REMOTE) != 0) { + if ((keyPair & KEYPAIR_REMOTE) != 0) { remoteKeypair = keyGenerator.allocatePair(keyClass, keyLength); Util.setShort(buffer, (short) (offset + length), keyGenerator.getSW()); length += 2; @@ -172,10 +195,10 @@ public class ECTesterApplet extends Applet { } /** - * Sets curve parameters on local and remote keypairs. + * Sets curve parameters on local and remote keyPairs. * returns setCurve SWs, set params if export * - * @param apdu P1 = byte keypair (KEYPAIR_* | ...) + * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) * P2 = byte export (EXPORT_* | KEYPAIR_*) * DATA = byte curve (EC_Consts.CURVE_*) * short params (EC_Consts.PARAMETER_* | ...) @@ -183,7 +206,7 @@ public class ECTesterApplet extends Applet { * byte corruptionType (EC_Consts.CORRUPTION_*) *

* if curveID = CURVE_EXTERNAL: - * [short param_length, byte[] param], + * [short paramLength, byte[] param], * for all params in params, * in order: field,a,b,g,r,k,w,s */ @@ -191,7 +214,7 @@ public class ECTesterApplet extends Applet { apdu.setIncomingAndReceive(); byte[] apdubuf = apdu.getBuffer(); - byte keypair = apdubuf[ISO7816.OFFSET_P1]; + byte keyPair = apdubuf[ISO7816.OFFSET_P1]; byte export = apdubuf[ISO7816.OFFSET_P2]; byte curve = apdubuf[ISO7816.OFFSET_CDATA]; short params = Util.getShort(apdubuf, (short) (ISO7816.OFFSET_CDATA + 1)); @@ -200,9 +223,9 @@ public class ECTesterApplet extends Applet { short len = 0; - if ((keypair & KEYPAIR_LOCAL) != 0) + if ((keyPair & KEYPAIR_LOCAL) != 0) len += set(localKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 6), (short) 0); - if ((keypair & KEYPAIR_REMOTE) != 0) + if ((keyPair & KEYPAIR_REMOTE) != 0) len += set(remoteKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 6), len); if ((export & KEYPAIR_LOCAL) != 0) len += export(localKeypair, export, params, apdubuf, len); @@ -213,7 +236,7 @@ public class ECTesterApplet extends Applet { } /** - * @param keypair KeyPair to set params on + * @param keyPair KeyPair to set params on * @param curve curve to set (EC_Consts.CURVE_*) * @param params parameters to set (EC_Consts.PARAMETER_* | ...) * @param corrupted parameters to corrupt (EC_Consts.PARAMETER_* | ...) @@ -223,7 +246,7 @@ public class ECTesterApplet extends Applet { * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short set(KeyPair keypair, byte curve, short params, short corrupted, byte corruption, byte[] buffer, short inOffset, short outOffset) { + private short set(KeyPair keyPair, byte curve, short params, short corrupted, byte corruption, byte[] buffer, short inOffset, short outOffset) { short sw = ISO7816.SW_NO_ERROR; switch (curve) { @@ -232,38 +255,38 @@ public class ECTesterApplet extends Applet { break; case EC_Consts.CURVE_external: //external - sw = keyGenerator.setExternalCurve(keypair, params, buffer, inOffset); + sw = keyGenerator.setExternalCurve(keyPair, params, buffer, inOffset); break; default: //custom - sw = keyGenerator.setCurve(keypair, curve, params, ramArray, (short) 0); + sw = keyGenerator.setCurve(keyPair, curve, params, ramArray, (short) 0); break; } if (sw == ISO7816.SW_NO_ERROR) - sw = keyGenerator.corruptCurve(keypair, corrupted, corruption, ramArray, (short) 0); + sw = keyGenerator.corruptCurve(keyPair, corrupted, corruption, ramArray, (short) 0); Util.setShort(buffer, outOffset, sw); return 2; } /** - * Generates the local and remote keypairs. + * Generates the local and remote keyPairs. * returns generate SWs, pubkey and privkey if export * - * @param apdu P1 = byte keypair (KEYPAIR_* | ...) + * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) * P2 = byte export (EXPORT_* | KEYPAIR_*) */ private void insGenerate(APDU apdu) { apdu.setIncomingAndReceive(); byte[] apdubuf = apdu.getBuffer(); - byte keypair = apdubuf[ISO7816.OFFSET_P1]; + byte keyPair = apdubuf[ISO7816.OFFSET_P1]; byte export = apdubuf[ISO7816.OFFSET_P2]; short len = 0; - if ((keypair & KEYPAIR_LOCAL) != 0) + if ((keyPair & KEYPAIR_LOCAL) != 0) len += generate(localKeypair, apdubuf, (short) 0); - if ((keypair & KEYPAIR_REMOTE) != 0) + if ((keyPair & KEYPAIR_REMOTE) != 0) len += generate(remoteKeypair, apdubuf, len); if ((export & KEYPAIR_LOCAL) != 0) len += export(localKeypair, export, (short) (EC_Consts.PARAMETER_W | EC_Consts.PARAMETER_S), apdubuf, len); @@ -274,44 +297,44 @@ public class ECTesterApplet extends Applet { } /** - * @param keypair KeyPair to generate + * @param keyPair KeyPair to generate * @param buffer buffer to write sw to * @param offset output offset in buffer * @return length of data written to the buffer */ - private short generate(KeyPair keypair, byte[] buffer, short offset) { - short sw = keyGenerator.generatePair(keypair); + private short generate(KeyPair keyPair, byte[] buffer, short offset) { + short sw = keyGenerator.generatePair(keyPair); Util.setShort(buffer, offset, sw); return 2; } /** - * @param keypair KeyPair to export from + * @param keyPair KeyPair to export from * @param export which key to export from (EXPORT_PUBLIC | EXPORT_PRIVATE) * @param params which params to export (EC_Consts.PARAMETER_* | ...) * @param buffer buffer to export params to * @param offset output offset in buffer * @return length of data written to the buffer */ - private short export(KeyPair keypair, byte export, short params, byte[] buffer, short offset) { + private short export(KeyPair keyPair, byte export, short params, byte[] buffer, short offset) { short length = 0; if ((export & EXPORT_PUBLIC) != 0) { //export params from public - length += keyGenerator.exportParameters(keypair, ECKeyGenerator.KEY_PUBLIC, params, buffer, offset); + length += keyGenerator.exportParameters(keyPair, ECKeyGenerator.KEY_PUBLIC, params, buffer, offset); } if ((export & EXPORT_PRIVATE) != 0) { //export params from private - length += keyGenerator.exportParameters(keypair, ECKeyGenerator.KEY_PRIVATE, params, buffer, (short) (offset + length)); + length += keyGenerator.exportParameters(keyPair, ECKeyGenerator.KEY_PRIVATE, params, buffer, (short) (offset + length)); } return length; } /** - * Does ECDH, between the pubkey specified in P1(local/remote) and the privkey specified in P2(local/remote). + * Performs ECDH, between the pubkey specified in P1(local/remote) and the privkey specified in P2(local/remote). * returns deriveSecret SW, if export != 0 => short secretlen, byte[] secret * * @param apdu P1 = byte pubkey (KEYPAIR_*) @@ -334,8 +357,8 @@ public class ECTesterApplet extends Applet { } /** - * @param pubkey keypair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) - * @param privkey keypair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDH secret * @param invalid whether to invalidate the pubkey before ECDH * @param buffer buffer to write sw to, and export ECDH secret if (export & EXPORT_ECDH) != 0 @@ -369,35 +392,35 @@ public class ECTesterApplet extends Applet { } /** - * Does and ECDSA signature and verification on data provided, using the keypair in P1(local/remote). + * Performs ECDSA signature and verification on data provided or random, using the keyPair in P1(local/remote). * returns ecdsa SW, if export != 0 => short signature_length, byte[] signature * - * @param apdu P1 = byte keypair (KEYPAIR_*) + * @param apdu P1 = byte keyPair (KEYPAIR_*) * P2 = byte export (EXPORT_SIG || 0) - * DATA = short data_length (00 = random data generated, !00 = data length) + * DATA = short dataLength (00 = random data generated, !00 = data length) * byte[] data */ private void insECDSA(APDU apdu) { apdu.setIncomingAndReceive(); byte[] apdubuf = apdu.getBuffer(); - byte keypair = apdubuf[ISO7816.OFFSET_P1]; + byte keyPair = apdubuf[ISO7816.OFFSET_P1]; byte export = apdubuf[ISO7816.OFFSET_P2]; - short len = ecdsa(keypair, export, apdubuf, ISO7816.OFFSET_CDATA, (short) 0); + short len = ecdsa(keyPair, export, apdubuf, ISO7816.OFFSET_CDATA, (short) 0); apdu.setOutgoingAndSend((short) 0, len); } /** - * @param keypair keypair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param keyPair keyPair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDSA signature * @param buffer buffer to write sw to, and export ECDSA signature if (export & EXPORT_SIG) != 0 * @param inOffset input offset in buffer * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short ecdsa(byte keypair, byte export, byte[] buffer, short inOffset, short outOffset) { + private short ecdsa(byte keyPair, byte export, byte[] buffer, short inOffset, short outOffset) { short length = 0; short dataLength = Util.getShort(buffer, inOffset); @@ -409,7 +432,7 @@ public class ECTesterApplet extends Applet { Util.arrayCopyNonAtomic(buffer, (short) (inOffset + 2), ramArray, (short) 0, dataLength); } - KeyPair sign = ((keypair & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; + KeyPair sign = ((keyPair & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; short signatureLength = keyTester.testECDSA((ECPrivateKey) sign.getPrivate(), (ECPublicKey) sign.getPublic(), ramArray, (short) 0, dataLength, ramArray2, (short) 0); Util.setShort(buffer, outOffset, keyTester.getSW()); diff --git a/src/cz/crcs/ectester/reader/CardMngr.java b/src/cz/crcs/ectester/reader/CardMngr.java index aab7da9..9cdd055 100644 --- a/src/cz/crcs/ectester/reader/CardMngr.java +++ b/src/cz/crcs/ectester/reader/CardMngr.java @@ -2,11 +2,11 @@ package cz.crcs.ectester.reader; import com.licel.jcardsim.io.CAD; import com.licel.jcardsim.io.JavaxSmartCardInterface; -import java.util.List; -import java.util.Scanner; import javacard.framework.AID; import javax.smartcardio.*; +import java.util.List; +import java.util.Scanner; /** * @author Petr Svenda petr@svenda.com @@ -16,16 +16,16 @@ public class CardMngr { private CardTerminal terminal = null; private CardChannel channel = null; private Card card = null; - + // Simulator related attributes private CAD cad = null; private JavaxSmartCardInterface simulator = null; private boolean simulate = false; - + private final byte selectCM[] = { - (byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x07, (byte) 0xa0, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x18, (byte) 0x43, (byte) 0x4d}; + (byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x07, (byte) 0xa0, (byte) 0x00, (byte) 0x00, + (byte) 0x00, (byte) 0x18, (byte) 0x43, (byte) 0x4d}; public static final byte OFFSET_CLA = 0x00; public static final byte OFFSET_INS = 0x01; @@ -42,7 +42,7 @@ public class CardMngr { this(false); } - public CardMngr(boolean simulate) { + public CardMngr(boolean simulate) { this.simulate = simulate; } @@ -70,14 +70,14 @@ public class CardMngr { //reset the card System.out.println(Util.bytesToHex(card.getATR().getBytes())); - + cardFound = true; } } return cardFound; } - + public boolean connectToCardSelect() throws CardException { if (simulate) return true; @@ -113,7 +113,7 @@ public class CardMngr { terminal = terminalList.get(answ); } } - + if (terminal != null) { card = terminal.connect("*"); System.out.println("card: " + card); @@ -190,15 +190,15 @@ public class CardMngr { apdu[OFFSET_LC] = (byte) 0x00; ResponseAPDU resp = send(apdu); - - System.out.println("Response: " + Integer.toHexString(resp.getSW())); - + + System.out.println("Response: " + Integer.toHexString(resp.getSW())); + if (resp.getSW() != 0x6D00) { // Note: 0x6D00 is SW_INS_NOT_SUPPORTED // something? } } } - + public static List getReaderList() { try { TerminalFactory factory = TerminalFactory.getDefault(); @@ -242,14 +242,14 @@ public class CardMngr { CommandAPDU commandAPDU = new CommandAPDU(apdu); return sendAPDU(commandAPDU); } - + public boolean prepareLocalSimulatorApplet(byte[] appletAIDArray, byte[] installData, Class appletClass) { System.setProperty("com.licel.jcardsim.terminal.type", "2"); cad = new CAD(System.getProperties()); simulator = (JavaxSmartCardInterface) cad.getCardInterface(); AID appletAID = new AID(appletAIDArray, (short) 0, (byte) appletAIDArray.length); - AID appletAIDRes = simulator.installApplet(appletAID, appletClass, installData, (short) 0, (byte) installData.length); + AID appletAIDRes = simulator.installApplet(appletAID, appletClass, installData, (short) 0, (byte) installData.length); return simulator.selectApplet(appletAID); } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 6d1be42..1ee0015 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -1,3 +1,24 @@ +/* + * Copyright (c) 2016-2017 Petr Svenda + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; @@ -8,14 +29,17 @@ import org.apache.commons.cli.*; import javax.smartcardio.CardException; import javax.smartcardio.CommandAPDU; import javax.smartcardio.ResponseAPDU; +import java.io.File; import java.io.FileNotFoundException; -import java.io.FileOutputStream; import java.io.FileWriter; import java.io.IOException; +import java.nio.file.Files; import java.util.ArrayList; import java.util.List; /** + * Reader part of ECTester, a tool for testing Elliptic curve support on javacards. + * * @author Petr Svenda petr@svenda.com * @author Jan Jancar johny@neuromancer.sk */ @@ -23,7 +47,6 @@ public class ECTester { private CardMngr cardManager = null; private DirtyLogger systemOutLogger = null; - private FileOutputStream outputFile = null; //Options private int optBits; @@ -56,7 +79,7 @@ public class ECTester { private static final byte[] ALLOCATE = { (byte) 0xB0, (byte) 0x5a, //INS ALLOCATE - (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P1 *byte keyPair (byte) 0x00, //P2 (byte) 0x03, //LC (byte) 0x00, //DATA *short keyLength @@ -67,7 +90,7 @@ public class ECTester { private static final byte[] SET = { (byte) 0xB0, (byte) 0x5B, //INS SET - (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P1 *byte keyPair (byte) 0x00, //P2 *byte export (byte) 0x06, //LC (byte) 0x00, //DATA *byte curve @@ -82,7 +105,7 @@ public class ECTester { private static final byte[] GENERATE = { (byte) 0xB0, (byte) 0x5C, //INS GENERATE - (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P1 *byte keyPair (byte) 0x00, //P2 *byte export (byte) 0x00 //LC }; @@ -90,7 +113,7 @@ public class ECTester { private static final byte[] ECDH = { (byte) 0xB0, (byte) 0x5D, //INS ECDH - (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P1 *byte keyPair (byte) 0x00, //P2 *byte export (byte) 0x01, //LC (byte) 0x00 //DATA *byte valid @@ -99,7 +122,7 @@ public class ECTester { private static final byte[] ECDSA = { (byte) 0xB0, (byte) 0x5E, //INS ECDSA - (byte) 0x00, //P1 *byte keypair + (byte) 0x00, //P1 *byte keyPair (byte) 0x00, //P2 *byte export (byte) 0x00, //LC //DATA [*short dataLength, byte[] data] @@ -177,6 +200,13 @@ public class ECTester { } } + /** + * Parses command-line options. + * + * @param args cli arguments + * @return parsed CommandLine object + * @throws ParseException if there are any problems encountered while parsing the command line tokens + */ private CommandLine parseArgs(String[] args) throws ParseException { /* * Actions: @@ -221,7 +251,7 @@ public class ECTester { opts.addOption(Option.builder("f2m").longOpt("binary-field").desc("Use binary field curve.").build()); opts.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file [pubkey_file] (wx,wy).").hasArg().argName("pubkey_file").build()); opts.addOption(Option.builder("priv").longOpt("private").desc("Use private key from file [privkey_file] (s).").hasArg().argName("privkey_file").build()); - opts.addOption(Option.builder("k").longOpt("key").desc("Use keypair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); + opts.addOption(Option.builder("k").longOpt("key").desc("Use keyPair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); opts.addOption(Option.builder("o").longOpt("output").desc("Output into file [output_file].").hasArg().argName("output_file").build()); opts.addOption(Option.builder("l").longOpt("log").desc("Log output into file [log_file].").hasArg().argName("log_file").optionalArg(true).build()); opts.addOption(Option.builder("s").longOpt("simulate").desc("Simulate a card with jcardsim instead of using a terminal.").build()); @@ -301,6 +331,19 @@ public class ECTester { } } else if (cli.hasOption("ecdsa")) { + if (optPrimeField == optBinaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (optAll) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + if ((optPublic == null) != (optPrivate == null)) { + System.err.println("You have cannot only specify a part of a keypair."); + return false; + } + optECDSASign = cli.getOptionValue("ecdsa"); } @@ -316,9 +359,10 @@ public class ECTester { } /** - * Generates EC keypairs and outputs them to output file. - * @throws CardException - * @throws IOException + * Generates EC keyPairs and outputs them to output file. + * + * @throws CardException if APDU transmission fails + * @throws IOException if an IO error occurs when writing to key file. */ private void generate() throws CardException, IOException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; @@ -360,9 +404,10 @@ public class ECTester { } /** - * Tests + * Tests Elliptic curve support for a given curve/curves. */ private void test() { + //TODO if (optAll) { if (optPrimeField) { //iterate over prime curve sizes used: EC_Consts.FP_SIZES @@ -404,9 +449,10 @@ public class ECTester { } /** + * Performs ECDH key exchange. * - * @throws IOException - * @throws CardException + * @throws CardException if APDU transmission fails + * @throws IOException if an IO error occurs when writing to key file. */ private void ecdh() throws IOException, CardException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; @@ -425,24 +471,55 @@ public class ECTester { CommandAPDU ecdh = insECDH(ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_ECDH, (byte) 0); ResponseAPDU response = cardManager.send(ecdh); - //TODO output ecdh + //TODO print response SWs/error codes + //TODO output to file } /** + * Performs ECDSA signature, on random or provided data. + * + * @throws CardException if APDU transmission fails + * @throws IOException if an IO error occurs when writing to key file. */ - private void ecdsa() { - //TODO + private void ecdsa() throws CardException, IOException { + byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + CommandAPDU[] curve = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass); + cardManager.send(curve); + + if (optKey != null || (optPublic != null && optPrivate != null)) { + CommandAPDU set = prepareKey(ECTesterApplet.KEYPAIR_LOCAL); + cardManager.send(set); + } else { + CommandAPDU generate = insGenerate(ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE); + cardManager.send(generate); + } + + //read file, if asked to sign + byte[] data = null; + if (optECDSASign != null) { + File in = new File(optECDSASign); + long len = in.length(); + if (len == 0) { + throw new FileNotFoundException("File " + optECDSASign + " not found."); + } + data = Files.readAllBytes(in.toPath()); + } + + CommandAPDU ecdsa = insECDSA(ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_SIG, data); + ResponseAPDU response = cardManager.send(ecdsa); + //TODO print response SWs/error codes + //TODO output to file } /** * Creates the INS_ALLOCATE instruction. * - * @param keyPair - * @param keyLength - * @param keyClass + * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) + * @param keyLength key length to set + * @param keyClass key class to allocate * @return apdu to send */ - private CommandAPDU insAllocate(byte keyPair, short keyLength, byte keyClass) throws CardException { + private CommandAPDU insAllocate(byte keyPair, short keyLength, byte keyClass) { byte[] data = new byte[]{0, 0, keyClass}; Util.setShort(data, 0, keyLength); @@ -452,13 +529,13 @@ public class ECTester { /** * Creates the INS_SET instruction. * - * @param keyPair - * @param export - * @param curve - * @param params - * @param corrupted - * @param corruption - * @param external + * @param keyPair which keyPair to set params on, local/remote (KEYPAIR_* || ...) + * @param export whether to export set params from keyPair + * @param curve curve to set (EC_Consts.CURVE_*) + * @param params parameters to set (EC_Consts.PARAMETER_* | ...) + * @param corrupted parameters to corrupt (EC_Consts.PARAMETER_* | ...) + * @param corruption corruption type (EC_Consts.CORRUPTION_*) + * @param external external curve data, can be null * @return apdu to send */ private CommandAPDU insSet(byte keyPair, byte export, byte curve, short params, short corrupted, byte corruption, byte[] external) { @@ -478,8 +555,8 @@ public class ECTester { /** * Creates the INS_GENERATE instruction. * - * @param keyPair - * @param export + * @param keyPair which keyPair to generate, local/remote (KEYPAIR_* || ...) + * @param export whether to export generated keys from keyPair * @return apdu to send */ private CommandAPDU insGenerate(byte keyPair, byte export) { @@ -489,10 +566,10 @@ public class ECTester { /** * Creates the INS_ECDH instruction. * - * @param pubkey - * @param privkey - * @param export - * @param invalid + * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param export whether to export ECDH secret + * @param invalid whether to invalidate the pubkey before ECDH * @return apdu to send */ private CommandAPDU insECDH(byte pubkey, byte privkey, byte export, byte invalid) { @@ -504,9 +581,9 @@ public class ECTester { /** * Creates the INS_ECDSA instruction. * - * @param keyPair - * @param export - * @param raw + * @param keyPair keyPair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param export whether to export ECDSA signature + * @param raw data to sign, can be null, in which case random data is signed. * @return apdu to send */ private CommandAPDU insECDSA(byte keyPair, byte export, byte[] raw) { @@ -521,14 +598,13 @@ public class ECTester { } /** - * @param keyPair - * @param keyLength - * @param keyClass - * @return - * @throws CardException - * @throws FileNotFoundException + * @param keyPair which keyPair/s (local/remote) to set curve domain parameters on + * @param keyLength key length to allocate + * @param keyClass key class to allocate + * @return an array of CommandAPDUs to send in order to prepare the keypair/s. + * @throws IOException if curve file cannot be found/opened */ - private CommandAPDU[] prepareCurve(byte keyPair, short keyLength, byte keyClass) throws CardException, IOException { + private CommandAPDU[] prepareCurve(byte keyPair, short keyLength, byte keyClass) throws IOException { List commands = new ArrayList<>(); commands.add(insAllocate(keyPair, keyLength, keyClass)); @@ -548,11 +624,11 @@ public class ECTester { } /** - * @param keypair - * @return - * @throws IOException + * @param keyPair which keyPair/s to set the key params on + * @return a CommandAPDU setting params loaded on the keyPair/s + * @throws IOException if any of the key files cannot be found/opened */ - private CommandAPDU prepareKey(byte keypair) throws IOException { + private CommandAPDU prepareKey(byte keyPair) throws IOException { short params = EC_Consts.PARAMETERS_NONE; byte[] data = null; if (optKey != null) { @@ -570,9 +646,13 @@ public class ECTester { } if (data == null && params != EC_Consts.PARAMETERS_NONE) { + /* + TODO: this is not correct, in case (optPublic != null) and (optPrivate != null), + only one can actually load(return not null from ParamReader.flatten) and an exception will not be thrown + */ throw new IOException("Couldn't read the key file correctly."); } - return insSet(keypair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, data); + return insSet(keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, data); } public static void main(String[] args) { diff --git a/src/cz/crcs/ectester/reader/ParamReader.java b/src/cz/crcs/ectester/reader/ParamReader.java index 5232326..ca14d2d 100644 --- a/src/cz/crcs/ectester/reader/ParamReader.java +++ b/src/cz/crcs/ectester/reader/ParamReader.java @@ -9,6 +9,7 @@ import java.util.Scanner; import java.util.regex.Pattern; /** + * * @author Jan Jancar johny@neuromancer.sk */ public class ParamReader { @@ -18,7 +19,7 @@ public class ParamReader { * Flattens params read from String[] data into a byte[] with their lengths prepended as short entries. * @param params (EC_Consts.PARAMETER_* | ...) * @param data data read by readString, readFile, readResource - * @return byte[] with params flattened + * @return byte[] with params flattened, or null */ public static byte[] flatten(short params, String[] data) { if (!validate(data)) { @@ -42,7 +43,7 @@ public class ParamReader { if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { //read another param (the y coord) and put into X962 format. byte[] y = parse(data[i + 1]); - param = Util.concatenate(new byte[]{4}, param, y); + param = Util.concatenate(new byte[]{4}, param, y);//<- ugly but works! i++; } if (param.length == 0) diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index aa0dfd5..1464728 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -1,6 +1,12 @@ package cz.crcs.ectester.reader; +import cz.crcs.ectester.applet.ECTesterApplet; +import javacard.framework.ISO7816; +import javacard.security.CryptoException; + /** + * Utility class, some byte/hex manipulation, convenient byte[] methods. + * * @author Petr Svenda petr@svenda.com * @author Jan Jancar johny@neuromancer.sk */ @@ -79,4 +85,33 @@ public class Util { } return out; } + + public static String getPrintError(short code) { + if (code == ISO7816.SW_NO_ERROR) { + return "OK\t(0x9000)"; + } else { + String codeStr = "unknown"; + switch (code) { + case CryptoException.ILLEGAL_VALUE: + codeStr = "ILLEGAL_VALUE"; + break; + case CryptoException.UNINITIALIZED_KEY: + codeStr = "UNINITIALIZED_KEY"; + break; + case CryptoException.NO_SUCH_ALGORITHM: + codeStr = "NO_SUCH_ALG"; + break; + case CryptoException.INVALID_INIT: + codeStr = "INVALID_INIT"; + break; + case CryptoException.ILLEGAL_USE: + codeStr = "ILLEGAL_USE"; + break; + case ECTesterApplet.SW_SIG_VERIFY_FAIL: + codeStr = "SIG_VERIFY_FAIL"; + break; + } + return String.format("fail\t(%s,\t0x%4x)", codeStr, code); + } + } } -- cgit v1.2.3-70-g09d2 From 2e677ed35520f4c3380461205c548fba28998c40 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 17 Jan 2017 23:42:47 +0100 Subject: reader: fixed -h option --- dist/ECTester.jar | Bin 211786 -> 211888 bytes src/cz/crcs/ectester/reader/ECTester.java | 8 ++++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/dist/ECTester.jar b/dist/ECTester.jar index bffc912..a5bf4e3 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 1ee0015..1f70d4f 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -35,6 +35,7 @@ import java.io.FileWriter; import java.io.IOException; import java.nio.file.Files; import java.util.ArrayList; +import java.util.Comparator; import java.util.List; /** @@ -237,7 +238,6 @@ public class ECTester { opts.addOptionGroup(actions); OptionGroup size = new OptionGroup(); - size.setRequired(true); size.addOption(Option.builder("b").longOpt("bit-size").desc("Set curve size.").hasArg().argName("b").build()); size.addOption(Option.builder("a").longOpt("all").desc("Test all curve sizes.").build()); opts.addOptionGroup(size); @@ -290,6 +290,10 @@ public class ECTester { System.err.println("Bit-size must not be negative."); return false; } + if (optBits == 0 && !optAll) { + System.err.println("You must specify either bit-size with -b or all bit-sizes with -a."); + return false; + } if (cli.hasOption("generate")) { if (optPrimeField == optBinaryField) { @@ -355,7 +359,7 @@ public class ECTester { */ private void help() { HelpFormatter help = new HelpFormatter(); - help.printHelp("ECTester.jar", CLI_HEADER, opts, CLI_FOOTER); + help.printHelp("ECTester.jar", CLI_HEADER, opts, CLI_FOOTER, true); } /** -- cgit v1.2.3-70-g09d2 From 636306e09a84ac785d2711117640efe914ae020f Mon Sep 17 00:00:00 2001 From: J08nY Date: Sun, 22 Jan 2017 03:17:36 +0100 Subject: reader: Added a Command and Response abstraction - For easier testing - Command assembles the correct instruction from params in its constructor - Command.send() sends the command and obtains the Response with timing - Response parses the ResponseAPDU in its constructor and provides convenience methods to access its contents/SWs/success /failure/print data: Added more curves --- !uploader/ectester.cap | Bin 13350 -> 13377 bytes dist/ECTester.jar | Bin 211888 -> 75369 bytes src/cz/crcs/ectester/applet/ECKeyGenerator.java | 54 ++- src/cz/crcs/ectester/applet/ECTesterApplet.java | 192 +++++----- .../ectester/data/brainpool/brainpoolP160r1.txt | 7 + .../ectester/data/brainpool/brainpoolP160t1.txt | 7 + .../ectester/data/brainpool/brainpoolP192r1.txt | 7 + .../ectester/data/brainpool/brainpoolP192t1.txt | 7 + .../ectester/data/brainpool/brainpoolP224r1.txt | 7 + .../ectester/data/brainpool/brainpoolP224t1.txt | 7 + .../ectester/data/brainpool/brainpoolP256r1.txt | 7 + .../ectester/data/brainpool/brainpoolP256t1.txt | 7 + .../ectester/data/brainpool/brainpoolP320r1.txt | 7 + .../ectester/data/brainpool/brainpoolP320t1.txt | 7 + .../ectester/data/brainpool/brainpoolP384r1.txt | 7 + .../ectester/data/brainpool/brainpoolP384t1.txt | 7 + .../ectester/data/brainpool/brainpoolP512r1.txt | 7 + .../ectester/data/brainpool/brainpoolP512t1.txt | 7 + src/cz/crcs/ectester/data/ecsp128.txt | 7 - src/cz/crcs/ectester/data/ecsp128_pub.txt | 2 - src/cz/crcs/ectester/data/ecsp160.txt | 7 - src/cz/crcs/ectester/data/ecsp160_pub.txt | 2 - src/cz/crcs/ectester/data/ecsp192.txt | 7 - src/cz/crcs/ectester/data/ecsp192_pub.txt | 2 - src/cz/crcs/ectester/data/ecsp224.txt | 7 - src/cz/crcs/ectester/data/ecsp224_pub.txt | 2 - src/cz/crcs/ectester/data/ecsp256.txt | 7 - src/cz/crcs/ectester/data/ecsp256_pub.txt | 2 - src/cz/crcs/ectester/data/ecsp384.txt | 7 - src/cz/crcs/ectester/data/ecsp384_pub.txt | 2 - src/cz/crcs/ectester/data/ecsp521.txt | 7 - src/cz/crcs/ectester/data/ecsp521_pub.txt | 2 - src/cz/crcs/ectester/data/nist/p192.txt | 7 + src/cz/crcs/ectester/data/nist/p224.txt | 7 + src/cz/crcs/ectester/data/nist/p256.txt | 7 + src/cz/crcs/ectester/data/nist/p384.txt | 7 + src/cz/crcs/ectester/data/nist/p521.txt | 7 + src/cz/crcs/ectester/data/secg/secp192k1.txt | 7 + src/cz/crcs/ectester/data/secg/secp192r1.txt | 7 + src/cz/crcs/ectester/data/secg/secp224r1.txt | 7 + src/cz/crcs/ectester/data/secg/secp256k1.txt | 7 + src/cz/crcs/ectester/data/secg/secp256r1.txt | 7 + src/cz/crcs/ectester/data/secg/secp384r1.txt | 7 + src/cz/crcs/ectester/data/secg/secp521r1.txt | 7 + src/cz/crcs/ectester/data/secg/sect163k1.txt | 9 + src/cz/crcs/ectester/data/secg/sect163r1.txt | 9 + src/cz/crcs/ectester/data/secg/sect163r2.txt | 9 + src/cz/crcs/ectester/data/secg/sect233k1.txt | 7 + src/cz/crcs/ectester/data/secg/sect233r1.txt | 7 + src/cz/crcs/ectester/data/secg/sect239k1.txt | 7 + src/cz/crcs/ectester/data/secg/sect283k1.txt | 9 + src/cz/crcs/ectester/data/secg/sect283r1.txt | 9 + src/cz/crcs/ectester/data/secg/sect409k1.txt | 7 + src/cz/crcs/ectester/data/secg/sect409r1.txt | 7 + src/cz/crcs/ectester/data/secg/sect571k1.txt | 9 + src/cz/crcs/ectester/data/secg/sect571r1.txt | 9 + src/cz/crcs/ectester/data/secp192k1.txt | 7 - src/cz/crcs/ectester/data/secp192r1.txt | 7 - src/cz/crcs/ectester/data/secp224r1.txt | 7 - src/cz/crcs/ectester/data/secp256k1.txt | 7 - src/cz/crcs/ectester/data/secp256r1.txt | 7 - src/cz/crcs/ectester/data/secp384r1.txt | 7 - src/cz/crcs/ectester/data/secp521r1.txt | 7 - src/cz/crcs/ectester/data/sect163k1.txt | 9 - src/cz/crcs/ectester/data/sect163r1.txt | 9 - src/cz/crcs/ectester/data/sect163r2.txt | 9 - src/cz/crcs/ectester/data/sect233k1.txt | 7 - src/cz/crcs/ectester/data/sect233r1.txt | 7 - src/cz/crcs/ectester/data/sect239k1.txt | 7 - src/cz/crcs/ectester/data/sect283k1.txt | 9 - src/cz/crcs/ectester/data/sect283r1.txt | 9 - src/cz/crcs/ectester/data/sect409k1.txt | 7 - src/cz/crcs/ectester/data/sect409r1.txt | 7 - src/cz/crcs/ectester/data/sect571k1.txt | 9 - src/cz/crcs/ectester/data/sect571r1.txt | 9 - src/cz/crcs/ectester/data/smallpub/ecsp128.txt | 7 + src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt | 2 + src/cz/crcs/ectester/data/smallpub/ecsp160.txt | 7 + src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt | 2 + src/cz/crcs/ectester/data/smallpub/ecsp192.txt | 7 + src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt | 2 + src/cz/crcs/ectester/data/smallpub/ecsp224.txt | 7 + src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt | 2 + src/cz/crcs/ectester/data/smallpub/ecsp256.txt | 7 + src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt | 2 + src/cz/crcs/ectester/data/smallpub/ecsp384.txt | 7 + src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt | 2 + src/cz/crcs/ectester/data/smallpub/ecsp521.txt | 7 + src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt | 2 + src/cz/crcs/ectester/reader/CardMngr.java | 11 +- src/cz/crcs/ectester/reader/Command.java | 241 ++++++++++++ src/cz/crcs/ectester/reader/DirtyLogger.java | 1 + src/cz/crcs/ectester/reader/ECTester.java | 187 +++------- src/cz/crcs/ectester/reader/Response.java | 410 +++++++++++++++++++++ src/cz/crcs/ectester/reader/Util.java | 10 +- 95 files changed, 1184 insertions(+), 475 deletions(-) create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp128.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp128_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp160.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp160_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp192.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp192_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp224.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp224_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp256.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp256_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp384.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp384_pub.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp521.txt delete mode 100644 src/cz/crcs/ectester/data/ecsp521_pub.txt create mode 100644 src/cz/crcs/ectester/data/nist/p192.txt create mode 100644 src/cz/crcs/ectester/data/nist/p224.txt create mode 100644 src/cz/crcs/ectester/data/nist/p256.txt create mode 100644 src/cz/crcs/ectester/data/nist/p384.txt create mode 100644 src/cz/crcs/ectester/data/nist/p521.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp192k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp192r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp224r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp256k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp256r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp384r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp521r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect163k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect163r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect163r2.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect233k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect233r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect239k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect283k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect283r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect409k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect409r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect571k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect571r1.txt delete mode 100644 src/cz/crcs/ectester/data/secp192k1.txt delete mode 100644 src/cz/crcs/ectester/data/secp192r1.txt delete mode 100644 src/cz/crcs/ectester/data/secp224r1.txt delete mode 100644 src/cz/crcs/ectester/data/secp256k1.txt delete mode 100644 src/cz/crcs/ectester/data/secp256r1.txt delete mode 100644 src/cz/crcs/ectester/data/secp384r1.txt delete mode 100644 src/cz/crcs/ectester/data/secp521r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect163k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect163r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect163r2.txt delete mode 100644 src/cz/crcs/ectester/data/sect233k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect233r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect239k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect283k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect283r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect409k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect409r1.txt delete mode 100644 src/cz/crcs/ectester/data/sect571k1.txt delete mode 100644 src/cz/crcs/ectester/data/sect571r1.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp128.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp160.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp192.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp224.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp256.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp384.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp521.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt create mode 100644 src/cz/crcs/ectester/reader/Command.java create mode 100644 src/cz/crcs/ectester/reader/Response.java diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 63dd209..a7da4dc 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index a5bf4e3..b0dae23 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index 47f9c94..417944c 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -72,6 +72,10 @@ public class ECKeyGenerator { byte alg = EC_Consts.getCurveType(curve); sw = ISO7816.SW_NO_ERROR; + if (params == EC_Consts.PARAMETERS_NONE) { + return sw; + } + short length; if (alg == KeyPair.ALG_EC_FP && (params & EC_Consts.PARAMETER_FP) != 0) { length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_FP, buffer, offset); @@ -119,6 +123,9 @@ public class ECKeyGenerator { */ public short corruptCurve(KeyPair keypair, byte key, short corruptParams, byte corruption, byte[] buffer, short offset) { sw = ISO7816.SW_NO_ERROR; + if (corruptParams == EC_Consts.PARAMETERS_NONE) { + return sw; + } //go through param bit by bit, and invalidate all selected params short paramMask = EC_Consts.PARAMETER_FP; @@ -244,6 +251,9 @@ public class ECKeyGenerator { */ public short setExternalCurve(KeyPair keypair, byte key, short params, byte[] inBuffer, short inOffset) { sw = ISO7816.SW_NO_ERROR; + if (params == EC_Consts.PARAMETERS_NONE) { + return sw; + } short paramMask = EC_Consts.PARAMETER_FP; while (paramMask <= EC_Consts.PARAMETER_S) { @@ -261,11 +271,14 @@ public class ECKeyGenerator { } /** - * @param key - * @param param - * @param outputBuffer - * @param outputOffset - * @return + * Exports a selected parameter from a given keyPairs key. + * + * @param keypair keypair to export from + * @param key key to export from (KEY_PUBLIC | KEY_PRIVATE) + * @param param parameter to export (EC_Consts.PARAMETER_* || ...) + * @param outputBuffer buffer to write to + * @param outputOffset offset to start writing in buffer + * @return length of data written */ public short exportParameter(KeyPair keypair, byte key, short param, byte[] outputBuffer, short outputOffset) { sw = ISO7816.SW_NO_ERROR; @@ -319,18 +332,25 @@ public class ECKeyGenerator { } /** - * @param keypair - * @param key - * @param params - * @param buffer - * @param offset - * @return + * Exports selected parameters from a given keyPairs key. + * Raw parameter data is always prepended by its length as a + * short value. The order of parameters is the usual one from + * EC_Consts: field,a,b,g,r,k,w,s. + * + * @param keypair keyPair to export from + * @param key key to export from (KEY_PUBLIC || KEY_PRIVATE) + * @param params params to export (EC_Consts.PARAMETER_* | ...) + * @param buffer buffer to export to + * @param offset offset to start writing in buffer + * @return length of data written */ public short exportParameters(KeyPair keypair, byte key, short params, byte[] buffer, short offset) { sw = ISO7816.SW_NO_ERROR; + if (params == EC_Consts.PARAMETERS_NONE) { + return sw; + } short length = 0; - short paramMask = EC_Consts.PARAMETER_FP; while (paramMask <= EC_Consts.PARAMETER_S) { short masked = (short) (paramMask & params); @@ -352,11 +372,11 @@ public class ECKeyGenerator { /** * Copies this KeyPairs curve parameters to another ECKeyGenerator. * - * @param from - * @param to - * @param buffer - * @param offset - * @return + * @param from keyPair to copy from + * @param to keyPair to copy to + * @param buffer buffer to use for copying + * @param offset offset to use in buffer + * @return sw */ public short copyCurve(KeyPair from, KeyPair to, byte[] buffer, short offset) { sw = ISO7816.SW_NO_ERROR; diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index dd13fc3..dfdd0f0 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -169,31 +169,6 @@ public class ECTesterApplet extends Applet { apdu.setOutgoingAndSend((short) 0, len); } - /** - * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) - * @param keyLength key length to set - * @param keyClass key class to allocate - * @param buffer apdu buffer - * @param offset offset into apdu buffer - * @return length of data written to the buffer - */ - private short allocate(byte keyPair, short keyLength, byte keyClass, byte[] buffer, short offset) { - short length = 0; - if ((keyPair & KEYPAIR_LOCAL) != 0) { - localKeypair = keyGenerator.allocatePair(keyClass, keyLength); - Util.setShort(buffer, offset, keyGenerator.getSW()); - length += 2; - } - - if ((keyPair & KEYPAIR_REMOTE) != 0) { - remoteKeypair = keyGenerator.allocatePair(keyClass, keyLength); - Util.setShort(buffer, (short) (offset + length), keyGenerator.getSW()); - length += 2; - } - - return length; - } - /** * Sets curve parameters on local and remote keyPairs. * returns setCurve SWs, set params if export @@ -235,6 +210,102 @@ public class ECTesterApplet extends Applet { apdu.setOutgoingAndSend((short) 0, len); } + /** + * Generates the local and remote keyPairs. + * returns generate SWs, pubkey and privkey if export + * + * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) + * P2 = byte export (EXPORT_* | KEYPAIR_*) + */ + private void insGenerate(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte keyPair = apdubuf[ISO7816.OFFSET_P1]; + byte export = apdubuf[ISO7816.OFFSET_P2]; + + short len = 0; + if ((keyPair & KEYPAIR_LOCAL) != 0) + len += generate(localKeypair, apdubuf, (short) 0); + if ((keyPair & KEYPAIR_REMOTE) != 0) + len += generate(remoteKeypair, apdubuf, len); + if ((export & KEYPAIR_LOCAL) != 0) + len += export(localKeypair, export, (short) (EC_Consts.PARAMETER_W | EC_Consts.PARAMETER_S), apdubuf, len); + if ((export & KEYPAIR_REMOTE) != 0) + len += export(remoteKeypair, export, (short) (EC_Consts.PARAMETER_W | EC_Consts.PARAMETER_S), apdubuf, len); + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * Performs ECDH, between the pubkey specified in P1(local/remote) and the privkey specified in P2(local/remote). + * returns deriveSecret SW, if export != 0 => short secretlen, byte[] secret + * + * @param apdu P1 = byte pubkey (KEYPAIR_*) + * P2 = byte privkey (KEYPAIR_*) + * DATA = byte export (EXPORT_ECDH || 0) + * byte invalid (00 = valid, !00 = invalid) + */ + private void insECDH(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte pubkey = apdubuf[ISO7816.OFFSET_P1]; + byte privkey = apdubuf[ISO7816.OFFSET_P2]; + byte export = apdubuf[ISO7816.OFFSET_CDATA]; + byte invalid = apdubuf[(short) (ISO7816.OFFSET_CDATA + 1)]; + + short len = ecdh(pubkey, privkey, export, invalid, apdubuf, (short) 0); + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * Performs ECDSA signature and verification on data provided or random, using the keyPair in P1(local/remote). + * returns ecdsa SW, if export != 0 => short signature_length, byte[] signature + * + * @param apdu P1 = byte keyPair (KEYPAIR_*) + * P2 = byte export (EXPORT_SIG || 0) + * DATA = short dataLength (00 = random data generated, !00 = data length) + * byte[] data + */ + private void insECDSA(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte keyPair = apdubuf[ISO7816.OFFSET_P1]; + byte export = apdubuf[ISO7816.OFFSET_P2]; + + short len = ecdsa(keyPair, export, apdubuf, ISO7816.OFFSET_CDATA, (short) 0); + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) + * @param keyLength key length to set + * @param keyClass key class to allocate + * @param buffer apdu buffer + * @param offset offset into apdu buffer + * @return length of data written to the buffer + */ + private short allocate(byte keyPair, short keyLength, byte keyClass, byte[] buffer, short offset) { + short length = 0; + if ((keyPair & KEYPAIR_LOCAL) != 0) { + localKeypair = keyGenerator.allocatePair(keyClass, keyLength); + Util.setShort(buffer, offset, keyGenerator.getSW()); + length += 2; + } + + if ((keyPair & KEYPAIR_REMOTE) != 0) { + remoteKeypair = keyGenerator.allocatePair(keyClass, keyLength); + Util.setShort(buffer, (short) (offset + length), keyGenerator.getSW()); + length += 2; + } + + return length; + } + /** * @param keyPair KeyPair to set params on * @param curve curve to set (EC_Consts.CURVE_*) @@ -269,33 +340,6 @@ public class ECTesterApplet extends Applet { return 2; } - /** - * Generates the local and remote keyPairs. - * returns generate SWs, pubkey and privkey if export - * - * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) - * P2 = byte export (EXPORT_* | KEYPAIR_*) - */ - private void insGenerate(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte keyPair = apdubuf[ISO7816.OFFSET_P1]; - byte export = apdubuf[ISO7816.OFFSET_P2]; - - short len = 0; - if ((keyPair & KEYPAIR_LOCAL) != 0) - len += generate(localKeypair, apdubuf, (short) 0); - if ((keyPair & KEYPAIR_REMOTE) != 0) - len += generate(remoteKeypair, apdubuf, len); - if ((export & KEYPAIR_LOCAL) != 0) - len += export(localKeypair, export, (short) (EC_Consts.PARAMETER_W | EC_Consts.PARAMETER_S), apdubuf, len); - if ((export & KEYPAIR_REMOTE) != 0) - len += export(remoteKeypair, export, (short) (EC_Consts.PARAMETER_W | EC_Consts.PARAMETER_S), apdubuf, len); - - apdu.setOutgoingAndSend((short) 0, len); - } - /** * @param keyPair KeyPair to generate * @param buffer buffer to write sw to @@ -333,29 +377,6 @@ public class ECTesterApplet extends Applet { return length; } - /** - * Performs ECDH, between the pubkey specified in P1(local/remote) and the privkey specified in P2(local/remote). - * returns deriveSecret SW, if export != 0 => short secretlen, byte[] secret - * - * @param apdu P1 = byte pubkey (KEYPAIR_*) - * P2 = byte privkey (KEYPAIR_*) - * DATA = byte export (EXPORT_ECDH || 0) - * byte invalid (00 = valid, !00 = invalid) - */ - private void insECDH(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte pubkey = apdubuf[ISO7816.OFFSET_P1]; - byte privkey = apdubuf[ISO7816.OFFSET_P2]; - byte export = apdubuf[ISO7816.OFFSET_CDATA]; - byte invalid = apdubuf[(short) (ISO7816.OFFSET_CDATA + 1)]; - - short len = ecdh(pubkey, privkey, export, invalid, apdubuf, (short) 0); - - apdu.setOutgoingAndSend((short) 0, len); - } - /** * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) @@ -391,27 +412,6 @@ public class ECTesterApplet extends Applet { return length; } - /** - * Performs ECDSA signature and verification on data provided or random, using the keyPair in P1(local/remote). - * returns ecdsa SW, if export != 0 => short signature_length, byte[] signature - * - * @param apdu P1 = byte keyPair (KEYPAIR_*) - * P2 = byte export (EXPORT_SIG || 0) - * DATA = short dataLength (00 = random data generated, !00 = data length) - * byte[] data - */ - private void insECDSA(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte keyPair = apdubuf[ISO7816.OFFSET_P1]; - byte export = apdubuf[ISO7816.OFFSET_P2]; - - short len = ecdsa(keyPair, export, apdubuf, ISO7816.OFFSET_CDATA, (short) 0); - - apdu.setOutgoingAndSend((short) 0, len); - } - /** * @param keyPair keyPair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDSA signature diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.txt new file mode 100644 index 0000000..69abf52 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.txt @@ -0,0 +1,7 @@ +E95E4A5F737059DC60DFC7AD95B3D8139515620F, +340E7BE2A280EB74E2BE61BADA745D97E8F7C300, +1E589A8595423412134FAA2DBDEC95C8D8675E58, +BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3, +1667CB477A1A8EC338F94741669C976316DA6321, +E95E4A5F737059DC60DF5991D45029409E60FC09, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.txt new file mode 100644 index 0000000..fadafdf --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.txt @@ -0,0 +1,7 @@ +24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B, +E95E4A5F737059DC60DFC7AD95B3D8139515620C, +7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380, +B199B13B9B34EFC1397E64BAEB05ACC265FF2378, +ADD6718B7C7C1961F0991B842443772152C9E0AD, +E95E4A5F737059DC60DF5991D45029409E60FC09, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.txt new file mode 100644 index 0000000..3e6bed8 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.txt @@ -0,0 +1,7 @@ +C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297, +6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF, +469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9, +C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6, +14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F, +C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.txt new file mode 100644 index 0000000..cd52697 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.txt @@ -0,0 +1,7 @@ +1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB, +C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294, +13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79, +3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129, +97E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9, +C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.txt new file mode 100644 index 0000000..12e536c --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.txt @@ -0,0 +1,7 @@ +D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF, +68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43, +2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B, +D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D, +58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD, +D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.txt new file mode 100644 index 0000000..522d09e --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.txt @@ -0,0 +1,7 @@ +2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F, +D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC, +4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D, +6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580, +374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C, +D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.txt new file mode 100644 index 0000000..e0e50ad --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.txt @@ -0,0 +1,7 @@ +A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377, +7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9, +26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6, +8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262, +547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997, +A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.txt new file mode 100644 index 0000000..f5bb2d6 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.txt @@ -0,0 +1,7 @@ +3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0, +A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374, +662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04, +A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4, +2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE, +A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.txt new file mode 100644 index 0000000..474fa9d --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.txt @@ -0,0 +1,7 @@ +D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27, +3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4, +520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6, +43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611, +14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1, +D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.txt new file mode 100644 index 0000000..d92d52b --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.txt @@ -0,0 +1,7 @@ +15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB7496F3C7B1, +D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24, +A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353, +925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52, +63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3, +D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.txt new file mode 100644 index 0000000..34ed1fc --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.txt @@ -0,0 +1,7 @@ +8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53, +7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826, +4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11, +1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E, +8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315, +8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.txt new file mode 100644 index 0000000..6bb42c9 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.txt @@ -0,0 +1,7 @@ +41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C, +8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50, +7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE, +18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC, +25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928, +8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.txt new file mode 100644 index 0000000..39e205e --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.txt @@ -0,0 +1,7 @@ +AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3, +7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA, +3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723, +81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822, +7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892, +AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069, +1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.txt new file mode 100644 index 0000000..288c2c1 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.txt @@ -0,0 +1,7 @@ +12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB, +AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0, +7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E, +640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA, +5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332, +AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069, +1 diff --git a/src/cz/crcs/ectester/data/ecsp128.txt b/src/cz/crcs/ectester/data/ecsp128.txt deleted file mode 100644 index 29cfe3b..0000000 --- a/src/cz/crcs/ectester/data/ecsp128.txt +++ /dev/null @@ -1,7 +0,0 @@ -cfba21fd0483b1f300fa2506a5a566ef, -36d9a5acac27a008e36cbe3e9f103fde, -a67cf5fa09fb1db902068c87046ae21e, -47d78391a4b9fff6a0db1292f9cd0e6a, -9aed9c92f8bb3dbd42402165a270bd6f, -cfba21fd0483b1f333d61a5af6ada2c7, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp128_pub.txt b/src/cz/crcs/ectester/data/ecsp128_pub.txt deleted file mode 100644 index ee1f34d..0000000 --- a/src/cz/crcs/ectester/data/ecsp128_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -63901e122761d9c16565b2f38e991f71, -b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp160.txt b/src/cz/crcs/ectester/data/ecsp160.txt deleted file mode 100644 index 49824d9..0000000 --- a/src/cz/crcs/ectester/data/ecsp160.txt +++ /dev/null @@ -1,7 +0,0 @@ -dc13490ff9857b111f44c0500770a6457e683223, -a3ecd7d51e79d72d2700184c795aa8a6b8e66573, -8ac43592905f995cb13f3694317bf470adafb645, -5f8e88afc117c722859fe8e55647bca69ba82150, -93e6dcaee271e9f2838c98b7d06eccc5d7c800e5, -dc13490ff9857b111f446ef4a6d1e1715f6a6dff, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp160_pub.txt b/src/cz/crcs/ectester/data/ecsp160_pub.txt deleted file mode 100644 index e2e164e..0000000 --- a/src/cz/crcs/ectester/data/ecsp160_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -59c9c3c8aef29f1c1c500cafb4726da6086e6eb0, -d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp192.txt b/src/cz/crcs/ectester/data/ecsp192.txt deleted file mode 100644 index ccb5537..0000000 --- a/src/cz/crcs/ectester/data/ecsp192.txt +++ /dev/null @@ -1,7 +0,0 @@ -ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3, -597c781f64c33eb8ef919c415911518ea323be88b9437caf, -f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320, -150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067, -843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f, -ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp192_pub.txt b/src/cz/crcs/ectester/data/ecsp192_pub.txt deleted file mode 100644 index ec7f822..0000000 --- a/src/cz/crcs/ectester/data/ecsp192_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541, -6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp224.txt b/src/cz/crcs/ectester/data/ecsp224.txt deleted file mode 100644 index 894e669..0000000 --- a/src/cz/crcs/ectester/data/ecsp224.txt +++ /dev/null @@ -1,7 +0,0 @@ -eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb, -8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282, -46873614be3dffc9218082322210c0616140286f2d160503c1a9250d, -961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36, -1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd, -eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp224_pub.txt b/src/cz/crcs/ectester/data/ecsp224_pub.txt deleted file mode 100644 index 0999b99..0000000 --- a/src/cz/crcs/ectester/data/ecsp224_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04, -257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp256.txt b/src/cz/crcs/ectester/data/ecsp256.txt deleted file mode 100644 index 17387a6..0000000 --- a/src/cz/crcs/ectester/data/ecsp256.txt +++ /dev/null @@ -1,7 +0,0 @@ -c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445, -4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71, -1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880, -a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7, -98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e, -c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp256_pub.txt b/src/cz/crcs/ectester/data/ecsp256_pub.txt deleted file mode 100644 index a8f0492..0000000 --- a/src/cz/crcs/ectester/data/ecsp256_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653, -55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp384.txt b/src/cz/crcs/ectester/data/ecsp384.txt deleted file mode 100644 index 9acae3f..0000000 --- a/src/cz/crcs/ectester/data/ecsp384.txt +++ /dev/null @@ -1,7 +0,0 @@ -d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b, -45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906, -d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4, -2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec, -ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933, -d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp384_pub.txt b/src/cz/crcs/ectester/data/ecsp384_pub.txt deleted file mode 100644 index 4eb4a96..0000000 --- a/src/cz/crcs/ectester/data/ecsp384_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1, -38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp521.txt b/src/cz/crcs/ectester/data/ecsp521.txt deleted file mode 100644 index 1d36bd7..0000000 --- a/src/cz/crcs/ectester/data/ecsp521.txt +++ /dev/null @@ -1,7 +0,0 @@ -01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f, -00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e, -004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6, -01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa, -00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66, -01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/ecsp521_pub.txt b/src/cz/crcs/ectester/data/ecsp521_pub.txt deleted file mode 100644 index 0e3f320..0000000 --- a/src/cz/crcs/ectester/data/ecsp521_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389, -0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p192.txt b/src/cz/crcs/ectester/data/nist/p192.txt new file mode 100644 index 0000000..0402da7 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p192.txt @@ -0,0 +1,7 @@ +fffffffffffffffffffffffffffffffeffffffffffffffff, +fffffffffffffffffffffffffffffffefffffffffffffffc, +64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1, +188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012, +07192b95ffc8da78631011ed6b24cdd573f977a11e794811, +ffffffffffffffffffffffff99def836146bc9b1b4d22831, +1 diff --git a/src/cz/crcs/ectester/data/nist/p224.txt b/src/cz/crcs/ectester/data/nist/p224.txt new file mode 100644 index 0000000..8dca9fe --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p224.txt @@ -0,0 +1,7 @@ +ffffffffffffffffffffffffffffffff000000000000000000000001, +fffffffffffffffffffffffffffffffefffffffffffffffffffffffe, +b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4, +b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21, +bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34, +ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d, +1 diff --git a/src/cz/crcs/ectester/data/nist/p256.txt b/src/cz/crcs/ectester/data/nist/p256.txt new file mode 100644 index 0000000..bc67187 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p256.txt @@ -0,0 +1,7 @@ +ffffffff00000001000000000000000000000000ffffffffffffffffffffffff, +ffffffff00000001000000000000000000000000fffffffffffffffffffffffc, +5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b, +6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296, +4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5, +ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551, +1 diff --git a/src/cz/crcs/ectester/data/nist/p384.txt b/src/cz/crcs/ectester/data/nist/p384.txt new file mode 100644 index 0000000..7808451 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p384.txt @@ -0,0 +1,7 @@ +fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff, +fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc, +b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef, +aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7, +3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f, +ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973, +1 diff --git a/src/cz/crcs/ectester/data/nist/p521.txt b/src/cz/crcs/ectester/data/nist/p521.txt new file mode 100644 index 0000000..df7c46d --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p521.txt @@ -0,0 +1,7 @@ +1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff, +1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc, +051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00, +c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66, +11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650, +1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409, +1 diff --git a/src/cz/crcs/ectester/data/secg/secp192k1.txt b/src/cz/crcs/ectester/data/secg/secp192k1.txt new file mode 100644 index 0000000..c408b5e --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp192k1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFEE37, +00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000003, +DB4FF10E C057E9AE 26B07D02 80B7F434 1DA5D1B1 EAE06C7D, +9B2F2F6D 9C5628A7 844163D0 15BE8634 4082AA88 D95E2F9D, +FFFFFFFF FFFFFFFF FFFFFFFE 26F2FC17 0F69466A 74DEFD8D, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp192r1.txt b/src/cz/crcs/ectester/data/secg/secp192r1.txt new file mode 100644 index 0000000..29305b0 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp192r1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFC, +64210519 E59C80E7 0FA7E9AB 72243049 FEB8DEEC C146B9B1, +188DA80E B03090F6 7CBF20EB 43A18800 F4FF0AFD 82FF1012, +07192B95 FFC8DA78 631011ED 6B24CDD5 73F977A1 1E794811, +FFFFFFFF FFFFFFFF FFFFFFFF 99DEF836 146BC9B1 B4D22831, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp224r1.txt b/src/cz/crcs/ectester/data/secg/secp224r1.txt new file mode 100644 index 0000000..f8f592e --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp224r1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 00000000 00000000 00000001, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF FFFFFFFE, +B4050A85 0C04B3AB F5413256 5044B0B7 D7BFD8BA 270B3943 2355FFB4, +B70E0CBD 6BB4BF7F 321390B9 4A03C1D3 56C21122 343280D6 115C1D21, +BD376388 B5F723FB 4C22DFE6 CD4375A0 5A074764 44D58199 85007E34, +FFFFFFFF FFFFFFFF FFFFFFFF FFFF16A2 E0B8F03E 13DD2945 5C5C2A3D, +1 diff --git a/src/cz/crcs/ectester/data/secg/secp256k1.txt b/src/cz/crcs/ectester/data/secg/secp256k1.txt new file mode 100644 index 0000000..19eeef7 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp256k1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000007, +79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798, +483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141, +1 diff --git a/src/cz/crcs/ectester/data/secg/secp256r1.txt b/src/cz/crcs/ectester/data/secg/secp256r1.txt new file mode 100644 index 0000000..060f5aa --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp256r1.txt @@ -0,0 +1,7 @@ +FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFF, +FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFC, +5AC635D8 AA3A93E7 B3EBBD55 769886BC 651D06B0 CC53B0F6 3BCE3C3E 27D2604B, +6B17D1F2 E12C4247 F8BCE6E5 63A440F2 77037D81 2DEB33A0 F4A13945 D898C296, +4FE342E2 FE1A7F9B 8EE7EB4A 7C0F9E16 2BCE3357 6B315ECE CBB64068 37BF51F5, +FFFFFFFF 00000000 FFFFFFFF FFFFFFFF BCE6FAAD A7179E84 F3B9CAC2 FC632551, +1 diff --git a/src/cz/crcs/ectester/data/secg/secp384r1.txt b/src/cz/crcs/ectester/data/secg/secp384r1.txt new file mode 100644 index 0000000..08472ae --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp384r1.txt @@ -0,0 +1,7 @@ +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFF, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFC, +B3312FA7 E23EE7E4 988E056B E3F82D19 181D9C6E FE814112 0314088F 5013875A C656398D 8A2ED19D 2A85C8ED D3EC2AEF, +AA87CA22 BE8B0537 8EB1C71E F320AD74 6E1D3B62 8BA79B98 59F741E0 82542A38 5502F25D BF55296C 3A545E38 72760AB7, +3617DE4A 96262C6F 5D9E98BF 9292DC29 F8F41DBD 289A147C E9DA3113 B5F0B8C0 0A60B1CE 1D7E819D 7A431D7C 90EA0E5F, +FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF C7634D81 F4372DDF 581A0DB2 48B0A77A ECEC196A CCC52973, +1 diff --git a/src/cz/crcs/ectester/data/secg/secp521r1.txt b/src/cz/crcs/ectester/data/secg/secp521r1.txt new file mode 100644 index 0000000..9e0f5d3 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp521r1.txt @@ -0,0 +1,7 @@ +01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF, +01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFC, +0051 953EB961 8E1C9A1F 929A21A0 B68540EE A2DA725B 99B315F3 B8B48991 8EF109E1 56193951 EC7E937B 1652C0BD 3BB1BF07 3573DF88 3D2C34F1 EF451FD4 6B503F00, +00C6 858E06B7 0404E9CD 9E3ECB66 2395B442 9C648139 053FB521 F828AF60 6B4D3DBA A14B5E77 EFE75928 FE1DC127 A2FFA8DE 3348B3C1 856A429B F97E7E31 C2E5BD66, +0118 39296A78 9A3BC004 5C8A5FB4 2C7D1BD9 98F54449 579B4468 17AFBD17 273E662C 97EE7299 5EF42640 C550B901 3FAD0761 353C7086 A272C240 88BE9476 9FD16650, +01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFA 51868783 BF2F966B 7FCC0148 F709A5D0 3BB5C9B8 899C47AE BB6FB71E 91386409, +1 diff --git a/src/cz/crcs/ectester/data/secg/sect163k1.txt b/src/cz/crcs/ectester/data/secg/sect163k1.txt new file mode 100644 index 0000000..6e5142e --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect163k1.txt @@ -0,0 +1,9 @@ +0007, +0006, +0003, +00 00000000 00000000 00000000 00000000 00000001, +00 00000000 00000000 00000000 00000000 00000001, +02 FE13C053 7BBC11AC AA07D793 DE4E6D5E 5C94EEE8, +02 89070FB0 5D38FF58 321F2E80 0536D538 CCDAA3D9, +04 00000000 00000000 00020108 A2E0CC0D 99F8A5EF, +2 diff --git a/src/cz/crcs/ectester/data/secg/sect163r1.txt b/src/cz/crcs/ectester/data/secg/sect163r1.txt new file mode 100644 index 0000000..879f79b --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect163r1.txt @@ -0,0 +1,9 @@ +0007, +0006, +0003, +07 B6882CAA EFA84F95 54FF8428 BD88E246 D2782AE2, +07 13612DCD DCB40AAB 946BDA29 CA91F73A F958AFD9, +03 69979697 AB438977 89566789 567F787A 7876A654, +00 435EDB42 EFAFB298 9D51FEFC E3C80988 F41FF883, +03 FFFFFFFF FFFFFFFF FFFF48AA B689C29C A710279B, +2 diff --git a/src/cz/crcs/ectester/data/secg/sect163r2.txt b/src/cz/crcs/ectester/data/secg/sect163r2.txt new file mode 100644 index 0000000..eb7d453 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect163r2.txt @@ -0,0 +1,9 @@ +0007, +0006, +0003, +00 00000000 00000000 00000000 00000000 00000001, +02 0A601907 B8C953CA 1481EB10 512F7874 4A3205FD, +03 F0EBA162 86A2D57E A0991168 D4994637 E8343E36, +00 D51FBC6C 71A0094F A2CDD545 B11C5C0C 797324F1, +04 00000000 00000000 000292FE 77E70C12 A4234C33, +2 diff --git a/src/cz/crcs/ectester/data/secg/sect233k1.txt b/src/cz/crcs/ectester/data/secg/sect233k1.txt new file mode 100644 index 0000000..b85fef0 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect233k1.txt @@ -0,0 +1,7 @@ +004A, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0172 32BA853A 7E731AF1 29F22FF4 149563A4 19C26BF5 0A4C9D6E EFAD6126, +01DB 537DECE8 19B7F70F 555A67C4 27A8CD9B F18AEB9B 56E0C110 56FAE6A3, +80 00000000 00000000 00000000 00069D5B B915BCD4 6EFB1AD5 F173ABDF, +4 diff --git a/src/cz/crcs/ectester/data/secg/sect233r1.txt b/src/cz/crcs/ectester/data/secg/sect233r1.txt new file mode 100644 index 0000000..d0c6f14 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect233r1.txt @@ -0,0 +1,7 @@ +004A, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0066 647EDE6C 332C7F8C 0923BB58 213B333B 20E9CE42 81FE115F 7D8F90AD, +00FA C9DFCBAC 8313BB21 39F1BB75 5FEF65BC 391F8B36 F8F8EB73 71FD558B, +0100 6A08A419 03350678 E58528BE BF8A0BEF F867A7CA 36716F7E 01F81052, +0100 00000000 00000000 00000000 0013E974 E72F8A69 22031D26 03CFE0D7, +2 diff --git a/src/cz/crcs/ectester/data/secg/sect239k1.txt b/src/cz/crcs/ectester/data/secg/sect239k1.txt new file mode 100644 index 0000000..d01bb08 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect239k1.txt @@ -0,0 +1,7 @@ +009E, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +29A0 B6A887A9 83E97309 88A68727 A8B2D126 C44CC2CC 7B2A6555 193035DC, +7631 0804F12E 549BDB01 1C103089 E73510AC B275FC31 2A5DC6B7 6553F0CA, +2000 00000000 00000000 00000000 005A79FE C67CB6E9 1F1C1DA8 00E478A5, +4 diff --git a/src/cz/crcs/ectester/data/secg/sect283k1.txt b/src/cz/crcs/ectester/data/secg/sect283k1.txt new file mode 100644 index 0000000..cc62698 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect283k1.txt @@ -0,0 +1,9 @@ +000C, +0007, +0005, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0503213F 78CA4488 3F1A3B81 62F188E5 53CD265F 23C1567A 16876913 B0C2AC24 58492836, +01CCDA38 0F1C9E31 8D90F95D 07E5426F E87E45C0 E8184698 E4596236 4E341161 77DD2259, +01FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFE9AE 2ED07577 265DFF7F 94451E06 1E163C61, +4 diff --git a/src/cz/crcs/ectester/data/secg/sect283r1.txt b/src/cz/crcs/ectester/data/secg/sect283r1.txt new file mode 100644 index 0000000..27e2ff2 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect283r1.txt @@ -0,0 +1,9 @@ +000C, +0007, +0005, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +027B680A C8B8596D A5A4AF8A 19A0303F CA97FD76 45309FA2 A581485A F6263E31 3B79A2F5, +05F93925 8DB7DD90 E1934F8C 70B0DFEC 2EED25B8 557EAC9C 80E2E198 F8CDBECD 86B12053, +03676854 FE24141C B98FE6D4 B20D02B4 516FF702 350EDDB0 826779C8 13F0DF45 BE8112F4, +03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFEF90 399660FC 938A9016 5B042A7C EFADB307, +2 diff --git a/src/cz/crcs/ectester/data/secg/sect409k1.txt b/src/cz/crcs/ectester/data/secg/sect409k1.txt new file mode 100644 index 0000000..aeb2e76 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect409k1.txt @@ -0,0 +1,7 @@ +0057, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0060F05F 658F49C1 AD3AB189 0F718421 0EFD0987 E307C84C 27ACCFB8 F9F67CC2 C460189E B5AAAA62 EE222EB1 B35540CF E9023746, +01E36905 0B7C4E42 ACBA1DAC BF04299C 3460782F 918EA427 E6325165 E9EA10E3 DA5F6C42 E9C55215 AA9CA27A 5863EC48 D8E0286B, +7FFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFE5F 83B2D4EA 20400EC4 557D5ED3 E3E7CA5B 4B5C83B8 E01E5FCF, +4 diff --git a/src/cz/crcs/ectester/data/secg/sect409r1.txt b/src/cz/crcs/ectester/data/secg/sect409r1.txt new file mode 100644 index 0000000..5ac19dc --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect409r1.txt @@ -0,0 +1,7 @@ +0057, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +0021A5C2 C8EE9FEB 5C4B9A75 3B7B476B 7FD6422E F1F3DD67 4761FA99 D6AC27C8 A9A197B2 72822F6C D57A55AA 4F50AE31 7B13545F, +015D4860 D088DDB3 496B0C60 64756260 441CDE4A F1771D4D B01FFE5B 34E59703 DC255A86 8A118051 5603AEAB 60794E54 BB7996A7, +0061B1CF AB6BE5F3 2BBFA783 24ED106A 7636B9C5 A7BD198D 0158AA4F 5488D08F 38514F1F DF4B4F40 D2181B36 81C364BA 0273C706, +01000000 00000000 00000000 00000000 00000000 00000000 000001E2 AAD6A612 F33307BE 5FA47C3C 9E052F83 8164CD37 D9A21173, +2 diff --git a/src/cz/crcs/ectester/data/secg/sect571k1.txt b/src/cz/crcs/ectester/data/secg/sect571k1.txt new file mode 100644 index 0000000..7d5fdf4 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect571k1.txt @@ -0,0 +1,9 @@ +000A, +0005, +0002, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +026EB7A8 59923FBC 82189631 F8103FE4 AC9CA297 0012D5D4 60248048 01841CA4 43709584 93B205E6 47DA304D B4CEB08C BBD1BA39 494776FB 988B4717 4DCA88C7 E2945283 A01C8972, +0349DC80 7F4FBF37 4F4AEADE 3BCA9531 4DD58CEC 9F307A54 FFC61EFC 006D8A2C 9D4979C0 AC44AEA7 4FBEBBB9 F772AEDC B620B01A 7BA7AF1B 320430C8 591984F6 01CD4C14 3EF1C7A3, +02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850E1 F19A63E4 B391A8DB 917F4138 B630D84B E5D63938 1E91DEB4 5CFE778F 637C1001, +4 diff --git a/src/cz/crcs/ectester/data/secg/sect571r1.txt b/src/cz/crcs/ectester/data/secg/sect571r1.txt new file mode 100644 index 0000000..850f0b9 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect571r1.txt @@ -0,0 +1,9 @@ +000A, +0005, +0002, +00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, +02F40E7E 2221F295 DE297117 B7F3D62F 5C6A97FF CB8CEFF1 CD6BA8CE 4A9A18AD 84FFABBD 8EFA5933 2BE7AD67 56A66E29 4AFD185A 78FF12AA 520E4DE7 39BACA0C 7FFEFF7F 2955727A, +0303001D 34B85629 6C16C0D4 0D3CD775 0A93D1D2 955FA80A A5F40FC8 DB7B2ABD BDE53950 F4C0D293 CDD711A3 5B67FB14 99AE6003 8614F139 4ABFA3B4 C850D927 E1E7769C 8EEC2D19, +037BF273 42DA639B 6DCCFFFE B73D69D7 8C6C27A6 009CBBCA 1980F853 3921E8A6 84423E43 BAB08A57 6291AF8F 461BB2A8 B3531D2F 0485C19B 16E2F151 6E23DD3C 1A4827AF 1B8AC15B, +03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF E661CE18 FF559873 08059B18 6823851E C7DD9CA1 161DE93D 5174D66E 8382E9BB 2FE84E47, +2 diff --git a/src/cz/crcs/ectester/data/secp192k1.txt b/src/cz/crcs/ectester/data/secp192k1.txt deleted file mode 100644 index c408b5e..0000000 --- a/src/cz/crcs/ectester/data/secp192k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFEE37, -00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000003, -DB4FF10E C057E9AE 26B07D02 80B7F434 1DA5D1B1 EAE06C7D, -9B2F2F6D 9C5628A7 844163D0 15BE8634 4082AA88 D95E2F9D, -FFFFFFFF FFFFFFFF FFFFFFFE 26F2FC17 0F69466A 74DEFD8D, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp192r1.txt b/src/cz/crcs/ectester/data/secp192r1.txt deleted file mode 100644 index 29305b0..0000000 --- a/src/cz/crcs/ectester/data/secp192r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFC, -64210519 E59C80E7 0FA7E9AB 72243049 FEB8DEEC C146B9B1, -188DA80E B03090F6 7CBF20EB 43A18800 F4FF0AFD 82FF1012, -07192B95 FFC8DA78 631011ED 6B24CDD5 73F977A1 1E794811, -FFFFFFFF FFFFFFFF FFFFFFFF 99DEF836 146BC9B1 B4D22831, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secp224r1.txt b/src/cz/crcs/ectester/data/secp224r1.txt deleted file mode 100644 index f8f592e..0000000 --- a/src/cz/crcs/ectester/data/secp224r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 00000000 00000000 00000001, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF FFFFFFFE, -B4050A85 0C04B3AB F5413256 5044B0B7 D7BFD8BA 270B3943 2355FFB4, -B70E0CBD 6BB4BF7F 321390B9 4A03C1D3 56C21122 343280D6 115C1D21, -BD376388 B5F723FB 4C22DFE6 CD4375A0 5A074764 44D58199 85007E34, -FFFFFFFF FFFFFFFF FFFFFFFF FFFF16A2 E0B8F03E 13DD2945 5C5C2A3D, -1 diff --git a/src/cz/crcs/ectester/data/secp256k1.txt b/src/cz/crcs/ectester/data/secp256k1.txt deleted file mode 100644 index 19eeef7..0000000 --- a/src/cz/crcs/ectester/data/secp256k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000007, -79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798, -483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141, -1 diff --git a/src/cz/crcs/ectester/data/secp256r1.txt b/src/cz/crcs/ectester/data/secp256r1.txt deleted file mode 100644 index 060f5aa..0000000 --- a/src/cz/crcs/ectester/data/secp256r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFF, -FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFC, -5AC635D8 AA3A93E7 B3EBBD55 769886BC 651D06B0 CC53B0F6 3BCE3C3E 27D2604B, -6B17D1F2 E12C4247 F8BCE6E5 63A440F2 77037D81 2DEB33A0 F4A13945 D898C296, -4FE342E2 FE1A7F9B 8EE7EB4A 7C0F9E16 2BCE3357 6B315ECE CBB64068 37BF51F5, -FFFFFFFF 00000000 FFFFFFFF FFFFFFFF BCE6FAAD A7179E84 F3B9CAC2 FC632551, -1 diff --git a/src/cz/crcs/ectester/data/secp384r1.txt b/src/cz/crcs/ectester/data/secp384r1.txt deleted file mode 100644 index 08472ae..0000000 --- a/src/cz/crcs/ectester/data/secp384r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFF, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFC, -B3312FA7 E23EE7E4 988E056B E3F82D19 181D9C6E FE814112 0314088F 5013875A C656398D 8A2ED19D 2A85C8ED D3EC2AEF, -AA87CA22 BE8B0537 8EB1C71E F320AD74 6E1D3B62 8BA79B98 59F741E0 82542A38 5502F25D BF55296C 3A545E38 72760AB7, -3617DE4A 96262C6F 5D9E98BF 9292DC29 F8F41DBD 289A147C E9DA3113 B5F0B8C0 0A60B1CE 1D7E819D 7A431D7C 90EA0E5F, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF C7634D81 F4372DDF 581A0DB2 48B0A77A ECEC196A CCC52973, -1 diff --git a/src/cz/crcs/ectester/data/secp521r1.txt b/src/cz/crcs/ectester/data/secp521r1.txt deleted file mode 100644 index 9e0f5d3..0000000 --- a/src/cz/crcs/ectester/data/secp521r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF, -01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFC, -0051 953EB961 8E1C9A1F 929A21A0 B68540EE A2DA725B 99B315F3 B8B48991 8EF109E1 56193951 EC7E937B 1652C0BD 3BB1BF07 3573DF88 3D2C34F1 EF451FD4 6B503F00, -00C6 858E06B7 0404E9CD 9E3ECB66 2395B442 9C648139 053FB521 F828AF60 6B4D3DBA A14B5E77 EFE75928 FE1DC127 A2FFA8DE 3348B3C1 856A429B F97E7E31 C2E5BD66, -0118 39296A78 9A3BC004 5C8A5FB4 2C7D1BD9 98F54449 579B4468 17AFBD17 273E662C 97EE7299 5EF42640 C550B901 3FAD0761 353C7086 A272C240 88BE9476 9FD16650, -01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFA 51868783 BF2F966B 7FCC0148 F709A5D0 3BB5C9B8 899C47AE BB6FB71E 91386409, -1 diff --git a/src/cz/crcs/ectester/data/sect163k1.txt b/src/cz/crcs/ectester/data/sect163k1.txt deleted file mode 100644 index 6e5142e..0000000 --- a/src/cz/crcs/ectester/data/sect163k1.txt +++ /dev/null @@ -1,9 +0,0 @@ -0007, -0006, -0003, -00 00000000 00000000 00000000 00000000 00000001, -00 00000000 00000000 00000000 00000000 00000001, -02 FE13C053 7BBC11AC AA07D793 DE4E6D5E 5C94EEE8, -02 89070FB0 5D38FF58 321F2E80 0536D538 CCDAA3D9, -04 00000000 00000000 00020108 A2E0CC0D 99F8A5EF, -2 diff --git a/src/cz/crcs/ectester/data/sect163r1.txt b/src/cz/crcs/ectester/data/sect163r1.txt deleted file mode 100644 index 879f79b..0000000 --- a/src/cz/crcs/ectester/data/sect163r1.txt +++ /dev/null @@ -1,9 +0,0 @@ -0007, -0006, -0003, -07 B6882CAA EFA84F95 54FF8428 BD88E246 D2782AE2, -07 13612DCD DCB40AAB 946BDA29 CA91F73A F958AFD9, -03 69979697 AB438977 89566789 567F787A 7876A654, -00 435EDB42 EFAFB298 9D51FEFC E3C80988 F41FF883, -03 FFFFFFFF FFFFFFFF FFFF48AA B689C29C A710279B, -2 diff --git a/src/cz/crcs/ectester/data/sect163r2.txt b/src/cz/crcs/ectester/data/sect163r2.txt deleted file mode 100644 index eb7d453..0000000 --- a/src/cz/crcs/ectester/data/sect163r2.txt +++ /dev/null @@ -1,9 +0,0 @@ -0007, -0006, -0003, -00 00000000 00000000 00000000 00000000 00000001, -02 0A601907 B8C953CA 1481EB10 512F7874 4A3205FD, -03 F0EBA162 86A2D57E A0991168 D4994637 E8343E36, -00 D51FBC6C 71A0094F A2CDD545 B11C5C0C 797324F1, -04 00000000 00000000 000292FE 77E70C12 A4234C33, -2 diff --git a/src/cz/crcs/ectester/data/sect233k1.txt b/src/cz/crcs/ectester/data/sect233k1.txt deleted file mode 100644 index b85fef0..0000000 --- a/src/cz/crcs/ectester/data/sect233k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -004A, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0172 32BA853A 7E731AF1 29F22FF4 149563A4 19C26BF5 0A4C9D6E EFAD6126, -01DB 537DECE8 19B7F70F 555A67C4 27A8CD9B F18AEB9B 56E0C110 56FAE6A3, -80 00000000 00000000 00000000 00069D5B B915BCD4 6EFB1AD5 F173ABDF, -4 diff --git a/src/cz/crcs/ectester/data/sect233r1.txt b/src/cz/crcs/ectester/data/sect233r1.txt deleted file mode 100644 index d0c6f14..0000000 --- a/src/cz/crcs/ectester/data/sect233r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -004A, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0066 647EDE6C 332C7F8C 0923BB58 213B333B 20E9CE42 81FE115F 7D8F90AD, -00FA C9DFCBAC 8313BB21 39F1BB75 5FEF65BC 391F8B36 F8F8EB73 71FD558B, -0100 6A08A419 03350678 E58528BE BF8A0BEF F867A7CA 36716F7E 01F81052, -0100 00000000 00000000 00000000 0013E974 E72F8A69 22031D26 03CFE0D7, -2 diff --git a/src/cz/crcs/ectester/data/sect239k1.txt b/src/cz/crcs/ectester/data/sect239k1.txt deleted file mode 100644 index d01bb08..0000000 --- a/src/cz/crcs/ectester/data/sect239k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -009E, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -29A0 B6A887A9 83E97309 88A68727 A8B2D126 C44CC2CC 7B2A6555 193035DC, -7631 0804F12E 549BDB01 1C103089 E73510AC B275FC31 2A5DC6B7 6553F0CA, -2000 00000000 00000000 00000000 005A79FE C67CB6E9 1F1C1DA8 00E478A5, -4 diff --git a/src/cz/crcs/ectester/data/sect283k1.txt b/src/cz/crcs/ectester/data/sect283k1.txt deleted file mode 100644 index cc62698..0000000 --- a/src/cz/crcs/ectester/data/sect283k1.txt +++ /dev/null @@ -1,9 +0,0 @@ -000C, -0007, -0005, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0503213F 78CA4488 3F1A3B81 62F188E5 53CD265F 23C1567A 16876913 B0C2AC24 58492836, -01CCDA38 0F1C9E31 8D90F95D 07E5426F E87E45C0 E8184698 E4596236 4E341161 77DD2259, -01FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFE9AE 2ED07577 265DFF7F 94451E06 1E163C61, -4 diff --git a/src/cz/crcs/ectester/data/sect283r1.txt b/src/cz/crcs/ectester/data/sect283r1.txt deleted file mode 100644 index 27e2ff2..0000000 --- a/src/cz/crcs/ectester/data/sect283r1.txt +++ /dev/null @@ -1,9 +0,0 @@ -000C, -0007, -0005, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -027B680A C8B8596D A5A4AF8A 19A0303F CA97FD76 45309FA2 A581485A F6263E31 3B79A2F5, -05F93925 8DB7DD90 E1934F8C 70B0DFEC 2EED25B8 557EAC9C 80E2E198 F8CDBECD 86B12053, -03676854 FE24141C B98FE6D4 B20D02B4 516FF702 350EDDB0 826779C8 13F0DF45 BE8112F4, -03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFEF90 399660FC 938A9016 5B042A7C EFADB307, -2 diff --git a/src/cz/crcs/ectester/data/sect409k1.txt b/src/cz/crcs/ectester/data/sect409k1.txt deleted file mode 100644 index aeb2e76..0000000 --- a/src/cz/crcs/ectester/data/sect409k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -0057, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0060F05F 658F49C1 AD3AB189 0F718421 0EFD0987 E307C84C 27ACCFB8 F9F67CC2 C460189E B5AAAA62 EE222EB1 B35540CF E9023746, -01E36905 0B7C4E42 ACBA1DAC BF04299C 3460782F 918EA427 E6325165 E9EA10E3 DA5F6C42 E9C55215 AA9CA27A 5863EC48 D8E0286B, -7FFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFE5F 83B2D4EA 20400EC4 557D5ED3 E3E7CA5B 4B5C83B8 E01E5FCF, -4 diff --git a/src/cz/crcs/ectester/data/sect409r1.txt b/src/cz/crcs/ectester/data/sect409r1.txt deleted file mode 100644 index 5ac19dc..0000000 --- a/src/cz/crcs/ectester/data/sect409r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -0057, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0021A5C2 C8EE9FEB 5C4B9A75 3B7B476B 7FD6422E F1F3DD67 4761FA99 D6AC27C8 A9A197B2 72822F6C D57A55AA 4F50AE31 7B13545F, -015D4860 D088DDB3 496B0C60 64756260 441CDE4A F1771D4D B01FFE5B 34E59703 DC255A86 8A118051 5603AEAB 60794E54 BB7996A7, -0061B1CF AB6BE5F3 2BBFA783 24ED106A 7636B9C5 A7BD198D 0158AA4F 5488D08F 38514F1F DF4B4F40 D2181B36 81C364BA 0273C706, -01000000 00000000 00000000 00000000 00000000 00000000 000001E2 AAD6A612 F33307BE 5FA47C3C 9E052F83 8164CD37 D9A21173, -2 diff --git a/src/cz/crcs/ectester/data/sect571k1.txt b/src/cz/crcs/ectester/data/sect571k1.txt deleted file mode 100644 index 7d5fdf4..0000000 --- a/src/cz/crcs/ectester/data/sect571k1.txt +++ /dev/null @@ -1,9 +0,0 @@ -000A, -0005, -0002, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -026EB7A8 59923FBC 82189631 F8103FE4 AC9CA297 0012D5D4 60248048 01841CA4 43709584 93B205E6 47DA304D B4CEB08C BBD1BA39 494776FB 988B4717 4DCA88C7 E2945283 A01C8972, -0349DC80 7F4FBF37 4F4AEADE 3BCA9531 4DD58CEC 9F307A54 FFC61EFC 006D8A2C 9D4979C0 AC44AEA7 4FBEBBB9 F772AEDC B620B01A 7BA7AF1B 320430C8 591984F6 01CD4C14 3EF1C7A3, -02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850E1 F19A63E4 B391A8DB 917F4138 B630D84B E5D63938 1E91DEB4 5CFE778F 637C1001, -4 diff --git a/src/cz/crcs/ectester/data/sect571r1.txt b/src/cz/crcs/ectester/data/sect571r1.txt deleted file mode 100644 index 850f0b9..0000000 --- a/src/cz/crcs/ectester/data/sect571r1.txt +++ /dev/null @@ -1,9 +0,0 @@ -000A, -0005, -0002, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -02F40E7E 2221F295 DE297117 B7F3D62F 5C6A97FF CB8CEFF1 CD6BA8CE 4A9A18AD 84FFABBD 8EFA5933 2BE7AD67 56A66E29 4AFD185A 78FF12AA 520E4DE7 39BACA0C 7FFEFF7F 2955727A, -0303001D 34B85629 6C16C0D4 0D3CD775 0A93D1D2 955FA80A A5F40FC8 DB7B2ABD BDE53950 F4C0D293 CDD711A3 5B67FB14 99AE6003 8614F139 4ABFA3B4 C850D927 E1E7769C 8EEC2D19, -037BF273 42DA639B 6DCCFFFE B73D69D7 8C6C27A6 009CBBCA 1980F853 3921E8A6 84423E43 BAB08A57 6291AF8F 461BB2A8 B3531D2F 0485C19B 16E2F151 6E23DD3C 1A4827AF 1B8AC15B, -03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF E661CE18 FF559873 08059B18 6823851E C7DD9CA1 161DE93D 5174D66E 8382E9BB 2FE84E47, -2 diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp128.txt b/src/cz/crcs/ectester/data/smallpub/ecsp128.txt new file mode 100644 index 0000000..29cfe3b --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp128.txt @@ -0,0 +1,7 @@ +cfba21fd0483b1f300fa2506a5a566ef, +36d9a5acac27a008e36cbe3e9f103fde, +a67cf5fa09fb1db902068c87046ae21e, +47d78391a4b9fff6a0db1292f9cd0e6a, +9aed9c92f8bb3dbd42402165a270bd6f, +cfba21fd0483b1f333d61a5af6ada2c7, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt new file mode 100644 index 0000000..ee1f34d --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt @@ -0,0 +1,2 @@ +63901e122761d9c16565b2f38e991f71, +b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp160.txt b/src/cz/crcs/ectester/data/smallpub/ecsp160.txt new file mode 100644 index 0000000..49824d9 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp160.txt @@ -0,0 +1,7 @@ +dc13490ff9857b111f44c0500770a6457e683223, +a3ecd7d51e79d72d2700184c795aa8a6b8e66573, +8ac43592905f995cb13f3694317bf470adafb645, +5f8e88afc117c722859fe8e55647bca69ba82150, +93e6dcaee271e9f2838c98b7d06eccc5d7c800e5, +dc13490ff9857b111f446ef4a6d1e1715f6a6dff, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt new file mode 100644 index 0000000..e2e164e --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt @@ -0,0 +1,2 @@ +59c9c3c8aef29f1c1c500cafb4726da6086e6eb0, +d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp192.txt b/src/cz/crcs/ectester/data/smallpub/ecsp192.txt new file mode 100644 index 0000000..ccb5537 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp192.txt @@ -0,0 +1,7 @@ +ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3, +597c781f64c33eb8ef919c415911518ea323be88b9437caf, +f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320, +150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067, +843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f, +ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt new file mode 100644 index 0000000..ec7f822 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt @@ -0,0 +1,2 @@ +17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541, +6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp224.txt b/src/cz/crcs/ectester/data/smallpub/ecsp224.txt new file mode 100644 index 0000000..894e669 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp224.txt @@ -0,0 +1,7 @@ +eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb, +8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282, +46873614be3dffc9218082322210c0616140286f2d160503c1a9250d, +961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36, +1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd, +eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt new file mode 100644 index 0000000..0999b99 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt @@ -0,0 +1,2 @@ +cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04, +257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp256.txt b/src/cz/crcs/ectester/data/smallpub/ecsp256.txt new file mode 100644 index 0000000..17387a6 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp256.txt @@ -0,0 +1,7 @@ +c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445, +4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71, +1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880, +a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7, +98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e, +c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt new file mode 100644 index 0000000..a8f0492 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt @@ -0,0 +1,2 @@ +75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653, +55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp384.txt b/src/cz/crcs/ectester/data/smallpub/ecsp384.txt new file mode 100644 index 0000000..9acae3f --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp384.txt @@ -0,0 +1,7 @@ +d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b, +45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906, +d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4, +2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec, +ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933, +d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt new file mode 100644 index 0000000..4eb4a96 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt @@ -0,0 +1,2 @@ +a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1, +38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp521.txt b/src/cz/crcs/ectester/data/smallpub/ecsp521.txt new file mode 100644 index 0000000..1d36bd7 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp521.txt @@ -0,0 +1,7 @@ +01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f, +00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e, +004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6, +01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa, +00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66, +01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3, +1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt new file mode 100644 index 0000000..0e3f320 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt @@ -0,0 +1,2 @@ +002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389, +0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/CardMngr.java b/src/cz/crcs/ectester/reader/CardMngr.java index 9cdd055..d95b7e5 100644 --- a/src/cz/crcs/ectester/reader/CardMngr.java +++ b/src/cz/crcs/ectester/reader/CardMngr.java @@ -255,11 +255,13 @@ public class CardMngr { public ResponseAPDU sendAPDUSimulator(CommandAPDU apdu) { System.out.println(">>>>"); + System.out.println(apdu); System.out.println(Util.bytesToHex(apdu.getBytes())); ResponseAPDU response = simulator.transmitCommand(apdu); byte[] responseBytes = response.getBytes(); + System.out.println(response); System.out.println(Util.bytesToHex(responseBytes)); System.out.println("<<<<"); @@ -285,13 +287,4 @@ public class CardMngr { CommandAPDU commandAPDU = new CommandAPDU(apdu); return send(commandAPDU); } - - public ResponseAPDU[] send(CommandAPDU... apdus) throws CardException { - ResponseAPDU[] result = new ResponseAPDU[apdus.length]; - for (int i = 0; i < apdus.length; i++) { - result[i] = send(apdus[i]); - } - return result; - } - } diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java new file mode 100644 index 0000000..c5fd465 --- /dev/null +++ b/src/cz/crcs/ectester/reader/Command.java @@ -0,0 +1,241 @@ +package cz.crcs.ectester.reader; + +import cz.crcs.ectester.applet.ECTesterApplet; + +import javax.smartcardio.CardException; +import javax.smartcardio.CommandAPDU; +import javax.smartcardio.ResponseAPDU; +import java.util.ArrayList; +import java.util.List; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public abstract class Command { + protected CommandAPDU cmd; + protected CardMngr cardManager; + + protected Command(CardMngr cardManager) { + this.cardManager = cardManager; + } + + public CommandAPDU getAPDU() { + return cmd; + } + + /** + * + * @return + * @throws CardException + */ + public abstract Response send() throws CardException; + + public static List sendAll(List commands) throws CardException { + List result = new ArrayList<>(); + for (Command cmd : commands) { + result.add(cmd.send()); + } + return result; + } + + /** + * + */ + public static class Allocate extends Command { + private byte keyPair; + private short keyLength; + private byte keyClass; + + /** + * Creates the INS_ALLOCATE instruction. + * + * @param cardManager + * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) + * @param keyLength key length to set + * @param keyClass key class to allocate + */ + public Allocate(CardMngr cardManager, byte keyPair, short keyLength, byte keyClass) { + super(cardManager); + this.keyPair = keyPair; + this.keyLength = keyLength; + this.keyClass = keyClass; + + byte[] data = new byte[]{0, 0, keyClass}; + Util.setShort(data, 0, keyLength); + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ALLOCATE, keyPair, 0x00, data); + } + + @Override + public Response.Allocate send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.Allocate(response, elapsed, keyPair, keyLength, keyClass); + } + } + + /** + * + */ + public static class Set extends Command { + private byte keyPair; + private byte export; + private byte curve; + private short params; + private short corrupted; + private byte corruption; + private byte[] external; + + /** + * Creates the INS_SET instruction. + * + * @param cardManager + * @param keyPair which keyPair to set params on, local/remote (KEYPAIR_* || ...) + * @param export whether to export set params from keyPair + * @param curve curve to set (EC_Consts.CURVE_*) + * @param params parameters to set (EC_Consts.PARAMETER_* | ...) + * @param corrupted parameters to corrupt (EC_Consts.PARAMETER_* | ...) + * @param corruption corruption type (EC_Consts.CORRUPTION_*) + * @param external external curve data, can be null + */ + public Set(CardMngr cardManager, byte keyPair, byte export, byte curve, short params, short corrupted, byte corruption, byte[] external) { + super(cardManager); + this.keyPair = keyPair; + this.export = export; + this.curve = curve; + this.params = params; + this.corrupted = corrupted; + this.corruption = corruption; + this.external = external; + + int len = external != null ? 6 + 2 + external.length : 6; + byte[] data = new byte[len]; + data[0] = curve; + Util.setShort(data, 1, params); + Util.setShort(data, 3, corrupted); + data[5] = corruption; + if (external != null) { + System.arraycopy(external, 0, data, 6, external.length); + } + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_SET, keyPair, export, data); + } + + @Override + public Response.Set send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.Set(response, elapsed, keyPair, export, curve, params, corrupted); + } + } + + /** + * + */ + public static class Generate extends Command { + private byte keyPair; + private byte export; + + /** + * Creates the INS_GENERATE instruction. + * + * @param cardManager + * @param keyPair which keyPair to generate, local/remote (KEYPAIR_* || ...) + * @param export whether to export generated keys from keyPair + */ + public Generate(CardMngr cardManager, byte keyPair, byte export) { + super(cardManager); + this.keyPair = keyPair; + this.export = export; + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_GENERATE, keyPair, export); + } + + @Override + public Response.Generate send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.Generate(response, elapsed, keyPair, export); + } + } + + /** + * + */ + public static class ECDH extends Command { + private byte pubkey; + private byte privkey; + private byte export; + private byte invalid; + + /** + * Creates the INS_ECDH instruction. + * + * @param cardManager + * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param export whether to export ECDH secret + * @param invalid whether to invalidate the pubkey before ECDH + */ + public ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte invalid) { + super(cardManager); + this.pubkey = pubkey; + this.privkey = privkey; + this.export = export; + this.invalid = invalid; + + byte[] data = new byte[]{export, invalid}; + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDH, pubkey, privkey, data); + } + + @Override + public Response.ECDH send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.ECDH(response, elapsed, pubkey, privkey, export, invalid); + } + } + + public static class ECDSA extends Command { + private byte keyPair; + private byte export; + private byte[] raw; + + /** + * Creates the INS_ECDSA instruction. + * + * @param cardManager + * @param keyPair keyPair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param export whether to export ECDSA signature + * @param raw data to sign, can be null, in which case random data is signed. + */ + public ECDSA(CardMngr cardManager, byte keyPair, byte export, byte[] raw) { + super(cardManager); + this.keyPair = keyPair; + this.export = export; + this.raw = raw; + + int len = raw != null ? raw.length : 0; + byte[] data = new byte[2 + len]; + Util.setShort(data, 0, (short) len); + if (raw != null) { + System.arraycopy(raw, 0, data, 2, len); + } + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDSA, keyPair, export, data); + } + + @Override + public Response.ECDSA send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.ECDSA(response, elapsed, keyPair, export, raw); + } + } +} + diff --git a/src/cz/crcs/ectester/reader/DirtyLogger.java b/src/cz/crcs/ectester/reader/DirtyLogger.java index f69557d..7a2c70d 100644 --- a/src/cz/crcs/ectester/reader/DirtyLogger.java +++ b/src/cz/crcs/ectester/reader/DirtyLogger.java @@ -2,6 +2,7 @@ package cz.crcs.ectester.reader; import java.io.FileWriter; import java.io.IOException; +import java.io.OutputStream; /** * @author Petr Svenda petr@svenda.com diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 1f70d4f..e5a2b70 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -27,15 +27,12 @@ import javacard.security.KeyPair; import org.apache.commons.cli.*; import javax.smartcardio.CardException; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; import java.io.File; import java.io.FileNotFoundException; import java.io.FileWriter; import java.io.IOException; import java.nio.file.Files; import java.util.ArrayList; -import java.util.Comparator; import java.util.List; /** @@ -187,10 +184,8 @@ public class ECTester { } } catch (MissingArgumentException maex) { System.err.println("Option, " + maex.getOption().getOpt() + " requires an argument: " + maex.getOption().getArgName()); - } catch (AlreadySelectedException asex) { - System.err.println(asex.getMessage()); } catch (ParseException | CardException pex) { - pex.printStackTrace(); + System.err.println(pex.getMessage()); } catch (NumberFormatException nfex) { System.err.println("Not a number. " + nfex.getMessage()); nfex.printStackTrace(System.err); @@ -370,8 +365,7 @@ public class ECTester { */ private void generate() throws CardException, IOException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - CommandAPDU[] prepare = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass); - cardManager.send(prepare); + List prepare = Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); FileWriter keysFile = new FileWriter(optOutput); keysFile.write("index;time;pubW;privS\n"); @@ -379,30 +373,27 @@ public class ECTester { int generated = 0; int retry = 0; while (generated < optGenerateAmount || optGenerateAmount == 0) { - CommandAPDU generate = insGenerate(ECTesterApplet.KEYPAIR_LOCAL, (byte) (ECTesterApplet.EXPORT_BOTH | ECTesterApplet.KEYPAIR_LOCAL)); - long elapsed = -System.nanoTime(); - ResponseAPDU response = cardManager.send(generate); - elapsed += System.nanoTime(); - - byte[] bytes = response.getData(); - if (bytes.length <= 2) { - //error, retry 10 times + Command.Generate generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (byte) (ECTesterApplet.EXPORT_BOTH | ECTesterApplet.KEYPAIR_LOCAL)); + Response.Generate response = generate.send(); + long elapsed = response.getDuration(); + + if (!response.successful()) { if (retry < 10) { retry++; + continue; } else { System.err.println("Keys could not be generated."); break; } - } else { - short publicLength = Util.getShort(bytes, 2); - String pubkey = Util.bytesToHex(bytes, 4, publicLength, false); - short privateLength = Util.getShort(bytes, 4 + publicLength); - String privkey = Util.bytesToHex(bytes, 6 + publicLength, privateLength, false); - - keysFile.write(String.format("%d;%d;%s;%s\n", generated, elapsed / 1000000, pubkey, privkey)); - keysFile.flush(); - generated++; } + systemOutLogger.println(response.toString()); + + String pub = Util.bytesToHex(response.getPublic(ECTesterApplet.KEYPAIR_LOCAL), false); + String priv = Util.bytesToHex(response.getPrivate(ECTesterApplet.KEYPAIR_LOCAL), false); + String line = String.format("%d;%d;%s;%s\n", generated, elapsed / 1000000, pub, priv); + keysFile.write(line); + keysFile.flush(); + generated++; } keysFile.close(); } @@ -460,23 +451,24 @@ public class ECTester { */ private void ecdh() throws IOException, CardException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - CommandAPDU[] curve = prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass); - cardManager.send(curve); + List ecdh = Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass)); if (optPublic != null || optPrivate != null || optKey != null) { - CommandAPDU local = insGenerate(ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE); - cardManager.send(local); - CommandAPDU remote = prepareKey(ECTesterApplet.KEYPAIR_REMOTE); - cardManager.send(remote); + Response local = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE).send(); + Response remote = prepareKey(ECTesterApplet.KEYPAIR_REMOTE).send(); + ecdh.add(local); + ecdh.add(remote); } else { - CommandAPDU both = insGenerate(ECTesterApplet.KEYPAIR_BOTH, ECTesterApplet.EXPORT_NONE); - cardManager.send(both); + Response both = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH, ECTesterApplet.EXPORT_NONE).send(); + ecdh.add(both); } - CommandAPDU ecdh = insECDH(ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_ECDH, (byte) 0); - ResponseAPDU response = cardManager.send(ecdh); - //TODO print response SWs/error codes - //TODO output to file + Response.ECDH perform = new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_ECDH, (byte) 0).send(); + ecdh.add(perform); + for (Response r : ecdh) { + systemOutLogger.println(r.toString()); + } + //TODO check perform.hasSecret(), write perform.getSecret to file if -o } /** @@ -487,16 +479,15 @@ public class ECTester { */ private void ecdsa() throws CardException, IOException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - CommandAPDU[] curve = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass); - cardManager.send(curve); + List ecdsa = Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + Response keys; if (optKey != null || (optPublic != null && optPrivate != null)) { - CommandAPDU set = prepareKey(ECTesterApplet.KEYPAIR_LOCAL); - cardManager.send(set); + keys = prepareKey(ECTesterApplet.KEYPAIR_LOCAL).send(); } else { - CommandAPDU generate = insGenerate(ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE); - cardManager.send(generate); + keys = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE).send(); } + ecdsa.add(keys); //read file, if asked to sign byte[] data = null; @@ -509,96 +500,12 @@ public class ECTester { data = Files.readAllBytes(in.toPath()); } - CommandAPDU ecdsa = insECDSA(ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_SIG, data); - ResponseAPDU response = cardManager.send(ecdsa); - //TODO print response SWs/error codes - //TODO output to file - } - - /** - * Creates the INS_ALLOCATE instruction. - * - * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) - * @param keyLength key length to set - * @param keyClass key class to allocate - * @return apdu to send - */ - private CommandAPDU insAllocate(byte keyPair, short keyLength, byte keyClass) { - byte[] data = new byte[]{0, 0, keyClass}; - Util.setShort(data, 0, keyLength); - - return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ALLOCATE, keyPair, 0x00, data); - } - - /** - * Creates the INS_SET instruction. - * - * @param keyPair which keyPair to set params on, local/remote (KEYPAIR_* || ...) - * @param export whether to export set params from keyPair - * @param curve curve to set (EC_Consts.CURVE_*) - * @param params parameters to set (EC_Consts.PARAMETER_* | ...) - * @param corrupted parameters to corrupt (EC_Consts.PARAMETER_* | ...) - * @param corruption corruption type (EC_Consts.CORRUPTION_*) - * @param external external curve data, can be null - * @return apdu to send - */ - private CommandAPDU insSet(byte keyPair, byte export, byte curve, short params, short corrupted, byte corruption, byte[] external) { - int len = external != null ? 6 + 2 + external.length : 6; - byte[] data = new byte[len]; - data[0] = curve; - Util.setShort(data, 1, params); - Util.setShort(data, 3, corrupted); - data[5] = corruption; - if (external != null) { - System.arraycopy(external, 0, data, 6, external.length); + Response.ECDSA perform = new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_SIG, data).send(); + ecdsa.add(perform); + for (Response r : ecdsa) { + systemOutLogger.println(r.toString()); } - - return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_SET, keyPair, export, data); - } - - /** - * Creates the INS_GENERATE instruction. - * - * @param keyPair which keyPair to generate, local/remote (KEYPAIR_* || ...) - * @param export whether to export generated keys from keyPair - * @return apdu to send - */ - private CommandAPDU insGenerate(byte keyPair, byte export) { - return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_GENERATE, keyPair, export); - } - - /** - * Creates the INS_ECDH instruction. - * - * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) - * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) - * @param export whether to export ECDH secret - * @param invalid whether to invalidate the pubkey before ECDH - * @return apdu to send - */ - private CommandAPDU insECDH(byte pubkey, byte privkey, byte export, byte invalid) { - byte[] data = new byte[]{export, invalid}; - - return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDH, pubkey, privkey, data); - } - - /** - * Creates the INS_ECDSA instruction. - * - * @param keyPair keyPair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) - * @param export whether to export ECDSA signature - * @param raw data to sign, can be null, in which case random data is signed. - * @return apdu to send - */ - private CommandAPDU insECDSA(byte keyPair, byte export, byte[] raw) { - int len = raw != null ? raw.length : 0; - byte[] data = new byte[2 + len]; - Util.setShort(data, 0, (short) len); - if (raw != null) { - System.arraycopy(raw, 0, data, 2, len); - } - - return new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDSA, keyPair, export, data); + //TODO output to file } /** @@ -608,23 +515,23 @@ public class ECTester { * @return an array of CommandAPDUs to send in order to prepare the keypair/s. * @throws IOException if curve file cannot be found/opened */ - private CommandAPDU[] prepareCurve(byte keyPair, short keyLength, byte keyClass) throws IOException { - List commands = new ArrayList<>(); - commands.add(insAllocate(keyPair, keyLength, keyClass)); + private List prepareCurve(byte keyPair, short keyLength, byte keyClass) throws IOException { + List commands = new ArrayList<>(); + commands.add(new Command.Allocate(cardManager, keyPair, keyLength, keyClass)); short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; if (optNamed) { - commands.add(insSet(keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.getCurve(keyLength, keyClass), domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null)); + commands.add(new Command.Set(cardManager, keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.getCurve(keyLength, keyClass), domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null)); } if (optCurve != null) { byte[] external = ParamReader.flatten(domainParams, ParamReader.readFile(optCurve)); if (external == null) { throw new IOException("Couldn't read the curve file correctly."); } - commands.add(insSet(keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + commands.add(new Command.Set(cardManager, keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); } - return commands.toArray(new CommandAPDU[commands.size()]); + return commands; } /** @@ -632,7 +539,7 @@ public class ECTester { * @return a CommandAPDU setting params loaded on the keyPair/s * @throws IOException if any of the key files cannot be found/opened */ - private CommandAPDU prepareKey(byte keyPair) throws IOException { + private Command prepareKey(byte keyPair) throws IOException { short params = EC_Consts.PARAMETERS_NONE; byte[] data = null; if (optKey != null) { @@ -656,7 +563,7 @@ public class ECTester { */ throw new IOException("Couldn't read the key file correctly."); } - return insSet(keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, data); + return new Command.Set(cardManager, keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, data); } public static void main(String[] args) { diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java new file mode 100644 index 0000000..8f9ab9b --- /dev/null +++ b/src/cz/crcs/ectester/reader/Response.java @@ -0,0 +1,410 @@ +package cz.crcs.ectester.reader; + +import cz.crcs.ectester.applet.ECTesterApplet; +import cz.crcs.ectester.applet.EC_Consts; +import javacard.framework.ISO7816; +import javacard.security.KeyPair; + +import javax.smartcardio.ResponseAPDU; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public abstract class Response { + protected ResponseAPDU resp; + protected long time; + protected short sw1 = 0; + protected short sw2 = 0; + protected byte[][] params; + protected boolean success = true; + + protected Response(ResponseAPDU response, long time) { + this.resp = response; + this.time = time; + } + + protected void parse(int numSW, int numParams) { + byte[] data = resp.getData(); + int offset = 0; + + //parse SWs in response + if (--numSW >= 0 && getLength() >= 2) { + sw1 = Util.getShort(data, offset); + offset += 2; + if (sw1 != ISO7816.SW_NO_ERROR) + success = false; + } + if (--numSW >= 0 && getLength() >= 4) { + sw2 = Util.getShort(data, offset); + offset += 2; + if (sw2 != ISO7816.SW_NO_ERROR) + success = false; + } + + //try to parse numParams.. + params = new byte[numParams][]; + for (int i = 0; i < numParams; i++) { + if (data.length - offset < 2) { + success = false; + break; + } + short paramLength = Util.getShort(data, offset); + offset += 2; + if (data.length < offset + paramLength) { + success = false; + break; + } + params[i] = new byte[paramLength]; + System.arraycopy(data, offset, params[i], 0, paramLength); + offset += paramLength; + } + } + + protected boolean hasParam(int index) { + return params.length >= index + 1 && params[index] != null; + } + + protected int getParamLength(int index) { + return params[index].length; + } + + protected byte[] getParam(int index) { + return params[index]; + } + + public ResponseAPDU getAPDU() { + return resp; + } + + public long getDuration() { + return time; + } + + public int getNaturalSW() { + return resp.getSW(); + } + + public short getSW1() { + return sw1; + } + + public short getSW2() { + return sw2; + } + + public int getLength() { + return resp.getNr(); + } + + public boolean successful() { + return this.success; + } + + @Override + public abstract String toString(); + + + /** + * + */ + public static class Allocate extends Response { + private byte keyPair; + private short keyLength; + private byte keyClass; + + public Allocate(ResponseAPDU response, long time, byte keyPair, short keyLength, byte keyClass) { + super(response, time); + this.keyPair = keyPair; + this.keyLength = keyLength; + this.keyClass = keyClass; + + int pairs = 0; + if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) pairs++; + if ((keyPair & ECTesterApplet.KEYPAIR_REMOTE) != 0) pairs++; + parse(pairs, 0); + } + + @Override + public String toString() { + String field = keyClass == KeyPair.ALG_EC_FP ? "ALG_EC_FP" : "ALG_EC_F2M"; + String key; + if (keyPair == ECTesterApplet.KEYPAIR_BOTH) { + key = "both keypairs"; + } else { + key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; + } + //TODO general response.toString alignment + 2 SWs + return String.format("Allocated %s %db %s: %#x", key, keyLength, field, getSW1()); + } + } + + /** + * + */ + public static class Set extends Response { + private byte keyPair; + private byte export; + private byte curve; + private short params; + private short corrupted; + + protected Set(ResponseAPDU response, long time, byte keyPair, byte export, byte curve, short params, short corrupted) { + super(response, time); + this.keyPair = keyPair; + this.export = export; + this.curve = curve; + this.params = params; + this.corrupted = corrupted; + + int pairs = 0; + if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) pairs++; + if ((keyPair & ECTesterApplet.KEYPAIR_REMOTE) != 0) pairs++; + int exported = 0; + if ((export & ECTesterApplet.KEYPAIR_LOCAL) != 0) exported++; + if ((export & ECTesterApplet.KEYPAIR_REMOTE) != 0) exported++; + int keys = 0; + if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) keys++; + if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) keys++; + int paramCount = 0; + short mask = EC_Consts.PARAMETER_FP; + while (mask <= EC_Consts.PARAMETER_K) { + if ((mask & params) != 0) { + paramCount++; + } + mask = (short) (mask << 1); + } + int other = 0; + if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0 && (params & EC_Consts.PARAMETER_W) != 0) other++; + if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0 && (params & EC_Consts.PARAMETER_S) != 0) other++; + + parse(pairs, exported * keys * paramCount + exported * other); + } + + private int getIndex(byte keyPair, short param) { + byte key = ECTesterApplet.KEYPAIR_LOCAL; + int index = 0; + while (key <= ECTesterApplet.KEYPAIR_REMOTE) { + short mask = EC_Consts.PARAMETER_FP; + while (mask <= EC_Consts.PARAMETER_S) { + if (key == keyPair && param == mask) { + return index; + } + if ((params & mask) != 0 && (key & export) != 0) { + if (mask == EC_Consts.PARAMETER_W) { + if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) + index++; + } else if (mask == EC_Consts.PARAMETER_S) { + if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) + index++; + } else { + index++; + } + } + mask = (short) (mask << 1); + } + + key = (byte) (key << 1); + } + return -1; + } + + public boolean hasParameter(byte keyPair, short param) { + return !((export & keyPair) == 0 || (params & param) == 0) && getIndex(keyPair, param) != -1; + } + + public byte[] getParameter(byte keyPair, short param) { + return getParam(getIndex(keyPair, param)); + } + + @Override + public String toString() { + String name; + switch (curve) { + case EC_Consts.CURVE_default: + name = "default"; + break; + case EC_Consts.CURVE_external: + name = "external"; + break; + default: + name = "custom"; + break; + } + String key; + if (keyPair == ECTesterApplet.KEYPAIR_BOTH) { + key = "both keypairs"; + } else { + key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; + } + //TODO general response.toString alignment + 2 SWs + return String.format("Set %s curve parameters on %s: %#x", name, key, getSW1()); + } + + } + + /** + * + */ + public static class Generate extends Response { + private byte keyPair; + private byte export; + private short[] contents; + + protected Generate(ResponseAPDU response, long time, byte keyPair, byte export) { + super(response, time); + this.keyPair = keyPair; + this.export = export; + + int keys = 0; + if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) keys++; + if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) keys++; + int pairs = 0; + if ((export & ECTesterApplet.KEYPAIR_LOCAL) != 0) pairs++; + if ((export & ECTesterApplet.KEYPAIR_REMOTE) != 0) pairs++; + int generated = 0; + if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) generated++; + if ((keyPair & ECTesterApplet.KEYPAIR_REMOTE) != 0) generated++; + parse(generated, keys * pairs); + + this.contents = new short[4]; + int offset = 0; + if ((export & ECTesterApplet.KEYPAIR_LOCAL) != 0) { + if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) { + this.contents[offset] = ECTesterApplet.KEYPAIR_LOCAL | ECTesterApplet.EXPORT_PUBLIC; + offset++; + } + if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) { + this.contents[offset] = ECTesterApplet.KEYPAIR_LOCAL | ECTesterApplet.EXPORT_PRIVATE; + offset++; + } + } + if ((export & ECTesterApplet.KEYPAIR_REMOTE) != 0) { + if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) { + this.contents[offset] = ECTesterApplet.KEYPAIR_REMOTE | ECTesterApplet.EXPORT_PUBLIC; + offset++; + } + if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) { + this.contents[offset] = ECTesterApplet.KEYPAIR_REMOTE | ECTesterApplet.EXPORT_PRIVATE; + offset++; + } + } + } + + private int getIndex(byte key) { + for (int i = 0; i < contents.length; i++) { + if (key == contents[i]) + return i; + } + return -1; + } + + public boolean hasPublic(byte keyPair) { + if ((export & ECTesterApplet.EXPORT_PUBLIC) == 0 || (export & keyPair) == 0) + return false; + return getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PUBLIC)) != -1; + } + + public boolean hasPrivate(byte keyPair) { + if ((export & ECTesterApplet.EXPORT_PRIVATE) == 0 || (export & keyPair) == 0) + return false; + return getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PRIVATE)) != -1; + } + + public byte[] getPublic(byte keyPair) { + //calculate index and getParam + int index = getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PUBLIC)); + return getParam(index); + } + + public byte[] getPrivate(byte keyPair) { + //calculate index and getParam + int index = getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PRIVATE)); + return getParam(index); + } + + @Override + public String toString() { + String key; + if (keyPair == ECTesterApplet.KEYPAIR_BOTH) { + key = "both keypairs"; + } else { + key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; + } + //TODO general response.toString alignment + 2 SWs + return String.format("Generated %s: %#x", key, getSW1()); + } + + } + + /** + * + */ + public static class ECDH extends Response { + private byte pubkey; + private byte privkey; + private byte export; + private byte invalid; + + protected ECDH(ResponseAPDU response, long time, byte pubkey, byte privkey, byte export, byte invalid) { + super(response, time); + this.pubkey = pubkey; + this.privkey = privkey; + this.export = export; + this.invalid = invalid; + + parse(1, (export & ECTesterApplet.EXPORT_ECDH) != 0 ? 1 : 0); + } + + public boolean hasSecret() { + return hasParam(0); + } + + public byte[] getSecret() { + return getParam(0); + } + + @Override + public String toString() { + String pub = pubkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; + String priv = privkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; + String validity = invalid != 0 ? "invalid" : "valid"; + //TODO general response.toString alignment + 2SWs + return String.format("ECDH of %s pubkey and %s privkey(%s point): %#x", pub, priv, validity, getSW1()); + } + } + + /** + * + */ + public static class ECDSA extends Response { + private byte keyPair; + private byte export; + private byte[] raw; + + protected ECDSA(ResponseAPDU response, long time, byte keyPair, byte export, byte[] raw) { + super(response, time); + this.keyPair = keyPair; + this.export = export; + this.raw = raw; + + parse(1, (export & ECTesterApplet.EXPORT_SIG) != 0 ? 1 : 0); + } + + public boolean hasSignature() { + return hasParam(0); + } + + public byte[] getSignature() { + return getParam(0); + } + + @Override + public String toString() { + String key = keyPair == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; + String data = raw == null ? "random" : "provided"; + //TODO general response.toString alignment + 2 SWs + return String.format("ECDSA with %s keypair(%s data): %#x", key, data, getSW1()); + } + + } +} diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 1464728..38db3bf 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -50,18 +50,22 @@ public class Util { } public static String bytesToHex(byte[] data) { - return bytesToHex(data, 0, data.length, true); + return bytesToHex(data, true); + } + + public static String bytesToHex(byte[] data, boolean addSpace) { + return bytesToHex(data, 0, data.length, addSpace); } public static String bytesToHex(byte[] data, int offset, int len) { return bytesToHex(data, offset, len, true); } - public static String bytesToHex(byte[] data, int offset, int len, boolean bAddSpace) { + public static String bytesToHex(byte[] data, int offset, int len, boolean addSpace) { StringBuilder buf = new StringBuilder(); for (int i = offset; i < (offset + len); i++) { buf.append(byteToHex(data[i])); - if (bAddSpace && i != (offset + len - 1)) { + if (addSpace && i != (offset + len - 1)) { buf.append(" "); } } -- cgit v1.2.3-70-g09d2 From c3e48df92858bad5e74e9cec69c16397b6b12481 Mon Sep 17 00:00:00 2001 From: J08nY Date: Fri, 27 Jan 2017 21:34:39 +0100 Subject: Added option to generate fresh keys(-f) also implemented basic ECC testing - Added -f/--fresh - Fixed response align - Implemented basic EC testing, more advanced/complex tests are gonna be done through pre-generated files/curves/keys inside the jar or externally. Such as the invalid curve attack test and others. --- !uploader/ectester.cap | Bin 13377 -> 13641 bytes dist/ECTester.jar | Bin 75369 -> 78703 bytes src/cz/crcs/ectester/applet/ECKeyGenerator.java | 41 +++++--- src/cz/crcs/ectester/applet/ECTesterApplet.java | 38 ++++++- src/cz/crcs/ectester/reader/CardMngr.java | 2 +- src/cz/crcs/ectester/reader/Command.java | 27 ++++- src/cz/crcs/ectester/reader/ECTester.java | 121 +++++++++++++++------- src/cz/crcs/ectester/reader/Response.java | 131 ++++++++++++++++-------- 8 files changed, 260 insertions(+), 100 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index a7da4dc..8d1bff8 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index b0dae23..f0a8c3b 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index 417944c..427577b 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -44,6 +44,19 @@ public class ECKeyGenerator { return ecKeyPair; } + public short clearPair(KeyPair keypair, byte key) { + sw = ISO7816.SW_NO_ERROR; + try { + if ((key & KEY_PUBLIC) != 0) keypair.getPublic().clearKey(); + if ((key & KEY_PRIVATE) != 0) keypair.getPrivate().clearKey(); + } catch (CryptoException ce) { + sw = ce.getReason(); + } catch (Exception e) { + sw = ISO7816.SW_UNKNOWN; + } + return sw; + } + /** * @param keypair * @return @@ -73,8 +86,8 @@ public class ECKeyGenerator { sw = ISO7816.SW_NO_ERROR; if (params == EC_Consts.PARAMETERS_NONE) { - return sw; - } + return sw; + } short length; if (alg == KeyPair.ALG_EC_FP && (params & EC_Consts.PARAMETER_FP) != 0) { @@ -123,9 +136,9 @@ public class ECKeyGenerator { */ public short corruptCurve(KeyPair keypair, byte key, short corruptParams, byte corruption, byte[] buffer, short offset) { sw = ISO7816.SW_NO_ERROR; - if (corruptParams == EC_Consts.PARAMETERS_NONE) { - return sw; - } + if (corruptParams == EC_Consts.PARAMETERS_NONE) { + return sw; + } //go through param bit by bit, and invalidate all selected params short paramMask = EC_Consts.PARAMETER_FP; @@ -252,7 +265,7 @@ public class ECKeyGenerator { public short setExternalCurve(KeyPair keypair, byte key, short params, byte[] inBuffer, short inOffset) { sw = ISO7816.SW_NO_ERROR; if (params == EC_Consts.PARAMETERS_NONE) { - return sw; + return sw; } short paramMask = EC_Consts.PARAMETER_FP; @@ -273,9 +286,9 @@ public class ECKeyGenerator { /** * Exports a selected parameter from a given keyPairs key. * - * @param keypair keypair to export from - * @param key key to export from (KEY_PUBLIC | KEY_PRIVATE) - * @param param parameter to export (EC_Consts.PARAMETER_* || ...) + * @param keypair keypair to export from + * @param key key to export from (KEY_PUBLIC | KEY_PRIVATE) + * @param param parameter to export (EC_Consts.PARAMETER_* || ...) * @param outputBuffer buffer to write to * @param outputOffset offset to start writing in buffer * @return length of data written @@ -346,9 +359,9 @@ public class ECKeyGenerator { */ public short exportParameters(KeyPair keypair, byte key, short params, byte[] buffer, short offset) { sw = ISO7816.SW_NO_ERROR; - if (params == EC_Consts.PARAMETERS_NONE) { - return sw; - } + if (params == EC_Consts.PARAMETERS_NONE) { + return sw; + } short length = 0; short paramMask = EC_Consts.PARAMETER_FP; @@ -372,8 +385,8 @@ public class ECKeyGenerator { /** * Copies this KeyPairs curve parameters to another ECKeyGenerator. * - * @param from keyPair to copy from - * @param to keyPair to copy to + * @param from keyPair to copy from + * @param to keyPair to copy to * @param buffer buffer to use for copying * @param offset offset to use in buffer * @return sw diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index dfdd0f0..cb2c43f 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -44,10 +44,11 @@ public class ECTesterApplet extends Applet { //INSTRUCTIONS public static final byte INS_ALLOCATE = (byte) 0x5a; - public static final byte INS_SET = (byte) 0x5b; - public static final byte INS_GENERATE = (byte) 0x5c; - public static final byte INS_ECDH = (byte) 0x5d; - public static final byte INS_ECDSA = (byte) 0x5e; + public static final byte INS_CLEAR = (byte) 0x5b; + public static final byte INS_SET = (byte) 0x5c; + public static final byte INS_GENERATE = (byte) 0x5d; + public static final byte INS_ECDH = (byte) 0x5e; + public static final byte INS_ECDSA = (byte) 0x5f; //PARAMETERS for P1 and P2 public static final byte KEYPAIR_LOCAL = (byte) 0x01; @@ -127,6 +128,9 @@ public class ECTesterApplet extends Applet { case INS_ALLOCATE: insAllocate(apdu); break; + case INS_CLEAR: + insClear(apdu); + break; case INS_SET: insSet(apdu); break; @@ -169,6 +173,25 @@ public class ECTesterApplet extends Applet { apdu.setOutgoingAndSend((short) 0, len); } + /** + * + * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) + * P2 = + */ + private void insClear(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + byte keyPair = apdubuf[ISO7816.OFFSET_P1]; + + short len = 0; + if ((keyPair & KEYPAIR_LOCAL) != 0) + len += clear(localKeypair, apdubuf, (short) 0); + if ((keyPair & KEYPAIR_REMOTE) != 0) + len += clear(remoteKeypair, apdubuf, len); + + apdu.setOutgoingAndSend((short) 0, len); + } + /** * Sets curve parameters on local and remote keyPairs. * returns setCurve SWs, set params if export @@ -306,6 +329,13 @@ public class ECTesterApplet extends Applet { return length; } + private short clear(KeyPair keyPair, byte[] buffer, short offset) { + short sw = keyGenerator.clearPair(keyPair, ECKeyGenerator.KEY_BOTH); + Util.setShort(buffer, offset, sw); + + return 2; + } + /** * @param keyPair KeyPair to set params on * @param curve curve to set (EC_Consts.CURVE_*) diff --git a/src/cz/crcs/ectester/reader/CardMngr.java b/src/cz/crcs/ectester/reader/CardMngr.java index d95b7e5..6875d2e 100644 --- a/src/cz/crcs/ectester/reader/CardMngr.java +++ b/src/cz/crcs/ectester/reader/CardMngr.java @@ -23,7 +23,7 @@ public class CardMngr { private boolean simulate = false; - private final byte selectCM[] = { + private final byte[] selectCM = { (byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x07, (byte) 0xa0, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x18, (byte) 0x43, (byte) 0x4d}; diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index c5fd465..31cde4d 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -23,11 +23,6 @@ public abstract class Command { return cmd; } - /** - * - * @return - * @throws CardException - */ public abstract Response send() throws CardException; public static List sendAll(List commands) throws CardException { @@ -74,6 +69,28 @@ public abstract class Command { } } + /** + * + */ + public static class Clear extends Command { + private byte keyPair; + + public Clear(CardMngr cardManager, byte keyPair) { + super(cardManager); + this.keyPair = keyPair; + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_CLEAR, keyPair, 0x00); + } + + @Override + public Response.Clear send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.Clear(response, elapsed, keyPair); + } + } + /** * */ diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index e5a2b70..4cb63f7 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -33,6 +33,7 @@ import java.io.FileWriter; import java.io.IOException; import java.nio.file.Files; import java.util.ArrayList; +import java.util.LinkedList; import java.util.List; /** @@ -58,6 +59,7 @@ public class ECTester { private String optKey = null; private String optLog = null; private String optOutput = null; + private boolean optFresh = false; private boolean optSimulate = false; private int optGenerateAmount; @@ -244,11 +246,15 @@ public class ECTester { opts.addOption(Option.builder("fp").longOpt("prime-field").desc("Use prime field curve.").build()); opts.addOption(Option.builder("f2m").longOpt("binary-field").desc("Use binary field curve.").build()); + opts.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file [pubkey_file] (wx,wy).").hasArg().argName("pubkey_file").build()); opts.addOption(Option.builder("priv").longOpt("private").desc("Use private key from file [privkey_file] (s).").hasArg().argName("privkey_file").build()); opts.addOption(Option.builder("k").longOpt("key").desc("Use keyPair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); + opts.addOption(Option.builder("o").longOpt("output").desc("Output into file [output_file].").hasArg().argName("output_file").build()); opts.addOption(Option.builder("l").longOpt("log").desc("Log output into file [log_file].").hasArg().argName("log_file").optionalArg(true).build()); + + opts.addOption(Option.builder("f").longOpt("fresh").desc("Generate fresh keys(set domain parameters before every generation).").build()); opts.addOption(Option.builder("s").longOpt("simulate").desc("Simulate a card with jcardsim instead of using a terminal.").build()); CommandLineParser parser = new DefaultParser(); @@ -275,6 +281,7 @@ public class ECTester { optLog = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); } optOutput = cli.getOptionValue("output"); + optFresh = cli.hasOption("fresh"); optSimulate = cli.hasOption("simulate"); if (optKey != null && (optPublic != null || optPrivate != null)) { @@ -365,7 +372,8 @@ public class ECTester { */ private void generate() throws CardException, IOException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - List prepare = Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + List prepare = Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass))); FileWriter keysFile = new FileWriter(optOutput); keysFile.write("index;time;pubW;privS\n"); @@ -373,6 +381,10 @@ public class ECTester { int generated = 0; int retry = 0; while (generated < optGenerateAmount || optGenerateAmount == 0) { + if (optFresh) { + Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + } + Command.Generate generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (byte) (ECTesterApplet.EXPORT_BOTH | ECTesterApplet.KEYPAIR_LOCAL)); Response.Generate response = generate.send(); long elapsed = response.getDuration(); @@ -400,47 +412,36 @@ public class ECTester { /** * Tests Elliptic curve support for a given curve/curves. + * + * @throws IOException + * @throws CardException */ - private void test() { - //TODO + private void test() throws IOException, CardException { + List commands = new LinkedList<>(); if (optAll) { if (optPrimeField) { //iterate over prime curve sizes used: EC_Consts.FP_SIZES for (short keyLength : EC_Consts.FP_SIZES) { - //prepareCurve(KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP); - //insGenerate(KEYPAIR_BOTH, EXPORT_NONE); - //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 00); - //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 01); - //insECDSA(KEYPAIR_LOCAL, EXPORT_NONE, null); + commands.addAll(testCurve(keyLength, KeyPair.ALG_EC_FP)); } } if (optBinaryField) { //iterate over binary curve sizes used: EC_Consts.F2M_SIZES for (short keyLength : EC_Consts.F2M_SIZES) { - //prepareCurve(KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M); - //insGenerate(KEYPAIR_BOTH, EXPORT_NONE); - //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 00); - //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 01); - //insECDSA(KEYPAIR_LOCAL, EXPORT_NONE, null); + commands.addAll(testCurve(keyLength, KeyPair.ALG_EC_F2M)); } } } else { if (optPrimeField) { - //test with prepareCurve(KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP) - //insGenerate(KEYPAIR_BOTH, EXPORT_NONE); - //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 00); - //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 01); - //insECDSA(KEYPAIR_LOCAL, EXPORT_NONE, null); + commands.addAll(testCurve((short) optBits, KeyPair.ALG_EC_FP)); } if (optBinaryField) { - //test with prepareCurve(KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M) - //insGenerate(KEYPAIR_BOTH, EXPORT_NONE); - //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 00); - //insECDH(KEYPAIR_LOCAL, KEYPAIR_REMOTE, EXPORT_NONE, 01); - //insECDSA(KEYPAIR_LOCAL, EXPORT_NONE, null); + commands.addAll(testCurve((short) optBits, KeyPair.ALG_EC_F2M)); } } + List test = Command.sendAll(commands); + systemOutLogger.println(Response.toString(test)); } /** @@ -451,7 +452,8 @@ public class ECTester { */ private void ecdh() throws IOException, CardException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - List ecdh = Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass)); + List ecdh = Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass)); + ecdh.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass))); if (optPublic != null || optPrivate != null || optKey != null) { Response local = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE).send(); @@ -465,10 +467,17 @@ public class ECTester { Response.ECDH perform = new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_ECDH, (byte) 0).send(); ecdh.add(perform); - for (Response r : ecdh) { - systemOutLogger.println(r.toString()); + systemOutLogger.println(Response.toString(ecdh)); + + if (!perform.hasSecret()) { + System.err.println("Couldn't obtain ECDH secret from card response."); + } else { + if (optOutput != null) { + FileWriter out = new FileWriter(optOutput); + out.write(Util.bytesToHex(perform.getSecret(), false)); + out.close(); + } } - //TODO check perform.hasSecret(), write perform.getSecret to file if -o } /** @@ -479,7 +488,8 @@ public class ECTester { */ private void ecdsa() throws CardException, IOException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - List ecdsa = Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + List ecdsa = Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + ecdsa.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass))); Response keys; if (optKey != null || (optPublic != null && optPrivate != null)) { @@ -502,33 +512,55 @@ public class ECTester { Response.ECDSA perform = new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_SIG, data).send(); ecdsa.add(perform); - for (Response r : ecdsa) { - systemOutLogger.println(r.toString()); + systemOutLogger.println(Response.toString(ecdsa)); + + if (!perform.hasSignature()) { + System.err.println("Couldn't obtain ECDSA signature from card response."); + } else { + if (optOutput != null) { + FileWriter out = new FileWriter(optOutput); + out.write(Util.bytesToHex(perform.getSignature(), false)); + out.close(); + } } - //TODO output to file } /** - * @param keyPair which keyPair/s (local/remote) to set curve domain parameters on + * @param keyPair which keyPair/s (local/remote) to allocate * @param keyLength key length to allocate * @param keyClass key class to allocate - * @return an array of CommandAPDUs to send in order to prepare the keypair/s. + * @return a list of Commands to send in order to prepare the keyPair. + */ + private List prepareKeyPair(byte keyPair, short keyLength, byte keyClass) { + List commands = new ArrayList<>(); + commands.add(new Command.Allocate(cardManager, keyPair, keyLength, keyClass)); + return commands; + } + + /** + * @param keyPair which keyPair/s (local/remote) to set curve domain parameters on + * @param keyLength key length to choose + * @param keyClass key class to choose + * @return a list of Commands to send in order to prepare the curve on the keypairs. * @throws IOException if curve file cannot be found/opened */ private List prepareCurve(byte keyPair, short keyLength, byte keyClass) throws IOException { List commands = new ArrayList<>(); - commands.add(new Command.Allocate(cardManager, keyPair, keyLength, keyClass)); short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; if (optNamed) { + // Set named curve (one of the SECG curves embedded applet-side) commands.add(new Command.Set(cardManager, keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.getCurve(keyLength, keyClass), domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null)); - } - if (optCurve != null) { + } else if (optCurve != null) { + // Set curve loaded from a file byte[] external = ParamReader.flatten(domainParams, ParamReader.readFile(optCurve)); if (external == null) { throw new IOException("Couldn't read the curve file correctly."); } commands.add(new Command.Set(cardManager, keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + } else { + // Set default curve + commands.add(new Command.Clear(cardManager, keyPair)); } return commands; @@ -566,6 +598,23 @@ public class ECTester { return new Command.Set(cardManager, keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, data); } + /** + * @param keyLength + * @param keyClass + * @return + * @throws IOException + */ + private List testCurve(short keyLength, byte keyClass) throws IOException { + List commands = new LinkedList<>(); + commands.addAll(prepareKeyPair(ECTesterApplet.KEYPAIR_BOTH, keyLength, keyClass)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, keyClass)); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH, ECTesterApplet.EXPORT_NONE)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_NONE, (byte) 0)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_NONE, (byte) 1)); + commands.add(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE, null)); + return commands; + } + public static void main(String[] args) { ECTester app = new ECTester(); app.run(args); diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 8f9ab9b..05cd92a 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -6,17 +6,19 @@ import javacard.framework.ISO7816; import javacard.security.KeyPair; import javax.smartcardio.ResponseAPDU; +import java.util.List; /** * @author Jan Jancar johny@neuromancer.sk */ public abstract class Response { - protected ResponseAPDU resp; - protected long time; - protected short sw1 = 0; - protected short sw2 = 0; - protected byte[][] params; - protected boolean success = true; + private ResponseAPDU resp; + private long time; + private short sw1 = 0; + private short sw2 = 0; + private int numSW = 0; + private byte[][] params; + private boolean success = true; protected Response(ResponseAPDU response, long time) { this.resp = response; @@ -24,6 +26,8 @@ public abstract class Response { } protected void parse(int numSW, int numParams) { + this.numSW = numSW; + byte[] data = resp.getData(); int offset = 0; @@ -31,14 +35,16 @@ public abstract class Response { if (--numSW >= 0 && getLength() >= 2) { sw1 = Util.getShort(data, offset); offset += 2; - if (sw1 != ISO7816.SW_NO_ERROR) + if (sw1 != ISO7816.SW_NO_ERROR) { success = false; + } } if (--numSW >= 0 && getLength() >= 4) { sw2 = Util.getShort(data, offset); offset += 2; - if (sw2 != ISO7816.SW_NO_ERROR) + if (sw2 != ISO7816.SW_NO_ERROR) { success = false; + } } //try to parse numParams.. @@ -60,18 +66,6 @@ public abstract class Response { } } - protected boolean hasParam(int index) { - return params.length >= index + 1 && params[index] != null; - } - - protected int getParamLength(int index) { - return params[index].length; - } - - protected byte[] getParam(int index) { - return params[index]; - } - public ResponseAPDU getAPDU() { return resp; } @@ -92,6 +86,22 @@ public abstract class Response { return sw2; } + public int getNumSW() { + return numSW; + } + + protected boolean hasParam(int index) { + return params.length >= index + 1 && params[index] != null; + } + + protected int getParamLength(int index) { + return params[index].length; + } + + protected byte[] getParam(int index) { + return params[index]; + } + public int getLength() { return resp.getNr(); } @@ -104,6 +114,21 @@ public abstract class Response { public abstract String toString(); + public static String toString(List responses) { + StringBuilder out = new StringBuilder(); + for (Response r : responses) { + String message = r.toString(); + String suffix; + if (r.getNumSW() == 1) { + suffix = String.format("%s", Util.getPrintError(r.getSW1())); + } else { + suffix = String.format("%s %s", Util.getPrintError(r.getSW1()), Util.getPrintError(r.getSW2())); + } + out.append(String.format("%-55s: %s\n", message, suffix)); + } + return out.toString(); + } + /** * */ @@ -133,8 +158,32 @@ public abstract class Response { } else { key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - //TODO general response.toString alignment + 2 SWs - return String.format("Allocated %s %db %s: %#x", key, keyLength, field, getSW1()); + return String.format("Allocated %s %db %s", key, keyLength, field); + } + } + + public static class Clear extends Response { + private byte keyPair; + + public Clear(ResponseAPDU response, long time, byte keyPair) { + super(response, time); + this.keyPair = keyPair; + + int pairs = 0; + if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) pairs++; + if ((keyPair & ECTesterApplet.KEYPAIR_REMOTE) != 0) pairs++; + parse(pairs, 0); + } + + @Override + public String toString() { + String key; + if (keyPair == ECTesterApplet.KEYPAIR_BOTH) { + key = "both keypairs"; + } else { + key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; + } + return String.format("Cleared %s", key); } } @@ -145,15 +194,15 @@ public abstract class Response { private byte keyPair; private byte export; private byte curve; - private short params; + private short parameters; private short corrupted; - protected Set(ResponseAPDU response, long time, byte keyPair, byte export, byte curve, short params, short corrupted) { + protected Set(ResponseAPDU response, long time, byte keyPair, byte export, byte curve, short parameters, short corrupted) { super(response, time); this.keyPair = keyPair; this.export = export; this.curve = curve; - this.params = params; + this.parameters = parameters; this.corrupted = corrupted; int pairs = 0; @@ -168,14 +217,14 @@ public abstract class Response { int paramCount = 0; short mask = EC_Consts.PARAMETER_FP; while (mask <= EC_Consts.PARAMETER_K) { - if ((mask & params) != 0) { + if ((mask & parameters) != 0) { paramCount++; } mask = (short) (mask << 1); } int other = 0; - if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0 && (params & EC_Consts.PARAMETER_W) != 0) other++; - if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0 && (params & EC_Consts.PARAMETER_S) != 0) other++; + if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0 && (parameters & EC_Consts.PARAMETER_W) != 0) other++; + if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0 && (parameters & EC_Consts.PARAMETER_S) != 0) other++; parse(pairs, exported * keys * paramCount + exported * other); } @@ -189,7 +238,7 @@ public abstract class Response { if (key == keyPair && param == mask) { return index; } - if ((params & mask) != 0 && (key & export) != 0) { + if ((parameters & mask) != 0 && (key & export) != 0) { if (mask == EC_Consts.PARAMETER_W) { if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) index++; @@ -209,7 +258,11 @@ public abstract class Response { } public boolean hasParameter(byte keyPair, short param) { - return !((export & keyPair) == 0 || (params & param) == 0) && getIndex(keyPair, param) != -1; + if ((export & keyPair) == 0 || (parameters & param) == 0) { + return false; + } + int index = getIndex(keyPair, param); + return index != -1 && hasParam(index); } public byte[] getParameter(byte keyPair, short param) { @@ -236,8 +289,7 @@ public abstract class Response { } else { key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - //TODO general response.toString alignment + 2 SWs - return String.format("Set %s curve parameters on %s: %#x", name, key, getSW1()); + return String.format("Set %s curve parameters on %s", name, key); } } @@ -301,13 +353,15 @@ public abstract class Response { public boolean hasPublic(byte keyPair) { if ((export & ECTesterApplet.EXPORT_PUBLIC) == 0 || (export & keyPair) == 0) return false; - return getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PUBLIC)) != -1; + int index = getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PUBLIC)); + return index != -1 && hasParam(index); } public boolean hasPrivate(byte keyPair) { if ((export & ECTesterApplet.EXPORT_PRIVATE) == 0 || (export & keyPair) == 0) return false; - return getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PRIVATE)) != -1; + int index = getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PRIVATE)); + return index != -1 && hasParam(index); } public byte[] getPublic(byte keyPair) { @@ -330,8 +384,7 @@ public abstract class Response { } else { key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - //TODO general response.toString alignment + 2 SWs - return String.format("Generated %s: %#x", key, getSW1()); + return String.format("Generated %s", key); } } @@ -368,8 +421,7 @@ public abstract class Response { String pub = pubkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; String priv = privkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; String validity = invalid != 0 ? "invalid" : "valid"; - //TODO general response.toString alignment + 2SWs - return String.format("ECDH of %s pubkey and %s privkey(%s point): %#x", pub, priv, validity, getSW1()); + return String.format("ECDH of %s pubkey and %s privkey(%s point)", pub, priv, validity); } } @@ -402,8 +454,7 @@ public abstract class Response { public String toString() { String key = keyPair == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; String data = raw == null ? "random" : "provided"; - //TODO general response.toString alignment + 2 SWs - return String.format("ECDSA with %s keypair(%s data): %#x", key, data, getSW1()); + return String.format("ECDSA with %s keypair(%s data)", key, data); } } -- cgit v1.2.3-70-g09d2 From abe9f00e15993d55a71b8b328f430421f2f2f151 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 31 Jan 2017 20:15:24 +0100 Subject: Added export instruction, and action to reader One can now export the default domain parameters of the card/simulation with: `ectester.jar -e -fp -b 192 -o params.txt` - Renamed ParamReader to ECParams - Added Command.Export and Response.Export - Moved ECKeyGenerator.KEY_* to EC_Consts.KEY_* --- !uploader/ectester.cap | Bin 13641 -> 13691 bytes dist/ECTester.jar | Bin 78703 -> 284484 bytes src/cz/crcs/ectester/applet/ECKeyGenerator.java | 115 ++++++------- src/cz/crcs/ectester/applet/ECKeyTester.java | 22 ++- src/cz/crcs/ectester/applet/ECTesterApplet.java | 184 ++++++++++++-------- src/cz/crcs/ectester/applet/EC_Consts.java | 15 +- src/cz/crcs/ectester/reader/Command.java | 66 +++++-- src/cz/crcs/ectester/reader/ECParams.java | 202 ++++++++++++++++++++++ src/cz/crcs/ectester/reader/ECTester.java | 196 +++++++++++---------- src/cz/crcs/ectester/reader/ParamReader.java | 135 --------------- src/cz/crcs/ectester/reader/Response.java | 217 +++++++++++++----------- src/cz/crcs/ectester/reader/Util.java | 2 +- 12 files changed, 656 insertions(+), 498 deletions(-) create mode 100644 src/cz/crcs/ectester/reader/ECParams.java delete mode 100644 src/cz/crcs/ectester/reader/ParamReader.java diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 8d1bff8..f570b6f 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index f0a8c3b..a3429fe 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index 427577b..1a17d3c 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -13,10 +13,6 @@ import javacard.security.KeyPair; */ public class ECKeyGenerator { - public static final byte KEY_PUBLIC = 0x01; - public static final byte KEY_PRIVATE = 0x02; - public static final byte KEY_BOTH = KEY_PUBLIC | KEY_PRIVATE; - private short sw = ISO7816.SW_NO_ERROR; /** @@ -47,8 +43,8 @@ public class ECKeyGenerator { public short clearPair(KeyPair keypair, byte key) { sw = ISO7816.SW_NO_ERROR; try { - if ((key & KEY_PUBLIC) != 0) keypair.getPublic().clearKey(); - if ((key & KEY_PRIVATE) != 0) keypair.getPrivate().clearKey(); + if ((key & EC_Consts.KEY_PUBLIC) != 0) keypair.getPublic().clearKey(); + if ((key & EC_Consts.KEY_PRIVATE) != 0) keypair.getPrivate().clearKey(); } catch (CryptoException ce) { sw = ce.getReason(); } catch (Exception e) { @@ -78,7 +74,7 @@ public class ECKeyGenerator { } public short setCurve(KeyPair keypair, byte curve, short params, byte[] buffer, short offset) { - return setCurve(keypair, KEY_BOTH, curve, params, buffer, offset); + return setCurve(keypair, EC_Consts.KEY_BOTH, curve, params, buffer, offset); } public short setCurve(KeyPair keypair, byte key, byte curve, short params, byte[] buffer, short offset) { @@ -90,6 +86,7 @@ public class ECKeyGenerator { } short length; + //handle fp and f2m differently, as a FP KeyPair doesnt contain a F2M field and vice versa. if (alg == KeyPair.ALG_EC_FP && (params & EC_Consts.PARAMETER_FP) != 0) { length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_FP, buffer, offset); sw = setParameter(keypair, key, EC_Consts.PARAMETER_FP, buffer, offset, length); @@ -122,7 +119,7 @@ public class ECKeyGenerator { * @return */ public short corruptCurve(KeyPair keypair, short corruptParams, byte corruption, byte[] buffer, short offset) { - return corruptCurve(keypair, KEY_BOTH, corruptParams, corruption, buffer, offset); + return corruptCurve(keypair, EC_Consts.KEY_BOTH, corruptParams, corruption, buffer, offset); } /** @@ -170,48 +167,42 @@ public class ECKeyGenerator { try { switch (param) { - case EC_Consts.PARAMETER_FP: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); + case EC_Consts.PARAMETER_FP: + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); break; - } - case EC_Consts.PARAMETER_F2M: { + case EC_Consts.PARAMETER_F2M: if (length == 2) { short i = Util.makeShort(data[offset], data[(short) (offset + 1)]); - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); } else if (length == 6) { short i1 = Util.makeShort(data[offset], data[(short) (offset + 1)]); short i2 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); short i3 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); } else { sw = ISO7816.SW_UNKNOWN; } break; - } - case EC_Consts.PARAMETER_A: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setA(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setA(data, offset, length); + case EC_Consts.PARAMETER_A: + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setA(data, offset, length); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setA(data, offset, length); break; - } - case EC_Consts.PARAMETER_B: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setB(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setB(data, offset, length); + case EC_Consts.PARAMETER_B: + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setB(data, offset, length); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setB(data, offset, length); break; - } - case EC_Consts.PARAMETER_G: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setG(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setG(data, offset, length); + case EC_Consts.PARAMETER_G: + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setG(data, offset, length); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setG(data, offset, length); break; - } - case EC_Consts.PARAMETER_R: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setR(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setR(data, offset, length); + case EC_Consts.PARAMETER_R: + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setR(data, offset, length); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setR(data, offset, length); break; - } - case EC_Consts.PARAMETER_K: { + case EC_Consts.PARAMETER_K: short k = 0; if (length > 2 || length <= 0) { sw = ISO7816.SW_UNKNOWN; @@ -221,19 +212,17 @@ public class ECKeyGenerator { } else if (length == 1) { k = data[offset]; } - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setK(k); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setK(k); + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setK(k); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setK(k); break; - } case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); break; case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); break; - default: { + default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } } } catch (CryptoException ce) { sw = ce.getReason(); @@ -251,7 +240,7 @@ public class ECKeyGenerator { * @return */ public short setExternalCurve(KeyPair keypair, short params, byte[] inBuffer, short inOffset) { - return setExternalCurve(keypair, KEY_BOTH, params, inBuffer, inOffset); + return setExternalCurve(keypair, EC_Consts.KEY_BOTH, params, inBuffer, inOffset); } /** @@ -303,35 +292,37 @@ public class ECKeyGenerator { switch (param) { case EC_Consts.PARAMETER_FP: case EC_Consts.PARAMETER_F2M: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getField(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PRIVATE) != 0) length = ecPrivateKey.getField(outputBuffer, outputOffset); break; case EC_Consts.PARAMETER_A: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getA(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getA(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getA(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PRIVATE) != 0) length = ecPrivateKey.getA(outputBuffer, outputOffset); break; case EC_Consts.PARAMETER_B: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getB(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getB(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getB(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PRIVATE) != 0) length = ecPrivateKey.getB(outputBuffer, outputOffset); break; case EC_Consts.PARAMETER_G: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getG(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getG(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getG(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PRIVATE) != 0) length = ecPrivateKey.getG(outputBuffer, outputOffset); break; case EC_Consts.PARAMETER_R: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getR(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getR(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getR(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PRIVATE) != 0) length = ecPrivateKey.getR(outputBuffer, outputOffset); break; case EC_Consts.PARAMETER_K: - if ((key & KEY_PUBLIC) != 0) Util.setShort(outputBuffer, outputOffset, ecPublicKey.getK()); - if ((key & KEY_PRIVATE) != 0) Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK()); length = 2; + if ((key & EC_Consts.KEY_PUBLIC) != 0) + Util.setShort(outputBuffer, outputOffset, ecPublicKey.getK()); + if ((key & EC_Consts.KEY_PRIVATE) != 0) + Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK()); break; case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset); break; case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset); + if ((key & EC_Consts.KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset); break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); @@ -387,17 +378,21 @@ public class ECKeyGenerator { * * @param from keyPair to copy from * @param to keyPair to copy to + * @param params parameters to copy * @param buffer buffer to use for copying * @param offset offset to use in buffer * @return sw */ - public short copyCurve(KeyPair from, KeyPair to, byte[] buffer, short offset) { + public short copyCurve(KeyPair from, KeyPair to, short params, byte[] buffer, short offset) { sw = ISO7816.SW_NO_ERROR; try { short param = EC_Consts.PARAMETER_FP; while (param <= EC_Consts.PARAMETER_K) { - short paramLength = exportParameter(from, KEY_PUBLIC, param, buffer, offset); - setParameter(to, KEY_BOTH, param, buffer, offset, paramLength); + short masked = (short) (param & params); + if (masked != 0) { + short paramLength = exportParameter(from, EC_Consts.KEY_PUBLIC, masked, buffer, offset); + setParameter(to, EC_Consts.KEY_BOTH, masked, buffer, offset, paramLength); + } param = (short) (param << 1); } } catch (CryptoException ce) { diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 72fa165..2e3e86e 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -73,22 +73,19 @@ public class ECKeyTester { } private short testKA_invalidPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - pubkeyBuffer[(short)(pubkeyLength - 2)] += 0xcc; - pubkeyBuffer[(short)(pubkeyLength - 3)] += 0xcc; + pubkeyBuffer[(short) (pubkeyLength - 2)] += 0xcc; + pubkeyBuffer[(short) (pubkeyLength - 3)] += 0xcc; short result = testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - pubkeyBuffer[(short)(pubkeyLength - 2)] -= 0xcc; - pubkeyBuffer[(short)(pubkeyLength - 3)] -= 0xcc; + pubkeyBuffer[(short) (pubkeyLength - 2)] -= 0xcc; + pubkeyBuffer[(short) (pubkeyLength - 3)] -= 0xcc; return result; } - public short testECDH(ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - } - /** * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. * Output should equal with ECDHC output. + * * @param privateKey * @param publicKey * @param pubkeyBuffer @@ -96,7 +93,6 @@ public class ECKeyTester { * @param outputBuffer * @param outputOffset * @return derived secret length - * **/ public short testECDH_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); @@ -113,14 +109,15 @@ public class ECKeyTester { * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. * Output should equal to ECDH output. + * * @param privateKey * @param publicKey * @param pubkeyBuffer * @param pubkeyOffset * @param outputBuffer * @param outputOffset - * @return ISO7816.SW_NO_ERROR on correct operation, - * exception reason otherwise + * @return ISO7816.SW_NO_ERROR on correct operation, + * exception reason otherwise */ public short testECDHC_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); @@ -136,6 +133,7 @@ public class ECKeyTester { * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. * Then checks for correct signature length. * Then tries verifying the data with {@code verifyKey}. + * * @param signKey * @param verifyKey * @param inputBuffer @@ -143,7 +141,7 @@ public class ECKeyTester { * @param inputLength * @param sigBuffer * @param sigOffset - * @return signature length + * @return signature length */ public short testECDSA(ECPrivateKey signKey, ECPublicKey verifyKey, byte[] inputBuffer, short inputOffset, short inputLength, byte[] sigBuffer, short sigOffset) { sw = ISO7816.SW_NO_ERROR; diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index cb2c43f..ae19e28 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -20,8 +20,8 @@ * SOFTWARE. */ /* - * PACKAGEID: 4C6162616B417070 - * APPLETID: 4C6162616B4170706C6574 + * PACKAGEID: 4543546573746572 + * APPLETID: 45435465737465723031 */ package cz.crcs.ectester.applet; @@ -32,7 +32,7 @@ import javacard.security.KeyPair; import javacard.security.RandomData; /** - * Reader part of ECTester, a tool for testing Elliptic curve support on javacards. + * Applet part of ECTester, a tool for testing Elliptic curve support on javacards. * * @author Petr Svenda petr@svenda.com * @author Jan Jancar johny@neuromancer.sk @@ -42,35 +42,32 @@ public class ECTesterApplet extends Applet { // MAIN INSTRUCTION CLASS public static final byte CLA_ECTESTERAPPLET = (byte) 0xB0; - //INSTRUCTIONS + // INSTRUCTIONS public static final byte INS_ALLOCATE = (byte) 0x5a; public static final byte INS_CLEAR = (byte) 0x5b; public static final byte INS_SET = (byte) 0x5c; public static final byte INS_GENERATE = (byte) 0x5d; - public static final byte INS_ECDH = (byte) 0x5e; - public static final byte INS_ECDSA = (byte) 0x5f; + public static final byte INS_EXPORT = (byte) 0x5e; + public static final byte INS_ECDH = (byte) 0x5f; + public static final byte INS_ECDSA = (byte) 0x60; - //PARAMETERS for P1 and P2 + // PARAMETERS for P1 and P2 public static final byte KEYPAIR_LOCAL = (byte) 0x01; public static final byte KEYPAIR_REMOTE = (byte) 0x02; public static final byte KEYPAIR_BOTH = KEYPAIR_LOCAL | KEYPAIR_REMOTE; - public static final byte EXPORT_NONE = (byte) 0x00; - public static final byte EXPORT_PUBLIC = (byte) 0x04; - public static final byte EXPORT_PRIVATE = (byte) 0x08; - public static final byte EXPORT_BOTH = EXPORT_PUBLIC | EXPORT_PRIVATE; - public static final byte EXPORT_ECDH = (byte) 0x10; - public static final byte EXPORT_SIG = (byte) 0x20; - - //STATUS WORDS + public static final byte EXPORT_TRUE = (byte) 0xff; + public static final byte EXPORT_FALSE = (byte) 0x00; + + // STATUS WORDS public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1; private static final short ARRAY_LENGTH = (short) 0xff; // TEMPORARRY ARRAY IN RAM - private byte ramArray[] = null; - private byte ramArray2[] = null; + private byte[] ramArray = null; + private byte[] ramArray2 = null; // PERSISTENT ARRAY IN EEPROM - private byte dataArray[] = null; // unused + private byte[] dataArray = null; // unused private RandomData randomData = null; @@ -120,8 +117,9 @@ public class ECTesterApplet extends Applet { byte[] apduBuffer = apdu.getBuffer(); // ignore the applet select command dispached to the process - if (selectingApplet()) + if (selectingApplet()) { return; + } if (apduBuffer[ISO7816.OFFSET_CLA] == CLA_ECTESTERAPPLET) { switch (apduBuffer[ISO7816.OFFSET_INS]) { @@ -137,6 +135,9 @@ public class ECTesterApplet extends Applet { case INS_GENERATE: insGenerate(apdu); break; + case INS_EXPORT: + insExport(apdu); + break; case INS_ECDH: insECDH(apdu); break; @@ -174,6 +175,8 @@ public class ECTesterApplet extends Applet { } /** + * Clears local and remote keyPair's keys {@code .clearKey()}. + * returns clearKey SWs * * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) * P2 = @@ -184,10 +187,12 @@ public class ECTesterApplet extends Applet { byte keyPair = apdubuf[ISO7816.OFFSET_P1]; short len = 0; - if ((keyPair & KEYPAIR_LOCAL) != 0) + if ((keyPair & KEYPAIR_LOCAL) != 0) { len += clear(localKeypair, apdubuf, (short) 0); - if ((keyPair & KEYPAIR_REMOTE) != 0) + } + if ((keyPair & KEYPAIR_REMOTE) != 0) { len += clear(remoteKeypair, apdubuf, len); + } apdu.setOutgoingAndSend((short) 0, len); } @@ -197,9 +202,8 @@ public class ECTesterApplet extends Applet { * returns setCurve SWs, set params if export * * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) - * P2 = byte export (EXPORT_* | KEYPAIR_*) - * DATA = byte curve (EC_Consts.CURVE_*) - * short params (EC_Consts.PARAMETER_* | ...) + * P2 = byte curve (EC_Consts.CURVE_*) + * DATA = short params (EC_Consts.PARAMETER_* | ...) * short corruptedParams (EC_Consts.PARAMETER_* | ...) * byte corruptionType (EC_Consts.CORRUPTION_*) *

@@ -213,22 +217,19 @@ public class ECTesterApplet extends Applet { byte[] apdubuf = apdu.getBuffer(); byte keyPair = apdubuf[ISO7816.OFFSET_P1]; - byte export = apdubuf[ISO7816.OFFSET_P2]; - byte curve = apdubuf[ISO7816.OFFSET_CDATA]; - short params = Util.getShort(apdubuf, (short) (ISO7816.OFFSET_CDATA + 1)); - short corruptedParams = Util.getShort(apdubuf, (short) (ISO7816.OFFSET_CDATA + 3)); - byte corruptionType = apdubuf[(short) (ISO7816.OFFSET_CDATA + 5)]; + byte curve = apdubuf[ISO7816.OFFSET_P2]; + short params = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); + short corruptedParams = Util.getShort(apdubuf, (short) (ISO7816.OFFSET_CDATA + 2)); + byte corruptionType = apdubuf[(short) (ISO7816.OFFSET_CDATA + 4)]; short len = 0; - if ((keyPair & KEYPAIR_LOCAL) != 0) + if ((keyPair & KEYPAIR_LOCAL) != 0) { len += set(localKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 6), (short) 0); - if ((keyPair & KEYPAIR_REMOTE) != 0) + } + if ((keyPair & KEYPAIR_REMOTE) != 0) { len += set(remoteKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 6), len); - if ((export & KEYPAIR_LOCAL) != 0) - len += export(localKeypair, export, params, apdubuf, len); - if ((export & KEYPAIR_REMOTE) != 0) - len += export(remoteKeypair, export, params, apdubuf, len); + } apdu.setOutgoingAndSend((short) 0, len); } @@ -238,35 +239,61 @@ public class ECTesterApplet extends Applet { * returns generate SWs, pubkey and privkey if export * * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) - * P2 = byte export (EXPORT_* | KEYPAIR_*) + * P2 = */ private void insGenerate(APDU apdu) { apdu.setIncomingAndReceive(); byte[] apdubuf = apdu.getBuffer(); byte keyPair = apdubuf[ISO7816.OFFSET_P1]; - byte export = apdubuf[ISO7816.OFFSET_P2]; short len = 0; - if ((keyPair & KEYPAIR_LOCAL) != 0) + if ((keyPair & KEYPAIR_LOCAL) != 0) { len += generate(localKeypair, apdubuf, (short) 0); - if ((keyPair & KEYPAIR_REMOTE) != 0) + } + if ((keyPair & KEYPAIR_REMOTE) != 0) { len += generate(remoteKeypair, apdubuf, len); - if ((export & KEYPAIR_LOCAL) != 0) - len += export(localKeypair, export, (short) (EC_Consts.PARAMETER_W | EC_Consts.PARAMETER_S), apdubuf, len); - if ((export & KEYPAIR_REMOTE) != 0) - len += export(remoteKeypair, export, (short) (EC_Consts.PARAMETER_W | EC_Consts.PARAMETER_S), apdubuf, len); + } + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * Exports selected key and domain parameters from the selected keyPair and key. + * + * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) + * P2 = byte key (EC_Consts.KEY_* | ...) + * DATA = short params + */ + private void insExport(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte keyPair = apdubuf[ISO7816.OFFSET_P1]; + byte key = apdubuf[ISO7816.OFFSET_P2]; + short params = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); + + short swOffset = 0; + short len = (short) (keyPair == KEYPAIR_BOTH ? 4 : 2); + + if ((keyPair & KEYPAIR_LOCAL) != 0) { + len += export(localKeypair, key, params, apdubuf, swOffset, len); + swOffset += 2; + } + if ((keyPair & KEYPAIR_REMOTE) != 0) { + len += export(remoteKeypair, key, params, apdubuf, swOffset, len); + } apdu.setOutgoingAndSend((short) 0, len); } /** * Performs ECDH, between the pubkey specified in P1(local/remote) and the privkey specified in P2(local/remote). - * returns deriveSecret SW, if export != 0 => short secretlen, byte[] secret + * returns deriveSecret SW, {@code if(export == EXPORT_TRUE)} => short secretlen, byte[] secret * * @param apdu P1 = byte pubkey (KEYPAIR_*) * P2 = byte privkey (KEYPAIR_*) - * DATA = byte export (EXPORT_ECDH || 0) + * DATA = byte export (EXPORT_TRUE || EXPORT_FALSE) * byte invalid (00 = valid, !00 = invalid) */ private void insECDH(APDU apdu) { @@ -285,10 +312,10 @@ public class ECTesterApplet extends Applet { /** * Performs ECDSA signature and verification on data provided or random, using the keyPair in P1(local/remote). - * returns ecdsa SW, if export != 0 => short signature_length, byte[] signature + * returns ecdsa SW, {@code if(export == EXPORT_TRUE)} => short signature_length, byte[] signature * * @param apdu P1 = byte keyPair (KEYPAIR_*) - * P2 = byte export (EXPORT_SIG || 0) + * P2 = byte export (EXPORT_TRUE || EXPORT_FALSE) * DATA = short dataLength (00 = random data generated, !00 = data length) * byte[] data */ @@ -299,7 +326,13 @@ public class ECTesterApplet extends Applet { byte keyPair = apdubuf[ISO7816.OFFSET_P1]; byte export = apdubuf[ISO7816.OFFSET_P2]; - short len = ecdsa(keyPair, export, apdubuf, ISO7816.OFFSET_CDATA, (short) 0); + short len = 0; + if ((keyPair & KEYPAIR_LOCAL) != 0) { + len += ecdsa(localKeypair, export, apdubuf, ISO7816.OFFSET_CDATA, (short) 0); + } + if ((keyPair & KEYPAIR_REMOTE) != 0) { + len += ecdsa(remoteKeypair, export, apdubuf, ISO7816.OFFSET_CDATA, len); + } apdu.setOutgoingAndSend((short) 0, len); } @@ -308,8 +341,8 @@ public class ECTesterApplet extends Applet { * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) * @param keyLength key length to set * @param keyClass key class to allocate - * @param buffer apdu buffer - * @param offset offset into apdu buffer + * @param buffer buffer to write sw to + * @param offset offset into buffer * @return length of data written to the buffer */ private short allocate(byte keyPair, short keyLength, byte keyClass, byte[] buffer, short offset) { @@ -329,8 +362,14 @@ public class ECTesterApplet extends Applet { return length; } + /** + * @param keyPair KeyPair to clear + * @param buffer buffer to write sw to + * @param offset offset into buffer + * @return length of data written to the buffer + */ private short clear(KeyPair keyPair, byte[] buffer, short offset) { - short sw = keyGenerator.clearPair(keyPair, ECKeyGenerator.KEY_BOTH); + short sw = keyGenerator.clearPair(keyPair, EC_Consts.KEY_BOTH); Util.setShort(buffer, offset, sw); return 2; @@ -384,26 +423,31 @@ public class ECTesterApplet extends Applet { } /** - * @param keyPair KeyPair to export from - * @param export which key to export from (EXPORT_PUBLIC | EXPORT_PRIVATE) - * @param params which params to export (EC_Consts.PARAMETER_* | ...) - * @param buffer buffer to export params to - * @param offset output offset in buffer + * @param keyPair KeyPair to export from + * @param key which key to export from (EC_Consts.KEY_PUBLIC | EC_Consts.KEY_PRIVATE) + * @param params which params to export (EC_Consts.PARAMETER_* | ...) + * @param buffer buffer to export params to + * @param swOffset offset to output sw to buffer + * @param offset output offset in buffer * @return length of data written to the buffer */ - private short export(KeyPair keyPair, byte export, short params, byte[] buffer, short offset) { + private short export(KeyPair keyPair, byte key, short params, byte[] buffer, short swOffset, short offset) { short length = 0; - if ((export & EXPORT_PUBLIC) != 0) { + short sw = ISO7816.SW_NO_ERROR; + if ((key & EC_Consts.KEY_PUBLIC) != 0) { //export params from public - length += keyGenerator.exportParameters(keyPair, ECKeyGenerator.KEY_PUBLIC, params, buffer, offset); + length += keyGenerator.exportParameters(keyPair, EC_Consts.KEY_PUBLIC, params, buffer, offset); + sw = keyGenerator.getSW(); } - - if ((export & EXPORT_PRIVATE) != 0) { + //TODO unify this, now that param key == the passed on param. + if ((key & EC_Consts.KEY_PRIVATE) != 0 && sw == ISO7816.SW_NO_ERROR) { //export params from private - length += keyGenerator.exportParameters(keyPair, ECKeyGenerator.KEY_PRIVATE, params, buffer, (short) (offset + length)); - + length += keyGenerator.exportParameters(keyPair, EC_Consts.KEY_PRIVATE, params, buffer, (short) (offset + length)); + sw = keyGenerator.getSW(); } + Util.setShort(buffer, swOffset, sw); + return length; } @@ -412,7 +456,7 @@ public class ECTesterApplet extends Applet { * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDH secret * @param invalid whether to invalidate the pubkey before ECDH - * @param buffer buffer to write sw to, and export ECDH secret if (export & EXPORT_ECDH) != 0 + * @param buffer buffer to write sw to, and export ECDH secret {@code if(export == EXPORT_TRUE)} * @param offset output offset in buffer * @return length of data written to the buffer */ @@ -432,7 +476,7 @@ public class ECTesterApplet extends Applet { Util.setShort(buffer, offset, keyTester.getSW()); length += 2; - if ((export & EXPORT_ECDH) != 0) { + if ((export == EXPORT_TRUE)) { Util.setShort(buffer, (short) (offset + length), secretLength); length += 2; Util.arrayCopyNonAtomic(ramArray2, (short) 0, buffer, (short) (offset + length), secretLength); @@ -443,14 +487,14 @@ public class ECTesterApplet extends Applet { } /** - * @param keyPair keyPair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param sign keyPair to use for signing and verification * @param export whether to export ECDSA signature - * @param buffer buffer to write sw to, and export ECDSA signature if (export & EXPORT_SIG) != 0 + * @param buffer buffer to write sw to, and export ECDSA signature {@code if(export == EXPORT_TRUE)} * @param inOffset input offset in buffer * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short ecdsa(byte keyPair, byte export, byte[] buffer, short inOffset, short outOffset) { + private short ecdsa(KeyPair sign, byte export, byte[] buffer, short inOffset, short outOffset) { short length = 0; short dataLength = Util.getShort(buffer, inOffset); @@ -462,13 +506,11 @@ public class ECTesterApplet extends Applet { Util.arrayCopyNonAtomic(buffer, (short) (inOffset + 2), ramArray, (short) 0, dataLength); } - KeyPair sign = ((keyPair & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; - short signatureLength = keyTester.testECDSA((ECPrivateKey) sign.getPrivate(), (ECPublicKey) sign.getPublic(), ramArray, (short) 0, dataLength, ramArray2, (short) 0); Util.setShort(buffer, outOffset, keyTester.getSW()); length += 2; - if ((export & EXPORT_SIG) != 0) { + if (export == EXPORT_TRUE) { Util.setShort(buffer, (short) (outOffset + length), signatureLength); length += 2; diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index c70919c..fc62c67 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -39,21 +39,28 @@ public class EC_Consts { public static final short PARAMETER_S = 0x0100; public static final short PARAMETERS_NONE = 0x0000; - public static final short PARAMETERS_DOMAIN_FP = 0x007d; /** * FP,A,B,G,R,K */ - public static final short PARAMETERS_DOMAIN_F2M = 0x007e; + public static final short PARAMETERS_DOMAIN_FP = 0x007d; /** * F2M,A,B,G,R,K */ + public static final short PARAMETERS_DOMAIN_F2M = 0x007e; + /** + * W,S + */ public static final short PARAMETERS_KEYPAIR = 0x0180; public static final short PARAMETERS_ALL = 0x01ff; + public static final byte KEY_PUBLIC = 0x01; + public static final byte KEY_PRIVATE = 0x02; + public static final byte KEY_BOTH = KEY_PUBLIC | KEY_PRIVATE; + public static RandomData randomData = null; - // secp128r1 + // secp128r1 from http://www.secg.org/sec2-v2.pdf public static final byte[] EC128_FP_P = new byte[]{ (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, @@ -94,7 +101,7 @@ public class EC_Consts { // cofactor of G public static final short EC128_FP_K = 1; - // secp160r1 + // secp160r1 from http://www.secg.org/sec2-v2.pdf public static final byte[] EC160_FP_P = new byte[]{ (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index 31cde4d..c6ce2b5 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -96,7 +96,6 @@ public abstract class Command { */ public static class Set extends Command { private byte keyPair; - private byte export; private byte curve; private short params; private short corrupted; @@ -108,34 +107,31 @@ public abstract class Command { * * @param cardManager * @param keyPair which keyPair to set params on, local/remote (KEYPAIR_* || ...) - * @param export whether to export set params from keyPair * @param curve curve to set (EC_Consts.CURVE_*) * @param params parameters to set (EC_Consts.PARAMETER_* | ...) * @param corrupted parameters to corrupt (EC_Consts.PARAMETER_* | ...) * @param corruption corruption type (EC_Consts.CORRUPTION_*) * @param external external curve data, can be null */ - public Set(CardMngr cardManager, byte keyPair, byte export, byte curve, short params, short corrupted, byte corruption, byte[] external) { + public Set(CardMngr cardManager, byte keyPair, byte curve, short params, short corrupted, byte corruption, byte[] external) { super(cardManager); this.keyPair = keyPair; - this.export = export; this.curve = curve; this.params = params; this.corrupted = corrupted; this.corruption = corruption; this.external = external; - int len = external != null ? 6 + 2 + external.length : 6; + int len = external != null ? 5 + 2 + external.length : 5; byte[] data = new byte[len]; - data[0] = curve; - Util.setShort(data, 1, params); - Util.setShort(data, 3, corrupted); - data[5] = corruption; + Util.setShort(data, 0, params); + Util.setShort(data, 2, corrupted); + data[4] = corruption; if (external != null) { - System.arraycopy(external, 0, data, 6, external.length); + System.arraycopy(external, 0, data, 5, external.length); } - this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_SET, keyPair, export, data); + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_SET, keyPair, curve, data); } @Override @@ -143,7 +139,7 @@ public abstract class Command { long elapsed = -System.nanoTime(); ResponseAPDU response = cardManager.send(cmd); elapsed += System.nanoTime(); - return new Response.Set(response, elapsed, keyPair, export, curve, params, corrupted); + return new Response.Set(response, elapsed, keyPair, curve, params, corrupted); } } @@ -152,21 +148,18 @@ public abstract class Command { */ public static class Generate extends Command { private byte keyPair; - private byte export; /** * Creates the INS_GENERATE instruction. * * @param cardManager * @param keyPair which keyPair to generate, local/remote (KEYPAIR_* || ...) - * @param export whether to export generated keys from keyPair */ - public Generate(CardMngr cardManager, byte keyPair, byte export) { + public Generate(CardMngr cardManager, byte keyPair) { super(cardManager); this.keyPair = keyPair; - this.export = export; - this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_GENERATE, keyPair, export); + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_GENERATE, keyPair, 0); } @Override @@ -174,7 +167,44 @@ public abstract class Command { long elapsed = -System.nanoTime(); ResponseAPDU response = cardManager.send(cmd); elapsed += System.nanoTime(); - return new Response.Generate(response, elapsed, keyPair, export); + return new Response.Generate(response, elapsed, keyPair); + } + } + + /** + * + */ + public static class Export extends Command { + private byte keyPair; + private byte key; + private short params; + + /** + * Creates the INS_EXPORT instruction. + * + * @param cardManager + * @param keyPair keyPair to export from (KEYPAIR_* | ...) + * @param key key to export from (EC_Consts.KEY_* | ...) + * @param params params to export (EC_Consts.PARAMETER_* | ...) + */ + public Export(CardMngr cardManager, byte keyPair, byte key, short params) { + super(cardManager); + this.keyPair = keyPair; + this.key = key; + this.params = params; + + byte[] data = new byte[2]; + Util.setShort(data, 0, params); + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_EXPORT, keyPair, key, data); + } + + @Override + public Response.Export send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.Export(response, elapsed, keyPair, key, params); } } diff --git a/src/cz/crcs/ectester/reader/ECParams.java b/src/cz/crcs/ectester/reader/ECParams.java new file mode 100644 index 0000000..c19640e --- /dev/null +++ b/src/cz/crcs/ectester/reader/ECParams.java @@ -0,0 +1,202 @@ +package cz.crcs.ectester.reader; + +import cz.crcs.ectester.applet.EC_Consts; + +import java.io.*; +import java.util.ArrayList; +import java.util.LinkedList; +import java.util.List; +import java.util.Scanner; +import java.util.regex.Pattern; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class ECParams { + private static final Pattern hex = Pattern.compile("[a-fA-F\\d]+"); + + /** + * Flattens params read from String[] data into a byte[] with their lengths prepended as short entries. + * + * @param params (EC_Consts.PARAMETER_* | ...) + * @param data data read by readString, readFile, readResource + * @return byte[] with params flattened, or null + */ + public static byte[] flatten(short params, String[] data) { + if (!validate(data)) { + return null; + } + + ByteArrayOutputStream out = new ByteArrayOutputStream(); + short paramMask = EC_Consts.PARAMETER_FP; + int i = 0; + while (paramMask <= EC_Consts.PARAMETER_S) { + short masked = (short) (params & paramMask); + if (masked != 0) { + byte[] param = parse(data[i]); + if (masked == EC_Consts.PARAMETER_F2M && data.length == 9) { + //read and pad and append e_2, e_3 + param = Util.concatenate(param, parse(data[i + 1]), parse(data[i + 2])); + i += 2; + if (param.length != 6) + throw new RuntimeException("PARAMETER_F2M length is not 6.(should be)"); + } + if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { + //read another param (the y coord) and put into X962 format. + byte[] y = parse(data[i + 1]); + param = Util.concatenate(new byte[]{4}, param, y); //<- ugly but works! + i++; + } + if (param.length == 0) + throw new RuntimeException("Empty parameter read?"); + + //write length + byte[] length = new byte[2]; + Util.setShort(length, 0, (short) param.length); + out.write(length, 0, 2); + //write data + out.write(param, 0, param.length); + i++; + } + paramMask = (short) (paramMask << 1); + } + + return (out.size() == 0) ? null : out.toByteArray(); + } + + /** + * @param data + * @param params + * @return + */ + public static String[] expand(byte[][] data, short params) { + List out = new ArrayList<>(); + + short paramMask = EC_Consts.PARAMETER_FP; + int index = 0; + while (paramMask <= EC_Consts.PARAMETER_S) { + short masked = (short) (params & paramMask); + if (masked != 0) { + byte[] param = data[index]; + + if (masked == EC_Consts.PARAMETER_F2M) { + //split into three shorts + if (param.length != 6) { + throw new RuntimeException("PARAMETER_F2M length is not 6.(should be)"); + } + for (int i = 0; i < 3; ++i) { + out.add(String.format("%04x", Util.getShort(param, i*2))); + } + + } else if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { + //split from X962 format into X and Y + //disregard the first 04 and then split into half(uncompress) + int half = (param.length - 1) / 2; + out.add(Util.bytesToHex(param, 1, half, false)); + out.add(Util.bytesToHex(param, half + 1, half, false)); + } else { + //read raw + out.add(Util.bytesToHex(data[index], false)); + } + index++; + } + paramMask = (short) (paramMask << 1); + } + return out.toArray(new String[out.size()]); + } + + /** + * @param filePath + * @param data + * @throws IOException + */ + public static void writeFile(String filePath, String[] data) throws IOException { + FileOutputStream out = new FileOutputStream(filePath); + write(out, data); + out.close(); + } + + /** + * Reads hex params from a CSV String data. + * + * @param data String containing CSV data(hex) + * @return String array containing the CSV entries + */ + public static String[] readString(String data) { + return read(new ByteArrayInputStream(data.getBytes())); + } + + /** + * Reads hex params from a CSV Resource (inside jar). + * + * @param resourcePath path to the resourse + * @return String array containing the CSV entries + */ + public static String[] readResource(String resourcePath) { + return read(ECParams.class.getResourceAsStream(resourcePath)); + } + + /** + * Reads hex params from a CSV file. + * + * @param filePath path to the file + * @return String array containing the CSV entries + * @throws FileNotFoundException if the file cannot be opened + */ + public static String[] readFile(String filePath) throws FileNotFoundException { + return read(new FileInputStream(filePath)); + } + + private static String[] read(InputStream in) { + Scanner s = new Scanner(in); + + s.useDelimiter(",|;"); + List data = new LinkedList(); + while (s.hasNext()) { + String field = s.next(); + data.add(field.replaceAll("\\s+", "")); + } + return data.toArray(new String[data.size()]); + } + + private static boolean validate(String[] data) { + if (data == null || data.length == 0) { + return false; + } + for (String param : data) { + if (!hex.matcher(param).matches()) { + return false; + } + } + return true; + } + + private static byte[] parse(String hex) { + byte[] data = Util.hexToBytes(hex); + if (data == null) + return new byte[0]; + if (data.length < 2) + return pad(data); + return data; + } + + private static byte[] pad(byte[] data) { + if (data.length == 1) { + return new byte[]{(byte) 0, data[0]}; + } else if (data.length == 0 || data.length > 2) { + return data; + } + return null; + } + + private static void write(OutputStream out, String[] data) throws IOException { + Writer w = new OutputStreamWriter(out); + for (int i = 0; i < data.length; ++i) { + w.write(data[i]); + if (i < data.length - 1) { + w.write(","); + } + } + w.flush(); + } +} diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 4cb63f7..b359e16 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -62,73 +62,19 @@ public class ECTester { private boolean optFresh = false; private boolean optSimulate = false; + //Action-related options private int optGenerateAmount; private String optECDSASign; private Options opts = new Options(); - private static final String CLI_HEADER = ""; - private static final String CLI_FOOTER = ""; - + private static final String CLI_HEADER = "\nECTester, a javacard Elliptic Curve Cryptograhy support tester/utility.\n\n"; + private static final String CLI_FOOTER = "\nMIT Licensed\nCopyright (c) 2016-2017 Petr Svenda "; private static final byte[] SELECT_ECTESTERAPPLET = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; - private static final byte[] AID = {(byte) 0x4C, (byte) 0x61, (byte) 0x62, (byte) 0x61, (byte) 0x6B, (byte) 0x41, (byte) 0x70, (byte) 0x70, (byte) 0x6C, (byte) 0x65, (byte) 0x74}; + private static final byte[] AID = {(byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; private static final byte[] INSTALL_DATA = new byte[10]; - /* - private static final byte[] ALLOCATE = { - (byte) 0xB0, - (byte) 0x5a, //INS ALLOCATE - (byte) 0x00, //P1 *byte keyPair - (byte) 0x00, //P2 - (byte) 0x03, //LC - (byte) 0x00, //DATA *short keyLength - (byte) 0x00, - (byte) 0x00 // *byte keyClass - }; - - private static final byte[] SET = { - (byte) 0xB0, - (byte) 0x5B, //INS SET - (byte) 0x00, //P1 *byte keyPair - (byte) 0x00, //P2 *byte export - (byte) 0x06, //LC - (byte) 0x00, //DATA *byte curve - (byte) 0x00, // *short params - (byte) 0x00, // - (byte) 0x00, // *short corruptedParams - (byte) 0x00, // - (byte) 0x00 // *byte corruptionType - // [short paramLength, byte[] param] for all params in params - }; - - private static final byte[] GENERATE = { - (byte) 0xB0, - (byte) 0x5C, //INS GENERATE - (byte) 0x00, //P1 *byte keyPair - (byte) 0x00, //P2 *byte export - (byte) 0x00 //LC - }; - - private static final byte[] ECDH = { - (byte) 0xB0, - (byte) 0x5D, //INS ECDH - (byte) 0x00, //P1 *byte keyPair - (byte) 0x00, //P2 *byte export - (byte) 0x01, //LC - (byte) 0x00 //DATA *byte valid - }; - - private static final byte[] ECDSA = { - (byte) 0xB0, - (byte) 0x5E, //INS ECDSA - (byte) 0x00, //P1 *byte keyPair - (byte) 0x00, //P2 *byte export - (byte) 0x00, //LC - //DATA [*short dataLength, byte[] data] - }; - */ - private void run(String[] args) { try { CommandLine cli = parseArgs(args); @@ -144,6 +90,7 @@ public class ECTester { } cardManager = new CardMngr(optSimulate); + //connect or simulate connection if (optSimulate) { if (!cardManager.prepareLocalSimulatorApplet(AID, INSTALL_DATA, ECTesterApplet.class)) { System.err.println("Failed to establish a simulator."); @@ -160,7 +107,9 @@ public class ECTester { systemOutLogger = new DirtyLogger(optLog, true); //do action - if (cli.hasOption("generate")) { + if (cli.hasOption("export")) { + export(); + } else if (cli.hasOption("generate")) { generate(); } else if (cli.hasOption("test")) { test(); @@ -170,6 +119,7 @@ public class ECTester { ecdsa(); } + //disconnect cardManager.disconnectFromCard(); systemOutLogger.close(); @@ -186,15 +136,13 @@ public class ECTester { } } catch (MissingArgumentException maex) { System.err.println("Option, " + maex.getOption().getOpt() + " requires an argument: " + maex.getOption().getArgName()); - } catch (ParseException | CardException pex) { - System.err.println(pex.getMessage()); } catch (NumberFormatException nfex) { System.err.println("Not a number. " + nfex.getMessage()); nfex.printStackTrace(System.err); } catch (FileNotFoundException fnfe) { System.err.println("File " + fnfe.getMessage() + " not found."); - } catch (IOException e) { - e.printStackTrace(); + } catch (ParseException | IOException | CardException ex) { + System.err.println(ex.getMessage()); } } @@ -209,6 +157,7 @@ public class ECTester { /* * Actions: * -h / --help + * -e / --export * -g / --generate [amount] * -t / --test * -dh / --ecdh @@ -228,6 +177,7 @@ public class ECTester { OptionGroup actions = new OptionGroup(); actions.setRequired(true); actions.addOption(Option.builder("h").longOpt("help").desc("Print help.").build()); + actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").build()); actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH.").build()); @@ -297,7 +247,26 @@ public class ECTester { return false; } - if (cli.hasOption("generate")) { + + if (cli.hasOption("export")) { + if (optPrimeField == optBinaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (optKey != null || optPublic != null || optPrivate != null) { + System.err.println("Keys should not be specified when generating keys."); + return false; + } + if (optOutput == null) { + System.err.println("You have to specify an output file for curve parameter export."); + return false; + } + if (optAll) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + + } else if (cli.hasOption("generate")) { if (optPrimeField == optBinaryField) { System.err.print("Need to specify field with -fp or -f2m. (not both)"); return false; @@ -361,9 +330,33 @@ public class ECTester { */ private void help() { HelpFormatter help = new HelpFormatter(); + help.setOptionComparator(null); help.printHelp("ECTester.jar", CLI_HEADER, opts, CLI_FOOTER, true); } + /** + * Exports default card/simulation EC domain parameters to output file. + * + * @throws CardException if APDU transmission fails + * @throws IOException if an IO error occurs when writing to key file. + */ + private void export() throws CardException, IOException { + byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + //skip cofactor in domain export, since it doesnt need to be initialized for the key to be initialized. + //and generally isn't initialized on cards with default domain params(TODO, check, is it assumed to be ==1?) + short domain = (short) ((optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M) ^ EC_Consts.PARAMETER_K); + + List sent = Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + sent.add(new Command.Clear(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); + sent.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); + Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domain).send(); + sent.add(export); + + systemOutLogger.println(Response.toString(sent)); + + ECParams.writeFile(optOutput, ECParams.expand(export.getParams(), domain)); + } + /** * Generates EC keyPairs and outputs them to output file. * @@ -372,8 +365,9 @@ public class ECTester { */ private void generate() throws CardException, IOException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - List prepare = Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); - prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass))); + + Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + List curve = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass); FileWriter keysFile = new FileWriter(optOutput); keysFile.write("index;time;pubW;privS\n"); @@ -381,15 +375,17 @@ public class ECTester { int generated = 0; int retry = 0; while (generated < optGenerateAmount || optGenerateAmount == 0) { - if (optFresh) { - Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + if (optFresh || generated == 0) { + Command.sendAll(curve); } - Command.Generate generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (byte) (ECTesterApplet.EXPORT_BOTH | ECTesterApplet.KEYPAIR_LOCAL)); + Command.Generate generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL); Response.Generate response = generate.send(); long elapsed = response.getDuration(); - if (!response.successful()) { + Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_BOTH, EC_Consts.PARAMETERS_KEYPAIR).send(); + + if (!response.successful() || !export.successful()) { if (retry < 10) { retry++; continue; @@ -400,8 +396,8 @@ public class ECTester { } systemOutLogger.println(response.toString()); - String pub = Util.bytesToHex(response.getPublic(ECTesterApplet.KEYPAIR_LOCAL), false); - String priv = Util.bytesToHex(response.getPrivate(ECTesterApplet.KEYPAIR_LOCAL), false); + String pub = Util.bytesToHex(export.getParameter(ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_W), false); + String priv = Util.bytesToHex(export.getParameter(ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.PARAMETER_S), false); String line = String.format("%d;%d;%s;%s\n", generated, elapsed / 1000000, pub, priv); keysFile.write(line); keysFile.flush(); @@ -456,16 +452,13 @@ public class ECTester { ecdh.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass))); if (optPublic != null || optPrivate != null || optKey != null) { - Response local = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE).send(); - Response remote = prepareKey(ECTesterApplet.KEYPAIR_REMOTE).send(); - ecdh.add(local); - ecdh.add(remote); + ecdh.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); + ecdh.add(prepareKey(ECTesterApplet.KEYPAIR_REMOTE).send()); } else { - Response both = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH, ECTesterApplet.EXPORT_NONE).send(); - ecdh.add(both); + ecdh.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH).send()); } - Response.ECDH perform = new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_ECDH, (byte) 0).send(); + Response.ECDH perform = new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_TRUE, (byte) 0).send(); ecdh.add(perform); systemOutLogger.println(Response.toString(ecdh)); @@ -495,7 +488,7 @@ public class ECTester { if (optKey != null || (optPublic != null && optPrivate != null)) { keys = prepareKey(ECTesterApplet.KEYPAIR_LOCAL).send(); } else { - keys = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE).send(); + keys = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send(); } ecdsa.add(keys); @@ -510,7 +503,7 @@ public class ECTester { data = Files.readAllBytes(in.toPath()); } - Response.ECDSA perform = new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_SIG, data).send(); + Response.ECDSA perform = new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, data).send(); ecdsa.add(perform); systemOutLogger.println(Response.toString(ecdsa)); @@ -550,14 +543,14 @@ public class ECTester { short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; if (optNamed) { // Set named curve (one of the SECG curves embedded applet-side) - commands.add(new Command.Set(cardManager, keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.getCurve(keyLength, keyClass), domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null)); + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null)); } else if (optCurve != null) { // Set curve loaded from a file - byte[] external = ParamReader.flatten(domainParams, ParamReader.readFile(optCurve)); + byte[] external = ECParams.flatten(domainParams, ECParams.readFile(optCurve)); if (external == null) { throw new IOException("Couldn't read the curve file correctly."); } - commands.add(new Command.Set(cardManager, keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); } else { // Set default curve commands.add(new Command.Clear(cardManager, keyPair)); @@ -576,26 +569,29 @@ public class ECTester { byte[] data = null; if (optKey != null) { params |= EC_Consts.PARAMETERS_KEYPAIR; - data = ParamReader.flatten(EC_Consts.PARAMETERS_KEYPAIR, ParamReader.readFile(optKey)); + data = ECParams.flatten(EC_Consts.PARAMETERS_KEYPAIR, ECParams.readFile(optKey)); + if (data == null) { + throw new IOException("Couldn't read the key file correctly."); + } } if (optPublic != null) { params |= EC_Consts.PARAMETER_W; - data = ParamReader.flatten(EC_Consts.PARAMETER_W, ParamReader.readFile(optPublic)); + byte[] pubkey = ECParams.flatten(EC_Consts.PARAMETER_W, ECParams.readFile(optPublic)); + if (pubkey == null) { + throw new IOException("Couldn't read the key file correctly."); + } + data = pubkey; } if (optPrivate != null) { params |= EC_Consts.PARAMETER_S; - data = Util.concatenate(data, ParamReader.flatten(EC_Consts.PARAMETER_S, ParamReader.readFile(optPrivate))); - } - - if (data == null && params != EC_Consts.PARAMETERS_NONE) { - /* - TODO: this is not correct, in case (optPublic != null) and (optPrivate != null), - only one can actually load(return not null from ParamReader.flatten) and an exception will not be thrown - */ - throw new IOException("Couldn't read the key file correctly."); + byte[] privkey = ECParams.flatten(EC_Consts.PARAMETER_S, ECParams.readFile(optPrivate)); + if (privkey == null) { + throw new IOException("Couldn't read the key file correctly."); + } + data = Util.concatenate(data, privkey); } - return new Command.Set(cardManager, keyPair, ECTesterApplet.EXPORT_NONE, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, data); + return new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, data); } /** @@ -608,10 +604,10 @@ public class ECTester { List commands = new LinkedList<>(); commands.addAll(prepareKeyPair(ECTesterApplet.KEYPAIR_BOTH, keyLength, keyClass)); commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, keyClass)); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH, ECTesterApplet.EXPORT_NONE)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_NONE, (byte) 0)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_NONE, (byte) 1)); - commands.add(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_NONE, null)); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, (byte) 0)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, (byte) 1)); + commands.add(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, null)); return commands; } diff --git a/src/cz/crcs/ectester/reader/ParamReader.java b/src/cz/crcs/ectester/reader/ParamReader.java deleted file mode 100644 index ca14d2d..0000000 --- a/src/cz/crcs/ectester/reader/ParamReader.java +++ /dev/null @@ -1,135 +0,0 @@ -package cz.crcs.ectester.reader; - -import cz.crcs.ectester.applet.EC_Consts; - -import java.io.*; -import java.util.LinkedList; -import java.util.List; -import java.util.Scanner; -import java.util.regex.Pattern; - -/** - * - * @author Jan Jancar johny@neuromancer.sk - */ -public class ParamReader { - private static final Pattern hex = Pattern.compile("[a-fA-F\\d]+"); - - /** - * Flattens params read from String[] data into a byte[] with their lengths prepended as short entries. - * @param params (EC_Consts.PARAMETER_* | ...) - * @param data data read by readString, readFile, readResource - * @return byte[] with params flattened, or null - */ - public static byte[] flatten(short params, String[] data) { - if (!validate(data)) { - return null; - } - - ByteArrayOutputStream out = new ByteArrayOutputStream(); - short paramMask = EC_Consts.PARAMETER_FP; - int i = 0; - while (paramMask <= EC_Consts.PARAMETER_S) { - short masked = (short) (params & paramMask); - if (masked != 0) { - byte[] param = parse(data[i]); - if (masked == EC_Consts.PARAMETER_F2M && data.length == 9) { - //read and pad and append e_2, e_3 - param = Util.concatenate(param, parse(data[i + 1]), parse(data[i + 2])); - i += 2; - if (param.length != 6) - return null; - } - if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { - //read another param (the y coord) and put into X962 format. - byte[] y = parse(data[i + 1]); - param = Util.concatenate(new byte[]{4}, param, y);//<- ugly but works! - i++; - } - if (param.length == 0) - return null; - - //write length - byte[] length = new byte[2]; - Util.setShort(length, 0, (short) param.length); - out.write(length, 0, 2); - //write data - out.write(param, 0, param.length); - i++; - } - paramMask = (short) (paramMask << 1); - } - - return (out.size() == 0) ? null : out.toByteArray(); - } - - /** - * Reads hex params from a CSV String data. - * @param data String containing CSV data(hex) - * @return String array containing the CSV entries - */ - public static String[] readString(String data) { - return read(new ByteArrayInputStream(data.getBytes())); - } - - /** - * Reads hex params from a CSV Resource (inside jar). - * @param resourcePath path to the resourse - * @return String array containing the CSV entries - */ - public static String[] readResource(String resourcePath) { - return read(ParamReader.class.getResourceAsStream(resourcePath)); - } - - /** - * Reads hex params from a CSV file. - * @param filePath path to the file - * @return String array containing the CSV entries - * @throws FileNotFoundException if the file cannot be opened - */ - public static String[] readFile(String filePath) throws FileNotFoundException { - return read(new FileInputStream(filePath)); - } - - private static String[] read(InputStream in) { - Scanner s = new Scanner(in); - - s.useDelimiter(",|;"); - List data = new LinkedList(); - while (s.hasNext()) { - String field = s.next(); - data.add(field.replaceAll("\\s+", "")); - } - return data.toArray(new String[data.size()]); - } - - private static boolean validate(String[] data) { - if (data == null || data.length == 0) { - return false; - } - for (String param : data) { - if (!hex.matcher(param).matches()) { - return false; - } - } - return true; - } - - private static byte[] parse(String hex) { - byte[] data = Util.hexToBytes(hex); - if (data == null) - return new byte[0]; - if (data.length < 2) - return pad(data); - return data; - } - - private static byte[] pad(byte[] data) { - if (data.length == 1) { - return new byte[]{(byte) 0, data[0]}; - } else if (data.length == 0 || data.length > 2) { - return data; - } - return null; - } -} diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 05cd92a..368a8ef 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -102,6 +102,10 @@ public abstract class Response { return params[index]; } + public byte[][] getParams() { + return params; + } + public int getLength() { return resp.getNr(); } @@ -192,15 +196,13 @@ public abstract class Response { */ public static class Set extends Response { private byte keyPair; - private byte export; private byte curve; private short parameters; private short corrupted; - protected Set(ResponseAPDU response, long time, byte keyPair, byte export, byte curve, short parameters, short corrupted) { + protected Set(ResponseAPDU response, long time, byte keyPair, byte curve, short parameters, short corrupted) { super(response, time); this.keyPair = keyPair; - this.export = export; this.curve = curve; this.parameters = parameters; this.corrupted = corrupted; @@ -208,65 +210,8 @@ public abstract class Response { int pairs = 0; if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) pairs++; if ((keyPair & ECTesterApplet.KEYPAIR_REMOTE) != 0) pairs++; - int exported = 0; - if ((export & ECTesterApplet.KEYPAIR_LOCAL) != 0) exported++; - if ((export & ECTesterApplet.KEYPAIR_REMOTE) != 0) exported++; - int keys = 0; - if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) keys++; - if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) keys++; - int paramCount = 0; - short mask = EC_Consts.PARAMETER_FP; - while (mask <= EC_Consts.PARAMETER_K) { - if ((mask & parameters) != 0) { - paramCount++; - } - mask = (short) (mask << 1); - } - int other = 0; - if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0 && (parameters & EC_Consts.PARAMETER_W) != 0) other++; - if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0 && (parameters & EC_Consts.PARAMETER_S) != 0) other++; - - parse(pairs, exported * keys * paramCount + exported * other); - } - private int getIndex(byte keyPair, short param) { - byte key = ECTesterApplet.KEYPAIR_LOCAL; - int index = 0; - while (key <= ECTesterApplet.KEYPAIR_REMOTE) { - short mask = EC_Consts.PARAMETER_FP; - while (mask <= EC_Consts.PARAMETER_S) { - if (key == keyPair && param == mask) { - return index; - } - if ((parameters & mask) != 0 && (key & export) != 0) { - if (mask == EC_Consts.PARAMETER_W) { - if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) - index++; - } else if (mask == EC_Consts.PARAMETER_S) { - if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) - index++; - } else { - index++; - } - } - mask = (short) (mask << 1); - } - - key = (byte) (key << 1); - } - return -1; - } - - public boolean hasParameter(byte keyPair, short param) { - if ((export & keyPair) == 0 || (parameters & param) == 0) { - return false; - } - int index = getIndex(keyPair, param); - return index != -1 && hasParam(index); - } - - public byte[] getParameter(byte keyPair, short param) { - return getParam(getIndex(keyPair, param)); + parse(pairs, 0); } @Override @@ -299,49 +244,18 @@ public abstract class Response { */ public static class Generate extends Response { private byte keyPair; - private byte export; - private short[] contents; - protected Generate(ResponseAPDU response, long time, byte keyPair, byte export) { + protected Generate(ResponseAPDU response, long time, byte keyPair) { super(response, time); this.keyPair = keyPair; - this.export = export; - int keys = 0; - if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) keys++; - if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) keys++; - int pairs = 0; - if ((export & ECTesterApplet.KEYPAIR_LOCAL) != 0) pairs++; - if ((export & ECTesterApplet.KEYPAIR_REMOTE) != 0) pairs++; int generated = 0; if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) generated++; if ((keyPair & ECTesterApplet.KEYPAIR_REMOTE) != 0) generated++; - parse(generated, keys * pairs); - - this.contents = new short[4]; - int offset = 0; - if ((export & ECTesterApplet.KEYPAIR_LOCAL) != 0) { - if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) { - this.contents[offset] = ECTesterApplet.KEYPAIR_LOCAL | ECTesterApplet.EXPORT_PUBLIC; - offset++; - } - if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) { - this.contents[offset] = ECTesterApplet.KEYPAIR_LOCAL | ECTesterApplet.EXPORT_PRIVATE; - offset++; - } - } - if ((export & ECTesterApplet.KEYPAIR_REMOTE) != 0) { - if ((export & ECTesterApplet.EXPORT_PUBLIC) != 0) { - this.contents[offset] = ECTesterApplet.KEYPAIR_REMOTE | ECTesterApplet.EXPORT_PUBLIC; - offset++; - } - if ((export & ECTesterApplet.EXPORT_PRIVATE) != 0) { - this.contents[offset] = ECTesterApplet.KEYPAIR_REMOTE | ECTesterApplet.EXPORT_PRIVATE; - offset++; - } - } + parse(generated, 0); } + /* private int getIndex(byte key) { for (int i = 0; i < contents.length; i++) { if (key == contents[i]) @@ -375,6 +289,7 @@ public abstract class Response { int index = getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PRIVATE)); return getParam(index); } + */ @Override public String toString() { @@ -389,6 +304,114 @@ public abstract class Response { } + /** + * + */ + public static class Export extends Response { + private byte keyPair; + private byte key; + private short parameters; + + public Export(ResponseAPDU response, long time, byte keyPair, byte key, short parameters) { + super(response, time); + this.keyPair = keyPair; + this.key = key; + this.parameters = parameters; + + int exported = 0; + if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) exported++; + if ((keyPair & ECTesterApplet.KEYPAIR_REMOTE) != 0) exported++; + int keys = 0; + if ((key & EC_Consts.KEY_PUBLIC) != 0) keys++; + if ((key & EC_Consts.KEY_PRIVATE) != 0) keys++; + int paramCount = 0; + short mask = EC_Consts.PARAMETER_FP; + while (mask <= EC_Consts.PARAMETER_K) { + if ((mask & parameters) != 0) { + paramCount++; + } + mask = (short) (mask << 1); + } + int other = 0; + if ((key & EC_Consts.KEY_PUBLIC) != 0 && (parameters & EC_Consts.PARAMETER_W) != 0) other++; + if ((key & EC_Consts.KEY_PRIVATE) != 0 && (parameters & EC_Consts.PARAMETER_S) != 0) other++; + + parse(exported, exported * keys * paramCount + exported * other); + } + + private int getIndex(byte keyPair, short param) { + byte pair = ECTesterApplet.KEYPAIR_LOCAL; + int index = 0; + while (pair <= ECTesterApplet.KEYPAIR_REMOTE) { + short mask = EC_Consts.PARAMETER_FP; + while (mask <= EC_Consts.PARAMETER_S) { + if (pair == keyPair && param == mask) { + return index; + } + if ((parameters & mask) != 0 && (pair & keyPair) != 0) { + if (mask == EC_Consts.PARAMETER_W) { + if ((key & EC_Consts.KEY_PUBLIC) != 0) + index++; + } else if (mask == EC_Consts.PARAMETER_S) { + if ((key & EC_Consts.KEY_PRIVATE) != 0) + index++; + } else { + index++; + } + } + mask = (short) (mask << 1); + } + + pair = (byte) (pair << 1); + } + return -1; + } + + public boolean hasParameters(byte keyPair, short params) { + if ((keyPair & this.keyPair) == 0 || (params ^ parameters) != 0) { + return false; + } + short param = EC_Consts.PARAMETER_FP; + while (param <= EC_Consts.PARAMETER_S) { + short masked = (short) (param & params); + if (masked != 0 && !hasParameter(keyPair, masked)) { + return false; + } + param = (short) (param << 1); + } + return true; + } + + public boolean hasParameter(byte keyPair, short param) { + if ((keyPair & this.keyPair) == 0 || (parameters & param) == 0) { + return false; + } + int index = getIndex(keyPair, param); + return index != -1 && hasParam(index); + } + + public byte[] getParameter(byte keyPair, short param) { + return getParam(getIndex(keyPair, param)); + } + + @Override + public String toString() { + String source; + if (key == EC_Consts.KEY_BOTH) { + source = "both keys"; + } else { + source = ((key == EC_Consts.KEY_PUBLIC) ? "public" : "private") + " key"; + } + String pair; + if (keyPair == ECTesterApplet.KEYPAIR_BOTH) { + pair = "both keypairs"; + } else { + pair = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; + } + return String.format("Exported params from %s of %s", source, pair); + } + } + /** * */ @@ -405,7 +428,7 @@ public abstract class Response { this.export = export; this.invalid = invalid; - parse(1, (export & ECTesterApplet.EXPORT_ECDH) != 0 ? 1 : 0); + parse(1, (export == ECTesterApplet.EXPORT_TRUE) ? 1 : 0); } public boolean hasSecret() { @@ -439,7 +462,7 @@ public abstract class Response { this.export = export; this.raw = raw; - parse(1, (export & ECTesterApplet.EXPORT_SIG) != 0 ? 1 : 0); + parse(1, (export == ECTesterApplet.EXPORT_TRUE) ? 1 : 0); } public boolean hasSignature() { diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 38db3bf..f876fe4 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -115,7 +115,7 @@ public class Util { codeStr = "SIG_VERIFY_FAIL"; break; } - return String.format("fail\t(%s,\t0x%4x)", codeStr, code); + return String.format("fail\t(%s,\t0x%04x)", codeStr, code); } } } -- cgit v1.2.3-70-g09d2 From 66bd8469e56cbe7c6bed823b376229a02ecdd37d Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 20 Feb 2017 20:46:59 +0100 Subject: removed newlines, changed f2m format, removed old SimpleAPDU data: - now truly csv - f2m format now: m,e_1,e_2,e_3,a,b,gx,gy,r,k,wx,wy,s reader: - removed SimpleAPDU - changed f2m format applet: - changed f2m format --- !uploader/ectester.cap | Bin 13691 -> 13790 bytes dist/ECTester.jar | Bin 284484 -> 95810 bytes nbproject/project.properties | 3 +- src/cz/crcs/ectester/applet/ECKeyGenerator.java | 27 +- src/cz/crcs/ectester/data/anomalous/curves.xml | 47 +++ .../ectester/data/brainpool/brainpoolP160r1.csv | 1 + .../ectester/data/brainpool/brainpoolP160r1.txt | 7 - .../ectester/data/brainpool/brainpoolP160t1.csv | 1 + .../ectester/data/brainpool/brainpoolP160t1.txt | 7 - .../ectester/data/brainpool/brainpoolP192r1.csv | 1 + .../ectester/data/brainpool/brainpoolP192r1.txt | 7 - .../ectester/data/brainpool/brainpoolP192t1.csv | 1 + .../ectester/data/brainpool/brainpoolP192t1.txt | 7 - .../ectester/data/brainpool/brainpoolP224r1.csv | 1 + .../ectester/data/brainpool/brainpoolP224r1.txt | 7 - .../ectester/data/brainpool/brainpoolP224t1.csv | 1 + .../ectester/data/brainpool/brainpoolP224t1.txt | 7 - .../ectester/data/brainpool/brainpoolP256r1.csv | 1 + .../ectester/data/brainpool/brainpoolP256r1.txt | 7 - .../ectester/data/brainpool/brainpoolP256t1.csv | 1 + .../ectester/data/brainpool/brainpoolP256t1.txt | 7 - .../ectester/data/brainpool/brainpoolP320r1.csv | 1 + .../ectester/data/brainpool/brainpoolP320r1.txt | 7 - .../ectester/data/brainpool/brainpoolP320t1.csv | 1 + .../ectester/data/brainpool/brainpoolP320t1.txt | 7 - .../ectester/data/brainpool/brainpoolP384r1.csv | 1 + .../ectester/data/brainpool/brainpoolP384r1.txt | 7 - .../ectester/data/brainpool/brainpoolP384t1.csv | 1 + .../ectester/data/brainpool/brainpoolP384t1.txt | 7 - .../ectester/data/brainpool/brainpoolP512r1.csv | 1 + .../ectester/data/brainpool/brainpoolP512r1.txt | 7 - .../ectester/data/brainpool/brainpoolP512t1.csv | 1 + .../ectester/data/brainpool/brainpoolP512t1.txt | 7 - src/cz/crcs/ectester/data/brainpool/curves.xml | 89 ++++ src/cz/crcs/ectester/data/categories.xml | 35 ++ src/cz/crcs/ectester/data/nist/curves.xml | 35 ++ src/cz/crcs/ectester/data/nist/p192.csv | 1 + src/cz/crcs/ectester/data/nist/p192.txt | 7 - src/cz/crcs/ectester/data/nist/p224.csv | 1 + src/cz/crcs/ectester/data/nist/p224.txt | 7 - src/cz/crcs/ectester/data/nist/p256.csv | 1 + src/cz/crcs/ectester/data/nist/p256.txt | 7 - src/cz/crcs/ectester/data/nist/p384.csv | 1 + src/cz/crcs/ectester/data/nist/p384.txt | 7 - src/cz/crcs/ectester/data/nist/p521.csv | 1 + src/cz/crcs/ectester/data/nist/p521.txt | 7 - src/cz/crcs/ectester/data/schema.xsd | 98 +++++ src/cz/crcs/ectester/data/secg/curves.xml | 120 ++++++ src/cz/crcs/ectester/data/secg/secp192k1.csv | 1 + src/cz/crcs/ectester/data/secg/secp192k1.txt | 7 - src/cz/crcs/ectester/data/secg/secp192r1.csv | 1 + src/cz/crcs/ectester/data/secg/secp192r1.txt | 7 - src/cz/crcs/ectester/data/secg/secp224r1.csv | 1 + src/cz/crcs/ectester/data/secg/secp224r1.txt | 7 - src/cz/crcs/ectester/data/secg/secp256k1.csv | 1 + src/cz/crcs/ectester/data/secg/secp256k1.txt | 7 - src/cz/crcs/ectester/data/secg/secp256r1.csv | 1 + src/cz/crcs/ectester/data/secg/secp256r1.txt | 7 - src/cz/crcs/ectester/data/secg/secp384r1.csv | 1 + src/cz/crcs/ectester/data/secg/secp384r1.txt | 7 - src/cz/crcs/ectester/data/secg/secp521r1.csv | 1 + src/cz/crcs/ectester/data/secg/secp521r1.txt | 7 - src/cz/crcs/ectester/data/secg/sect163k1.csv | 1 + src/cz/crcs/ectester/data/secg/sect163k1.txt | 9 - src/cz/crcs/ectester/data/secg/sect163r1.csv | 1 + src/cz/crcs/ectester/data/secg/sect163r1.txt | 9 - src/cz/crcs/ectester/data/secg/sect163r2.csv | 1 + src/cz/crcs/ectester/data/secg/sect163r2.txt | 9 - src/cz/crcs/ectester/data/secg/sect233k1.csv | 1 + src/cz/crcs/ectester/data/secg/sect233k1.txt | 7 - src/cz/crcs/ectester/data/secg/sect233r1.csv | 1 + src/cz/crcs/ectester/data/secg/sect233r1.txt | 7 - src/cz/crcs/ectester/data/secg/sect239k1.csv | 1 + src/cz/crcs/ectester/data/secg/sect239k1.txt | 7 - src/cz/crcs/ectester/data/secg/sect283k1.csv | 10 + src/cz/crcs/ectester/data/secg/sect283k1.txt | 9 - src/cz/crcs/ectester/data/secg/sect283r1.csv | 1 + src/cz/crcs/ectester/data/secg/sect283r1.txt | 9 - src/cz/crcs/ectester/data/secg/sect409k1.csv | 1 + src/cz/crcs/ectester/data/secg/sect409k1.txt | 7 - src/cz/crcs/ectester/data/secg/sect409r1.csv | 1 + src/cz/crcs/ectester/data/secg/sect409r1.txt | 7 - src/cz/crcs/ectester/data/secg/sect571k1.csv | 1 + src/cz/crcs/ectester/data/secg/sect571k1.txt | 9 - src/cz/crcs/ectester/data/secg/sect571r1.csv | 1 + src/cz/crcs/ectester/data/secg/sect571r1.txt | 9 - src/cz/crcs/ectester/data/smallpub/curves.xml | 47 +++ src/cz/crcs/ectester/data/smallpub/ecsp128.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp128.txt | 7 - src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt | 2 - src/cz/crcs/ectester/data/smallpub/ecsp160.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp160.txt | 7 - src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt | 2 - src/cz/crcs/ectester/data/smallpub/ecsp192.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp192.txt | 7 - src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt | 2 - src/cz/crcs/ectester/data/smallpub/ecsp224.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp224.txt | 7 - src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt | 2 - src/cz/crcs/ectester/data/smallpub/ecsp256.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp256.txt | 7 - src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt | 2 - src/cz/crcs/ectester/data/smallpub/ecsp384.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp384.txt | 7 - src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt | 2 - src/cz/crcs/ectester/data/smallpub/ecsp521.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp521.txt | 7 - src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv | 1 + src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt | 2 - src/cz/crcs/ectester/data/smallpub/keys.xml | 35 ++ src/cz/crcs/ectester/data/wrong/curves.xml | 83 ++++ src/cz/crcs/ectester/data/wrong/wrongp128.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongp160.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongp192.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongp224.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongp256.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongp384.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongp521.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongt163.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongt233.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongt239.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongt283.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongt409.csv | 1 + src/cz/crcs/ectester/data/wrong/wrongt571.csv | 1 + src/cz/crcs/ectester/reader/ECParams.java | 34 +- src/cz/crcs/ectester/reader/ECTester.java | 86 +++- src/cz/crcs/ectester/reader/Response.java | 1 - src/cz/crcs/ectester/reader/SimpleAPDU.java | 459 --------------------- src/cz/crcs/ectester/reader/Util.java | 24 +- 135 files changed, 785 insertions(+), 855 deletions(-) create mode 100644 src/cz/crcs/ectester/data/anomalous/curves.xml create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv delete mode 100644 src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.txt create mode 100644 src/cz/crcs/ectester/data/brainpool/curves.xml create mode 100644 src/cz/crcs/ectester/data/categories.xml create mode 100644 src/cz/crcs/ectester/data/nist/curves.xml create mode 100644 src/cz/crcs/ectester/data/nist/p192.csv delete mode 100644 src/cz/crcs/ectester/data/nist/p192.txt create mode 100644 src/cz/crcs/ectester/data/nist/p224.csv delete mode 100644 src/cz/crcs/ectester/data/nist/p224.txt create mode 100644 src/cz/crcs/ectester/data/nist/p256.csv delete mode 100644 src/cz/crcs/ectester/data/nist/p256.txt create mode 100644 src/cz/crcs/ectester/data/nist/p384.csv delete mode 100644 src/cz/crcs/ectester/data/nist/p384.txt create mode 100644 src/cz/crcs/ectester/data/nist/p521.csv delete mode 100644 src/cz/crcs/ectester/data/nist/p521.txt create mode 100644 src/cz/crcs/ectester/data/schema.xsd create mode 100644 src/cz/crcs/ectester/data/secg/curves.xml create mode 100644 src/cz/crcs/ectester/data/secg/secp192k1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/secp192k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp192r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/secp192r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp224r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/secp224r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp256k1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/secp256k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp256r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/secp256r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp384r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/secp384r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/secp521r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/secp521r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect163k1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect163k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect163r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect163r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect163r2.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect163r2.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect233k1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect233k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect233r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect233r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect239k1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect239k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect283k1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect283k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect283r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect283r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect409k1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect409k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect409r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect409r1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect571k1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect571k1.txt create mode 100644 src/cz/crcs/ectester/data/secg/sect571r1.csv delete mode 100644 src/cz/crcs/ectester/data/secg/sect571r1.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/curves.xml create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp128.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp128.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp160.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp160.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp192.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp192.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp224.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp224.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp256.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp256.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp384.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp384.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp521.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp521.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt create mode 100644 src/cz/crcs/ectester/data/smallpub/keys.xml create mode 100644 src/cz/crcs/ectester/data/wrong/curves.xml create mode 100644 src/cz/crcs/ectester/data/wrong/wrongp128.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongp160.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongp192.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongp224.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongp256.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongp384.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongp521.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongt163.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongt233.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongt239.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongt283.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongt409.csv create mode 100644 src/cz/crcs/ectester/data/wrong/wrongt571.csv delete mode 100644 src/cz/crcs/ectester/reader/SimpleAPDU.java diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index f570b6f..56b2e2e 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index a3429fe..421b6ea 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/nbproject/project.properties b/nbproject/project.properties index b9bfb7d..2c8b861 100644 --- a/nbproject/project.properties +++ b/nbproject/project.properties @@ -28,8 +28,7 @@ dist.dir=dist dist.jar=${dist.dir}/ECTester.jar dist.javadoc.dir=${dist.dir}/javadoc endorsed.classpath= -#TODO remove SimpleAPDU when replaced with ECtester.java -excludes=**/SimpleAPDU.java +excludes= includes=** jar.compress=false javac.classpath=\ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index 1a17d3c..8c9c38e 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -172,14 +172,14 @@ public class ECKeyGenerator { if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); break; case EC_Consts.PARAMETER_F2M: - if (length == 2) { - short i = Util.makeShort(data[offset], data[(short) (offset + 1)]); + if (length == 4) { + short i = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); - } else if (length == 6) { - short i1 = Util.makeShort(data[offset], data[(short) (offset + 1)]); - short i2 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); - short i3 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); + } else if (length == 8){ + short i1 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); + short i2 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); + short i3 = Util.makeShort(data[(short) (offset + 6)], data[(short) (offset + 7)]); if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); } else { @@ -276,7 +276,7 @@ public class ECKeyGenerator { * Exports a selected parameter from a given keyPairs key. * * @param keypair keypair to export from - * @param key key to export from (KEY_PUBLIC | KEY_PRIVATE) + * @param key key to export from (KEY_PUBLIC || KEY_PRIVATE) * @param param parameter to export (EC_Consts.PARAMETER_* || ...) * @param outputBuffer buffer to write to * @param outputOffset offset to start writing in buffer @@ -291,10 +291,21 @@ public class ECKeyGenerator { try { switch (param) { case EC_Consts.PARAMETER_FP: - case EC_Consts.PARAMETER_F2M: if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset); if ((key & EC_Consts.KEY_PRIVATE) != 0) length = ecPrivateKey.getField(outputBuffer, outputOffset); break; + case EC_Consts.PARAMETER_F2M: + if ((key & EC_Consts.KEY_PUBLIC) != 0) { + Util.setShort(outputBuffer, outputOffset, ecPublicKey.getSize()); + length = 2; + length += ecPublicKey.getField(outputBuffer, (short) (outputOffset + 2)); + } + if ((key & EC_Consts.KEY_PRIVATE) != 0) { + Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getSize()); + length = 2; + length += ecPrivateKey.getField(outputBuffer, (short) (outputOffset + 2)); + } + break; case EC_Consts.PARAMETER_A: if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getA(outputBuffer, outputOffset); if ((key & EC_Consts.KEY_PRIVATE) != 0) length = ecPrivateKey.getA(outputBuffer, outputOffset); diff --git a/src/cz/crcs/ectester/data/anomalous/curves.xml b/src/cz/crcs/ectester/data/anomalous/curves.xml new file mode 100644 index 0000000..8ac0238 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/curves.xml @@ -0,0 +1,47 @@ + + + + anomalousp128 + 128 + prime + anomalousp128.csv + + + anomalousp160 + 160 + prime + anomalousp160.csv + + + anomalousp192 + 192 + prime + anomalousp192.csv + + + anomalousp224 + 224 + prime + anomalousp224.csv + + + anomalousp256 + 256 + prime + anomalousp256.csv + + + anomalousp384 + 384 + prime + anomalousp384.csv + + + anomalousp521 + 521 + prime + anomalousp521.csv + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.csv new file mode 100644 index 0000000..859424e --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.csv @@ -0,0 +1 @@ +E95E4A5F737059DC60DFC7AD95B3D8139515620F,340E7BE2A280EB74E2BE61BADA745D97E8F7C300,1E589A8595423412134FAA2DBDEC95C8D8675E58,BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3,1667CB477A1A8EC338F94741669C976316DA6321,E95E4A5F737059DC60DF5991D45029409E60FC09,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.txt deleted file mode 100644 index 69abf52..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -E95E4A5F737059DC60DFC7AD95B3D8139515620F, -340E7BE2A280EB74E2BE61BADA745D97E8F7C300, -1E589A8595423412134FAA2DBDEC95C8D8675E58, -BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3, -1667CB477A1A8EC338F94741669C976316DA6321, -E95E4A5F737059DC60DF5991D45029409E60FC09, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv new file mode 100644 index 0000000..7e2f428 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv @@ -0,0 +1 @@ +24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B,E95E4A5F737059DC60DFC7AD95B3D8139515620C,7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380,B199B13B9B34EFC1397E64BAEB05ACC265FF2378,ADD6718B7C7C1961F0991B842443772152C9E0AD,E95E4A5F737059DC60DF5991D45029409E60FC09,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.txt deleted file mode 100644 index fadafdf..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.txt +++ /dev/null @@ -1,7 +0,0 @@ -24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B, -E95E4A5F737059DC60DFC7AD95B3D8139515620C, -7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380, -B199B13B9B34EFC1397E64BAEB05ACC265FF2378, -ADD6718B7C7C1961F0991B842443772152C9E0AD, -E95E4A5F737059DC60DF5991D45029409E60FC09, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.csv new file mode 100644 index 0000000..c4f1999 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.csv @@ -0,0 +1 @@ +C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297,6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF,469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9,C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6,14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F,C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.txt deleted file mode 100644 index 3e6bed8..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297, -6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF, -469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9, -C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6, -14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F, -C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv new file mode 100644 index 0000000..8236331 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv @@ -0,0 +1 @@ +1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB,C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294,13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79,3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129,97E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9,C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.txt deleted file mode 100644 index cd52697..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.txt +++ /dev/null @@ -1,7 +0,0 @@ -1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB, -C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294, -13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79, -3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129, -97E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9, -C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.csv new file mode 100644 index 0000000..6839e31 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.csv @@ -0,0 +1 @@ +D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF,68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43,2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B,D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D,58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD,D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.txt deleted file mode 100644 index 12e536c..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF, -68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43, -2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B, -D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D, -58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD, -D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv new file mode 100644 index 0000000..480f7c2 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv @@ -0,0 +1 @@ +2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F,D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC,4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D,6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580,374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C,D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.txt deleted file mode 100644 index 522d09e..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.txt +++ /dev/null @@ -1,7 +0,0 @@ -2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F, -D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC, -4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D, -6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580, -374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C, -D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.csv new file mode 100644 index 0000000..f30cf91 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.csv @@ -0,0 +1 @@ +A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377,7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9,26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6,8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262,547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997,A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.txt deleted file mode 100644 index e0e50ad..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377, -7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9, -26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6, -8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262, -547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997, -A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv new file mode 100644 index 0000000..7070064 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv @@ -0,0 +1 @@ +3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0,A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374,662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04,A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4,2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE,A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.txt deleted file mode 100644 index f5bb2d6..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.txt +++ /dev/null @@ -1,7 +0,0 @@ -3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0, -A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374, -662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04, -A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4, -2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE, -A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.csv new file mode 100644 index 0000000..128cfb0 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.csv @@ -0,0 +1 @@ +D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27,3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4,520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6,43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611,14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1,D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.txt deleted file mode 100644 index 474fa9d..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27, -3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4, -520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6, -43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611, -14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1, -D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv new file mode 100644 index 0000000..6d776de --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv @@ -0,0 +1 @@ +15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB7496F3C7B1,D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24,A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353,925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52,63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3,D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.txt deleted file mode 100644 index d92d52b..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.txt +++ /dev/null @@ -1,7 +0,0 @@ -15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB7496F3C7B1, -D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24, -A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353, -925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52, -63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3, -D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.csv new file mode 100644 index 0000000..9b333f0 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.csv @@ -0,0 +1 @@ +8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53,7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826,4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11,1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E,8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.txt deleted file mode 100644 index 34ed1fc..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53, -7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826, -4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11, -1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E, -8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315, -8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv new file mode 100644 index 0000000..60c4ffb --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv @@ -0,0 +1 @@ +41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50,7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE,18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC,25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.txt deleted file mode 100644 index 6bb42c9..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.txt +++ /dev/null @@ -1,7 +0,0 @@ -41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C, -8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50, -7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE, -18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC, -25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928, -8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.csv new file mode 100644 index 0000000..0c2f051 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.csv @@ -0,0 +1 @@ +AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3,7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA,3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723,81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822,7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.txt deleted file mode 100644 index 39e205e..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3, -7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA, -3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723, -81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822, -7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892, -AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv new file mode 100644 index 0000000..1274943 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv @@ -0,0 +1 @@ +12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0,7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E,640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA,5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.txt b/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.txt deleted file mode 100644 index 288c2c1..0000000 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.txt +++ /dev/null @@ -1,7 +0,0 @@ -12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB, -AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0, -7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E, -640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA, -5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332, -AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069, -1 diff --git a/src/cz/crcs/ectester/data/brainpool/curves.xml b/src/cz/crcs/ectester/data/brainpool/curves.xml new file mode 100644 index 0000000..0395ba1 --- /dev/null +++ b/src/cz/crcs/ectester/data/brainpool/curves.xml @@ -0,0 +1,89 @@ + + + + brainpoolP160r1 + 160 + prime + brainpoolP160r1.csv + + + brainpoolP160t1 + 160 + prime + brainpoolP160t1.csv + + + brainpoolP192r1 + 192 + prime + brainpoolP192r1.csv + + + brainpoolP192t1 + 192 + prime + brainpoolP192t1.csv + + + brainpoolP224r1 + 224 + prime + brainpoolP224r1.csv + + + brainpoolP224t1 + 224 + prime + brainpoolP224t1.csv + + + brainpoolP256r1 + 256 + prime + brainpoolP256r1.csv + + + brainpoolP256t1 + 256 + prime + brainpoolP256t1.csv + + + brainpoolP320r1 + 320 + prime + brainpoolP320r1.csv + + + brainpoolP320t1 + 320 + prime + brainpoolP320t1.csv + + + brainpoolP384r1 + 384 + prime + brainpoolP384r1.csv + + + brainpoolP384t1 + 384 + prime + brainpoolP384t1.csv + + + brainpoolP512r1 + 512 + prime + brainpoolP512r1.csv + + + brainpoolP512t1 + 512 + prime + brainpoolP512t1.csv + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/categories.xml b/src/cz/crcs/ectester/data/categories.xml new file mode 100644 index 0000000..5537c98 --- /dev/null +++ b/src/cz/crcs/ectester/data/categories.xml @@ -0,0 +1,35 @@ + + + + anomalous + anomalous + These prime field curves have the same order as the field order, and are susceptible to attacks reducing ECDLP over a multiplicative group of the curve, to DLP over an additive group of the underlying field, which is easy. + + + brainpool + brainpool + ECC Brainpool Standard Curves and Curve Generation v. 1.0 19.10.2005" + + + nist + nist + RECOMMENDED ELLIPTIC CURVES FOR FEDERAL GOVERNMENT USE July 1999" + + + secg + secg + SEC 2: Recommended Elliptic Curve Domain Parameters version 2.0 January 27, 2010 + + + smallpub + smallpub + Non-prime order curves, with points of very small order pregenerated. Useful for testing in ECDH. + + + wrong + wrong + Wrong field curves. These should definitely give an error when used. Since the "prime" used for the field are not prime, and the field polynomials are also not irreducible. Simply put these parameters don't specify a valid elliptic curve. + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/curves.xml b/src/cz/crcs/ectester/data/nist/curves.xml new file mode 100644 index 0000000..d9c1717 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/curves.xml @@ -0,0 +1,35 @@ + + + + P-192 + 192 + prime + p192.csv + + + P-224 + 224 + prime + p224.csv + + + P-256 + 256 + prime + p256.csv + + + P-384 + 384 + prime + p384.csv + + + P-521 + 521 + prime + p521.csv + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p192.csv b/src/cz/crcs/ectester/data/nist/p192.csv new file mode 100644 index 0000000..a1f8724 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p192.csv @@ -0,0 +1 @@ +fffffffffffffffffffffffffffffffeffffffffffffffff,fffffffffffffffffffffffffffffffefffffffffffffffc,64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1,188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012,07192b95ffc8da78631011ed6b24cdd573f977a11e794811,ffffffffffffffffffffffff99def836146bc9b1b4d22831,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p192.txt b/src/cz/crcs/ectester/data/nist/p192.txt deleted file mode 100644 index 0402da7..0000000 --- a/src/cz/crcs/ectester/data/nist/p192.txt +++ /dev/null @@ -1,7 +0,0 @@ -fffffffffffffffffffffffffffffffeffffffffffffffff, -fffffffffffffffffffffffffffffffefffffffffffffffc, -64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1, -188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012, -07192b95ffc8da78631011ed6b24cdd573f977a11e794811, -ffffffffffffffffffffffff99def836146bc9b1b4d22831, -1 diff --git a/src/cz/crcs/ectester/data/nist/p224.csv b/src/cz/crcs/ectester/data/nist/p224.csv new file mode 100644 index 0000000..d694633 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p224.csv @@ -0,0 +1 @@ +ffffffffffffffffffffffffffffffff000000000000000000000001,fffffffffffffffffffffffffffffffefffffffffffffffffffffffe,b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4,b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21,bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34,ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p224.txt b/src/cz/crcs/ectester/data/nist/p224.txt deleted file mode 100644 index 8dca9fe..0000000 --- a/src/cz/crcs/ectester/data/nist/p224.txt +++ /dev/null @@ -1,7 +0,0 @@ -ffffffffffffffffffffffffffffffff000000000000000000000001, -fffffffffffffffffffffffffffffffefffffffffffffffffffffffe, -b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4, -b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21, -bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34, -ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d, -1 diff --git a/src/cz/crcs/ectester/data/nist/p256.csv b/src/cz/crcs/ectester/data/nist/p256.csv new file mode 100644 index 0000000..9f2f213 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p256.csv @@ -0,0 +1 @@ +ffffffff00000001000000000000000000000000ffffffffffffffffffffffff,ffffffff00000001000000000000000000000000fffffffffffffffffffffffc,5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b,6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296,4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5,ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p256.txt b/src/cz/crcs/ectester/data/nist/p256.txt deleted file mode 100644 index bc67187..0000000 --- a/src/cz/crcs/ectester/data/nist/p256.txt +++ /dev/null @@ -1,7 +0,0 @@ -ffffffff00000001000000000000000000000000ffffffffffffffffffffffff, -ffffffff00000001000000000000000000000000fffffffffffffffffffffffc, -5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b, -6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296, -4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5, -ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551, -1 diff --git a/src/cz/crcs/ectester/data/nist/p384.csv b/src/cz/crcs/ectester/data/nist/p384.csv new file mode 100644 index 0000000..ac3bf7c --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p384.csv @@ -0,0 +1 @@ +fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff,fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc,b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef,aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7,3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f,ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p384.txt b/src/cz/crcs/ectester/data/nist/p384.txt deleted file mode 100644 index 7808451..0000000 --- a/src/cz/crcs/ectester/data/nist/p384.txt +++ /dev/null @@ -1,7 +0,0 @@ -fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff, -fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc, -b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef, -aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7, -3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f, -ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973, -1 diff --git a/src/cz/crcs/ectester/data/nist/p521.csv b/src/cz/crcs/ectester/data/nist/p521.csv new file mode 100644 index 0000000..fee50ce --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/p521.csv @@ -0,0 +1 @@ +1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff,1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc,051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00,c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66,11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650,1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p521.txt b/src/cz/crcs/ectester/data/nist/p521.txt deleted file mode 100644 index df7c46d..0000000 --- a/src/cz/crcs/ectester/data/nist/p521.txt +++ /dev/null @@ -1,7 +0,0 @@ -1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff, -1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc, -051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00, -c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66, -11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650, -1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409, -1 diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd new file mode 100644 index 0000000..d2bc85c --- /dev/null +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -0,0 +1,98 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/curves.xml b/src/cz/crcs/ectester/data/secg/curves.xml new file mode 100644 index 0000000..d3295cb --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/curves.xml @@ -0,0 +1,120 @@ + + + + secp192k1 + 192 + prime + secp192k1.csv + + + secp192r1 + 192 + prime + secp192r1.csv + + + secp224r1 + 224 + prime + secp224r1.csv + + + secp256k1 + 256 + prime + secp256k1.csv + + + secp256r1 + 256 + prime + secp256r1.csv + + + secp384r1 + 384 + prime + secp384r1.csv + + + secp521r1 + 521 + prime + secp521r.csv + + + + sect163k1 + 163 + binary + sect163k1.csv + + + sect163r1 + 163 + binary + sect163r1.csv + + + sect163r2 + 163 + binary + sect163r2.csv + + + sect233k1 + 233 + binary + sect233k1.csv + + + sect233r1 + 233 + binary + sect233r1.csv + + + sect239k1 + 233 + binary + sect239k1.csv + + + sect283k1 + 283 + binary + sect283k1.csv + + + sect283r1 + 283 + binary + sect283r1.csv + + + sect409k1 + 409 + binary + sect409k1.csv + + + sect409r1 + 409 + binary + sect409r1.csv + + + sect571k1 + 571 + binary + sect571k1.csv + + + sect571r1 + 571 + binary + sect571r1.csv + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp192k1.csv b/src/cz/crcs/ectester/data/secg/secp192k1.csv new file mode 100644 index 0000000..be97a85 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp192k1.csv @@ -0,0 +1 @@ +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37,000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000003,DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D,9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D,FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp192k1.txt b/src/cz/crcs/ectester/data/secg/secp192k1.txt deleted file mode 100644 index c408b5e..0000000 --- a/src/cz/crcs/ectester/data/secg/secp192k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFEE37, -00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000003, -DB4FF10E C057E9AE 26B07D02 80B7F434 1DA5D1B1 EAE06C7D, -9B2F2F6D 9C5628A7 844163D0 15BE8634 4082AA88 D95E2F9D, -FFFFFFFF FFFFFFFF FFFFFFFE 26F2FC17 0F69466A 74DEFD8D, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp192r1.csv b/src/cz/crcs/ectester/data/secg/secp192r1.csv new file mode 100644 index 0000000..bc67efd --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp192r1.csv @@ -0,0 +1 @@ +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC,64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1,188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012,07192B95FFC8DA78631011ED6B24CDD573F977A11E794811,FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp192r1.txt b/src/cz/crcs/ectester/data/secg/secp192r1.txt deleted file mode 100644 index 29305b0..0000000 --- a/src/cz/crcs/ectester/data/secg/secp192r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFC, -64210519 E59C80E7 0FA7E9AB 72243049 FEB8DEEC C146B9B1, -188DA80E B03090F6 7CBF20EB 43A18800 F4FF0AFD 82FF1012, -07192B95 FFC8DA78 631011ED 6B24CDD5 73F977A1 1E794811, -FFFFFFFF FFFFFFFF FFFFFFFF 99DEF836 146BC9B1 B4D22831, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp224r1.csv b/src/cz/crcs/ectester/data/secg/secp224r1.csv new file mode 100644 index 0000000..4a1223c --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp224r1.csv @@ -0,0 +1 @@ +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE,B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4,B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21,BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34,FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp224r1.txt b/src/cz/crcs/ectester/data/secg/secp224r1.txt deleted file mode 100644 index f8f592e..0000000 --- a/src/cz/crcs/ectester/data/secg/secp224r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF 00000000 00000000 00000001, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF FFFFFFFF FFFFFFFE, -B4050A85 0C04B3AB F5413256 5044B0B7 D7BFD8BA 270B3943 2355FFB4, -B70E0CBD 6BB4BF7F 321390B9 4A03C1D3 56C21122 343280D6 115C1D21, -BD376388 B5F723FB 4C22DFE6 CD4375A0 5A074764 44D58199 85007E34, -FFFFFFFF FFFFFFFF FFFFFFFF FFFF16A2 E0B8F03E 13DD2945 5C5C2A3D, -1 diff --git a/src/cz/crcs/ectester/data/secg/secp256k1.csv b/src/cz/crcs/ectester/data/secg/secp256k1.csv new file mode 100644 index 0000000..f0c9290 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp256k1.csv @@ -0,0 +1 @@ +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F,0000000000000000000000000000000000000000000000000000000000000000,0000000000000000000000000000000000000000000000000000000000000007,79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798,483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp256k1.txt b/src/cz/crcs/ectester/data/secg/secp256k1.txt deleted file mode 100644 index 19eeef7..0000000 --- a/src/cz/crcs/ectester/data/secg/secp256k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000007, -79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798, -483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141, -1 diff --git a/src/cz/crcs/ectester/data/secg/secp256r1.csv b/src/cz/crcs/ectester/data/secg/secp256r1.csv new file mode 100644 index 0000000..9b5d2e6 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp256r1.csv @@ -0,0 +1 @@ +FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF,FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC,5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B,6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296,4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5,FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp256r1.txt b/src/cz/crcs/ectester/data/secg/secp256r1.txt deleted file mode 100644 index 060f5aa..0000000 --- a/src/cz/crcs/ectester/data/secg/secp256r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFF, -FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFC, -5AC635D8 AA3A93E7 B3EBBD55 769886BC 651D06B0 CC53B0F6 3BCE3C3E 27D2604B, -6B17D1F2 E12C4247 F8BCE6E5 63A440F2 77037D81 2DEB33A0 F4A13945 D898C296, -4FE342E2 FE1A7F9B 8EE7EB4A 7C0F9E16 2BCE3357 6B315ECE CBB64068 37BF51F5, -FFFFFFFF 00000000 FFFFFFFF FFFFFFFF BCE6FAAD A7179E84 F3B9CAC2 FC632551, -1 diff --git a/src/cz/crcs/ectester/data/secg/secp384r1.csv b/src/cz/crcs/ectester/data/secg/secp384r1.csv new file mode 100644 index 0000000..398cead --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp384r1.csv @@ -0,0 +1 @@ +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC,B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF,AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7,3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp384r1.txt b/src/cz/crcs/ectester/data/secg/secp384r1.txt deleted file mode 100644 index 08472ae..0000000 --- a/src/cz/crcs/ectester/data/secg/secp384r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFF, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFC, -B3312FA7 E23EE7E4 988E056B E3F82D19 181D9C6E FE814112 0314088F 5013875A C656398D 8A2ED19D 2A85C8ED D3EC2AEF, -AA87CA22 BE8B0537 8EB1C71E F320AD74 6E1D3B62 8BA79B98 59F741E0 82542A38 5502F25D BF55296C 3A545E38 72760AB7, -3617DE4A 96262C6F 5D9E98BF 9292DC29 F8F41DBD 289A147C E9DA3113 B5F0B8C0 0A60B1CE 1D7E819D 7A431D7C 90EA0E5F, -FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF C7634D81 F4372DDF 581A0DB2 48B0A77A ECEC196A CCC52973, -1 diff --git a/src/cz/crcs/ectester/data/secg/secp521r1.csv b/src/cz/crcs/ectester/data/secg/secp521r1.csv new file mode 100644 index 0000000..f93d395 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp521r1.csv @@ -0,0 +1 @@ +01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF,01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC,0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00,00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66,011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650,01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp521r1.txt b/src/cz/crcs/ectester/data/secg/secp521r1.txt deleted file mode 100644 index 9e0f5d3..0000000 --- a/src/cz/crcs/ectester/data/secg/secp521r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF, -01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFC, -0051 953EB961 8E1C9A1F 929A21A0 B68540EE A2DA725B 99B315F3 B8B48991 8EF109E1 56193951 EC7E937B 1652C0BD 3BB1BF07 3573DF88 3D2C34F1 EF451FD4 6B503F00, -00C6 858E06B7 0404E9CD 9E3ECB66 2395B442 9C648139 053FB521 F828AF60 6B4D3DBA A14B5E77 EFE75928 FE1DC127 A2FFA8DE 3348B3C1 856A429B F97E7E31 C2E5BD66, -0118 39296A78 9A3BC004 5C8A5FB4 2C7D1BD9 98F54449 579B4468 17AFBD17 273E662C 97EE7299 5EF42640 C550B901 3FAD0761 353C7086 A272C240 88BE9476 9FD16650, -01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFA 51868783 BF2F966B 7FCC0148 F709A5D0 3BB5C9B8 899C47AE BB6FB71E 91386409, -1 diff --git a/src/cz/crcs/ectester/data/secg/sect163k1.csv b/src/cz/crcs/ectester/data/secg/sect163k1.csv new file mode 100644 index 0000000..76d4ed5 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect163k1.csv @@ -0,0 +1 @@ +00a3,0007,0006,0003,000000000000000000000000000000000000000001,000000000000000000000000000000000000000001,02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8,0289070FB05D38FF58321F2E800536D538CCDAA3D9,04000000000000000000020108A2E0CC0D99F8A5EF,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect163k1.txt b/src/cz/crcs/ectester/data/secg/sect163k1.txt deleted file mode 100644 index 6e5142e..0000000 --- a/src/cz/crcs/ectester/data/secg/sect163k1.txt +++ /dev/null @@ -1,9 +0,0 @@ -0007, -0006, -0003, -00 00000000 00000000 00000000 00000000 00000001, -00 00000000 00000000 00000000 00000000 00000001, -02 FE13C053 7BBC11AC AA07D793 DE4E6D5E 5C94EEE8, -02 89070FB0 5D38FF58 321F2E80 0536D538 CCDAA3D9, -04 00000000 00000000 00020108 A2E0CC0D 99F8A5EF, -2 diff --git a/src/cz/crcs/ectester/data/secg/sect163r1.csv b/src/cz/crcs/ectester/data/secg/sect163r1.csv new file mode 100644 index 0000000..987ca0d --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect163r1.csv @@ -0,0 +1 @@ +00a3,0007,0006,0003,07B6882CAAEFA84F9554FF8428BD88E246D2782AE2,0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9,0369979697AB43897789566789567F787A7876A654,00435EDB42EFAFB2989D51FEFCE3C80988F41FF883,03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect163r1.txt b/src/cz/crcs/ectester/data/secg/sect163r1.txt deleted file mode 100644 index 879f79b..0000000 --- a/src/cz/crcs/ectester/data/secg/sect163r1.txt +++ /dev/null @@ -1,9 +0,0 @@ -0007, -0006, -0003, -07 B6882CAA EFA84F95 54FF8428 BD88E246 D2782AE2, -07 13612DCD DCB40AAB 946BDA29 CA91F73A F958AFD9, -03 69979697 AB438977 89566789 567F787A 7876A654, -00 435EDB42 EFAFB298 9D51FEFC E3C80988 F41FF883, -03 FFFFFFFF FFFFFFFF FFFF48AA B689C29C A710279B, -2 diff --git a/src/cz/crcs/ectester/data/secg/sect163r2.csv b/src/cz/crcs/ectester/data/secg/sect163r2.csv new file mode 100644 index 0000000..4608c0c --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect163r2.csv @@ -0,0 +1 @@ +00a3,0007,0006,0003,000000000000000000000000000000000000000001,020A601907B8C953CA1481EB10512F78744A3205FD,03F0EBA16286A2D57EA0991168D4994637E8343E36,00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1,040000000000000000000292FE77E70C12A4234C33,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect163r2.txt b/src/cz/crcs/ectester/data/secg/sect163r2.txt deleted file mode 100644 index eb7d453..0000000 --- a/src/cz/crcs/ectester/data/secg/sect163r2.txt +++ /dev/null @@ -1,9 +0,0 @@ -0007, -0006, -0003, -00 00000000 00000000 00000000 00000000 00000001, -02 0A601907 B8C953CA 1481EB10 512F7874 4A3205FD, -03 F0EBA162 86A2D57E A0991168 D4994637 E8343E36, -00 D51FBC6C 71A0094F A2CDD545 B11C5C0C 797324F1, -04 00000000 00000000 000292FE 77E70C12 A4234C33, -2 diff --git a/src/cz/crcs/ectester/data/secg/sect233k1.csv b/src/cz/crcs/ectester/data/secg/sect233k1.csv new file mode 100644 index 0000000..4aeebd2 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect233k1.csv @@ -0,0 +1 @@ +004A,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126,01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3,8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect233k1.txt b/src/cz/crcs/ectester/data/secg/sect233k1.txt deleted file mode 100644 index b85fef0..0000000 --- a/src/cz/crcs/ectester/data/secg/sect233k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -004A, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0172 32BA853A 7E731AF1 29F22FF4 149563A4 19C26BF5 0A4C9D6E EFAD6126, -01DB 537DECE8 19B7F70F 555A67C4 27A8CD9B F18AEB9B 56E0C110 56FAE6A3, -80 00000000 00000000 00000000 00069D5B B915BCD4 6EFB1AD5 F173ABDF, -4 diff --git a/src/cz/crcs/ectester/data/secg/sect233r1.csv b/src/cz/crcs/ectester/data/secg/sect233r1.csv new file mode 100644 index 0000000..57ef35d --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect233r1.csv @@ -0,0 +1 @@ +004A,000000000000000000000000000000000000000000000000000000000001,0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD,00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B,01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052,01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect233r1.txt b/src/cz/crcs/ectester/data/secg/sect233r1.txt deleted file mode 100644 index d0c6f14..0000000 --- a/src/cz/crcs/ectester/data/secg/sect233r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -004A, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0066 647EDE6C 332C7F8C 0923BB58 213B333B 20E9CE42 81FE115F 7D8F90AD, -00FA C9DFCBAC 8313BB21 39F1BB75 5FEF65BC 391F8B36 F8F8EB73 71FD558B, -0100 6A08A419 03350678 E58528BE BF8A0BEF F867A7CA 36716F7E 01F81052, -0100 00000000 00000000 00000000 0013E974 E72F8A69 22031D26 03CFE0D7, -2 diff --git a/src/cz/crcs/ectester/data/secg/sect239k1.csv b/src/cz/crcs/ectester/data/secg/sect239k1.csv new file mode 100644 index 0000000..fdb64a9 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect239k1.csv @@ -0,0 +1 @@ +009E,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC,76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA,2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect239k1.txt b/src/cz/crcs/ectester/data/secg/sect239k1.txt deleted file mode 100644 index d01bb08..0000000 --- a/src/cz/crcs/ectester/data/secg/sect239k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -009E, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -0000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -29A0 B6A887A9 83E97309 88A68727 A8B2D126 C44CC2CC 7B2A6555 193035DC, -7631 0804F12E 549BDB01 1C103089 E73510AC B275FC31 2A5DC6B7 6553F0CA, -2000 00000000 00000000 00000000 005A79FE C67CB6E9 1F1C1DA8 00E478A5, -4 diff --git a/src/cz/crcs/ectester/data/secg/sect283k1.csv b/src/cz/crcs/ectester/data/secg/sect283k1.csv new file mode 100644 index 0000000..07e7db2 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect283k1.csv @@ -0,0 +1,10 @@ +011B, +000C, +0007, +0005, +000000000000000000000000000000000000000000000000000000000000000000000000, +000000000000000000000000000000000000000000000000000000000000000000000001, +0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836, +01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259, +01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61, +4 diff --git a/src/cz/crcs/ectester/data/secg/sect283k1.txt b/src/cz/crcs/ectester/data/secg/sect283k1.txt deleted file mode 100644 index cc62698..0000000 --- a/src/cz/crcs/ectester/data/secg/sect283k1.txt +++ /dev/null @@ -1,9 +0,0 @@ -000C, -0007, -0005, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0503213F 78CA4488 3F1A3B81 62F188E5 53CD265F 23C1567A 16876913 B0C2AC24 58492836, -01CCDA38 0F1C9E31 8D90F95D 07E5426F E87E45C0 E8184698 E4596236 4E341161 77DD2259, -01FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFE9AE 2ED07577 265DFF7F 94451E06 1E163C61, -4 diff --git a/src/cz/crcs/ectester/data/secg/sect283r1.csv b/src/cz/crcs/ectester/data/secg/sect283r1.csv new file mode 100644 index 0000000..db9ce3e --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect283r1.csv @@ -0,0 +1 @@ +011B,000C,0007,0005,000000000000000000000000000000000000000000000000000000000000000000000001,027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5,05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053,03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4,03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect283r1.txt b/src/cz/crcs/ectester/data/secg/sect283r1.txt deleted file mode 100644 index 27e2ff2..0000000 --- a/src/cz/crcs/ectester/data/secg/sect283r1.txt +++ /dev/null @@ -1,9 +0,0 @@ -000C, -0007, -0005, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -027B680A C8B8596D A5A4AF8A 19A0303F CA97FD76 45309FA2 A581485A F6263E31 3B79A2F5, -05F93925 8DB7DD90 E1934F8C 70B0DFEC 2EED25B8 557EAC9C 80E2E198 F8CDBECD 86B12053, -03676854 FE24141C B98FE6D4 B20D02B4 516FF702 350EDDB0 826779C8 13F0DF45 BE8112F4, -03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFEF90 399660FC 938A9016 5B042A7C EFADB307, -2 diff --git a/src/cz/crcs/ectester/data/secg/sect409k1.csv b/src/cz/crcs/ectester/data/secg/sect409k1.csv new file mode 100644 index 0000000..887d921 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect409k1.csv @@ -0,0 +1 @@ +0057,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746,01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B,7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect409k1.txt b/src/cz/crcs/ectester/data/secg/sect409k1.txt deleted file mode 100644 index aeb2e76..0000000 --- a/src/cz/crcs/ectester/data/secg/sect409k1.txt +++ /dev/null @@ -1,7 +0,0 @@ -0057, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0060F05F 658F49C1 AD3AB189 0F718421 0EFD0987 E307C84C 27ACCFB8 F9F67CC2 C460189E B5AAAA62 EE222EB1 B35540CF E9023746, -01E36905 0B7C4E42 ACBA1DAC BF04299C 3460782F 918EA427 E6325165 E9EA10E3 DA5F6C42 E9C55215 AA9CA27A 5863EC48 D8E0286B, -7FFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFE5F 83B2D4EA 20400EC4 557D5ED3 E3E7CA5B 4B5C83B8 E01E5FCF, -4 diff --git a/src/cz/crcs/ectester/data/secg/sect409r1.csv b/src/cz/crcs/ectester/data/secg/sect409r1.csv new file mode 100644 index 0000000..a646e97 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect409r1.csv @@ -0,0 +1 @@ +0057,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F,015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7,0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706,010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect409r1.txt b/src/cz/crcs/ectester/data/secg/sect409r1.txt deleted file mode 100644 index 5ac19dc..0000000 --- a/src/cz/crcs/ectester/data/secg/sect409r1.txt +++ /dev/null @@ -1,7 +0,0 @@ -0057, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -0021A5C2 C8EE9FEB 5C4B9A75 3B7B476B 7FD6422E F1F3DD67 4761FA99 D6AC27C8 A9A197B2 72822F6C D57A55AA 4F50AE31 7B13545F, -015D4860 D088DDB3 496B0C60 64756260 441CDE4A F1771D4D B01FFE5B 34E59703 DC255A86 8A118051 5603AEAB 60794E54 BB7996A7, -0061B1CF AB6BE5F3 2BBFA783 24ED106A 7636B9C5 A7BD198D 0158AA4F 5488D08F 38514F1F DF4B4F40 D2181B36 81C364BA 0273C706, -01000000 00000000 00000000 00000000 00000000 00000000 000001E2 AAD6A612 F33307BE 5FA47C3C 9E052F83 8164CD37 D9A21173, -2 diff --git a/src/cz/crcs/ectester/data/secg/sect571k1.csv b/src/cz/crcs/ectester/data/secg/sect571k1.csv new file mode 100644 index 0000000..59622ba --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect571k1.csv @@ -0,0 +1 @@ +023B,000A,0005,0002,000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972,0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3,020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect571k1.txt b/src/cz/crcs/ectester/data/secg/sect571k1.txt deleted file mode 100644 index 7d5fdf4..0000000 --- a/src/cz/crcs/ectester/data/secg/sect571k1.txt +++ /dev/null @@ -1,9 +0,0 @@ -000A, -0005, -0002, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -026EB7A8 59923FBC 82189631 F8103FE4 AC9CA297 0012D5D4 60248048 01841CA4 43709584 93B205E6 47DA304D B4CEB08C BBD1BA39 494776FB 988B4717 4DCA88C7 E2945283 A01C8972, -0349DC80 7F4FBF37 4F4AEADE 3BCA9531 4DD58CEC 9F307A54 FFC61EFC 006D8A2C 9D4979C0 AC44AEA7 4FBEBBB9 F772AEDC B620B01A 7BA7AF1B 320430C8 591984F6 01CD4C14 3EF1C7A3, -02000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 131850E1 F19A63E4 B391A8DB 917F4138 B630D84B E5D63938 1E91DEB4 5CFE778F 637C1001, -4 diff --git a/src/cz/crcs/ectester/data/secg/sect571r1.csv b/src/cz/crcs/ectester/data/secg/sect571r1.csv new file mode 100644 index 0000000..c4b3b09 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/sect571r1.csv @@ -0,0 +1 @@ +023B,000A,0005,0002,000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A,0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19,037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B,03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect571r1.txt b/src/cz/crcs/ectester/data/secg/sect571r1.txt deleted file mode 100644 index 850f0b9..0000000 --- a/src/cz/crcs/ectester/data/secg/sect571r1.txt +++ /dev/null @@ -1,9 +0,0 @@ -000A, -0005, -0002, -00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000001, -02F40E7E 2221F295 DE297117 B7F3D62F 5C6A97FF CB8CEFF1 CD6BA8CE 4A9A18AD 84FFABBD 8EFA5933 2BE7AD67 56A66E29 4AFD185A 78FF12AA 520E4DE7 39BACA0C 7FFEFF7F 2955727A, -0303001D 34B85629 6C16C0D4 0D3CD775 0A93D1D2 955FA80A A5F40FC8 DB7B2ABD BDE53950 F4C0D293 CDD711A3 5B67FB14 99AE6003 8614F139 4ABFA3B4 C850D927 E1E7769C 8EEC2D19, -037BF273 42DA639B 6DCCFFFE B73D69D7 8C6C27A6 009CBBCA 1980F853 3921E8A6 84423E43 BAB08A57 6291AF8F 461BB2A8 B3531D2F 0485C19B 16E2F151 6E23DD3C 1A4827AF 1B8AC15B, -03FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF E661CE18 FF559873 08059B18 6823851E C7DD9CA1 161DE93D 5174D66E 8382E9BB 2FE84E47, -2 diff --git a/src/cz/crcs/ectester/data/smallpub/curves.xml b/src/cz/crcs/ectester/data/smallpub/curves.xml new file mode 100644 index 0000000..1f1f146 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/curves.xml @@ -0,0 +1,47 @@ + + + + ecsp128 + 128 + prime + ecsp128.csv + + + ecsp160 + 160 + prime + ecsp160.csv + + + ecsp192 + 192 + prime + ecsp192.csv + + + ecsp224 + 224 + prime + ecsp224.csv + + + ecsp256 + 256 + prime + ecsp256.csv + + + ecsp384 + 384 + prime + ecsp384.csv + + + ecsp521 + 521 + prime + ecsp521.csv + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp128.csv b/src/cz/crcs/ectester/data/smallpub/ecsp128.csv new file mode 100644 index 0000000..f541010 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp128.csv @@ -0,0 +1 @@ +cfba21fd0483b1f300fa2506a5a566ef,36d9a5acac27a008e36cbe3e9f103fde,a67cf5fa09fb1db902068c87046ae21e,47d78391a4b9fff6a0db1292f9cd0e6a,9aed9c92f8bb3dbd42402165a270bd6f,cfba21fd0483b1f333d61a5af6ada2c7,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp128.txt b/src/cz/crcs/ectester/data/smallpub/ecsp128.txt deleted file mode 100644 index 29cfe3b..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp128.txt +++ /dev/null @@ -1,7 +0,0 @@ -cfba21fd0483b1f300fa2506a5a566ef, -36d9a5acac27a008e36cbe3e9f103fde, -a67cf5fa09fb1db902068c87046ae21e, -47d78391a4b9fff6a0db1292f9cd0e6a, -9aed9c92f8bb3dbd42402165a270bd6f, -cfba21fd0483b1f333d61a5af6ada2c7, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv new file mode 100644 index 0000000..78a8cb4 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv @@ -0,0 +1 @@ +63901e122761d9c16565b2f38e991f71,b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt deleted file mode 100644 index ee1f34d..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -63901e122761d9c16565b2f38e991f71, -b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp160.csv b/src/cz/crcs/ectester/data/smallpub/ecsp160.csv new file mode 100644 index 0000000..e556020 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp160.csv @@ -0,0 +1 @@ +dc13490ff9857b111f44c0500770a6457e683223,a3ecd7d51e79d72d2700184c795aa8a6b8e66573,8ac43592905f995cb13f3694317bf470adafb645,5f8e88afc117c722859fe8e55647bca69ba82150,93e6dcaee271e9f2838c98b7d06eccc5d7c800e5,dc13490ff9857b111f446ef4a6d1e1715f6a6dff,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp160.txt b/src/cz/crcs/ectester/data/smallpub/ecsp160.txt deleted file mode 100644 index 49824d9..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp160.txt +++ /dev/null @@ -1,7 +0,0 @@ -dc13490ff9857b111f44c0500770a6457e683223, -a3ecd7d51e79d72d2700184c795aa8a6b8e66573, -8ac43592905f995cb13f3694317bf470adafb645, -5f8e88afc117c722859fe8e55647bca69ba82150, -93e6dcaee271e9f2838c98b7d06eccc5d7c800e5, -dc13490ff9857b111f446ef4a6d1e1715f6a6dff, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv new file mode 100644 index 0000000..7b92733 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv @@ -0,0 +1 @@ +59c9c3c8aef29f1c1c500cafb4726da6086e6eb0,d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt deleted file mode 100644 index e2e164e..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -59c9c3c8aef29f1c1c500cafb4726da6086e6eb0, -d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp192.csv b/src/cz/crcs/ectester/data/smallpub/ecsp192.csv new file mode 100644 index 0000000..bc55089 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp192.csv @@ -0,0 +1 @@ +ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3,597c781f64c33eb8ef919c415911518ea323be88b9437caf,f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320,150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067,843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f,ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp192.txt b/src/cz/crcs/ectester/data/smallpub/ecsp192.txt deleted file mode 100644 index ccb5537..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp192.txt +++ /dev/null @@ -1,7 +0,0 @@ -ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3, -597c781f64c33eb8ef919c415911518ea323be88b9437caf, -f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320, -150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067, -843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f, -ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv new file mode 100644 index 0000000..5432c1d --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv @@ -0,0 +1 @@ +17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541,6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt deleted file mode 100644 index ec7f822..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541, -6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp224.csv b/src/cz/crcs/ectester/data/smallpub/ecsp224.csv new file mode 100644 index 0000000..09b9c01 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp224.csv @@ -0,0 +1 @@ +eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb,8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282,46873614be3dffc9218082322210c0616140286f2d160503c1a9250d,961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36,1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd,eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp224.txt b/src/cz/crcs/ectester/data/smallpub/ecsp224.txt deleted file mode 100644 index 894e669..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp224.txt +++ /dev/null @@ -1,7 +0,0 @@ -eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb, -8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282, -46873614be3dffc9218082322210c0616140286f2d160503c1a9250d, -961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36, -1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd, -eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv new file mode 100644 index 0000000..319ca3a --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv @@ -0,0 +1 @@ +cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04,257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt deleted file mode 100644 index 0999b99..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04, -257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp256.csv b/src/cz/crcs/ectester/data/smallpub/ecsp256.csv new file mode 100644 index 0000000..d5bf3c0 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp256.csv @@ -0,0 +1 @@ +c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445,4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71,1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880,a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7,98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e,c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp256.txt b/src/cz/crcs/ectester/data/smallpub/ecsp256.txt deleted file mode 100644 index 17387a6..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp256.txt +++ /dev/null @@ -1,7 +0,0 @@ -c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445, -4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71, -1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880, -a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7, -98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e, -c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv new file mode 100644 index 0000000..d27ffdc --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv @@ -0,0 +1 @@ +75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653,55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt deleted file mode 100644 index a8f0492..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653, -55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp384.csv b/src/cz/crcs/ectester/data/smallpub/ecsp384.csv new file mode 100644 index 0000000..c58d74b --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp384.csv @@ -0,0 +1 @@ +d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b,45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906,d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4,2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec,ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933,d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp384.txt b/src/cz/crcs/ectester/data/smallpub/ecsp384.txt deleted file mode 100644 index 9acae3f..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp384.txt +++ /dev/null @@ -1,7 +0,0 @@ -d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b, -45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906, -d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4, -2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec, -ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933, -d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv new file mode 100644 index 0000000..80f2cd6 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv @@ -0,0 +1 @@ +a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1,38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt deleted file mode 100644 index 4eb4a96..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1, -38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp521.csv b/src/cz/crcs/ectester/data/smallpub/ecsp521.csv new file mode 100644 index 0000000..f6835f1 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp521.csv @@ -0,0 +1 @@ +01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f,00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e,004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6,01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa,00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66,01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp521.txt b/src/cz/crcs/ectester/data/smallpub/ecsp521.txt deleted file mode 100644 index 1d36bd7..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp521.txt +++ /dev/null @@ -1,7 +0,0 @@ -01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f, -00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e, -004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6, -01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa, -00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66, -01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3, -1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv new file mode 100644 index 0000000..5cceee6 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv @@ -0,0 +1 @@ +002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389,0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt b/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt deleted file mode 100644 index 0e3f320..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.txt +++ /dev/null @@ -1,2 +0,0 @@ -002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389, -0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/keys.xml b/src/cz/crcs/ectester/data/smallpub/keys.xml new file mode 100644 index 0000000..e3a7237 --- /dev/null +++ b/src/cz/crcs/ectester/data/smallpub/keys.xml @@ -0,0 +1,35 @@ + + + + ecsp128_pub.csv + ecsp128 + + + ecsp160_pub.csv + ecsp160 + + + ecsp192_pub.csv + ecsp192 + + + ecsp224_pub.csv + ecsp224 + + + ecsp256_pub.csv + ecsp256 + + + ecsp384_pub.csv + ecsp384 + + + ecsp521_pub.csv + ecsp521 + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/curves.xml b/src/cz/crcs/ectester/data/wrong/curves.xml new file mode 100644 index 0000000..5f7ef9f --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/curves.xml @@ -0,0 +1,83 @@ + + + + wrongp128 + 128 + prime + wrongp128.csv + + + wrongp160 + 160 + prime + wrongp160.csv + + + wrongp192 + 192 + prime + wrongp192.csv + + + wrongp224 + 224 + prime + wrongp224.csv + + + wrongp256 + 256 + prime + wrongp256.csv + + + wrongp384 + 384 + prime + wrongp384.csv + + + wrongp521 + 521 + prime + wrongp521.csv + + + wrongt163 + 163 + binary + wrongt163.csv + + + wrongt233 + 233 + binary + wrongt233.csv + + + wrongt239 + 239 + binary + wrongt239.csv + + + wrongt283 + 283 + binary + wrongt283.csv + + + wrongt409 + 409 + binary + wrongt409.csv + + + wrongt571 + 571 + binary + wrongt571.csv + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp128.csv b/src/cz/crcs/ectester/data/wrong/wrongp128.csv new file mode 100644 index 0000000..fce3f24 --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongp128.csv @@ -0,0 +1 @@ +f9c44412b2cca89ba4f1ca271d143323,9f5d27633551f202cd129e15712f0c64,dd1cdcde6e8da4b594bd4055bd601dca,27d3f8fea47ec1814569080b2aec652f,ebf29da39d7a387fdc3ee3a6e1898d0d,53416c063b998d8936fb4337f4300dcf,3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp160.csv b/src/cz/crcs/ectester/data/wrong/wrongp160.csv new file mode 100644 index 0000000..b6a4784 --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongp160.csv @@ -0,0 +1 @@ +4353148e2ad8805dff87bfd7fd6b78da022417dd,3e41d827a2fc528cfead39f1c38699073daa2e8c,12a5b38d121e1274d92be25459340117189b6aa9,12ee1c85d8270955746c2262915d9af9ec5864bb,3458e410d63535a091e43785ad9b48b5cb26f3f2,0d77041c6ef819ac664e599199157d655c5dbc83,5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp192.csv b/src/cz/crcs/ectester/data/wrong/wrongp192.csv new file mode 100644 index 0000000..9abf44e --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongp192.csv @@ -0,0 +1 @@ +9eb2bb2b250ffded1686035b63e7e5d995ba781a011d3b22,4e167abc2774f53d04a800d3a45c83a2a63b671b21a4550d,142b292e4b02ede63ed10aa901d9b51fe119f27d57a3a063,916f6535f2781de3c6c9e84fbe27d5f46287fa6827a6c8f5,93bceca98e0f1ba4f52838f80d057f9b364e01f235c55719,34e63e63b70554a45cd75673cbf7f748873e140ff2e02e30,3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp224.csv b/src/cz/crcs/ectester/data/wrong/wrongp224.csv new file mode 100644 index 0000000..ab1c78a --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongp224.csv @@ -0,0 +1 @@ +7fc961151375f20321881d4a704c5263d09d0270fa799aac8265a7d9,6d9aac79206bc67534b41e623995fcf15584bac41e0a5e309c2ac6d7,1a0167d5a679d3524753df6be9d797990838d2ff222b1d9b64c4fc8b,124f913cdf8e182956eef18ab9456d2114e38d9262dbf06285d9a4a2,7501d823647e2fbe9e9e1fd7f2eaac15cb84680ba290775c7338c569,198ead04371796cd6d1b390ee34276e0c3529a168953d9a4cb78e25b,5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp256.csv b/src/cz/crcs/ectester/data/wrong/wrongp256.csv new file mode 100644 index 0000000..98c6a06 --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongp256.csv @@ -0,0 +1 @@ +f93f4bfacd5dc41609ec790ace7b58b3a8466b533440a986a1b6252657840329,dedd6767ca13b7ed136d0725772e7665f7b8d7450541e747ebb22b188b0298cd,cb32f6d3febf6b2558e583de19180b286a0d0ca4cbc0b5ae40b2684ca5fa0549,e9f44e8e52268d84a2ac538a35469f041e5096b1c885922d7068c24c4f7986ab,927d137b6af7330546218ca73fd396483a1ca02e43bfd9e8e1266fe182cc6108,5315195399c9ec0758a42858ef7e72e68d6cce71116ae323eb0a5313fec656ca,3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp384.csv b/src/cz/crcs/ectester/data/wrong/wrongp384.csv new file mode 100644 index 0000000..856a315 --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongp384.csv @@ -0,0 +1 @@ +e5c59884cfefc22682cbc0f1d18b574c2cec33ace6ff00246db133dd25b6b8eca6e192324f73815c131e06ac129cf3c6,738b368de5c4b0be23c8c197df7d098372e49ef6719c02c64833a8834518cd8c0d9241f72100cb5051db0657f75a1c23,69754b463614c2e2dbcf6dccf623cc0f1acdc19e54cb228dbaf071459f4af4c8b6665e814653ec77937f93aba77d5c83,74019d327322b23f79888df61d0549c60983e967f9d783298c9fabb05d3f50380b75b9c0925016ab8606a3c7cb304fee,319d25a6e657db46b06dc875f23a25cd7dd85312706b98f7d42e5fef6205efa94c9e3de358442bbba0078c836474b886,2df451b429965a07b3c259c9f6b577dc08fc0a55c7cc99a0e2bd0a5f6df1582f549383a3a97d80459d6c67bc03b8fd8e,5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp521.csv b/src/cz/crcs/ectester/data/wrong/wrongp521.csv new file mode 100644 index 0000000..4f8b2a3 --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongp521.csv @@ -0,0 +1 @@ +189a60ffc98c7183895a913cce35a6a9eb598dd37031ef413b22efdfce0c66a39adbc7807185d2f9258e236d97fcefbc399d96b21367b72d96aa4db8e17e085eb6b,14fa01ed55832127e87f87781de9dd477302be69dec9d55ca741569bddebf3f4356ded7a21173937426b7e28cd25704c715e85d677d1ebfe4349943269fa3f420b2,151ff15174ae4126937a8a1ab0f1d64f85fdf6edebd29615e822ffa44b6e2a951b918f49444ffc4bfc09f0f8bda8c30f095ab5d8aa5bcc26a16245d848e0beb9d88,1544b864fe3e9891aedcf537c6f7d3de1f77ee74ef1d3122f0c2d891189895f56362be7d031503b1d23ca7bd978650a49efce4d437dedec0e3325ca40c1f8ef2ee0,140197a9f062bad1e447eb6c1f4385f7dde488f0d1ba76a83750d2e9d59db3b7826c0bdb2294c8a2fb08e62152824a05a67dfd8528084b1865018e0a6c6204057c8,189a60ffc98c7183895a913cce35a6a9eb598dd37031ef413b22efdfce0c66a39adbc7807185d2f9258e236d97fcefbc399d96b21367b72d96aa4db8e17e085eb6a,5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongt163.csv b/src/cz/crcs/ectester/data/wrong/wrongt163.csv new file mode 100644 index 0000000..91fd70b --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongt163.csv @@ -0,0 +1 @@ +00a3,0002,0000,0000,55e202b98d7e864b2c9c560dc8f8b4047743a84ad,4cf310ee7a37cb2bacafa5e5a5ffcc8464a51162d,58ae9952e3b62978ccc1bfd060564b2620d154049,5ed1e3aa306f09a955feff97757bc4e599c64bb9f,2aaaaaaaaaaaaaaaaaaaaaaaaaabc02b61ca4c651,3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongt233.csv b/src/cz/crcs/ectester/data/wrong/wrongt233.csv new file mode 100644 index 0000000..7e704b0 --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongt233.csv @@ -0,0 +1 @@ +00e9,0001,0000,0000,14228234ca1e8900adcfef49a037d560c8e2c2ed4227d4a2cda8703079d,18f33f0e925e6af86764a84dae2e09eeb0ce218e21ad9638eeb9d2e2600,182a21d656972aeca534df8f8e8c5aa0f553cde1e025a75610f10ae9db5,118732c490d8788716e9ac581c37c140116d12e2e9abd56262a1a255472,c59f46db5ba025578d418f86dc556bec9d212b740ab595b83abd008ec0,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongt239.csv b/src/cz/crcs/ectester/data/wrong/wrongt239.csv new file mode 100644 index 0000000..51098b6 --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongt239.csv @@ -0,0 +1 @@ +00ef,0001,0000,0000,513e8b6997328b69d60decd7fa034c1b3bd862717164e7785eb06dcc5b88,63510c1cc1053a916b68f258e9d3f7c2ba054e4af05f3e4d61b3de772d2a,509d82beb7ef27b5b7421ac1e93ccffea76c4f0874991cf3facf0eab9ef6,42a9207ae1cc90d3d29c42a87f754321ccbeaed2e18957ce5a9b01f56812,28759505089d94226a73eefded3f7bf2f81673517715cb032daeddbb68f7,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongt283.csv b/src/cz/crcs/ectester/data/wrong/wrongt283.csv new file mode 100644 index 0000000..0d412de --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongt283.csv @@ -0,0 +1 @@ +011b,0002,0000,0000,7e2a42c7f5af962ff0f58711703462947d0a4eb3555b123aa33088a9c566424f0126157,6f317d6314dd7069b6be8cfb5fd0c563b9dbb2f9b8ca2618dd8cd4e7d1a368452aa3c34,5beb9f0130f758148a16a5c65b9228836af1c7afbab4afeffed328ed04ec1bf015f9c16,68996bd05c007c329738a29893a6215c99fbfa460e143090d588d9b157c99843e91c976,2552bf070faa392ab3b7fa07e443e5a45dc9bb3e1a6fe44d1440fdde6752c90899d4197,3 diff --git a/src/cz/crcs/ectester/data/wrong/wrongt409.csv b/src/cz/crcs/ectester/data/wrong/wrongt409.csv new file mode 100644 index 0000000..97c8f95 --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongt409.csv @@ -0,0 +1 @@ +0199,0002,0000,0000,1cc6efad1333dd213e812bdc9909754ff20c102fb9c9a2a7fdbd23ca7d414bec401bc45532980dff9cc869b4622c7f5b65e2afb,1cfc909e058af6762da1c2d85ec911d4e393dcd4539aa6c6d755b3dfdf9c4c338c84b984f533479d2f2bb5169b4fae6a25159f6,1ef44edd1100313984d059e3ecae6c866d83bfb9931e616abafcb9f1461ec264509260b4c62a09f1f03595c404e530d467dc14c,1055f15e3b4272c3bf6ecaeb59204470b96111eb38eb395066b26fbae646ab57b7ae6cda5722a98b01aade1bcf3b6db950d2957,c3b9b6e10f6ed3a458388e94c4d567e1a2272bb996892a919e65a8da15c0907ac735eb2f9a7cee28ac90193dabd2408e232839,2 diff --git a/src/cz/crcs/ectester/data/wrong/wrongt571.csv b/src/cz/crcs/ectester/data/wrong/wrongt571.csv new file mode 100644 index 0000000..9e61a8a --- /dev/null +++ b/src/cz/crcs/ectester/data/wrong/wrongt571.csv @@ -0,0 +1 @@ +023b,0002,0000,0000,4d3b833ae38b91e89061c4fae9e38264f2e88b4969778aa935eeec50fd1d66a994589e835aeb590566f0adafba2c40c1866865e62cae00f1d235038139d8d25b32d842a7a8b03b0,736974cc00c08dfbd1d23a6bea984c1c1af6ceae0a8b48ecd84b8a4fedbb46d61ab94efa8f53e50b6aa0c0599c2121af733dc36c07ccb7762d210bef02aa8611fe464d369f8a923,4f3bb81214f966e73a2f64423738ab7cd642b871ce7fb0e5f302a3a658aafd68e25d38c432d5e48334a2c03f472defa43ca0933fd13c98138bab6d7ca228ab860c79cd9114d4549,6355104090026816f380b1b406e84f93e12cbaa9f23adcef1eab09bd0418f7906195b102daed369ba72b9370e24a12c7676263c20bf7c7f3018c7a84ee80f586cc8fb16dd526110,397cad72a3fefe82d79a96e18009f5f9b661a9fa2ee53a5eb9f4016d2deaf249e2969b9af649fa363f4c2d5ec837792d932748f7344a16f8ab4be63341812d1c4f52a7b3fa65757,2 diff --git a/src/cz/crcs/ectester/reader/ECParams.java b/src/cz/crcs/ectester/reader/ECParams.java index c19640e..76347b1 100644 --- a/src/cz/crcs/ectester/reader/ECParams.java +++ b/src/cz/crcs/ectester/reader/ECParams.java @@ -13,7 +13,7 @@ import java.util.regex.Pattern; * @author Jan Jancar johny@neuromancer.sk */ public class ECParams { - private static final Pattern hex = Pattern.compile("[a-fA-F\\d]+"); + private static final Pattern hex = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); /** * Flattens params read from String[] data into a byte[] with their lengths prepended as short entries. @@ -34,12 +34,12 @@ public class ECParams { short masked = (short) (params & paramMask); if (masked != 0) { byte[] param = parse(data[i]); - if (masked == EC_Consts.PARAMETER_F2M && data.length == 9) { - //read and pad and append e_2, e_3 - param = Util.concatenate(param, parse(data[i + 1]), parse(data[i + 2])); - i += 2; - if (param.length != 6) - throw new RuntimeException("PARAMETER_F2M length is not 6.(should be)"); + if (masked == EC_Consts.PARAMETER_F2M) { + //add m, e_1, e_2, e_3 + param = Util.concatenate(param, parse(data[i + 1]), parse(data[i + 2]), parse(data[i + 3])); + i += 3; + if (param.length != 8) + throw new RuntimeException("PARAMETER_F2M length is not 8.(should be)"); } if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { //read another param (the y coord) and put into X962 format. @@ -80,12 +80,13 @@ public class ECParams { byte[] param = data[index]; if (masked == EC_Consts.PARAMETER_F2M) { - //split into three shorts - if (param.length != 6) { - throw new RuntimeException("PARAMETER_F2M length is not 6.(should be)"); + //split into m, e1, [e2, e3] + if (!((param.length == 4) || (param.length == 8))) { + throw new RuntimeException("PARAMETER_F2M length is not 4 or 8.(should be)"); } - for (int i = 0; i < 3; ++i) { - out.add(String.format("%04x", Util.getShort(param, i*2))); + int max = param.length == 4 ? 2 : 4; + for (int i = 0; i < max; ++i) { + out.add(String.format("%04x", Util.getShort(param, i * 2))); } } else if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { @@ -171,8 +172,13 @@ public class ECParams { return true; } - private static byte[] parse(String hex) { - byte[] data = Util.hexToBytes(hex); + private static byte[] parse(String param) { + byte[] data; + if (param.startsWith("0x") || param.startsWith("0X")) { + data = Util.hexToBytes(param.substring(2)); + } else { + data = Util.hexToBytes(param); + } if (data == null) return new byte[0]; if (data.length < 2) diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index b359e16..f55e943 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -52,11 +52,20 @@ public class ECTester { private boolean optAll; private boolean optPrimeField = false; private boolean optBinaryField = false; - private boolean optNamed = false; - private String optCurve = null; + + private String optNamedCurve = null; + private String optCurveFile = null; + private boolean optCustomCurve = false; + + private String optNamedPublic = null; private String optPublic = null; + + private String optNamedPrivate = null; private String optPrivate = null; + + private String optNamedKey = null; private String optKey = null; + private String optLog = null; private String optOutput = null; private boolean optFresh = false; @@ -77,6 +86,7 @@ public class ECTester { private void run(String[] args) { try { + CommandLine cli = parseArgs(args); //if help, print and quit @@ -138,7 +148,6 @@ public class ECTester { System.err.println("Option, " + maex.getOption().getOpt() + " requires an argument: " + maex.getOption().getArgName()); } catch (NumberFormatException nfex) { System.err.println("Not a number. " + nfex.getMessage()); - nfex.printStackTrace(System.err); } catch (FileNotFoundException fnfe) { System.err.println("File " + fnfe.getMessage() + " not found."); } catch (ParseException | IOException | CardException ex) { @@ -165,12 +174,18 @@ public class ECTester { * * Options: * -b / --bit-size [b] // -a / --all + * * -fp / --prime-field * -f2m / --binary-field - * -n / --named // -c / --curve [curve_file] field,a,b,gx,gy,r,k - * --public [pubkey_file] wx,wy - * --private [privkey_file] s + * + * -u / --custom + * -n / --named [cat/id|id|cat] + * -c / --curve [curve_file] field,a,b,gx,gy,r,k + * + * -pub / --public [pubkey_file] wx,wy + * -priv / --private [privkey_file] s * -k / --key [key_file] wx,wy,s + * * -o / --output [output_file] * -s / --simulate */ @@ -190,16 +205,28 @@ public class ECTester { opts.addOptionGroup(size); OptionGroup curve = new OptionGroup(); - curve.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").build()); + curve.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").hasArg().argName("[cat/id|id|cat]").build()); curve.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file [curve_file] (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); + curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve(applet-side embedded, SECG curves).").build()); opts.addOptionGroup(curve); opts.addOption(Option.builder("fp").longOpt("prime-field").desc("Use prime field curve.").build()); opts.addOption(Option.builder("f2m").longOpt("binary-field").desc("Use binary field curve.").build()); - opts.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file [pubkey_file] (wx,wy).").hasArg().argName("pubkey_file").build()); - opts.addOption(Option.builder("priv").longOpt("private").desc("Use private key from file [privkey_file] (s).").hasArg().argName("privkey_file").build()); - opts.addOption(Option.builder("k").longOpt("key").desc("Use keyPair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); + OptionGroup pub = new OptionGroup(); + pub.addOption(Option.builder("npub").longOpt("named-public").desc("Use public key from KeyDB: [cat/id|cat|id]").hasArg().argName("[cat/id|id|cat]").build()); + pub.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file [pubkey_file] (wx,wy).").hasArg().argName("pubkey_file").build()); + opts.addOptionGroup(pub); + + OptionGroup priv = new OptionGroup(); + priv.addOption(Option.builder("npriv").longOpt("named-private").desc("Use private key from KeyDB: [cat/id|id|cat]").hasArg().argName("[cat/id|id|cat]").build()); + priv.addOption(Option.builder("priv").longOpt("private").desc("Use private key from file [privkey_file] (s).").hasArg().argName("privkey_file").build()); + opts.addOptionGroup(priv); + + OptionGroup key = new OptionGroup(); + key.addOption(Option.builder("nk").longOpt("named-key").desc("Use keyPair from KeyDB: [cat/id|id|cat]").hasArg().argName("[cat/id|id|cat]").build()); + key.addOption(Option.builder("k").longOpt("key").desc("Use keyPair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); + opts.addOptionGroup(key); opts.addOption(Option.builder("o").longOpt("output").desc("Output into file [output_file].").hasArg().argName("output_file").build()); opts.addOption(Option.builder("l").longOpt("log").desc("Log output into file [log_file].").hasArg().argName("log_file").optionalArg(true).build()); @@ -222,10 +249,18 @@ public class ECTester { optAll = cli.hasOption("all"); optPrimeField = cli.hasOption("fp"); optBinaryField = cli.hasOption("f2m"); - optNamed = cli.hasOption("named"); - optCurve = cli.getOptionValue("curve"); + + optNamedCurve = cli.getOptionValue("named"); + optCustomCurve = cli.hasOption("custom"); + optCurveFile = cli.getOptionValue("curve"); + + optNamedPublic = cli.getOptionValue("named-public"); optPublic = cli.getOptionValue("public"); + + optNamedPrivate = cli.getOptionValue("named-private"); optPrivate = cli.getOptionValue("private"); + + optNamedKey = cli.getOptionValue("named-key"); optKey = cli.getOptionValue("key"); if (cli.hasOption("log")) { optLog = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); @@ -234,8 +269,8 @@ public class ECTester { optFresh = cli.hasOption("fresh"); optSimulate = cli.hasOption("simulate"); - if (optKey != null && (optPublic != null || optPrivate != null)) { - System.err.print("Can only specify the whole key with --key or pubkey and privkey with --public and --private."); + if ((optKey != null || optNamedKey != null) && (optPublic != null || optPrivate != null || optNamedPublic != null || optNamedPrivate != null)) { + System.err.print("Can only specify the whole key with --key/--named-key or pubkey and privkey with --public/--named-public and --private/--named-private."); return false; } if (optBits < 0) { @@ -253,8 +288,8 @@ public class ECTester { System.err.print("Need to specify field with -fp or -f2m. (not both)"); return false; } - if (optKey != null || optPublic != null || optPrivate != null) { - System.err.println("Keys should not be specified when generating keys."); + if (optKey != null || optPublic != null || optPrivate != null || optNamedKey != null || optNamedPublic != null || optNamedPrivate != null) { + System.err.println("Keys should not be specified when exporting curve params."); return false; } if (optOutput == null) { @@ -271,7 +306,7 @@ public class ECTester { System.err.print("Need to specify field with -fp or -f2m. (not both)"); return false; } - if (optKey != null || optPublic != null || optPrivate != null) { + if (optKey != null || optPublic != null || optPrivate != null || optNamedKey != null || optNamedPublic != null || optNamedPrivate != null) { System.err.println("Keys should not be specified when generating keys."); return false; } @@ -314,7 +349,11 @@ public class ECTester { System.err.println("You have to specify curve bit-size with -b"); return false; } - if ((optPublic == null) != (optPrivate == null)) { + + boolean hasPublic = (optPublic != null) || (optNamedPublic != null); + boolean hasPrivate = (optPrivate != null) || (optNamedPrivate != null); + boolean hasKey = (optKey != null) || (optNamedKey != null); + if ((hasPublic) != (hasPrivate) && !hasKey) { System.err.println("You have cannot only specify a part of a keypair."); return false; } @@ -541,12 +580,15 @@ public class ECTester { List commands = new ArrayList<>(); short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; - if (optNamed) { - // Set named curve (one of the SECG curves embedded applet-side) + if (optCustomCurve) { + // Set custom curve (one of the SECG curves embedded applet-side) commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null)); - } else if (optCurve != null) { + } else if (optNamedCurve != null) { + // Set a named curve. + // parse optNamedCurve -> cat / id | cat | id + } else if (optCurveFile != null) { // Set curve loaded from a file - byte[] external = ECParams.flatten(domainParams, ECParams.readFile(optCurve)); + byte[] external = ECParams.flatten(domainParams, ECParams.readFile(optCurveFile)); if (external == null) { throw new IOException("Couldn't read the curve file correctly."); } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 368a8ef..d1925b8 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -117,7 +117,6 @@ public abstract class Response { @Override public abstract String toString(); - public static String toString(List responses) { StringBuilder out = new StringBuilder(); for (Response r : responses) { diff --git a/src/cz/crcs/ectester/reader/SimpleAPDU.java b/src/cz/crcs/ectester/reader/SimpleAPDU.java deleted file mode 100644 index f120608..0000000 --- a/src/cz/crcs/ectester/reader/SimpleAPDU.java +++ /dev/null @@ -1,459 +0,0 @@ -package cz.crcs.ectester.reader; - -import cz.crcs.ectester.applet.EC_Consts; -import javacard.framework.ISO7816; -import javacard.security.CryptoException; -import javacard.security.KeyPair; -import org.apache.commons.cli.CommandLine; -import org.apache.commons.cli.CommandLineParser; -import org.apache.commons.cli.DefaultParser; -import org.apache.commons.cli.HelpFormatter; -import org.apache.commons.cli.Option; -import org.apache.commons.cli.Options; -import org.apache.commons.cli.ParseException; - -import javax.smartcardio.ResponseAPDU; -import java.io.FileOutputStream; -import java.io.IOException; -import java.util.Arrays; - - -/** - * @author Petr Svenda petr@svenda.com - */ -public class SimpleAPDU { - private CardMngr cardManager = new CardMngr(); - private DirtyLogger systemOutLogger = null; - - private CommandLineParser cliParser = new DefaultParser(); - private Options opts = new Options(); - private static final String cliHeader = ""; - private static final String cliFooter = ""; - - private final static byte SELECT_ECTESTERAPPLET[] = {(byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x0a, - (byte) 0x45, (byte) 0x43, (byte) 0x54, (byte) 0x65, (byte) 0x73, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x30, (byte) 0x31}; - - private static final byte TESTECSUPPORTALL_FP[] = {(byte) 0xB0, (byte) 0x5E, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final byte TESTECSUPPORTALL_F2M[] = {(byte) 0xB0, (byte) 0x5F, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final byte TESTECSUPPORT_GIVENALG[] = {(byte) 0xB0, (byte) 0x71, (byte) 0x00, (byte) 0x00, (byte) 0x03, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final short TESTECSUPPORT_ALG_OFFSET = 5; - private static final short TESTECSUPPORT_KEYLENGTH_OFFSET = 6; - - private static final byte TESTECSUPPORTALL_LASTUSEDPARAMS[] = {(byte) 0xB0, (byte) 0x40, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - - private static final byte TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB[] = {(byte) 0xB0, (byte) 0x70, (byte) 0x00, (byte) 0x00, (byte) 0x05, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final short INVALIDCURVEB_NUMREPEATS_OFFSET = 5; - private static final short INVALIDCURVEB_CORRUPTIONTYPE_OFFSET = 7; - private static final short INVALIDCURVEB_REWINDONSUCCESS_OFFSET = 9; - - private static final byte TESTECSUPPORT_GENERATEECCKEY[] = {(byte) 0xB0, (byte) 0x5a, (byte) 0x00, (byte) 0x00, (byte) 0x04, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00}; - private static final short GENERATEECKEY_ALG_OFFSET = 5; - private static final short GENERATEECKEY_KEYLENGTH_OFFSET = 6; - private static final short GENERATEECKEY_ANOMALOUS_OFFSET = 8; - - - private void run(String[] args) { - try { - //parse cmd args - CommandLine cli = parseArgs(args); - - //byte[] installData = new byte[10]; - //byte[] AID = {(byte) 0x4C, (byte) 0x61, (byte) 0x62, (byte) 0x61, (byte) 0x6B, (byte) 0x41, (byte) 0x70, (byte) 0x70, (byte) 0x6C, (byte) 0x65, (byte) 0x74}; - //cardManager.prepareLocalSimulatorApplet(AID, installData, SimpleECCApplet.class); - - //do stuff - if (cli.hasOption("help")) { - HelpFormatter help = new HelpFormatter(); - help.printHelp("SimpleAPDU", cliHeader, opts, cliFooter); - } else { - //open log(only when actually doing something) - String logFileName = cli.getOptionValue("output-file", String.format("ECTESTER_log_%d.log", System.currentTimeMillis())); - FileOutputStream stdoutStream = new FileOutputStream(logFileName); - systemOutLogger = new DirtyLogger(stdoutStream, true); - - boolean fp = cli.hasOption("fp"); - boolean f2m = cli.hasOption("f2m"); - if (!fp && !f2m) { - fp = true; - f2m = true; - } - int genAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); - int keyLength = Integer.parseInt(cli.getOptionValue("b", "192")); - - if (cli.hasOption("generate")) { - //generate EC keys - if (fp) { - generateECKeys(genAmount, KeyPair.ALG_EC_FP, (short) keyLength, cli.hasOption("anomalous")); - } - if (f2m) { - generateECKeys(genAmount, KeyPair.ALG_EC_F2M, (short) keyLength, cli.hasOption("anomalous")); - } - } else if (cli.hasOption("test")) { - if (cli.hasOption("bit-size")) { - //test only one bitsize - if (fp) { - testSupportECFp((short) keyLength); - } - if (f2m) { - testSupportECFp((short) keyLength); - } - } else { - //test default bit sizes - testSupportECAll(fp, f2m); - testFPkeyGen((short) 10, EC_Consts.CORRUPTION_ONEBYTERANDOM, true); - } - } else { - systemOutLogger.println("You need to specify one of -t / -g [num] commands."); - } - - //close log - systemOutLogger.close(); - } - - //disconnect - cardManager.disconnectFromCard(); - } catch (Exception ex) { - if (systemOutLogger != null) { - systemOutLogger.println("Exception : " + ex); - } - } - } - - private CommandLine parseArgs(String[] args) throws ParseException { - - opts.addOption("h", "help", false, "show this help"); - opts.addOption(Option.builder("g") - .longOpt("generate") - .hasArg() - .optionalArg(true) - .argName("num") - .desc("generate EC keys").build()); - opts.addOption("t", "test", false, "test EC support (default)"); - opts.addOption(Option.builder("b") - .longOpt("bit-size") - .hasArg() - .argName("bits") - .desc("set EC bit size").build()); - opts.addOption("f2m", "use EC over binary-fields"); - opts.addOption("fp", "user EC over prime-fields (default)"); - opts.addOption("s", "anomalous", false, "generate anomalous (non-prime order, small pubkey order) curves"); - opts.addOption(Option.builder("o") - .longOpt("output-file") - .hasArg() - .argName("file") - .desc("output file to log to").build()); - return cliParser.parse(opts, args); - } - - static short getShort(byte[] array, int offset) { - return (short) (((array[offset] & 0xFF) << 8) | (array[offset + 1] & 0xFF)); - } - - static void setShort(byte[] array, int offset, short value) { - array[offset + 1] = (byte) (value & 0xFF); - array[offset] = (byte) ((value >> 8) & 0xFF); - } - - private boolean ReconnnectToCard() throws Exception { - if (cardManager.connected()) { - cardManager.disconnectFromCard(); - } - - boolean result = cardManager.connectToCard(); - if (result) { - // Select our application on card - cardManager.sendAPDU(SELECT_ECTESTERAPPLET); - } - return result; - } - - private void testFPkeyGen(short numRepeats, short corruptionType, boolean bRewind) throws Exception { - byte[] apdu = Arrays.copyOf(TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB, TESTECSUPPORTALL_FP_KEYGEN_INVALIDCURVEB.length); - setShort(apdu, INVALIDCURVEB_NUMREPEATS_OFFSET, numRepeats); - setShort(apdu, INVALIDCURVEB_CORRUPTIONTYPE_OFFSET, corruptionType); - apdu[INVALIDCURVEB_REWINDONSUCCESS_OFFSET] = bRewind ? (byte) 1 : (byte) 0; - - ReconnnectToCard(); - ResponseAPDU resp_fp_keygen = cardManager.sendAPDU(apdu); - ResponseAPDU resp_keygen_params = cardManager.sendAPDU(TESTECSUPPORTALL_LASTUSEDPARAMS); - PrintECKeyGenInvalidCurveB(resp_fp_keygen); - PrintECKeyGenInvalidCurveB_lastUserParams(resp_keygen_params); - } - - private void testSupportECGivenAlg(short keyLength, byte keyClass) throws Exception { - byte[] apdu = Arrays.copyOf(TESTECSUPPORT_GIVENALG, TESTECSUPPORT_GIVENALG.length); - apdu[TESTECSUPPORT_ALG_OFFSET] = keyClass; - setShort(apdu, TESTECSUPPORT_KEYLENGTH_OFFSET, keyLength); - - ReconnnectToCard(); - ResponseAPDU resp = cardManager.sendAPDU(apdu); - //byte[] resp = cardManager.sendAPDUSimulator(apdu); - PrintECSupport(resp); - } - - private void testSupportECFp(short keyLength) throws Exception { - testSupportECGivenAlg(keyLength, KeyPair.ALG_EC_FP); - } - - private void testSupportECF2m(short keyLength) throws Exception { - testSupportECGivenAlg(keyLength, KeyPair.ALG_EC_F2M); - } - - private void testSupportECAll(boolean testFp, boolean testF2m) throws Exception { - if (testFp) { - testSupportECFp((short) 128); - testSupportECFp((short) 192); - testSupportECFp((short) 224); - testSupportECFp((short) 256); - testSupportECFp((short) 384); - testSupportECFp((short) 521); - } - - if (testF2m) { - testSupportECF2m((short) 113); - testSupportECF2m((short) 131); - testSupportECF2m((short) 163); - testSupportECF2m((short) 193); - } - } - - private void generateECKeys(int amount, byte keyClass, short keyLength, boolean anomalous) throws Exception { - if (cardManager.connectToCardSelect()) { - cardManager.sendAPDU(SELECT_ECTESTERAPPLET); - - String keyFileName = String.format("ECKEYS_%s_%d.log", keyClass == KeyPair.ALG_EC_FP ? "fp" : "f2m", System.currentTimeMillis()); - FileOutputStream keysFile = new FileOutputStream(keyFileName); - - String message = "index;time;pubW;privS\n"; - keysFile.write(message.getBytes()); - byte[] gatherKeyAPDU = Arrays.copyOf(TESTECSUPPORT_GENERATEECCKEY, TESTECSUPPORT_GENERATEECCKEY.length); - // Prepare keypair object - gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_SETCURVE; - gatherKeyAPDU[GENERATEECKEY_ALG_OFFSET] = keyClass; - setShort(gatherKeyAPDU, GENERATEECKEY_KEYLENGTH_OFFSET, keyLength); - gatherKeyAPDU[GENERATEECKEY_ANOMALOUS_OFFSET] = anomalous ? (byte) 1 : (byte) 0; - - ResponseAPDU respGather = cardManager.sendAPDU(gatherKeyAPDU); - if (respGather.getSW() != ISO7816.SW_NO_ERROR) { - systemOutLogger.println(String.format("Card error: %x", respGather.getSW())); - keysFile.close(); - return; - } - - // Generate new keypair - gatherKeyAPDU[ISO7816.OFFSET_P1] = SimpleECCApplet.P1_GENERATEKEYPAIR; - int counter = 0; - while (true) { - counter++; - long elapsed = -System.nanoTime(); - respGather = cardManager.sendAPDU(gatherKeyAPDU); - elapsed += System.nanoTime(); - - if (respGather.getSW() != ISO7816.SW_NO_ERROR) { - systemOutLogger.println(String.format("Card error: %x", respGather.getSW())); - break; - } - byte[] data = respGather.getData(); - int offset = 0; - String pubKeyW = ""; - String privKeyS = ""; - if (data[offset] == EC_Consts.TAG_ECPUBKEY) { - offset++; - short len = getShort(data, offset); - offset += 2; - pubKeyW = Util.bytesToHex(data, offset, len, false); - offset += len; - } - if (data[offset] == EC_Consts.TAG_ECPRIVKEY) { - offset++; - short len = getShort(data, offset); - offset += 2; - privKeyS = Util.bytesToHex(data, offset, len, false); - offset += len; - } - - message = String.format("%d;%d;%s;%s\n", counter, elapsed / 1000000, pubKeyW, privKeyS); - keysFile.write(message.getBytes()); - - this.systemOutLogger.flush(); - keysFile.flush(); - - //stop when we have enough keys, go on forever with 0 - if (counter >= amount && amount != 0) - break; - } - keysFile.close(); - } - } - - private static String getPrintError(short code) { - if (code == ISO7816.SW_NO_ERROR) { - return "OK\t(0x9000)"; - } else { - String codeStr = "unknown"; - if (code == CryptoException.ILLEGAL_VALUE) { - codeStr = "ILLEGAL_VALUE"; - } - if (code == CryptoException.UNINITIALIZED_KEY) { - codeStr = "UNINITIALIZED_KEY"; - } - if (code == CryptoException.NO_SUCH_ALGORITHM) { - codeStr = "NO_SUCH_ALG"; - } - if (code == CryptoException.INVALID_INIT) { - codeStr = "INVALID_INIT"; - } - if (code == CryptoException.ILLEGAL_USE) { - codeStr = "ILLEGAL_USE"; - } - if (code == SimpleECCApplet.SW_SKIPPED) { - codeStr = "skipped"; - } - if (code == SimpleECCApplet.SW_KEYPAIR_GENERATED_INVALID) { - codeStr = "SW_KEYPAIR_GENERATED_INVALID"; - } - if (code == SimpleECCApplet.SW_INVALID_CORRUPTION_TYPE) { - codeStr = "SW_INVALID_CORRUPTION_TYPE"; - } - if (code == SimpleECCApplet.SW_SIG_VERIFY_FAIL) { - codeStr = "SW_SIG_VERIFY_FAIL"; - } - return String.format("fail\t(%s,\t0x%4x)", codeStr, code); - } - } - - enum ExpResult { - SHOULD_SUCCEED, - MAY_FAIL, - MUST_FAIL - } - - private int VerifyPrintResult(String message, byte expectedTag, byte[] buffer, int bufferOffset, ExpResult expRes) { - if (bufferOffset >= buffer.length) { - systemOutLogger.println(" No more data returned"); - } else { - if (buffer[bufferOffset] != expectedTag) { - systemOutLogger.println(" ERROR: mismatched tag"); - assert (buffer[bufferOffset] == expectedTag); - } - bufferOffset++; - short resCode = getShort(buffer, bufferOffset); - bufferOffset += 2; - - boolean bHiglight = false; - if ((expRes == ExpResult.MUST_FAIL) && (resCode == ISO7816.SW_NO_ERROR)) { - bHiglight = true; - } - if ((expRes == ExpResult.SHOULD_SUCCEED) && (resCode != ISO7816.SW_NO_ERROR)) { - bHiglight = true; - } - if (bHiglight) { - systemOutLogger.println(String.format("!! %-53s%s", message, getPrintError(resCode))); - } else { - systemOutLogger.println(String.format(" %-53s%s", message, getPrintError(resCode))); - } - } - return bufferOffset; - } - - private void PrintECSupport(ResponseAPDU resp) { - PrintECSupport(resp.getData()); - } - - private void PrintECSupport(byte[] buffer) { - systemOutLogger.println(); - systemOutLogger.println("### Test for support and with valid and invalid EC curves"); - int bufferOffset = 0; - while (bufferOffset < buffer.length) { - assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); - bufferOffset++; - String ecType = "unknown"; - if (buffer[bufferOffset] == KeyPair.ALG_EC_FP) { - ecType = "ALG_EC_FP"; - } - if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { - ecType = "ALG_EC_F2M"; - } - systemOutLogger.println(String.format("%-56s%s", "EC type:", ecType)); - bufferOffset++; - short keyLen = getShort(buffer, bufferOffset); - systemOutLogger.println(String.format("%-56s%d bits", "EC key length (bits):", keyLen)); - bufferOffset += 2; - - bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Generate key with def curve (fails if no def):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_DEFCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("ECDH agreement with valid point:", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_VALID_POINT, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_INVALID_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); - bufferOffset = VerifyPrintResult("ECDSA signature on random data:", SimpleECCApplet.ECTEST_ECDSA_SIGNATURE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Set anomalous custom curve (may fail):", SimpleECCApplet.ECTEST_SET_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("Generate key with anomalous curve (may fail):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("ECDH agreement with small order point (fail is good):", SimpleECCApplet.ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT, buffer, bufferOffset, ExpResult.MUST_FAIL); - bufferOffset = VerifyPrintResult("Set invalid custom curve (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); - bufferOffset = VerifyPrintResult("Set invalid field (may fail):", SimpleECCApplet.ECTEST_SET_INVALIDFIELD, buffer, bufferOffset, ExpResult.MAY_FAIL); - bufferOffset = VerifyPrintResult("Generate key with invalid field (fail si good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDFIELD, buffer, bufferOffset, ExpResult.MUST_FAIL); - - systemOutLogger.println(); - } - } - - private void PrintECKeyGenInvalidCurveB(ResponseAPDU resp) { - PrintECKeyGenInvalidCurveB(resp.getData()); - } - - private void PrintECKeyGenInvalidCurveB(byte[] buffer) { - systemOutLogger.println(); - systemOutLogger.println("### Test for computation with invalid parameter B for EC curve"); - int bufferOffset = 0; - while (bufferOffset < buffer.length) { - assert (buffer[bufferOffset] == SimpleECCApplet.ECTEST_SEPARATOR); - bufferOffset++; - String ecType = "unknown"; - if (buffer[bufferOffset] == KeyPair.ALG_EC_FP) { - ecType = "ALG_EC_FP"; - } - if (buffer[bufferOffset] == KeyPair.ALG_EC_F2M) { - ecType = "ALG_EC_F2M"; - } - systemOutLogger.println(String.format("%-53s%s", "EC type:", ecType)); - bufferOffset++; - short keyLen = getShort(buffer, bufferOffset); - systemOutLogger.println(String.format("%-53s%d bits", "EC key length (bits):", keyLen)); - bufferOffset += 2; - - short numRepeats = getShort(buffer, bufferOffset); - bufferOffset += 2; - systemOutLogger.println(String.format("%-53s%d times", "Executed repeats before unexpected error: ", numRepeats)); - - bufferOffset = VerifyPrintResult("KeyPair object allocation:", SimpleECCApplet.ECTEST_ALLOCATE_KEYPAIR, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - while (bufferOffset < buffer.length) { - bufferOffset = VerifyPrintResult("Set invalid custom curve:", SimpleECCApplet.ECTEST_SET_INVALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Generate key with invalid curve (fail is good):", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE, buffer, bufferOffset, ExpResult.MUST_FAIL); - if (buffer[bufferOffset] == SimpleECCApplet.ECTEST_DH_GENERATESECRET) { - bufferOffset = VerifyPrintResult("ECDH agreement with invalid point (fail is good):", SimpleECCApplet.ECTEST_DH_GENERATESECRET, buffer, bufferOffset, ExpResult.MUST_FAIL); - } - bufferOffset = VerifyPrintResult("Set valid custom curve:", SimpleECCApplet.ECTEST_SET_VALIDCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - bufferOffset = VerifyPrintResult("Generate key with valid curve:", SimpleECCApplet.ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE, buffer, bufferOffset, ExpResult.SHOULD_SUCCEED); - } - - systemOutLogger.println(); - } - } - - private void PrintECKeyGenInvalidCurveB_lastUserParams(ResponseAPDU resp) { - byte[] buffer = resp.getData(); - short offset = 0; - systemOutLogger.print("Last used value of B: "); - while (offset < buffer.length) { - systemOutLogger.print(String.format("%x ", buffer[offset])); - offset++; - } - } - - public static void main(String[] args) throws IOException { - SimpleAPDU app = new SimpleAPDU(); - app.run(args); - } -} diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index f876fe4..e297ab1 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -26,16 +26,28 @@ public class Util { } public static byte[] hexToBytes(String hex, boolean bigEndian) { - StringBuilder sb = new StringBuilder(hex.replace(" ", "")); - if (!bigEndian) { - sb.reverse(); - } - int len = sb.length(); + hex = hex.replace(" ", ""); + int len = hex.length(); + StringBuilder sb = new StringBuilder(); + if (len % 2 == 1) { - sb.insert(0, "0"); + sb.append("0"); ++len; } + if (bigEndian) { + sb.append(hex); + } else { + for (int i = 0; i < len / 2; ++i) { + if (sb.length() >= 2) { + sb.insert(sb.length() - 2, hex.substring(2 * i, 2 * i + 2)); + } else { + sb.append(hex.substring(2 * i, 2 * i + 2)); + } + + } + } + String data = sb.toString(); byte[] result = new byte[len / 2]; for (int i = 0; i < len; i += 2) { -- cgit v1.2.3-70-g09d2 From 117b35545288df5b01173d36bde451b414d31d66 Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 6 Mar 2017 22:56:34 +0100 Subject: Added support for named curves (in jar). - Doesn't work well while simulating, some weird memory bug. Will investigate. - Has categories of curves, more will be added. --- !uploader/ectester.cap | Bin 13790 -> 13789 bytes !uploader/gppro_upload.sh | 2 +- !uploader/gppro_upload_emv.sh | 1 + dist/ECTester.jar | Bin 95810 -> 207768 bytes src/cz/crcs/ectester/applet/ECTesterApplet.java | 4 +- src/cz/crcs/ectester/data/EC_Category.java | 70 ++++++++ src/cz/crcs/ectester/data/EC_Data.java | 230 ++++++++++++++++++++++++ src/cz/crcs/ectester/data/anomalous/curves.xml | 7 +- src/cz/crcs/ectester/data/brainpool/curves.xml | 5 +- src/cz/crcs/ectester/data/categories.xml | 13 +- src/cz/crcs/ectester/data/nist/curves.xml | 5 +- src/cz/crcs/ectester/data/schema.xsd | 18 +- src/cz/crcs/ectester/data/secg/curves.xml | 7 +- src/cz/crcs/ectester/data/secg/sect233k1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect233r1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect239k1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect283k1.csv | 11 +- src/cz/crcs/ectester/data/secg/sect409k1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect409r1.csv | 2 +- src/cz/crcs/ectester/data/smallpub/curves.xml | 5 +- src/cz/crcs/ectester/data/smallpub/keys.xml | 19 +- src/cz/crcs/ectester/data/wrong/curves.xml | 5 +- src/cz/crcs/ectester/reader/ECParams.java | 208 --------------------- src/cz/crcs/ectester/reader/ECTester.java | 219 ++++++++++++++++------ src/cz/crcs/ectester/reader/ec/EC_Curve.java | 41 +++++ src/cz/crcs/ectester/reader/ec/EC_Key.java | 53 ++++++ src/cz/crcs/ectester/reader/ec/EC_Keypair.java | 30 ++++ src/cz/crcs/ectester/reader/ec/EC_Params.java | 210 ++++++++++++++++++++++ 28 files changed, 863 insertions(+), 310 deletions(-) create mode 100644 src/cz/crcs/ectester/data/EC_Category.java create mode 100644 src/cz/crcs/ectester/data/EC_Data.java delete mode 100644 src/cz/crcs/ectester/reader/ECParams.java create mode 100644 src/cz/crcs/ectester/reader/ec/EC_Curve.java create mode 100644 src/cz/crcs/ectester/reader/ec/EC_Key.java create mode 100644 src/cz/crcs/ectester/reader/ec/EC_Keypair.java create mode 100644 src/cz/crcs/ectester/reader/ec/EC_Params.java diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 56b2e2e..e650bd7 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/!uploader/gppro_upload.sh b/!uploader/gppro_upload.sh index 47c7c97..a94a948 100755 --- a/!uploader/gppro_upload.sh +++ b/!uploader/gppro_upload.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash java -jar gp.jar -delete 4543546573746572 -deletedeps -verbose java -jar gp.jar -deletedeps -verbose -delete 4A43416C6754657374 diff --git a/!uploader/gppro_upload_emv.sh b/!uploader/gppro_upload_emv.sh index 8f0c994..c3b42b1 100755 --- a/!uploader/gppro_upload_emv.sh +++ b/!uploader/gppro_upload_emv.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash java -jar gp.jar --deletedeps --verbose -emv --delete 4C6162616B417070 java -jar gp.jar --deletedeps --verbose -emv --delete 4A43416C6754657374 java -jar gp.jar --deletedeps --verbose -emv --delete 4543546573746572 diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 421b6ea..b0e5d5f 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index ae19e28..323b971 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -225,10 +225,10 @@ public class ECTesterApplet extends Applet { short len = 0; if ((keyPair & KEYPAIR_LOCAL) != 0) { - len += set(localKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 6), (short) 0); + len += set(localKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 5), (short) 0); } if ((keyPair & KEYPAIR_REMOTE) != 0) { - len += set(remoteKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 6), len); + len += set(remoteKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 5), len); } apdu.setOutgoingAndSend((short) 0, len); diff --git a/src/cz/crcs/ectester/data/EC_Category.java b/src/cz/crcs/ectester/data/EC_Category.java new file mode 100644 index 0000000..aed7e7d --- /dev/null +++ b/src/cz/crcs/ectester/data/EC_Category.java @@ -0,0 +1,70 @@ +package cz.crcs.ectester.data; + +import cz.crcs.ectester.reader.ec.EC_Params; + +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Category { + + private String name; + private String directory; + private String desc; + + private Map objects; + + + public EC_Category(String name, String directory) { + this.name = name; + this.directory = directory; + } + + public EC_Category(String name, String directory, String desc) { + this(name, directory); + this.desc = desc; + } + + public EC_Category(String name, String directory, String desc, Map objects) { + this(name, directory, desc); + this.objects = objects; + } + + public String getName() { + return name; + } + + public String getDirectory() { + return directory; + } + + public String getDesc() { + return desc; + } + + public Map getObjects() { + return Collections.unmodifiableMap(objects); + } + + public Map getObjects(Class cls) { + Map objs = new HashMap<>(); + for (Map.Entry entry : objects.entrySet()) { + if (cls.isInstance(entry.getValue())) { + objs.put(entry.getKey(), cls.cast(entry.getValue())); + } + } + return Collections.unmodifiableMap(objs); + } + + public T getObject(Class cls, String id) { + EC_Params obj = objects.get(id); + if (cls.isInstance(obj)) { + return cls.cast(obj); + } else { + return null; + } + } +} diff --git a/src/cz/crcs/ectester/data/EC_Data.java b/src/cz/crcs/ectester/data/EC_Data.java new file mode 100644 index 0000000..a867fcf --- /dev/null +++ b/src/cz/crcs/ectester/data/EC_Data.java @@ -0,0 +1,230 @@ +package cz.crcs.ectester.data; + +import cz.crcs.ectester.reader.ec.EC_Curve; +import cz.crcs.ectester.reader.ec.EC_Key; +import cz.crcs.ectester.reader.ec.EC_Keypair; +import cz.crcs.ectester.reader.ec.EC_Params; +import javacard.security.KeyPair; +import org.omg.PortableInterceptor.SYSTEM_EXCEPTION; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; + +import javax.xml.XMLConstants; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; +import java.io.IOException; +import java.io.InputStream; +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Data { + + private DocumentBuilderFactory dbf; + + private Map categories; + + public EC_Data() { + dbf = DocumentBuilderFactory.newInstance(); + + try { + SchemaFactory scf = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI); + Schema sch = scf.newSchema(this.getClass().getResource("/cz/crcs/ectester/data/schema.xsd")); + dbf.setSchema(sch); + dbf.setNamespaceAware(true); + dbf.setIgnoringComments(true); + dbf.setIgnoringElementContentWhitespace(true); + + parse(); + } catch (ParserConfigurationException | IOException | SAXException e) { + e.printStackTrace(); + } + } + + private void parse() throws SAXException, ParserConfigurationException, IOException { + DocumentBuilder db = dbf.newDocumentBuilder(); + + Document categoriesDoc = db.parse(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/categories.xml")); + categoriesDoc.normalize(); + + NodeList catList = categoriesDoc.getElementsByTagName("category"); + + this.categories = new HashMap<>(catList.getLength()); + for (int i = 0; i < catList.getLength(); ++i) { + Node catNode = catList.item(i); + if (catNode instanceof Element) { + Element catElem = (Element) catNode; + Node name = catElem.getElementsByTagName("name").item(0); + Node dir = catElem.getElementsByTagName("directory").item(0); + Node desc = catElem.getElementsByTagName("desc").item(0); + + EC_Category category = parseCategory(name.getTextContent(), dir.getTextContent(), desc.getTextContent()); + this.categories.put(name.getTextContent(), category); + } else { + throw new SAXException("?"); + } + } + } + + private EC_Category parseCategory(String name, String dir, String desc) throws ParserConfigurationException, IOException, SAXException { + DocumentBuilder db = dbf.newDocumentBuilder(); + + Map objMap = new HashMap<>(); + + InputStream curvesStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/curves.xml"); + if (curvesStream != null) { + Document curvesDoc = db.parse(curvesStream); + curvesDoc.normalize(); + + NodeList curveList = curvesDoc.getElementsByTagName("curve"); + + for (int i = 0; i < curveList.getLength(); ++i) { + Node curveNode = curveList.item(i); + if (curveNode instanceof Element) { + Element curveElem = (Element) curveNode; + Node id = curveElem.getElementsByTagName("id").item(0); + Node bits = curveElem.getElementsByTagName("bits").item(0); + Node field = curveElem.getElementsByTagName("field").item(0); + Node file = curveElem.getElementsByTagName("file").item(0); + + NodeList descc = curveElem.getElementsByTagName("desc"); + String descs = null; + if (descc.getLength() != 0) { + descs = descc.item(0).getTextContent(); + } + + byte alg; + if (field.getTextContent().equalsIgnoreCase("prime")) { + alg = KeyPair.ALG_EC_FP; + } else { + alg = KeyPair.ALG_EC_F2M; + } + short bitsize = Short.parseShort(bits.getTextContent()); + + EC_Curve curve = new EC_Curve(bitsize, alg, descs); + if (!curve.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + throw new IOException("Invalid csv data."); + } + + objMap.put(id.getTextContent(), curve); + } else { + throw new SAXException("?"); + } + } + } + + InputStream keysStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data" + dir + "/keys.xml"); + if (keysStream != null) { + Document keysDoc = db.parse(keysStream); + keysDoc.normalize(); + + NodeList directs = keysDoc.getDocumentElement().getChildNodes(); + for (int i = 0; i < directs.getLength(); ++i) { + Node direct = directs.item(i); + if (direct instanceof Element) { + Element elem = (Element) direct; + String tag = elem.getTagName(); + + NodeList childs = elem.getChildNodes(); + String id = null; + for (int j = 0; j < childs.getLength(); ++j) { + Node child = childs.item(j); + if (child instanceof Element) { + Element childElem = (Element) child; + if (childElem.getTagName().equals("id")) { + id = childElem.getTextContent(); + break; + } + } + } + if (id == null) { + throw new SAXException("key no id?"); + } + + EC_Params result = parseKeylike(dir, elem); + + objMap.put(id, result); + } else { + throw new SAXException("?"); + } + } + } + + return new EC_Category(name, dir, desc, objMap); + } + + private EC_Params parseKeylike(String dir, Element elem) throws SAXException { + Node file = elem.getElementsByTagName("file").item(0); + Node curve = elem.getElementsByTagName("curve").item(0); + + NodeList desc = elem.getElementsByTagName("desc"); + String descs = null; + if (desc.getLength() != 0) { + descs = desc.item(0).getTextContent(); + } + + EC_Params result; + if (elem.getTagName().equals("pubkey")) { + result = new EC_Key.Public(curve.getTextContent(), descs); + } else if (elem.getTagName().equals("privkey")) { + result = new EC_Key.Private(curve.getTextContent(), descs); + } else if (elem.getTagName().equals("keypair")) { + result = new EC_Keypair(curve.getTextContent(), descs); + } else { + throw new SAXException("?"); + } + result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent())); + return result; + } + + public Map getCategories() { + return Collections.unmodifiableMap(categories); + } + + public EC_Category getCategory(String category) { + return categories.get(category); + } + + public Map getObjects(String category) { + EC_Category cat = categories.get(category); + if (cat != null) { + return cat.getObjects(); + } + return null; + } + + public Map getObjects(Class objClass, String category) { + EC_Category cat = categories.get(category); + if (cat != null) { + return cat.getObjects(objClass); + } + return null; + } + + public T getObject(Class objClass, String category, String id) { + EC_Category cat = categories.get(category); + if (cat != null) { + return cat.getObject(objClass, id); + } + return null; + } + + public T getObject(Class objClass, String query) { + String[] parts = query.split("/"); + if (parts.length != 2) { + return null; + } + return getObject(objClass, parts[0], parts[1]); + } + + +} diff --git a/src/cz/crcs/ectester/data/anomalous/curves.xml b/src/cz/crcs/ectester/data/anomalous/curves.xml index 8ac0238..c478657 100644 --- a/src/cz/crcs/ectester/data/anomalous/curves.xml +++ b/src/cz/crcs/ectester/data/anomalous/curves.xml @@ -1,7 +1,7 @@ - + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/curves.xml b/src/cz/crcs/ectester/data/brainpool/curves.xml index 0395ba1..2cb7fc5 100644 --- a/src/cz/crcs/ectester/data/brainpool/curves.xml +++ b/src/cz/crcs/ectester/data/brainpool/curves.xml @@ -1,7 +1,6 @@ - + brainpoolP160r1 160 diff --git a/src/cz/crcs/ectester/data/categories.xml b/src/cz/crcs/ectester/data/categories.xml index 5537c98..5913d42 100644 --- a/src/cz/crcs/ectester/data/categories.xml +++ b/src/cz/crcs/ectester/data/categories.xml @@ -1,26 +1,25 @@ - + anomalous anomalous - These prime field curves have the same order as the field order, and are susceptible to attacks reducing ECDLP over a multiplicative group of the curve, to DLP over an additive group of the underlying field, which is easy. + These prime field curves have the same order as the field order, and are susceptible to attacks reducing ECDLP over a multiplicative group of the curve, to DLP over an additive group of the underlying field, which is easy (linear time). brainpool brainpool - ECC Brainpool Standard Curves and Curve Generation v. 1.0 19.10.2005" + ECC Brainpool Standard Curves and Curve Generation v. 1.0 19.10.2005 nist nist - RECOMMENDED ELLIPTIC CURVES FOR FEDERAL GOVERNMENT USE July 1999" + RECOMMENDED ELLIPTIC CURVES FOR FEDERAL GOVERNMENT USE July 1999 secg secg - SEC 2: Recommended Elliptic Curve Domain Parameters version 2.0 January 27, 2010 + SEC 2: Recommended Elliptic Curve Domain Parameters version 2.0 January 27, 2010 smallpub diff --git a/src/cz/crcs/ectester/data/nist/curves.xml b/src/cz/crcs/ectester/data/nist/curves.xml index d9c1717..00b109c 100644 --- a/src/cz/crcs/ectester/data/nist/curves.xml +++ b/src/cz/crcs/ectester/data/nist/curves.xml @@ -1,7 +1,6 @@ - + P-192 192 diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd index d2bc85c..66566c9 100644 --- a/src/cz/crcs/ectester/data/schema.xsd +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -1,9 +1,9 @@ + + @@ -32,14 +32,17 @@ - + + + + @@ -50,6 +53,7 @@ + @@ -60,8 +64,10 @@ - - + + + + @@ -78,6 +84,8 @@ + + diff --git a/src/cz/crcs/ectester/data/secg/curves.xml b/src/cz/crcs/ectester/data/secg/curves.xml index d3295cb..1807ec3 100644 --- a/src/cz/crcs/ectester/data/secg/curves.xml +++ b/src/cz/crcs/ectester/data/secg/curves.xml @@ -1,7 +1,6 @@ - + secp192k1 192 @@ -42,7 +41,7 @@ secp521r1 521 prime - secp521r.csv + secp521r1.csv diff --git a/src/cz/crcs/ectester/data/secg/sect233k1.csv b/src/cz/crcs/ectester/data/secg/sect233k1.csv index 4aeebd2..6a306ff 100644 --- a/src/cz/crcs/ectester/data/secg/sect233k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect233k1.csv @@ -1 +1 @@ -004A,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126,01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3,8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF,4 \ No newline at end of file +00E9,004A,0000,0000,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126,01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3,8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect233r1.csv b/src/cz/crcs/ectester/data/secg/sect233r1.csv index 57ef35d..9a7b82a 100644 --- a/src/cz/crcs/ectester/data/secg/sect233r1.csv +++ b/src/cz/crcs/ectester/data/secg/sect233r1.csv @@ -1 +1 @@ -004A,000000000000000000000000000000000000000000000000000000000001,0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD,00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B,01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052,01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7,2 \ No newline at end of file +00E9,004A,0000,0000,000000000000000000000000000000000000000000000000000000000001,0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD,00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B,01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052,01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect239k1.csv b/src/cz/crcs/ectester/data/secg/sect239k1.csv index fdb64a9..496891d 100644 --- a/src/cz/crcs/ectester/data/secg/sect239k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect239k1.csv @@ -1 +1 @@ -009E,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC,76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA,2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5,4 \ No newline at end of file +00EF,009E,0000,0000,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC,76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA,2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect283k1.csv b/src/cz/crcs/ectester/data/secg/sect283k1.csv index 07e7db2..908cdf7 100644 --- a/src/cz/crcs/ectester/data/secg/sect283k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect283k1.csv @@ -1,10 +1 @@ -011B, -000C, -0007, -0005, -000000000000000000000000000000000000000000000000000000000000000000000000, -000000000000000000000000000000000000000000000000000000000000000000000001, -0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836, -01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259, -01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61, -4 +011B,000C,0007,0005,000000000000000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000000000000000001,0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836,01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259,01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61,4 diff --git a/src/cz/crcs/ectester/data/secg/sect409k1.csv b/src/cz/crcs/ectester/data/secg/sect409k1.csv index 887d921..9190a26 100644 --- a/src/cz/crcs/ectester/data/secg/sect409k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect409k1.csv @@ -1 +1 @@ -0057,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746,01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B,7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF,4 \ No newline at end of file +0199,0057,0000,0000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746,01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B,7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect409r1.csv b/src/cz/crcs/ectester/data/secg/sect409r1.csv index a646e97..a277a07 100644 --- a/src/cz/crcs/ectester/data/secg/sect409r1.csv +++ b/src/cz/crcs/ectester/data/secg/sect409r1.csv @@ -1 +1 @@ -0057,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F,015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7,0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706,010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173,2 \ No newline at end of file +0199,0057,0000,0000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F,015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7,0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706,010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/curves.xml b/src/cz/crcs/ectester/data/smallpub/curves.xml index 1f1f146..50c1d0c 100644 --- a/src/cz/crcs/ectester/data/smallpub/curves.xml +++ b/src/cz/crcs/ectester/data/smallpub/curves.xml @@ -1,7 +1,6 @@ - + ecsp128 128 diff --git a/src/cz/crcs/ectester/data/smallpub/keys.xml b/src/cz/crcs/ectester/data/smallpub/keys.xml index e3a7237..83e98b0 100644 --- a/src/cz/crcs/ectester/data/smallpub/keys.xml +++ b/src/cz/crcs/ectester/data/smallpub/keys.xml @@ -1,35 +1,48 @@ - + ecsp128-pub ecsp128_pub.csv ecsp128 + order = 5 + ecsp160-pub ecsp160_pub.csv ecsp160 + order = 3 + ecsp192-pub ecsp192_pub.csv ecsp192 + order = 3 + ecsp224-pub ecsp224_pub.csv ecsp224 + order = 5 + ecsp256-pub ecsp256_pub.csv ecsp256 + order = 3 + ecsp384-pub ecsp384_pub.csv ecsp384 + order = 3 + ecsp521-pub ecsp521_pub.csv ecsp521 + order = 5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/curves.xml b/src/cz/crcs/ectester/data/wrong/curves.xml index 5f7ef9f..396dc4e 100644 --- a/src/cz/crcs/ectester/data/wrong/curves.xml +++ b/src/cz/crcs/ectester/data/wrong/curves.xml @@ -1,7 +1,6 @@ - + wrongp128 128 diff --git a/src/cz/crcs/ectester/reader/ECParams.java b/src/cz/crcs/ectester/reader/ECParams.java deleted file mode 100644 index 76347b1..0000000 --- a/src/cz/crcs/ectester/reader/ECParams.java +++ /dev/null @@ -1,208 +0,0 @@ -package cz.crcs.ectester.reader; - -import cz.crcs.ectester.applet.EC_Consts; - -import java.io.*; -import java.util.ArrayList; -import java.util.LinkedList; -import java.util.List; -import java.util.Scanner; -import java.util.regex.Pattern; - -/** - * @author Jan Jancar johny@neuromancer.sk - */ -public class ECParams { - private static final Pattern hex = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); - - /** - * Flattens params read from String[] data into a byte[] with their lengths prepended as short entries. - * - * @param params (EC_Consts.PARAMETER_* | ...) - * @param data data read by readString, readFile, readResource - * @return byte[] with params flattened, or null - */ - public static byte[] flatten(short params, String[] data) { - if (!validate(data)) { - return null; - } - - ByteArrayOutputStream out = new ByteArrayOutputStream(); - short paramMask = EC_Consts.PARAMETER_FP; - int i = 0; - while (paramMask <= EC_Consts.PARAMETER_S) { - short masked = (short) (params & paramMask); - if (masked != 0) { - byte[] param = parse(data[i]); - if (masked == EC_Consts.PARAMETER_F2M) { - //add m, e_1, e_2, e_3 - param = Util.concatenate(param, parse(data[i + 1]), parse(data[i + 2]), parse(data[i + 3])); - i += 3; - if (param.length != 8) - throw new RuntimeException("PARAMETER_F2M length is not 8.(should be)"); - } - if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { - //read another param (the y coord) and put into X962 format. - byte[] y = parse(data[i + 1]); - param = Util.concatenate(new byte[]{4}, param, y); //<- ugly but works! - i++; - } - if (param.length == 0) - throw new RuntimeException("Empty parameter read?"); - - //write length - byte[] length = new byte[2]; - Util.setShort(length, 0, (short) param.length); - out.write(length, 0, 2); - //write data - out.write(param, 0, param.length); - i++; - } - paramMask = (short) (paramMask << 1); - } - - return (out.size() == 0) ? null : out.toByteArray(); - } - - /** - * @param data - * @param params - * @return - */ - public static String[] expand(byte[][] data, short params) { - List out = new ArrayList<>(); - - short paramMask = EC_Consts.PARAMETER_FP; - int index = 0; - while (paramMask <= EC_Consts.PARAMETER_S) { - short masked = (short) (params & paramMask); - if (masked != 0) { - byte[] param = data[index]; - - if (masked == EC_Consts.PARAMETER_F2M) { - //split into m, e1, [e2, e3] - if (!((param.length == 4) || (param.length == 8))) { - throw new RuntimeException("PARAMETER_F2M length is not 4 or 8.(should be)"); - } - int max = param.length == 4 ? 2 : 4; - for (int i = 0; i < max; ++i) { - out.add(String.format("%04x", Util.getShort(param, i * 2))); - } - - } else if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { - //split from X962 format into X and Y - //disregard the first 04 and then split into half(uncompress) - int half = (param.length - 1) / 2; - out.add(Util.bytesToHex(param, 1, half, false)); - out.add(Util.bytesToHex(param, half + 1, half, false)); - } else { - //read raw - out.add(Util.bytesToHex(data[index], false)); - } - index++; - } - paramMask = (short) (paramMask << 1); - } - return out.toArray(new String[out.size()]); - } - - /** - * @param filePath - * @param data - * @throws IOException - */ - public static void writeFile(String filePath, String[] data) throws IOException { - FileOutputStream out = new FileOutputStream(filePath); - write(out, data); - out.close(); - } - - /** - * Reads hex params from a CSV String data. - * - * @param data String containing CSV data(hex) - * @return String array containing the CSV entries - */ - public static String[] readString(String data) { - return read(new ByteArrayInputStream(data.getBytes())); - } - - /** - * Reads hex params from a CSV Resource (inside jar). - * - * @param resourcePath path to the resourse - * @return String array containing the CSV entries - */ - public static String[] readResource(String resourcePath) { - return read(ECParams.class.getResourceAsStream(resourcePath)); - } - - /** - * Reads hex params from a CSV file. - * - * @param filePath path to the file - * @return String array containing the CSV entries - * @throws FileNotFoundException if the file cannot be opened - */ - public static String[] readFile(String filePath) throws FileNotFoundException { - return read(new FileInputStream(filePath)); - } - - private static String[] read(InputStream in) { - Scanner s = new Scanner(in); - - s.useDelimiter(",|;"); - List data = new LinkedList(); - while (s.hasNext()) { - String field = s.next(); - data.add(field.replaceAll("\\s+", "")); - } - return data.toArray(new String[data.size()]); - } - - private static boolean validate(String[] data) { - if (data == null || data.length == 0) { - return false; - } - for (String param : data) { - if (!hex.matcher(param).matches()) { - return false; - } - } - return true; - } - - private static byte[] parse(String param) { - byte[] data; - if (param.startsWith("0x") || param.startsWith("0X")) { - data = Util.hexToBytes(param.substring(2)); - } else { - data = Util.hexToBytes(param); - } - if (data == null) - return new byte[0]; - if (data.length < 2) - return pad(data); - return data; - } - - private static byte[] pad(byte[] data) { - if (data.length == 1) { - return new byte[]{(byte) 0, data[0]}; - } else if (data.length == 0 || data.length > 2) { - return data; - } - return null; - } - - private static void write(OutputStream out, String[] data) throws IOException { - Writer w = new OutputStreamWriter(out); - for (int i = 0; i < data.length; ++i) { - w.write(data[i]); - if (i < data.length - 1) { - w.write(","); - } - } - w.flush(); - } -} diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index f55e943..6ccbbbe 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -23,18 +23,22 @@ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.data.EC_Category; +import cz.crcs.ectester.data.EC_Data; +import cz.crcs.ectester.reader.ec.EC_Curve; +import cz.crcs.ectester.reader.ec.EC_Key; +import cz.crcs.ectester.reader.ec.EC_Keypair; +import cz.crcs.ectester.reader.ec.EC_Params; import javacard.security.KeyPair; import org.apache.commons.cli.*; import javax.smartcardio.CardException; -import java.io.File; -import java.io.FileNotFoundException; -import java.io.FileWriter; -import java.io.IOException; +import java.io.*; import java.nio.file.Files; import java.util.ArrayList; import java.util.LinkedList; import java.util.List; +import java.util.Map; /** * Reader part of ECTester, a tool for testing Elliptic curve support on javacards. @@ -46,6 +50,7 @@ public class ECTester { private CardMngr cardManager = null; private DirtyLogger systemOutLogger = null; + private EC_Data dataDB = null; //Options private int optBits; @@ -86,7 +91,6 @@ public class ECTester { private void run(String[] args) { try { - CommandLine cli = parseArgs(args); //if help, print and quit @@ -94,22 +98,35 @@ public class ECTester { help(); return; } + + dataDB = new EC_Data(); + //if list, print and quit + if (cli.hasOption("list-named")) { + Map categories = dataDB.getCategories(); + for (EC_Category cat : categories.values()) { + System.out.println("\t- " + cat.getName() + ": " + (cat.getDesc() == null ? "" : cat.getDesc())); + } + return; + } + //if not, read other options first, into attributes, then do action if (!readOptions(cli)) { return; } + + //init CardManager cardManager = new CardMngr(optSimulate); //connect or simulate connection if (optSimulate) { if (!cardManager.prepareLocalSimulatorApplet(AID, INSTALL_DATA, ECTesterApplet.class)) { System.err.println("Failed to establish a simulator."); - return; + System.exit(1); } } else { if (!cardManager.connectToCardSelect()) { System.err.println("Failed to connect to card."); - return; + System.exit(1); } cardManager.send(SELECT_ECTESTERAPPLET); } @@ -171,6 +188,7 @@ public class ECTester { * -t / --test * -dh / --ecdh * -dsa / --ecdsa [data_file] + * --list-named * * Options: * -b / --bit-size [b] // -a / --all @@ -179,19 +197,26 @@ public class ECTester { * -f2m / --binary-field * * -u / --custom - * -n / --named [cat/id|id|cat] + * -n / --named [cat/id] * -c / --curve [curve_file] field,a,b,gx,gy,r,k * * -pub / --public [pubkey_file] wx,wy + * -npub / --named-public [cat/id] + * * -priv / --private [privkey_file] s + * -npriv / --named-private [cat/id] + * * -k / --key [key_file] wx,wy,s + * -nk / --named-key [cat/id] * * -o / --output [output_file] + * -f / --fresh * -s / --simulate */ OptionGroup actions = new OptionGroup(); actions.setRequired(true); actions.addOption(Option.builder("h").longOpt("help").desc("Print help.").build()); + actions.addOption(Option.builder().longOpt("list-named").desc("Print the list of supported named curves and keys.").build()); actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").build()); @@ -205,7 +230,7 @@ public class ECTester { opts.addOptionGroup(size); OptionGroup curve = new OptionGroup(); - curve.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").hasArg().argName("[cat/id|id|cat]").build()); + curve.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").hasArg().argName("cat/id").build()); curve.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file [curve_file] (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve(applet-side embedded, SECG curves).").build()); opts.addOptionGroup(curve); @@ -214,12 +239,12 @@ public class ECTester { opts.addOption(Option.builder("f2m").longOpt("binary-field").desc("Use binary field curve.").build()); OptionGroup pub = new OptionGroup(); - pub.addOption(Option.builder("npub").longOpt("named-public").desc("Use public key from KeyDB: [cat/id|cat|id]").hasArg().argName("[cat/id|id|cat]").build()); + pub.addOption(Option.builder("npub").longOpt("named-public").desc("Use public key from KeyDB: [cat/id]").hasArg().argName("cat/id").build()); pub.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file [pubkey_file] (wx,wy).").hasArg().argName("pubkey_file").build()); opts.addOptionGroup(pub); OptionGroup priv = new OptionGroup(); - priv.addOption(Option.builder("npriv").longOpt("named-private").desc("Use private key from KeyDB: [cat/id|id|cat]").hasArg().argName("[cat/id|id|cat]").build()); + priv.addOption(Option.builder("npriv").longOpt("named-private").desc("Use private key from KeyDB: [cat/id]").hasArg().argName("cat/id").build()); priv.addOption(Option.builder("priv").longOpt("private").desc("Use private key from file [privkey_file] (s).").hasArg().argName("privkey_file").build()); opts.addOptionGroup(priv); @@ -282,6 +307,10 @@ public class ECTester { return false; } + if (optKey != null && optNamedKey != null || optPublic != null && optNamedPublic != null || optPrivate != null && optNamedPrivate != null) { + System.err.println("You cannot specify both a named key and a key file."); + return false; + } if (cli.hasOption("export")) { if (optPrimeField == optBinaryField) { @@ -292,6 +321,10 @@ public class ECTester { System.err.println("Keys should not be specified when exporting curve params."); return false; } + if (optNamedCurve != null || optCustomCurve || optCurveFile != null) { + System.err.println("Specifying a curve for curve export makes no sense."); + return false; + } if (optOutput == null) { System.err.println("You have to specify an output file for curve parameter export."); return false; @@ -381,19 +414,30 @@ public class ECTester { */ private void export() throws CardException, IOException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - //skip cofactor in domain export, since it doesnt need to be initialized for the key to be initialized. - //and generally isn't initialized on cards with default domain params(TODO, check, is it assumed to be ==1?) - short domain = (short) ((optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M) ^ EC_Consts.PARAMETER_K); - List sent = Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + List sent = new LinkedList<>(); + sent.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send()); sent.add(new Command.Clear(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); sent.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); - Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domain).send(); + + // Cofactor generally isn't set on the default curve parameters on cards, + // since its not necessary for ECDH, only ECDHC which not many cards implement + // TODO: check if its assumend to be == 1? + short domain_all = optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; + short domain = (short) (domain_all ^ EC_Consts.PARAMETER_K); + Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domain_all).send(); + if (!export.successful()) { + export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domain).send(); + } sent.add(export); systemOutLogger.println(Response.toString(sent)); - ECParams.writeFile(optOutput, ECParams.expand(export.getParams(), domain)); + EC_Params exported = new EC_Params(domain, export.getParams()); + + FileOutputStream out = new FileOutputStream(optOutput); + exported.writeCSV(out); + out.close(); } /** @@ -405,7 +449,7 @@ public class ECTester { private void generate() throws CardException, IOException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send(); List curve = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass); FileWriter keysFile = new FileWriter(optOutput); @@ -454,24 +498,58 @@ public class ECTester { private void test() throws IOException, CardException { List commands = new LinkedList<>(); if (optAll) { - if (optPrimeField) { - //iterate over prime curve sizes used: EC_Consts.FP_SIZES - for (short keyLength : EC_Consts.FP_SIZES) { - commands.addAll(testCurve(keyLength, KeyPair.ALG_EC_FP)); + if (optNamedCurve != null) { + Map curves = dataDB.getObjects(EC_Curve.class, optNamedCurve); + if (optPrimeField) { + for (Map.Entry entry : curves.entrySet()) { + EC_Curve curve = entry.getValue(); + if (curve.getField() == KeyPair.ALG_EC_FP) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_FP)); + byte[] external = curve.flatten(); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + commands.addAll(testCurve(curve.getBits(), KeyPair.ALG_EC_FP)); + } + } } - } - if (optBinaryField) { - //iterate over binary curve sizes used: EC_Consts.F2M_SIZES - for (short keyLength : EC_Consts.F2M_SIZES) { - commands.addAll(testCurve(keyLength, KeyPair.ALG_EC_F2M)); + if (optBinaryField) { + for (Map.Entry entry : curves.entrySet()) { + EC_Curve curve = entry.getValue(); + if (curve.getField() == KeyPair.ALG_EC_F2M) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_F2M)); + byte[] external = curve.flatten(); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + commands.addAll(testCurve(curve.getBits(), KeyPair.ALG_EC_F2M)); + } + } + } + } else { + if (optPrimeField) { + //iterate over prime curve sizes used: EC_Consts.FP_SIZES + for (short keyLength : EC_Consts.FP_SIZES) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); + commands.addAll(testCurve(keyLength, KeyPair.ALG_EC_FP)); + } + } + if (optBinaryField) { + //iterate over binary curve sizes used: EC_Consts.F2M_SIZES + for (short keyLength : EC_Consts.F2M_SIZES) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); + commands.addAll(testCurve(keyLength, KeyPair.ALG_EC_F2M)); + } } } } else { if (optPrimeField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); commands.addAll(testCurve((short) optBits, KeyPair.ALG_EC_FP)); } if (optBinaryField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); commands.addAll(testCurve((short) optBits, KeyPair.ALG_EC_F2M)); } } @@ -487,7 +565,8 @@ public class ECTester { */ private void ecdh() throws IOException, CardException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - List ecdh = Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass)); + List ecdh = new LinkedList<>(); + ecdh.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass).send()); ecdh.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass))); if (optPublic != null || optPrivate != null || optKey != null) { @@ -520,7 +599,8 @@ public class ECTester { */ private void ecdsa() throws CardException, IOException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - List ecdsa = Command.sendAll(prepareKeyPair(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass)); + List ecdsa = new LinkedList<>(); + ecdsa.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send()); ecdsa.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass))); Response keys; @@ -557,18 +637,6 @@ public class ECTester { } } - /** - * @param keyPair which keyPair/s (local/remote) to allocate - * @param keyLength key length to allocate - * @param keyClass key class to allocate - * @return a list of Commands to send in order to prepare the keyPair. - */ - private List prepareKeyPair(byte keyPair, short keyLength, byte keyClass) { - List commands = new ArrayList<>(); - commands.add(new Command.Allocate(cardManager, keyPair, keyLength, keyClass)); - return commands; - } - /** * @param keyPair which keyPair/s (local/remote) to set curve domain parameters on * @param keyLength key length to choose @@ -586,9 +654,28 @@ public class ECTester { } else if (optNamedCurve != null) { // Set a named curve. // parse optNamedCurve -> cat / id | cat | id + EC_Curve curve = dataDB.getObject(EC_Curve.class, optNamedCurve); + if (curve == null) { + throw new IOException("Curve could no be found."); + } + if (curve.getBits() != keyLength) { + throw new IOException("Curve bits mismatch: " + curve.getBits() + " vs " + keyLength + " entered."); + } + + byte[] external = curve.flatten(); + if (external == null) { + throw new IOException("Couldn't read named curve data."); + } + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); } else if (optCurveFile != null) { // Set curve loaded from a file - byte[] external = ECParams.flatten(domainParams, ECParams.readFile(optCurveFile)); + EC_Params params = new EC_Params(domainParams); + + FileInputStream in = new FileInputStream(optCurveFile); + params.readCSV(in); + in.close(); + + byte[] external = params.flatten(); if (external == null) { throw new IOException("Couldn't read the curve file correctly."); } @@ -609,25 +696,59 @@ public class ECTester { private Command prepareKey(byte keyPair) throws IOException { short params = EC_Consts.PARAMETERS_NONE; byte[] data = null; - if (optKey != null) { + + if (optKey != null || optNamedKey != null) { params |= EC_Consts.PARAMETERS_KEYPAIR; - data = ECParams.flatten(EC_Consts.PARAMETERS_KEYPAIR, ECParams.readFile(optKey)); + EC_Params keypair; + if (optKey != null) { + keypair = new EC_Params(EC_Consts.PARAMETERS_KEYPAIR); + + FileInputStream in = new FileInputStream(optKey); + keypair.readCSV(in); + in.close(); + } else { + keypair = dataDB.getObject(EC_Keypair.class, optNamedKey); + } + + data = keypair.flatten(); if (data == null) { throw new IOException("Couldn't read the key file correctly."); } } - if (optPublic != null) { + if (optPublic != null || optNamedPublic != null) { params |= EC_Consts.PARAMETER_W; - byte[] pubkey = ECParams.flatten(EC_Consts.PARAMETER_W, ECParams.readFile(optPublic)); + EC_Params pub; + if (optPublic != null) { + pub = new EC_Params(EC_Consts.PARAMETER_W); + + FileInputStream in = new FileInputStream(optPublic); + pub.readCSV(in); + in.close(); + } else { + pub = dataDB.getObject(EC_Key.Public.class, optNamedPublic); + } + + byte[] pubkey = pub.flatten(); if (pubkey == null) { throw new IOException("Couldn't read the key file correctly."); } data = pubkey; } - if (optPrivate != null) { + if (optPrivate != null || optNamedPrivate != null) { params |= EC_Consts.PARAMETER_S; - byte[] privkey = ECParams.flatten(EC_Consts.PARAMETER_S, ECParams.readFile(optPrivate)); + EC_Params priv; + if (optPublic != null) { + priv = new EC_Params(EC_Consts.PARAMETER_S); + + FileInputStream in = new FileInputStream(optPrivate); + priv.readCSV(in); + in.close(); + } else { + priv = dataDB.getObject(EC_Key.Public.class, optNamedPrivate); + } + + byte[] privkey = priv.flatten(); if (privkey == null) { throw new IOException("Couldn't read the key file correctly."); } @@ -644,8 +765,6 @@ public class ECTester { */ private List testCurve(short keyLength, byte keyClass) throws IOException { List commands = new LinkedList<>(); - commands.addAll(prepareKeyPair(ECTesterApplet.KEYPAIR_BOTH, keyLength, keyClass)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, keyClass)); commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, (byte) 0)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, (byte) 1)); diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java new file mode 100644 index 0000000..08a0b8a --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -0,0 +1,41 @@ +package cz.crcs.ectester.reader.ec; + +import cz.crcs.ectester.applet.EC_Consts; +import javacard.security.KeyPair; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Curve extends EC_Params { + + private short bits; + private byte field; + private String desc; + + /** + * + * @param bits + * @param field KeyPair.ALG_EC_FP or KeyPair.ALG_EC_F2M + */ + public EC_Curve(short bits, byte field) { + super(field == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M); + this.bits = bits; + } + + public EC_Curve(short bits, byte field, String desc) { + this(bits, field); + this.desc = desc; + } + + public short getBits() { + return bits; + } + + public byte getField() { + return field; + } + + public String getDesc() { + return desc; + } +} diff --git a/src/cz/crcs/ectester/reader/ec/EC_Key.java b/src/cz/crcs/ectester/reader/ec/EC_Key.java new file mode 100644 index 0000000..b78aaee --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_Key.java @@ -0,0 +1,53 @@ +package cz.crcs.ectester.reader.ec; + +import cz.crcs.ectester.applet.EC_Consts; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Key extends EC_Params { + + private String curve; + private String desc; + + private EC_Key(short mask, String curve) { + super(mask); + this.curve = curve; + } + + private EC_Key(short mask, String curve, String desc) { + this(mask, curve); + this.desc = desc; + } + + public String getCurve() { + return curve; + } + + public String getDesc() { + return desc; + } + + public static class Public extends EC_Key { + + public Public(String curve) { + super(EC_Consts.PARAMETER_W, curve); + } + + public Public(String curve, String desc) { + super(EC_Consts.PARAMETER_W, curve, desc); + } + } + + public static class Private extends EC_Key { + + public Private(String curve) { + super(EC_Consts.PARAMETER_S, curve); + } + + public Private(String curve, String desc) { + super(EC_Consts.PARAMETER_S, curve, desc); + } + + } +} diff --git a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java new file mode 100644 index 0000000..0ee3801 --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java @@ -0,0 +1,30 @@ +package cz.crcs.ectester.reader.ec; + +import cz.crcs.ectester.applet.EC_Consts; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Keypair extends EC_Params { + + private String curve; + private String desc; + + public EC_Keypair(String curve) { + super(EC_Consts.PARAMETERS_KEYPAIR); + this.curve = curve; + } + + public EC_Keypair(String curve, String desc) { + this(curve); + this.desc = desc; + } + + public String getCurve() { + return curve; + } + + public String getDesc() { + return desc; + } +} diff --git a/src/cz/crcs/ectester/reader/ec/EC_Params.java b/src/cz/crcs/ectester/reader/ec/EC_Params.java new file mode 100644 index 0000000..fa5515c --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_Params.java @@ -0,0 +1,210 @@ +package cz.crcs.ectester.reader.ec; + +import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.reader.Util; + +import java.io.*; +import java.util.ArrayList; +import java.util.LinkedList; +import java.util.List; +import java.util.Scanner; +import java.util.regex.Pattern; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Params { + private static final Pattern hex = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); + + private short params; + private byte[][] data; + + public EC_Params(short params) { + this.params = params; + this.data = new byte[numParams()][]; + } + + public EC_Params(short params, byte[][] data) { + this.params = params; + this.data = data; + } + + public short getParams() { + return params; + } + + public boolean hasParam(short param) { + return (params & param) != 0; + } + + public int numParams() { + short paramMask = EC_Consts.PARAMETER_FP; + int num = 0; + while (paramMask <= EC_Consts.PARAMETER_S) { + if ((paramMask & params) != 0) { + if (paramMask == EC_Consts.PARAMETER_F2M) { + num += 3; + } + if (paramMask == EC_Consts.PARAMETER_W || paramMask == EC_Consts.PARAMETER_G){ + num += 1; + } + ++num; + } + paramMask = (short) (paramMask << 1); + } + return num; + } + + public byte[][] getData() { + return data; + } + + public boolean hasData() { + return data != null; + } + + public byte[] flatten() { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + short paramMask = EC_Consts.PARAMETER_FP; + int i = 0; + while (paramMask <= EC_Consts.PARAMETER_S) { + short masked = (short) (params & paramMask); + if (masked != 0) { + byte[] param = data[i]; + if (masked == EC_Consts.PARAMETER_F2M) { + //add m, e_1, e_2, e_3 + param = Util.concatenate(param, data[i + 1], data[i + 2], data[i + 3]); + i += 3; + if (param.length != 8) + throw new RuntimeException("PARAMETER_F2M length is not 8.(should be)"); + } + if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { + //read another param (the y coord) and put into X962 format. + byte[] y = data[++i]; + param = Util.concatenate(new byte[]{4}, param, y); //<- ugly but works! + } + if (param.length == 0) + throw new RuntimeException("Empty parameter read?"); + + //write length + byte[] length = new byte[2]; + Util.setShort(length, 0, (short) param.length); + out.write(length, 0, 2); + //write data + out.write(param, 0, param.length); + i++; + } + paramMask = (short) (paramMask << 1); + } + + return (out.size() == 0) ? null : out.toByteArray(); + } + + public String[] expand() { + List out = new ArrayList<>(); + + short paramMask = EC_Consts.PARAMETER_FP; + int index = 0; + while (paramMask <= EC_Consts.PARAMETER_S) { + short masked = (short) (params & paramMask); + if (masked != 0) { + byte[] param = data[index]; + + if (masked == EC_Consts.PARAMETER_F2M) { + //split into m, e1, e2, e3 + if (param.length != 8) { + throw new RuntimeException("PARAMETER_F2M length is not 8.(should be)"); + } + for (int i = 0; i < 4; ++i) { + out.add(String.format("%04x", Util.getShort(param, i * 2))); + } + + } else if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { + //split from X962 format into X and Y + //disregard the first 04 and then split into half(uncompress) + int half = (param.length - 1) / 2; + out.add(Util.bytesToHex(param, 1, half, false)); + out.add(Util.bytesToHex(param, half + 1, half, false)); + } else { + //read raw + out.add(Util.bytesToHex(data[index], false)); + } + index++; + } + paramMask = (short) (paramMask << 1); + } + return out.toArray(new String[out.size()]); + } + + private static byte[] pad(byte[] data) { + if (data.length == 1) { + return new byte[]{(byte) 0, data[0]}; + } else if (data.length == 0 || data.length > 2) { + return data; + } + return null; + } + + private static byte[] parse(String param) { + byte[] data; + if (param.startsWith("0x") || param.startsWith("0X")) { + data = Util.hexToBytes(param.substring(2)); + } else { + data = Util.hexToBytes(param); + } + if (data == null) + return new byte[0]; + if (data.length < 2) + return pad(data); + return data; + } + + private boolean readHex(String[] hex) { + if (hex.length != numParams()) { + return false; + } + + for (int i = 0; i < numParams(); ++i) { + this.data[i] = parse(hex[i]); + } + return true; + } + + public boolean readCSV(InputStream in) { + Scanner s = new Scanner(in); + + s.useDelimiter(",|;"); + List data = new LinkedList(); + while (s.hasNext()) { + String field = s.next(); + data.add(field.replaceAll("\\s+", "")); + } + + if (data.isEmpty()) { + return false; + } + for (String param : data) { + if (!hex.matcher(param).matches()) { + return false; + } + } + return readHex(data.toArray(new String[data.size()])); + } + + public void writeCSV(OutputStream out) throws IOException { + String[] hex = expand(); + Writer w = new OutputStreamWriter(out); + for (int i = 0; i < hex.length; ++i) { + w.write(hex[i]); + if (i < hex.length - 1) { + w.write(","); + } + } + w.flush(); + } + + public boolean readBytes(byte[] data) { + //TODO + return false; + } +} -- cgit v1.2.3-70-g09d2 From b95ad7ba757be3d6405a548670f2f49e63bce92a Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 7 Mar 2017 21:09:11 +0100 Subject: Updated jcardsim, fixed bug when simulating caused by upstream. - https://github.com/licel/jcardsim/issues/15 --- !uploader/ectester.cap | Bin 13789 -> 13789 bytes dist/ECTester.jar | Bin 207768 -> 207773 bytes dist/lib/jcardsim-3.0.4-SNAPSHOT.jar | Bin 0 -> 492617 bytes lib/jcardsim-3.0.4-SNAPSHOT.jar | Bin 0 -> 492617 bytes manifest.mf | 2 +- nbproject/project.properties | 2 +- 6 files changed, 2 insertions(+), 2 deletions(-) create mode 100644 dist/lib/jcardsim-3.0.4-SNAPSHOT.jar create mode 100644 lib/jcardsim-3.0.4-SNAPSHOT.jar diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index e650bd7..4dc1bca 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index b0e5d5f..2c2e665 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/dist/lib/jcardsim-3.0.4-SNAPSHOT.jar b/dist/lib/jcardsim-3.0.4-SNAPSHOT.jar new file mode 100644 index 0000000..ea3ea26 Binary files /dev/null and b/dist/lib/jcardsim-3.0.4-SNAPSHOT.jar differ diff --git a/lib/jcardsim-3.0.4-SNAPSHOT.jar b/lib/jcardsim-3.0.4-SNAPSHOT.jar new file mode 100644 index 0000000..ea3ea26 Binary files /dev/null and b/lib/jcardsim-3.0.4-SNAPSHOT.jar differ diff --git a/manifest.mf b/manifest.mf index 32571b3..fdec036 100644 --- a/manifest.mf +++ b/manifest.mf @@ -1,5 +1,5 @@ Manifest-Version: 1.0 X-COMMENT: Main-Class will be added automatically by build -Class-Path: lib/jcardsim-2.2.2-all.jar lib/commons-cli-1.3.1.jar +Class-Path: lib/jcardsim-3.0.4-SNAPSHOT.jar lib/commons-cli-1.3.1.jar Main-Class: cz.crcs.ectester.reader.ECTester diff --git a/nbproject/project.properties b/nbproject/project.properties index 2c8b861..ad90c49 100644 --- a/nbproject/project.properties +++ b/nbproject/project.properties @@ -32,7 +32,7 @@ excludes= includes=** jar.compress=false javac.classpath=\ - lib/jcardsim-2.2.2-all.jar:\ + lib/jcardsim-3.0.4-SNAPSHOT.jar:\ lib/commons-cli-1.3.1.jar # Space-separated list of extra javac options javac.compilerargs= -- cgit v1.2.3-70-g09d2 From 197434b2bb2882277b21044331d0a2b64bc314c8 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 7 Mar 2017 23:34:57 +0100 Subject: Added timing output to responses, added bulk ECDH/ECDSA testing. --- dist/ECTester.jar | Bin 207773 -> 208535 bytes src/cz/crcs/ectester/reader/ECTester.java | 139 ++++++++++++++++++++---------- src/cz/crcs/ectester/reader/Response.java | 2 +- 3 files changed, 93 insertions(+), 48 deletions(-) diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 2c2e665..0f2e8c6 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 6ccbbbe..d94279e 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -72,13 +72,17 @@ public class ECTester { private String optKey = null; private String optLog = null; + + private String optInput; private String optOutput = null; private boolean optFresh = false; private boolean optSimulate = false; //Action-related options private int optGenerateAmount; - private String optECDSASign; + private int optECDHCount; + private int optECDSACount; + private Options opts = new Options(); private static final String CLI_HEADER = "\nECTester, a javacard Elliptic Curve Cryptograhy support tester/utility.\n\n"; @@ -220,8 +224,8 @@ public class ECTester { actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").build()); - actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH.").build()); - actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA.").hasArg().argName("data_file").optionalArg(true).build()); + actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH, [count] times.").hasArg().argName("count").optionalArg(true).build()); + actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA, [count] times.").hasArg().argName("count").optionalArg(true).build()); opts.addOptionGroup(actions); OptionGroup size = new OptionGroup(); @@ -253,6 +257,7 @@ public class ECTester { key.addOption(Option.builder("k").longOpt("key").desc("Use keyPair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); opts.addOptionGroup(key); + opts.addOption(Option.builder("i").longOpt("input").desc("Input from file [input_file], for ecdsa signing.").hasArg().argName("input_file").build()); opts.addOption(Option.builder("o").longOpt("output").desc("Output into file [output_file].").hasArg().argName("output_file").build()); opts.addOption(Option.builder("l").longOpt("log").desc("Log output into file [log_file].").hasArg().argName("log_file").optionalArg(true).build()); @@ -290,6 +295,7 @@ public class ECTester { if (cli.hasOption("log")) { optLog = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); } + optInput = cli.getOptionValue("input"); optOutput = cli.getOptionValue("output"); optFresh = cli.hasOption("fresh"); optSimulate = cli.hasOption("simulate"); @@ -373,6 +379,12 @@ public class ECTester { return false; } + optECDHCount = Integer.parseInt(cli.getOptionValue("ecdh", "1")); + if (optECDHCount <= 0) { + System.err.println("ECDH count cannot be <= 0."); + return false; + } + } else if (cli.hasOption("ecdsa")) { if (optPrimeField == optBinaryField) { System.err.print("Need to specify field with -fp or -f2m. (not both)"); @@ -391,7 +403,11 @@ public class ECTester { return false; } - optECDSASign = cli.getOptionValue("ecdsa"); + optECDSACount = Integer.parseInt(cli.getOptionValue("ecdsa", "1")); + if (optECDSACount <= 0) { + System.err.println("ECDSA count cannot be <= 0."); + return false; + } } return true; @@ -507,7 +523,7 @@ public class ECTester { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_FP)); byte[] external = curve.flatten(); commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); - commands.addAll(testCurve(curve.getBits(), KeyPair.ALG_EC_FP)); + commands.addAll(testCurve()); } } } @@ -518,7 +534,7 @@ public class ECTester { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_F2M)); byte[] external = curve.flatten(); commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); - commands.addAll(testCurve(curve.getBits(), KeyPair.ALG_EC_F2M)); + commands.addAll(testCurve()); } } } @@ -528,7 +544,7 @@ public class ECTester { for (short keyLength : EC_Consts.FP_SIZES) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); - commands.addAll(testCurve(keyLength, KeyPair.ALG_EC_FP)); + commands.addAll(testCurve()); } } if (optBinaryField) { @@ -536,7 +552,7 @@ public class ECTester { for (short keyLength : EC_Consts.F2M_SIZES) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); - commands.addAll(testCurve(keyLength, KeyPair.ALG_EC_F2M)); + commands.addAll(testCurve()); } } } @@ -544,13 +560,13 @@ public class ECTester { if (optPrimeField) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); - commands.addAll(testCurve((short) optBits, KeyPair.ALG_EC_FP)); + commands.addAll(testCurve()); } if (optBinaryField) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); - commands.addAll(testCurve((short) optBits, KeyPair.ALG_EC_F2M)); + commands.addAll(testCurve()); } } List test = Command.sendAll(commands); @@ -565,29 +581,45 @@ public class ECTester { */ private void ecdh() throws IOException, CardException { byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - List ecdh = new LinkedList<>(); - ecdh.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass).send()); - ecdh.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass))); + List prepare = new LinkedList<>(); + prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass).send()); + prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass))); + + systemOutLogger.println(Response.toString(prepare)); + List generate = new LinkedList<>(); if (optPublic != null || optPrivate != null || optKey != null) { - ecdh.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); - ecdh.add(prepareKey(ECTesterApplet.KEYPAIR_REMOTE).send()); + generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); + generate.add(prepareKey(ECTesterApplet.KEYPAIR_REMOTE)); } else { - ecdh.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH).send()); + generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); } - Response.ECDH perform = new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_TRUE, (byte) 0).send(); - ecdh.add(perform); - systemOutLogger.println(Response.toString(ecdh)); + int retry = 0; + int done = 0; + while (done < optECDHCount) { + List ecdh = Command.sendAll(generate); + + Response.ECDH perform = new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_TRUE, (byte) 0).send(); + ecdh.add(perform); + systemOutLogger.println(Response.toString(ecdh)); + + if (!perform.successful() || !perform.hasSecret()) { + if (retry < 10) { + retry++; + continue; + } else { + System.err.println("Couldn't obtain ECDH secret from card response."); + break; + } + } - if (!perform.hasSecret()) { - System.err.println("Couldn't obtain ECDH secret from card response."); - } else { if (optOutput != null) { FileWriter out = new FileWriter(optOutput); out.write(Util.bytesToHex(perform.getSecret(), false)); out.close(); } + ++done; } } @@ -598,42 +630,57 @@ public class ECTester { * @throws IOException if an IO error occurs when writing to key file. */ private void ecdsa() throws CardException, IOException { - byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - List ecdsa = new LinkedList<>(); - ecdsa.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send()); - ecdsa.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass))); - - Response keys; - if (optKey != null || (optPublic != null && optPrivate != null)) { - keys = prepareKey(ECTesterApplet.KEYPAIR_LOCAL).send(); - } else { - keys = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send(); - } - ecdsa.add(keys); - //read file, if asked to sign byte[] data = null; - if (optECDSASign != null) { - File in = new File(optECDSASign); + if (optInput != null) { + File in = new File(optInput); long len = in.length(); if (len == 0) { - throw new FileNotFoundException("File " + optECDSASign + " not found."); + throw new FileNotFoundException(optInput); } data = Files.readAllBytes(in.toPath()); } - Response.ECDSA perform = new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, data).send(); - ecdsa.add(perform); - systemOutLogger.println(Response.toString(ecdsa)); - - if (!perform.hasSignature()) { - System.err.println("Couldn't obtain ECDSA signature from card response."); + Command generate; + if (optKey != null || (optPublic != null && optPrivate != null)) { + generate = prepareKey(ECTesterApplet.KEYPAIR_LOCAL); } else { + generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL); + } + + byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + List prepare = new LinkedList<>(); + prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send()); + prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass))); + + systemOutLogger.println(Response.toString(prepare)); + + int retry = 0; + int done = 0; + while (done < optECDSACount) { + List ecdsa = new LinkedList<>(); + ecdsa.add(generate.send()); + + Response.ECDSA perform = new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, data).send(); + ecdsa.add(perform); + systemOutLogger.println(Response.toString(ecdsa)); + + if (!perform.successful() || !perform.hasSignature()) { + if (retry < 10) { + retry++; + continue; + } else { + System.err.println("Couldn't obtain ECDSA signature from card response."); + break; + } + } + if (optOutput != null) { FileWriter out = new FileWriter(optOutput); out.write(Util.bytesToHex(perform.getSignature(), false)); out.close(); } + ++done; } } @@ -758,12 +805,10 @@ public class ECTester { } /** - * @param keyLength - * @param keyClass * @return * @throws IOException */ - private List testCurve(short keyLength, byte keyClass) throws IOException { + private List testCurve() throws IOException { List commands = new LinkedList<>(); commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, (byte) 0)); diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index d1925b8..cdf82fc 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -127,7 +127,7 @@ public abstract class Response { } else { suffix = String.format("%s %s", Util.getPrintError(r.getSW1()), Util.getPrintError(r.getSW2())); } - out.append(String.format("%-55s: %s\n", message, suffix)); + out.append(String.format("%-55s: %5d ms : %s\n", message, r.time/1000000, suffix)); } return out.toString(); } -- cgit v1.2.3-70-g09d2 From c6cb9f4cda4391713bd59cc1e1e7cae8d50cf331 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 7 Mar 2017 23:54:16 +0100 Subject: Reader: added verbose flag, made CardMngr quiet. --- dist/ECTester.jar | Bin 208535 -> 104311 bytes src/cz/crcs/ectester/reader/CardMngr.java | 73 ++++++++++++++++++++---------- src/cz/crcs/ectester/reader/ECTester.java | 11 ++++- src/cz/crcs/ectester/reader/Response.java | 9 +++- 4 files changed, 64 insertions(+), 29 deletions(-) diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 0f2e8c6..8201bec 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/reader/CardMngr.java b/src/cz/crcs/ectester/reader/CardMngr.java index 6875d2e..e11bcb3 100644 --- a/src/cz/crcs/ectester/reader/CardMngr.java +++ b/src/cz/crcs/ectester/reader/CardMngr.java @@ -22,6 +22,7 @@ public class CardMngr { private JavaxSmartCardInterface simulator = null; private boolean simulate = false; + private boolean verbose = true; private final byte[] selectCM = { (byte) 0x00, (byte) 0xa4, (byte) 0x04, (byte) 0x00, (byte) 0x07, (byte) 0xa0, (byte) 0x00, (byte) 0x00, @@ -39,10 +40,14 @@ public class CardMngr { public static final short NUMBER_OF_RECORDS = (short) 0x0a; // 10 records public CardMngr() { - this(false); } - public CardMngr(boolean simulate) { + public CardMngr(boolean verbose) { + this.verbose = verbose; + } + + public CardMngr(boolean verbose, boolean simulate) { + this(verbose); this.simulate = simulate; } @@ -54,22 +59,27 @@ public class CardMngr { List terminalList = getReaderList(); if (terminalList == null || terminalList.isEmpty()) { - System.out.println("No terminals found"); + System.err.println("No terminals found"); return false; } //List numbers of Card readers boolean cardFound = false; for (int i = 0; i < terminalList.size(); i++) { - System.out.println(i + " : " + terminalList.get(i)); + + if (verbose) + System.out.println(i + " : " + terminalList.get(i)); + terminal = terminalList.get(i); if (terminal.isCardPresent()) { card = terminal.connect("*"); - System.out.println("card: " + card); + if (verbose) + System.out.println("card: " + card); channel = card.getBasicChannel(); //reset the card - System.out.println(Util.bytesToHex(card.getATR().getBytes())); + if (verbose) + System.out.println(Util.bytesToHex(card.getATR().getBytes())); cardFound = true; } @@ -85,7 +95,7 @@ public class CardMngr { // Test available card - if more present, let user to select one List terminalList = CardMngr.getReaderList(); if (terminalList == null || terminalList.isEmpty()) { - System.out.println("ERROR: No suitable reader with card detected. Please check your reader connection"); + System.err.println("ERROR: No suitable reader with card detected. Please check your reader connection"); return false; } else { if (terminalList.size() == 1) { @@ -116,7 +126,8 @@ public class CardMngr { if (terminal != null) { card = terminal.connect("*"); - System.out.println("card: " + card); + if (verbose) + System.out.println("card: " + card); channel = card.getBasicChannel(); } @@ -166,7 +177,7 @@ public class CardMngr { ResponseAPDU resp = send(apdu); if (resp.getSW() != 0x9000) { // 0x9000 is "OK" - System.out.println("Fail to obtain card's response data"); + System.err.println("Fail to obtain card's response data"); data = null; } else { byte temp[] = resp.getBytes(); @@ -191,7 +202,8 @@ public class CardMngr { ResponseAPDU resp = send(apdu); - System.out.println("Response: " + Integer.toHexString(resp.getSW())); + if (verbose) + System.out.println("Response: " + Integer.toHexString(resp.getSW())); if (resp.getSW() != 0x6D00) { // Note: 0x6D00 is SW_INS_NOT_SUPPORTED // something? @@ -204,16 +216,18 @@ public class CardMngr { TerminalFactory factory = TerminalFactory.getDefault(); return factory.terminals().list(); } catch (CardException ex) { - System.out.println("Exception : " + ex); + System.err.println("Exception : " + ex); return null; } } public ResponseAPDU sendAPDU(CommandAPDU apdu) throws CardException { - System.out.println(">>>>"); - System.out.println(apdu); + if (verbose) { + System.out.println(">>>>"); + System.out.println(apdu); - System.out.println(Util.bytesToHex(apdu.getBytes())); + System.out.println(Util.bytesToHex(apdu.getBytes())); + } long elapsed = -System.nanoTime(); @@ -221,8 +235,10 @@ public class CardMngr { elapsed += System.nanoTime(); - System.out.println(responseAPDU); - System.out.println(Util.bytesToHex(responseAPDU.getBytes())); + if (verbose) { + System.out.println(responseAPDU); + System.out.println(Util.bytesToHex(responseAPDU.getBytes())); + } if (responseAPDU.getSW1() == (byte) 0x61) { CommandAPDU apduToSend = new CommandAPDU((byte) 0x00, @@ -230,11 +246,14 @@ public class CardMngr { responseAPDU.getSW1()); responseAPDU = channel.transmit(apduToSend); - System.out.println(Util.bytesToHex(responseAPDU.getBytes())); + if (verbose) + System.out.println(Util.bytesToHex(responseAPDU.getBytes())); } - System.out.println("<<<<"); - System.out.println("Elapsed time (ms): " + elapsed / 1000000); + if (verbose) { + System.out.println("<<<<"); + System.out.println("Elapsed time (ms): " + elapsed / 1000000); + } return responseAPDU; } @@ -254,16 +273,20 @@ public class CardMngr { } public ResponseAPDU sendAPDUSimulator(CommandAPDU apdu) { - System.out.println(">>>>"); - System.out.println(apdu); - System.out.println(Util.bytesToHex(apdu.getBytes())); + if (verbose) { + System.out.println(">>>>"); + System.out.println(apdu); + System.out.println(Util.bytesToHex(apdu.getBytes())); + } ResponseAPDU response = simulator.transmitCommand(apdu); byte[] responseBytes = response.getBytes(); - System.out.println(response); - System.out.println(Util.bytesToHex(responseBytes)); - System.out.println("<<<<"); + if (verbose) { + System.out.println(response); + System.out.println(Util.bytesToHex(responseBytes)); + System.out.println("<<<<"); + } return response; } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index d94279e..c4d29a5 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -73,7 +73,8 @@ public class ECTester { private String optLog = null; - private String optInput; + private boolean optVerbose = false; + private String optInput = null; private String optOutput = null; private boolean optFresh = false; private boolean optSimulate = false; @@ -119,7 +120,7 @@ public class ECTester { } //init CardManager - cardManager = new CardMngr(optSimulate); + cardManager = new CardMngr(optVerbose, optSimulate); //connect or simulate connection if (optSimulate) { @@ -213,6 +214,9 @@ public class ECTester { * -k / --key [key_file] wx,wy,s * -nk / --named-key [cat/id] * + * -v / --verbose + * + * -i / --input [input_file] * -o / --output [output_file] * -f / --fresh * -s / --simulate @@ -260,6 +264,7 @@ public class ECTester { opts.addOption(Option.builder("i").longOpt("input").desc("Input from file [input_file], for ecdsa signing.").hasArg().argName("input_file").build()); opts.addOption(Option.builder("o").longOpt("output").desc("Output into file [output_file].").hasArg().argName("output_file").build()); opts.addOption(Option.builder("l").longOpt("log").desc("Log output into file [log_file].").hasArg().argName("log_file").optionalArg(true).build()); + opts.addOption(Option.builder("v").longOpt("verbose").desc("Turn on verbose logging.").build()); opts.addOption(Option.builder("f").longOpt("fresh").desc("Generate fresh keys(set domain parameters before every generation).").build()); opts.addOption(Option.builder("s").longOpt("simulate").desc("Simulate a card with jcardsim instead of using a terminal.").build()); @@ -295,6 +300,8 @@ public class ECTester { if (cli.hasOption("log")) { optLog = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); } + + optVerbose = cli.hasOption("verbose"); optInput = cli.getOptionValue("input"); optOutput = cli.getOptionValue("output"); optFresh = cli.hasOption("fresh"); diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index cdf82fc..28b6c17 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -119,7 +119,9 @@ public abstract class Response { public static String toString(List responses) { StringBuilder out = new StringBuilder(); - for (Response r : responses) { + for (int i = 0; i < responses.size(); ++i) { + Response r = responses.get(i); + String message = r.toString(); String suffix; if (r.getNumSW() == 1) { @@ -127,7 +129,10 @@ public abstract class Response { } else { suffix = String.format("%s %s", Util.getPrintError(r.getSW1()), Util.getPrintError(r.getSW2())); } - out.append(String.format("%-55s: %5d ms : %s\n", message, r.time/1000000, suffix)); + out.append(String.format("%-55s: %5d ms : %s", message, r.time/1000000, suffix)); + if (i < responses.size() - 1) { + out.append("\n"); + } } return out.toString(); } -- cgit v1.2.3-70-g09d2 From ea77f29683c8721ae1581b76f3f6b83ee26720bc Mon Sep 17 00:00:00 2001 From: J08nY Date: Thu, 9 Mar 2017 00:46:35 +0100 Subject: Reader: fixed ECDH and ECDSA output, also named curve testing --- !uploader/ectester.cap | Bin 13789 -> 13790 bytes dist/ECTester.jar | Bin 104311 -> 211003 bytes src/cz/crcs/ectester/data/EC_Data.java | 25 +++++++++++++++++---- src/cz/crcs/ectester/reader/ECTester.java | 31 ++++++++++++++++++++------- src/cz/crcs/ectester/reader/Response.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Curve.java | 2 ++ 6 files changed, 47 insertions(+), 13 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 4dc1bca..c669495 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 8201bec..6ebc1c8 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/data/EC_Data.java b/src/cz/crcs/ectester/data/EC_Data.java index a867fcf..0c4bda2 100644 --- a/src/cz/crcs/ectester/data/EC_Data.java +++ b/src/cz/crcs/ectester/data/EC_Data.java @@ -10,7 +10,9 @@ import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; +import org.xml.sax.ErrorHandler; import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; @@ -29,12 +31,12 @@ import java.util.Map; */ public class EC_Data { - private DocumentBuilderFactory dbf; + private DocumentBuilder db; private Map categories; public EC_Data() { - dbf = DocumentBuilderFactory.newInstance(); + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); try { SchemaFactory scf = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI); @@ -43,6 +45,23 @@ public class EC_Data { dbf.setNamespaceAware(true); dbf.setIgnoringComments(true); dbf.setIgnoringElementContentWhitespace(true); + db = dbf.newDocumentBuilder(); + db.setErrorHandler(new ErrorHandler() { + @Override + public void warning(SAXParseException exception) throws SAXException { + System.err.println("EC_Data | Warning : " + exception); + } + + @Override + public void error(SAXParseException exception) throws SAXException { + System.err.println("EC_Data | Error : " + exception); + } + + @Override + public void fatalError(SAXParseException exception) throws SAXException { + System.err.println("EC_Data | Fatal : " + exception); + } + }); parse(); } catch (ParserConfigurationException | IOException | SAXException e) { @@ -51,7 +70,6 @@ public class EC_Data { } private void parse() throws SAXException, ParserConfigurationException, IOException { - DocumentBuilder db = dbf.newDocumentBuilder(); Document categoriesDoc = db.parse(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/categories.xml")); categoriesDoc.normalize(); @@ -76,7 +94,6 @@ public class EC_Data { } private EC_Category parseCategory(String name, String dir, String desc) throws ParserConfigurationException, IOException, SAXException { - DocumentBuilder db = dbf.newDocumentBuilder(); Map objMap = new HashMap<>(); diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index c4d29a5..86588df 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -602,6 +602,12 @@ public class ECTester { generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); } + FileWriter out = null; + if (optOutput != null) { + out = new FileWriter(optOutput); + out.write("index;time;secret\n"); + } + int retry = 0; int done = 0; while (done < optECDHCount) { @@ -621,13 +627,15 @@ public class ECTester { } } - if (optOutput != null) { - FileWriter out = new FileWriter(optOutput); - out.write(Util.bytesToHex(perform.getSecret(), false)); - out.close(); + if (out != null) { + out.write(String.format("%d;%d;%s\n", done, perform.getDuration() / 1000000, Util.bytesToHex(perform.getSecret(), false))); } + ++done; } + + if (out != null) + out.close(); } /** @@ -662,6 +670,12 @@ public class ECTester { systemOutLogger.println(Response.toString(prepare)); + FileWriter out = null; + if (optOutput != null) { + out = new FileWriter(optOutput); + out.write("index;time;signature\n"); + } + int retry = 0; int done = 0; while (done < optECDSACount) { @@ -682,13 +696,14 @@ public class ECTester { } } - if (optOutput != null) { - FileWriter out = new FileWriter(optOutput); - out.write(Util.bytesToHex(perform.getSignature(), false)); - out.close(); + if (out != null) { + out.write(String.format("%d;%d;%s\n", done, perform.getDuration() / 1000000, Util.bytesToHex(perform.getSignature(), false))); } + ++done; } + if (out != null) + out.close(); } /** diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 28b6c17..e76d35c 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -129,7 +129,7 @@ public abstract class Response { } else { suffix = String.format("%s %s", Util.getPrintError(r.getSW1()), Util.getPrintError(r.getSW2())); } - out.append(String.format("%-55s: %5d ms : %s", message, r.time/1000000, suffix)); + out.append(String.format("%-55s:%5d ms : %s", message, r.time/1000000, suffix)); if (i < responses.size() - 1) { out.append("\n"); } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java index 08a0b8a..273b1f4 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -20,6 +20,8 @@ public class EC_Curve extends EC_Params { public EC_Curve(short bits, byte field) { super(field == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M); this.bits = bits; + + this.field = field; } public EC_Curve(short bits, byte field, String desc) { -- cgit v1.2.3-70-g09d2 From b8e77022e075cd53994ad8c2bacb84307b5fb66f Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 14 Mar 2017 01:28:25 +0100 Subject: Created a new command: Corrupt Originaly a part of a set command, now allows more control of keypairs --- !uploader/ectester.cap | Bin 13790 -> 13953 bytes dist/ECTester.jar | Bin 211003 -> 215677 bytes src/cz/crcs/ectester/applet/ECTesterApplet.java | 88 +++++++++++++++++------- src/cz/crcs/ectester/applet/EC_Consts.java | 19 +++-- src/cz/crcs/ectester/reader/Command.java | 59 ++++++++++++---- src/cz/crcs/ectester/reader/ECTester.java | 18 ++--- src/cz/crcs/ectester/reader/Response.java | 51 +++++++++++--- src/cz/crcs/ectester/reader/Util.java | 32 +++++++++ 8 files changed, 205 insertions(+), 62 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index c669495..ff977bc 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 6ebc1c8..fcbe5b6 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index 323b971..6623647 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -46,10 +46,11 @@ public class ECTesterApplet extends Applet { public static final byte INS_ALLOCATE = (byte) 0x5a; public static final byte INS_CLEAR = (byte) 0x5b; public static final byte INS_SET = (byte) 0x5c; - public static final byte INS_GENERATE = (byte) 0x5d; - public static final byte INS_EXPORT = (byte) 0x5e; - public static final byte INS_ECDH = (byte) 0x5f; - public static final byte INS_ECDSA = (byte) 0x60; + public static final byte INS_CORRUPT = (byte) 0x5d; + public static final byte INS_GENERATE = (byte) 0x5e; + public static final byte INS_EXPORT = (byte) 0x5f; + public static final byte INS_ECDH = (byte) 0x60; + public static final byte INS_ECDSA = (byte) 0x61; // PARAMETERS for P1 and P2 public static final byte KEYPAIR_LOCAL = (byte) 0x01; @@ -132,6 +133,9 @@ public class ECTesterApplet extends Applet { case INS_SET: insSet(apdu); break; + case INS_CORRUPT: + insCorrupt(apdu); + break; case INS_GENERATE: insGenerate(apdu); break; @@ -199,13 +203,11 @@ public class ECTesterApplet extends Applet { /** * Sets curve parameters on local and remote keyPairs. - * returns setCurve SWs, set params if export + * returns setCurve SWs * * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) * P2 = byte curve (EC_Consts.CURVE_*) * DATA = short params (EC_Consts.PARAMETER_* | ...) - * short corruptedParams (EC_Consts.PARAMETER_* | ...) - * byte corruptionType (EC_Consts.CORRUPTION_*) *

* if curveID = CURVE_EXTERNAL: * [short paramLength, byte[] param], @@ -219,16 +221,44 @@ public class ECTesterApplet extends Applet { byte keyPair = apdubuf[ISO7816.OFFSET_P1]; byte curve = apdubuf[ISO7816.OFFSET_P2]; short params = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); - short corruptedParams = Util.getShort(apdubuf, (short) (ISO7816.OFFSET_CDATA + 2)); - byte corruptionType = apdubuf[(short) (ISO7816.OFFSET_CDATA + 4)]; short len = 0; if ((keyPair & KEYPAIR_LOCAL) != 0) { - len += set(localKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 5), (short) 0); + len += set(localKeypair, curve, params, apdubuf, (short) (ISO7816.OFFSET_CDATA + 2), (short) 0); + } + if ((keyPair & KEYPAIR_REMOTE) != 0) { + len += set(remoteKeypair, curve, params, apdubuf, (short) (ISO7816.OFFSET_CDATA + 2), len); + } + + apdu.setOutgoingAndSend((short) 0, len); + } + + /** + * Corrupts curve paramaters of local and remote keyPairs. + * returns corruptCurve SWs + * + * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) + * P2 = byte key (EC_Consts.KEY_* | ...) + * DATA = short params (EC_Consts.PARAMETER_* | ...) + * byte corruption (EC_Consts.CORRUPTION_* || ...) + */ + private void insCorrupt(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + byte keyPair = apdubuf[ISO7816.OFFSET_P1]; + byte key = apdubuf[ISO7816.OFFSET_P2]; + short params = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); + byte corruption = apdubuf[(short) (ISO7816.OFFSET_CDATA + 2)]; + + short len = 0; + if ((keyPair & KEYPAIR_LOCAL) != 0) { + len += corrupt(localKeypair, key, params, corruption, apdubuf, (short) 0); } + if ((keyPair & KEYPAIR_REMOTE) != 0) { - len += set(remoteKeypair, curve, params, corruptedParams, corruptionType, apdubuf, (short) (ISO7816.OFFSET_CDATA + 5), len); + len += corrupt(remoteKeypair, key, params, corruption, apdubuf, len); } apdu.setOutgoingAndSend((short) 0, len); @@ -236,7 +266,7 @@ public class ECTesterApplet extends Applet { /** * Generates the local and remote keyPairs. - * returns generate SWs, pubkey and privkey if export + * returns generate SWs * * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) * P2 = @@ -376,17 +406,15 @@ public class ECTesterApplet extends Applet { } /** - * @param keyPair KeyPair to set params on - * @param curve curve to set (EC_Consts.CURVE_*) - * @param params parameters to set (EC_Consts.PARAMETER_* | ...) - * @param corrupted parameters to corrupt (EC_Consts.PARAMETER_* | ...) - * @param corruption corruption type (EC_Consts.CORRUPTION_*) - * @param buffer buffer to read params from and write sw to - * @param inOffset input offset in buffer - * @param outOffset output offset in buffer + * @param keyPair KeyPair to set params on + * @param curve curve to set (EC_Consts.CURVE_*) + * @param params parameters to set (EC_Consts.PARAMETER_* | ...) + * @param buffer buffer to read params from and write sw to + * @param inOffset input offset in buffer + * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short set(KeyPair keyPair, byte curve, short params, short corrupted, byte corruption, byte[] buffer, short inOffset, short outOffset) { + private short set(KeyPair keyPair, byte curve, short params, byte[] buffer, short inOffset, short outOffset) { short sw = ISO7816.SW_NO_ERROR; switch (curve) { @@ -403,12 +431,26 @@ public class ECTesterApplet extends Applet { break; } - if (sw == ISO7816.SW_NO_ERROR) - sw = keyGenerator.corruptCurve(keyPair, corrupted, corruption, ramArray, (short) 0); Util.setShort(buffer, outOffset, sw); return 2; } + /** + * + * @param keyPair KeyPair to corrupt + * @param key key to corrupt (EC_Consts.KEY_* | ...) + * @param params parameters to corrupt (EC_Consts.PARAMETER_* | ...) + * @param corruption corruption type (EC_Consts.CORRUPTION_*) + * @param buffer buffer to output sw to + * @param offset output offset in buffer + * @return length of data written to the buffer + */ + private short corrupt(KeyPair keyPair, byte key, short params, byte corruption, byte[] buffer, short offset) { + short sw = keyGenerator.corruptCurve(keyPair, key, params, corruption, ramArray, (short) 0); + Util.setShort(buffer, offset, sw); + return 2; + } + /** * @param keyPair KeyPair to generate * @param buffer buffer to write sw to diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index fc62c67..68fb4c9 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -947,6 +947,7 @@ public class EC_Consts { public static final byte CORRUPTION_ONEBYTERANDOM = (byte) 0x03; public static final byte CORRUPTION_ZERO = (byte) 0x04; public static final byte CORRUPTION_ONE = (byte) 0x05; + public static final byte CORRUPTION_INCREMENT = (byte) 0x06; // Supported embedded curves, getCurveParameter @@ -1269,18 +1270,16 @@ public class EC_Consts { case CORRUPTION_ONE: Util.arrayFillNonAtomic(buffer, offset, length, (byte) 1); break; + case CORRUPTION_INCREMENT: + short index = (short) (offset + length - 1); + byte value; + do { + value = buffer[index]; + buffer[index--] = ++value; + } while (value == (byte) 0 && index >= offset); + break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - /* //TODO implement CORRUPT_B_LASTBYTEINCREMENT somehow - case CORRUPT_B_LASTBYTEINCREMENT: - m_ramArray2[(short) (m_lenB - 1)] += 1; - // Make sure its not the valid byte again - if (m_ramArray[(short) (m_lenB - 1)] == m_ramArray2[(short) (m_lenB - 1)]) { - m_ramArray2[(short) (m_lenB - 1)] += 1; // if yes, increment once more - } - break; - } - */ } } diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index c6ce2b5..cb2321a 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -75,6 +75,10 @@ public abstract class Command { public static class Clear extends Command { private byte keyPair; + /** + * @param cardManager + * @param keyPair which keyPair clear, local/remote (KEYPAIR_* || ...) + */ public Clear(CardMngr cardManager, byte keyPair) { super(cardManager); this.keyPair = keyPair; @@ -98,8 +102,6 @@ public abstract class Command { private byte keyPair; private byte curve; private short params; - private short corrupted; - private byte corruption; private byte[] external; /** @@ -109,26 +111,20 @@ public abstract class Command { * @param keyPair which keyPair to set params on, local/remote (KEYPAIR_* || ...) * @param curve curve to set (EC_Consts.CURVE_*) * @param params parameters to set (EC_Consts.PARAMETER_* | ...) - * @param corrupted parameters to corrupt (EC_Consts.PARAMETER_* | ...) - * @param corruption corruption type (EC_Consts.CORRUPTION_*) * @param external external curve data, can be null */ - public Set(CardMngr cardManager, byte keyPair, byte curve, short params, short corrupted, byte corruption, byte[] external) { + public Set(CardMngr cardManager, byte keyPair, byte curve, short params, byte[] external) { super(cardManager); this.keyPair = keyPair; this.curve = curve; this.params = params; - this.corrupted = corrupted; - this.corruption = corruption; this.external = external; - int len = external != null ? 5 + 2 + external.length : 5; + int len = external != null ? 2 + external.length : 2; byte[] data = new byte[len]; Util.setShort(data, 0, params); - Util.setShort(data, 2, corrupted); - data[4] = corruption; if (external != null) { - System.arraycopy(external, 0, data, 5, external.length); + System.arraycopy(external, 0, data, 2, external.length); } this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_SET, keyPair, curve, data); @@ -139,7 +135,46 @@ public abstract class Command { long elapsed = -System.nanoTime(); ResponseAPDU response = cardManager.send(cmd); elapsed += System.nanoTime(); - return new Response.Set(response, elapsed, keyPair, curve, params, corrupted); + return new Response.Set(response, elapsed, keyPair, curve, params); + } + } + + /** + * + */ + public static class Corrupt extends Command { + private byte keyPair; + private byte key; + private short params; + private byte corruption; + + /** + * @param cardManager + * @param keyPair which keyPair to corrupt, local/remote (KEYPAIR_* || ...) + * @param key + * @param params parameters to corrupt (EC_Consts.PARAMETER_* | ...) + * @param corruption corruption type (EC_Consts.CORRUPTION_*) + */ + protected Corrupt(CardMngr cardManager, byte keyPair, byte key, short params, byte corruption) { + super(cardManager); + this.keyPair = keyPair; + this.key = key; + this.params = params; + this.corruption = corruption; + + byte[] data = new byte[3]; + Util.setShort(data, 0, params); + data[2] = corruption; + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_CORRUPT, keyPair, key, data); + } + + @Override + public Response.Corrupt send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.Corrupt(response, elapsed, keyPair, key, params, corruption); } } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 86588df..35982d7 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -233,14 +233,14 @@ public class ECTester { opts.addOptionGroup(actions); OptionGroup size = new OptionGroup(); - size.addOption(Option.builder("b").longOpt("bit-size").desc("Set curve size.").hasArg().argName("b").build()); + size.addOption(Option.builder("b").longOpt("bit-size").desc("Set curve size.").hasArg().argName("bits").build()); size.addOption(Option.builder("a").longOpt("all").desc("Test all curve sizes.").build()); opts.addOptionGroup(size); OptionGroup curve = new OptionGroup(); curve.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").hasArg().argName("cat/id").build()); curve.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file [curve_file] (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); - curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve(applet-side embedded, SECG curves).").build()); + curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve(applet-side embedded, SECG curvgites).").build()); opts.addOptionGroup(curve); opts.addOption(Option.builder("fp").longOpt("prime-field").desc("Use prime field curve.").build()); @@ -257,7 +257,7 @@ public class ECTester { opts.addOptionGroup(priv); OptionGroup key = new OptionGroup(); - key.addOption(Option.builder("nk").longOpt("named-key").desc("Use keyPair from KeyDB: [cat/id|id|cat]").hasArg().argName("[cat/id|id|cat]").build()); + key.addOption(Option.builder("nk").longOpt("named-key").desc("Use keyPair from KeyDB: [cat/id]").hasArg().argName("cat/id").build()); key.addOption(Option.builder("k").longOpt("key").desc("Use keyPair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); opts.addOptionGroup(key); @@ -529,7 +529,7 @@ public class ECTester { if (curve.getField() == KeyPair.ALG_EC_FP) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_FP)); byte[] external = curve.flatten(); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); commands.addAll(testCurve()); } } @@ -540,7 +540,7 @@ public class ECTester { if (curve.getField() == KeyPair.ALG_EC_F2M) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_F2M)); byte[] external = curve.flatten(); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); commands.addAll(testCurve()); } } @@ -719,7 +719,7 @@ public class ECTester { short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; if (optCustomCurve) { // Set custom curve (one of the SECG curves embedded applet-side) - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, null)); + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null)); } else if (optNamedCurve != null) { // Set a named curve. // parse optNamedCurve -> cat / id | cat | id @@ -735,7 +735,7 @@ public class ECTester { if (external == null) { throw new IOException("Couldn't read named curve data."); } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, external)); } else if (optCurveFile != null) { // Set curve loaded from a file EC_Params params = new EC_Params(domainParams); @@ -748,7 +748,7 @@ public class ECTester { if (external == null) { throw new IOException("Couldn't read the curve file correctly."); } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, external)); + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, external)); } else { // Set default curve commands.add(new Command.Clear(cardManager, keyPair)); @@ -823,7 +823,7 @@ public class ECTester { } data = Util.concatenate(data, privkey); } - return new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, params, EC_Consts.PARAMETERS_NONE, EC_Consts.CORRUPTION_NONE, data); + return new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, params, data); } /** diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index e76d35c..25b5817 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -129,7 +129,7 @@ public abstract class Response { } else { suffix = String.format("%s %s", Util.getPrintError(r.getSW1()), Util.getPrintError(r.getSW2())); } - out.append(String.format("%-55s:%5d ms : %s", message, r.time/1000000, suffix)); + out.append(String.format("%-55s:%5d ms : %s", message, r.time / 1000000, suffix)); if (i < responses.size() - 1) { out.append("\n"); } @@ -202,14 +202,12 @@ public abstract class Response { private byte keyPair; private byte curve; private short parameters; - private short corrupted; - protected Set(ResponseAPDU response, long time, byte keyPair, byte curve, short parameters, short corrupted) { + protected Set(ResponseAPDU response, long time, byte keyPair, byte curve, short parameters) { super(response, time); this.keyPair = keyPair; this.curve = curve; this.parameters = parameters; - this.corrupted = corrupted; int pairs = 0; if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) pairs++; @@ -232,17 +230,54 @@ public abstract class Response { name = "custom"; break; } - String key; + String pair; if (keyPair == ECTesterApplet.KEYPAIR_BOTH) { - key = "both keypairs"; + pair = "both keypairs"; } else { - key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; + pair = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Set %s curve parameters on %s", name, key); + return String.format("Set %s curve parameters on %s", name, pair); } } + /** + * + */ + public static class Corrupt extends Response { + private byte keyPair; + private byte key; + private short params; + private byte corruption; + + protected Corrupt(ResponseAPDU response, long time, byte keyPair, byte key, short params, byte corruption) { + super(response, time); + this.keyPair = keyPair; + this.key = key; + this.params = params; + this.corruption = corruption; + + int pairs = 0; + if ((keyPair & ECTesterApplet.KEYPAIR_LOCAL) != 0) pairs++; + if ((keyPair & ECTesterApplet.KEYPAIR_REMOTE) != 0) pairs++; + + parse(pairs, 0); + } + + @Override + public String toString() { + String corrupt = Util.getCorruption(corruption); + + String pair; + if (keyPair == ECTesterApplet.KEYPAIR_BOTH) { + pair = "both keypairs"; + } else { + pair = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; + } + return String.format("Corrupted params of %s, %s", pair, corrupt); + } + } + /** * */ diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index e297ab1..91a34d7 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -1,6 +1,7 @@ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; +import cz.crcs.ectester.applet.EC_Consts; import javacard.framework.ISO7816; import javacard.security.CryptoException; @@ -130,4 +131,35 @@ public class Util { return String.format("fail\t(%s,\t0x%04x)", codeStr, code); } } + + public static String getCorruption(byte corruptionType) { + String corrupt; + switch (corruptionType) { + case EC_Consts.CORRUPTION_NONE: + corrupt = "NONE"; + break; + case EC_Consts.CORRUPTION_FIXED: + corrupt = "FIXED"; + break; + case EC_Consts.CORRUPTION_ONE: + corrupt = "ONE"; + break; + case EC_Consts.CORRUPTION_ZERO: + corrupt = "ZERO"; + break; + case EC_Consts.CORRUPTION_ONEBYTERANDOM: + corrupt = "ONE_BYTE_RANDOM"; + break; + case EC_Consts.CORRUPTION_FULLRANDOM: + corrupt = "FULL_RANDOM"; + break; + case EC_Consts.CORRUPTION_INCREMENT: + corrupt = "INCREMENT"; + break; + default: + corrupt = "UNKNOWN"; + break; + } + return corrupt; + } } -- cgit v1.2.3-70-g09d2 From 6a059501354b6b247bb8187b3f7973255176b4c0 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 14 Mar 2017 01:34:08 +0100 Subject: fix mistype --- dist/ECTester.jar | Bin 215677 -> 215674 bytes src/cz/crcs/ectester/reader/ECTester.java | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/dist/ECTester.jar b/dist/ECTester.jar index fcbe5b6..d82c605 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 35982d7..68343e2 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -240,7 +240,7 @@ public class ECTester { OptionGroup curve = new OptionGroup(); curve.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").hasArg().argName("cat/id").build()); curve.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file [curve_file] (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); - curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve(applet-side embedded, SECG curvgites).").build()); + curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve(applet-side embedded, SECG curves).").build()); opts.addOptionGroup(curve); opts.addOption(Option.builder("fp").longOpt("prime-field").desc("Use prime field curve.").build()); -- cgit v1.2.3-70-g09d2 From 80b008850c961911ca9763947ebb6066f5288fff Mon Sep 17 00:00:00 2001 From: J08nY Date: Thu, 16 Mar 2017 01:00:55 +0100 Subject: Cleanup, add ECDH corruption tests. Reader: - added ECDH corruption tests - fixed EC_Data keys.xml search path - added more output to --list-named / -ln Both: - changed up ECDH command to support arbitrary temporary pubkey corruption --- !uploader/ectester.cap | Bin 13953 -> 13653 bytes README.md | 73 ++++++++++++++++--- dist/ECTester.jar | Bin 215674 -> 215702 bytes src/cz/crcs/ectester/applet/ECKeyTester.java | 36 ++------- src/cz/crcs/ectester/applet/ECTesterApplet.java | 28 +++---- src/cz/crcs/ectester/applet/EC_Consts.java | 9 --- src/cz/crcs/ectester/data/EC_Data.java | 3 +- src/cz/crcs/ectester/reader/Command.java | 12 +-- src/cz/crcs/ectester/reader/ECTester.java | 93 ++++++++++++++++++------ src/cz/crcs/ectester/reader/Response.java | 52 +++---------- 10 files changed, 169 insertions(+), 137 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index ff977bc..e517e19 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/README.md b/README.md index c877a46..0ec96dc 100644 --- a/README.md +++ b/README.md @@ -1,26 +1,75 @@ -ECTester -======== +# ECTester -Tests support and behavior of smartcards with JavaCard platform with focus on Eliptic curves (TYPE_EC_FP and TYPE_EC_F2M). +Tests support and behavior of smartcards with JavaCard platform with focus on Eliptic curves (`TYPE_EC_FP` and `TYPE_EC_F2M`). -Usage ------- -1. Upload ectester.cap using your favorite tool (e.g., [GlobalPlatformPro tool](https://github.com/martinpaljak/GlobalPlatform)) -2. Run `java -jar ectester.jar` +## Usage + +1. Upload `!uploader/ectester.cap` using your favorite tool (e.g., [GlobalPlatformPro tool](https://github.com/martinpaljak/GlobalPlatform)) +2. Run `java -jar dist/ECTester.jar -t -a` 3. Inspect output log with annotated results Following operations are tested: - Allocation of new KeyPair class for specified parameters -- Generation of keypair with default curve -- Setting of custom curve and keypair generation +- Generation of KeyPair with default curve +- Setting of custom curve and KeyPair generation - Generation of shared secret via ECDH - Signature via ECDSA - Behavior of card when invalid curves/points are provided (should fail) -See `java -jar ectester.jar -h` for more. +See `java -jar ectester.jar -h` for more. + +### Options + +``` + -ln,--list-named Print the list of supported named + curves, keys and keypairs. + -dsa,--ecdsa Sign data with ECDSA, [count] times. + -t,--test Test ECC support. + -dh,--ecdh Do ECDH, [count] times. + -e,--export Export the defaut curve parameters of + the card(if any). + -g,--generate Generate [amount] of EC keys. + -h,--help Print help. + + -a,--all Test all curve sizes. + -b,--bit-size Set curve size. + + -c,--curve Use curve from file [curve_file] + (field,a,b,gx,gy,r,k). + -nc,--named-curve Use a named curve. + -u,--custom Use a custom curve(applet-side + embedded, SECG curves). + + -fp,--prime-field Use prime field curve. + -f2m,--binary-field Use binary field curve. + + -npub,--named-public Use public key from KeyDB: [cat/id] + -pub,--public Use public key from file [pubkey_file] + (wx,wy). + + -priv,--private Use private key from file + [privkey_file] (s). + -npriv,--named-private Use private key from KeyDB: [cat/id] + + -k,--key Use keyPair from file [key_file] + (wx,wy,s). + -nk,--named-key Use keyPair from KeyDB: [cat/id] + + -i,--input Input from file [input_file], for ecdsa + signing. + -o,--output Output into file [output_file]. + -l,--log Log output into file [log_file]. + -v,--verbose Turn on verbose logging. + + -f,--fresh Generate fresh keys(set domain + parameters before every generation). + -s,--simulate Simulate a card with jcardsim instead + of using a terminal. + +``` + +### Example -Example output --------------- ### Test for support and with valid and invalid EC curves EC type: ALG_EC_FP diff --git a/dist/ECTester.jar b/dist/ECTester.jar index d82c605..21cbcf7 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 2e3e86e..61848b8 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -68,19 +68,6 @@ public class ECKeyTester { return length; } - private short testKA_validPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - return testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - } - - private short testKA_invalidPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - pubkeyBuffer[(short) (pubkeyLength - 2)] += 0xcc; - pubkeyBuffer[(short) (pubkeyLength - 3)] += 0xcc; - short result = testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - pubkeyBuffer[(short) (pubkeyLength - 2)] -= 0xcc; - pubkeyBuffer[(short) (pubkeyLength - 3)] -= 0xcc; - return result; - } - /** * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. @@ -92,19 +79,15 @@ public class ECKeyTester { * @param pubkeyOffset * @param outputBuffer * @param outputOffset + * @param corruption * @return derived secret length **/ - public short testECDH_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + public short testECDH(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_validPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); + return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } - public short testECDH_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_invalidPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - /** * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. @@ -116,17 +99,14 @@ public class ECKeyTester { * @param pubkeyOffset * @param outputBuffer * @param outputOffset + * @param corruption * @return ISO7816.SW_NO_ERROR on correct operation, * exception reason otherwise */ - public short testECDHC_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_validPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - public short testECDHC_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { + public short testECDHC(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_invalidPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); + return testKA(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } /** diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index 6623647..cdb0fbd 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -324,7 +324,7 @@ public class ECTesterApplet extends Applet { * @param apdu P1 = byte pubkey (KEYPAIR_*) * P2 = byte privkey (KEYPAIR_*) * DATA = byte export (EXPORT_TRUE || EXPORT_FALSE) - * byte invalid (00 = valid, !00 = invalid) + * byte corruption (00 = valid, !00 = invalid) */ private void insECDH(APDU apdu) { apdu.setIncomingAndReceive(); @@ -333,9 +333,9 @@ public class ECTesterApplet extends Applet { byte pubkey = apdubuf[ISO7816.OFFSET_P1]; byte privkey = apdubuf[ISO7816.OFFSET_P2]; byte export = apdubuf[ISO7816.OFFSET_CDATA]; - byte invalid = apdubuf[(short) (ISO7816.OFFSET_CDATA + 1)]; + byte corruption = apdubuf[(short) (ISO7816.OFFSET_CDATA + 1)]; - short len = ecdh(pubkey, privkey, export, invalid, apdubuf, (short) 0); + short len = ecdh(pubkey, privkey, export, corruption, apdubuf, (short) 0); apdu.setOutgoingAndSend((short) 0, len); } @@ -436,7 +436,6 @@ public class ECTesterApplet extends Applet { } /** - * * @param keyPair KeyPair to corrupt * @param key key to corrupt (EC_Consts.KEY_* | ...) * @param params parameters to corrupt (EC_Consts.PARAMETER_* | ...) @@ -494,26 +493,21 @@ public class ECTesterApplet extends Applet { } /** - * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) - * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) - * @param export whether to export ECDH secret - * @param invalid whether to invalidate the pubkey before ECDH - * @param buffer buffer to write sw to, and export ECDH secret {@code if(export == EXPORT_TRUE)} - * @param offset output offset in buffer + * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) + * @param export whether to export ECDH secret + * @param corruption whether to invalidate the pubkey before ECDH + * @param buffer buffer to write sw to, and export ECDH secret {@code if(export == EXPORT_TRUE)} + * @param offset output offset in buffer * @return length of data written to the buffer */ - private short ecdh(byte pubkey, byte privkey, byte export, byte invalid, byte[] buffer, short offset) { + private short ecdh(byte pubkey, byte privkey, byte export, byte corruption, byte[] buffer, short offset) { short length = 0; KeyPair pub = ((pubkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; KeyPair priv = ((privkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; - short secretLength; - if (invalid != 0) { - secretLength = keyTester.testECDH_invalidPoint((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0); - } else { - secretLength = keyTester.testECDH_validPoint((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0); - } + short secretLength = keyTester.testECDH((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); Util.setShort(buffer, offset, keyTester.getSW()); length += 2; diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index 68fb4c9..50f14a9 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -1224,15 +1224,6 @@ public class EC_Consts { return length; } - public static short getCorruptCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset, byte corruptionType) { - short length = getCurveParameter(curve, param, outputBuffer, outputOffset); - if (length <= 0) { - return length; - } - corruptParameter(corruptionType, outputBuffer, outputOffset, length); - return length; - } - public static void corruptParameter(byte corruption, byte[] buffer, short offset, short length) { switch (corruption) { case CORRUPTION_NONE: diff --git a/src/cz/crcs/ectester/data/EC_Data.java b/src/cz/crcs/ectester/data/EC_Data.java index 0c4bda2..98b2d59 100644 --- a/src/cz/crcs/ectester/data/EC_Data.java +++ b/src/cz/crcs/ectester/data/EC_Data.java @@ -139,7 +139,7 @@ public class EC_Data { } } - InputStream keysStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data" + dir + "/keys.xml"); + InputStream keysStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/keys.xml"); if (keysStream != null) { Document keysDoc = db.parse(keysStream); keysDoc.normalize(); @@ -149,7 +149,6 @@ public class EC_Data { Node direct = directs.item(i); if (direct instanceof Element) { Element elem = (Element) direct; - String tag = elem.getTagName(); NodeList childs = elem.getChildNodes(); String id = null; diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index cb2321a..876e999 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -250,7 +250,7 @@ public abstract class Command { private byte pubkey; private byte privkey; private byte export; - private byte invalid; + private byte corruption; /** * Creates the INS_ECDH instruction. @@ -259,16 +259,16 @@ public abstract class Command { * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDH secret - * @param invalid whether to invalidate the pubkey before ECDH + * @param corruption whether to invalidate the pubkey before ECDH (EC_Consts.CORRUPTION_* || ...) */ - public ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte invalid) { + public ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte corruption) { super(cardManager); this.pubkey = pubkey; this.privkey = privkey; this.export = export; - this.invalid = invalid; + this.corruption = corruption; - byte[] data = new byte[]{export, invalid}; + byte[] data = new byte[]{export, corruption}; this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDH, pubkey, privkey, data); } @@ -278,7 +278,7 @@ public abstract class Command { long elapsed = -System.nanoTime(); ResponseAPDU response = cardManager.send(cmd); elapsed += System.nanoTime(); - return new Response.ECDH(response, elapsed, pubkey, privkey, export, invalid); + return new Response.ECDH(response, elapsed, pubkey, privkey, export, corruption); } } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 68343e2..cc8e0aa 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -62,15 +62,20 @@ public class ECTester { private String optCurveFile = null; private boolean optCustomCurve = false; + private boolean optAnyPublic = false; private String optNamedPublic = null; private String optPublic = null; + private boolean optAnyPrivate = false; private String optNamedPrivate = null; private String optPrivate = null; + private boolean optAnyKey = false; private String optNamedKey = null; private String optKey = null; + private boolean optAnyKeypart = false; + private String optLog = null; private boolean optVerbose = false; @@ -107,10 +112,7 @@ public class ECTester { dataDB = new EC_Data(); //if list, print and quit if (cli.hasOption("list-named")) { - Map categories = dataDB.getCategories(); - for (EC_Category cat : categories.values()) { - System.out.println("\t- " + cat.getName() + ": " + (cat.getDesc() == null ? "" : cat.getDesc())); - } + list(); return; } @@ -193,7 +195,7 @@ public class ECTester { * -t / --test * -dh / --ecdh * -dsa / --ecdsa [data_file] - * --list-named + * -ln / --list-named * * Options: * -b / --bit-size [b] // -a / --all @@ -224,7 +226,7 @@ public class ECTester { OptionGroup actions = new OptionGroup(); actions.setRequired(true); actions.addOption(Option.builder("h").longOpt("help").desc("Print help.").build()); - actions.addOption(Option.builder().longOpt("list-named").desc("Print the list of supported named curves and keys.").build()); + actions.addOption(Option.builder("ln").longOpt("list-named").desc("Print the list of supported named curves and keys.").build()); actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").build()); @@ -238,7 +240,7 @@ public class ECTester { opts.addOptionGroup(size); OptionGroup curve = new OptionGroup(); - curve.addOption(Option.builder("n").longOpt("named").desc("Use a named curve.").hasArg().argName("cat/id").build()); + curve.addOption(Option.builder("nc").longOpt("named-curve").desc("Use a named curve.").hasArg().argName("cat/id").build()); curve.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file [curve_file] (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve(applet-side embedded, SECG curves).").build()); opts.addOptionGroup(curve); @@ -291,12 +293,17 @@ public class ECTester { optNamedPublic = cli.getOptionValue("named-public"); optPublic = cli.getOptionValue("public"); + optAnyPublic = (optPublic != null) || (optNamedPublic != null); optNamedPrivate = cli.getOptionValue("named-private"); optPrivate = cli.getOptionValue("private"); + optAnyPrivate = (optPrivate != null) || (optNamedPrivate != null); optNamedKey = cli.getOptionValue("named-key"); optKey = cli.getOptionValue("key"); + optAnyKey = (optKey != null) || (optNamedKey != null); + optAnyKeypart = optAnyKey || optAnyPublic || optAnyPrivate; + if (cli.hasOption("log")) { optLog = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); } @@ -330,7 +337,7 @@ public class ECTester { System.err.print("Need to specify field with -fp or -f2m. (not both)"); return false; } - if (optKey != null || optPublic != null || optPrivate != null || optNamedKey != null || optNamedPublic != null || optNamedPrivate != null) { + if (optAnyKeypart) { System.err.println("Keys should not be specified when exporting curve params."); return false; } @@ -352,7 +359,7 @@ public class ECTester { System.err.print("Need to specify field with -fp or -f2m. (not both)"); return false; } - if (optKey != null || optPublic != null || optPrivate != null || optNamedKey != null || optNamedPublic != null || optNamedPrivate != null) { + if (optAnyKeypart) { System.err.println("Keys should not be specified when generating keys."); return false; } @@ -402,11 +409,8 @@ public class ECTester { return false; } - boolean hasPublic = (optPublic != null) || (optNamedPublic != null); - boolean hasPrivate = (optPrivate != null) || (optNamedPrivate != null); - boolean hasKey = (optKey != null) || (optNamedKey != null); - if ((hasPublic) != (hasPrivate) && !hasKey) { - System.err.println("You have cannot only specify a part of a keypair."); + if ((optAnyPublic) != (optAnyPrivate) && !optAnyKey) { + System.err.println("You cannot only specify a part of a keypair."); return false; } @@ -420,6 +424,43 @@ public class ECTester { return true; } + /** + * List categories and named curves. + */ + private void list() { + Map categories = dataDB.getCategories(); + for (EC_Category cat : categories.values()) { + System.out.println("\t- " + cat.getName() + ": " + (cat.getDesc() == null ? "" : cat.getDesc())); + + Map curves = cat.getObjects(EC_Curve.class); + int size = curves.size(); + if (size > 0) { + System.out.print("\t\tCurves: "); + for (Map.Entry curve : curves.entrySet()) { + System.out.print(curve.getKey()); + size--; + if (size > 0) + System.out.print(", "); + } + System.out.println(); + } + + Map keys = cat.getObjects(EC_Key.class); + size = keys.size(); + if (size > 0) { + System.out.print("\t\tKeys: "); + for (Map.Entry key : keys.entrySet()) { + System.out.print(key.getKey()); + size--; + if (size > 0) + System.out.print(", "); + } + System.out.println(); + } + System.out.println(); + } + } + /** * Prints help. */ @@ -595,12 +636,14 @@ public class ECTester { systemOutLogger.println(Response.toString(prepare)); List generate = new LinkedList<>(); - if (optPublic != null || optPrivate != null || optKey != null) { + if (optAnyPublic || optAnyPrivate || optAnyKey) { generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); generate.add(prepareKey(ECTesterApplet.KEYPAIR_REMOTE)); } else { generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); } + byte pubkey = (optAnyPublic || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; + byte privkey = (optAnyPrivate || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; FileWriter out = null; if (optOutput != null) { @@ -613,13 +656,13 @@ public class ECTester { while (done < optECDHCount) { List ecdh = Command.sendAll(generate); - Response.ECDH perform = new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_TRUE, (byte) 0).send(); + Response.ECDH perform = new Command.ECDH(cardManager, pubkey, privkey, ECTesterApplet.EXPORT_TRUE, (byte) 0).send(); ecdh.add(perform); systemOutLogger.println(Response.toString(ecdh)); if (!perform.successful() || !perform.hasSecret()) { if (retry < 10) { - retry++; + ++retry; continue; } else { System.err.println("Couldn't obtain ECDH secret from card response."); @@ -657,7 +700,7 @@ public class ECTester { } Command generate; - if (optKey != null || (optPublic != null && optPrivate != null)) { + if (optAnyKeypart) { generate = prepareKey(ECTesterApplet.KEYPAIR_LOCAL); } else { generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL); @@ -688,7 +731,7 @@ public class ECTester { if (!perform.successful() || !perform.hasSignature()) { if (retry < 10) { - retry++; + ++retry; continue; } else { System.err.println("Couldn't obtain ECDSA signature from card response."); @@ -751,7 +794,11 @@ public class ECTester { commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, external)); } else { // Set default curve - commands.add(new Command.Clear(cardManager, keyPair)); + /* This command was generally causing problems for simulating on jcardsim. + * Since there, .clearKey() resets all the keys values, even the domain. + * This might break some other stuff.. But should not. + */ + //commands.add(new Command.Clear(cardManager, keyPair)); } return commands; @@ -833,8 +880,10 @@ public class ECTester { private List testCurve() throws IOException { List commands = new LinkedList<>(); commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, (byte) 0)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, (byte) 1)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_FULLRANDOM)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ONE)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ZERO)); commands.add(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, null)); return commands; } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 25b5817..21e80d7 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -129,7 +129,7 @@ public abstract class Response { } else { suffix = String.format("%s %s", Util.getPrintError(r.getSW1()), Util.getPrintError(r.getSW2())); } - out.append(String.format("%-55s:%5d ms : %s", message, r.time / 1000000, suffix)); + out.append(String.format("%-58s:%4d ms : %s", message, r.time / 1000000, suffix)); if (i < responses.size() - 1) { out.append("\n"); } @@ -294,42 +294,6 @@ public abstract class Response { parse(generated, 0); } - /* - private int getIndex(byte key) { - for (int i = 0; i < contents.length; i++) { - if (key == contents[i]) - return i; - } - return -1; - } - - public boolean hasPublic(byte keyPair) { - if ((export & ECTesterApplet.EXPORT_PUBLIC) == 0 || (export & keyPair) == 0) - return false; - int index = getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PUBLIC)); - return index != -1 && hasParam(index); - } - - public boolean hasPrivate(byte keyPair) { - if ((export & ECTesterApplet.EXPORT_PRIVATE) == 0 || (export & keyPair) == 0) - return false; - int index = getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PRIVATE)); - return index != -1 && hasParam(index); - } - - public byte[] getPublic(byte keyPair) { - //calculate index and getParam - int index = getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PUBLIC)); - return getParam(index); - } - - public byte[] getPrivate(byte keyPair) { - //calculate index and getParam - int index = getIndex((byte) (keyPair | ECTesterApplet.EXPORT_PRIVATE)); - return getParam(index); - } - */ - @Override public String toString() { String key; @@ -458,14 +422,14 @@ public abstract class Response { private byte pubkey; private byte privkey; private byte export; - private byte invalid; + private byte corruption; - protected ECDH(ResponseAPDU response, long time, byte pubkey, byte privkey, byte export, byte invalid) { + protected ECDH(ResponseAPDU response, long time, byte pubkey, byte privkey, byte export, byte corruption) { super(response, time); this.pubkey = pubkey; this.privkey = privkey; this.export = export; - this.invalid = invalid; + this.corruption = corruption; parse(1, (export == ECTesterApplet.EXPORT_TRUE) ? 1 : 0); } @@ -482,7 +446,13 @@ public abstract class Response { public String toString() { String pub = pubkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; String priv = privkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; - String validity = invalid != 0 ? "invalid" : "valid"; + String validity; + + if (corruption == EC_Consts.CORRUPTION_NONE) { + validity = "valid"; + } else { + validity = Util.getCorruption(corruption); + } return String.format("ECDH of %s pubkey and %s privkey(%s point)", pub, priv, validity); } } -- cgit v1.2.3-70-g09d2 From ac63cf8f8f7fd1c85b1a7802144c6a79c516a413 Mon Sep 17 00:00:00 2001 From: J08nY Date: Fri, 17 Mar 2017 17:03:03 +0100 Subject: Applet: better handling of exceptions, new command for memory cleanup. --- !uploader/ectester.cap | Bin 13653 -> 13573 bytes dist/ECTester.jar | Bin 215702 -> 218187 bytes src/cz/crcs/ectester/applet/ECKeyGenerator.java | 26 +--- src/cz/crcs/ectester/applet/ECKeyTester.java | 21 +-- src/cz/crcs/ectester/applet/ECTesterApplet.java | 35 +++++ src/cz/crcs/ectester/reader/ECTester.java | 187 ++++++++++++++---------- src/cz/crcs/ectester/reader/Response.java | 4 +- src/cz/crcs/ectester/reader/Util.java | 91 ++++++++++-- 8 files changed, 243 insertions(+), 121 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index e517e19..dec01be 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 21cbcf7..6f8c516 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index 8c9c38e..bd4b8c4 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -1,9 +1,9 @@ package cz.crcs.ectester.applet; +import javacard.framework.CardRuntimeException; import javacard.framework.ISO7816; import javacard.framework.ISOException; import javacard.framework.Util; -import javacard.security.CryptoException; import javacard.security.ECPrivateKey; import javacard.security.ECPublicKey; import javacard.security.KeyPair; @@ -32,10 +32,8 @@ public class ECKeyGenerator { } catch (Exception ignored) { } } - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return ecKeyPair; } @@ -45,10 +43,8 @@ public class ECKeyGenerator { try { if ((key & EC_Consts.KEY_PUBLIC) != 0) keypair.getPublic().clearKey(); if ((key & EC_Consts.KEY_PRIVATE) != 0) keypair.getPrivate().clearKey(); - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return sw; } @@ -61,10 +57,8 @@ public class ECKeyGenerator { sw = ISO7816.SW_NO_ERROR; try { keypair.genKeyPair(); - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return sw; } @@ -224,10 +218,8 @@ public class ECKeyGenerator { default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return sw; } @@ -338,10 +330,8 @@ public class ECKeyGenerator { default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return length; } @@ -406,10 +396,8 @@ public class ECKeyGenerator { } param = (short) (param << 1); } - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return sw; } diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 61848b8..a00b47d 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -1,6 +1,7 @@ package cz.crcs.ectester.applet; +import javacard.framework.CardRuntimeException; import javacard.framework.ISO7816; import javacard.security.*; @@ -22,10 +23,8 @@ public class ECKeyTester { sw = ISO7816.SW_NO_ERROR; try { ecdhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return sw; } @@ -34,10 +33,8 @@ public class ECKeyTester { sw = ISO7816.SW_NO_ERROR; try { ecdhcKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DHC, false); - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return sw; } @@ -46,10 +43,8 @@ public class ECKeyTester { sw = ISO7816.SW_NO_ERROR; try { ecdsaSignature = Signature.getInstance(Signature.ALG_ECDSA_SHA, false); - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return sw; } @@ -60,10 +55,8 @@ public class ECKeyTester { try { ka.init(privateKey); length = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return length; } @@ -135,10 +128,8 @@ public class ECKeyTester { if (!correct) { sw = ECTesterApplet.SW_SIG_VERIFY_FAIL; } - } catch (CryptoException ce) { + } catch (CardRuntimeException ce) { sw = ce.getReason(); - } catch (Exception e) { - sw = ISO7816.SW_UNKNOWN; } return length; } diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index cdb0fbd..4dafd21 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -51,6 +51,7 @@ public class ECTesterApplet extends Applet { public static final byte INS_EXPORT = (byte) 0x5f; public static final byte INS_ECDH = (byte) 0x60; public static final byte INS_ECDSA = (byte) 0x61; + public static final byte INS_CLEANUP = (byte) 0x62; // PARAMETERS for P1 and P2 public static final byte KEYPAIR_LOCAL = (byte) 0x01; @@ -148,6 +149,9 @@ public class ECTesterApplet extends Applet { case INS_ECDSA: insECDSA(apdu); break; + case INS_CLEANUP: + insCleanup(apdu); + break; default: // The INS code is not supported by the dispatcher ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); @@ -367,6 +371,18 @@ public class ECTesterApplet extends Applet { apdu.setOutgoingAndSend((short) 0, len); } + /** + * + */ + private void insCleanup(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + short len = cleanup(apdubuf, (short) 0); + + apdu.setOutgoingAndSend((short) 0, len); + } + /** * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) * @param keyLength key length to set @@ -556,4 +572,23 @@ public class ECTesterApplet extends Applet { return length; } + + /** + * + * @param buffer + * @param offset + * @return + */ + private short cleanup(byte[] buffer, short offset) { + short sw = ISO7816.SW_NO_ERROR; + try { + if (JCSystem.isObjectDeletionSupported()) + JCSystem.requestObjectDeletion(); + } catch (CardRuntimeException crex) { + sw = crex.getReason(); + } + + Util.setShort(buffer, offset, sw); + return 2; + } } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index cc8e0aa..9398a69 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -35,10 +35,7 @@ import org.apache.commons.cli.*; import javax.smartcardio.CardException; import java.io.*; import java.nio.file.Files; -import java.util.ArrayList; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; +import java.util.*; /** * Reader part of ECTester, a tool for testing Elliptic curve support on javacards. @@ -85,6 +82,7 @@ public class ECTester { private boolean optSimulate = false; //Action-related options + private String optTestCase; private int optGenerateAmount; private int optECDHCount; private int optECDSACount; @@ -162,7 +160,24 @@ public class ECTester { for (Object opt : moex.getMissingOptions().toArray()) { if (opt instanceof OptionGroup) { for (Option o : ((OptionGroup) opt).getOptions()) { - System.err.println(o); + System.err.print("-" + o.getOpt()); + + if (o.hasLongOpt()) { + System.err.print("\t/ --" + o.getLongOpt() + " "); + } + + if (o.hasArg()) { + if (o.hasOptionalArg()) { + System.err.print("[" + o.getArgName() + "] "); + } else { + System.err.print("<" + o.getArgName() + "> "); + } + } + + if (o.getDescription() != null) { + System.err.print("\t\t\t" + o.getDescription()); + } + System.err.println(); } } else if (opt instanceof String) { System.err.println(opt); @@ -192,34 +207,36 @@ public class ECTester { * -h / --help * -e / --export * -g / --generate [amount] - * -t / --test - * -dh / --ecdh - * -dsa / --ecdsa [data_file] + * -t / --test [test_case] + * -dh / --ecdh [count] + * -dsa / --ecdsa [count] * -ln / --list-named * * Options: - * -b / --bit-size [b] // -a / --all + * -b / --bit-size // -a / --all * * -fp / --prime-field * -f2m / --binary-field * * -u / --custom - * -n / --named [cat/id] - * -c / --curve [curve_file] field,a,b,gx,gy,r,k + * -nc / --named-curve + * -c / --curve field,a,b,gx,gy,r,k * - * -pub / --public [pubkey_file] wx,wy - * -npub / --named-public [cat/id] + * -pub / --public wx,wy + * -npub / --named-public * - * -priv / --private [privkey_file] s - * -npriv / --named-private [cat/id] + * -priv / --private s + * -npriv / --named-private * - * -k / --key [key_file] wx,wy,s - * -nk / --named-key [cat/id] + * -k / --key wx,wy,s + * -nk / --named-key * * -v / --verbose * - * -i / --input [input_file] - * -o / --output [output_file] + * -i / --input + * -o / --output + * -l / --log [log_file] + * * -f / --fresh * -s / --simulate */ @@ -229,7 +246,7 @@ public class ECTester { actions.addOption(Option.builder("ln").longOpt("list-named").desc("Print the list of supported named curves and keys.").build()); actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); - actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").build()); + actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").hasArg().argName("test_case").optionalArg(true).build()); actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA, [count] times.").hasArg().argName("count").optionalArg(true).build()); opts.addOptionGroup(actions); @@ -240,35 +257,35 @@ public class ECTester { opts.addOptionGroup(size); OptionGroup curve = new OptionGroup(); - curve.addOption(Option.builder("nc").longOpt("named-curve").desc("Use a named curve.").hasArg().argName("cat/id").build()); - curve.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file [curve_file] (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); - curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve(applet-side embedded, SECG curves).").build()); + curve.addOption(Option.builder("nc").longOpt("named-curve").desc("Use a named curve, from CurveDB: ").hasArg().argName("cat/id").build()); + curve.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); + curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve (applet-side embedded, SECG curves).").build()); opts.addOptionGroup(curve); opts.addOption(Option.builder("fp").longOpt("prime-field").desc("Use prime field curve.").build()); opts.addOption(Option.builder("f2m").longOpt("binary-field").desc("Use binary field curve.").build()); OptionGroup pub = new OptionGroup(); - pub.addOption(Option.builder("npub").longOpt("named-public").desc("Use public key from KeyDB: [cat/id]").hasArg().argName("cat/id").build()); - pub.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file [pubkey_file] (wx,wy).").hasArg().argName("pubkey_file").build()); + pub.addOption(Option.builder("npub").longOpt("named-public").desc("Use public key from KeyDB: ").hasArg().argName("cat/id").build()); + pub.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file (wx,wy).").hasArg().argName("pubkey_file").build()); opts.addOptionGroup(pub); OptionGroup priv = new OptionGroup(); - priv.addOption(Option.builder("npriv").longOpt("named-private").desc("Use private key from KeyDB: [cat/id]").hasArg().argName("cat/id").build()); - priv.addOption(Option.builder("priv").longOpt("private").desc("Use private key from file [privkey_file] (s).").hasArg().argName("privkey_file").build()); + priv.addOption(Option.builder("npriv").longOpt("named-private").desc("Use private key from KeyDB: ").hasArg().argName("cat/id").build()); + priv.addOption(Option.builder("priv").longOpt("private").desc("Use private key from file (s).").hasArg().argName("privkey_file").build()); opts.addOptionGroup(priv); OptionGroup key = new OptionGroup(); - key.addOption(Option.builder("nk").longOpt("named-key").desc("Use keyPair from KeyDB: [cat/id]").hasArg().argName("cat/id").build()); - key.addOption(Option.builder("k").longOpt("key").desc("Use keyPair from file [key_file] (wx,wy,s).").hasArg().argName("key_file").build()); + key.addOption(Option.builder("nk").longOpt("named-key").desc("Use keyPair from KeyDB: ").hasArg().argName("cat/id").build()); + key.addOption(Option.builder("k").longOpt("key").desc("Use keyPair from file  (wx,wy,s).").hasArg().argName("key_file").build()); opts.addOptionGroup(key); - opts.addOption(Option.builder("i").longOpt("input").desc("Input from file [input_file], for ecdsa signing.").hasArg().argName("input_file").build()); - opts.addOption(Option.builder("o").longOpt("output").desc("Output into file [output_file].").hasArg().argName("output_file").build()); + opts.addOption(Option.builder("i").longOpt("input").desc("Input from file , for ECDSA signing.").hasArg().argName("input_file").build()); + opts.addOption(Option.builder("o").longOpt("output").desc("Output into file .").hasArg().argName("output_file").build()); opts.addOption(Option.builder("l").longOpt("log").desc("Log output into file [log_file].").hasArg().argName("log_file").optionalArg(true).build()); opts.addOption(Option.builder("v").longOpt("verbose").desc("Turn on verbose logging.").build()); - opts.addOption(Option.builder("f").longOpt("fresh").desc("Generate fresh keys(set domain parameters before every generation).").build()); + opts.addOption(Option.builder("f").longOpt("fresh").desc("Generate fresh keys (set domain parameters before every generation).").build()); opts.addOption(Option.builder("s").longOpt("simulate").desc("Simulate a card with jcardsim instead of using a terminal.").build()); CommandLineParser parser = new DefaultParser(); @@ -383,6 +400,17 @@ public class ECTester { optPrimeField = true; } + optTestCase = cli.getOptionValue("test", "default"); + List tests = Arrays.asList("default", "non-prime", "invalid", "wrong"); + if (!tests.contains(optTestCase)) { + System.err.print("Unknown test case. Should be one of: ["); + for (String test : tests) { + System.err.print("\"" + test + "\","); + } + System.err.println("]"); + return false; + } + } else if (cli.hasOption("ecdh")) { if (optPrimeField == optBinaryField) { System.err.print("Need to specify field with -fp or -f2m. (not both)"); @@ -401,7 +429,7 @@ public class ECTester { } else if (cli.hasOption("ecdsa")) { if (optPrimeField == optBinaryField) { - System.err.print("Need to specify field with -fp or -f2m. (not both)"); + System.err.print("Need to specify field with -fp or -f2m. (but not both)"); return false; } if (optAll) { @@ -561,62 +589,73 @@ public class ECTester { */ private void test() throws IOException, CardException { List commands = new LinkedList<>(); - if (optAll) { - if (optNamedCurve != null) { - Map curves = dataDB.getObjects(EC_Curve.class, optNamedCurve); - if (optPrimeField) { - for (Map.Entry entry : curves.entrySet()) { - EC_Curve curve = entry.getValue(); - if (curve.getField() == KeyPair.ALG_EC_FP) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_FP)); - byte[] external = curve.flatten(); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); + + if (optTestCase.equalsIgnoreCase("default")) { + if (optAll) { + if (optNamedCurve != null) { + Map curves = dataDB.getObjects(EC_Curve.class, optNamedCurve); + if (optPrimeField) { + for (Map.Entry entry : curves.entrySet()) { + EC_Curve curve = entry.getValue(); + if (curve.getField() == KeyPair.ALG_EC_FP) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_FP)); + byte[] external = curve.flatten(); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); + commands.addAll(testCurve()); + } + } + } + if (optBinaryField) { + for (Map.Entry entry : curves.entrySet()) { + EC_Curve curve = entry.getValue(); + if (curve.getField() == KeyPair.ALG_EC_F2M) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_F2M)); + byte[] external = curve.flatten(); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); + commands.addAll(testCurve()); + } + } + } + } else { + if (optPrimeField) { + //iterate over prime curve sizes used: EC_Consts.FP_SIZES + for (short keyLength : EC_Consts.FP_SIZES) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); commands.addAll(testCurve()); } } - } - if (optBinaryField) { - for (Map.Entry entry : curves.entrySet()) { - EC_Curve curve = entry.getValue(); - if (curve.getField() == KeyPair.ALG_EC_F2M) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_F2M)); - byte[] external = curve.flatten(); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); + if (optBinaryField) { + //iterate over binary curve sizes used: EC_Consts.F2M_SIZES + for (short keyLength : EC_Consts.F2M_SIZES) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); commands.addAll(testCurve()); } } } } else { if (optPrimeField) { - //iterate over prime curve sizes used: EC_Consts.FP_SIZES - for (short keyLength : EC_Consts.FP_SIZES) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); - commands.addAll(testCurve()); - } + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); + commands.addAll(testCurve()); } + if (optBinaryField) { - //iterate over binary curve sizes used: EC_Consts.F2M_SIZES - for (short keyLength : EC_Consts.F2M_SIZES) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); - commands.addAll(testCurve()); - } + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); + commands.addAll(testCurve()); } } - } else { - if (optPrimeField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); - commands.addAll(testCurve()); - } + } else if (optTestCase.equalsIgnoreCase("wrong")) { + + } else if (optTestCase.equalsIgnoreCase("non-prime")) { + + } else if (optTestCase.equalsIgnoreCase("invalid")) { - if (optBinaryField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); - commands.addAll(testCurve()); - } } + + List test = Command.sendAll(commands); systemOutLogger.println(Response.toString(test)); } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 21e80d7..7cc85bf 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -125,9 +125,9 @@ public abstract class Response { String message = r.toString(); String suffix; if (r.getNumSW() == 1) { - suffix = String.format("%s", Util.getPrintError(r.getSW1())); + suffix = String.format("%s", Util.getSWString(r.getSW1())); } else { - suffix = String.format("%s %s", Util.getPrintError(r.getSW1()), Util.getPrintError(r.getSW2())); + suffix = String.format("%s %s", Util.getSWString(r.getSW1()), Util.getSWString(r.getSW2())); } out.append(String.format("%-58s:%4d ms : %s", message, r.time / 1000000, suffix)); if (i < responses.size() - 1) { diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 91a34d7..489de44 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -103,32 +103,101 @@ public class Util { return out; } - public static String getPrintError(short code) { - if (code == ISO7816.SW_NO_ERROR) { + public static String getSWString(short sw) { + if (sw == ISO7816.SW_NO_ERROR) { return "OK\t(0x9000)"; } else { - String codeStr = "unknown"; - switch (code) { + String str; + switch (sw) { + case ISO7816.SW_APPLET_SELECT_FAILED: + str = "APPLET_SELECT_FAILED"; + break; + case ISO7816.SW_BYTES_REMAINING_00: + str = "BYTES_REMAINING"; + break; + case ISO7816.SW_CLA_NOT_SUPPORTED: + str = "CLA_NOT_SUPPORTED"; + break; + case ISO7816.SW_COMMAND_NOT_ALLOWED: + str = "COMMAND_NOT_ALLOWED"; + break; + case ISO7816.SW_CONDITIONS_NOT_SATISFIED: + str = "CONDITIONS_NOT_SATISFIED"; + break; + case ISO7816.SW_CORRECT_LENGTH_00: + str = "CORRECT_LENGTH"; + break; + case ISO7816.SW_DATA_INVALID: + str = "DATA_INVALID"; + break; + case ISO7816.SW_FILE_FULL: + str = "FILE_FULL"; + break; + case ISO7816.SW_FILE_INVALID: + str = "FILE_INVALID"; + break; + case ISO7816.SW_FILE_NOT_FOUND: + str = "FILE_NOT_FOUND"; + break; + case ISO7816.SW_FUNC_NOT_SUPPORTED: + str = "FILE_NOT_SUPPORTED"; + break; + case ISO7816.SW_INCORRECT_P1P2: + str = "INCORRECT_P1P2"; + break; + case ISO7816.SW_INS_NOT_SUPPORTED: + str = "INS_NOT_SUPPORTED"; + break; + case ISO7816.SW_LOGICAL_CHANNEL_NOT_SUPPORTED: + str = "LOGICAL_CHANNEL_NOT_SUPPORTED"; + break; + case ISO7816.SW_RECORD_NOT_FOUND: + str = "RECORD_NOT_FOUND"; + break; + case ISO7816.SW_SECURE_MESSAGING_NOT_SUPPORTED: + str = "SECURE_MESSAGING_NOT_SUPPORTED"; + break; + case ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED: + str = "SECURITY_STATUS_NOT_SATISFIED"; + break; + case ISO7816.SW_UNKNOWN: + str = "UNKNOWN"; + break; + case ISO7816.SW_WARNING_STATE_UNCHANGED: + str = "WARNING_STATE_UNCHANGED"; + break; + case ISO7816.SW_WRONG_DATA: + str = "WRONG_DATA"; + break; + case ISO7816.SW_WRONG_LENGTH: + str = "WRONG_LENGTH"; + break; + case ISO7816.SW_WRONG_P1P2: + str = "WRONG_P1P2"; + break; case CryptoException.ILLEGAL_VALUE: - codeStr = "ILLEGAL_VALUE"; + str = "ILLEGAL_VALUE"; break; case CryptoException.UNINITIALIZED_KEY: - codeStr = "UNINITIALIZED_KEY"; + str = "UNINITIALIZED_KEY"; break; case CryptoException.NO_SUCH_ALGORITHM: - codeStr = "NO_SUCH_ALG"; + str = "NO_SUCH_ALG"; break; case CryptoException.INVALID_INIT: - codeStr = "INVALID_INIT"; + str = "INVALID_INIT"; break; case CryptoException.ILLEGAL_USE: - codeStr = "ILLEGAL_USE"; + str = "ILLEGAL_USE"; break; case ECTesterApplet.SW_SIG_VERIFY_FAIL: - codeStr = "SIG_VERIFY_FAIL"; + str = "SIG_VERIFY_FAIL"; + break; + default: + str = "unknown"; break; } - return String.format("fail\t(%s,\t0x%04x)", codeStr, code); + return String.format("fail\t(%s,\t0x%04x)", str, sw); } } -- cgit v1.2.3-70-g09d2 From 62ad8d7ca9d95d62a78b66ac12ac467c19d63bb0 Mon Sep 17 00:00:00 2001 From: J08nY Date: Fri, 17 Mar 2017 17:31:08 +0100 Subject: Added Cleanup command to request object deletion, prevents memory corruption. --- !uploader/ectester.cap | Bin 13573 -> 13592 bytes dist/ECTester.jar | Bin 218187 -> 221080 bytes src/cz/crcs/ectester/applet/EC_Consts.java | 7 ++++++- src/cz/crcs/ectester/reader/Command.java | 20 ++++++++++++++++++++ src/cz/crcs/ectester/reader/ECTester.java | 27 +++++++++++++++------------ src/cz/crcs/ectester/reader/Response.java | 18 ++++++++++++++++++ 6 files changed, 59 insertions(+), 13 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index dec01be..ace0044 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 6f8c516..2749d89 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index 50f14a9..89cd8c9 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -947,7 +947,8 @@ public class EC_Consts { public static final byte CORRUPTION_ONEBYTERANDOM = (byte) 0x03; public static final byte CORRUPTION_ZERO = (byte) 0x04; public static final byte CORRUPTION_ONE = (byte) 0x05; - public static final byte CORRUPTION_INCREMENT = (byte) 0x06; + public static final byte CORRUPTION_MAX = (byte) 0x06; + public static final byte CORRUPTION_INCREMENT = (byte) 0x07; // Supported embedded curves, getCurveParameter @@ -1259,6 +1260,10 @@ public class EC_Consts { Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); break; case CORRUPTION_ONE: + Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); + buffer[(short) (offset + length)] = (byte) 1; + break; + case CORRUPTION_MAX: Util.arrayFillNonAtomic(buffer, offset, length, (byte) 1); break; case CORRUPTION_INCREMENT: diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index 876e999..c5cef00 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -319,5 +319,25 @@ public abstract class Command { return new Response.ECDSA(response, elapsed, keyPair, export, raw); } } + + /** + * + */ + public static class Cleanup extends Command { + + protected Cleanup(CardMngr cardManager) { + super(cardManager); + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_CLEANUP, 0, 0); + } + + @Override + public Response.Cleanup send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.Cleanup(response, elapsed); + } + } } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 9398a69..f70c119 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -45,9 +45,9 @@ import java.util.*; */ public class ECTester { - private CardMngr cardManager = null; - private DirtyLogger systemOutLogger = null; - private EC_Data dataDB = null; + private CardMngr cardManager; + private DirtyLogger systemOutLogger; + private EC_Data dataDB; //Options private int optBits; @@ -401,13 +401,10 @@ public class ECTester { } optTestCase = cli.getOptionValue("test", "default"); - List tests = Arrays.asList("default", "non-prime", "invalid", "wrong"); - if (!tests.contains(optTestCase)) { - System.err.print("Unknown test case. Should be one of: ["); - for (String test : tests) { - System.err.print("\"" + test + "\","); - } - System.err.println("]"); + String[] tests = new String[]{"default", "non-prime", "invalid", "wrong"}; + List testsList = Arrays.asList(tests); + if (!testsList.contains(optTestCase)) { + System.err.println("Unknown test case. Should be one of: " + Arrays.toString(tests)); return false; } @@ -602,6 +599,7 @@ public class ECTester { byte[] external = curve.flatten(); commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); commands.addAll(testCurve()); + commands.add(new Command.Cleanup(cardManager)); } } } @@ -613,6 +611,7 @@ public class ECTester { byte[] external = curve.flatten(); commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); commands.addAll(testCurve()); + commands.add(new Command.Cleanup(cardManager)); } } } @@ -623,6 +622,7 @@ public class ECTester { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); commands.addAll(testCurve()); + commands.add(new Command.Cleanup(cardManager)); } } if (optBinaryField) { @@ -631,6 +631,7 @@ public class ECTester { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); commands.addAll(testCurve()); + commands.add(new Command.Cleanup(cardManager)); } } } @@ -639,12 +640,14 @@ public class ECTester { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); commands.addAll(testCurve()); + commands.add(new Command.Cleanup(cardManager)); } if (optBinaryField) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); commands.addAll(testCurve()); + commands.add(new Command.Cleanup(cardManager)); } } } else if (optTestCase.equalsIgnoreCase("wrong")) { @@ -655,7 +658,6 @@ public class ECTester { } - List test = Command.sendAll(commands); systemOutLogger.println(Response.toString(test)); } @@ -920,9 +922,10 @@ public class ECTester { List commands = new LinkedList<>(); commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_FULLRANDOM)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ONE)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ZERO)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_MAX)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_FULLRANDOM)); commands.add(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, null)); return commands; } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 7cc85bf..691bc5a 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -488,6 +488,24 @@ public abstract class Response { String data = raw == null ? "random" : "provided"; return String.format("ECDSA with %s keypair(%s data)", key, data); } + } + + /** + * + */ + public static class Cleanup extends Response { + + protected Cleanup(ResponseAPDU response, long time) { + super(response, time); + + parse(1, 0); + } + + @Override + public String toString() { + return String.format("Requested JCSystem object deletion"); + } + } } -- cgit v1.2.3-70-g09d2 From 930541a5e0dff04438318b7de8a28e2467c9ea9f Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 22 Mar 2017 21:31:04 +0100 Subject: Added new corruption type and X962 point compression methods. --- !uploader/ectester.cap | Bin 13592 -> 13691 bytes dist/ECTester.jar | Bin 221080 -> 221506 bytes src/cz/crcs/ectester/applet/ECKeyGenerator.java | 2 +- src/cz/crcs/ectester/applet/ECKeyTester.java | 4 +-- src/cz/crcs/ectester/applet/EC_Consts.java | 45 ++++++++++++++++++++---- src/cz/crcs/ectester/reader/ECTester.java | 6 ++-- src/cz/crcs/ectester/reader/Util.java | 3 ++ 7 files changed, 47 insertions(+), 13 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index ace0044..4cde467 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 2749d89..9f2301b 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index bd4b8c4..da6142f 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -137,7 +137,7 @@ public class ECKeyGenerator { short masked = (short) (paramMask & corruptParams); if (masked != 0) { short length = exportParameter(keypair, key, masked, buffer, offset); - EC_Consts.corruptParameter(corruption, buffer, offset, length); + length = EC_Consts.corruptParameter(corruption, buffer, offset, length); sw = setParameter(keypair, key, masked, buffer, offset, length); if (sw != ISO7816.SW_NO_ERROR) break; } diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index a00b47d..89fd617 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -77,7 +77,7 @@ public class ECKeyTester { **/ public short testECDH(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); + length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } @@ -98,7 +98,7 @@ public class ECKeyTester { */ public short testECDHC(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); + length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); return testKA(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index 89cd8c9..64f8dca 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -949,7 +949,12 @@ public class EC_Consts { public static final byte CORRUPTION_ONE = (byte) 0x05; public static final byte CORRUPTION_MAX = (byte) 0x06; public static final byte CORRUPTION_INCREMENT = (byte) 0x07; + public static final byte CORRUPTION_INFINITY = (byte) 0x08; + // toX962 FORM types + public static final byte X962_UNCOMPRESSED = (byte) 0x00; + public static final byte X962_COMPRESSED = (byte) 0x01; + public static final byte X962_HYBRID = (byte) 0x02; // Supported embedded curves, getCurveParameter public static final byte CURVE_default = (byte) 0; @@ -1198,7 +1203,7 @@ public class EC_Consts { length = Util.arrayCopyNonAtomic(EC_B, (short) 0, outputBuffer, outputOffset, (short) EC_B.length); break; case PARAMETER_G: - length = toX962(outputBuffer, outputOffset, EC_G_X, (short) 0, (short) EC_G_X.length, EC_G_Y, (short) 0, (short) EC_G_Y.length); + length = toX962(X962_UNCOMPRESSED, outputBuffer, outputOffset, EC_G_X, (short) 0, (short) EC_G_X.length, EC_G_Y, (short) 0, (short) EC_G_Y.length); break; case PARAMETER_R: length = Util.arrayCopyNonAtomic(EC_R, (short) 0, outputBuffer, outputOffset, (short) EC_R.length); @@ -1211,7 +1216,7 @@ public class EC_Consts { if (EC_W_X == null || EC_W_Y == null) { return 0; } - length = toX962(outputBuffer, outputOffset, EC_W_X, (short) 0, (short) EC_W_X.length, EC_W_Y, (short) 0, (short) EC_W_Y.length); + length = toX962(X962_UNCOMPRESSED, outputBuffer, outputOffset, EC_W_X, (short) 0, (short) EC_W_X.length, EC_W_Y, (short) 0, (short) EC_W_Y.length); break; case PARAMETER_S: if (EC_S == null) { @@ -1225,7 +1230,7 @@ public class EC_Consts { return length; } - public static void corruptParameter(byte corruption, byte[] buffer, short offset, short length) { + public static short corruptParameter(byte corruption, byte[] buffer, short offset, short length) { switch (corruption) { case CORRUPTION_NONE: break; @@ -1274,26 +1279,52 @@ public class EC_Consts { buffer[index--] = ++value; } while (value == (byte) 0 && index >= offset); break; + case CORRUPTION_INFINITY: + Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); + return 1; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } + + return length; } public static byte getCurveType(byte curve) { return curve <= FP_CURVES ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; } - public static short toX962(byte[] outputBuffer, short outputOffset, byte[] xBuffer, short xOffset, short xLength, byte[] yBuffer, short yOffset, short yLength) { + public static short toX962(byte form, byte[] outputBuffer, short outputOffset, byte[] xBuffer, short xOffset, short xLength, byte[] yBuffer, short yOffset, short yLength) { short size = 1; size += xLength; - size += yLength; short offset = outputOffset; - outputBuffer[offset] = 0x04; + switch (form) { + case X962_UNCOMPRESSED: + outputBuffer[offset] = 0x04; + break; + case X962_COMPRESSED: + byte yLSB = yBuffer[(short) (yOffset + yLength)]; + byte yBit = (byte) (yLSB & 0x01); + + if (yBit == 1) { + outputBuffer[offset] = 3; + } else { + outputBuffer[offset] = 2; + } + case X962_HYBRID: + outputBuffer[offset] += 4; + break; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } offset += 1; offset = Util.arrayCopyNonAtomic(xBuffer, xOffset, outputBuffer, offset, xLength); - Util.arrayCopyNonAtomic(yBuffer, yOffset, outputBuffer, offset, yLength); + if (form == X962_HYBRID || form == X962_UNCOMPRESSED) { + Util.arrayCopyNonAtomic(yBuffer, yOffset, outputBuffer, offset, yLength); + size += yLength; + } + return size; } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index f70c119..e14bb38 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -256,15 +256,15 @@ public class ECTester { size.addOption(Option.builder("a").longOpt("all").desc("Test all curve sizes.").build()); opts.addOptionGroup(size); + opts.addOption(Option.builder("fp").longOpt("prime-field").desc("Use a prime field.").build()); + opts.addOption(Option.builder("f2m").longOpt("binary-field").desc("Use a binary field.").build()); + OptionGroup curve = new OptionGroup(); curve.addOption(Option.builder("nc").longOpt("named-curve").desc("Use a named curve, from CurveDB: ").hasArg().argName("cat/id").build()); curve.addOption(Option.builder("c").longOpt("curve").desc("Use curve from file (field,a,b,gx,gy,r,k).").hasArg().argName("curve_file").build()); curve.addOption(Option.builder("u").longOpt("custom").desc("Use a custom curve (applet-side embedded, SECG curves).").build()); opts.addOptionGroup(curve); - opts.addOption(Option.builder("fp").longOpt("prime-field").desc("Use prime field curve.").build()); - opts.addOption(Option.builder("f2m").longOpt("binary-field").desc("Use binary field curve.").build()); - OptionGroup pub = new OptionGroup(); pub.addOption(Option.builder("npub").longOpt("named-public").desc("Use public key from KeyDB: ").hasArg().argName("cat/id").build()); pub.addOption(Option.builder("pub").longOpt("public").desc("Use public key from file (wx,wy).").hasArg().argName("pubkey_file").build()); diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 489de44..41a7821 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -225,6 +225,9 @@ public class Util { case EC_Consts.CORRUPTION_INCREMENT: corrupt = "INCREMENT"; break; + case EC_Consts.CORRUPTION_INFINITY: + corrupt = "INFINITY"; + break; default: corrupt = "UNKNOWN"; break; -- cgit v1.2.3-70-g09d2 From dd0947b2dd33baa882279a50876806cc1f0471c4 Mon Sep 17 00:00:00 2001 From: J08nY Date: Thu, 23 Mar 2017 14:54:04 +0100 Subject: Fixed XML schema.xsd --- src/cz/crcs/ectester/data/schema.xsd | 105 ++++++++++++----------------------- 1 file changed, 36 insertions(+), 69 deletions(-) diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd index 66566c9..9fe2d30 100644 --- a/src/cz/crcs/ectester/data/schema.xsd +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -4,80 +4,48 @@ - - - - - - - - - - - - + + + + + + - - - - - - - - - - - + + + + + + + + + - + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + - - - + + + @@ -86,21 +54,20 @@ - - - - - - - - - + + + + + + + - + + \ No newline at end of file -- cgit v1.2.3-70-g09d2 From a50b554fbc577df6873705738b379fa15980d2b7 Mon Sep 17 00:00:00 2001 From: J08nY Date: Fri, 24 Mar 2017 17:11:44 +0100 Subject: Implemented ECDHC testing. - also some work on ECDH/ECDHC compatibility testing - new option -dhc / --ecdhc [count] the same as ecdh option, except it does ECDHC algo --- !uploader/ectester.cap | Bin 13691 -> 13786 bytes dist/ECTester.jar | Bin 221506 -> 221833 bytes src/cz/crcs/ectester/applet/ECKeyTester.java | 3 +-- src/cz/crcs/ectester/applet/ECTesterApplet.java | 23 +++++++++++++++---- src/cz/crcs/ectester/applet/EC_Consts.java | 21 ++++++++++++----- src/cz/crcs/ectester/reader/Command.java | 9 +++++--- src/cz/crcs/ectester/reader/ECTester.java | 27 ++++++++++++++-------- src/cz/crcs/ectester/reader/Response.java | 29 ++++++++++++++++++++---- 8 files changed, 84 insertions(+), 28 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 4cde467..cd747ae 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 9f2301b..19866db 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 89fd617..057d357 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -93,8 +93,7 @@ public class ECKeyTester { * @param outputBuffer * @param outputOffset * @param corruption - * @return ISO7816.SW_NO_ERROR on correct operation, - * exception reason otherwise + * @return derived secret length */ public short testECDHC(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index 4dafd21..e17d102 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -329,6 +329,7 @@ public class ECTesterApplet extends Applet { * P2 = byte privkey (KEYPAIR_*) * DATA = byte export (EXPORT_TRUE || EXPORT_FALSE) * byte corruption (00 = valid, !00 = invalid) + * byte type (EC_Consts.KA_* | ...) */ private void insECDH(APDU apdu) { apdu.setIncomingAndReceive(); @@ -338,8 +339,9 @@ public class ECTesterApplet extends Applet { byte privkey = apdubuf[ISO7816.OFFSET_P2]; byte export = apdubuf[ISO7816.OFFSET_CDATA]; byte corruption = apdubuf[(short) (ISO7816.OFFSET_CDATA + 1)]; + byte type = apdubuf[(short) (ISO7816.OFFSET_CDATA + 2)]; - short len = ecdh(pubkey, privkey, export, corruption, apdubuf, (short) 0); + short len = ecdh(pubkey, privkey, export, corruption, type, apdubuf, (short) 0); apdu.setOutgoingAndSend((short) 0, len); } @@ -513,17 +515,31 @@ public class ECTesterApplet extends Applet { * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDH secret * @param corruption whether to invalidate the pubkey before ECDH + * @param type * @param buffer buffer to write sw to, and export ECDH secret {@code if(export == EXPORT_TRUE)} * @param offset output offset in buffer * @return length of data written to the buffer */ - private short ecdh(byte pubkey, byte privkey, byte export, byte corruption, byte[] buffer, short offset) { + private short ecdh(byte pubkey, byte privkey, byte export, byte corruption, byte type, byte[] buffer, short offset) { short length = 0; KeyPair pub = ((pubkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; KeyPair priv = ((privkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; - short secretLength = keyTester.testECDH((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); + short secretLength = 0; + switch (type) { + case EC_Consts.KA_ECDH: + secretLength = keyTester.testECDH((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); + break; + case EC_Consts.KA_ECDHC: + secretLength = keyTester.testECDHC((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); + break; + case EC_Consts.KA_BOTH: + // TODO + break; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } Util.setShort(buffer, offset, keyTester.getSW()); length += 2; @@ -574,7 +590,6 @@ public class ECTesterApplet extends Applet { } /** - * * @param buffer * @param offset * @return diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index 64f8dca..cac5d79 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -26,7 +26,7 @@ public class EC_Consts { private static byte[] EC_F2M_F2M = null; //[short i1, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 - + // EC domain parameter identifiers (bit flags) public static final short PARAMETER_FP = 0x0001; public static final short PARAMETER_F2M = 0x0002; @@ -53,10 +53,18 @@ public class EC_Consts { public static final short PARAMETERS_KEYPAIR = 0x0180; public static final short PARAMETERS_ALL = 0x01ff; + + // EC key identifiers public static final byte KEY_PUBLIC = 0x01; public static final byte KEY_PRIVATE = 0x02; public static final byte KEY_BOTH = KEY_PUBLIC | KEY_PRIVATE; + + // Key Agreement test identifiers + public static final byte KA_ECDH = 0x01; + public static final byte KA_ECDHC = 0x02; + public static final byte KA_BOTH = KA_ECDH | KA_ECDHC; + public static RandomData randomData = null; @@ -1298,21 +1306,22 @@ public class EC_Consts { size += xLength; short offset = outputOffset; + outputBuffer[offset] = 0; switch (form) { case X962_UNCOMPRESSED: - outputBuffer[offset] = 0x04; + outputBuffer[offset] = 4; break; + case X962_HYBRID: + outputBuffer[offset] = 4; case X962_COMPRESSED: byte yLSB = yBuffer[(short) (yOffset + yLength)]; byte yBit = (byte) (yLSB & 0x01); if (yBit == 1) { - outputBuffer[offset] = 3; + outputBuffer[offset] += 3; } else { - outputBuffer[offset] = 2; + outputBuffer[offset] += 2; } - case X962_HYBRID: - outputBuffer[offset] += 4; break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index c5cef00..92d9da1 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -251,6 +251,7 @@ public abstract class Command { private byte privkey; private byte export; private byte corruption; + private byte type; /** * Creates the INS_ECDH instruction. @@ -260,15 +261,17 @@ public abstract class Command { * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDH secret * @param corruption whether to invalidate the pubkey before ECDH (EC_Consts.CORRUPTION_* || ...) + * @param type */ - public ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte corruption) { + public ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte corruption, byte type) { super(cardManager); this.pubkey = pubkey; this.privkey = privkey; this.export = export; this.corruption = corruption; + this.type = type; - byte[] data = new byte[]{export, corruption}; + byte[] data = new byte[]{export, corruption, type}; this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDH, pubkey, privkey, data); } @@ -278,7 +281,7 @@ public abstract class Command { long elapsed = -System.nanoTime(); ResponseAPDU response = cardManager.send(cmd); elapsed += System.nanoTime(); - return new Response.ECDH(response, elapsed, pubkey, privkey, export, corruption); + return new Response.ECDH(response, elapsed, pubkey, privkey, export, corruption, type); } } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index e14bb38..ef35b2d 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -85,6 +85,7 @@ public class ECTester { private String optTestCase; private int optGenerateAmount; private int optECDHCount; + private byte optECDHKA; private int optECDSACount; @@ -145,7 +146,7 @@ public class ECTester { generate(); } else if (cli.hasOption("test")) { test(); - } else if (cli.hasOption("ecdh")) { + } else if (cli.hasOption("ecdh") || cli.hasOption("ecdhc")) { ecdh(); } else if (cli.hasOption("ecdsa")) { ecdsa(); @@ -209,6 +210,7 @@ public class ECTester { * -g / --generate [amount] * -t / --test [test_case] * -dh / --ecdh [count] + * -dhc / --ecdhc [count] * -dsa / --ecdsa [count] * -ln / --list-named * @@ -248,6 +250,7 @@ public class ECTester { actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").hasArg().argName("test_case").optionalArg(true).build()); actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH, [count] times.").hasArg().argName("count").optionalArg(true).build()); + actions.addOption(Option.builder("dhc").longOpt("ecdhc").desc("Do ECDHC, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA, [count] times.").hasArg().argName("count").optionalArg(true).build()); opts.addOptionGroup(actions); @@ -408,7 +411,7 @@ public class ECTester { return false; } - } else if (cli.hasOption("ecdh")) { + } else if (cli.hasOption("ecdh") || cli.hasOption("ecdhc")) { if (optPrimeField == optBinaryField) { System.err.print("Need to specify field with -fp or -f2m. (not both)"); return false; @@ -418,7 +421,13 @@ public class ECTester { return false; } - optECDHCount = Integer.parseInt(cli.getOptionValue("ecdh", "1")); + if (cli.hasOption("ecdh")) { + optECDHCount = Integer.parseInt(cli.getOptionValue("ecdh", "1")); + optECDHKA = EC_Consts.KA_ECDH; + } else if (cli.hasOption("ecdhc")) { + optECDHCount = Integer.parseInt(cli.getOptionValue("ecdhc", "1")); + optECDHKA = EC_Consts.KA_ECDHC; + } if (optECDHCount <= 0) { System.err.println("ECDH count cannot be <= 0."); return false; @@ -697,7 +706,7 @@ public class ECTester { while (done < optECDHCount) { List ecdh = Command.sendAll(generate); - Response.ECDH perform = new Command.ECDH(cardManager, pubkey, privkey, ECTesterApplet.EXPORT_TRUE, (byte) 0).send(); + Response.ECDH perform = new Command.ECDH(cardManager, pubkey, privkey, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, optECDHKA).send(); ecdh.add(perform); systemOutLogger.println(Response.toString(ecdh)); @@ -921,11 +930,11 @@ public class ECTester { private List testCurve() throws IOException { List commands = new LinkedList<>(); commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ONE)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ZERO)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_MAX)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_FULLRANDOM)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ONE, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ZERO, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_MAX, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_FULLRANDOM, EC_Consts.KA_ECDH)); commands.add(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, null)); return commands; } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 691bc5a..92d1b9f 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -118,6 +118,10 @@ public abstract class Response { public abstract String toString(); public static String toString(List responses) { + return toString(responses, null); + } + + public static String toString(List responses, String prefix) { StringBuilder out = new StringBuilder(); for (int i = 0; i < responses.size(); ++i) { Response r = responses.get(i); @@ -129,6 +133,10 @@ public abstract class Response { } else { suffix = String.format("%s %s", Util.getSWString(r.getSW1()), Util.getSWString(r.getSW2())); } + + if (prefix != null) + out.append(prefix); + out.append(String.format("%-58s:%4d ms : %s", message, r.time / 1000000, suffix)); if (i < responses.size() - 1) { out.append("\n"); @@ -423,13 +431,15 @@ public abstract class Response { private byte privkey; private byte export; private byte corruption; + private byte type; - protected ECDH(ResponseAPDU response, long time, byte pubkey, byte privkey, byte export, byte corruption) { + protected ECDH(ResponseAPDU response, long time, byte pubkey, byte privkey, byte export, byte corruption, byte type) { super(response, time); this.pubkey = pubkey; this.privkey = privkey; this.export = export; this.corruption = corruption; + this.type = type; parse(1, (export == ECTesterApplet.EXPORT_TRUE) ? 1 : 0); } @@ -444,16 +454,27 @@ public abstract class Response { @Override public String toString() { + String algo = ""; + if ((type & EC_Consts.KA_ECDH) != 0) { + algo += "ECDH"; + } + if (type == EC_Consts.KA_BOTH) { + algo += "+"; + } + if ((type & EC_Consts.KA_ECDHC) != 0) { + algo += "ECDHC"; + } + String pub = pubkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; String priv = privkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; - String validity; + String validity; if (corruption == EC_Consts.CORRUPTION_NONE) { - validity = "valid"; + validity = "unchanged"; } else { validity = Util.getCorruption(corruption); } - return String.format("ECDH of %s pubkey and %s privkey(%s point)", pub, priv, validity); + return String.format("%s of %s pubkey and %s privkey(%s point)", algo, pub, priv, validity); } } -- cgit v1.2.3-70-g09d2 From 66516ffeaca12b9cc9811c1dd948fc2cd2564c29 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sat, 25 Mar 2017 21:20:46 +0100 Subject: Fixed loading private key from file. --- dist/ECTester.jar | Bin 221833 -> 222841 bytes src/cz/crcs/ectester/reader/ECTester.java | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 19866db..53a28e2 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index ef35b2d..2f26275 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -904,7 +904,7 @@ public class ECTester { if (optPrivate != null || optNamedPrivate != null) { params |= EC_Consts.PARAMETER_S; EC_Params priv; - if (optPublic != null) { + if (optPrivate != null) { priv = new EC_Params(EC_Consts.PARAMETER_S); FileInputStream in = new FileInputStream(optPrivate); -- cgit v1.2.3-70-g09d2 From de1736c211dc8d27961ef0495c82d25fbf813e05 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sun, 26 Mar 2017 00:20:29 +0100 Subject: Refactored EC_Params, renamed EC_Data, added first test vectors. --- !uploader/ectester.cap | Bin 13786 -> 13783 bytes dist/ECTester.jar | Bin 222841 -> 238953 bytes src/cz/crcs/ectester/applet/ECKeyGenerator.java | 2 +- src/cz/crcs/ectester/applet/ECKeyTester.java | 5 +- src/cz/crcs/ectester/data/EC_Data.java | 246 --------------------- src/cz/crcs/ectester/data/EC_Store.java | 246 +++++++++++++++++++++ src/cz/crcs/ectester/data/categories.xml | 5 + src/cz/crcs/ectester/data/invalid/curves.xml | 4 + src/cz/crcs/ectester/data/test/keys.xml | 16 ++ .../ectester/data/test/secg/secp160r1-dh-kdf.csv | 1 + .../ectester/data/test/secg/secp160r1-dh-raw.csv | 1 + .../ectester/data/test/secg/secp160r1-dh-sha1.csv | 1 + .../ectester/data/test/secg/secp160r1-keyU.csv | 1 + .../ectester/data/test/secg/secp160r1-keyV.csv | 1 + src/cz/crcs/ectester/reader/ECTester.java | 139 +++++++----- src/cz/crcs/ectester/reader/ec/EC_Data.java | 135 +++++++++++ src/cz/crcs/ectester/reader/ec/EC_Params.java | 111 ++-------- 17 files changed, 516 insertions(+), 398 deletions(-) delete mode 100644 src/cz/crcs/ectester/data/EC_Data.java create mode 100644 src/cz/crcs/ectester/data/EC_Store.java create mode 100644 src/cz/crcs/ectester/data/invalid/curves.xml create mode 100644 src/cz/crcs/ectester/data/test/keys.xml create mode 100644 src/cz/crcs/ectester/data/test/secg/secp160r1-dh-kdf.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/secp160r1-dh-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/secp160r1-dh-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/secp160r1-keyU.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/secp160r1-keyV.csv create mode 100644 src/cz/crcs/ectester/reader/ec/EC_Data.java diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index cd747ae..3a5506d 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 53a28e2..348be01 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index da6142f..b412370 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -170,7 +170,7 @@ public class ECKeyGenerator { short i = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); - } else if (length == 8){ + } else if (length == 8) { short i1 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); short i2 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); short i3 = Util.makeShort(data[(short) (offset + 6)], data[(short) (offset + 7)]); diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 057d357..7ef6150 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -3,7 +3,10 @@ package cz.crcs.ectester.applet; import javacard.framework.CardRuntimeException; import javacard.framework.ISO7816; -import javacard.security.*; +import javacard.security.ECPrivateKey; +import javacard.security.ECPublicKey; +import javacard.security.KeyAgreement; +import javacard.security.Signature; /** * Class capable of testing ECDH/C and ECDSA. diff --git a/src/cz/crcs/ectester/data/EC_Data.java b/src/cz/crcs/ectester/data/EC_Data.java deleted file mode 100644 index 98b2d59..0000000 --- a/src/cz/crcs/ectester/data/EC_Data.java +++ /dev/null @@ -1,246 +0,0 @@ -package cz.crcs.ectester.data; - -import cz.crcs.ectester.reader.ec.EC_Curve; -import cz.crcs.ectester.reader.ec.EC_Key; -import cz.crcs.ectester.reader.ec.EC_Keypair; -import cz.crcs.ectester.reader.ec.EC_Params; -import javacard.security.KeyPair; -import org.omg.PortableInterceptor.SYSTEM_EXCEPTION; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.xml.sax.ErrorHandler; -import org.xml.sax.SAXException; -import org.xml.sax.SAXParseException; - -import javax.xml.XMLConstants; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.validation.Schema; -import javax.xml.validation.SchemaFactory; -import java.io.IOException; -import java.io.InputStream; -import java.util.Collections; -import java.util.HashMap; -import java.util.Map; - -/** - * @author Jan Jancar johny@neuromancer.sk - */ -public class EC_Data { - - private DocumentBuilder db; - - private Map categories; - - public EC_Data() { - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - - try { - SchemaFactory scf = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI); - Schema sch = scf.newSchema(this.getClass().getResource("/cz/crcs/ectester/data/schema.xsd")); - dbf.setSchema(sch); - dbf.setNamespaceAware(true); - dbf.setIgnoringComments(true); - dbf.setIgnoringElementContentWhitespace(true); - db = dbf.newDocumentBuilder(); - db.setErrorHandler(new ErrorHandler() { - @Override - public void warning(SAXParseException exception) throws SAXException { - System.err.println("EC_Data | Warning : " + exception); - } - - @Override - public void error(SAXParseException exception) throws SAXException { - System.err.println("EC_Data | Error : " + exception); - } - - @Override - public void fatalError(SAXParseException exception) throws SAXException { - System.err.println("EC_Data | Fatal : " + exception); - } - }); - - parse(); - } catch (ParserConfigurationException | IOException | SAXException e) { - e.printStackTrace(); - } - } - - private void parse() throws SAXException, ParserConfigurationException, IOException { - - Document categoriesDoc = db.parse(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/categories.xml")); - categoriesDoc.normalize(); - - NodeList catList = categoriesDoc.getElementsByTagName("category"); - - this.categories = new HashMap<>(catList.getLength()); - for (int i = 0; i < catList.getLength(); ++i) { - Node catNode = catList.item(i); - if (catNode instanceof Element) { - Element catElem = (Element) catNode; - Node name = catElem.getElementsByTagName("name").item(0); - Node dir = catElem.getElementsByTagName("directory").item(0); - Node desc = catElem.getElementsByTagName("desc").item(0); - - EC_Category category = parseCategory(name.getTextContent(), dir.getTextContent(), desc.getTextContent()); - this.categories.put(name.getTextContent(), category); - } else { - throw new SAXException("?"); - } - } - } - - private EC_Category parseCategory(String name, String dir, String desc) throws ParserConfigurationException, IOException, SAXException { - - Map objMap = new HashMap<>(); - - InputStream curvesStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/curves.xml"); - if (curvesStream != null) { - Document curvesDoc = db.parse(curvesStream); - curvesDoc.normalize(); - - NodeList curveList = curvesDoc.getElementsByTagName("curve"); - - for (int i = 0; i < curveList.getLength(); ++i) { - Node curveNode = curveList.item(i); - if (curveNode instanceof Element) { - Element curveElem = (Element) curveNode; - Node id = curveElem.getElementsByTagName("id").item(0); - Node bits = curveElem.getElementsByTagName("bits").item(0); - Node field = curveElem.getElementsByTagName("field").item(0); - Node file = curveElem.getElementsByTagName("file").item(0); - - NodeList descc = curveElem.getElementsByTagName("desc"); - String descs = null; - if (descc.getLength() != 0) { - descs = descc.item(0).getTextContent(); - } - - byte alg; - if (field.getTextContent().equalsIgnoreCase("prime")) { - alg = KeyPair.ALG_EC_FP; - } else { - alg = KeyPair.ALG_EC_F2M; - } - short bitsize = Short.parseShort(bits.getTextContent()); - - EC_Curve curve = new EC_Curve(bitsize, alg, descs); - if (!curve.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { - throw new IOException("Invalid csv data."); - } - - objMap.put(id.getTextContent(), curve); - } else { - throw new SAXException("?"); - } - } - } - - InputStream keysStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/keys.xml"); - if (keysStream != null) { - Document keysDoc = db.parse(keysStream); - keysDoc.normalize(); - - NodeList directs = keysDoc.getDocumentElement().getChildNodes(); - for (int i = 0; i < directs.getLength(); ++i) { - Node direct = directs.item(i); - if (direct instanceof Element) { - Element elem = (Element) direct; - - NodeList childs = elem.getChildNodes(); - String id = null; - for (int j = 0; j < childs.getLength(); ++j) { - Node child = childs.item(j); - if (child instanceof Element) { - Element childElem = (Element) child; - if (childElem.getTagName().equals("id")) { - id = childElem.getTextContent(); - break; - } - } - } - if (id == null) { - throw new SAXException("key no id?"); - } - - EC_Params result = parseKeylike(dir, elem); - - objMap.put(id, result); - } else { - throw new SAXException("?"); - } - } - } - - return new EC_Category(name, dir, desc, objMap); - } - - private EC_Params parseKeylike(String dir, Element elem) throws SAXException { - Node file = elem.getElementsByTagName("file").item(0); - Node curve = elem.getElementsByTagName("curve").item(0); - - NodeList desc = elem.getElementsByTagName("desc"); - String descs = null; - if (desc.getLength() != 0) { - descs = desc.item(0).getTextContent(); - } - - EC_Params result; - if (elem.getTagName().equals("pubkey")) { - result = new EC_Key.Public(curve.getTextContent(), descs); - } else if (elem.getTagName().equals("privkey")) { - result = new EC_Key.Private(curve.getTextContent(), descs); - } else if (elem.getTagName().equals("keypair")) { - result = new EC_Keypair(curve.getTextContent(), descs); - } else { - throw new SAXException("?"); - } - result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent())); - return result; - } - - public Map getCategories() { - return Collections.unmodifiableMap(categories); - } - - public EC_Category getCategory(String category) { - return categories.get(category); - } - - public Map getObjects(String category) { - EC_Category cat = categories.get(category); - if (cat != null) { - return cat.getObjects(); - } - return null; - } - - public Map getObjects(Class objClass, String category) { - EC_Category cat = categories.get(category); - if (cat != null) { - return cat.getObjects(objClass); - } - return null; - } - - public T getObject(Class objClass, String category, String id) { - EC_Category cat = categories.get(category); - if (cat != null) { - return cat.getObject(objClass, id); - } - return null; - } - - public T getObject(Class objClass, String query) { - String[] parts = query.split("/"); - if (parts.length != 2) { - return null; - } - return getObject(objClass, parts[0], parts[1]); - } - - -} diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java new file mode 100644 index 0000000..60a1065 --- /dev/null +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -0,0 +1,246 @@ +package cz.crcs.ectester.data; + +import cz.crcs.ectester.reader.ec.EC_Curve; +import cz.crcs.ectester.reader.ec.EC_Key; +import cz.crcs.ectester.reader.ec.EC_Keypair; +import cz.crcs.ectester.reader.ec.EC_Params; +import javacard.security.KeyPair; +import org.omg.PortableInterceptor.SYSTEM_EXCEPTION; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.xml.sax.ErrorHandler; +import org.xml.sax.SAXException; +import org.xml.sax.SAXParseException; + +import javax.xml.XMLConstants; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; +import java.io.IOException; +import java.io.InputStream; +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Store { + + private DocumentBuilder db; + + private Map categories; + + public EC_Store() { + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + + try { + SchemaFactory scf = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI); + Schema sch = scf.newSchema(this.getClass().getResource("/cz/crcs/ectester/data/schema.xsd")); + dbf.setSchema(sch); + dbf.setNamespaceAware(true); + dbf.setIgnoringComments(true); + dbf.setIgnoringElementContentWhitespace(true); + db = dbf.newDocumentBuilder(); + db.setErrorHandler(new ErrorHandler() { + @Override + public void warning(SAXParseException exception) throws SAXException { + System.err.println("EC_Store | Warning : " + exception); + } + + @Override + public void error(SAXParseException exception) throws SAXException { + System.err.println("EC_Store | Error : " + exception); + } + + @Override + public void fatalError(SAXParseException exception) throws SAXException { + System.err.println("EC_Store | Fatal : " + exception); + } + }); + + parse(); + } catch (ParserConfigurationException | IOException | SAXException e) { + e.printStackTrace(); + } + } + + private void parse() throws SAXException, ParserConfigurationException, IOException { + + Document categoriesDoc = db.parse(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/categories.xml")); + categoriesDoc.normalize(); + + NodeList catList = categoriesDoc.getElementsByTagName("category"); + + this.categories = new HashMap<>(catList.getLength()); + for (int i = 0; i < catList.getLength(); ++i) { + Node catNode = catList.item(i); + if (catNode instanceof Element) { + Element catElem = (Element) catNode; + Node name = catElem.getElementsByTagName("name").item(0); + Node dir = catElem.getElementsByTagName("directory").item(0); + Node desc = catElem.getElementsByTagName("desc").item(0); + + EC_Category category = parseCategory(name.getTextContent(), dir.getTextContent(), desc.getTextContent()); + this.categories.put(name.getTextContent(), category); + } else { + throw new SAXException("?"); + } + } + } + + private EC_Category parseCategory(String name, String dir, String desc) throws ParserConfigurationException, IOException, SAXException { + + Map objMap = new HashMap<>(); + + InputStream curvesStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/curves.xml"); + if (curvesStream != null) { + Document curvesDoc = db.parse(curvesStream); + curvesDoc.normalize(); + + NodeList curveList = curvesDoc.getElementsByTagName("curve"); + + for (int i = 0; i < curveList.getLength(); ++i) { + Node curveNode = curveList.item(i); + if (curveNode instanceof Element) { + Element curveElem = (Element) curveNode; + Node id = curveElem.getElementsByTagName("id").item(0); + Node bits = curveElem.getElementsByTagName("bits").item(0); + Node field = curveElem.getElementsByTagName("field").item(0); + Node file = curveElem.getElementsByTagName("file").item(0); + + NodeList descc = curveElem.getElementsByTagName("desc"); + String descs = null; + if (descc.getLength() != 0) { + descs = descc.item(0).getTextContent(); + } + + byte alg; + if (field.getTextContent().equalsIgnoreCase("prime")) { + alg = KeyPair.ALG_EC_FP; + } else { + alg = KeyPair.ALG_EC_F2M; + } + short bitsize = Short.parseShort(bits.getTextContent()); + + EC_Curve curve = new EC_Curve(bitsize, alg, descs); + if (!curve.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + throw new IOException("Invalid csv data."); + } + + objMap.put(id.getTextContent(), curve); + } else { + throw new SAXException("?"); + } + } + } + + InputStream keysStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/keys.xml"); + if (keysStream != null) { + Document keysDoc = db.parse(keysStream); + keysDoc.normalize(); + + NodeList directs = keysDoc.getDocumentElement().getChildNodes(); + for (int i = 0; i < directs.getLength(); ++i) { + Node direct = directs.item(i); + if (direct instanceof Element) { + Element elem = (Element) direct; + + NodeList childs = elem.getChildNodes(); + String id = null; + for (int j = 0; j < childs.getLength(); ++j) { + Node child = childs.item(j); + if (child instanceof Element) { + Element childElem = (Element) child; + if (childElem.getTagName().equals("id")) { + id = childElem.getTextContent(); + break; + } + } + } + if (id == null) { + throw new SAXException("key no id?"); + } + + EC_Params result = parseKeylike(dir, elem); + + objMap.put(id, result); + } else { + throw new SAXException("?"); + } + } + } + + return new EC_Category(name, dir, desc, objMap); + } + + private EC_Params parseKeylike(String dir, Element elem) throws SAXException { + Node file = elem.getElementsByTagName("file").item(0); + Node curve = elem.getElementsByTagName("curve").item(0); + + NodeList desc = elem.getElementsByTagName("desc"); + String descs = null; + if (desc.getLength() != 0) { + descs = desc.item(0).getTextContent(); + } + + EC_Params result; + if (elem.getTagName().equals("pubkey")) { + result = new EC_Key.Public(curve.getTextContent(), descs); + } else if (elem.getTagName().equals("privkey")) { + result = new EC_Key.Private(curve.getTextContent(), descs); + } else if (elem.getTagName().equals("keypair")) { + result = new EC_Keypair(curve.getTextContent(), descs); + } else { + throw new SAXException("?"); + } + result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent())); + return result; + } + + public Map getCategories() { + return Collections.unmodifiableMap(categories); + } + + public EC_Category getCategory(String category) { + return categories.get(category); + } + + public Map getObjects(String category) { + EC_Category cat = categories.get(category); + if (cat != null) { + return cat.getObjects(); + } + return null; + } + + public Map getObjects(Class objClass, String category) { + EC_Category cat = categories.get(category); + if (cat != null) { + return cat.getObjects(objClass); + } + return null; + } + + public T getObject(Class objClass, String category, String id) { + EC_Category cat = categories.get(category); + if (cat != null) { + return cat.getObject(objClass, id); + } + return null; + } + + public T getObject(Class objClass, String query) { + String[] parts = query.split("/"); + if (parts.length != 2) { + return null; + } + return getObject(objClass, parts[0], parts[1]); + } + + +} diff --git a/src/cz/crcs/ectester/data/categories.xml b/src/cz/crcs/ectester/data/categories.xml index 5913d42..d0c9f39 100644 --- a/src/cz/crcs/ectester/data/categories.xml +++ b/src/cz/crcs/ectester/data/categories.xml @@ -31,4 +31,9 @@ wrong Wrong field curves. These should definitely give an error when used. Since the "prime" used for the field are not prime, and the field polynomials are also not irreducible. Simply put these parameters don't specify a valid elliptic curve. + + test + test + Test vectors + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/invalid/curves.xml b/src/cz/crcs/ectester/data/invalid/curves.xml new file mode 100644 index 0000000..e87269f --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/curves.xml @@ -0,0 +1,4 @@ + + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/keys.xml b/src/cz/crcs/ectester/data/test/keys.xml new file mode 100644 index 0000000..56fc4e2 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/keys.xml @@ -0,0 +1,16 @@ + + + + secp160r1-U + secg/secp160r1-keyU.csv + secg/secp160r1 + + + secp160r1-V + secg/secp160r1-keyV.csv + secg/secp160r1 + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-kdf.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-kdf.csv new file mode 100644 index 0000000..e8060e1 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-kdf.csv @@ -0,0 +1 @@ +744AB703F5BC082E59185F6D049D2D367DB245C2 diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-raw.csv new file mode 100644 index 0000000..3eac8d9 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-raw.csv @@ -0,0 +1 @@ +CA7C0F8C3FFA87A96E1B74AC8E6AF594347BB40A diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-sha1.csv new file mode 100644 index 0000000..97735e7 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-sha1.csv @@ -0,0 +1 @@ +D248313E865A1AE677782B54B24D8ABAF11A53C2 diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-keyU.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-keyU.csv new file mode 100644 index 0000000..bbf9e62 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-keyU.csv @@ -0,0 +1 @@ +51B4496FECC406ED0E75A24A3C03206251419DC0,C28DCB4B73A514B468D793894F381CCC1756AA6C,AA374FFC3CE144E6B073307972CB6D57B2A4E982 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-keyV.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-keyV.csv new file mode 100644 index 0000000..6d9bc31 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-keyV.csv @@ -0,0 +1 @@ +49B41E0E9C0369C2328739D90F63D56707C6E5BC,26E008B567015ED96D232A03111C3EDC0E9C8F83,45FB58A92A17AD4B15101C66E74F277E2B460866 diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 2f26275..247a260 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -24,7 +24,7 @@ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.data.EC_Category; -import cz.crcs.ectester.data.EC_Data; +import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.reader.ec.EC_Curve; import cz.crcs.ectester.reader.ec.EC_Key; import cz.crcs.ectester.reader.ec.EC_Keypair; @@ -47,7 +47,7 @@ public class ECTester { private CardMngr cardManager; private DirtyLogger systemOutLogger; - private EC_Data dataDB; + private EC_Store dataStore; //Options private int optBits; @@ -108,7 +108,7 @@ public class ECTester { return; } - dataDB = new EC_Data(); + dataStore = new EC_Store(); //if list, print and quit if (cli.hasOption("list-named")) { list(); @@ -462,7 +462,7 @@ public class ECTester { * List categories and named curves. */ private void list() { - Map categories = dataDB.getCategories(); + Map categories = dataStore.getCategories(); for (EC_Category cat : categories.values()) { System.out.println("\t- " + cat.getName() + ": " + (cat.getDesc() == null ? "" : cat.getDesc())); @@ -597,34 +597,16 @@ public class ECTester { List commands = new LinkedList<>(); if (optTestCase.equalsIgnoreCase("default")) { - if (optAll) { - if (optNamedCurve != null) { - Map curves = dataDB.getObjects(EC_Curve.class, optNamedCurve); - if (optPrimeField) { - for (Map.Entry entry : curves.entrySet()) { - EC_Curve curve = entry.getValue(); - if (curve.getField() == KeyPair.ALG_EC_FP) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_FP)); - byte[] external = curve.flatten(); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); - commands.addAll(testCurve()); - commands.add(new Command.Cleanup(cardManager)); - } - } - } - if (optBinaryField) { - for (Map.Entry entry : curves.entrySet()) { - EC_Curve curve = entry.getValue(); - if (curve.getField() == KeyPair.ALG_EC_F2M) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_F2M)); - byte[] external = curve.flatten(); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); - commands.addAll(testCurve()); - commands.add(new Command.Cleanup(cardManager)); - } - } - } - } else { + + if (optNamedCurve != null) { + if (optPrimeField) { + commands.addAll(testCurves(optNamedCurve, KeyPair.ALG_EC_FP)); + } + if (optBinaryField) { + commands.addAll(testCurves(optNamedCurve, KeyPair.ALG_EC_F2M)); + } + } else { + if (optAll) { if (optPrimeField) { //iterate over prime curve sizes used: EC_Consts.FP_SIZES for (short keyLength : EC_Consts.FP_SIZES) { @@ -643,32 +625,41 @@ public class ECTester { commands.add(new Command.Cleanup(cardManager)); } } - } - } else { - if (optPrimeField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); - commands.addAll(testCurve()); - commands.add(new Command.Cleanup(cardManager)); - } + } else { + if (optPrimeField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); + commands.addAll(testCurve()); + commands.add(new Command.Cleanup(cardManager)); + } - if (optBinaryField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); - commands.addAll(testCurve()); - commands.add(new Command.Cleanup(cardManager)); + if (optBinaryField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); + commands.addAll(testCurve()); + commands.add(new Command.Cleanup(cardManager)); + } } } } else if (optTestCase.equalsIgnoreCase("wrong")) { - + if (optPrimeField) { + commands.addAll(testCurves("wrong", KeyPair.ALG_EC_FP)); + } + if (optBinaryField) { + commands.addAll(testCurves("wrong", KeyPair.ALG_EC_F2M)); + } } else if (optTestCase.equalsIgnoreCase("non-prime")) { + } else if (optTestCase.equalsIgnoreCase("smallpub")) { + } else if (optTestCase.equalsIgnoreCase("invalid")) { } List test = Command.sendAll(commands); systemOutLogger.println(Response.toString(test)); + + // } /** @@ -685,15 +676,14 @@ public class ECTester { systemOutLogger.println(Response.toString(prepare)); + byte pubkey = (optAnyPublic || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; + byte privkey = (optAnyPrivate || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; + List generate = new LinkedList<>(); + generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); if (optAnyPublic || optAnyPrivate || optAnyKey) { - generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); generate.add(prepareKey(ECTesterApplet.KEYPAIR_REMOTE)); - } else { - generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); } - byte pubkey = (optAnyPublic || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; - byte privkey = (optAnyPrivate || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; FileWriter out = null; if (optOutput != null) { @@ -816,7 +806,7 @@ public class ECTester { } else if (optNamedCurve != null) { // Set a named curve. // parse optNamedCurve -> cat / id | cat | id - EC_Curve curve = dataDB.getObject(EC_Curve.class, optNamedCurve); + EC_Curve curve = dataStore.getObject(EC_Curve.class, optNamedCurve); if (curve == null) { throw new IOException("Curve could no be found."); } @@ -873,7 +863,7 @@ public class ECTester { keypair.readCSV(in); in.close(); } else { - keypair = dataDB.getObject(EC_Keypair.class, optNamedKey); + keypair = dataStore.getObject(EC_Keypair.class, optNamedKey); } data = keypair.flatten(); @@ -892,12 +882,15 @@ public class ECTester { pub.readCSV(in); in.close(); } else { - pub = dataDB.getObject(EC_Key.Public.class, optNamedPublic); + pub = dataStore.getObject(EC_Key.Public.class, optNamedPublic); + if (pub == null) { + pub = dataStore.getObject(EC_Keypair.class, optNamedPublic); + } } - byte[] pubkey = pub.flatten(); + byte[] pubkey = pub.flatten(EC_Consts.PARAMETER_W); if (pubkey == null) { - throw new IOException("Couldn't read the key file correctly."); + throw new IOException("Couldn't read the public key file correctly."); } data = pubkey; } @@ -911,12 +904,15 @@ public class ECTester { priv.readCSV(in); in.close(); } else { - priv = dataDB.getObject(EC_Key.Public.class, optNamedPrivate); + priv = dataStore.getObject(EC_Key.Public.class, optNamedPrivate); + if (priv == null) { + priv = dataStore.getObject(EC_Keypair.class, optNamedPrivate); + } } - byte[] privkey = priv.flatten(); + byte[] privkey = priv.flatten(EC_Consts.PARAMETER_S); if (privkey == null) { - throw new IOException("Couldn't read the key file correctly."); + throw new IOException("Couldn't read the private key file correctly."); } data = Util.concatenate(data, privkey); } @@ -939,6 +935,31 @@ public class ECTester { return commands; } + /** + * @param category + * @param field + * @return + * @throws IOException + */ + private List testCurves(String category, byte field) throws IOException { + List commands = new LinkedList<>(); + Map curves = dataStore.getObjects(EC_Curve.class, category); + if (curves == null) + return commands; + for (Map.Entry entry : curves.entrySet()) { + EC_Curve curve = entry.getValue(); + if (curve.getField() == field && (curve.getBits() == optBits || optAll)) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), field)); + byte[] external = curve.flatten(); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); + commands.addAll(testCurve()); + commands.add(new Command.Cleanup(cardManager)); + } + } + + return commands; + } + public static void main(String[] args) { ECTester app = new ECTester(); app.run(args); diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java new file mode 100644 index 0000000..c1fb54c --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -0,0 +1,135 @@ +package cz.crcs.ectester.reader.ec; + +import cz.crcs.ectester.reader.Util; + +import java.io.*; +import java.util.ArrayList; +import java.util.LinkedList; +import java.util.List; +import java.util.Scanner; +import java.util.regex.Pattern; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Data { + private static final Pattern hex = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); + + int count; + byte[][] data; + + EC_Data() { + } + + public EC_Data(int count) { + this.count = count; + this.data = new byte[count][]; + } + + public EC_Data(byte[][] data) { + this.count = data.length; + this.data = data; + } + + public byte[][] getData() { + return data; + } + + public boolean hasData() { + return data != null; + } + + public byte[] flatten() { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + for (byte[] param : data) { + byte[] length = new byte[2]; + Util.setShort(length, 0, (short) param.length); + + out.write(length, 0, 2); + out.write(param, 0, param.length); + } + + return out.toByteArray(); + } + + public String[] expand() { + List out = new ArrayList<>(count); + for (byte[] param : data) { + out.add(Util.bytesToHex(param, false)); + } + + return out.toArray(new String[out.size()]); + } + + private static byte[] pad(byte[] data) { + if (data.length == 1) { + return new byte[]{(byte) 0, data[0]}; + } else if (data.length == 0 || data.length > 2) { + return data; + } + return null; + } + + private static byte[] parse(String param) { + byte[] data; + if (param.startsWith("0x") || param.startsWith("0X")) { + data = Util.hexToBytes(param.substring(2)); + } else { + data = Util.hexToBytes(param); + } + if (data == null) + return new byte[0]; + if (data.length < 2) + return pad(data); + return data; + } + + private boolean readHex(String[] hex) { + if (hex.length != count) { + return false; + } + + for (int i = 0; i < count; ++i) { + this.data[i] = parse(hex[i]); + } + return true; + } + + public boolean readCSV(InputStream in) { + Scanner s = new Scanner(in); + + s.useDelimiter(",|;"); + List data = new LinkedList<>(); + while (s.hasNext()) { + String field = s.next(); + data.add(field.replaceAll("\\s+", "")); + } + + if (data.isEmpty()) { + return false; + } + for (String param : data) { + if (!hex.matcher(param).matches()) { + return false; + } + } + return readHex(data.toArray(new String[data.size()])); + } + + public boolean readBytes(byte[] data) { + //TODO + return false; + } + + public void writeCSV(OutputStream out) throws IOException { + String[] hex = expand(); + Writer w = new OutputStreamWriter(out); + for (int i = 0; i < hex.length; ++i) { + w.write(hex[i]); + if (i < hex.length - 1) { + w.write(","); + } + } + w.flush(); + } +} diff --git a/src/cz/crcs/ectester/reader/ec/EC_Params.java b/src/cz/crcs/ectester/reader/ec/EC_Params.java index fa5515c..00747b1 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Params.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Params.java @@ -3,29 +3,25 @@ package cz.crcs.ectester.reader.ec; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.reader.Util; -import java.io.*; +import java.io.ByteArrayOutputStream; import java.util.ArrayList; -import java.util.LinkedList; import java.util.List; -import java.util.Scanner; -import java.util.regex.Pattern; /** * @author Jan Jancar johny@neuromancer.sk */ -public class EC_Params { - private static final Pattern hex = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); - +public class EC_Params extends EC_Data { private short params; - private byte[][] data; public EC_Params(short params) { this.params = params; - this.data = new byte[numParams()][]; + this.count = numParams(); + this.data = new byte[this.count][]; } public EC_Params(short params, byte[][] data) { this.params = params; + this.count = data.length; this.data = data; } @@ -45,7 +41,7 @@ public class EC_Params { if (paramMask == EC_Consts.PARAMETER_F2M) { num += 3; } - if (paramMask == EC_Consts.PARAMETER_W || paramMask == EC_Consts.PARAMETER_G){ + if (paramMask == EC_Consts.PARAMETER_W || paramMask == EC_Consts.PARAMETER_G) { num += 1; } ++num; @@ -55,32 +51,29 @@ public class EC_Params { return num; } - public byte[][] getData() { - return data; - } - - public boolean hasData() { - return data != null; + @Override + public byte[] flatten() { + return flatten(params); } - public byte[] flatten() { + public byte[] flatten(short params) { ByteArrayOutputStream out = new ByteArrayOutputStream(); short paramMask = EC_Consts.PARAMETER_FP; int i = 0; while (paramMask <= EC_Consts.PARAMETER_S) { - short masked = (short) (params & paramMask); + short masked = (short) (this.params & params & paramMask); + short shallow = (short) (this.params & paramMask); if (masked != 0) { byte[] param = data[i]; if (masked == EC_Consts.PARAMETER_F2M) { //add m, e_1, e_2, e_3 param = Util.concatenate(param, data[i + 1], data[i + 2], data[i + 3]); - i += 3; if (param.length != 8) throw new RuntimeException("PARAMETER_F2M length is not 8.(should be)"); } if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { //read another param (the y coord) and put into X962 format. - byte[] y = data[++i]; + byte[] y = data[i + 1]; param = Util.concatenate(new byte[]{4}, param, y); //<- ugly but works! } if (param.length == 0) @@ -92,6 +85,12 @@ public class EC_Params { out.write(length, 0, 2); //write data out.write(param, 0, param.length); + } + if (shallow == EC_Consts.PARAMETER_F2M) { + i += 4; + } else if (shallow == EC_Consts.PARAMETER_G || shallow == EC_Consts.PARAMETER_W) { + i += 2; + } else if (shallow != 0) { i++; } paramMask = (short) (paramMask << 1); @@ -100,6 +99,7 @@ public class EC_Params { return (out.size() == 0) ? null : out.toByteArray(); } + @Override public String[] expand() { List out = new ArrayList<>(); @@ -136,75 +136,4 @@ public class EC_Params { return out.toArray(new String[out.size()]); } - private static byte[] pad(byte[] data) { - if (data.length == 1) { - return new byte[]{(byte) 0, data[0]}; - } else if (data.length == 0 || data.length > 2) { - return data; - } - return null; - } - - private static byte[] parse(String param) { - byte[] data; - if (param.startsWith("0x") || param.startsWith("0X")) { - data = Util.hexToBytes(param.substring(2)); - } else { - data = Util.hexToBytes(param); - } - if (data == null) - return new byte[0]; - if (data.length < 2) - return pad(data); - return data; - } - - private boolean readHex(String[] hex) { - if (hex.length != numParams()) { - return false; - } - - for (int i = 0; i < numParams(); ++i) { - this.data[i] = parse(hex[i]); - } - return true; - } - - public boolean readCSV(InputStream in) { - Scanner s = new Scanner(in); - - s.useDelimiter(",|;"); - List data = new LinkedList(); - while (s.hasNext()) { - String field = s.next(); - data.add(field.replaceAll("\\s+", "")); - } - - if (data.isEmpty()) { - return false; - } - for (String param : data) { - if (!hex.matcher(param).matches()) { - return false; - } - } - return readHex(data.toArray(new String[data.size()])); - } - - public void writeCSV(OutputStream out) throws IOException { - String[] hex = expand(); - Writer w = new OutputStreamWriter(out); - for (int i = 0; i < hex.length; ++i) { - w.write(hex[i]); - if (i < hex.length - 1) { - w.write(","); - } - } - w.flush(); - } - - public boolean readBytes(byte[] data) { - //TODO - return false; - } } -- cgit v1.2.3-70-g09d2 From 0ab7f6dd030c866565cb6592b2a40a39af82be09 Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 27 Mar 2017 01:03:56 +0200 Subject: Added new curves, started adding default & dangerous tests. --- !uploader/ectester.cap | Bin 13783 -> 13811 bytes dist/ECTester.jar | Bin 238953 -> 253043 bytes src/cz/crcs/ectester/applet/EC_Consts.java | 12 ++ src/cz/crcs/ectester/data/EC_Category.java | 4 +- src/cz/crcs/ectester/data/EC_Store.java | 3 +- src/cz/crcs/ectester/data/nist/b163.csv | 1 + src/cz/crcs/ectester/data/nist/b233.csv | 1 + src/cz/crcs/ectester/data/nist/b283.csv | 1 + src/cz/crcs/ectester/data/nist/b409.csv | 9 ++ src/cz/crcs/ectester/data/nist/b571.csv | 1 + src/cz/crcs/ectester/data/nist/curves.xml | 61 +++++++++ src/cz/crcs/ectester/data/nist/k163.csv | 1 + src/cz/crcs/ectester/data/nist/k233.csv | 1 + src/cz/crcs/ectester/data/nist/k283.csv | 1 + src/cz/crcs/ectester/data/nist/k409.csv | 1 + src/cz/crcs/ectester/data/nist/k571.csv | 1 + src/cz/crcs/ectester/data/secg/curves.xml | 42 ++++++ src/cz/crcs/ectester/data/secg/secp112r1.csv | 1 + src/cz/crcs/ectester/data/secg/secp112r2.csv | 1 + src/cz/crcs/ectester/data/secg/secp128r1.csv | 1 + src/cz/crcs/ectester/data/secg/secp128r2.csv | 1 + src/cz/crcs/ectester/data/secg/secp160k1.csv | 1 + src/cz/crcs/ectester/data/secg/secp160r1.csv | 1 + src/cz/crcs/ectester/data/secg/secp160r2.csv | 1 + .../ectester/data/test/secg/sect163k1-dh-kdf.csv | 1 + .../ectester/data/test/secg/sect163k1-dh-raw.csv | 1 + .../ectester/data/test/secg/sect163k1-dh-sha1.csv | 1 + .../ectester/data/test/secg/sect163k1-dhc-kdf.csv | 1 + .../ectester/data/test/secg/sect163k1-dhc-raw.csv | 1 + .../ectester/data/test/secg/sect163k1-dhc-sha1.csv | 1 + .../ectester/data/test/secg/sect163k1-keyU.csv | 1 + .../ectester/data/test/secg/sect163k1-keyV.csv | 1 + src/cz/crcs/ectester/reader/ECTester.java | 144 ++++++++++++++------- 33 files changed, 251 insertions(+), 48 deletions(-) create mode 100644 src/cz/crcs/ectester/data/nist/b163.csv create mode 100644 src/cz/crcs/ectester/data/nist/b233.csv create mode 100644 src/cz/crcs/ectester/data/nist/b283.csv create mode 100644 src/cz/crcs/ectester/data/nist/b409.csv create mode 100644 src/cz/crcs/ectester/data/nist/b571.csv create mode 100644 src/cz/crcs/ectester/data/nist/k163.csv create mode 100644 src/cz/crcs/ectester/data/nist/k233.csv create mode 100644 src/cz/crcs/ectester/data/nist/k283.csv create mode 100644 src/cz/crcs/ectester/data/nist/k409.csv create mode 100644 src/cz/crcs/ectester/data/nist/k571.csv create mode 100644 src/cz/crcs/ectester/data/secg/secp112r1.csv create mode 100644 src/cz/crcs/ectester/data/secg/secp112r2.csv create mode 100644 src/cz/crcs/ectester/data/secg/secp128r1.csv create mode 100644 src/cz/crcs/ectester/data/secg/secp128r2.csv create mode 100644 src/cz/crcs/ectester/data/secg/secp160k1.csv create mode 100644 src/cz/crcs/ectester/data/secg/secp160r1.csv create mode 100644 src/cz/crcs/ectester/data/secg/secp160r2.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/sect163k1-dh-kdf.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/sect163k1-dh-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/sect163k1-dh-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-kdf.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/sect163k1-keyU.csv create mode 100644 src/cz/crcs/ectester/data/test/secg/sect163k1-keyV.csv diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 3a5506d..bed5dc6 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 348be01..a5dd71c 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index cac5d79..534d552 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -958,6 +958,9 @@ public class EC_Consts { public static final byte CORRUPTION_MAX = (byte) 0x06; public static final byte CORRUPTION_INCREMENT = (byte) 0x07; public static final byte CORRUPTION_INFINITY = (byte) 0x08; + public static final byte CORRUPTION_PREFIX_COMPRESSED = (byte) 0x09; + public static final byte CORRUPTION_PREFIX_HYBRID = (byte) 0x0a; + public static final byte CORRUPTION_PREFIX_UNCOMPRESSED = (byte) 0x0b; // toX962 FORM types public static final byte X962_UNCOMPRESSED = (byte) 0x00; @@ -1290,6 +1293,15 @@ public class EC_Consts { case CORRUPTION_INFINITY: Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); return 1; + case CORRUPTION_PREFIX_COMPRESSED: + buffer[offset] = 2; + break; + case CORRUPTION_PREFIX_HYBRID: + buffer[offset] = 6; + break; + case CORRUPTION_PREFIX_UNCOMPRESSED: + buffer[offset] = 4; + break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } diff --git a/src/cz/crcs/ectester/data/EC_Category.java b/src/cz/crcs/ectester/data/EC_Category.java index aed7e7d..81b8784 100644 --- a/src/cz/crcs/ectester/data/EC_Category.java +++ b/src/cz/crcs/ectester/data/EC_Category.java @@ -3,7 +3,7 @@ package cz.crcs.ectester.data; import cz.crcs.ectester.reader.ec.EC_Params; import java.util.Collections; -import java.util.HashMap; +import java.util.TreeMap; import java.util.Map; /** @@ -50,7 +50,7 @@ public class EC_Category { } public Map getObjects(Class cls) { - Map objs = new HashMap<>(); + Map objs = new TreeMap<>(); for (Map.Entry entry : objects.entrySet()) { if (cls.isInstance(entry.getValue())) { objs.put(entry.getKey(), cls.cast(entry.getValue())); diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index 60a1065..c32f1ce 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -25,6 +25,7 @@ import java.io.InputStream; import java.util.Collections; import java.util.HashMap; import java.util.Map; +import java.util.TreeMap; /** * @author Jan Jancar johny@neuromancer.sk @@ -95,7 +96,7 @@ public class EC_Store { private EC_Category parseCategory(String name, String dir, String desc) throws ParserConfigurationException, IOException, SAXException { - Map objMap = new HashMap<>(); + Map objMap = new TreeMap<>(); InputStream curvesStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/curves.xml"); if (curvesStream != null) { diff --git a/src/cz/crcs/ectester/data/nist/b163.csv b/src/cz/crcs/ectester/data/nist/b163.csv new file mode 100644 index 0000000..b211f63 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/b163.csv @@ -0,0 +1 @@ +00a3,0007,0006,0003,000000000000000000000000000000000000000001,020a601907b8c953ca1481eb10512f78744a3205fd,03f0eba16286a2d57ea0991168d4994637e8343e36,00d51fbc6c71a0094fa2cdd545b11c5c0c797324f1,040000000000000000000292FE77E70C12A4234C33,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/b233.csv b/src/cz/crcs/ectester/data/nist/b233.csv new file mode 100644 index 0000000..79f0e85 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/b233.csv @@ -0,0 +1 @@ +00e9,004a,0000,0000,000000000000000000000000000000000000000000000000000000000001,0066647ede6c332c7f8c0923bb58213b333b20e9ce4281fe115f7d8f90ad,00fac9dfcbac8313bb2139f1bb755fef65bc391f8b36f8f8eb7371fd558b,01006a08a41903350678e58528bebf8a0beff867a7ca36716f7e01f81052,1000000000000000000000000000013e974e72f8a6922031d2603cfe0d7,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/b283.csv b/src/cz/crcs/ectester/data/nist/b283.csv new file mode 100644 index 0000000..88506b3 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/b283.csv @@ -0,0 +1 @@ +011b,000c,0007,0005,00000000000000000000000000000000000000000000000000000000000000000000001,27b680ac8b8596da5a4af8a19a0303fca97fd7645309fa2a581485af6263e313b79a2f5,5f939258db7dd90e1934f8c70b0dfec2eed25b8557eac9c80e2e198f8cdbecd86b12053,3676854fe24141cb98fe6d4b20d02b4516ff702350eddb0826779c813f0df45be8112f4,3ffffffffffffffffffffffffffffffffffef90399660fc938a90165b042a7cefadb307,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/b409.csv b/src/cz/crcs/ectester/data/nist/b409.csv new file mode 100644 index 0000000..ed5ef5b --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/b409.csv @@ -0,0 +1,9 @@ +0199,0057,0000,0000,0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,021a5c2c8ee9feb5c4b9a753b7b476b7fd6422ef1f3dd674761fa99d6ac27c8a9a197b272822f6cd57a55aa4f50ae317b13545f,15d4860d088ddb3496b0c6064756260441cde4af1771d4db01ffe5b34e59703dc255a868a1180515603aeab60794e54bb7996a7,061b1cfab6be5f32bbfa78324ed106a7636b9c5a7bd198d0158aa4f5488d08f38514f1fdf4b4f40d2181b3681c364ba0273c706,10000000000000000000000000000000000000000000000000001e2aad6a612f33307be5fa47c3c9e052f838164cd37d9a21173,2 + + + + + + + + diff --git a/src/cz/crcs/ectester/data/nist/b571.csv b/src/cz/crcs/ectester/data/nist/b571.csv new file mode 100644 index 0000000..c0bef32 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/b571.csv @@ -0,0 +1 @@ +023b,000a,0005,0002,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,2f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a,303001d34b856296c16c0d40d3cd7750a93d1d2955fa80aa5f40fc8db7b2abdbde53950f4c0d293cdd711a35b67fb1499ae60038614f1394abfa3b4c850d927e1e7769c8eec2d19,37bf27342da639b6dccfffeb73d69d78c6c27a6009cbbca1980f8533921e8a684423e43bab08a576291af8f461bb2a8b3531d2f0485c19b16e2f1516e23dd3c1a4827af1b8ac15b,3ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/curves.xml b/src/cz/crcs/ectester/data/nist/curves.xml index 00b109c..2abf72f 100644 --- a/src/cz/crcs/ectester/data/nist/curves.xml +++ b/src/cz/crcs/ectester/data/nist/curves.xml @@ -31,4 +31,65 @@ prime p521.csv + + + K-163 + 163 + binary + k163.csv + + + B-163 + 163 + binary + b163.csv + + + K-233 + 233 + binary + k233.csv + + + B-233 + 233 + binary + b233.csv + + + K-283 + 283 + binary + k283.csv + + + B-283 + 283 + binary + b283.csv + + + K-409 + 409 + binary + k409.csv + + + B-409 + 409 + binary + b409.csv + + + K-571 + 571 + binary + k571.csv + + + B-571 + 571 + binary + b571.csv + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/k163.csv b/src/cz/crcs/ectester/data/nist/k163.csv new file mode 100644 index 0000000..d4f21be --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/k163.csv @@ -0,0 +1 @@ +00a3,0007,0006,0003,000000000000000000000000000000000000000001,000000000000000000000000000000000000000001,02fe13c0537bbc11acaa07d793de4e6d5e5c94eee8,0289070fb05d38ff58321f2e800536d538ccdaa3d9,04000000000000000000020108A2E0CC0D99F8A5EF,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/k233.csv b/src/cz/crcs/ectester/data/nist/k233.csv new file mode 100644 index 0000000..45e3c49 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/k233.csv @@ -0,0 +1 @@ +00e9,004a,0000,0000,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,017232ba853a7e731af129f22ff4149563a419c26bf50a4c9d6eefad6126,01db537dece819b7f70f555a67c427a8cd9bf18aeb9b56e0c11056fae6a3,8000000000000000000000000000069d5bb915bcd46efb1ad5f173abdf,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/k283.csv b/src/cz/crcs/ectester/data/nist/k283.csv new file mode 100644 index 0000000..b0e2800 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/k283.csv @@ -0,0 +1 @@ +011b,000c,0007,0005,00000000000000000000000000000000000000000000000000000000000000000000000,00000000000000000000000000000000000000000000000000000000000000000000001,503213f78ca44883f1a3b8162f188e553cd265f23c1567a16876913b0c2ac2458492836,1ccda380f1c9e318d90f95d07e5426fe87e45c0e8184698e45962364e34116177dd2259,1ffffffffffffffffffffffffffffffffffe9ae2ed07577265dff7f94451e061e163c61,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/k409.csv b/src/cz/crcs/ectester/data/nist/k409.csv new file mode 100644 index 0000000..fc44b82 --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/k409.csv @@ -0,0 +1 @@ +0199,0057,0000,0000,0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,060f05f658f49c1ad3ab1890f7184210efd0987e307c84c27accfb8f9f67cc2c460189eb5aaaa62ee222eb1b35540cfe9023746,1e369050b7c4e42acba1dacbf04299c3460782f918ea427e6325165e9ea10e3da5f6c42e9c55215aa9ca27a5863ec48d8e0286b,7ffffffffffffffffffffffffffffffffffffffffffffffffffe5f83b2d4ea20400ec4557d5ed3e3e7ca5b4b5c83b8e01e5fcf,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/k571.csv b/src/cz/crcs/ectester/data/nist/k571.csv new file mode 100644 index 0000000..5660f6a --- /dev/null +++ b/src/cz/crcs/ectester/data/nist/k571.csv @@ -0,0 +1 @@ +023b,000a,0005,0002,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,26eb7a859923fbc82189631f8103fe4ac9ca2970012d5d46024804801841ca44370958493b205e647da304db4ceb08cbbd1ba39494776fb988b47174dca88c7e2945283a01c8972,349dc807f4fbf374f4aeade3bca95314dd58cec9f307a54ffc61efc006d8a2c9d4979c0ac44aea74fbebbb9f772aedcb620b01a7ba7af1b320430c8591984f601cd4c143ef1c7a3,20000000000000000000000000000000000000000000000000000000000000000000000131850e1f19a63e4b391a8db917f4138b630d84be5d639381e91deb45cfe778f637c1001,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/curves.xml b/src/cz/crcs/ectester/data/secg/curves.xml index 1807ec3..c04fe38 100644 --- a/src/cz/crcs/ectester/data/secg/curves.xml +++ b/src/cz/crcs/ectester/data/secg/curves.xml @@ -1,6 +1,48 @@ + + secp112r1 + 112 + prime + secp112r1.csv + + + secp112r2 + 112 + prime + secp112r2.csv + + + secp128r1 + 128 + prime + secp128r1.csv + + + secp128r2 + 128 + prime + secp128r2.csv + + + secp160k1 + 160 + prime + secp160k1.csv + + + secp160r1 + 160 + prime + secp160r1.csv + + + secp160r2 + 160 + prime + secp160r2.csv + secp192k1 192 diff --git a/src/cz/crcs/ectester/data/secg/secp112r1.csv b/src/cz/crcs/ectester/data/secg/secp112r1.csv new file mode 100644 index 0000000..1f63812 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp112r1.csv @@ -0,0 +1 @@ +DB7C2ABF62E35E668076BEAD208B,DB7C2ABF62E35E668076BEAD2088,659EF8BA043916EEDE8911702B22,09487239995A5EE76B55F9C2F098,A89CE5AF8724C0A23E0E0FF77500,DB7C2ABF62E35E7628DFAC6561C5,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp112r2.csv b/src/cz/crcs/ectester/data/secg/secp112r2.csv new file mode 100644 index 0000000..4ed7ad9 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp112r2.csv @@ -0,0 +1 @@ +DB7C2ABF62E35E668076BEAD208B,6127C24C05F38A0AAAF65C0EF02C,51DEF1815DB5ED74FCC34C85D709,4BA30AB5E892B4E1649DD0928643,ADCD46F5882E3747DEF36E956E97,36DF0AAFD8B8D7597CA10520D04B,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp128r1.csv b/src/cz/crcs/ectester/data/secg/secp128r1.csv new file mode 100644 index 0000000..a7f2dc8 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp128r1.csv @@ -0,0 +1 @@ +FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF,FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC,E87579C11079F43DD824993C2CEE5ED3,161FF7528B899B2D0C28607CA52C5B86,CF5AC8395BAFEB13C02DA292DDED7A83,FFFFFFFE0000000075A30D1B9038A115,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp128r2.csv b/src/cz/crcs/ectester/data/secg/secp128r2.csv new file mode 100644 index 0000000..384de92 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp128r2.csv @@ -0,0 +1 @@ +FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF,D6031998D1B3BBFEBF59CC9BBFF9AEE1,5EEEFCA380D02919DC2C6558BB6D8A5D,7B6AA5D85E572983E6FB32A7CDEBC140,27B6916A894D3AEE7106FE805FC34B44,3FFFFFFF7FFFFFFFBE0024720613B5A3,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp160k1.csv b/src/cz/crcs/ectester/data/secg/secp160k1.csv new file mode 100644 index 0000000..6a95e94 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp160k1.csv @@ -0,0 +1 @@ +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73,0000000000000000000000000000000000000000,0000000000000000000000000000000000000007,3B4C382CE37AA192A4019E763036F4F5DD4D7EBB,938CF935318FDCED6BC28286531733C3F03C4FEE,0100000000000000000001B8FA16DFAB9ACA16B6B3,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp160r1.csv b/src/cz/crcs/ectester/data/secg/secp160r1.csv new file mode 100644 index 0000000..a2be6f9 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp160r1.csv @@ -0,0 +1 @@ +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC,1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45,4A96B5688EF573284664698968C38BB913CBFC82,23A628553168947D59DCC912042351377AC5FB32,0100000000000000000001F4C8F927AED3CA752257,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp160r2.csv b/src/cz/crcs/ectester/data/secg/secp160r2.csv new file mode 100644 index 0000000..354ba53 --- /dev/null +++ b/src/cz/crcs/ectester/data/secg/secp160r2.csv @@ -0,0 +1 @@ +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70,B4E134D3FB59EB8BAB57274904664D5AF50388BA,52DCB034293A117E1F4FF11B30F7199D3144CE6D,FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E,0100000000000000000000351EE786A818F3A1A16B,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-kdf.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-kdf.csv new file mode 100644 index 0000000..fe86cff --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-kdf.csv @@ -0,0 +1 @@ +6655A9C8F9E593149DB24C91CE621641035C9282 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-raw.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-raw.csv new file mode 100644 index 0000000..4007c6d --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-raw.csv @@ -0,0 +1 @@ +0357C3DCD1DF3E27BD8885170EE4975B5081DA7FA7 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-sha1.csv new file mode 100644 index 0000000..badc2b7 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-sha1.csv @@ -0,0 +1 @@ +13132F8088D60F9FE0D955AE04C9D20DA829A38B \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-kdf.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-kdf.csv new file mode 100644 index 0000000..b9c6f47 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-kdf.csv @@ -0,0 +1 @@ +59798528083F50B07528353CDA99D0E460A7229D \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-raw.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-raw.csv new file mode 100644 index 0000000..8ec537a --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-raw.csv @@ -0,0 +1 @@ +04CB89474B33A518E1C3CD11BEB6E2B0CF48BEE64D \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-sha1.csv new file mode 100644 index 0000000..b96d64e --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-sha1.csv @@ -0,0 +1 @@ +08E7DBCB78FE4020578C5EAA0AACA2CFFB7B38ED \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-keyU.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-keyU.csv new file mode 100644 index 0000000..23fc166 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-keyU.csv @@ -0,0 +1 @@ +037D529FA37E42195F10111127FFB2BB38644806BC,0447026EEE8B34157F3EB51BE5185D2BE0249ED776,03A41434AA99C2EF40C8495B2ED9739CB2155A1E0D \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-keyV.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-keyV.csv new file mode 100644 index 0000000..6197eba --- /dev/null +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-keyV.csv @@ -0,0 +1 @@ +072783FAAB9549002B4F13140B88132D1C75B3886C,05A976794EA79A4DE26E2E19418F097942C08641C7,57E8A78E842BF4ACD5C315AA0569DB1703541D96 \ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 247a260..80c3fb0 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -82,6 +82,7 @@ public class ECTester { private boolean optSimulate = false; //Action-related options + private String optListNamed; private String optTestCase; private int optGenerateAmount; private int optECDHCount; @@ -107,6 +108,10 @@ public class ECTester { help(); return; } + //if not, read other options first, into attributes, then do action + if (!readOptions(cli)) { + return; + } dataStore = new EC_Store(); //if list, print and quit @@ -115,11 +120,6 @@ public class ECTester { return; } - //if not, read other options first, into attributes, then do action - if (!readOptions(cli)) { - return; - } - //init CardManager cardManager = new CardMngr(optVerbose, optSimulate); @@ -245,7 +245,7 @@ public class ECTester { OptionGroup actions = new OptionGroup(); actions.setRequired(true); actions.addOption(Option.builder("h").longOpt("help").desc("Print help.").build()); - actions.addOption(Option.builder("ln").longOpt("list-named").desc("Print the list of supported named curves and keys.").build()); + actions.addOption(Option.builder("ln").longOpt("list-named").desc("Print the list of supported named curves and keys.").hasArg().argName("what").optionalArg(true).build()); actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").hasArg().argName("test_case").optionalArg(true).build()); @@ -334,6 +334,11 @@ public class ECTester { optFresh = cli.hasOption("fresh"); optSimulate = cli.hasOption("simulate"); + if (cli.hasOption("list-named")) { + optListNamed = cli.getOptionValue("list-named"); + return true; + } + if ((optKey != null || optNamedKey != null) && (optPublic != null || optPrivate != null || optNamedPublic != null || optNamedPrivate != null)) { System.err.print("Can only specify the whole key with --key/--named-key or pubkey and privkey with --public/--named-public and --private/--named-private."); return false; @@ -403,8 +408,8 @@ public class ECTester { optPrimeField = true; } - optTestCase = cli.getOptionValue("test", "default"); - String[] tests = new String[]{"default", "non-prime", "invalid", "wrong"}; + optTestCase = cli.getOptionValue("test", "default").toLowerCase(); + String[] tests = new String[]{"default", "non-prime", "invalid", "smallpub", "test-vectors", "wrong"}; List testsList = Arrays.asList(tests); if (!testsList.contains(optTestCase)) { System.err.println("Unknown test case. Should be one of: " + Arrays.toString(tests)); @@ -463,35 +468,54 @@ public class ECTester { */ private void list() { Map categories = dataStore.getCategories(); - for (EC_Category cat : categories.values()) { - System.out.println("\t- " + cat.getName() + ": " + (cat.getDesc() == null ? "" : cat.getDesc())); - - Map curves = cat.getObjects(EC_Curve.class); - int size = curves.size(); - if (size > 0) { - System.out.print("\t\tCurves: "); - for (Map.Entry curve : curves.entrySet()) { - System.out.print(curve.getKey()); - size--; - if (size > 0) - System.out.print(", "); + if (optListNamed == null) { + // print all categories, briefly + for (EC_Category cat : categories.values()) { + System.out.println("\t- " + cat.getName() + ": " + (cat.getDesc() == null ? "" : cat.getDesc())); + + Map curves = cat.getObjects(EC_Curve.class); + int size = curves.size(); + if (size > 0) { + System.out.print("\t\tCurves: "); + for (Map.Entry curve : curves.entrySet()) { + System.out.print(curve.getKey()); + size--; + if (size > 0) + System.out.print(", "); + } + System.out.println(); } - System.out.println(); - } - Map keys = cat.getObjects(EC_Key.class); - size = keys.size(); - if (size > 0) { - System.out.print("\t\tKeys: "); - for (Map.Entry key : keys.entrySet()) { - System.out.print(key.getKey()); - size--; - if (size > 0) - System.out.print(", "); + Map keys = cat.getObjects(EC_Key.class); + size = keys.size(); + if (size > 0) { + System.out.print("\t\tKeys: "); + for (Map.Entry key : keys.entrySet()) { + System.out.print(key.getKey()); + size--; + if (size > 0) + System.out.print(", "); + } + System.out.println(); + } + + Map keypairs = cat.getObjects(EC_Keypair.class); + size = keypairs.size(); + if (size > 0) { + System.out.print("\t\tKeypairs: "); + for (Map.Entry key : keypairs.entrySet()) { + System.out.print(key.getKey()); + size--; + if (size > 0) + System.out.print(", "); + } + System.out.println(); } System.out.println(); } - System.out.println(); + } else if (categories.containsKey(optListNamed)) { + // print given category + //TODO } } @@ -596,8 +620,7 @@ public class ECTester { private void test() throws IOException, CardException { List commands = new LinkedList<>(); - if (optTestCase.equalsIgnoreCase("default")) { - + if (optTestCase.equals("default")) { if (optNamedCurve != null) { if (optPrimeField) { commands.addAll(testCurves(optNamedCurve, KeyPair.ALG_EC_FP)); @@ -641,21 +664,52 @@ public class ECTester { } } } - } else if (optTestCase.equalsIgnoreCase("wrong")) { - if (optPrimeField) { - commands.addAll(testCurves("wrong", KeyPair.ALG_EC_FP)); - } - if (optBinaryField) { - commands.addAll(testCurves("wrong", KeyPair.ALG_EC_F2M)); - } - } else if (optTestCase.equalsIgnoreCase("non-prime")) { - - } else if (optTestCase.equalsIgnoreCase("smallpub")) { + } else if (optTestCase.equals("test-vectors")) { + /* Set original curves (secg/nist/brainpool). Set keypairs from test vectors. + * Do ECDH both ways, export and verify that the result is correct. + * + */ + String category = optNamedCurve == null ? "secg" : optNamedCurve; + Map curves = dataStore.getObjects(EC_Curve.class, category); + //TODO - } else if (optTestCase.equalsIgnoreCase("invalid")) { + } else { + // These tests are dangerous, prompt before them. + System.out.println("The test you selected (" + optTestCase + ") is potentially dangerous."); + System.out.println("Some of these tests have caused temporary DoS of some cards."); + System.out.print("Do you want to proceed? (y/n):"); + String confirmation = System.console().readLine(); + if (!Arrays.asList("yes", "y", "Y").contains(confirmation)) { + return; + } + if (optTestCase.equals("wrong") || optTestCase.equals("non-prime")) { + /* Just do the default tests on the wrong and non-prime curves. + * These should generally fail, the curves aren't safe. + */ + if (optPrimeField) { + commands.addAll(testCurves(optTestCase, KeyPair.ALG_EC_FP)); + } + if (optBinaryField) { + commands.addAll(testCurves(optTestCase, KeyPair.ALG_EC_F2M)); + } + } else if (optTestCase.equals("smallpub")) { + /* Do the default tests with the public keys set to provided smallpub keys. + * These should fail, the curves aren't safe so that if the computation with + * a small order public key succeeds the private key modulo the public key order + * is revealed. + */ + //TODO + } else if (optTestCase.equals("invalid")) { + /* Set original curves (secg/nist/brainpool). Generate local. + * Try ECDH with invalid public keys of increasing (or decreasing) order. + * + */ + //TODO + } } + List test = Command.sendAll(commands); systemOutLogger.println(Response.toString(test)); -- cgit v1.2.3-70-g09d2 From 6218dd2809dcc2f00adb70ac61784c681d4491ca Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 28 Mar 2017 01:50:53 +0200 Subject: Added nist and brainpool test vectors, also smallpub test --- !uploader/ectester.cap | Bin 13811 -> 13811 bytes !uploader/simpleECC.cap | Bin 18330 -> 0 bytes !uploader/simpleECC221.cap | Bin 4562 -> 0 bytes README.md | 45 ++--- dist/ECTester.jar | Bin 253043 -> 283382 bytes src/cz/crcs/ectester/data/EC_Category.java | 1 + src/cz/crcs/ectester/data/EC_Store.java | 7 +- src/cz/crcs/ectester/data/smallpub/keys.xml | 14 +- .../data/test/brainpool/brainpoolP224r1-dh-raw.csv | 1 + .../test/brainpool/brainpoolP224r1-dh-sha1.csv | 1 + .../data/test/brainpool/brainpoolP224r1-keyA.csv | 1 + .../data/test/brainpool/brainpoolP224r1-keyB.csv | 1 + .../data/test/brainpool/brainpoolP256r1-dh-raw.csv | 1 + .../test/brainpool/brainpoolP256r1-dh-sha1.csv | 1 + .../data/test/brainpool/brainpoolP256r1-keyA.csv | 1 + .../data/test/brainpool/brainpoolP256r1-keyB.csv | 1 + .../data/test/brainpool/brainpoolP384r1-dh-raw.csv | 1 + .../test/brainpool/brainpoolP384r1-dh-sha1.csv | 1 + .../data/test/brainpool/brainpoolP384r1-keyA.csv | 1 + .../data/test/brainpool/brainpoolP384r1-keyB.csv | 1 + .../data/test/brainpool/brainpoolP512r1-dh-raw.csv | 1 + .../test/brainpool/brainpoolP512r1-dh-sha1.csv | 1 + .../data/test/brainpool/brainpoolP512r1-keyA.csv | 1 + .../data/test/brainpool/brainpoolP512r1-keyB.csv | 1 + src/cz/crcs/ectester/data/test/keys.xml | 202 +++++++++++++++++++++ .../crcs/ectester/data/test/nist/b163-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/b163-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/b163-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/b163-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/b233-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/b233-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/b233-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/b233-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/b283-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/b283-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/b283-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/b283-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/b409-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/b409-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/b409-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/b409-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/b571-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/b571-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/b571-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/b571-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/k163-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/k163-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/k163-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/k163-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/k233-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/k233-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/k233-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/k233-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/k283-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/k283-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/k283-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/k283-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/k409-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/k409-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/k409-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/k409-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/k571-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/k571-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/k571-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/k571-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/p192-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/p192-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/p192-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/p192-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/p224-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/p224-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/p224-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/p224-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/p256-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/p256-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/p256-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/p256-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/p384-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/p384-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/p384-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/p384-keyIUT.csv | 1 + .../crcs/ectester/data/test/nist/p521-dhc-raw.csv | 1 + .../crcs/ectester/data/test/nist/p521-dhc-sha1.csv | 1 + .../crcs/ectester/data/test/nist/p521-keyCAVS.csv | 1 + .../crcs/ectester/data/test/nist/p521-keyIUT.csv | 1 + src/cz/crcs/ectester/reader/ECTester.java | 18 +- 86 files changed, 322 insertions(+), 41 deletions(-) delete mode 100644 !uploader/simpleECC.cap delete mode 100644 !uploader/simpleECC221.cap create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyA.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyB.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyA.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyB.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyA.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyB.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyA.csv create mode 100644 src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyB.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b163-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b163-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b233-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b233-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b283-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b283-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b283-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b283-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b409-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b409-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b409-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b409-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b571-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b571-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b571-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/b571-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k163-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k163-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k233-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k233-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k283-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k283-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k283-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k283-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k409-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k409-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k409-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k409-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k571-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k571-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k571-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/k571-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p192-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p192-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p192-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p192-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p224-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p224-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p224-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p224-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p256-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p256-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p256-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p256-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p384-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p384-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p384-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p384-keyIUT.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p521-dhc-raw.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p521-dhc-sha1.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv create mode 100644 src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index bed5dc6..de865a9 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/!uploader/simpleECC.cap b/!uploader/simpleECC.cap deleted file mode 100644 index 886ce88..0000000 Binary files a/!uploader/simpleECC.cap and /dev/null differ diff --git a/!uploader/simpleECC221.cap b/!uploader/simpleECC221.cap deleted file mode 100644 index ba7bbb5..0000000 Binary files a/!uploader/simpleECC221.cap and /dev/null differ diff --git a/README.md b/README.md index 0ec96dc..0bbc5c9 100644 --- a/README.md +++ b/README.md @@ -21,51 +21,44 @@ See `java -jar ectester.jar -h` for more. ### Options ``` - -ln,--list-named Print the list of supported named - curves, keys and keypairs. + -ln,--list-named Print the list of supported named + curves and keys. -dsa,--ecdsa Sign data with ECDSA, [count] times. - -t,--test Test ECC support. + -t,--test Test ECC support. -dh,--ecdh Do ECDH, [count] times. -e,--export Export the defaut curve parameters of the card(if any). -g,--generate Generate [amount] of EC keys. -h,--help Print help. - + -dhc,--ecdhc Do ECDHC, [count] times. -a,--all Test all curve sizes. -b,--bit-size Set curve size. - - -c,--curve Use curve from file [curve_file] + -fp,--prime-field Use a prime field. + -f2m,--binary-field Use a binary field. + -c,--curve Use curve from file (field,a,b,gx,gy,r,k). - -nc,--named-curve Use a named curve. - -u,--custom Use a custom curve(applet-side + -nc,--named-curve Use a named curve, from CurveDB: + + -u,--custom Use a custom curve (applet-side embedded, SECG curves). - - -fp,--prime-field Use prime field curve. - -f2m,--binary-field Use binary field curve. - - -npub,--named-public Use public key from KeyDB: [cat/id] - -pub,--public Use public key from file [pubkey_file] + -npub,--named-public Use public key from KeyDB: + -pub,--public Use public key from file (wx,wy). - -priv,--private Use private key from file - [privkey_file] (s). - -npriv,--named-private Use private key from KeyDB: [cat/id] - - -k,--key Use keyPair from file [key_file] + (s). + -npriv,--named-private Use private key from KeyDB: + -k,--key Use keyPair from file  (wx,wy,s). - -nk,--named-key Use keyPair from KeyDB: [cat/id] - - -i,--input Input from file [input_file], for ecdsa + -nk,--named-key Use keyPair from KeyDB: + -i,--input Input from file , for ECDSA signing. - -o,--output Output into file [output_file]. + -o,--output Output into file . -l,--log Log output into file [log_file]. -v,--verbose Turn on verbose logging. - - -f,--fresh Generate fresh keys(set domain + -f,--fresh Generate fresh keys (set domain parameters before every generation). -s,--simulate Simulate a card with jcardsim instead of using a terminal. - ``` ### Example diff --git a/dist/ECTester.jar b/dist/ECTester.jar index a5dd71c..2140b4d 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/data/EC_Category.java b/src/cz/crcs/ectester/data/EC_Category.java index 81b8784..859b942 100644 --- a/src/cz/crcs/ectester/data/EC_Category.java +++ b/src/cz/crcs/ectester/data/EC_Category.java @@ -67,4 +67,5 @@ public class EC_Category { return null; } } + } diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index c32f1ce..aec635e 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -179,7 +179,7 @@ public class EC_Store { return new EC_Category(name, dir, desc, objMap); } - private EC_Params parseKeylike(String dir, Element elem) throws SAXException { + private EC_Params parseKeylike(String dir, Element elem) throws SAXException, IOException { Node file = elem.getElementsByTagName("file").item(0); Node curve = elem.getElementsByTagName("curve").item(0); @@ -199,7 +199,9 @@ public class EC_Store { } else { throw new SAXException("?"); } - result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent())); + if(!result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + throw new IOException("Invalid CSV data."); + } return result; } @@ -243,5 +245,4 @@ public class EC_Store { return getObject(objClass, parts[0], parts[1]); } - } diff --git a/src/cz/crcs/ectester/data/smallpub/keys.xml b/src/cz/crcs/ectester/data/smallpub/keys.xml index 83e98b0..fbdf5e8 100644 --- a/src/cz/crcs/ectester/data/smallpub/keys.xml +++ b/src/cz/crcs/ectester/data/smallpub/keys.xml @@ -6,43 +6,43 @@ ecsp128-pub ecsp128_pub.csv - ecsp128 + smallpub/ecsp128 order = 5 ecsp160-pub ecsp160_pub.csv - ecsp160 + smallpub/ecsp160 order = 3 ecsp192-pub ecsp192_pub.csv - ecsp192 + smallpub/ecsp192 order = 3 ecsp224-pub ecsp224_pub.csv - ecsp224 + smallpub/ecsp224 order = 5 ecsp256-pub ecsp256_pub.csv - ecsp256 + smallpub/ecsp256 order = 3 ecsp384-pub ecsp384_pub.csv - ecsp384 + smallpub/ecsp384 order = 3 ecsp521-pub ecsp521_pub.csv - ecsp521 + smallpub/ecsp521 order = 5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-raw.csv new file mode 100644 index 0000000..9913e7d --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-raw.csv @@ -0,0 +1 @@ +312DFD98783F9FB77B9704945A73BEB6DCCBE3B65D0F967DCAB574EB \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-sha1.csv new file mode 100644 index 0000000..01c5dbe --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-sha1.csv @@ -0,0 +1 @@ +4ADCA2E2CFE8DBD4F0B9CE27E4422C57EE0A6B98 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyA.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyA.csv new file mode 100644 index 0000000..db4d4b5 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyA.csv @@ -0,0 +1 @@ +B104A67A6F6E85E14EC1825E1539E8ECDBBF584922367DD88C6BDCF2,46D782E7FDB5F60CD8404301AC5949C58EDB26BC68BA07695B750A94,7C4B7A2C8A4BAD1FBB7D79CC0955DB7C6A4660CA64CC4778159B495E \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyB.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyB.csv new file mode 100644 index 0000000..6544d00 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyB.csv @@ -0,0 +1 @@ +2A97089A9296147B71B21A4B574E1278245B536F14D8C2B9D07A874E,9B900D7C77A709A797276B8CA1BA61BB95B546FC29F862E44D59D25B,63976D4AAE6CD0F6DD18DEFEF55D96569D0507C03E74D6486FFA28FB \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-raw.csv new file mode 100644 index 0000000..29aac4a --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-raw.csv @@ -0,0 +1 @@ +89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-sha1.csv new file mode 100644 index 0000000..7790e0b --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-sha1.csv @@ -0,0 +1 @@ +4F1CCFFBB2A14DA1F17DE291DABCDD109EB13BB7 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyA.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyA.csv new file mode 100644 index 0000000..a2f79da --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyA.csv @@ -0,0 +1 @@ +44106E913F92BC02A1705D9953A8414DB95E1AAA49E81D9E85F929A8E3100BE5,8AB4846F11CACCB73CE49CBDD120F5A900A69FD32C272223F789EF10EB089BDC,81DB1EE100150FF2EA338D708271BE38300CB54241D79950F77B063039804F1D \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyB.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyB.csv new file mode 100644 index 0000000..e2d8039 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyB.csv @@ -0,0 +1 @@ +8D2D688C6CF93E1160AD04CC4429117DC2C41825E1E9FCA0ADDD34E6F1B39F7B,990C57520812BE512641E47034832106BC7D3E8DD0E4C7F1136D7006547CEC6A,55E40BC41E37E3E2AD25C3C6654511FFA8474A91A0032087593852D3E7D76BD3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-raw.csv new file mode 100644 index 0000000..93ec84b --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-raw.csv @@ -0,0 +1 @@ +0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-sha1.csv new file mode 100644 index 0000000..c4b18a3 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-sha1.csv @@ -0,0 +1 @@ +7562598C913DF9BCAD30D6985358F7779045B3A4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyA.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyA.csv new file mode 100644 index 0000000..7d923a3 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyA.csv @@ -0,0 +1 @@ +68B665DD91C195800650CDD363C625F4E742E8134667B767B1B476793588F885AB698C852D4A6E77A252D6380FCAF068,55BC91A39C9EC01DEE36017B7D673A931236D2F1F5C83942D049E3FA20607493E0D038FF2FD30C2AB67D15C85F7FAA59,1E20F5E048A5886F1F157C74E91BDE2B98C8B52D58E5003D57053FC4B0BD65D6F15EB5D1EE1610DF870795143627D042 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyB.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyB.csv new file mode 100644 index 0000000..edb41f5 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyB.csv @@ -0,0 +1 @@ +4D44326F269A597A5B58BBA565DA5556ED7FD9A8A9EB76C25F46DB69D19DC8CE6AD18E404B15738B2086DF37E71D1EB4,62D692136DE56CBE93BF5FA3188EF58BC8A3A0EC6C1E151A21038A42E9185329B5B275903D192F8D4E1F32FE9CC78C48,032640BC6003C59260F7250C3DB58CE647F98E1260ACCE4ACDA3DD869F74E01F8BA5E0324309DB6A9831497ABAC96670 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-raw.csv new file mode 100644 index 0000000..1b7e57a --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-raw.csv @@ -0,0 +1 @@ +A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-sha1.csv new file mode 100644 index 0000000..554770a --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-sha1.csv @@ -0,0 +1 @@ +8E4814D30F0B5C7FFA35E15809F529D6FD94D759 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyA.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyA.csv new file mode 100644 index 0000000..3122397 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyA.csv @@ -0,0 +1 @@ +0A420517E406AAC0ACDCE90FCD71487718D3B953EFD7FBEC5F7F27E28C6149999397E91E029E06457DB2D3E640668B392C2A7E737A7F0BF04436D11640FD09FD,72E6882E8DB28AAD36237CD25D580DB23783961C8DC52DFA2EC138AD472A0FCEF3887CF62B623B2A87DE5C588301EA3E5FC269B373B60724F5E82A6AD147FDE7,16302FF0DBBB5A8D733DAB7141C1B45ACBC8715939677F6A56850A38BD87BD59B09E80279609FF333EB9D4C061231FB26F92EEB04982A5F1D1764CAD57665422 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyB.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyB.csv new file mode 100644 index 0000000..6ce51b7 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyB.csv @@ -0,0 +1 @@ +9D45F66DE5D67E2E6DB6E93A59CE0BB48106097FF78A081DE781CDB31FCE8CCBAAEA8DD4320C4119F1E9CD437A2EAB3731FA9668AB268D871DEDA55A5473199F,2FDC313095BCDD5FB3A91636F07A959C8E86B5636A1E930E8396049CB481961D365CC11453A06C719835475B12CB52FC3C383BCE35E27EF194512B71876285FA,230E18E1BCC88A362FA54E4EA3902009292F7F8033624FD471B5D8ACE49D12CFABBC19963DAB8E2F1EBA00BFFB29E4D72D13F2224562F405CB80503666B25429 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/keys.xml b/src/cz/crcs/ectester/data/test/keys.xml index 56fc4e2..5f86b5b 100644 --- a/src/cz/crcs/ectester/data/test/keys.xml +++ b/src/cz/crcs/ectester/data/test/keys.xml @@ -13,4 +13,206 @@ secg/secp160r1-keyV.csv secg/secp160r1 + + sect163k1-U + secg/sect163k1-keyU.csv + secg/sect163k1 + + + sect163k1-V + secg/sect163k1-keyV.csv + secg/sect163k1 + + + + brainpoolP224r1-A + brainpool/brainpoolP224r1-keyA.csv + brainpool/brainpoolP224r1 + + + brainpoolP224r1-B + brainpool/brainpoolP224r1-keyB.csv + brainpool/brainpoolP224r1 + + + brainpoolP256r1-A + brainpool/brainpoolP256r1-keyA.csv + brainpool/brainpoolP256r1 + + + brainpoolP256r1-B + brainpool/brainpoolP256r1-keyB.csv + brainpool/brainpoolP256r1 + + + brainpoolP384r1-A + brainpool/brainpoolP384r1-keyA.csv + brainpool/brainpoolP384r1 + + + brainpoolP384r1-B + brainpool/brainpoolP384r1-keyB.csv + brainpool/brainpoolP384r1 + + + brainpoolP512r1-A + brainpool/brainpoolP512r1-keyA.csv + brainpool/brainpoolP512r1 + + + brainpoolP512r1-B + brainpool/brainpoolP512r1-keyB.csv + brainpool/brainpoolP512r1 + + + + p192-A + nist/p192-keyIUT.csv + nist/P-192 + + + p192-B + nist/p192-keyCAVS.csv + nist/P-192 + + + p224-A + nist/p224-keyIUT.csv + nist/P-224 + + + p224-B + nist/p224-keyCAVS.csv + nist/P-224 + + + p256-A + nist/p256-keyIUT.csv + nist/P-256 + + + p256-B + nist/p256-keyCAVS.csv + nist/P-256 + + + p384-A + nist/p384-keyIUT.csv + nist/P-384 + + + p384-B + nist/p384-keyCAVS.csv + nist/P-384 + + + p521-A + nist/p521-keyIUT.csv + nist/P-521 + + + p521-B + nist/p521-keyCAVS.csv + nist/P-521 + + + b163-A + nist/b163-keyIUT.csv + nist/B-163 + + + b163-B + nist/b163-keyCAVS.csv + nist/B-163 + + + b233-A + nist/b233-keyIUT.csv + nist/B-233 + + + b233-B + nist/b233-keyCAVS.csv + nist/B-233 + + + b283-A + nist/b283-keyIUT.csv + nist/B-283 + + + b283-B + nist/b283-keyCAVS.csv + nist/B-283 + + + b409-A + nist/b409-keyIUT.csv + nist/B-409 + + + b409-B + nist/b409-keyCAVS.csv + nist/B-409 + + + b571-A + nist/b571-keyIUT.csv + nist/B-571 + + + b571-B + nist/b571-keyCAVS.csv + nist/B-571 + + + k163-A + nist/k163-keyIUT.csv + nist/K-163 + + + k163-B + nist/k163-keyCAVS.csv + nist/K-163 + + + k233-A + nist/k233-keyIUT.csv + nist/K-233 + + + k233-B + nist/k233-keyCAVS.csv + nist/K-233 + + + k283-A + nist/k283-keyIUT.csv + nist/K-283 + + + k283-B + nist/k283-keyCAVS.csv + nist/K-283 + + + k409-A + nist/k409-keyIUT.csv + nist/K-409 + + + k409-B + nist/k409-keyCAVS.csv + nist/K-409 + + + k571-A + nist/k571-keyIUT.csv + nist/K-571 + + + k571-B + nist/k571-keyCAVS.csv + nist/K-571 + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b163-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b163-dhc-raw.csv new file mode 100644 index 0000000..fab00cb --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b163-dhc-raw.csv @@ -0,0 +1 @@ +0100fb42d177ffe6c31378e2e04e0da7376ffe8765 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b163-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b163-dhc-sha1.csv new file mode 100644 index 0000000..8d98703 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b163-dhc-sha1.csv @@ -0,0 +1 @@ +10F4DDCF79C23FD7DC11563BF18B2BE75A139E4F \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv new file mode 100644 index 0000000..e0f7f15 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv @@ -0,0 +1 @@ +00000003a647ba32dac71ec6780b0638a70cd24fc3bd4c8e,00000002e69e961541844a4aa33769a7bce710f6640a560c \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv new file mode 100644 index 0000000..910ea7c --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv @@ -0,0 +1 @@ +000000035466701d0b0030d098b6ed2343d355c24c907271,00000000d8bc02f341d261860dfb65f0cb7f0b488d8296cc,00000003edae173de8fa0cf0412d6a7bdc81fdbd0617adf8 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b233-dhc-raw.csv new file mode 100644 index 0000000..56ef836 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b233-dhc-raw.csv @@ -0,0 +1 @@ +00e9f3d8c4f1bec0f920e763ea1bb7415899f01734609e7547dc425ec946 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b233-dhc-sha1.csv new file mode 100644 index 0000000..9795228 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b233-dhc-sha1.csv @@ -0,0 +1 @@ +958FD3D4A2F61130ACF6472A6DE421F11D9A4D13 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv new file mode 100644 index 0000000..bac3371 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv @@ -0,0 +1 @@ +0000004756baddefc3dc337ab27b5452eb10affd9e31f5b55c330e90f0f686a2,0000012a79f65232308a21c98c01555ccafc7dce15c8fed3025a760cbd6c2327 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv new file mode 100644 index 0000000..56d5f3a --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv @@ -0,0 +1 @@ +00000061e8a9b517fd05a026ec376616229fd8639a1fa76defe5398022f9d9c8,000000706b5cb08738a94552fee584b1372fead4af79040909fcf6f50084bbfa,0000003c3ee474ac0d0bc1df567e3c35f5f766c5332b2d6730ff0e4d8e75aedb \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b283-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b283-dhc-raw.csv new file mode 100644 index 0000000..c1d1432 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b283-dhc-raw.csv @@ -0,0 +1 @@ +065194e26090e74047ee75f13f9769d20e1b52189650011e283daa090732cc53755dc366 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b283-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b283-dhc-sha1.csv new file mode 100644 index 0000000..0d7bbf8 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b283-dhc-sha1.csv @@ -0,0 +1 @@ +75C8297B1DD59937F86C3063E8EC0B2B9AD118BF \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b283-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b283-keyCAVS.csv new file mode 100644 index 0000000..9f973e7 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b283-keyCAVS.csv @@ -0,0 +1 @@ +02504e1a17819d39f010a4a69a0568299402b58f944a384c7d1a62c9c93ea4d1ff300e13,0265132f7b4c64b74b9179ed0f2e211f4328d625405022f554170da932b80fdf7c1aab12 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b283-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b283-keyIUT.csv new file mode 100644 index 0000000..c7e4b04 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b283-keyIUT.csv @@ -0,0 +1 @@ +0561e495563018169804d4c8e2435b4afd85da376d914b69d39246f8e06113aa32e642d2,0781a7f59de7f42f5f9d6c3481f33fc5deb357c6ecf4c758e370d2435de3d8ee737703f4,02f43455842246a2cc8ec068e9d6c6e4160f6ba4e3b5d831d93c1daa8fd3d5a9660c7bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b409-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b409-dhc-raw.csv new file mode 100644 index 0000000..36c3236 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b409-dhc-raw.csv @@ -0,0 +1 @@ +01d48a586be9285fa38dd3e70b0330b0ffebd327ceefef88fdc1521ef2fd61cbc9124e03b0c926e70fa56acb3edb54c3c48fab2b \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b409-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b409-dhc-sha1.csv new file mode 100644 index 0000000..7264423 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b409-dhc-sha1.csv @@ -0,0 +1 @@ +B6562E95755880A16BC35FCC030AF5FEBC1113D4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b409-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b409-keyCAVS.csv new file mode 100644 index 0000000..b737359 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b409-keyCAVS.csv @@ -0,0 +1 @@ +0146989a50297be373dd665c45455a2ae4c221da5cd424007bd97f9e8e846f96740f3fa58c3c94129671cdd4d7ea650a2aade9d7,01b42bffda843946a14ad6080f95b8fc6b7e173528d08ed36fe640aaf85aa00fb5edd5905a38b3c7961b7722b77b8dcb44bb25f5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b409-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b409-keyIUT.csv new file mode 100644 index 0000000..5eede05 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b409-keyIUT.csv @@ -0,0 +1 @@ +004ebc4d4acf9b404dabc3af3e8cbea8b88b32999d3ecb7f367b12eb3a6280b840038e22681637a7d16436e014f69616abf72e45,009e24109541c8024217e9ab2c963fa9e373640095a6c25a26eefac58e4342c0c85448b2709592a12402fe2b68a793c558ce8cd6,00ace92103ffe262ac17ad42a46d4366f4cb4c580eff3ab1dde6bddfdbb7374811d52b1fa99320b4af5d4e9208c14eb8efa8916c \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b571-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b571-dhc-raw.csv new file mode 100644 index 0000000..be74f27 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b571-dhc-raw.csv @@ -0,0 +1 @@ +06775e1b99a236e02b020bc73666e5751c1210dcb6e9b02a69f4075376e49f7a1476d2209e861abb73f5e3ad189d268e035b1de93d47b3a64de5783c9a09bc223e1cc612f26dcdf1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b571-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b571-dhc-sha1.csv new file mode 100644 index 0000000..80273a9 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b571-dhc-sha1.csv @@ -0,0 +1 @@ +624E4D4DC60F1064E378D34EF2E1FBB0ADE792E6 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b571-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b571-keyCAVS.csv new file mode 100644 index 0000000..da4a6d6 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b571-keyCAVS.csv @@ -0,0 +1 @@ +03b63f5fa112ae6b5f113c765144fe4cbd6020e26d400c11609a3a634b9a325f416b0e3d3215734c68a1c2c8fad1d0bb9eb3939a41af22421f68781e7eb0664b9df5cea448deaa3b,008e6cc77bcddc816e84cfc1f626824fa24d3d5fd33d8093cbfe1fc4d881b63b494123bc759670edcb1887bb3b9d5a8b516bc503828163709d4dacb594d277a15a92c064e5770d1b \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b571-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b571-keyIUT.csv new file mode 100644 index 0000000..53d9e62 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/b571-keyIUT.csv @@ -0,0 +1 @@ +06af71fcec1a2904116fe14878663764c1ec74870e5d2d53919f0b635912db80dd5460d9e699458ff8494c5bfc74fba8d3b12f65f015e8def10de33f1800191f4cb502d21938b951,019584177b189c6641ffb678b6d7833d8d4bb25dee5018dda4e4c0d219048c01cd0da9eaffe346d53cf1a07b33b3dbdd4bc3acabe4832f9981eff2660991aac852147985eea3a51e,0344f22be87999b95b2287f67430ea8fe646c62fe38b7ce61f1f956597c27bddd9902e20d4436abf3bebd8243ec29a00481a8a2c19f550e99641b5f14aafbb5bda953a7559f8653a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k163-dhc-raw.csv new file mode 100644 index 0000000..cc8743f --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k163-dhc-raw.csv @@ -0,0 +1 @@ +04325bff38f1b0c83c27f554a6c972a80f14bc23bc \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k163-dhc-sha1.csv new file mode 100644 index 0000000..7e8dc7a --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k163-dhc-sha1.csv @@ -0,0 +1 @@ +5E1384ED2D3D5EFC77E89581BBB467934ECB7B03 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv new file mode 100644 index 0000000..633b3d8 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv @@ -0,0 +1 @@ +0000000574236f1428c432130946783a5b3aabb6c27ea5d6,00000007908c251b8da021cbac281f123f7af4fac5b3dbb8 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv new file mode 100644 index 0000000..affd5c5 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv @@ -0,0 +1 @@ +000000071f8b2877d6027d9c1ade4244f2dea12692ef23d5,00000005c15ee776221c72b84b347ce383f38067b89c3e9a,6653b6077398fadc7bf5e60158170148c3dc4527 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k233-dhc-raw.csv new file mode 100644 index 0000000..a18a3fb --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k233-dhc-raw.csv @@ -0,0 +1 @@ +00a822b141ca1f5ad32899e68c54d1fec3df8100df485ebf1c5868a9ac89 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k233-dhc-sha1.csv new file mode 100644 index 0000000..3b4b97e --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k233-dhc-sha1.csv @@ -0,0 +1 @@ +70B67E77FB15C14CAAB64C04738E97EA3288C415 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv new file mode 100644 index 0000000..90ba87f --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv @@ -0,0 +1 @@ +000001f40e34b3ed4a1b2d40c056fb75f2ad543c897cfd82f542cf746a0f202f,000000c130a1abe92bc4c977c800777996ccc50b90df991a2e81dd515c188599 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv new file mode 100644 index 0000000..5d900a5 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv @@ -0,0 +1 @@ +000001a53e5c138b3d83905d563aa1db01274633c986b52f78225a92e33e7952,000000ecabd3e2e26729a965604e560ed4498a22b31c39642e1cf99b1dde3ec7,000000135a5b8c3ce047fbc5df26277d3bf83ac33ddadb5cf4a050ca82be48f0 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k283-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k283-dhc-raw.csv new file mode 100644 index 0000000..f10922f --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k283-dhc-raw.csv @@ -0,0 +1 @@ +0745552817b5d729310b7dbebae687648714a9ae695dad20ca1ab6111c3d054670f21132 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k283-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k283-dhc-sha1.csv new file mode 100644 index 0000000..6770696 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k283-dhc-sha1.csv @@ -0,0 +1 @@ +B2A69891DF7B9736507CE0126AB37213DB2CE68F \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k283-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k283-keyCAVS.csv new file mode 100644 index 0000000..019ac52 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k283-keyCAVS.csv @@ -0,0 +1 @@ +03f075c24c35a9dc9952be6fd32b761dce63f4720a22408e3a14bbd097e012b5694c22a0,0675825b40202e95be7dab5a826147e04b8c51a09b0034577c1f31f8c16a70c8e1c85b89 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k283-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k283-keyIUT.csv new file mode 100644 index 0000000..cca0cd3 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k283-keyIUT.csv @@ -0,0 +1 @@ +0611edc045dbe43ecc4ef6b324cd51f70fe3d7ddf877ec68b798909c3c4561756aa30e5f,00833b25511704af09b62d9f7cbac59814e75bbb9c735f55538491dbfa60c1e0115efe42,015fde49b802542a52c70b23a0b1784e5f8780b56853f9a5f8c3a5266e8727dce97d4a17 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k409-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k409-dhc-raw.csv new file mode 100644 index 0000000..4034d18 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k409-dhc-raw.csv @@ -0,0 +1 @@ +0176bc5c4036ce5125493a58dd265f04d190f028366f7799f70aedf29ac67b5b37c37238593377a47944f5b639f43856dbd560ec \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k409-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k409-dhc-sha1.csv new file mode 100644 index 0000000..3f988c9 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k409-dhc-sha1.csv @@ -0,0 +1 @@ +C25335980D8BF0BE8B039A1B525F6D002EEC48E9 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k409-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k409-keyCAVS.csv new file mode 100644 index 0000000..c0bfde5 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k409-keyCAVS.csv @@ -0,0 +1 @@ +0177f736f6116320cafbb5b4dec202d40508182fe011189b81e1f3998f5408607a46bb150ac47bcaaafde47b8a7b72f478bc22d2,01df4ef4b37e0124e55b67f3586de24a88a6c5d98854007d4b0c4b4ccd68d51fafa7638bbe555d60b74def217c6a63c5b4068fb7 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k409-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k409-keyIUT.csv new file mode 100644 index 0000000..050a771 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k409-keyIUT.csv @@ -0,0 +1 @@ +0068a3f8b12e02d10e2f52095526bc4048b8f6ac3a84531772870789938f1aeff813e05e509ea9587d2b7e4aa14344bac3ec46f0,00d1ceb40c7d5f3297e2955f0f3eb1422b3e6bbbfbf7eb518b9c17ae8d40feb84aaf36f5e5bd96075b2b4dbe538ac011962ac705,00084b711e3c60822e70fa6828b5abfb0e448888b35b0c8bb09f806616dc1ecf22dd86237d937c1bfde62b75ae655953fc6b2f7e \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k571-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k571-dhc-raw.csv new file mode 100644 index 0000000..3b71041 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k571-dhc-raw.csv @@ -0,0 +1 @@ +003198a6b5d6cce847e24348a6a6ceff7a89ed3794d7acedc4e858c80ad04a74dbc02c7038e05ab26b2a299ec92ee0d2c7e66a81872a5157fbc5d4d37ad598d6ddee995ed28a2d74 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k571-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k571-dhc-sha1.csv new file mode 100644 index 0000000..25265b3 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k571-dhc-sha1.csv @@ -0,0 +1 @@ +2D3100B4978FCCE89C26C4CEA4B72216EA942D2D \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k571-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k571-keyCAVS.csv new file mode 100644 index 0000000..ba55ab2 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k571-keyCAVS.csv @@ -0,0 +1 @@ +03106a5c1d923a0990ea8c6008c36c366b53e5622b98464044741fbc7840284db8bbf602866c30ccbf5f9b7e59cc1d9bfcc5b970fa624da9b15f6cb336f5dda7e6b9924d5dce4543,005c5c7bbd5a789ac4c6283deb0d0d37c4852baa57d6bc2b0ac6337feb09704c44d1b385b70cc394fa235d83e6e7111787e57d0902c0cb132a190a6e62f398511c0c2c4cd50d4570 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k571-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k571-keyIUT.csv new file mode 100644 index 0000000..5607b40 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/k571-keyIUT.csv @@ -0,0 +1 @@ +03fbfbbcfba609157f68a23126d805f7c75efb19befb595e3a975e08ff46bd34c8b87b9645c0e86ea0ad915465d5c856c69bb9b722b0d17bf97ad95c4602dea17c6b512054cb22d8,071c16df71e1b71b4bd3d9938827d3959093b9db1ff86bed73944a42dcb67cc33102e28c1d0e9804a6450656f4bf33ad72ecf7bb83bd282cde4bc15d4e48064aa8ad2f02979f5f3f,0173cd1631e18ece01b73b3572ffaa7495c4bc81f4078ae50d69cb1e338acf13469117112921166ddf2d29f3a9f8e10c67e88c9a99203a834565be76ac59126436739a6afa029cc5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p192-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p192-dhc-raw.csv new file mode 100644 index 0000000..45533ec --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p192-dhc-raw.csv @@ -0,0 +1 @@ +803d8ab2e5b6e6fca715737c3a82f7ce3c783124f6d51cd0 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p192-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p192-dhc-sha1.csv new file mode 100644 index 0000000..83bac75 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p192-dhc-sha1.csv @@ -0,0 +1 @@ +CB0FFAA3D3F9D5876765CF082EE0B893C8179D19 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p192-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p192-keyCAVS.csv new file mode 100644 index 0000000..8a9bd57 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p192-keyCAVS.csv @@ -0,0 +1 @@ +42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0,dfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p192-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p192-keyIUT.csv new file mode 100644 index 0000000..af9a670 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p192-keyIUT.csv @@ -0,0 +1 @@ +b15053401f57285637ec324c1cd2139e3a67de3739234b37,f269c158637482aad644cd692dd1d3ef2c8a7c49e389f7f6,f17d3fea367b74d340851ca4270dcb24c271f445bed9d527 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p224-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p224-dhc-raw.csv new file mode 100644 index 0000000..f778111 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p224-dhc-raw.csv @@ -0,0 +1 @@ +7d96f9a3bd3c05cf5cc37feb8b9d5209d5c2597464dec3e9983743e8 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p224-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p224-dhc-sha1.csv new file mode 100644 index 0000000..446e658 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p224-dhc-sha1.csv @@ -0,0 +1 @@ +D022BCF6EAEF7789EF8D2AEAA9AB9D508944CE03 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p224-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p224-keyCAVS.csv new file mode 100644 index 0000000..734aad1 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p224-keyCAVS.csv @@ -0,0 +1 @@ +af33cd0629bc7e996320a3f40368f74de8704fa37b8fab69abaae280,882092ccbba7930f419a8a4f9bb16978bbc3838729992559a6f2e2d7 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p224-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p224-keyIUT.csv new file mode 100644 index 0000000..2b84ffa --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p224-keyIUT.csv @@ -0,0 +1 @@ +8de2e26adf72c582d6568ef638c4fd59b18da171bdf501f1d929e048,4a68a1c2b0fb22930d120555c1ece50ea98dea8407f71be36efac0de,8346a60fc6f293ca5a0d2af68ba71d1dd389e5e40837942df3e43cbd \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p256-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p256-dhc-raw.csv new file mode 100644 index 0000000..230fe83 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p256-dhc-raw.csv @@ -0,0 +1 @@ +46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p256-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p256-dhc-sha1.csv new file mode 100644 index 0000000..1fa92be --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p256-dhc-sha1.csv @@ -0,0 +1 @@ +381AE083BF9FF3BB49730A96D4E55AABAE1C42DA \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p256-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p256-keyCAVS.csv new file mode 100644 index 0000000..6920fab --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p256-keyCAVS.csv @@ -0,0 +1 @@ +700c48f77f56584c5cc632ca65640db91b6bacce3a4df6b42ce7cc838833d287,db71e509e3fd9b060ddb20ba5c51dcc5948d46fbf640dfe0441782cab85fa4ac \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p256-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p256-keyIUT.csv new file mode 100644 index 0000000..211f0d0 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p256-keyIUT.csv @@ -0,0 +1 @@ +ead218590119e8876b29146ff89ca61770c4edbbf97d38ce385ed281d8a6b230,28af61281fd35e2fa7002523acc85a429cb06ee6648325389f59edfce1405141,7d7dc5f71eb29ddaf80d6214632eeae03d9058af1fb6d22ed80badb62bc1a534 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p384-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p384-dhc-raw.csv new file mode 100644 index 0000000..0cd1bdc --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p384-dhc-raw.csv @@ -0,0 +1 @@ +5f9d29dc5e31a163060356213669c8ce132e22f57c9a04f40ba7fcead493b457e5621e766c40a2e3d4d6a04b25e533f1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p384-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p384-dhc-sha1.csv new file mode 100644 index 0000000..5e878f9 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p384-dhc-sha1.csv @@ -0,0 +1 @@ +F84B679C77F7E42457AA306667AC2E6C2AC1D8D6 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p384-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p384-keyCAVS.csv new file mode 100644 index 0000000..97ce5bc --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p384-keyCAVS.csv @@ -0,0 +1 @@ +a7c76b970c3b5fe8b05d2838ae04ab47697b9eaf52e764592efda27fe7513272734466b400091adbf2d68c58e0c50066,ac68f19f2e1cb879aed43a9969b91a0839c4c38a49749b661efedf243451915ed0905a32b060992b468c64766fc8437a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p384-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p384-keyIUT.csv new file mode 100644 index 0000000..3c2074a --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p384-keyIUT.csv @@ -0,0 +1 @@ +9803807f2f6d2fd966cdd0290bd410c0190352fbec7ff6247de1302df86f25d34fe4a97bef60cff548355c015dbb3e5f,ba26ca69ec2f5b5d9dad20cc9da711383a9dbe34ea3fa5a2af75b46502629ad54dd8b7d73a8abb06a3a3be47d650cc99,3cc3122a68f0d95027ad38c067916ba0eb8c38894d22e1b15618b6818a661774ad463b205da88cf699ab4d43c9cf98a1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p521-dhc-raw.csv new file mode 100644 index 0000000..9c753ea --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p521-dhc-raw.csv @@ -0,0 +1 @@ +005fc70477c3e63bc3954bd0df3ea0d1f41ee21746ed95fc5e1fdf90930d5e136672d72cc770742d1711c3c3a4c334a0ad9759436a4d3c5bf6e74b9578fac148c831 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p521-dhc-sha1.csv new file mode 100644 index 0000000..b565784 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p521-dhc-sha1.csv @@ -0,0 +1 @@ +1020FB37E0DADA201655AD3CC7410AED9CC034F3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv new file mode 100644 index 0000000..3fa895f --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv @@ -0,0 +1 @@ +000000685a48e86c79f0f0875f7bc18d25eb5fc8c0b07e5da4f4370f3a9490340854334b1e1b87fa395464c60626124a4e70d0f785601d37c09870ebf176666877a2046d,000001ba52c56fc8776d9e8f5db4f0cc27636d0b741bbe05400697942e80b739884a83bde99e0f6716939e632bc8986fa18dccd443a348b6c3e522497955a4f3c302f676 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv new file mode 100644 index 0000000..b575d06 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv @@ -0,0 +1 @@ +000000602f9d0cf9e526b29e22381c203c48a886c2b0673033366314f1ffbcba240ba42f4ef38a76174635f91e6b4ed34275eb01c8467d05ca80315bf1a7bbd945f550a5,000001b7c85f26f5d4b2d7355cf6b02117659943762b6d1db5ab4f1dbc44ce7b2946eb6c7de342962893fd387d1b73d7a8672d1f236961170b7eb3579953ee5cdc88cd2d,0000017eecc07ab4b329068fba65e56a1f8890aa935e57134ae0ffcce802735151f4eac6564f6ee9974c5e6887a1fefee5743ae2241bfeb95d5ce31ddcb6f9edb4d6fc47 \ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 80c3fb0..b8b0c04 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -409,7 +409,7 @@ public class ECTester { } optTestCase = cli.getOptionValue("test", "default").toLowerCase(); - String[] tests = new String[]{"default", "non-prime", "invalid", "smallpub", "test-vectors", "wrong"}; + String[] tests = new String[]{"default", "nonprime", "invalid", "smallpub", "test-vectors", "wrong"}; List testsList = Arrays.asList(tests); if (!testsList.contains(optTestCase)) { System.err.println("Unknown test case. Should be one of: " + Arrays.toString(tests)); @@ -669,8 +669,6 @@ public class ECTester { * Do ECDH both ways, export and verify that the result is correct. * */ - String category = optNamedCurve == null ? "secg" : optNamedCurve; - Map curves = dataStore.getObjects(EC_Curve.class, category); //TODO } else { @@ -683,7 +681,7 @@ public class ECTester { return; } - if (optTestCase.equals("wrong") || optTestCase.equals("non-prime")) { + if (optTestCase.equals("wrong") || optTestCase.equals("nonprime")) { /* Just do the default tests on the wrong and non-prime curves. * These should generally fail, the curves aren't safe. */ @@ -699,7 +697,17 @@ public class ECTester { * a small order public key succeeds the private key modulo the public key order * is revealed. */ - //TODO + Map keys = dataStore.getObjects(EC_Key.class, "smallpub"); + for (EC_Key key : keys.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); + if ((curve.getBits() == optBits || optAll)) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); + commands.add(new Command.Cleanup(cardManager)); + } + } } else if (optTestCase.equals("invalid")) { /* Set original curves (secg/nist/brainpool). Generate local. * Try ECDH with invalid public keys of increasing (or decreasing) order. -- cgit v1.2.3-70-g09d2 From f66e8e9bf135a064ecadd70114fb921c826ccaca Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 28 Mar 2017 02:02:31 +0200 Subject: Fix schema.xsd --- dist/ECTester.jar | Bin 283382 -> 283414 bytes src/cz/crcs/ectester/data/schema.xsd | 4 ++-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 2140b4d..977185a 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd index 9fe2d30..a4dbe15 100644 --- a/src/cz/crcs/ectester/data/schema.xsd +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -42,11 +42,11 @@ - + - + -- cgit v1.2.3-70-g09d2 From 83c963ae78407e7a14ac71096f81254364d1e605 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 28 Mar 2017 16:04:13 +0200 Subject: Added test-vectors, and test-vector testing --- !uploader/ectester.cap | Bin 13811 -> 13811 bytes dist/ECTester.jar | Bin 283414 -> 276755 bytes src/cz/crcs/ectester/data/EC_Category.java | 15 +- src/cz/crcs/ectester/data/EC_Store.java | 95 +++++++++---- src/cz/crcs/ectester/data/schema.xsd | 43 +++++- src/cz/crcs/ectester/data/test/results.xml | 174 ++++++++++++++++++++++++ src/cz/crcs/ectester/reader/ECTester.java | 55 +++++++- src/cz/crcs/ectester/reader/ec/EC_Data.java | 8 ++ src/cz/crcs/ectester/reader/ec/EC_KAResult.java | 48 +++++++ 9 files changed, 394 insertions(+), 44 deletions(-) create mode 100644 src/cz/crcs/ectester/data/test/results.xml create mode 100644 src/cz/crcs/ectester/reader/ec/EC_KAResult.java diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index de865a9..6a16aa8 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 977185a..ffe19d1 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/data/EC_Category.java b/src/cz/crcs/ectester/data/EC_Category.java index 859b942..57d9ca3 100644 --- a/src/cz/crcs/ectester/data/EC_Category.java +++ b/src/cz/crcs/ectester/data/EC_Category.java @@ -1,5 +1,6 @@ package cz.crcs.ectester.data; +import cz.crcs.ectester.reader.ec.EC_Data; import cz.crcs.ectester.reader.ec.EC_Params; import java.util.Collections; @@ -15,7 +16,7 @@ public class EC_Category { private String directory; private String desc; - private Map objects; + private Map objects; public EC_Category(String name, String directory) { @@ -28,7 +29,7 @@ public class EC_Category { this.desc = desc; } - public EC_Category(String name, String directory, String desc, Map objects) { + public EC_Category(String name, String directory, String desc, Map objects) { this(name, directory, desc); this.objects = objects; } @@ -45,13 +46,13 @@ public class EC_Category { return desc; } - public Map getObjects() { + public Map getObjects() { return Collections.unmodifiableMap(objects); } - public Map getObjects(Class cls) { + public Map getObjects(Class cls) { Map objs = new TreeMap<>(); - for (Map.Entry entry : objects.entrySet()) { + for (Map.Entry entry : objects.entrySet()) { if (cls.isInstance(entry.getValue())) { objs.put(entry.getKey(), cls.cast(entry.getValue())); } @@ -59,8 +60,8 @@ public class EC_Category { return Collections.unmodifiableMap(objs); } - public T getObject(Class cls, String id) { - EC_Params obj = objects.get(id); + public T getObject(Class cls, String id) { + EC_Data obj = objects.get(id); if (cls.isInstance(obj)) { return cls.cast(obj); } else { diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index aec635e..abf0a9b 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -1,11 +1,8 @@ package cz.crcs.ectester.data; -import cz.crcs.ectester.reader.ec.EC_Curve; -import cz.crcs.ectester.reader.ec.EC_Key; -import cz.crcs.ectester.reader.ec.EC_Keypair; -import cz.crcs.ectester.reader.ec.EC_Params; +import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.reader.ec.*; import javacard.security.KeyPair; -import org.omg.PortableInterceptor.SYSTEM_EXCEPTION; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -36,7 +33,7 @@ public class EC_Store { private Map categories; - public EC_Store() { + public EC_Store() throws IOException { DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); try { @@ -61,18 +58,24 @@ public class EC_Store { @Override public void fatalError(SAXParseException exception) throws SAXException { System.err.println("EC_Store | Fatal : " + exception); + throw new SAXException(exception); } }); parse(); - } catch (ParserConfigurationException | IOException | SAXException e) { + } catch (ParserConfigurationException | SAXException e) { e.printStackTrace(); } } private void parse() throws SAXException, ParserConfigurationException, IOException { - Document categoriesDoc = db.parse(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/categories.xml")); + InputStream categories = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/categories.xml"); + if (categories == null) { + throw new IOException(); + } + Document categoriesDoc = db.parse(categories); + categories.close(); categoriesDoc.normalize(); NodeList catList = categoriesDoc.getElementsByTagName("category"); @@ -96,11 +99,11 @@ public class EC_Store { private EC_Category parseCategory(String name, String dir, String desc) throws ParserConfigurationException, IOException, SAXException { - Map objMap = new TreeMap<>(); + Map objMap = new TreeMap<>(); - InputStream curvesStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/curves.xml"); - if (curvesStream != null) { - Document curvesDoc = db.parse(curvesStream); + InputStream curves = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/curves.xml"); + if (curves != null) { + Document curvesDoc = db.parse(curves); curvesDoc.normalize(); NodeList curveList = curvesDoc.getElementsByTagName("curve"); @@ -138,11 +141,12 @@ public class EC_Store { throw new SAXException("?"); } } + curves.close(); } - InputStream keysStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/keys.xml"); - if (keysStream != null) { - Document keysDoc = db.parse(keysStream); + InputStream keys = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/keys.xml"); + if (keys != null) { + Document keysDoc = db.parse(keys); keysDoc.normalize(); NodeList directs = keysDoc.getDocumentElement().getChildNodes(); @@ -174,6 +178,51 @@ public class EC_Store { throw new SAXException("?"); } } + keys.close(); + } + + InputStream results = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/results.xml"); + if (results != null) { + Document resultsDoc = db.parse(results); + resultsDoc.normalize(); + + NodeList directs = resultsDoc.getDocumentElement().getChildNodes(); + for (int i = 0; i < directs.getLength(); ++i) { + Node direct = directs.item(i); + if (direct instanceof Element) { + Element elem = (Element) direct; + + Node id = elem.getElementsByTagName("id").item(0); + Node ka = elem.getElementsByTagName("ka").item(0); + Node file = elem.getElementsByTagName("file").item(0); + Node curve = elem.getElementsByTagName("curve").item(0); + Node onekey = elem.getElementsByTagName("onekey").item(0); + Node otherkey = elem.getElementsByTagName("otherkey").item(0); + + NodeList descc = elem.getElementsByTagName("desc"); + String descs = null; + if (descc.getLength() != 0) { + descs = descc.item(0).getTextContent(); + } + + byte kab; + if (ka.getTextContent().equals("DH")) { + kab = EC_Consts.KA_ECDH; + } else { + kab = EC_Consts.KA_ECDHC; + } + + EC_KAResult kaResult = new EC_KAResult(kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs); + if (!kaResult.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + throw new IOException("Invalid csv data."); + } + + objMap.put(id.getTextContent(), kaResult); + } else { + throw new SAXException("?"); + } + } + results.close(); } return new EC_Category(name, dir, desc, objMap); @@ -199,7 +248,7 @@ public class EC_Store { } else { throw new SAXException("?"); } - if(!result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + if (!result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { throw new IOException("Invalid CSV data."); } return result; @@ -213,7 +262,7 @@ public class EC_Store { return categories.get(category); } - public Map getObjects(String category) { + public Map getObjects(String category) { EC_Category cat = categories.get(category); if (cat != null) { return cat.getObjects(); @@ -221,7 +270,7 @@ public class EC_Store { return null; } - public Map getObjects(Class objClass, String category) { + public Map getObjects(Class objClass, String category) { EC_Category cat = categories.get(category); if (cat != null) { return cat.getObjects(objClass); @@ -229,7 +278,7 @@ public class EC_Store { return null; } - public T getObject(Class objClass, String category, String id) { + public T getObject(Class objClass, String category, String id) { EC_Category cat = categories.get(category); if (cat != null) { return cat.getObject(objClass, id); @@ -237,12 +286,12 @@ public class EC_Store { return null; } - public T getObject(Class objClass, String query) { - String[] parts = query.split("/"); - if (parts.length != 2) { + public T getObject(Class objClass, String query) { + int split = query.indexOf("/"); + if (split < 0) { return null; } - return getObject(objClass, parts[0], parts[1]); + return getObject(objClass, query.substring(0, split), query.substring(split + 1)); } } diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd index a4dbe15..8f9427d 100644 --- a/src/cz/crcs/ectester/data/schema.xsd +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -1,5 +1,5 @@ - @@ -12,13 +12,13 @@ - + - + @@ -32,12 +32,12 @@ - + - + @@ -52,14 +52,43 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + - + diff --git a/src/cz/crcs/ectester/data/test/results.xml b/src/cz/crcs/ectester/data/test/results.xml new file mode 100644 index 0000000..e382cd4 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/results.xml @@ -0,0 +1,174 @@ + + + + secp160r1-dh + DH + secg/secp160r1-dh-sha1.csv + secg/secp160r1 + test/secp160r1-U + test/secp160r1-V + + + sect163k1-dh + DH + secg/sect163k1-dh-sha1.csv + secg/sect163k1 + test/sect163k1-U + test/sect163k1-V + + + + brainpoolP224r1-dh + DH + brainpool/brainpoolP224r1-dh-sha1.csv + brainpool/brainpoolP224r1 + test/brainpoolP224r1-A + test/brainpoolP224r1-B + + + brainpoolP256r1-dh + DH + brainpool/brainpoolP256r1-dh-sha1.csv + brainpool/brainpoolP256r1 + test/brainpoolP256r1-A + test/brainpoolP256r1-B + + + brainpoolP384r1-dh + DH + brainpool/brainpoolP384r1-dh-sha1.csv + brainpool/brainpoolP384r1 + test/brainpoolP384r1-A + test/brainpoolP384r1-B + + + brainpoolP512r1-dh + DH + brainpool/brainpoolP512r1-dh-sha1.csv + brainpool/brainpoolP512r1 + test/brainpoolP512r1-A + test/brainpoolP512r1-B + + + + b163-dhc + DHC + nist/b163-dhc-sha1.csv + nist/B-163 + test/b163-A + test/b163-B + + + b233-dhc + DHC + nist/b233-dhc-sha1.csv + nist/B-233 + test/b233-A + test/b233-B + + + b283-dhc + DHC + nist/b283-dhc-sha1.csv + nist/B-283 + test/b283-A + test/b283-B + + + b409-dhc + DHC + nist/b409-dhc-sha1.csv + nist/B-409 + test/b409-A + test/b409-B + + + b571-dhc + DHC + nist/b571-dhc-sha1.csv + nist/B-571 + test/b571-A + test/b571-B + + + k163-dhc + DHC + nist/k163-dhc-sha1.csv + nist/B-163 + test/k163-A + test/k163-B + + + k233-dhc + DHC + nist/k233-dhc-sha1.csv + nist/B-233 + test/k233-A + test/k233-B + + + k283-dhc + DHC + nist/k283-dhc-sha1.csv + nist/B-283 + test/k283-A + test/k283-B + + + k409-dhc + DHC + nist/k409-dhc-sha1.csv + nist/B-409 + test/k409-A + test/k409-B + + + k571-dhc + DHC + nist/k571-dhc-sha1.csv + nist/B-571 + test/k571-A + test/k571-B + + + p192-dhc + DHC + nist/p192-dhc-sha1.csv + nist/P-192 + test/p192-A + test/p192-B + + + p224-dhc + DHC + nist/p224-dhc-sha1.csv + nist/P-224 + test/p224-A + test/p224-B + + + p256-dhc + DHC + nist/p256-dhc-sha1.csv + nist/P-256 + test/p256-A + test/p256-B + + + p384-dhc + DHC + nist/p384-dhc-sha1.csv + nist/P-384 + test/p384-A + test/p384-B + + + p521-dhc + DHC + nist/p521-dhc-sha1.csv + nist/P-521 + test/p521-A + test/p521-B + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index b8b0c04..9926d3e 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -25,10 +25,7 @@ import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.data.EC_Category; import cz.crcs.ectester.data.EC_Store; -import cz.crcs.ectester.reader.ec.EC_Curve; -import cz.crcs.ectester.reader.ec.EC_Key; -import cz.crcs.ectester.reader.ec.EC_Keypair; -import cz.crcs.ectester.reader.ec.EC_Params; +import cz.crcs.ectester.reader.ec.*; import javacard.security.KeyPair; import org.apache.commons.cli.*; @@ -248,7 +245,7 @@ public class ECTester { actions.addOption(Option.builder("ln").longOpt("list-named").desc("Print the list of supported named curves and keys.").hasArg().argName("what").optionalArg(true).build()); actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); - actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").hasArg().argName("test_case").optionalArg(true).build()); + actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support. :\n- default:\n- invalid:\n- wrong:\n- nonprime:\n- smallpub:\n- test-vectors:").hasArg().argName("test_case").optionalArg(true).build()); actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dhc").longOpt("ecdhc").desc("Do ECDHC, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA, [count] times.").hasArg().argName("count").optionalArg(true).build()); @@ -511,6 +508,20 @@ public class ECTester { } System.out.println(); } + + Map results = cat.getObjects(EC_KAResult.class); + size = results.size(); + if (size > 0) { + System.out.print("\t\tResults: "); + for (Map.Entry result : results.entrySet()) { + System.out.print(result.getKey()); + size--; + if (size > 0) + System.out.print(", "); + } + System.out.println(); + } + System.out.println(); } } else if (categories.containsKey(optListNamed)) { @@ -669,7 +680,30 @@ public class ECTester { * Do ECDH both ways, export and verify that the result is correct. * */ - //TODO + Map results = dataStore.getObjects(EC_KAResult.class, "test"); + for (EC_KAResult result : results.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, result.getCurve()); + EC_Params onekey = dataStore.getObject(EC_Keypair.class, result.getOneKey()); + if (onekey == null) { + onekey = dataStore.getObject(EC_Key.Private.class, result.getOneKey()); + } + EC_Params otherkey = dataStore.getObject(EC_Keypair.class, result.getOtherKey()); + if (otherkey == null) { + otherkey = dataStore.getObject(EC_Key.Public.class, result.getOtherKey()); + } + if (onekey == null || otherkey == null) { + throw new IOException("Test vector keys not located"); + } + + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, EC_Consts.PARAMETER_S, onekey.flatten(EC_Consts.PARAMETER_S))); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, EC_Consts.PARAMETER_W, otherkey.flatten(EC_Consts.PARAMETER_W))); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, result.getKA())); + //TODO add compare with result.getParam(0); + commands.add(new Command.Cleanup(cardManager)); + } } else { // These tests are dangerous, prompt before them. @@ -721,7 +755,14 @@ public class ECTester { List test = Command.sendAll(commands); systemOutLogger.println(Response.toString(test)); - // + for (Response response : test) { + if (response instanceof Response.ECDH) { + Response.ECDH ecdh = (Response.ECDH) response; + if (ecdh.hasSecret()) { + System.out.println(Util.bytesToHex(ecdh.getSecret(), false)); + } + } + } } /** diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index c1fb54c..2e1eb29 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -31,6 +31,10 @@ public class EC_Data { this.data = data; } + public int getCount() { + return count; + } + public byte[][] getData() { return data; } @@ -39,6 +43,10 @@ public class EC_Data { return data != null; } + public byte[] getParam(int index) { + return data[index]; + } + public byte[] flatten() { ByteArrayOutputStream out = new ByteArrayOutputStream(); for (byte[] param : data) { diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java new file mode 100644 index 0000000..e556f90 --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -0,0 +1,48 @@ +package cz.crcs.ectester.reader.ec; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_KAResult extends EC_Data { + + private byte ka; + private String curve; + private String oneKey; + private String otherKey; + + private String desc; + + public EC_KAResult(byte ka, String curve, String oneKey, String otherKey) { + super(1); + this.ka = ka; + this.curve = curve; + this.oneKey = oneKey; + this.otherKey = otherKey; + } + + public EC_KAResult(byte ka, String curve, String oneKey, String otherKey, String desc) { + this(ka, curve, oneKey, otherKey); + this.desc = desc; + } + + public byte getKA() { + return ka; + } + + public String getCurve() { + return curve; + } + + public String getOneKey() { + return oneKey; + } + + public String getOtherKey() { + return otherKey; + } + + public String getDesc() { + return desc; + } + +} -- cgit v1.2.3-70-g09d2 From 565d312568da433f213b3d7ea67861b7784b2115 Mon Sep 17 00:00:00 2001 From: J08nY Date: Thu, 30 Mar 2017 01:51:46 +0200 Subject: Added more documentation, anomalous curves, support command. - Added CURVES.md, FORMAT.md and TESTS.md that talk a bit about what ECTester actually does/support. - Added anomalous curves (where |F_p| = #|E(F_p)|), meaning these curves have a trace of one and ECDLP over them reduces to easy DLP over multiplicative F*_p. These concrete curves are from Atsuko Miyaji's paper: Elliptic curves over F_p Suitable for Cryptosystems. - Added Support command that queries the results of KeyAgreement and Signature allocations. - Renamed smallpub curves to nonprime curves. - Fixed nonprime curves test suite. --- !uploader/ectester.cap | Bin 13811 -> 14053 bytes CURVES.md | 15 ++++ FORMAT.md | 36 +++++++++ README.md | 51 ++++++++++++- TESTS.md | 82 +++++++++++++++++++++ dist/ECTester.jar | Bin 276755 -> 290834 bytes src/cz/crcs/ectester/applet/ECKeyTester.java | 12 +++ src/cz/crcs/ectester/applet/ECTesterApplet.java | 46 ++++++++++-- src/cz/crcs/ectester/data/anomalous/curves.xml | 74 ++++++++----------- .../crcs/ectester/data/anomalous/miyaji128a1.csv | 1 + .../crcs/ectester/data/anomalous/miyaji128a2.csv | 1 + .../crcs/ectester/data/anomalous/miyaji128b1.csv | 1 + .../crcs/ectester/data/anomalous/miyaji128b2.csv | 1 + src/cz/crcs/ectester/data/categories.xml | 6 +- src/cz/crcs/ectester/data/nonprime/curves.xml | 46 ++++++++++++ src/cz/crcs/ectester/data/nonprime/keys.xml | 48 ++++++++++++ src/cz/crcs/ectester/data/nonprime/nonprime128.csv | 1 + .../ectester/data/nonprime/nonprime128_pub.csv | 1 + src/cz/crcs/ectester/data/nonprime/nonprime160.csv | 1 + .../ectester/data/nonprime/nonprime160_pub.csv | 1 + src/cz/crcs/ectester/data/nonprime/nonprime192.csv | 1 + .../ectester/data/nonprime/nonprime192_pub.csv | 1 + src/cz/crcs/ectester/data/nonprime/nonprime224.csv | 1 + .../ectester/data/nonprime/nonprime224_pub.csv | 1 + src/cz/crcs/ectester/data/nonprime/nonprime256.csv | 1 + .../ectester/data/nonprime/nonprime256_pub.csv | 1 + src/cz/crcs/ectester/data/nonprime/nonprime384.csv | 1 + .../ectester/data/nonprime/nonprime384_pub.csv | 1 + src/cz/crcs/ectester/data/nonprime/nonprime521.csv | 1 + .../ectester/data/nonprime/nonprime521_pub.csv | 1 + src/cz/crcs/ectester/data/smallpub/curves.xml | 46 ------------ src/cz/crcs/ectester/data/smallpub/ecsp128.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp160.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp192.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp224.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp256.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp384.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp521.csv | 1 - src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv | 1 - src/cz/crcs/ectester/data/smallpub/keys.xml | 48 ------------ src/cz/crcs/ectester/reader/Command.java | 33 +++++++-- src/cz/crcs/ectester/reader/ECTester.java | 58 +++++++++------ src/cz/crcs/ectester/reader/Response.java | 64 ++++++++++------ 49 files changed, 481 insertions(+), 216 deletions(-) create mode 100644 CURVES.md create mode 100644 FORMAT.md create mode 100644 TESTS.md create mode 100644 src/cz/crcs/ectester/data/anomalous/miyaji128a1.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/miyaji128a2.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/miyaji128b1.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/miyaji128b2.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/curves.xml create mode 100644 src/cz/crcs/ectester/data/nonprime/keys.xml create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime128.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime128_pub.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime160.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime160_pub.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime192.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime192_pub.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime224.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime224_pub.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime256.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime256_pub.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime384.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime384_pub.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime521.csv create mode 100644 src/cz/crcs/ectester/data/nonprime/nonprime521_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/curves.xml delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp128.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp160.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp192.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp224.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp256.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp384.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp521.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv delete mode 100644 src/cz/crcs/ectester/data/smallpub/keys.xml diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 6a16aa8..96d0c82 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/CURVES.md b/CURVES.md new file mode 100644 index 0000000..d1749df --- /dev/null +++ b/CURVES.md @@ -0,0 +1,15 @@ +# Curves + +## anomalous + +## Brainpool + +## invalid + +## NIST + +## nonprime + +## SECG + +## wrong diff --git a/FORMAT.md b/FORMAT.md new file mode 100644 index 0000000..a753c75 --- /dev/null +++ b/FORMAT.md @@ -0,0 +1,36 @@ +# Format +CSV based, little-endian hexadecimal values. + +## Curves +### Prime field +`p,a,b,gx,gy,n,h` + + +### Binary field +`m,e1,e2,e3,a,b,gx,gy,n,h` + +## Key material +### Keypair +`wx,wy,s` + +### Public key +`wx,wy` + +### Private key +`s` + +# Notation + - `p` - prime F_p + - `m` - binary field exponent F_2^m + - e1 - largest exponent of the field polynomial + - e2 - middle exponenet of the field polynomial, or `0000` if field poly is a trinomial + - e3 - smallest exponent (except zero) of the field polynomial, or `0000` if field poly is a trinomial + - `a` - a parameter in short Weierstrass curve equation + - `b` - b parameter in short Weierstrass curve equation + - `gx` - x coordinate of the curve base-point g + - `gy` - y coordinate of the curve base-point g + - `n` - the base-point order + - `h` - the base-point cofactor + - `wx` - the x coordinate of the public key + - `wy` - the y coordinate of th public key + - `s` - the private key value \ No newline at end of file diff --git a/README.md b/README.md index 0bbc5c9..4bae53b 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ Following operations are tested: - Signature via ECDSA - Behavior of card when invalid curves/points are provided (should fail) -See `java -jar ectester.jar -h` for more. +See `java -jar ECTester.jar -h` for more. ### Options @@ -61,6 +61,55 @@ See `java -jar ectester.jar -h` for more. of using a terminal. ``` +### Actions + +#### Export +`-e / --export` + +Exports the default curves (if any) that are preset on the card. +Use with `-o / --output [out_file]` to output the curve parameters to a file. +For format of this file see [FORMAT](FORMAT.md). + +#### Test +`-t / --test [test_suite]` + +Perform support and performance tests of ECC. + +For more info about the test suites see [TESTS](TESTS.md). + +#### Generate +`-g / --generate [amount]` + +Generates batches of EC keypairs and exports them. +Use with `-o / --output [out_file]` to output the generated keys to a file. + +#### ECDH +`-dh / --ecdh [count]` +`-dhc / --ecdhc [count]` + +Performs ECDH. +Use with `-o / --output [out_file]` to output into a file. + +#### ECDSA +`-dsa / --ecdsa [count]` + +Performs ECDSA. +Useful with `-i / --input [in_file]` to sign the contents of a file. +Use with `-o / --output [out_file]` to output into a file. + +#### List named curves +`-ln / --list-named []` + +Lists categories of curves, keys and keypairs embedded in ECTester's jar, along with some information about them. +These can be used as arguments to the `-n[c|k|pub|priv] / --named-[curve|key|public|private]` parameters. + +With the format: `category/name`. + +For example: +`secg/secp192r1` identifies the SECG 192 bit prime field curve known as `secp192r1`. + +For more info about the curves see [CURVES](CURVES.md). + ### Example diff --git a/TESTS.md b/TESTS.md new file mode 100644 index 0000000..710a04b --- /dev/null +++ b/TESTS.md @@ -0,0 +1,82 @@ +# Tests + + - `default` + - `test-vectors` + - `wrong` + - `nonprime` + - `invalid` + +**NOTE: The `wrong`, `nonprime` and `invalid` test suites caused temporary DoS of some cards. These test suites prompt you for +confirmation before running, be cautious.** + +## Default +Tests the default curves present on the card. These might not be present or the card might not even support ECC. +Tests keypair allocation, generation, ECDH and ECDSA. ECDH is first tested with two valid generated keypairs, then a with a +public key that is corrupted in various ways, these tests should fail. + +This test suite is run if no argument is provided to `-t / --test`. + +Supports the `-nc / --named-curve` option so you can specify a category of curves or a curve to use if the card doesn't +have default curves preset. + +For example: +```bash +java -jar ECTester.jar -nc secg -a -fp -t +``` +tests all(`-a`), prime field(`-fp`) SECG curves, using the default test suite. + +## Test-Vectors +Tests using known test vectors provided by NIST/SECG/Brainpool: + +[SECG - GEC2](http://read.pudn.com/downloads168/doc/772358/TestVectorsforSEC%201-gec2.pdf) + +[NIST - ECCDH](http://csrc.nist.gov/groups/STM/cavp/component-testing.html#ECCCDH) + +[Brainpool - RFC6931](https://tools.ietf.org/html/rfc6932#appendix-A.1) + +[Brainpool - RFC7027](https://tools.ietf.org/html/rfc7027#appendix-A) + +For example: +```bash +java -jar ECTester.jar -t test-vectors -nc nist -a -f2m +``` +tests all(`-a`), binary field(`-f2m`) NIST curves for which test-vectors are provided. Although this test suite is better for general testing: +```bash +java -jar ECTester.jar -t test-vectors -a +``` +## Wrong +Tests using the default tests on a category of wrong curves. These curves are not really curves as they have: + - non-prime field in the prime-field case + - reducible polynomial as the field polynomial in the binary case + +These tests should fail generally. They are equivalent with `java -jar ECTester.jar -nc wrong -t`, the default tests over the `wrong` category +of curves. + +For example: +```bash +java -jar ECTester.jar -t wrong -b 521 -fp +``` +tests a 521 bit(`-b`), prime-field(`-fp`) wrong curve. + +## Nonprime +Tests using curves that don't have a prime order/nearly prime order. +These tests should generally fail, a success here implies the card **WILL** use a non-secure curve if such curve is set +by the applet. Operations over such curves are susceptible to small-subgroup attacks. + +For example: +```bash +java -jar ECTester.jar -t nonprime -b 160 -fp +``` + +## Invalid +Tests using known named curves from several categories(SECG/NIST/Brainpool) against pregenerated *invalid* public keys. +These tests should definitely fail, a success here implies the card is susceptible to invalid curve attacks. + + +For example: +```bash +java -jar ECTester.jar -t invalid -nc nist -a -fp +``` +tests using all(`-a`), prime-field(`-fp`) NIST curves and pregenerated *invalid* public keys for these curves. + +**TODO: CURRENTLY NOT IMPLEMENTED** \ No newline at end of file diff --git a/dist/ECTester.jar b/dist/ECTester.jar index ffe19d1..a256495 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 7ef6150..e22094b 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -148,6 +148,18 @@ public class ECKeyTester { return ecdsaSignature; } + public boolean hasECDH() { + return ecdhKeyAgreement != null; + } + + public boolean hasECDHC() { + return ecdhcKeyAgreement != null; + } + + public boolean hasECDSA() { + return ecdsaSignature != null; + } + public short getSW() { return sw; } diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index e17d102..f9fb5da 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -52,6 +52,7 @@ public class ECTesterApplet extends Applet { public static final byte INS_ECDH = (byte) 0x60; public static final byte INS_ECDSA = (byte) 0x61; public static final byte INS_CLEANUP = (byte) 0x62; + public static final byte INS_SUPPORT = (byte) 0x63; // PARAMETERS for P1 and P2 public static final byte KEYPAIR_LOCAL = (byte) 0x01; @@ -74,10 +75,13 @@ public class ECTesterApplet extends Applet { private RandomData randomData = null; - private KeyPair localKeypair = null; - private KeyPair remoteKeypair = null; private ECKeyTester keyTester = null; + private short ecdhSW; + private short ecdhcSW; + private short ecdsaSW; private ECKeyGenerator keyGenerator = null; + private KeyPair localKeypair = null; + private KeyPair remoteKeypair = null; protected ECTesterApplet(byte[] buffer, short offset, byte length) { if (length > 9) { @@ -102,9 +106,9 @@ public class ECTesterApplet extends Applet { keyGenerator = new ECKeyGenerator(); keyTester = new ECKeyTester(); - keyTester.allocateECDH(); - keyTester.allocateECDHC(); - keyTester.allocateECDSA(); + ecdhSW = keyTester.allocateECDH(); + ecdhcSW = keyTester.allocateECDHC(); + ecdsaSW = keyTester.allocateECDSA(); } register(); } @@ -152,6 +156,9 @@ public class ECTesterApplet extends Applet { case INS_CLEANUP: insCleanup(apdu); break; + case INS_SUPPORT: + insSupport(apdu); + break; default: // The INS code is not supported by the dispatcher ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); @@ -375,6 +382,7 @@ public class ECTesterApplet extends Applet { /** * + * @param apdu */ private void insCleanup(APDU apdu) { apdu.setIncomingAndReceive(); @@ -385,6 +393,19 @@ public class ECTesterApplet extends Applet { apdu.setOutgoingAndSend((short) 0, len); } + /** + * + * @param apdu + */ + private void insSupport(APDU apdu) { + apdu.setIncomingAndReceive(); + byte[] apdubuf = apdu.getBuffer(); + + short len = support(apdubuf, (short) 0); + + apdu.setOutgoingAndSend((short) 0, len); + } + /** * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) * @param keyLength key length to set @@ -606,4 +627,19 @@ public class ECTesterApplet extends Applet { Util.setShort(buffer, offset, sw); return 2; } + + /** + * + * @param buffer + * @param offset + * @return + */ + private short support(byte[] buffer, short offset) { + + Util.setShort(buffer, offset, ecdhSW); + Util.setShort(buffer, (short) (offset+2), ecdhcSW); + Util.setShort(buffer, (short) (offset+4), ecdsaSW); + + return 6; + } } diff --git a/src/cz/crcs/ectester/data/anomalous/curves.xml b/src/cz/crcs/ectester/data/anomalous/curves.xml index c478657..b0b9b02 100644 --- a/src/cz/crcs/ectester/data/anomalous/curves.xml +++ b/src/cz/crcs/ectester/data/anomalous/curves.xml @@ -1,48 +1,32 @@ - - \ No newline at end of file + + miyaji128a1 + 128 + prime + miyaji128a1.csv + First curve in the "Proposed scheme A" section of Atsuko Miyaji's paper. + + + miyaji128a2 + 128 + prime + miyaji128a2.csv + Second curve in the "Proposed scheme A" section of Atsuko Miyaji's paper. + + + miyaji128b1 + 128 + prime + miyaji128b1.csv + First curve in the "Proposed scheme B" section of Atsuko Miyaji's paper. + + + miyaji128b2 + 128 + prime + miyaji128b2.csv + Second curve in the "Proposed scheme B" section of Atsuko Miyaji's paper. + + diff --git a/src/cz/crcs/ectester/data/anomalous/miyaji128a1.csv b/src/cz/crcs/ectester/data/anomalous/miyaji128a1.csv new file mode 100644 index 0000000..b1a84a0 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/miyaji128a1.csv @@ -0,0 +1 @@ +80000000000001a86a91e9356e5fee11,1210cb7f8a3466b805b546960dd43f69,644a5a3e53a634ee06fa903172806914,55b40a8932013efa328cbe8abaf2f4ec,44375dc6a29cac1982fbf98c86da2707,80000000000001a86a91e9356e5fee11,1 diff --git a/src/cz/crcs/ectester/data/anomalous/miyaji128a2.csv b/src/cz/crcs/ectester/data/anomalous/miyaji128a2.csv new file mode 100644 index 0000000..70098c0 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/miyaji128a2.csv @@ -0,0 +1 @@ +fffffffffffffe1c2758f379fd46b0d9,5e2336fa13c5c6ce7add23893c0dfec7,7bf26de6e350dc183c58c09ad8237e00,1d8b7c787fdc92d299ec14e7916e5f7d,67621e61f115a2544364c1cd52e3cfa7,fffffffffffffe1c2758f379fd46b0d9,1 diff --git a/src/cz/crcs/ectester/data/anomalous/miyaji128b1.csv b/src/cz/crcs/ectester/data/anomalous/miyaji128b1.csv new file mode 100644 index 0000000..5c1f8b8 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/miyaji128b1.csv @@ -0,0 +1 @@ +800000000000037554ac874c19cdaedf,00000000000000000000000000000000,000000000000000000000000000000c0,635217788a2ff48664a09cb3cdf72b2e,5e69c2309032ef3cb1e41b1a245822be,800000000000037554ac874c19cdaedf,1 diff --git a/src/cz/crcs/ectester/data/anomalous/miyaji128b2.csv b/src/cz/crcs/ectester/data/anomalous/miyaji128b2.csv new file mode 100644 index 0000000..fdb77a0 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/miyaji128b2.csv @@ -0,0 +1 @@ +fffffffffffffe2a71fec762d2427ce7,00000000000000000000000000000000,000000000000000000000000000000c0,428e6765064e4a745b2aaae87ef7f0f7,3daee1541c98c3d51eec13a1f6177531,fffffffffffffe2a71fec762d2427ce7,1 diff --git a/src/cz/crcs/ectester/data/categories.xml b/src/cz/crcs/ectester/data/categories.xml index d0c9f39..100d962 100644 --- a/src/cz/crcs/ectester/data/categories.xml +++ b/src/cz/crcs/ectester/data/categories.xml @@ -22,9 +22,9 @@ SEC 2: Recommended Elliptic Curve Domain Parameters version 2.0 January 27, 2010 - smallpub - smallpub - Non-prime order curves, with points of very small order pregenerated. Useful for testing in ECDH. + nonprime + nonprime + Non-prime order curves, with points of very small order pregenerated. wrong diff --git a/src/cz/crcs/ectester/data/nonprime/curves.xml b/src/cz/crcs/ectester/data/nonprime/curves.xml new file mode 100644 index 0000000..e0eb78a --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/curves.xml @@ -0,0 +1,46 @@ + + + + nonprime128 + 128 + prime + nonprime128.csv + + + nonprime160 + 160 + prime + nonprime160.csv + + + nonprime192 + 192 + prime + nonprime192.csv + + + nonprime224 + 224 + prime + nonprime224.csv + + + nonprime256 + 256 + prime + nonprime256.csv + + + nonprime384 + 384 + prime + nonprime384.csv + + + nonprime521 + 521 + prime + nonprime521.csv + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/keys.xml b/src/cz/crcs/ectester/data/nonprime/keys.xml new file mode 100644 index 0000000..c10ae65 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/keys.xml @@ -0,0 +1,48 @@ + + + + nonprime128-pub + nonprime128_pub.csv + nonprime/nonprime128 + order = 5 + + + nonprime160-pub + nonprime160_pub.csv + nonprime/nonprime160 + order = 3 + + + nonprime192-pub + nonprime192_pub.csv + nonprime/nonprime192 + order = 3 + + + nonprime224-pub + nonprime224_pub.csv + nonprime/nonprime224 + order = 5 + + + nonprime256-pub + nonprime256_pub.csv + nonprime/nonprime256 + order = 3 + + + nonprime384-pub + nonprime384_pub.csv + nonprime/nonprime384 + order = 3 + + + nonprime521-pub + nonprime521_pub.csv + nonprime/nonprime521 + order = 5 + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime128.csv b/src/cz/crcs/ectester/data/nonprime/nonprime128.csv new file mode 100644 index 0000000..f541010 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime128.csv @@ -0,0 +1 @@ +cfba21fd0483b1f300fa2506a5a566ef,36d9a5acac27a008e36cbe3e9f103fde,a67cf5fa09fb1db902068c87046ae21e,47d78391a4b9fff6a0db1292f9cd0e6a,9aed9c92f8bb3dbd42402165a270bd6f,cfba21fd0483b1f333d61a5af6ada2c7,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime128_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime128_pub.csv new file mode 100644 index 0000000..78a8cb4 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime128_pub.csv @@ -0,0 +1 @@ +63901e122761d9c16565b2f38e991f71,b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime160.csv b/src/cz/crcs/ectester/data/nonprime/nonprime160.csv new file mode 100644 index 0000000..e556020 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime160.csv @@ -0,0 +1 @@ +dc13490ff9857b111f44c0500770a6457e683223,a3ecd7d51e79d72d2700184c795aa8a6b8e66573,8ac43592905f995cb13f3694317bf470adafb645,5f8e88afc117c722859fe8e55647bca69ba82150,93e6dcaee271e9f2838c98b7d06eccc5d7c800e5,dc13490ff9857b111f446ef4a6d1e1715f6a6dff,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime160_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime160_pub.csv new file mode 100644 index 0000000..7b92733 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime160_pub.csv @@ -0,0 +1 @@ +59c9c3c8aef29f1c1c500cafb4726da6086e6eb0,d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime192.csv b/src/cz/crcs/ectester/data/nonprime/nonprime192.csv new file mode 100644 index 0000000..bc55089 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime192.csv @@ -0,0 +1 @@ +ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3,597c781f64c33eb8ef919c415911518ea323be88b9437caf,f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320,150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067,843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f,ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime192_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime192_pub.csv new file mode 100644 index 0000000..5432c1d --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime192_pub.csv @@ -0,0 +1 @@ +17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541,6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime224.csv b/src/cz/crcs/ectester/data/nonprime/nonprime224.csv new file mode 100644 index 0000000..09b9c01 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime224.csv @@ -0,0 +1 @@ +eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb,8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282,46873614be3dffc9218082322210c0616140286f2d160503c1a9250d,961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36,1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd,eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime224_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime224_pub.csv new file mode 100644 index 0000000..319ca3a --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime224_pub.csv @@ -0,0 +1 @@ +cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04,257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime256.csv b/src/cz/crcs/ectester/data/nonprime/nonprime256.csv new file mode 100644 index 0000000..d5bf3c0 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime256.csv @@ -0,0 +1 @@ +c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445,4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71,1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880,a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7,98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e,c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime256_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime256_pub.csv new file mode 100644 index 0000000..d27ffdc --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime256_pub.csv @@ -0,0 +1 @@ +75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653,55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime384.csv b/src/cz/crcs/ectester/data/nonprime/nonprime384.csv new file mode 100644 index 0000000..c58d74b --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime384.csv @@ -0,0 +1 @@ +d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b,45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906,d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4,2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec,ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933,d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime384_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime384_pub.csv new file mode 100644 index 0000000..80f2cd6 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime384_pub.csv @@ -0,0 +1 @@ +a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1,38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime521.csv b/src/cz/crcs/ectester/data/nonprime/nonprime521.csv new file mode 100644 index 0000000..f6835f1 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime521.csv @@ -0,0 +1 @@ +01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f,00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e,004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6,01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa,00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66,01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime521_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime521_pub.csv new file mode 100644 index 0000000..5cceee6 --- /dev/null +++ b/src/cz/crcs/ectester/data/nonprime/nonprime521_pub.csv @@ -0,0 +1 @@ +002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389,0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/curves.xml b/src/cz/crcs/ectester/data/smallpub/curves.xml deleted file mode 100644 index 50c1d0c..0000000 --- a/src/cz/crcs/ectester/data/smallpub/curves.xml +++ /dev/null @@ -1,46 +0,0 @@ - - - - ecsp128 - 128 - prime - ecsp128.csv - - - ecsp160 - 160 - prime - ecsp160.csv - - - ecsp192 - 192 - prime - ecsp192.csv - - - ecsp224 - 224 - prime - ecsp224.csv - - - ecsp256 - 256 - prime - ecsp256.csv - - - ecsp384 - 384 - prime - ecsp384.csv - - - ecsp521 - 521 - prime - ecsp521.csv - - \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp128.csv b/src/cz/crcs/ectester/data/smallpub/ecsp128.csv deleted file mode 100644 index f541010..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp128.csv +++ /dev/null @@ -1 +0,0 @@ -cfba21fd0483b1f300fa2506a5a566ef,36d9a5acac27a008e36cbe3e9f103fde,a67cf5fa09fb1db902068c87046ae21e,47d78391a4b9fff6a0db1292f9cd0e6a,9aed9c92f8bb3dbd42402165a270bd6f,cfba21fd0483b1f333d61a5af6ada2c7,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv deleted file mode 100644 index 78a8cb4..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp128_pub.csv +++ /dev/null @@ -1 +0,0 @@ -63901e122761d9c16565b2f38e991f71,b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp160.csv b/src/cz/crcs/ectester/data/smallpub/ecsp160.csv deleted file mode 100644 index e556020..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp160.csv +++ /dev/null @@ -1 +0,0 @@ -dc13490ff9857b111f44c0500770a6457e683223,a3ecd7d51e79d72d2700184c795aa8a6b8e66573,8ac43592905f995cb13f3694317bf470adafb645,5f8e88afc117c722859fe8e55647bca69ba82150,93e6dcaee271e9f2838c98b7d06eccc5d7c800e5,dc13490ff9857b111f446ef4a6d1e1715f6a6dff,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv deleted file mode 100644 index 7b92733..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp160_pub.csv +++ /dev/null @@ -1 +0,0 @@ -59c9c3c8aef29f1c1c500cafb4726da6086e6eb0,d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp192.csv b/src/cz/crcs/ectester/data/smallpub/ecsp192.csv deleted file mode 100644 index bc55089..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp192.csv +++ /dev/null @@ -1 +0,0 @@ -ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3,597c781f64c33eb8ef919c415911518ea323be88b9437caf,f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320,150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067,843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f,ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv deleted file mode 100644 index 5432c1d..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp192_pub.csv +++ /dev/null @@ -1 +0,0 @@ -17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541,6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp224.csv b/src/cz/crcs/ectester/data/smallpub/ecsp224.csv deleted file mode 100644 index 09b9c01..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp224.csv +++ /dev/null @@ -1 +0,0 @@ -eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb,8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282,46873614be3dffc9218082322210c0616140286f2d160503c1a9250d,961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36,1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd,eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv deleted file mode 100644 index 319ca3a..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp224_pub.csv +++ /dev/null @@ -1 +0,0 @@ -cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04,257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp256.csv b/src/cz/crcs/ectester/data/smallpub/ecsp256.csv deleted file mode 100644 index d5bf3c0..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp256.csv +++ /dev/null @@ -1 +0,0 @@ -c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445,4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71,1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880,a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7,98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e,c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv deleted file mode 100644 index d27ffdc..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp256_pub.csv +++ /dev/null @@ -1 +0,0 @@ -75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653,55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp384.csv b/src/cz/crcs/ectester/data/smallpub/ecsp384.csv deleted file mode 100644 index c58d74b..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp384.csv +++ /dev/null @@ -1 +0,0 @@ -d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b,45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906,d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4,2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec,ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933,d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv deleted file mode 100644 index 80f2cd6..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp384_pub.csv +++ /dev/null @@ -1 +0,0 @@ -a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1,38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp521.csv b/src/cz/crcs/ectester/data/smallpub/ecsp521.csv deleted file mode 100644 index f6835f1..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp521.csv +++ /dev/null @@ -1 +0,0 @@ -01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f,00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e,004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6,01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa,00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66,01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv b/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv deleted file mode 100644 index 5cceee6..0000000 --- a/src/cz/crcs/ectester/data/smallpub/ecsp521_pub.csv +++ /dev/null @@ -1 +0,0 @@ -002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389,0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/smallpub/keys.xml b/src/cz/crcs/ectester/data/smallpub/keys.xml deleted file mode 100644 index fbdf5e8..0000000 --- a/src/cz/crcs/ectester/data/smallpub/keys.xml +++ /dev/null @@ -1,48 +0,0 @@ - - - - ecsp128-pub - ecsp128_pub.csv - smallpub/ecsp128 - order = 5 - - - ecsp160-pub - ecsp160_pub.csv - smallpub/ecsp160 - order = 3 - - - ecsp192-pub - ecsp192_pub.csv - smallpub/ecsp192 - order = 3 - - - ecsp224-pub - ecsp224_pub.csv - smallpub/ecsp224 - order = 5 - - - ecsp256-pub - ecsp256_pub.csv - smallpub/ecsp256 - order = 3 - - - ecsp384-pub - ecsp384_pub.csv - smallpub/ecsp384 - order = 3 - - - ecsp521-pub - ecsp521_pub.csv - smallpub/ecsp521 - order = 5 - - \ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index 92d9da1..24418be 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -49,7 +49,7 @@ public abstract class Command { * @param keyLength key length to set * @param keyClass key class to allocate */ - public Allocate(CardMngr cardManager, byte keyPair, short keyLength, byte keyClass) { + protected Allocate(CardMngr cardManager, byte keyPair, short keyLength, byte keyClass) { super(cardManager); this.keyPair = keyPair; this.keyLength = keyLength; @@ -79,7 +79,7 @@ public abstract class Command { * @param cardManager * @param keyPair which keyPair clear, local/remote (KEYPAIR_* || ...) */ - public Clear(CardMngr cardManager, byte keyPair) { + protected Clear(CardMngr cardManager, byte keyPair) { super(cardManager); this.keyPair = keyPair; @@ -113,7 +113,7 @@ public abstract class Command { * @param params parameters to set (EC_Consts.PARAMETER_* | ...) * @param external external curve data, can be null */ - public Set(CardMngr cardManager, byte keyPair, byte curve, short params, byte[] external) { + protected Set(CardMngr cardManager, byte keyPair, byte curve, short params, byte[] external) { super(cardManager); this.keyPair = keyPair; this.curve = curve; @@ -190,7 +190,7 @@ public abstract class Command { * @param cardManager * @param keyPair which keyPair to generate, local/remote (KEYPAIR_* || ...) */ - public Generate(CardMngr cardManager, byte keyPair) { + protected Generate(CardMngr cardManager, byte keyPair) { super(cardManager); this.keyPair = keyPair; @@ -222,7 +222,7 @@ public abstract class Command { * @param key key to export from (EC_Consts.KEY_* | ...) * @param params params to export (EC_Consts.PARAMETER_* | ...) */ - public Export(CardMngr cardManager, byte keyPair, byte key, short params) { + protected Export(CardMngr cardManager, byte keyPair, byte key, short params) { super(cardManager); this.keyPair = keyPair; this.key = key; @@ -263,7 +263,7 @@ public abstract class Command { * @param corruption whether to invalidate the pubkey before ECDH (EC_Consts.CORRUPTION_* || ...) * @param type */ - public ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte corruption, byte type) { + protected ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte corruption, byte type) { super(cardManager); this.pubkey = pubkey; this.privkey = privkey; @@ -298,7 +298,7 @@ public abstract class Command { * @param export whether to export ECDSA signature * @param raw data to sign, can be null, in which case random data is signed. */ - public ECDSA(CardMngr cardManager, byte keyPair, byte export, byte[] raw) { + protected ECDSA(CardMngr cardManager, byte keyPair, byte export, byte[] raw) { super(cardManager); this.keyPair = keyPair; this.export = export; @@ -342,5 +342,24 @@ public abstract class Command { return new Response.Cleanup(response, elapsed); } } + + /** + * + */ + public static class Support extends Command { + protected Support(CardMngr cardManager) { + super(cardManager); + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_SUPPORT, 0, 0); + } + + @Override + public Response.Support send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.Support(response, elapsed); + } + } } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 9926d3e..716d4ea 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -80,7 +80,7 @@ public class ECTester { //Action-related options private String optListNamed; - private String optTestCase; + private String optTestSuite; private int optGenerateAmount; private int optECDHCount; private byte optECDHKA; @@ -205,7 +205,7 @@ public class ECTester { * -h / --help * -e / --export * -g / --generate [amount] - * -t / --test [test_case] + * -t / --test [test_suite] * -dh / --ecdh [count] * -dhc / --ecdhc [count] * -dsa / --ecdsa [count] @@ -245,7 +245,7 @@ public class ECTester { actions.addOption(Option.builder("ln").longOpt("list-named").desc("Print the list of supported named curves and keys.").hasArg().argName("what").optionalArg(true).build()); actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); - actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support. :\n- default:\n- invalid:\n- wrong:\n- nonprime:\n- smallpub:\n- test-vectors:").hasArg().argName("test_case").optionalArg(true).build()); + actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support. [test_suite]:\n- default:\n- invalid:\n- wrong:\n- nonprime:\n- smallpub:\n- test-vectors:").hasArg().argName("test_suite").optionalArg(true).build()); actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dhc").longOpt("ecdhc").desc("Do ECDHC, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA, [count] times.").hasArg().argName("count").optionalArg(true).build()); @@ -304,7 +304,7 @@ public class ECTester { optPrimeField = cli.hasOption("fp"); optBinaryField = cli.hasOption("f2m"); - optNamedCurve = cli.getOptionValue("named"); + optNamedCurve = cli.getOptionValue("named-curve"); optCustomCurve = cli.hasOption("custom"); optCurveFile = cli.getOptionValue("curve"); @@ -405,10 +405,10 @@ public class ECTester { optPrimeField = true; } - optTestCase = cli.getOptionValue("test", "default").toLowerCase(); - String[] tests = new String[]{"default", "nonprime", "invalid", "smallpub", "test-vectors", "wrong"}; + optTestSuite = cli.getOptionValue("test", "default").toLowerCase(); + String[] tests = new String[]{"default", "nonprime", "invalid", "test-vectors", "wrong"}; List testsList = Arrays.asList(tests); - if (!testsList.contains(optTestCase)) { + if (!testsList.contains(optTestSuite)) { System.err.println("Unknown test case. Should be one of: " + Arrays.toString(tests)); return false; } @@ -527,6 +527,9 @@ public class ECTester { } else if (categories.containsKey(optListNamed)) { // print given category //TODO + } else { + // print given object + //TODO } } @@ -631,7 +634,8 @@ public class ECTester { private void test() throws IOException, CardException { List commands = new LinkedList<>(); - if (optTestCase.equals("default")) { + if (optTestSuite.equals("default")) { + commands.add(new Command.Support(cardManager)); if (optNamedCurve != null) { if (optPrimeField) { commands.addAll(testCurves(optNamedCurve, KeyPair.ALG_EC_FP)); @@ -675,7 +679,7 @@ public class ECTester { } } } - } else if (optTestCase.equals("test-vectors")) { + } else if (optTestSuite.equals("test-vectors")) { /* Set original curves (secg/nist/brainpool). Set keypairs from test vectors. * Do ECDH both ways, export and verify that the result is correct. * @@ -683,6 +687,12 @@ public class ECTester { Map results = dataStore.getObjects(EC_KAResult.class, "test"); for (EC_KAResult result : results.values()) { EC_Curve curve = dataStore.getObject(EC_Curve.class, result.getCurve()); + if (optNamedCurve != null && !(result.getCurve().startsWith(optNamedCurve) || result.getCurve().equals(optNamedCurve))) { + continue; + } + if (curve.getBits() != optBits && !optAll) { + continue; + } EC_Params onekey = dataStore.getObject(EC_Keypair.class, result.getOneKey()); if (onekey == null) { onekey = dataStore.getObject(EC_Key.Private.class, result.getOneKey()); @@ -707,53 +717,56 @@ public class ECTester { } else { // These tests are dangerous, prompt before them. - System.out.println("The test you selected (" + optTestCase + ") is potentially dangerous."); + System.out.println("The test you selected (" + optTestSuite + ") is potentially dangerous."); System.out.println("Some of these tests have caused temporary DoS of some cards."); System.out.print("Do you want to proceed? (y/n):"); - String confirmation = System.console().readLine(); + Scanner in = new Scanner(System.in); + String confirmation = in.nextLine(); if (!Arrays.asList("yes", "y", "Y").contains(confirmation)) { return; } - if (optTestCase.equals("wrong") || optTestCase.equals("nonprime")) { - /* Just do the default tests on the wrong and non-prime curves. + if (optTestSuite.equals("wrong")) { + /* Just do the default tests on the wrong curves. * These should generally fail, the curves aren't safe. */ if (optPrimeField) { - commands.addAll(testCurves(optTestCase, KeyPair.ALG_EC_FP)); + commands.addAll(testCurves(optTestSuite, KeyPair.ALG_EC_FP)); } if (optBinaryField) { - commands.addAll(testCurves(optTestCase, KeyPair.ALG_EC_F2M)); + commands.addAll(testCurves(optTestSuite, KeyPair.ALG_EC_F2M)); } - } else if (optTestCase.equals("smallpub")) { - /* Do the default tests with the public keys set to provided smallpub keys. + } else if (optTestSuite.equals("nonprime")) { + /* Do the default tests with the public keys set to provided nonprime keys. * These should fail, the curves aren't safe so that if the computation with * a small order public key succeeds the private key modulo the public key order * is revealed. */ - Map keys = dataStore.getObjects(EC_Key.class, "smallpub"); + Map keys = dataStore.getObjects(EC_Key.class, "nonprime"); for (EC_Key key : keys.values()) { EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); if ((curve.getBits() == optBits || optAll)) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); commands.add(new Command.Cleanup(cardManager)); } } - } else if (optTestCase.equals("invalid")) { + } else if (optTestSuite.equals("invalid")) { /* Set original curves (secg/nist/brainpool). Generate local. * Try ECDH with invalid public keys of increasing (or decreasing) order. * */ //TODO + System.err.println("Currently not yet implemented."); } } List test = Command.sendAll(commands); - systemOutLogger.println(Response.toString(test)); + systemOutLogger.println(Response.toString(test, optTestSuite)); for (Response response : test) { if (response instanceof Response.ECDH) { @@ -1053,8 +1066,7 @@ public class ECTester { EC_Curve curve = entry.getValue(); if (curve.getField() == field && (curve.getBits() == optBits || optAll)) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), field)); - byte[] external = curve.flatten(); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), external)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); commands.addAll(testCurve()); commands.add(new Command.Cleanup(cardManager)); } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 92d1b9f..4bb5b88 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -14,8 +14,7 @@ import java.util.List; public abstract class Response { private ResponseAPDU resp; private long time; - private short sw1 = 0; - private short sw2 = 0; + private short[] sws; private int numSW = 0; private byte[][] params; private boolean success = true; @@ -27,23 +26,20 @@ public abstract class Response { protected void parse(int numSW, int numParams) { this.numSW = numSW; + this.sws = new short[numSW]; byte[] data = resp.getData(); int offset = 0; //parse SWs in response - if (--numSW >= 0 && getLength() >= 2) { - sw1 = Util.getShort(data, offset); - offset += 2; - if (sw1 != ISO7816.SW_NO_ERROR) { - success = false; - } - } - if (--numSW >= 0 && getLength() >= 4) { - sw2 = Util.getShort(data, offset); - offset += 2; - if (sw2 != ISO7816.SW_NO_ERROR) { - success = false; + for (int i = 0; i < numSW; ++i) { + if (getLength() >= (offset + 2)) { + short sw = Util.getShort(data, offset); + offset += 2; + sws[i] = sw; + if (sw != ISO7816.SW_NO_ERROR) { + success = false; + } } } @@ -79,11 +75,15 @@ public abstract class Response { } public short getSW1() { - return sw1; + return sws[0]; } public short getSW2() { - return sw2; + return sws[1]; + } + + public short getSW(int index) { + return sws[index]; } public int getNumSW() { @@ -122,16 +122,16 @@ public abstract class Response { } public static String toString(List responses, String prefix) { + if (prefix != null) + prefix += " | "; StringBuilder out = new StringBuilder(); for (int i = 0; i < responses.size(); ++i) { Response r = responses.get(i); String message = r.toString(); - String suffix; - if (r.getNumSW() == 1) { - suffix = String.format("%s", Util.getSWString(r.getSW1())); - } else { - suffix = String.format("%s %s", Util.getSWString(r.getSW1()), Util.getSWString(r.getSW2())); + String suffix = ""; + for (int j = 0; j < r.getNumSW(); ++j) { + suffix += " " + Util.getSWString(r.getSW(j)); } if (prefix != null) @@ -153,7 +153,7 @@ public abstract class Response { private short keyLength; private byte keyClass; - public Allocate(ResponseAPDU response, long time, byte keyPair, short keyLength, byte keyClass) { + protected Allocate(ResponseAPDU response, long time, byte keyPair, short keyLength, byte keyClass) { super(response, time); this.keyPair = keyPair; this.keyLength = keyLength; @@ -181,7 +181,7 @@ public abstract class Response { public static class Clear extends Response { private byte keyPair; - public Clear(ResponseAPDU response, long time, byte keyPair) { + protected Clear(ResponseAPDU response, long time, byte keyPair) { super(response, time); this.keyPair = keyPair; @@ -323,7 +323,7 @@ public abstract class Response { private byte key; private short parameters; - public Export(ResponseAPDU response, long time, byte keyPair, byte key, short parameters) { + protected Export(ResponseAPDU response, long time, byte keyPair, byte key, short parameters) { super(response, time); this.keyPair = keyPair; this.key = key; @@ -527,6 +527,22 @@ public abstract class Response { return String.format("Requested JCSystem object deletion"); } + } + + /** + * + */ + public static class Support extends Response { + + protected Support(ResponseAPDU response, long time) { + super(response, time); + parse(3,0); + } + + @Override + public String toString() { + return "Support of ECDH, ECDHC, ECDSA"; + } } } -- cgit v1.2.3-70-g09d2 From 2af338ffb8b81915ad1fb08d5b030374ae6be1dd Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 4 Apr 2017 23:23:48 +0200 Subject: Fix mis-entered brainpool curves --- src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv | 2 +- src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv | 2 +- src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv | 2 +- src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv | 2 +- src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv | 2 +- src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv | 2 +- src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv index 7e2f428..8377986 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv @@ -1 +1 @@ -24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B,E95E4A5F737059DC60DFC7AD95B3D8139515620C,7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380,B199B13B9B34EFC1397E64BAEB05ACC265FF2378,ADD6718B7C7C1961F0991B842443772152C9E0AD,E95E4A5F737059DC60DF5991D45029409E60FC09,1 \ No newline at end of file +E95E4A5F737059DC60DFC7AD95B3D8139515620F,E95E4A5F737059DC60DFC7AD95B3D8139515620C,7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380,B199B13B9B34EFC1397E64BAEB05ACC265FF2378,ADD6718B7C7C1961F0991B842443772152C9E0AD,E95E4A5F737059DC60DF5991D45029409E60FC09,1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv index 8236331..469b46e 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv @@ -1 +1 @@ -1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB,C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294,13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79,3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129,97E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9,C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1,1 \ No newline at end of file +C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297,C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294,13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79,3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129,97E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9,C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1,1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv index 480f7c2..877a157 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv @@ -1 +1 @@ -2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F,D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC,4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D,6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580,374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C,D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F,1 \ No newline at end of file +D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF,D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC,4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D,6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580,374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C,D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F,1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv index 7070064..ae54af0 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv @@ -1 +1 @@ -3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0,A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374,662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04,A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4,2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE,A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7,1 \ No newline at end of file +A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377,A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374,662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04,A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4,2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE,A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7,1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv index 6d776de..9dd5cdb 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv @@ -1 +1 @@ -15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB7496F3C7B1,D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24,A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353,925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52,63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3,D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311,1 \ No newline at end of file +D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27,D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24,A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353,925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52,63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3,D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311,1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv index 60c4ffb..79f2c77 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv @@ -1 +1 @@ -41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50,7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE,18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC,25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565,1 \ No newline at end of file +8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50,7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE,18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC,25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565,1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv index 1274943..bde9435 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv @@ -1 +1 @@ -12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0,7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E,640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA,5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069,1 \ No newline at end of file +AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0,7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E,640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA,5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069,1 -- cgit v1.2.3-70-g09d2 From 45d1bb40cbc4c71e5b94e78f3a541e8f9cd8d62f Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 4 Apr 2017 23:25:20 +0200 Subject: Some docs, allow EC_* objects to print themselves. --- dist/ECTester.jar | Bin 290834 -> 155730 bytes src/cz/crcs/ectester/reader/Command.java | 29 ++++++++++++++++-------- src/cz/crcs/ectester/reader/ECTester.java | 27 +++++++++++++--------- src/cz/crcs/ectester/reader/Response.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Curve.java | 5 ++++ src/cz/crcs/ectester/reader/ec/EC_Data.java | 4 ++-- src/cz/crcs/ectester/reader/ec/EC_KAResult.java | 8 +++++++ src/cz/crcs/ectester/reader/ec/EC_Key.java | 9 ++++++++ src/cz/crcs/ectester/reader/ec/EC_Keypair.java | 5 ++++ 9 files changed, 65 insertions(+), 24 deletions(-) diff --git a/dist/ECTester.jar b/dist/ECTester.jar index a256495..5a8f64b 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index 24418be..73f4987 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -44,7 +44,7 @@ public abstract class Command { /** * Creates the INS_ALLOCATE instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) * @param keyLength key length to set * @param keyClass key class to allocate @@ -76,7 +76,7 @@ public abstract class Command { private byte keyPair; /** - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair clear, local/remote (KEYPAIR_* || ...) */ protected Clear(CardMngr cardManager, byte keyPair) { @@ -107,7 +107,7 @@ public abstract class Command { /** * Creates the INS_SET instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair to set params on, local/remote (KEYPAIR_* || ...) * @param curve curve to set (EC_Consts.CURVE_*) * @param params parameters to set (EC_Consts.PARAMETER_* | ...) @@ -149,9 +149,9 @@ public abstract class Command { private byte corruption; /** - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair to corrupt, local/remote (KEYPAIR_* || ...) - * @param key + * @param key key to corrupt (EC_Consts.KEY_* | ...) * @param params parameters to corrupt (EC_Consts.PARAMETER_* | ...) * @param corruption corruption type (EC_Consts.CORRUPTION_*) */ @@ -187,7 +187,7 @@ public abstract class Command { /** * Creates the INS_GENERATE instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair to generate, local/remote (KEYPAIR_* || ...) */ protected Generate(CardMngr cardManager, byte keyPair) { @@ -217,7 +217,7 @@ public abstract class Command { /** * Creates the INS_EXPORT instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair keyPair to export from (KEYPAIR_* | ...) * @param key key to export from (EC_Consts.KEY_* | ...) * @param params params to export (EC_Consts.PARAMETER_* | ...) @@ -256,12 +256,12 @@ public abstract class Command { /** * Creates the INS_ECDH instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDH secret * @param corruption whether to invalidate the pubkey before ECDH (EC_Consts.CORRUPTION_* || ...) - * @param type + * @param type ECDH algorithm type (EC_Consts.KA_* | ...) */ protected ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte corruption, byte type) { super(cardManager); @@ -293,7 +293,7 @@ public abstract class Command { /** * Creates the INS_ECDSA instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair keyPair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDSA signature * @param raw data to sign, can be null, in which case random data is signed. @@ -328,6 +328,10 @@ public abstract class Command { */ public static class Cleanup extends Command { + /** + * + * @param cardManager cardManager to send APDU through + */ protected Cleanup(CardMngr cardManager) { super(cardManager); @@ -347,6 +351,11 @@ public abstract class Command { * */ public static class Support extends Command { + + /** + * + * @param cardManager cardManager to send APDU through + */ protected Support(CardMngr cardManager) { super(cardManager); diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 716d4ea..cb3d298 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -529,7 +529,10 @@ public class ECTester { //TODO } else { // print given object - //TODO + EC_Data object = dataStore.getObject(EC_Data.class, optListNamed); + if (object != null) { + System.out.println(object); + } } } @@ -628,8 +631,8 @@ public class ECTester { /** * Tests Elliptic curve support for a given curve/curves. * - * @throws IOException - * @throws CardException + * @throws CardException if APDU transmission fails + * @throws IOException if an IO error occurs when writing to key file. */ private void test() throws IOException, CardException { List commands = new LinkedList<>(); @@ -915,9 +918,9 @@ public class ECTester { private List prepareCurve(byte keyPair, short keyLength, byte keyClass) throws IOException { List commands = new ArrayList<>(); - short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; if (optCustomCurve) { // Set custom curve (one of the SECG curves embedded applet-side) + short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null)); } else if (optNamedCurve != null) { // Set a named curve. @@ -934,20 +937,20 @@ public class ECTester { if (external == null) { throw new IOException("Couldn't read named curve data."); } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, external)); + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); } else if (optCurveFile != null) { // Set curve loaded from a file - EC_Params params = new EC_Params(domainParams); + EC_Curve curve = new EC_Curve(keyLength, keyClass); FileInputStream in = new FileInputStream(optCurveFile); - params.readCSV(in); + curve.readCSV(in); in.close(); - byte[] external = params.flatten(); + byte[] external = curve.flatten(); if (external == null) { throw new IOException("Couldn't read the curve file correctly."); } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, external)); + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); } else { // Set default curve /* This command was generally causing problems for simulating on jcardsim. @@ -1036,8 +1039,9 @@ public class ECTester { } /** + * * @return - * @throws IOException + * @throws IOException if an IO error occurs when writing to key file. */ private List testCurve() throws IOException { List commands = new LinkedList<>(); @@ -1052,10 +1056,11 @@ public class ECTester { } /** + * * @param category * @param field * @return - * @throws IOException + * @throws IOException if an IO error occurs when writing to key file. */ private List testCurves(String category, byte field) throws IOException { List commands = new LinkedList<>(); diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 4bb5b88..c3f2fe4 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -524,7 +524,7 @@ public abstract class Response { @Override public String toString() { - return String.format("Requested JCSystem object deletion"); + return "Requested JCSystem object deletion"; } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java index 273b1f4..953884f 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -40,4 +40,9 @@ public class EC_Curve extends EC_Params { public String getDesc() { return desc; } + + @Override + public String toString() { + return "Elliptic curve (" + String.valueOf(bits) + "b): " + desc; + } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index 2e1eb29..c55b99d 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -21,12 +21,12 @@ public class EC_Data { EC_Data() { } - public EC_Data(int count) { + EC_Data(int count) { this.count = count; this.data = new byte[count][]; } - public EC_Data(byte[][] data) { + EC_Data(byte[][] data) { this.count = data.length; this.data = data; } diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java index e556f90..f1be49a 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -1,5 +1,7 @@ package cz.crcs.ectester.reader.ec; +import cz.crcs.ectester.applet.EC_Consts; + /** * @author Jan Jancar johny@neuromancer.sk */ @@ -45,4 +47,10 @@ public class EC_KAResult extends EC_Data { return desc; } + @Override + public String toString() { + String agreement = ka == EC_Consts.KA_ECDH ? "ECDH" : "ECDHC"; + return agreement + " over " + curve + ", " + oneKey + " + " + otherKey + ": " + desc; + } + } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Key.java b/src/cz/crcs/ectester/reader/ec/EC_Key.java index b78aaee..983ffa8 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Key.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Key.java @@ -37,6 +37,11 @@ public class EC_Key extends EC_Params { public Public(String curve, String desc) { super(EC_Consts.PARAMETER_W, curve, desc); } + + @Override + public String toString() { + return "EC Public key, over " + getCurve() + ": " + getDesc(); + } } public static class Private extends EC_Key { @@ -49,5 +54,9 @@ public class EC_Key extends EC_Params { super(EC_Consts.PARAMETER_S, curve, desc); } + @Override + public String toString() { + return "EC Private key, over " + getCurve() + ": " + getDesc(); + } } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java index 0ee3801..af4038a 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java @@ -27,4 +27,9 @@ public class EC_Keypair extends EC_Params { public String getDesc() { return desc; } + + @Override + public String toString() { + return "EC Keypair, over " + curve + ": " + desc; + } } -- cgit v1.2.3-70-g09d2 From 914931cfea79c7947b180069b0e67cc208971869 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sat, 15 Apr 2017 01:27:24 +0200 Subject: Add invalid curves test(partly) and some parameters (brainpool) for it - curves.xml, keys.xml and results.xml's entries can now instead of file path to point to csv file, contain the csv data inline. - Moved EC_Category to reader package from data - Fixed printing of named objects - Added ECDH/C test for KA_BOTH which does ECDH and ECDHC on the applet side, compares the results and reports success/failure etc. --- dist/ECTester.jar | Bin 155730 -> 295880 bytes src/cz/crcs/ectester/applet/ECKeyTester.java | 29 +++++ src/cz/crcs/ectester/applet/ECTesterApplet.java | 23 +++- src/cz/crcs/ectester/data/EC_Category.java | 72 ------------ src/cz/crcs/ectester/data/EC_Store.java | 54 +++++++-- src/cz/crcs/ectester/data/categories.xml | 5 + .../crcs/ectester/data/invalid/brainpool/keys.xml | 108 +++++++++++++++++ src/cz/crcs/ectester/data/invalid/curves.xml | 4 - src/cz/crcs/ectester/data/invalid/keys.xml | 14 +++ src/cz/crcs/ectester/data/invalid/nist/keys.xml | 6 + src/cz/crcs/ectester/data/invalid/secg/keys.xml | 6 + src/cz/crcs/ectester/data/schema.xsd | 12 +- src/cz/crcs/ectester/reader/ECTester.java | 115 ++++++------------ src/cz/crcs/ectester/reader/Response.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Category.java | 128 +++++++++++++++++++++ src/cz/crcs/ectester/reader/ec/EC_Curve.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_KAResult.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Key.java | 4 +- src/cz/crcs/ectester/reader/ec/EC_Keypair.java | 2 +- 19 files changed, 409 insertions(+), 179 deletions(-) delete mode 100644 src/cz/crcs/ectester/data/EC_Category.java create mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/keys.xml delete mode 100644 src/cz/crcs/ectester/data/invalid/curves.xml create mode 100644 src/cz/crcs/ectester/data/invalid/keys.xml create mode 100644 src/cz/crcs/ectester/data/invalid/nist/keys.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/keys.xml create mode 100644 src/cz/crcs/ectester/reader/ec/EC_Category.java diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 5a8f64b..0126533 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index e22094b..64f3024 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -3,6 +3,7 @@ package cz.crcs.ectester.applet; import javacard.framework.CardRuntimeException; import javacard.framework.ISO7816; +import javacard.framework.Util; import javacard.security.ECPrivateKey; import javacard.security.ECPublicKey; import javacard.security.KeyAgreement; @@ -104,6 +105,34 @@ public class ECKeyTester { return testKA(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); } + /** + * + * @param privateKey + * @param publicKey + * @param pubkeyBuffer + * @param pubkeyOffset + * @param outputBuffer + * @param outputOffset + * @param corruption + * @return + */ + public short testKA(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + short ecdhLength = testECDH(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); + if (sw != ISO7816.SW_NO_ERROR) { + return ecdhLength; + } + short ecdhcLength = testECDHC(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption); + short length = (short) (ecdhLength + ecdhcLength); + if (sw != ISO7816.SW_NO_ERROR) { + return length; + } + if (Util.arrayCompare(outputBuffer, outputOffset, outputBuffer, (short)(outputOffset + ecdhLength), ecdhLength) != 0) { + sw = ECTesterApplet.SW_DH_DHC_MISMATCH; + } + return length; + + } + /** * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. * Then checks for correct signature length. diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index f9fb5da..98f59c4 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -63,6 +63,7 @@ public class ECTesterApplet extends Applet { // STATUS WORDS public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1; + public static final short SW_DH_DHC_MISMATCH = (short) 0x0ee2; private static final short ARRAY_LENGTH = (short) 0xff; @@ -556,7 +557,7 @@ public class ECTesterApplet extends Applet { secretLength = keyTester.testECDHC((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); break; case EC_Consts.KA_BOTH: - // TODO + secretLength = keyTester.testKA((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); @@ -589,7 +590,7 @@ public class ECTesterApplet extends Applet { short dataLength = Util.getShort(buffer, inOffset); if (dataLength == 0) { //no data to sign //generate random - dataLength = 32; + dataLength = 64; randomData.generateData(ramArray, (short) 0, dataLength); } else { Util.arrayCopyNonAtomic(buffer, (short) (inOffset + 2), ramArray, (short) 0, dataLength); @@ -636,9 +637,21 @@ public class ECTesterApplet extends Applet { */ private short support(byte[] buffer, short offset) { - Util.setShort(buffer, offset, ecdhSW); - Util.setShort(buffer, (short) (offset+2), ecdhcSW); - Util.setShort(buffer, (short) (offset+4), ecdsaSW); + if (keyTester.hasECDH()) { + Util.setShort(buffer, offset, ecdhSW); + } else { + Util.setShort(buffer, offset, ISO7816.SW_INS_NOT_SUPPORTED); + } + if (keyTester.hasECDHC()) { + Util.setShort(buffer, (short) (offset+2), ecdhcSW); + } else { + Util.setShort(buffer, (short) (offset+2), ISO7816.SW_INS_NOT_SUPPORTED); + } + if (keyTester.hasECDSA()) { + Util.setShort(buffer, (short) (offset+4), ecdsaSW); + } else { + Util.setShort(buffer, (short) (offset+4), ISO7816.SW_INS_NOT_SUPPORTED); + } return 6; } diff --git a/src/cz/crcs/ectester/data/EC_Category.java b/src/cz/crcs/ectester/data/EC_Category.java deleted file mode 100644 index 57d9ca3..0000000 --- a/src/cz/crcs/ectester/data/EC_Category.java +++ /dev/null @@ -1,72 +0,0 @@ -package cz.crcs.ectester.data; - -import cz.crcs.ectester.reader.ec.EC_Data; -import cz.crcs.ectester.reader.ec.EC_Params; - -import java.util.Collections; -import java.util.TreeMap; -import java.util.Map; - -/** - * @author Jan Jancar johny@neuromancer.sk - */ -public class EC_Category { - - private String name; - private String directory; - private String desc; - - private Map objects; - - - public EC_Category(String name, String directory) { - this.name = name; - this.directory = directory; - } - - public EC_Category(String name, String directory, String desc) { - this(name, directory); - this.desc = desc; - } - - public EC_Category(String name, String directory, String desc, Map objects) { - this(name, directory, desc); - this.objects = objects; - } - - public String getName() { - return name; - } - - public String getDirectory() { - return directory; - } - - public String getDesc() { - return desc; - } - - public Map getObjects() { - return Collections.unmodifiableMap(objects); - } - - public Map getObjects(Class cls) { - Map objs = new TreeMap<>(); - for (Map.Entry entry : objects.entrySet()) { - if (cls.isInstance(entry.getValue())) { - objs.put(entry.getKey(), cls.cast(entry.getValue())); - } - } - return Collections.unmodifiableMap(objs); - } - - public T getObject(Class cls, String id) { - EC_Data obj = objects.get(id); - if (cls.isInstance(obj)) { - return cls.cast(obj); - } else { - return null; - } - } - -} diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index abf0a9b..0571cd8 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -8,8 +8,10 @@ import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.xml.sax.ErrorHandler; +import org.xml.sax.InputSource; import org.xml.sax.SAXException; import org.xml.sax.SAXParseException; +import org.xml.sax.ext.EntityResolver2; import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; @@ -17,10 +19,10 @@ import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import javax.xml.validation.Schema; import javax.xml.validation.SchemaFactory; +import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.util.Collections; -import java.util.HashMap; import java.util.Map; import java.util.TreeMap; @@ -61,6 +63,25 @@ public class EC_Store { throw new SAXException(exception); } }); + db.setEntityResolver(new EntityResolver2() { + @Override + public InputSource getExternalSubset(String name, String baseURI) throws SAXException, IOException { + return null; + } + + @Override + public InputSource resolveEntity(String name, String publicId, String baseURI, String systemId) throws SAXException, IOException { + InputSource is = new InputSource(); + is.setSystemId(systemId); + is.setByteStream(getClass().getClass().getResourceAsStream("/cz/crcs/ectester/data/" + systemId)); + return is; + } + + @Override + public InputSource resolveEntity(String publicId, String systemId) throws SAXException, IOException { + return null; + } + }); parse(); } catch (ParserConfigurationException | SAXException e) { @@ -80,7 +101,7 @@ public class EC_Store { NodeList catList = categoriesDoc.getElementsByTagName("category"); - this.categories = new HashMap<>(catList.getLength()); + this.categories = new TreeMap<>(); for (int i = 0; i < catList.getLength(); ++i) { Node catNode = catList.item(i); if (catNode instanceof Element) { @@ -115,7 +136,6 @@ public class EC_Store { Node id = curveElem.getElementsByTagName("id").item(0); Node bits = curveElem.getElementsByTagName("bits").item(0); Node field = curveElem.getElementsByTagName("field").item(0); - Node file = curveElem.getElementsByTagName("file").item(0); NodeList descc = curveElem.getElementsByTagName("desc"); String descs = null; @@ -132,7 +152,9 @@ public class EC_Store { short bitsize = Short.parseShort(bits.getTextContent()); EC_Curve curve = new EC_Curve(bitsize, alg, descs); - if (!curve.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + + InputStream csv = parseDataElement(dir, curveElem); + if (!curve.readCSV(csv)) { throw new IOException("Invalid csv data."); } @@ -194,7 +216,6 @@ public class EC_Store { Node id = elem.getElementsByTagName("id").item(0); Node ka = elem.getElementsByTagName("ka").item(0); - Node file = elem.getElementsByTagName("file").item(0); Node curve = elem.getElementsByTagName("curve").item(0); Node onekey = elem.getElementsByTagName("onekey").item(0); Node otherkey = elem.getElementsByTagName("otherkey").item(0); @@ -213,7 +234,9 @@ public class EC_Store { } EC_KAResult kaResult = new EC_KAResult(kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs); - if (!kaResult.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + + InputStream csv = parseDataElement(dir, elem); + if (!kaResult.readCSV(csv)) { throw new IOException("Invalid csv data."); } @@ -248,12 +271,29 @@ public class EC_Store { } else { throw new SAXException("?"); } - if (!result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + + InputStream csv = parseDataElement(dir, elem); + if (!result.readCSV(csv)) { throw new IOException("Invalid CSV data."); } return result; } + private InputStream parseDataElement(String dir, Element elem) throws SAXException { + NodeList file = elem.getElementsByTagName("file"); + NodeList inline = elem.getElementsByTagName("inline"); + + InputStream csv; + if (file.getLength() == 1) { + csv = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.item(0).getTextContent()); + } else if (inline.getLength() == 1) { + csv = new ByteArrayInputStream(inline.item(0).getTextContent().getBytes()); + } else { + throw new SAXException("?"); + } + return csv; + } + public Map getCategories() { return Collections.unmodifiableMap(categories); } diff --git a/src/cz/crcs/ectester/data/categories.xml b/src/cz/crcs/ectester/data/categories.xml index 100d962..29dcba0 100644 --- a/src/cz/crcs/ectester/data/categories.xml +++ b/src/cz/crcs/ectester/data/categories.xml @@ -31,6 +31,11 @@ wrong Wrong field curves. These should definitely give an error when used. Since the "prime" used for the field are not prime, and the field polynomials are also not irreducible. Simply put these parameters don't specify a valid elliptic curve. + + invalid + invalid + + test test diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml b/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml new file mode 100644 index 0000000..985fab6 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml @@ -0,0 +1,108 @@ + + + 160r1-1 + 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0 + brainpool/brainpoolP160r1 + invalid order = 2 + + + +160r1-2 +0x55303e73394b0da59a85f48ad0ba78deee2df5d8,0x2874a5d9c08777c1151c87cd6d0577842ea68e13 +brainpool/brainpoolP160r1 +invalid order = 3 + + + +160r1-3 +0x4381828db3ae0c10a51074929b60700f87b0337b,0x2a2a76a4af0a96106ba6fe9d2496f1908edd2a23 +brainpool/brainpoolP160r1 +invalid order = 5 + + + +160r1-4 +0x68f115185e91815d9259714e7a7154300b8db314,0x3784f206684eb6c8c252ea4fe5453ff37b93eaf9 +brainpool/brainpoolP160r1 +invalid order = 7 + + + +160r1-5 +0xcc521e5a0366ee48cc37e757b994afee2452015e,0x93e0e6c648b0f0b2e354425025041345beb35b3c +brainpool/brainpoolP160r1 +invalid order = 11 + + + +160r1-6 +0x2b4d92bf08d99b87767e40f46ba4ad3dc21e2302,0x72f3e483e7b2c562fba12bad2402a411af02a15c +brainpool/brainpoolP160r1 +invalid order = 13 + + + +160r1-7 +0x1397bfed0edd4c38019af46c6864d106bc1c7241,0xa78a13e065701c31796231ceeb2200b4459c92ad +brainpool/brainpoolP160r1 +invalid order = 17 + + + +160r1-8 +0x448604062905058037d0776f0111e25d44b1abe3,0x1337a58bb32dd2c34355b47dedce2014b53cb832 +brainpool/brainpoolP160r1 +invalid order = 19 + + + +160r1-9 +0x64d734b3bf25c6546b963b43ece33fdc9347e66b,0xc311a5ed6b51380cada8c5c6658b633c4e40169e +brainpool/brainpoolP160r1 +invalid order = 23 + + + +160r1-10 +0x77c06cb540d349ebe61218241deb813c591f0509,0xd7eb002458fa0c38ae3528c9b3ec5e1117a84ff8 +brainpool/brainpoolP160r1 +invalid order = 29 + + + +160r1-11 +0xbefde0dd07cb3ef5d189b15fd129ec564d194cf3,0x55106a2379e3eef9010f4d11239ea0d83039cb66 +brainpool/brainpoolP160r1 +invalid order = 31 + + + +160r1-12 +0xe54d642cd1c68d018db437fb624b3595a5a9588c,0xae6165d75eec8e22072a0d7b800eae804e9b4136 +brainpool/brainpoolP160r1 +invalid order = 37 + + + +160r1-13 +0x60d871f4fde332d00e183381d0e3cbbc586dcb80,0x10a9f5e2a238ab38a743f52645dbbff2b250a34a +brainpool/brainpoolP160r1 +invalid order = 41 + + + +160r1-14 +0x7e2901c9f5610e4230aa7a53e8553426073458e4,0x3ac1810d4beb3244d62343ea40a23324b67b442 +brainpool/brainpoolP160r1 +invalid order = 43 + + + +160r1-15 +0x6b4d7bd164a2fb9fbb835a5ad5ee70adecf0cb37,0x22096241d3ec1f1ec072e10a04a731380fdedab5 +brainpool/brainpoolP160r1 +invalid order = 47 + + + + diff --git a/src/cz/crcs/ectester/data/invalid/curves.xml b/src/cz/crcs/ectester/data/invalid/curves.xml deleted file mode 100644 index e87269f..0000000 --- a/src/cz/crcs/ectester/data/invalid/curves.xml +++ /dev/null @@ -1,4 +0,0 @@ - - - \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/invalid/keys.xml b/src/cz/crcs/ectester/data/invalid/keys.xml new file mode 100644 index 0000000..9048518 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/keys.xml @@ -0,0 +1,14 @@ + + + + + ]> + + &brainpool; + &nist; + &secg; + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/invalid/nist/keys.xml b/src/cz/crcs/ectester/data/invalid/nist/keys.xml new file mode 100644 index 0000000..5427845 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/nist/keys.xml @@ -0,0 +1,6 @@ + + 160r1-1 + 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0 + brainpool/brainpoolP160r1 + order = 2 + diff --git a/src/cz/crcs/ectester/data/invalid/secg/keys.xml b/src/cz/crcs/ectester/data/invalid/secg/keys.xml new file mode 100644 index 0000000..5427845 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/keys.xml @@ -0,0 +1,6 @@ + + 160r1-1 + 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0 + brainpool/brainpoolP160r1 + order = 2 + diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd index 8f9427d..33b9acd 100644 --- a/src/cz/crcs/ectester/data/schema.xsd +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -1,5 +1,5 @@ - @@ -11,12 +11,16 @@ + + + + - + @@ -34,7 +38,7 @@ - + @@ -65,7 +69,7 @@ - + diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index cb3d298..6965d14 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -23,7 +23,6 @@ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; -import cz.crcs.ectester.data.EC_Category; import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.reader.ec.*; import javacard.security.KeyPair; @@ -468,70 +467,18 @@ public class ECTester { if (optListNamed == null) { // print all categories, briefly for (EC_Category cat : categories.values()) { - System.out.println("\t- " + cat.getName() + ": " + (cat.getDesc() == null ? "" : cat.getDesc())); - - Map curves = cat.getObjects(EC_Curve.class); - int size = curves.size(); - if (size > 0) { - System.out.print("\t\tCurves: "); - for (Map.Entry curve : curves.entrySet()) { - System.out.print(curve.getKey()); - size--; - if (size > 0) - System.out.print(", "); - } - System.out.println(); - } - - Map keys = cat.getObjects(EC_Key.class); - size = keys.size(); - if (size > 0) { - System.out.print("\t\tKeys: "); - for (Map.Entry key : keys.entrySet()) { - System.out.print(key.getKey()); - size--; - if (size > 0) - System.out.print(", "); - } - System.out.println(); - } - - Map keypairs = cat.getObjects(EC_Keypair.class); - size = keypairs.size(); - if (size > 0) { - System.out.print("\t\tKeypairs: "); - for (Map.Entry key : keypairs.entrySet()) { - System.out.print(key.getKey()); - size--; - if (size > 0) - System.out.print(", "); - } - System.out.println(); - } - - Map results = cat.getObjects(EC_KAResult.class); - size = results.size(); - if (size > 0) { - System.out.print("\t\tResults: "); - for (Map.Entry result : results.entrySet()) { - System.out.print(result.getKey()); - size--; - if (size > 0) - System.out.print(", "); - } - System.out.println(); - } - - System.out.println(); + System.out.println(cat); } } else if (categories.containsKey(optListNamed)) { // print given category - //TODO + System.out.println(categories.get(optListNamed)); } else { // print given object EC_Data object = dataStore.getObject(EC_Data.class, optListNamed); if (object != null) { System.out.println(object); + } else { + System.err.println("Named object " + optListNamed + " not found!"); } } } @@ -562,9 +509,9 @@ public class ECTester { // Cofactor generally isn't set on the default curve parameters on cards, // since its not necessary for ECDH, only ECDHC which not many cards implement // TODO: check if its assumend to be == 1? - short domain_all = optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; - short domain = (short) (domain_all ^ EC_Consts.PARAMETER_K); - Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domain_all).send(); + short domainAll = optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; + short domain = (short) (domainAll ^ EC_Consts.PARAMETER_K); + Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domainAll).send(); if (!export.successful()) { export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domain).send(); } @@ -722,12 +669,13 @@ public class ECTester { // These tests are dangerous, prompt before them. System.out.println("The test you selected (" + optTestSuite + ") is potentially dangerous."); System.out.println("Some of these tests have caused temporary DoS of some cards."); - System.out.print("Do you want to proceed? (y/n):"); + System.out.print("Do you want to proceed? (y/n): "); Scanner in = new Scanner(System.in); String confirmation = in.nextLine(); if (!Arrays.asList("yes", "y", "Y").contains(confirmation)) { return; } + in.close(); if (optTestSuite.equals("wrong")) { /* Just do the default tests on the wrong curves. @@ -750,20 +698,35 @@ public class ECTester { EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); if ((curve.getBits() == optBits || optAll)) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); commands.add(new Command.Cleanup(cardManager)); } } } else if (optTestSuite.equals("invalid")) { - /* Set original curves (secg/nist/brainpool). Generate local. - * Try ECDH with invalid public keys of increasing (or decreasing) order. - * - */ - //TODO - System.err.println("Currently not yet implemented."); + /* Set original curves (secg/nist/brainpool). Generate local. + * Try ECDH with invalid public keys of increasing (or decreasing) order. + */ + Map pubkeys = dataStore.getObjects(EC_Key.Public.class, "invalid"); + for (EC_Key.Public key : pubkeys.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); + if (optNamedCurve != null && !(key.getCurve().startsWith(optNamedCurve) || key.getCurve().equals(optNamedCurve))) { + continue; + } + if (curve.getBits() != optBits && !optAll) { + continue; + } + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH)); + //commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDHC)); + commands.add(new Command.Cleanup(cardManager)); + + } } } @@ -771,14 +734,6 @@ public class ECTester { List test = Command.sendAll(commands); systemOutLogger.println(Response.toString(test, optTestSuite)); - for (Response response : test) { - if (response instanceof Response.ECDH) { - Response.ECDH ecdh = (Response.ECDH) response; - if (ecdh.hasSecret()) { - System.out.println(Util.bytesToHex(ecdh.getSecret(), false)); - } - } - } } /** @@ -1039,9 +994,8 @@ public class ECTester { } /** - * * @return - * @throws IOException if an IO error occurs when writing to key file. + * @throws IOException if an IO error occurs when writing to key file. */ private List testCurve() throws IOException { List commands = new LinkedList<>(); @@ -1056,11 +1010,10 @@ public class ECTester { } /** - * * @param category * @param field * @return - * @throws IOException if an IO error occurs when writing to key file. + * @throws IOException if an IO error occurs when writing to key file. */ private List testCurves(String category, byte field) throws IOException { List commands = new LinkedList<>(); diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index c3f2fe4..ee27260 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -137,7 +137,7 @@ public abstract class Response { if (prefix != null) out.append(prefix); - out.append(String.format("%-58s:%4d ms : %s", message, r.time / 1000000, suffix)); + out.append(String.format("%-62s:%4d ms : %s", message, r.time / 1000000, suffix)); if (i < responses.size() - 1) { out.append("\n"); } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Category.java b/src/cz/crcs/ectester/reader/ec/EC_Category.java new file mode 100644 index 0000000..a0c8755 --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_Category.java @@ -0,0 +1,128 @@ +package cz.crcs.ectester.reader.ec; + +import java.util.Collections; +import java.util.Map; +import java.util.TreeMap; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Category { + + private String name; + private String directory; + private String desc; + + private Map objects; + + + public EC_Category(String name, String directory) { + this.name = name; + this.directory = directory; + } + + public EC_Category(String name, String directory, String desc) { + this(name, directory); + this.desc = desc; + } + + public EC_Category(String name, String directory, String desc, Map objects) { + this(name, directory, desc); + this.objects = objects; + } + + public String getName() { + return name; + } + + public String getDirectory() { + return directory; + } + + public String getDesc() { + return desc; + } + + public Map getObjects() { + return Collections.unmodifiableMap(objects); + } + + public Map getObjects(Class cls) { + Map objs = new TreeMap<>(); + for (Map.Entry entry : objects.entrySet()) { + if (cls.isInstance(entry.getValue())) { + objs.put(entry.getKey(), cls.cast(entry.getValue())); + } + } + return Collections.unmodifiableMap(objs); + } + + public T getObject(Class cls, String id) { + EC_Data obj = objects.get(id); + if (cls.isInstance(obj)) { + return cls.cast(obj); + } else { + return null; + } + } + + @Override + public String toString() { + StringBuilder out = new StringBuilder(); + out.append("\t- ").append(name).append((desc == null || desc.equals("")) ? "" : ": " + desc); + out.append(System.lineSeparator()); + + Map curves = getObjects(EC_Curve.class); + int size = curves.size(); + if (size > 0) { + out.append("\t\tCurves: "); + for (Map.Entry curve : curves.entrySet()) { + out.append(curve.getKey()); + size--; + if (size > 0) + out.append(", "); + } + out.append(System.lineSeparator()); + } + + Map keys = getObjects(EC_Key.class); + size = keys.size(); + if (size > 0) { + out.append("\t\tKeys: "); + for (Map.Entry key : keys.entrySet()) { + out.append(key.getKey()); + size--; + if (size > 0) + out.append(", "); + } + out.append(System.lineSeparator()); + } + + Map keypairs = getObjects(EC_Keypair.class); + size = keypairs.size(); + if (size > 0) { + out.append("\t\tKeypairs: "); + for (Map.Entry key : keypairs.entrySet()) { + out.append(key.getKey()); + size--; + if (size > 0) + out.append(", "); + } + out.append(System.lineSeparator()); + } + + Map results = getObjects(EC_KAResult.class); + size = results.size(); + if (size > 0) { + out.append("\t\tResults: "); + for (Map.Entry result : results.entrySet()) { + out.append(result.getKey()); + size--; + if (size > 0) + out.append(", "); + } + out.append(System.lineSeparator()); + } + return out.toString(); + } +} diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java index 953884f..9b783ec 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -43,6 +43,6 @@ public class EC_Curve extends EC_Params { @Override public String toString() { - return "Elliptic curve (" + String.valueOf(bits) + "b): " + desc; + return "Elliptic curve (" + String.valueOf(bits) + "b)" + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java index f1be49a..1385f12 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -50,7 +50,7 @@ public class EC_KAResult extends EC_Data { @Override public String toString() { String agreement = ka == EC_Consts.KA_ECDH ? "ECDH" : "ECDHC"; - return agreement + " over " + curve + ", " + oneKey + " + " + otherKey + ": " + desc; + return agreement + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Key.java b/src/cz/crcs/ectester/reader/ec/EC_Key.java index 983ffa8..ad846b8 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Key.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Key.java @@ -40,7 +40,7 @@ public class EC_Key extends EC_Params { @Override public String toString() { - return "EC Public key, over " + getCurve() + ": " + getDesc(); + return "EC Public key, over " + getCurve() + (getDesc() == null ? "" : ": " + getDesc()); } } @@ -56,7 +56,7 @@ public class EC_Key extends EC_Params { @Override public String toString() { - return "EC Private key, over " + getCurve() + ": " + getDesc(); + return "EC Private key, over " + getCurve() + (getDesc() == null ? "" : ": " + getDesc()); } } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java index af4038a..bf87e9e 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java @@ -30,6 +30,6 @@ public class EC_Keypair extends EC_Params { @Override public String toString() { - return "EC Keypair, over " + curve + ": " + desc; + return "EC Keypair, over " + curve + (desc == null ? "" : ": " + desc); } } -- cgit v1.2.3-70-g09d2 From f4a66768ed6dfcfd7156ad0c8c364cdbf6e45e9c Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 19 Apr 2017 01:03:33 +0200 Subject: Fix NIST test vectors (were zero padded to wrong lengths) --- src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv | 2 +- src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv | 2 +- src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv | 2 +- src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv | 2 +- src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv | 2 +- src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv | 2 +- src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv | 2 +- src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv | 2 +- src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv | 2 +- src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv index e0f7f15..53e18ee 100644 --- a/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv @@ -1 +1 @@ -00000003a647ba32dac71ec6780b0638a70cd24fc3bd4c8e,00000002e69e961541844a4aa33769a7bce710f6640a560c \ No newline at end of file +03a647ba32dac71ec6780b0638a70cd24fc3bd4c8e,02e69e961541844a4aa33769a7bce710f6640a560c \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv index 910ea7c..4b25a67 100644 --- a/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv @@ -1 +1 @@ -000000035466701d0b0030d098b6ed2343d355c24c907271,00000000d8bc02f341d261860dfb65f0cb7f0b488d8296cc,00000003edae173de8fa0cf0412d6a7bdc81fdbd0617adf8 \ No newline at end of file +035466701d0b0030d098b6ed2343d355c24c907271,00d8bc02f341d261860dfb65f0cb7f0b488d8296cc,03edae173de8fa0cf0412d6a7bdc81fdbd0617adf8 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv index bac3371..e354678 100644 --- a/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv @@ -1 +1 @@ -0000004756baddefc3dc337ab27b5452eb10affd9e31f5b55c330e90f0f686a2,0000012a79f65232308a21c98c01555ccafc7dce15c8fed3025a760cbd6c2327 \ No newline at end of file +004756baddefc3dc337ab27b5452eb10affd9e31f5b55c330e90f0f686a2,012a79f65232308a21c98c01555ccafc7dce15c8fed3025a760cbd6c2327 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv index 56d5f3a..22f4d6a 100644 --- a/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv @@ -1 +1 @@ -00000061e8a9b517fd05a026ec376616229fd8639a1fa76defe5398022f9d9c8,000000706b5cb08738a94552fee584b1372fead4af79040909fcf6f50084bbfa,0000003c3ee474ac0d0bc1df567e3c35f5f766c5332b2d6730ff0e4d8e75aedb \ No newline at end of file +0061e8a9b517fd05a026ec376616229fd8639a1fa76defe5398022f9d9c8,00706b5cb08738a94552fee584b1372fead4af79040909fcf6f50084bbfa,003c3ee474ac0d0bc1df567e3c35f5f766c5332b2d6730ff0e4d8e75aedb \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv index 633b3d8..bc263fb 100644 --- a/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv @@ -1 +1 @@ -0000000574236f1428c432130946783a5b3aabb6c27ea5d6,00000007908c251b8da021cbac281f123f7af4fac5b3dbb8 \ No newline at end of file +0574236f1428c432130946783a5b3aabb6c27ea5d6,07908c251b8da021cbac281f123f7af4fac5b3dbb8 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv index affd5c5..af9186c 100644 --- a/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv @@ -1 +1 @@ -000000071f8b2877d6027d9c1ade4244f2dea12692ef23d5,00000005c15ee776221c72b84b347ce383f38067b89c3e9a,6653b6077398fadc7bf5e60158170148c3dc4527 \ No newline at end of file +071f8b2877d6027d9c1ade4244f2dea12692ef23d5,05c15ee776221c72b84b347ce383f38067b89c3e9a,006653b6077398fadc7bf5e60158170148c3dc4527 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv index 90ba87f..23c8213 100644 --- a/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv @@ -1 +1 @@ -000001f40e34b3ed4a1b2d40c056fb75f2ad543c897cfd82f542cf746a0f202f,000000c130a1abe92bc4c977c800777996ccc50b90df991a2e81dd515c188599 \ No newline at end of file +01f40e34b3ed4a1b2d40c056fb75f2ad543c897cfd82f542cf746a0f202f,00c130a1abe92bc4c977c800777996ccc50b90df991a2e81dd515c188599 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv index 5d900a5..b4612a2 100644 --- a/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv @@ -1 +1 @@ -000001a53e5c138b3d83905d563aa1db01274633c986b52f78225a92e33e7952,000000ecabd3e2e26729a965604e560ed4498a22b31c39642e1cf99b1dde3ec7,000000135a5b8c3ce047fbc5df26277d3bf83ac33ddadb5cf4a050ca82be48f0 \ No newline at end of file +01a53e5c138b3d83905d563aa1db01274633c986b52f78225a92e33e7952,00ecabd3e2e26729a965604e560ed4498a22b31c39642e1cf99b1dde3ec7,00135a5b8c3ce047fbc5df26277d3bf83ac33ddadb5cf4a050ca82be48f0 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv index 3fa895f..1c30fa2 100644 --- a/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv @@ -1 +1 @@ -000000685a48e86c79f0f0875f7bc18d25eb5fc8c0b07e5da4f4370f3a9490340854334b1e1b87fa395464c60626124a4e70d0f785601d37c09870ebf176666877a2046d,000001ba52c56fc8776d9e8f5db4f0cc27636d0b741bbe05400697942e80b739884a83bde99e0f6716939e632bc8986fa18dccd443a348b6c3e522497955a4f3c302f676 \ No newline at end of file +00685a48e86c79f0f0875f7bc18d25eb5fc8c0b07e5da4f4370f3a9490340854334b1e1b87fa395464c60626124a4e70d0f785601d37c09870ebf176666877a2046d,01ba52c56fc8776d9e8f5db4f0cc27636d0b741bbe05400697942e80b739884a83bde99e0f6716939e632bc8986fa18dccd443a348b6c3e522497955a4f3c302f676 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv index b575d06..45c87be 100644 --- a/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv @@ -1 +1 @@ -000000602f9d0cf9e526b29e22381c203c48a886c2b0673033366314f1ffbcba240ba42f4ef38a76174635f91e6b4ed34275eb01c8467d05ca80315bf1a7bbd945f550a5,000001b7c85f26f5d4b2d7355cf6b02117659943762b6d1db5ab4f1dbc44ce7b2946eb6c7de342962893fd387d1b73d7a8672d1f236961170b7eb3579953ee5cdc88cd2d,0000017eecc07ab4b329068fba65e56a1f8890aa935e57134ae0ffcce802735151f4eac6564f6ee9974c5e6887a1fefee5743ae2241bfeb95d5ce31ddcb6f9edb4d6fc47 \ No newline at end of file +00602f9d0cf9e526b29e22381c203c48a886c2b0673033366314f1ffbcba240ba42f4ef38a76174635f91e6b4ed34275eb01c8467d05ca80315bf1a7bbd945f550a5,01b7c85f26f5d4b2d7355cf6b02117659943762b6d1db5ab4f1dbc44ce7b2946eb6c7de342962893fd387d1b73d7a8672d1f236961170b7eb3579953ee5cdc88cd2d,017eecc07ab4b329068fba65e56a1f8890aa935e57134ae0ffcce802735151f4eac6564f6ee9974c5e6887a1fefee5743ae2241bfeb95d5ce31ddcb6f9edb4d6fc47 \ No newline at end of file -- cgit v1.2.3-70-g09d2 From a7eef06134bef0861e43261640d61153ebb2a6e5 Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 19 Apr 2017 01:10:17 +0200 Subject: Refactor testing, add Config class, make EC_Data read bytes - The ECTester.Config class now stores and reads all CLI options - Testing with the -t / --test option was partially refactored into: - Test: Encapsulates one Command and Response pair with expected result, a real result and a callback to dynamically assign result - TestSuite: Encapsulates a bunch of tests, represents a whole category of tests either that can be run on any curve or only on some. --- !uploader/ectester.cap | Bin 14053 -> 14353 bytes dist/ECTester.jar | Bin 295880 -> 322457 bytes src/cz/crcs/ectester/applet/ECKeyGenerator.java | 32 +- src/cz/crcs/ectester/applet/ECKeyTester.java | 49 +- src/cz/crcs/ectester/applet/ECTesterApplet.java | 7 +- src/cz/crcs/ectester/applet/ECUtil.java | 17 + src/cz/crcs/ectester/data/EC_Store.java | 8 +- src/cz/crcs/ectester/reader/ECTester.java | 666 +++++++++++------------- src/cz/crcs/ectester/reader/Response.java | 106 ++-- src/cz/crcs/ectester/reader/Test.java | 81 +++ src/cz/crcs/ectester/reader/TestSuite.java | 167 ++++++ src/cz/crcs/ectester/reader/Util.java | 82 ++- src/cz/crcs/ectester/reader/ec/EC_Curve.java | 10 +- src/cz/crcs/ectester/reader/ec/EC_Data.java | 40 +- src/cz/crcs/ectester/reader/ec/EC_KAResult.java | 13 +- src/cz/crcs/ectester/reader/ec/EC_Key.java | 10 + src/cz/crcs/ectester/reader/ec/EC_Keypair.java | 1 - src/cz/crcs/ectester/reader/ec/EC_Params.java | 28 +- 18 files changed, 854 insertions(+), 463 deletions(-) create mode 100644 src/cz/crcs/ectester/applet/ECUtil.java create mode 100644 src/cz/crcs/ectester/reader/Test.java create mode 100644 src/cz/crcs/ectester/reader/TestSuite.java diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 96d0c82..1e7235d 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 0126533..58f44b9 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index b412370..a36bd0c 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -39,8 +39,8 @@ public class ECKeyGenerator { } public short clearPair(KeyPair keypair, byte key) { - sw = ISO7816.SW_NO_ERROR; try { + sw = ECUtil.nullCheck(keypair); if ((key & EC_Consts.KEY_PUBLIC) != 0) keypair.getPublic().clearKey(); if ((key & EC_Consts.KEY_PRIVATE) != 0) keypair.getPrivate().clearKey(); } catch (CardRuntimeException ce) { @@ -54,8 +54,8 @@ public class ECKeyGenerator { * @return */ public short generatePair(KeyPair keypair) { - sw = ISO7816.SW_NO_ERROR; try { + sw = ECUtil.nullCheck(keypair); keypair.genKeyPair(); } catch (CardRuntimeException ce) { sw = ce.getReason(); @@ -155,11 +155,12 @@ public class ECKeyGenerator { * @return */ public short setParameter(KeyPair keypair, byte key, short param, byte[] data, short offset, short length) { - sw = ISO7816.SW_NO_ERROR; - ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); - ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); - try { + sw = ECUtil.nullCheck(keypair); + + ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); + ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); + switch (param) { case EC_Consts.PARAMETER_FP: if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); @@ -174,8 +175,11 @@ public class ECKeyGenerator { short i1 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); short i2 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); short i3 = Util.makeShort(data[(short) (offset + 6)], data[(short) (offset + 7)]); - if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); - if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); +// if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); +// if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); + // TODO fix this + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i3, i2, i1); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i3, i2, i1); } else { sw = ISO7816.SW_UNKNOWN; } @@ -275,12 +279,12 @@ public class ECKeyGenerator { * @return length of data written */ public short exportParameter(KeyPair keypair, byte key, short param, byte[] outputBuffer, short outputOffset) { - sw = ISO7816.SW_NO_ERROR; - ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); - ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); - short length = 0; try { + sw = ECUtil.nullCheck(keypair); + ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); + ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); + switch (param) { case EC_Consts.PARAMETER_FP: if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset); @@ -385,8 +389,10 @@ public class ECKeyGenerator { * @return sw */ public short copyCurve(KeyPair from, KeyPair to, short params, byte[] buffer, short offset) { - sw = ISO7816.SW_NO_ERROR; try { + sw = ECUtil.nullCheck(from); + sw = ECUtil.nullCheck(to); + short param = EC_Consts.PARAMETER_FP; while (param <= EC_Consts.PARAMETER_K) { short masked = (short) (param & params); diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 64f3024..c4b58e0 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -4,10 +4,7 @@ package cz.crcs.ectester.applet; import javacard.framework.CardRuntimeException; import javacard.framework.ISO7816; import javacard.framework.Util; -import javacard.security.ECPrivateKey; -import javacard.security.ECPublicKey; -import javacard.security.KeyAgreement; -import javacard.security.Signature; +import javacard.security.*; /** * Class capable of testing ECDH/C and ECDSA. @@ -53,11 +50,15 @@ public class ECKeyTester { return sw; } - private short testKA(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - sw = ISO7816.SW_NO_ERROR; + private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { short length = 0; try { - ka.init(privateKey); + sw = ECUtil.nullCheck(privatePair); + sw = ECUtil.nullCheck(publicPair); + + ka.init(privatePair.getPrivate()); + short pubkeyLength = ((ECPublicKey) publicPair.getPublic()).getW(pubkeyBuffer, pubkeyOffset); + pubkeyLength = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, pubkeyLength); length = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); } catch (CardRuntimeException ce) { sw = ce.getReason(); @@ -66,12 +67,12 @@ public class ECKeyTester { } /** - * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}. + * Tests ECDH secret generation with keys from given {@code privatePair} and {@code publicPair}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. * Output should equal with ECDHC output. * - * @param privateKey - * @param publicKey + * @param privatePair + * @param publicPair * @param pubkeyBuffer * @param pubkeyOffset * @param outputBuffer @@ -79,19 +80,17 @@ public class ECKeyTester { * @param corruption * @return derived secret length **/ - public short testECDH(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); - return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + public short testECDH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + return testKA(ecdhKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } /** - * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}. + * Tests ECDHC secret generation with keys from given {@code privatePair} and {@code publicPair}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. * Output should equal to ECDH output. * - * @param privateKey - * @param publicKey + * @param privatePair + * @param publicPair * @param pubkeyBuffer * @param pubkeyOffset * @param outputBuffer @@ -99,16 +98,14 @@ public class ECKeyTester { * @param corruption * @return derived secret length */ - public short testECDHC(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); - return testKA(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + public short testECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + return testKA(ecdhcKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } /** * - * @param privateKey - * @param publicKey + * @param privatePair + * @param publicPair * @param pubkeyBuffer * @param pubkeyOffset * @param outputBuffer @@ -116,12 +113,12 @@ public class ECKeyTester { * @param corruption * @return */ - public short testKA(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { - short ecdhLength = testECDH(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); + public short testECDH_ECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); if (sw != ISO7816.SW_NO_ERROR) { return ecdhLength; } - short ecdhcLength = testECDHC(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption); + short ecdhcLength = testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption); short length = (short) (ecdhLength + ecdhcLength); if (sw != ISO7816.SW_NO_ERROR) { return length; diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index 98f59c4..f802233 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -64,6 +64,7 @@ public class ECTesterApplet extends Applet { // STATUS WORDS public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1; public static final short SW_DH_DHC_MISMATCH = (short) 0x0ee2; + public static final short SW_KEYPAIR_NULL = (short) 0x0ee3; private static final short ARRAY_LENGTH = (short) 0xff; @@ -551,13 +552,13 @@ public class ECTesterApplet extends Applet { short secretLength = 0; switch (type) { case EC_Consts.KA_ECDH: - secretLength = keyTester.testECDH((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); + secretLength = keyTester.testECDH(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); break; case EC_Consts.KA_ECDHC: - secretLength = keyTester.testECDHC((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); + secretLength = keyTester.testECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); break; case EC_Consts.KA_BOTH: - secretLength = keyTester.testKA((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); + secretLength = keyTester.testECDH_ECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); diff --git a/src/cz/crcs/ectester/applet/ECUtil.java b/src/cz/crcs/ectester/applet/ECUtil.java new file mode 100644 index 0000000..e7e4a8a --- /dev/null +++ b/src/cz/crcs/ectester/applet/ECUtil.java @@ -0,0 +1,17 @@ +package cz.crcs.ectester.applet; + +import javacard.framework.ISO7816; +import javacard.framework.ISOException; +import javacard.security.KeyPair; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class ECUtil { + + static short nullCheck(KeyPair keyPair) { + if (keyPair == null) + ISOException.throwIt(ECTesterApplet.SW_KEYPAIR_NULL); + return ISO7816.SW_NO_ERROR; + } +} diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index 0571cd8..ccd3586 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -151,12 +151,13 @@ public class EC_Store { } short bitsize = Short.parseShort(bits.getTextContent()); - EC_Curve curve = new EC_Curve(bitsize, alg, descs); + EC_Curve curve = new EC_Curve(id.getTextContent(), bitsize, alg, descs); InputStream csv = parseDataElement(dir, curveElem); if (!curve.readCSV(csv)) { throw new IOException("Invalid csv data."); } + csv.close(); objMap.put(id.getTextContent(), curve); } else { @@ -233,12 +234,13 @@ public class EC_Store { kab = EC_Consts.KA_ECDHC; } - EC_KAResult kaResult = new EC_KAResult(kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs); + EC_KAResult kaResult = new EC_KAResult(id.getTextContent(), kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs); InputStream csv = parseDataElement(dir, elem); if (!kaResult.readCSV(csv)) { throw new IOException("Invalid csv data."); } + csv.close(); objMap.put(id.getTextContent(), kaResult); } else { @@ -276,6 +278,8 @@ public class EC_Store { if (!result.readCSV(csv)) { throw new IOException("Invalid CSV data."); } + csv.close(); + return result; } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 6965d14..8afda17 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -44,47 +44,7 @@ public class ECTester { private CardMngr cardManager; private DirtyLogger systemOutLogger; private EC_Store dataStore; - - //Options - private int optBits; - private boolean optAll; - private boolean optPrimeField = false; - private boolean optBinaryField = false; - - private String optNamedCurve = null; - private String optCurveFile = null; - private boolean optCustomCurve = false; - - private boolean optAnyPublic = false; - private String optNamedPublic = null; - private String optPublic = null; - - private boolean optAnyPrivate = false; - private String optNamedPrivate = null; - private String optPrivate = null; - - private boolean optAnyKey = false; - private String optNamedKey = null; - private String optKey = null; - - private boolean optAnyKeypart = false; - - private String optLog = null; - - private boolean optVerbose = false; - private String optInput = null; - private String optOutput = null; - private boolean optFresh = false; - private boolean optSimulate = false; - - //Action-related options - private String optListNamed; - private String optTestSuite; - private int optGenerateAmount; - private int optECDHCount; - private byte optECDHKA; - private int optECDSACount; - + private Config cfg; private Options opts = new Options(); private static final String CLI_HEADER = "\nECTester, a javacard Elliptic Curve Cryptograhy support tester/utility.\n\n"; @@ -104,8 +64,10 @@ public class ECTester { help(); return; } + cfg = new Config(); + //if not, read other options first, into attributes, then do action - if (!readOptions(cli)) { + if (!cfg.readOptions(cli)) { return; } @@ -117,10 +79,10 @@ public class ECTester { } //init CardManager - cardManager = new CardMngr(optVerbose, optSimulate); + cardManager = new CardMngr(cfg.verbose, cfg.simulate); //connect or simulate connection - if (optSimulate) { + if (cfg.simulate) { if (!cardManager.prepareLocalSimulatorApplet(AID, INSTALL_DATA, ECTesterApplet.class)) { System.err.println("Failed to establish a simulator."); System.exit(1); @@ -133,7 +95,7 @@ public class ECTester { cardManager.send(SELECT_ECTESTERAPPLET); } - systemOutLogger = new DirtyLogger(optLog, true); + systemOutLogger = new DirtyLogger(cfg.log, true); //do action if (cli.hasOption("export")) { @@ -208,7 +170,7 @@ public class ECTester { * -dh / --ecdh [count] * -dhc / --ecdhc [count] * -dsa / --ecdsa [count] - * -ln / --list-named + * -ln / --list-named [obj] * * Options: * -b / --bit-size // -a / --all @@ -291,194 +253,26 @@ public class ECTester { return parser.parse(opts, args); } - /** - * Reads and validates options, also sets defaults. - * - * @param cli cli object, with parsed args - * @return whether the options are valid. - */ - private boolean readOptions(CommandLine cli) { - optBits = Integer.parseInt(cli.getOptionValue("bit-size", "0")); - optAll = cli.hasOption("all"); - optPrimeField = cli.hasOption("fp"); - optBinaryField = cli.hasOption("f2m"); - - optNamedCurve = cli.getOptionValue("named-curve"); - optCustomCurve = cli.hasOption("custom"); - optCurveFile = cli.getOptionValue("curve"); - - optNamedPublic = cli.getOptionValue("named-public"); - optPublic = cli.getOptionValue("public"); - optAnyPublic = (optPublic != null) || (optNamedPublic != null); - - optNamedPrivate = cli.getOptionValue("named-private"); - optPrivate = cli.getOptionValue("private"); - optAnyPrivate = (optPrivate != null) || (optNamedPrivate != null); - - optNamedKey = cli.getOptionValue("named-key"); - optKey = cli.getOptionValue("key"); - optAnyKey = (optKey != null) || (optNamedKey != null); - optAnyKeypart = optAnyKey || optAnyPublic || optAnyPrivate; - - if (cli.hasOption("log")) { - optLog = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); - } - - optVerbose = cli.hasOption("verbose"); - optInput = cli.getOptionValue("input"); - optOutput = cli.getOptionValue("output"); - optFresh = cli.hasOption("fresh"); - optSimulate = cli.hasOption("simulate"); - - if (cli.hasOption("list-named")) { - optListNamed = cli.getOptionValue("list-named"); - return true; - } - - if ((optKey != null || optNamedKey != null) && (optPublic != null || optPrivate != null || optNamedPublic != null || optNamedPrivate != null)) { - System.err.print("Can only specify the whole key with --key/--named-key or pubkey and privkey with --public/--named-public and --private/--named-private."); - return false; - } - if (optBits < 0) { - System.err.println("Bit-size must not be negative."); - return false; - } - if (optBits == 0 && !optAll) { - System.err.println("You must specify either bit-size with -b or all bit-sizes with -a."); - return false; - } - - if (optKey != null && optNamedKey != null || optPublic != null && optNamedPublic != null || optPrivate != null && optNamedPrivate != null) { - System.err.println("You cannot specify both a named key and a key file."); - return false; - } - - if (cli.hasOption("export")) { - if (optPrimeField == optBinaryField) { - System.err.print("Need to specify field with -fp or -f2m. (not both)"); - return false; - } - if (optAnyKeypart) { - System.err.println("Keys should not be specified when exporting curve params."); - return false; - } - if (optNamedCurve != null || optCustomCurve || optCurveFile != null) { - System.err.println("Specifying a curve for curve export makes no sense."); - return false; - } - if (optOutput == null) { - System.err.println("You have to specify an output file for curve parameter export."); - return false; - } - if (optAll) { - System.err.println("You have to specify curve bit-size with -b"); - return false; - } - - } else if (cli.hasOption("generate")) { - if (optPrimeField == optBinaryField) { - System.err.print("Need to specify field with -fp or -f2m. (not both)"); - return false; - } - if (optAnyKeypart) { - System.err.println("Keys should not be specified when generating keys."); - return false; - } - if (optOutput == null) { - System.err.println("You have to specify an output file for the key generation process."); - return false; - } - if (optAll) { - System.err.println("You have to specify curve bit-size with -b"); - return false; - } - - optGenerateAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); - if (optGenerateAmount < 0) { - System.err.println("Amount of keys generated cant be negative."); - return false; - } - } else if (cli.hasOption("test")) { - if (!optBinaryField && !optPrimeField) { - optBinaryField = true; - optPrimeField = true; - } - - optTestSuite = cli.getOptionValue("test", "default").toLowerCase(); - String[] tests = new String[]{"default", "nonprime", "invalid", "test-vectors", "wrong"}; - List testsList = Arrays.asList(tests); - if (!testsList.contains(optTestSuite)) { - System.err.println("Unknown test case. Should be one of: " + Arrays.toString(tests)); - return false; - } - - } else if (cli.hasOption("ecdh") || cli.hasOption("ecdhc")) { - if (optPrimeField == optBinaryField) { - System.err.print("Need to specify field with -fp or -f2m. (not both)"); - return false; - } - if (optAll) { - System.err.println("You have to specify curve bit-size with -b"); - return false; - } - - if (cli.hasOption("ecdh")) { - optECDHCount = Integer.parseInt(cli.getOptionValue("ecdh", "1")); - optECDHKA = EC_Consts.KA_ECDH; - } else if (cli.hasOption("ecdhc")) { - optECDHCount = Integer.parseInt(cli.getOptionValue("ecdhc", "1")); - optECDHKA = EC_Consts.KA_ECDHC; - } - if (optECDHCount <= 0) { - System.err.println("ECDH count cannot be <= 0."); - return false; - } - - } else if (cli.hasOption("ecdsa")) { - if (optPrimeField == optBinaryField) { - System.err.print("Need to specify field with -fp or -f2m. (but not both)"); - return false; - } - if (optAll) { - System.err.println("You have to specify curve bit-size with -b"); - return false; - } - - if ((optAnyPublic) != (optAnyPrivate) && !optAnyKey) { - System.err.println("You cannot only specify a part of a keypair."); - return false; - } - - optECDSACount = Integer.parseInt(cli.getOptionValue("ecdsa", "1")); - if (optECDSACount <= 0) { - System.err.println("ECDSA count cannot be <= 0."); - return false; - } - } - - return true; - } - /** * List categories and named curves. */ private void list() { Map categories = dataStore.getCategories(); - if (optListNamed == null) { + if (cfg.listNamed == null) { // print all categories, briefly for (EC_Category cat : categories.values()) { System.out.println(cat); } - } else if (categories.containsKey(optListNamed)) { + } else if (categories.containsKey(cfg.listNamed)) { // print given category - System.out.println(categories.get(optListNamed)); + System.out.println(categories.get(cfg.listNamed)); } else { // print given object - EC_Data object = dataStore.getObject(EC_Data.class, optListNamed); + EC_Data object = dataStore.getObject(EC_Data.class, cfg.listNamed); if (object != null) { System.out.println(object); } else { - System.err.println("Named object " + optListNamed + " not found!"); + System.err.println("Named object " + cfg.listNamed + " not found!"); } } } @@ -499,17 +293,17 @@ public class ECTester { * @throws IOException if an IO error occurs when writing to key file. */ private void export() throws CardException, IOException { - byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List sent = new LinkedList<>(); - sent.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send()); + sent.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send()); sent.add(new Command.Clear(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); sent.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); // Cofactor generally isn't set on the default curve parameters on cards, // since its not necessary for ECDH, only ECDHC which not many cards implement // TODO: check if its assumend to be == 1? - short domainAll = optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; + short domainAll = cfg.primeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; short domain = (short) (domainAll ^ EC_Consts.PARAMETER_K); Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domainAll).send(); if (!export.successful()) { @@ -521,7 +315,7 @@ public class ECTester { EC_Params exported = new EC_Params(domain, export.getParams()); - FileOutputStream out = new FileOutputStream(optOutput); + FileOutputStream out = new FileOutputStream(cfg.output); exported.writeCSV(out); out.close(); } @@ -533,18 +327,18 @@ public class ECTester { * @throws IOException if an IO error occurs when writing to key file. */ private void generate() throws CardException, IOException { - byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send(); - List curve = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass); + new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send(); + List curve = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass); - FileWriter keysFile = new FileWriter(optOutput); + FileWriter keysFile = new FileWriter(cfg.output); keysFile.write("index;time;pubW;privS\n"); int generated = 0; int retry = 0; - while (generated < optGenerateAmount || optGenerateAmount == 0) { - if (optFresh || generated == 0) { + while (generated < cfg.generateAmount || cfg.generateAmount == 0) { + if (cfg.fresh || generated == 0) { Command.sendAll(curve); } @@ -583,19 +377,20 @@ public class ECTester { */ private void test() throws IOException, CardException { List commands = new LinkedList<>(); + TestSuite suite = null; - if (optTestSuite.equals("default")) { + if (cfg.testSuite.equals("default")) { commands.add(new Command.Support(cardManager)); - if (optNamedCurve != null) { - if (optPrimeField) { - commands.addAll(testCurves(optNamedCurve, KeyPair.ALG_EC_FP)); + if (cfg.namedCurve != null) { + if (cfg.primeField) { + commands.addAll(testCurves(cfg.namedCurve, KeyPair.ALG_EC_FP)); } - if (optBinaryField) { - commands.addAll(testCurves(optNamedCurve, KeyPair.ALG_EC_F2M)); + if (cfg.binaryField) { + commands.addAll(testCurves(cfg.namedCurve, KeyPair.ALG_EC_F2M)); } } else { - if (optAll) { - if (optPrimeField) { + if (cfg.all) { + if (cfg.primeField) { //iterate over prime curve sizes used: EC_Consts.FP_SIZES for (short keyLength : EC_Consts.FP_SIZES) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); @@ -604,7 +399,7 @@ public class ECTester { commands.add(new Command.Cleanup(cardManager)); } } - if (optBinaryField) { + if (cfg.binaryField) { //iterate over binary curve sizes used: EC_Consts.F2M_SIZES for (short keyLength : EC_Consts.F2M_SIZES) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); @@ -614,60 +409,31 @@ public class ECTester { } } } else { - if (optPrimeField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); + if (cfg.primeField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); commands.addAll(testCurve()); commands.add(new Command.Cleanup(cardManager)); } - if (optBinaryField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); + if (cfg.binaryField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); commands.addAll(testCurve()); commands.add(new Command.Cleanup(cardManager)); } } } - } else if (optTestSuite.equals("test-vectors")) { + } else if (cfg.testSuite.equals("test-vectors")) { /* Set original curves (secg/nist/brainpool). Set keypairs from test vectors. * Do ECDH both ways, export and verify that the result is correct. * */ - Map results = dataStore.getObjects(EC_KAResult.class, "test"); - for (EC_KAResult result : results.values()) { - EC_Curve curve = dataStore.getObject(EC_Curve.class, result.getCurve()); - if (optNamedCurve != null && !(result.getCurve().startsWith(optNamedCurve) || result.getCurve().equals(optNamedCurve))) { - continue; - } - if (curve.getBits() != optBits && !optAll) { - continue; - } - EC_Params onekey = dataStore.getObject(EC_Keypair.class, result.getOneKey()); - if (onekey == null) { - onekey = dataStore.getObject(EC_Key.Private.class, result.getOneKey()); - } - EC_Params otherkey = dataStore.getObject(EC_Keypair.class, result.getOtherKey()); - if (otherkey == null) { - otherkey = dataStore.getObject(EC_Key.Public.class, result.getOtherKey()); - } - if (onekey == null || otherkey == null) { - throw new IOException("Test vector keys not located"); - } - - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, EC_Consts.PARAMETER_S, onekey.flatten(EC_Consts.PARAMETER_S))); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, EC_Consts.PARAMETER_W, otherkey.flatten(EC_Consts.PARAMETER_W))); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, result.getKA())); - //TODO add compare with result.getParam(0); - commands.add(new Command.Cleanup(cardManager)); - } + suite = new TestSuite.TestVectors(dataStore, cfg); } else { // These tests are dangerous, prompt before them. - System.out.println("The test you selected (" + optTestSuite + ") is potentially dangerous."); + System.out.println("The test you selected (" + cfg.testSuite + ") is potentially dangerous."); System.out.println("Some of these tests have caused temporary DoS of some cards."); System.out.print("Do you want to proceed? (y/n): "); Scanner in = new Scanner(System.in); @@ -677,62 +443,40 @@ public class ECTester { } in.close(); - if (optTestSuite.equals("wrong")) { + if (cfg.testSuite.equals("wrong")) { /* Just do the default tests on the wrong curves. * These should generally fail, the curves aren't safe. */ - if (optPrimeField) { - commands.addAll(testCurves(optTestSuite, KeyPair.ALG_EC_FP)); + if (cfg.primeField) { + commands.addAll(testCurves(cfg.testSuite, KeyPair.ALG_EC_FP)); } - if (optBinaryField) { - commands.addAll(testCurves(optTestSuite, KeyPair.ALG_EC_F2M)); + if (cfg.binaryField) { + commands.addAll(testCurves(cfg.testSuite, KeyPair.ALG_EC_F2M)); } - } else if (optTestSuite.equals("nonprime")) { + } else if (cfg.testSuite.equals("nonprime")) { /* Do the default tests with the public keys set to provided nonprime keys. * These should fail, the curves aren't safe so that if the computation with * a small order public key succeeds the private key modulo the public key order * is revealed. */ - Map keys = dataStore.getObjects(EC_Key.class, "nonprime"); - for (EC_Key key : keys.values()) { - EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); - if ((curve.getBits() == optBits || optAll)) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); - commands.add(new Command.Cleanup(cardManager)); - } - } - } else if (optTestSuite.equals("invalid")) { + suite = new TestSuite.NonPrime(dataStore, cfg); + } else if (cfg.testSuite.equals("invalid")) { /* Set original curves (secg/nist/brainpool). Generate local. * Try ECDH with invalid public keys of increasing (or decreasing) order. */ - Map pubkeys = dataStore.getObjects(EC_Key.Public.class, "invalid"); - for (EC_Key.Public key : pubkeys.values()) { - EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); - if (optNamedCurve != null && !(key.getCurve().startsWith(optNamedCurve) || key.getCurve().equals(optNamedCurve))) { - continue; - } - if (curve.getBits() != optBits && !optAll) { - continue; - } - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH)); - //commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDHC)); - commands.add(new Command.Cleanup(cardManager)); - - } + suite = new TestSuite.Invalid(dataStore, cfg); } } List test = Command.sendAll(commands); - systemOutLogger.println(Response.toString(test, optTestSuite)); + if (suite != null) { + List tests = suite.run(cardManager); + for (Test t : tests) { + System.out.println(t); + } + } + systemOutLogger.println(Response.toString(test, cfg.testSuite)); } @@ -743,34 +487,34 @@ public class ECTester { * @throws IOException if an IO error occurs when writing to key file. */ private void ecdh() throws IOException, CardException { - byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List prepare = new LinkedList<>(); - prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass).send()); - prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass))); + prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass).send()); + prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass))); systemOutLogger.println(Response.toString(prepare)); - byte pubkey = (optAnyPublic || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; - byte privkey = (optAnyPrivate || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; + byte pubkey = (cfg.anyPublicKey || cfg.anyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; + byte privkey = (cfg.anyPrivateKey || cfg.anyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; List generate = new LinkedList<>(); generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); - if (optAnyPublic || optAnyPrivate || optAnyKey) { + if (cfg.anyPublicKey || cfg.anyPrivateKey || cfg.anyKey) { generate.add(prepareKey(ECTesterApplet.KEYPAIR_REMOTE)); } FileWriter out = null; - if (optOutput != null) { - out = new FileWriter(optOutput); + if (cfg.output != null) { + out = new FileWriter(cfg.output); out.write("index;time;secret\n"); } int retry = 0; int done = 0; - while (done < optECDHCount) { + while (done < cfg.ECDHCount) { List ecdh = Command.sendAll(generate); - Response.ECDH perform = new Command.ECDH(cardManager, pubkey, privkey, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, optECDHKA).send(); + Response.ECDH perform = new Command.ECDH(cardManager, pubkey, privkey, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, cfg.ECDHKA).send(); ecdh.add(perform); systemOutLogger.println(Response.toString(ecdh)); @@ -804,38 +548,38 @@ public class ECTester { private void ecdsa() throws CardException, IOException { //read file, if asked to sign byte[] data = null; - if (optInput != null) { - File in = new File(optInput); + if (cfg.input != null) { + File in = new File(cfg.input); long len = in.length(); if (len == 0) { - throw new FileNotFoundException(optInput); + throw new FileNotFoundException(cfg.input); } data = Files.readAllBytes(in.toPath()); } Command generate; - if (optAnyKeypart) { + if (cfg.anyKeypart) { generate = prepareKey(ECTesterApplet.KEYPAIR_LOCAL); } else { generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL); } - byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List prepare = new LinkedList<>(); - prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send()); - prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass))); + prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send()); + prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass))); systemOutLogger.println(Response.toString(prepare)); FileWriter out = null; - if (optOutput != null) { - out = new FileWriter(optOutput); + if (cfg.output != null) { + out = new FileWriter(cfg.output); out.write("index;time;signature\n"); } int retry = 0; int done = 0; - while (done < optECDSACount) { + while (done < cfg.ECDSACount) { List ecdsa = new LinkedList<>(); ecdsa.add(generate.send()); @@ -873,14 +617,14 @@ public class ECTester { private List prepareCurve(byte keyPair, short keyLength, byte keyClass) throws IOException { List commands = new ArrayList<>(); - if (optCustomCurve) { + if (cfg.customCurve) { // Set custom curve (one of the SECG curves embedded applet-side) short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null)); - } else if (optNamedCurve != null) { + } else if (cfg.namedCurve != null) { // Set a named curve. - // parse optNamedCurve -> cat / id | cat | id - EC_Curve curve = dataStore.getObject(EC_Curve.class, optNamedCurve); + // parse cfg.namedCurve -> cat / id | cat | id + EC_Curve curve = dataStore.getObject(EC_Curve.class, cfg.namedCurve); if (curve == null) { throw new IOException("Curve could no be found."); } @@ -893,11 +637,11 @@ public class ECTester { throw new IOException("Couldn't read named curve data."); } commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); - } else if (optCurveFile != null) { + } else if (cfg.curveFile != null) { // Set curve loaded from a file - EC_Curve curve = new EC_Curve(keyLength, keyClass); + EC_Curve curve = new EC_Curve(null, keyLength, keyClass); - FileInputStream in = new FileInputStream(optCurveFile); + FileInputStream in = new FileInputStream(cfg.curveFile); curve.readCSV(in); in.close(); @@ -927,17 +671,17 @@ public class ECTester { short params = EC_Consts.PARAMETERS_NONE; byte[] data = null; - if (optKey != null || optNamedKey != null) { + if (cfg.key != null || cfg.namedKey != null) { params |= EC_Consts.PARAMETERS_KEYPAIR; EC_Params keypair; - if (optKey != null) { + if (cfg.key != null) { keypair = new EC_Params(EC_Consts.PARAMETERS_KEYPAIR); - FileInputStream in = new FileInputStream(optKey); + FileInputStream in = new FileInputStream(cfg.key); keypair.readCSV(in); in.close(); } else { - keypair = dataStore.getObject(EC_Keypair.class, optNamedKey); + keypair = dataStore.getObject(EC_Keypair.class, cfg.namedKey); } data = keypair.flatten(); @@ -946,19 +690,19 @@ public class ECTester { } } - if (optPublic != null || optNamedPublic != null) { + if (cfg.publicKey != null || cfg.namedPublicKey != null) { params |= EC_Consts.PARAMETER_W; EC_Params pub; - if (optPublic != null) { + if (cfg.publicKey != null) { pub = new EC_Params(EC_Consts.PARAMETER_W); - FileInputStream in = new FileInputStream(optPublic); + FileInputStream in = new FileInputStream(cfg.publicKey); pub.readCSV(in); in.close(); } else { - pub = dataStore.getObject(EC_Key.Public.class, optNamedPublic); + pub = dataStore.getObject(EC_Key.Public.class, cfg.namedPublicKey); if (pub == null) { - pub = dataStore.getObject(EC_Keypair.class, optNamedPublic); + pub = dataStore.getObject(EC_Keypair.class, cfg.namedPublicKey); } } @@ -968,19 +712,19 @@ public class ECTester { } data = pubkey; } - if (optPrivate != null || optNamedPrivate != null) { + if (cfg.privateKey != null || cfg.namedPrivateKey != null) { params |= EC_Consts.PARAMETER_S; EC_Params priv; - if (optPrivate != null) { + if (cfg.privateKey != null) { priv = new EC_Params(EC_Consts.PARAMETER_S); - FileInputStream in = new FileInputStream(optPrivate); + FileInputStream in = new FileInputStream(cfg.privateKey); priv.readCSV(in); in.close(); } else { - priv = dataStore.getObject(EC_Key.Public.class, optNamedPrivate); + priv = dataStore.getObject(EC_Key.Public.class, cfg.namedPrivateKey); if (priv == null) { - priv = dataStore.getObject(EC_Keypair.class, optNamedPrivate); + priv = dataStore.getObject(EC_Keypair.class, cfg.namedPrivateKey); } } @@ -1022,7 +766,7 @@ public class ECTester { return commands; for (Map.Entry entry : curves.entrySet()) { EC_Curve curve = entry.getValue(); - if (curve.getField() == field && (curve.getBits() == optBits || optAll)) { + if (curve.getField() == field && (curve.getBits() == cfg.bits || cfg.all)) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), field)); commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); commands.addAll(testCurve()); @@ -1037,4 +781,214 @@ public class ECTester { ECTester app = new ECTester(); app.run(args); } + + public static class Config { + + //Options + public int bits; + public boolean all; + public boolean primeField = false; + public boolean binaryField = false; + + public String namedCurve; + public String curveFile; + public boolean customCurve = false; + + public boolean anyPublicKey = false; + public String namedPublicKey; + public String publicKey; + + public boolean anyPrivateKey = false; + public String namedPrivateKey; + public String privateKey; + + public boolean anyKey = false; + public String namedKey; + public String key; + + public boolean anyKeypart = false; + + public String log; + + public boolean verbose = false; + public String input; + public String output; + public boolean fresh = false; + public boolean simulate = false; + + //Action-related ions + public String listNamed; + public String testSuite; + public int generateAmount; + public int ECDHCount; + public byte ECDHKA; + public int ECDSACount; + + /** + * Reads and validates options, also sets defaults. + * + * @param cli cli object, with parsed args + * @return whether the options are valid. + */ + public boolean readOptions(CommandLine cli) { + bits = Integer.parseInt(cli.getOptionValue("bit-size", "0")); + all = cli.hasOption("all"); + primeField = cli.hasOption("fp"); + binaryField = cli.hasOption("f2m"); + + namedCurve = cli.getOptionValue("named-curve"); + customCurve = cli.hasOption("custom"); + curveFile = cli.getOptionValue("curve"); + + namedPublicKey = cli.getOptionValue("named-public"); + publicKey = cli.getOptionValue("public"); + anyPublicKey = (publicKey != null) || (namedPublicKey != null); + + namedPrivateKey = cli.getOptionValue("named-private"); + privateKey = cli.getOptionValue("private"); + anyPrivateKey = (privateKey != null) || (namedPrivateKey != null); + + namedKey = cli.getOptionValue("named-key"); + key = cli.getOptionValue("key"); + anyKey = (key != null) || (namedKey != null); + anyKeypart = anyKey || anyPublicKey || anyPrivateKey; + + if (cli.hasOption("log")) { + log = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); + } + + verbose = cli.hasOption("verbose"); + input = cli.getOptionValue("input"); + output = cli.getOptionValue("output"); + fresh = cli.hasOption("fresh"); + simulate = cli.hasOption("simulate"); + + if (cli.hasOption("list-named")) { + listNamed = cli.getOptionValue("list-named"); + return true; + } + + if ((key != null || namedKey != null) && (anyPublicKey || anyPrivateKey)) { + System.err.print("Can only specify the whole key with --key/--named-key or pubkey and privkey with --public/--named-public and --private/--named-private."); + return false; + } + if (bits < 0) { + System.err.println("Bit-size must not be negative."); + return false; + } + if (bits == 0 && !all) { + System.err.println("You must specify either bit-size with -b or all bit-sizes with -a."); + return false; + } + + if (key != null && namedKey != null || publicKey != null && namedPublicKey != null || privateKey != null && namedPrivateKey != null) { + System.err.println("You cannot specify both a named key and a key file."); + return false; + } + + if (cli.hasOption("export")) { + if (primeField == binaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (anyKeypart) { + System.err.println("Keys should not be specified when exporting curve params."); + return false; + } + if (namedCurve != null || customCurve || curveFile != null) { + System.err.println("Specifying a curve for curve export makes no sense."); + return false; + } + if (output == null) { + System.err.println("You have to specify an output file for curve parameter export."); + return false; + } + if (all) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + + } else if (cli.hasOption("generate")) { + if (primeField == binaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (anyKeypart) { + System.err.println("Keys should not be specified when generating keys."); + return false; + } + if (output == null) { + System.err.println("You have to specify an output file for the key generation process."); + return false; + } + if (all) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + + generateAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); + if (generateAmount < 0) { + System.err.println("Amount of keys generated cant be negative."); + return false; + } + } else if (cli.hasOption("test")) { + if (!binaryField && primeField) { + binaryField = true; + primeField = true; + } + + testSuite = cli.getOptionValue("test", "default").toLowerCase(); + String[] tests = new String[]{"default", "nonprime", "invalid", "test-vectors", "wrong"}; + List testsList = Arrays.asList(tests); + if (!testsList.contains(testSuite)) { + System.err.println("Unknown test case. Should be one of: " + Arrays.toString(tests)); + return false; + } + + } else if (cli.hasOption("ecdh") || cli.hasOption("ecdhc")) { + if (primeField == binaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (all) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + + if (cli.hasOption("ecdh")) { + ECDHCount = Integer.parseInt(cli.getOptionValue("ecdh", "1")); + ECDHKA = EC_Consts.KA_ECDH; + } else if (cli.hasOption("ecdhc")) { + ECDHCount = Integer.parseInt(cli.getOptionValue("ecdhc", "1")); + ECDHKA = EC_Consts.KA_ECDHC; + } + if (ECDHCount <= 0) { + System.err.println("ECDH count cannot be <= 0."); + return false; + } + + } else if (cli.hasOption("ecdsa")) { + if (primeField == binaryField) { + System.err.print("Need to specify field with -fp or -f2m. (but not both)"); + return false; + } + if (all) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + + if ((anyPublicKey) != (anyPrivateKey) && !anyKey) { + System.err.println("You cannot only specify a part of a keypair."); + return false; + } + + ECDSACount = Integer.parseInt(cli.getOptionValue("ecdsa", "1")); + if (ECDSACount <= 0) { + System.err.println("ECDSA count cannot be <= 0."); + return false; + } + } + return true; + } + } } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index ee27260..e5b8c1c 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -2,6 +2,7 @@ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.reader.ec.EC_Curve; import javacard.framework.ISO7816; import javacard.security.KeyPair; @@ -12,11 +13,13 @@ import java.util.List; * @author Jan Jancar johny@neuromancer.sk */ public abstract class Response { + private ResponseAPDU resp; private long time; private short[] sws; private int numSW = 0; private byte[][] params; + //TODO replace params with EC_Data? private boolean success = true; protected Response(ResponseAPDU response, long time) { @@ -40,9 +43,14 @@ public abstract class Response { if (sw != ISO7816.SW_NO_ERROR) { success = false; } + } else { + success = false; } } + if ((short) resp.getSW() != ISO7816.SW_NO_ERROR) + success = false; + //try to parse numParams.. params = new byte[numParams][]; for (int i = 0; i < numParams; i++) { @@ -70,16 +78,8 @@ public abstract class Response { return time; } - public int getNaturalSW() { - return resp.getSW(); - } - - public short getSW1() { - return sws[0]; - } - - public short getSW2() { - return sws[1]; + public short getNaturalSW() { + return (short) resp.getSW(); } public short getSW(int index) { @@ -90,15 +90,15 @@ public abstract class Response { return numSW; } - protected boolean hasParam(int index) { + public boolean hasParam(int index) { return params.length >= index + 1 && params[index] != null; } - protected int getParamLength(int index) { + public int getParamLength(int index) { return params[index].length; } - protected byte[] getParam(int index) { + public byte[] getParam(int index) { return params[index]; } @@ -117,27 +117,32 @@ public abstract class Response { @Override public abstract String toString(); + public String toString(String inner) { + StringBuilder suffix = new StringBuilder(); + for (int j = 0; j < getNumSW(); ++j) { + suffix.append(" ").append(Util.getSWString(getSW(j))); + } + return String.format("%-62s:%4d ms : %s", inner, time / 1000000, suffix); + } + public static String toString(List responses) { return toString(responses, null); } - public static String toString(List responses, String prefix) { + public static String toString(List responses, String prefix) { if (prefix != null) prefix += " | "; StringBuilder out = new StringBuilder(); for (int i = 0; i < responses.size(); ++i) { Response r = responses.get(i); - String message = r.toString(); - String suffix = ""; - for (int j = 0; j < r.getNumSW(); ++j) { - suffix += " " + Util.getSWString(r.getSW(j)); - } - if (prefix != null) out.append(prefix); - out.append(String.format("%-62s:%4d ms : %s", message, r.time / 1000000, suffix)); + String message = r.toString(); + String full = r.toString(message); + + out.append(full); if (i < responses.size() - 1) { out.append("\n"); } @@ -149,6 +154,7 @@ public abstract class Response { * */ public static class Allocate extends Response { + private byte keyPair; private short keyLength; private byte keyClass; @@ -174,11 +180,15 @@ public abstract class Response { } else { key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Allocated %s %db %s", key, keyLength, field); + return super.toString(String.format("Allocated %s %db %s", key, keyLength, field)); } } + /** + * + */ public static class Clear extends Response { + private byte keyPair; protected Clear(ResponseAPDU response, long time, byte keyPair) { @@ -199,7 +209,7 @@ public abstract class Response { } else { key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Cleared %s", key); + return super.toString(String.format("Cleared %s", key)); } } @@ -207,6 +217,7 @@ public abstract class Response { * */ public static class Set extends Response { + private byte keyPair; private byte curve; private short parameters; @@ -238,13 +249,24 @@ public abstract class Response { name = "custom"; break; } + String what = ""; + if (parameters == EC_Consts.PARAMETERS_DOMAIN_F2M || parameters == EC_Consts.PARAMETERS_DOMAIN_FP) { + what = "curve"; + } else if (parameters == EC_Consts.PARAMETER_W) { + what = "pubkey"; + } else if (parameters == EC_Consts.PARAMETER_S) { + what = "privkey"; + } else if (parameters == EC_Consts.PARAMETERS_KEYPAIR) { + what = "keypair"; + } + String pair; if (keyPair == ECTesterApplet.KEYPAIR_BOTH) { pair = "both keypairs"; } else { pair = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Set %s curve parameters on %s", name, pair); + return super.toString(String.format("Set %s %s parameters on %s", name, what, pair)); } } @@ -253,6 +275,7 @@ public abstract class Response { * */ public static class Corrupt extends Response { + private byte keyPair; private byte key; private short params; @@ -282,7 +305,7 @@ public abstract class Response { } else { pair = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Corrupted params of %s, %s", pair, corrupt); + return super.toString(String.format("Corrupted params of %s, %s", pair, corrupt)); } } @@ -290,6 +313,7 @@ public abstract class Response { * */ public static class Generate extends Response { + private byte keyPair; protected Generate(ResponseAPDU response, long time, byte keyPair) { @@ -310,7 +334,7 @@ public abstract class Response { } else { key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Generated %s", key); + return super.toString(String.format("Generated %s", key)); } } @@ -319,6 +343,7 @@ public abstract class Response { * */ public static class Export extends Response { + private byte keyPair; private byte key; private short parameters; @@ -419,7 +444,7 @@ public abstract class Response { } else { pair = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Exported params from %s of %s", source, pair); + return super.toString(String.format("Exported params from %s of %s", source, pair)); } } @@ -427,6 +452,7 @@ public abstract class Response { * */ public static class ECDH extends Response { + private byte pubkey; private byte privkey; private byte export; @@ -452,18 +478,13 @@ public abstract class Response { return getParam(0); } + public int secretLength() { + return getParamLength(0); + } + @Override public String toString() { - String algo = ""; - if ((type & EC_Consts.KA_ECDH) != 0) { - algo += "ECDH"; - } - if (type == EC_Consts.KA_BOTH) { - algo += "+"; - } - if ((type & EC_Consts.KA_ECDHC) != 0) { - algo += "ECDHC"; - } + String algo = Util.getKA(type); String pub = pubkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; String priv = privkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; @@ -474,7 +495,7 @@ public abstract class Response { } else { validity = Util.getCorruption(corruption); } - return String.format("%s of %s pubkey and %s privkey(%s point)", algo, pub, priv, validity); + return super.toString(String.format("%s of %s pubkey and %s privkey(%s point)", algo, pub, priv, validity)); } } @@ -482,6 +503,7 @@ public abstract class Response { * */ public static class ECDSA extends Response { + private byte keyPair; private byte export; private byte[] raw; @@ -507,7 +529,7 @@ public abstract class Response { public String toString() { String key = keyPair == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; String data = raw == null ? "random" : "provided"; - return String.format("ECDSA with %s keypair(%s data)", key, data); + return super.toString(String.format("ECDSA with %s keypair(%s data)", key, data)); } } @@ -524,7 +546,7 @@ public abstract class Response { @Override public String toString() { - return "Requested JCSystem object deletion"; + return super.toString("Requested JCSystem object deletion"); } } @@ -537,12 +559,12 @@ public abstract class Response { protected Support(ResponseAPDU response, long time) { super(response, time); - parse(3,0); + parse(3, 0); } @Override public String toString() { - return "Support of ECDH, ECDHC, ECDSA"; + return super.toString("Support of ECDH, ECDHC, ECDSA"); } } } diff --git a/src/cz/crcs/ectester/reader/Test.java b/src/cz/crcs/ectester/reader/Test.java new file mode 100644 index 0000000..78efef5 --- /dev/null +++ b/src/cz/crcs/ectester/reader/Test.java @@ -0,0 +1,81 @@ +package cz.crcs.ectester.reader; + +import javax.smartcardio.CardException; +import java.util.function.BiFunction; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class Test { + private boolean hasRun = false; + private BiFunction callback; + private Result result; + private Result expected; + private Command command; + private Response response; + + public Test(Command command, Result expected) { + this.command = command; + this.expected = expected; + } + + public Test(Command command, Result expected, BiFunction callback) { + this(command, expected); + this.callback = callback; + } + + public Command getCommand() { + return command; + } + + public Response getResponse() { + if (!hasRun) { + return null; + } + return response; + } + + public Result getResult() { + if (!hasRun) { + return null; + } + return result; + } + + public Result getExpected() { + return expected; + } + + public boolean ok() { + return result == expected || expected == Result.ANY; + } + + public void run() throws CardException { + response = command.send(); + if (callback != null) { + result = callback.apply(command, response); + } else { + if (response.successful()) { + result = Result.SUCCESS; + } else { + result = Result.FAILURE; + } + } + hasRun = true; + } + + @Override + public String toString() { + if (hasRun) { + return (ok() ? "OK " : "NOK") + " " + response.toString(); + } else { + return ""; + } + } + + public enum Result { + SUCCESS, + FAILURE, + ANY + } +} diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java new file mode 100644 index 0000000..892e853 --- /dev/null +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -0,0 +1,167 @@ +package cz.crcs.ectester.reader; + +import cz.crcs.ectester.applet.ECTesterApplet; +import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.data.EC_Store; +import cz.crcs.ectester.reader.ec.*; + +import javax.smartcardio.CardException; +import java.io.IOException; +import java.util.Collections; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public abstract class TestSuite { + + EC_Store dataStore; + ECTester.Config cfg; + String name; + boolean hasRun; + List tests = new LinkedList<>(); + + public TestSuite(EC_Store dataStore, ECTester.Config cfg, String name) { + this.dataStore = dataStore; + this.cfg = cfg; + this.name = name; + } + + public List run(CardMngr cardManager) throws IOException, CardException { + for (Test t : tests) { + t.run(); + System.out.println(t); + } + hasRun = true; + return tests; + } + + public List getTests() { + return Collections.unmodifiableList(tests); + } + + public boolean hasRun() { + return hasRun; + } + + public String getName() { + return name; + } + + public static class Default extends TestSuite { + + public Default(EC_Store dataStore, ECTester.Config cfg) { + super(dataStore, cfg, "default"); + } + + @Override + public List run(CardMngr cardManager) { + return null; + } + } + + public static class TestVectors extends TestSuite { + public TestVectors(EC_Store dataStore, ECTester.Config cfg) { + super(dataStore, cfg, "test"); + } + + @Override + public List run(CardMngr cardManager) throws IOException, CardException { + + Map results = dataStore.getObjects(EC_KAResult.class, "test"); + for (EC_KAResult result : results.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, result.getCurve()); + if (cfg.namedCurve != null && !(result.getCurve().startsWith(cfg.namedCurve) || result.getCurve().equals(cfg.namedCurve))) { + continue; + } + if (curve.getBits() != cfg.bits && !cfg.all) { + continue; + } + EC_Params onekey = dataStore.getObject(EC_Keypair.class, result.getOneKey()); + if (onekey == null) { + onekey = dataStore.getObject(EC_Key.Private.class, result.getOneKey()); + } + EC_Params otherkey = dataStore.getObject(EC_Keypair.class, result.getOtherKey()); + if (otherkey == null) { + otherkey = dataStore.getObject(EC_Key.Public.class, result.getOtherKey()); + } + if (onekey == null || otherkey == null) { + throw new IOException("Test vector keys couldn't be located."); + } + + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.SUCCESS)); + //tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, EC_Consts.PARAMETER_S, onekey.flatten(EC_Consts.PARAMETER_S)), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, EC_Consts.PARAMETER_W, otherkey.flatten(EC_Consts.PARAMETER_W)), Test.Result.SUCCESS)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, result.getKA()), Test.Result.SUCCESS, (command, response) -> { + Response.ECDH dh = (Response.ECDH) response; + if (!dh.successful() || !dh.hasSecret()) + return Test.Result.FAILURE; + if (!Util.compareBytes(dh.getSecret(), 0, result.getParam(0), 0, dh.secretLength())) { + return Test.Result.FAILURE; + } + return Test.Result.SUCCESS; + })); + tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); + + } + return super.run(cardManager); + } + } + + public static class NonPrime extends TestSuite { + + + public NonPrime(EC_Store dataStore, ECTester.Config cfg) { + super(dataStore, cfg, "nonprime"); + } + + @Override + public List run(CardMngr cardManager) throws IOException, CardException { + Map keys = dataStore.getObjects(EC_Key.class, "nonprime"); + for (EC_Key key : keys.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); + if ((curve.getBits() == cfg.bits || cfg.all)) { + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.ANY)); + tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL), Test.Result.ANY)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten()), Test.Result.ANY)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH), Test.Result.FAILURE)); + tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); + } + } + return super.run(cardManager); + } + } + + public static class Invalid extends TestSuite { + + public Invalid(EC_Store dataStore, ECTester.Config cfg) { + super(dataStore, cfg, "invalid"); + } + + @Override + public List run(CardMngr cardManager) throws IOException, CardException { + Map pubkeys = dataStore.getObjects(EC_Key.Public.class, "invalid"); + for (EC_Key.Public key : pubkeys.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); + if (cfg.namedCurve != null && !(key.getCurve().startsWith(cfg.namedCurve) || key.getCurve().equals(cfg.namedCurve))) { + continue; + } + if (curve.getBits() != cfg.bits && !cfg.all) { + continue; + } + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten()), Test.Result.ANY)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH), Test.Result.FAILURE)); + tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); + } + return super.run(cardManager); + } + } +} diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 41a7821..3a6a8ae 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -22,6 +22,25 @@ public class Util { array[offset] = (byte) ((value >> 8) & 0xFF); } + public static boolean compareBytes(byte[] one, int oneOffset, byte[] other, int otherOffset, int length) { + for (int i = 0; i < length; ++i) { + byte a = one[i + oneOffset]; + byte b = other[i + otherOffset]; + if (a != b) { + return false; + } + } + return true; + } + + public static boolean allValue(byte[] array, byte value) { + for (byte a : array) { + if (a != value) + return false; + } + return true; + } + public static byte[] hexToBytes(String hex) { return hexToBytes(hex, true); } @@ -103,6 +122,47 @@ public class Util { return out; } + public static String getSWSource(short sw) { + switch (sw) { + case ISO7816.SW_NO_ERROR: + case ISO7816.SW_APPLET_SELECT_FAILED: + case ISO7816.SW_BYTES_REMAINING_00: + case ISO7816.SW_CLA_NOT_SUPPORTED: + case ISO7816.SW_COMMAND_NOT_ALLOWED: + case ISO7816.SW_CONDITIONS_NOT_SATISFIED: + case ISO7816.SW_CORRECT_LENGTH_00: + case ISO7816.SW_DATA_INVALID: + case ISO7816.SW_FILE_FULL: + case ISO7816.SW_FILE_INVALID: + case ISO7816.SW_FILE_NOT_FOUND: + case ISO7816.SW_FUNC_NOT_SUPPORTED: + case ISO7816.SW_INCORRECT_P1P2: + case ISO7816.SW_INS_NOT_SUPPORTED: + case ISO7816.SW_LOGICAL_CHANNEL_NOT_SUPPORTED: + case ISO7816.SW_RECORD_NOT_FOUND: + case ISO7816.SW_SECURE_MESSAGING_NOT_SUPPORTED: + case ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED: + case ISO7816.SW_UNKNOWN: + case ISO7816.SW_WARNING_STATE_UNCHANGED: + case ISO7816.SW_WRONG_DATA: + case ISO7816.SW_WRONG_LENGTH: + case ISO7816.SW_WRONG_P1P2: + return "ISO"; + case CryptoException.ILLEGAL_VALUE: + case CryptoException.UNINITIALIZED_KEY: + case CryptoException.NO_SUCH_ALGORITHM: + case CryptoException.INVALID_INIT: + case CryptoException.ILLEGAL_USE: + return "CryptoException"; + case ECTesterApplet.SW_SIG_VERIFY_FAIL: + case ECTesterApplet.SW_DH_DHC_MISMATCH: + case ECTesterApplet.SW_KEYPAIR_NULL: + return "ECTesterApplet"; + default: + return "?"; + } + } + public static String getSWString(short sw) { if (sw == ISO7816.SW_NO_ERROR) { return "OK\t(0x9000)"; @@ -193,6 +253,12 @@ public class Util { case ECTesterApplet.SW_SIG_VERIFY_FAIL: str = "SIG_VERIFY_FAIL"; break; + case ECTesterApplet.SW_DH_DHC_MISMATCH: + str = "DH_DHC_MISMATCH"; + break; + case ECTesterApplet.SW_KEYPAIR_NULL: + str = "KEYPAIR_NULL"; + break; default: str = "unknown"; break; @@ -229,9 +295,23 @@ public class Util { corrupt = "INFINITY"; break; default: - corrupt = "UNKNOWN"; + corrupt = "unknown"; break; } return corrupt; } + + public static String getKA(byte ka) { + String algo = ""; + if ((ka & EC_Consts.KA_ECDH) != 0) { + algo += "ECDH"; + } + if (ka == EC_Consts.KA_BOTH) { + algo += "+"; + } + if ((ka & EC_Consts.KA_ECDHC) != 0) { + algo += "ECDHC"; + } + return algo; + } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java index 9b783ec..7d056a5 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -7,25 +7,27 @@ import javacard.security.KeyPair; * @author Jan Jancar johny@neuromancer.sk */ public class EC_Curve extends EC_Params { - private short bits; private byte field; private String desc; /** - * * @param bits * @param field KeyPair.ALG_EC_FP or KeyPair.ALG_EC_F2M */ public EC_Curve(short bits, byte field) { super(field == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M); this.bits = bits; - this.field = field; } - public EC_Curve(short bits, byte field, String desc) { + public EC_Curve(String id, short bits, byte field) { this(bits, field); + this.id = id; + } + + public EC_Curve(String id, short bits, byte field, String desc) { + this(id, bits, field); this.desc = desc; } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index c55b99d..49b5316 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -13,11 +13,12 @@ import java.util.regex.Pattern; * @author Jan Jancar johny@neuromancer.sk */ public class EC_Data { - private static final Pattern hex = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); - + String id; int count; byte[][] data; + private static final Pattern HEX = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); + EC_Data() { } @@ -31,6 +32,20 @@ public class EC_Data { this.data = data; } + EC_Data(String id, int count) { + this(count); + this.id = id; + } + + EC_Data(String id, byte[][] data) { + this(data); + this.id = id; + } + + public String getId() { + return id; + } + public int getCount() { return count; } @@ -117,16 +132,29 @@ public class EC_Data { return false; } for (String param : data) { - if (!hex.matcher(param).matches()) { + if (!HEX.matcher(param).matches()) { return false; } } return readHex(data.toArray(new String[data.size()])); } - public boolean readBytes(byte[] data) { - //TODO - return false; + public boolean readBytes(byte[] bytes) { + int offset = 0; + for (int i = 0; i < count; i++) { + if (bytes.length - offset < 2) { + return false; + } + short paramLength = Util.getShort(bytes, offset); + offset += 2; + if (bytes.length < offset + paramLength) { + return false; + } + data[i] = new byte[paramLength]; + System.arraycopy(bytes, offset, data[i], 0, paramLength); + offset += paramLength; + } + return true; } public void writeCSV(OutputStream out) throws IOException { diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java index 1385f12..9e92fd9 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -1,6 +1,6 @@ package cz.crcs.ectester.reader.ec; -import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.reader.Util; /** * @author Jan Jancar johny@neuromancer.sk @@ -22,8 +22,13 @@ public class EC_KAResult extends EC_Data { this.otherKey = otherKey; } - public EC_KAResult(byte ka, String curve, String oneKey, String otherKey, String desc) { + public EC_KAResult(String id, byte ka, String curve, String oneKey, String otherKey) { this(ka, curve, oneKey, otherKey); + this.id = id; + } + + public EC_KAResult(String id, byte ka, String curve, String oneKey, String otherKey, String desc) { + this(id, ka, curve, oneKey, otherKey); this.desc = desc; } @@ -49,8 +54,8 @@ public class EC_KAResult extends EC_Data { @Override public String toString() { - String agreement = ka == EC_Consts.KA_ECDH ? "ECDH" : "ECDHC"; - return agreement + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); + String algo = Util.getKA(ka); + return algo + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Key.java b/src/cz/crcs/ectester/reader/ec/EC_Key.java index ad846b8..85fd652 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Key.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Key.java @@ -20,6 +20,16 @@ public class EC_Key extends EC_Params { this.desc = desc; } + private EC_Key(String id, short mask, String curve) { + this(mask, curve); + this.id = id; + } + + private EC_Key(String id, short mask, String curve, String desc) { + this(mask, curve, desc); + this.id = id; + } + public String getCurve() { return curve; } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java index bf87e9e..4da7218 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java @@ -6,7 +6,6 @@ import cz.crcs.ectester.applet.EC_Consts; * @author Jan Jancar johny@neuromancer.sk */ public class EC_Keypair extends EC_Params { - private String curve; private String desc; diff --git a/src/cz/crcs/ectester/reader/ec/EC_Params.java b/src/cz/crcs/ectester/reader/ec/EC_Params.java index 00747b1..cee9c16 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Params.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Params.java @@ -4,6 +4,7 @@ import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.reader.Util; import java.io.ByteArrayOutputStream; +import java.io.InputStream; import java.util.ArrayList; import java.util.List; @@ -25,6 +26,16 @@ public class EC_Params extends EC_Data { this.data = data; } + public EC_Params(String id, short params) { + this(params); + this.id = id; + } + + public EC_Params(String id, short params, byte[][] data) { + this(params, data); + this.id = id; + } + public short getParams() { return params; } @@ -67,8 +78,14 @@ public class EC_Params extends EC_Data { byte[] param = data[i]; if (masked == EC_Consts.PARAMETER_F2M) { //add m, e_1, e_2, e_3 - param = Util.concatenate(param, data[i + 1], data[i + 2], data[i + 3]); - if (param.length != 8) + param = Util.concatenate(param, data[i + 1]); + if (!Util.allValue(data[i + 2], (byte) 0)) { + param = Util.concatenate(param, data[i + 2]); + } + if (!Util.allValue(data[i + 3], (byte) 0)) { + param = Util.concatenate(param, data[i + 3]); + } + if (!(param.length == 4 || param.length == 8)) throw new RuntimeException("PARAMETER_F2M length is not 8.(should be)"); } if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { @@ -112,9 +129,6 @@ public class EC_Params extends EC_Data { if (masked == EC_Consts.PARAMETER_F2M) { //split into m, e1, e2, e3 - if (param.length != 8) { - throw new RuntimeException("PARAMETER_F2M length is not 8.(should be)"); - } for (int i = 0; i < 4; ++i) { out.add(String.format("%04x", Util.getShort(param, i * 2))); } @@ -136,4 +150,8 @@ public class EC_Params extends EC_Data { return out.toArray(new String[out.size()]); } + @Override + public String toString() { + return String.join(",", expand()); + } } -- cgit v1.2.3-70-g09d2 From 5e46fb3406b99b9d7f1e1be000a3e87abca6ad8a Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 19 Apr 2017 20:01:53 +0200 Subject: Add id to EC_Params subclasses toString, fix EC_Params.expand --- src/cz/crcs/ectester/reader/ec/EC_Curve.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Data.java | 13 ++++++------- src/cz/crcs/ectester/reader/ec/EC_KAResult.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Key.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Keypair.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Params.java | 24 +++++++----------------- 6 files changed, 17 insertions(+), 28 deletions(-) diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java index 7d056a5..45080fb 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -45,6 +45,6 @@ public class EC_Curve extends EC_Params { @Override public String toString() { - return "Elliptic curve (" + String.valueOf(bits) + "b)" + (desc == null ? "" : ": " + desc); + return "<" + getId() + "> " + (field == KeyPair.ALG_EC_FP ? "Prime" : "Binary") + " field Elliptic curve (" + String.valueOf(bits) + "b)" + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index 49b5316..5197665 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -158,14 +158,13 @@ public class EC_Data { } public void writeCSV(OutputStream out) throws IOException { - String[] hex = expand(); Writer w = new OutputStreamWriter(out); - for (int i = 0; i < hex.length; ++i) { - w.write(hex[i]); - if (i < hex.length - 1) { - w.write(","); - } - } + w.write(String.join(",", expand())); w.flush(); } + + @Override + public String toString() { + return String.join(",", expand()); + } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java index 9e92fd9..28115f7 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -55,7 +55,7 @@ public class EC_KAResult extends EC_Data { @Override public String toString() { String algo = Util.getKA(ka); - return algo + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); + return "<" + getId() + "> " + algo + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Key.java b/src/cz/crcs/ectester/reader/ec/EC_Key.java index 85fd652..cecd228 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Key.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Key.java @@ -66,7 +66,7 @@ public class EC_Key extends EC_Params { @Override public String toString() { - return "EC Private key, over " + getCurve() + (getDesc() == null ? "" : ": " + getDesc()); + return "<" + getId() + "> EC Private key, over " + getCurve() + (getDesc() == null ? "" : ": " + getDesc()); } } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java index 4da7218..924906e 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java @@ -29,6 +29,6 @@ public class EC_Keypair extends EC_Params { @Override public String toString() { - return "EC Keypair, over " + curve + (desc == null ? "" : ": " + desc); + return "<" + getId() + "> EC Keypair, over " + curve + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Params.java b/src/cz/crcs/ectester/reader/ec/EC_Params.java index cee9c16..7192b61 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Params.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Params.java @@ -126,32 +126,22 @@ public class EC_Params extends EC_Data { short masked = (short) (params & paramMask); if (masked != 0) { byte[] param = data[index]; - if (masked == EC_Consts.PARAMETER_F2M) { - //split into m, e1, e2, e3 for (int i = 0; i < 4; ++i) { - out.add(String.format("%04x", Util.getShort(param, i * 2))); + out.add(Util.bytesToHex(data[index + i], false)); } - + index += 4; } else if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { - //split from X962 format into X and Y - //disregard the first 04 and then split into half(uncompress) - int half = (param.length - 1) / 2; - out.add(Util.bytesToHex(param, 1, half, false)); - out.add(Util.bytesToHex(param, half + 1, half, false)); + out.add(Util.bytesToHex(param, false)); + out.add(Util.bytesToHex(data[index + 1], false)); + index += 2; } else { - //read raw - out.add(Util.bytesToHex(data[index], false)); + out.add(Util.bytesToHex(param, false)); + index++; } - index++; } paramMask = (short) (paramMask << 1); } return out.toArray(new String[out.size()]); } - - @Override - public String toString() { - return String.join(",", expand()); - } } -- cgit v1.2.3-70-g09d2 From 3e1290ca718aadf6dd2f920107493f2cd8f874ab Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 19 Apr 2017 20:12:20 +0200 Subject: Add Travis CI --- .travis.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..484c6d9 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,6 @@ +language: java +jdk: + - oraclejdk8 +script: + - ant -f jcbuild.xml build + - ant -f build.xml jar \ No newline at end of file -- cgit v1.2.3-70-g09d2 From 3aaead661e2b23b5e5811a3a06daed61db638a72 Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 19 Apr 2017 21:56:39 +0200 Subject: Fix some test-vector tests, also test printing --- !uploader/ectester.cap | Bin 14353 -> 14586 bytes dist/ECTester.jar | Bin 322457 -> 323844 bytes src/cz/crcs/ectester/applet/ECKeyGenerator.java | 12 +++++------ src/cz/crcs/ectester/applet/ECKeyTester.java | 27 ++++++++++++++++++++---- src/cz/crcs/ectester/applet/ECTesterApplet.java | 8 ++++++- src/cz/crcs/ectester/applet/ECUtil.java | 24 ++++++++++++++++++--- src/cz/crcs/ectester/applet/EC_Consts.java | 1 + src/cz/crcs/ectester/data/EC_Store.java | 23 ++++++++++++++------ src/cz/crcs/ectester/data/schema.xsd | 4 ++++ src/cz/crcs/ectester/data/test/results.xml | 10 ++++----- src/cz/crcs/ectester/reader/ECTester.java | 5 +---- src/cz/crcs/ectester/reader/Response.java | 4 +--- src/cz/crcs/ectester/reader/TestSuite.java | 1 + src/cz/crcs/ectester/reader/Util.java | 18 ++++++++++++++-- 14 files changed, 103 insertions(+), 34 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 1e7235d..ea66c8f 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 58f44b9..adfa6d4 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index a36bd0c..a602ab1 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -40,7 +40,7 @@ public class ECKeyGenerator { public short clearPair(KeyPair keypair, byte key) { try { - sw = ECUtil.nullCheck(keypair); + sw = ECUtil.keypairCheck(keypair); if ((key & EC_Consts.KEY_PUBLIC) != 0) keypair.getPublic().clearKey(); if ((key & EC_Consts.KEY_PRIVATE) != 0) keypair.getPrivate().clearKey(); } catch (CardRuntimeException ce) { @@ -55,7 +55,7 @@ public class ECKeyGenerator { */ public short generatePair(KeyPair keypair) { try { - sw = ECUtil.nullCheck(keypair); + sw = ECUtil.keypairCheck(keypair); keypair.genKeyPair(); } catch (CardRuntimeException ce) { sw = ce.getReason(); @@ -156,7 +156,7 @@ public class ECKeyGenerator { */ public short setParameter(KeyPair keypair, byte key, short param, byte[] data, short offset, short length) { try { - sw = ECUtil.nullCheck(keypair); + sw = ECUtil.keypairCheck(keypair); ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); @@ -281,7 +281,7 @@ public class ECKeyGenerator { public short exportParameter(KeyPair keypair, byte key, short param, byte[] outputBuffer, short outputOffset) { short length = 0; try { - sw = ECUtil.nullCheck(keypair); + sw = ECUtil.keypairCheck(keypair); ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); @@ -390,8 +390,8 @@ public class ECKeyGenerator { */ public short copyCurve(KeyPair from, KeyPair to, short params, byte[] buffer, short offset) { try { - sw = ECUtil.nullCheck(from); - sw = ECUtil.nullCheck(to); + sw = ECUtil.keypairCheck(from); + sw = ECUtil.keypairCheck(to); short param = EC_Consts.PARAMETER_FP; while (param <= EC_Consts.PARAMETER_K) { diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index c4b58e0..aac4656 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -53,8 +53,9 @@ public class ECKeyTester { private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { short length = 0; try { - sw = ECUtil.nullCheck(privatePair); - sw = ECUtil.nullCheck(publicPair); + sw = ECUtil.kaCheck(ka); + sw = ECUtil.keypairCheck(privatePair); + sw = ECUtil.keypairCheck(publicPair); ka.init(privatePair.getPrivate()); short pubkeyLength = ((ECPublicKey) publicPair.getPublic()).getW(pubkeyBuffer, pubkeyOffset); @@ -113,7 +114,7 @@ public class ECKeyTester { * @param corruption * @return */ - public short testECDH_ECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + public short testBOTH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); if (sw != ISO7816.SW_NO_ERROR) { return ecdhLength; @@ -130,6 +131,23 @@ public class ECKeyTester { } + /** + * + * @param privatePair + * @param publicPair + * @param pubkeyBuffer + * @param pubkeyOffset + * @param outputBuffer + * @param outputOffset + * @param corruption + * @return + */ + public short testANY(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[]outputBuffer, short outputOffset, byte corruption) { + short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); + if (sw == ISO7816.SW_NO_ERROR) + return ecdhLength; + return testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); + } /** * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. * Then checks for correct signature length. @@ -145,9 +163,10 @@ public class ECKeyTester { * @return signature length */ public short testECDSA(ECPrivateKey signKey, ECPublicKey verifyKey, byte[] inputBuffer, short inputOffset, short inputLength, byte[] sigBuffer, short sigOffset) { - sw = ISO7816.SW_NO_ERROR; short length = 0; try { + sw = ECUtil.signCheck(ecdsaSignature); + ecdsaSignature.init(signKey, Signature.MODE_SIGN); length = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset); diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index f802233..88d1b8c 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -65,6 +65,9 @@ public class ECTesterApplet extends Applet { public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1; public static final short SW_DH_DHC_MISMATCH = (short) 0x0ee2; public static final short SW_KEYPAIR_NULL = (short) 0x0ee3; + public static final short SW_KA_NULL = (short) 0x0ee4; + public static final short SW_SIGNATURE_NULL = (short) 0x0ee5; + public static final short SW_OBJECT_NULL = (short) 0x0ee6; private static final short ARRAY_LENGTH = (short) 0xff; @@ -558,7 +561,10 @@ public class ECTesterApplet extends Applet { secretLength = keyTester.testECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); break; case EC_Consts.KA_BOTH: - secretLength = keyTester.testECDH_ECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); + secretLength = keyTester.testBOTH(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); + break; + case EC_Consts.KA_ANY: + secretLength = keyTester.testANY(priv, pub, ramArray, (short) 0, ramArray2, (short)0, corruption); break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); diff --git a/src/cz/crcs/ectester/applet/ECUtil.java b/src/cz/crcs/ectester/applet/ECUtil.java index e7e4a8a..5d5c4d2 100644 --- a/src/cz/crcs/ectester/applet/ECUtil.java +++ b/src/cz/crcs/ectester/applet/ECUtil.java @@ -2,16 +2,34 @@ package cz.crcs.ectester.applet; import javacard.framework.ISO7816; import javacard.framework.ISOException; +import javacard.security.KeyAgreement; import javacard.security.KeyPair; +import javacard.security.Signature; /** * @author Jan Jancar johny@neuromancer.sk */ public class ECUtil { - static short nullCheck(KeyPair keyPair) { - if (keyPair == null) - ISOException.throwIt(ECTesterApplet.SW_KEYPAIR_NULL); + private static short nullCheck(Object obj, short sw) { + if (obj == null) + ISOException.throwIt(sw); return ISO7816.SW_NO_ERROR; } + + static short objCheck(Object obj) { + return nullCheck(obj, ECTesterApplet.SW_OBJECT_NULL); + } + + static short keypairCheck(KeyPair keyPair) { + return nullCheck(keyPair, ECTesterApplet.SW_KEYPAIR_NULL); + } + + static short kaCheck(KeyAgreement keyAgreement) { + return nullCheck(keyAgreement, ECTesterApplet.SW_KA_NULL); + } + + static short signCheck(Signature signature) { + return nullCheck(signature, ECTesterApplet.SW_SIGNATURE_NULL); + } } diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index 534d552..1334541 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -64,6 +64,7 @@ public class EC_Consts { public static final byte KA_ECDH = 0x01; public static final byte KA_ECDHC = 0x02; public static final byte KA_BOTH = KA_ECDH | KA_ECDHC; + public static final byte KA_ANY = 0x04; public static RandomData randomData = null; diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index ccd3586..906eb8d 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -227,11 +227,22 @@ public class EC_Store { descs = descc.item(0).getTextContent(); } - byte kab; - if (ka.getTextContent().equals("DH")) { - kab = EC_Consts.KA_ECDH; - } else { - kab = EC_Consts.KA_ECDHC; + byte kab = EC_Consts.KA_ANY; + switch (ka.getTextContent()) { + case "DH": + case "ECDH": + kab = EC_Consts.KA_ECDH; + break; + case "DHC": + case "ECDHC": + kab = EC_Consts.KA_ECDHC; + break; + case "ANY": + kab = EC_Consts.KA_ANY; + break; + case "BOTH": + kab = EC_Consts.KA_BOTH; + break; } EC_KAResult kaResult = new EC_KAResult(id.getTextContent(), kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs); @@ -254,7 +265,7 @@ public class EC_Store { } private EC_Params parseKeylike(String dir, Element elem) throws SAXException, IOException { - Node file = elem.getElementsByTagName("file").item(0); + Node id = elem.getElementsByTagName("id").item(0); Node curve = elem.getElementsByTagName("curve").item(0); NodeList desc = elem.getElementsByTagName("desc"); diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd index 33b9acd..2fe7892 100644 --- a/src/cz/crcs/ectester/data/schema.xsd +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -61,7 +61,11 @@ + + + + diff --git a/src/cz/crcs/ectester/data/test/results.xml b/src/cz/crcs/ectester/data/test/results.xml index e382cd4..1146500 100644 --- a/src/cz/crcs/ectester/data/test/results.xml +++ b/src/cz/crcs/ectester/data/test/results.xml @@ -133,7 +133,7 @@ p192-dhc - DHC + ANY nist/p192-dhc-sha1.csv nist/P-192 test/p192-A @@ -141,7 +141,7 @@ p224-dhc - DHC + ANY nist/p224-dhc-sha1.csv nist/P-224 test/p224-A @@ -149,7 +149,7 @@ p256-dhc - DHC + ANY nist/p256-dhc-sha1.csv nist/P-256 test/p256-A @@ -157,7 +157,7 @@ p384-dhc - DHC + ANY nist/p384-dhc-sha1.csv nist/P-384 test/p384-A @@ -165,7 +165,7 @@ p521-dhc - DHC + ANY nist/p521-dhc-sha1.csv nist/P-521 test/p521-A diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 8afda17..9191b70 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -471,10 +471,7 @@ public class ECTester { List test = Command.sendAll(commands); if (suite != null) { - List tests = suite.run(cardManager); - for (Test t : tests) { - System.out.println(t); - } + suite.run(cardManager); } systemOutLogger.println(Response.toString(test, cfg.testSuite)); diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index e5b8c1c..89dce9c 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -140,9 +140,7 @@ public abstract class Response { out.append(prefix); String message = r.toString(); - String full = r.toString(message); - - out.append(full); + out.append(message); if (i < responses.size() - 1) { out.append("\n"); } diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index 892e853..56e0a4a 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -63,6 +63,7 @@ public abstract class TestSuite { } public static class TestVectors extends TestSuite { + public TestVectors(EC_Store dataStore, ECTester.Config cfg) { super(dataStore, cfg, "test"); } diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 3a6a8ae..6fe3b8e 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -157,6 +157,9 @@ public class Util { case ECTesterApplet.SW_SIG_VERIFY_FAIL: case ECTesterApplet.SW_DH_DHC_MISMATCH: case ECTesterApplet.SW_KEYPAIR_NULL: + case ECTesterApplet.SW_KA_NULL: + case ECTesterApplet.SW_SIGNATURE_NULL: + case ECTesterApplet.SW_OBJECT_NULL: return "ECTesterApplet"; default: return "?"; @@ -259,6 +262,15 @@ public class Util { case ECTesterApplet.SW_KEYPAIR_NULL: str = "KEYPAIR_NULL"; break; + case ECTesterApplet.SW_KA_NULL: + str = "KA_NULL"; + break; + case ECTesterApplet.SW_SIGNATURE_NULL: + str = "SIGNATURE_NULL"; + break; + case ECTesterApplet.SW_OBJECT_NULL: + str = "OBJECT_NULL"; + break; default: str = "unknown"; break; @@ -303,13 +315,15 @@ public class Util { public static String getKA(byte ka) { String algo = ""; - if ((ka & EC_Consts.KA_ECDH) != 0) { + if ((ka & EC_Consts.KA_ECDH) != 0 || ka == EC_Consts.KA_ANY) { algo += "ECDH"; } if (ka == EC_Consts.KA_BOTH) { algo += "+"; + } else if (ka == EC_Consts.KA_ANY) { + algo += "/"; } - if ((ka & EC_Consts.KA_ECDHC) != 0) { + if ((ka & EC_Consts.KA_ECDHC) != 0 || ka == EC_Consts.KA_ANY) { algo += "ECDHC"; } return algo; -- cgit v1.2.3-70-g09d2 From 6238d40a1fa44bfbaa251620eb83c3aa803d626e Mon Sep 17 00:00:00 2001 From: J08nY Date: Thu, 27 Apr 2017 15:13:55 +0200 Subject: Move tests to TestSuites --- src/cz/crcs/ectester/reader/Command.java | 144 +++++++++++- src/cz/crcs/ectester/reader/ECTester.java | 338 +++++------------------------ src/cz/crcs/ectester/reader/TestSuite.java | 131 ++++++++++- src/cz/crcs/ectester/reader/Util.java | 12 + 4 files changed, 337 insertions(+), 288 deletions(-) diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index 73f4987..b65159a 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -1,10 +1,19 @@ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; +import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.data.EC_Store; +import cz.crcs.ectester.reader.ec.EC_Curve; +import cz.crcs.ectester.reader.ec.EC_Key; +import cz.crcs.ectester.reader.ec.EC_Keypair; +import cz.crcs.ectester.reader.ec.EC_Params; +import javacard.security.KeyPair; import javax.smartcardio.CardException; import javax.smartcardio.CommandAPDU; import javax.smartcardio.ResponseAPDU; +import java.io.FileInputStream; +import java.io.IOException; import java.util.ArrayList; import java.util.List; @@ -33,6 +42,139 @@ public abstract class Command { return result; } + + /** + * @param keyPair which keyPair/s (local/remote) to set curve domain parameters on + * @param keyLength key length to choose + * @param keyClass key class to choose + * @return a list of Commands to send in order to prepare the curve on the keypairs. + * @throws IOException if curve file cannot be found/opened + */ + public static List prepareCurve(CardMngr cardManager, EC_Store dataStore, ECTester.Config cfg, byte keyPair, short keyLength, byte keyClass) throws IOException { + List commands = new ArrayList<>(); + + if (cfg.customCurve) { + // Set custom curve (one of the SECG curves embedded applet-side) + short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null)); + } else if (cfg.namedCurve != null) { + // Set a named curve. + // parse cfg.namedCurve -> cat / id | cat | id + EC_Curve curve = dataStore.getObject(EC_Curve.class, cfg.namedCurve); + if (curve == null) { + throw new IOException("Curve could no be found."); + } + if (curve.getBits() != keyLength) { + throw new IOException("Curve bits mismatch: " + curve.getBits() + " vs " + keyLength + " entered."); + } + + byte[] external = curve.flatten(); + if (external == null) { + throw new IOException("Couldn't read named curve data."); + } + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); + } else if (cfg.curveFile != null) { + // Set curve loaded from a file + EC_Curve curve = new EC_Curve(null, keyLength, keyClass); + + FileInputStream in = new FileInputStream(cfg.curveFile); + curve.readCSV(in); + in.close(); + + byte[] external = curve.flatten(); + if (external == null) { + throw new IOException("Couldn't read the curve file correctly."); + } + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); + } else { + // Set default curve + /* This command was generally causing problems for simulating on jcardsim. + * Since there, .clearKey() resets all the keys values, even the domain. + * This might break some other stuff.. But should not. + */ + //commands.add(new Command.Clear(cardManager, keyPair)); + } + + return commands; + } + + + /** + * @param keyPair which keyPair/s to set the key params on + * @return a CommandAPDU setting params loaded on the keyPair/s + * @throws IOException if any of the key files cannot be found/opened + */ + public static Command prepareKey(CardMngr cardManager, EC_Store dataStore, ECTester.Config cfg, byte keyPair) throws IOException { + short params = EC_Consts.PARAMETERS_NONE; + byte[] data = null; + + if (cfg.key != null || cfg.namedKey != null) { + params |= EC_Consts.PARAMETERS_KEYPAIR; + EC_Params keypair; + if (cfg.key != null) { + keypair = new EC_Params(EC_Consts.PARAMETERS_KEYPAIR); + + FileInputStream in = new FileInputStream(cfg.key); + keypair.readCSV(in); + in.close(); + } else { + keypair = dataStore.getObject(EC_Keypair.class, cfg.namedKey); + } + + data = keypair.flatten(); + if (data == null) { + throw new IOException("Couldn't read the key file correctly."); + } + } + + if (cfg.publicKey != null || cfg.namedPublicKey != null) { + params |= EC_Consts.PARAMETER_W; + EC_Params pub; + if (cfg.publicKey != null) { + pub = new EC_Params(EC_Consts.PARAMETER_W); + + FileInputStream in = new FileInputStream(cfg.publicKey); + pub.readCSV(in); + in.close(); + } else { + pub = dataStore.getObject(EC_Key.Public.class, cfg.namedPublicKey); + if (pub == null) { + pub = dataStore.getObject(EC_Keypair.class, cfg.namedPublicKey); + } + } + + byte[] pubkey = pub.flatten(EC_Consts.PARAMETER_W); + if (pubkey == null) { + throw new IOException("Couldn't read the public key file correctly."); + } + data = pubkey; + } + if (cfg.privateKey != null || cfg.namedPrivateKey != null) { + params |= EC_Consts.PARAMETER_S; + EC_Params priv; + if (cfg.privateKey != null) { + priv = new EC_Params(EC_Consts.PARAMETER_S); + + FileInputStream in = new FileInputStream(cfg.privateKey); + priv.readCSV(in); + in.close(); + } else { + priv = dataStore.getObject(EC_Key.Public.class, cfg.namedPrivateKey); + if (priv == null) { + priv = dataStore.getObject(EC_Keypair.class, cfg.namedPrivateKey); + } + } + + byte[] privkey = priv.flatten(EC_Consts.PARAMETER_S); + if (privkey == null) { + throw new IOException("Couldn't read the private key file correctly."); + } + data = Util.concatenate(data, privkey); + } + return new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, params, data); + } + + /** * */ @@ -329,7 +471,6 @@ public abstract class Command { public static class Cleanup extends Command { /** - * * @param cardManager cardManager to send APDU through */ protected Cleanup(CardMngr cardManager) { @@ -353,7 +494,6 @@ public abstract class Command { public static class Support extends Command { /** - * * @param cardManager cardManager to send APDU through */ protected Support(CardMngr cardManager) { diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 9191b70..33d1b7f 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -24,7 +24,9 @@ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.data.EC_Store; -import cz.crcs.ectester.reader.ec.*; +import cz.crcs.ectester.reader.ec.EC_Category; +import cz.crcs.ectester.reader.ec.EC_Data; +import cz.crcs.ectester.reader.ec.EC_Params; import javacard.security.KeyPair; import org.apache.commons.cli.*; @@ -45,6 +47,7 @@ public class ECTester { private DirtyLogger systemOutLogger; private EC_Store dataStore; private Config cfg; + private TestSuite[] testSuites; private Options opts = new Options(); private static final String CLI_HEADER = "\nECTester, a javacard Elliptic Curve Cryptograhy support tester/utility.\n\n"; @@ -253,6 +256,15 @@ public class ECTester { return parser.parse(opts, args); } + /** + * Prints help. + */ + private void help() { + HelpFormatter help = new HelpFormatter(); + help.setOptionComparator(null); + help.printHelp("ECTester.jar", CLI_HEADER, opts, CLI_FOOTER, true); + } + /** * List categories and named curves. */ @@ -277,15 +289,6 @@ public class ECTester { } } - /** - * Prints help. - */ - private void help() { - HelpFormatter help = new HelpFormatter(); - help.setOptionComparator(null); - help.printHelp("ECTester.jar", CLI_HEADER, opts, CLI_FOOTER, true); - } - /** * Exports default card/simulation EC domain parameters to output file. * @@ -330,7 +333,7 @@ public class ECTester { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send(); - List curve = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass); + List curve = Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass); FileWriter keysFile = new FileWriter(cfg.output); keysFile.write("index;time;pubW;privS\n"); @@ -376,105 +379,44 @@ public class ECTester { * @throws IOException if an IO error occurs when writing to key file. */ private void test() throws IOException, CardException { - List commands = new LinkedList<>(); - TestSuite suite = null; - - if (cfg.testSuite.equals("default")) { - commands.add(new Command.Support(cardManager)); - if (cfg.namedCurve != null) { - if (cfg.primeField) { - commands.addAll(testCurves(cfg.namedCurve, KeyPair.ALG_EC_FP)); + TestSuite suite; + + switch (cfg.testSuite) { + case "default": + suite = new TestSuite.Default(dataStore, cfg); + break; + case "test-vectors": + suite = new TestSuite.TestVectors(dataStore, cfg); + break; + default: + // These tests are dangerous, prompt before them. + System.out.println("The test you selected (" + cfg.testSuite + ") is potentially dangerous."); + System.out.println("Some of these tests have caused temporary DoS of some cards."); + System.out.print("Do you want to proceed? (y/n): "); + Scanner in = new Scanner(System.in); + String confirmation = in.nextLine(); + if (!Arrays.asList("yes", "YES", "y", "Y").contains(confirmation)) { + return; } - if (cfg.binaryField) { - commands.addAll(testCurves(cfg.namedCurve, KeyPair.ALG_EC_F2M)); - } - } else { - if (cfg.all) { - if (cfg.primeField) { - //iterate over prime curve sizes used: EC_Consts.FP_SIZES - for (short keyLength : EC_Consts.FP_SIZES) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); - commands.addAll(testCurve()); - commands.add(new Command.Cleanup(cardManager)); - } - } - if (cfg.binaryField) { - //iterate over binary curve sizes used: EC_Consts.F2M_SIZES - for (short keyLength : EC_Consts.F2M_SIZES) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); - commands.addAll(testCurve()); - commands.add(new Command.Cleanup(cardManager)); - } - } - } else { - if (cfg.primeField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); - commands.addAll(testCurve()); - commands.add(new Command.Cleanup(cardManager)); - } - - if (cfg.binaryField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); - commands.addAll(testCurve()); - commands.add(new Command.Cleanup(cardManager)); - } - } - } - } else if (cfg.testSuite.equals("test-vectors")) { - /* Set original curves (secg/nist/brainpool). Set keypairs from test vectors. - * Do ECDH both ways, export and verify that the result is correct. - * - */ - suite = new TestSuite.TestVectors(dataStore, cfg); - - } else { - // These tests are dangerous, prompt before them. - System.out.println("The test you selected (" + cfg.testSuite + ") is potentially dangerous."); - System.out.println("Some of these tests have caused temporary DoS of some cards."); - System.out.print("Do you want to proceed? (y/n): "); - Scanner in = new Scanner(System.in); - String confirmation = in.nextLine(); - if (!Arrays.asList("yes", "y", "Y").contains(confirmation)) { - return; - } - in.close(); - - if (cfg.testSuite.equals("wrong")) { - /* Just do the default tests on the wrong curves. - * These should generally fail, the curves aren't safe. - */ - if (cfg.primeField) { - commands.addAll(testCurves(cfg.testSuite, KeyPair.ALG_EC_FP)); - } - if (cfg.binaryField) { - commands.addAll(testCurves(cfg.testSuite, KeyPair.ALG_EC_F2M)); - } - } else if (cfg.testSuite.equals("nonprime")) { - /* Do the default tests with the public keys set to provided nonprime keys. - * These should fail, the curves aren't safe so that if the computation with - * a small order public key succeeds the private key modulo the public key order - * is revealed. - */ - suite = new TestSuite.NonPrime(dataStore, cfg); - } else if (cfg.testSuite.equals("invalid")) { - /* Set original curves (secg/nist/brainpool). Generate local. - * Try ECDH with invalid public keys of increasing (or decreasing) order. - */ - suite = new TestSuite.Invalid(dataStore, cfg); - } - } - + in.close(); - List test = Command.sendAll(commands); - if (suite != null) { - suite.run(cardManager); + switch (cfg.testSuite) { + case "wrong": + suite = new TestSuite.Wrong(dataStore, cfg); + break; + case "nonprime": + suite = new TestSuite.NonPrime(dataStore, cfg); + break; + case "invalid": + suite = new TestSuite.Invalid(dataStore, cfg); + break; + default: + System.err.println("Unknown test suite."); + return; + } + break; } - systemOutLogger.println(Response.toString(test, cfg.testSuite)); - + suite.run(cardManager); } /** @@ -487,7 +429,7 @@ public class ECTester { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List prepare = new LinkedList<>(); prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass).send()); - prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass))); + prepare.addAll(Command.sendAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass))); systemOutLogger.println(Response.toString(prepare)); @@ -497,7 +439,7 @@ public class ECTester { List generate = new LinkedList<>(); generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); if (cfg.anyPublicKey || cfg.anyPrivateKey || cfg.anyKey) { - generate.add(prepareKey(ECTesterApplet.KEYPAIR_REMOTE)); + generate.add(Command.prepareKey(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_REMOTE)); } FileWriter out = null; @@ -556,7 +498,7 @@ public class ECTester { Command generate; if (cfg.anyKeypart) { - generate = prepareKey(ECTesterApplet.KEYPAIR_LOCAL); + generate = Command.prepareKey(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_LOCAL); } else { generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL); } @@ -564,7 +506,7 @@ public class ECTester { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List prepare = new LinkedList<>(); prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send()); - prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass))); + prepare.addAll(Command.sendAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass))); systemOutLogger.println(Response.toString(prepare)); @@ -604,176 +546,6 @@ public class ECTester { out.close(); } - /** - * @param keyPair which keyPair/s (local/remote) to set curve domain parameters on - * @param keyLength key length to choose - * @param keyClass key class to choose - * @return a list of Commands to send in order to prepare the curve on the keypairs. - * @throws IOException if curve file cannot be found/opened - */ - private List prepareCurve(byte keyPair, short keyLength, byte keyClass) throws IOException { - List commands = new ArrayList<>(); - - if (cfg.customCurve) { - // Set custom curve (one of the SECG curves embedded applet-side) - short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null)); - } else if (cfg.namedCurve != null) { - // Set a named curve. - // parse cfg.namedCurve -> cat / id | cat | id - EC_Curve curve = dataStore.getObject(EC_Curve.class, cfg.namedCurve); - if (curve == null) { - throw new IOException("Curve could no be found."); - } - if (curve.getBits() != keyLength) { - throw new IOException("Curve bits mismatch: " + curve.getBits() + " vs " + keyLength + " entered."); - } - - byte[] external = curve.flatten(); - if (external == null) { - throw new IOException("Couldn't read named curve data."); - } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); - } else if (cfg.curveFile != null) { - // Set curve loaded from a file - EC_Curve curve = new EC_Curve(null, keyLength, keyClass); - - FileInputStream in = new FileInputStream(cfg.curveFile); - curve.readCSV(in); - in.close(); - - byte[] external = curve.flatten(); - if (external == null) { - throw new IOException("Couldn't read the curve file correctly."); - } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); - } else { - // Set default curve - /* This command was generally causing problems for simulating on jcardsim. - * Since there, .clearKey() resets all the keys values, even the domain. - * This might break some other stuff.. But should not. - */ - //commands.add(new Command.Clear(cardManager, keyPair)); - } - - return commands; - } - - /** - * @param keyPair which keyPair/s to set the key params on - * @return a CommandAPDU setting params loaded on the keyPair/s - * @throws IOException if any of the key files cannot be found/opened - */ - private Command prepareKey(byte keyPair) throws IOException { - short params = EC_Consts.PARAMETERS_NONE; - byte[] data = null; - - if (cfg.key != null || cfg.namedKey != null) { - params |= EC_Consts.PARAMETERS_KEYPAIR; - EC_Params keypair; - if (cfg.key != null) { - keypair = new EC_Params(EC_Consts.PARAMETERS_KEYPAIR); - - FileInputStream in = new FileInputStream(cfg.key); - keypair.readCSV(in); - in.close(); - } else { - keypair = dataStore.getObject(EC_Keypair.class, cfg.namedKey); - } - - data = keypair.flatten(); - if (data == null) { - throw new IOException("Couldn't read the key file correctly."); - } - } - - if (cfg.publicKey != null || cfg.namedPublicKey != null) { - params |= EC_Consts.PARAMETER_W; - EC_Params pub; - if (cfg.publicKey != null) { - pub = new EC_Params(EC_Consts.PARAMETER_W); - - FileInputStream in = new FileInputStream(cfg.publicKey); - pub.readCSV(in); - in.close(); - } else { - pub = dataStore.getObject(EC_Key.Public.class, cfg.namedPublicKey); - if (pub == null) { - pub = dataStore.getObject(EC_Keypair.class, cfg.namedPublicKey); - } - } - - byte[] pubkey = pub.flatten(EC_Consts.PARAMETER_W); - if (pubkey == null) { - throw new IOException("Couldn't read the public key file correctly."); - } - data = pubkey; - } - if (cfg.privateKey != null || cfg.namedPrivateKey != null) { - params |= EC_Consts.PARAMETER_S; - EC_Params priv; - if (cfg.privateKey != null) { - priv = new EC_Params(EC_Consts.PARAMETER_S); - - FileInputStream in = new FileInputStream(cfg.privateKey); - priv.readCSV(in); - in.close(); - } else { - priv = dataStore.getObject(EC_Key.Public.class, cfg.namedPrivateKey); - if (priv == null) { - priv = dataStore.getObject(EC_Keypair.class, cfg.namedPrivateKey); - } - } - - byte[] privkey = priv.flatten(EC_Consts.PARAMETER_S); - if (privkey == null) { - throw new IOException("Couldn't read the private key file correctly."); - } - data = Util.concatenate(data, privkey); - } - return new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, params, data); - } - - /** - * @return - * @throws IOException if an IO error occurs when writing to key file. - */ - private List testCurve() throws IOException { - List commands = new LinkedList<>(); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ONE, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ZERO, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_MAX, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_FULLRANDOM, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, null)); - return commands; - } - - /** - * @param category - * @param field - * @return - * @throws IOException if an IO error occurs when writing to key file. - */ - private List testCurves(String category, byte field) throws IOException { - List commands = new LinkedList<>(); - Map curves = dataStore.getObjects(EC_Curve.class, category); - if (curves == null) - return commands; - for (Map.Entry entry : curves.entrySet()) { - EC_Curve curve = entry.getValue(); - if (curve.getField() == field && (curve.getBits() == cfg.bits || cfg.all)) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), field)); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.addAll(testCurve()); - commands.add(new Command.Cleanup(cardManager)); - } - } - - return commands; - } - public static void main(String[] args) { ECTester app = new ECTester(); app.run(args); @@ -827,7 +599,7 @@ public class ECTester { * @param cli cli object, with parsed args * @return whether the options are valid. */ - public boolean readOptions(CommandLine cli) { + boolean readOptions(CommandLine cli) { bits = Integer.parseInt(cli.getOptionValue("bit-size", "0")); all = cli.hasOption("all"); primeField = cli.hasOption("fp"); @@ -929,7 +701,7 @@ public class ECTester { return false; } } else if (cli.hasOption("test")) { - if (!binaryField && primeField) { + if (!(binaryField || primeField)) { binaryField = true; primeField = true; } diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index 56e0a4a..047b7f6 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -4,6 +4,7 @@ import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.reader.ec.*; +import javacard.security.KeyPair; import javax.smartcardio.CardException; import java.io.IOException; @@ -23,7 +24,7 @@ public abstract class TestSuite { boolean hasRun; List tests = new LinkedList<>(); - public TestSuite(EC_Store dataStore, ECTester.Config cfg, String name) { + TestSuite(EC_Store dataStore, ECTester.Config cfg, String name) { this.dataStore = dataStore; this.cfg = cfg; this.name = name; @@ -50,6 +51,46 @@ public abstract class TestSuite { return name; } + /** + * @return + * @throws IOException if an IO error occurs when writing to key file. + */ + List testCurve(CardMngr cardManager) throws IOException { + List commands = new LinkedList<>(); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ONE, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ZERO, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_MAX, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_FULLRANDOM, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, null)); + return commands; + } + + /** + * @param category + * @param field + * @return + * @throws IOException if an IO error occurs when writing to key file. + */ + List testCurves(CardMngr cardManager, String category, byte field) throws IOException { + List commands = new LinkedList<>(); + Map curves = dataStore.getObjects(EC_Curve.class, category); + if (curves == null) + return commands; + for (Map.Entry entry : curves.entrySet()) { + EC_Curve curve = entry.getValue(); + if (curve.getField() == field && (curve.getBits() == cfg.bits || cfg.all)) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), field)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); + commands.addAll(testCurve(cardManager)); + commands.add(new Command.Cleanup(cardManager)); + } + } + + return commands; + } + public static class Default extends TestSuite { public Default(EC_Store dataStore, ECTester.Config cfg) { @@ -57,7 +98,55 @@ public abstract class TestSuite { } @Override - public List run(CardMngr cardManager) { + public List run(CardMngr cardManager) throws IOException, CardException { + //TODO: Convert TestSuire.Default to Tests + List commands = new LinkedList<>(); + commands.add(new Command.Support(cardManager)); + if (cfg.namedCurve != null) { + if (cfg.primeField) { + commands.addAll(testCurves(cardManager, cfg.namedCurve, KeyPair.ALG_EC_FP)); + } + if (cfg.binaryField) { + commands.addAll(testCurves(cardManager, cfg.namedCurve, KeyPair.ALG_EC_F2M)); + } + } else { + if (cfg.all) { + if (cfg.primeField) { + //iterate over prime curve sizes used: EC_Consts.FP_SIZES + for (short keyLength : EC_Consts.FP_SIZES) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); + commands.addAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); + commands.addAll(testCurve(cardManager)); + commands.add(new Command.Cleanup(cardManager)); + } + } + if (cfg.binaryField) { + //iterate over binary curve sizes used: EC_Consts.F2M_SIZES + for (short keyLength : EC_Consts.F2M_SIZES) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); + commands.addAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); + commands.addAll(testCurve(cardManager)); + commands.add(new Command.Cleanup(cardManager)); + } + } + } else { + if (cfg.primeField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); + commands.addAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); + commands.addAll(testCurve(cardManager)); + commands.add(new Command.Cleanup(cardManager)); + } + + if (cfg.binaryField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); + commands.addAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); + commands.addAll(testCurve(cardManager)); + commands.add(new Command.Cleanup(cardManager)); + } + } + } + List test = Command.sendAll(commands); + System.out.println(Response.toString(test)); return null; } } @@ -70,7 +159,9 @@ public abstract class TestSuite { @Override public List run(CardMngr cardManager) throws IOException, CardException { - + /* Set original curves (secg/nist/brainpool). Set keypairs from test vectors. + * Do ECDH both ways, export and verify that the result is correct. + */ Map results = dataStore.getObjects(EC_KAResult.class, "test"); for (EC_KAResult result : results.values()) { EC_Curve curve = dataStore.getObject(EC_Curve.class, result.getCurve()); @@ -122,6 +213,12 @@ public abstract class TestSuite { @Override public List run(CardMngr cardManager) throws IOException, CardException { + /* Do the default tests with the public keys set to provided smallorder keys + * over non-prime order curves. Essentially small subgroup attacks. + * These should fail, the curves aren't safe so that if the computation with + * a small order public key succeeds the private key modulo the public key order + * is revealed. + */ Map keys = dataStore.getObjects(EC_Key.class, "nonprime"); for (EC_Key key : keys.values()) { EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); @@ -146,6 +243,9 @@ public abstract class TestSuite { @Override public List run(CardMngr cardManager) throws IOException, CardException { + /* Set original curves (secg/nist/brainpool). Generate local. + * Try ECDH with invalid public keys of increasing (or decreasing) order. + */ Map pubkeys = dataStore.getObjects(EC_Key.Public.class, "invalid"); for (EC_Key.Public key : pubkeys.values()) { EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); @@ -165,4 +265,29 @@ public abstract class TestSuite { return super.run(cardManager); } } + + public static class Wrong extends TestSuite { + + public Wrong(EC_Store dataStore, ECTester.Config cfg) { + super(dataStore, cfg, "wrong"); + } + + @Override + public List run(CardMngr cardManager) throws IOException, CardException { + /* Just do the default tests on the wrong curves. + * These should generally fail, the curves aren't curves. + */ + //TODO: Convert TestSuire.Wrong to Tests + List commands = new LinkedList<>(); + if (cfg.primeField) { + commands.addAll(testCurves(cardManager, cfg.testSuite, KeyPair.ALG_EC_FP)); + } + if (cfg.binaryField) { + commands.addAll(testCurves(cardManager, cfg.testSuite, KeyPair.ALG_EC_F2M)); + } + List test = Command.sendAll(commands); + System.out.println(Response.toString(test)); + return null; + } + } } diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 6fe3b8e..21d4992 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -306,6 +306,18 @@ public class Util { case EC_Consts.CORRUPTION_INFINITY: corrupt = "INFINITY"; break; + case EC_Consts.CORRUPTION_PREFIX_COMPRESSED: + corrupt = "COMPRESSED"; + break; + case EC_Consts.CORRUPTION_PREFIX_HYBRID: + corrupt = "HYBRID"; + break; + case EC_Consts.CORRUPTION_PREFIX_UNCOMPRESSED: + corrupt = "UNCOMPRESSED"; + break; + case EC_Consts.CORRUPTION_MAX: + corrupt = "MAX"; + break; default: corrupt = "unknown"; break; -- cgit v1.2.3-70-g09d2 From ded7d49b3f23c140d1e10fe018e0dc42f19d526e Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 1 May 2017 16:01:11 +0200 Subject: Change EC_Consts.CORRUPTION_* into a short that's maskable --- src/cz/crcs/ectester/applet/ECKeyTester.java | 85 ++++++------ src/cz/crcs/ectester/applet/ECTesterApplet.java | 40 +++--- src/cz/crcs/ectester/applet/EC_Consts.java | 166 +++++++++++++----------- src/cz/crcs/ectester/reader/Command.java | 15 ++- src/cz/crcs/ectester/reader/Response.java | 4 +- src/cz/crcs/ectester/reader/TestSuite.java | 1 + src/cz/crcs/ectester/reader/Util.java | 12 +- 7 files changed, 168 insertions(+), 155 deletions(-) diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index aac4656..1d113ae 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -50,7 +50,7 @@ public class ECKeyTester { return sw; } - private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) { short length = 0; try { sw = ECUtil.kaCheck(ka); @@ -72,16 +72,16 @@ public class ECKeyTester { * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. * Output should equal with ECDHC output. * - * @param privatePair - * @param publicPair - * @param pubkeyBuffer - * @param pubkeyOffset - * @param outputBuffer - * @param outputOffset - * @param corruption + * @param privatePair KeyPair from which the private key is used + * @param publicPair KeyPair from which the public key is used + * @param pubkeyBuffer buffer to be used for the public key + * @param pubkeyOffset offset into pubkeyBuffer that can be used for the public key + * @param outputBuffer buffer to be used for the secret output + * @param outputOffset offset into the outputBuffer + * @param corruption (EC_Consts.CORRUPTION_* | ...) * @return derived secret length **/ - public short testECDH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + public short testECDH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) { return testKA(ecdhKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } @@ -90,31 +90,30 @@ public class ECKeyTester { * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. * Output should equal to ECDH output. * - * @param privatePair - * @param publicPair - * @param pubkeyBuffer - * @param pubkeyOffset - * @param outputBuffer - * @param outputOffset - * @param corruption + * @param privatePair KeyPair from which the private key is used + * @param publicPair KeyPair from which the public key is used + * @param pubkeyBuffer buffer to be used for the public key + * @param pubkeyOffset offset into pubkeyBuffer that can be used for the public key + * @param outputBuffer buffer to be used for the secret output + * @param outputOffset offset into the outputBuffer + * @param corruption (EC_Consts.CORRUPTION_* | ...) * @return derived secret length */ - public short testECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + public short testECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) { return testKA(ecdhcKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } /** - * - * @param privatePair - * @param publicPair - * @param pubkeyBuffer - * @param pubkeyOffset - * @param outputBuffer - * @param outputOffset - * @param corruption + * @param privatePair KeyPair from which the private key is used + * @param publicPair KeyPair from which the public key is used + * @param pubkeyBuffer buffer to be used for the public key + * @param pubkeyOffset offset into pubkeyBuffer that can be used for the public key + * @param outputBuffer buffer to be used for the secret output + * @param outputOffset offset into the outputBuffer + * @param corruption (EC_Consts.CORRUPTION_* | ...) * @return */ - public short testBOTH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + public short testBOTH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) { short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); if (sw != ISO7816.SW_NO_ERROR) { return ecdhLength; @@ -124,7 +123,7 @@ public class ECKeyTester { if (sw != ISO7816.SW_NO_ERROR) { return length; } - if (Util.arrayCompare(outputBuffer, outputOffset, outputBuffer, (short)(outputOffset + ecdhLength), ecdhLength) != 0) { + if (Util.arrayCompare(outputBuffer, outputOffset, outputBuffer, (short) (outputOffset + ecdhLength), ecdhLength) != 0) { sw = ECTesterApplet.SW_DH_DHC_MISMATCH; } return length; @@ -132,34 +131,34 @@ public class ECKeyTester { } /** - * - * @param privatePair - * @param publicPair - * @param pubkeyBuffer - * @param pubkeyOffset - * @param outputBuffer - * @param outputOffset - * @param corruption + * @param privatePair KeyPair from which the private key is used + * @param publicPair KeyPair from which the public key is used + * @param pubkeyBuffer buffer to be used for the public key + * @param pubkeyOffset offset into pubkeyBuffer that can be used for the public key + * @param outputBuffer buffer to be used for the secret output + * @param outputOffset offset into the outputBuffer + * @param corruption (EC_Consts.CORRUPTION_* | ...) * @return */ - public short testANY(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[]outputBuffer, short outputOffset, byte corruption) { + public short testANY(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) { short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); if (sw == ISO7816.SW_NO_ERROR) return ecdhLength; return testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } + /** * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. * Then checks for correct signature length. * Then tries verifying the data with {@code verifyKey}. * - * @param signKey - * @param verifyKey - * @param inputBuffer - * @param inputOffset - * @param inputLength - * @param sigBuffer - * @param sigOffset + * @param signKey key to use for signing + * @param verifyKey key to use for verifying the signature + * @param inputBuffer buffer to sign data from + * @param inputOffset offset into inputBuffer to sign data from + * @param inputLength length of data to sign + * @param sigBuffer buffer to output signature to + * @param sigOffset offset into sigBuffer to output to * @return signature length */ public short testECDSA(ECPrivateKey signKey, ECPublicKey verifyKey, byte[] inputBuffer, short inputOffset, short inputLength, byte[] sigBuffer, short sigOffset) { diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index 88d1b8c..4e586ec 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -340,7 +340,7 @@ public class ECTesterApplet extends Applet { * @param apdu P1 = byte pubkey (KEYPAIR_*) * P2 = byte privkey (KEYPAIR_*) * DATA = byte export (EXPORT_TRUE || EXPORT_FALSE) - * byte corruption (00 = valid, !00 = invalid) + * short corruption (EC_Consts.CORRUPTION_* | ...) * byte type (EC_Consts.KA_* | ...) */ private void insECDH(APDU apdu) { @@ -350,8 +350,8 @@ public class ECTesterApplet extends Applet { byte pubkey = apdubuf[ISO7816.OFFSET_P1]; byte privkey = apdubuf[ISO7816.OFFSET_P2]; byte export = apdubuf[ISO7816.OFFSET_CDATA]; - byte corruption = apdubuf[(short) (ISO7816.OFFSET_CDATA + 1)]; - byte type = apdubuf[(short) (ISO7816.OFFSET_CDATA + 2)]; + short corruption = Util.getShort(apdubuf, (short) (ISO7816.OFFSET_CDATA + 1)); + byte type = apdubuf[(short) (ISO7816.OFFSET_CDATA + 3)]; short len = ecdh(pubkey, privkey, export, corruption, type, apdubuf, (short) 0); @@ -386,8 +386,9 @@ public class ECTesterApplet extends Applet { } /** + * Performs card memory cleanup via JCSystem.requestObjectDeletion() * - * @param apdu + * @param apdu no data */ private void insCleanup(APDU apdu) { apdu.setIncomingAndReceive(); @@ -399,8 +400,10 @@ public class ECTesterApplet extends Applet { } /** + * Returns data about card support for various EC related tasks collected on applet + * install. * - * @param apdu + * @param apdu no data */ private void insSupport(APDU apdu) { apdu.setIncomingAndReceive(); @@ -541,12 +544,12 @@ public class ECTesterApplet extends Applet { * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDH secret * @param corruption whether to invalidate the pubkey before ECDH - * @param type + * @param type KeyAgreement type to test (EC_Consts.KA_* || ...) * @param buffer buffer to write sw to, and export ECDH secret {@code if(export == EXPORT_TRUE)} * @param offset output offset in buffer * @return length of data written to the buffer */ - private short ecdh(byte pubkey, byte privkey, byte export, byte corruption, byte type, byte[] buffer, short offset) { + private short ecdh(byte pubkey, byte privkey, byte export, short corruption, byte type, byte[] buffer, short offset) { short length = 0; KeyPair pub = ((pubkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; @@ -564,7 +567,7 @@ public class ECTesterApplet extends Applet { secretLength = keyTester.testBOTH(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); break; case EC_Consts.KA_ANY: - secretLength = keyTester.testANY(priv, pub, ramArray, (short) 0, ramArray2, (short)0, corruption); + secretLength = keyTester.testANY(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); @@ -619,9 +622,9 @@ public class ECTesterApplet extends Applet { } /** - * @param buffer - * @param offset - * @return + * @param buffer buffer to write sw to + * @param offset output offset in buffer + * @return length of data written to the buffer */ private short cleanup(byte[] buffer, short offset) { short sw = ISO7816.SW_NO_ERROR; @@ -637,10 +640,9 @@ public class ECTesterApplet extends Applet { } /** - * - * @param buffer - * @param offset - * @return + * @param buffer buffer to write sw to + * @param offset output offset in buffer + * @return length of data written to the buffer */ private short support(byte[] buffer, short offset) { @@ -650,14 +652,14 @@ public class ECTesterApplet extends Applet { Util.setShort(buffer, offset, ISO7816.SW_INS_NOT_SUPPORTED); } if (keyTester.hasECDHC()) { - Util.setShort(buffer, (short) (offset+2), ecdhcSW); + Util.setShort(buffer, (short) (offset + 2), ecdhcSW); } else { - Util.setShort(buffer, (short) (offset+2), ISO7816.SW_INS_NOT_SUPPORTED); + Util.setShort(buffer, (short) (offset + 2), ISO7816.SW_INS_NOT_SUPPORTED); } if (keyTester.hasECDSA()) { - Util.setShort(buffer, (short) (offset+4), ecdsaSW); + Util.setShort(buffer, (short) (offset + 4), ecdsaSW); } else { - Util.setShort(buffer, (short) (offset+4), ISO7816.SW_INS_NOT_SUPPORTED); + Util.setShort(buffer, (short) (offset + 4), ISO7816.SW_INS_NOT_SUPPORTED); } return 6; diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index 1334541..f749af5 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -950,18 +950,16 @@ public class EC_Consts { // getCorruptCurveParameter PARAMETER_CORRUPTION TYPES - public static final byte CORRUPTION_NONE = (byte) 0x00; - public static final byte CORRUPTION_FIXED = (byte) 0x01; - public static final byte CORRUPTION_FULLRANDOM = (byte) 0x02; - public static final byte CORRUPTION_ONEBYTERANDOM = (byte) 0x03; - public static final byte CORRUPTION_ZERO = (byte) 0x04; - public static final byte CORRUPTION_ONE = (byte) 0x05; - public static final byte CORRUPTION_MAX = (byte) 0x06; - public static final byte CORRUPTION_INCREMENT = (byte) 0x07; - public static final byte CORRUPTION_INFINITY = (byte) 0x08; - public static final byte CORRUPTION_PREFIX_COMPRESSED = (byte) 0x09; - public static final byte CORRUPTION_PREFIX_HYBRID = (byte) 0x0a; - public static final byte CORRUPTION_PREFIX_UNCOMPRESSED = (byte) 0x0b; + public static final short CORRUPTION_NONE = (short) 0x00; + public static final short CORRUPTION_FIXED = (short) 0x01; + public static final short CORRUPTION_FULLRANDOM = (short) 0x02; + public static final short CORRUPTION_ONEBYTERANDOM = (short) 0x04; + public static final short CORRUPTION_ZERO = (short) 0x08; + public static final short CORRUPTION_ONE = (short) 0x10; + public static final short CORRUPTION_MAX = (short) 0x20; + public static final short CORRUPTION_INCREMENT = (short) 0x40; + public static final short CORRUPTION_INFINITY = (short) 0x80; + public static final short CORRUPTION_COMPRESS = (short) 0x0100; // toX962 FORM types public static final byte X962_UNCOMPRESSED = (byte) 0x00; @@ -1242,71 +1240,89 @@ public class EC_Consts { return length; } - public static short corruptParameter(byte corruption, byte[] buffer, short offset, short length) { - switch (corruption) { - case CORRUPTION_NONE: - break; - case CORRUPTION_FIXED: - if (length >= 1) { - buffer[offset] = (byte) 0xcc; - buffer[(short) (offset + length - 1)] = (byte) 0xcc; - } - break; - case CORRUPTION_FULLRANDOM: - randomData.generateData(buffer, offset, length); - break; - case CORRUPTION_ONEBYTERANDOM: - short first = Util.getShort(buffer, (short) 0); // save first two bytes - - randomData.generateData(buffer, (short) 0, (short) 2); // generate position - short rngPos = Util.getShort(buffer, (short) 0); // save generated position - - Util.setShort(buffer, (short) 0, first); // restore first two bytes - - if (rngPos < 0) { // make positive - rngPos = (short) -rngPos; - } - rngPos %= length; // make < param length - - byte original = buffer[rngPos]; - do { - randomData.generateData(buffer, rngPos, (short) 1); - } while (original == buffer[rngPos]); - break; - case CORRUPTION_ZERO: - Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); - break; - case CORRUPTION_ONE: - Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); - buffer[(short) (offset + length)] = (byte) 1; - break; - case CORRUPTION_MAX: - Util.arrayFillNonAtomic(buffer, offset, length, (byte) 1); - break; - case CORRUPTION_INCREMENT: - short index = (short) (offset + length - 1); - byte value; - do { - value = buffer[index]; - buffer[index--] = ++value; - } while (value == (byte) 0 && index >= offset); - break; - case CORRUPTION_INFINITY: - Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); - return 1; - case CORRUPTION_PREFIX_COMPRESSED: - buffer[offset] = 2; - break; - case CORRUPTION_PREFIX_HYBRID: - buffer[offset] = 6; - break; - case CORRUPTION_PREFIX_UNCOMPRESSED: - buffer[offset] = 4; - break; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + public static short corruptParameter(short corruption, byte[] buffer, short offset, short length) { + if (corruption == CORRUPTION_NONE) { + return length; } + short corruptionMask = CORRUPTION_FIXED; + while (corruptionMask <= CORRUPTION_COMPRESS) { + short corruptionPart = (short) (corruptionMask & corruption); + switch (corruptionPart) { + case 0: + break; + case CORRUPTION_FIXED: + if (length >= 1) { + buffer[offset] = (byte) 0xcc; + buffer[(short) (offset + length - 1)] = (byte) 0xcc; + } + break; + case CORRUPTION_FULLRANDOM: + randomData.generateData(buffer, offset, length); + break; + case CORRUPTION_ONEBYTERANDOM: + short first = Util.getShort(buffer, (short) 0); // save first two bytes + + randomData.generateData(buffer, (short) 0, (short) 2); // generate position + short rngPos = Util.getShort(buffer, (short) 0); // save generated position + + Util.setShort(buffer, (short) 0, first); // restore first two bytes + + if (rngPos < 0) { // make positive + rngPos = (short) -rngPos; + } + rngPos %= length; // make < param length + + byte original = buffer[rngPos]; + do { + randomData.generateData(buffer, rngPos, (short) 1); + } while (original == buffer[rngPos]); + break; + case CORRUPTION_ZERO: + Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); + break; + case CORRUPTION_ONE: + Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); + buffer[(short) (offset + length)] = (byte) 1; + break; + case CORRUPTION_MAX: + Util.arrayFillNonAtomic(buffer, offset, length, (byte) 1); + break; + case CORRUPTION_INCREMENT: + short index = (short) (offset + length - 1); + byte value; + do { + value = buffer[index]; + buffer[index--] = ++value; + } while (value == (byte) 0 && index >= offset); + break; + case CORRUPTION_INFINITY: + Util.arrayFillNonAtomic(buffer, offset, length, (byte) 0); + length = 1; + break; + case CORRUPTION_COMPRESS: + if (length % 2 != 1) { + // an uncompressed point should have odd length (since 1 byte type, + 2 * coords) + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + short half = (short) ((length - 1) / 2); + byte yLSB = buffer[(short) (offset + length)]; + byte yBit = (byte) (yLSB & 0x01); + + if (yBit == 1) { + buffer[offset] = 3; + } else { + buffer[offset] = 2; + } + + length = (short) (half + 1); + break; + //TODO: test hybrid form with not corresponding yBit (in first byte value) and y_value in the second half of the param + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + corruptionMask = (short) (corruptionMask << 1); + } return length; } diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index b65159a..1063767 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -21,10 +21,10 @@ import java.util.List; * @author Jan Jancar johny@neuromancer.sk */ public abstract class Command { - protected CommandAPDU cmd; - protected CardMngr cardManager; + CommandAPDU cmd; + CardMngr cardManager; - protected Command(CardMngr cardManager) { + Command(CardMngr cardManager) { this.cardManager = cardManager; } @@ -392,7 +392,7 @@ public abstract class Command { private byte pubkey; private byte privkey; private byte export; - private byte corruption; + private short corruption; private byte type; /** @@ -402,10 +402,10 @@ public abstract class Command { * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDH secret - * @param corruption whether to invalidate the pubkey before ECDH (EC_Consts.CORRUPTION_* || ...) + * @param corruption whether to invalidate the pubkey before ECDH (EC_Consts.CORRUPTION_* | ...) * @param type ECDH algorithm type (EC_Consts.KA_* | ...) */ - protected ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte corruption, byte type) { + protected ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, short corruption, byte type) { super(cardManager); this.pubkey = pubkey; this.privkey = privkey; @@ -413,7 +413,8 @@ public abstract class Command { this.corruption = corruption; this.type = type; - byte[] data = new byte[]{export, corruption, type}; + byte[] data = new byte[]{export, 0,0, type}; + Util.setShort(data, 1, corruption); this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDH, pubkey, privkey, data); } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 89dce9c..50e5022 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -454,10 +454,10 @@ public abstract class Response { private byte pubkey; private byte privkey; private byte export; - private byte corruption; + private short corruption; private byte type; - protected ECDH(ResponseAPDU response, long time, byte pubkey, byte privkey, byte export, byte corruption, byte type) { + protected ECDH(ResponseAPDU response, long time, byte pubkey, byte privkey, byte export, short corruption, byte type) { super(response, time); this.pubkey = pubkey; this.privkey = privkey; diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index 047b7f6..c7c3b21 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -59,6 +59,7 @@ public abstract class TestSuite { List commands = new LinkedList<>(); commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_COMPRESS, EC_Consts.KA_ECDH)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ONE, EC_Consts.KA_ECDH)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ZERO, EC_Consts.KA_ECDH)); commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_MAX, EC_Consts.KA_ECDH)); diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 21d4992..986433f 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -203,7 +203,7 @@ public class Util { str = "FILE_NOT_FOUND"; break; case ISO7816.SW_FUNC_NOT_SUPPORTED: - str = "FILE_NOT_SUPPORTED"; + str = "FUNC_NOT_SUPPORTED"; break; case ISO7816.SW_INCORRECT_P1P2: str = "INCORRECT_P1P2"; @@ -279,7 +279,7 @@ public class Util { } } - public static String getCorruption(byte corruptionType) { + public static String getCorruption(short corruptionType) { String corrupt; switch (corruptionType) { case EC_Consts.CORRUPTION_NONE: @@ -306,15 +306,9 @@ public class Util { case EC_Consts.CORRUPTION_INFINITY: corrupt = "INFINITY"; break; - case EC_Consts.CORRUPTION_PREFIX_COMPRESSED: + case EC_Consts.CORRUPTION_COMPRESS: corrupt = "COMPRESSED"; break; - case EC_Consts.CORRUPTION_PREFIX_HYBRID: - corrupt = "HYBRID"; - break; - case EC_Consts.CORRUPTION_PREFIX_UNCOMPRESSED: - corrupt = "UNCOMPRESSED"; - break; case EC_Consts.CORRUPTION_MAX: corrupt = "MAX"; break; -- cgit v1.2.3-70-g09d2 From 24bac3f0773950a76346c0d7bf1131c1e8c8df99 Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 1 May 2017 18:58:26 +0200 Subject: Move Default test suite to real Tests --- src/cz/crcs/ectester/applet/ECKeyGenerator.java | 2 +- src/cz/crcs/ectester/reader/Command.java | 14 ++- src/cz/crcs/ectester/reader/ECTester.java | 17 ++-- src/cz/crcs/ectester/reader/Test.java | 3 - src/cz/crcs/ectester/reader/TestSuite.java | 118 ++++++++++++------------ 5 files changed, 75 insertions(+), 79 deletions(-) diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index a602ab1..f8cbf87 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -177,7 +177,7 @@ public class ECKeyGenerator { short i3 = Util.makeShort(data[(short) (offset + 6)], data[(short) (offset + 7)]); // if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); // if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); - // TODO fix this + // TODO: fix this, ^^ fails on jcardsim, but is up to spec if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i3, i2, i1); if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i3, i2, i1); } else { diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index 1063767..4e210ed 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -47,16 +47,15 @@ public abstract class Command { * @param keyPair which keyPair/s (local/remote) to set curve domain parameters on * @param keyLength key length to choose * @param keyClass key class to choose - * @return a list of Commands to send in order to prepare the curve on the keypairs. + * @return a Command to send in order to prepare the curve on the keypairs. * @throws IOException if curve file cannot be found/opened */ - public static List prepareCurve(CardMngr cardManager, EC_Store dataStore, ECTester.Config cfg, byte keyPair, short keyLength, byte keyClass) throws IOException { - List commands = new ArrayList<>(); + public static Command prepareCurve(CardMngr cardManager, EC_Store dataStore, ECTester.Config cfg, byte keyPair, short keyLength, byte keyClass) throws IOException { if (cfg.customCurve) { // Set custom curve (one of the SECG curves embedded applet-side) short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null)); + return new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null); } else if (cfg.namedCurve != null) { // Set a named curve. // parse cfg.namedCurve -> cat / id | cat | id @@ -72,7 +71,7 @@ public abstract class Command { if (external == null) { throw new IOException("Couldn't read named curve data."); } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); + return new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external); } else if (cfg.curveFile != null) { // Set curve loaded from a file EC_Curve curve = new EC_Curve(null, keyLength, keyClass); @@ -85,7 +84,7 @@ public abstract class Command { if (external == null) { throw new IOException("Couldn't read the curve file correctly."); } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); + return new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external); } else { // Set default curve /* This command was generally causing problems for simulating on jcardsim. @@ -93,9 +92,8 @@ public abstract class Command { * This might break some other stuff.. But should not. */ //commands.add(new Command.Clear(cardManager, keyPair)); + return null; } - - return commands; } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 33d1b7f..217b9ef 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -47,7 +47,6 @@ public class ECTester { private DirtyLogger systemOutLogger; private EC_Store dataStore; private Config cfg; - private TestSuite[] testSuites; private Options opts = new Options(); private static final String CLI_HEADER = "\nECTester, a javacard Elliptic Curve Cryptograhy support tester/utility.\n\n"; @@ -209,7 +208,7 @@ public class ECTester { actions.addOption(Option.builder("ln").longOpt("list-named").desc("Print the list of supported named curves and keys.").hasArg().argName("what").optionalArg(true).build()); actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); - actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support. [test_suite]:\n- default:\n- invalid:\n- wrong:\n- nonprime:\n- smallpub:\n- test-vectors:").hasArg().argName("test_suite").optionalArg(true).build()); + actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support. [test_suite]:\n- default:\n- invalid:\n- wrong:\n- nonprime:\n- test-vectors:").hasArg().argName("test_suite").optionalArg(true).build()); actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dhc").longOpt("ecdhc").desc("Do ECDHC, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA, [count] times.").hasArg().argName("count").optionalArg(true).build()); @@ -333,7 +332,7 @@ public class ECTester { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send(); - List curve = Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass); + Command curve = Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass); FileWriter keysFile = new FileWriter(cfg.output); keysFile.write("index;time;pubW;privS\n"); @@ -341,8 +340,8 @@ public class ECTester { int generated = 0; int retry = 0; while (generated < cfg.generateAmount || cfg.generateAmount == 0) { - if (cfg.fresh || generated == 0) { - Command.sendAll(curve); + if ((cfg.fresh || generated == 0) && curve != null) { + curve.send(); } Command.Generate generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL); @@ -429,7 +428,9 @@ public class ECTester { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List prepare = new LinkedList<>(); prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass).send()); - prepare.addAll(Command.sendAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass))); + Command curve = Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass); + if (curve != null) + prepare.add(curve.send()); systemOutLogger.println(Response.toString(prepare)); @@ -506,7 +507,9 @@ public class ECTester { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List prepare = new LinkedList<>(); prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send()); - prepare.addAll(Command.sendAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass))); + Command curve = Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass); + if (curve != null) + prepare.add(curve.send()); systemOutLogger.println(Response.toString(prepare)); diff --git a/src/cz/crcs/ectester/reader/Test.java b/src/cz/crcs/ectester/reader/Test.java index 78efef5..651274d 100644 --- a/src/cz/crcs/ectester/reader/Test.java +++ b/src/cz/crcs/ectester/reader/Test.java @@ -29,9 +29,6 @@ public class Test { } public Response getResponse() { - if (!hasRun) { - return null; - } return response; } diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index c7c3b21..c2ccb54 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -21,7 +21,7 @@ public abstract class TestSuite { EC_Store dataStore; ECTester.Config cfg; String name; - boolean hasRun; + boolean hasRun = false; List tests = new LinkedList<>(); TestSuite(EC_Store dataStore, ECTester.Config cfg, String name) { @@ -30,7 +30,7 @@ public abstract class TestSuite { this.name = name; } - public List run(CardMngr cardManager) throws IOException, CardException { + public List run(CardMngr cardManager) throws CardException, IOException { for (Test t : tests) { t.run(); System.out.println(t); @@ -52,44 +52,53 @@ public abstract class TestSuite { } /** - * @return - * @throws IOException if an IO error occurs when writing to key file. + * @param cardManager cardManager to send APDU through + * @param generateExpected expected result of the Generate command + * @param ecdhExpected expected result of the ordinary ECDH command + * @param ecdsaExpected expected result of the ordinary ECDSA command + * @return tests to run */ - List testCurve(CardMngr cardManager) throws IOException { - List commands = new LinkedList<>(); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_COMPRESS, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ONE, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ZERO, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_MAX, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_FULLRANDOM, EC_Consts.KA_ECDH)); - commands.add(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, null)); - return commands; + List testCurve(CardMngr cardManager, Test.Result generateExpected, Test.Result ecdhExpected, Test.Result ecdsaExpected) { + List tests = new LinkedList<>(); + + tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH), generateExpected)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH), ecdhExpected)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_COMPRESS, EC_Consts.KA_ECDH), ecdhExpected)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ONE, EC_Consts.KA_ECDH), Test.Result.FAILURE)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_ZERO, EC_Consts.KA_ECDH), Test.Result.FAILURE)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_MAX, EC_Consts.KA_ECDH), Test.Result.FAILURE)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_FULLRANDOM, EC_Consts.KA_ECDH), Test.Result.FAILURE)); + tests.add(new Test(new Command.ECDSA(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, null), ecdsaExpected)); + + return tests; } /** - * @param category - * @param field - * @return - * @throws IOException if an IO error occurs when writing to key file. + * @param cardManager cardManager to send APDU through + * @param category category to test + * @param field field to test (KeyPair.ALG_EC_FP || KeyPair.ALG_EC_F2M) + * @param setExpected expected result of the Set (curve) command + * @param generateExpected expected result of the Generate command + * @param ecdhExpected expected result of the ordinary ECDH command + * @param ecdsaExpected expected result of the ordinary ECDSA command + * @return tests to run */ - List testCurves(CardMngr cardManager, String category, byte field) throws IOException { - List commands = new LinkedList<>(); + List testCategory(CardMngr cardManager, String category, byte field, Test.Result setExpected, Test.Result generateExpected, Test.Result ecdhExpected, Test.Result ecdsaExpected) { + List tests = new LinkedList<>(); Map curves = dataStore.getObjects(EC_Curve.class, category); if (curves == null) - return commands; + return tests; for (Map.Entry entry : curves.entrySet()) { EC_Curve curve = entry.getValue(); if (curve.getField() == field && (curve.getBits() == cfg.bits || cfg.all)) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), field)); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.addAll(testCurve(cardManager)); - commands.add(new Command.Cleanup(cardManager)); + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), field), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), setExpected)); + tests.addAll(testCurve(cardManager, generateExpected, ecdhExpected, ecdsaExpected)); + tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); } } - return commands; + return tests; } public static class Default extends TestSuite { @@ -100,55 +109,48 @@ public abstract class TestSuite { @Override public List run(CardMngr cardManager) throws IOException, CardException { - //TODO: Convert TestSuire.Default to Tests - List commands = new LinkedList<>(); - commands.add(new Command.Support(cardManager)); + tests.add(new Test(new Command.Support(cardManager), Test.Result.ANY)); if (cfg.namedCurve != null) { if (cfg.primeField) { - commands.addAll(testCurves(cardManager, cfg.namedCurve, KeyPair.ALG_EC_FP)); + tests.addAll(testCategory(cardManager, cfg.namedCurve, KeyPair.ALG_EC_FP, Test.Result.SUCCESS, Test.Result.SUCCESS, Test.Result.SUCCESS, Test.Result.SUCCESS)); } if (cfg.binaryField) { - commands.addAll(testCurves(cardManager, cfg.namedCurve, KeyPair.ALG_EC_F2M)); + tests.addAll(testCategory(cardManager, cfg.namedCurve, KeyPair.ALG_EC_F2M, Test.Result.SUCCESS, Test.Result.SUCCESS, Test.Result.SUCCESS, Test.Result.SUCCESS)); } } else { if (cfg.all) { if (cfg.primeField) { //iterate over prime curve sizes used: EC_Consts.FP_SIZES for (short keyLength : EC_Consts.FP_SIZES) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); - commands.addAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); - commands.addAll(testCurve(cardManager)); - commands.add(new Command.Cleanup(cardManager)); + defaultTests(cardManager, keyLength, KeyPair.ALG_EC_FP); } } if (cfg.binaryField) { //iterate over binary curve sizes used: EC_Consts.F2M_SIZES for (short keyLength : EC_Consts.F2M_SIZES) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); - commands.addAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); - commands.addAll(testCurve(cardManager)); - commands.add(new Command.Cleanup(cardManager)); + defaultTests(cardManager, keyLength, KeyPair.ALG_EC_F2M); } } } else { if (cfg.primeField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); - commands.addAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); - commands.addAll(testCurve(cardManager)); - commands.add(new Command.Cleanup(cardManager)); + defaultTests(cardManager, (short) cfg.bits, KeyPair.ALG_EC_FP); } if (cfg.binaryField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); - commands.addAll(Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); - commands.addAll(testCurve(cardManager)); - commands.add(new Command.Cleanup(cardManager)); + defaultTests(cardManager, (short) cfg.bits, KeyPair.ALG_EC_F2M); } } } - List test = Command.sendAll(commands); - System.out.println(Response.toString(test)); - return null; + return super.run(cardManager); + } + + private void defaultTests(CardMngr cardManager, short keyLength, byte keyType) throws IOException { + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, keyType), Test.Result.SUCCESS)); + Command curve = Command.prepareCurve(cardManager, dataStore, cfg, ECTesterApplet.KEYPAIR_BOTH, keyLength, keyType); + if (curve != null) + tests.add(new Test(curve, Test.Result.SUCCESS)); + tests.addAll(testCurve(cardManager, Test.Result.SUCCESS, Test.Result.SUCCESS, Test.Result.SUCCESS)); + tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); } } @@ -243,7 +245,7 @@ public abstract class TestSuite { } @Override - public List run(CardMngr cardManager) throws IOException, CardException { + public List run(CardMngr cardManager) throws CardException, IOException { /* Set original curves (secg/nist/brainpool). Generate local. * Try ECDH with invalid public keys of increasing (or decreasing) order. */ @@ -274,21 +276,17 @@ public abstract class TestSuite { } @Override - public List run(CardMngr cardManager) throws IOException, CardException { + public List run(CardMngr cardManager) throws CardException, IOException { /* Just do the default tests on the wrong curves. * These should generally fail, the curves aren't curves. */ - //TODO: Convert TestSuire.Wrong to Tests - List commands = new LinkedList<>(); if (cfg.primeField) { - commands.addAll(testCurves(cardManager, cfg.testSuite, KeyPair.ALG_EC_FP)); + tests.addAll(testCategory(cardManager, cfg.testSuite, KeyPair.ALG_EC_FP, Test.Result.FAILURE, Test.Result.FAILURE, Test.Result.FAILURE, Test.Result.FAILURE)); } if (cfg.binaryField) { - commands.addAll(testCurves(cardManager, cfg.testSuite, KeyPair.ALG_EC_F2M)); + tests.addAll(testCategory(cardManager, cfg.testSuite, KeyPair.ALG_EC_F2M, Test.Result.FAILURE, Test.Result.FAILURE, Test.Result.FAILURE, Test.Result.FAILURE)); } - List test = Command.sendAll(commands); - System.out.println(Response.toString(test)); - return null; + return super.run(cardManager); } } } -- cgit v1.2.3-70-g09d2 From cc4e981402369ce14150d3949e0b02905865c37f Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 1 May 2017 22:30:34 +0200 Subject: Reworked invalid curve testing, added generated anomalous curves --- !uploader/ectester.cap | Bin 14586 -> 14675 bytes FORMAT.md | 7 ++- TESTS.md | 4 +- dist/ECTester.jar | Bin 323844 -> 343742 bytes src/cz/crcs/ectester/applet/EC_Consts.java | 8 +-- src/cz/crcs/ectester/data/EC_Store.java | 16 ++---- .../crcs/ectester/data/anomalous/anomalous112.csv | 1 + .../crcs/ectester/data/anomalous/anomalous128.csv | 1 + .../crcs/ectester/data/anomalous/anomalous160.csv | 1 + .../crcs/ectester/data/anomalous/anomalous192.csv | 1 + .../crcs/ectester/data/anomalous/anomalous224.csv | 1 + .../crcs/ectester/data/anomalous/anomalous256.csv | 1 + .../crcs/ectester/data/anomalous/anomalous320.csv | 1 + .../crcs/ectester/data/anomalous/anomalous384.csv | 1 + .../crcs/ectester/data/anomalous/anomalous512.csv | 1 + .../crcs/ectester/data/anomalous/anomalous521.csv | 1 + src/cz/crcs/ectester/data/anomalous/curves.xml | 60 +++++++++++++++++++++ .../crcs/ectester/data/invalid/brainpool/keys.xml | 2 +- src/cz/crcs/ectester/data/invalid/nist/keys.xml | 6 --- src/cz/crcs/ectester/data/invalid/secg/keys.xml | 7 +-- src/cz/crcs/ectester/reader/TestSuite.java | 21 +++++--- src/cz/crcs/ectester/reader/ec/EC_Category.java | 12 +++++ src/cz/crcs/ectester/reader/ec/EC_Data.java | 36 +++++++++++-- src/cz/crcs/ectester/reader/ec/EC_Params.java | 1 - 24 files changed, 141 insertions(+), 49 deletions(-) create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous112.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous128.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous160.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous192.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous224.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous256.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous320.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous384.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous512.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous521.csv diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index ea66c8f..0d50b57 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/FORMAT.md b/FORMAT.md index a753c75..b68db39 100644 --- a/FORMAT.md +++ b/FORMAT.md @@ -5,7 +5,6 @@ CSV based, little-endian hexadecimal values. ### Prime field `p,a,b,gx,gy,n,h` - ### Binary field `m,e1,e2,e3,a,b,gx,gy,n,h` @@ -22,9 +21,9 @@ CSV based, little-endian hexadecimal values. # Notation - `p` - prime F_p - `m` - binary field exponent F_2^m - - e1 - largest exponent of the field polynomial - - e2 - middle exponenet of the field polynomial, or `0000` if field poly is a trinomial - - e3 - smallest exponent (except zero) of the field polynomial, or `0000` if field poly is a trinomial + - `e1` - largest exponent of the field polynomial + - `e2` - middle exponenet of the field polynomial, or `0000` if field poly is a trinomial + - `e3` - smallest exponent (except zero) of the field polynomial, or `0000` if field poly is a trinomial - `a` - a parameter in short Weierstrass curve equation - `b` - b parameter in short Weierstrass curve equation - `gx` - x coordinate of the curve base-point g diff --git a/TESTS.md b/TESTS.md index 710a04b..1e4f5ca 100644 --- a/TESTS.md +++ b/TESTS.md @@ -77,6 +77,4 @@ For example: ```bash java -jar ECTester.jar -t invalid -nc nist -a -fp ``` -tests using all(`-a`), prime-field(`-fp`) NIST curves and pregenerated *invalid* public keys for these curves. - -**TODO: CURRENTLY NOT IMPLEMENTED** \ No newline at end of file +tests using all(`-a`), prime-field(`-fp`) NIST curves and pregenerated *invalid* public keys for these curves. \ No newline at end of file diff --git a/dist/ECTester.jar b/dist/ECTester.jar index adfa6d4..d764a7b 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index f749af5..d970542 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -1249,7 +1249,7 @@ public class EC_Consts { while (corruptionMask <= CORRUPTION_COMPRESS) { short corruptionPart = (short) (corruptionMask & corruption); switch (corruptionPart) { - case 0: + case (short) 0: break; case CORRUPTION_FIXED: if (length >= 1) { @@ -1301,14 +1301,14 @@ public class EC_Consts { length = 1; break; case CORRUPTION_COMPRESS: - if (length % 2 != 1) { + + if ((short) (length % 2) != 1) { // an uncompressed point should have odd length (since 1 byte type, + 2 * coords) ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } - short half = (short) ((length - 1) / 2); + short half = (short) ((short)(length - 1) / 2); byte yLSB = buffer[(short) (offset + length)]; byte yBit = (byte) (yLSB & 0x01); - if (yBit == 1) { buffer[offset] = 3; } else { diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index 906eb8d..94eb011 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -178,21 +178,11 @@ public class EC_Store { if (direct instanceof Element) { Element elem = (Element) direct; - NodeList childs = elem.getChildNodes(); - String id = null; - for (int j = 0; j < childs.getLength(); ++j) { - Node child = childs.item(j); - if (child instanceof Element) { - Element childElem = (Element) child; - if (childElem.getTagName().equals("id")) { - id = childElem.getTextContent(); - break; - } - } - } - if (id == null) { + NodeList ids = elem.getElementsByTagName("id"); + if (ids.getLength() != 1) { throw new SAXException("key no id?"); } + String id = ids.item(0).getTextContent(); EC_Params result = parseKeylike(dir, elem); diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous112.csv b/src/cz/crcs/ectester/data/anomalous/anomalous112.csv new file mode 100644 index 0000000..6711b71 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous112.csv @@ -0,0 +1 @@ +0xa2d803b165bdb58f5282cd95ae0f,0x5de65e36c0ec85d5908cdce4c978,0x71801c406b1541de2f9e96b0dc55,0x8073044c904d588dde72e51009c8,0x9dda8938ea7144df116677ae5d93,0xa2d803b165bdb58f5282cd95ae0f,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous128.csv b/src/cz/crcs/ectester/data/anomalous/anomalous128.csv new file mode 100644 index 0000000..2dcf172 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous128.csv @@ -0,0 +1 @@ +0xe617383c9d207ab3a6ea5e83ab21b241,0x6ff1fa365aafec734e23d52b50edd6ba,0x1813525c76d5183ce9053236ab4d5699,0x27b56a1b55ed41fd2d25b8e7680c65fb,0xcd4b59a0a7814bf14ea6deb5d40d5c9,0xe617383c9d207ab3a6ea5e83ab21b241,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous160.csv b/src/cz/crcs/ectester/data/anomalous/anomalous160.csv new file mode 100644 index 0000000..bc50f6d --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous160.csv @@ -0,0 +1 @@ +0xc1980258d215dfa641705a68dec6398f69cfb7dd,0x539387a1d2901a0d0aa82e18d31e6b6e45c725c2,0x908c9541398e59bcb0679dcfc1d5e3165a4228e6,0x781ad9264fab66e82a9661efe5cfb7ae963ee2bb,0x8dc2f7237e152c3287658738986d1cce2397e8a6,0xc1980258d215dfa641705a68dec6398f69cfb7dd,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous192.csv b/src/cz/crcs/ectester/data/anomalous/anomalous192.csv new file mode 100644 index 0000000..35a5c07 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous192.csv @@ -0,0 +1 @@ +0x856728e701179222ea33faa5c3634dc2220f7f8a9a6f1215,0x35db21b91c3044ca550379891307606e9d6b81928a9f09eb,0x80839b7e6774fa9964008017048de3cbaa966a501cb1a5f1,0x78a3df2e57554cd64ac3723d0329c9582a80aac3316ea732,0x7150cc7660022e4b9f4460bc5afbbfa9a11eeb7a40ae5ae6,0x856728e701179222ea33faa5c3634dc2220f7f8a9a6f1215,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous224.csv b/src/cz/crcs/ectester/data/anomalous/anomalous224.csv new file mode 100644 index 0000000..bf24496 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous224.csv @@ -0,0 +1 @@ +0xed0377332aa665c2d0eaf466a536ddd7d478e66f573eeb8b0973b7a3,0x7fe9c52bb4892ac826d50355f24b6bfb0f4165d2f1dd550e231fa5fb,0xa0b20244694978a19e1910718b57b990542b5fb95c33be692f80e276,0x8225e0f325d74d4b4a729749ef24a0a3edd9c53c7e0bc3cb2cc87466,0x6dfacd713b83267a78a9c2bb0596cc12ddbe0bdfe4008daa277a95b3,0xed0377332aa665c2d0eaf466a536ddd7d478e66f573eeb8b0973b7a3,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous256.csv b/src/cz/crcs/ectester/data/anomalous/anomalous256.csv new file mode 100644 index 0000000..24d7454 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous256.csv @@ -0,0 +1 @@ +0x8a17b15dd963f53ed8253cb6dd2644819db58d1b1a70a8cf14a6f7ad5c61b7a9,0x7a6c106d27dea9b6c826b5aa585f3ed2dd17b23c8287f0a8de0364baba01b7d7,0x2d42716d40e73c4fe01de111ad155a84350613d8580379b764d207a87242a884,0x3489a3d1ba3181626a6f52badafe4ed68c07efa6ebcff001d78e5c770c3189ba,0x883a994b4dfea1a1fc2b7bffa46a3336e64d5e19bc81e5991bc2a821a2aaf9b1,0x8a17b15dd963f53ed8253cb6dd2644819db58d1b1a70a8cf14a6f7ad5c61b7a9,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous320.csv b/src/cz/crcs/ectester/data/anomalous/anomalous320.csv new file mode 100644 index 0000000..96e98e5 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous320.csv @@ -0,0 +1 @@ +0xac418bcddf4be30b913032dab704fe4b24cf2fec47b36a0463ab5f7e1ab9985e38f4551408f82439,0x9e7dba38d327f78e918193af78700ebab0deecfbd884995dbbbed047ecab7c55c7d3d5fbb6fafd38,0x5eb3a1f211d52c0eb92e47bd151e05d471da8eb18a1ebe0cd4d6e99c50237c56230f69d517188e0b,0x88fb80cc5aa7dc8dfdd8f275d1c5ef9fe0680e3d5cabd08ac22407e3935ac0a15ecfe6690ee37783,0x44810f747b41aedc20a2d022d35a29391522c3843cb36bf73840b56ccca93626a336ab81f613010,0xac418bcddf4be30b913032dab704fe4b24cf2fec47b36a0463ab5f7e1ab9985e38f4551408f82439,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous384.csv b/src/cz/crcs/ectester/data/anomalous/anomalous384.csv new file mode 100644 index 0000000..6034b4a --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous384.csv @@ -0,0 +1 @@ +0xfddbf8939f25d39bb926c45a1d3eb5b45ef9af276821fbefbee51174464cdd8b90181d7a111275cf394dd6015589d827,0x7c80b4961ae672c74b5db842293ad567bed30efd6f693143f9bb3d3e1e7587e5b379c36188d3e19c8336a3025f66deb7,0x7aa96bf076ddf659bdcf4c0f2eea1ed80017ead209cc21931e6156171dd8b423edeeab77cc01b30c979993756d398ebd,0xfcf723a7b33621ab6af8e42cf3e5dc7b3143f1df037e82708acfad0fc953f797f31d38e2c651781f5f70aeb0b8abd165,0x259d66287d38573dcc4fa3260e1c0fe6d93c1ed739f91deae1a89d14109f027dd972cba62406f7fca1d0082634f08b2c,0xfddbf8939f25d39bb926c45a1d3eb5b45ef9af276821fbefbee51174464cdd8b90181d7a111275cf394dd6015589d827,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous512.csv b/src/cz/crcs/ectester/data/anomalous/anomalous512.csv new file mode 100644 index 0000000..ed7ee5b --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous512.csv @@ -0,0 +1 @@ +0x83503ecb98832514b71d0e9fcfea296a3a8ad4f58661c1d997823213343b1ffb7533cb0d589485fd45527d7af1f3896ee0efc67d008b24d5e6fae51edca998f1,0x3ee9f2b4493b7572e5becbe781655ef6a462d20051cc526d5ae89b45a145eb2b31006ac9cc62fd549d370eccd1cbb4945afada0a258cf6c0505814cbbdf4c1dd,0x7fb55135325e108e20914f6558af59dbe328a04629c576efc86184fdb48402a2968f2eb2d9fa6bc6e19f0ca41fb99984f1278197b3c901c20d9f3fa0a5242952,0x52cd825e32cbc4da7f927b5f7a36f15c4d7b42cb03d426654f8f3526711336f1d18dbe4c8ca8843539d3f416de4039c9fe030d30cba1b292fec155dedf8e5c5b,0x39258758239cde1ff6cf41d2b219585ed533c4a042c7714c2d14247e853668839979e60f82255c0657356912a4113e148efbaec32ecb2b4f489f637d88b868da,0x83503ecb98832514b71d0e9fcfea296a3a8ad4f58661c1d997823213343b1ffb7533cb0d589485fd45527d7af1f3896ee0efc67d008b24d5e6fae51edca998f1,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous521.csv b/src/cz/crcs/ectester/data/anomalous/anomalous521.csv new file mode 100644 index 0000000..e0d935e --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous521.csv @@ -0,0 +1 @@ +0x1dcf4a3c1f9ac39550c7eb7bfb1dd6c345658a277d888d9b23273aac2914cde52ee7e8f424767d62fd266d46491d805564f32919b265d784941d61eefa43da0501f,0x14fb5e18b58eaa6e879edb5542e5c1e1140a0cb1df41c49b5d4be6b7abdaf2afd7a22b8bc95711dd9196968677a1edf9a99e60db654ad62755904ee34b592db2838,0x1c543ff6f595aaf4651f0315c95b1f433b9aa3b5be69f300d4a7f4441bb3331781fbc9527b62fe60d4eb7aaedb2cd50ea4a8ad70ab2935bf8e129cf6ffc30ec027c,0x11fd1c6612169a69250632396ec192b97490c6af601f2d0b2ffad81a2a8772c8f8c0ac6cf273335aed6852fda2a3fb0b32a366ad19662513751412d9d2e168c144d,0x11c894ae2c3647cae6ca89b7c090bf19a52781bddbebb2a21b4123cf16445f7bca20aa1fac5a0228c37e8b89c974c5a659810d29afa96f48cdca6ba77baa88fbac,0x1dcf4a3c1f9ac39550c7eb7bfb1dd6c345658a277d888d9b23273aac2914cde52ee7e8f424767d62fd266d46491d805564f32919b265d784941d61eefa43da0501f,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/curves.xml b/src/cz/crcs/ectester/data/anomalous/curves.xml index b0b9b02..5486f35 100644 --- a/src/cz/crcs/ectester/data/anomalous/curves.xml +++ b/src/cz/crcs/ectester/data/anomalous/curves.xml @@ -29,4 +29,64 @@ miyaji128b2.csv Second curve in the "Proposed scheme B" section of Atsuko Miyaji's paper. + + anomalous112 + 112 + prime + anomalous112.csv + + + anomalous128 + 128 + prime + anomalous128.csv + + + anomalous160 + 160 + prime + anomalous160.csv + + + anomalous192 + 192 + prime + anomalous192.csv + + + anomalous224 + 224 + prime + anomalous224.csv + + + anomalous256 + 256 + prime + anomalous256.csv + + + anomalous320 + 320 + prime + anomalous320.csv + + + anomalous384 + 384 + prime + anomalous384.csv + + + anomalous512 + 512 + prime + anomalous512.csv + + + anomalous521 + 521 + prime + anomalous521.csv + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml b/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml index 985fab6..3823658 100644 --- a/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml +++ b/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml @@ -1,7 +1,7 @@ 160r1-1 - 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0 + 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0000000000000000000000000000000000000000 brainpool/brainpoolP160r1 invalid order = 2 diff --git a/src/cz/crcs/ectester/data/invalid/nist/keys.xml b/src/cz/crcs/ectester/data/invalid/nist/keys.xml index 5427845..e69de29 100644 --- a/src/cz/crcs/ectester/data/invalid/nist/keys.xml +++ b/src/cz/crcs/ectester/data/invalid/nist/keys.xml @@ -1,6 +0,0 @@ - - 160r1-1 - 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0 - brainpool/brainpoolP160r1 - order = 2 - diff --git a/src/cz/crcs/ectester/data/invalid/secg/keys.xml b/src/cz/crcs/ectester/data/invalid/secg/keys.xml index 5427845..8b13789 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/keys.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/keys.xml @@ -1,6 +1 @@ - - 160r1-1 - 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0 - brainpool/brainpoolP160r1 - order = 2 - + diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index c2ccb54..e4d7dd6 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -8,10 +8,7 @@ import javacard.security.KeyPair; import javax.smartcardio.CardException; import java.io.IOException; -import java.util.Collections; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; +import java.util.*; /** * @author Jan Jancar johny@neuromancer.sk @@ -250,6 +247,7 @@ public abstract class TestSuite { * Try ECDH with invalid public keys of increasing (or decreasing) order. */ Map pubkeys = dataStore.getObjects(EC_Key.Public.class, "invalid"); + Map> curves = new HashMap<>(); for (EC_Key.Public key : pubkeys.values()) { EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); if (cfg.namedCurve != null && !(key.getCurve().startsWith(cfg.namedCurve) || key.getCurve().equals(cfg.namedCurve))) { @@ -258,13 +256,24 @@ public abstract class TestSuite { if (curve.getBits() != cfg.bits && !cfg.all) { continue; } + List keys = curves.getOrDefault(curve, new LinkedList<>()); + keys.add(key); + curves.putIfAbsent(curve, keys); + } + for (Map.Entry> e : curves.entrySet()) { + EC_Curve curve = e.getKey(); + List keys = e.getValue(); + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.SUCCESS)); tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL), Test.Result.SUCCESS)); - tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten()), Test.Result.ANY)); - tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH), Test.Result.FAILURE)); + for (EC_Key.Public pub : keys) { + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, pub.getParams(), pub.flatten()), Test.Result.ANY)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH), Test.Result.FAILURE)); + } tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); } + return super.run(cardManager); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Category.java b/src/cz/crcs/ectester/reader/ec/EC_Category.java index a0c8755..97dd1b4 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Category.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Category.java @@ -2,6 +2,7 @@ package cz.crcs.ectester.reader.ec; import java.util.Collections; import java.util.Map; +import java.util.Objects; import java.util.TreeMap; /** @@ -125,4 +126,15 @@ public class EC_Category { } return out.toString(); } + + @Override + public boolean equals(Object obj) { + return obj instanceof EC_Category && Objects.equals(this.name, ((EC_Category) obj).name); + } + + @Override + public int hashCode() { + return this.name.hashCode() ^ this.directory.hashCode(); + } + } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index 5197665..9dcbbe0 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -3,16 +3,13 @@ package cz.crcs.ectester.reader.ec; import cz.crcs.ectester.reader.Util; import java.io.*; -import java.util.ArrayList; -import java.util.LinkedList; -import java.util.List; -import java.util.Scanner; +import java.util.*; import java.util.regex.Pattern; /** * @author Jan Jancar johny@neuromancer.sk */ -public class EC_Data { +public abstract class EC_Data { String id; int count; byte[][] data; @@ -167,4 +164,33 @@ public class EC_Data { public String toString() { return String.join(",", expand()); } + + @Override + public boolean equals(Object obj) { + if (obj instanceof EC_Data) { + EC_Data other = (EC_Data) obj; + if (this.id != null || other.id != null) { + return Objects.equals(this.id, other.id); + } + + if (this.count != other.count) + return false; + for (int i = 0; i < this.count; ++i) { + if (!Arrays.equals(this.data[i], other.data[i])) { + return false; + } + } + return true; + } else { + return false; + } + } + + @Override + public int hashCode() { + if (this.id != null) { + return this.id.hashCode(); + } + return Arrays.deepHashCode(this.data); + } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Params.java b/src/cz/crcs/ectester/reader/ec/EC_Params.java index 7192b61..ea2e633 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Params.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Params.java @@ -4,7 +4,6 @@ import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.reader.Util; import java.io.ByteArrayOutputStream; -import java.io.InputStream; import java.util.ArrayList; import java.util.List; -- cgit v1.2.3-70-g09d2 From ade2dffcd7723f4414e681cd80a374c6fe8001ef Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 2 May 2017 19:14:57 +0200 Subject: Added some generated invalid curves --- dist/ECTester.jar | Bin 343742 -> 705430 bytes .../data/invalid/brainpool/brainpoolP160r1.xml | 325 ++++++++++++++ .../data/invalid/brainpool/brainpoolP160t1.xml | 325 ++++++++++++++ .../data/invalid/brainpool/brainpoolP192r1.xml | 367 +++++++++++++++ .../data/invalid/brainpool/brainpoolP192t1.xml | 367 +++++++++++++++ .../data/invalid/brainpool/brainpoolP224r1.xml | 415 +++++++++++++++++ .../data/invalid/brainpool/brainpoolP224t1.xml | 415 +++++++++++++++++ .../data/invalid/brainpool/brainpoolP256r1.xml | 463 +++++++++++++++++++ .../data/invalid/brainpool/brainpoolP256t1.xml | 463 +++++++++++++++++++ .../crcs/ectester/data/invalid/brainpool/keys.xml | 108 ----- src/cz/crcs/ectester/data/invalid/keys.xml | 60 ++- src/cz/crcs/ectester/data/invalid/nist/b163.xml | 325 ++++++++++++++ src/cz/crcs/ectester/data/invalid/nist/b233.xml | 427 ++++++++++++++++++ src/cz/crcs/ectester/data/invalid/nist/b283.xml | 499 +++++++++++++++++++++ src/cz/crcs/ectester/data/invalid/nist/k163.xml | 325 ++++++++++++++ src/cz/crcs/ectester/data/invalid/nist/k233.xml | 427 ++++++++++++++++++ src/cz/crcs/ectester/data/invalid/nist/k283.xml | 499 +++++++++++++++++++++ src/cz/crcs/ectester/data/invalid/nist/keys.xml | 0 src/cz/crcs/ectester/data/invalid/secg/keys.xml | 1 - .../crcs/ectester/data/invalid/secg/secp112r1.xml | 247 ++++++++++ .../crcs/ectester/data/invalid/secg/secp112r2.xml | 247 ++++++++++ .../crcs/ectester/data/invalid/secg/secp128r1.xml | 271 +++++++++++ .../crcs/ectester/data/invalid/secg/secp128r2.xml | 271 +++++++++++ .../crcs/ectester/data/invalid/secg/secp160r1.xml | 325 ++++++++++++++ .../crcs/ectester/data/invalid/secg/secp160r2.xml | 325 ++++++++++++++ .../crcs/ectester/data/invalid/secg/secp192r1.xml | 373 +++++++++++++++ .../crcs/ectester/data/invalid/secg/secp224r1.xml | 415 +++++++++++++++++ .../crcs/ectester/data/invalid/secg/secp256r1.xml | 463 +++++++++++++++++++ src/cz/crcs/ectester/reader/Response.java | 8 +- src/cz/crcs/ectester/reader/TestSuite.java | 2 +- 30 files changed, 8641 insertions(+), 117 deletions(-) create mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160r1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160t1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192r1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192t1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224r1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224t1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256r1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256t1.xml delete mode 100644 src/cz/crcs/ectester/data/invalid/brainpool/keys.xml create mode 100644 src/cz/crcs/ectester/data/invalid/nist/b163.xml create mode 100644 src/cz/crcs/ectester/data/invalid/nist/b233.xml create mode 100644 src/cz/crcs/ectester/data/invalid/nist/b283.xml create mode 100644 src/cz/crcs/ectester/data/invalid/nist/k163.xml create mode 100644 src/cz/crcs/ectester/data/invalid/nist/k233.xml create mode 100644 src/cz/crcs/ectester/data/invalid/nist/k283.xml delete mode 100644 src/cz/crcs/ectester/data/invalid/nist/keys.xml delete mode 100644 src/cz/crcs/ectester/data/invalid/secg/keys.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/secp112r1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/secp112r2.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/secp128r1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/secp128r2.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/secp160r1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/secp160r2.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/secp192r1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/secp224r1.xml create mode 100644 src/cz/crcs/ectester/data/invalid/secg/secp256r1.xml diff --git a/dist/ECTester.jar b/dist/ECTester.jar index d764a7b..8119521 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160r1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160r1.xml new file mode 100644 index 0000000..fb3645e --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160r1.xml @@ -0,0 +1,325 @@ + + + brainpoolP160r1/0 + 0x894d9e10149c98c022afc786a3fb26210e06d93a,0x0000000000000000000000000000000000000000 + brainpool/brainpoolP160r1 + invalid order = 2 + + + brainpoolP160r1/1 + 0x9984071eef5d7b8c4f96dd362e433997b88cf6e1,0x2d3c20ed70cefd90958534812d52f906f58a6ab3 + brainpool/brainpoolP160r1 + invalid order = 3 + + + brainpoolP160r1/2 + 0xb8849e1aadcf9b18b046434d65ba404497269900,0x513009e61436086226834aed25961cd394b4a43b + brainpool/brainpoolP160r1 + invalid order = 5 + + + brainpoolP160r1/3 + 0x9edf4a8dfb69c86debde46ba1f6cf25d43685c7b,0xcbed40ca882c722d386e73b02a3d890049840874 + brainpool/brainpoolP160r1 + invalid order = 7 + + + brainpoolP160r1/4 + 0x6325aa5ec04487a81541de5d22453001f5ad01d5,0x44b571e97f37126ba485ddcd252d0634d2d843cc + brainpool/brainpoolP160r1 + invalid order = 11 + + + brainpoolP160r1/5 + 0xbfd8d69af9eed0322065eb0961cf5907377432d3,0x4f4197f929e9cdcac255b4eb650bde0128f942eb + brainpool/brainpoolP160r1 + invalid order = 13 + + + brainpoolP160r1/6 + 0x3c1fa149b4f369132eefea61bc84ae1b1cd7a8a8,0x2d273bf9821167b70100159e51b37a2e6e302ff7 + brainpool/brainpoolP160r1 + invalid order = 17 + + + brainpoolP160r1/7 + 0x199fa81ba76725c8af63d7596354a854ddd14e21,0x62afff80ea9beb0bd51c63e0c651061e075740f4 + brainpool/brainpoolP160r1 + invalid order = 19 + + + brainpoolP160r1/8 + 0xa6d14438de03e68095f391617473535e75dee040,0x52b33a6968939859860d694cc4ea5f7a92d58b23 + brainpool/brainpoolP160r1 + invalid order = 23 + + + brainpoolP160r1/9 + 0xe286e171bf0f6cc5b43c131bd12c15453ef9d706,0x9b375b2d2b1456099acbcb5419627237ebfe7fbd + brainpool/brainpoolP160r1 + invalid order = 29 + + + brainpoolP160r1/10 + 0xe012ec90a409bd34f28bcf11bcbbcd78ecf43efa,0xd3b9e2b17ac32befa317845341e9b0d4be3a919c + brainpool/brainpoolP160r1 + invalid order = 31 + + + brainpoolP160r1/11 + 0x761752bfc3bceed608938b859eb2732147ab2c13,0x329af4d24db5c4efc290cb5156945a0c4b2b7ecb + brainpool/brainpoolP160r1 + invalid order = 37 + + + brainpoolP160r1/12 + 0x610085821c690d91fa1cd4ea3fae4a6d9f1663df,0x1b1373c5d34aba0bb3d2f22596ac92af73af3a27 + brainpool/brainpoolP160r1 + invalid order = 41 + + + brainpoolP160r1/13 + 0x8ba114f427a68851cfd5d73c37db77efd0712968,0x964045047ed8b65c17554f11985114f35b34da12 + brainpool/brainpoolP160r1 + invalid order = 43 + + + brainpoolP160r1/14 + 0x6de205f04e3ffe710edcedd6ebd35b5279e56ce3,0x3e78149b1034d44d874b3ce275f6719249e75cf8 + brainpool/brainpoolP160r1 + invalid order = 47 + + + brainpoolP160r1/15 + 0xa42c01212f0c7889d2bd80da38e795b1b51e97d1,0x51a974f5bfacd11c39b9eb62af6ca08e0d25620c + brainpool/brainpoolP160r1 + invalid order = 53 + + + brainpoolP160r1/16 + 0x5699ff94f28628b37b35afce2cfbe033946ec7b8,0x63f5d424359563aeb46cee26d8ba5e1bcc1e052 + brainpool/brainpoolP160r1 + invalid order = 59 + + + brainpoolP160r1/17 + 0x177fe80405787eb17a88cf0adcf833ef682acf2d,0xca4beeb92561c6b6cc2ff5a839276aec668ee988 + brainpool/brainpoolP160r1 + invalid order = 61 + + + brainpoolP160r1/18 + 0xcef60bc4e4adaee1f5632c57101d792fc00d7835,0xc8ce42feab09a92765babb8ee9165b74159e11b0 + brainpool/brainpoolP160r1 + invalid order = 67 + + + brainpoolP160r1/19 + 0x58e1746e11dea0c87bd5e8ebef55624c578aa482,0xe4cc88ec4839e8e95587e9b6515487a7fd12d052 + brainpool/brainpoolP160r1 + invalid order = 71 + + + brainpoolP160r1/20 + 0x301528c0245255342671904c643decf32a7a233,0x802721fa4911239d28825fc50d5bd85496d69305 + brainpool/brainpoolP160r1 + invalid order = 73 + + + brainpoolP160r1/21 + 0xc4dab799a81f3397c487bafde8133e324244d5c,0x99d70a4f7bb2c62d34dd835f7da5df1ec31058d + brainpool/brainpoolP160r1 + invalid order = 79 + + + brainpoolP160r1/22 + 0x619957de020463bd0bf899aa604a9f702300ffc2,0xe272af463ec5a41e1d3092e3fcb567b6d4a7f355 + brainpool/brainpoolP160r1 + invalid order = 83 + + + brainpoolP160r1/23 + 0x37d52ba134c6d63d0e5c05a144c1486986506341,0x8c3721bd91c7e2a99ea3f03db9c03f77d5f9529c + brainpool/brainpoolP160r1 + invalid order = 89 + + + brainpoolP160r1/24 + 0xa23b78bc0678f1f9e9a0de1fdd2f098590d51a09,0x8ce2e7ec776e70626194bc9c2d713ae783ed3bbd + brainpool/brainpoolP160r1 + invalid order = 97 + + + brainpoolP160r1/25 + 0x16d4a2c0f575e96dcf2bedfa05da8859d84eb3e9,0x13d94c3f90f7705bdd883ef42b69fdc223b86a2a + brainpool/brainpoolP160r1 + invalid order = 101 + + + brainpoolP160r1/26 + 0x4158e838553edc1fe48f83d1f1a074dd293701fb,0xe40382c1963158cb1fe4aa32057731738748d0b0 + brainpool/brainpoolP160r1 + invalid order = 103 + + + brainpoolP160r1/27 + 0xb691bea752d761e837e7512f2a191ea36bb0eeca,0x7161a0528ff5dbbc01858917887198c0258b9a7a + brainpool/brainpoolP160r1 + invalid order = 107 + + + brainpoolP160r1/28 + 0x8987c8fdcf194692bba9468ee6153bd561befef,0x76dda0681cf1b07f7cea5a233ff6cda45eaddd42 + brainpool/brainpoolP160r1 + invalid order = 109 + + + brainpoolP160r1/29 + 0x1727cbcb02fbec471703cd0b7558eba8e206b4e1,0xc85295dfcda6993aece5a428e55d4e40ee2c0aa5 + brainpool/brainpoolP160r1 + invalid order = 113 + + + brainpoolP160r1/30 + 0xdf1ffb84e573d940df790fe5f714aae6c7e25c2f,0x8b70760193ea02b29769b31be869fc6a500aeee + brainpool/brainpoolP160r1 + invalid order = 127 + + + brainpoolP160r1/31 + 0xe587493739610f80271465996a21be584289dceb,0xd659fe93e7e64a989bb121fbf4be6b750ccd57f8 + brainpool/brainpoolP160r1 + invalid order = 131 + + + brainpoolP160r1/32 + 0x90e81eca72f64fe0fb7d169888e1699253553e26,0x3d917a3f8abac5f63f74e028f7e46dea9fb3338b + brainpool/brainpoolP160r1 + invalid order = 137 + + + brainpoolP160r1/33 + 0xe129347f7007742e748bade2447d4d58429a21b5,0x1a253c83a7893b3836acaa441ab6cd4cc33f2a1f + brainpool/brainpoolP160r1 + invalid order = 139 + + + brainpoolP160r1/34 + 0x459eaf5a03eeb846b73441f66119ad69d426c213,0x4a20935ae5b91d27867e80213a8810c1ef3da630 + brainpool/brainpoolP160r1 + invalid order = 149 + + + brainpoolP160r1/35 + 0x6f81d4fc14867e7814fc4687e53a4ff0360f1417,0xab48960d2fc924c6b618edf22d8ac82bc5957a9d + brainpool/brainpoolP160r1 + invalid order = 151 + + + brainpoolP160r1/36 + 0x6064390da187e8a6566eb24c8b3c2ae41e438388,0xa963896f58bb00679243ff54a9bfe6ad76f74f5e + brainpool/brainpoolP160r1 + invalid order = 157 + + + brainpoolP160r1/37 + 0x33b6f5805cdc046be9976c686c546c10e58dbc10,0xa7c433f2dd7671a8312642227754bd2c98df8007 + brainpool/brainpoolP160r1 + invalid order = 163 + + + brainpoolP160r1/38 + 0xcbe8fa9fdeefc7c18d7ec5c349bfc1d35140e71a,0x8b1a8be74a8ed863091831f5fe0a717a6e086728 + brainpool/brainpoolP160r1 + invalid order = 167 + + + brainpoolP160r1/39 + 0xc043c07052391c33af708a9b2c8ae9d41edaed0d,0x13004da1543e7e951f1d367e322908bf0f5e31af + brainpool/brainpoolP160r1 + invalid order = 173 + + + brainpoolP160r1/40 + 0x4d55a23dd8da29f49de10385e052503223b57b2a,0x5d42f9e7b85df543c1d7583a6712af2d4cde554 + brainpool/brainpoolP160r1 + invalid order = 179 + + + brainpoolP160r1/41 + 0xa2dd251c0fa3bcd9196af650fb2f20faadc54b92,0xdaf7a56f50a6b651aede5ee58c51fdba894805c3 + brainpool/brainpoolP160r1 + invalid order = 181 + + + brainpoolP160r1/42 + 0xaa936cc52698a66a21b20c9f630d3e081216d0b2,0xa8b6402311432c9357e5d3ad01771e32f417baa2 + brainpool/brainpoolP160r1 + invalid order = 191 + + + brainpoolP160r1/43 + 0x64977b60eaefabd73d238d0bfe99a6b42aab0029,0x202d8d421cdc97bd18be388c1e4423b92ca5e09 + brainpool/brainpoolP160r1 + invalid order = 193 + + + brainpoolP160r1/44 + 0x727b12b51a7e4f312aefe2f7483eeb7985381737,0xb833594ec5062d61ba92317a9e96422e5ca5c268 + brainpool/brainpoolP160r1 + invalid order = 197 + + + brainpoolP160r1/45 + 0x9cb06c43605f73fe824f05dff7b155a6e7daea3f,0xde9b977104267fae8ee5eced0313ddac0f13530c + brainpool/brainpoolP160r1 + invalid order = 199 + + + brainpoolP160r1/46 + 0x9a9bc64d9f3185ac59334573146a1d8f9adfff7b,0xd8d7c5ca53246346a39b2d1b088ba3aea25e60ae + brainpool/brainpoolP160r1 + invalid order = 211 + + + brainpoolP160r1/47 + 0x78ff3cb85f740861222048d3c5cb2636efaecb37,0x6202522b4c0dca0c659011f272dbddda33abaa45 + brainpool/brainpoolP160r1 + invalid order = 223 + + + brainpoolP160r1/48 + 0x5e10f73370d8299761ae9ada47fc188b21c56768,0x6dc2f8e927bcd921260b9bd04146360b61ffba80 + brainpool/brainpoolP160r1 + invalid order = 227 + + + brainpoolP160r1/49 + 0x47c3cc0fb94e1650d5bbae930a1b1a8ac7e004c4,0x61be1f78ba3281bc77331d2c85270c49969b6c82 + brainpool/brainpoolP160r1 + invalid order = 229 + + + brainpoolP160r1/50 + 0x547c539387d14dc854eaebff413defa9e8e039b6,0x1272b1b0246d581d6fc3bf303c8c775f089fb1a4 + brainpool/brainpoolP160r1 + invalid order = 233 + + + brainpoolP160r1/51 + 0x586ca7a915885ab766d18e13d0120fbace9eb715,0x3d8f066e95aca8190d60bafaa1d8f3a034956214 + brainpool/brainpoolP160r1 + invalid order = 239 + + + brainpoolP160r1/52 + 0x12b1c8bfe16e061c22d58e2bb1c412b04179d5f1,0x20bf00b50f46cfb627ae9ca6da54dfcce4487262 + brainpool/brainpoolP160r1 + invalid order = 241 + + + brainpoolP160r1/53 + 0x40892221b8291a17a70fef729b3d0958db3300,0xe613aa9e4991281f8618ebb73003aff70df87a14 + brainpool/brainpoolP160r1 + invalid order = 251 + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160t1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160t1.xml new file mode 100644 index 0000000..a712bab --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP160t1.xml @@ -0,0 +1,325 @@ + + + brainpoolP160t1/0 + 0xb265f59e1b0919204f5a67f045e0281e31a64330,0x0000000000000000000000000000000000000000 + brainpool/brainpoolP160t1 + invalid order = 2 + + + brainpoolP160t1/1 + 0xbad1ad5795aff62c028a2a0b14f294d8d7253cfb,0xd7277925b796f1a729dd90134c9be44c76bddde1 + brainpool/brainpoolP160t1 + invalid order = 3 + + + brainpoolP160t1/2 + 0x903e7f4e3efd8bb7d6fad0100ea8968959726e29,0xb0622b152f2bf72647ca3e16cdecc2c5dd38e95e + brainpool/brainpoolP160t1 + invalid order = 5 + + + brainpoolP160t1/3 + 0xba20dc14e97a14a9d2743a35b4b5023b6582ddd6,0x97f4ecd2c7ed1a181d7dcaad9a8dfba2627bd1ac + brainpool/brainpoolP160t1 + invalid order = 7 + + + brainpoolP160t1/4 + 0x46bbd6f89ebdf72fb3bf0e25bcfa85573b9cbc4d,0x1cc9b95057118d629974014ab97fee976cb6a644 + brainpool/brainpoolP160t1 + invalid order = 11 + + + brainpoolP160t1/5 + 0xa8258acb99d033b99c3f802e9edf35cf684a83c6,0x20821127699f4412a926b1b1692fd70cb7f2197b + brainpool/brainpoolP160t1 + invalid order = 13 + + + brainpoolP160t1/6 + 0x65936b9218d775a0b084abec939b441155f15eb6,0xe21feae03996c9c5e41d5d5f6c12b0942f7f4742 + brainpool/brainpoolP160t1 + invalid order = 17 + + + brainpoolP160t1/7 + 0x824396b656f501ef76483c7c8b0e8a9fe1698cf8,0x615f360413c351b0cb37ff85d0ed7f761ecfdff0 + brainpool/brainpoolP160t1 + invalid order = 19 + + + brainpoolP160t1/8 + 0x54069d7439ddf523bec363ccbcc3b3b9ddc3816e,0x76acc37db767888b8439b37a28c651b82eef92eb + brainpool/brainpoolP160t1 + invalid order = 23 + + + brainpoolP160t1/9 + 0x85a588944f51e30bcea7b557758bfe195d6f1055,0xbf0e537448e814109b17b4600e71908928decf6a + brainpool/brainpoolP160t1 + invalid order = 29 + + + brainpoolP160t1/10 + 0xc05e8f63f52020b968fa4229731fca67490f1979,0x485f9c0b89a4cf2e0ed9123a223a251c701ba64a + brainpool/brainpoolP160t1 + invalid order = 31 + + + brainpoolP160t1/11 + 0xce0d89e196623a4adfe1c377dc74b7e71336140e,0xbe8e6f92690b7f768b5d67253b51cbe39f5ed93b + brainpool/brainpoolP160t1 + invalid order = 37 + + + brainpoolP160t1/12 + 0x35381803523061ebd45b6268958d21d120eef1b1,0xcfeafb09372602ec342e87070deb1ffb31dca992 + brainpool/brainpoolP160t1 + invalid order = 41 + + + brainpoolP160t1/13 + 0x9c4db9cee9af857670ff28e2fb42bf365d45aea5,0x71e92555b13dcc2156df509582e9e92d80d1c12d + brainpool/brainpoolP160t1 + invalid order = 43 + + + brainpoolP160t1/14 + 0x9511622fe5971c679b79b1cdd3c5160fd7a586f1,0x185763fa5455b5350541396131bbc44f06afab62 + brainpool/brainpoolP160t1 + invalid order = 47 + + + brainpoolP160t1/15 + 0x6c2ba6e6c174dc096d54aed59c160515bd0c3ee6,0x3cc0d162958bbe3d7ed5cad41aaec6b4dd832ee6 + brainpool/brainpoolP160t1 + invalid order = 53 + + + brainpoolP160t1/16 + 0x4316b570b3a7cca7c5217a381b049048779027b4,0x12e11b01211a1986321839e6e515a2cfe77d4cc8 + brainpool/brainpoolP160t1 + invalid order = 59 + + + brainpoolP160t1/17 + 0xd6a314554c83b0763961f4e82b7e6e7be510d1c6,0x9417a56417b736a3213c018ec9eff9c681e91bc3 + brainpool/brainpoolP160t1 + invalid order = 61 + + + brainpoolP160t1/18 + 0x78d4da0415467ecc8c505b9720d5db307160ecb6,0x329843734d0d070aad8ed355c6e588064a5fdfbe + brainpool/brainpoolP160t1 + invalid order = 67 + + + brainpoolP160t1/19 + 0x90020ba1103ff191a230ac87b8a59aed7ef66989,0x3f9dd4074412671f86ba32555b11856860a46adf + brainpool/brainpoolP160t1 + invalid order = 71 + + + brainpoolP160t1/20 + 0x289ef46440744a260a692ad25dcf5ef771702d22,0xb5b373dd91ae8df303647c2498e1ec5799ef7702 + brainpool/brainpoolP160t1 + invalid order = 73 + + + brainpoolP160t1/21 + 0x5debf8d4ea83b412e0627d02770398761ba24ae4,0xdf42aad8673d5506b291e002dd6b44431c2009c2 + brainpool/brainpoolP160t1 + invalid order = 79 + + + brainpoolP160t1/22 + 0xa67632776ec47848ca157da9cfdc8d2505653290,0x9f1992ebcc53dd70922a328c725c37e8bbba12ad + brainpool/brainpoolP160t1 + invalid order = 83 + + + brainpoolP160t1/23 + 0x9f71c6ac01953b2a2f2e2b02464cc04bd536e224,0x1583cb03f46c2df176313f1e4c1c96e5a2b1b0a0 + brainpool/brainpoolP160t1 + invalid order = 89 + + + brainpoolP160t1/24 + 0x2fce7880165e85827ccafffbc5617e588062cc09,0x723ec86a2e1f00e71948ff310e0ed36c8360a789 + brainpool/brainpoolP160t1 + invalid order = 97 + + + brainpoolP160t1/25 + 0x516d83d9796c5eff67946579eb43952a28ce62d2,0xd74d4f09858f23e52d595a94129191256fd9d319 + brainpool/brainpoolP160t1 + invalid order = 101 + + + brainpoolP160t1/26 + 0xce13e56f96d74090aaa716306ae10bf15b633e2d,0x4281a37d52106b3d0e4758c663ed5369d5f863df + brainpool/brainpoolP160t1 + invalid order = 103 + + + brainpoolP160t1/27 + 0x9902830338496e4e2ff394e0c10410982afdd2ef,0x383c77a02e3c3add14c241cd6db01ae8bbabc94 + brainpool/brainpoolP160t1 + invalid order = 107 + + + brainpoolP160t1/28 + 0x9a021286e03c976237b8a9911a19d470a9fb8444,0xc496f11b1f999d90c6d35d3e5b17c48f0cff033e + brainpool/brainpoolP160t1 + invalid order = 109 + + + brainpoolP160t1/29 + 0x8513633addc0f4e4c46e612fb24e327ef236a91a,0x4d92c0892f3b36f048fabe017e93d2536182b54c + brainpool/brainpoolP160t1 + invalid order = 113 + + + brainpoolP160t1/30 + 0x64b6c0636a49597e9717e6ff73d54b0bf552e823,0xc69a5bfc782f03caac0d3a2259321b1ed6be0555 + brainpool/brainpoolP160t1 + invalid order = 127 + + + brainpoolP160t1/31 + 0x960d3135e35071082b44311321e472cc8d443720,0xb43cc5120bbbcb53c84a1e752290c663cff638d8 + brainpool/brainpoolP160t1 + invalid order = 131 + + + brainpoolP160t1/32 + 0x2796cfd55b8ced83874685c200f3c75a29682d63,0xbdab52393c2dab2d0d5d76bdf2867125072c7686 + brainpool/brainpoolP160t1 + invalid order = 137 + + + brainpoolP160t1/33 + 0x6bb85f2943d4b5a12daa1f05ab5f569c6cf9cb99,0x1fe0590a69be6712a64cc218bda9c74a6ac1660a + brainpool/brainpoolP160t1 + invalid order = 139 + + + brainpoolP160t1/34 + 0x30024ce62fd02ae61bdde675f9a30417546193a3,0x40a5457929f54378e1982c848bbe2de656180c4f + brainpool/brainpoolP160t1 + invalid order = 149 + + + brainpoolP160t1/35 + 0x4d14797830c934ccab1c4a03722ed2696f06c89b,0x14d4b4daf8d6ca0e03fb05df45113a719c182ab9 + brainpool/brainpoolP160t1 + invalid order = 151 + + + brainpoolP160t1/36 + 0xe0bdd6e52077b751bc8705a832eda90706ed27ec,0xe2ea689df8f77a8e2839d8b17f8501d5a3cdf8e7 + brainpool/brainpoolP160t1 + invalid order = 157 + + + brainpoolP160t1/37 + 0x466fa585d429d7c810945310ffaec7fd08f77e,0x6681a71c0ddc36ba776081b0bbb04af90d1ef459 + brainpool/brainpoolP160t1 + invalid order = 163 + + + brainpoolP160t1/38 + 0xefa98dc9008d32500f01781c2c1a5b69f80f6c3,0x5a8cf27b9732b4399e6bce12c238524667881c03 + brainpool/brainpoolP160t1 + invalid order = 167 + + + brainpoolP160t1/39 + 0x16be36e0c6694df109b1fcc89e583528551f794f,0xcfbf5a4e42faefbdb0ba76e3323535a431af0ef3 + brainpool/brainpoolP160t1 + invalid order = 173 + + + brainpoolP160t1/40 + 0x85dfac7e92f7df004c2eac13a28f641acca2e19b,0x8e0530d93dc7e8014c6bffa3257024fb90acae5b + brainpool/brainpoolP160t1 + invalid order = 179 + + + brainpoolP160t1/41 + 0xcec5ad185a118e567adf7911680764df3f6c0f2c,0x9b82c5f305bd8edfd410a1b3c2779f972ccc09b + brainpool/brainpoolP160t1 + invalid order = 181 + + + brainpoolP160t1/42 + 0x54438e195870386136e77779733b08a5022fd31e,0xc2d253f02afead8b832e1a194c672b387c37ce32 + brainpool/brainpoolP160t1 + invalid order = 191 + + + brainpoolP160t1/43 + 0x31df8ea728ff26c25bcdf2a86869c9ec5177f333,0xdf674331bb0d574f4e81254a959719b1c1af3411 + brainpool/brainpoolP160t1 + invalid order = 193 + + + brainpoolP160t1/44 + 0x8cd061c66968662440a233ddc7d5db9746f6525d,0xbad449707d8fdd44dc615be08aba8dc548a97bbf + brainpool/brainpoolP160t1 + invalid order = 197 + + + brainpoolP160t1/45 + 0x114da4256c4888f958647d87510ca1c414658f2a,0x8795fa899c06b7854ccd4a5662bcdf6464acb103 + brainpool/brainpoolP160t1 + invalid order = 199 + + + brainpoolP160t1/46 + 0xcd95cabe7cac9f97e78c71874e1e55582abc8d1f,0x39bda67e419e88e9e0699382a9b06e8e55832c81 + brainpool/brainpoolP160t1 + invalid order = 211 + + + brainpoolP160t1/47 + 0xc42ec16ae4adabd7d6ce97126e1924c546fe42be,0x5ad405b6d007c2630153c6849ea41f5a2f4a896a + brainpool/brainpoolP160t1 + invalid order = 223 + + + brainpoolP160t1/48 + 0x4bb5f7dd79f1351c95ba15e7851576b8b0e50ece,0xd568e084f7445a56abea486b553acc65fe748248 + brainpool/brainpoolP160t1 + invalid order = 227 + + + brainpoolP160t1/49 + 0x52aa7073486691ba516127ab1c13b21a176357e2,0xbc6e4fd35662a1652aa325e946af493271dfcfcc + brainpool/brainpoolP160t1 + invalid order = 229 + + + brainpoolP160t1/50 + 0x6d251784bd9d58c62031f6ee3db8e24ac2dabb52,0x6e8b916cb3dbb1852d0d511c0f061324a47f5a35 + brainpool/brainpoolP160t1 + invalid order = 233 + + + brainpoolP160t1/51 + 0x74f1764a2147f1b41ee2b1c1ed1dfab5e994c312,0xe0462277e176e99cac25ad63cbd56d60c2f9bf51 + brainpool/brainpoolP160t1 + invalid order = 239 + + + brainpoolP160t1/52 + 0x11ce683f3b7d0883de1a6956a851e092f9d71790,0xc1df7109a18bfe4c50651f6050dfc28b7f190f34 + brainpool/brainpoolP160t1 + invalid order = 241 + + + brainpoolP160t1/53 + 0xb847351d4006e913b81cc7bdefd738748e40908b,0xe49d04a92448b8d046cf7063f04355ad2f949c6d + brainpool/brainpoolP160t1 + invalid order = 251 + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192r1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192r1.xml new file mode 100644 index 0000000..13fede5 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192r1.xml @@ -0,0 +1,367 @@ + + + brainpoolP192r1/0 + 0x1029223ec3c300675f8f95ba0f75c102dc13aecebb3c7f1e,0x000000000000000000000000000000000000000000000000 + brainpool/brainpoolP192r1 + invalid order = 2 + + + brainpoolP192r1/1 + 0xb15577f3977e50bb7d9300202d519aefd101851543c0c44d,0x1746720fc0757dabd61a6eb92a7211a794b126b1538a0f06 + brainpool/brainpoolP192r1 + invalid order = 3 + + + brainpoolP192r1/2 + 0x6e64566eee0334cc4207c34151293040df7cf1940dba4e37,0xa2122efbf8995da2cf9d19d15c6bff9474345a9317ff4c75 + brainpool/brainpoolP192r1 + invalid order = 5 + + + brainpoolP192r1/3 + 0x1274ecb694a4c8ef27d72f8f07a0440557f0b3257238253e,0xa909adcee06bb0289a816941164cd34054d7e5aa2df420ec + brainpool/brainpoolP192r1 + invalid order = 7 + + + brainpoolP192r1/4 + 0x86b17d741f06b94d53734adde6933988d91875ca51ae3fbb,0x444901ccb84f66914dac159521ebe1b376da9b4058b7c046 + brainpool/brainpoolP192r1 + invalid order = 11 + + + brainpoolP192r1/5 + 0x91f9ee514f7ba95b02f6a6a421e5c407aa98750f4800c489,0x75bc5be4e76df961ee39cde63e78e49969b2e4e08741a8e + brainpool/brainpoolP192r1 + invalid order = 13 + + + brainpoolP192r1/6 + 0x828b7cc24c6966c12cc0c824d9c09b11038bfeeb05b8ea7c,0xb858494fa44223aa3a2d8b6e89cc336d68119440c9bfbd29 + brainpool/brainpoolP192r1 + invalid order = 17 + + + brainpoolP192r1/7 + 0x37ec6d8e01e437ee2c2953953f652f6d1bb0e88ac1dcd853,0x944bd29c6ce02ab2bbd9b76cb66de718aa8123e6a1b38082 + brainpool/brainpoolP192r1 + invalid order = 19 + + + brainpoolP192r1/8 + 0x1a02a7db60e5e57eb10c1ca73b20bf8d7463cdfaae90c253,0x1e89c931547d1f062b5f21cd0452f60d08506ff168edc9c0 + brainpool/brainpoolP192r1 + invalid order = 23 + + + brainpoolP192r1/9 + 0xb67b7743a398bad12ba96609dc6dfce85aefb72b06467317,0x7fe9865844f7cbc88530afac9f2decb03a7137fafa1a0592 + brainpool/brainpoolP192r1 + invalid order = 29 + + + brainpoolP192r1/10 + 0x5a5d55fc075c0c397ceff122da1081c1bb62d4db3453784d,0x9fc912a5d78a4479cc707e90c1e9885c9d82dc4e02134efb + brainpool/brainpoolP192r1 + invalid order = 31 + + + brainpoolP192r1/11 + 0x1a0b804737a8a37f36603708f832a4125d37dbf946596d64,0xb24acf1f4745e94df30c1a6d3547ea017a98b9a9aba1cec8 + brainpool/brainpoolP192r1 + invalid order = 37 + + + brainpoolP192r1/12 + 0x9dc7e5ed61170d0d71d75e67b816567a8b3c2388b21cfe80,0x97f8f10b66754b17f01288b59609dd6f19336adcd62c530e + brainpool/brainpoolP192r1 + invalid order = 41 + + + brainpoolP192r1/13 + 0xbd6c11aac47b16183f17dbc5cc56dc1e17425ae15d80c7b3,0x35d94e8cc1b7108755a059171247c684ceaa50cdb128e533 + brainpool/brainpoolP192r1 + invalid order = 43 + + + brainpoolP192r1/14 + 0x84c63c7a3fbbb2356572c9315becb213d99eae25e5a1bad9,0x48e1a8d5f4fdb14fbe01b308ca4cb55aa1d0846156325a89 + brainpool/brainpoolP192r1 + invalid order = 47 + + + brainpoolP192r1/15 + 0x845207489b6de5cee64457ef24a5271ff6328fe2d001c3af,0xa1b7037d9734f0ebfea351711ce09a4339512dd43f1e8491 + brainpool/brainpoolP192r1 + invalid order = 53 + + + brainpoolP192r1/16 + 0x5c804ebb83f1552e1db61678235424685faa6697c439095c,0x11849bfca427a13992eb5f52f90173ed5142a90ebd88f59d + brainpool/brainpoolP192r1 + invalid order = 59 + + + brainpoolP192r1/17 + 0x6486cf40ddebd2a4f4fa04fdeda47d21b5df06f92d447043,0xbcf8a05c7c9519527c40dfc04ab44b4d9aa8b3872a769f25 + brainpool/brainpoolP192r1 + invalid order = 61 + + + brainpoolP192r1/18 + 0x5048544008f26af6c876ee5e2675959edaebd7c7772443e6,0x513342cdb3ceaa7f2343987be6b938a598c915d53dcca539 + brainpool/brainpoolP192r1 + invalid order = 67 + + + brainpoolP192r1/19 + 0x95d14bf6631c2a3cb6f1e0abbb073d42ecd98769daa25520,0xbc18c1d9d7137a4b65305532b6b4f32ec10d9b3a5503441f + brainpool/brainpoolP192r1 + invalid order = 71 + + + brainpoolP192r1/20 + 0x7071ee9ad97fce07f0002f3662be0a6e5ca13b14c559f745,0x5699a2d2afce7363db96d79667c977cdcf57ca9fe0551807 + brainpool/brainpoolP192r1 + invalid order = 73 + + + brainpoolP192r1/21 + 0xb775ff62b4cfd5938855b327ba4ed92b20102215b80593e7,0x1822fab9134b819adae394b401fdc995080542e1b131aad + brainpool/brainpoolP192r1 + invalid order = 79 + + + brainpoolP192r1/22 + 0x4c903b4ae5d81cf41350704a199a780ed2923d0479483d99,0x1e68e89dfe820d07f762d68c6711917c8d14766671089420 + brainpool/brainpoolP192r1 + invalid order = 83 + + + brainpoolP192r1/23 + 0xaa3a36633dcda6e645a3b63a2448e6465bd97a29fb7e7078,0xb6c4f82a4ff15ae22971a4292160dfa031cf860d1a464db3 + brainpool/brainpoolP192r1 + invalid order = 89 + + + brainpoolP192r1/24 + 0x67da360f24c7faba96709035d293b9fbd787bed02fb2d2e1,0x672b6d38b361803e7770b5db1dc4820db1e191554e1ec369 + brainpool/brainpoolP192r1 + invalid order = 97 + + + brainpoolP192r1/25 + 0x669f856c70abc6c99faf039f4e72f4d05ebb19bbfd715c20,0x722bf159ccf6f8c1cc9b1c4ea18ae2334fb2a83585f6d3d3 + brainpool/brainpoolP192r1 + invalid order = 101 + + + brainpoolP192r1/26 + 0x51262d2d0d43887a4913ebde0505c6f945d72588e786493e,0x947b3447c161eeb65c5d2ea0ce25f8538a3be5e9612580c + brainpool/brainpoolP192r1 + invalid order = 103 + + + brainpoolP192r1/27 + 0x3186d449ba039134c93d086a1f50fb44b5990b5a16d3cbec,0x70346bac8d0f69bf1ecbb1cbaac5255ba77ed32a96b0d40b + brainpool/brainpoolP192r1 + invalid order = 107 + + + brainpoolP192r1/28 + 0x805b097bb52a187f96a47f7f0a50fb4e17dace4a835842d7,0xbed6cee2a4b09d6fec21a950685d526351d0bca06508a387 + brainpool/brainpoolP192r1 + invalid order = 109 + + + brainpoolP192r1/29 + 0xb45a0f6b473405a64ae461f8e6b00ae1797aa999f6ffbf9b,0x95d8d4e675e37ccab62a5e48bbd8b79a5fac0457dfc12905 + brainpool/brainpoolP192r1 + invalid order = 113 + + + brainpoolP192r1/30 + 0x15a84e9e962845ca410896d0be7af6000843bcef32f3ee5c,0x777e43237a935de6752786dce20fd9bc6c90abf2e7141caa + brainpool/brainpoolP192r1 + invalid order = 127 + + + brainpoolP192r1/31 + 0x5bc34a8164315d9804382584f76867bbd23987e216fb497b,0x50200d928a6db22d699128ba15db782aff59612915f03a79 + brainpool/brainpoolP192r1 + invalid order = 131 + + + brainpoolP192r1/32 + 0x744cd6686a60ee494fb166b4803b96bc41a481eb5401f93f,0x4e5bc33649900d38c972f3578da5087d5a7e0a795b0bda99 + brainpool/brainpoolP192r1 + invalid order = 137 + + + brainpoolP192r1/33 + 0x31101e78d938f04c699594471df590e34bec3a3f60d562f0,0x2c93ceab1a91a104e791f32051965120be3567bbe1408d21 + brainpool/brainpoolP192r1 + invalid order = 139 + + + brainpoolP192r1/34 + 0x8db5e5aa72524898d997a8c323f5ce624f8290c66392337b,0x6ba3508ba617f8140411af3941e4c49e8d30876a39cb535c + brainpool/brainpoolP192r1 + invalid order = 149 + + + brainpoolP192r1/35 + 0x29b2f11b4bce1871c2a868c1d73420f661ef66ade21d06ae,0x32a4e204f21eb1fd231f44a85aa7a68e91fbc8e87f37b3c3 + brainpool/brainpoolP192r1 + invalid order = 151 + + + brainpoolP192r1/36 + 0xaf47dbd8dd16436fe219911b3beb7db09d168419a8108168,0x1a50e03d7320ed569e9aad11c371bb265ed8f007b1119440 + brainpool/brainpoolP192r1 + invalid order = 157 + + + brainpoolP192r1/37 + 0xb8ccda20a8477cc17fb1be2eb7b760043e878b43dc93b54a,0xa076f4bdcaa2fb2f3db4d8020fb9a8e59f28afad22f30f73 + brainpool/brainpoolP192r1 + invalid order = 163 + + + brainpoolP192r1/38 + 0x25a39cac216b1e99fe5c1fee4f44d3a957735370d7593d1d,0x132c3844ae6964060dc0dbb5f4cf6267767a9964322a584f + brainpool/brainpoolP192r1 + invalid order = 167 + + + brainpoolP192r1/39 + 0x3f5490e65d84390154f6f824dfb65c17c1d59d15544dc5da,0x40653405b2eb41813ad6d0cb76a4abf891eeaf2eb63f2280 + brainpool/brainpoolP192r1 + invalid order = 173 + + + brainpoolP192r1/40 + 0x7eda2937809578e25161a202656b9c64a557479e70867d63,0x51cf9dc581e0db786bf082aa616cf8f3f43a37ba4925bc9f + brainpool/brainpoolP192r1 + invalid order = 179 + + + brainpoolP192r1/41 + 0xbe28f2c028623f3b2cb5f52d796fcbd6de65a8f9428bf7b3,0x6c186203b8cb15ce01d002cf9f47fcce9f67939131ce3dd + brainpool/brainpoolP192r1 + invalid order = 181 + + + brainpoolP192r1/42 + 0xa462a2d0518a33ff4243368f580b5e1407104dec9b2b9be2,0x94656975b9cb1a43f147c4bdcc11e091e246a4b4a0fc43fe + brainpool/brainpoolP192r1 + invalid order = 191 + + + brainpoolP192r1/43 + 0x7b4d9fec7cf3c75fd6b4ee318af46dc3a311ea1326def27e,0x1d2781ff9ef0116cac6cbe088e2e7deb7c8a4c61f97bf92c + brainpool/brainpoolP192r1 + invalid order = 193 + + + brainpoolP192r1/44 + 0x8b294a89e936f3dbfe352d2af170c39cbd415abc1785115e,0x5b8c0eca2773f27640b1f2f32f346cb18e9d500f59a93462 + brainpool/brainpoolP192r1 + invalid order = 197 + + + brainpoolP192r1/45 + 0x15efdb54b0bb99b14502c8c37bfddf450dffbfcb7796c276,0xc177559e66acd3dd96a436d0e0ed7f450a6dfe78a420ba52 + brainpool/brainpoolP192r1 + invalid order = 199 + + + brainpoolP192r1/46 + 0x623fc843c7e25bdbc0e8b72dec9ac33370fe3331bbec307a,0x15f53f91fef0263004bc4f130f5959fefb1ba62781c13607 + brainpool/brainpoolP192r1 + invalid order = 211 + + + brainpoolP192r1/47 + 0xbf100381d53f3ab48bb9d9c483506501a0c569b78eae0a5f,0x9f47969adbe4a62a1207de041f7d9264aea14172c7f2a710 + brainpool/brainpoolP192r1 + invalid order = 223 + + + brainpoolP192r1/48 + 0x9b02af2631dc64b0ea34bc5292eaff3654e44c6537588f3f,0x1f8396fb6192d410ed3d318ba0605b744f81e25a9e02cdc5 + brainpool/brainpoolP192r1 + invalid order = 227 + + + brainpoolP192r1/49 + 0x9c41123c9364284fe2e38c7c52df8750a00c7c34af452a1b,0xa2c912fa813c142846c54ed792faec145f83bd6ce38b8fc7 + brainpool/brainpoolP192r1 + invalid order = 229 + + + brainpoolP192r1/50 + 0xadc8682bb933ca2fc52aa6243139ad5a6c3155e4e2805f39,0x57fafaa2436ceffafb910c0e6807d5c1afb0603dd7cbe043 + brainpool/brainpoolP192r1 + invalid order = 233 + + + brainpoolP192r1/51 + 0x3c46eaee8b165483c1eca4f71d04f941b4cdcc1d433512a8,0x8da044476ce651395564ef0eccc4f9427009ab899bb311bf + brainpool/brainpoolP192r1 + invalid order = 239 + + + brainpoolP192r1/52 + 0x19723a1425b73e94184e02228049e6d9b1b496f37b8631a0,0x315c6f316c5b2447896dc082706c0f307d5539c1b1b0bf29 + brainpool/brainpoolP192r1 + invalid order = 241 + + + brainpoolP192r1/53 + 0x6b7b2b2fca6e07ce919c2268d32bb08a6e9c471b21636af5,0x59b882404b8809554feaed5c158e6a5a4e7f34c4a862f186 + brainpool/brainpoolP192r1 + invalid order = 251 + + + brainpoolP192r1/54 + 0x9dccd8ade3f39344d240d34fa4277c3f5b09a7d3139fc547,0x459cfd70612ee399449bb2ad3e0bd5cb024f0bf6d35c7706 + brainpool/brainpoolP192r1 + invalid order = 257 + + + brainpoolP192r1/55 + 0x4e46443d6265c7d35fe8faae6cce8fc1bd4935d9437b857c,0x726787ebb22614ff8805a30ce37470c73a7e6044a9c6b71c + brainpool/brainpoolP192r1 + invalid order = 263 + + + brainpoolP192r1/56 + 0x6152805a62d2ba015dac702fe4688efb34a5ca3c11b88e5b,0x349428b8179e041affa4311ead89de00d508fc7d3c8d9fb + brainpool/brainpoolP192r1 + invalid order = 269 + + + brainpoolP192r1/57 + 0xa9ad3c63edb9c4def7b531ecd70018deed85f997a2449821,0x5adb4055f1ddf206afdf67f5f6d1afff34337890edf7a301 + brainpool/brainpoolP192r1 + invalid order = 271 + + + brainpoolP192r1/58 + 0x8c4265da8542a7641a5f13f64e7e3fcf184bfa140c530989,0xb77bbedc243271f30c74fd605ab71befb35e775a01d8a82b + brainpool/brainpoolP192r1 + invalid order = 277 + + + brainpoolP192r1/59 + 0x940d62366df60884cb2d482a00ef24d4195d2242c65e29f,0x90c75f89c3809dd80be41e8c72265d6c8f21db8294cf970b + brainpool/brainpoolP192r1 + invalid order = 281 + + + brainpoolP192r1/60 + 0x129bca166096f206be151fa2e61dfd89c0da5abb093f373,0x545b00cb1201b786fe6361e1bd606819707b2b929a70c5a5 + brainpool/brainpoolP192r1 + invalid order = 283 + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192t1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192t1.xml new file mode 100644 index 0000000..046e109 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP192t1.xml @@ -0,0 +1,367 @@ + + + brainpoolP192t1/0 + 0x43c1702ee270b8ea46ac8d4b7753b460fcf2eda21ed1dfe3,0x000000000000000000000000000000000000000000000000 + brainpool/brainpoolP192t1 + invalid order = 2 + + + brainpoolP192t1/1 + 0x1c65e811d73cafed72949e33ed39c278455f8278319764e8,0x44f676947311481951fa5f39a7ab374d7b8025c139be0b01 + brainpool/brainpoolP192t1 + invalid order = 3 + + + brainpoolP192t1/2 + 0x7a2ffa8bd457c75cc65054681f8654c02e245095133f112a,0x9de5731523a93b30d09825cc3cf1115fd66dc256aba9768f + brainpool/brainpoolP192t1 + invalid order = 5 + + + brainpoolP192t1/3 + 0x1acee38f18f6fc9d7e9601c967b63f26730b9388ba8a3962,0x610f69e3635e432e4f80f58f97fb50df6f39ed2ea53ef93a + brainpool/brainpoolP192t1 + invalid order = 7 + + + brainpoolP192t1/4 + 0x7c248be7227f4ac3bd87e1d50b2aa8ff17439412a6496a67,0x25940efd8caaa3d1c7e2c17417fd8e1a17776e7b4e548913 + brainpool/brainpoolP192t1 + invalid order = 11 + + + brainpoolP192t1/5 + 0xb626a718d740e7721386c1ce6e3333b22f94545c78e8e853,0x735f5d94fcdabfcb1ff00a666985065256a484f31c971f57 + brainpool/brainpoolP192t1 + invalid order = 13 + + + brainpoolP192t1/6 + 0x74bea9eabaf114c94832c711bf140f90aeb7bccb8c0403bc,0x172c62e3a40206ff783965ab0881197f7871b192d0e083b9 + brainpool/brainpoolP192t1 + invalid order = 17 + + + brainpoolP192t1/7 + 0x527d2c89c88315e0fec2eb1fc01c7ded6005dfe0252736c9,0x3a6549c5912a52a56b645b064cf42a4cf6f49171ae119e44 + brainpool/brainpoolP192t1 + invalid order = 19 + + + brainpoolP192t1/8 + 0x27784d2c0ae6832992bcb510afa1b1d7c6e01a65b747b43c,0x18bd07113f4e3650d096413ffb18a20e9d7926780949514e + brainpool/brainpoolP192t1 + invalid order = 23 + + + brainpoolP192t1/9 + 0x9deaedb6443a3ed3a3a877ae46adcc3ad13de06ff51691c3,0x9f5cda33536bf1d2275ca40d54496ada460adf6ab95bfd4f + brainpool/brainpoolP192t1 + invalid order = 29 + + + brainpoolP192t1/10 + 0xc2049637c200361da69aeb14062f348517b25ccf5a7509a3,0x5e367ca0c822597be67d68b9455c185a8fe66ed8b4da9ed0 + brainpool/brainpoolP192t1 + invalid order = 31 + + + brainpoolP192t1/11 + 0x327564e530f5ee66648e2cfb0ac9acc35d55564c4ef0aff4,0x65f039304b4212fdadc7fb953487cefb7c0e0df9d78baa09 + brainpool/brainpoolP192t1 + invalid order = 37 + + + brainpoolP192t1/12 + 0x4b89795869d99bd618194cc6e0de1ec1fdf8275fcadf6b90,0x282b6cfee5cf7a2badfdad7229ae0fa8826542ca2bb9de0d + brainpool/brainpoolP192t1 + invalid order = 41 + + + brainpoolP192t1/13 + 0x67f88890251a28897b858628019558c9d67a68059d92a392,0x3ab545dbfea97c2e1142b03eb4ca0adadcca28a763322bb3 + brainpool/brainpoolP192t1 + invalid order = 43 + + + brainpoolP192t1/14 + 0x5e0fda8efa952383c9f6a8059cc488e85173c4fe38ada13f,0x33fc7a834339c19336caee373a5d98536306e6b8b754fecf + brainpool/brainpoolP192t1 + invalid order = 47 + + + brainpoolP192t1/15 + 0x67f2b88434c930d73d04e89dc2d5c3dacfe5e688668fabe3,0x3a4a1f9d1cfd892a55ae8a183e6113dd2526c68787022ae0 + brainpool/brainpoolP192t1 + invalid order = 53 + + + brainpoolP192t1/16 + 0x9fcbdcffa06d54348a7188f1b75a20d5198ae7613b8557ff,0x2dfe693124b4da805b9796a86e49f96351be6fcdcc2fba09 + brainpool/brainpoolP192t1 + invalid order = 59 + + + brainpoolP192t1/17 + 0x989cecff8c50b7624299caaefb38d76e757935ed9395a087,0xa3835aff007d2814218635a432f7f18c5a05fd3b5497a8fb + brainpool/brainpoolP192t1 + invalid order = 61 + + + brainpoolP192t1/18 + 0x4c777d69d26ef59ef2bddcd6892484e48b9442dd20019934,0x2268f09a3918e577f2e21fc258d122339747fcf54b1ed6df + brainpool/brainpoolP192t1 + invalid order = 67 + + + brainpoolP192t1/19 + 0xa36994e6ac2956b2e4175f4882211029c7824af41d37bb98,0x82c6e6d3236317f71c5c10b7643badefaeff6c757c5c46b8 + brainpool/brainpoolP192t1 + invalid order = 71 + + + brainpoolP192t1/20 + 0x7afac617f22b8d9fe4364bcb519207c378326698c397637c,0x493aa698360796e4ea81841d875d938a60dce2b88b733c39 + brainpool/brainpoolP192t1 + invalid order = 73 + + + brainpoolP192t1/21 + 0x731bf4d77ee01538806d4441e292ce757f43517efe59df2a,0x5e1b963966aee40ca3855ced9bec71a0700db95da5353e6e + brainpool/brainpoolP192t1 + invalid order = 79 + + + brainpoolP192t1/22 + 0xb27da04e86b15e19af0d9e6060fe71dff8c6fd17c5572aaf,0x12d89638df7011757344ad32842a460519f6356e24f98b83 + brainpool/brainpoolP192t1 + invalid order = 83 + + + brainpoolP192t1/23 + 0x7b1c48196314d36ae28d8c0c2d5f177808e5b9bdcf610045,0xa92fdce84d6dfd1123d4e8017682c981081a85d977bae0d6 + brainpool/brainpoolP192t1 + invalid order = 89 + + + brainpoolP192t1/24 + 0x39701cde7695ba5f45b70dd3698004daaca12eb6365be6b,0x7888943d187330eed979330f7bb597b145c96d944d93bfff + brainpool/brainpoolP192t1 + invalid order = 97 + + + brainpoolP192t1/25 + 0x9a7a6974a5604ba4e146907aa875864ca94575becd9a98f3,0xb63b76fc08aedfbcc1683b9a91c2e4659e4ca961329ee883 + brainpool/brainpoolP192t1 + invalid order = 101 + + + brainpoolP192t1/26 + 0x4071814de464ec43ad9c6dafa60316ca24a0c8c82d37ab2d,0x1813fbc09079caaad22edd112f05087fa954ede9f118fac6 + brainpool/brainpoolP192t1 + invalid order = 103 + + + brainpoolP192t1/27 + 0x6f4e604f269d67f4bcf6863d793c6dec34ec7a32a1fda44e,0x7106ccccc5d5e6edaa49f5754d9d4372b32736653cdcfdda + brainpool/brainpoolP192t1 + invalid order = 107 + + + brainpoolP192t1/28 + 0x825ec65670b82edce053a27a19ecd4ceb0f3cd1fcd33bde3,0x9a61e61c6b998ab682ab0ef0fffabc95a2ea1347b7366fd8 + brainpool/brainpoolP192t1 + invalid order = 109 + + + brainpoolP192t1/29 + 0x165b0bcf612e6a15a02ed608af632b2187fdce5b62edcaea,0x3ddef32c8ce4eee1881a1ec994f870dd9b4ba415f8cedc60 + brainpool/brainpoolP192t1 + invalid order = 113 + + + brainpoolP192t1/30 + 0x837b1a876f3242c3b74af0e7207f2acc73782558d5dcb327,0x39c1cb2a9e559dcf4912b16ddaf9d5338be98c45a52031fb + brainpool/brainpoolP192t1 + invalid order = 127 + + + brainpoolP192t1/31 + 0xbf881ba677cef460d1992cc1f15d95f2fec64b771777afd4,0xabc7aa840c3363759152631e2df6582cc674b6bae642c934 + brainpool/brainpoolP192t1 + invalid order = 131 + + + brainpoolP192t1/32 + 0x9f7608ed0232b6364f378603ab3a822e341c88b9989f86f0,0x9b9475f46923407ccaaca29f9f113097e06ad2b01312a09e + brainpool/brainpoolP192t1 + invalid order = 137 + + + brainpoolP192t1/33 + 0x50e3ceed3ec28c2cb201c954698f1c0092c7ac6b5a42a46,0x94c9ef437dfda2ee40fce97a8949a3b9cea5452122def043 + brainpool/brainpoolP192t1 + invalid order = 139 + + + brainpoolP192t1/34 + 0xadcb9a9b3f378a3d5d826c1802e05313fd7cff13a3fcef39,0x4b508ba13db1107f33148595af42d719a3b0e57d86750524 + brainpool/brainpoolP192t1 + invalid order = 149 + + + brainpoolP192t1/35 + 0x5f26ce521fd203982e2e7e7051ec7c4b2cf98c267d3825ce,0x8555cb3934fe7aed5497829a6b8fc78c7cea464c7adc185d + brainpool/brainpoolP192t1 + invalid order = 151 + + + brainpoolP192t1/36 + 0x40b50a121c6e6477fb65a7c5ae074af5a98e2b87e61eddbf,0x1b2a5735df815b923977c81796e06cac5cc7b27a7392d3c0 + brainpool/brainpoolP192t1 + invalid order = 157 + + + brainpoolP192t1/37 + 0x7621af09628691ed09af0cc1462c67e840f42f610efde6b7,0x9fcaba076dd255b2f06c2c3958e0b0bc19c7250a8d647b0c + brainpool/brainpoolP192t1 + invalid order = 163 + + + brainpoolP192t1/38 + 0x96f4e91396ca08a71aeb8fe3a7d0b630a839786ba3cc38ce,0xbe9a4c20a4fdc4ab0695be79baab8ddc2f965a6d9e843d66 + brainpool/brainpoolP192t1 + invalid order = 167 + + + brainpoolP192t1/39 + 0x1d93e3b0ad421f7a597d86dbb0bea6a5a5a945ef34f77e9e,0x3e9e3c3fea00d8e0f49f97df032b09b343fc912eeb0fb38e + brainpool/brainpoolP192t1 + invalid order = 173 + + + brainpoolP192t1/40 + 0x7a78c5fce9be4dfa88601a9197f839dac303f94f853d0bc2,0xaeff15338c34eb73d3d8703b647c4b0e012c55fe2b363096 + brainpool/brainpoolP192t1 + invalid order = 179 + + + brainpoolP192t1/41 + 0x2077ec856767884e010bb23453cf37e1702f882534a50c0d,0xae2dc8b0ffeb0be2e7e835342b81a75fe7eda05d122abaf7 + brainpool/brainpoolP192t1 + invalid order = 181 + + + brainpoolP192t1/42 + 0x49cd233e20654df673673656131b2ba44912258317fff1a9,0x504dad2d443551e766612f53640ccddb35dfc41a1a0a93de + brainpool/brainpoolP192t1 + invalid order = 191 + + + brainpoolP192t1/43 + 0x48991942efdc0f5f72fedbaabb8b1fa830bbef1bde096d72,0xb4f1f9582076ef37a31920d1164a3fdf6a2aa7b5c45cb76e + brainpool/brainpoolP192t1 + invalid order = 193 + + + brainpoolP192t1/44 + 0x6f62622cb92303a2c07b19dd92b6aec0a2288a3447b53ef6,0x2ff1cb8a6ec21e06f0aaed08c679bec3babc1e8eadefaf7d + brainpool/brainpoolP192t1 + invalid order = 197 + + + brainpoolP192t1/45 + 0x5e7a39e4070b6463aedb4b47c1630d9eca0d9b94e9a80494,0x309532b1917bf93d4da738c79fd53f67761233d037ba0a6c + brainpool/brainpoolP192t1 + invalid order = 199 + + + brainpoolP192t1/46 + 0x941b662cf05a3932343c5e73cca9474ebddd283b49d5e2e2,0x3c6feb7a04eaa672c0cc83d00163467a190c7c92f59d16d2 + brainpool/brainpoolP192t1 + invalid order = 211 + + + brainpoolP192t1/47 + 0x7e05d9d39daefb115b319248483013a1f58d19d7a2fe18c3,0xa5aa4ccce13c81f9ba26017023bb0439a46c3f803915ff10 + brainpool/brainpoolP192t1 + invalid order = 223 + + + brainpoolP192t1/48 + 0xb50dc20992def2ce30062a2c4943e6b8e89020870eff1f2f,0x1340d821a73fd4a13192b1e745eca4a526d436ba2e5e3629 + brainpool/brainpoolP192t1 + invalid order = 227 + + + brainpoolP192t1/49 + 0x6aab28a136f692ae4c5844f65e87ddbc023e6e11225e4144,0x8e4012caa78cdc7c73c7fd9f42bae695d5b671a0901bd5f6 + brainpool/brainpoolP192t1 + invalid order = 229 + + + brainpoolP192t1/50 + 0x37bbc69a63adfb7c51c69aa045e8d5d160de75b06af3d54e,0xb9605001d75ee8f4e07fec14f6aa442bd2749432f9cace26 + brainpool/brainpoolP192t1 + invalid order = 233 + + + brainpoolP192t1/51 + 0x1120ad627fb7cc7c5621e4d7c5818b891d37aec4bd663d28,0x10e78e8c938bf71724b0a1601095c7f6fe59b39f7e602921 + brainpool/brainpoolP192t1 + invalid order = 239 + + + brainpoolP192t1/52 + 0x587a9ef23690e4a58841ba2ee0e2aebb779cec73236068a3,0x9320077a9d92483a0d1e927af684b74dbb9c15e5c6d8dae6 + brainpool/brainpoolP192t1 + invalid order = 241 + + + brainpoolP192t1/53 + 0x433aa1200fd848d89eeffafbc76a4bf42dc88284e7e935d9,0x903ec27b863aa41ff5662e0be7d37a69daa9b4e72c9cc8b4 + brainpool/brainpoolP192t1 + invalid order = 251 + + + brainpoolP192t1/54 + 0x9aab4fa1bd8c55746f2584eec54118f400815e5b2b0290a3,0xd1b9110aed6e79c0c2951f02609ea62df69d6f2193f54c3 + brainpool/brainpoolP192t1 + invalid order = 257 + + + brainpoolP192t1/55 + 0x49446ed07bfb0f57158f43cd5b4a1a03b4ccb0458a00204d,0x114cd9e8db27df268d12952190e9ee115d57b4c4ebf4955c + brainpool/brainpoolP192t1 + invalid order = 263 + + + brainpoolP192t1/56 + 0x397cb69dbf2043266b538272a7d4bb42a4655a5518061d53,0xaee8ec1087a7b3da79d9d5da5ba3d29bd8b87e7ca5ef8d7a + brainpool/brainpoolP192t1 + invalid order = 269 + + + brainpoolP192t1/57 + 0x9a8ec6082c7ef91237eb050977676b0af7c54f847a499ca6,0x79a8475dc581e5113ff3c0888e0389cdfe07206d130f1763 + brainpool/brainpoolP192t1 + invalid order = 271 + + + brainpoolP192t1/58 + 0x7027ed66faa7ce1d4210f6610e0a923283b829da2d0c3c17,0x12e43f5cdc12c96f9366a57fff5550ce0feff7d3efe5e8d5 + brainpool/brainpoolP192t1 + invalid order = 277 + + + brainpoolP192t1/59 + 0x5a1d82fe88b392b28aafd1960a576092f05baf3d5c04164c,0x118cad17735949799602bc4ccb8170e34cb9e7fb2f76959 + brainpool/brainpoolP192t1 + invalid order = 281 + + + brainpoolP192t1/60 + 0x27886b0670e1015a581000b782d08790384d8f9c6672ce85,0x133087b832f84a5034e39b87b3ed2316a423de0af532e4a0 + brainpool/brainpoolP192t1 + invalid order = 283 + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224r1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224r1.xml new file mode 100644 index 0000000..8fb484c --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224r1.xml @@ -0,0 +1,415 @@ + + + brainpoolP224r1/0 + 0x89e0c0ffcfa926835f54fe54243bfb9f035c47e6929d8e6f7d8e29d1,0x00000000000000000000000000000000000000000000000000000000 + brainpool/brainpoolP224r1 + invalid order = 2 + + + brainpoolP224r1/1 + 0x8a9c26172b8730551ff84ed3f6bbe42bed5b5b86c90dfc6359623ad1,0x8697842f0d758ed51d4b7a3e66d12d39c1bae07ce863b60a8f515556 + brainpool/brainpoolP224r1 + invalid order = 3 + + + brainpoolP224r1/2 + 0x6fd95cde64353c98f8a94d09d3d853ad016a4fd1438f932fccfdb4ea,0x31180bbca5bfa12e643bae80ffdeba837a919c8f46b82555dbfa94f7 + brainpool/brainpoolP224r1 + invalid order = 5 + + + brainpoolP224r1/3 + 0x4ae07d5021d560fa803e3298acfbf8f8ecffe12d43172c35fc8ccbab,0xc721d1efae6da065683c6ebe6e2a9690a65b3306a330c0cc1520d6c0 + brainpool/brainpoolP224r1 + invalid order = 7 + + + brainpoolP224r1/4 + 0x506847b86cac64bbe713e3177cea7eb72061e66e43d65ce7d7c564f1,0x99fc48786b17ccbd4221965b09d5d08946a2ac440c773b81d3afab3 + brainpool/brainpoolP224r1 + invalid order = 11 + + + brainpoolP224r1/5 + 0x2542afbb345a4fc1c73224ce958dac1d15cb7397e95b63558f8f8d42,0xa68004a508c5f8b17c2f8ca203f83dd39ff11f7422058b0a0e6ff234 + brainpool/brainpoolP224r1 + invalid order = 13 + + + brainpoolP224r1/6 + 0xa99d4fd7c5f7e20183df489d0e72c4b5328c3c4845ba4289df0b38ca,0x66899ec3b6b3bec2e5bd7294545c35c0fa92123b88b4dba9b3cd2970 + brainpool/brainpoolP224r1 + invalid order = 17 + + + brainpoolP224r1/7 + 0x27790f9deb9b5c8fe48873d908d56cfaec2e2845de31128c8f916587,0x1207fd097653667c1148fd972ac71da97f8d8cdc3ecf96f91a070dc3 + brainpool/brainpoolP224r1 + invalid order = 19 + + + brainpoolP224r1/8 + 0xbf5406fc6bd1d41d80ee17df88acaecdaa721457d3b51dc2e98f06d1,0xc9ddd2458a7cdaa2e7263129fc24b35ebeafc08f14f757e6e0ddbc1f + brainpool/brainpoolP224r1 + invalid order = 23 + + + brainpoolP224r1/9 + 0x85ecc9bc99cb5a56cd27cffdd3e0908187cef0dfdd23f3e661432c17,0x21d1956bd9038b2085695721df46ee366e3d4bb8248244ce6d8fc5cf + brainpool/brainpoolP224r1 + invalid order = 29 + + + brainpoolP224r1/10 + 0x324131baf7e84cc2c4e18b5ae827de053fae3c15dc5c0cc222f9b042,0x4c9db2552a4616538250f45bc43888830c52dd60045444fc5a9f88c8 + brainpool/brainpoolP224r1 + invalid order = 31 + + + brainpoolP224r1/11 + 0x3185f5a8072b757b7897b8987a9572a49a913d652b2896368fb0feea,0x2e10991bed4fc7bcda0c2fa78a2cd9f320b46cc045824e42ddc263e2 + brainpool/brainpoolP224r1 + invalid order = 37 + + + brainpoolP224r1/12 + 0xcbfa9f44ea1762bd2a2a790b2b058d307fde17a5c0a7e47ea3d0a22e,0x7d6287bd98f7fca9b938506d46d6ca6e89c3364c6d6c5d004441635c + brainpool/brainpoolP224r1 + invalid order = 41 + + + brainpoolP224r1/13 + 0xa8e4d37407def999b03989e163bd4608c636f2ba6dd475004a1b9597,0x52c3bb8e47493f6ce71f98fbe0c761629c2a1b9b0667ee5e1002fa65 + brainpool/brainpoolP224r1 + invalid order = 43 + + + brainpoolP224r1/14 + 0x50917415cc4a86e472ed16bd87ac91f1c923fc915aaccf6f8cdbba34,0x2fc2aad33adde7fcd890df073c4333f0a66685aefe43db8faceeb821 + brainpool/brainpoolP224r1 + invalid order = 47 + + + brainpoolP224r1/15 + 0xbea67e2d997598df7da26e6e3215b87e9fce7e2f4fa32eda1c28c536,0x654707ce32237372664595b19a7976fe67be4510986191759234c73c + brainpool/brainpoolP224r1 + invalid order = 53 + + + brainpoolP224r1/16 + 0x368e8432bb93e872ee8537e8df1bf8734e0bd700e8fe2972c77c1847,0xb7c23da282869b6268049610dd162fbc0c3121a650916a002fa3b9e2 + brainpool/brainpoolP224r1 + invalid order = 59 + + + brainpoolP224r1/17 + 0x9a929ce55386f553a36ef0697cc45cc8f96d00a83e8be45d0e3c62bb,0x47baae1f184639410dd147ccb8b4d8fcaf9dda2c9d07f0b000a1230b + brainpool/brainpoolP224r1 + invalid order = 61 + + + brainpoolP224r1/18 + 0x817d380f22612bb17b9cf2d03319382bc4cf1145f0ff3628dd316a25,0x56f0972ae8636459628dcdcc35f144e31f51f7e3141dffda074fd95a + brainpool/brainpoolP224r1 + invalid order = 67 + + + brainpoolP224r1/19 + 0x3de1c6f26bd048df21973de1fe0b23f5921ef0910f7e4c8c72b127ad,0x85986e31dde5875ea6f81d6a63b194da5cd4f8b0f24d338b4156237 + brainpool/brainpoolP224r1 + invalid order = 71 + + + brainpoolP224r1/20 + 0xa99585c4e76396d84ee4dca35c269c37d9fca8ee75b989c79bb83bc7,0x8077a14bd274e35e0823422dc730a404f6c600c420943a3825dd4e2c + brainpool/brainpoolP224r1 + invalid order = 73 + + + brainpoolP224r1/21 + 0x99ad24de19a9717b11af95ff7d089f2a674bc13ac3e94e9329f0060d,0xb79d3d9685208af2a2aa7bbc000c7055afe9eb593725dfe64b0c49d7 + brainpool/brainpoolP224r1 + invalid order = 79 + + + brainpoolP224r1/22 + 0x17bc9b645f03a70dad4cdccfd5079d9c86ea6a6f69d231257079abff,0xbff606f6d5729aa9763c272ec711382ada55a0c30bb6bbea17348ddc + brainpool/brainpoolP224r1 + invalid order = 83 + + + brainpoolP224r1/23 + 0xcd65717618a76781a610da825c52e4b2735918fe5626c26fbfe7f0d2,0x32113dd45769b7262bef002ce0ea2a04a3d78025ec3895dda1cfce15 + brainpool/brainpoolP224r1 + invalid order = 89 + + + brainpoolP224r1/24 + 0x74ed4dd1a3246c8ff340a9814b7047d59a3346997ab8dd8840e10ce7,0xc3dd009ad54a1097baffe915c998a25231cce561d24336c9332961e1 + brainpool/brainpoolP224r1 + invalid order = 97 + + + brainpoolP224r1/25 + 0x34bef468db8e8f6aadafe5f7e2dbe5a09cbdbd5ba1dcc2453d26da6a,0xa2a3c1e03b115213f09d1490c5b8c345862d3b26504308e501193bc3 + brainpool/brainpoolP224r1 + invalid order = 101 + + + brainpoolP224r1/26 + 0x242b22a34649c84ebc139f01ceead4965a2db06fcd0190451b6e3fed,0x722cb64468c17bb4e4424a696462ecf5a9165f272360afedfeaaee29 + brainpool/brainpoolP224r1 + invalid order = 103 + + + brainpoolP224r1/27 + 0x84808769d886fb7e9020bac6ad79cb116ddbfb17e6b9c20f49d6c5ff,0x82d84cefbdc1c8ab2da8325b045d70d049f4ccb61c2207273dc8fc5c + brainpool/brainpoolP224r1 + invalid order = 107 + + + brainpoolP224r1/28 + 0x89ba3b24c00d9e603c5287da29b1bca6a7d1258c77a95153b8578ea0,0x10a9f62d659f0c2344e7b67f2c0970231a67810dc06fb5fcd19f469c + brainpool/brainpoolP224r1 + invalid order = 109 + + + brainpoolP224r1/29 + 0xc228fdd85a0e6a11b49bb36d1f9f69482eb8ff432ddda50b828df25e,0xc46161bcd259be94dd99426dd9eca83f87e217d50a8e56edc6934ccc + brainpool/brainpoolP224r1 + invalid order = 113 + + + brainpoolP224r1/30 + 0xa27dd74b9f07ea53076983e55553fa5058d0e3ffffc548fa91c7f42e,0x66c1866d9b6cd115c40cd59fa98fa234f0b417a7e2f9b22dcb8d28ae + brainpool/brainpoolP224r1 + invalid order = 127 + + + brainpoolP224r1/31 + 0x7e357084e413cb28951b47f77647606a954cf08428a1086f2e4e2201,0x3ab4ada4ad184784bd92d2fc718cb300bde77397418acfb805fdb759 + brainpool/brainpoolP224r1 + invalid order = 131 + + + brainpoolP224r1/32 + 0x505f922799cb0678730a095332de63b76828009567ebd99a65dabad1,0x5920c072b22fad42298e87846414209f5debe97344f0d9f2b620d6c9 + brainpool/brainpoolP224r1 + invalid order = 137 + + + brainpoolP224r1/33 + 0x1f400fa81edf1097988df224638e8871cef826e6ae999d096652ac2e,0x2281ab10b3b2785af8836aec5d475dfdee5d948f611503d79cd14ad0 + brainpool/brainpoolP224r1 + invalid order = 139 + + + brainpoolP224r1/34 + 0x62ade77edb4f8145b0b6c33d024ec29ca9df6431e69539fe14406e5d,0xa651a52bb6bab5ab8f68ecaeb9980bcf07cd2f22a52e66c958d8ba4b + brainpool/brainpoolP224r1 + invalid order = 149 + + + brainpoolP224r1/35 + 0x7f016ff373b21734a5806afe716ec8b9c64c5c6cec3256a0c234def9,0x468fe4ead1304c448f928eb9d3ed371c5fa82bf0a9cc34b13678d34d + brainpool/brainpoolP224r1 + invalid order = 151 + + + brainpoolP224r1/36 + 0xc9042a9f833a921f867564ab23f09fd718c1eca2c7b06c59370729e3,0xa30eae37135f7d2002b403efd421f3e406c93ea83d26d2f6775dcaf6 + brainpool/brainpoolP224r1 + invalid order = 157 + + + brainpoolP224r1/37 + 0x59cb80ebcdfdb9821a2c86ddfd91b1e2b8020e3e7946706686f91185,0x15a8e1811b5a0b86e1ca65cca037337e9aae77925998d834da01332d + brainpool/brainpoolP224r1 + invalid order = 163 + + + brainpoolP224r1/38 + 0x6a4c54c4d6ddaac0088bed8890cccc445640c5f1383b75fc8f088d0f,0x9d0acb0002a98d574480b63e4d3c5f3fc0f765d343dc906f67e17f34 + brainpool/brainpoolP224r1 + invalid order = 167 + + + brainpoolP224r1/39 + 0xba264c9d97507cf49bd95f32789e063dd31a554323b81c9cf4e79809,0x1582bd8629242bef8924d4926dbd7c1f32b2e638eca123fbf4b0e4cb + brainpool/brainpoolP224r1 + invalid order = 173 + + + brainpoolP224r1/40 + 0xb534388ee7a750b44b35dce6b18dfd6b6f028031afb219c79827014f,0x5dae94894223d1dd7fc536508df8ef8aebb93f2af6df3f2944dcc815 + brainpool/brainpoolP224r1 + invalid order = 179 + + + brainpoolP224r1/41 + 0x1810236ec8d1811f9d0436aab32e97f705a4aacb34bf67d337cc7967,0x9122789dea85cdf79c111edb3c1ca60683dca715ab3c6e6cf6e208c4 + brainpool/brainpoolP224r1 + invalid order = 181 + + + brainpoolP224r1/42 + 0x66c090d3ec6db3c98e0d2667556b4f78f5524a3462045b976e1518dc,0x5ef4fc0925acf17ff2da5c4836670d5057ec49f8e1d0d2cbef9f1d9a + brainpool/brainpoolP224r1 + invalid order = 191 + + + brainpoolP224r1/43 + 0x679192db6f2dff11ecafa460f170d2ae02e7a6c9d1b2fb9a84f130ab,0xc1f354ded85005c5e62de46c36cedb3d4df621f7da4748f95575d198 + brainpool/brainpoolP224r1 + invalid order = 193 + + + brainpoolP224r1/44 + 0x2ccc65af95c059a6082f6a7ab53cae3b8c4d58ab49b56d267d85b92b,0x5d89a587d86c8da90590945c11eef16317ab65afa9ad00401d1a9486 + brainpool/brainpoolP224r1 + invalid order = 197 + + + brainpoolP224r1/45 + 0x68400966690e90a7e0642249dcc45b1769341ffb80bf1b344b6bd221,0xb883bc763730e5c879e29505565aa1a9d308fd0a78029cbfba74cb9b + brainpool/brainpoolP224r1 + invalid order = 199 + + + brainpoolP224r1/46 + 0xb2ebe10ba2052c913d571eb17ddf1cf25a8973d6c382e91236574a45,0x7373d46ea4f9d6661f101d49f26de7124057f7847e0d75f734b168d8 + brainpool/brainpoolP224r1 + invalid order = 211 + + + brainpoolP224r1/47 + 0x8aaf8bb725ebc21c12a723ab9eb9f739a116ba56990213048b1e0df5,0x608c57f890ac7876a575b6f6aaf8864a9ac6b05aae2df8a8092e77d3 + brainpool/brainpoolP224r1 + invalid order = 223 + + + brainpoolP224r1/48 + 0xc0e5af59e50c78d733f9b902c2a0d71c67fae587bfccba396d574353,0x8fc03d6a5a61ae44da93ed610c581a1b07c7baf44ab63a5c62afab40 + brainpool/brainpoolP224r1 + invalid order = 227 + + + brainpoolP224r1/49 + 0x3e95834626de3d087201e644f9224736cc9ad2f5f3b5afda8c6f74b3,0x64e444f4546c1731aeec5e804db4b56225fe2643565618a4799a61d7 + brainpool/brainpoolP224r1 + invalid order = 229 + + + brainpoolP224r1/50 + 0x8c22d2a75be021c59821b121e4dee2ac5739bc52c08b824b9839433d,0x88a6379933eef263f6b47bf47da9cdbc75a2d022e944ecd3bea13a19 + brainpool/brainpoolP224r1 + invalid order = 233 + + + brainpoolP224r1/51 + 0xba6542ff9780382c535826a2aae0288d30990429940035763a251c48,0x45a9d043983c9bee42adf8953bc7038ab618fbf24b60d79fed426828 + brainpool/brainpoolP224r1 + invalid order = 239 + + + brainpoolP224r1/52 + 0x89b90b886ed09591c182478b66a3b1cb19ae01fe529897a2a2d5c8,0xc4650cc96a78639f5f33b7b05f48a72e5c49e7cccf916ed5638f22bc + brainpool/brainpoolP224r1 + invalid order = 241 + + + brainpoolP224r1/53 + 0x4719d664547496f82e499fb8042e94c22c6adaff9dfa27617c859bd9,0x5b4e325bf938c8a04fc90ba28d5eaef9ada1f622bb312865fa80a757 + brainpool/brainpoolP224r1 + invalid order = 251 + + + brainpoolP224r1/54 + 0x306692fc28ee89078487a2814f8a1537c62e5f190bc834fb99f1164b,0x42e71683d887e3f661471a86e48071417efef089a9ad9813817aa8f2 + brainpool/brainpoolP224r1 + invalid order = 257 + + + brainpoolP224r1/55 + 0x5f4e48482cf7886a3f16fa4f67647e493eb1d555fd5b789e612e03e0,0x75b361bfac7068f33512f03ca85fe5e2534877f62a45151a46909d35 + brainpool/brainpoolP224r1 + invalid order = 263 + + + brainpoolP224r1/56 + 0x72301839e381fc66ccfb90a27f47537e72938be432562ab2c515a676,0x670929c9aca13eff17a066aa49ee70b7af927aa3ef51a56d2bc9dd7b + brainpool/brainpoolP224r1 + invalid order = 269 + + + brainpoolP224r1/57 + 0x1a8f2944595b492716e10c1990073543495b728e66059cae5315b41f,0xbb6bfdadb9ab8dec927caf69a55c7a8accc39e66f19e996484e0572a + brainpool/brainpoolP224r1 + invalid order = 271 + + + brainpoolP224r1/58 + 0xd663c14ede1ad61f2d6a7c5c5fb84c33bf0cc1d984de8d1cf732c3dd,0x7f0c4afe5c6d72a674068ae92d0d72a20511c34670796825faa7f945 + brainpool/brainpoolP224r1 + invalid order = 277 + + + brainpoolP224r1/59 + 0xda95324c5c75af52b2fcc69d5f4fbbca0babf55676fb7341cdb93c3,0x3a77375fb7a06b9b593c153ecb8a3a15d2d168dd69fb05fb85aa83d9 + brainpool/brainpoolP224r1 + invalid order = 281 + + + brainpoolP224r1/60 + 0x67a44aa8a28b90bf74bc3e15baa73c27578e36082746098d01633186,0xcee5d48ffe8fd615e3a449718f9e1cc93d956627f123f5127acaea76 + brainpool/brainpoolP224r1 + invalid order = 283 + + + brainpoolP224r1/61 + 0x924bffd1d17d9d3bcf8b4a22246569bb0ccb4f9d6d61c4a995561f12,0x44ce9de91d9b67370760ec3a56e9c1f8c82e5df1a004f61c64a0af8f + brainpool/brainpoolP224r1 + invalid order = 293 + + + brainpoolP224r1/62 + 0x86f62830c0d7b1f7b4a96d3fb266983ff6849d21c710f52c530b2917,0xa3c5fed67a85149d9d872d54007498d413fa562ab6a08ba03065c43c + brainpool/brainpoolP224r1 + invalid order = 307 + + + brainpoolP224r1/63 + 0xca69f15a74fc75add7c43558be3d2d440dcfded7b4cb73a147c49992,0x169ad1aa855e3773f07c042bff36f40b77fc18832d13c47616dcfa37 + brainpool/brainpoolP224r1 + invalid order = 311 + + + brainpoolP224r1/64 + 0x367c588818369060cadaf220754aae829766510e3ac1c752a2a52cac,0xadcbe6479964e52467a0adafede740ecd51d685dccdd552dbb3b8643 + brainpool/brainpoolP224r1 + invalid order = 313 + + + brainpoolP224r1/65 + 0xb089efced1c9d22998671b68a48cec5ed014b611446dcb6f58e2a344,0x6a9b8c4bddaa2cad7d05fe20ab5f0ded370d13478da660b92067e30 + brainpool/brainpoolP224r1 + invalid order = 317 + + + brainpoolP224r1/66 + 0xa7b74543de5b00f1e38d6332640cbebdf80522f75010bfd2c0ecc7fb,0xa0612426b274b5e0d6d1f8c2ffacbac9c482c773ccd07bce895a145c + brainpool/brainpoolP224r1 + invalid order = 331 + + + brainpoolP224r1/67 + 0x614fd6a648489195b7a3d0c6e52b45bab288a04255f073a22f0a602d,0x379813298af38c01ac267fac9a74a8ca753c9fabc1376edd69c2c65 + brainpool/brainpoolP224r1 + invalid order = 337 + + + brainpoolP224r1/68 + 0x40768036d359129a0ba04b086bd81fc8d6bf0a89052979bd6a3cc562,0xc7b0e26b7b5b88278286475a199cf200d9fa8493d98837fbb7ccac00 + brainpool/brainpoolP224r1 + invalid order = 347 + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224t1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224t1.xml new file mode 100644 index 0000000..3e35a3e --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP224t1.xml @@ -0,0 +1,415 @@ + + + brainpoolP224t1/0 + 0x903db86d55a3f7e56db96f347e33674e69b7f407a6dcfa006f8943b6,0x00000000000000000000000000000000000000000000000000000000 + brainpool/brainpoolP224t1 + invalid order = 2 + + + brainpoolP224t1/1 + 0x3ce88de890da96ced23018bbf9deb4fa110e43a8b5a1a1244cd42a48,0xba76d8b75ab4ea01617e6dbf784187b2faea6797a19e7d067f45300d + brainpool/brainpoolP224t1 + invalid order = 3 + + + brainpoolP224t1/2 + 0xce104655afd783d353b80d1dbf528c1d9bc08de18d061727b2ec81f4,0x24b5382ab293fed4d1351113e21a681b20ade8831b32a0d653518e41 + brainpool/brainpoolP224t1 + invalid order = 5 + + + brainpoolP224t1/3 + 0x29f5404b2216c310652b2259de41ee3f320a1cfd603bd0469e3c8e4a,0x2c415deed551027037fe611b8fb25ab2d253006c4b180e66e77e916d + brainpool/brainpoolP224t1 + invalid order = 7 + + + brainpoolP224t1/4 + 0x9df8a099a9474432e0a5a2d0e77142f38991609d1031fe34003993de,0xd4725eb18303cd5b54e93709a2181f1006eb73241b0c99a1d7d2d097 + brainpool/brainpoolP224t1 + invalid order = 11 + + + brainpoolP224t1/5 + 0xd692f567904cd6306378725e29b69dc0e1ec5f029f836504a67eec3,0x8cb5587f494359c2d16f54d02b8e53fa24bd98e6829592a680dfe9b + brainpool/brainpoolP224t1 + invalid order = 13 + + + brainpoolP224t1/6 + 0xb4fd1fa1639c0235bca03c3ccc6cffdcacbe12c02d8d35219b518c0e,0xd54bb4b6eaa02598793c521b7f6f64fce884618a1a530d5d4e6bb5e7 + brainpool/brainpoolP224t1 + invalid order = 17 + + + brainpoolP224t1/7 + 0x5a9644ed3b4d970fd75d8c900bb6da1d1bf61099ed45880fd684e508,0x1e674b9fc1ab58d55c5f5b23108c02c8815d173c3cf6bf8b51eee972 + brainpool/brainpoolP224t1 + invalid order = 19 + + + brainpoolP224t1/8 + 0x30253b46cf63239ea7bc4a1722ccdf72734b0159cb209b8f3e6a6fc4,0xc9556d07c16c98eed08c4b8602aef096388f5a5578ab108d19846dfa + brainpool/brainpoolP224t1 + invalid order = 23 + + + brainpoolP224t1/9 + 0x164e74e5b4f54b16cdc227a376af23c2cc68aea22e6c2837f07adcca,0x820c6ea5995ce42f75f727a0626821e998907b43d2440a1114ab662b + brainpool/brainpoolP224t1 + invalid order = 29 + + + brainpoolP224t1/10 + 0x4da62a5a136a80bdcfacf7b7d0b09e8604a0455a257fbafad62ac8bf,0x1f3208b7c42089a7bf6d7e0582a6626f07e7e8343666b6078c57762f + brainpool/brainpoolP224t1 + invalid order = 31 + + + brainpoolP224t1/11 + 0x8eafcfb6e6ab494a362c362b0f7b1e4fb80b317be1effbec498de54,0x5a31b805e265aa2bcd83f5694c748b12a3a99d8712496dcc7574fd4f + brainpool/brainpoolP224t1 + invalid order = 37 + + + brainpoolP224t1/12 + 0x1b2fdb0abfb80973a375a7b7d3777e6261d28c7063793704155ea599,0x2460a6f8b1fe1806208dc36e9198f55c4b73e9138087da9a52b40d9 + brainpool/brainpoolP224t1 + invalid order = 41 + + + brainpoolP224t1/13 + 0xb039c3982b07d55cee6ef13578509764d977b966b56c8adff0c4a88f,0xa4dc55138c0cd444e1e0018c67ae26be451885329fef3b9809e0e061 + brainpool/brainpoolP224t1 + invalid order = 43 + + + brainpoolP224t1/14 + 0xd31f2944cdcea279e57fffa3a6ef95a1a5cdf0756b8a84c81b5bea6c,0x41c608535293b4548505aa5e1266d59d906dc1498cd5eb59ca013c24 + brainpool/brainpoolP224t1 + invalid order = 47 + + + brainpoolP224t1/15 + 0xa5c7373dc1e90d54f1a1a8b2f2c18500bf7eeb850a2c8f49f7d7445,0x32c2fca7ea7e57d3123673ce66265cbd2c5df24a3780dcd679015093 + brainpool/brainpoolP224t1 + invalid order = 53 + + + brainpoolP224t1/16 + 0x4195f6bf23b70cd19fce75dcdecefdc5ea96d867880a83a3a26c53bb,0x12c026b38ff6cfc801ea7dbc2ce2f32c5daed87e35ade0a174281f19 + brainpool/brainpoolP224t1 + invalid order = 59 + + + brainpoolP224t1/17 + 0x5eb477369426b55e554b45ba8a121b26b919cae4659995a3d8c09b52,0x20991a254b6cf4daa25ce7191796d34847187b6b3a37e8de3f10db39 + brainpool/brainpoolP224t1 + invalid order = 61 + + + brainpoolP224t1/18 + 0x2803d5cc5979d238e067be5000138a4a35a8735c54c5df5f44e703c1,0x16122b1685ce3a92930666ad772c49f741781651a37bf7bd1bc85096 + brainpool/brainpoolP224t1 + invalid order = 67 + + + brainpoolP224t1/19 + 0xa96b5bcc91bda73d22b3715d9decc72a2e4b7aa3182fa3881b82f805,0x7b66b9eb4c1fcb01cf92bcd6c0c181e1e1622ed5735cf06abd25c32b + brainpool/brainpoolP224t1 + invalid order = 71 + + + brainpoolP224t1/20 + 0x11386d243329901f84b44612631583b56847627e6f1413c962cbcc5f,0x66e244ff879d38a6da1309a5f458f0ddd41d5183c72789055174674c + brainpool/brainpoolP224t1 + invalid order = 73 + + + brainpoolP224t1/21 + 0x82dd7213e43a39e6b86ea2361e2b511bfe16949d79b12e336b2a240c,0x4cd02b7ac711ea52c1c9fd16deb3705a2bbde473ea28a969a61d88f9 + brainpool/brainpoolP224t1 + invalid order = 79 + + + brainpoolP224t1/22 + 0x4ae657b535dcfc8e137e42ff6a823d53036063f866b8deeaa4a1883f,0xd3026b4bc72b256739ab6613f0d88edf2399861e6ea98ab27df9c0d3 + brainpool/brainpoolP224t1 + invalid order = 83 + + + brainpoolP224t1/23 + 0x5ca6c3c84df389e2c725cb1de35f53f624e4bc2586b7f4017f536a69,0x9f11b34c3850954fbdef6df7ce02c2fef5293d221f73721da5efc7ad + brainpool/brainpoolP224t1 + invalid order = 89 + + + brainpoolP224t1/24 + 0x6ee14e06310a2f620fd869a245218978d24ee2986049370b8ca648c9,0x2349894833015df29ae127df8c03095113c965b5c44fa29b2ec2227d + brainpool/brainpoolP224t1 + invalid order = 97 + + + brainpoolP224t1/25 + 0x78e28d078946477cfc9a0f3ef0f37d90be161dfb9e128ccd67b00557,0xac419bd16593e40bb2ef0a14ac05688efe479c5d246098142b2866cf + brainpool/brainpoolP224t1 + invalid order = 101 + + + brainpoolP224t1/26 + 0x9d23cc7f6d559bdfe74ec50eadb8315d7219788c8d28d0d21229167c,0x21ccc26f1cd844ab93070dee5407f24a53bbb62f859fe9606166fc84 + brainpool/brainpoolP224t1 + invalid order = 103 + + + brainpoolP224t1/27 + 0x2e4a02a3d7fcd8f7ccabe314c8ad627a42b2a4ecf16dfee581d4ce59,0xac2a0f9e987a70e545a4fc26b1a4dbb026fd9020314f2e9180fd370f + brainpool/brainpoolP224t1 + invalid order = 107 + + + brainpoolP224t1/28 + 0x72db0b351ad167fbbb2b7536aec92362752bafbe85a87ea9a26e13f7,0xb0fb799918526b3ad5569bbe7bbfbacae0594dd3ec06dbe9f14b794c + brainpool/brainpoolP224t1 + invalid order = 109 + + + brainpoolP224t1/29 + 0x746cb8ac686bd2221f40fd9709c54ba38739c35e27b457592165b0c0,0x3124868483f9cbe25575f65ab598380625c71bb81acbc16ab4c72085 + brainpool/brainpoolP224t1 + invalid order = 113 + + + brainpoolP224t1/30 + 0xcab41d49f921dc6b1846a41fe196ccbb61333c07f8d185810d44a0a2,0x64e1afd4256bf120e1c4a9b9905d5bac1fd44937a760e0e60bb4de95 + brainpool/brainpoolP224t1 + invalid order = 127 + + + brainpoolP224t1/31 + 0x98077cb4c113b3bc2e3c3a3fbb0cc3159dd3d5970354b89af3232909,0xc9dd9d82e59f07b3c3fbb3e804ca33dfe126edf45f1183ab09bf6413 + brainpool/brainpoolP224t1 + invalid order = 131 + + + brainpoolP224t1/32 + 0x1b9b208262a6652c42728b6b56077b44b9eba1e88c5f66fa7f60960a,0xc1c77a66919f2ecb9bdce66187cbcb8b8cf5a3a18bbc889ddaac32e4 + brainpool/brainpoolP224t1 + invalid order = 137 + + + brainpoolP224t1/33 + 0x9005ad037ec2d351a998fdb3b6f6f111123d97a7eacdb19fb10812d3,0x2d20e6ef8139ab5406b49088b1f59da721fc259b8d731de543d820db + brainpool/brainpoolP224t1 + invalid order = 139 + + + brainpoolP224t1/34 + 0xa93315c73c705949eec16bf15fc133bd1c17e5a89e1de9aab66ae467,0x13849abdda8ddc3e47b01ce38818be4d438fe2cb09aee2def3d94b70 + brainpool/brainpoolP224t1 + invalid order = 149 + + + brainpoolP224t1/35 + 0xe51b306c6d9c742c304909025b450ac2533a8d70bdd68d1c94c7719,0x32bc0d2319b3192b306caa773ffcb623f73cbffa84c926a9ce4c1337 + brainpool/brainpoolP224t1 + invalid order = 151 + + + brainpoolP224t1/36 + 0xbc57775678b6a8f00fac758b2da4fea004885d6d8fdbfabc8575440a,0xc5127750958aacab52d7828659651a26b8d11ffd6feae6b1e6c668ee + brainpool/brainpoolP224t1 + invalid order = 157 + + + brainpoolP224t1/37 + 0x121d57fc1efc371f213e3d571b64bd8fafe093adb49c93354a78acb9,0x98d61d971a0ee06a5d8137f6992110570af40522b8554c7c93ad9e7 + brainpool/brainpoolP224t1 + invalid order = 163 + + + brainpoolP224t1/38 + 0xbc4067725245f46d6b351174bd840c71f6efdc07959f9e30b999bb24,0x6d47c6117167d335a752342c8b444e5cf6e9beb0e30dc5c442d703b4 + brainpool/brainpoolP224t1 + invalid order = 167 + + + brainpoolP224t1/39 + 0x6924f34c8ea942477e7c57dcf7abe22c209a4fcb6ce1583a0e727d49,0x198540e98c22c2de0bd2007115d7701ce14f7b3e7d9392413bcbeb37 + brainpool/brainpoolP224t1 + invalid order = 173 + + + brainpoolP224t1/40 + 0x761f22bf61d56a14a71640f7a8d10fbdb3cefd76f75177a6adac0614,0x6370e8fb34ea148c31e3d84495963a27e23116992ef9da04f3c9cfc3 + brainpool/brainpoolP224t1 + invalid order = 179 + + + brainpoolP224t1/41 + 0x7ef5ace205f6de85ee6037a8e54b0d96528aec644dbd29e76167c59f,0x4921804ddff84e4bdad8d3d7267663280aeb2fd002890b3ea97b6f9b + brainpool/brainpoolP224t1 + invalid order = 181 + + + brainpoolP224t1/42 + 0x36d9dd6f71bec680467cf7d7d10cd6e8af19ad3ed984c0bcdae7e0e3,0x116ed796671a045c815aba6f098442ac7390a58c55042500a88ca7dd + brainpool/brainpoolP224t1 + invalid order = 191 + + + brainpoolP224t1/43 + 0x5bbc95e8c5e479790cad77105590fb0d2cae353a1b514163f7d90dcd,0x41439d1a4b58ac314bf90b6da7058bb39c8486e3c0fdfea002c8ce19 + brainpool/brainpoolP224t1 + invalid order = 193 + + + brainpoolP224t1/44 + 0x4584497900b9c7b13ca0f4b98bba3f41cf2ec8a3603ae09a95aeaf52,0xa24dc1842795475b50463910556bfc4f6ed4c37dd344c7c24238e87 + brainpool/brainpoolP224t1 + invalid order = 197 + + + brainpoolP224t1/45 + 0x8f17a76b6ed5b73a8a22183a538eba9ee89f78c5e14e8330b886ec05,0x7f1e9f24e0f592b834fd87387dd8ddf86a0ee75d8151142224ec08d + brainpool/brainpoolP224t1 + invalid order = 199 + + + brainpoolP224t1/46 + 0x8a48be79c195087c1dc1fb492c18e770fc9933d7f2a706e2c2e59ea2,0x913411f361680f3780727d7891a3a57c14bf18c3ff3441be3005de35 + brainpool/brainpoolP224t1 + invalid order = 211 + + + brainpoolP224t1/47 + 0x1e20a6828974b984d2214859c1220112f2dd298decda8f63b8933871,0x8ee907f36862ac6d2e8434881d229f2d2f469430c27e0b006e5b03fd + brainpool/brainpoolP224t1 + invalid order = 223 + + + brainpoolP224t1/48 + 0xc5f6e051d39899b03ec7246c401427f3369abd0741707d44f16a553b,0x6f8b1a5edeac1eb52cda7ea1844d84c6c9c17ce855ab4bd8767312e8 + brainpool/brainpoolP224t1 + invalid order = 227 + + + brainpoolP224t1/49 + 0x4c887feba598a4c83737aa5b0ee8e31d46eeaad823e15e4a75569612,0x35615db28be271e04d61bcdf0962bf16f87dd60e62658b569ec296ed + brainpool/brainpoolP224t1 + invalid order = 229 + + + brainpoolP224t1/50 + 0x224e219b5369017b397e88e5475d2193be9e59892e04fcb6820462f7,0x291add348326896d53d434d12de4a8855983b8960bddb6016af2ebc3 + brainpool/brainpoolP224t1 + invalid order = 233 + + + brainpoolP224t1/51 + 0xcf692fa6808c3f9a58bd822d5aebbd42805d110de71fee2d9ab2392f,0x227121c810c767feb2f9797e94ccf40295446b5b8db75c7d64e9d5c5 + brainpool/brainpoolP224t1 + invalid order = 239 + + + brainpoolP224t1/52 + 0x8b5399520a4e6561b28fcf78c73b7e22c6157825b37ee7efb0d96407,0x2f7fe5f0a2efbb0c301dd46f47073979498f8b3cfcdf97bf60976c07 + brainpool/brainpoolP224t1 + invalid order = 241 + + + brainpoolP224t1/53 + 0x81db1c14139330563b04b044528f9f63211bbd5503b89abce0bd7eb2,0xc4079468149ae5114d72aa8afbdf0529b5f5ce3ddea4917d9cf70be3 + brainpool/brainpoolP224t1 + invalid order = 251 + + + brainpoolP224t1/54 + 0x66f326c9fb27b29ee8d292146262791c41f1a7b5d3e55616be3084ad,0x6a2fb717ca1d79e716cae7a65bc9ff69e1c1c01a1416a815e0aafd83 + brainpool/brainpoolP224t1 + invalid order = 257 + + + brainpoolP224t1/55 + 0x26f7f045dfba40b7c57c46ae3c48ac8b45edafcdd7c6695340e73174,0x98bc4c6661b2ce4aa6dd5735956dd04a3ab704e0280b0a35760e942e + brainpool/brainpoolP224t1 + invalid order = 263 + + + brainpoolP224t1/56 + 0xa24f5f510ad557024bb78f98a4be4e1dbdd35c3745f83da2d798160d,0x8103b60ecc1280179974703fc07be7e3ef8a1027acc4fd0767a4d043 + brainpool/brainpoolP224t1 + invalid order = 269 + + + brainpoolP224t1/57 + 0x33f0fb63704689cf0fa7c9598bd4e6eb252ffc0d468d3ae8c49802dd,0x41b877e8f9d42db264e68d51cb71d6e6184469fd6653419f3d5eb96a + brainpool/brainpoolP224t1 + invalid order = 271 + + + brainpoolP224t1/58 + 0x738d3b8feb0e38208642bddbf6c79582db63573f4bf45491deef6bc9,0x8f15fbb692c61fedfa2d5118e39dd0bec694aff3480657d984949431 + brainpool/brainpoolP224t1 + invalid order = 277 + + + brainpoolP224t1/59 + 0x909836295b98009f532d0dc4759b9720bccdf4b402bd76e8e7771308,0x166141be404eaa41fcd4168e3f9e52633b262cdf3bf785a0729c3ddd + brainpool/brainpoolP224t1 + invalid order = 281 + + + brainpoolP224t1/60 + 0xbc6aa5aa1517eb6d415ed4058c37303ac88457e441627842aa771bb0,0x9e31be36225fc588b5b1d3569a34cb96b2948ceb959bf187d7b31b82 + brainpool/brainpoolP224t1 + invalid order = 283 + + + brainpoolP224t1/61 + 0xf8810f9ba2ceee73185bdb7fdea5ccff2d32aee98aacf0b03b4c171,0x2e0d47c91c48b2cc18cb780777a5cd345c0cd7495a2be36e890071de + brainpool/brainpoolP224t1 + invalid order = 293 + + + brainpoolP224t1/62 + 0xae59111234e43de9c4411ba969ffbd44b89591673604f9d7e4a4b42c,0x23466b1979aa5fd5ed79dee68b6fb2e24aea45bcfa7f4e32112f3571 + brainpool/brainpoolP224t1 + invalid order = 307 + + + brainpoolP224t1/63 + 0xa7a189b0cac22506728ad20b7af2e57e63857d9d02259ecaa950425b,0x620542e8455d0252ecfe25e810efba09004c147e96af0dfad08bc5a1 + brainpool/brainpoolP224t1 + invalid order = 311 + + + brainpoolP224t1/64 + 0x3fe68769ef787eed76d934207fb64f0ddf93fce600c2f846d68fa326,0x73a1e6429ad1a3387b36ad033f390619d7c542e32b1aa57f6831866f + brainpool/brainpoolP224t1 + invalid order = 313 + + + brainpoolP224t1/65 + 0x3aa0bb5492fe8f666ebec513a670bde51356260ea847f45958d391a0,0x3902f73c1ac2db6650ffc7fa2c30b822e7fb0c42ef443cd89179c1aa + brainpool/brainpoolP224t1 + invalid order = 317 + + + brainpoolP224t1/66 + 0x9e0aa59471a51643d4353dc11d6ee0dfb081840c35d2fd920c5edc32,0x26d59f1ae827fde1d7ec7ca9920c779ac0a4907591e3ff82a8d436b7 + brainpool/brainpoolP224t1 + invalid order = 331 + + + brainpoolP224t1/67 + 0x7595d2d9fbbc1483469882e859e12239a7a88db4fbc65108c60dbc95,0xa94b1a5129547139ac91e53ee006bca58e07553c46e42d8e55209456 + brainpool/brainpoolP224t1 + invalid order = 337 + + + brainpoolP224t1/68 + 0xcdac621d28856291e239968a66e7111c4aec852c9f1b70083f7d44c4,0xb506516b0918040a1551906474c6036a2fce8eacf751b0f7982e7773 + brainpool/brainpoolP224t1 + invalid order = 347 + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256r1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256r1.xml new file mode 100644 index 0000000..c923eae --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256r1.xml @@ -0,0 +1,463 @@ + + + brainpoolP256r1/0 + 0x1dfa86445c71af947a9dce3727724fffdd535853657dc8deac3b6352620333d8,0x0000000000000000000000000000000000000000000000000000000000000000 + brainpool/brainpoolP256r1 + invalid order = 2 + + + brainpoolP256r1/1 + 0x73f20e60ba2d2fea1a72a1784427cc014f48793843899d148b60ea7bc30be5ed,0x19db8691885427ccddde80c5eb2b7e046797bdff63a5da25e13641ed1c03756e + brainpool/brainpoolP256r1 + invalid order = 3 + + + brainpoolP256r1/2 + 0x43745e76f3d702d4b56f72bb2e678112fdd0e72dfd5765f8207305cb1a0c7799,0x6129898d0d4cbf10c7bcb1cd47c32ba410e339ed51b5d59b840eb01e90cc37f9 + brainpool/brainpoolP256r1 + invalid order = 5 + + + brainpoolP256r1/3 + 0x12e06e059cea145f2633b205afe2913c2237c0c4198e853d18c6d52674401e6c,0x8961daa7becc02235c0cd120206487a9a28b49a49e99c94966ee86213da84884 + brainpool/brainpoolP256r1 + invalid order = 7 + + + brainpoolP256r1/4 + 0x238d36807884d384303bd359bd233d3a8ac0ee864c29a7409b4d5b5a7ded2a1d,0x138e4d38c19ef3ab0de6b2514ebfc647a96230985a23ce97556ed659413c33df + brainpool/brainpoolP256r1 + invalid order = 11 + + + brainpoolP256r1/5 + 0x1d75b9d34a646de6db0007b325b3b273f8706c3856b4946c6226bcd661540ce3,0x34963d26ab32fe149a67e2fd26d6a064f072604ba21abf5f5ef58238ad24fecd + brainpool/brainpoolP256r1 + invalid order = 13 + + + brainpoolP256r1/6 + 0xb9f03197a680d49ad3e7b4d40d95340d5e1a46e57e2f961703137eea8e61653,0x681b44c0540f64f8fa77166a1c95002a7a7ae4f53a4317d57800cb3c8146310a + brainpool/brainpoolP256r1 + invalid order = 17 + + + brainpoolP256r1/7 + 0x2d4b3dc4f3d3a9f4f4843637eb1ad271ffcf49bf6a2a837bb89b81920022899d,0x9ec63d7131dad83633aac03d648fc8b9c5016a403a3e4266a7b859337d00c31 + brainpool/brainpoolP256r1 + invalid order = 19 + + + brainpoolP256r1/8 + 0x54d4a252ad665dfd0eb00dda6ad4269773bd4c9d6446e5290afb52e1d268b739,0x6aa07690c1891396465ebba4f8abf49da87aa02402ff2a152d8f9ab466622a04 + brainpool/brainpoolP256r1 + invalid order = 23 + + + brainpoolP256r1/9 + 0x246102cac400868459317e20f72275d4ef9c3be50d6559ca5baf5d3eb9654d7d,0x719e0afb1ca59ce13b614347d54288f5d5be6c99a2cd0ee43e4e446703f3c846 + brainpool/brainpoolP256r1 + invalid order = 29 + + + brainpoolP256r1/10 + 0x1057632da4089c243f6805f8f902a499a135df6350a86a92684fdf7ab6c74088,0x5e7f55fe0a0a34a28372feae9be752589c7de5aef6e673d3604eb390b887ca84 + brainpool/brainpoolP256r1 + invalid order = 31 + + + brainpoolP256r1/11 + 0x16396165ab2606da2361fe4bbd6054f70c2332820d3d0724d013136650ba0f87,0x886cfe98f13db31729732a06a3276ef6b680525622fee32712e66d8929188301 + brainpool/brainpoolP256r1 + invalid order = 37 + + + brainpoolP256r1/12 + 0x20c0b4532cc51ad1d70ad0e080b146b6f20291eee5176cdaff91902a07c191a3,0x421a8de1678b7afdec262500bfa7b2af373ffab0f036fa79f9377dd6e433ae55 + brainpool/brainpoolP256r1 + invalid order = 41 + + + brainpoolP256r1/13 + 0xabbdab45a30470fe34f79aa752b068daa8356a198fb171293109ee87fc5b9e4,0x6daf3a42a1c7f7e3fe75649caf1bbc7e36260a4bcdef5b900fca1b7795a35a87 + brainpool/brainpoolP256r1 + invalid order = 43 + + + brainpoolP256r1/14 + 0x421a05edf78999f525be90a94745de2026b3fa472279ec15fb28f179f4dcae19,0x4d1af98975612d07c09d4900feca34761b62a6e65d6fa6bf6a155cce8932773b + brainpool/brainpoolP256r1 + invalid order = 47 + + + brainpoolP256r1/15 + 0x13a17f21382cebfbe36b81033f6247bc09af567d9553e21195aac3cf86b55758,0x79b6bfab9688ed26d0ef25f3da372345a3d48c1e2957603913e9ef84b41f29b5 + brainpool/brainpoolP256r1 + invalid order = 53 + + + brainpoolP256r1/16 + 0x80070fcc7e01481ac8f408d3fffd8bbb3abb719868ead0629115698dafbb073d,0x4015e9e8842bf388a967129a4a8a203840e96297cc2bac91828e35ae6b6bafc + brainpool/brainpoolP256r1 + invalid order = 59 + + + brainpoolP256r1/17 + 0x9f8dd6b106956635846c0bc4960e73e445afb42edcdbe2db15033a2bce4eac26,0x1d068e7e78aaf606528c9de68297df76e4ea4d2d70c218f4ca75a0c614f1a2fb + brainpool/brainpoolP256r1 + invalid order = 61 + + + brainpoolP256r1/18 + 0x9037f7d00a9efb7e0aa5e72c605cc5519debe557831b8a334b5825a52ce46a11,0x93077171653859db823099a3ad6e99411bbd85c9d38202b53927c7c663410080 + brainpool/brainpoolP256r1 + invalid order = 67 + + + brainpoolP256r1/19 + 0x7360f59ca6ce30f2902a8b319a15c6b0dee06e352856df08d46f448f8d4e3e5b,0x401fb58b2ee90944ac3ed638421c3e6e551fdd26b30116941a53008d30ced90c + brainpool/brainpoolP256r1 + invalid order = 71 + + + brainpoolP256r1/20 + 0xa4dc97e8516eb65df8bf750496f9468cc9404d4f7db95ef751d89e9f59ef982f,0x559b93fe10bb596c854a4f2fc9e48d9eea0913700d019c371f97a513d048ee2b + brainpool/brainpoolP256r1 + invalid order = 73 + + + brainpoolP256r1/21 + 0x28564436629973295a15960e222c422cc752f089dee32ea9b670ce48385c942f,0x6fa9e983567c04ff57e077219060342bbd99d72f5d946ae247a4526d40a18059 + brainpool/brainpoolP256r1 + invalid order = 79 + + + brainpoolP256r1/22 + 0x2f353189524e9fd0ed502753a1916ab8bddc75b52af5030515315d46a434da3b,0x788a79360667cb3a5eb9e92c940c6820dcfff071c2f37c47fa8f09eaf2526fe1 + brainpool/brainpoolP256r1 + invalid order = 83 + + + brainpoolP256r1/23 + 0x82670d6e968b40d758caf2763592dd82474b82d7299c5bddf124440436192b5a,0x6e4f901f0bd0291705523931b86a0fa3ece7091b1a83e73964c34ebaf943d18b + brainpool/brainpoolP256r1 + invalid order = 89 + + + brainpoolP256r1/24 + 0x6612b73523316a613f7849411817134290f31eb91f3ceff32d44425433ad1d9a,0x10289e4e8f6ac21dd0407e803a8766c596652979b2525c4bb4e21f20cb65e270 + brainpool/brainpoolP256r1 + invalid order = 97 + + + brainpoolP256r1/25 + 0x57158e246cfeef4b613ebc62b81a0c0f9e264f2c8a0feef0129d4de028610781,0x71471630a2e2f1193945499b1fd1a98d65601efe9545c3587c1f8cca3f35427c + brainpool/brainpoolP256r1 + invalid order = 101 + + + brainpoolP256r1/26 + 0x5a6442a825d8cd8863c0ac7f5c65d49f7f5317ba6261e407eb21bc46a6640152,0x769f93972e933e19a375432b3a02050276a9db45c26f7e6342d02c2ca81c0e99 + brainpool/brainpoolP256r1 + invalid order = 103 + + + brainpoolP256r1/27 + 0x1fc287c26c926d309027389efcdc83244c5c00b29626be974e0032b01383418e,0x5468c9738ff24f6a76dcfd96448c10ef295486c2101220719335874715a11a86 + brainpool/brainpoolP256r1 + invalid order = 107 + + + brainpoolP256r1/28 + 0x7201a808475376dfd651b8bc07d587c248ffb51a293bc3aeea0660006d483546,0x6891172dfbd066982698ad2eed1487ae471add52b04b4e889e435b8def29c0a1 + brainpool/brainpoolP256r1 + invalid order = 109 + + + brainpoolP256r1/29 + 0x7161b0692df7a68c39f3789c334259668c315aa1cd8d247d7b83a46d6d382170,0x60834a457315921a80ed6c1483e13b5101c583659ce17e9cbf0d381230ec1374 + brainpool/brainpoolP256r1 + invalid order = 113 + + + brainpoolP256r1/30 + 0xa3084e293cbc36389c7641dbd1b9fe978e0d4bf80b0c76e0c1c621c2f759ce1,0x77109db8c35585c9717cf8678663b32a11c9e0ec37ed665a777ec74ed69330ff + brainpool/brainpoolP256r1 + invalid order = 127 + + + brainpoolP256r1/31 + 0x154c511793adad385d0af84aec9b262198bcdadd4497262a2a2c2847b0538ed1,0x4ad1d756c9306e31338b206a6e08823fcc55645618d5ab45f5c279715c17b8d6 + brainpool/brainpoolP256r1 + invalid order = 131 + + + brainpoolP256r1/32 + 0x49b478bc8d2260d3a9364fa281ff419eff122f870f54a73adcb1d60ed57c8291,0x44aa685cad59987ecaacbba811e4cb3bfd7da52cee1f61bf74d23dd45c443323 + brainpool/brainpoolP256r1 + invalid order = 137 + + + brainpoolP256r1/33 + 0x907d254851cdceba689917f23e95d0f97ec4cb1a70e00f61dc0a21f14dda70f1,0xc51bbdc4ef9b0b10c385d1fa1583c2756960d640190e3b06891c4643ded97dc + brainpool/brainpoolP256r1 + invalid order = 139 + + + brainpoolP256r1/34 + 0xb3ca29e79bf55c9f4f902d8e6ef976cfd91a4c11d2cebe829507d9703280cf3,0x41bcaaf1f9e02d469f2ece950730d01f842c00270e489299c4d12af9b257b2f6 + brainpool/brainpoolP256r1 + invalid order = 149 + + + brainpoolP256r1/35 + 0x2568c783e1a4ebf97561b2c36c3779a2f383e4dee79843a3f04edd6deae985c6,0x747870359d26f8d0b1a26ae474a9db1c592ceb30eeb8b5266128e7729de356c5 + brainpool/brainpoolP256r1 + invalid order = 151 + + + brainpoolP256r1/36 + 0x9bda054a5480a7aab51dbb0ec13fa6e6b91c2f7db3062c9c044d45c864e5ce17,0x7603356a3a1584ed3d9fe0b671a6f2cdeae164e724ed4814c4e97c11a6456ccd + brainpool/brainpoolP256r1 + invalid order = 157 + + + brainpoolP256r1/37 + 0x79fc9c58b7d60a40f31bc203fd1662e80ed00b09d4a0e7f40e181e1bd664adba,0x3ee0149f3fed7664461e409e99bdb3e7d516016b47d81544306066019e2a7889 + brainpool/brainpoolP256r1 + invalid order = 163 + + + brainpoolP256r1/38 + 0x1844574eaeefb13283ecf3994fe7f829fd6be0b34e5bd7270f4a5b4a4b33b23e,0x2c6037294260dec53f9e519a7a3c373fe2ebe1e35d8be3edb5422ec2295db6d2 + brainpool/brainpoolP256r1 + invalid order = 167 + + + brainpoolP256r1/39 + 0x34efb77eb6db1db5d3eac6cdcb2fcbe17ad9e73b0fc1cc1bdba32efd0744f5e7,0x5bbe58df3c2bb06a79f08f6099539c36c813e3a10c5f8078bee19f83c282773a + brainpool/brainpoolP256r1 + invalid order = 173 + + + brainpoolP256r1/40 + 0x7ba08b1bf0489edee8915c04185cf409168368da280a1b8f6a4dc5018d99a3c8,0x5b7662ee125843d61fc941a874b7a3256bd6d05906023faa801178018ee388e4 + brainpool/brainpoolP256r1 + invalid order = 179 + + + brainpoolP256r1/41 + 0x223dbcd2e90a33855b6c43a3bd87f4a50a0559ebfd64f72264c051c76ea0dcde,0x9982529575734427c9453b9c29a7aec1ddbacbee1f1af5e02e6a32938959233d + brainpool/brainpoolP256r1 + invalid order = 181 + + + brainpoolP256r1/42 + 0x8106165b89f03e24ddf5eef1f8b8036a392880996bb15f1dc3bb9d3abd165b5c,0xa401c75043208c2aebe531dd9661c6e3d8fc8beba59adc59f47261733b61339d + brainpool/brainpoolP256r1 + invalid order = 191 + + + brainpoolP256r1/43 + 0x92bc20e7aee1d18d017916336ba8c5d0366a429d31033c2801c0f295b93acda1,0xbc03be75c78342563a9667e000744fb8895724d013f08caddcadd8576326cba + brainpool/brainpoolP256r1 + invalid order = 193 + + + brainpoolP256r1/44 + 0x188c91fe6a08837cad3c31eef72411cf16277dba8062d16cff1fd01fd8a43d98,0x8e5102f93db66e44867626315f98e488bef161c25d979388b9d6cdf5c64dc94 + brainpool/brainpoolP256r1 + invalid order = 197 + + + brainpoolP256r1/45 + 0x1c29059ca930ea78fe357cb7c4bcac5a7f93a0b31d69cc13ae93fdd2c3280565,0xa3ad198220a662f46853db896559b52a86b2a937e11fba8469b2a5c406d8c849 + brainpool/brainpoolP256r1 + invalid order = 199 + + + brainpoolP256r1/46 + 0x9aa15a45fd4258394beb3ff8c4e9709ebac688138a8af33ded89a244147954fc,0x6053cc91640cc3b0304a6119bf930fdbfe69f143a37537cb8340a31c5db522fc + brainpool/brainpoolP256r1 + invalid order = 211 + + + brainpoolP256r1/47 + 0xa86083f363bb7aabb79b0757d52a77f3ef17975e7e8e1ac7e19ac3382750a769,0x74372f3343c2fa6011fbde39cdb23e2d253a7d9102e4d52e5769687abda1432 + brainpool/brainpoolP256r1 + invalid order = 223 + + + brainpoolP256r1/48 + 0x40ee75784c7c8fda8f969d9bd41d698d185d757edecc71ccad77e5f3d05ef077,0x85bec6cd7647fba1a2b10241d233b1640a0c414f1be199fbd73ece2a909a9f9e + brainpool/brainpoolP256r1 + invalid order = 227 + + + brainpoolP256r1/49 + 0x5317d56926ab92ae38597afcf2ba6bf20c4fe981421c87de2f50d4d2356b8ff,0x8ad21c1c871e2b68948971039ea6095fe368572180ef360103c6fa5d9230c164 + brainpool/brainpoolP256r1 + invalid order = 229 + + + brainpoolP256r1/50 + 0x33d7fffa35bbfd951ba1a3a974b962f3f8acb0f4b2bfe72f5cc6cc2054b23e36,0x84503cb28c332e2ecd08304f8f09d5f6409dc67d7737991ddea997449c55728 + brainpool/brainpoolP256r1 + invalid order = 233 + + + brainpoolP256r1/51 + 0x147783d06720991b7924fe2013b70e88a45314412d7c535eefad661c15b0cf29,0x158af054acaa8356262c1c5d1108e4af240615395af218b92c9e9c08e981f5ee + brainpool/brainpoolP256r1 + invalid order = 239 + + + brainpoolP256r1/52 + 0x5d2ff3680dfeef97a037e99ec79afd4cac7861fa441c2fe756d8f6494213bc,0x3ba863cd56155d7dd20d37f38e6d977a76eed84233b1240ae2c8fdf210529442 + brainpool/brainpoolP256r1 + invalid order = 241 + + + brainpoolP256r1/53 + 0xa1d8fddd493e393aa6400cf089eb35eedd1688499406f0c5c7af5720c22f6049,0x3cdf880aaf36b9560567420fd3afb5b0540b19c6d3bf6bc9b19834c6ddb53627 + brainpool/brainpoolP256r1 + invalid order = 251 + + + brainpoolP256r1/54 + 0x5e1648b24e5ea32a9a32b51bf3b1bb6b13db50b435c4893c3683f07fb467e9e7,0xef62afba115ce527c39ea43c8d6873f37610878937781549adb9b79efd635b1 + brainpool/brainpoolP256r1 + invalid order = 257 + + + brainpoolP256r1/55 + 0x2799d14a8518f7a1fab3de1a20ffecd2a8315193fbc0ee3f76c8f310d4fe3e6e,0x6efc29bca65bc469b35a26e57530a5d7a540a4e3f37ea404ef9be81043dbf21b + brainpool/brainpoolP256r1 + invalid order = 263 + + + brainpoolP256r1/56 + 0x6c8f4d21b4b6fcdbe67a8154991478ecaa856f33064c69fa1fa132a88fc7e7b8,0x8d499a8f5bd23ded8ce64ff9569eb0e29162381a9065657acbd1713740d3abc2 + brainpool/brainpoolP256r1 + invalid order = 269 + + + brainpoolP256r1/57 + 0x80b1bd0ff14579c4815d29046da3c92eea9c81c30b943f4ef7b3270e5252e59a,0xa2c26dd32ff8f11fdab034947f852596e52273cc37b62d0c1ee26dfe9729be03 + brainpool/brainpoolP256r1 + invalid order = 271 + + + brainpoolP256r1/58 + 0x33cbe6fa4e6f9a779517355655a4a868fbab3a3db5eb1aa06084472b1b29bcad,0x4628d6023f592950770c4a2646682102eee39b79c8dacc74dfd033c868a979e0 + brainpool/brainpoolP256r1 + invalid order = 277 + + + brainpoolP256r1/59 + 0x6d3eb141c8057de9e03e8b6b0bf6f6151f1cf493c45ab7d417f09e66cd1c6fcc,0xd9304a6fff3410873d18e43f44bf4a68740542bb1f936fb6df723b0ada2bc5f + brainpool/brainpoolP256r1 + invalid order = 281 + + + brainpoolP256r1/60 + 0x1440b3342c22e1cba4bbe1b07dfccc41e2be5932a7669cb5048c09aa423cc7fd,0x4ce1634fe91cd5f14b1dcf8e0021ea7d6ecd6dff27d0de98bd90a807894c9452 + brainpool/brainpoolP256r1 + invalid order = 283 + + + brainpoolP256r1/61 + 0xa6369f0480c4f70dd3f567ed53818e568047772d28652edc380b0ca23beef4ac,0x51e105daa2329f34d0164d7d01ce298b3b5b7402114ed3358c9f5d7a37392149 + brainpool/brainpoolP256r1 + invalid order = 293 + + + brainpoolP256r1/62 + 0x99b2d3fe0741635b6decc928a0adbe6eb4c207ff1341d17c44a4c0f08768bacd,0x1ff143051d6725449ca39662fe565da4f538652c99d4735ab43438a8262742dc + brainpool/brainpoolP256r1 + invalid order = 307 + + + brainpoolP256r1/63 + 0x819ab1958574a16baaae369470d83be248afb52e0848c4063aaec4683640731e,0x9feeb10a5d7a68c06ebed042880a0d8bedda8ea8a1790a9e8b8464e394809aec + brainpool/brainpoolP256r1 + invalid order = 311 + + + brainpoolP256r1/64 + 0x64e9fac6040073d7d90764813589141468448de7a6a07425fddafcfb1ae0ed0f,0x3dc15136b28b6dba4fba7daa80ca21f6ddbca2a32c48ee0fa23154c4cf8ea7c2 + brainpool/brainpoolP256r1 + invalid order = 313 + + + brainpoolP256r1/65 + 0x8c387cf9b3d48c218385ac40d2187ffa887f7fabfa17c571ec3dec016515c69d,0x25bff55168a07c64d5a22656d5b83591d2a72dec40f44a2db913d9ee084b7eb1 + brainpool/brainpoolP256r1 + invalid order = 317 + + + brainpoolP256r1/66 + 0x7f0606981cb6e9b1c7a0286f6f49731b24fb5297fbec4f2800b213cf8c3900a8,0x3f899b25363d83f1d08600aad1e55fa2f9f6f148b2d208e69ce15fbe098ce66b + brainpool/brainpoolP256r1 + invalid order = 331 + + + brainpoolP256r1/67 + 0x7816c1eda82c80dc2aa9f2441eac9338d1fa0f84dc674fe63439d356b831a398,0x938bc57a2ea543a013497c9f566f07be23f100c51480bd031aa5a2893f71f3f3 + brainpool/brainpoolP256r1 + invalid order = 337 + + + brainpoolP256r1/68 + 0x27f7837958d5fdb9203ed86543bd413e21aa534f9fb32c219e5fa493294e219a,0x60b3eb690624a881d372c9f8512be210957f07604e0d4475f7e9f3af256a5d0b + brainpool/brainpoolP256r1 + invalid order = 347 + + + brainpoolP256r1/69 + 0x39648e0d1d60cfa163bedf62ca40281afe9d4345263577dc75c554cce3f8e316,0x32fb734a6391cacce655ccf6d01a89142fbaba5d53a3f07e071021ec74532fbb + brainpool/brainpoolP256r1 + invalid order = 349 + + + brainpoolP256r1/70 + 0x54b3cfb752d65d19b8f30dd6df2293b10cc9860c943e39ea46e95ba6e79d708b,0x8582230d29935f8cfabe7fabd24857dc99f63f5c29f114ce9b29532acfe71345 + brainpool/brainpoolP256r1 + invalid order = 353 + + + brainpoolP256r1/71 + 0x3829a635ed46f474fe4e5b31a9d245653890d34a4a58db9be785bfb827dc76bd,0x753e7a74c96a32ca4b98a465d6e19b9db7555dd4124ff4d0b1f568b121c48edf + brainpool/brainpoolP256r1 + invalid order = 359 + + + brainpoolP256r1/72 + 0xa6cbe11da51710351db9db8efe8d760c1331dc31c22089085b1f1585aa23bed2,0x1ac6df7a69675299e080dad965cb2615d1a569d5a5d5c3c30e5435a5545af5fb + brainpool/brainpoolP256r1 + invalid order = 367 + + + brainpoolP256r1/73 + 0x1e85fe324564374ac4bb6b9452aa784376a78c1ebd7a544e59dabff34e434e6d,0x357d6f3b17b77f7dabc3a28d4e3fb6b215f1fee36c7e0d1510e437fd4a0be226 + brainpool/brainpoolP256r1 + invalid order = 373 + + + brainpoolP256r1/74 + 0x55d7cd53bd7775a0cb719e75741efc69d207b7ded1b1a6a74285ecbfd14dd555,0xfdd325700cbecf7d4323bd7cf8d5894f1ca4d80a85523dbd4982f55638fce12 + brainpool/brainpoolP256r1 + invalid order = 379 + + + brainpoolP256r1/75 + 0x635835b09675e8352d0434a2d34aa77170248e28545a1e1d0d394ca9d8a36826,0x7aee9b0e6913e934e8107b14a56a54be9e87b27260befe130ecb69d0b32d2d46 + brainpool/brainpoolP256r1 + invalid order = 383 + + + brainpoolP256r1/76 + 0x6ea1e4e2555e64effcc34b0c4115e5323f3c6e4547c1065f8be34f7f8ca4517d,0x11a8d921a1828535164b3c8339080e8d30535a75968a02042204fe495c6085bd + brainpool/brainpoolP256r1 + invalid order = 389 + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256t1.xml b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256t1.xml new file mode 100644 index 0000000..2f31006 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/brainpool/brainpoolP256t1.xml @@ -0,0 +1,463 @@ + + + brainpoolP256t1/0 + 0x5a6c607732f900c9742380bb80e36dcfb3e750cd04c4cae016686d53580b3c45,0x0000000000000000000000000000000000000000000000000000000000000000 + brainpool/brainpoolP256t1 + invalid order = 2 + + + brainpoolP256t1/1 + 0xa7fd572ccba0a3ce2894ae449052c7f6562007ed44468a703c6c04a2e6347776,0x4c00c1e05297a37094f6041935fdaab2b4cd09270de790d90206cf26fc571a41 + brainpool/brainpoolP256t1 + invalid order = 3 + + + brainpoolP256t1/2 + 0x22949b3c6f76d3349156c820be50c55c3f8a34bb9cb6f1b110c67dd5cb8703a6,0x6b1cab822b53f3ec46b89dcb4c55b81d6f52b190bd3a24f56932785cc9f9d85a + brainpool/brainpoolP256t1 + invalid order = 5 + + + brainpoolP256t1/3 + 0x607d942c11714f59173ef04e2c7013a3de3de7af95d085f6e5e43fce2e2ff143,0x3d876d94b3be34c51559b05538a5001637a0336d7a6960f093c49d6f068e7b16 + brainpool/brainpoolP256t1 + invalid order = 7 + + + brainpoolP256t1/4 + 0x4a9bd1a63938c916f9957175144c0072a6a3799de5ecd23d7c1d9f4b332c22ff,0x2d81971ec54e137cc9f9c37974a5e685a8beee79d095766fcd93bf5927c05b7e + brainpool/brainpoolP256t1 + invalid order = 11 + + + brainpoolP256t1/5 + 0x78d84a05ed07f26ee1c113595bf4cffe1a4789a843b0b58f4f03d3507fe62aa4,0x8518923d390aa85eec5b50cc415477986d92cdf6d518fd8f83e85a0210b1d739 + brainpool/brainpoolP256t1 + invalid order = 13 + + + brainpoolP256t1/6 + 0x59cce39934f1d5cea3ca2d9f054c4a6b88d95d26a8bef892e46b540e04b6936a,0x3441ed840a3f048dec17a5391e172110bedae032daa78060aa69bd5a77479b40 + brainpool/brainpoolP256t1 + invalid order = 17 + + + brainpoolP256t1/7 + 0x38596269036056feabef4778abcfaf703454458615440eeb373f239704cd0111,0x17d5e5005a2eabf540a7a68a97c881057df5372307a58aa3185fe0dc880ab941 + brainpool/brainpoolP256t1 + invalid order = 19 + + + brainpoolP256t1/8 + 0x5cd8cb46c9056dd51f69885e33960c5bd094fe698ae9b5392bfb97fc3c768c2a,0x46c19f30936658d8bc02a1102ec7e1dd1f2c8bd54de91f70003d148a03a5fa6a + brainpool/brainpoolP256t1 + invalid order = 23 + + + brainpoolP256t1/9 + 0x9a3f1aff40cc192b74ad029d895e83bdc081a5898756638e9557ea149ec6e2ad,0x6db576a79db611525b876577b72381636b61a7f146a31494e17800f574f9109f + brainpool/brainpoolP256t1 + invalid order = 29 + + + brainpoolP256t1/10 + 0x9af949e79e678ad794e95c0c95f1a3e3c82d4bf426148d563888babc8d6bc938,0x2251230ee10275d5a925157f1ba3b38954da6e7e04bb6aaf7e43451df328f251 + brainpool/brainpoolP256t1 + invalid order = 31 + + + brainpoolP256t1/11 + 0x9b41b0ce21cd2f02a43d3266ffbb9b3036c4e162e7757d2a214e32d8635eaead,0x641528404069648ae7e93f8cd88717ad52ecf4f6022e5fa2a41a475267367d14 + brainpool/brainpoolP256t1 + invalid order = 37 + + + brainpoolP256t1/12 + 0x5e03031cfbf61b13e1cc05abe189499ad957abb7f47288dcbe9c6b624e63940d,0xa7609c5c0dc753dbda449c9f5cd83b6b98286d3dd93072eec87635e67b17f1dd + brainpool/brainpoolP256t1 + invalid order = 41 + + + brainpoolP256t1/13 + 0xa8d85e8357da11efd22ba80da4bb125f0d8b6189845133b2bc3be81da2de87cb,0xc73e6d8d720a55e1c74206a8662503fc8b487391c29d510744e54fdd98eeb4 + brainpool/brainpoolP256t1 + invalid order = 43 + + + brainpoolP256t1/14 + 0x37ee5be057a90f53cb1d1832854d124ecc8a16aa1670afb4ba0d3d6c5a6dd803,0xa1cacc36a42287ef5ee1ec2ef439e203e4c7ce1d95dd71677c700a0675d93797 + brainpool/brainpoolP256t1 + invalid order = 47 + + + brainpoolP256t1/15 + 0x839fe2c5361e845379b7caa12168faeccfd7ba1a74786a9e5eb8b32471080c5b,0x8bf047285fc2786a9f3a14b73a6d255b6420f0cfd06b05db46a0862ab1155edd + brainpool/brainpoolP256t1 + invalid order = 53 + + + brainpoolP256t1/16 + 0x3448a33dce591cf33e71dbb05c207e359284f382f2e25857813a51380c10b158,0x1f9312b84d1d6b59f09e1c294d0819b8a402ee9b729823033035e477b64ab506 + brainpool/brainpoolP256t1 + invalid order = 59 + + + brainpoolP256t1/17 + 0x6bc572cc356c359d353448471b641b782d82035fe207667023a61579417fd327,0x8e73e0fcb45f4407d50cf430cc983f755e4757631493588363b5899be9c67879 + brainpool/brainpoolP256t1 + invalid order = 61 + + + brainpoolP256t1/18 + 0x2bc7e522eb4016392ca64a27d30eedfbfa20008603a1ab242a917426421b0a86,0x552e59d299dcb70328956da62b88f421b30cb2af163c7af1e2b03310771d2262 + brainpool/brainpoolP256t1 + invalid order = 67 + + + brainpoolP256t1/19 + 0x89674107098344801e338c8fd7bddda5cb0ae4ee938f049ceb51cd47e784cbc0,0x8b0d5b6949bf1b078266359975173f433147158fd79f3ddca7f103bdf16e414a + brainpool/brainpoolP256t1 + invalid order = 71 + + + brainpoolP256t1/20 + 0x8b73de710d59e1a1b456260c01b7698a5c10d990f579114b8026ad753ee6a6fc,0x16fc21b7238bcc8f7938d75b6c0c817ee91b0543e792b39709265a2563a5e267 + brainpool/brainpoolP256t1 + invalid order = 73 + + + brainpoolP256t1/21 + 0xa4987707c0f77d9c6f6c02ca82b1c2d786036f9968c3f156817413ac56b33f55,0x2a42d1b08596193a8fdd8cd163df65b95797c8dbd0efc7e15e29ac8ea74e47f7 + brainpool/brainpoolP256t1 + invalid order = 79 + + + brainpoolP256t1/22 + 0x30bcf4fdcf9cb73013ea09101db9b1fec7f423b83086a327448f1d3deef20884,0x5788b24d716379518c0f70d4e7d1f8c8f0ad7eac74d8ef16b2dd317798cb1212 + brainpool/brainpoolP256t1 + invalid order = 83 + + + brainpoolP256t1/23 + 0x1c4a352bac2efde91d52ad41ea4bc3525d78da0061b04eb08b81912be0a0acc2,0xc7fbe998338b83e7567cee01a88b465c032b8ee6b58c631966921d67b0dd3ae + brainpool/brainpoolP256t1 + invalid order = 89 + + + brainpoolP256t1/24 + 0xa19b9904b07089e30d9511f9fc9a33d5d999ae4047aec130b5fc0e4d1d6a4be4,0x5decb810e726c4522699c986a3d0add0b65f089d07a50158477ada3f125746e3 + brainpool/brainpoolP256t1 + invalid order = 97 + + + brainpoolP256t1/25 + 0x61cd1350205127d6a83c42b424e103bd1c4d804a81ff1f524886f8b719ded2d7,0x17d8f7969f9b850e82b35078c4303b4b6a94c79459cde47a766724a79e83c1d + brainpool/brainpoolP256t1 + invalid order = 101 + + + brainpoolP256t1/26 + 0x461fbc9128ce57e13a8e9414a053c5477d0bcf1889c48f5c0218510d40f99962,0x57f14edee8af46b61a8054a304923c3fad612e3b4d2e0fbd82d8562c49a4042 + brainpool/brainpoolP256t1 + invalid order = 103 + + + brainpoolP256t1/27 + 0x5a4d44a36b9e91778da732db19c59deb3ad1f865eaa8362a0b9596ed4519f417,0x76e32264277f2d80d3fb2f2cd4d12657209b52da7d07e910072bce22749ec14 + brainpool/brainpoolP256t1 + invalid order = 107 + + + brainpoolP256t1/28 + 0x9ac88f9004e16688f8b69fad6d5c7cff0cafc71e43075d5b96146bba1802b2a6,0x1e3b9ca858bd2a136d824e662843a73280a1d208dfb8687d7af0812bab4128a4 + brainpool/brainpoolP256t1 + invalid order = 109 + + + brainpoolP256t1/29 + 0x954e74c9b997284bf4e235e9bbaa0b6c812e6dec53e40e9abaf53191371dae76,0x93bd2ba21577dd1ace8bb4380feb4a037b000901f2d53beec9a5cae07f72deb9 + brainpool/brainpoolP256t1 + invalid order = 113 + + + brainpoolP256t1/30 + 0x55cb623064284cf443708fb2381f2e412a6c7a0bd01d4d961f515c9cb9ecd8b5,0x1985f531e2fc81467456f6ba2ab0e8ba5487e9e41eb9b238a1c2d93644f951c9 + brainpool/brainpoolP256t1 + invalid order = 127 + + + brainpoolP256t1/31 + 0x62e1ff33a8119f6043f3a2e866bfcc65d712d6f652ea40a84a79c15fb08eda9d,0x9c5b16a6980cc92ede28da10d94d32e8b97dd0204164a8156d842d3a5a2ef7b2 + brainpool/brainpoolP256t1 + invalid order = 131 + + + brainpoolP256t1/32 + 0x4fde6558edc810007bd199cc6cb86a6e20e868ce92abf91814da9be34f4e5f74,0x7d0a68dad1a21caea5a4c670f71f5f7774549b718c8b5f820075da8abd697db4 + brainpool/brainpoolP256t1 + invalid order = 137 + + + brainpoolP256t1/33 + 0x8ff9f423daeae0289b2999f7f8f509937ffb536addb6da76e449651864b049d4,0x9a72bb42e61606ade4dbcd23cc6bb22c72831bf637521a22e11f78344a604104 + brainpool/brainpoolP256t1 + invalid order = 139 + + + brainpoolP256t1/34 + 0x3fbdc402d055a8bda9cb808f8ff9bb112b315da546784925b020925df99c6cc,0x9f73b9e859d544caa731ba70c65da08d3e791da4f2913ba5dcca0a811a6349bd + brainpool/brainpoolP256t1 + invalid order = 149 + + + brainpoolP256t1/35 + 0x42124c83f6b5fc8c9d2365b57f8c26ac63ece44a63f046f7eeb3b76daaeea79f,0x1483566432fa48c40fb493d5f7ab64acf98f7a6c1ec4414e6fc56bb0853e7693 + brainpool/brainpoolP256t1 + invalid order = 151 + + + brainpoolP256t1/36 + 0x1fe067d9d508b3e1b870bf5ead126b819378109c9dc826e5bb191c452b0d4029,0x3c6aa149ca021702542da82c227a5994e5de822fb0f70cf0bed041a1b85a2318 + brainpool/brainpoolP256t1 + invalid order = 157 + + + brainpoolP256t1/37 + 0x657fd424b17e5e7e65391bd734e2d123943011f72a551c56c1599a3ae51b752,0x259fe7af5aa7ba34a936ee859ae3b6d730a9b575c9e6603ea34fc083ce89d310 + brainpool/brainpoolP256t1 + invalid order = 163 + + + brainpoolP256t1/38 + 0x524e7eb105a7574233237bd7dce1801e117f96312bae9c89602c7909f99e8cc1,0x4aaa004afeb96096c89362e36fc70eeabaec49bf4c8c88504d9a39e30d23af03 + brainpool/brainpoolP256t1 + invalid order = 167 + + + brainpoolP256t1/39 + 0x9cd62c4af7b178e4c5bbe0c0dcf0fe2fab9f2f0c0e142d9329ef65ff9cd82629,0x6d0b8e74a0b21590d1d9bbd397560f4863e03f2d5fee26fa60ffec551c08ea09 + brainpool/brainpoolP256t1 + invalid order = 173 + + + brainpoolP256t1/40 + 0x683e452aee5e02083ff9d6f6282d5be6fba0fb67579a87612626838d48a5d3c1,0x8f779d4a9115174bf2d203d24ee9be9dadf344d02049d858c2a7a2544ccd8840 + brainpool/brainpoolP256t1 + invalid order = 179 + + + brainpoolP256t1/41 + 0x8becdae261b104d9ee78948780b555eb86cc7035b73a3a367b7f8a1be8cd01c0,0x36de4eee57440062907c8c1284ff925c497c0574c6cace8e4a38805161f11e8 + brainpool/brainpoolP256t1 + invalid order = 181 + + + brainpoolP256t1/42 + 0x9fd3051a3db65b22a45783bdf6eea352907806912143eadcdbf885e6684bccce,0x23bd921f11319c6cf9bc05552af9cf503385ef89ffaf264cbb5663cd540828a0 + brainpool/brainpoolP256t1 + invalid order = 191 + + + brainpoolP256t1/43 + 0x7879a47125532f11cdc3ab241e4fdf55f561f15cbcfdb8e9872ad31f4469a654,0x3a56c0deee99760515aecedc66f41a3bed54d028cd9b417d34166e0da79dbe94 + brainpool/brainpoolP256t1 + invalid order = 193 + + + brainpoolP256t1/44 + 0x861a4644f175a3a3ff7c744ad79c0b283df88a2fc57d04560c9da57263c6653e,0x620b3e2fc29529dd68f8365066e9daeba387f6c4e49ca6f40178dac212a45bef + brainpool/brainpoolP256t1 + invalid order = 197 + + + brainpoolP256t1/45 + 0x76654d65b1f59414f808ce1ab039bb16fa3eaa5d54b907805087daa15033602b,0x3a9852f7397469f48bf80c604fd61632c1a80c433f4c88abab9d3db84cdf809b + brainpool/brainpoolP256t1 + invalid order = 199 + + + brainpoolP256t1/46 + 0x3755a0e4359f9dfc732a7923242916bc1027d7589b459531854e36ce54a9f380,0x361c207aadf235f918f11fe0a52d4dbe2da9daa0a1de96257604ce6a1d9fe7e2 + brainpool/brainpoolP256t1 + invalid order = 211 + + + brainpoolP256t1/47 + 0x91712468bd01e16c5d608a10951d4d82e6ae49ef66485e8754c22cdfc7259808,0xbac428282adb922c0c5ac23f8c0bb9767eed1dddeab194ea5de9ccb1401513 + brainpool/brainpoolP256t1 + invalid order = 223 + + + brainpoolP256t1/48 + 0x3f29e58cf3021c51750dc3350aeb1313ac88e7d52a89bf37bc2238431968765e,0x82b88a3c7644ef59fefd8f4e7595ac5a79e7ff8a0df517e62650269137c78292 + brainpool/brainpoolP256t1 + invalid order = 227 + + + brainpoolP256t1/49 + 0x5cdb6bfa6461215964acc206f6784d348d88ae8c1609b13931cc1ff016e39918,0x11431a024fe5e31a5c3ae2a6f3c51569e1a1a07066a621b6ff7a00e338a0f949 + brainpool/brainpoolP256t1 + invalid order = 229 + + + brainpoolP256t1/50 + 0x95edc8fa841c4363aa75b8b62f10523f991267137bb5df6d44cbcc346035d9db,0xa7704ab03c12c9ebcdf503a9ed47360baea71515c3ce1f226423443b7fa4ecbe + brainpool/brainpoolP256t1 + invalid order = 233 + + + brainpoolP256t1/51 + 0x8e2f2f18728d6051e483bedb07955d63184991866ad5a35db7870381550c4b20,0x1ea625fa3dcb6bbb60e49764b917dce0bfb62358346406dbe0952977eaf01629 + brainpool/brainpoolP256t1 + invalid order = 239 + + + brainpoolP256t1/52 + 0x86b19fe41cafc7223ad4c1b882a2c09d5c2c188839fbe110cd0410b63c09289d,0x7fd7082d7fa6a1ac7e02f13400b6d87b491ad05c7569a12cabc412d956fdc2cd + brainpool/brainpoolP256t1 + invalid order = 241 + + + brainpoolP256t1/53 + 0x213cc55897bccea9e7ef3fd255373572c31327054c3cb1991bc5feaeb6a4ac18,0x52f447384a90c375dea329eabe6bd9307a99fb00f9ab0024155b530c595def50 + brainpool/brainpoolP256t1 + invalid order = 251 + + + brainpoolP256t1/54 + 0x8e66cf003c13d492f5bba32bb933792335379812f7edcb69f61889d09fcc694,0x492bd824e57d53cfd01961703ad0344527df78f8e2f7f0a6f51eb06461f77121 + brainpool/brainpoolP256t1 + invalid order = 257 + + + brainpoolP256t1/55 + 0x6c9ab468738b14366db7e059f210cf62db3e0030bb618432c7600e4a0da17280,0x95ed775aa6852a6d1ac5476820f5b31675f5413dcd9c94818d5148428cb05c19 + brainpool/brainpoolP256t1 + invalid order = 263 + + + brainpoolP256t1/56 + 0x5df0571aabfb0d3cb734ab0f6623cb1a22f0f227b463dbd5cbfa0f8ebfe37b3,0x3a3250e75db55543c76d92eee205349953e7c53d0dc505baf70802805f5c78c2 + brainpool/brainpoolP256t1 + invalid order = 269 + + + brainpoolP256t1/57 + 0x6a6e6fb4944cf3914710662781b1b797c2c29f480c7089a937b8f425e69596b8,0x925f7f49f612d820f0d307085102bcc821b42a5bb794f3c2119210efc79d8390 + brainpool/brainpoolP256t1 + invalid order = 271 + + + brainpoolP256t1/58 + 0x3b0f68153ec7a3641e6693f34cd80ebd20181305b8951ea04911d8022f588b96,0x15c1e08b84503b6b81be5212ddf5385d79d2e09bcb3942eeed3eeb766428b73 + brainpool/brainpoolP256t1 + invalid order = 277 + + + brainpoolP256t1/59 + 0x849652e7c6b2b854ccd9061a3e3c831ef393e9843916e9c20342d945fe2d98f6,0x1b31f4c32947a7568d2c89996abc387f4fa4c0975c06ead210f55be43b986556 + brainpool/brainpoolP256t1 + invalid order = 281 + + + brainpoolP256t1/60 + 0xa1676e77c626b9cc6639fc16c37ea66052077492e9d6aae9944e1b0077344bf3,0x7a35fc808dffee5c839c0cf7c2533d456c22cf55e70ffdad605dd3eb856b70ef + brainpool/brainpoolP256t1 + invalid order = 283 + + + brainpoolP256t1/61 + 0x8b8704dd4a2de21f18c9c24e666db68cbd970e53ba91ae3b023b4dcd4ba62417,0x17af54a9eacdc4e17b6d2b1e2b018d2423097025a44bcbd8efb83d30fabb5bf9 + brainpool/brainpoolP256t1 + invalid order = 293 + + + brainpoolP256t1/62 + 0x9945c8051b24065987583c5484a55883a9744e603f4dc89b9fe23c9c2db25add,0x9130529f0d3a0f229772e0776fbfab1a671359842e61018032dbabaa8b7ec0c2 + brainpool/brainpoolP256t1 + invalid order = 307 + + + brainpoolP256t1/63 + 0x3f7561605d9bcaaac55c6b9d272debd0e4e516a4e4da87fd9d9b7a368b43dc2f,0x67bd85138fd05075fe10452f4bb1853a74a2591e792ce30984d11867d55276c1 + brainpool/brainpoolP256t1 + invalid order = 311 + + + brainpoolP256t1/64 + 0x9784b99751dca1564983e97ea9dc117c88a0cc7d8b4a8fe571b8f767feadbd2,0xa34ee01a891dc707e96a00c75b2f7fb803429290ed3bff15ae8d4810aaeb4f67 + brainpool/brainpoolP256t1 + invalid order = 313 + + + brainpoolP256t1/65 + 0xa556146bf726c3ca53aa8a3ca68537fb886f09b25fd211879e66f2226e4121fb,0x6de75f8799337e816869239255ab88c096ba9a31966c2fd1af73f2fa03962b76 + brainpool/brainpoolP256t1 + invalid order = 317 + + + brainpoolP256t1/66 + 0x35cc0edeae8b75d699f32b85ef7c12b23a5f8f786ca6189199778bc2b55f2a46,0x2445009393346b1ee30a94c91c03e1f1868a500897d64fbd3ab957b6e48874cf + brainpool/brainpoolP256t1 + invalid order = 331 + + + brainpoolP256t1/67 + 0x694ea76457f3856cd64cbffd2e960fa63674555645e49a0eb11c0bb23058fc4,0x3d474292d44f14c6d64200aa49590b1a4cad714d3af2e14f4d6e38dedd1909a4 + brainpool/brainpoolP256t1 + invalid order = 337 + + + brainpoolP256t1/68 + 0x415b636e31e4512853d5bf6df47de12c4b486c2886955c4e629f55d69060b5a3,0x443b41c20e309bd88d055f9a411936a0b8e6bcea417dcbe1d6b72b94e104a8cc + brainpool/brainpoolP256t1 + invalid order = 347 + + + brainpoolP256t1/69 + 0x9e240b3d6b6496ae158cf56bbfe95ba63ea6529bc3f682dc3ae6793aeb0d694e,0x8af416d67c8ff3faa288a852c254643a5bcca430ff5efd0963ac708a3ba13a74 + brainpool/brainpoolP256t1 + invalid order = 349 + + + brainpoolP256t1/70 + 0x5fc1e3309dbf738ec9b2aeff5c9af2bf2690885aff6de496ae891f01a4167492,0x5d3d331b3fe9af5eca003c8f4c5609ec2bae04391f6d5a0245a1c80edf04b39b + brainpool/brainpoolP256t1 + invalid order = 353 + + + brainpoolP256t1/71 + 0x193ba068664636b7ce58c914216dc522b2b1a6bfd3bc68719fc2b6fa3a167d97,0x4f87e3b1d2c8f1761bd09a2707f9cb751e3af7f9102a395d3831ed058caa0e1c + brainpool/brainpoolP256t1 + invalid order = 359 + + + brainpoolP256t1/72 + 0x87cd2d4334ea36c78fdc48cf3cc3e1fc5245743cfc16e9b45b846b21582140e6,0x35ac290a1373e1bc1ce3d71793eda1b812f412865361d2d4d460b5675c9028f3 + brainpool/brainpoolP256t1 + invalid order = 367 + + + brainpoolP256t1/73 + 0x60506d4f1e58f7a3438b2f48e4af695f137b8cc49a4b6d4064c8cd6e4479deb6,0x91beabbacb4c0dc974933fd2093f8080e2ada7cdf70f179cc3d3c9123008283c + brainpool/brainpoolP256t1 + invalid order = 373 + + + brainpoolP256t1/74 + 0x546fc53be826e6ee5ee1c10ae2e8a652ea238b7d4c5045a17fd9fdc423bc9a1,0x4db945865e98861802a29e82cbab586ff44ebb8d9e9252e709eea7c55b9a9d0d + brainpool/brainpoolP256t1 + invalid order = 379 + + + brainpoolP256t1/75 + 0x2a1930deb74c4978954ca46a8ac9bce5cbc5cd0971e79da1d28bbe13eb55c739,0x1ca0a80cb75c3c1fa9a072b1e7455bb4ba6aefae87808f273ff3424ccbb40dca + brainpool/brainpoolP256t1 + invalid order = 383 + + + brainpoolP256t1/76 + 0x57263c50f7bac71c83c727780804b3882cd2ec5d9c95512ded9909b81f9a5968,0x7ea1afb11229579ed50d76d0135a7cdd684ab0a5f87b102fd123b2bc2c66d770 + brainpool/brainpoolP256t1 + invalid order = 389 + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml b/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml deleted file mode 100644 index 3823658..0000000 --- a/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml +++ /dev/null @@ -1,108 +0,0 @@ - - - 160r1-1 - 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0000000000000000000000000000000000000000 - brainpool/brainpoolP160r1 - invalid order = 2 - - - -160r1-2 -0x55303e73394b0da59a85f48ad0ba78deee2df5d8,0x2874a5d9c08777c1151c87cd6d0577842ea68e13 -brainpool/brainpoolP160r1 -invalid order = 3 - - - -160r1-3 -0x4381828db3ae0c10a51074929b60700f87b0337b,0x2a2a76a4af0a96106ba6fe9d2496f1908edd2a23 -brainpool/brainpoolP160r1 -invalid order = 5 - - - -160r1-4 -0x68f115185e91815d9259714e7a7154300b8db314,0x3784f206684eb6c8c252ea4fe5453ff37b93eaf9 -brainpool/brainpoolP160r1 -invalid order = 7 - - - -160r1-5 -0xcc521e5a0366ee48cc37e757b994afee2452015e,0x93e0e6c648b0f0b2e354425025041345beb35b3c -brainpool/brainpoolP160r1 -invalid order = 11 - - - -160r1-6 -0x2b4d92bf08d99b87767e40f46ba4ad3dc21e2302,0x72f3e483e7b2c562fba12bad2402a411af02a15c -brainpool/brainpoolP160r1 -invalid order = 13 - - - -160r1-7 -0x1397bfed0edd4c38019af46c6864d106bc1c7241,0xa78a13e065701c31796231ceeb2200b4459c92ad -brainpool/brainpoolP160r1 -invalid order = 17 - - - -160r1-8 -0x448604062905058037d0776f0111e25d44b1abe3,0x1337a58bb32dd2c34355b47dedce2014b53cb832 -brainpool/brainpoolP160r1 -invalid order = 19 - - - -160r1-9 -0x64d734b3bf25c6546b963b43ece33fdc9347e66b,0xc311a5ed6b51380cada8c5c6658b633c4e40169e -brainpool/brainpoolP160r1 -invalid order = 23 - - - -160r1-10 -0x77c06cb540d349ebe61218241deb813c591f0509,0xd7eb002458fa0c38ae3528c9b3ec5e1117a84ff8 -brainpool/brainpoolP160r1 -invalid order = 29 - - - -160r1-11 -0xbefde0dd07cb3ef5d189b15fd129ec564d194cf3,0x55106a2379e3eef9010f4d11239ea0d83039cb66 -brainpool/brainpoolP160r1 -invalid order = 31 - - - -160r1-12 -0xe54d642cd1c68d018db437fb624b3595a5a9588c,0xae6165d75eec8e22072a0d7b800eae804e9b4136 -brainpool/brainpoolP160r1 -invalid order = 37 - - - -160r1-13 -0x60d871f4fde332d00e183381d0e3cbbc586dcb80,0x10a9f5e2a238ab38a743f52645dbbff2b250a34a -brainpool/brainpoolP160r1 -invalid order = 41 - - - -160r1-14 -0x7e2901c9f5610e4230aa7a53e8553426073458e4,0x3ac1810d4beb3244d62343ea40a23324b67b442 -brainpool/brainpoolP160r1 -invalid order = 43 - - - -160r1-15 -0x6b4d7bd164a2fb9fbb835a5ad5ee70adecf0cb37,0x22096241d3ec1f1ec072e10a04a731380fdedab5 -brainpool/brainpoolP160r1 -invalid order = 47 - - - - diff --git a/src/cz/crcs/ectester/data/invalid/keys.xml b/src/cz/crcs/ectester/data/invalid/keys.xml index 9048518..9aea479 100644 --- a/src/cz/crcs/ectester/data/invalid/keys.xml +++ b/src/cz/crcs/ectester/data/invalid/keys.xml @@ -1,14 +1,62 @@ - - + + + + + + + + + + + + + + + + + + + + + + + + + ]> - &brainpool; - &nist; - &secg; + + &brainpoolP160r1; + &brainpoolP160t1; + &brainpoolP192r1; + &brainpoolP192t1; + &brainpoolP224r1; + &brainpoolP224t1; + &brainpoolP256r1; + &brainpoolP256t1; + + &k163; + &k233; + &k283; + &b163; + &b233; + &b283; + + &secp112r1; + &secp112r2; + &secp128r1; + &secp128r2; + &secp160r1; + &secp160r2; + &secp192r1; + &secp224r1; + &secp256r1; \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/invalid/nist/b163.xml b/src/cz/crcs/ectester/data/invalid/nist/b163.xml new file mode 100644 index 0000000..0528478 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/nist/b163.xml @@ -0,0 +1,325 @@ + + + b163/0 + 0x00000000000000000000000000000000000000000,0x00000000000000000000000000000000000000000 + nist/B-163 + invalid order = 2 + + + b163/1 + 0x45b3d6fcd766c378c2902a8907873bf6b006b8e5,0x1b1c588c4a90232f42cedd09a85b970ce80e378cf + nist/B-163 + invalid order = 3 + + + b163/2 + 0x78b1ec2193620bbf47d97d2cf47c2af6b83598c61,0x3d54cb610d9fd1bd4eb5cc2b97bf4dfd88daf0fbc + nist/B-163 + invalid order = 5 + + + b163/3 + 0x2dbb576b7b45b7cf93ad557338faae805808dda47,0x28e884699de4d91b8cddec085faf1243a7a7efb5c + nist/B-163 + invalid order = 7 + + + b163/4 + 0x7bd5a4eb26bbcf54ae996aabc5d28193ae13a2e7e,0x2d748a6e019f4e4240c7258293f96d98d718a14df + nist/B-163 + invalid order = 11 + + + b163/5 + 0x48674b3dfe157622559a83ac4dcf0987ce6dfd9fd,0x27cb3f98cefa8103ba622f8cacb5262843ffdd26c + nist/B-163 + invalid order = 13 + + + b163/6 + 0x37612f327c129f6f7a61d656e5e2434225b9d3618,0x1c0843a951309d4e7ce80377f0222309c0f873cdf + nist/B-163 + invalid order = 17 + + + b163/7 + 0x1b5a84f9e63c61a65d409253fb524a16fd1229d50,0x5e5b9586971af3c3c7dc586aada78d40b1b2574ae + nist/B-163 + invalid order = 19 + + + b163/8 + 0x68662ba5e25b516c41d3705d9706d15bd430b4e7b,0x49041337947e0036a7b360f3f6bc6c63ff0606851 + nist/B-163 + invalid order = 23 + + + b163/9 + 0x37b31c66c2b9d59711342e5cde75ffc627475fa12,0x5b7bc816e48b42e9b92c327a589760bd301046009 + nist/B-163 + invalid order = 29 + + + b163/10 + 0x74da9e6c34992ef8a849b3f7ee1461524a7e739a9,0x56e9fe0be6371a7a869f577acc371a1ab245b1c35 + nist/B-163 + invalid order = 31 + + + b163/11 + 0x3db7d79370146adc4a8cde807ef6d69ab9e51dd3d,0x2245d22ca457f3ca4f277c0a1620d6489e49fd1a0 + nist/B-163 + invalid order = 37 + + + b163/12 + 0x468312520475cd81b6d5020ded20d3ab86b202f9e,0x6184ae5c52e46ea16708f3698410f8f0f97e89fcf + nist/B-163 + invalid order = 41 + + + b163/13 + 0x41167081e7866cc1d4a519a5014f14c5d3f57be1f,0x2dab5765962b06bdca6de5660f718e1b36286ec8b + nist/B-163 + invalid order = 43 + + + b163/14 + 0x585a273a49648802956b8750d28a4d3b929a4a0dd,0x62535933a6053690db15e68b67d1f478a7e8ca5a + nist/B-163 + invalid order = 47 + + + b163/15 + 0x1434fdbef2072c6c5ff0da7e60e9b05f53bba65fb,0x329eafc1882651f4df79ce378fc123ee00db3370c + nist/B-163 + invalid order = 53 + + + b163/16 + 0x9821fe834eafa79fee668eb5a6051c1eac9a24bb,0x104c1e025660c7793dbcba6df198e5ae96b39d38e + nist/B-163 + invalid order = 59 + + + b163/17 + 0x2f0edfb1c99b770fceb9c0c184e37bbc776f625f8,0x4e3621e11a3bd72b963469dbd1154814f34cec49 + nist/B-163 + invalid order = 61 + + + b163/18 + 0x5d7785bbf2e59886ee4ca0caf5c390f94efff8619,0x1c3bd8b6075123ea36d13e992537da344649060df + nist/B-163 + invalid order = 67 + + + b163/19 + 0x4bff3185d89cf9ac9d7afd3e5a684f638b8915c4e,0x6e899976a28dabf1a4c461d74daecd695cfc88261 + nist/B-163 + invalid order = 71 + + + b163/20 + 0x5e1b875eed86b553a826c44d874106ec3e854a314,0x844512b3e490bf39e58edb4127ad42cd7c1f70fd + nist/B-163 + invalid order = 73 + + + b163/21 + 0x23ce26bb50c35abab339cb30af1ba5cf589908d74,0x413e026b8b9e61caf999dff920968ce38275d66a1 + nist/B-163 + invalid order = 79 + + + b163/22 + 0xc07a8d77f761144c45e014d83580a9fc2df43929,0x497a39580224e73d35b4360f5f0b4d27d5839034f + nist/B-163 + invalid order = 83 + + + b163/23 + 0x61b0e74c976de68c5d4235322f98e0917e7493577,0x5743c688b8e802e1f9d66d64e0407a1017d66d6d5 + nist/B-163 + invalid order = 89 + + + b163/24 + 0x14e8b785d83107b2f7f7f5a4f9c8022b9f9598f41,0x4a9eebd6346b12d92452c26795f620652779f8965 + nist/B-163 + invalid order = 97 + + + b163/25 + 0x3d969709653f1291c4b3c6bf69706b2f7c7002e29,0x130cd0006e90c4f42d500d99fa61bfc486e1d2000 + nist/B-163 + invalid order = 101 + + + b163/26 + 0x482afa949e1421c971f391046b41a73f690ed4a87,0x2898364f116fd7300414bdecc8ebcc3984e22e7cd + nist/B-163 + invalid order = 103 + + + b163/27 + 0x66e2c6ae2142e89b997c6f4293255103a85879478,0x2ef17266d907b9bfcedd59f44b9aa86045cc4eac + nist/B-163 + invalid order = 107 + + + b163/28 + 0x2cdc8ba71fb0fe6d42e71d93b5d40bd862764f7ef,0x2220b2f21952c7defcd525a73d0e3719cf14f7f9a + nist/B-163 + invalid order = 109 + + + b163/29 + 0x323c2b89a9419ff0000536c61221fef8b75241ca8,0x4c80535b8a8de7542660fe3ac5ccb818190d53d03 + nist/B-163 + invalid order = 113 + + + b163/30 + 0x7f603c09e17b9af221434d1c08664bf6c4ec18f76,0x47d6079c8f2d127d0a7d10154e1fb167700d26da4 + nist/B-163 + invalid order = 127 + + + b163/31 + 0x16a894ed2c908395e2249b22cf89c29b454e1bd52,0x473a65a3cdf7f7842b962ff64be2b30c461376832 + nist/B-163 + invalid order = 131 + + + b163/32 + 0x55e2584ec865a738338725468085ac4e46fff41b7,0x27f77c5a048e7d12831a48aef59bd1867529dc024 + nist/B-163 + invalid order = 137 + + + b163/33 + 0x5a80f09508d68f224fb60a79685524d370004d4c0,0x6dc3c9ffef83469b2bcda272698d0f58bf3ae9692 + nist/B-163 + invalid order = 139 + + + b163/34 + 0x511fcbfc4ea3b784c972c693217990a482651fdbd,0x8f5af041a0cd38c8e5233fd337132d0790a64094 + nist/B-163 + invalid order = 149 + + + b163/35 + 0x4370489b8303a1a185002ae9a55caac7fc4488f8e,0x6f730b7215ddd79a24ab0fac279bc3058b5e445e + nist/B-163 + invalid order = 151 + + + b163/36 + 0x3c0ef7421388c8fcdbb4438d1b1ffd406477ab10d,0x268973a502505add6950d91efb775ed1d21df2f5f + nist/B-163 + invalid order = 157 + + + b163/37 + 0x7143aeadd39824042a3d0656a11937d9c66c6f87f,0x72036a351d1294737c8733d37418eb517c3231015 + nist/B-163 + invalid order = 163 + + + b163/38 + 0x224919d34800d87e7ef1cc287b916f67fac637c02,0x81e855181cfbdeb78d4c1e9a8f77625759179d72 + nist/B-163 + invalid order = 167 + + + b163/39 + 0x4bb9f9ac43000b8d581f1ef53a65dd5cd01d9d9aa,0x27292fe1f26c3508040205f4f54e55f3a4a2ba682 + nist/B-163 + invalid order = 173 + + + b163/40 + 0x3c1a1b5fda74374f3344cabc084605540c05c09e9,0x12cbc455ec9e3c563fcee519a009d0f086fdc8e32 + nist/B-163 + invalid order = 179 + + + b163/41 + 0x4a86b6a466036560a23b88553ae4c75e0ccb322fc,0x707c142dd7c74001331a673cf6fdc5280edff228f + nist/B-163 + invalid order = 181 + + + b163/42 + 0x12c1da1e25f230ac4f295aa2013e234b25009555,0x2bdde79422714912a9f202c5a9daa21ba7c694716 + nist/B-163 + invalid order = 191 + + + b163/43 + 0xb96b5eb1a665be0e736909d2083a447afdaff1a6,0x75e1d2a6fd75471c1edb0f571e20d31632905ad0d + nist/B-163 + invalid order = 193 + + + b163/44 + 0x1603ee9c642fb0b9cbbaa8656e74083808b374f06,0x35c10e5af2937eb8d8a7142a5cfd0f2a1a78772b + nist/B-163 + invalid order = 197 + + + b163/45 + 0x1df3e8e973bfffcadb1b8283502ea51e80018282f,0x2937c96d1d2b7ea725344b36838cfe1c9a50b3329 + nist/B-163 + invalid order = 199 + + + b163/46 + 0x151047fe344d875ce435188f9962b564179acc2ed,0x67a8e997576d6ce49ab9750b69cf53de9a2b7118d + nist/B-163 + invalid order = 211 + + + b163/47 + 0x796e06f3edb62f201f3e1072711aa8bb1add55cb1,0x7400274b5cac319f72c86efc0e6d9a7f02e2152b9 + nist/B-163 + invalid order = 223 + + + b163/48 + 0x48b5f12bae904a84754036aaa08125c66d44a8331,0x7b852f3632480dac366234ed3913762db52ea773e + nist/B-163 + invalid order = 227 + + + b163/49 + 0x55f39b8d625db8a36d63ffb0604b6c22291a53de3,0x1c178d597b56c4486414fd6d1ed2aac1bf4253fc8 + nist/B-163 + invalid order = 229 + + + b163/50 + 0x6d08721b3d3db8c311b930c6b598a8ffff79e370b,0x4d6597cffdf635fcd82c491e64c5a4307bf426155 + nist/B-163 + invalid order = 233 + + + b163/51 + 0x756df2063a1eb177dbbc68c62afe4397a11f5ba97,0x467f36e6f170e0e0513f9ec187b5f42f953f7b0f6 + nist/B-163 + invalid order = 239 + + + b163/52 + 0x1960e8d84be8bcc85de5b9ca75cbab4081b644055,0x2f153b8c87011bcaf54e9618df7490c1456035f0f + nist/B-163 + invalid order = 241 + + + b163/53 + 0x19721196faef971bb1d4ed96c6d61f967eb16689b,0x417aa49e946b36194e36605dde0bd82ae54c7d017 + nist/B-163 + invalid order = 251 + diff --git a/src/cz/crcs/ectester/data/invalid/nist/b233.xml b/src/cz/crcs/ectester/data/invalid/nist/b233.xml new file mode 100644 index 0000000..d990881 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/nist/b233.xml @@ -0,0 +1,427 @@ + + + b233/0 + 0x0000000000000000000000000000000000000000000000000000000000,0x0000000000000000000000000000000000000000000000000000000000 + nist/B-233 + invalid order = 2 + + + b233/1 + 0x13a61f298b7e519c7b910134eede4195fd888c1f62939f23974f107a393,0xf8b6ef4601b1d3e6b1879fe7e81a4fd14c7318f6d0491e636567aa8d68 + nist/B-233 + invalid order = 3 + + + b233/2 + 0x146de15ac541eeb2db0c93ba9ad99f507ba180d83ace52cf4f97417802a,0xfd6268bee78aec3a672d864ab7662e65ee846e0f0a14d311d6cc336d1 + nist/B-233 + invalid order = 5 + + + b233/3 + 0x17611bebf3eaa0103cacb7dd06d4a5154b0d428bb20b8ca255876dd7992,0x703553aada662bfea2ff73b660d6ab4c16068b5009532dff97f116ddc0 + nist/B-233 + invalid order = 7 + + + b233/4 + 0x10260e6dfd076cebc1fab83c9dbc96c1bd2685f92d9f6e291e0f95adf5a,0x166a50761a27b9a8254888127e3b4999cf3d8aa75bbcb254d6494043506 + nist/B-233 + invalid order = 11 + + + b233/5 + 0x25c78cde1a14398e7fe4adf0cf94e99b56d534b25f8b17538ba5f80702,0x1749fd4b9633885b5d5bc11b0d438ac02b5d6a0ca85f7a44d61c56c4538 + nist/B-233 + invalid order = 13 + + + b233/6 + 0x6e5eda59c7ae482e532e5acf653145a7f39091e46a21a2738b3cb73209,0x1220025e82726431a53db8549ba32fa855071aa6e99f8058ac253ac572c + nist/B-233 + invalid order = 17 + + + b233/7 + 0x5c4c2bddedf2cea25485beb2f6863ab6f2a073598fb35edee66272f902,0xae511ad5ba50dafedd9c930b62c651bdc71d6dbc0801d15f527660b73a + nist/B-233 + invalid order = 19 + + + b233/8 + 0x1d941f2b318f675ae24ccd0d1483f3896533bce731ece06e5fc3b429a0c,0x6c13573ec2fe1dd96c91181a9d62ea2a195277b187c98e34f7f8d0e347 + nist/B-233 + invalid order = 23 + + + b233/9 + 0x141b9261b0a3451e8bfd6f6635d664dc23bbd4b6f6b818a142f6dff909c,0x132a06a292db906618c725baf9316f78bef273cd8858cc79716cbf27fc9 + nist/B-233 + invalid order = 29 + + + b233/10 + 0x11a3626951821f09c3c5bfc035e615dca196fc92eb582efc86ecf328fa3,0xf666c998b9b4a43e59042fb59ec72a553348a94fdac84ad0ea04732d15 + nist/B-233 + invalid order = 31 + + + b233/11 + 0x17825f6fa1d64bdd1bec4937e8ea305bb1c29195cd8e06fa3f7af7bc98c,0x1098d0c2867f23ba94a06eec1f5332a9d8ffe4ca987a80da4c1a43e02b + nist/B-233 + invalid order = 37 + + + b233/12 + 0x5de91b32d971a5a8ecfd95c92daf72c5b81f00b1f5bbb9c95a857f2796,0x1e58fab4058d731422250da1e26772c627c6f259772dfa12b534c3e605e + nist/B-233 + invalid order = 41 + + + b233/13 + 0xc8c98dec5a06b5a0ac2a9465d86dcdf5b22d1abb41fa4b8ce6c153ea2f,0xe7ed172d04a95c6314011f92d1fb46ba3790c0c9fa4ae73f25126ab954 + nist/B-233 + invalid order = 43 + + + b233/14 + 0x745aafbf0bc0e1a91b339ccb3436c35819b495bacc65a757d268f74de5,0x8674f6ad5cdf5d3eef078f7aa1df59538c30466ad5086f761ed3f97f60 + nist/B-233 + invalid order = 47 + + + b233/15 + 0x90faea35c31b1913233c0fec7de027786823375898680fccae9cdf8097,0x4709283502d7d90bfe03354d43d4ec52b1c308aaf023db5d29dea1cb86 + nist/B-233 + invalid order = 53 + + + b233/16 + 0x1ffd653fc049c01e68c47016c8586b56241b7b2500b1939891cd2e329ef,0x1d0a374d61711553eb4e04082471a18d0e957622ce7e54666aeff6d230 + nist/B-233 + invalid order = 59 + + + b233/17 + 0x1b6f619592c7b815056f145bc3277751c36eac301a74c634937fe617228,0xcf22a0871bc26a05454890e82c182149732d72ca217e48de4919cff32 + nist/B-233 + invalid order = 61 + + + b233/18 + 0xe1d27dfc8f81183d082deabeeaccb34d49abe66a6d1eb34b5e948e0767,0xa9034b2d3204fb9c287773348566bbf625b90297e0bb1c0ab50af1403f + nist/B-233 + invalid order = 67 + + + b233/19 + 0xdbddde662796c524b1f4aa2e3fb5d8067db008566d8152159213c82630,0x1b9c02e503c3c351d576f88390fc446995c1f2edde121836a3944f9cdde + nist/B-233 + invalid order = 71 + + + b233/20 + 0x484dae384338142048d671f3286cfbc3fa41d5822b2058e3576b350684,0x15acb48ca2463f5c0055be83d8fc9f97e00561b8f57e365b85324c80ddb + nist/B-233 + invalid order = 73 + + + b233/21 + 0x334677faca155a8998be6120e200f7ae099a18c89a84404a360b3b9da0,0x1d64fb72c5796a1e41a8bea71cf89cca82333305fb16da4fb444904320b + nist/B-233 + invalid order = 79 + + + b233/22 + 0x8e4ad3ad13c14e9c95b93a8b014a73739a4d3acc8ade3330cfc4b51444,0x14c11fb315848a7c4d9aaa5ef907705d389a42d2219cdac1a769d968940 + nist/B-233 + invalid order = 83 + + + b233/23 + 0x1d0962af6e134d7fd5dabfabb81804e0fcd8f5dd3752b74a69e7208478c,0xb18a2cd7d7540b4642ea7e4f1eb072c8c92113b38dd165e44185998874 + nist/B-233 + invalid order = 89 + + + b233/24 + 0x148ec17a9ee2431be36f1c49a5b323517e6a5c1681a974176c6ce114f5e,0x9810f5b0b5cbd9806ee31617abb0f2def4df180b5a477c2144c706a6b + nist/B-233 + invalid order = 97 + + + b233/25 + 0x19c7e3306323fd7040d789e55872b508372f372b25efa12f81cc03e4087,0x102afeb2eddd38b7911b081f0e098d81a422e884b4dc909c6daa0a41709 + nist/B-233 + invalid order = 101 + + + b233/26 + 0xe4478302364bbcab0bf570139caf4f2698fccb76778a7f6bf8bcda05d2,0xc012e6a2e75e3af727abeb710d6e1c950c6c0d1d2e82277f54ff2a3f04 + nist/B-233 + invalid order = 103 + + + b233/27 + 0xe0e00aa5926e85ed48e945ad3dc08fbdd677a422ec24559d079c73c6a6,0x112f2f830eaa3dca34eb8b11585032e6e9f0233345009d1e7505b978bec + nist/B-233 + invalid order = 107 + + + b233/28 + 0x3c0f3774ee63de1846f71fa6e5b13c2e032a40af314150cd2a4fb25328,0xc7c802d23d895aedb7aac6852e7a724432a11a6bca5bc6b40266f961c8 + nist/B-233 + invalid order = 109 + + + b233/29 + 0xd7c6b7b9d0c06f504329ef1fb5d7b1f7453757779cdc1d2f79a5a833c9,0xa4a97203210d3627e0c9e24061d9bcdcd819deba60e177b4f2cb48e81a + nist/B-233 + invalid order = 113 + + + b233/30 + 0x5e15a61f0d25279caac0e100e03525c7d849ac2ec5fcf3935e566cdd04,0x1c495a2408787296f331a104c3c69b51fa05115b8d2e54f6e587ff427bd + nist/B-233 + invalid order = 127 + + + b233/31 + 0xbb21afe14f9cb7e1adb101f2438306aa885fc815055e91eec9d6e136fa,0xd24cf32294ec6d3565da5eb79838c75892447b54bf7a49b79c9e85a25c + nist/B-233 + invalid order = 131 + + + b233/32 + 0x3944e542d63a37a72fdb50b29eb4c8d494adfa03503fb51d1066c47168,0x116a0ae7be3a949fb1a2e2336d1a4a624e44dfbbf74428239ff97ee9443 + nist/B-233 + invalid order = 137 + + + b233/33 + 0xfb5c14d4e7452d44ce2d382f98cf029a0c8586f03cfd5bc3c1a390655b,0xd0f39e7fe1c5d585b580688fbcf2d102fba3934638dff9dbc514428e57 + nist/B-233 + invalid order = 139 + + + b233/34 + 0xeec38248d3363a60746704b37306d76ba6e8cfdf7a796ccd7cb65672e3,0x6acaa25692e9fdb8f0e2bbc851019837273bf4a8e12e6df0a38ac47ad1 + nist/B-233 + invalid order = 149 + + + b233/35 + 0xc2562d62b3605a31f7afa3f5fd711c5958eac6101057b043fbf18c6cd6,0x6ddaaadabac82cee6a492b3cb2ecee479599d04342fe9509ae9cac18b3 + nist/B-233 + invalid order = 151 + + + b233/36 + 0x16f8ef95d8f22bf720501e73921fed1581430e1ab7b06ddaa5e044cb079,0x89feb037be4b1fc618fd7f957f2350b787d5753e7348922e99a91ba4a8 + nist/B-233 + invalid order = 157 + + + b233/37 + 0x78f41a800d4aa475ef45c589958bb0852114e97b1a2c7d820de703045d,0xd779bb6d8f47bd49ef7212c64b48ec530ab247c6e59de4b29fb90e1c78 + nist/B-233 + invalid order = 163 + + + b233/38 + 0x151157235224df03b15eda11d543f0bdfca29255cae93befae039d26f1,0x97e5f3e126d011d74d5adde85cef50d732e1f19706414e7e04578e8bd7 + nist/B-233 + invalid order = 167 + + + b233/39 + 0xf4a907b89e0cc3a6fa88396d3c9f35ab6d962a57b2de84734fe953bb6a,0x1f013dc6185a80690aebf2585533fb7471ed26e649bd6384dde6d26c1eb + nist/B-233 + invalid order = 173 + + + b233/40 + 0xcb402c2b66394b51001110ad3059fa75d9438dc9a604e12dacc1b47715,0x116b718a01fbdab9b56d76beaa55f305de1a533b2809ed6cdb1409c8f31 + nist/B-233 + invalid order = 179 + + + b233/41 + 0x1daca87abe60bebf2a159cf3e35e77e0c9c74c75319dc2f45c2ea616f1d,0x101229c0ccf9847ca6a58836ff24f0a9a901810257f3b53b8862d03d1f9 + nist/B-233 + invalid order = 181 + + + b233/42 + 0x178341dd2dd67dd8f2a1ab426ba16309e449185421edcc444d85e73107f,0xa539c68d39afd4b470fa7f2a3bfadd0e8a1bbc4625b76a8e0ce43583fd + nist/B-233 + invalid order = 191 + + + b233/43 + 0x16220f7f3527411203509bf61afd5a8b171949091181ebe0b14fa08f149,0x8a6e1dd11c4da31674143f6fbb841b13b129c4449ee9f0d4f722c74456 + nist/B-233 + invalid order = 193 + + + b233/44 + 0x1ff577a6b82f2088e316c733284b14a848f88785e3ddbd879d5144aee27,0x620d782522db8f52a0e218d4d9afc09b5c4e76b523fe7d506094fa8c7e + nist/B-233 + invalid order = 197 + + + b233/45 + 0x7455b60b0d26344fb1f41677712d86feeddb6ad08bfcead240fea9430c,0x895398f3616f864368c2b56a56f8c8b089d7fa79174864aafaad64037c + nist/B-233 + invalid order = 199 + + + b233/46 + 0xb281040f67d8067163a7800667b35fb85cec6f9ffae8fccfa286ccdd0e,0x79d4eb67f6899e8f98bdbe42c2472f89e2686ce45e96043e180709f284 + nist/B-233 + invalid order = 211 + + + b233/47 + 0x10601dc66b747e868f51af10aebea3447c39936bac553b6ccbdee69b08b,0x1a498e6d86ae6307e727ee4e67ee1991c3bfd79f74d5fa46df69a3fe334 + nist/B-233 + invalid order = 223 + + + b233/48 + 0x1837c6bf9a6a02d6d241edf8cfa90ac5bbe90f581dee113567d68862907,0x1bf79288a7cfacd8bc29732786ab5d1af4f58bb29ad97d61fc15757506 + nist/B-233 + invalid order = 227 + + + b233/49 + 0x1b311700a99d6b31d9251efc31245620ec60f202af9323aa9cf8e38533d,0x5a8d1c7c839803e029369ce4b9246eae061d4d73d153a34b06a70bb61e + nist/B-233 + invalid order = 229 + + + b233/50 + 0x1e94f42f0bce9ae4a672ebd1780ff590853d2d96d150fd44a97e7d7c5cd,0xe1d1f7be7b761fe8b1beb36e224cda555d8b54393fc4309e52480c1458 + nist/B-233 + invalid order = 233 + + + b233/51 + 0x10307e2db628c6ff18c50a4dc25b9b11fdd47d6027b0ea67dd325c6f23d,0x17f8d26565fe4f9fd18f2f1c476b0caba04ca1ab80b8214ba27b073b3c8 + nist/B-233 + invalid order = 239 + + + b233/52 + 0x8d0248af4654952a3a2a466969facc49e69d4867426e665540ee62c907,0x169a05a914ceacab932de16d795c1454fc74a28d9738a0823a74005c135 + nist/B-233 + invalid order = 241 + + + b233/53 + 0xb56c6105b2dc5943132675aba5b40929074b443af7471cf194b4b5d881,0x45650ab9b4dc065760eae9f4c3f448a41166c1a73e07980b46fd96d3c5 + nist/B-233 + invalid order = 251 + + + b233/54 + 0xe3f3d96fef27970c3c5ba6ee57ebe31abe446680700cd892e70e1cca95,0xaf6328f558bec54600a0d1a201b3f94b8153c37414b23dbc50c652b3b + nist/B-233 + invalid order = 257 + + + b233/55 + 0x16ae7f6e8c353f11b0f0249f7ada4a932f718b3a3decd2db7591d3c8f15,0x1f5d81df15c8e9bc2c0927823fa69834e95a7eb24235bdcfee523e36ec2 + nist/B-233 + invalid order = 263 + + + b233/56 + 0x11345c0b7ca4a9e3315bd6a117ea4cb0195937bfca72973423590cc651e,0x73dbbd1c11a49a9a5bd699db6f2009ecb772a3653f9f456b3ed57f328a + nist/B-233 + invalid order = 269 + + + b233/57 + 0xcb7db7ebe450db630d9d11f3e78aaf1db1404ffc8fd62240869625d294,0x196248488700595a86886592d902a1ff614d7375ca23957a36316cb9998 + nist/B-233 + invalid order = 271 + + + b233/58 + 0xb1204b44f6dc452ae8dcbb6bf162b9da57fce5883a9d59d11a38e20598,0x172cc9cacd371b24565e88d5d520fee07e4d154ddc595681cb770bc87fc + nist/B-233 + invalid order = 277 + + + b233/59 + 0x16ac8da498b9874d97e0a3f4e31e025d80727b7f51a39c9bc6d589fcd0f,0x29387493d1ae79f2a1a34684cd03e9dda2c3ac0341a3d62b294dbb9cc + nist/B-233 + invalid order = 281 + + + b233/60 + 0x93588d66c3501b0242a694a16fced131970c7d36f305542a320f988fac,0x1b4786ca34ae0a3c075638bc456e9452c56932f5466e3d6eae37965a290 + nist/B-233 + invalid order = 283 + + + b233/61 + 0x2a52c14a2170c4cfb51fc7ae3178a8aba06af950eb9876df4a36a87c21,0x90b0eb0eadcb2aa525e18f82e61aadc6569f5a723e00bcf13e5a97a0b9 + nist/B-233 + invalid order = 293 + + + b233/62 + 0x1d7bf63e3f74777a5ab19abe5b79f9a3e12fb39aa0596b14ded008f0fbd,0xbdfbee7583de11891bbd61704636c5a666e347c32f847113ed6b6e727b + nist/B-233 + invalid order = 307 + + + b233/63 + 0x1df3668c18241829a8a164689bb0daefcf2cbf5b4ac0cc203956e2e0a4d,0x146fc0b29ae85fe07e86195c08f551e93cea75e2a484058d2ea90f5a189 + nist/B-233 + invalid order = 311 + + + b233/64 + 0xebe59683062dd9dcca8ce68d049fd46a75d8bd33390f974e5c3e8e8758,0x19f7805689698d14059b80ba6007cc112d9a693153f35355a5d1e3855a6 + nist/B-233 + invalid order = 313 + + + b233/65 + 0x15437ed2698d53bf0e0512d4a3cf4adba1d3bf6b98e299839354430dc47,0x125b9abc1e1180af80363551e5ce87e84c2d154768dba046db98d0d7132 + nist/B-233 + invalid order = 317 + + + b233/66 + 0x1ff3fe7fc0c131d929b0f209d32488fd839ae43aea783594b406c96dd47,0x13c6190ae1fc24c45a978e5bd95492266521aa33fd1a2b70ffbe2b86ece + nist/B-233 + invalid order = 331 + + + b233/67 + 0x124244e94af744cfd8c51fb9aa310cb0f6c2a9e2f9eecaa838de8e10a17,0x72e4138f50626f9657e6733d188feb6cda6e8192fee3ef55ad5ed34653 + nist/B-233 + invalid order = 337 + + + b233/68 + 0x1771ed15ca630599b4d9b73e685cee69c1da19d792c60831b827510d648,0x92e00d5c743b169fd6518caa3805d951d0015c9f88b754a5aeffbab242 + nist/B-233 + invalid order = 347 + + + b233/69 + 0x7c16da7bec7fe551a76ed180e2a6fce5e27582b5ea54b0b94bd5224831,0x1e0fe02498b1fb08141abc52d2f2d6b7fc132ab6dc610408f24dcf22867 + nist/B-233 + invalid order = 349 + + + b233/70 + 0x1f84ce2bd84fb36bdd5d22146408de2360a60619c236af69598e3b0abb8,0x1908b380205678d7b311888704cd36be535d8603b1d41584e58106dd606 + nist/B-233 + invalid order = 353 + diff --git a/src/cz/crcs/ectester/data/invalid/nist/b283.xml b/src/cz/crcs/ectester/data/invalid/nist/b283.xml new file mode 100644 index 0000000..8d8a4db --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/nist/b283.xml @@ -0,0 +1,499 @@ + + + b283/0 + 0x00000000000000000000000000000000000000000000000000000000000000000000000,0x00000000000000000000000000000000000000000000000000000000000000000000000 + nist/B-283 + invalid order = 2 + + + b283/1 + 0x779193c415a3c0d34c37b9e8b87f053465b922c8d819f43f6b1d91545130d298176ce3d,0x38d3c16e1633d4da8994827f4e8e3ecfd245bdad6c9ac93816a487bb54b734673c0fe13 + nist/B-283 + invalid order = 3 + + + b283/2 + 0x37d13f4d3ca4dec934b2b3138804b29a77da41c39f34bb29558d12203be7f0e86e37049,0x594926a5a06080ff4bd331affa5b59cfda7552a38a7e9c3132cca8aad852e6ca303f0f2 + nist/B-283 + invalid order = 5 + + + b283/3 + 0x152aa9ce607c66a2b44b28311762036b2d3ee9ea4ec79c573366ac662aaf19bc61054ec,0x6e74a7e7368dc3da894478c59b9265eee01b6b6e0784da6c1e7e62bb2fbf365e209297c + nist/B-283 + invalid order = 7 + + + b283/4 + 0x271fd22eb5e7ac3854bf59d0600e20a87eb3b5310ca402e4e41e4cdaff7ca26755bf192,0x1ff5c1b024d3a730c3fd7cf1a2977d43cd639902799ffb8b960341d1ac4cf70267d9a40 + nist/B-283 + invalid order = 11 + + + b283/5 + 0x2a092d1617d747bfaaeda7821996c3b8cd389a55e8d960ae03727ceadbce11ffd61a4fc,0x463511218a36bd118f153d5bb41f1dd8b884707a2ceb0be80ae9ee69d026d1add4f09f8 + nist/B-283 + invalid order = 13 + + + b283/6 + 0x16f68482087c2bddda5168afc00dbfa30bcd2efca2caccad5d51b10c1180bbafab93add,0x707f82fdedaff347a44ee7b115d268dce2c8b2b053776b8c53b2d40af853ef33db3cf5f + nist/B-283 + invalid order = 17 + + + b283/7 + 0x1a3f116c19957e20c3a3ffe04da2564b0b1d19f9983acaed782413475418ede905e4cf0,0x30e1b11b18cb98d6ff9bb221e2c32097ef12bedacbffbf9becb8cc44a61155bd1d937ba + nist/B-283 + invalid order = 19 + + + b283/8 + 0x6b0473c54063241a828554215fffda26ed98d6f7e84fe09b4d67a94b066ce0641d34a99,0x430a3d4df4f29f55066e66b69dfcfd19a2a4b13ab3f2be0c6c7345263de8850b71ab52f + nist/B-283 + invalid order = 23 + + + b283/9 + 0x225dddeb810414b5adfc2cc761efd1d4bd2497460fe61016bd4ec1d1cb654e2f9470920,0x7134e4486e830040adb0d485c0b3b5632723641e5225503a1906dfae4b59ea0204477e9 + nist/B-283 + invalid order = 29 + + + b283/10 + 0x6fa135e4634fee87fcb088f519f05d35a6d712b96d0b82ccb946892022b3d933a70e7cf,0x4d1ca88059c59819aea772f8498a9b433369c2bab128e5e7959d23572b353df0b748723 + nist/B-283 + invalid order = 31 + + + b283/11 + 0x62ebc8ba30dca383ce283a8d6bfa0b30550bc5eef0933381248924000639a8c9d143e46,0x3c6420eacb629eeabd60bed83a4c3ad8517e1e61991d775742bc5dcbf718ae8199cfeee + nist/B-283 + invalid order = 37 + + + b283/12 + 0x2f4543cc81bd449551d0bfc31c4b9f941707cff893c82fbc9bb3e63a7a0c04998d13c3,0x20b3e6f1546b67e8c40484bb89b207ed5acdba600a686a8e407b23339865b0a63dafcef + nist/B-283 + invalid order = 41 + + + b283/13 + 0x423a193fec53465dba0c71c55a6eb5b376ea7deadfd25f73c43440f683c25cd4588d2b4,0x497c847e4e7f2b4690c9e677631e822d455f74a3107d5147ef813d929dad644d5d30911 + nist/B-283 + invalid order = 43 + + + b283/14 + 0x2e3f839479dbb78170690c7ef04f194f6947ad37842f3f1440fa95244f7fa64d951d22a,0x422135f2bcc3dc18aa21032bd462368ff0f45815b94664d5a9d85396a1391c1f4486cc3 + nist/B-283 + invalid order = 47 + + + b283/15 + 0x25aab829e8acce7f0d6ceaa8d2a55d869342df6d8a429a54f141c5d43026052e3645430,0x75a8554a97a51f638aab7a9cf167d6c6c10af0ab2eb7504b917e02e65d0ded0f2da4782 + nist/B-283 + invalid order = 53 + + + b283/16 + 0x486be9b697e87aa12c3fd5de9c8fd68c23ac81095b2e14cd055e45e56e0886a06c7108c,0x5664fb0a4ba93f62d2bb8e381422cfca68c5dfa72c22dfbc13e04a8c0fd548dc3a10cb2 + nist/B-283 + invalid order = 59 + + + b283/17 + 0x68b93138c130c4d8148f93f06c77fc0074d2c7772eeb37dd9a3eb4ef5c38979d787c6c,0x3ac061e69880affea110270e521a3247322815557ea8959b692cc23c5dc8e7ed9f08312 + nist/B-283 + invalid order = 61 + + + b283/18 + 0x5c9e3366f3d5494eb4670fe76fbede508f7ebc2a6a3c8bad5087909feab4358ae73c1ae,0x974848bf262a1ee1be59f7e5a81a979f0ef63333d29ed1d21ba94614ddf907f6bb78a5 + nist/B-283 + invalid order = 67 + + + b283/19 + 0x2aec67bda90b6e51947da6082abc44a0563e12c7deda93bd5d3d2e5f0cd71ca9af67c84,0x710595c75d5e04d629169082538e1014b5e0a554b8b0c765402f8e4d5377876a8a8802a + nist/B-283 + invalid order = 71 + + + b283/20 + 0x78f9b0a80fae8b66c521eae9d68f625e8d922844d5b5d953fd00e66090a858835679974,0x3a0a9600ac3c78bd170000757239563d526e05c60c35fee556cf04e7cb59b5b27d1a2f8 + nist/B-283 + invalid order = 73 + + + b283/21 + 0xbf69153274ed1a81ce9626d78e755cc68f4aa1ed7c6d96b331d2fe79f7bf25c5717299,0x8e0ed0842b1df5dc8cdcb62ac0e5f60b9a58a64a60f183672b7f98d4756052ea10abe7 + nist/B-283 + invalid order = 79 + + + b283/22 + 0x7f38778f2e63af0463a2fd5e19fda1866e9c74d74b9e6957b4df5aeb3c6a74b187cf79,0x6a059ef1357ab447139d99237b878a85c7b0e62a9bb6c1b35327471fd530ab50c80a61a + nist/B-283 + invalid order = 83 + + + b283/23 + 0x203f947e69b4d797300e26f25f0414d6d4eb2092b129b1f1e647567af071ad0384aa148,0x538142081632653d38abb90c112389aa7b1cb31426e9742c66f7b2cd36b8b286730c990 + nist/B-283 + invalid order = 89 + + + b283/24 + 0x3e9b8abb2f3e7da72e5d72d49111a200d253a891cbf890f1b83da78f709b04c56ad6234,0x4b601d4e9fe8d0d96ad339bbad542adb4fded566ae2d350da7a15d3ec1d994d75a60038 + nist/B-283 + invalid order = 97 + + + b283/25 + 0x7f7159eef2ed67a54e10dc165c87a258cc97d27d690366ddb622494be1df2d962f978c7,0x4437102e16c942d832c4169b9742d73f94e431bfae9b48661f8b87c52155273db646a40 + nist/B-283 + invalid order = 101 + + + b283/26 + 0x25247593b3fcab041ec1b817f94773b62c2ccbea9354321749671945f60e57e98788b47,0x33b34aee6adad081c225c1f052d0f0c0cdb3f0e187be87ce3fa0668c131aeb0c3fea875 + nist/B-283 + invalid order = 103 + + + b283/27 + 0x26e774058489e479d0be98f24f26d9e709ffc9dab9f843e02ea357294d5f03414196077,0x69218178fc907fcd4cd22a9b2cf48f26d8b0e35e9dd577d81ce7232ec48e83d8740d38 + nist/B-283 + invalid order = 107 + + + b283/28 + 0x617a10f29294a07d0ddac53676cf3ca62fbb6fdc3dffeaa8ea569b761ffad6be2d770d,0x5057cff525ca5c135a2c4ee5148e4e3dd1d4db1c3d887f1fbbed518f0b280a23858a56f + nist/B-283 + invalid order = 109 + + + b283/29 + 0x32550e2755a589ef6564ca00f50a33549edadaf4ded6d3c243dd5cab76248e0bede9ac7,0x467f5a007aba4fb5548719ccb82c245d95d510c0971d8ed5f31ee6e86af6aa9d63578c + nist/B-283 + invalid order = 113 + + + b283/30 + 0x406de77255926a17b15d8119555ac1ae8ddf2d84ab96eb51be8330b0d173ea362ac70d2,0x13ecd50b43a8b062c9e61d2c2c6f4058ffd892e58eb69b3ae5574f2d12d918ce6c5c15e + nist/B-283 + invalid order = 127 + + + b283/31 + 0x3b1cde83e5cf5d9a88d42aaab8e2083447a1065d2747fc5b8bacc93f46001a06328e5fa,0x7bbaa152649a7342f2cf5b0d7e30079238b4f6b090183dadd4caea336c580966e127410 + nist/B-283 + invalid order = 131 + + + b283/32 + 0x7a6fb99f100cbea439b9c75223463557ca148fe25aaa1c93c1af3743a69bf1a8c550026,0x71ffe60341b0a6b8b39b55c1e9c7a127ad171a4840f7e7982abf200218db8187998ee0e + nist/B-283 + invalid order = 137 + + + b283/33 + 0x333240d76b343bf26568ced4a423848da65b59a1466dfa9f4ca49e1ca88bd93b68616fb,0xbc723cc82c0a4dee174fd5790fa082c6364fb1b4e9a038ad358828d134875bdf7fb1c1 + nist/B-283 + invalid order = 139 + + + b283/34 + 0x6985984f915452fc08eaf0223388502fd5146c6e0aaa0a2ce075c1ee69ed709c3714707,0x70d3e1ebef193964ed905daf78a355bc3bbf4e730fd74c523cdf30a05220abaf3208d22 + nist/B-283 + invalid order = 149 + + + b283/35 + 0x21fae0cb04cfb777c5528b7aaa0b0d2f8c2490341fa1ba1757fedbd1a83eb7c98ef068a,0xa95f7f13ae547973e81003594ab84d14b7cf0c91770df568ae1a24ecde723377bdfb51 + nist/B-283 + invalid order = 151 + + + b283/36 + 0x69c7c94d9e11fae6d94a3f419248ba0e1d62bfc0f24f4d526df9cd7d0707489d8cece43,0x6a0e890e9caceb72ba88162641035a2ba2a0be2c41081d2d85418263ae2ee75f49b984c + nist/B-283 + invalid order = 157 + + + b283/37 + 0x683f02b9cd5727c7119311b37afbd056cec28ce4011f4a6bdcec8222f1ca2404e1d19d4,0x1ce3fb1464cb24bdb950b847d87d0d67f2587964edc8352630d361e9b588e62be995cf1 + nist/B-283 + invalid order = 163 + + + b283/38 + 0x20e43e328f95a17ea4be65ed6568a4d4275d023954b67cd7fb6fcc1d8f817db98d49cf7,0xdd28ed97a4d06a55e054b488151a1862dee0427be38c97f720df01652b14a383c1d03d + nist/B-283 + invalid order = 167 + + + b283/39 + 0x7f06a42952df102d35f0ea3f6438be3e64c24a9c3ab6f9f8f64cda8d0dcb7edab4241d9,0x62ceaae5d01b1342e6e700108d88d9ea8f94a88122fa34e13ff38bc1fecaa555d1d861d + nist/B-283 + invalid order = 173 + + + b283/40 + 0x61e9811646891d8249b80f50376095e68a7a234453fa396b2d9fabce36349bf5d02f2e0,0x1d00381750db14dd2210634e4a8a21fe168441322aa45e8a4f88db4c71e578f107dd49b + nist/B-283 + invalid order = 179 + + + b283/41 + 0x765cd95edc6254f3217dbb3368a286ac7fcfe32040348e2b23a0f2339d40a67a73a6ae8,0x6c8947571d2f572755b36e3e6379f241cf307a939b04a434a2074e9a6f67a1b57544d0b + nist/B-283 + invalid order = 181 + + + b283/42 + 0x1a7db868ec7d5a564fe4fc5c34e83ff39abefec3f6ef0739dbb77a90c437dff0638dbac,0x5bae2e8a1d5d880fe44c65da05c3efb924bb9c26dc6182a94aa883d75cc1c7d5483545c + nist/B-283 + invalid order = 191 + + + b283/43 + 0x902323c53020ded0701b41849b05b19bce3d06f56aad207620169fef5ebb798e417801,0x4a424b06641ec05bc86db1befa0142d3ffaab09ffd7196b25e745028179e92cdd39add6 + nist/B-283 + invalid order = 193 + + + b283/44 + 0x33c0bafeec6c8c380c9134b1e9e1f3183aea3c4590cf3f90b11dc271965ba3eb83ed16d,0x2a934ec1562788d57d23e41eb7b6daf099c1717a8c566959f33805caf61d91c129ecd02 + nist/B-283 + invalid order = 197 + + + b283/45 + 0x221ac15a50a04cc3fee82be8fe906684bf2da74644a2e5f4332a7abfa0c2381eaec77d,0x60b3eadd4ed1669aa9282c9209629e39cc98a4ebfbfed874903c3fa467cadb7dc04d9e5 + nist/B-283 + invalid order = 199 + + + b283/46 + 0xfd9b7191c9b55161e08b95897b2914e62736a5e77a99a5522f594d6c257babd89512f4,0x791a3660eb760a6cbd5c5c9fd7b6e17384b108ce3faec15425675c4c1853a9f5259bb58 + nist/B-283 + invalid order = 211 + + + b283/47 + 0x341d823854fdf93c7acefdcd76fc2cc4fe81654c72d39efe9da6d42e9665d3ab383bb26,0x7cbd2dcaf11a0e9287a572e19129b2255c2a57902b0310330eab56ed6f03d2ed5fefe3b + nist/B-283 + invalid order = 223 + + + b283/48 + 0x463a6f5f6eb8acd9e1ba6b2d22511ed47a62e607ffca881de05c9980ac80b1e727a8b8c,0x278af82017c37596bc1b1f1382c4d9ce345038f77b904e35584c9a650f5cf668ce357ff + nist/B-283 + invalid order = 227 + + + b283/49 + 0x6ecd46254dbe5368afa88b0152a6f35bd57e3e068215b888f86c96431e80ab99e09dde6,0x5f2de25d8691859e076faea519796069738f9ec06413e8261f41494095ef4f33e9fbda0 + nist/B-283 + invalid order = 229 + + + b283/50 + 0x6b20b5dcad5d8de60b61be1459272b29be536f90f3ae964ef060459128951e5a74a5aef,0xa9ae88145df307a1bac2edf6ae46c409480b5dd57cb92f73bc70cd709e6f73cebcb721 + nist/B-283 + invalid order = 233 + + + b283/51 + 0x73f7871894db376e42ebea88fe0b8aaa93dd831bc6c22030f4b7c82ad9a244c13422ef3,0x76bd7597ead6f781a79ce8f8819db6f6adda0a4750d330d0b77f5fa5f8c68a66824d550 + nist/B-283 + invalid order = 239 + + + b283/52 + 0x62e46e74c2e53af85dae1c5558fd8c8fb3f79d037fcdf6692c988f6f58df46440ee1313,0x1d228a4e12fb85460cea9a2ea8b2c4cd2d3194906157191d3021dda40d80999f55b14f6 + nist/B-283 + invalid order = 241 + + + b283/53 + 0x793df16b39ee47a9bacb66560a918e58b8140730dbc9f33960cbc41af093ecbc9760d10,0x3198d52a72198fc96f977007b84b6c8565963332aa27489cee99b5b318cd4878c9216d7 + nist/B-283 + invalid order = 251 + + + b283/54 + 0x4369b393651060e372ecb20b63357dd941eee5136bab6895c7792219fd969efb67fa626,0x63f7c186872a590637229e45dd6d75f540879b0b7d4730807f5211a365023707966cb87 + nist/B-283 + invalid order = 257 + + + b283/55 + 0x6153cb0fea7bf7c023a2de70d5265ce2d2b6ec7037eba43fb98fbeb51481a4cf063e81b,0x7c7d016290f63c044aa63cc1c115fa952c79cafa07b5d9beb87fe0d4ac90f05aae1b763 + nist/B-283 + invalid order = 263 + + + b283/56 + 0x42d0270b15356ace95f11ee5b81e0573ba05b64a4448c41d83295552798af8bc7961a9b,0x13e4d3877100e7447fddcadf1468cc883bb4122b3ddbadd42472ab725914db55a736705 + nist/B-283 + invalid order = 269 + + + b283/57 + 0x265280e6d39e382ca199d6a1ef7d5bb978a0c27f84ce9e7fca3901c8f2db29ad167443b,0x1481094878cd62a731252e59172ef200a60f4d1b054631e422f892cc61a6677c4e9808f + nist/B-283 + invalid order = 271 + + + b283/58 + 0x20dfdc3f3f67aa0015d0565183c117868d9694a188d5a24038cc65e2d84fd7270603c8c,0x6eb4749c4102c98b511e52dd7a3931ebc6cb463ad03932a330878542912e95d88814112 + nist/B-283 + invalid order = 277 + + + b283/59 + 0x659a4e55b4ac1d62d14c0c53300dddcef75a40bff76a4d741e05827ec4547ad58e4de98,0x7dd8933042a46fcfc2e5c45de83f0ed6bcd1c52e39ee4427d3d8719a121be1426a68e48 + nist/B-283 + invalid order = 281 + + + b283/60 + 0x45aa971cc5ed1b1a56bc195b5ccb4f886916e4ea6c1dfac99fe2139051acf3fd16d06de,0x5de6dac1a923a6b061e5b32f6b57a5c4c9fe73caf13cfe499c12194eee7f2dcdb9c9df3 + nist/B-283 + invalid order = 283 + + + b283/61 + 0x130088a907114aaa34aa39059cb461506a872d0a0d25b1e6a8bd325dcdc287c8da2e9c5,0x1e343820d57b4838f1129a56b90bf4bcbf651ee0ffd16fce241577c8a6ea6e35ed282bb + nist/B-283 + invalid order = 293 + + + b283/62 + 0x7ca612e322d6870162a673ebdd6f67974368db7e66e45132d22cbbf00987e88aa29761d,0x34846538ad144ea55e8e4c63833ac130ca99fdf50443c145d96ff2a33ffa76543b9a0fb + nist/B-283 + invalid order = 307 + + + b283/63 + 0x40701cd44834cb567bcb41a9403ea03f6afa71f2683deccfb7c9e619b39ff8495d0dd4d,0x34795b48595f0ec339967624ec3706392cc88aaa59919ee9309993dbf501c457362f8ca + nist/B-283 + invalid order = 311 + + + b283/64 + 0x712fff63ba8e1d59c26b838d98f4328e981400eafac50c5a60ada6bc44802b0ff1a4858,0x60fe5667ab12ae49dc1596f62fedc825df052e085605ed49b60a7c7565b24ad296f1e60 + nist/B-283 + invalid order = 313 + + + b283/65 + 0x2e836679a914cf63f8ff95f326555c67d465dee1912c0e341e837c7fce107c8f7f192d9,0x73260ed1c19dedeaa4ead2a83d1a61fe159fcd73e6b4a26fa87967028db7b6cf9b4aac7 + nist/B-283 + invalid order = 317 + + + b283/66 + 0x343e85fd37cc47fbdfa92808fb1efbaffb685d76c5a164214991a776fae225bc2af5662,0x7d3e9f8578ffcc4ecfb0e0122ac5c1e98223b32ab7b10f92628281dcdc1a5b6a7a1cff + nist/B-283 + invalid order = 331 + + + b283/67 + 0x4b0c72fba220a9c62d01e0cb5c6416068b25161dff24cc94d7978ba6549254ab471bca6,0x4ba2b148f6d248b0d4698fcaf0f86367f44db9dae1398c4e5bc9b935c1ff1d4bcaf7b62 + nist/B-283 + invalid order = 337 + + + b283/68 + 0x5691ea4ace4e6a6c07b446b06299bddd2e54a80cabd2d88e4e970e718640d516edeecb1,0x2d43cfce6aff06c52568985a8e9e56c6467d92a2d1d1304de66e16bec1a94f99b31a616 + nist/B-283 + invalid order = 347 + + + b283/69 + 0x2a0ad1766fdec21d914dd4abe6a5086fa34fdecfb53b3e231950360f9a040436e86b7ee,0x6a2e2671dc3aaeddb261591ffb0d84928c987f2a809e28d98ab8dc89a8d22b12fac7a6d + nist/B-283 + invalid order = 349 + + + b283/70 + 0x7aaaf8f52a6924f37c5424d27a7cc0969003bbad4af560e9e17a42b1008c86b6ad1621c,0x2a62a220df144c4da621b008838a6861675d98ec39484c69c9d95f2315944ed697fe4c7 + nist/B-283 + invalid order = 353 + + + b283/71 + 0x75fb07766947a3204f605e058fd88130561c4fd95ca136d38c7fe7964329e9756c7f632,0x3ea7651dd694e345c34d0c4aca1401e9e96bbd9760158dd76b691ba8cb619dc7840fb74 + nist/B-283 + invalid order = 359 + + + b283/72 + 0x7be5fb1c73f07056d19bbb8d201b4c92d6488e1054c35ae2ef9df5f9bdd5d7ce02299eb,0x31e7a9295c4f19324d0d455454ff69c33a6890b3dcfa18e0dc776572bed8aed4004cf33 + nist/B-283 + invalid order = 367 + + + b283/73 + 0x4d7f5b8c2eef6a3ca195e92276b79c9090609d9448d964be2ba9ebc1793dba3b2c7b09,0x16830ca772d9c96a6a01efb6624e9864275f0792e5b2d0b60ae2d0deeff2ba0d837d896 + nist/B-283 + invalid order = 373 + + + b283/74 + 0x7edcbe1f3d610cdd018597d78389122733b22f0a41dac394db45c0c46b835b1d71ab12e,0x5951ff19691e93ff27446a1dea9f2aa6347c290b7f50ba0777edde63c445001fad60ec7 + nist/B-283 + invalid order = 379 + + + b283/75 + 0x65c729d7f61139fbe759be3cee769ab95d08a136a9fd545f20a7d972a239112e15cf3f3,0x70e74af3ec0380c129bf4742710f47b966a78a033f9ce5b14e88a45002d818329c7fd83 + nist/B-283 + invalid order = 383 + + + b283/76 + 0x513d61373d78ca6cdda79f6298e08702fcdb619ce1493f1ed76f4cf22118816c4257aae,0x7276a32ad4054de563e21ef86ec0520785a2dd5816480db9291b6c4ed728e601487a019 + nist/B-283 + invalid order = 389 + + + b283/77 + 0x7ea64416b7e5c4f206a8d48634dd3ca860bb446b461d9b5946a5c71346c45767658dfa1,0x1564ae32bc6baeaab67cfc87204aa1daa183dcf2f47fb6d74f733d87900e1343edd858c + nist/B-283 + invalid order = 397 + + + b283/78 + 0x4a4e83e1f9c9000a6a1f2cae5eea2bc365919d7e5dd54c3408aa96c66c0574aa552844a,0x5470ff52f0046b54061ccb0271939499743cae5edfc9cb1c8ac01ac9dc1f8728e56021 + nist/B-283 + invalid order = 401 + + + b283/79 + 0x401910133e4dee00a43c663d692345a84c2ebdd288db2e83ea712a17d6c3e4cf2fd1840,0xcb4dce0552ac93f9d14e062bb00503e44325a0323d2449c54ea0f63786b9db139d3696 + nist/B-283 + invalid order = 409 + + + b283/80 + 0x4162b540ca358555104c31200c876ce4f0fc347316d5b037265e6593dd4e1f0631c56a5,0x413245d7bbe2d358f71116159320c452fb596feb70e7ec9bdd9a691476f3a5c034c7bfd + nist/B-283 + invalid order = 419 + + + b283/81 + 0x218149b619e455e54056dd0a822ff01671d65091d630c06b5c492c86c4d6db7bd3babc9,0x607515ded6d4b424e8e0ad3e35873f7f7673be71639681bb1a5c2abc962e6ce74ac6d66 + nist/B-283 + invalid order = 421 + + + b283/82 + 0x24a130051a5b598e0e231f798400df676c5a2f6ccd84573ae5c47441c5ed65bf9991d53,0x5c7024abeae8ad4d5899b7dd025c135127d45211780ac5512033fb62e26a1cbd445d93a + nist/B-283 + invalid order = 431 + diff --git a/src/cz/crcs/ectester/data/invalid/nist/k163.xml b/src/cz/crcs/ectester/data/invalid/nist/k163.xml new file mode 100644 index 0000000..ae4efc6 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/nist/k163.xml @@ -0,0 +1,325 @@ + + + k163/0 + 0x00000000000000000000000000000000000000000,0x00000000000000000000000000000000000000000 + nist/K-163 + invalid order = 2 + + + k163/1 + 0x7ae172096ef461faf74b167ce85c69172bf83be8e,0x39a323b9cf58f1d93b34c22a410e483ad88ad2fd8 + nist/K-163 + invalid order = 3 + + + k163/2 + 0x57fed3954476d4154a0724e4a0cf168d121c397aa,0x4da7d3a1f7897b395698b282dcff999d5abb15124 + nist/K-163 + invalid order = 5 + + + k163/3 + 0x28c42859c3070ecd2cfe3ccece08fb8eb50ca9079,0x50f823bc96b23c7982835305c6e792c4953b5cc50 + nist/K-163 + invalid order = 7 + + + k163/4 + 0x3d71ee6bdd35c854d0349940ae8a6e790a24a5e61,0x15d70a4b1e2fd11b0604996e4353ed5fd4f313b75 + nist/K-163 + invalid order = 11 + + + k163/5 + 0x4e1538f88276d915580b6dedffe34fcb10af63326,0x33317fdc52c146be042a5c0e826d9d9186843f13c + nist/K-163 + invalid order = 13 + + + k163/6 + 0x7e3c2b73496db537b43f9566501a3c509887f53cc,0x12fcb35ad9e8ec93ae78460a0546ae80c8f2645 + nist/K-163 + invalid order = 17 + + + k163/7 + 0x419b8a01fb28523088100647c336ff2089bd6071d,0x132db3289e526e6bbabb95d964361350ca42c2fbb + nist/K-163 + invalid order = 19 + + + k163/8 + 0x721f4ada90b02dc6e95216f85bbdb4d5a2bf08254,0x117328a80b45c43f1ece7639fea23a31ac1b86983 + nist/K-163 + invalid order = 23 + + + k163/9 + 0x204ab1429c0f090f8048e0ea807e2d116209665b1,0x7f7ace820fdff791d2133af214b3495535690fb56 + nist/K-163 + invalid order = 29 + + + k163/10 + 0x2ff03f381ef24a00e9df514b4e8b4c2baf270bc10,0x51aabfbd97f726d713fd784938bd94c441d565e23 + nist/K-163 + invalid order = 31 + + + k163/11 + 0x21c9f0e6d473c4a10262f2d16f9afb4905d404aeb,0x3f70861bb4e071409fdd7ea601607bdf01f8e009f + nist/K-163 + invalid order = 37 + + + k163/12 + 0x758cc28f062bc91b264e46ebc389b885ce0773121,0x7cbe9f3e52e52e76c6a617837cc693f3fd75881d9 + nist/K-163 + invalid order = 41 + + + k163/13 + 0x1658f9407cea1ce114e4f816187df57d2302a5da4,0x1152a87ee8baaa48fb11aca8451c9aee45ad7edf9 + nist/K-163 + invalid order = 43 + + + k163/14 + 0x1f162cf4d0a5eb71bd304ace21ee744bd3e262ebe,0x4860340d67e525e92e04bfba5e6114aa468b535b + nist/K-163 + invalid order = 47 + + + k163/15 + 0x2f773c3d82717ee684c49587869b400b45c843642,0x3af4adc783d2a013dcff16fe41b2ad88170fe08f8 + nist/K-163 + invalid order = 53 + + + k163/16 + 0x4df600f39bb49c246ed7c6477d304b9d022dac62b,0x7536b27cae5cab302775ffe13b6eb2e0923aacbb0 + nist/K-163 + invalid order = 59 + + + k163/17 + 0x4e49dd1e0da3242e92316c8477441a8fa01c2bad4,0x350ebae2177979faa6907e348a6802773610eb0bd + nist/K-163 + invalid order = 61 + + + k163/18 + 0x33f28f48ffb6dc2e4d8d752ee4de6faf8f8626b36,0x1496d4abd17ef95c7750d4ec86a2d158c3b602ac9 + nist/K-163 + invalid order = 67 + + + k163/19 + 0x3a43712a11475ee1f4631a699ae34aa86d105a940,0x1267c79cb580b3198e29c9199c6b957932d213abf + nist/K-163 + invalid order = 71 + + + k163/20 + 0x2ca647249e2a13572df59a22d1878a4671a9c9be,0x5632dbab230be29975ac059b6bb6f5ee00e1714fc + nist/K-163 + invalid order = 73 + + + k163/21 + 0x5dbfa1b44d6984cb9c51e9ef59ff2158f8941e6b1,0xa825db948cdc7d3d93f3ab51df2b3f372d747b3c + nist/K-163 + invalid order = 79 + + + k163/22 + 0x4307cc2c9b20822fa1967b7596805621f2695d156,0x145d76be145905f4d78fc6c14871fd0b868998158 + nist/K-163 + invalid order = 83 + + + k163/23 + 0x462b532a7cc4b6e6191e784732713d0448ea28dc6,0x72e7978852e17c0330494b4bea23681ec4954ded9 + nist/K-163 + invalid order = 89 + + + k163/24 + 0x764f3fe54ace84998d9e188721f56f40551bb0fdc,0x227391ba4d03259c62b22254804d222a2a9a701ae + nist/K-163 + invalid order = 97 + + + k163/25 + 0x7dd6bfb18e715d37753ab109ea87adc0697ce2b05,0xe3aa74a10b1a38e746932c82b39106326f9f9247 + nist/K-163 + invalid order = 101 + + + k163/26 + 0xe796873bde33109ba48dc3c6bbde46679b8acd,0x1319683af2bd39fa71d68a0919a6c92df11b1e0c5 + nist/K-163 + invalid order = 103 + + + k163/27 + 0x1a1d6e8c6437b08366e04b750081703e32d422432,0x189c8bdec90db00b915563e5374864bb16f38c220 + nist/K-163 + invalid order = 107 + + + k163/28 + 0x240855798f8585441919cc0f099bfc1fbd0f94099,0x4e4c74631e6fe3b6a83a8677ac376acc614119b9e + nist/K-163 + invalid order = 109 + + + k163/29 + 0x963875e3dc6560148c6e7f644ff25297051046cf,0x6cf0a43da9a62ddbb8529028f8a7cc06f30cd4e8a + nist/K-163 + invalid order = 113 + + + k163/30 + 0x13e441383291dd95921d5ef8b35299a0d2bc04872,0xb2f6e5726f0c29a71233be44f6276d2b94ad5648 + nist/K-163 + invalid order = 127 + + + k163/31 + 0x657d829869083e194b74ec178aa9f240599f8e52d,0x3cfc11433d0c4bbe1dfbd8d91869e20efa5e047df + nist/K-163 + invalid order = 131 + + + k163/32 + 0x1c01ebc988af5c70dd0c75e0a2b348173d8ce7f5,0x5869a17e48d87d17ff700d6f628372a7c22260ecf + nist/K-163 + invalid order = 137 + + + k163/33 + 0x2f2b0b3036e807c90a266d1ba2318204feb59b7be,0x42c7c6df82a53bea60ad60654bc9500217b5593ac + nist/K-163 + invalid order = 139 + + + k163/34 + 0x781c91afdc3c0751c425f331eb3a6afb7e376044f,0x71196a4a86dbbc75ccf372d20158b8cad91ce0716 + nist/K-163 + invalid order = 149 + + + k163/35 + 0x7caf54cc2bb338c18ae8eb96c4b695a4d453ab94d,0x41e38c4c35b264f5fc0d874167c8c8583c10255f7 + nist/K-163 + invalid order = 151 + + + k163/36 + 0x58ee7e528716b5cdf6205ffe06175b87ef6a9846b,0x683dd173b7e650510c563ecd884dff7b99ea6f8c1 + nist/K-163 + invalid order = 157 + + + k163/37 + 0x5a2d624c51ab39b73c5399106c444e08bd39e366e,0xf4ab5b06e367ab09538ab32fd175bd296882e3bf + nist/K-163 + invalid order = 163 + + + k163/38 + 0x3f336d7c29952d370aecae7b90a8b1e951dfe8f3a,0x21a9c25c158c57e4ecea978f6b44881daf404ae48 + nist/K-163 + invalid order = 167 + + + k163/39 + 0x2d3305a2d3469216ebdc2c2ff779afc04a012abe3,0x47f464df98cec545a82b7d358ae875ab5e37347a3 + nist/K-163 + invalid order = 173 + + + k163/40 + 0x30c2c794f889e72ecee25d5ac5c1abf0939fa87f9,0x5f2d6c263224847c58706820dd3e7bf7c5d2e0787 + nist/K-163 + invalid order = 179 + + + k163/41 + 0x5be67c51e14feb41639bceaf9ce8cfdd6c3e58168,0x4676ec0ab03838c4e6495c76563b572d2a0cce2ef + nist/K-163 + invalid order = 181 + + + k163/42 + 0x6ac6188a225b467bf3c52259b10b580cd8b50040,0x4aca2a58fefa61cb2095c17ec28136b3e6911347f + nist/K-163 + invalid order = 191 + + + k163/43 + 0x180872dc72ac55748324c3f5e284d13faf0924c67,0x48895028a1a0a639400ae5f64ab4075f6cddc97c + nist/K-163 + invalid order = 193 + + + k163/44 + 0x7c6ad13ec3f441bf9b044ec5c6dea2d97931ba055,0x48aebb47664dcb5cd151c1a0a75794fb3bd95576b + nist/K-163 + invalid order = 197 + + + k163/45 + 0x7ddf92a5fdae42abb69ac16effb5b490bcd9d227f,0x54cba3811aad6a68bc5315cb4a7211060cbe1fe36 + nist/K-163 + invalid order = 199 + + + k163/46 + 0x3159acd03e5cb566183271b4cc69e233d10f60aa7,0x6c225da0617fc30fbcbfe7316317b8fa604a7ae70 + nist/K-163 + invalid order = 211 + + + k163/47 + 0x150d07395554bb30f89c2ae1b077c2d08db17cf19,0x1216494f1a85627594e98352c2ae5ffd717e0d754 + nist/K-163 + invalid order = 223 + + + k163/48 + 0x5bd14dc19215e372e27db63bf7ad69077db7ecd2e,0x5c9470edff53bee9be27070c25da993a6b63fbfeb + nist/K-163 + invalid order = 227 + + + k163/49 + 0x1369e74091a56b27baf27931ebf227e69a09eeb00,0x5e404b5c0084c117fa8db37c42e2f5d606c2ea92c + nist/K-163 + invalid order = 229 + + + k163/50 + 0x244683f23734bc731d0966bf901da5a75643b6757,0x1c128ce1f126926898a5f47be7fca98401ef8875e + nist/K-163 + invalid order = 233 + + + k163/51 + 0x4696b2286a4c2adf90d504ada7f932b947ff5c1e6,0x4fdf518b9c69045f0d7e7fe732299c3587c9373f1 + nist/K-163 + invalid order = 239 + + + k163/52 + 0x50d73d1c8de565612a4db976427ae43c155c4e29d,0x1eccc79d0eaba13263ef9b133561ca59d7b1bbc75 + nist/K-163 + invalid order = 241 + + + k163/53 + 0x64a96d22b4b43a307d4a1282ddefa701f75ecff39,0x5528cff88e88b2973b507f0d50a9a8131f7f65a9e + nist/K-163 + invalid order = 251 + diff --git a/src/cz/crcs/ectester/data/invalid/nist/k233.xml b/src/cz/crcs/ectester/data/invalid/nist/k233.xml new file mode 100644 index 0000000..56332cb --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/nist/k233.xml @@ -0,0 +1,427 @@ + + + k233/0 + 0x0000000000000000000000000000000000000000000000000000000000,0x0000000000000000000000000000000000000000000000000000000000 + nist/K-233 + invalid order = 2 + + + k233/1 + 0x665910471e7c8069040cd6c56f155108e98951c42a8715229ec1b07478,0xc2ddbb9d27282bb89ab53ca60c5bdb1c870b0b3cc77a2860961b84ed63 + nist/K-233 + invalid order = 3 + + + k233/2 + 0x1b28d9d1c625d693013e63222ae2f28eea9de53667605e268b446c69a99,0xd81ae0dc707dd6a7ed7c1ad13d149a8b671ccb1450a8e4eee29629c3a4 + nist/K-233 + invalid order = 5 + + + k233/3 + 0x158298dbafe03ac28cbc7a2c4494f43f453593f6eb2162663e2cbf886a7,0x1ba54211282501a8c76039a081972e17c15d634f828aecca69bae916813 + nist/K-233 + invalid order = 7 + + + k233/4 + 0x8050533a5bb38c0575c0f569a698dd4aec10752e7b2a9899b439259877,0x1886464d57deb6726c0798f2e21dee8e57c6563ba4efe172a313161d91 + nist/K-233 + invalid order = 11 + + + k233/5 + 0x14da58bffd9541bcd8176d66fccc440864c56ec8da466e102b1f621ad94,0x1ef1bc065af5a8eb5b99b449b461ffdfd25d7b8a34436734c60de8446e + nist/K-233 + invalid order = 13 + + + k233/6 + 0xe0d800fbec84ecc512f35de8c6a5363aa35c21cbdbf51ee176cd625f7b,0x5a75cf71da3f079ed663e8334d04f49a19cc337ce3955efd0d11f8075c + nist/K-233 + invalid order = 17 + + + k233/7 + 0x1a2b7512c32d10d1965bb7fe2a737fe59f7db2ea455617d0191e84b6445,0x16dcd68bc3a9abe5a00efbf930f84dbd676a4c595314088669976dca20a + nist/K-233 + invalid order = 19 + + + k233/8 + 0xd6814b441bc498c9cbcd375b6a4d54f1f732f2628f1509650ec647ad87,0x13cc74e4b939b446b63c7ff6b7e7571fa01a1432bc7958a28773ae64bff + nist/K-233 + invalid order = 23 + + + k233/9 + 0x193d8ff00ac50effd52134acd2f15c51e452727a948b310c367328dcc,0x1bed4420061e99f86f9e4f87092dde4f9a0f8ffb91164f175619ed01f8d + nist/K-233 + invalid order = 29 + + + k233/10 + 0x128dc1bb2c7f691269c91c2c3a97375352b4ae89aedc3e9b70c27e8cb37,0x15f05aa4e9437b4991b2532f59aa91784b4cc3edb7df747447b33cb5b31 + nist/K-233 + invalid order = 31 + + + k233/11 + 0x71e34b19c6201b3d71ec452af201eaf8639c37f0a0100cfe1bb78de703,0x733c5ea24a38b2c2bfb7ff73d5df7f926421671fb60a1525574f8b400d + nist/K-233 + invalid order = 37 + + + k233/12 + 0x13bea689c338fbfdf713b1ff8d71bf5580c700cbbbf911eccb765520cfc,0xf6c0ad7dd750e8ee565dcb3a40a3c07c21e111c8a91c2ff2776fba6516 + nist/K-233 + invalid order = 41 + + + k233/13 + 0x9b3d92f94ae04fa0f83ca0da7f57ddc4cc528cd77381a7c3657268573c,0xec46a8e3eabd81376a808ccec0a098e3544abdd6114a4aafdbbfcb2397 + nist/K-233 + invalid order = 43 + + + k233/14 + 0x3fa2195cd936ea8e00ca032b61b855790b8d6354f26dfe9b577553f8fb,0x44e64e8ce820c5555cbeedeafedc0e1898939db86f1c60c0f9d89f9fbf + nist/K-233 + invalid order = 47 + + + k233/15 + 0x1619638dfc7d66ad6d28b49b4e66d2293f6aa1d9aa57ddc4886de0317f3,0x4b92e3c95d4087215a644330c11c3364782b09a2414263f7ab8df90d76 + nist/K-233 + invalid order = 53 + + + k233/16 + 0xbd6d464d93d162a372823080998b761ac66de8bf4ceb4f1a3091697945,0xb12d5ef510c99127506af2067eac58c7e3dccac4349795ac3ea6008e58 + nist/K-233 + invalid order = 59 + + + k233/17 + 0x1c5424b19abd81a0bac3371c4e0a3364350a9126f359b178560f4fde00a,0x32a99c3aadf52c6ceedb9b786dc6e5fa3db8b769922f86baddbc7c4c79 + nist/K-233 + invalid order = 61 + + + k233/18 + 0xa7c293e9677eb6b78d05b0cd42992fe21e74abfd00bb1402bdcfc9c6b4,0x1e4b93345b4c0cde539aa980998447567ababd8b62bf3c309882180d0fb + nist/K-233 + invalid order = 67 + + + k233/19 + 0x109f61ac8bb31f61e910c8f081a03213753f157b06de71d3da460e8bf02,0x1cb85fef71d116dadaf4cb08a6fa7bd9b044cbc9da4d46bdb6ee8c79fe + nist/K-233 + invalid order = 71 + + + k233/20 + 0x1cb157a75ba450b59b6d214c7e0cad9bdbe640cea05c0a617acf50a53d7,0x64fd4ed91ed4089e71c1d299f935a8743505b73ed6725e24d277566c20 + nist/K-233 + invalid order = 73 + + + k233/21 + 0x13b849674baacd6a03daa62d2d1909f299df47735d6911bfa1a8ebdf31b,0x497be0480d5e672890d73fd9ab83e891c5bdc5ce22e73079d708dd4d97 + nist/K-233 + invalid order = 79 + + + k233/22 + 0x8450d7779fe02fbe0311f842da5681032aaff9402b0d2c439c207c854c,0x1f57464bccdf31fb004f315e3960a3466a5852fcb15fcfbacef0f95fa90 + nist/K-233 + invalid order = 83 + + + k233/23 + 0xdfa2f479313558610b47f089572dbce1c3737cc8d41f907c47b896068e,0xb94423bf46ff2581652bfd16e621678987507053095596fb103368a9a6 + nist/K-233 + invalid order = 89 + + + k233/24 + 0x87adc0a66a15da581182a42c9018218502813a151c0c4a711b4e124d99,0x6cc9cd9198191cedc27a3d9ada6f56a799720fa9cce56b403165ba0170 + nist/K-233 + invalid order = 97 + + + k233/25 + 0x3759086db1168f4dbdb82a8ed8bfc81c471c838e6894c134179a30fd91,0x8919a53ddfff6cc766b46bb44d1a9e6aba434605162f77c812f45167cc + nist/K-233 + invalid order = 101 + + + k233/26 + 0xaeaee6bbf3e5db3666c68833f45fa70acfcae0cfc47dd52e8f9cc047f7,0x51ce23fbd60e86ae8b024bd3fc7cea2903feb09cddb37b998e4337b287 + nist/K-233 + invalid order = 103 + + + k233/27 + 0xec34221ea56f7cba306d293218cdcb5b779c748f7efe6f04af292d64b6,0x6991b62bf8950308d3276a4371e2b3d447a06332a778d133982380c298 + nist/K-233 + invalid order = 107 + + + k233/28 + 0x1b3e98707e5fea3ea2e9af10fa2b80a69da00044bae4131c534de67ebfd,0xbce8e3d468c29078c94b603a6f5904d0c8dc3e788e8aa036883e54c6ba + nist/K-233 + invalid order = 109 + + + k233/29 + 0x13334a5a14c1c76db51a9c2631ab8ecb7459be4b7f9f83bb9dfafe4f5b5,0x543f2a0b3c73eb03fb7fd42001a932cfa9483b8f6128fa82e3d7385a91 + nist/K-233 + invalid order = 113 + + + k233/30 + 0x253ff4f67bdca75a25d07f725aaaeb721ecbd6a503eed131903fd2df7f,0xf83ff87668775647e56a5a34ea56993994123bbe7ecf9e33f11ef95f1c + nist/K-233 + invalid order = 127 + + + k233/31 + 0x1c6c3178990ef63b0d80dcedd8ee60a8fa3690cd1e2cfa1fb1da0b0e274,0x6b3856de656973844f666b87fe84381680f3f4e57e46969b92d4a5a800 + nist/K-233 + invalid order = 131 + + + k233/32 + 0x1280b5cf701d2d3e2e070a1b53aee76fda1e28395fe7559bb43b9f76fd6,0x1ca372d4eb9580f4b1e05815948cf6b2d182d696b892ad13c54fd13a845 + nist/K-233 + invalid order = 137 + + + k233/33 + 0x61f096f7841265275bdd459b13f4232f995ba0545103eb228883cf8bb7,0x6d485bcc52137cacc384e46276969debc22fe0c29dd5a6f369214decb6 + nist/K-233 + invalid order = 139 + + + k233/34 + 0xf80bfe6b38d3e179dacab6bf20afacee932b94039c58520f323d1a2189,0x11eca4d5dec4e22f4180f99afcee1c8eae6ac864484c152a0e454eb6bef + nist/K-233 + invalid order = 149 + + + k233/35 + 0x15d62b25ac88bf56f1289055eea46cd2600ed16bf05f10b5e3002f5c31b,0x3e163c1182c7ab31f1ada5f34e7e9ad014550db98fb01bd33f4f63c7d + nist/K-233 + invalid order = 151 + + + k233/36 + 0x10cf0e5722e529b777a8ac57bc11fb55836c542fe23dd9ff2e326c2831,0x1bd34ec7982de5a7290c7f17a7d5d99c035abf3a54ac1cfd15dd11fcb19 + nist/K-233 + invalid order = 157 + + + k233/37 + 0x111b77e99b3fab22fba1d28f214a6feeb0d4f9539f34d3401ee7511aa4c,0x13bb7d343a1e3f7834d12e4e25d55dbccf44498e2222e12efe3fe4ec072 + nist/K-233 + invalid order = 163 + + + k233/38 + 0x1809d02b28528f2a605e1c59b79c262336fa8fe54b7a6ec901f0e7e0295,0x160c58b96c23bd34cb1336ae409933f5b088e0ce3ac7fe7a0df2b406dad + nist/K-233 + invalid order = 167 + + + k233/39 + 0x1a482b426161d2517af9a33eb392d2bc07d9b44051fb209f76de41c2bc1,0x1be48f5e6546195c453a646f631ea003044ee80d12062984e29c84c13ba + nist/K-233 + invalid order = 173 + + + k233/40 + 0x10481fb1a84ad81a39a0e5c7ddf76a06110ddf7a059dcc1faa272febc1,0x1f4a3edbf9dd7394bec4345f1a406b9e603a8ba051b8e8846dbc6efb4fb + nist/K-233 + invalid order = 179 + + + k233/41 + 0x40d7ca7b4dc19ef788b99fcd071a0c528c43fac1af077ff3dd90de763b,0xb3dbb8d2f52c0ce8dc671d8f3e88f9aa81553c5022c464f69bfe41c01b + nist/K-233 + invalid order = 181 + + + k233/42 + 0x1b515fec3d612339ef64182ab9170b31f0846c097674dce4e65fa25cd7a,0x1e61bbd05569e358b48d9e0092185c6c929f0dac0e319f11bd88f98b825 + nist/K-233 + invalid order = 191 + + + k233/43 + 0xe5ab97b9baf539437e5121d0c7bf5c5a27981ed3754a097d3f70ea2c14,0x1ada3138dd3f0b6619886364d7aac358345a213fa0c5329cdd4f80bceeb + nist/K-233 + invalid order = 193 + + + k233/44 + 0xa72b6e55e1671dc3495682c3e61f59f42f213d138c743b28cb47acee16,0x1660cd9b3bde41058737fe268f190e56f650b7a26d69d54d6729ee5f7cf + nist/K-233 + invalid order = 197 + + + k233/45 + 0x1f4fc414e30e6a62af37a9f2182ec257040cfae45dbabbd91e94854372e,0x439167fa5ef5268f7dec7e283b0bb0901df3a019e2d05522cda022af + nist/K-233 + invalid order = 199 + + + k233/46 + 0xfd92f8cc957799a6992df609b4b4686067296e55c7d40fecbf2ae73446,0x1a1b81ed1c2343fb871140a35250f208f7b5866d707b9eaea32f201bfbd + nist/K-233 + invalid order = 211 + + + k233/47 + 0x862c30c196db1ff2cb5c2a0658ce1dc71fc9a1c806c9403a0bdb7124a8,0xe27b48f59e5c2b6d80ab13fbf731a573379f6f0eec2137f15db3d4cfa8 + nist/K-233 + invalid order = 223 + + + k233/48 + 0x15664849942fd80559f6106996263e873a84e443ad6326a94d87afac60e,0x1fc71fccaded3864613c51319cf82c590025ae8a8cd1bc599dc068d6cf2 + nist/K-233 + invalid order = 227 + + + k233/49 + 0x197a0e7c5be80f7d93585ce09b3ad6ddd1af17b120944d8f901def9e57d,0x4a8d32875236444c95646768552bc22f50ae34d2d233d861c700aa8718 + nist/K-233 + invalid order = 229 + + + k233/50 + 0x31a468a02abf854bcfd030a4e0bfd428651d53cb979acf79bb886c9d53,0x14b7dd1a68001c25947182184d76ad901f6f52da7e9834867c742532f42 + nist/K-233 + invalid order = 233 + + + k233/51 + 0x4ffb6c6c40e18a26c86ae9f454efbc6a11cd5b7e2045a0ba1c27fdd73a,0x1524360ad03e1191faeb9da9f45cce204221d06d4eb6b5de21a8c572b92 + nist/K-233 + invalid order = 239 + + + k233/52 + 0x17dd43136faec3526ef448ebd1bcb57e532cff31eaa2251cb03b40ab1f0,0xb43e5518404f534e7d5607a22d0d69e364a0ae0edcae133806555376be + nist/K-233 + invalid order = 241 + + + k233/53 + 0x166fefca250ad4b636d8fa99303c8e9b7b1daca1d47d08173948c4806bb,0x16524e665a5edc829a767ca6fbbab76a252028f85122f08296956ccac76 + nist/K-233 + invalid order = 251 + + + k233/54 + 0x4aa9b7e02161e984051d587f09661f391d3a3db225b6283070412c4c66,0x1ca90eb55786a0555976dfbced6160f1dcca52d051c8f12f138ff268e4d + nist/K-233 + invalid order = 257 + + + k233/55 + 0xc351dfccee35e89ce463c7a40f521f46a0777345237a50c487d88e962c,0x106d0b50d08c7c16107767d8ccac32238dbd2539317487d8f8fda44432a + nist/K-233 + invalid order = 263 + + + k233/56 + 0xf0d2b7c68e062b70aa8b51c745bdf4e941d1736ec4fca525003c1684dd,0x1723f640c4b75aa4b98f5ef3e08ac2bc64404b1c843d66408db71beebc6 + nist/K-233 + invalid order = 269 + + + k233/57 + 0x75b00fbe53ba943498601e5b3c1283684dcdc923e011a44e738de58a86,0x490c152282d6cad043ebcff0303ccdea1cb92bd2998746d3319a500908 + nist/K-233 + invalid order = 271 + + + k233/58 + 0x15340e79b9913116f2b13dcdf19dce4e862df49bb24526c355059180f8c,0x1426db6fd4183ab0d0cb10cdb89104907da90c0a56cf77db0f5d52f1211 + nist/K-233 + invalid order = 277 + + + k233/59 + 0x12869ab756cf31b721eec0b6bd3a1b5f66858150bae5bcaf156dabbc265,0x149731cf7d13202a338fce6f903049c14ff13bef535418f3625f9b3ebf3 + nist/K-233 + invalid order = 281 + + + k233/60 + 0x1bcaedec07cd7804abdcaed85ae15406fc7717758f06a77c61b5d5ba73b,0x3c809ca8961fe74476a678238f097ebb685677888306fdb616642ba12f + nist/K-233 + invalid order = 283 + + + k233/61 + 0x79a405e6eac612c9e76fb540b41ed73fe31c940d642e101cf1277a5d60,0x1451e53092911841afd8c9e3b3b0515b44680840b874ba347a2debd7c1e + nist/K-233 + invalid order = 293 + + + k233/62 + 0xf5a3b8d0544b10b7a0cd95bf931acfa23d3003a0d85eeb3eef0715bb0b,0xaed1ccfc130cbcb46ec7f923ff68d2712226588967a3fd7b469b3431de + nist/K-233 + invalid order = 307 + + + k233/63 + 0x11de1b82bc3409a58758e2f5f4e34dab9a52ab98762577657f10cfe5533,0x1886640e5b820404753c11995ddff63ea6e9cb16f9cf6d65dacc243aeb9 + nist/K-233 + invalid order = 311 + + + k233/64 + 0x9360a0162c7e80b22f9bbd251e4dad4de143957703844f8b5cc6dd8691,0x1551f1dc308d1ba13a4c567c8d9ba378050540d3659d888dd1fb925aee2 + nist/K-233 + invalid order = 313 + + + k233/65 + 0x11b7ca56f15932a072c2974d893ef13454a60f4540db009367b475d5d0e,0x1ffc609a5d34c624949f09838f4371950dbc79dff0aef485c6d3c5f5f4a + nist/K-233 + invalid order = 317 + + + k233/66 + 0x10c1c2585b0b77a3b9726996f090fa83d937aef46c4800b39632f29e3c8,0x1749ea8aee37239d24a71ac80b40352d16ef03192e6c8f9c7a1756a8727 + nist/K-233 + invalid order = 331 + + + k233/67 + 0x14b01a5c4b4154760ba46f00e2bd40ad9c96fef6da596a8ed1fe8050fd,0x13b9db83176fee073099294b4c15e1dc2fb65fff22499ba187e96862128 + nist/K-233 + invalid order = 337 + + + k233/68 + 0x57f9ec1cf4c06588b90ed7932b614d0446a539449ee2b2e8548b38c30a,0x132995ab8dad93de7e37b459e00cf693fd500cf0f3a76351d80943a58a + nist/K-233 + invalid order = 347 + + + k233/69 + 0x15c9d67e834aeea98c852dbde13cc0007d8004becdee67676cae6cc5630,0x1c1e9662b93c85c1255f70f0df15534a08898db505140c36c7dcd1ef242 + nist/K-233 + invalid order = 349 + + + k233/70 + 0x15521da657de63d02cc03dcf4a1416d16e75d627e2660358b9fb7658d1c,0x697153844ab2917d908b756529ee8b8cf6ef7b1bab46ae7f422b57a899 + nist/K-233 + invalid order = 353 + diff --git a/src/cz/crcs/ectester/data/invalid/nist/k283.xml b/src/cz/crcs/ectester/data/invalid/nist/k283.xml new file mode 100644 index 0000000..34a794d --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/nist/k283.xml @@ -0,0 +1,499 @@ + + + k283/0 + 0x00000000000000000000000000000000000000000000000000000000000000000000000,0x00000000000000000000000000000000000000000000000000000000000000000000000 + nist/K-283 + invalid order = 2 + + + k283/1 + 0x3520239d5711e6da0766bd315b6bab3e9b3dc861018cd18be176416633de044405f68a0,0x24dceb466657371942f5e8ee691285b54e1fd6c624592bff1ff0bf3f1d1704d4dcdb0ab + nist/K-283 + invalid order = 3 + + + k283/2 + 0x1005789e764397c1cd351854505cfaaf02522a1eba9521581416db7e103c5cfccdc7a3c,0x72e96807a5a395fad9544c91d927dbff547cfc59ce1a79268eb98e1cba2a18760d02835 + nist/K-283 + invalid order = 5 + + + k283/3 + 0x5db42ce8d49b94354cf83be446f6a852f13419d567bde4872954feba26ab90730b0ba7e,0x67ad7bd0a19ac54d7a18d10c3758cd82a724be53258ab486f1d04a21e9c763fa8a8a0b9 + nist/K-283 + invalid order = 7 + + + k283/4 + 0x5023aa320422183f2f5b54ec0e43077321a76cb54c4ccbb2a80433c4f5b062023bc08ea,0x7c1b1d3b352bf0ae6bc63ea9fea78511c8ded6b432ba6aca48d5be9682e7e88ea1f678e + nist/K-283 + invalid order = 11 + + + k283/5 + 0x2b83282f33031ecf864d7381ad97bed0c5731c0742d4d08dcf62f9442551f0cccd23cda,0x3e3aad26816adbd0da54334a0c5e0d533442c3f50e1ef1bb6775fed51fb431cea6539b6 + nist/K-283 + invalid order = 13 + + + k283/6 + 0x69cf151b88c37ad012667207ac96126870ef533f6ade97b7e599e5187e4fe862f4852cb,0x11421965bf8fadb99d7842065ef8b534f8c4b0b2e8926b778e2db8ce18e4377ca687840 + nist/K-283 + invalid order = 17 + + + k283/7 + 0x31539e2a896bdafe7667552705e3e5a3b239ddc5dfc947fdd6e156c2d647cc0cf260876,0x6511462b1f32edf3d97aba01f11edce3ac09100d6f1d88a96fdd3b9571b10642f3584e8 + nist/K-283 + invalid order = 19 + + + k283/8 + 0x2a9bca8a330b05ae93fe1d3a1765e217b0a0b1d5ac33964a56a82b0761feb0ea1e14e5d,0xac6dafc567e9deee00f46f85c99ae0e2833d85f4ae2f93da103e31bb919d9511d0bc13 + nist/K-283 + invalid order = 23 + + + k283/9 + 0x204bf246ac49a43786011ed88294ef64e81d619c2a3adab1a1d5486374297bec4f5f417,0x5047e68a57270f5d06151e5945a21a1eb5ebf7003eaa8f7cc0a73e151cac393be42555 + nist/K-283 + invalid order = 29 + + + k283/10 + 0x66a58d2c5e5f359e07b8aba0f51bf265506ad6ea9056b4960054f97d09ed804b2fd832a,0xc3a94674299e3f172c0dcdee6862564b066cbdd0d7ea8ec3a56b4a4b888645021c3dc8 + nist/K-283 + invalid order = 31 + + + k283/11 + 0x4e986c1d88aaccc3ccf9c2127c95ee94f62a3da616520d4d576d7760d6da5f73746079,0x48dcee8e0060ab212e41e7e0690716cf8f08a95da4f04ea5bff9d0a53ff1082490ea227 + nist/K-283 + invalid order = 37 + + + k283/12 + 0x1cae445b2514fed0c5de888af2bc78ca2b027afa89fdbf4369dcbb8ef72dde0a4a11e2b,0x68dadaac2b5f3f4537673f15ab60bedfad85ed572d52ea5ca442588c04f8d1381ca798c + nist/K-283 + invalid order = 41 + + + k283/13 + 0x5f7d635e6746d7c9eea829d04d9745048695065cd511a58b8464d24a44fc5e71e1def95,0x76ca018a1e1c2a70adc6b71c0962bc0c9ea2d1547c5ca144707b69eee89568e27203b9d + nist/K-283 + invalid order = 43 + + + k283/14 + 0x75da5e02dbcf8aa297d29a864337933da2ea4878a3204b48bbb61382534df18e42e277b,0x28be753fe94b786153bb2cf39d99d003ee21854cec804c94ea80d4921ad8242459b33c9 + nist/K-283 + invalid order = 47 + + + k283/15 + 0x746ad67f584bfb0966b460415b2f759b3cc26b170701330c179112be3548d37f834e855,0x286f49938aead51f1b16340fb7e4c456d277b631258d3b23d0bc61eab287bbfc37664b + nist/K-283 + invalid order = 53 + + + k283/16 + 0x40f67d68533c2e8fb935fbdb961e97da93a6b41a563d328be0f7741d0fa8bfeaf20c400,0x70bab7b93f1da2a817371cd811900e1bce63c8c45036f01a817c4cfcaecead368a39261 + nist/K-283 + invalid order = 59 + + + k283/17 + 0x6784fd10e5f7bd7ffc70f6985286d763ea5210b7d9900d92f5f7a7924ad8323acd7b21a,0x197adb44a915cff68f134cf7195ad98ccfee67347ae69966b7e223507da0fb4c3195e4c + nist/K-283 + invalid order = 61 + + + k283/18 + 0x205aa25a9844d29700a7265e241c1a812f750e4f2482f2f8b26aa093e5254bc46752e77,0x2fea8b057b083bbc332067f628dc16237f01257dbd4375faff91cb699eb4fe564370c01 + nist/K-283 + invalid order = 67 + + + k283/19 + 0x36cc5407e19b9297b0b15658592c9318b2dccdc4bbea7ea130edc793185c6b1f839d9d,0x5728bbd3ac6b74ef047fd5e4bf96e54597bb73801351e8b6a35217ea5c050cf32fe2006 + nist/K-283 + invalid order = 71 + + + k283/20 + 0x139a00b65d9f55e36e6b3f49130a1d3df797b225f00c5ff76d7ec0b29cebb8fc18657ef,0x1c685b02d9aab76656a57887a63b3748f11b9076450803dc777827e712dacc73e64d92a + nist/K-283 + invalid order = 73 + + + k283/21 + 0x267423b3e9e222ac6375df239dc8a4ed23cc0c2dcb2643f2f695f625de1300a2a161b38,0x3604a1d43ee84b4bf941ed237a19e307bf4d8f01a12b3d15775d41cba862b66c2c17a09 + nist/K-283 + invalid order = 79 + + + k283/22 + 0x22c5840d8b2785fd6ab192edba8b0ad54e278d11220d349d30590407347dedead51ed36,0x59fe27815e9e9614b80cd0ca3f7e326d28ec008f7aaf71007b98be67bc269ee611e8c62 + nist/K-283 + invalid order = 83 + + + k283/23 + 0x2fcf47ff9b36efe8f592e975593fcac0822c333c6e81215303cd5d79084cd23a1121c07,0x5dbbf6ad00a100ba6d78c47858eb30f4fff4c810ac24ecdb84fc05960c4f7e2a2378732 + nist/K-283 + invalid order = 89 + + + k283/24 + 0x6e4252ebed88afd0b37f96e6bb745c399d5ef50eb1eb146bf565e2ca5480e5462989f04,0x1e729c375dd3a162fa76e3cb371ab753c2a154608b2a23a0e99a241a093d7330861a10 + nist/K-283 + invalid order = 97 + + + k283/25 + 0x215a1e2e6470a86248b313db5e95721518a91396c648ce9c9a29469f2aafe9e9a821a7f,0x61b56cf94747d65432e13c3fd1489f3616e8055e03f7981dfe6157c2f4e6f15b6909cad + nist/K-283 + invalid order = 101 + + + k283/26 + 0x1ee87fff02d953ab6ef3960153057a9b7928264cf95e0500eb03d6850c90b3f222a8c3f,0x3bc2c2b2adaeff8e8c75eb747674544af02635e2e869cedfdf1e0bab2da6bd3f3592196 + nist/K-283 + invalid order = 103 + + + k283/27 + 0x7e0698ded14808847196b84625619a39c7f4851413551b7ce31ec78dc2681e6da09fc52,0x4290a333d8e7535b14a3134bba5f322cde3ced0188527a73ed3722b85df6f3bca79deb3 + nist/K-283 + invalid order = 107 + + + k283/28 + 0x2b3dd6ccb194b93ab25df65698b4b5fd9015b7f0b9839a06c07a78130d1d4b39d2296a9,0x498a7d308d06d3b82e68564ec530c440f3af854188073717ab35273044556fc90556cc5 + nist/K-283 + invalid order = 109 + + + k283/29 + 0x3c951be5d86312d67f1bd0d39f6c34f156b438ccae509652d66c06c2d2fc9522829714a,0x613cabce8c954e5d9bc4c23e3e1f5dfbe361f19e48c227cebcb0983fde98266a79b30ca + nist/K-283 + invalid order = 113 + + + k283/30 + 0x1735d42a2e9ea59f48531e68f2bc0eb5cff12534860c8ef773fc9fa528bb896c24f17b4,0x5a73ee796d1f4d751f291ad7ee880952d380d64d7fe32d478734b9f2f1396e2b2d8d3e7 + nist/K-283 + invalid order = 127 + + + k283/31 + 0x45ef742138e33bd592d5a53b00f7d61814a68e2576c518c90bb64ef12195d6516860d4f,0x3da85db791285f032ea0fefd5cb6a9a0b371f00270d108549fa7363eb8824cf6d53afa3 + nist/K-283 + invalid order = 131 + + + k283/32 + 0x38d6b2080c7e19ec8011fc1c4f0957524ea71babd3993220776a4d9a8dc7b0cca05d638,0x34190739a5065de70bfeff1b3176c75d90858ad63e6f9078f32cc97d5c2a1c0bb0be775 + nist/K-283 + invalid order = 137 + + + k283/33 + 0x3f9a414344e88096515b6bce427f0cad2aa7d08f41cbd7d1072d939a033f2b9bdaa705f,0x55c2a28cc02b64228b59a7115f244d0ed86ef72d35e5fdb4a7e8e514746f0164326dda + nist/K-283 + invalid order = 139 + + + k283/34 + 0x3866a5cf304aca769e4ba87e00491679a22dd73ebe0e831f91fa2a766ede55791ea6114,0x6d407001a2108571bbf87f0c97ee6161860f1da477f72ced58651206766a0d40d297b9a + nist/K-283 + invalid order = 149 + + + k283/35 + 0x15e790dce7c01d569a6a4e83c7d0b4e0b3611813edc92f329f8eb813b5a484e82ffa30a,0x728a46e00818615945625af56cd2e3eb97ca2c7b6094565a03b18197426fe3f4a335b4b + nist/K-283 + invalid order = 151 + + + k283/36 + 0x71bb5c037fcd2cafa8f4ab94aad61cb75ae960de5c2a3742c56c86d4cf73bba4788e161,0x3aa0c2bb3e5cd30b982c4d4890763f827d63fb4f7db81c049ff9696f449434520d2361f + nist/K-283 + invalid order = 157 + + + k283/37 + 0x3d7caa3d27bbce12fc9f8cb6ede8075360b16482fe6f2449e09923b6983ea6e2010b2d1,0x126fa7e0e8ce1c8d248b99759c728031cb7ee6e757f5064a5472715bea5eaeb9c7a19a5 + nist/K-283 + invalid order = 163 + + + k283/38 + 0x87dfc115b8b453ba77ec658599debf75b6f6f7436051733bf0582651f994085a9f94e1,0x54e2ad467a2f4b751fdc4dcc524ff6ea7fe6b26ba49e1760543b7f537d015c24318d77d + nist/K-283 + invalid order = 167 + + + k283/39 + 0xeba36a3ecc111c1438df4d9f39a9d64f18d0ed35401b691e0f7c29ce21bd65eb6d6e0d,0x1585df01551fdc0cfc206b0dc7490237c9e8d5548687a1a6c0b8556508bdff27b1f9927 + nist/K-283 + invalid order = 173 + + + k283/40 + 0xeabd41943fb772b790ebb1f22c07da6aced704b75f38b48bd84469c1a73c82c547ec31,0x13ecdeb327ee1bcf235c8e6769540b84231721daf090b6707c7949d58af96f1cfb98b8a + nist/K-283 + invalid order = 179 + + + k283/41 + 0x5031d17a2fdd89ca888ab817cfd7180585bfa3a68c0ce2dd149bcc79b26bbe46ad58d1c,0x3d0741ebb1cfd7134ebd26d4bd558252d91510fb3543dabaa2777b6a5283faf35a9d9ba + nist/K-283 + invalid order = 181 + + + k283/42 + 0x33935f57cf8f2b81f6865f3f6b904d302842f23278a4a338096de30430fc6f1bbf83fb6,0x132f461c93d373f41fe985dbc5aaee79cc93bb761164244f0689eaa88dd2c3d69061ec3 + nist/K-283 + invalid order = 191 + + + k283/43 + 0xdb03ca6af0780f4a2f3e11dccfbff969b2dbf8b80c7adc1abc97a0624e936eed835be8,0x38c43f05f76cb717fb5369af974da70dfa56b1748e891201ae78f0420b6f9442bf142ea + nist/K-283 + invalid order = 193 + + + k283/44 + 0x47f0e5229522fc4b7d100fd89e34969edf03e51cade01da9027469f4676615bc9a10aae,0x1ba20b98a6cca3ab4ef69af34627266f8c3846990c4c81af95a3cbef307e18f32b4235f + nist/K-283 + invalid order = 197 + + + k283/45 + 0x34c036dd7609844a2af553432d1e6ae7e76acf264ea74cf9e3ddbe1c87e8982a837150e,0x4fa41cdcd8ca21ceb5c1def1a951798de9c9fcc6e3c9314519d8acf8a1c5dc7f48fd3a6 + nist/K-283 + invalid order = 199 + + + k283/46 + 0x3be5716392d8d0e7f06a61ce734300152d1e6c0dfe67273a71dbb53e7372de85a411144,0xb5b4c319f77918dd4f8a6816e03432e8a4e48c2c9bc2f634453196f400cf948d8d8729 + nist/K-283 + invalid order = 211 + + + k283/47 + 0x152dfcf46706d794166ae93b3243fcdea735fc0adff7c5d04a561ed72efb09bdaeb8a99,0x16bb4eafc64cefefd17799e5e95ec1a7c477d4bb6c40319c78a090ce865e6740feabe80 + nist/K-283 + invalid order = 223 + + + k283/48 + 0x1b61d9a7ec9d5735221b2024698b395c9b514961a9950e8905156a1bd340027e8f24a0,0x30b64d5fc76e480a2e6540ead5c5b6792db5f30113f1f7648cad89cf9906db225c27c11 + nist/K-283 + invalid order = 227 + + + k283/49 + 0x9a80217581cb5a3b9a9bebfff26df4eca8dd9cb6400328056b4cc98bd4f63da2abebb5,0x2f0139f643dabae905a11f6daf19cf343ff4ffb3fbf32e9170af0074616f34822f1cca0 + nist/K-283 + invalid order = 229 + + + k283/50 + 0x74707ed5fb2387c70bd4e6904361ed287c26da4c219e11c0e6f1aacccdf646a81ebd65e,0x13e1f4f50388e98213e585a258441876ab20597be1b09bde0164498cda65e780cec4e1f + nist/K-283 + invalid order = 233 + + + k283/51 + 0x64af07c046462a89c07e2d885807ad572a9a4fb105fa8b2568222036362a1e7b6d07cb1,0x39c1e0f266b2ad2038453afe9bbf50a79eac46a1a5b223a0182f502619c9c8b8e26f15e + nist/K-283 + invalid order = 239 + + + k283/52 + 0x56c5dbcdde389b503d537affd651a35e51df20361438e503ddebe9cbbcc5b92bb24a898,0x58634c14ac8853a3936aebcc638a1a0c449e4f6344f45b8bdd0b34b628a61c7c24d6ed6 + nist/K-283 + invalid order = 241 + + + k283/53 + 0x5e033c49007c1200d78a43a5ac1b92a063f217d3cc5448180cd2d0abc3ed6f4d0a28c7c,0x72f2c8eb5711e3953524dbed610a7e2e474bd6cd83bb02b14dcb66ab8bfd545489f4747 + nist/K-283 + invalid order = 251 + + + k283/54 + 0x7756b00d6643155e6fa08055485db9dfd44bcfbffa346b563f5508681225e4076777cc2,0x4257635918005d8f622d0bef4ae4fa77c8ba31c1bd641017c96bb49d87da63148e958fc + nist/K-283 + invalid order = 257 + + + k283/55 + 0x69614948a5bb9f3c7c08bab2cdb789e04ff0698365f7911a15c475718d984acd1185164,0x2469f3d1e149f38fea73b08ef745f9535f0efdee4ec6875780a13324342ee291e672bd9 + nist/K-283 + invalid order = 263 + + + k283/56 + 0x45c409e181b2702ba016ba742efc6bb26b13c167bfdf3fb8ffe388c6670aba7ea4aecde,0x47a00b60562c782e96e0d8ef77a222dd1bad984798c62508a1dbc4d584bf52aec76f5f4 + nist/K-283 + invalid order = 269 + + + k283/57 + 0x1776fee2ffe3be472596778cdcf4f7e85040ac22422800e55198736de7baeb9e442df8a,0x7228f25bb3bad587012e84081b22e618c997bf4d670033073188eb32e508b2aabbd5394 + nist/K-283 + invalid order = 271 + + + k283/58 + 0x1989ab5f540f531878302e5af67be36edb3047a2fecc14209a4891df98f5f1172ce94a1,0x2d31b77182c691ada9dc13d7f8a0d6d33449aae51d1399651f11ed29e8bf8876d9601de + nist/K-283 + invalid order = 277 + + + k283/59 + 0x2e720a463ab0d7169633d509eee85f1d01af7db38f1321611df44c289f4b30f582644ee,0x67cc0488ebe9018efeb41fbebdc78aa16273e3a374b727ef37f4ba98e0d5b22c2bf93f1 + nist/K-283 + invalid order = 281 + + + k283/60 + 0x45abb40da72a6a2e1d339341cb0196714df4781ab2b6125fe57c515f57f0e87083b1563,0x25fb584e3114e09e59a3b790f0dce6d1a05fdf92184c61c08c9bc583340a222fa2ba65a + nist/K-283 + invalid order = 283 + + + k283/61 + 0x18d1a29ee3b45e46ce2123716e8eac99a72d3f82265c62fb3475c1dba95c084e4d2cf70,0x4bbc68c393af4338ec9789ad0ee42698ebf77f917bcfd54d36f37e717e77665e2e58377 + nist/K-283 + invalid order = 293 + + + k283/62 + 0x7a20cc4cb733b1517db885aae0c6b727a0bb48287621e28a86cbcb662b95d878576cb08,0x6beb9ed1b77020083c106e83bd8c4a583922066a9ed2c3701097d37154062b8069e6535 + nist/K-283 + invalid order = 307 + + + k283/63 + 0x6e09c1e09d707ae19515d9740511055a31a4cb81ab76fb3700ace52b0f4eb9a582ecec,0x5eaa33f749f96a24642b9d1a4aa4c72bd586524bf9f38c0b7eebcd7cc7ae9ca472b8b25 + nist/K-283 + invalid order = 311 + + + k283/64 + 0x7776474e70c432a4ea47d2c467f4f1dabefbcd72f2f29a69f89e58de40f38ae4c7be1c6,0x4fc23f823175c19f193c1451989a50a1d4809ee5eb92a889f7e994073336e35c7314a09 + nist/K-283 + invalid order = 313 + + + k283/65 + 0x7f593e5ac6260073a5e437247a787d6f0c0b85a0ec56333677132142b287668aab1d379,0x15ee4c48f9bb3dd25051715366175915a303755a977c6e4efc1af3c81d59c784d75dc5a + nist/K-283 + invalid order = 317 + + + k283/66 + 0x7f8798f7767ff59143d2d4ab30244ac831edef69be00c2b565a561d7f78ace112bb9230,0x2e451e724182b7d0d7868ba28db451f4f31eaccc4a88528f37652eb2a882bd519d9178f + nist/K-283 + invalid order = 331 + + + k283/67 + 0xef234ba82ae60338ad03aad81346e5a9b32fe948f419955104fb10d2a77c2e6c3d2bce,0x53de1b2f1c223efe0a55df95bf3466247208414febb5819e08251a59946688dc8a6675b + nist/K-283 + invalid order = 337 + + + k283/68 + 0x21f71e6831b0bcbbc608eba8a9e910ef9866712389cb94a11b6b9e90e8368fc8c5c42a4,0x7651bec0bfaf5a5d6f8b17f3c6b50ab27df6490465bad17b561a11d16ec650bf63e3219 + nist/K-283 + invalid order = 347 + + + k283/69 + 0x73e9492a7dba813e205c5aa01ac963b66d429626af949657a9fb6b6f7ddde8e941fa9e9,0x3acef3843cb0fdc18414707cff0fe4cccf5925bd2e5390aa997f4745e510753ac7bbdcf + nist/K-283 + invalid order = 349 + + + k283/70 + 0x6a20dff7cd6caccb1fd3d0ba39eb85ce93463379c8729d00230d39a09c656c4e3602a24,0x6bd2968f953b8558e192449c0ab9fbc8af0e79219ad68a1a01c2575af93fc33e3a2ed8 + nist/K-283 + invalid order = 353 + + + k283/71 + 0x529d961d987f3646b94dc65cb569f7318cf16ee1e070d833dec3baca88f2c173fd2a5f3,0x4d6cfe4a9bae00eadca759010fd58c6e9641e57831b12f79490620cd6b577b3aa68ef + nist/K-283 + invalid order = 359 + + + k283/72 + 0x49680beed139a9bbe22b9f94f6616661a1af69b64e3bdb94b4647ec4c4b5aa21a1f8267,0x61e6f12374a4e23ccdfb871e80c3cc3323a8e3c61362639cd4bd0c0b1ce0f34afe1f52f + nist/K-283 + invalid order = 367 + + + k283/73 + 0x35a8d86570b0d875aac35da377cc81dc353d5b374876487d0aff8985e8a78d42e29e1ad,0x28825e8a703adef5db340cdb05c4a9efe1d905c30984b32eb9e516691c260c2aa741e1b + nist/K-283 + invalid order = 373 + + + k283/74 + 0x503d7f311405772516b2249a62227da0f153ff0a674342448cc072a7415c9d26a147177,0xb4977d7814592a3ada046ec12c1b746caa943d01da276c2b1e971ba2d95d68814bd368 + nist/K-283 + invalid order = 379 + + + k283/75 + 0x28e92f2d80c749260fb98b06407e49658da4c610305b198b39d14481c62684b36d10681,0x13623a6fcc41ca22b9158bfd4b850612569ac0b85ce39fbb584c3499b4ab4308c157b9f + nist/K-283 + invalid order = 383 + + + k283/76 + 0x5c443b6c6d1552c8fd4974be4d85c89129b5f546d7910df96e2421bdfefa37e15a725e4,0x71ed0290df854c4e90e06dad658ec95450e94d25e284555f783d21b151b8128c01a6644 + nist/K-283 + invalid order = 389 + + + k283/77 + 0x4cf6f337eda2408d0af8b6577839ad988a4f112ed89052a00172bccd8585313a871efe0,0xd38f0db3a4adf6c7bd80bfde00f786503045f96904e86838d333e60912f757b4371933 + nist/K-283 + invalid order = 397 + + + k283/78 + 0x61c9f66679bfa8dc01503e2c6b8e0cdbda6046a9ab761aa0de82e114f6181419f71cc63,0x555862ec4ace16a89e0f0a368034475d71c170524e7fc45736240df596eeb4d200258a1 + nist/K-283 + invalid order = 401 + + + k283/79 + 0x26e9cae9cf92172ce5a8b144a45b608b71e94b4c2e36ef4153eac64f2186cfcdb31473b,0x71179370a5607981e5c77ef487f363d785f2175b0665357f9d53063222236f30dff7cc + nist/K-283 + invalid order = 409 + + + k283/80 + 0x225b65c4e10b8c08732d190d36c4b81f3256c4638d08e43b5d40487f9993934a3ad77cd,0x7db18e8af40291d4f8d370c5356e7ea5a64d445177338a0fb025f0c0b23dac1af163fc6 + nist/K-283 + invalid order = 419 + + + k283/81 + 0x7d9621f70c83c44f37753a6fecd9117be6114c04a6cabf4eae3ab2660d17db7869687b8,0xe0f5221d994f3cedcb6c1fabdeaff6e02a34ab5a9ba93380bf570e013e3e51227ddf3c + nist/K-283 + invalid order = 421 + + + k283/82 + 0x43a92779e79981073bbcf449ff68180fdd4cb491a6731de2a2dd285f232617863336847,0x500f0252d5def9185311e8f7655a38645fb5aa241b78b3871b9feafff5c68f8bf2f83e7 + nist/K-283 + invalid order = 431 + diff --git a/src/cz/crcs/ectester/data/invalid/nist/keys.xml b/src/cz/crcs/ectester/data/invalid/nist/keys.xml deleted file mode 100644 index e69de29..0000000 diff --git a/src/cz/crcs/ectester/data/invalid/secg/keys.xml b/src/cz/crcs/ectester/data/invalid/secg/keys.xml deleted file mode 100644 index 8b13789..0000000 --- a/src/cz/crcs/ectester/data/invalid/secg/keys.xml +++ /dev/null @@ -1 +0,0 @@ - diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp112r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp112r1.xml new file mode 100644 index 0000000..ae8da15 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/secp112r1.xml @@ -0,0 +1,247 @@ + + + secp112r1/0 + 0xa58bdc3b9dab98a634ca647d4645,0x0 + secg/secp112r1 + invalid order = 2 + + + secp112r1/1 + 0x6ed433535907e85bb451f70e72f3,0xd6a53604d5e548e5eadcc69c3f95 + secg/secp112r1 + invalid order = 3 + + + secp112r1/2 + 0x962227ac8f103034b43bcaa9624a,0x5022ffb6832197b94b8a350f8bbe + secg/secp112r1 + invalid order = 5 + + + secp112r1/3 + 0x3f088992a4aa4b02b06c7aa103d6,0xa17ac381c86ae12877c84bb0216c + secg/secp112r1 + invalid order = 7 + + + secp112r1/4 + 0x8bd960f42ce43f71feb49184b18b,0x1e07400273aaf39cfcf0d14d7744 + secg/secp112r1 + invalid order = 11 + + + secp112r1/5 + 0x7a2deed6ffd34b68b829e0475d9c,0x1c31b632d82d2af875de0f21a8a0 + secg/secp112r1 + invalid order = 13 + + + secp112r1/6 + 0xc286184a5791e3bf40761626e82b,0x64216877ebefe36d911eb669f8bf + secg/secp112r1 + invalid order = 17 + + + secp112r1/7 + 0x9ecf08b8fca23c09906d9ac059e6,0xb121844e9493f2973ef51166f2ea + secg/secp112r1 + invalid order = 19 + + + secp112r1/8 + 0x5588b4f0dae189bad77076fb4a31,0xd5e9f58535dd14932796ffc821ca + secg/secp112r1 + invalid order = 23 + + + secp112r1/9 + 0x7e82cb7c3f9d85b602784a044e22,0xacec7d552506f1792eaa13ba1c5a + secg/secp112r1 + invalid order = 29 + + + secp112r1/10 + 0x9809c916b656a7963436ba0485f0,0x38051487d624a3a2f9c9ec0f29a1 + secg/secp112r1 + invalid order = 31 + + + secp112r1/11 + 0x8b3adbcdcdb18c2cbf0cf9c6b781,0xe60359cd04af6683496efada8dc + secg/secp112r1 + invalid order = 37 + + + secp112r1/12 + 0x4c2a571159aeda8e0ac1856e1575,0x75aa93055a8a7c1565a99a21f08f + secg/secp112r1 + invalid order = 41 + + + secp112r1/13 + 0x2a4380165a48a4123b4ac1f103ef,0xc89a173046b66cf225388a8e8392 + secg/secp112r1 + invalid order = 43 + + + secp112r1/14 + 0x645fbfa393769f8f2d74c9b5b8ef,0x94cb1aa6fbb3dc7a42bdfd8b880d + secg/secp112r1 + invalid order = 47 + + + secp112r1/15 + 0x3f5b2a97e4f7d4f73b5771e9d72,0x7be7bdfe3e6d7de20145e0fab394 + secg/secp112r1 + invalid order = 53 + + + secp112r1/16 + 0xb9687b364eaae021552f80d76007,0xa2c0ce0b77998ddd4de703f52c38 + secg/secp112r1 + invalid order = 59 + + + secp112r1/17 + 0x5abfe683cb112939a1d90a2939d2,0xd0300cfbed0b2b2ff8e64404b706 + secg/secp112r1 + invalid order = 61 + + + secp112r1/18 + 0xd75cd76f9dc25f21343050a4241f,0x2fe43a75f7f15ab649dcc467b96e + secg/secp112r1 + invalid order = 67 + + + secp112r1/19 + 0xd484c2b709a39a3c084c0c16f094,0x9ce84b26f02d7ef4ea1fa54def15 + secg/secp112r1 + invalid order = 71 + + + secp112r1/20 + 0x1723919870a0d80077d9a1e450cb,0x428173a0d15ea25f5a6cfdfc97b + secg/secp112r1 + invalid order = 73 + + + secp112r1/21 + 0xbf968536d9c3e8adae410ba0f089,0x90a80446682791fd03ac1dd129e0 + secg/secp112r1 + invalid order = 79 + + + secp112r1/22 + 0xbeb4f3fd07860c0ef03cd4593e6e,0x7f14be45c4bccc048385eba69b6c + secg/secp112r1 + invalid order = 83 + + + secp112r1/23 + 0xd6dacd814f6a887ce2bd9a9387e0,0x9079900ed0147013e8d9d8809693 + secg/secp112r1 + invalid order = 89 + + + secp112r1/24 + 0x2fa08602ed3becb016ec8271f0d4,0x7bd6ecf28359e30a4655bff5e7cf + secg/secp112r1 + invalid order = 97 + + + secp112r1/25 + 0x34c5f199ba83347d9a8b10f59bf3,0x964245d35298161bd23ff7d6446 + secg/secp112r1 + invalid order = 101 + + + secp112r1/26 + 0x9a7c29d760628c0bc41bec78fdad,0xc631eb205164b661b3f434fcba40 + secg/secp112r1 + invalid order = 103 + + + secp112r1/27 + 0xd4432d98d07f3610c1172168deab,0x20ebb0544ef9cf298288654dbb25 + secg/secp112r1 + invalid order = 107 + + + secp112r1/28 + 0x1ba65039ad27c2e76afca8418f80,0x41503954fe592332325756793c58 + secg/secp112r1 + invalid order = 109 + + + secp112r1/29 + 0x566dc7a41511b7c2d47d7ec8f7e6,0xe7ab43ef12082342a02a78555cd + secg/secp112r1 + invalid order = 113 + + + secp112r1/30 + 0x6aa85ac394188b73937d62e07c65,0xc0758b109d4ab43ff330822eb911 + secg/secp112r1 + invalid order = 127 + + + secp112r1/31 + 0xf821a24ffb775fafc53bbd61542,0x198812c3fb415ada5310065b2741 + secg/secp112r1 + invalid order = 131 + + + secp112r1/32 + 0x71c4cb1682af26551485f1bb34ba,0x16df985375bb3d4c251c9808f1d0 + secg/secp112r1 + invalid order = 137 + + + secp112r1/33 + 0x7ce65cf47d6e35cf12b6e8286375,0x4838606ae8854f1baba4c20504ad + secg/secp112r1 + invalid order = 139 + + + secp112r1/34 + 0x1d4fc5e81aa29bf009972d275dec,0xaf78918c68e4594d8efd5b444e97 + secg/secp112r1 + invalid order = 149 + + + secp112r1/35 + 0x2fc7401d1fec104efb18e58cb7a1,0xbc3bc6fa15726f13eaca74a60397 + secg/secp112r1 + invalid order = 151 + + + secp112r1/36 + 0x3e151dbb79fd9e81b4f5def9093a,0xbe52c24f65c410f831cbe1422bfc + secg/secp112r1 + invalid order = 157 + + + secp112r1/37 + 0x1d7750f2e60a9a24916bd0c4334,0x11c38ae3984a3a1188f2b84ff483 + secg/secp112r1 + invalid order = 163 + + + secp112r1/38 + 0x27c729c996bcefa25821d1072c7e,0x8a61c413d559851412f6224c3137 + secg/secp112r1 + invalid order = 167 + + + secp112r1/39 + 0x4fa3d8f924136b3b638a0f1dea3b,0xd77c5efa832ddf2418eba9087349 + secg/secp112r1 + invalid order = 173 + + + secp112r1/40 + 0xbef734759a6acbf7ece5e7e033e2,0x689cd4c5e7623684d4542317c8da + secg/secp112r1 + invalid order = 179 + diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp112r2.xml b/src/cz/crcs/ectester/data/invalid/secg/secp112r2.xml new file mode 100644 index 0000000..9dc187e --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/secp112r2.xml @@ -0,0 +1,247 @@ + + + secp112r2/0 + 0xa991c6f86f5bdabfe4d430b3a5dc,0x0 + secg/secp112r2 + invalid order = 2 + + + secp112r2/1 + 0x58512412f98c28fd098fbe062dbb,0x4f5c43bd225bb40737272887e943 + secg/secp112r2 + invalid order = 3 + + + secp112r2/2 + 0x504509f066234ef04d9bac06a342,0xc655008dcb955d973989e0e057b1 + secg/secp112r2 + invalid order = 5 + + + secp112r2/3 + 0x4d927ecb2f7087ea26fa0e59ccc,0xb1dec25114c1755c063c03dbe1cc + secg/secp112r2 + invalid order = 7 + + + secp112r2/4 + 0xac0013cba242d37349d73dba87e7,0x7a6830a84f18335adc544814cac3 + secg/secp112r2 + invalid order = 11 + + + secp112r2/5 + 0xb470988d36e23b04fcb008c5ff7e,0x2e7f9d9778820da3081a89ee976e + secg/secp112r2 + invalid order = 13 + + + secp112r2/6 + 0x3b7c03b728345d173f6c865c7c2,0x3243914c4944301261ae61b17801 + secg/secp112r2 + invalid order = 17 + + + secp112r2/7 + 0xd857dd6ac32e4249d082c706a95,0x482c8af26f0ede2b945f24787152 + secg/secp112r2 + invalid order = 19 + + + secp112r2/8 + 0xd7a4e32d96dbfe6505c000af0894,0x9d433c8f712db7926c6a24347749 + secg/secp112r2 + invalid order = 23 + + + secp112r2/9 + 0x438de089a6ab2678ded91e8b4a43,0x872eccefff5ee60a0c56d827abe3 + secg/secp112r2 + invalid order = 29 + + + secp112r2/10 + 0x84e48e438a927d34099ea72d723a,0x6cb18571c23f071975f38dbb7570 + secg/secp112r2 + invalid order = 31 + + + secp112r2/11 + 0x3f2735b8b50f4b477e87b37098ee,0x72d14473abba5b4b64c01d214a1e + secg/secp112r2 + invalid order = 37 + + + secp112r2/12 + 0xd826a8bd919e0b3c06cf59cb14d5,0x3001914d35a819b21b6fdcb08303 + secg/secp112r2 + invalid order = 41 + + + secp112r2/13 + 0xa7b201756d4f9b21aa6eea2d2269,0x9ba6a1c3c652fe403a4e0b627342 + secg/secp112r2 + invalid order = 43 + + + secp112r2/14 + 0xc24429bde26360cb825de55d3724,0x2d39d3354c80af6119037b3cd854 + secg/secp112r2 + invalid order = 47 + + + secp112r2/15 + 0xabb16e4874332fa20fef885dcd6c,0x6b09ec3a2eca101c33cd40e05203 + secg/secp112r2 + invalid order = 53 + + + secp112r2/16 + 0x6f7562c311d5494fa5c3c862396e,0x955dcb80a6168d07d2aeeee53c29 + secg/secp112r2 + invalid order = 59 + + + secp112r2/17 + 0xd3520e6b7fe46b9eae25f691d2cb,0x26f11be4b177b940dcf8367bdb48 + secg/secp112r2 + invalid order = 61 + + + secp112r2/18 + 0x10f389e1e1df289c7715ef492d58,0x81f3eba42f18cd0ff7d79a9f8e01 + secg/secp112r2 + invalid order = 67 + + + secp112r2/19 + 0xb9fd96f926826433666c64f70f6f,0x4deb2aeda4201a18a6772f7598fa + secg/secp112r2 + invalid order = 71 + + + secp112r2/20 + 0x228474d915930adb0f6069d9ef89,0x4651f0056e01694c797ddab51bdd + secg/secp112r2 + invalid order = 73 + + + secp112r2/21 + 0xb0a65f7b5da7d88d9da8948beccd,0x5727fd0ae26f93adfd27b85cba7b + secg/secp112r2 + invalid order = 79 + + + secp112r2/22 + 0x48a289b5e049eefa41c166a649c5,0x3472efa7627d25aefa2e01bbdc5e + secg/secp112r2 + invalid order = 83 + + + secp112r2/23 + 0x5a3dced85e768f18904cdebafdee,0xd21360fc187371f6afc1f76e57c8 + secg/secp112r2 + invalid order = 89 + + + secp112r2/24 + 0xc760ccc276bce27932d9993d33e9,0x5e3c96a38446bc73340c50a8f72d + secg/secp112r2 + invalid order = 97 + + + secp112r2/25 + 0x1c7fc32ad4159b86213c207b64fa,0x6e653fb358a0bd891c50880ef1f2 + secg/secp112r2 + invalid order = 101 + + + secp112r2/26 + 0xd055795ca56a353761ce0baded6c,0x11164de005abc0f5d0ea2d691221 + secg/secp112r2 + invalid order = 103 + + + secp112r2/27 + 0x8368f5afa9b24ebf635be717d130,0x1c23379997bbcca3af3eec34988e + secg/secp112r2 + invalid order = 107 + + + secp112r2/28 + 0x7afb27e941d691c26fad4335b39c,0xb732805fab9e835799aa1cd40ea1 + secg/secp112r2 + invalid order = 109 + + + secp112r2/29 + 0xcfb21c8fbd406c878bbbc318e578,0x17e0a411a7f9c4a2461de5815a3d + secg/secp112r2 + invalid order = 113 + + + secp112r2/30 + 0x33541ee100275f6d708276dfd090,0x8bdec63ac571d54bd5dc74259a34 + secg/secp112r2 + invalid order = 127 + + + secp112r2/31 + 0x177b978486adccfb74d3c30ea7c7,0x5e1e3e9c8519e3b379b7892064fd + secg/secp112r2 + invalid order = 131 + + + secp112r2/32 + 0x2cec1fcef95765c9b712abe806b0,0xce8f29057fec53f4eb6096165d41 + secg/secp112r2 + invalid order = 137 + + + secp112r2/33 + 0xa41677a0fd4572ba98ade3f313db,0x6ba2bbff08f66055f84983f157ae + secg/secp112r2 + invalid order = 139 + + + secp112r2/34 + 0x66e90059368a8a31b80b1e07cd5c,0x841bdac14ef77bb009148a578ba3 + secg/secp112r2 + invalid order = 149 + + + secp112r2/35 + 0x567e5d7408324116f1f2c8e9bef0,0x555f4187a6e52d367aecc02d72ed + secg/secp112r2 + invalid order = 151 + + + secp112r2/36 + 0x845341926ecc3f1f1766dfb8f26d,0x536f41026296a6e610a1aa4c61ad + secg/secp112r2 + invalid order = 157 + + + secp112r2/37 + 0xc61da2105539dca7f324d1816792,0x4069c8c569af389ba6c124ca7cc9 + secg/secp112r2 + invalid order = 163 + + + secp112r2/38 + 0x79352d8c9aaca8602bdc2bcdd784,0xb3f20709e4f2953af0b9e86a94f + secg/secp112r2 + invalid order = 167 + + + secp112r2/39 + 0x60375f2eec5ff92fbc2efa252d15,0x34c5fb6ebffefde7e9771b1b3a46 + secg/secp112r2 + invalid order = 173 + + + secp112r2/40 + 0x9910c45778f1efa1c9f3154d44a,0xc5393764eb6184d869ad9677fb1d + secg/secp112r2 + invalid order = 179 + diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp128r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp128r1.xml new file mode 100644 index 0000000..f038656 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/secp128r1.xml @@ -0,0 +1,271 @@ + + + secp128r1/0 + 0xad532d7437555507e85fee6591b8565,0x000000000000000000000000000000000 + secg/secp128r1 + invalid order = 2 + + + secp128r1/1 + 0xfc69a54797d63679481b0ab5bffb7181,0x9c450b3dbdb7f2ea539151b372650ec6 + secg/secp128r1 + invalid order = 3 + + + secp128r1/2 + 0xa93c05bc80199e2eb2cdeb0e6948e7ab,0xdff1c75dbbf1d108a6e0c8b50a08bbcf + secg/secp128r1 + invalid order = 5 + + + secp128r1/3 + 0xcd1deefa8374505908cb6959fb919cc7,0x29013f0415d73458e13fbc11655001b + secg/secp128r1 + invalid order = 7 + + + secp128r1/4 + 0xde266c98638fa36777f35b2223c91cfc,0x1b947aac7a466fc3d297b10ff8484dae + secg/secp128r1 + invalid order = 11 + + + secp128r1/5 + 0x1838605e0e53f9d172aebd466a66cb35,0xf63b02c9a2d65087260622edd87d29fd + secg/secp128r1 + invalid order = 13 + + + secp128r1/6 + 0x387eebc129560d2ec0c8656b9b13dc93,0x74f60f68b187eda0e952b45d0c41dbf3 + secg/secp128r1 + invalid order = 17 + + + secp128r1/7 + 0x529ef50f0a8c004a14c1ad7cd43e0ef9,0xbb45b561401279bad1e1b0c7c13232ce + secg/secp128r1 + invalid order = 19 + + + secp128r1/8 + 0xecfefc620d86d1694ae8cb41dcce1b5f,0x51b86c07c1aad767cc68cb80704beaab + secg/secp128r1 + invalid order = 23 + + + secp128r1/9 + 0x6d702020fb517aab858c67ebda4de749,0x38213b0d6fc92dca7462cfc94d9a851f + secg/secp128r1 + invalid order = 29 + + + secp128r1/10 + 0x69ceb27e1b9f34be748cd8e626494cee,0xdf180f3e613900e95fd452a77e3d7797 + secg/secp128r1 + invalid order = 31 + + + secp128r1/11 + 0x60682616ca53de62835b1f90bf7f64cc,0x87477a4bcc3681480c53d044fa602fcd + secg/secp128r1 + invalid order = 37 + + + secp128r1/12 + 0xb4c635797b877e4536b54e46c2b405bd,0x10cc3afa3983a4384bbe1e64a5ccd98f + secg/secp128r1 + invalid order = 41 + + + secp128r1/13 + 0xb2a089f1e0afa8d031cee4bc0f39aabe,0xb6045935f79962e9a6e17c3cbdfbcbc8 + secg/secp128r1 + invalid order = 43 + + + secp128r1/14 + 0x98b36c442de5c741c70fa80a31d72fa,0x251e9a04ffe799cf4776575be582f108 + secg/secp128r1 + invalid order = 47 + + + secp128r1/15 + 0xdf21eaed127767d439b9a7b05bfe244e,0x6bd22a598f2f29b2b9970548636471c9 + secg/secp128r1 + invalid order = 53 + + + secp128r1/16 + 0x5ea79b209b249f320670588bf16a941f,0x143bb38d2e91dacad82c3950ef1345db + secg/secp128r1 + invalid order = 59 + + + secp128r1/17 + 0xcabd1f91622e6d8dd021508dcab59e08,0x8902e03ae5300d85b735cd41f057fb0a + secg/secp128r1 + invalid order = 61 + + + secp128r1/18 + 0x9ce43ec4dcaf95993d8ab00efcc7199a,0x7fb6d895c27bc326a33cb8111e865a9 + secg/secp128r1 + invalid order = 67 + + + secp128r1/19 + 0x258d5033cdbd811104238c9d69e45596,0xfe5275fa796dcc1e4a58787eb1e71411 + secg/secp128r1 + invalid order = 71 + + + secp128r1/20 + 0x2571bd8d8c77af6e8e8ab9a14c75f415,0x4d55b748f9710b36e404c090e3d363b1 + secg/secp128r1 + invalid order = 73 + + + secp128r1/21 + 0x3ff817bc6c5ae03b4ab933710e52bb77,0xed377a0158e5c7c47d60451342fe65a1 + secg/secp128r1 + invalid order = 79 + + + secp128r1/22 + 0x98e44a63c76627eb95cd2c090e84b053,0x441d03cac9612dc24c13cff25dd8de1f + secg/secp128r1 + invalid order = 83 + + + secp128r1/23 + 0x6803013e75597fb7f83f1f8681af11d,0x32490d391f8a2b1de83212dd218b3a5a + secg/secp128r1 + invalid order = 89 + + + secp128r1/24 + 0x22cf1fd78c34f9c918fe5839f3fc7a09,0x38e3d353cc231516b3367e54041cd651 + secg/secp128r1 + invalid order = 97 + + + secp128r1/25 + 0x2d7b57c9ec5cfa8f65036953b43dd61d,0x1fbfcac122a8a0afd71884d7eb50178a + secg/secp128r1 + invalid order = 101 + + + secp128r1/26 + 0x6e6ff0f1be9d7119865558daa8c334a8,0x2826b8d4f2cfbef3bc1b6d63f5d8185c + secg/secp128r1 + invalid order = 103 + + + secp128r1/27 + 0x75b01105aeee0856a9e86ca8fcee0e71,0x46102bdd1b75728c04ebd8cb971dab73 + secg/secp128r1 + invalid order = 107 + + + secp128r1/28 + 0xe6f6b7ae27f95c72ce0f4b65bc53eef3,0x51253fdef86051d533f007b0fc153c50 + secg/secp128r1 + invalid order = 109 + + + secp128r1/29 + 0xddeaa1407ef4e29810a7a3c39f54fd51,0xaf6826697f90f9b7a2eee96120c81934 + secg/secp128r1 + invalid order = 113 + + + secp128r1/30 + 0xed560eceeda09a4111cb1dee3e96b73c,0xc905937f629e8d2170ecb81c66934ace + secg/secp128r1 + invalid order = 127 + + + secp128r1/31 + 0x795429dd5e9c5f070148d7d5ca2bad17,0x960eba8c90a5ab5f487dc54d00ddec74 + secg/secp128r1 + invalid order = 131 + + + secp128r1/32 + 0x167256d3907764ab25bc306ecee5c1f2,0xabe3b00f2996163c79fc90ca00feb245 + secg/secp128r1 + invalid order = 137 + + + secp128r1/33 + 0x742017e42aeb2e0b408764c99711cc55,0x2bb70bf48bf430cf3aa9dee0dae2019d + secg/secp128r1 + invalid order = 139 + + + secp128r1/34 + 0x635c9ae3debc366c4c3b9654a4493dc0,0x9e1334cf07dbe388bfbb4718fa135f1e + secg/secp128r1 + invalid order = 149 + + + secp128r1/35 + 0x48d7039a2072716782802bc30abf963f,0xc2407e7315f17b3955401c7ccef85efc + secg/secp128r1 + invalid order = 151 + + + secp128r1/36 + 0xe81726cc9a327fc537dc8694d03520cf,0x48dec70e3b0c795d51580a25199bdd63 + secg/secp128r1 + invalid order = 157 + + + secp128r1/37 + 0xff6e22e5b03f8662c42996cdbe2388a9,0xf2bb92e29ac8c2fd4e51647b4597828f + secg/secp128r1 + invalid order = 163 + + + secp128r1/38 + 0x612a6287e34de249552fa9cd7cc1b85f,0xd9720cd654fcbda890d1f0ca9ebc0b06 + secg/secp128r1 + invalid order = 167 + + + secp128r1/39 + 0xb890ca6a7b5a7c242430afb747a5b5cd,0x17aff39e97598baf943aa778ae0d15fb + secg/secp128r1 + invalid order = 173 + + + secp128r1/40 + 0x1a2e48a326d3dd743e1f4bf842ba2859,0xf89f9e97e2a3d18cdf90d95e0cdf78b1 + secg/secp128r1 + invalid order = 179 + + + secp128r1/41 + 0xa67fb1dca60c137520ae0aa038c4134f,0x7252d9682ba8feec4974e77688b56647 + secg/secp128r1 + invalid order = 181 + + + secp128r1/42 + 0xef4ada4e005c28f62a64455aaf8c952d,0xa182a3ea0e95b64eead91f16c357edc2 + secg/secp128r1 + invalid order = 191 + + + secp128r1/43 + 0xe6eecfd4d406c1a84ca90053db92df22,0xc9cc6646f7bfa02d750636dee97384f8 + secg/secp128r1 + invalid order = 193 + + + secp128r1/44 + 0x5f118fa94be6f20bec4f89abd1427e40,0xddf8e84a3ac293a8448efe7af61e649b + secg/secp128r1 + invalid order = 197 + diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp128r2.xml b/src/cz/crcs/ectester/data/invalid/secg/secp128r2.xml new file mode 100644 index 0000000..ecb62bf --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/secp128r2.xml @@ -0,0 +1,271 @@ + + + secp128r2/0 + 0x84a2a35ab236365d29cddba15a256aa8,0x00000000000000000000000000000000 + secg/secp128r2 + invalid order = 2 + + + secp128r2/1 + 0xcce609e5a2dcc34f6586c83028fa2a20,0x9c5c11c51b9eea1bb0340fe751a7b60e + secg/secp128r2 + invalid order = 3 + + + secp128r2/2 + 0xe2a3bb780144f4219ea4746212178d0d,0x89cb1d8c8006a776d74c2f7404fd5a9a + secg/secp128r2 + invalid order = 5 + + + secp128r2/3 + 0xc76164fb89ace094c7becf35873c7e6d,0x37536278167f04d672ad06673c1dfd39 + secg/secp128r2 + invalid order = 7 + + + secp128r2/4 + 0xf1894d5a8c9fc11a526261ee270fc6ce,0x599c4e663008029502d6eb3d2f14653e + secg/secp128r2 + invalid order = 11 + + + secp128r2/5 + 0x6eb6f563941f2203f08972066ac9f428,0x69bd692f2daf9275f11bd30b436927f2 + secg/secp128r2 + invalid order = 13 + + + secp128r2/6 + 0x31122c136cdb52adb5d38ca620a6d1a,0x49a0430f0c465c8cca890f1cb3d57c40 + secg/secp128r2 + invalid order = 17 + + + secp128r2/7 + 0x16306eaf58c7954be01d58293297b56a,0x967c3ff630b17546c625cb2c81f92b8d + secg/secp128r2 + invalid order = 19 + + + secp128r2/8 + 0xa4c6f4e9efcec102ac1a180f2f2e2e60,0xfc96138f948fd7be176405e4462a07da + secg/secp128r2 + invalid order = 23 + + + secp128r2/9 + 0xb8bff33456a3092ee6b899d85474c003,0xa96674f5b12d3e3987bf9793f09aa0c4 + secg/secp128r2 + invalid order = 29 + + + secp128r2/10 + 0xfa1bd687f42768fdc054b2c3264fa32b,0xab811c51737068251108dd3d93b74f14 + secg/secp128r2 + invalid order = 31 + + + secp128r2/11 + 0x8940c1218db052d691b91cf74cf70dcd,0xb8fd7d307d91629894d813370ff4b18a + secg/secp128r2 + invalid order = 37 + + + secp128r2/12 + 0x393953bf31897eb8af71a7e2da2f54ff,0xe00f394b3ec3224c79e2f58cfae1adb9 + secg/secp128r2 + invalid order = 41 + + + secp128r2/13 + 0xc6d0c8da6f4bc61f11189fcd9594f77a,0x1f4cfa3a686b6c0f973f0ed9930463f2 + secg/secp128r2 + invalid order = 43 + + + secp128r2/14 + 0x73bea969fcfb1ffb24613086be8358c5,0x21da27283e46686d0b98b7566ef53ac5 + secg/secp128r2 + invalid order = 47 + + + secp128r2/15 + 0xa638b22af15bbef2e7b2260d96b84546,0x341ad7e104e47f7a330c5e3f79642af6 + secg/secp128r2 + invalid order = 53 + + + secp128r2/16 + 0xc2b4b8cdadcd9a6cfe3e1948bbd9cb1f,0xd8cc8b3f8ac17143f24226e3dcbc787d + secg/secp128r2 + invalid order = 59 + + + secp128r2/17 + 0xf8d91c30849157dd24629c59c6912e2,0x9ffa7b719eea1b279dd5681fe454eb05 + secg/secp128r2 + invalid order = 61 + + + secp128r2/18 + 0x94c904d41ea62e7440f98962d1c80371,0xb8144b38503ef44f184af716f2a01a33 + secg/secp128r2 + invalid order = 67 + + + secp128r2/19 + 0x1557e024a448104f339207831178db16,0x652f887463050272d6ddf672ea2df247 + secg/secp128r2 + invalid order = 71 + + + secp128r2/20 + 0x1c1baddf917380fe6d14e7d1b0a674a5,0x379a0f91ccc369382db8ff82191816db + secg/secp128r2 + invalid order = 73 + + + secp128r2/21 + 0xeed103435a0965a8f3c8fbd8cda3e822,0x7ba6c76124e141c1dafcd144cd1bc57e + secg/secp128r2 + invalid order = 79 + + + secp128r2/22 + 0x9e1ee15f2eb3538a3f7e8afbdb9e27a6,0x54e2a5ad96b37b394557a9570e992ddf + secg/secp128r2 + invalid order = 83 + + + secp128r2/23 + 0x8d1ccc104012cf8e37a824ca4914032a,0x94bd8e7087db9ada99e6bf15d04ed78a + secg/secp128r2 + invalid order = 89 + + + secp128r2/24 + 0x2bf3480db70e7af290e311c498b11be4,0xc29c188ea2f6894d94b8cf1429e48b32 + secg/secp128r2 + invalid order = 97 + + + secp128r2/25 + 0x3ede10fec5fe5bd643eb1b7a6d9445c5,0xac8bd2e6e32640d6657b141da3cb092b + secg/secp128r2 + invalid order = 101 + + + secp128r2/26 + 0xb23e5345e832b6dc87f6ea858902ca5b,0xe757cade5d9c055f85f489f251af5613 + secg/secp128r2 + invalid order = 103 + + + secp128r2/27 + 0xa5c73efcea40fd746851c482f691119c,0x1acb457e178db88089ab51a4f69fb33c + secg/secp128r2 + invalid order = 107 + + + secp128r2/28 + 0x6f47817e69dbd24f332db01e60feff56,0x1a2fc53fc28e27043f45c41a81fde9a7 + secg/secp128r2 + invalid order = 109 + + + secp128r2/29 + 0x662a6e0658f7a0e801ccc80d12e0d292,0xa14713be092caf8ac531c16380669279 + secg/secp128r2 + invalid order = 113 + + + secp128r2/30 + 0x153268ca20a65041270e6da154329b61,0xd68832ccaf75e9f871479f14e2dafd1a + secg/secp128r2 + invalid order = 127 + + + secp128r2/31 + 0xede87533092f1fb73d97187da65a393b,0x77698bfdcf8e4650a8aa3fafbb6da468 + secg/secp128r2 + invalid order = 131 + + + secp128r2/32 + 0x39c1a157c41b9d551f0f58d442dbba64,0x8ffc18748b501946fe5d80c43461f1d6 + secg/secp128r2 + invalid order = 137 + + + secp128r2/33 + 0x7bfa6d93115008add78597c1b830335a,0x7f2aa9e8a7af23aef2acb8cb100d9c34 + secg/secp128r2 + invalid order = 139 + + + secp128r2/34 + 0x43cdcb5660d6148fddf7855a7db3dbb1,0x6c01fbc7b931d5c54903b71498ba6f7f + secg/secp128r2 + invalid order = 149 + + + secp128r2/35 + 0x53a7b377e672a95f65a0f34e935b02e4,0x512a28fe69af7a5755dcfce74165c48f + secg/secp128r2 + invalid order = 151 + + + secp128r2/36 + 0x86e757edeea30b3e7e09cff0f82f6481,0x9afc1a981aa977fa2675a147cb5703d4 + secg/secp128r2 + invalid order = 157 + + + secp128r2/37 + 0x896bca3b08cf8ffdca62c87da3991ab7,0xbc6c6a1b52e2d1c5361a5936f5588cce + secg/secp128r2 + invalid order = 163 + + + secp128r2/38 + 0x5da356b24c0972896e7c2518afb3c320,0xa8fc3d971ec9b3c374868d27792bdaf5 + secg/secp128r2 + invalid order = 167 + + + secp128r2/39 + 0x43fbd097eff5eb2b77d3f5957af064b1,0xb71b37a403e65d26b8ecbd27269bb269 + secg/secp128r2 + invalid order = 173 + + + secp128r2/40 + 0xf7a67fbe9fa495695401e9c246fedc00,0xce57681c8c471c3e1babb70ab9a9952a + secg/secp128r2 + invalid order = 179 + + + secp128r2/41 + 0xd735a727ba41e6d3753cce00c1ea007b,0x63bdbd5a4ade1dc01eb77fd56b23d339 + secg/secp128r2 + invalid order = 181 + + + secp128r2/42 + 0x4f82fe24186364444bc27ff0d0239eab,0x49adc61a23f19bdd332604493244a203 + secg/secp128r2 + invalid order = 191 + + + secp128r2/43 + 0xea851216f1114aad7407d63e47e57bf1,0xab95a188631623d7f4ca852f8e7046e2 + secg/secp128r2 + invalid order = 193 + + + secp128r2/44 + 0x4777487133821bcf67bf5d43d12264cd,0xb4560ca7c3bedb6d21921de955462fb1 + secg/secp128r2 + invalid order = 197 + diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp160r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp160r1.xml new file mode 100644 index 0000000..10fc5a0 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/secp160r1.xml @@ -0,0 +1,325 @@ + + + secp160r1/0 + 0xc0cfe6c13bc5460e2fbd931342998c35e62658bb,0x0 + secg/secp160r1 + invalid order = 2 + + + secp160r1/1 + 0x833dd617288ae10a4f9e99c8a07ddbf6ccfe79d2,0x49d0549029f8289b5edae90adb683b342e3b20b6 + secg/secp160r1 + invalid order = 3 + + + secp160r1/2 + 0xbf318058e56dfc9b72a7b3c7eae2ff9cf8bbee57,0x72d2de5db2b4ac76f350cdafa0e0307e61564183 + secg/secp160r1 + invalid order = 5 + + + secp160r1/3 + 0xe78ddf367e2ebe7fe072feccd36211dac465d7bd,0xcce0eabb34a6a93a3d21ba92f262bff114623eab + secg/secp160r1 + invalid order = 7 + + + secp160r1/4 + 0xc38e88357677e2476dac909c8f1acbd3e2a268c7,0x5d6d01948a3127bc0debf1b2c78bf36a1ce43934 + secg/secp160r1 + invalid order = 11 + + + secp160r1/5 + 0x92e841552d45365c8105205fe5597874f482d79,0x14c61971092c78ffc9d5e121a495f9d42d52af51 + secg/secp160r1 + invalid order = 13 + + + secp160r1/6 + 0x962395a9a49b238ef65b235a2272328ce5aadea3,0x22ae736863876e7ff387574c65b25fb293f7b10a + secg/secp160r1 + invalid order = 17 + + + secp160r1/7 + 0x21bf7455ca142c7c6a59c24cffe65b6aa6dc42cb,0x972dc2bba67209a47ce309c86862688e31bdf5f + secg/secp160r1 + invalid order = 19 + + + secp160r1/8 + 0x2d69e72509b72192f75091bd3dcd412713c881a6,0x8d04b92d51d65f1103031fd951ad5f70d8986e0 + secg/secp160r1 + invalid order = 23 + + + secp160r1/9 + 0x69dae7f00c8d25007b27e23a2b6cfb8ab5859844,0x3f3662bea415535a1d9059585ef120a95a74c923 + secg/secp160r1 + invalid order = 29 + + + secp160r1/10 + 0x58747d3661858147d7a68edbe3f001342378d9a0,0x35dc2407d6cbc92813b39ef7f8a8d2743de4d342 + secg/secp160r1 + invalid order = 31 + + + secp160r1/11 + 0xb291eeb5b4c9a8240bfb672a6838c4bf38e8e6e3,0x1be81f0289e9faa5027776a52bb054d3ac5f3e31 + secg/secp160r1 + invalid order = 37 + + + secp160r1/12 + 0x930e2757afa9a264665b753c762fa0b4b6084990,0x893c1bf1084f1f384a114a6b483ddea912923672 + secg/secp160r1 + invalid order = 41 + + + secp160r1/13 + 0xb2641259edffb9cb54caea462cbc5cdacd1ac685,0x915dd4fd7733af2062866a520d39bdb6cf55ff7e + secg/secp160r1 + invalid order = 43 + + + secp160r1/14 + 0xfd6a6a6deb0134ec725d1f52e604b952865c1e85,0x92c3b313ade6221202acb02f652450860351eb7d + secg/secp160r1 + invalid order = 47 + + + secp160r1/15 + 0x1b1c4b971c4de50f2d20b711de8fa02bb9a9ea3f,0x9a094c3960c7476b9315ef0cd8d1c9533c1910a3 + secg/secp160r1 + invalid order = 53 + + + secp160r1/16 + 0x83a9558df2fcdd657b15382be29d0c203936dc65,0x84bfe85c0b7f27560f4294c493090da840f8ea87 + secg/secp160r1 + invalid order = 59 + + + secp160r1/17 + 0xd0960a7a153fc358e86f6044681a05ba8bc9f431,0x430225547258f8fec4a8b453cfc393e97e70b40 + secg/secp160r1 + invalid order = 61 + + + secp160r1/18 + 0x34543b4e13057e80fd365836b8a5b5a6cf17cb52,0xbffa403c6903ad0d7f0d6aa4e340f3460a69a29a + secg/secp160r1 + invalid order = 67 + + + secp160r1/19 + 0x716712d3f319d28e98c184ebefa0cc9ca6af4434,0xbeaaece3c91ae17936479896abddc4392a52422c + secg/secp160r1 + invalid order = 71 + + + secp160r1/20 + 0x5b1102fd80d4a9e2eebe68d4ef09405cbc7730f1,0x11d8283e4bcd5e2ce76f48de8a6bbdb4426b78a1 + secg/secp160r1 + invalid order = 73 + + + secp160r1/21 + 0xdf8c4cba0cf63d1a27d41bb3d74da1b4951659a9,0xb476ac5af20a2cd9f67fabfe3b857bbc71f4e479 + secg/secp160r1 + invalid order = 79 + + + secp160r1/22 + 0xae6ae7fcc5ed7a0fdf86f6bf1e57aa311fd6e3a,0x47fab4fc9498882999fbfc3c5530ddda857878d4 + secg/secp160r1 + invalid order = 83 + + + secp160r1/23 + 0x672ed995101d5b52c4c2f1f48a66976ab0553f54,0xe2798c84e1b7f4cb0388220a46edfd1e9e5843bf + secg/secp160r1 + invalid order = 89 + + + secp160r1/24 + 0xa26ccaffb446d5db27a6248fae84eacf8fd984c0,0xc1041d8f4c4ae589d4c9adcbdde8156da94e50af + secg/secp160r1 + invalid order = 97 + + + secp160r1/25 + 0x43531be7233b38b2b6791abe7f86916d791de2e6,0x33c3ea4e30aa1d2add594d50ef70a1c87c47bebd + secg/secp160r1 + invalid order = 101 + + + secp160r1/26 + 0x3b3e9a7bb0bc796156f03cd5e247b6adf8d54d99,0xb9fdadd7153400b8c6fa546d1af810acf8809e36 + secg/secp160r1 + invalid order = 103 + + + secp160r1/27 + 0xcd138cde1452f22a0425faea5b7c75b75531af20,0xe1c29456aeb566bb6556fc3ca178381b08ef43e8 + secg/secp160r1 + invalid order = 107 + + + secp160r1/28 + 0xbaf914398f52636eb4cd1ef8234938166d92e708,0x777946c7a5c354c31bf149c8bd314da4c0facb5b + secg/secp160r1 + invalid order = 109 + + + secp160r1/29 + 0x84706f3bda98906ad4b760b4c70b3a48fedd8946,0xf775d63085665e87a634d59852a49e038bbb460d + secg/secp160r1 + invalid order = 113 + + + secp160r1/30 + 0x8c891d78027199b1c628ba92dae118c48dc2a02e,0xc24f0183bbf72703763b8fbc8e02a93e3ec6643 + secg/secp160r1 + invalid order = 127 + + + secp160r1/31 + 0x82b5463506dacbba36988f7efe002ccf29b37f4a,0x6962500ba3044127859b8e3f30c228d3172c18a8 + secg/secp160r1 + invalid order = 131 + + + secp160r1/32 + 0x114587eeb96763a95baa219e8e5bdbc8999d830d,0x3b2eb3878376a0128d6cca8fcb94a502196f43a8 + secg/secp160r1 + invalid order = 137 + + + secp160r1/33 + 0x96469f016db393336aa90fbebb92f82fb139188d,0xbaa5d167e50164790ebaf064e06fcfd05ccbeece + secg/secp160r1 + invalid order = 139 + + + secp160r1/34 + 0xd3ccead57a943a1d4836e95a73a2b8e0511ae386,0x4c43987fcf5b62eb83c77c1dd4dd9e9b9df92906 + secg/secp160r1 + invalid order = 149 + + + secp160r1/35 + 0xe9642822321a8e26454bf7026870fef35c31b8f0,0xebb9131b1440ef344807bfdbced2678fb35f16e9 + secg/secp160r1 + invalid order = 151 + + + secp160r1/36 + 0xd2a55bbaf224697b9c2945a046e5433cb300216e,0x75a695363f61ecfda45d3626d17ddd2eebc9685b + secg/secp160r1 + invalid order = 157 + + + secp160r1/37 + 0x96c29a0df5b40c161811e4d7daa72e1ea918e2b0,0x155b8b6ec7a647840d02bd45fea9dc765e5b5fe + secg/secp160r1 + invalid order = 163 + + + secp160r1/38 + 0xc794d9c58be7a4f0e949056b94fa1d9aa6b1c24b,0x2bd416df233d630a196a27f922f5a3b2edd48635 + secg/secp160r1 + invalid order = 167 + + + secp160r1/39 + 0x2d8edbf75cb446acf73461f4342c598d9f21d7c,0xeda4148d6daae6cebaf4adf03a65eef569a76baa + secg/secp160r1 + invalid order = 173 + + + secp160r1/40 + 0xd4f98c260a1e596b73d3e04efe991660e8f26888,0x74cadbe00913e2d3a99c1c2773d15c1eff7a6199 + secg/secp160r1 + invalid order = 179 + + + secp160r1/41 + 0x750f72e3b1b370c2af6e05b246f913d20d5bef05,0xebabaf69708e332beb9bce2594157f4350a5444a + secg/secp160r1 + invalid order = 181 + + + secp160r1/42 + 0xdeb89226667fe62755b8173c390b286fade4f20d,0x27f2ada1d097f055396d853faca156d46e35afae + secg/secp160r1 + invalid order = 191 + + + secp160r1/43 + 0x5696b02a140422770dd88618f18d5a24e34c9049,0xff2fe6d8789db776d2379d76d39db4b52d75fc86 + secg/secp160r1 + invalid order = 193 + + + secp160r1/44 + 0x9332eb605bcbfc193da360069c2e4ecb8309008,0xf3a2c4839f590128ef53ef58fb59edfbd823571a + secg/secp160r1 + invalid order = 197 + + + secp160r1/45 + 0x87813efaed90e9939f539e490a532de2db7f48d4,0xea955e5137034cfbf438e0a01a3e3c49cc8ccc58 + secg/secp160r1 + invalid order = 199 + + + secp160r1/46 + 0xad6509135946353e86366cd0b990740704dfc359,0x90bbc73737e1e9a0adac9fbb8fa53f9435d512aa + secg/secp160r1 + invalid order = 211 + + + secp160r1/47 + 0x8c33dee7e1a978c9f9cd5666c0a20179c31b7f9e,0xef023633c2e8771ee4118a4f8b35898af97b321e + secg/secp160r1 + invalid order = 223 + + + secp160r1/48 + 0x6b6c4dd46c55bb8ca886dc038a51208275139fcc,0x10c87e4e5df63ef4383e134ff6317ec9dbf32e4b + secg/secp160r1 + invalid order = 227 + + + secp160r1/49 + 0xf95d63df4dd60af0bebf35df91da09f23bf6227a,0xe3b2340ee59177bfd3afb19e03e38b28397055a8 + secg/secp160r1 + invalid order = 229 + + + secp160r1/50 + 0x947ede3f9f0a8bc262e5c07e30d65665e5b844b6,0x395d63bb0ff9de9cb0feabc0fe1dd6dca4b8571 + secg/secp160r1 + invalid order = 233 + + + secp160r1/51 + 0xfab92db5188c3dc224ee77b6b315528f22d85c98,0x70bc29bbb1849c432832b63d047cd4fb11edd538 + secg/secp160r1 + invalid order = 239 + + + secp160r1/52 + 0x2c1bcb2bd9ef53b71cfe4a08c47147686a217995,0x4b37ab9cf59027508e6cc669f3baaf20ab62afc1 + secg/secp160r1 + invalid order = 241 + + + secp160r1/53 + 0xc70ba850f1fc3d7d83f4458194465c5b58f3a9be,0xdff35fab8eccf87802bcee31bcb032185ff57cc5 + secg/secp160r1 + invalid order = 251 + diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp160r2.xml b/src/cz/crcs/ectester/data/invalid/secg/secp160r2.xml new file mode 100644 index 0000000..596fc6c --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/secp160r2.xml @@ -0,0 +1,325 @@ + + + secp160r2/0 + 0xc6e84ac83f87603a1d57367f565e1af3b0cdcbc4,0x0 + secg/secp160r2 + invalid order = 2 + + + secp160r2/1 + 0x679008c7f73ba2fd092cd625ce949fac0c40a42a,0xf9e2032a5394c20d0103a5354520e24ac57d0ff1 + secg/secp160r2 + invalid order = 3 + + + secp160r2/2 + 0x6b29c97caef3f1789927d0249374cdf947f3c57f,0x5dfb20322462e9ad1f269fefb3c4d506e33d7287 + secg/secp160r2 + invalid order = 5 + + + secp160r2/3 + 0x3b97459cc78d9cd1365d02db00c09644c599741e,0x37e010a66a7cce9e110f2d0db05f87b8e5310424 + secg/secp160r2 + invalid order = 7 + + + secp160r2/4 + 0x6c7ee5335cf5d6ae3af880dffb9c65adad1b4b30,0x44c1506727b99bbcbda5641b5c331042d0f4c516 + secg/secp160r2 + invalid order = 11 + + + secp160r2/5 + 0x1e7216915613480077c0381287be4904291915a3,0xa958ec774c031e88ac21bb297700c2444e385ab + secg/secp160r2 + invalid order = 13 + + + secp160r2/6 + 0xca164d8f442a24d9645ba67dded0604e5e999270,0x2ed3c67f8fa41eb7088073eeeeed9aa868514695 + secg/secp160r2 + invalid order = 17 + + + secp160r2/7 + 0x78066f1d19e638cc130d07f1f7ff0ceaa650e0a9,0x51f38ba21fb40f0aa486daf7bcf34d3c7199a22f + secg/secp160r2 + invalid order = 19 + + + secp160r2/8 + 0x3dbd60624d59786f152c708f3118e7612a530adf,0xbbd603781f827c45e811e469ad633334cc3fe53d + secg/secp160r2 + invalid order = 23 + + + secp160r2/9 + 0xe04b0d49bd17dd1fcda82f78f150ad787c2256f8,0x472c3237c80ff56199f3e5b88c939546a41899a + secg/secp160r2 + invalid order = 29 + + + secp160r2/10 + 0xacc669ca04ee2c9d5793f0bcbae73a18a26eaaee,0xc28a1ceca057bd9f79440df44533c49dcad903a5 + secg/secp160r2 + invalid order = 31 + + + secp160r2/11 + 0x6984f513fadfd4881af98a1c6e086afa7d1d1bf6,0x8ba7d97b6a5059a3f28a012ba154789cb7bc4a85 + secg/secp160r2 + invalid order = 37 + + + secp160r2/12 + 0x78721a9aabeee3792b21e600d375c4313cc51fb2,0x5e3850909d825cd4e3c7f3e17fc649bc0b490d14 + secg/secp160r2 + invalid order = 41 + + + secp160r2/13 + 0x5f5fceb3e8d6222035f5c49d1c6ff6d80dd8b761,0xd66132032abaf91e3b44baec9590219532995126 + secg/secp160r2 + invalid order = 43 + + + secp160r2/14 + 0x4ffdc28afab1ce2c46bc6ff004e1ebf44074b483,0x95d7d43ab573bf24c95f90372209e23b2b4ca6c0 + secg/secp160r2 + invalid order = 47 + + + secp160r2/15 + 0xd6b5faa063b7d4c1aae975c89b13320547f6b092,0x594ab3c14b89764318949b5c492cbc89cc56cb6d + secg/secp160r2 + invalid order = 53 + + + secp160r2/16 + 0x8f9a658baaa49a2fed9db4307ad9b63bd547ed58,0x480aab0e865c0b2718cf805a633fffb8e164eb0c + secg/secp160r2 + invalid order = 59 + + + secp160r2/17 + 0xd67c52b4908a05b4df86c0c2329f6adc26d9f9a5,0x3158efb6b968ce82adfa2a586e1241eeee75859d + secg/secp160r2 + invalid order = 61 + + + secp160r2/18 + 0xf12ca0c97ff421855769c23bbee55ee43b38e010,0xb807e19c29717bde141535b5380c527319d7a52b + secg/secp160r2 + invalid order = 67 + + + secp160r2/19 + 0x91f2b1c06d0a7dc7e634b1de92aed4a929613efd,0x9d3dce0e3a0ed94f0e16a2275544fa01bcdf3110 + secg/secp160r2 + invalid order = 71 + + + secp160r2/20 + 0xc878caa9b643039ff758af0505a58810ba70f67c,0x57f6fd4133c82276cd6807802a5da7374f432259 + secg/secp160r2 + invalid order = 73 + + + secp160r2/21 + 0xdb7f0d2d8aecb1f0878aa4b189325d9585b6d41e,0xc774a4effc83552d7429142c26f1edd56d4e3cd + secg/secp160r2 + invalid order = 79 + + + secp160r2/22 + 0x4d13bb52748b197436f0393eb63cb3d157d43166,0xaabbc377a28040c9198d8747f3b80deb274a79fc + secg/secp160r2 + invalid order = 83 + + + secp160r2/23 + 0x3994dcd38714aec53fdeaed659eab5dd9a5e596f,0x506557507dbf46c903c006c024e0aa5e73ef27c2 + secg/secp160r2 + invalid order = 89 + + + secp160r2/24 + 0x1bced2defc53496b0d5df32f2eeea5223e26743d,0x891db7d17f24bab45f7f9cde87cb7ca496a941 + secg/secp160r2 + invalid order = 97 + + + secp160r2/25 + 0x975141d578e13cef5d31b788f78d3d9c34cac180,0x478811020027f6edacd60797de81bb15f1888240 + secg/secp160r2 + invalid order = 101 + + + secp160r2/26 + 0xeacd1e489107f9fb7dfa5fd3fa2fce4eba195b55,0xdbd30f20716ac291098292f2d521173498251e43 + secg/secp160r2 + invalid order = 103 + + + secp160r2/27 + 0x4fb5f938f76f9c60f15a5ba60b6c10955609bb7e,0xe2f1db92c5b6759d8c4c13728d8d0d1d65344220 + secg/secp160r2 + invalid order = 107 + + + secp160r2/28 + 0xc276679d7d6341bf59fcc6052545d48e7a50bd1b,0x843c8a4b7e380970effa3881de9a8696c71afce0 + secg/secp160r2 + invalid order = 109 + + + secp160r2/29 + 0x4d9cd970c3c6d9d95569f6992f55b133eed6d2e,0x22f743b5121876787d91519d3571014a974b5bbc + secg/secp160r2 + invalid order = 113 + + + secp160r2/30 + 0x5a67fc1e78b4558f874f54474619453ebda72167,0xc2ac1ace98d48ccea6547d7f63437e25eb6e16a4 + secg/secp160r2 + invalid order = 127 + + + secp160r2/31 + 0xa02721aba43d077b00c0b840b4d220015ac95f95,0x3bcbc95611d2a3abffaecd07aca0fdb2e6bd6572 + secg/secp160r2 + invalid order = 131 + + + secp160r2/32 + 0x54640ed44ed47408dc940f0b7927135f08156032,0xdf1f03195bfd64f86217e23314b9c32fa36d80c3 + secg/secp160r2 + invalid order = 137 + + + secp160r2/33 + 0x9f34f052e51242db1e02eacdef0368407e7ed6a,0x2357e99d4b1c4317c5897d8f4b49b8d4ac538c80 + secg/secp160r2 + invalid order = 139 + + + secp160r2/34 + 0xdc236536c107b6398a36557d355f2081d3ed0b50,0xf08b93fa3927ccdfff47e532653b95d06abbd98e + secg/secp160r2 + invalid order = 149 + + + secp160r2/35 + 0xcce7dc4979d1a62a0b727845080f6110f6c04291,0x481e6f382e28c00a0c6875319a8c68d339ef7da1 + secg/secp160r2 + invalid order = 151 + + + secp160r2/36 + 0xdfe249a860271e6a8cdb3394c84c3ccdbaeca21e,0xa869c2f188c76931d217058ba213f58c9e624905 + secg/secp160r2 + invalid order = 157 + + + secp160r2/37 + 0x3c54495ae78d30eeba044e74b4a16a1b2e346dd,0x4bef711b01e38128af6acbaf06944aafc5942a61 + secg/secp160r2 + invalid order = 163 + + + secp160r2/38 + 0x87dd1c39f3578808e242d707d9c634afc9c43afd,0x15f60903697d8a89f28b12cf28d6d26fc3f472ac + secg/secp160r2 + invalid order = 167 + + + secp160r2/39 + 0x165e67a242a10052e28162ea0ab6f76fbf6b5f7e,0xd7df96d6142a1f1a754951566f0acef3d0956010 + secg/secp160r2 + invalid order = 173 + + + secp160r2/40 + 0xfb1513c478cdf76ff224e13e0a0608141dd91a39,0x4552d3caf3393787cf3617db537902d2977977da + secg/secp160r2 + invalid order = 179 + + + secp160r2/41 + 0xdfa389c12fb0b92f7244783245d56aa0f38ecd11,0xf0ebf6f2e6792f104e8c5ca57dfc42a7b0d5a005 + secg/secp160r2 + invalid order = 181 + + + secp160r2/42 + 0xb29ec316293d35197db3147c7768b98546b2d3fa,0x5a0f0bb21208a50540ffeb324569c4a7b2e46c65 + secg/secp160r2 + invalid order = 191 + + + secp160r2/43 + 0xc448782e0414fa50128c0e12e74d58dd3c35e06b,0x766f356eae72ff39b34d28dfa8c348608f04229c + secg/secp160r2 + invalid order = 193 + + + secp160r2/44 + 0xc3485829fcb74a61c7890e019f9c2620f71ad274,0x56a4b91b562e0f7c0622587d84169ff6a7aea862 + secg/secp160r2 + invalid order = 197 + + + secp160r2/45 + 0x688e9a0a22fb4a20000b80d9844bc8ab27498ee8,0x1febed83f57e0a64d6ae27f05009718862600bb1 + secg/secp160r2 + invalid order = 199 + + + secp160r2/46 + 0x34cb67f2c15cb355f1d216ddcd44e5196ec691b8,0xac138a13b452ddcfe220643c271ec6f94472f808 + secg/secp160r2 + invalid order = 211 + + + secp160r2/47 + 0x40fa484b10c4bda29892a89ba126c00d02f42b76,0xc6908b23c981b7db33446711cabc98da928947e3 + secg/secp160r2 + invalid order = 223 + + + secp160r2/48 + 0x8cb4ce8ea3b13ce42127f816bbde2d2f56188d78,0xe6eb08d609f290956595a4262a743bd1b8e3b613 + secg/secp160r2 + invalid order = 227 + + + secp160r2/49 + 0x8a5a9e37eeb6de27c9d99bdb25f1626f79475c04,0x33bf1bf9c27a5a59b119f0d6088727134303a0cb + secg/secp160r2 + invalid order = 229 + + + secp160r2/50 + 0x5bb249ef8eee1ddf794c01edf599f17e5e2cbf07,0xc058a4694891181014fa3afb5f906f397f27c70f + secg/secp160r2 + invalid order = 233 + + + secp160r2/51 + 0xf8dbe5cb801e0ac5433c6792afecf8b244e1e6a9,0x12ca3ddaaaaaa0c2faa4b3555aa686b4f33b218e + secg/secp160r2 + invalid order = 239 + + + secp160r2/52 + 0x42b04beb4967d5612a957939f6e259d43611c9a1,0xe7e7324b1046059d13ef5a53922dadd00b438013 + secg/secp160r2 + invalid order = 241 + + + secp160r2/53 + 0x3c9bdc58ea12673309a433162522723c45082e39,0xf9aade7f0b78731d7c4ee45a0e59235f9a2dd4f3 + secg/secp160r2 + invalid order = 251 + diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp192r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp192r1.xml new file mode 100644 index 0000000..151189e --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/secp192r1.xml @@ -0,0 +1,373 @@ + + + secp192r1/0 + 0x5dbd30be3f1e5b0fff852abbb3db1a0c6a41e5af386acc2e,0x0 + secg/secp192r1 + invalid order = 2 + + + secp192r1/1 + 0x27472c162e0e76ed439a7dac0f42c907e958471fcfa040c5,0x88056e9bf3b909d69fef8239ed91e8aa57b5ad3be79f9d9d + secg/secp192r1 + invalid order = 3 + + + secp192r1/2 + 0x297d7c712a5571fc822fc0f0130af1a2b8410be85bb9635b,0x36042c7f37872777957db18355a8f843551372df96dce597 + secg/secp192r1 + invalid order = 5 + + + secp192r1/3 + 0xe099561b090c1b5a60c8181d16f1d9ff28aafab9f2bf0a05,0x935873370296e948bf9d2c281a86d9094bbb2102b2d09fe5 + secg/secp192r1 + invalid order = 7 + + + secp192r1/4 + 0x31516fb8d150ef6223d5bc30e4b0a7b27dc040df947756d1,0xebb5133a70336aabbbb1751b0cae679d8bd6a221fe43734e + secg/secp192r1 + invalid order = 11 + + + secp192r1/5 + 0x7ff851e2e594729c4d826ecd4e5c0a5647151cda6a3498ae,0xfccd1ad5544abe3dbe1ddc50d497e13a5ae5c33e898ae38 + secg/secp192r1 + invalid order = 13 + + + secp192r1/6 + 0x5250a12af280ba03b74a516f1b546d8ce3d15e6bc588afd6,0xe7cc4af235199d7de57d6b5dfb2f87579d7f57d06155f786 + secg/secp192r1 + invalid order = 17 + + + secp192r1/7 + 0x9382d9979537978153b818adb0b1474c98343650ff18b836,0xe4c801b2e1061f2379ba72120417b127a5eb21b71a75c871 + secg/secp192r1 + invalid order = 19 + + + secp192r1/8 + 0x5cb4126d25fe31705acb7a317bedadaeac670167f52dbc5d,0x6a88653e29f2e445aeedef2cddd3767dfae142537fc2292c + secg/secp192r1 + invalid order = 23 + + + secp192r1/9 + 0xffdf9041646f645ab1b84797130a4e3e0a5780ecae2a6b9c,0xde20499f00512b8e8f0d6e508d96a7fb1a8a21b1b4f14469 + secg/secp192r1 + invalid order = 29 + + + secp192r1/10 + 0xfedd6143d5ef3546db6a88892fd35c89ee1b9df8f55a2dc6,0xdb6e11404a9b81e1b4aee8897c57b17de1e1f18c3a22ecf7 + secg/secp192r1 + invalid order = 31 + + + secp192r1/11 + 0xc665a0fbcf3da70e0d2e218b61dffa1a3c047ffc994a8fcb,0xd7945666c95d32ca3e76bb5759dac8c5114786a03e9a4b14 + secg/secp192r1 + invalid order = 37 + + + secp192r1/12 + 0x53e006798bbc4019336bc22391dc3d56dedd4876f99dd93f,0xcec5bc9528c4ef6ad6b48b09a1db687758992883c4c4e1ca + secg/secp192r1 + invalid order = 41 + + + secp192r1/13 + 0x4dd07a7938b8099d9db84d8a5ec2211892eed59f0576d7e3,0x250b9d862aa0c2a174566cb5ed7443f101565959d7568f86 + secg/secp192r1 + invalid order = 43 + + + secp192r1/14 + 0x890c2dc529a8a7bc314f06945ac95a875877bb3a8dae8fb4,0x36098beaf2700988e796d94ec7c63814a725fa9ba95dd811 + secg/secp192r1 + invalid order = 47 + + + secp192r1/15 + 0xdb25c8e2d10b55ebf5417f97511c871c900a5e76f9a8c1cd,0x25876aec0aa8be10ab960f43d51cff56c2c9b2f4fae6607f + secg/secp192r1 + invalid order = 53 + + + secp192r1/16 + 0xd110ee7f0a25877f8e34d122e975e3f91d6cb380edb8bca3,0x4a84aa3e5c5f03cc5813457bebbacc4292df1d99f661316d + secg/secp192r1 + invalid order = 59 + + + secp192r1/17 + 0x886522837b4397bdefacca064d2c05e7e45f5254006fc044,0x9a2f290741b55107784cadfba91975f72e5b4db4f3995bd7 + secg/secp192r1 + invalid order = 61 + + + secp192r1/18 + 0x34ac4302f1892c0280634f8c01d42ff79d61996c533346ac,0xd97b431305dbbafb7d3ccdec0e40820d2778b27f327930c4 + secg/secp192r1 + invalid order = 67 + + + secp192r1/19 + 0x2015152da4a67804da55c607b396b218ba7bee715c79e667,0xf84a3dc8d2da8f2831fb1866389c63f73beb0f475af1a165 + secg/secp192r1 + invalid order = 71 + + + secp192r1/20 + 0xf5262b2a11c6ecec7736ebf3ca4fdd30d5f4a2bce409490e,0x2823c1c5e51db72bec6d02ef9c6e1d4f87a46175bc9b6e49 + secg/secp192r1 + invalid order = 73 + + + secp192r1/21 + 0x870c9a3146fa0ce54f033214490c0bb5b3d856e719320a3e,0xc444ac22b325d17d52537399257f169d5f157edfb5c9c46 + secg/secp192r1 + invalid order = 79 + + + secp192r1/22 + 0xd93a312970b47c1df6ac33d41c2b42e8f70e6d882368ca88,0x806c68ff482f1a163ad2ab24b193312997c0b24b8ac51193 + secg/secp192r1 + invalid order = 83 + + + secp192r1/23 + 0xc011215a1386fa44657de71dad92a73674054a94047e27a4,0x608f0afac971b1ef183c364a218d0cbe18c0da98fb1d59af + secg/secp192r1 + invalid order = 89 + + + secp192r1/24 + 0x81c41c99457f44f65913ab53dd2518e082a52d3826d2dda9,0xb54f5a2d43f127ea0ce8824fc0da310f28d2be55b872424 + secg/secp192r1 + invalid order = 97 + + + secp192r1/25 + 0xcf9f5610b43bbb66359afe52cf7d727c9f6f88bf99bb7078,0x9bbb1fd21341ae87003a4236d3e7146a46444cc9a023d244 + secg/secp192r1 + invalid order = 101 + + + secp192r1/26 + 0x41ceda1b6efa5ea06f59079c46a39f5ea19f05893290038b,0x2002f8e70269e4b5a5b671a150f9b08aafbbafa4a28a44ae + secg/secp192r1 + invalid order = 103 + + + secp192r1/27 + 0xea7c99856512d64a6c1e43e1d066114e180655283ccf0e69,0xc3ae813876df54418a47825959e2904280a3871645606875 + secg/secp192r1 + invalid order = 107 + + + secp192r1/28 + 0xc3dd8843fdf80a6c424528c85255f2c59eec6fd2d313acea,0x794a3b45c08b0957ccf69fc39c5ca8b6f135e5c82e560a43 + secg/secp192r1 + invalid order = 109 + + + secp192r1/29 + 0x47be9dd14d55a2069b04730ea7628d2739740b3999ee6846,0x2f18146c7a78083ca1d1ca9978d75af77632fbcbfd03ce57 + secg/secp192r1 + invalid order = 113 + + + secp192r1/30 + 0x1a34305277ba9e4f8dff43c35e7557b9c7bb97d8e67a9da7,0xa2f9cbea69ca159fba5b6e01a387505bcdb95a5b3972bb08 + secg/secp192r1 + invalid order = 127 + + + secp192r1/31 + 0xb39e730b44bd525045e16b1b9b4f1766b1d2e2340b78b692,0xabf0948fa33620eab7ddcff9fe676ab35d0aea9bac1773e4 + secg/secp192r1 + invalid order = 131 + + + secp192r1/32 + 0xf95884d12150870f578a78923a6b60a04cbffbe8e58d5c53,0x73601c4164d571b35a32c863e10fcb3b2b5c504ee713d692 + secg/secp192r1 + invalid order = 137 + + + secp192r1/33 + 0x9bbbaa1c698f0fa1f7c0c8912fe6a7f87f0ac43ead7d84a4,0x48bcc716863c6c15f75d574a2b79330bec5335e997677cc3 + secg/secp192r1 + invalid order = 139 + + + secp192r1/34 + 0xa8e0b081806f2acf2bbd2b4ca84c5cf0ca4452d891ca033a,0x74343a3277d2d1482c9bc3671d2e1e7b3bdbe4405aeb5c0e + secg/secp192r1 + invalid order = 149 + + + secp192r1/35 + 0xf37d1e123fbb7ff80d094f270482b8464236cbda2a26945d,0x734cf3a2fbe1834bb9c836267114c60d36fc737c312e583a + secg/secp192r1 + invalid order = 151 + + + secp192r1/36 + 0x842316373947e06322066c352fa94051a1a208abd259681c,0x7adc033959285b7ef208c0715a103e5a90040ef1037cef6d + secg/secp192r1 + invalid order = 157 + + + secp192r1/37 + 0x199516beeef420d7bdec10ebbd3dd8ded2c7738f1335f3c4,0xfa48c94d024de59668bafe22b3e80051bc31db57644fd0ce + secg/secp192r1 + invalid order = 163 + + + secp192r1/38 + 0xed389a937e70f77dfaf9e214f9063bb7a688e1a9f03a421e,0x86da3e26f45ca5f091df93db1c09f1dcba44540af9188ce6 + secg/secp192r1 + invalid order = 167 + + + secp192r1/39 + 0xbb9354bb0b84eb538d9de70e493b742a1a4e415f1a2b7a3f,0x7337ea63b42d2e16eb9dfb8c3db27ad6d86e7861796b168f + secg/secp192r1 + invalid order = 173 + + + secp192r1/40 + 0xeb934b44f535fdc56d0a201df834420c64e0698414f2190c,0x779b428a8b4952c27d4717fd8dbc25c6bfae43519fc88d53 + secg/secp192r1 + invalid order = 179 + + + secp192r1/41 + 0x12b1b6eb0b4254fc0a0ec711cd9b3b58c8728b6964406045,0x73eb25c46634628c43c9c86452fdfbbb0498f91239f5d3d5 + secg/secp192r1 + invalid order = 181 + + + secp192r1/42 + 0xb62d5a04187c5fde5cdffacd2238991a273302857e253ef9,0x863d0f972905a1f4c4de9279a850a56700c47337b91b40c2 + secg/secp192r1 + invalid order = 191 + + + secp192r1/43 + 0x41bdf1cb89aa224868f07e1264e202f2bd873f68410f555c,0xbdf21af9b4b4a36260bf2cba95749da2320f09922f685faf + secg/secp192r1 + invalid order = 193 + + + secp192r1/44 + 0x670de2dc03eeafff1d046903116f87594f38fe04c5e87744,0x3fda0e3692a4d38fb99502aa87fcf628c8f8ffe40b3199de + secg/secp192r1 + invalid order = 197 + + + secp192r1/45 + 0x280d88bf3c2805bb80fe55970f8f08c7d1e85f1ef8f42094,0xe3bb919ebf416060acc6764b049f4830d426d4893eafa4d4 + secg/secp192r1 + invalid order = 199 + + + secp192r1/46 + 0x3d305fd148fc191067ee2a849ff67942d74094d83a4d09c4,0xdd3c6a1f10b97dcb2d6b9a67f1fa9bec3b8ab121891506b1 + secg/secp192r1 + invalid order = 211 + + + secp192r1/47 + 0x23938453082332fd57c2374c54872ac14d4c3d037f4c59cc,0x9abae254d8b3ead0e535a50cc1d7cd7398b988cd77b652e0 + secg/secp192r1 + invalid order = 223 + + + secp192r1/48 + 0x379070d950662d6b6ec8e8468c949892c1952110bdb9d1b0,0x2492d00cf85c4ff0dcc3da6cd1bc49ed58b72c82f776e813 + secg/secp192r1 + invalid order = 227 + + + secp192r1/49 + 0xbe1dbe1b810f97ca4ed6815ece79a609fa68367f8e7edf36,0xd59d9d928d657d60441dc6f036d39411a465174b1673429f + secg/secp192r1 + invalid order = 229 + + + secp192r1/50 + 0xb7bf7dd1af3102701ff30312566b7a09b2eb6f883d2bad39,0x9e2efd8be2b0d1c8dbe7e382bfbf60c70be2e1523820e212 + secg/secp192r1 + invalid order = 233 + + + secp192r1/51 + 0xf477da92061d0495d772c5f23710493cc64f26cc1837b218,0xff7dc6300eaaf184d5bb6f41c72f851364f9bac01d60bf9 + secg/secp192r1 + invalid order = 239 + + + secp192r1/52 + 0x233b2af2180efe04c42e3f46a6176757af55b4e476d0978a,0x8b2e9eca22c8f541df9720b5610860cdc8a205ad693451f3 + secg/secp192r1 + invalid order = 241 + + + secp192r1/53 + 0xc2a6d90c780bc2c7cd562ce57d22a34033348e159b8b624c,0x414cfdea7bb6f7058c4b86e1f2b4c7e5478ec63cd029af62 + secg/secp192r1 + invalid order = 251 + + + secp192r1/54 + 0x7f328cb98d777490d0694a4b00fe401c016a92bee0d301d,0x1f9d23be48389e174fbd388e749a53a5d5877ca32818603b + secg/secp192r1 + invalid order = 257 + + + secp192r1/55 + 0x6a6f673e6af49d51fa372cba24627780c198d8cd14521643,0x38fbefec62f1242d7014683d52a5617312395c7a69edd326 + secg/secp192r1 + invalid order = 263 + + + secp192r1/56 + 0xf112bab98c8aa7bdd0a1cf8dff7f00edd53c5ea6d8976c25,0xd946ab9ec4e4f24cd4515879ad71d0aed0d815728a7c99eb + secg/secp192r1 + invalid order = 269 + + + secp192r1/57 + 0xfd76f651c4c0ae480e285625561ba95102b145760932f9fe,0x9852d35b02b85fdd3a8cf92ddda59e0d212c9cdd55685335 + secg/secp192r1 + invalid order = 271 + + + secp192r1/58 + 0xb083d0c23a40035951d312e6fdcd1992368c571440be652f,0x50d622f84764022cf5dcfb29405cc0091c4567d5e8136b38 + secg/secp192r1 + invalid order = 277 + + + secp192r1/59 + 0x66c6ca260d1bd9c8534d7496925b6a26796696f66ca6909b,0xc588bb2a61b170b39961429f5f6e191e9d1557688b5e69f7 + secg/secp192r1 + invalid order = 281 + + + secp192r1/60 + 0x497d6a371020e946b1f913f41dd4c0f27773901368935551,0x9a45c2cb0b10e18bfd4963a177210a87bdc666cce1467a87 + secg/secp192r1 + invalid order = 283 + + + secp192r1/61 + 0xb7ff343789349a9063e0f35a5c66fbf49fa6206d3e5d1b4d,0xd4afd7933b58f89f74b81157144b710d082c559ab65203b5 + secg/secp192r1 + invalid order = 293 + diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp224r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp224r1.xml new file mode 100644 index 0000000..aea9831 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/secp224r1.xml @@ -0,0 +1,415 @@ + + + secp224r1/0 + 0x15813b67113a4bdbd68031077a43009cce8ac33fbb0f94d1307cbd91,0x0 + secg/secp224r1 + invalid order = 2 + + + secp224r1/1 + 0x2a3af848496b126b2a871879ceee564e5e024f2b5c81d0dd23e89d58,0x2f4b5053098b9796268201c36c8a09dacdd49164bd62ca46b3c36c99 + secg/secp224r1 + invalid order = 3 + + + secp224r1/2 + 0x4ac5b04b59265bc031c6663c3a2bd5d9d978ea4348f38594ba102b42,0x1bad806f66ba85b636a5fe8ae202af25763792b7a65efb29bc724b3 + secg/secp224r1 + invalid order = 5 + + + secp224r1/3 + 0x19b886c460ed8315b0644a21ae91b664ddf5c4927f764e15484fb2da,0x361cdb6b4d4b0fdfa64b2b4432d896465a23448412723796ebd1140a + secg/secp224r1 + invalid order = 7 + + + secp224r1/4 + 0x85e9575932e2e05e978e96afc0bce70ae5781c7cc95fabde5b2d9a62,0xd2857f34a39fce5d82a0b0c1bad8b5d147d66b0af2741eaf57a710cf + secg/secp224r1 + invalid order = 11 + + + secp224r1/5 + 0x51d9d741776dd5c2d1780e05c6bb8869d9350d92d961c3697d506660,0xfac5fbf9a5590eec2c334354d5ad89434d3ceff005ecd59e2a5da5fb + secg/secp224r1 + invalid order = 13 + + + secp224r1/6 + 0xe918209d920390e12465ea1998ff1d60328e1922eccf82afc2817df7,0xe3794681311ae507525d933c68d8e5d6209485692194588eb1891b12 + secg/secp224r1 + invalid order = 17 + + + secp224r1/7 + 0x824e1f1f1eac192e59b334ba5b3186192d45dc609026906665a9301,0x50cc932ab26b523635a38066c547fe008d694cf898eb342165d21f98 + secg/secp224r1 + invalid order = 19 + + + secp224r1/8 + 0x406a44b18f68c1477569eb78bf730cef74109de101f8a114e6819990,0x58f1c0bfefa5a5a5d1399249b4ee4ca857a3567cfd974d661905fd6 + secg/secp224r1 + invalid order = 23 + + + secp224r1/9 + 0x17fdd5df6bfb6e4df703dc1439ab925d230d9dda730f177341a50235,0x3194a2104c2e43d8008f33afccca4d5dc5df4bc6b64e5ecc1abfcb37 + secg/secp224r1 + invalid order = 29 + + + secp224r1/10 + 0x19c3d7805264db1eaaa88c9d54ee9f3a4b92e488a3afe7e3788e6880,0xcbd6cce041eb13b57d20a9b7e0c31217e33e42d900a233aeef57eff1 + secg/secp224r1 + invalid order = 31 + + + secp224r1/11 + 0x4b998a619de7fb54bad7c417f354b9e4647e8e52c8114e79cd359e4a,0xe91c39decc581fdbc894fd2f2da3312ce07ef09bcef3b48a059050cb + secg/secp224r1 + invalid order = 37 + + + secp224r1/12 + 0x6f7abdab0c5057b2d6440c87313fea1bf7ad506214babf6e1dbe8cc2,0x7f8d62650ee5f8bbb46e8ece3b606e5c8f051c13238785b8e0f4c81c + secg/secp224r1 + invalid order = 41 + + + secp224r1/13 + 0xffe20dceeae9ca22017c94d7b7d568a9878aa7ad15b67c8f1430e1ca,0xa26069c07dc38f0d45bb3b91418714c511dcbcb6396b02db7367873a + secg/secp224r1 + invalid order = 43 + + + secp224r1/14 + 0x446685ff9600c91ab6f6bcc103e94db91f95d605605e67080475f1c3,0x327884db4b7761cb31e19fc930b6e00acf09ae604cf25d715d0e1531 + secg/secp224r1 + invalid order = 47 + + + secp224r1/15 + 0xfe615fc7a983085bc66e9a9f67c8a82521c9cb03c55caf0732837811,0x8a62e2ee5265bd2eefb0455e2d590daa854851bf58589d1272f9849b + secg/secp224r1 + invalid order = 53 + + + secp224r1/16 + 0x857c09d9f9a77cae49355223c9c4f35eae309740fd1e85ff00f9353c,0x2c7d667955ae39c3449b3e44fe1f83904b70bfa95452045c92593364 + secg/secp224r1 + invalid order = 59 + + + secp224r1/17 + 0xfd8c74cc4cd6d8791f374e7af7ff80640d46dbc250e0217a83b5e14e,0x9b63e94eb4aad3504b18dd50630554adef3b52fe3863df3147ccac54 + secg/secp224r1 + invalid order = 61 + + + secp224r1/18 + 0xd0388a4c1671523b855504cc5bf999704ab7e4a20ac320c29475154b,0xb9b780043adf4ca0577dfcf64a70be394c3cdd9c2ebea74eb9b2f279 + secg/secp224r1 + invalid order = 67 + + + secp224r1/19 + 0xefd6b0ca13e3fe0fdbebd56e050f9b0dd6ab17c848cd93dd1d95987e,0xb71e2e10d85eca224d67c6f1d6ce00c89ef216d42a2d460116393ace + secg/secp224r1 + invalid order = 71 + + + secp224r1/20 + 0x3e21d690d87e1061b54974efc8b25ec8dc89458fcfbbfc4bc52c3cec,0x62fd132333adf2e1e4c4731c8aac750613f2bf01b507b24306b7293b + secg/secp224r1 + invalid order = 73 + + + secp224r1/21 + 0x45367d8d7c681d35ceab3f15380a33fd10174e6ff1e88cebf2133635,0x112cbec1609557cd62280f32c027f1414bd8b1c89b24d74d809351f + secg/secp224r1 + invalid order = 79 + + + secp224r1/22 + 0x5a67628d0343d765dea6ded21f622f6c57f264b4ee93a5dcba311b0e,0x260153810fa3522358087eb54f1aaae3057aa1955332725bbe1b68e7 + secg/secp224r1 + invalid order = 83 + + + secp224r1/23 + 0xcc0cdfeccd65fed9b0e9db9c431bfcdfced1c9468033c91594581f29,0xfaf09441eb53b4dccb7dfc3831ed5950d541d2f02ef925822abf8081 + secg/secp224r1 + invalid order = 89 + + + secp224r1/24 + 0xd738337ead10988ce050d4c0ad7a9ac329bea7a1bd9baa698cdbeba,0xf4b661264be680c8b732f61d016a4ff6ac1c8240a01f70cfadfba0c2 + secg/secp224r1 + invalid order = 97 + + + secp224r1/25 + 0x4d75a425c4e6ca8ee9f3de58ff5499a87433951bbe19f3c56b0e6894,0xb76c77495a43a5c5e3cd286070a2284158c255dbbf090dab493e40de + secg/secp224r1 + invalid order = 101 + + + secp224r1/26 + 0x8d95deb4df1320866baddc9e3f39b4ae1c6546b8353d68a5383f1edf,0x843c1443ff14271d6233d5d92d72d26b10f7c43abb0a2d48a3a15135 + secg/secp224r1 + invalid order = 103 + + + secp224r1/27 + 0xcbc5e580fc7fa7b1525375f455e7e13c6297f544c64a6e57f2a68025,0xcee2079b78fae4e7bdd80ec668a03629733643b5d0b78d76d09b5256 + secg/secp224r1 + invalid order = 107 + + + secp224r1/28 + 0x73cf2fab6a046dc2f9ccef400a8dcf4f410101ccbbc2f275c71b05cf,0x1657846ed9425d52525c8567e5bc50d48b4358b2d8adea1a4fd4207e + secg/secp224r1 + invalid order = 109 + + + secp224r1/29 + 0xc73a93624d3b93c8687806a7715a0425dddd69d420eb0beaca6493bc,0x70b627906ae4bb34d3c803bcc23a838129b77f38cf0469d1ebee278 + secg/secp224r1 + invalid order = 113 + + + secp224r1/30 + 0x7aa658c60ded35ee0e13f34a43087e2dad681c995adab60965979807,0x89e2ce81f4c49fdb7d0b971680d7a029b14bc63d11c67938009ff415 + secg/secp224r1 + invalid order = 127 + + + secp224r1/31 + 0x2e5a6d18b0fd87be3fa21a2c6ad96f11816953c0f745821690fc0d79,0xa158645c6a34c7a0373201933fa6d4d71239a8fcc38e3cb30f267e6f + secg/secp224r1 + invalid order = 131 + + + secp224r1/32 + 0xc90c47c2670cc93e27efcfbafc50fedba823525e3e5cf0fd357f3c4a,0x73040196665f86296f2a911be78b5054ddcd99d24194b17c95958fe + secg/secp224r1 + invalid order = 137 + + + secp224r1/33 + 0xed636106ab1a7a5b69f40ff3d52560be494bb50abf0bf34bb4cf2aad,0x93642b55e6d4aa740f2e6bb09fcf40e0772a6c1788061b97c31a87d0 + secg/secp224r1 + invalid order = 139 + + + secp224r1/34 + 0x38cb9b0889e3f593bde90601152c68206e55c34edc509475117b25e,0x38b9b003caf68c778057c3c2eb87e829b3f6d8ed5b4bf554b45b9d7c + secg/secp224r1 + invalid order = 149 + + + secp224r1/35 + 0xd199f22a7f9ef58d051c77a49419500dc9e51d7c1fbf34aa842aa2ca,0x14b9cb34136de83560e55089f33917350a850202b0d4b6787af7532a + secg/secp224r1 + invalid order = 151 + + + secp224r1/36 + 0x6fd81907dee473b6da05b6fc0afb54167915821c580ceccea68845ca,0xdf915779b29a39d5e791d4dcee2209fde0360121a40ecf77896359ee + secg/secp224r1 + invalid order = 157 + + + secp224r1/37 + 0x66bef60fc586138a53180a2c3b9457731e423168ea7b66e66fae7a0c,0x88f4db7a1fef7dac22d92546d245dc502673c5750ec2a3d488b42ff0 + secg/secp224r1 + invalid order = 163 + + + secp224r1/38 + 0x883c19375c67b3496ec5b805a73f705a93e6ebdf92e079f3cdb0cdf9,0x9e3b6d3b121be861d5a87d6e751566ec9bc96f5b4dc51aa0509b2d56 + secg/secp224r1 + invalid order = 167 + + + secp224r1/39 + 0xfaa5ab8ad0846ffee094e651d8a29cbb65ed7bc3212842990a1d840f,0xb990d9773c07839c69064d98ac39a26ccba0abe294b28b2368189ed4 + secg/secp224r1 + invalid order = 173 + + + secp224r1/40 + 0x2f597a836e0417af3a00d2c232a7002357c4e0ed8c78accbc586d7c3,0xc5087d5a5a01942f5f39abdf4f40189e32a785f8e84d1cc93eac0d37 + secg/secp224r1 + invalid order = 179 + + + secp224r1/41 + 0x7cddf880261a8570d8c14546edc91806e6b298c77527cd7af6cf2112,0x8fd5caff7e4b046ad7b660829eafaf115d1395e998ac62f75c1bf9 + secg/secp224r1 + invalid order = 181 + + + secp224r1/42 + 0x88cffed6ac0b23a8f7346d4aab48262cedcaef089de6f721ca561031,0xfe5d853d471b48469746557adb564de1e9ee40f0e49594bba48cadaa + secg/secp224r1 + invalid order = 191 + + + secp224r1/43 + 0x6072970782b7bc85a88c5346e5b22b6b54767818b297a77a486e6344,0xdd76e50fe49b3eecbdebcfb536a3885d67fff473ebe7a39c4d4e82f7 + secg/secp224r1 + invalid order = 193 + + + secp224r1/44 + 0xcf23d2546833d9ace2e69f52840b7128e80b977b302963b689e5fb0b,0xe9129b98f3e9dd1b0d3e494a9800bdfad18ee11d0c89c92041f4c468 + secg/secp224r1 + invalid order = 197 + + + secp224r1/45 + 0x9e7e82bf03229124d22d112f61b4a5a93577565e70d711b0267b5268,0xc7d2ac6f6c527205373e21b4a84dddaf4aeb08ad4786e87ee5dd9ee3 + secg/secp224r1 + invalid order = 199 + + + secp224r1/46 + 0xbec8817d7f285d4affce5f2927fc4a7606e180cfd15972e4c64a0cf6,0xac7722980f9c6e6c299c80cbfb084cca2891f72026ebeb79e448ea32 + secg/secp224r1 + invalid order = 211 + + + secp224r1/47 + 0x66be83e793c99145d6a6fc4b9fb02e29835fd2349c0538a441d48d28,0x600e73e8d191acc73fb272df6ca7edb3748e9ae43af215b5288e9c0c + secg/secp224r1 + invalid order = 223 + + + secp224r1/48 + 0x39820deb6a5e58b71d72d28a7da99d578a833f70e9a4bdd930d7954,0x2a1ad5207d1aa4123ae6d2999c7569c39487ffc26288384d2503f551 + secg/secp224r1 + invalid order = 227 + + + secp224r1/49 + 0xda6a33dfb2f3dc6f53b8a4edd167d3c39f78f1515e514ce5a096111c,0x79aca7e933a283a82b0dc41e6353c7d4f950051f3b5089042b47e147 + secg/secp224r1 + invalid order = 229 + + + secp224r1/50 + 0x80d3d17878392e42c2809add36c451c3700a8befb741391c37ecf130,0xf5cb5b1fa16a6e79cd0663824265046527e173a822610d588dedd6b7 + secg/secp224r1 + invalid order = 233 + + + secp224r1/51 + 0xf5639566480e6c3c9cde04cd792345d9d50f6a248f86078a8e4bf433,0xd8d4ac9128664c6fd39794485fd52e408e07665a18b17e4d36402a58 + secg/secp224r1 + invalid order = 239 + + + secp224r1/52 + 0xf6aed3821c7c9a1fb8befd775161570c6e0ac4c6e615a6b866b33451,0x56b9eca63eec26a0e7418778d83c77e00dada116fe96307319e7e070 + secg/secp224r1 + invalid order = 241 + + + secp224r1/53 + 0xffee0c9580fb64265ad41779850c6c64d1d413851afb65365d687640,0xa79de8aab6209d3f67aab47e87550bf4c712fd7ba43521e7490f01d2 + secg/secp224r1 + invalid order = 251 + + + secp224r1/54 + 0x2e862f490d3da0a207b2fe447f9b096e8b49a75f7e90f113c50d6cdd,0x9f25ea072d1c0471a74b889bb559ca315275c9e6c5c19a1fa12b5c93 + secg/secp224r1 + invalid order = 257 + + + secp224r1/55 + 0x61cf3af253fef2be402f9998f4c3d8461d27a5226662f64e868ffd8a,0xaa4ff0b6f7928e0709394399de0d97fe53a8683b777a4a075e899d9c + secg/secp224r1 + invalid order = 263 + + + secp224r1/56 + 0x3d03ff1fde14c96e3de5dae877c78f4f270531de4f07061ab7130397,0xea3daaa5d04217ad1525b5908f699ab996171cd25461641bc4d3eaec + secg/secp224r1 + invalid order = 269 + + + secp224r1/57 + 0xac56b0ab6b95c45d6bf2e66ea00394025cb9837b5da72173e5d3cefe,0xe58675da73ee36a2874e2cb96ae3573e9b6cf60990ff0cec064ccdde + secg/secp224r1 + invalid order = 271 + + + secp224r1/58 + 0x9244eb293582c5f42bc6827fd17cc8449567c5c78ee93abc460c507c,0x42e9adae812ef137b711d3259b851d47e2e35d92486453b79070344a + secg/secp224r1 + invalid order = 277 + + + secp224r1/59 + 0x31d50a36dc59875283235379095aad4fd20a33dfa208ba7376e31b78,0x137232aa64ea9e67145a06b06b7a909d95dbedd294299d0432565e45 + secg/secp224r1 + invalid order = 281 + + + secp224r1/60 + 0x551a3b2581584f4a3bbc119a940e7c9f3a84e29625ded75b88f39282,0x9b970d228646f1f436eadca0318239e8636aac259c115c963e7f17c + secg/secp224r1 + invalid order = 283 + + + secp224r1/61 + 0xc6950fecb2f41eb7e85410809ca3902d14f95197e3c8288ddad92725,0xe6267afd50d294fec6c7b5281fb4aee90bb186582ab3f372ac443a5 + secg/secp224r1 + invalid order = 293 + + + secp224r1/62 + 0x357e1954c99764097a023c4c239143516158690c36b5a80eab439c32,0xf362d1d6f1c58a1604df3573c39793de37a65d5b32a299578aa93e9c + secg/secp224r1 + invalid order = 307 + + + secp224r1/63 + 0x584f77bfa721f02e7481e017daeb2f8277019d0630a91bf538ae0257,0xc21271ab35a4f90f06353927c2498d7c68169e53303c69ec71880867 + secg/secp224r1 + invalid order = 311 + + + secp224r1/64 + 0xfda1c1a2c40be6377194f14c076b90f855cdc4354fb159d033a3a353,0x996a40b7f0e3cb2a333e1b4285f2151a86d09de8318a6ab9de1e539e + secg/secp224r1 + invalid order = 313 + + + secp224r1/65 + 0xdd6f2d93badb5e511a9cc5489c79d8c411e84d85e186961eeb3a6117,0x858cf03188fc1e172384926bfdebfae983a223cf13fc07c9858da88f + secg/secp224r1 + invalid order = 317 + + + secp224r1/66 + 0xaf2a4b4d6edef6d32d42716c29ae5eaaaa71cdd1775e7362ef39c95a,0xe34788bcea616c717a778b6486fdb03e60100cb344d635e03b7efd11 + secg/secp224r1 + invalid order = 331 + + + secp224r1/67 + 0x2fbf987447feed974bc71eea5cfa2657ff24e16eeec32488e9099dee,0x461b4e646a977e6b59a74a0b6b79fe4454b9571f342ed964307c3b71 + secg/secp224r1 + invalid order = 337 + + + secp224r1/68 + 0x8805caa0199000343345f6cf371f5ebee24628a127a9a2c79350c206,0x26de29dd6b806fe39b7d170cd032bd68467f148024a66e0c18382b4e + secg/secp224r1 + invalid order = 347 + diff --git a/src/cz/crcs/ectester/data/invalid/secg/secp256r1.xml b/src/cz/crcs/ectester/data/invalid/secg/secp256r1.xml new file mode 100644 index 0000000..6f93370 --- /dev/null +++ b/src/cz/crcs/ectester/data/invalid/secg/secp256r1.xml @@ -0,0 +1,463 @@ + + + secp256r1/0 + 0x8f12f2d85ee6c6fb911b0b6c636785e347256edd7add0da5091fe43844f3ad0e,0x0 + secg/secp256r1 + invalid order = 2 + + + secp256r1/1 + 0x866a59a3c8c60de3947700bff2c91be97749114e31fc389727c55ae7aba9f6f5,0x9e9893a290a8ab4507f241f384ba3332758054adf7d8f3156ad02afed128deee + secg/secp256r1 + invalid order = 3 + + + secp256r1/2 + 0x95d086503fe293bd19644c4f4f3093eb650397cc9bf0e6ab87b78066261b4a6c,0x18b7895e75baab6768f35c9f8b183ba10899b0ebae4543ea791c05e3d1a2b764 + secg/secp256r1 + invalid order = 5 + + + secp256r1/3 + 0x5b6caf990697e508e999ab40f9a419c2cbb7b9c062980d9c96b62eb8b15a345e,0x86f61c2b428faaf6079be077750a0d60058a14fdbf102c6c07f8d1ef751c802c + secg/secp256r1 + invalid order = 7 + + + secp256r1/4 + 0x6d3b7edd5efe158464c744e9e2eca3acfc338889af611286bce18121b81305a6,0x6a60fe4a3f6c91b6df4853ca6e1fee6faab291bcc849ac16fd857421c270de6f + secg/secp256r1 + invalid order = 11 + + + secp256r1/5 + 0x6026525f4d5adfacb4a933f3361ed53b2729031dcd323c615e231363c0ce02e3,0xae2fb47cb4ddf7d70d7babae9a8a893b3db5931653caebfe10523e43c60804b8 + secg/secp256r1 + invalid order = 13 + + + secp256r1/6 + 0x110f1fc75318d904b41566c0d00925b061e87f1bbbc3a99ad0875eb7f94da1e7,0xf25db03828aedb999899230568736f6d1214ac07b2fec22657cf8a6e1cc89f5a + secg/secp256r1 + invalid order = 17 + + + secp256r1/7 + 0xeb18bfb2a81015b1ab9779b1a6f8fb1713bc7824490565adf37b04c6537dd0ff,0x8f27019de59b18b36436985167970c9e7cdb4d09eb82f1d028d358cf92e15895 + secg/secp256r1 + invalid order = 19 + + + secp256r1/8 + 0xbc89e296951934d93afb76c29cf37cebe77047c00cc744fc5289edebc7ad2700,0x550f83d7f5f641fdcb22424b4f01fcfc0ae6ddbe0cfbb34b35645ae1a91ad6aa + secg/secp256r1 + invalid order = 23 + + + secp256r1/9 + 0x93bf2bbda8a54cf4e4eac690768ebe76897c44b28cbc49e1d6326f30c20cec4c,0xe833ebe5d3a641df5a32ad8c0589e0be4abaf08a57e3689c149215454726ad0c + secg/secp256r1 + invalid order = 29 + + + secp256r1/10 + 0x5ee8b9c465becc7a550444586ed3bcebc7a31fe34915ab7f40d06fbbf97f786c,0xe265ef42c0c708a04ea2dc6dee427b00884593a3a5c22e55255e64f766532a45 + secg/secp256r1 + invalid order = 31 + + + secp256r1/11 + 0x9a2d6ee27751cd8fa8e72ca9107e086b65531c77961d14907f759be1b9abfd61,0x38e6c71047b3a08208820bfeb96cf22a61a06a5178242dd54b280c74999303ab + secg/secp256r1 + invalid order = 37 + + + secp256r1/12 + 0x4de812700bc95a04975f89bc0f6981e71a003ee72d09aa82a9a5bd8570b02b,0x5b591897cc2c01346d2a3c09214bcb4d10e46dd0fe19eb9dfbc6cb81dd9eb2b7 + secg/secp256r1 + invalid order = 41 + + + secp256r1/13 + 0x432b09a9973a6ae6c746ceba9903bdb36bf0de94a292482e906fb787b27010be,0x155d792b3cd870c892ace2af9d3fd48d55a94c3485e32ee3362232b331d00267 + secg/secp256r1 + invalid order = 43 + + + secp256r1/14 + 0x3c013011cdf737c3a35c84574f779f3f5ed522530a8d7f80b8004fe737f46811,0x44349a25a8a45cc2ad5ccc11c170ee9d72d328e00db71f40148dcd72ee456800 + secg/secp256r1 + invalid order = 47 + + + secp256r1/15 + 0x70a15a2462e072ddfdc4a9fe471de74c44c38b0858e47d0684b26568b82860b6,0x3fdb3a5157022baf2c19d84dd2657da03c92c273a2e96e6a63f1410b9607033b + secg/secp256r1 + invalid order = 53 + + + secp256r1/16 + 0x81263aa019de4e0c36967774f3c82b39effb389853e2cba0a5cf02ea19c19193,0x95ee7f527830f23c9cb01ef3653309d43a240549eea30be83649c0a0a361b22c + secg/secp256r1 + invalid order = 59 + + + secp256r1/17 + 0x2128b029fd81aa818a71128b8da12982158083b2f2e4bb99b5879625eff5e2cc,0x60ec11c2851d82d4d4e0c33118163441c6c48aaa14997d30d4a9f371cfec8791 + secg/secp256r1 + invalid order = 61 + + + secp256r1/18 + 0x7971c03966540f5a5a6ef23e6992289e81c377297421df9bb0133738b5b320a9,0xde681b5f79f17eff2b18b3527051fe35981bd908352ecd1e8688d0f0208c4885 + secg/secp256r1 + invalid order = 67 + + + secp256r1/19 + 0x87d12340acb757fae6eecc8709b9fb0455d1bdae7389fa220e50b49078ffa54a,0x75890f8b4e4a318954187c48359f4270d8b389f5cba266b2a72fa4c814433d9d + secg/secp256r1 + invalid order = 71 + + + secp256r1/20 + 0xcfcf8c4b6a528e8308342000c90ca07c5cc612b838fe96f603826045f348bef7,0xb45ca4421607da8a41e7a62025ded78e44eba472864e744dc2f61fb70b84401f + secg/secp256r1 + invalid order = 73 + + + secp256r1/21 + 0xfdbd68774d6aa1bffb22205c53b689b2250f8231573b2fc8e48ca558d10bf53a,0x76a5b860409b1bceadd05ed58c84660ce3b2b59e600465bc10ce3f8a4e34335f + secg/secp256r1 + invalid order = 79 + + + secp256r1/22 + 0x702ef740f465c7e8e2731431ff25787bb70bca7c95b42504978b505f6720eb86,0x873d9ba564e5d3bcdf070718616854b3bfce6aaff50fcdca68f94e5778dc194 + secg/secp256r1 + invalid order = 83 + + + secp256r1/23 + 0xad4cc335465f6beec9195cec81625e57ac730e3707b6e5c599825b517a5b367a,0xd9add85ba9b5f97e23a2e68e26da6e58db4548a4c8e55399c7c90252ceda8ff1 + secg/secp256r1 + invalid order = 89 + + + secp256r1/24 + 0x4fc913027b35036a89ba43b96ae84c0c83a776125d275453a370710efd7567ae,0xc83d135da14feb034877a49bf525596c68910c8e8004a8c88ac21c61f673826f + secg/secp256r1 + invalid order = 97 + + + secp256r1/25 + 0x3c13f6b5087d313c5c984a92b5e21d13526e4f6355d397e219330cb781d7f938,0xd177742872e9258fa113e041e0aee8ffe172e5f20d5f80b449068b7306c7f94d + secg/secp256r1 + invalid order = 101 + + + secp256r1/26 + 0xa75db744af4ccef799eea08aac6ce8030632aa406aed3158e83c41a7610f6a91,0xf1b62633c2a6ea22af04127c74dca605d0fcbc09cc71629a8bcf90a5f97200e6 + secg/secp256r1 + invalid order = 103 + + + secp256r1/27 + 0x48620b7d6df33243d67ed0f2bf43637952144a4ead19480a79bc33227aa33945,0x5900633cc813bd4f2740f063db8426de7e0b743c9a887160e431424bb49682e4 + secg/secp256r1 + invalid order = 107 + + + secp256r1/28 + 0xdcc68d7325c310b51ed4dfa191e506cfef02d6e1eb9ad356b53f984e4cd4f6d0,0xdcf6835e50f09ef9b689816196fee67d57f60f04695aebfa5575cfe8615277e0 + secg/secp256r1 + invalid order = 109 + + + secp256r1/29 + 0xe5499ef69b017cd641f66b36e129d0200ce8fe030386a687d68d60a14de7f157,0x63de50c503daaba7d8abdce4f8a9bb556969616cf59df6109813e09d813db342 + secg/secp256r1 + invalid order = 113 + + + secp256r1/30 + 0x3488b130bdb5e52056cc659910005c5f181dedde6612562a2d94e9348673edbc,0xbf20dea353b21929d4f494e072fece389f5790f92a75aae6529c6deb13b5e952 + secg/secp256r1 + invalid order = 127 + + + secp256r1/31 + 0x7405904455b1ca2a38469ffc44fc776d89cfe720c03967921d601faca7be4509,0x6f125bf9c0e01ba8bbdc031a05d5af5b7a8e9c61b183d218a61230d3cd0227ea + secg/secp256r1 + invalid order = 131 + + + secp256r1/32 + 0x2f6e45887af9cd331f9e0306c9143378271da4cb0068ac6170ec427949d37d57,0x55370714307d93fbfab6b1abb0538671eecf324f7c73ec2062fbfc811ba6cc9f + secg/secp256r1 + invalid order = 137 + + + secp256r1/33 + 0x41398d9e75ba81285c350b0adbeae4efaf4c4d60868145dcf09ce69d1c61d60a,0xc65b4d9d24ba96813ff847b7c4e896e37912ebe69608a27da8e4c0c88f0fd6e8 + secg/secp256r1 + invalid order = 139 + + + secp256r1/34 + 0xc0232d6f3263707bb6c410069f64549123656e2ed3de9d7ad7926b3ad1017600,0xbb40e762ccd65008b82d56075dbaf4a2ee70ce1db6cad812989e25da63af0911 + secg/secp256r1 + invalid order = 149 + + + secp256r1/35 + 0xb7bcc0e1c1708816ad45e856a7d156a0289b92fe70fa65386dbe954a237ef861,0x764b0155a349a683ba41120538902226f41214449fb15f18e928807a7cc4d592 + secg/secp256r1 + invalid order = 151 + + + secp256r1/36 + 0x4bc476afe87b081f9fde3b7830e08a4f162d682c3f8b9ce488a6f44b77df28ba,0xd9037097df480d54ffdd4ced1cffe3efebb205c8d805a775e5c5310a0cb1952f + secg/secp256r1 + invalid order = 157 + + + secp256r1/37 + 0xa583ce09b9dcfbcb33fc564f83c577ef1fa94e125cd437343d3a82be97a3ec25,0x28631e0c27dce808cc08aa94bf4c317ebb0f4b4227a5b4ff86fddd76c93b12b8 + secg/secp256r1 + invalid order = 163 + + + secp256r1/38 + 0x3a591ada3f9c7803e6da77cb1b9adfd349d80dfac04829b7ccbd0767b50006e8,0xb5eb79cd757583bb44385e902b9dcf14a321f6cbbccaf83c631abe34f2e996d + secg/secp256r1 + invalid order = 167 + + + secp256r1/39 + 0x7a277a5debbf3da308d7cf83cb46ecaaa79c1b02bfd40ae3b911e879d576e9aa,0x54946996938f9af0f326e109f44ab5317605cb1a1d59464f3a695c05a4904c9 + secg/secp256r1 + invalid order = 173 + + + secp256r1/40 + 0xc7b3cd34083b9edb2e79b74129d38dba1e287c294fb5eefc5b88d0cdd53ee70c,0xd29c58435ab03277891c7c53f283e7f096a14da33303cfbd4f6934131c6cece + secg/secp256r1 + invalid order = 179 + + + secp256r1/41 + 0xcad59c7e9c91517accaa91ae59ade119dd121d9b4c4346eab714510643df06ca,0x75e737143937016f278fc91ae3fe419b9379571c3dd311c1552250a4913ab3f0 + secg/secp256r1 + invalid order = 181 + + + secp256r1/42 + 0x351f43dce3f06599d59d5afede421c3490a11e173a432072de8a81080ee7e248,0x983efbca5e57eaf38a6443b7983ba5c402e2d141d0c0d79df27ba01073b0e906 + secg/secp256r1 + invalid order = 191 + + + secp256r1/43 + 0x6309bcc67907b2598cbfd4c646da15779d994dc252767570b7baa8ba6d8654e6,0x7c81c40bfa678e1931296b1f663a8f5ea78275876e74c8bab01b9402929068da + secg/secp256r1 + invalid order = 193 + + + secp256r1/44 + 0xf292f80fc10311c888836cfe3ab45ecb09dda4b6fedcc281aafab56a5da78995,0x57f87ca4673e184a47c174a575c96b11486a0b93bc87be99b3c2e37d77e436ae + secg/secp256r1 + invalid order = 197 + + + secp256r1/45 + 0xa62ce6b8c6bfeacab500982d3a6c87e973eefba80886b92a7e94fcc600ff3fb7,0x4e0e63a86999b374981d3cfa08fc0b639e0d9e3a928fc6e57375ce43b3bbf4c9 + secg/secp256r1 + invalid order = 199 + + + secp256r1/46 + 0x5914880f8d170571c1135c083574714dd96a2b1e6e99beb7941dd148d2e599ff,0xaf784693a45e40eadacb00ef603c0b9f9781a732ded580abd1f6d4e5eeee34a8 + secg/secp256r1 + invalid order = 211 + + + secp256r1/47 + 0xe1fd32eb7c50f5bdac4a25df392c487156f107ef6de78fa5b944ee7fb3f43e81,0x475d5a69377321302573576b88eb977118b79a8c38237e9679de8ad20b475d66 + secg/secp256r1 + invalid order = 223 + + + secp256r1/48 + 0x1103402b2f0a6110548f5e71021c98ff3057eba508daf9610fd81721952d957d,0x90b3e12a67ea60c09c614a3f83221d22d658d18dfdd741af9f96e0a5a819eb7d + secg/secp256r1 + invalid order = 227 + + + secp256r1/49 + 0xec5f138bc7ada81fbc4872f9e85da964fc8a05733af7fe27fae80a5f5a05c457,0x8888bf60c20833735580c9ca06a76075efc0f9b61be4817fb39503f8f7260069 + secg/secp256r1 + invalid order = 229 + + + secp256r1/50 + 0xe60a2d08993de62dcdac2f18ba67122c7c3aba754e2e8709e6cb1a285e077997,0x72182d27dc3b2be7ad9b8596c5949ac3c1b5669e8122ca52fa59bf2b32b78310 + secg/secp256r1 + invalid order = 233 + + + secp256r1/51 + 0x5d079ae0c776a896b213fca832d8dd8d972506165289a4aa04980dbf669be204,0xe2d6f441c219f45a5d2d996dcda96fac74952178052acf47ae72e4442f4a4a91 + secg/secp256r1 + invalid order = 239 + + + secp256r1/52 + 0xd6eb5b70a2c63869481403117cdf85cc81574b4280f86f83d9a3e6c49e62b260,0x417656accdc70b7372118f249776584a641feed1a36ed20cb8c97c9142dbc242 + secg/secp256r1 + invalid order = 241 + + + secp256r1/53 + 0x2346416762b085d6ffc07a5bbb755f507a1f87ab4b0ed4572f6cba4f415a178c,0xb58ced69252349021d06dbea777e63de85c948bd30d587b36c6b5e008cee9045 + secg/secp256r1 + invalid order = 251 + + + secp256r1/54 + 0x9d59a99ddedb6d100b5eefe0b1552393898e0fb4d8aa7871d05aab7762a24ba1,0xd61cbcc969505f8b9acc838fa908fc33a45bfea3c40b4a8df2c785222d41772b + secg/secp256r1 + invalid order = 257 + + + secp256r1/55 + 0xe3b247021a52f27f88bd01ea44a018eeafaca6cc6bc05e7951ab3429f79511f,0x28b782453e402d75b1caa5b30f97345649afd010d3e7c4acf96ec9bb3d8833e + secg/secp256r1 + invalid order = 263 + + + secp256r1/56 + 0xb09abbc7fdd85f1cb3288b55e1a4f2c498c5a562ef01702706fda54f8c75e024,0x1754db8616228f1b04bce0867d9b0f5660bb4594122ffe5d391d016644176150 + secg/secp256r1 + invalid order = 269 + + + secp256r1/57 + 0xe720cf00824e69b6d81df9f4f4d81f2b1a774181eaa5bf65bb33705c0550ea52,0x77bb8bcfdbe38f0a486ee821be6910087bb4f483a01717d8289418d9749a72b6 + secg/secp256r1 + invalid order = 271 + + + secp256r1/58 + 0x9bdbd9f0fd24cf705cf945e8e35fb5bce9f67c5d6e478980b1fe04d966dfb580,0x775ed3d85398765182c299b266533e96fa781a70b9b110c0706cce677f8c5973 + secg/secp256r1 + invalid order = 277 + + + secp256r1/59 + 0xf8ab3fcb6a70cbb9cac133f074b6dc4b489b6ed1eebea9f37345b57ffe272cdb,0xdba5d39c71966986c68bf1d0eaac97477756765666bd20ab386fe07ad108be50 + secg/secp256r1 + invalid order = 281 + + + secp256r1/60 + 0x8aafbc2259752f42fd06d88ba4ee77284a18022559424a72cc93f250dae60bd2,0xf861e3e45b68bca5f26088fd98bba9bb914f3a72e768c4c0bd562e968c532a40 + secg/secp256r1 + invalid order = 283 + + + secp256r1/61 + 0x8d714ce2e5e6b39a201377f70e4552776854701a2ee834f855cfa4dddba5a0e1,0xde2532ba273e910b62cc51b9bba8a194544b5ddda89214f21f7015eb8912f7a8 + secg/secp256r1 + invalid order = 293 + + + secp256r1/62 + 0xbabf3f0f14db3b651076b395c5f2a499c06e31059924722a7ecb83d9aaf6be55,0x1eed385eccdd355ad437be25ca223ee7572e2e11559521bfa2db65eeda89d1ac + secg/secp256r1 + invalid order = 307 + + + secp256r1/63 + 0x1b3f213670b9e6bc0b40001516ea9941b5310883d33a0e13b5ccaeaacc593bf9,0xab5c0bf0a0eb8531452b163bfd6cd171d75021f3642f3185c1ec80582dfe3a74 + secg/secp256r1 + invalid order = 311 + + + secp256r1/64 + 0x2ff8dff93cb2edbeb20db37d4539c76072bd949734b7ff768d06a56662a2a78f,0xf727bfbb18610ab05923fea34e146a7350eb1d28819f62cb3c6e1be0d08178b3 + secg/secp256r1 + invalid order = 313 + + + secp256r1/65 + 0x5b14939e07aefc98655c1a27bdc1e78b694aa99cbdbe63ec68bffa0284d76278,0xa430eca9df72967d258ddc7ad1f4aaf779193c1d9af62e71b54e497d22090593 + secg/secp256r1 + invalid order = 317 + + + secp256r1/66 + 0x1683cea98f5f65beb4ac810fbcd6524ade785bf6a03093ebe27477e8bda3bfb5,0xe236090952561208a3f4ec76806c09ea2f6661783cc191fbeeca0b589960a98f + secg/secp256r1 + invalid order = 331 + + + secp256r1/67 + 0x4ba604f77ff7c968efb390fbd5bb9b7be49292633af22a5c9c9b822d4f952329,0x488f7ac53558955a998a32cf9344f5c016427043fb0614db869cae0918357e4d + secg/secp256r1 + invalid order = 337 + + + secp256r1/68 + 0xc6b7b1217ec2c931f8560eff678daa0f52e6fc1aa5197f9fee90594b5d68e8e2,0x8a9d94f6b004fdf3acd8dfb0ebcbdf00a30fadbfdbd18069ffc01b94177d9855 + secg/secp256r1 + invalid order = 347 + + + secp256r1/69 + 0xa732788d93a5c81202b3f7bcb74b09fd69345e0345ffc833317c5895ec074de,0xfb9dc56e4cbd7176b4b7023e565d244638fb9e3b8184356850f4da6be9b755d0 + secg/secp256r1 + invalid order = 349 + + + secp256r1/70 + 0x5dda49123f446452d3aadac4fcfda4e3449bb80b2ad4d230fd9e3d8da2c34362,0xb161d3e87b523b8a9cf1eaac24681ad2f966de45dd6583bc4800d1b5021be17e + secg/secp256r1 + invalid order = 353 + + + secp256r1/71 + 0x521dd973febda789dd851a225e2568f52f0fae50caccbb3f8298d8e936fdab8b,0xae659e2e25b3fbc18bf62731c4140965c68b959b1ecd7fe0472db79d0f5fab49 + secg/secp256r1 + invalid order = 359 + + + secp256r1/72 + 0xc165bf74cb7d1245f4ec958223301d880bc1a127f13ed8231ea442a9c487e970,0x101673339a56af77a6aa80a8e4c364a9bcb8e5197afea4e2fcd1b1bd2770d7f5 + secg/secp256r1 + invalid order = 367 + + + secp256r1/73 + 0x128968b6fcaf13159426a3638350245041c350ba9680c07f9c8f32d9c0175994,0xad4ed97bb42257bae49977ae029f50a46ae6c8765da76fd62f8838c3bd6e9d52 + secg/secp256r1 + invalid order = 373 + + + secp256r1/74 + 0x890f87ef79d7b31ce623023ad8660c259f76746fbe2ad3c4160e7644487213da,0x8a5ab8b61d6c98f81be18178a9f5816c245841d1287e7435c2c2dfa51ea19ceb + secg/secp256r1 + invalid order = 379 + + + secp256r1/75 + 0x7fcca390a2e21feb868bc97e8e231e3c2f386c38fa4b6e550f0f067c0b093d8c,0x1beb2934c78d5cc7559ee208785adbc340d0cd5bd2a6a7a0c4e4222eca961bc7 + secg/secp256r1 + invalid order = 383 + + + secp256r1/76 + 0xaae8e67f2cf220f47da34f4fc0fe3a93ad9194994f748e6936b81db166e90993,0x94dde8bdaf5bd25e8ec3d33fd878641af658f4d4e141dfe94b690071680ed6c3 + secg/secp256r1 + invalid order = 389 + diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 50e5022..c82772f 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -120,7 +120,13 @@ public abstract class Response { public String toString(String inner) { StringBuilder suffix = new StringBuilder(); for (int j = 0; j < getNumSW(); ++j) { - suffix.append(" ").append(Util.getSWString(getSW(j))); + short sw = getSW(j); + if (sw != 0) { + suffix.append(" ").append(Util.getSWString(sw)); + } + } + if (suffix.length() == 0) { + suffix.append(" ").append(Util.getSWString(getNaturalSW())); } return String.format("%-62s:%4d ms : %s", inner, time / 1000000, suffix); } diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index e4d7dd6..5e9511b 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -269,7 +269,7 @@ public abstract class TestSuite { tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL), Test.Result.SUCCESS)); for (EC_Key.Public pub : keys) { tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, pub.getParams(), pub.flatten()), Test.Result.ANY)); - tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH), Test.Result.FAILURE)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ANY), Test.Result.FAILURE)); } tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); } -- cgit v1.2.3-70-g09d2 From 8884b0f8d55fd9cb89597ddce6f74a5e9b538f7b Mon Sep 17 00:00:00 2001 From: J08nY Date: Thu, 4 May 2017 20:48:43 +0200 Subject: Added support for extended APDUs, fixed problems with large cmds - Switched ECTesterApplet to Javacard 2.2.2 which supports Extended length APDUs (necessary for some Set commands when a large external curve is sent to the applet) - The incoming APDU is now copied over to a sufficiently large buffer before being processed - Simplified instruction processing logic - Renamed ECUtil to AppletUtil - Fixed padding error in nist/P-521 --- !uploader/ectester.cap | Bin 14675 -> 14877 bytes dist/ECTester.jar | Bin 705430 -> 709688 bytes jcbuild.xml | 2 +- src/cz/crcs/ectester/applet/AppletUtil.java | 57 +++++ src/cz/crcs/ectester/applet/ECKeyGenerator.java | 45 +++- src/cz/crcs/ectester/applet/ECKeyTester.java | 11 +- src/cz/crcs/ectester/applet/ECTesterApplet.java | 290 ++++++++++++------------ src/cz/crcs/ectester/applet/ECUtil.java | 35 --- src/cz/crcs/ectester/applet/EC_Consts.java | 4 +- src/cz/crcs/ectester/data/nist/p521.csv | 2 +- src/cz/crcs/ectester/reader/Command.java | 3 + src/cz/crcs/ectester/reader/ECTester.java | 8 + src/cz/crcs/ectester/reader/Response.java | 2 +- src/cz/crcs/ectester/reader/Test.java | 4 + src/cz/crcs/ectester/reader/TestSuite.java | 26 ++- src/cz/crcs/ectester/reader/Util.java | 215 +++++++++--------- 16 files changed, 391 insertions(+), 313 deletions(-) create mode 100644 src/cz/crcs/ectester/applet/AppletUtil.java delete mode 100644 src/cz/crcs/ectester/applet/ECUtil.java diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 0d50b57..e5d5183 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 8119521..691d575 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/jcbuild.xml b/jcbuild.xml index 9b1dabb..a4d7619 100644 --- a/jcbuild.xml +++ b/jcbuild.xml @@ -12,7 +12,7 @@ - + diff --git a/src/cz/crcs/ectester/applet/AppletUtil.java b/src/cz/crcs/ectester/applet/AppletUtil.java new file mode 100644 index 0000000..296541d --- /dev/null +++ b/src/cz/crcs/ectester/applet/AppletUtil.java @@ -0,0 +1,57 @@ +package cz.crcs.ectester.applet; + +import javacard.framework.APDU; +import javacard.framework.ISO7816; +import javacard.framework.ISOException; +import javacard.framework.Util; +import javacard.security.KeyAgreement; +import javacard.security.KeyPair; +import javacard.security.Signature; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class AppletUtil { + + private static short nullCheck(Object obj, short sw) { + if (obj == null) + ISOException.throwIt(sw); + return ISO7816.SW_NO_ERROR; + } + + public static short objCheck(Object obj) { + return nullCheck(obj, ECTesterApplet.SW_OBJECT_NULL); + } + + public static short keypairCheck(KeyPair keyPair) { + return nullCheck(keyPair, ECTesterApplet.SW_KEYPAIR_NULL); + } + + public static short kaCheck(KeyAgreement keyAgreement) { + return nullCheck(keyAgreement, ECTesterApplet.SW_KA_NULL); + } + + public static short signCheck(Signature signature) { + return nullCheck(signature, ECTesterApplet.SW_SIGNATURE_NULL); + } + + public static short readAPDU(APDU apdu, byte[] buffer, short length) { + short read = apdu.setIncomingAndReceive(); + read += apdu.getOffsetCdata(); + short total = apdu.getIncomingLength(); + if (total > length) { + return 0; + } + byte[] apduBuffer = apdu.getBuffer(); + + short sum = 0; + + do { + Util.arrayCopyNonAtomic(apduBuffer, (short) 0, buffer, sum, read); + sum += read; + read = apdu.receiveBytes((short) 0); + } while (sum < total); + // TODO figure this out, in buffer + out buffer(apdubuf) or just send each param on its own? + return 0; + } +} diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index f8cbf87..0c20333 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -38,9 +38,15 @@ public class ECKeyGenerator { return ecKeyPair; } + /** + * + * @param keypair + * @param key + * @return + */ public short clearPair(KeyPair keypair, byte key) { try { - sw = ECUtil.keypairCheck(keypair); + sw = AppletUtil.keypairCheck(keypair); if ((key & EC_Consts.KEY_PUBLIC) != 0) keypair.getPublic().clearKey(); if ((key & EC_Consts.KEY_PRIVATE) != 0) keypair.getPrivate().clearKey(); } catch (CardRuntimeException ce) { @@ -55,7 +61,7 @@ public class ECKeyGenerator { */ public short generatePair(KeyPair keypair) { try { - sw = ECUtil.keypairCheck(keypair); + sw = AppletUtil.keypairCheck(keypair); keypair.genKeyPair(); } catch (CardRuntimeException ce) { sw = ce.getReason(); @@ -63,14 +69,41 @@ public class ECKeyGenerator { return sw; } + /** + * + * @param keypair + * @param curve + * @param buffer + * @param offset + * @return + */ public short setCurve(KeyPair keypair, byte curve, byte[] buffer, short offset) { return setCurve(keypair, curve, EC_Consts.PARAMETERS_ALL, buffer, offset); } + /** + * + * @param keypair + * @param curve + * @param params + * @param buffer + * @param offset + * @return + */ public short setCurve(KeyPair keypair, byte curve, short params, byte[] buffer, short offset) { return setCurve(keypair, EC_Consts.KEY_BOTH, curve, params, buffer, offset); } + /** + * + * @param keypair + * @param key + * @param curve + * @param params + * @param buffer + * @param offset + * @return + */ public short setCurve(KeyPair keypair, byte key, byte curve, short params, byte[] buffer, short offset) { byte alg = EC_Consts.getCurveType(curve); sw = ISO7816.SW_NO_ERROR; @@ -156,7 +189,7 @@ public class ECKeyGenerator { */ public short setParameter(KeyPair keypair, byte key, short param, byte[] data, short offset, short length) { try { - sw = ECUtil.keypairCheck(keypair); + sw = AppletUtil.keypairCheck(keypair); ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); @@ -281,7 +314,7 @@ public class ECKeyGenerator { public short exportParameter(KeyPair keypair, byte key, short param, byte[] outputBuffer, short outputOffset) { short length = 0; try { - sw = ECUtil.keypairCheck(keypair); + sw = AppletUtil.keypairCheck(keypair); ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); @@ -390,8 +423,8 @@ public class ECKeyGenerator { */ public short copyCurve(KeyPair from, KeyPair to, short params, byte[] buffer, short offset) { try { - sw = ECUtil.keypairCheck(from); - sw = ECUtil.keypairCheck(to); + sw = AppletUtil.keypairCheck(from); + sw = AppletUtil.keypairCheck(to); short param = EC_Consts.PARAMETER_FP; while (param <= EC_Consts.PARAMETER_K) { diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 1d113ae..7664c72 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -3,7 +3,6 @@ package cz.crcs.ectester.applet; import javacard.framework.CardRuntimeException; import javacard.framework.ISO7816; -import javacard.framework.Util; import javacard.security.*; /** @@ -53,9 +52,9 @@ public class ECKeyTester { private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, short corruption) { short length = 0; try { - sw = ECUtil.kaCheck(ka); - sw = ECUtil.keypairCheck(privatePair); - sw = ECUtil.keypairCheck(publicPair); + sw = AppletUtil.kaCheck(ka); + sw = AppletUtil.keypairCheck(privatePair); + sw = AppletUtil.keypairCheck(publicPair); ka.init(privatePair.getPrivate()); short pubkeyLength = ((ECPublicKey) publicPair.getPublic()).getW(pubkeyBuffer, pubkeyOffset); @@ -123,7 +122,7 @@ public class ECKeyTester { if (sw != ISO7816.SW_NO_ERROR) { return length; } - if (Util.arrayCompare(outputBuffer, outputOffset, outputBuffer, (short) (outputOffset + ecdhLength), ecdhLength) != 0) { + if (javacard.framework.Util.arrayCompare(outputBuffer, outputOffset, outputBuffer, (short) (outputOffset + ecdhLength), ecdhLength) != 0) { sw = ECTesterApplet.SW_DH_DHC_MISMATCH; } return length; @@ -164,7 +163,7 @@ public class ECKeyTester { public short testECDSA(ECPrivateKey signKey, ECPublicKey verifyKey, byte[] inputBuffer, short inputOffset, short inputLength, byte[] sigBuffer, short sigOffset) { short length = 0; try { - sw = ECUtil.signCheck(ecdsaSignature); + sw = AppletUtil.signCheck(ecdsaSignature); ecdsaSignature.init(signKey, Signature.MODE_SIGN); length = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset); diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index 4e586ec..f957273 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -30,6 +30,7 @@ import javacard.security.ECPrivateKey; import javacard.security.ECPublicKey; import javacard.security.KeyPair; import javacard.security.RandomData; +import javacardx.apdu.ExtendedLength; /** * Applet part of ECTester, a tool for testing Elliptic curve support on javacards. @@ -37,7 +38,7 @@ import javacard.security.RandomData; * @author Petr Svenda petr@svenda.com * @author Jan Jancar johny@neuromancer.sk */ -public class ECTesterApplet extends Applet { +public class ECTesterApplet extends Applet implements ExtendedLength { // MAIN INSTRUCTION CLASS public static final byte CLA_ECTESTERAPPLET = (byte) 0xB0; @@ -71,9 +72,11 @@ public class ECTesterApplet extends Applet { private static final short ARRAY_LENGTH = (short) 0xff; + private static final short APDU_MAX_LENGTH = (short) 1024; // TEMPORARRY ARRAY IN RAM private byte[] ramArray = null; private byte[] ramArray2 = null; + private byte[] apduArray = null; // PERSISTENT ARRAY IN EEPROM private byte[] dataArray = null; // unused @@ -102,6 +105,7 @@ public class ECTesterApplet extends Applet { ramArray = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); ramArray2 = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); + apduArray = JCSystem.makeTransientByteArray(APDU_MAX_LENGTH, JCSystem.CLEAR_ON_RESET); dataArray = new byte[ARRAY_LENGTH]; Util.arrayFillNonAtomic(dataArray, (short) 0, ARRAY_LENGTH, (byte) 0); @@ -126,49 +130,56 @@ public class ECTesterApplet extends Applet { public void process(APDU apdu) throws ISOException { // get the APDU buffer byte[] apduBuffer = apdu.getBuffer(); + byte cla = apduBuffer[ISO7816.OFFSET_CLA]; + byte ins = apduBuffer[ISO7816.OFFSET_INS]; // ignore the applet select command dispached to the process if (selectingApplet()) { return; } - if (apduBuffer[ISO7816.OFFSET_CLA] == CLA_ECTESTERAPPLET) { - switch (apduBuffer[ISO7816.OFFSET_INS]) { + if (cla == CLA_ECTESTERAPPLET) { + AppletUtil.readAPDU(apdu, apduArray, APDU_MAX_LENGTH); + + short length = 0; + switch (ins) { case INS_ALLOCATE: - insAllocate(apdu); + length = insAllocate(apdu); break; case INS_CLEAR: - insClear(apdu); + length = insClear(apdu); break; case INS_SET: - insSet(apdu); + length = insSet(apdu); break; case INS_CORRUPT: - insCorrupt(apdu); + length = insCorrupt(apdu); break; case INS_GENERATE: - insGenerate(apdu); + length = insGenerate(apdu); break; case INS_EXPORT: - insExport(apdu); + length = insExport(apdu); break; case INS_ECDH: - insECDH(apdu); + length = insECDH(apdu); break; case INS_ECDSA: - insECDSA(apdu); + length = insECDSA(apdu); break; case INS_CLEANUP: - insCleanup(apdu); + length = insCleanup(apdu); break; case INS_SUPPORT: - insSupport(apdu); + length = insSupport(apdu); break; default: // The INS code is not supported by the dispatcher ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); break; } + + apdu.setOutgoingAndSend((short) 0, length); } else ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED); } @@ -180,18 +191,15 @@ public class ECTesterApplet extends Applet { * P2 = * DATA = short keyLength * byte keyClass + * @return length of response */ - private void insAllocate(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte keyPair = apdubuf[ISO7816.OFFSET_P1]; - short keyLength = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); - byte keyClass = apdubuf[ISO7816.OFFSET_CDATA + 2]; + private short insAllocate(APDU apdu) { + byte keyPair = apduArray[ISO7816.OFFSET_P1]; + short cdata = apdu.getOffsetCdata(); + short keyLength = Util.getShort(apduArray, cdata); + byte keyClass = apduArray[(short) (cdata + 2)]; - short len = allocate(keyPair, keyLength, keyClass, apdubuf, (short) 0); - - apdu.setOutgoingAndSend((short) 0, len); + return allocate(keyPair, keyLength, keyClass, apdu.getBuffer(), (short) 0); } /** @@ -200,21 +208,20 @@ public class ECTesterApplet extends Applet { * * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) * P2 = + * @return length of response */ - private void insClear(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - byte keyPair = apdubuf[ISO7816.OFFSET_P1]; + private short insClear(APDU apdu) { + byte keyPair = apduArray[ISO7816.OFFSET_P1]; short len = 0; if ((keyPair & KEYPAIR_LOCAL) != 0) { - len += clear(localKeypair, apdubuf, (short) 0); + len += clear(localKeypair, apdu.getBuffer(), (short) 0); } if ((keyPair & KEYPAIR_REMOTE) != 0) { - len += clear(remoteKeypair, apdubuf, len); + len += clear(remoteKeypair, apdu.getBuffer(), len); } - apdu.setOutgoingAndSend((short) 0, len); + return len; } /** @@ -229,25 +236,24 @@ public class ECTesterApplet extends Applet { * [short paramLength, byte[] param], * for all params in params, * in order: field,a,b,g,r,k,w,s + * @return length of response */ - private void insSet(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte keyPair = apdubuf[ISO7816.OFFSET_P1]; - byte curve = apdubuf[ISO7816.OFFSET_P2]; - short params = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); + private short insSet(APDU apdu) { + byte keyPair = apduArray[ISO7816.OFFSET_P1]; + byte curve = apduArray[ISO7816.OFFSET_P2]; + short cdata = apdu.getOffsetCdata(); + short params = Util.getShort(apduArray, cdata); short len = 0; if ((keyPair & KEYPAIR_LOCAL) != 0) { - len += set(localKeypair, curve, params, apdubuf, (short) (ISO7816.OFFSET_CDATA + 2), (short) 0); + len += set(localKeypair, curve, params, apduArray, (short) (cdata + 2), apdu.getBuffer(), (short) 0); } if ((keyPair & KEYPAIR_REMOTE) != 0) { - len += set(remoteKeypair, curve, params, apdubuf, (short) (ISO7816.OFFSET_CDATA + 2), len); + len += set(remoteKeypair, curve, params, apduArray, (short) (cdata + 2), apdu.getBuffer(), len); } - apdu.setOutgoingAndSend((short) 0, len); + return len; } /** @@ -258,26 +264,25 @@ public class ECTesterApplet extends Applet { * P2 = byte key (EC_Consts.KEY_* | ...) * DATA = short params (EC_Consts.PARAMETER_* | ...) * byte corruption (EC_Consts.CORRUPTION_* || ...) + * @return length of response */ - private void insCorrupt(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte keyPair = apdubuf[ISO7816.OFFSET_P1]; - byte key = apdubuf[ISO7816.OFFSET_P2]; - short params = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); - byte corruption = apdubuf[(short) (ISO7816.OFFSET_CDATA + 2)]; + private short insCorrupt(APDU apdu) { + byte keyPair = apduArray[ISO7816.OFFSET_P1]; + byte key = apduArray[ISO7816.OFFSET_P2]; + short cdata = apdu.getOffsetCdata(); + short params = Util.getShort(apduArray, cdata); + byte corruption = apduArray[(short) (cdata + 2)]; short len = 0; if ((keyPair & KEYPAIR_LOCAL) != 0) { - len += corrupt(localKeypair, key, params, corruption, apdubuf, (short) 0); + len += corrupt(localKeypair, key, params, corruption, apdu.getBuffer(), (short) 0); } if ((keyPair & KEYPAIR_REMOTE) != 0) { - len += corrupt(remoteKeypair, key, params, corruption, apdubuf, len); + len += corrupt(remoteKeypair, key, params, corruption, apdu.getBuffer(), len); } - apdu.setOutgoingAndSend((short) 0, len); + return len; } /** @@ -286,22 +291,20 @@ public class ECTesterApplet extends Applet { * * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) * P2 = + * @return length of response */ - private void insGenerate(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte keyPair = apdubuf[ISO7816.OFFSET_P1]; + private short insGenerate(APDU apdu) { + byte keyPair = apduArray[ISO7816.OFFSET_P1]; short len = 0; if ((keyPair & KEYPAIR_LOCAL) != 0) { - len += generate(localKeypair, apdubuf, (short) 0); + len += generate(localKeypair, apdu.getBuffer(), (short) 0); } if ((keyPair & KEYPAIR_REMOTE) != 0) { - len += generate(remoteKeypair, apdubuf, len); + len += generate(remoteKeypair, apdu.getBuffer(), len); } - apdu.setOutgoingAndSend((short) 0, len); + return len; } /** @@ -310,27 +313,26 @@ public class ECTesterApplet extends Applet { * @param apdu P1 = byte keyPair (KEYPAIR_* | ...) * P2 = byte key (EC_Consts.KEY_* | ...) * DATA = short params + * @return length of response */ - private void insExport(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte keyPair = apdubuf[ISO7816.OFFSET_P1]; - byte key = apdubuf[ISO7816.OFFSET_P2]; - short params = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); + private short insExport(APDU apdu) { + byte keyPair = apduArray[ISO7816.OFFSET_P1]; + byte key = apduArray[ISO7816.OFFSET_P2]; + short cdata = apdu.getOffsetCdata(); + short params = Util.getShort(apduArray, cdata); short swOffset = 0; short len = (short) (keyPair == KEYPAIR_BOTH ? 4 : 2); if ((keyPair & KEYPAIR_LOCAL) != 0) { - len += export(localKeypair, key, params, apdubuf, swOffset, len); + len += export(localKeypair, key, params, apdu.getBuffer(), swOffset, len); swOffset += 2; } if ((keyPair & KEYPAIR_REMOTE) != 0) { - len += export(remoteKeypair, key, params, apdubuf, swOffset, len); + len += export(remoteKeypair, key, params, apdu.getBuffer(), swOffset, len); } - apdu.setOutgoingAndSend((short) 0, len); + return len; } /** @@ -342,20 +344,17 @@ public class ECTesterApplet extends Applet { * DATA = byte export (EXPORT_TRUE || EXPORT_FALSE) * short corruption (EC_Consts.CORRUPTION_* | ...) * byte type (EC_Consts.KA_* | ...) + * @return length of response */ - private void insECDH(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte pubkey = apdubuf[ISO7816.OFFSET_P1]; - byte privkey = apdubuf[ISO7816.OFFSET_P2]; - byte export = apdubuf[ISO7816.OFFSET_CDATA]; - short corruption = Util.getShort(apdubuf, (short) (ISO7816.OFFSET_CDATA + 1)); - byte type = apdubuf[(short) (ISO7816.OFFSET_CDATA + 3)]; - - short len = ecdh(pubkey, privkey, export, corruption, type, apdubuf, (short) 0); - - apdu.setOutgoingAndSend((short) 0, len); + private short insECDH(APDU apdu) { + byte pubkey = apduArray[ISO7816.OFFSET_P1]; + byte privkey = apduArray[ISO7816.OFFSET_P2]; + short cdata = apdu.getOffsetCdata(); + byte export = apduArray[cdata]; + short corruption = Util.getShort(apduArray, (short) (cdata + 1)); + byte type = apduArray[(short) (cdata + 3)]; + + return ecdh(pubkey, privkey, export, corruption, type, apdu.getBuffer(), (short) 0); } /** @@ -366,37 +365,34 @@ public class ECTesterApplet extends Applet { * P2 = byte export (EXPORT_TRUE || EXPORT_FALSE) * DATA = short dataLength (00 = random data generated, !00 = data length) * byte[] data + * @return length of response */ - private void insECDSA(APDU apdu) { - apdu.setIncomingAndReceive(); - byte[] apdubuf = apdu.getBuffer(); - - byte keyPair = apdubuf[ISO7816.OFFSET_P1]; - byte export = apdubuf[ISO7816.OFFSET_P2]; + private short insECDSA(APDU apdu) { + byte keyPair = apduArray[ISO7816.OFFSET_P1]; + byte export = apduArray[ISO7816.OFFSET_P2]; + short cdata = apdu.getOffsetCdata(); short len = 0; if ((keyPair & KEYPAIR_LOCAL) != 0) { - len += ecdsa(localKeypair, export, apdubuf, ISO7816.OFFSET_CDATA, (short) 0); + len += ecdsa(localKeypair, export, apduArray, cdata, apdu.getBuffer(), (short) 0); } if ((keyPair & KEYPAIR_REMOTE) != 0) { - len += ecdsa(remoteKeypair, export, apdubuf, ISO7816.OFFSET_CDATA, len); + len += ecdsa(remoteKeypair, export, apduArray, cdata, apdu.getBuffer(), len); } - apdu.setOutgoingAndSend((short) 0, len); + return len; } /** * Performs card memory cleanup via JCSystem.requestObjectDeletion() * * @param apdu no data + * @return length of response */ - private void insCleanup(APDU apdu) { - apdu.setIncomingAndReceive(); + private short insCleanup(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); - short len = cleanup(apdubuf, (short) 0); - - apdu.setOutgoingAndSend((short) 0, len); + return cleanup(apdubuf, (short) 0); } /** @@ -404,35 +400,33 @@ public class ECTesterApplet extends Applet { * install. * * @param apdu no data + * @return length of response */ - private void insSupport(APDU apdu) { - apdu.setIncomingAndReceive(); + private short insSupport(APDU apdu) { byte[] apdubuf = apdu.getBuffer(); - short len = support(apdubuf, (short) 0); - - apdu.setOutgoingAndSend((short) 0, len); + return support(apdubuf, (short) 0); } /** * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) * @param keyLength key length to set * @param keyClass key class to allocate - * @param buffer buffer to write sw to - * @param offset offset into buffer + * @param outBuffer buffer to write sw to + * @param outOffset offset into buffer * @return length of data written to the buffer */ - private short allocate(byte keyPair, short keyLength, byte keyClass, byte[] buffer, short offset) { + private short allocate(byte keyPair, short keyLength, byte keyClass, byte[] outBuffer, short outOffset) { short length = 0; if ((keyPair & KEYPAIR_LOCAL) != 0) { localKeypair = keyGenerator.allocatePair(keyClass, keyLength); - Util.setShort(buffer, offset, keyGenerator.getSW()); + Util.setShort(outBuffer, outOffset, keyGenerator.getSW()); length += 2; } if ((keyPair & KEYPAIR_REMOTE) != 0) { remoteKeypair = keyGenerator.allocatePair(keyClass, keyLength); - Util.setShort(buffer, (short) (offset + length), keyGenerator.getSW()); + Util.setShort(outBuffer, (short) (outOffset + length), keyGenerator.getSW()); length += 2; } @@ -440,14 +434,14 @@ public class ECTesterApplet extends Applet { } /** - * @param keyPair KeyPair to clear - * @param buffer buffer to write sw to - * @param offset offset into buffer + * @param keyPair KeyPair to clear + * @param outBuffer buffer to write sw to + * @param outOffset offset into buffer * @return length of data written to the buffer */ - private short clear(KeyPair keyPair, byte[] buffer, short offset) { + private short clear(KeyPair keyPair, byte[] outBuffer, short outOffset) { short sw = keyGenerator.clearPair(keyPair, EC_Consts.KEY_BOTH); - Util.setShort(buffer, offset, sw); + Util.setShort(outBuffer, outOffset, sw); return 2; } @@ -456,12 +450,13 @@ public class ECTesterApplet extends Applet { * @param keyPair KeyPair to set params on * @param curve curve to set (EC_Consts.CURVE_*) * @param params parameters to set (EC_Consts.PARAMETER_* | ...) - * @param buffer buffer to read params from and write sw to + * @param inBuffer buffer to read params from * @param inOffset input offset in buffer + * @param outBuffer buffer to write sw to * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short set(KeyPair keyPair, byte curve, short params, byte[] buffer, short inOffset, short outOffset) { + private short set(KeyPair keyPair, byte curve, short params, byte[] inBuffer, short inOffset, byte[] outBuffer, short outOffset) { short sw = ISO7816.SW_NO_ERROR; switch (curve) { @@ -470,7 +465,7 @@ public class ECTesterApplet extends Applet { break; case EC_Consts.CURVE_external: //external - sw = keyGenerator.setExternalCurve(keyPair, params, buffer, inOffset); + sw = keyGenerator.setExternalCurve(keyPair, params, inBuffer, inOffset); break; default: //custom @@ -478,7 +473,7 @@ public class ECTesterApplet extends Applet { break; } - Util.setShort(buffer, outOffset, sw); + Util.setShort(outBuffer, outOffset, sw); return 2; } @@ -487,54 +482,54 @@ public class ECTesterApplet extends Applet { * @param key key to corrupt (EC_Consts.KEY_* | ...) * @param params parameters to corrupt (EC_Consts.PARAMETER_* | ...) * @param corruption corruption type (EC_Consts.CORRUPTION_*) - * @param buffer buffer to output sw to - * @param offset output offset in buffer + * @param outBuffer buffer to output sw to + * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short corrupt(KeyPair keyPair, byte key, short params, byte corruption, byte[] buffer, short offset) { + private short corrupt(KeyPair keyPair, byte key, short params, byte corruption, byte[] outBuffer, short outOffset) { short sw = keyGenerator.corruptCurve(keyPair, key, params, corruption, ramArray, (short) 0); - Util.setShort(buffer, offset, sw); + Util.setShort(outBuffer, outOffset, sw); return 2; } /** - * @param keyPair KeyPair to generate - * @param buffer buffer to write sw to - * @param offset output offset in buffer + * @param keyPair KeyPair to generate + * @param outBuffer buffer to output sw to + * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short generate(KeyPair keyPair, byte[] buffer, short offset) { + private short generate(KeyPair keyPair, byte[] outBuffer, short outOffset) { short sw = keyGenerator.generatePair(keyPair); - Util.setShort(buffer, offset, sw); + Util.setShort(outBuffer, outOffset, sw); return 2; } /** - * @param keyPair KeyPair to export from - * @param key which key to export from (EC_Consts.KEY_PUBLIC | EC_Consts.KEY_PRIVATE) - * @param params which params to export (EC_Consts.PARAMETER_* | ...) - * @param buffer buffer to export params to - * @param swOffset offset to output sw to buffer - * @param offset output offset in buffer + * @param keyPair KeyPair to export from + * @param key which key to export from (EC_Consts.KEY_PUBLIC | EC_Consts.KEY_PRIVATE) + * @param params which params to export (EC_Consts.PARAMETER_* | ...) + * @param outBuffer buffer to export params to + * @param swOffset offset to output sw to buffer + * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short export(KeyPair keyPair, byte key, short params, byte[] buffer, short swOffset, short offset) { + private short export(KeyPair keyPair, byte key, short params, byte[] outBuffer, short swOffset, short outOffset) { short length = 0; short sw = ISO7816.SW_NO_ERROR; if ((key & EC_Consts.KEY_PUBLIC) != 0) { //export params from public - length += keyGenerator.exportParameters(keyPair, EC_Consts.KEY_PUBLIC, params, buffer, offset); + length += keyGenerator.exportParameters(keyPair, EC_Consts.KEY_PUBLIC, params, outBuffer, outOffset); sw = keyGenerator.getSW(); } //TODO unify this, now that param key == the passed on param. if ((key & EC_Consts.KEY_PRIVATE) != 0 && sw == ISO7816.SW_NO_ERROR) { //export params from private - length += keyGenerator.exportParameters(keyPair, EC_Consts.KEY_PRIVATE, params, buffer, (short) (offset + length)); + length += keyGenerator.exportParameters(keyPair, EC_Consts.KEY_PRIVATE, params, outBuffer, (short) (outOffset + length)); sw = keyGenerator.getSW(); } - Util.setShort(buffer, swOffset, sw); + Util.setShort(outBuffer, swOffset, sw); return length; } @@ -545,11 +540,11 @@ public class ECTesterApplet extends Applet { * @param export whether to export ECDH secret * @param corruption whether to invalidate the pubkey before ECDH * @param type KeyAgreement type to test (EC_Consts.KA_* || ...) - * @param buffer buffer to write sw to, and export ECDH secret {@code if(export == EXPORT_TRUE)} - * @param offset output offset in buffer + * @param outBuffer buffer to write sw to, and export ECDH secret {@code if(export == EXPORT_TRUE)} + * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short ecdh(byte pubkey, byte privkey, byte export, short corruption, byte type, byte[] buffer, short offset) { + private short ecdh(byte pubkey, byte privkey, byte export, short corruption, byte type, byte[] outBuffer, short outOffset) { short length = 0; KeyPair pub = ((pubkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; @@ -573,13 +568,13 @@ public class ECTesterApplet extends Applet { ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } - Util.setShort(buffer, offset, keyTester.getSW()); + Util.setShort(outBuffer, outOffset, keyTester.getSW()); length += 2; if ((export == EXPORT_TRUE)) { - Util.setShort(buffer, (short) (offset + length), secretLength); + Util.setShort(outBuffer, (short) (outOffset + length), secretLength); length += 2; - Util.arrayCopyNonAtomic(ramArray2, (short) 0, buffer, (short) (offset + length), secretLength); + Util.arrayCopyNonAtomic(ramArray2, (short) 0, outBuffer, (short) (outOffset + length), secretLength); length += secretLength; } @@ -589,32 +584,33 @@ public class ECTesterApplet extends Applet { /** * @param sign keyPair to use for signing and verification * @param export whether to export ECDSA signature - * @param buffer buffer to write sw to, and export ECDSA signature {@code if(export == EXPORT_TRUE)} + * @param inBuffer buffer to read dataLength and data to sign from * @param inOffset input offset in buffer + * @param outBuffer buffer to write sw to, and export ECDSA signature {@code if(export == EXPORT_TRUE)} * @param outOffset output offset in buffer * @return length of data written to the buffer */ - private short ecdsa(KeyPair sign, byte export, byte[] buffer, short inOffset, short outOffset) { + private short ecdsa(KeyPair sign, byte export, byte[] inBuffer, short inOffset, byte[] outBuffer, short outOffset) { short length = 0; - short dataLength = Util.getShort(buffer, inOffset); + short dataLength = Util.getShort(inBuffer, inOffset); if (dataLength == 0) { //no data to sign //generate random dataLength = 64; randomData.generateData(ramArray, (short) 0, dataLength); } else { - Util.arrayCopyNonAtomic(buffer, (short) (inOffset + 2), ramArray, (short) 0, dataLength); + Util.arrayCopyNonAtomic(inBuffer, (short) (inOffset + 2), ramArray, (short) 0, dataLength); } short signatureLength = keyTester.testECDSA((ECPrivateKey) sign.getPrivate(), (ECPublicKey) sign.getPublic(), ramArray, (short) 0, dataLength, ramArray2, (short) 0); - Util.setShort(buffer, outOffset, keyTester.getSW()); + Util.setShort(outBuffer, outOffset, keyTester.getSW()); length += 2; if (export == EXPORT_TRUE) { - Util.setShort(buffer, (short) (outOffset + length), signatureLength); + Util.setShort(outBuffer, (short) (outOffset + length), signatureLength); length += 2; - Util.arrayCopyNonAtomic(ramArray2, (short) 0, buffer, (short) (outOffset + length), signatureLength); + Util.arrayCopyNonAtomic(ramArray2, (short) 0, outBuffer, (short) (outOffset + length), signatureLength); length += signatureLength; } diff --git a/src/cz/crcs/ectester/applet/ECUtil.java b/src/cz/crcs/ectester/applet/ECUtil.java deleted file mode 100644 index 5d5c4d2..0000000 --- a/src/cz/crcs/ectester/applet/ECUtil.java +++ /dev/null @@ -1,35 +0,0 @@ -package cz.crcs.ectester.applet; - -import javacard.framework.ISO7816; -import javacard.framework.ISOException; -import javacard.security.KeyAgreement; -import javacard.security.KeyPair; -import javacard.security.Signature; - -/** - * @author Jan Jancar johny@neuromancer.sk - */ -public class ECUtil { - - private static short nullCheck(Object obj, short sw) { - if (obj == null) - ISOException.throwIt(sw); - return ISO7816.SW_NO_ERROR; - } - - static short objCheck(Object obj) { - return nullCheck(obj, ECTesterApplet.SW_OBJECT_NULL); - } - - static short keypairCheck(KeyPair keyPair) { - return nullCheck(keyPair, ECTesterApplet.SW_KEYPAIR_NULL); - } - - static short kaCheck(KeyAgreement keyAgreement) { - return nullCheck(keyAgreement, ECTesterApplet.SW_KA_NULL); - } - - static short signCheck(Signature signature) { - return nullCheck(signature, ECTesterApplet.SW_SIGNATURE_NULL); - } -} diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index d970542..0276019 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -1306,7 +1306,7 @@ public class EC_Consts { // an uncompressed point should have odd length (since 1 byte type, + 2 * coords) ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } - short half = (short) ((short)(length - 1) / 2); + short half = (short) ((short) (length - 1) / 2); byte yLSB = buffer[(short) (offset + length)]; byte yBit = (byte) (yLSB & 0x01); if (yBit == 1) { @@ -1317,7 +1317,7 @@ public class EC_Consts { length = (short) (half + 1); break; - //TODO: test hybrid form with not corresponding yBit (in first byte value) and y_value in the second half of the param + //TODO: test hybrid form with not corresponding yBit (in first byte value) and y_value in the second half of the param default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } diff --git a/src/cz/crcs/ectester/data/nist/p521.csv b/src/cz/crcs/ectester/data/nist/p521.csv index fee50ce..e280665 100644 --- a/src/cz/crcs/ectester/data/nist/p521.csv +++ b/src/cz/crcs/ectester/data/nist/p521.csv @@ -1 +1 @@ -1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff,1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc,051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00,c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66,11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650,1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409,1 \ No newline at end of file +01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff,01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc,0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00,00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66,011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650,01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409,1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index 4e210ed..6c2b769 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -66,6 +66,9 @@ public abstract class Command { if (curve.getBits() != keyLength) { throw new IOException("Curve bits mismatch: " + curve.getBits() + " vs " + keyLength + " entered."); } + if (curve.getField() != keyClass) { + throw new IOException("Curve field mismatch."); + } byte[] external = curve.flatten(); if (external == null) { diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 217b9ef..4ba8e9a 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -368,6 +368,9 @@ public class ECTester { keysFile.flush(); generated++; } + Response cleanup = new Command.Cleanup(cardManager).send(); + systemOutLogger.println(cleanup.toString()); + keysFile.close(); } @@ -474,6 +477,8 @@ public class ECTester { ++done; } + Response cleanup = new Command.Cleanup(cardManager).send(); + systemOutLogger.println(cleanup.toString()); if (out != null) out.close(); @@ -545,6 +550,9 @@ public class ECTester { ++done; } + Response cleanup = new Command.Cleanup(cardManager).send(); + systemOutLogger.println(cleanup.toString()); + if (out != null) out.close(); } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index c82772f..d74724c 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -126,7 +126,7 @@ public abstract class Response { } } if (suffix.length() == 0) { - suffix.append(" ").append(Util.getSWString(getNaturalSW())); + suffix.append(" [").append(Util.getSW(getNaturalSW())).append("]"); } return String.format("%-62s:%4d ms : %s", inner, time / 1000000, suffix); } diff --git a/src/cz/crcs/ectester/reader/Test.java b/src/cz/crcs/ectester/reader/Test.java index 651274d..157e360 100644 --- a/src/cz/crcs/ectester/reader/Test.java +++ b/src/cz/crcs/ectester/reader/Test.java @@ -61,6 +61,10 @@ public class Test { hasRun = true; } + public boolean hasRun() { + return hasRun; + } + @Override public String toString() { if (hasRun) { diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index 5e9511b..414c2a9 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -4,6 +4,7 @@ import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.reader.ec.*; +import javacard.security.Key; import javacard.security.KeyPair; import javax.smartcardio.CardException; @@ -18,7 +19,6 @@ public abstract class TestSuite { EC_Store dataStore; ECTester.Config cfg; String name; - boolean hasRun = false; List tests = new LinkedList<>(); TestSuite(EC_Store dataStore, ECTester.Config cfg, String name) { @@ -29,10 +29,11 @@ public abstract class TestSuite { public List run(CardMngr cardManager) throws CardException, IOException { for (Test t : tests) { - t.run(); - System.out.println(t); + if (!t.hasRun()) { + t.run(); + System.out.println(t); + } } - hasRun = true; return tests; } @@ -40,10 +41,6 @@ public abstract class TestSuite { return Collections.unmodifiableList(tests); } - public boolean hasRun() { - return hasRun; - } - public String getName() { return name; } @@ -171,6 +168,9 @@ public abstract class TestSuite { if (curve.getBits() != cfg.bits && !cfg.all) { continue; } + if (curve.getField() == KeyPair.ALG_EC_FP && !cfg.primeField || curve.getField() == KeyPair.ALG_EC_F2M && !cfg.binaryField) { + continue; + } EC_Params onekey = dataStore.getObject(EC_Keypair.class, result.getOneKey()); if (onekey == null) { onekey = dataStore.getObject(EC_Key.Private.class, result.getOneKey()); @@ -206,7 +206,6 @@ public abstract class TestSuite { public static class NonPrime extends TestSuite { - public NonPrime(EC_Store dataStore, ECTester.Config cfg) { super(dataStore, cfg, "nonprime"); } @@ -222,6 +221,12 @@ public abstract class TestSuite { Map keys = dataStore.getObjects(EC_Key.class, "nonprime"); for (EC_Key key : keys.values()) { EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); + if (cfg.namedCurve != null && !(key.getCurve().startsWith(cfg.namedCurve) || key.getCurve().equals(cfg.namedCurve))) { + continue; + } + if (curve.getField() == KeyPair.ALG_EC_FP && !cfg.primeField || curve.getField() == KeyPair.ALG_EC_F2M && !cfg.binaryField) { + continue; + } if ((curve.getBits() == cfg.bits || cfg.all)) { tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.ANY)); @@ -256,6 +261,9 @@ public abstract class TestSuite { if (curve.getBits() != cfg.bits && !cfg.all) { continue; } + if (curve.getField() == KeyPair.ALG_EC_FP && !cfg.primeField || curve.getField() == KeyPair.ALG_EC_F2M && !cfg.binaryField) { + continue; + } List keys = curves.getOrDefault(curve, new LinkedList<>()); keys.add(key); curves.putIfAbsent(curve, keys); diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 986433f..3a7e9fe 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -166,115 +166,120 @@ public class Util { } } + public static String getSW(short sw) { + String str; + switch (sw) { + case ISO7816.SW_APPLET_SELECT_FAILED: + str = "APPLET_SELECT_FAILED"; + break; + case ISO7816.SW_BYTES_REMAINING_00: + str = "BYTES_REMAINING"; + break; + case ISO7816.SW_CLA_NOT_SUPPORTED: + str = "CLA_NOT_SUPPORTED"; + break; + case ISO7816.SW_COMMAND_NOT_ALLOWED: + str = "COMMAND_NOT_ALLOWED"; + break; + case ISO7816.SW_CONDITIONS_NOT_SATISFIED: + str = "CONDITIONS_NOT_SATISFIED"; + break; + case ISO7816.SW_CORRECT_LENGTH_00: + str = "CORRECT_LENGTH"; + break; + case ISO7816.SW_DATA_INVALID: + str = "DATA_INVALID"; + break; + case ISO7816.SW_FILE_FULL: + str = "FILE_FULL"; + break; + case ISO7816.SW_FILE_INVALID: + str = "FILE_INVALID"; + break; + case ISO7816.SW_FILE_NOT_FOUND: + str = "FILE_NOT_FOUND"; + break; + case ISO7816.SW_FUNC_NOT_SUPPORTED: + str = "FUNC_NOT_SUPPORTED"; + break; + case ISO7816.SW_INCORRECT_P1P2: + str = "INCORRECT_P1P2"; + break; + case ISO7816.SW_INS_NOT_SUPPORTED: + str = "INS_NOT_SUPPORTED"; + break; + case ISO7816.SW_LOGICAL_CHANNEL_NOT_SUPPORTED: + str = "LOGICAL_CHANNEL_NOT_SUPPORTED"; + break; + case ISO7816.SW_RECORD_NOT_FOUND: + str = "RECORD_NOT_FOUND"; + break; + case ISO7816.SW_SECURE_MESSAGING_NOT_SUPPORTED: + str = "SECURE_MESSAGING_NOT_SUPPORTED"; + break; + case ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED: + str = "SECURITY_STATUS_NOT_SATISFIED"; + break; + case ISO7816.SW_UNKNOWN: + str = "UNKNOWN"; + break; + case ISO7816.SW_WARNING_STATE_UNCHANGED: + str = "WARNING_STATE_UNCHANGED"; + break; + case ISO7816.SW_WRONG_DATA: + str = "WRONG_DATA"; + break; + case ISO7816.SW_WRONG_LENGTH: + str = "WRONG_LENGTH"; + break; + case ISO7816.SW_WRONG_P1P2: + str = "WRONG_P1P2"; + break; + case CryptoException.ILLEGAL_VALUE: + str = "ILLEGAL_VALUE"; + break; + case CryptoException.UNINITIALIZED_KEY: + str = "UNINITIALIZED_KEY"; + break; + case CryptoException.NO_SUCH_ALGORITHM: + str = "NO_SUCH_ALG"; + break; + case CryptoException.INVALID_INIT: + str = "INVALID_INIT"; + break; + case CryptoException.ILLEGAL_USE: + str = "ILLEGAL_USE"; + break; + case ECTesterApplet.SW_SIG_VERIFY_FAIL: + str = "SIG_VERIFY_FAIL"; + break; + case ECTesterApplet.SW_DH_DHC_MISMATCH: + str = "DH_DHC_MISMATCH"; + break; + case ECTesterApplet.SW_KEYPAIR_NULL: + str = "KEYPAIR_NULL"; + break; + case ECTesterApplet.SW_KA_NULL: + str = "KA_NULL"; + break; + case ECTesterApplet.SW_SIGNATURE_NULL: + str = "SIGNATURE_NULL"; + break; + case ECTesterApplet.SW_OBJECT_NULL: + str = "OBJECT_NULL"; + break; + default: + str = "unknown"; + break; + } + return str; + } + public static String getSWString(short sw) { if (sw == ISO7816.SW_NO_ERROR) { return "OK\t(0x9000)"; } else { - String str; - switch (sw) { - case ISO7816.SW_APPLET_SELECT_FAILED: - str = "APPLET_SELECT_FAILED"; - break; - case ISO7816.SW_BYTES_REMAINING_00: - str = "BYTES_REMAINING"; - break; - case ISO7816.SW_CLA_NOT_SUPPORTED: - str = "CLA_NOT_SUPPORTED"; - break; - case ISO7816.SW_COMMAND_NOT_ALLOWED: - str = "COMMAND_NOT_ALLOWED"; - break; - case ISO7816.SW_CONDITIONS_NOT_SATISFIED: - str = "CONDITIONS_NOT_SATISFIED"; - break; - case ISO7816.SW_CORRECT_LENGTH_00: - str = "CORRECT_LENGTH"; - break; - case ISO7816.SW_DATA_INVALID: - str = "DATA_INVALID"; - break; - case ISO7816.SW_FILE_FULL: - str = "FILE_FULL"; - break; - case ISO7816.SW_FILE_INVALID: - str = "FILE_INVALID"; - break; - case ISO7816.SW_FILE_NOT_FOUND: - str = "FILE_NOT_FOUND"; - break; - case ISO7816.SW_FUNC_NOT_SUPPORTED: - str = "FUNC_NOT_SUPPORTED"; - break; - case ISO7816.SW_INCORRECT_P1P2: - str = "INCORRECT_P1P2"; - break; - case ISO7816.SW_INS_NOT_SUPPORTED: - str = "INS_NOT_SUPPORTED"; - break; - case ISO7816.SW_LOGICAL_CHANNEL_NOT_SUPPORTED: - str = "LOGICAL_CHANNEL_NOT_SUPPORTED"; - break; - case ISO7816.SW_RECORD_NOT_FOUND: - str = "RECORD_NOT_FOUND"; - break; - case ISO7816.SW_SECURE_MESSAGING_NOT_SUPPORTED: - str = "SECURE_MESSAGING_NOT_SUPPORTED"; - break; - case ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED: - str = "SECURITY_STATUS_NOT_SATISFIED"; - break; - case ISO7816.SW_UNKNOWN: - str = "UNKNOWN"; - break; - case ISO7816.SW_WARNING_STATE_UNCHANGED: - str = "WARNING_STATE_UNCHANGED"; - break; - case ISO7816.SW_WRONG_DATA: - str = "WRONG_DATA"; - break; - case ISO7816.SW_WRONG_LENGTH: - str = "WRONG_LENGTH"; - break; - case ISO7816.SW_WRONG_P1P2: - str = "WRONG_P1P2"; - break; - case CryptoException.ILLEGAL_VALUE: - str = "ILLEGAL_VALUE"; - break; - case CryptoException.UNINITIALIZED_KEY: - str = "UNINITIALIZED_KEY"; - break; - case CryptoException.NO_SUCH_ALGORITHM: - str = "NO_SUCH_ALG"; - break; - case CryptoException.INVALID_INIT: - str = "INVALID_INIT"; - break; - case CryptoException.ILLEGAL_USE: - str = "ILLEGAL_USE"; - break; - case ECTesterApplet.SW_SIG_VERIFY_FAIL: - str = "SIG_VERIFY_FAIL"; - break; - case ECTesterApplet.SW_DH_DHC_MISMATCH: - str = "DH_DHC_MISMATCH"; - break; - case ECTesterApplet.SW_KEYPAIR_NULL: - str = "KEYPAIR_NULL"; - break; - case ECTesterApplet.SW_KA_NULL: - str = "KA_NULL"; - break; - case ECTesterApplet.SW_SIGNATURE_NULL: - str = "SIGNATURE_NULL"; - break; - case ECTesterApplet.SW_OBJECT_NULL: - str = "OBJECT_NULL"; - break; - default: - str = "unknown"; - break; - } + String str = getSW(sw); return String.format("fail\t(%s,\t0x%04x)", str, sw); } } -- cgit v1.2.3-70-g09d2 From fd0f05e49eaa3dd7801960f12f7b13d6bcc00066 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sat, 20 May 2017 16:20:10 +0200 Subject: Minor fixes --- !uploader/ectester.cap | Bin 14877 -> 14877 bytes dist/ECTester.jar | Bin 709688 -> 709699 bytes jcbuild.xml | 5 +++++ src/cz/crcs/ectester/applet/ECTesterApplet.java | 6 +++--- src/cz/crcs/ectester/applet/EC_Consts.java | 2 +- src/cz/crcs/ectester/reader/Util.java | 2 +- 6 files changed, 10 insertions(+), 5 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index e5d5183..c0b0b0b 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 691d575..8e690e8 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/jcbuild.xml b/jcbuild.xml index a4d7619..793060c 100644 --- a/jcbuild.xml +++ b/jcbuild.xml @@ -23,4 +23,9 @@ + + + + + diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index f957273..a7d8537 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -645,17 +645,17 @@ public class ECTesterApplet extends Applet implements ExtendedLength { if (keyTester.hasECDH()) { Util.setShort(buffer, offset, ecdhSW); } else { - Util.setShort(buffer, offset, ISO7816.SW_INS_NOT_SUPPORTED); + Util.setShort(buffer, offset, ISO7816.SW_FUNC_NOT_SUPPORTED); } if (keyTester.hasECDHC()) { Util.setShort(buffer, (short) (offset + 2), ecdhcSW); } else { - Util.setShort(buffer, (short) (offset + 2), ISO7816.SW_INS_NOT_SUPPORTED); + Util.setShort(buffer, (short) (offset + 2), ISO7816.SW_FUNC_NOT_SUPPORTED); } if (keyTester.hasECDSA()) { Util.setShort(buffer, (short) (offset + 4), ecdsaSW); } else { - Util.setShort(buffer, (short) (offset + 4), ISO7816.SW_INS_NOT_SUPPORTED); + Util.setShort(buffer, (short) (offset + 4), ISO7816.SW_FUNC_NOT_SUPPORTED); } return 6; diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index 0276019..53eab41 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -990,7 +990,7 @@ public class EC_Consts { public static final byte F2M_CURVES = (byte) 12; - public static final short[] FP_SIZES = new short[]{128, 160, 192, 224, 256, 384, 521}; + public static final short[] FP_SIZES = new short[]{112, 128, 160, 192, 224, 256, 384, 512, 521}; public static final short[] F2M_SIZES = new short[]{163, 233, 283, 409, 571}; public static byte getCurve(short keyLength, byte keyClass) { diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 3a7e9fe..e7b7338 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -280,7 +280,7 @@ public class Util { return "OK\t(0x9000)"; } else { String str = getSW(sw); - return String.format("fail\t(%s,\t0x%04x)", str, sw); + return String.format("fail\t(%s, 0x%04x)", str, sw); } } -- cgit v1.2.3-70-g09d2 From 931d6b12b301eef7cfdd1dd54bd9aef4b63c746a Mon Sep 17 00:00:00 2001 From: J08nY Date: Sat, 20 May 2017 16:49:38 +0200 Subject: Reformatted curve and test CSV data --- dist/ECTester.jar | Bin 709699 -> 710757 bytes .../crcs/ectester/data/anomalous/miyaji128a1.csv | 2 +- .../crcs/ectester/data/anomalous/miyaji128a2.csv | 2 +- .../crcs/ectester/data/anomalous/miyaji128b1.csv | 2 +- .../crcs/ectester/data/anomalous/miyaji128b2.csv | 2 +- .../ectester/data/brainpool/brainpoolP160r1.csv | 2 +- .../ectester/data/brainpool/brainpoolP160t1.csv | 2 +- .../ectester/data/brainpool/brainpoolP192r1.csv | 2 +- .../ectester/data/brainpool/brainpoolP192t1.csv | 2 +- .../ectester/data/brainpool/brainpoolP224r1.csv | 2 +- .../ectester/data/brainpool/brainpoolP224t1.csv | 2 +- .../ectester/data/brainpool/brainpoolP256r1.csv | 2 +- .../ectester/data/brainpool/brainpoolP256t1.csv | 2 +- .../ectester/data/brainpool/brainpoolP320r1.csv | 2 +- .../ectester/data/brainpool/brainpoolP320t1.csv | 2 +- .../ectester/data/brainpool/brainpoolP384r1.csv | 2 +- .../ectester/data/brainpool/brainpoolP384t1.csv | 2 +- .../ectester/data/brainpool/brainpoolP512r1.csv | 2 +- .../ectester/data/brainpool/brainpoolP512t1.csv | 2 +- src/cz/crcs/ectester/data/nist/b163.csv | 2 +- src/cz/crcs/ectester/data/nist/k163.csv | 2 +- src/cz/crcs/ectester/data/nist/p192.csv | 2 +- src/cz/crcs/ectester/data/nist/p224.csv | 2 +- src/cz/crcs/ectester/data/nist/p256.csv | 2 +- src/cz/crcs/ectester/data/nist/p384.csv | 2 +- src/cz/crcs/ectester/data/nist/p521.csv | 2 +- src/cz/crcs/ectester/data/nonprime/nonprime128.csv | 2 +- .../ectester/data/nonprime/nonprime128_pub.csv | 2 +- src/cz/crcs/ectester/data/nonprime/nonprime160.csv | 2 +- .../ectester/data/nonprime/nonprime160_pub.csv | 2 +- src/cz/crcs/ectester/data/nonprime/nonprime192.csv | 2 +- .../ectester/data/nonprime/nonprime192_pub.csv | 2 +- src/cz/crcs/ectester/data/nonprime/nonprime224.csv | 2 +- .../ectester/data/nonprime/nonprime224_pub.csv | 2 +- src/cz/crcs/ectester/data/nonprime/nonprime256.csv | 2 +- .../ectester/data/nonprime/nonprime256_pub.csv | 2 +- src/cz/crcs/ectester/data/nonprime/nonprime384.csv | 2 +- .../ectester/data/nonprime/nonprime384_pub.csv | 2 +- src/cz/crcs/ectester/data/nonprime/nonprime521.csv | 2 +- .../ectester/data/nonprime/nonprime521_pub.csv | 2 +- src/cz/crcs/ectester/data/secg/secp112r1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp112r2.csv | 2 +- src/cz/crcs/ectester/data/secg/secp128r1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp128r2.csv | 2 +- src/cz/crcs/ectester/data/secg/secp160k1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp160r1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp160r2.csv | 2 +- src/cz/crcs/ectester/data/secg/secp192k1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp192r1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp224r1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp256k1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp256r1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp384r1.csv | 2 +- src/cz/crcs/ectester/data/secg/secp521r1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect163k1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect163r1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect163r2.csv | 2 +- src/cz/crcs/ectester/data/secg/sect233k1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect233r1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect239k1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect283k1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect283r1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect409k1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect409r1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect571k1.csv | 2 +- src/cz/crcs/ectester/data/secg/sect571r1.csv | 2 +- .../data/test/brainpool/brainpoolP224r1-dh-raw.csv | 2 +- .../test/brainpool/brainpoolP224r1-dh-sha1.csv | 2 +- .../data/test/brainpool/brainpoolP224r1-keyA.csv | 2 +- .../data/test/brainpool/brainpoolP224r1-keyB.csv | 2 +- .../data/test/brainpool/brainpoolP256r1-dh-raw.csv | 2 +- .../test/brainpool/brainpoolP256r1-dh-sha1.csv | 2 +- .../data/test/brainpool/brainpoolP256r1-keyA.csv | 2 +- .../data/test/brainpool/brainpoolP256r1-keyB.csv | 2 +- .../data/test/brainpool/brainpoolP384r1-dh-raw.csv | 2 +- .../test/brainpool/brainpoolP384r1-dh-sha1.csv | 2 +- .../data/test/brainpool/brainpoolP384r1-keyA.csv | 2 +- .../data/test/brainpool/brainpoolP384r1-keyB.csv | 2 +- .../data/test/brainpool/brainpoolP512r1-dh-raw.csv | 2 +- .../test/brainpool/brainpoolP512r1-dh-sha1.csv | 2 +- .../data/test/brainpool/brainpoolP512r1-keyA.csv | 2 +- .../data/test/brainpool/brainpoolP512r1-keyB.csv | 2 +- .../crcs/ectester/data/test/nist/b163-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/b163-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/b163-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/b163-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/b233-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/b233-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/b233-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/b233-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/b283-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/b283-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/b283-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/b283-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/b409-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/b409-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/b409-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/b409-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/b571-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/b571-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/b571-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/b571-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/k163-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/k163-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/k163-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/k163-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/k233-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/k233-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/k233-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/k233-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/k283-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/k283-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/k283-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/k283-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/k409-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/k409-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/k409-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/k409-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/k571-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/k571-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/k571-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/k571-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/p192-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/p192-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/p192-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/p192-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/p224-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/p224-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/p224-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/p224-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/p256-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/p256-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/p256-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/p256-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/p384-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/p384-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/p384-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/p384-keyIUT.csv | 2 +- .../crcs/ectester/data/test/nist/p521-dhc-raw.csv | 2 +- .../crcs/ectester/data/test/nist/p521-dhc-sha1.csv | 2 +- .../crcs/ectester/data/test/nist/p521-keyCAVS.csv | 2 +- .../crcs/ectester/data/test/nist/p521-keyIUT.csv | 2 +- .../ectester/data/test/secg/secp160r1-dh-kdf.csv | 2 +- .../ectester/data/test/secg/secp160r1-dh-raw.csv | 2 +- .../ectester/data/test/secg/secp160r1-dh-sha1.csv | 2 +- .../ectester/data/test/secg/secp160r1-keyU.csv | 2 +- .../ectester/data/test/secg/secp160r1-keyV.csv | 2 +- .../ectester/data/test/secg/sect163k1-dh-kdf.csv | 2 +- .../ectester/data/test/secg/sect163k1-dh-raw.csv | 2 +- .../ectester/data/test/secg/sect163k1-dh-sha1.csv | 2 +- .../ectester/data/test/secg/sect163k1-dhc-kdf.csv | 2 +- .../ectester/data/test/secg/sect163k1-dhc-raw.csv | 2 +- .../ectester/data/test/secg/sect163k1-dhc-sha1.csv | 2 +- .../ectester/data/test/secg/sect163k1-keyU.csv | 2 +- .../ectester/data/test/secg/sect163k1-keyV.csv | 2 +- src/cz/crcs/ectester/data/wrong/wrongp128.csv | 2 +- src/cz/crcs/ectester/data/wrong/wrongp160.csv | 2 +- src/cz/crcs/ectester/data/wrong/wrongp192.csv | 2 +- src/cz/crcs/ectester/data/wrong/wrongp224.csv | 2 +- src/cz/crcs/ectester/data/wrong/wrongp256.csv | 2 +- src/cz/crcs/ectester/data/wrong/wrongp384.csv | 2 +- src/cz/crcs/ectester/data/wrong/wrongp521.csv | 2 +- 162 files changed, 161 insertions(+), 161 deletions(-) diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 8e690e8..21b95f5 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/data/anomalous/miyaji128a1.csv b/src/cz/crcs/ectester/data/anomalous/miyaji128a1.csv index b1a84a0..20f2863 100644 --- a/src/cz/crcs/ectester/data/anomalous/miyaji128a1.csv +++ b/src/cz/crcs/ectester/data/anomalous/miyaji128a1.csv @@ -1 +1 @@ -80000000000001a86a91e9356e5fee11,1210cb7f8a3466b805b546960dd43f69,644a5a3e53a634ee06fa903172806914,55b40a8932013efa328cbe8abaf2f4ec,44375dc6a29cac1982fbf98c86da2707,80000000000001a86a91e9356e5fee11,1 +0x80000000000001a86a91e9356e5fee11,0x1210cb7f8a3466b805b546960dd43f69,0x644a5a3e53a634ee06fa903172806914,0x55b40a8932013efa328cbe8abaf2f4ec,0x44375dc6a29cac1982fbf98c86da2707,0x80000000000001a86a91e9356e5fee11,0x1 diff --git a/src/cz/crcs/ectester/data/anomalous/miyaji128a2.csv b/src/cz/crcs/ectester/data/anomalous/miyaji128a2.csv index 70098c0..4c0f6bc 100644 --- a/src/cz/crcs/ectester/data/anomalous/miyaji128a2.csv +++ b/src/cz/crcs/ectester/data/anomalous/miyaji128a2.csv @@ -1 +1 @@ -fffffffffffffe1c2758f379fd46b0d9,5e2336fa13c5c6ce7add23893c0dfec7,7bf26de6e350dc183c58c09ad8237e00,1d8b7c787fdc92d299ec14e7916e5f7d,67621e61f115a2544364c1cd52e3cfa7,fffffffffffffe1c2758f379fd46b0d9,1 +0xfffffffffffffe1c2758f379fd46b0d9,0x5e2336fa13c5c6ce7add23893c0dfec7,0x7bf26de6e350dc183c58c09ad8237e00,0x1d8b7c787fdc92d299ec14e7916e5f7d,0x67621e61f115a2544364c1cd52e3cfa7,0xfffffffffffffe1c2758f379fd46b0d9,0x1 diff --git a/src/cz/crcs/ectester/data/anomalous/miyaji128b1.csv b/src/cz/crcs/ectester/data/anomalous/miyaji128b1.csv index 5c1f8b8..678ce90 100644 --- a/src/cz/crcs/ectester/data/anomalous/miyaji128b1.csv +++ b/src/cz/crcs/ectester/data/anomalous/miyaji128b1.csv @@ -1 +1 @@ -800000000000037554ac874c19cdaedf,00000000000000000000000000000000,000000000000000000000000000000c0,635217788a2ff48664a09cb3cdf72b2e,5e69c2309032ef3cb1e41b1a245822be,800000000000037554ac874c19cdaedf,1 +0x800000000000037554ac874c19cdaedf,0x00000000000000000000000000000000,0x000000000000000000000000000000c0,0x635217788a2ff48664a09cb3cdf72b2e,0x5e69c2309032ef3cb1e41b1a245822be,0x800000000000037554ac874c19cdaedf,0x1 diff --git a/src/cz/crcs/ectester/data/anomalous/miyaji128b2.csv b/src/cz/crcs/ectester/data/anomalous/miyaji128b2.csv index fdb77a0..73bf5aa 100644 --- a/src/cz/crcs/ectester/data/anomalous/miyaji128b2.csv +++ b/src/cz/crcs/ectester/data/anomalous/miyaji128b2.csv @@ -1 +1 @@ -fffffffffffffe2a71fec762d2427ce7,00000000000000000000000000000000,000000000000000000000000000000c0,428e6765064e4a745b2aaae87ef7f0f7,3daee1541c98c3d51eec13a1f6177531,fffffffffffffe2a71fec762d2427ce7,1 +0xfffffffffffffe2a71fec762d2427ce7,0x00000000000000000000000000000000,0x000000000000000000000000000000c0,0x428e6765064e4a745b2aaae87ef7f0f7,0x3daee1541c98c3d51eec13a1f6177531,0xfffffffffffffe2a71fec762d2427ce7,0x1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.csv index 859424e..a6734e9 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP160r1.csv @@ -1 +1 @@ -E95E4A5F737059DC60DFC7AD95B3D8139515620F,340E7BE2A280EB74E2BE61BADA745D97E8F7C300,1E589A8595423412134FAA2DBDEC95C8D8675E58,BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3,1667CB477A1A8EC338F94741669C976316DA6321,E95E4A5F737059DC60DF5991D45029409E60FC09,1 \ No newline at end of file +0xe95e4a5f737059dc60dfc7ad95b3d8139515620f,0x340e7be2a280eb74e2be61bada745d97e8f7c300,0x1e589a8595423412134faa2dbdec95c8d8675e58,0xbed5af16ea3f6a4f62938c4631eb5af7bdbcdbc3,0x1667cb477a1a8ec338f94741669c976316da6321,0xe95e4a5f737059dc60df5991d45029409e60fc09,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv index 8377986..b045237 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP160t1.csv @@ -1 +1 @@ -E95E4A5F737059DC60DFC7AD95B3D8139515620F,E95E4A5F737059DC60DFC7AD95B3D8139515620C,7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380,B199B13B9B34EFC1397E64BAEB05ACC265FF2378,ADD6718B7C7C1961F0991B842443772152C9E0AD,E95E4A5F737059DC60DF5991D45029409E60FC09,1 +0xe95e4a5f737059dc60dfc7ad95b3d8139515620f,0xe95e4a5f737059dc60dfc7ad95b3d8139515620c,0x7a556b6dae535b7b51ed2c4d7daa7a0b5c55f380,0xb199b13b9b34efc1397e64baeb05acc265ff2378,0xadd6718b7c7c1961f0991b842443772152c9e0ad,0xe95e4a5f737059dc60df5991d45029409e60fc09,0x1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.csv index c4f1999..d7fcf54 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP192r1.csv @@ -1 +1 @@ -C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297,6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF,469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9,C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6,14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F,C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1,1 \ No newline at end of file +0xc302f41d932a36cda7a3463093d18db78fce476de1a86297,0x6a91174076b1e0e19c39c031fe8685c1cae040e5c69a28ef,0x469a28ef7c28cca3dc721d044f4496bcca7ef4146fbf25c9,0xc0a0647eaab6a48753b033c56cb0f0900a2f5c4853375fd6,0x14b690866abd5bb88b5f4828c1490002e6773fa2fa299b8f,0xc302f41d932a36cda7a3462f9e9e916b5be8f1029ac4acc1,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv index 469b46e..45ed451 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP192t1.csv @@ -1 +1 @@ -C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297,C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294,13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79,3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129,97E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9,C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1,1 +0xc302f41d932a36cda7a3463093d18db78fce476de1a86297,0xc302f41d932a36cda7a3463093d18db78fce476de1a86294,0x13d56ffaec78681e68f9deb43b35bec2fb68542e27897b79,0x3ae9e58c82f63c30282e1fe7bbf43fa72c446af6f4618129,0x97e2c5667c2223a902ab5ca449d0084b7e5b3de7ccc01c9,0xc302f41d932a36cda7a3462f9e9e916b5be8f1029ac4acc1,0x1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.csv index 6839e31..411ff99 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP224r1.csv @@ -1 +1 @@ -D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF,68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43,2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B,D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D,58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD,D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F,1 \ No newline at end of file +0xd7c134aa264366862a18302575d1d787b09f075797da89f57ec8c0ff,0x68a5e62ca9ce6c1c299803a6c1530b514e182ad8b0042a59cad29f43,0x2580f63ccfe44138870713b1a92369e33e2135d266dbb372386c400b,0xd9029ad2c7e5cf4340823b2a87dc68c9e4ce3174c1e6efdee12c07d,0x58aa56f772c0726f24c6b89e4ecdac24354b9e99caa3f6d3761402cd,0xd7c134aa264366862a18302575d0fb98d116bc4b6ddebca3a5a7939f,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv index 877a157..d0e2610 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP224t1.csv @@ -1 +1 @@ -D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF,D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC,4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D,6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580,374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C,D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F,1 +0xd7c134aa264366862a18302575d1d787b09f075797da89f57ec8c0ff,0xd7c134aa264366862a18302575d1d787b09f075797da89f57ec8c0fc,0x4b337d934104cd7bef271bf60ced1ed20da14c08b3bb64f18a60888d,0x6ab1e344ce25ff3896424e7ffe14762ecb49f8928ac0c76029b4d580,0x374e9f5143e568cd23f3f4d7c0d4b1e41c8cc0d1c6abd5f1a46db4c,0xd7c134aa264366862a18302575d0fb98d116bc4b6ddebca3a5a7939f,0x1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.csv index f30cf91..f88728d 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP256r1.csv @@ -1 +1 @@ -A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377,7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9,26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6,8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262,547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997,A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7,1 \ No newline at end of file +0xa9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377,0x7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9,0x26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6,0x8bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262,0x547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997,0xa9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv index ae54af0..9c21eac 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP256t1.csv @@ -1 +1 @@ -A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377,A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374,662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04,A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4,2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE,A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7,1 +0xa9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377,0xa9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5374,0x662c61c430d84ea4fe66a7733d0b76b7bf93ebc4af2f49256ae58101fee92b04,0xa3e8eb3cc1cfe7b7732213b23a656149afa142c47aafbc2b79a191562e1305f4,0x2d996c823439c56d7f7b22e14644417e69bcb6de39d027001dabe8f35b25c9be,0xa9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7,0x1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.csv index 128cfb0..a5ea90d 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP320r1.csv @@ -1 +1 @@ -D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27,3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4,520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6,43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611,14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1,D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311,1 \ No newline at end of file +0xd35e472036bc4fb7e13c785ed201e065f98fcfa6f6f40def4f92b9ec7893ec28fcd412b1f1b32e27,0x3ee30b568fbab0f883ccebd46d3f3bb8a2a73513f5eb79da66190eb085ffa9f492f375a97d860eb4,0x520883949dfdbc42d3ad198640688a6fe13f41349554b49acc31dccd884539816f5eb4ac8fb1f1a6,0x43bd7e9afb53d8b85289bcc48ee5bfe6f20137d10a087eb6e7871e2a10a599c710af8d0d39e20611,0x14fdd05545ec1cc8ab4093247f77275e0743ffed117182eaa9c77877aaac6ac7d35245d1692e8ee1,0xd35e472036bc4fb7e13c785ed201e065f98fcfa5b68f12a32d482ec7ee8658e98691555b44c59311,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv index 9dd5cdb..cda7844 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP320t1.csv @@ -1 +1 @@ -D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27,D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24,A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353,925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED52,63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3,D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311,1 +0xd35e472036bc4fb7e13c785ed201e065f98fcfa6f6f40def4f92b9ec7893ec28fcd412b1f1b32e27,0xd35e472036bc4fb7e13c785ed201e065f98fcfa6f6f40def4f92b9ec7893ec28fcd412b1f1b32e24,0xa7f561e038eb1ed560b3d147db782013064c19f27ed27c6780aaf77fb8a547ceb5b4fef422340353,0x925be9fb01afc6fb4d3e7d4990010f813408ab106c4f09cb7ee07868cc136fff3357f624a21bed52,0x63ba3a7a27483ebf6671dbef7abb30ebee084e58a0b077ad42a5a0989d1ee71b1b9bc0455fb0d2c3,0xd35e472036bc4fb7e13c785ed201e065f98fcfa5b68f12a32d482ec7ee8658e98691555b44c59311,0x1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.csv index 9b333f0..4469585 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP384r1.csv @@ -1 +1 @@ -8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53,7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826,4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11,1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E,8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565,1 \ No newline at end of file +0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53,0x7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826,0x4a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c11,0x1d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8e826e03436d646aaef87b2e247d4af1e,0x8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c5315,0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv index 79f2c77..8a9a6ac 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP384t1.csv @@ -1 +1 @@ -8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50,7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE,18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC,25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928,8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565,1 +0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53,0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec50,0x7f519eada7bda81bd826dba647910f8c4b9346ed8ccdc64e4b1abd11756dce1d2074aa263b88805ced70355a33b471ee,0x18de98b02db9a306f2afcd7235f72a819b80ab12ebd653172476fecd462aabffc4ff191b946a5f54d8d0aa2f418808cc,0x25ab056962d30651a114afd2755ad336747f93475b7a1fca3b88f2b6a208ccfe469408584dc2b2912675bf5b9e582928,0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565,0x1 diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.csv index 0c2f051..20299d6 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP512r1.csv @@ -1 +1 @@ -AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3,7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA,3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723,81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822,7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069,1 \ No newline at end of file +0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3,0x7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca,0x3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723,0x81aee4bdd82ed9645a21322e9c4c6a9385ed9f70b5d916c1b43b62eef4d0098eff3b1f78e2d0d48d50d1687b93b97d5f7c6d5047406a5e688b352209bcb9f822,0x7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892,0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv b/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv index bde9435..4a7c891 100644 --- a/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv +++ b/src/cz/crcs/ectester/data/brainpool/brainpoolP512t1.csv @@ -1 +1 @@ -AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0,7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E,640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA,5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332,AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069,1 +0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3,0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f0,0x7cbbbcf9441cfab76e1890e46884eae321f70c0bcb4981527897504bec3e36a62bcdfa2304976540f6450085f2dae145c22553b465763689180ea2571867423e,0x640ece5c12788717b9c1ba06cbc2a6feba85842458c56dde9db1758d39c0313d82ba51735cdb3ea499aa77a7d6943a64f7a3f25fe26f06b51baa2696fa9035da,0x5b534bd595f5af0fa2c892376c84ace1bb4e3019b71634c01131159cae03cee9d9932184beef216bd71df2dadf86a627306ecff96dbb8bace198b61e00f8b332,0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069,0x1 diff --git a/src/cz/crcs/ectester/data/nist/b163.csv b/src/cz/crcs/ectester/data/nist/b163.csv index b211f63..9259308 100644 --- a/src/cz/crcs/ectester/data/nist/b163.csv +++ b/src/cz/crcs/ectester/data/nist/b163.csv @@ -1 +1 @@ -00a3,0007,0006,0003,000000000000000000000000000000000000000001,020a601907b8c953ca1481eb10512f78744a3205fd,03f0eba16286a2d57ea0991168d4994637e8343e36,00d51fbc6c71a0094fa2cdd545b11c5c0c797324f1,040000000000000000000292FE77E70C12A4234C33,2 \ No newline at end of file +00a3,0007,0006,0003,000000000000000000000000000000000000000001,020a601907b8c953ca1481eb10512f78744a3205fd,03f0eba16286a2d57ea0991168d4994637e8343e36,00d51fbc6c71a0094fa2cdd545b11c5c0c797324f1,040000000000000000000292fe77e70c12a4234c33,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/k163.csv b/src/cz/crcs/ectester/data/nist/k163.csv index d4f21be..21c2f5f 100644 --- a/src/cz/crcs/ectester/data/nist/k163.csv +++ b/src/cz/crcs/ectester/data/nist/k163.csv @@ -1 +1 @@ -00a3,0007,0006,0003,000000000000000000000000000000000000000001,000000000000000000000000000000000000000001,02fe13c0537bbc11acaa07d793de4e6d5e5c94eee8,0289070fb05d38ff58321f2e800536d538ccdaa3d9,04000000000000000000020108A2E0CC0D99F8A5EF,2 \ No newline at end of file +00a3,0007,0006,0003,000000000000000000000000000000000000000001,000000000000000000000000000000000000000001,02fe13c0537bbc11acaa07d793de4e6d5e5c94eee8,0289070fb05d38ff58321f2e800536d538ccdaa3d9,04000000000000000000020108a2e0cc0d99f8a5ef,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p192.csv b/src/cz/crcs/ectester/data/nist/p192.csv index a1f8724..07f9154 100644 --- a/src/cz/crcs/ectester/data/nist/p192.csv +++ b/src/cz/crcs/ectester/data/nist/p192.csv @@ -1 +1 @@ -fffffffffffffffffffffffffffffffeffffffffffffffff,fffffffffffffffffffffffffffffffefffffffffffffffc,64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1,188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012,07192b95ffc8da78631011ed6b24cdd573f977a11e794811,ffffffffffffffffffffffff99def836146bc9b1b4d22831,1 \ No newline at end of file +0xfffffffffffffffffffffffffffffffeffffffffffffffff,0xfffffffffffffffffffffffffffffffefffffffffffffffc,0x64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1,0x188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012,0x07192b95ffc8da78631011ed6b24cdd573f977a11e794811,0xffffffffffffffffffffffff99def836146bc9b1b4d22831,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p224.csv b/src/cz/crcs/ectester/data/nist/p224.csv index d694633..4b206d4 100644 --- a/src/cz/crcs/ectester/data/nist/p224.csv +++ b/src/cz/crcs/ectester/data/nist/p224.csv @@ -1 +1 @@ -ffffffffffffffffffffffffffffffff000000000000000000000001,fffffffffffffffffffffffffffffffefffffffffffffffffffffffe,b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4,b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21,bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34,ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d,1 \ No newline at end of file +0xffffffffffffffffffffffffffffffff000000000000000000000001,0xfffffffffffffffffffffffffffffffefffffffffffffffffffffffe,0xb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4,0xb70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21,0xbd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34,0xffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p256.csv b/src/cz/crcs/ectester/data/nist/p256.csv index 9f2f213..c5a2440 100644 --- a/src/cz/crcs/ectester/data/nist/p256.csv +++ b/src/cz/crcs/ectester/data/nist/p256.csv @@ -1 +1 @@ -ffffffff00000001000000000000000000000000ffffffffffffffffffffffff,ffffffff00000001000000000000000000000000fffffffffffffffffffffffc,5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b,6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296,4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5,ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551,1 \ No newline at end of file +0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff,0xffffffff00000001000000000000000000000000fffffffffffffffffffffffc,0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b,0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296,0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5,0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p384.csv b/src/cz/crcs/ectester/data/nist/p384.csv index ac3bf7c..eeba9fa 100644 --- a/src/cz/crcs/ectester/data/nist/p384.csv +++ b/src/cz/crcs/ectester/data/nist/p384.csv @@ -1 +1 @@ -fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff,fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc,b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef,aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7,3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f,ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973,1 \ No newline at end of file +0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff,0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc,0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef,0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7,0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f,0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nist/p521.csv b/src/cz/crcs/ectester/data/nist/p521.csv index e280665..609672f 100644 --- a/src/cz/crcs/ectester/data/nist/p521.csv +++ b/src/cz/crcs/ectester/data/nist/p521.csv @@ -1 +1 @@ -01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff,01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc,0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00,00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66,011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650,01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409,1 \ No newline at end of file +0x01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff,0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc,0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00,0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66,0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650,0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime128.csv b/src/cz/crcs/ectester/data/nonprime/nonprime128.csv index f541010..b666e20 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime128.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime128.csv @@ -1 +1 @@ -cfba21fd0483b1f300fa2506a5a566ef,36d9a5acac27a008e36cbe3e9f103fde,a67cf5fa09fb1db902068c87046ae21e,47d78391a4b9fff6a0db1292f9cd0e6a,9aed9c92f8bb3dbd42402165a270bd6f,cfba21fd0483b1f333d61a5af6ada2c7,1 \ No newline at end of file +0xcfba21fd0483b1f300fa2506a5a566ef,0x36d9a5acac27a008e36cbe3e9f103fde,0xa67cf5fa09fb1db902068c87046ae21e,0x47d78391a4b9fff6a0db1292f9cd0e6a,0x9aed9c92f8bb3dbd42402165a270bd6f,0xcfba21fd0483b1f333d61a5af6ada2c7,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime128_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime128_pub.csv index 78a8cb4..a1fbe5c 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime128_pub.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime128_pub.csv @@ -1 +1 @@ -63901e122761d9c16565b2f38e991f71,b9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file +0x63901e122761d9c16565b2f38e991f71,0xb9d99fbc3154a96ca23ecff770cbbe4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime160.csv b/src/cz/crcs/ectester/data/nonprime/nonprime160.csv index e556020..e685a11 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime160.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime160.csv @@ -1 +1 @@ -dc13490ff9857b111f44c0500770a6457e683223,a3ecd7d51e79d72d2700184c795aa8a6b8e66573,8ac43592905f995cb13f3694317bf470adafb645,5f8e88afc117c722859fe8e55647bca69ba82150,93e6dcaee271e9f2838c98b7d06eccc5d7c800e5,dc13490ff9857b111f446ef4a6d1e1715f6a6dff,1 \ No newline at end of file +0xdc13490ff9857b111f44c0500770a6457e683223,0xa3ecd7d51e79d72d2700184c795aa8a6b8e66573,0x8ac43592905f995cb13f3694317bf470adafb645,0x5f8e88afc117c722859fe8e55647bca69ba82150,0x93e6dcaee271e9f2838c98b7d06eccc5d7c800e5,0xdc13490ff9857b111f446ef4a6d1e1715f6a6dff,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime160_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime160_pub.csv index 7b92733..7060146 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime160_pub.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime160_pub.csv @@ -1 +1 @@ -59c9c3c8aef29f1c1c500cafb4726da6086e6eb0,d695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file +0x59c9c3c8aef29f1c1c500cafb4726da6086e6eb0,0xd695a76005eddb26afd40ee20904778bb3497bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime192.csv b/src/cz/crcs/ectester/data/nonprime/nonprime192.csv index bc55089..c61f65c 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime192.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime192.csv @@ -1 +1 @@ -ce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3,597c781f64c33eb8ef919c415911518ea323be88b9437caf,f81585a1b18f233d70add7ee1342d2035c386a92e3ab8320,150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067,843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f,ce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887,1 \ No newline at end of file +0xce714cc3a15ce7e5dab068c9a1f8be00aad480abccaeefc3,0x597c781f64c33eb8ef919c415911518ea323be88b9437caf,0xf81585a1b18f233d70add7ee1342d2035c386a92e3ab8320,0x150ff0a40deac6462b5987418617fdeeb6bfd76d4d60a067,0x843d577371c5dce122c2ff206b2f42fa0b842b49bdaf990f,0xce714cc3a15ce7e5dab068c9a30bc92915bd8662ae882887,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime192_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime192_pub.csv index 5432c1d..97c66cd 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime192_pub.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime192_pub.csv @@ -1 +1 @@ -17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541,6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file +0x17047f91dbe33032c9d09bd29ceadd8a09ccc32ac6309541,0x6a726de54fbd59cfc352e838b337fa005a97180816135e6a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime224.csv b/src/cz/crcs/ectester/data/nonprime/nonprime224.csv index 09b9c01..cd4c5f8 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime224.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime224.csv @@ -1 +1 @@ -eed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb,8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282,46873614be3dffc9218082322210c0616140286f2d160503c1a9250d,961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36,1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd,eed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3,1 \ No newline at end of file +0xeed4c3d98f1c9b9518f116263db770366877d12df6a9cf08b96dd4bb,0x8d4dddb0317d6a6bf9a4dbbed3a43fa21f79869c5ab9729d239e9282,0x46873614be3dffc9218082322210c0616140286f2d160503c1a9250d,0x961bbb1fc9955a71c91a50aedcd2f14fccb660af992b0030b9c90b36,0x1c00f6d0bd405dd7d3016fb8c0c75e4ecec70fe61237f6d24008a5fd,0xeed4c3d98f1c9b9518f116263db821c36a06adae17162ad3162f68c3,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime224_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime224_pub.csv index 319ca3a..aa2ab06 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime224_pub.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime224_pub.csv @@ -1 +1 @@ -cfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04,257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file +0xcfd92aea0f79190c48ca703eb8a9baa7099a23bb39578261fe4d0f04,0x257a3d98de44bd25404977a4ac7fc56d3d4e827f085b7cf5247524c4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime256.csv b/src/cz/crcs/ectester/data/nonprime/nonprime256.csv index d5bf3c0..582b115 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime256.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime256.csv @@ -1 +1 @@ -c9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445,4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71,1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880,a1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7,98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e,c9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d,1 \ No newline at end of file +0xc9a803b1eaf849f1c02cfd1dbfac68623985c88b37103b338ae11d2597ee8445,0x4841c5775a24a884ca36ec362b44645a2f60b25d002c4fc1d9f139870fe0cc71,0x1b097456751f3534190dae568f80a2c6ff55dddfe072a7dc6467a4b6476b6880,0xa1fd34a27afb1340b8e4a7db2a5ec5a1432c6dc8555af9f78fca2cf740cab2b7,0x98419c698cab6c7dbb53eb2751417b52ccded4680c5e09543f93c7886c3a173e,0xc9a803b1eaf849f1c02cfd1dbfac6863128c5b1fc5acd5b5e0fc0a7311fb5b1d,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime256_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime256_pub.csv index d27ffdc..60f475c 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime256_pub.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime256_pub.csv @@ -1 +1 @@ -75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653,55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file +0x75fce70968862d53e29548aad70582514e960d8128bd3c5f8c4dbe2cf8dad653,0x55aa4b7d3882fb0a83bd00c9c3bae17f1024d64aec67e1db38ef671e6350beae \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime384.csv b/src/cz/crcs/ectester/data/nonprime/nonprime384.csv index c58d74b..ffcbe91 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime384.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime384.csv @@ -1 +1 @@ -d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b,45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906,d85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4,2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec,ce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933,d0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9,1 \ No newline at end of file +0xd0df6c96cff7081be80d22b005758a2e2f046e15fe020ef886e21b492ac57257a923144bcad989ab6341bd3b700f914b,0x45c64503be019afd3462b361ad2b2a3bca0aeccc5494a624fb632455e62b4f0c98f944fa97c37811da039823cd77c906,0xd85583f7f11ad23ec75ed5a414153a06d6640936b8103f5df691fa95cf2afa78f3ea5addc225b144964048c9f7592ae4,0x2b1341d12dff4f9cf9427c4752962b4c2bdc8fbcd80652516c421cc523212a01ea63c79d6e9a9c84933e353e212416ec,0xce416c6e75fa9fd205ed48fc4e3099cbb1d6ed031b7ddbff1d634eb97a83d9b780cfd4dedfdd2c7604d143196c08d933,0xd0df6c96cff7081be80d22b005758a2e2f046e15fe020ef7664ed51d7701c86bf2a1e9f3002c26fe002314c3c92f1ca9,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime384_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime384_pub.csv index 80f2cd6..236602e 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime384_pub.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime384_pub.csv @@ -1 +1 @@ -a4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1,38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file +0xa4bd575bf20300b0cf8a2f41dd5a03e908966a4229a5f22f5c190d3641ac2d32b7b24a63482cbbcd0c2257f834834ef1,0x38d51c8f9e90592f567e81d0e4855e79731b5797857a4c7dc270653bc9f0c31e84693007b09cebf710d5ae3237303949 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime521.csv b/src/cz/crcs/ectester/data/nonprime/nonprime521.csv index f6835f1..b65c980 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime521.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime521.csv @@ -1 +1 @@ -01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f,00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e,004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6,01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa,00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66,01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3,1 \ No newline at end of file +0x01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc79cf188d9ee82d1a51c44cbd31e9cc5b816d76d5b1312b005f7b68919e275dac99f,0x00401639f36f2ee45fc164ea3e1f14f4803fd7a77ffdfb392c3f8fe95d1aea331467f4618d59aeee49d5d7c70caf320f7dd1ac166114f562413449991d3aa1a2c49e,0x004a26a8c47fce204ba953015fa86708c0de720f27523988b097e774168c15f7a215aaf18a5f1b9579ab3db935d45be14c9a87b71170396909b14d06f7a09975b3a6,0x01c880ae0a355a52791fc9600fd8b35726e9d799101489161c8f90a9c6631d09b3cb347584837d9deb8566a9c5846aded0d01eb947b4affd34e8ea7dbe733cbedafa,0x00050f12672f163f19d5d493eb82ef777b0213dd4e0cf75a9b99724fbdb54b0cc4e037bf86a48bac28467bdd936c314ce13f6ec7ec69ea09ae4f5444df4b2a117a66,0x01d3df430924956e210a605b4dbf4a2e909d7a801658978c88ffd68dcc817f5cc7ba0838717c1947f93cfdd3ed87ec2c2df181c7ada553346ec1495732a1e7ffe9b3,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/nonprime/nonprime521_pub.csv b/src/cz/crcs/ectester/data/nonprime/nonprime521_pub.csv index 5cceee6..9695924 100644 --- a/src/cz/crcs/ectester/data/nonprime/nonprime521_pub.csv +++ b/src/cz/crcs/ectester/data/nonprime/nonprime521_pub.csv @@ -1 +1 @@ -002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389,0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file +0x002844df0f31f46a40e6c7006cde99155bd5d18d0e4150178a8e307d6aec08fd02d466c03c49b49c2654b7c9a32d88ca014016a7eddd44217be915505d228efb9389,0x0105921e2172c3050ba4c9d2e744fc5b7b5e8451751e6780c6de88229497be7d23550beefa0cb7fafebb4dd9fad1244c6733befe5a97710f0dc56dc08d9d9df9d846 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp112r1.csv b/src/cz/crcs/ectester/data/secg/secp112r1.csv index 1f63812..00d64d6 100644 --- a/src/cz/crcs/ectester/data/secg/secp112r1.csv +++ b/src/cz/crcs/ectester/data/secg/secp112r1.csv @@ -1 +1 @@ -DB7C2ABF62E35E668076BEAD208B,DB7C2ABF62E35E668076BEAD2088,659EF8BA043916EEDE8911702B22,09487239995A5EE76B55F9C2F098,A89CE5AF8724C0A23E0E0FF77500,DB7C2ABF62E35E7628DFAC6561C5,1 \ No newline at end of file +0xdb7c2abf62e35e668076bead208b,0xdb7c2abf62e35e668076bead2088,0x659ef8ba043916eede8911702b22,0x09487239995a5ee76b55f9c2f098,0xa89ce5af8724c0a23e0e0ff77500,0xdb7c2abf62e35e7628dfac6561c5,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp112r2.csv b/src/cz/crcs/ectester/data/secg/secp112r2.csv index 4ed7ad9..0513e72 100644 --- a/src/cz/crcs/ectester/data/secg/secp112r2.csv +++ b/src/cz/crcs/ectester/data/secg/secp112r2.csv @@ -1 +1 @@ -DB7C2ABF62E35E668076BEAD208B,6127C24C05F38A0AAAF65C0EF02C,51DEF1815DB5ED74FCC34C85D709,4BA30AB5E892B4E1649DD0928643,ADCD46F5882E3747DEF36E956E97,36DF0AAFD8B8D7597CA10520D04B,4 \ No newline at end of file +0xdb7c2abf62e35e668076bead208b,0x6127c24c05f38a0aaaf65c0ef02c,0x51def1815db5ed74fcc34c85d709,0x4ba30ab5e892b4e1649dd0928643,0xadcd46f5882e3747def36e956e97,0x36df0aafd8b8d7597ca10520d04b,0x4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp128r1.csv b/src/cz/crcs/ectester/data/secg/secp128r1.csv index a7f2dc8..eea5fed 100644 --- a/src/cz/crcs/ectester/data/secg/secp128r1.csv +++ b/src/cz/crcs/ectester/data/secg/secp128r1.csv @@ -1 +1 @@ -FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF,FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC,E87579C11079F43DD824993C2CEE5ED3,161FF7528B899B2D0C28607CA52C5B86,CF5AC8395BAFEB13C02DA292DDED7A83,FFFFFFFE0000000075A30D1B9038A115,1 \ No newline at end of file +0xfffffffdffffffffffffffffffffffff,0xfffffffdfffffffffffffffffffffffc,0xe87579c11079f43dd824993c2cee5ed3,0x161ff7528b899b2d0c28607ca52c5b86,0xcf5ac8395bafeb13c02da292dded7a83,0xfffffffe0000000075a30d1b9038a115,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp128r2.csv b/src/cz/crcs/ectester/data/secg/secp128r2.csv index 384de92..6f2d098 100644 --- a/src/cz/crcs/ectester/data/secg/secp128r2.csv +++ b/src/cz/crcs/ectester/data/secg/secp128r2.csv @@ -1 +1 @@ -FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF,D6031998D1B3BBFEBF59CC9BBFF9AEE1,5EEEFCA380D02919DC2C6558BB6D8A5D,7B6AA5D85E572983E6FB32A7CDEBC140,27B6916A894D3AEE7106FE805FC34B44,3FFFFFFF7FFFFFFFBE0024720613B5A3,4 \ No newline at end of file +0xfffffffdffffffffffffffffffffffff,0xd6031998d1b3bbfebf59cc9bbff9aee1,0x5eeefca380d02919dc2c6558bb6d8a5d,0x7b6aa5d85e572983e6fb32a7cdebc140,0x27b6916a894d3aee7106fe805fc34b44,0x3fffffff7fffffffbe0024720613b5a3,0x4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp160k1.csv b/src/cz/crcs/ectester/data/secg/secp160k1.csv index 6a95e94..7d14c99 100644 --- a/src/cz/crcs/ectester/data/secg/secp160k1.csv +++ b/src/cz/crcs/ectester/data/secg/secp160k1.csv @@ -1 +1 @@ -FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73,0000000000000000000000000000000000000000,0000000000000000000000000000000000000007,3B4C382CE37AA192A4019E763036F4F5DD4D7EBB,938CF935318FDCED6BC28286531733C3F03C4FEE,0100000000000000000001B8FA16DFAB9ACA16B6B3,1 \ No newline at end of file +0xfffffffffffffffffffffffffffffffeffffac73,0x0000000000000000000000000000000000000000,0x0000000000000000000000000000000000000007,0x3b4c382ce37aa192a4019e763036f4f5dd4d7ebb,0x938cf935318fdced6bc28286531733c3f03c4fee,0x0100000000000000000001b8fa16dfab9aca16b6b3,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp160r1.csv b/src/cz/crcs/ectester/data/secg/secp160r1.csv index a2be6f9..ed37d81 100644 --- a/src/cz/crcs/ectester/data/secg/secp160r1.csv +++ b/src/cz/crcs/ectester/data/secg/secp160r1.csv @@ -1 +1 @@ -FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC,1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45,4A96B5688EF573284664698968C38BB913CBFC82,23A628553168947D59DCC912042351377AC5FB32,0100000000000000000001F4C8F927AED3CA752257,1 \ No newline at end of file +0xffffffffffffffffffffffffffffffff7fffffff,0xffffffffffffffffffffffffffffffff7ffffffc,0x1c97befc54bd7a8b65acf89f81d4d4adc565fa45,0x4a96b5688ef573284664698968c38bb913cbfc82,0x23a628553168947d59dcc912042351377ac5fb32,0x0100000000000000000001f4c8f927aed3ca752257,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp160r2.csv b/src/cz/crcs/ectester/data/secg/secp160r2.csv index 354ba53..2121fc1 100644 --- a/src/cz/crcs/ectester/data/secg/secp160r2.csv +++ b/src/cz/crcs/ectester/data/secg/secp160r2.csv @@ -1 +1 @@ -FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70,B4E134D3FB59EB8BAB57274904664D5AF50388BA,52DCB034293A117E1F4FF11B30F7199D3144CE6D,FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E,0100000000000000000000351EE786A818F3A1A16B,1 \ No newline at end of file +0xfffffffffffffffffffffffffffffffeffffac73,0xfffffffffffffffffffffffffffffffeffffac70,0xb4e134d3fb59eb8bab57274904664d5af50388ba,0x52dcb034293a117e1f4ff11b30f7199d3144ce6d,0xfeaffef2e331f296e071fa0df9982cfea7d43f2e,0x0100000000000000000000351ee786a818f3a1a16b,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp192k1.csv b/src/cz/crcs/ectester/data/secg/secp192k1.csv index be97a85..550093b 100644 --- a/src/cz/crcs/ectester/data/secg/secp192k1.csv +++ b/src/cz/crcs/ectester/data/secg/secp192k1.csv @@ -1 +1 @@ -FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37,000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000003,DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D,9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D,FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D,1 \ No newline at end of file +0xfffffffffffffffffffffffffffffffffffffffeffffee37,0x000000000000000000000000000000000000000000000000,0x000000000000000000000000000000000000000000000003,0xdb4ff10ec057e9ae26b07d0280b7f4341da5d1b1eae06c7d,0x9b2f2f6d9c5628a7844163d015be86344082aa88d95e2f9d,0xfffffffffffffffffffffffe26f2fc170f69466a74defd8d,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp192r1.csv b/src/cz/crcs/ectester/data/secg/secp192r1.csv index bc67efd..07f9154 100644 --- a/src/cz/crcs/ectester/data/secg/secp192r1.csv +++ b/src/cz/crcs/ectester/data/secg/secp192r1.csv @@ -1 +1 @@ -FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC,64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1,188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012,07192B95FFC8DA78631011ED6B24CDD573F977A11E794811,FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831,1 \ No newline at end of file +0xfffffffffffffffffffffffffffffffeffffffffffffffff,0xfffffffffffffffffffffffffffffffefffffffffffffffc,0x64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1,0x188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012,0x07192b95ffc8da78631011ed6b24cdd573f977a11e794811,0xffffffffffffffffffffffff99def836146bc9b1b4d22831,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp224r1.csv b/src/cz/crcs/ectester/data/secg/secp224r1.csv index 4a1223c..4b206d4 100644 --- a/src/cz/crcs/ectester/data/secg/secp224r1.csv +++ b/src/cz/crcs/ectester/data/secg/secp224r1.csv @@ -1 +1 @@ -FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE,B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4,B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21,BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34,FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D,1 \ No newline at end of file +0xffffffffffffffffffffffffffffffff000000000000000000000001,0xfffffffffffffffffffffffffffffffefffffffffffffffffffffffe,0xb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4,0xb70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21,0xbd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34,0xffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp256k1.csv b/src/cz/crcs/ectester/data/secg/secp256k1.csv index f0c9290..7835afc 100644 --- a/src/cz/crcs/ectester/data/secg/secp256k1.csv +++ b/src/cz/crcs/ectester/data/secg/secp256k1.csv @@ -1 +1 @@ -FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F,0000000000000000000000000000000000000000000000000000000000000000,0000000000000000000000000000000000000000000000000000000000000007,79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798,483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141,1 \ No newline at end of file +0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f,0x0000000000000000000000000000000000000000000000000000000000000000,0x0000000000000000000000000000000000000000000000000000000000000007,0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798,0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8,0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp256r1.csv b/src/cz/crcs/ectester/data/secg/secp256r1.csv index 9b5d2e6..c5a2440 100644 --- a/src/cz/crcs/ectester/data/secg/secp256r1.csv +++ b/src/cz/crcs/ectester/data/secg/secp256r1.csv @@ -1 +1 @@ -FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF,FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC,5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B,6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296,4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5,FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551,1 \ No newline at end of file +0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff,0xffffffff00000001000000000000000000000000fffffffffffffffffffffffc,0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b,0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296,0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5,0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp384r1.csv b/src/cz/crcs/ectester/data/secg/secp384r1.csv index 398cead..eeba9fa 100644 --- a/src/cz/crcs/ectester/data/secg/secp384r1.csv +++ b/src/cz/crcs/ectester/data/secg/secp384r1.csv @@ -1 +1 @@ -FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC,B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF,AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7,3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973,1 \ No newline at end of file +0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff,0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc,0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef,0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7,0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f,0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/secp521r1.csv b/src/cz/crcs/ectester/data/secg/secp521r1.csv index f93d395..609672f 100644 --- a/src/cz/crcs/ectester/data/secg/secp521r1.csv +++ b/src/cz/crcs/ectester/data/secg/secp521r1.csv @@ -1 +1 @@ -01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF,01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC,0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00,00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66,011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650,01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409,1 \ No newline at end of file +0x01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff,0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc,0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00,0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66,0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650,0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect163k1.csv b/src/cz/crcs/ectester/data/secg/sect163k1.csv index 76d4ed5..21c2f5f 100644 --- a/src/cz/crcs/ectester/data/secg/sect163k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect163k1.csv @@ -1 +1 @@ -00a3,0007,0006,0003,000000000000000000000000000000000000000001,000000000000000000000000000000000000000001,02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8,0289070FB05D38FF58321F2E800536D538CCDAA3D9,04000000000000000000020108A2E0CC0D99F8A5EF,2 \ No newline at end of file +00a3,0007,0006,0003,000000000000000000000000000000000000000001,000000000000000000000000000000000000000001,02fe13c0537bbc11acaa07d793de4e6d5e5c94eee8,0289070fb05d38ff58321f2e800536d538ccdaa3d9,04000000000000000000020108a2e0cc0d99f8a5ef,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect163r1.csv b/src/cz/crcs/ectester/data/secg/sect163r1.csv index 987ca0d..a537e6f 100644 --- a/src/cz/crcs/ectester/data/secg/sect163r1.csv +++ b/src/cz/crcs/ectester/data/secg/sect163r1.csv @@ -1 +1 @@ -00a3,0007,0006,0003,07B6882CAAEFA84F9554FF8428BD88E246D2782AE2,0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9,0369979697AB43897789566789567F787A7876A654,00435EDB42EFAFB2989D51FEFCE3C80988F41FF883,03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B,2 \ No newline at end of file +00a3,0007,0006,0003,07b6882caaefa84f9554ff8428bd88e246d2782ae2,0713612dcddcb40aab946bda29ca91f73af958afd9,0369979697ab43897789566789567f787a7876a654,00435edb42efafb2989d51fefce3c80988f41ff883,03ffffffffffffffffffff48aab689c29ca710279b,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect163r2.csv b/src/cz/crcs/ectester/data/secg/sect163r2.csv index 4608c0c..9259308 100644 --- a/src/cz/crcs/ectester/data/secg/sect163r2.csv +++ b/src/cz/crcs/ectester/data/secg/sect163r2.csv @@ -1 +1 @@ -00a3,0007,0006,0003,000000000000000000000000000000000000000001,020A601907B8C953CA1481EB10512F78744A3205FD,03F0EBA16286A2D57EA0991168D4994637E8343E36,00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1,040000000000000000000292FE77E70C12A4234C33,2 \ No newline at end of file +00a3,0007,0006,0003,000000000000000000000000000000000000000001,020a601907b8c953ca1481eb10512f78744a3205fd,03f0eba16286a2d57ea0991168d4994637e8343e36,00d51fbc6c71a0094fa2cdd545b11c5c0c797324f1,040000000000000000000292fe77e70c12a4234c33,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect233k1.csv b/src/cz/crcs/ectester/data/secg/sect233k1.csv index 6a306ff..45e3c49 100644 --- a/src/cz/crcs/ectester/data/secg/sect233k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect233k1.csv @@ -1 +1 @@ -00E9,004A,0000,0000,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126,01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3,8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF,4 \ No newline at end of file +00e9,004a,0000,0000,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,017232ba853a7e731af129f22ff4149563a419c26bf50a4c9d6eefad6126,01db537dece819b7f70f555a67c427a8cd9bf18aeb9b56e0c11056fae6a3,8000000000000000000000000000069d5bb915bcd46efb1ad5f173abdf,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect233r1.csv b/src/cz/crcs/ectester/data/secg/sect233r1.csv index 9a7b82a..8f27bc2 100644 --- a/src/cz/crcs/ectester/data/secg/sect233r1.csv +++ b/src/cz/crcs/ectester/data/secg/sect233r1.csv @@ -1 +1 @@ -00E9,004A,0000,0000,000000000000000000000000000000000000000000000000000000000001,0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD,00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B,01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052,01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7,2 \ No newline at end of file +00e9,004a,0000,0000,000000000000000000000000000000000000000000000000000000000001,0066647ede6c332c7f8c0923bb58213b333b20e9ce4281fe115f7d8f90ad,00fac9dfcbac8313bb2139f1bb755fef65bc391f8b36f8f8eb7371fd558b,01006a08a41903350678e58528bebf8a0beff867a7ca36716f7e01f81052,01000000000000000000000000000013e974e72f8a6922031d2603cfe0d7,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect239k1.csv b/src/cz/crcs/ectester/data/secg/sect239k1.csv index 496891d..187316f 100644 --- a/src/cz/crcs/ectester/data/secg/sect239k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect239k1.csv @@ -1 +1 @@ -00EF,009E,0000,0000,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC,76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA,2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5,4 \ No newline at end of file +00ef,009e,0000,0000,000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000001,29a0b6a887a983e9730988a68727a8b2d126c44cc2cc7b2a6555193035dc,76310804f12e549bdb011c103089e73510acb275fc312a5dc6b76553f0ca,2000000000000000000000000000005a79fec67cb6e91f1c1da800e478a5,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect283k1.csv b/src/cz/crcs/ectester/data/secg/sect283k1.csv index 908cdf7..fde7306 100644 --- a/src/cz/crcs/ectester/data/secg/sect283k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect283k1.csv @@ -1 +1 @@ -011B,000C,0007,0005,000000000000000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000000000000000001,0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836,01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259,01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61,4 +011b,000c,0007,0005,000000000000000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000000000000000001,0503213f78ca44883f1a3b8162f188e553cd265f23c1567a16876913b0c2ac2458492836,01ccda380f1c9e318d90f95d07e5426fe87e45c0e8184698e45962364e34116177dd2259,01ffffffffffffffffffffffffffffffffffe9ae2ed07577265dff7f94451e061e163c61,4 diff --git a/src/cz/crcs/ectester/data/secg/sect283r1.csv b/src/cz/crcs/ectester/data/secg/sect283r1.csv index db9ce3e..ff75b55 100644 --- a/src/cz/crcs/ectester/data/secg/sect283r1.csv +++ b/src/cz/crcs/ectester/data/secg/sect283r1.csv @@ -1 +1 @@ -011B,000C,0007,0005,000000000000000000000000000000000000000000000000000000000000000000000001,027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5,05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053,03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4,03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307,2 \ No newline at end of file +011b,000c,0007,0005,000000000000000000000000000000000000000000000000000000000000000000000001,027b680ac8b8596da5a4af8a19a0303fca97fd7645309fa2a581485af6263e313b79a2f5,05f939258db7dd90e1934f8c70b0dfec2eed25b8557eac9c80e2e198f8cdbecd86b12053,03676854fe24141cb98fe6d4b20d02b4516ff702350eddb0826779c813f0df45be8112f4,03ffffffffffffffffffffffffffffffffffef90399660fc938a90165b042a7cefadb307,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect409k1.csv b/src/cz/crcs/ectester/data/secg/sect409k1.csv index 9190a26..4c88afb 100644 --- a/src/cz/crcs/ectester/data/secg/sect409k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect409k1.csv @@ -1 +1 @@ -0199,0057,0000,0000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746,01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B,7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF,4 \ No newline at end of file +0199,0057,0000,0000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0060f05f658f49c1ad3ab1890f7184210efd0987e307c84c27accfb8f9f67cc2c460189eb5aaaa62ee222eb1b35540cfe9023746,01e369050b7c4e42acba1dacbf04299c3460782f918ea427e6325165e9ea10e3da5f6c42e9c55215aa9ca27a5863ec48d8e0286b,7ffffffffffffffffffffffffffffffffffffffffffffffffffe5f83b2d4ea20400ec4557d5ed3e3e7ca5b4b5c83b8e01e5fcf,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect409r1.csv b/src/cz/crcs/ectester/data/secg/sect409r1.csv index a277a07..b3d72d6 100644 --- a/src/cz/crcs/ectester/data/secg/sect409r1.csv +++ b/src/cz/crcs/ectester/data/secg/sect409r1.csv @@ -1 +1 @@ -0199,0057,0000,0000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F,015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7,0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706,010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173,2 \ No newline at end of file +0199,0057,0000,0000,00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,0021a5c2c8ee9feb5c4b9a753b7b476b7fd6422ef1f3dd674761fa99d6ac27c8a9a197b272822f6cd57a55aa4f50ae317b13545f,015d4860d088ddb3496b0c6064756260441cde4af1771d4db01ffe5b34e59703dc255a868a1180515603aeab60794e54bb7996a7,0061b1cfab6be5f32bbfa78324ed106a7636b9c5a7bd198d0158aa4f5488d08f38514f1fdf4b4f40d2181b3681c364ba0273c706,010000000000000000000000000000000000000000000000000001e2aad6a612f33307be5fa47c3c9e052f838164cd37d9a21173,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect571k1.csv b/src/cz/crcs/ectester/data/secg/sect571k1.csv index 59622ba..72488e5 100644 --- a/src/cz/crcs/ectester/data/secg/sect571k1.csv +++ b/src/cz/crcs/ectester/data/secg/sect571k1.csv @@ -1 +1 @@ -023B,000A,0005,0002,000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972,0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3,020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001,4 \ No newline at end of file +023b,000a,0005,0002,000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000,000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,026eb7a859923fbc82189631f8103fe4ac9ca2970012d5d46024804801841ca44370958493b205e647da304db4ceb08cbbd1ba39494776fb988b47174dca88c7e2945283a01c8972,0349dc807f4fbf374f4aeade3bca95314dd58cec9f307a54ffc61efc006d8a2c9d4979c0ac44aea74fbebbb9f772aedcb620b01a7ba7af1b320430c8591984f601cd4c143ef1c7a3,020000000000000000000000000000000000000000000000000000000000000000000000131850e1f19a63e4b391a8db917f4138b630d84be5d639381e91deb45cfe778f637c1001,4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/secg/sect571r1.csv b/src/cz/crcs/ectester/data/secg/sect571r1.csv index c4b3b09..4bba9a0 100644 --- a/src/cz/crcs/ectester/data/secg/sect571r1.csv +++ b/src/cz/crcs/ectester/data/secg/sect571r1.csv @@ -1 +1 @@ -023B,000A,0005,0002,000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A,0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19,037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B,03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47,2 \ No newline at end of file +023b,000a,0005,0002,000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001,02f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a,0303001d34b856296c16c0d40d3cd7750a93d1d2955fa80aa5f40fc8db7b2abdbde53950f4c0d293cdd711a35b67fb1499ae60038614f1394abfa3b4c850d927e1e7769c8eec2d19,037bf27342da639b6dccfffeb73d69d78c6c27a6009cbbca1980f8533921e8a684423e43bab08a576291af8f461bb2a8b3531d2f0485c19b16e2f1516e23dd3c1a4827af1b8ac15b,03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47,2 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-raw.csv index 9913e7d..36c396a 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-raw.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-raw.csv @@ -1 +1 @@ -312DFD98783F9FB77B9704945A73BEB6DCCBE3B65D0F967DCAB574EB \ No newline at end of file +0x312dfd98783f9fb77b9704945a73beb6dccbe3b65d0f967dcab574eb \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-sha1.csv index 01c5dbe..f9abc47 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-sha1.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-dh-sha1.csv @@ -1 +1 @@ -4ADCA2E2CFE8DBD4F0B9CE27E4422C57EE0A6B98 \ No newline at end of file +0x4adca2e2cfe8dbd4f0b9ce27e4422c57ee0a6b98 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyA.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyA.csv index db4d4b5..a2f0525 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyA.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyA.csv @@ -1 +1 @@ -B104A67A6F6E85E14EC1825E1539E8ECDBBF584922367DD88C6BDCF2,46D782E7FDB5F60CD8404301AC5949C58EDB26BC68BA07695B750A94,7C4B7A2C8A4BAD1FBB7D79CC0955DB7C6A4660CA64CC4778159B495E \ No newline at end of file +0xb104a67a6f6e85e14ec1825e1539e8ecdbbf584922367dd88c6bdcf2,0x46d782e7fdb5f60cd8404301ac5949c58edb26bc68ba07695b750a94,0x7c4b7a2c8a4bad1fbb7d79cc0955db7c6a4660ca64cc4778159b495e \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyB.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyB.csv index 6544d00..b397506 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyB.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP224r1-keyB.csv @@ -1 +1 @@ -2A97089A9296147B71B21A4B574E1278245B536F14D8C2B9D07A874E,9B900D7C77A709A797276B8CA1BA61BB95B546FC29F862E44D59D25B,63976D4AAE6CD0F6DD18DEFEF55D96569D0507C03E74D6486FFA28FB \ No newline at end of file +0x2a97089a9296147b71b21a4b574e1278245b536f14d8c2b9d07a874e,0x9b900d7c77a709a797276b8ca1ba61bb95b546fc29f862e44d59d25b,0x63976d4aae6cd0f6dd18defef55d96569d0507c03e74d6486ffa28fb \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-raw.csv index 29aac4a..1d7ab37 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-raw.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-raw.csv @@ -1 +1 @@ -89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B \ No newline at end of file +0x89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-sha1.csv index 7790e0b..45a851b 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-sha1.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-dh-sha1.csv @@ -1 +1 @@ -4F1CCFFBB2A14DA1F17DE291DABCDD109EB13BB7 \ No newline at end of file +0x4f1ccffbb2a14da1f17de291dabcdd109eb13bb7 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyA.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyA.csv index a2f79da..597d3fe 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyA.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyA.csv @@ -1 +1 @@ -44106E913F92BC02A1705D9953A8414DB95E1AAA49E81D9E85F929A8E3100BE5,8AB4846F11CACCB73CE49CBDD120F5A900A69FD32C272223F789EF10EB089BDC,81DB1EE100150FF2EA338D708271BE38300CB54241D79950F77B063039804F1D \ No newline at end of file +0x44106e913f92bc02a1705d9953a8414db95e1aaa49e81d9e85f929a8e3100be5,0x8ab4846f11caccb73ce49cbdd120f5a900a69fd32c272223f789ef10eb089bdc,0x81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyB.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyB.csv index e2d8039..110f6b5 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyB.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP256r1-keyB.csv @@ -1 +1 @@ -8D2D688C6CF93E1160AD04CC4429117DC2C41825E1E9FCA0ADDD34E6F1B39F7B,990C57520812BE512641E47034832106BC7D3E8DD0E4C7F1136D7006547CEC6A,55E40BC41E37E3E2AD25C3C6654511FFA8474A91A0032087593852D3E7D76BD3 \ No newline at end of file +0x8d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b,0x990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a,0x55e40bc41e37e3e2ad25c3c6654511ffa8474a91a0032087593852d3e7d76bd3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-raw.csv index 93ec84b..392d962 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-raw.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-raw.csv @@ -1 +1 @@ -0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42 \ No newline at end of file +0x0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-sha1.csv index c4b18a3..b293a59 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-sha1.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-dh-sha1.csv @@ -1 +1 @@ -7562598C913DF9BCAD30D6985358F7779045B3A4 \ No newline at end of file +0x7562598c913df9bcad30d6985358f7779045b3a4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyA.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyA.csv index 7d923a3..6746753 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyA.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyA.csv @@ -1 +1 @@ -68B665DD91C195800650CDD363C625F4E742E8134667B767B1B476793588F885AB698C852D4A6E77A252D6380FCAF068,55BC91A39C9EC01DEE36017B7D673A931236D2F1F5C83942D049E3FA20607493E0D038FF2FD30C2AB67D15C85F7FAA59,1E20F5E048A5886F1F157C74E91BDE2B98C8B52D58E5003D57053FC4B0BD65D6F15EB5D1EE1610DF870795143627D042 \ No newline at end of file +0x68b665dd91c195800650cdd363c625f4e742e8134667b767b1b476793588f885ab698c852d4a6e77a252d6380fcaf068,0x55bc91a39c9ec01dee36017b7d673a931236d2f1f5c83942d049e3fa20607493e0d038ff2fd30c2ab67d15c85f7faa59,0x1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyB.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyB.csv index edb41f5..83289fd 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyB.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP384r1-keyB.csv @@ -1 +1 @@ -4D44326F269A597A5B58BBA565DA5556ED7FD9A8A9EB76C25F46DB69D19DC8CE6AD18E404B15738B2086DF37E71D1EB4,62D692136DE56CBE93BF5FA3188EF58BC8A3A0EC6C1E151A21038A42E9185329B5B275903D192F8D4E1F32FE9CC78C48,032640BC6003C59260F7250C3DB58CE647F98E1260ACCE4ACDA3DD869F74E01F8BA5E0324309DB6A9831497ABAC96670 \ No newline at end of file +0x4d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb4,0x62d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48,0x032640bc6003c59260f7250c3db58ce647f98e1260acce4acda3dd869f74e01f8ba5e0324309db6a9831497abac96670 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-raw.csv index 1b7e57a..fe6c294 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-raw.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-raw.csv @@ -1 +1 @@ -A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F \ No newline at end of file +0xa7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-sha1.csv index 554770a..ff8d321 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-sha1.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-dh-sha1.csv @@ -1 +1 @@ -8E4814D30F0B5C7FFA35E15809F529D6FD94D759 \ No newline at end of file +0x8e4814d30f0b5c7ffa35e15809f529d6fd94d759 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyA.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyA.csv index 3122397..3648a36 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyA.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyA.csv @@ -1 +1 @@ -0A420517E406AAC0ACDCE90FCD71487718D3B953EFD7FBEC5F7F27E28C6149999397E91E029E06457DB2D3E640668B392C2A7E737A7F0BF04436D11640FD09FD,72E6882E8DB28AAD36237CD25D580DB23783961C8DC52DFA2EC138AD472A0FCEF3887CF62B623B2A87DE5C588301EA3E5FC269B373B60724F5E82A6AD147FDE7,16302FF0DBBB5A8D733DAB7141C1B45ACBC8715939677F6A56850A38BD87BD59B09E80279609FF333EB9D4C061231FB26F92EEB04982A5F1D1764CAD57665422 \ No newline at end of file +0x0a420517e406aac0acdce90fcd71487718d3b953efd7fbec5f7f27e28c6149999397e91e029e06457db2d3e640668b392c2a7e737a7f0bf04436d11640fd09fd,0x72e6882e8db28aad36237cd25d580db23783961c8dc52dfa2ec138ad472a0fcef3887cf62b623b2a87de5c588301ea3e5fc269b373b60724f5e82a6ad147fde7,0x16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyB.csv b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyB.csv index 6ce51b7..9684984 100644 --- a/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyB.csv +++ b/src/cz/crcs/ectester/data/test/brainpool/brainpoolP512r1-keyB.csv @@ -1 +1 @@ -9D45F66DE5D67E2E6DB6E93A59CE0BB48106097FF78A081DE781CDB31FCE8CCBAAEA8DD4320C4119F1E9CD437A2EAB3731FA9668AB268D871DEDA55A5473199F,2FDC313095BCDD5FB3A91636F07A959C8E86B5636A1E930E8396049CB481961D365CC11453A06C719835475B12CB52FC3C383BCE35E27EF194512B71876285FA,230E18E1BCC88A362FA54E4EA3902009292F7F8033624FD471B5D8ACE49D12CFABBC19963DAB8E2F1EBA00BFFB29E4D72D13F2224562F405CB80503666B25429 \ No newline at end of file +0x9d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f,0x2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa,0x230e18e1bcc88a362fa54e4ea3902009292f7f8033624fd471b5d8ace49d12cfabbc19963dab8e2f1eba00bffb29e4d72d13f2224562f405cb80503666b25429 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b163-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b163-dhc-raw.csv index fab00cb..25233c1 100644 --- a/src/cz/crcs/ectester/data/test/nist/b163-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/b163-dhc-raw.csv @@ -1 +1 @@ -0100fb42d177ffe6c31378e2e04e0da7376ffe8765 \ No newline at end of file +0x0100fb42d177ffe6c31378e2e04e0da7376ffe8765 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b163-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b163-dhc-sha1.csv index 8d98703..0ad84c1 100644 --- a/src/cz/crcs/ectester/data/test/nist/b163-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/b163-dhc-sha1.csv @@ -1 +1 @@ -10F4DDCF79C23FD7DC11563BF18B2BE75A139E4F \ No newline at end of file +0x10f4ddcf79c23fd7dc11563bf18b2be75a139e4f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv index 53e18ee..4d85a19 100644 --- a/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/b163-keyCAVS.csv @@ -1 +1 @@ -03a647ba32dac71ec6780b0638a70cd24fc3bd4c8e,02e69e961541844a4aa33769a7bce710f6640a560c \ No newline at end of file +0x03a647ba32dac71ec6780b0638a70cd24fc3bd4c8e,0x02e69e961541844a4aa33769a7bce710f6640a560c \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv index 4b25a67..e56e6c4 100644 --- a/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/b163-keyIUT.csv @@ -1 +1 @@ -035466701d0b0030d098b6ed2343d355c24c907271,00d8bc02f341d261860dfb65f0cb7f0b488d8296cc,03edae173de8fa0cf0412d6a7bdc81fdbd0617adf8 \ No newline at end of file +0x035466701d0b0030d098b6ed2343d355c24c907271,0x00d8bc02f341d261860dfb65f0cb7f0b488d8296cc,0x03edae173de8fa0cf0412d6a7bdc81fdbd0617adf8 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b233-dhc-raw.csv index 56ef836..5e703be 100644 --- a/src/cz/crcs/ectester/data/test/nist/b233-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/b233-dhc-raw.csv @@ -1 +1 @@ -00e9f3d8c4f1bec0f920e763ea1bb7415899f01734609e7547dc425ec946 \ No newline at end of file +0x00e9f3d8c4f1bec0f920e763ea1bb7415899f01734609e7547dc425ec946 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b233-dhc-sha1.csv index 9795228..8c6886f 100644 --- a/src/cz/crcs/ectester/data/test/nist/b233-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/b233-dhc-sha1.csv @@ -1 +1 @@ -958FD3D4A2F61130ACF6472A6DE421F11D9A4D13 \ No newline at end of file +0x958fd3d4a2f61130acf6472a6de421f11d9a4d13 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv index e354678..591bfe1 100644 --- a/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/b233-keyCAVS.csv @@ -1 +1 @@ -004756baddefc3dc337ab27b5452eb10affd9e31f5b55c330e90f0f686a2,012a79f65232308a21c98c01555ccafc7dce15c8fed3025a760cbd6c2327 \ No newline at end of file +0x004756baddefc3dc337ab27b5452eb10affd9e31f5b55c330e90f0f686a2,0x012a79f65232308a21c98c01555ccafc7dce15c8fed3025a760cbd6c2327 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv index 22f4d6a..eb7b5e6 100644 --- a/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/b233-keyIUT.csv @@ -1 +1 @@ -0061e8a9b517fd05a026ec376616229fd8639a1fa76defe5398022f9d9c8,00706b5cb08738a94552fee584b1372fead4af79040909fcf6f50084bbfa,003c3ee474ac0d0bc1df567e3c35f5f766c5332b2d6730ff0e4d8e75aedb \ No newline at end of file +0x0061e8a9b517fd05a026ec376616229fd8639a1fa76defe5398022f9d9c8,0x00706b5cb08738a94552fee584b1372fead4af79040909fcf6f50084bbfa,0x003c3ee474ac0d0bc1df567e3c35f5f766c5332b2d6730ff0e4d8e75aedb \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b283-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b283-dhc-raw.csv index c1d1432..6bc719a 100644 --- a/src/cz/crcs/ectester/data/test/nist/b283-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/b283-dhc-raw.csv @@ -1 +1 @@ -065194e26090e74047ee75f13f9769d20e1b52189650011e283daa090732cc53755dc366 \ No newline at end of file +0x065194e26090e74047ee75f13f9769d20e1b52189650011e283daa090732cc53755dc366 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b283-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b283-dhc-sha1.csv index 0d7bbf8..6980f80 100644 --- a/src/cz/crcs/ectester/data/test/nist/b283-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/b283-dhc-sha1.csv @@ -1 +1 @@ -75C8297B1DD59937F86C3063E8EC0B2B9AD118BF \ No newline at end of file +0x75c8297b1dd59937f86c3063e8ec0b2b9ad118bf \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b283-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b283-keyCAVS.csv index 9f973e7..52b33fc 100644 --- a/src/cz/crcs/ectester/data/test/nist/b283-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/b283-keyCAVS.csv @@ -1 +1 @@ -02504e1a17819d39f010a4a69a0568299402b58f944a384c7d1a62c9c93ea4d1ff300e13,0265132f7b4c64b74b9179ed0f2e211f4328d625405022f554170da932b80fdf7c1aab12 \ No newline at end of file +0x02504e1a17819d39f010a4a69a0568299402b58f944a384c7d1a62c9c93ea4d1ff300e13,0x0265132f7b4c64b74b9179ed0f2e211f4328d625405022f554170da932b80fdf7c1aab12 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b283-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b283-keyIUT.csv index c7e4b04..8d2d534 100644 --- a/src/cz/crcs/ectester/data/test/nist/b283-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/b283-keyIUT.csv @@ -1 +1 @@ -0561e495563018169804d4c8e2435b4afd85da376d914b69d39246f8e06113aa32e642d2,0781a7f59de7f42f5f9d6c3481f33fc5deb357c6ecf4c758e370d2435de3d8ee737703f4,02f43455842246a2cc8ec068e9d6c6e4160f6ba4e3b5d831d93c1daa8fd3d5a9660c7bb1 \ No newline at end of file +0x0561e495563018169804d4c8e2435b4afd85da376d914b69d39246f8e06113aa32e642d2,0x0781a7f59de7f42f5f9d6c3481f33fc5deb357c6ecf4c758e370d2435de3d8ee737703f4,0x02f43455842246a2cc8ec068e9d6c6e4160f6ba4e3b5d831d93c1daa8fd3d5a9660c7bb1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b409-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b409-dhc-raw.csv index 36c3236..f84d029 100644 --- a/src/cz/crcs/ectester/data/test/nist/b409-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/b409-dhc-raw.csv @@ -1 +1 @@ -01d48a586be9285fa38dd3e70b0330b0ffebd327ceefef88fdc1521ef2fd61cbc9124e03b0c926e70fa56acb3edb54c3c48fab2b \ No newline at end of file +0x01d48a586be9285fa38dd3e70b0330b0ffebd327ceefef88fdc1521ef2fd61cbc9124e03b0c926e70fa56acb3edb54c3c48fab2b \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b409-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b409-dhc-sha1.csv index 7264423..f6db38b 100644 --- a/src/cz/crcs/ectester/data/test/nist/b409-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/b409-dhc-sha1.csv @@ -1 +1 @@ -B6562E95755880A16BC35FCC030AF5FEBC1113D4 \ No newline at end of file +0xb6562e95755880a16bc35fcc030af5febc1113d4 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b409-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b409-keyCAVS.csv index b737359..cecb5f3 100644 --- a/src/cz/crcs/ectester/data/test/nist/b409-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/b409-keyCAVS.csv @@ -1 +1 @@ -0146989a50297be373dd665c45455a2ae4c221da5cd424007bd97f9e8e846f96740f3fa58c3c94129671cdd4d7ea650a2aade9d7,01b42bffda843946a14ad6080f95b8fc6b7e173528d08ed36fe640aaf85aa00fb5edd5905a38b3c7961b7722b77b8dcb44bb25f5 \ No newline at end of file +0x0146989a50297be373dd665c45455a2ae4c221da5cd424007bd97f9e8e846f96740f3fa58c3c94129671cdd4d7ea650a2aade9d7,0x01b42bffda843946a14ad6080f95b8fc6b7e173528d08ed36fe640aaf85aa00fb5edd5905a38b3c7961b7722b77b8dcb44bb25f5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b409-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b409-keyIUT.csv index 5eede05..066d220 100644 --- a/src/cz/crcs/ectester/data/test/nist/b409-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/b409-keyIUT.csv @@ -1 +1 @@ -004ebc4d4acf9b404dabc3af3e8cbea8b88b32999d3ecb7f367b12eb3a6280b840038e22681637a7d16436e014f69616abf72e45,009e24109541c8024217e9ab2c963fa9e373640095a6c25a26eefac58e4342c0c85448b2709592a12402fe2b68a793c558ce8cd6,00ace92103ffe262ac17ad42a46d4366f4cb4c580eff3ab1dde6bddfdbb7374811d52b1fa99320b4af5d4e9208c14eb8efa8916c \ No newline at end of file +0x004ebc4d4acf9b404dabc3af3e8cbea8b88b32999d3ecb7f367b12eb3a6280b840038e22681637a7d16436e014f69616abf72e45,0x009e24109541c8024217e9ab2c963fa9e373640095a6c25a26eefac58e4342c0c85448b2709592a12402fe2b68a793c558ce8cd6,0x00ace92103ffe262ac17ad42a46d4366f4cb4c580eff3ab1dde6bddfdbb7374811d52b1fa99320b4af5d4e9208c14eb8efa8916c \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b571-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/b571-dhc-raw.csv index be74f27..ffef41d 100644 --- a/src/cz/crcs/ectester/data/test/nist/b571-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/b571-dhc-raw.csv @@ -1 +1 @@ -06775e1b99a236e02b020bc73666e5751c1210dcb6e9b02a69f4075376e49f7a1476d2209e861abb73f5e3ad189d268e035b1de93d47b3a64de5783c9a09bc223e1cc612f26dcdf1 \ No newline at end of file +0x06775e1b99a236e02b020bc73666e5751c1210dcb6e9b02a69f4075376e49f7a1476d2209e861abb73f5e3ad189d268e035b1de93d47b3a64de5783c9a09bc223e1cc612f26dcdf1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b571-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/b571-dhc-sha1.csv index 80273a9..d75a7ff 100644 --- a/src/cz/crcs/ectester/data/test/nist/b571-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/b571-dhc-sha1.csv @@ -1 +1 @@ -624E4D4DC60F1064E378D34EF2E1FBB0ADE792E6 \ No newline at end of file +0x624e4d4dc60f1064e378d34ef2e1fbb0ade792e6 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b571-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/b571-keyCAVS.csv index da4a6d6..20b1816 100644 --- a/src/cz/crcs/ectester/data/test/nist/b571-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/b571-keyCAVS.csv @@ -1 +1 @@ -03b63f5fa112ae6b5f113c765144fe4cbd6020e26d400c11609a3a634b9a325f416b0e3d3215734c68a1c2c8fad1d0bb9eb3939a41af22421f68781e7eb0664b9df5cea448deaa3b,008e6cc77bcddc816e84cfc1f626824fa24d3d5fd33d8093cbfe1fc4d881b63b494123bc759670edcb1887bb3b9d5a8b516bc503828163709d4dacb594d277a15a92c064e5770d1b \ No newline at end of file +0x03b63f5fa112ae6b5f113c765144fe4cbd6020e26d400c11609a3a634b9a325f416b0e3d3215734c68a1c2c8fad1d0bb9eb3939a41af22421f68781e7eb0664b9df5cea448deaa3b,0x008e6cc77bcddc816e84cfc1f626824fa24d3d5fd33d8093cbfe1fc4d881b63b494123bc759670edcb1887bb3b9d5a8b516bc503828163709d4dacb594d277a15a92c064e5770d1b \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/b571-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/b571-keyIUT.csv index 53d9e62..8e3973d 100644 --- a/src/cz/crcs/ectester/data/test/nist/b571-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/b571-keyIUT.csv @@ -1 +1 @@ -06af71fcec1a2904116fe14878663764c1ec74870e5d2d53919f0b635912db80dd5460d9e699458ff8494c5bfc74fba8d3b12f65f015e8def10de33f1800191f4cb502d21938b951,019584177b189c6641ffb678b6d7833d8d4bb25dee5018dda4e4c0d219048c01cd0da9eaffe346d53cf1a07b33b3dbdd4bc3acabe4832f9981eff2660991aac852147985eea3a51e,0344f22be87999b95b2287f67430ea8fe646c62fe38b7ce61f1f956597c27bddd9902e20d4436abf3bebd8243ec29a00481a8a2c19f550e99641b5f14aafbb5bda953a7559f8653a \ No newline at end of file +0x06af71fcec1a2904116fe14878663764c1ec74870e5d2d53919f0b635912db80dd5460d9e699458ff8494c5bfc74fba8d3b12f65f015e8def10de33f1800191f4cb502d21938b951,0x019584177b189c6641ffb678b6d7833d8d4bb25dee5018dda4e4c0d219048c01cd0da9eaffe346d53cf1a07b33b3dbdd4bc3acabe4832f9981eff2660991aac852147985eea3a51e,0x0344f22be87999b95b2287f67430ea8fe646c62fe38b7ce61f1f956597c27bddd9902e20d4436abf3bebd8243ec29a00481a8a2c19f550e99641b5f14aafbb5bda953a7559f8653a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k163-dhc-raw.csv index cc8743f..5001502 100644 --- a/src/cz/crcs/ectester/data/test/nist/k163-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/k163-dhc-raw.csv @@ -1 +1 @@ -04325bff38f1b0c83c27f554a6c972a80f14bc23bc \ No newline at end of file +0x04325bff38f1b0c83c27f554a6c972a80f14bc23bc \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k163-dhc-sha1.csv index 7e8dc7a..e03aa60 100644 --- a/src/cz/crcs/ectester/data/test/nist/k163-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/k163-dhc-sha1.csv @@ -1 +1 @@ -5E1384ED2D3D5EFC77E89581BBB467934ECB7B03 \ No newline at end of file +0x5e1384ed2d3d5efc77e89581bbb467934ecb7b03 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv index bc263fb..6f03652 100644 --- a/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/k163-keyCAVS.csv @@ -1 +1 @@ -0574236f1428c432130946783a5b3aabb6c27ea5d6,07908c251b8da021cbac281f123f7af4fac5b3dbb8 \ No newline at end of file +0x0574236f1428c432130946783a5b3aabb6c27ea5d6,0x07908c251b8da021cbac281f123f7af4fac5b3dbb8 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv index af9186c..b34189e 100644 --- a/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/k163-keyIUT.csv @@ -1 +1 @@ -071f8b2877d6027d9c1ade4244f2dea12692ef23d5,05c15ee776221c72b84b347ce383f38067b89c3e9a,006653b6077398fadc7bf5e60158170148c3dc4527 \ No newline at end of file +0x071f8b2877d6027d9c1ade4244f2dea12692ef23d5,0x05c15ee776221c72b84b347ce383f38067b89c3e9a,0x006653b6077398fadc7bf5e60158170148c3dc4527 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k233-dhc-raw.csv index a18a3fb..03193ae 100644 --- a/src/cz/crcs/ectester/data/test/nist/k233-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/k233-dhc-raw.csv @@ -1 +1 @@ -00a822b141ca1f5ad32899e68c54d1fec3df8100df485ebf1c5868a9ac89 \ No newline at end of file +0x00a822b141ca1f5ad32899e68c54d1fec3df8100df485ebf1c5868a9ac89 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k233-dhc-sha1.csv index 3b4b97e..c6c68ac 100644 --- a/src/cz/crcs/ectester/data/test/nist/k233-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/k233-dhc-sha1.csv @@ -1 +1 @@ -70B67E77FB15C14CAAB64C04738E97EA3288C415 \ No newline at end of file +0x70b67e77fb15c14caab64c04738e97ea3288c415 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv index 23c8213..7c60338 100644 --- a/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/k233-keyCAVS.csv @@ -1 +1 @@ -01f40e34b3ed4a1b2d40c056fb75f2ad543c897cfd82f542cf746a0f202f,00c130a1abe92bc4c977c800777996ccc50b90df991a2e81dd515c188599 \ No newline at end of file +0x01f40e34b3ed4a1b2d40c056fb75f2ad543c897cfd82f542cf746a0f202f,0x00c130a1abe92bc4c977c800777996ccc50b90df991a2e81dd515c188599 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv index b4612a2..d8cc078 100644 --- a/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/k233-keyIUT.csv @@ -1 +1 @@ -01a53e5c138b3d83905d563aa1db01274633c986b52f78225a92e33e7952,00ecabd3e2e26729a965604e560ed4498a22b31c39642e1cf99b1dde3ec7,00135a5b8c3ce047fbc5df26277d3bf83ac33ddadb5cf4a050ca82be48f0 \ No newline at end of file +0x01a53e5c138b3d83905d563aa1db01274633c986b52f78225a92e33e7952,0x00ecabd3e2e26729a965604e560ed4498a22b31c39642e1cf99b1dde3ec7,0x00135a5b8c3ce047fbc5df26277d3bf83ac33ddadb5cf4a050ca82be48f0 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k283-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k283-dhc-raw.csv index f10922f..0e14373 100644 --- a/src/cz/crcs/ectester/data/test/nist/k283-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/k283-dhc-raw.csv @@ -1 +1 @@ -0745552817b5d729310b7dbebae687648714a9ae695dad20ca1ab6111c3d054670f21132 \ No newline at end of file +0x0745552817b5d729310b7dbebae687648714a9ae695dad20ca1ab6111c3d054670f21132 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k283-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k283-dhc-sha1.csv index 6770696..6852d2f 100644 --- a/src/cz/crcs/ectester/data/test/nist/k283-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/k283-dhc-sha1.csv @@ -1 +1 @@ -B2A69891DF7B9736507CE0126AB37213DB2CE68F \ No newline at end of file +0xb2a69891df7b9736507ce0126ab37213db2ce68f \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k283-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k283-keyCAVS.csv index 019ac52..f91e05a 100644 --- a/src/cz/crcs/ectester/data/test/nist/k283-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/k283-keyCAVS.csv @@ -1 +1 @@ -03f075c24c35a9dc9952be6fd32b761dce63f4720a22408e3a14bbd097e012b5694c22a0,0675825b40202e95be7dab5a826147e04b8c51a09b0034577c1f31f8c16a70c8e1c85b89 \ No newline at end of file +0x03f075c24c35a9dc9952be6fd32b761dce63f4720a22408e3a14bbd097e012b5694c22a0,0x0675825b40202e95be7dab5a826147e04b8c51a09b0034577c1f31f8c16a70c8e1c85b89 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k283-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k283-keyIUT.csv index cca0cd3..2b19347 100644 --- a/src/cz/crcs/ectester/data/test/nist/k283-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/k283-keyIUT.csv @@ -1 +1 @@ -0611edc045dbe43ecc4ef6b324cd51f70fe3d7ddf877ec68b798909c3c4561756aa30e5f,00833b25511704af09b62d9f7cbac59814e75bbb9c735f55538491dbfa60c1e0115efe42,015fde49b802542a52c70b23a0b1784e5f8780b56853f9a5f8c3a5266e8727dce97d4a17 \ No newline at end of file +0x0611edc045dbe43ecc4ef6b324cd51f70fe3d7ddf877ec68b798909c3c4561756aa30e5f,0x00833b25511704af09b62d9f7cbac59814e75bbb9c735f55538491dbfa60c1e0115efe42,0x015fde49b802542a52c70b23a0b1784e5f8780b56853f9a5f8c3a5266e8727dce97d4a17 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k409-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k409-dhc-raw.csv index 4034d18..f02c0dd 100644 --- a/src/cz/crcs/ectester/data/test/nist/k409-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/k409-dhc-raw.csv @@ -1 +1 @@ -0176bc5c4036ce5125493a58dd265f04d190f028366f7799f70aedf29ac67b5b37c37238593377a47944f5b639f43856dbd560ec \ No newline at end of file +0x0176bc5c4036ce5125493a58dd265f04d190f028366f7799f70aedf29ac67b5b37c37238593377a47944f5b639f43856dbd560ec \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k409-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k409-dhc-sha1.csv index 3f988c9..f4f5cdc 100644 --- a/src/cz/crcs/ectester/data/test/nist/k409-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/k409-dhc-sha1.csv @@ -1 +1 @@ -C25335980D8BF0BE8B039A1B525F6D002EEC48E9 \ No newline at end of file +0xc25335980d8bf0be8b039a1b525f6d002eec48e9 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k409-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k409-keyCAVS.csv index c0bfde5..cc40c76 100644 --- a/src/cz/crcs/ectester/data/test/nist/k409-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/k409-keyCAVS.csv @@ -1 +1 @@ -0177f736f6116320cafbb5b4dec202d40508182fe011189b81e1f3998f5408607a46bb150ac47bcaaafde47b8a7b72f478bc22d2,01df4ef4b37e0124e55b67f3586de24a88a6c5d98854007d4b0c4b4ccd68d51fafa7638bbe555d60b74def217c6a63c5b4068fb7 \ No newline at end of file +0x0177f736f6116320cafbb5b4dec202d40508182fe011189b81e1f3998f5408607a46bb150ac47bcaaafde47b8a7b72f478bc22d2,0x01df4ef4b37e0124e55b67f3586de24a88a6c5d98854007d4b0c4b4ccd68d51fafa7638bbe555d60b74def217c6a63c5b4068fb7 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k409-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k409-keyIUT.csv index 050a771..e8d0c97 100644 --- a/src/cz/crcs/ectester/data/test/nist/k409-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/k409-keyIUT.csv @@ -1 +1 @@ -0068a3f8b12e02d10e2f52095526bc4048b8f6ac3a84531772870789938f1aeff813e05e509ea9587d2b7e4aa14344bac3ec46f0,00d1ceb40c7d5f3297e2955f0f3eb1422b3e6bbbfbf7eb518b9c17ae8d40feb84aaf36f5e5bd96075b2b4dbe538ac011962ac705,00084b711e3c60822e70fa6828b5abfb0e448888b35b0c8bb09f806616dc1ecf22dd86237d937c1bfde62b75ae655953fc6b2f7e \ No newline at end of file +0x0068a3f8b12e02d10e2f52095526bc4048b8f6ac3a84531772870789938f1aeff813e05e509ea9587d2b7e4aa14344bac3ec46f0,0x00d1ceb40c7d5f3297e2955f0f3eb1422b3e6bbbfbf7eb518b9c17ae8d40feb84aaf36f5e5bd96075b2b4dbe538ac011962ac705,0x00084b711e3c60822e70fa6828b5abfb0e448888b35b0c8bb09f806616dc1ecf22dd86237d937c1bfde62b75ae655953fc6b2f7e \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k571-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/k571-dhc-raw.csv index 3b71041..eca4a7b 100644 --- a/src/cz/crcs/ectester/data/test/nist/k571-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/k571-dhc-raw.csv @@ -1 +1 @@ -003198a6b5d6cce847e24348a6a6ceff7a89ed3794d7acedc4e858c80ad04a74dbc02c7038e05ab26b2a299ec92ee0d2c7e66a81872a5157fbc5d4d37ad598d6ddee995ed28a2d74 \ No newline at end of file +0x003198a6b5d6cce847e24348a6a6ceff7a89ed3794d7acedc4e858c80ad04a74dbc02c7038e05ab26b2a299ec92ee0d2c7e66a81872a5157fbc5d4d37ad598d6ddee995ed28a2d74 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k571-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/k571-dhc-sha1.csv index 25265b3..938ba18 100644 --- a/src/cz/crcs/ectester/data/test/nist/k571-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/k571-dhc-sha1.csv @@ -1 +1 @@ -2D3100B4978FCCE89C26C4CEA4B72216EA942D2D \ No newline at end of file +0x2d3100b4978fcce89c26c4cea4b72216ea942d2d \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k571-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/k571-keyCAVS.csv index ba55ab2..71d1e64 100644 --- a/src/cz/crcs/ectester/data/test/nist/k571-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/k571-keyCAVS.csv @@ -1 +1 @@ -03106a5c1d923a0990ea8c6008c36c366b53e5622b98464044741fbc7840284db8bbf602866c30ccbf5f9b7e59cc1d9bfcc5b970fa624da9b15f6cb336f5dda7e6b9924d5dce4543,005c5c7bbd5a789ac4c6283deb0d0d37c4852baa57d6bc2b0ac6337feb09704c44d1b385b70cc394fa235d83e6e7111787e57d0902c0cb132a190a6e62f398511c0c2c4cd50d4570 \ No newline at end of file +0x03106a5c1d923a0990ea8c6008c36c366b53e5622b98464044741fbc7840284db8bbf602866c30ccbf5f9b7e59cc1d9bfcc5b970fa624da9b15f6cb336f5dda7e6b9924d5dce4543,0x005c5c7bbd5a789ac4c6283deb0d0d37c4852baa57d6bc2b0ac6337feb09704c44d1b385b70cc394fa235d83e6e7111787e57d0902c0cb132a190a6e62f398511c0c2c4cd50d4570 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/k571-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/k571-keyIUT.csv index 5607b40..6222122 100644 --- a/src/cz/crcs/ectester/data/test/nist/k571-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/k571-keyIUT.csv @@ -1 +1 @@ -03fbfbbcfba609157f68a23126d805f7c75efb19befb595e3a975e08ff46bd34c8b87b9645c0e86ea0ad915465d5c856c69bb9b722b0d17bf97ad95c4602dea17c6b512054cb22d8,071c16df71e1b71b4bd3d9938827d3959093b9db1ff86bed73944a42dcb67cc33102e28c1d0e9804a6450656f4bf33ad72ecf7bb83bd282cde4bc15d4e48064aa8ad2f02979f5f3f,0173cd1631e18ece01b73b3572ffaa7495c4bc81f4078ae50d69cb1e338acf13469117112921166ddf2d29f3a9f8e10c67e88c9a99203a834565be76ac59126436739a6afa029cc5 \ No newline at end of file +0x03fbfbbcfba609157f68a23126d805f7c75efb19befb595e3a975e08ff46bd34c8b87b9645c0e86ea0ad915465d5c856c69bb9b722b0d17bf97ad95c4602dea17c6b512054cb22d8,0x071c16df71e1b71b4bd3d9938827d3959093b9db1ff86bed73944a42dcb67cc33102e28c1d0e9804a6450656f4bf33ad72ecf7bb83bd282cde4bc15d4e48064aa8ad2f02979f5f3f,0x0173cd1631e18ece01b73b3572ffaa7495c4bc81f4078ae50d69cb1e338acf13469117112921166ddf2d29f3a9f8e10c67e88c9a99203a834565be76ac59126436739a6afa029cc5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p192-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p192-dhc-raw.csv index 45533ec..4f139f7 100644 --- a/src/cz/crcs/ectester/data/test/nist/p192-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/p192-dhc-raw.csv @@ -1 +1 @@ -803d8ab2e5b6e6fca715737c3a82f7ce3c783124f6d51cd0 \ No newline at end of file +0x803d8ab2e5b6e6fca715737c3a82f7ce3c783124f6d51cd0 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p192-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p192-dhc-sha1.csv index 83bac75..f3e01bf 100644 --- a/src/cz/crcs/ectester/data/test/nist/p192-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/p192-dhc-sha1.csv @@ -1 +1 @@ -CB0FFAA3D3F9D5876765CF082EE0B893C8179D19 \ No newline at end of file +0xcb0ffaa3d3f9d5876765cf082ee0b893c8179d19 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p192-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p192-keyCAVS.csv index 8a9bd57..d8a3fab 100644 --- a/src/cz/crcs/ectester/data/test/nist/p192-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/p192-keyCAVS.csv @@ -1 +1 @@ -42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0,dfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523 \ No newline at end of file +0x42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0,0xdfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p192-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p192-keyIUT.csv index af9a670..fb58f03 100644 --- a/src/cz/crcs/ectester/data/test/nist/p192-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/p192-keyIUT.csv @@ -1 +1 @@ -b15053401f57285637ec324c1cd2139e3a67de3739234b37,f269c158637482aad644cd692dd1d3ef2c8a7c49e389f7f6,f17d3fea367b74d340851ca4270dcb24c271f445bed9d527 \ No newline at end of file +0xb15053401f57285637ec324c1cd2139e3a67de3739234b37,0xf269c158637482aad644cd692dd1d3ef2c8a7c49e389f7f6,0xf17d3fea367b74d340851ca4270dcb24c271f445bed9d527 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p224-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p224-dhc-raw.csv index f778111..5a3bb67 100644 --- a/src/cz/crcs/ectester/data/test/nist/p224-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/p224-dhc-raw.csv @@ -1 +1 @@ -7d96f9a3bd3c05cf5cc37feb8b9d5209d5c2597464dec3e9983743e8 \ No newline at end of file +0x7d96f9a3bd3c05cf5cc37feb8b9d5209d5c2597464dec3e9983743e8 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p224-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p224-dhc-sha1.csv index 446e658..8e0e8ec 100644 --- a/src/cz/crcs/ectester/data/test/nist/p224-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/p224-dhc-sha1.csv @@ -1 +1 @@ -D022BCF6EAEF7789EF8D2AEAA9AB9D508944CE03 \ No newline at end of file +0xd022bcf6eaef7789ef8d2aeaa9ab9d508944ce03 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p224-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p224-keyCAVS.csv index 734aad1..183d654 100644 --- a/src/cz/crcs/ectester/data/test/nist/p224-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/p224-keyCAVS.csv @@ -1 +1 @@ -af33cd0629bc7e996320a3f40368f74de8704fa37b8fab69abaae280,882092ccbba7930f419a8a4f9bb16978bbc3838729992559a6f2e2d7 \ No newline at end of file +0xaf33cd0629bc7e996320a3f40368f74de8704fa37b8fab69abaae280,0x882092ccbba7930f419a8a4f9bb16978bbc3838729992559a6f2e2d7 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p224-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p224-keyIUT.csv index 2b84ffa..24b992b 100644 --- a/src/cz/crcs/ectester/data/test/nist/p224-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/p224-keyIUT.csv @@ -1 +1 @@ -8de2e26adf72c582d6568ef638c4fd59b18da171bdf501f1d929e048,4a68a1c2b0fb22930d120555c1ece50ea98dea8407f71be36efac0de,8346a60fc6f293ca5a0d2af68ba71d1dd389e5e40837942df3e43cbd \ No newline at end of file +0x8de2e26adf72c582d6568ef638c4fd59b18da171bdf501f1d929e048,0x4a68a1c2b0fb22930d120555c1ece50ea98dea8407f71be36efac0de,0x8346a60fc6f293ca5a0d2af68ba71d1dd389e5e40837942df3e43cbd \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p256-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p256-dhc-raw.csv index 230fe83..cd8291f 100644 --- a/src/cz/crcs/ectester/data/test/nist/p256-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/p256-dhc-raw.csv @@ -1 +1 @@ -46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b \ No newline at end of file +0x46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p256-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p256-dhc-sha1.csv index 1fa92be..021f92b 100644 --- a/src/cz/crcs/ectester/data/test/nist/p256-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/p256-dhc-sha1.csv @@ -1 +1 @@ -381AE083BF9FF3BB49730A96D4E55AABAE1C42DA \ No newline at end of file +0x381ae083bf9ff3bb49730a96d4e55aabae1c42da \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p256-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p256-keyCAVS.csv index 6920fab..e7b0176 100644 --- a/src/cz/crcs/ectester/data/test/nist/p256-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/p256-keyCAVS.csv @@ -1 +1 @@ -700c48f77f56584c5cc632ca65640db91b6bacce3a4df6b42ce7cc838833d287,db71e509e3fd9b060ddb20ba5c51dcc5948d46fbf640dfe0441782cab85fa4ac \ No newline at end of file +0x700c48f77f56584c5cc632ca65640db91b6bacce3a4df6b42ce7cc838833d287,0xdb71e509e3fd9b060ddb20ba5c51dcc5948d46fbf640dfe0441782cab85fa4ac \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p256-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p256-keyIUT.csv index 211f0d0..0df2f99 100644 --- a/src/cz/crcs/ectester/data/test/nist/p256-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/p256-keyIUT.csv @@ -1 +1 @@ -ead218590119e8876b29146ff89ca61770c4edbbf97d38ce385ed281d8a6b230,28af61281fd35e2fa7002523acc85a429cb06ee6648325389f59edfce1405141,7d7dc5f71eb29ddaf80d6214632eeae03d9058af1fb6d22ed80badb62bc1a534 \ No newline at end of file +0xead218590119e8876b29146ff89ca61770c4edbbf97d38ce385ed281d8a6b230,0x28af61281fd35e2fa7002523acc85a429cb06ee6648325389f59edfce1405141,0x7d7dc5f71eb29ddaf80d6214632eeae03d9058af1fb6d22ed80badb62bc1a534 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p384-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p384-dhc-raw.csv index 0cd1bdc..725e299 100644 --- a/src/cz/crcs/ectester/data/test/nist/p384-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/p384-dhc-raw.csv @@ -1 +1 @@ -5f9d29dc5e31a163060356213669c8ce132e22f57c9a04f40ba7fcead493b457e5621e766c40a2e3d4d6a04b25e533f1 \ No newline at end of file +0x5f9d29dc5e31a163060356213669c8ce132e22f57c9a04f40ba7fcead493b457e5621e766c40a2e3d4d6a04b25e533f1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p384-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p384-dhc-sha1.csv index 5e878f9..765e6de 100644 --- a/src/cz/crcs/ectester/data/test/nist/p384-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/p384-dhc-sha1.csv @@ -1 +1 @@ -F84B679C77F7E42457AA306667AC2E6C2AC1D8D6 \ No newline at end of file +0xf84b679c77f7e42457aa306667ac2e6c2ac1d8d6 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p384-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p384-keyCAVS.csv index 97ce5bc..64c6328 100644 --- a/src/cz/crcs/ectester/data/test/nist/p384-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/p384-keyCAVS.csv @@ -1 +1 @@ -a7c76b970c3b5fe8b05d2838ae04ab47697b9eaf52e764592efda27fe7513272734466b400091adbf2d68c58e0c50066,ac68f19f2e1cb879aed43a9969b91a0839c4c38a49749b661efedf243451915ed0905a32b060992b468c64766fc8437a \ No newline at end of file +0xa7c76b970c3b5fe8b05d2838ae04ab47697b9eaf52e764592efda27fe7513272734466b400091adbf2d68c58e0c50066,0xac68f19f2e1cb879aed43a9969b91a0839c4c38a49749b661efedf243451915ed0905a32b060992b468c64766fc8437a \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p384-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p384-keyIUT.csv index 3c2074a..65cf43d 100644 --- a/src/cz/crcs/ectester/data/test/nist/p384-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/p384-keyIUT.csv @@ -1 +1 @@ -9803807f2f6d2fd966cdd0290bd410c0190352fbec7ff6247de1302df86f25d34fe4a97bef60cff548355c015dbb3e5f,ba26ca69ec2f5b5d9dad20cc9da711383a9dbe34ea3fa5a2af75b46502629ad54dd8b7d73a8abb06a3a3be47d650cc99,3cc3122a68f0d95027ad38c067916ba0eb8c38894d22e1b15618b6818a661774ad463b205da88cf699ab4d43c9cf98a1 \ No newline at end of file +0x9803807f2f6d2fd966cdd0290bd410c0190352fbec7ff6247de1302df86f25d34fe4a97bef60cff548355c015dbb3e5f,0xba26ca69ec2f5b5d9dad20cc9da711383a9dbe34ea3fa5a2af75b46502629ad54dd8b7d73a8abb06a3a3be47d650cc99,0x3cc3122a68f0d95027ad38c067916ba0eb8c38894d22e1b15618b6818a661774ad463b205da88cf699ab4d43c9cf98a1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-dhc-raw.csv b/src/cz/crcs/ectester/data/test/nist/p521-dhc-raw.csv index 9c753ea..6467649 100644 --- a/src/cz/crcs/ectester/data/test/nist/p521-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/nist/p521-dhc-raw.csv @@ -1 +1 @@ -005fc70477c3e63bc3954bd0df3ea0d1f41ee21746ed95fc5e1fdf90930d5e136672d72cc770742d1711c3c3a4c334a0ad9759436a4d3c5bf6e74b9578fac148c831 \ No newline at end of file +0x005fc70477c3e63bc3954bd0df3ea0d1f41ee21746ed95fc5e1fdf90930d5e136672d72cc770742d1711c3c3a4c334a0ad9759436a4d3c5bf6e74b9578fac148c831 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/nist/p521-dhc-sha1.csv index b565784..2f4f557 100644 --- a/src/cz/crcs/ectester/data/test/nist/p521-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/nist/p521-dhc-sha1.csv @@ -1 +1 @@ -1020FB37E0DADA201655AD3CC7410AED9CC034F3 \ No newline at end of file +0x1020fb37e0dada201655ad3cc7410aed9cc034f3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv b/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv index 1c30fa2..c00148e 100644 --- a/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv +++ b/src/cz/crcs/ectester/data/test/nist/p521-keyCAVS.csv @@ -1 +1 @@ -00685a48e86c79f0f0875f7bc18d25eb5fc8c0b07e5da4f4370f3a9490340854334b1e1b87fa395464c60626124a4e70d0f785601d37c09870ebf176666877a2046d,01ba52c56fc8776d9e8f5db4f0cc27636d0b741bbe05400697942e80b739884a83bde99e0f6716939e632bc8986fa18dccd443a348b6c3e522497955a4f3c302f676 \ No newline at end of file +0x00685a48e86c79f0f0875f7bc18d25eb5fc8c0b07e5da4f4370f3a9490340854334b1e1b87fa395464c60626124a4e70d0f785601d37c09870ebf176666877a2046d,0x01ba52c56fc8776d9e8f5db4f0cc27636d0b741bbe05400697942e80b739884a83bde99e0f6716939e632bc8986fa18dccd443a348b6c3e522497955a4f3c302f676 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv b/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv index 45c87be..b36b3b6 100644 --- a/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv +++ b/src/cz/crcs/ectester/data/test/nist/p521-keyIUT.csv @@ -1 +1 @@ -00602f9d0cf9e526b29e22381c203c48a886c2b0673033366314f1ffbcba240ba42f4ef38a76174635f91e6b4ed34275eb01c8467d05ca80315bf1a7bbd945f550a5,01b7c85f26f5d4b2d7355cf6b02117659943762b6d1db5ab4f1dbc44ce7b2946eb6c7de342962893fd387d1b73d7a8672d1f236961170b7eb3579953ee5cdc88cd2d,017eecc07ab4b329068fba65e56a1f8890aa935e57134ae0ffcce802735151f4eac6564f6ee9974c5e6887a1fefee5743ae2241bfeb95d5ce31ddcb6f9edb4d6fc47 \ No newline at end of file +0x00602f9d0cf9e526b29e22381c203c48a886c2b0673033366314f1ffbcba240ba42f4ef38a76174635f91e6b4ed34275eb01c8467d05ca80315bf1a7bbd945f550a5,0x01b7c85f26f5d4b2d7355cf6b02117659943762b6d1db5ab4f1dbc44ce7b2946eb6c7de342962893fd387d1b73d7a8672d1f236961170b7eb3579953ee5cdc88cd2d,0x017eecc07ab4b329068fba65e56a1f8890aa935e57134ae0ffcce802735151f4eac6564f6ee9974c5e6887a1fefee5743ae2241bfeb95d5ce31ddcb6f9edb4d6fc47 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-kdf.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-kdf.csv index e8060e1..eb56e26 100644 --- a/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-kdf.csv +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-kdf.csv @@ -1 +1 @@ -744AB703F5BC082E59185F6D049D2D367DB245C2 +0x744ab703f5bc082e59185f6d049d2d367db245c2 diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-raw.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-raw.csv index 3eac8d9..c246c32 100644 --- a/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-raw.csv +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-raw.csv @@ -1 +1 @@ -CA7C0F8C3FFA87A96E1B74AC8E6AF594347BB40A +0xca7c0f8c3ffa87a96e1b74ac8e6af594347bb40a diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-sha1.csv index 97735e7..d83d932 100644 --- a/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-sha1.csv +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-dh-sha1.csv @@ -1 +1 @@ -D248313E865A1AE677782B54B24D8ABAF11A53C2 +0xd248313e865a1ae677782b54b24d8abaf11a53c2 diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-keyU.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-keyU.csv index bbf9e62..dcbe885 100644 --- a/src/cz/crcs/ectester/data/test/secg/secp160r1-keyU.csv +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-keyU.csv @@ -1 +1 @@ -51B4496FECC406ED0E75A24A3C03206251419DC0,C28DCB4B73A514B468D793894F381CCC1756AA6C,AA374FFC3CE144E6B073307972CB6D57B2A4E982 \ No newline at end of file +0x51b4496fecc406ed0e75a24a3c03206251419dc0,0xc28dcb4b73a514b468d793894f381ccc1756aa6c,0xaa374ffc3ce144e6b073307972cb6d57b2a4e982 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/secp160r1-keyV.csv b/src/cz/crcs/ectester/data/test/secg/secp160r1-keyV.csv index 6d9bc31..59aacda 100644 --- a/src/cz/crcs/ectester/data/test/secg/secp160r1-keyV.csv +++ b/src/cz/crcs/ectester/data/test/secg/secp160r1-keyV.csv @@ -1 +1 @@ -49B41E0E9C0369C2328739D90F63D56707C6E5BC,26E008B567015ED96D232A03111C3EDC0E9C8F83,45FB58A92A17AD4B15101C66E74F277E2B460866 +0x49b41e0e9c0369c2328739d90f63d56707c6e5bc,0x26e008b567015ed96d232a03111c3edc0e9c8f83,0x45fb58a92a17ad4b15101c66e74f277e2b460866 diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-kdf.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-kdf.csv index fe86cff..06a416f 100644 --- a/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-kdf.csv +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-kdf.csv @@ -1 +1 @@ -6655A9C8F9E593149DB24C91CE621641035C9282 \ No newline at end of file +0x6655a9c8f9e593149db24c91ce621641035c9282 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-raw.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-raw.csv index 4007c6d..94eacd8 100644 --- a/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-raw.csv +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-raw.csv @@ -1 +1 @@ -0357C3DCD1DF3E27BD8885170EE4975B5081DA7FA7 \ No newline at end of file +0x0357c3dcd1df3e27bd8885170ee4975b5081da7fa7 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-sha1.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-sha1.csv index badc2b7..651b80c 100644 --- a/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-sha1.csv +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dh-sha1.csv @@ -1 +1 @@ -13132F8088D60F9FE0D955AE04C9D20DA829A38B \ No newline at end of file +0x13132f8088d60f9fe0d955ae04c9d20da829a38b \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-kdf.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-kdf.csv index b9c6f47..c234f31 100644 --- a/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-kdf.csv +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-kdf.csv @@ -1 +1 @@ -59798528083F50B07528353CDA99D0E460A7229D \ No newline at end of file +0x59798528083f50b07528353cda99d0e460a7229d \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-raw.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-raw.csv index 8ec537a..46a0a0f 100644 --- a/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-raw.csv +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-raw.csv @@ -1 +1 @@ -04CB89474B33A518E1C3CD11BEB6E2B0CF48BEE64D \ No newline at end of file +0x04cb89474b33a518e1c3cd11beb6e2b0cf48bee64d \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-sha1.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-sha1.csv index b96d64e..4839c25 100644 --- a/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-sha1.csv +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-dhc-sha1.csv @@ -1 +1 @@ -08E7DBCB78FE4020578C5EAA0AACA2CFFB7B38ED \ No newline at end of file +0x08e7dbcb78fe4020578c5eaa0aaca2cffb7b38ed \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-keyU.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-keyU.csv index 23fc166..b516f3b 100644 --- a/src/cz/crcs/ectester/data/test/secg/sect163k1-keyU.csv +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-keyU.csv @@ -1 +1 @@ -037D529FA37E42195F10111127FFB2BB38644806BC,0447026EEE8B34157F3EB51BE5185D2BE0249ED776,03A41434AA99C2EF40C8495B2ED9739CB2155A1E0D \ No newline at end of file +0x037d529fa37e42195f10111127ffb2bb38644806bc,0x0447026eee8b34157f3eb51be5185d2be0249ed776,0x03a41434aa99c2ef40c8495b2ed9739cb2155a1e0d \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/test/secg/sect163k1-keyV.csv b/src/cz/crcs/ectester/data/test/secg/sect163k1-keyV.csv index 6197eba..00ab019 100644 --- a/src/cz/crcs/ectester/data/test/secg/sect163k1-keyV.csv +++ b/src/cz/crcs/ectester/data/test/secg/sect163k1-keyV.csv @@ -1 +1 @@ -072783FAAB9549002B4F13140B88132D1C75B3886C,05A976794EA79A4DE26E2E19418F097942C08641C7,57E8A78E842BF4ACD5C315AA0569DB1703541D96 \ No newline at end of file +0x072783faab9549002b4f13140b88132d1c75b3886c,0x05a976794ea79a4de26e2e19418f097942c08641c7,0x57e8a78e842bf4acd5c315aa0569db1703541d96 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp128.csv b/src/cz/crcs/ectester/data/wrong/wrongp128.csv index fce3f24..d24da0e 100644 --- a/src/cz/crcs/ectester/data/wrong/wrongp128.csv +++ b/src/cz/crcs/ectester/data/wrong/wrongp128.csv @@ -1 +1 @@ -f9c44412b2cca89ba4f1ca271d143323,9f5d27633551f202cd129e15712f0c64,dd1cdcde6e8da4b594bd4055bd601dca,27d3f8fea47ec1814569080b2aec652f,ebf29da39d7a387fdc3ee3a6e1898d0d,53416c063b998d8936fb4337f4300dcf,3 \ No newline at end of file +0xf9c44412b2cca89ba4f1ca271d143323,0x9f5d27633551f202cd129e15712f0c64,0xdd1cdcde6e8da4b594bd4055bd601dca,0x27d3f8fea47ec1814569080b2aec652f,0xebf29da39d7a387fdc3ee3a6e1898d0d,0x53416c063b998d8936fb4337f4300dcf,0x3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp160.csv b/src/cz/crcs/ectester/data/wrong/wrongp160.csv index b6a4784..20dea88 100644 --- a/src/cz/crcs/ectester/data/wrong/wrongp160.csv +++ b/src/cz/crcs/ectester/data/wrong/wrongp160.csv @@ -1 +1 @@ -4353148e2ad8805dff87bfd7fd6b78da022417dd,3e41d827a2fc528cfead39f1c38699073daa2e8c,12a5b38d121e1274d92be25459340117189b6aa9,12ee1c85d8270955746c2262915d9af9ec5864bb,3458e410d63535a091e43785ad9b48b5cb26f3f2,0d77041c6ef819ac664e599199157d655c5dbc83,5 \ No newline at end of file +0x4353148e2ad8805dff87bfd7fd6b78da022417dd,0x3e41d827a2fc528cfead39f1c38699073daa2e8c,0x12a5b38d121e1274d92be25459340117189b6aa9,0x12ee1c85d8270955746c2262915d9af9ec5864bb,0x3458e410d63535a091e43785ad9b48b5cb26f3f2,0x0d77041c6ef819ac664e599199157d655c5dbc83,0x5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp192.csv b/src/cz/crcs/ectester/data/wrong/wrongp192.csv index 9abf44e..7d2241c 100644 --- a/src/cz/crcs/ectester/data/wrong/wrongp192.csv +++ b/src/cz/crcs/ectester/data/wrong/wrongp192.csv @@ -1 +1 @@ -9eb2bb2b250ffded1686035b63e7e5d995ba781a011d3b22,4e167abc2774f53d04a800d3a45c83a2a63b671b21a4550d,142b292e4b02ede63ed10aa901d9b51fe119f27d57a3a063,916f6535f2781de3c6c9e84fbe27d5f46287fa6827a6c8f5,93bceca98e0f1ba4f52838f80d057f9b364e01f235c55719,34e63e63b70554a45cd75673cbf7f748873e140ff2e02e30,3 \ No newline at end of file +0x9eb2bb2b250ffded1686035b63e7e5d995ba781a011d3b22,0x4e167abc2774f53d04a800d3a45c83a2a63b671b21a4550d,0x142b292e4b02ede63ed10aa901d9b51fe119f27d57a3a063,0x916f6535f2781de3c6c9e84fbe27d5f46287fa6827a6c8f5,0x93bceca98e0f1ba4f52838f80d057f9b364e01f235c55719,0x34e63e63b70554a45cd75673cbf7f748873e140ff2e02e30,0x3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp224.csv b/src/cz/crcs/ectester/data/wrong/wrongp224.csv index ab1c78a..aeaaae4 100644 --- a/src/cz/crcs/ectester/data/wrong/wrongp224.csv +++ b/src/cz/crcs/ectester/data/wrong/wrongp224.csv @@ -1 +1 @@ -7fc961151375f20321881d4a704c5263d09d0270fa799aac8265a7d9,6d9aac79206bc67534b41e623995fcf15584bac41e0a5e309c2ac6d7,1a0167d5a679d3524753df6be9d797990838d2ff222b1d9b64c4fc8b,124f913cdf8e182956eef18ab9456d2114e38d9262dbf06285d9a4a2,7501d823647e2fbe9e9e1fd7f2eaac15cb84680ba290775c7338c569,198ead04371796cd6d1b390ee34276e0c3529a168953d9a4cb78e25b,5 \ No newline at end of file +0x7fc961151375f20321881d4a704c5263d09d0270fa799aac8265a7d9,0x6d9aac79206bc67534b41e623995fcf15584bac41e0a5e309c2ac6d7,0x1a0167d5a679d3524753df6be9d797990838d2ff222b1d9b64c4fc8b,0x124f913cdf8e182956eef18ab9456d2114e38d9262dbf06285d9a4a2,0x7501d823647e2fbe9e9e1fd7f2eaac15cb84680ba290775c7338c569,0x198ead04371796cd6d1b390ee34276e0c3529a168953d9a4cb78e25b,0x5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp256.csv b/src/cz/crcs/ectester/data/wrong/wrongp256.csv index 98c6a06..6902618 100644 --- a/src/cz/crcs/ectester/data/wrong/wrongp256.csv +++ b/src/cz/crcs/ectester/data/wrong/wrongp256.csv @@ -1 +1 @@ -f93f4bfacd5dc41609ec790ace7b58b3a8466b533440a986a1b6252657840329,dedd6767ca13b7ed136d0725772e7665f7b8d7450541e747ebb22b188b0298cd,cb32f6d3febf6b2558e583de19180b286a0d0ca4cbc0b5ae40b2684ca5fa0549,e9f44e8e52268d84a2ac538a35469f041e5096b1c885922d7068c24c4f7986ab,927d137b6af7330546218ca73fd396483a1ca02e43bfd9e8e1266fe182cc6108,5315195399c9ec0758a42858ef7e72e68d6cce71116ae323eb0a5313fec656ca,3 \ No newline at end of file +0xf93f4bfacd5dc41609ec790ace7b58b3a8466b533440a986a1b6252657840329,0xdedd6767ca13b7ed136d0725772e7665f7b8d7450541e747ebb22b188b0298cd,0xcb32f6d3febf6b2558e583de19180b286a0d0ca4cbc0b5ae40b2684ca5fa0549,0xe9f44e8e52268d84a2ac538a35469f041e5096b1c885922d7068c24c4f7986ab,0x927d137b6af7330546218ca73fd396483a1ca02e43bfd9e8e1266fe182cc6108,0x5315195399c9ec0758a42858ef7e72e68d6cce71116ae323eb0a5313fec656ca,0x3 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp384.csv b/src/cz/crcs/ectester/data/wrong/wrongp384.csv index 856a315..694ae78 100644 --- a/src/cz/crcs/ectester/data/wrong/wrongp384.csv +++ b/src/cz/crcs/ectester/data/wrong/wrongp384.csv @@ -1 +1 @@ -e5c59884cfefc22682cbc0f1d18b574c2cec33ace6ff00246db133dd25b6b8eca6e192324f73815c131e06ac129cf3c6,738b368de5c4b0be23c8c197df7d098372e49ef6719c02c64833a8834518cd8c0d9241f72100cb5051db0657f75a1c23,69754b463614c2e2dbcf6dccf623cc0f1acdc19e54cb228dbaf071459f4af4c8b6665e814653ec77937f93aba77d5c83,74019d327322b23f79888df61d0549c60983e967f9d783298c9fabb05d3f50380b75b9c0925016ab8606a3c7cb304fee,319d25a6e657db46b06dc875f23a25cd7dd85312706b98f7d42e5fef6205efa94c9e3de358442bbba0078c836474b886,2df451b429965a07b3c259c9f6b577dc08fc0a55c7cc99a0e2bd0a5f6df1582f549383a3a97d80459d6c67bc03b8fd8e,5 \ No newline at end of file +0xe5c59884cfefc22682cbc0f1d18b574c2cec33ace6ff00246db133dd25b6b8eca6e192324f73815c131e06ac129cf3c6,0x738b368de5c4b0be23c8c197df7d098372e49ef6719c02c64833a8834518cd8c0d9241f72100cb5051db0657f75a1c23,0x69754b463614c2e2dbcf6dccf623cc0f1acdc19e54cb228dbaf071459f4af4c8b6665e814653ec77937f93aba77d5c83,0x74019d327322b23f79888df61d0549c60983e967f9d783298c9fabb05d3f50380b75b9c0925016ab8606a3c7cb304fee,0x319d25a6e657db46b06dc875f23a25cd7dd85312706b98f7d42e5fef6205efa94c9e3de358442bbba0078c836474b886,0x2df451b429965a07b3c259c9f6b577dc08fc0a55c7cc99a0e2bd0a5f6df1582f549383a3a97d80459d6c67bc03b8fd8e,0x5 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/wrong/wrongp521.csv b/src/cz/crcs/ectester/data/wrong/wrongp521.csv index 4f8b2a3..76fe2f2 100644 --- a/src/cz/crcs/ectester/data/wrong/wrongp521.csv +++ b/src/cz/crcs/ectester/data/wrong/wrongp521.csv @@ -1 +1 @@ -189a60ffc98c7183895a913cce35a6a9eb598dd37031ef413b22efdfce0c66a39adbc7807185d2f9258e236d97fcefbc399d96b21367b72d96aa4db8e17e085eb6b,14fa01ed55832127e87f87781de9dd477302be69dec9d55ca741569bddebf3f4356ded7a21173937426b7e28cd25704c715e85d677d1ebfe4349943269fa3f420b2,151ff15174ae4126937a8a1ab0f1d64f85fdf6edebd29615e822ffa44b6e2a951b918f49444ffc4bfc09f0f8bda8c30f095ab5d8aa5bcc26a16245d848e0beb9d88,1544b864fe3e9891aedcf537c6f7d3de1f77ee74ef1d3122f0c2d891189895f56362be7d031503b1d23ca7bd978650a49efce4d437dedec0e3325ca40c1f8ef2ee0,140197a9f062bad1e447eb6c1f4385f7dde488f0d1ba76a83750d2e9d59db3b7826c0bdb2294c8a2fb08e62152824a05a67dfd8528084b1865018e0a6c6204057c8,189a60ffc98c7183895a913cce35a6a9eb598dd37031ef413b22efdfce0c66a39adbc7807185d2f9258e236d97fcefbc399d96b21367b72d96aa4db8e17e085eb6a,5 \ No newline at end of file +0x189a60ffc98c7183895a913cce35a6a9eb598dd37031ef413b22efdfce0c66a39adbc7807185d2f9258e236d97fcefbc399d96b21367b72d96aa4db8e17e085eb6b,0x14fa01ed55832127e87f87781de9dd477302be69dec9d55ca741569bddebf3f4356ded7a21173937426b7e28cd25704c715e85d677d1ebfe4349943269fa3f420b2,0x151ff15174ae4126937a8a1ab0f1d64f85fdf6edebd29615e822ffa44b6e2a951b918f49444ffc4bfc09f0f8bda8c30f095ab5d8aa5bcc26a16245d848e0beb9d88,0x1544b864fe3e9891aedcf537c6f7d3de1f77ee74ef1d3122f0c2d891189895f56362be7d031503b1d23ca7bd978650a49efce4d437dedec0e3325ca40c1f8ef2ee0,0x140197a9f062bad1e447eb6c1f4385f7dde488f0d1ba76a83750d2e9d59db3b7826c0bdb2294c8a2fb08e62152824a05a67dfd8528084b1865018e0a6c6204057c8,0x189a60ffc98c7183895a913cce35a6a9eb598dd37031ef413b22efdfce0c66a39adbc7807185d2f9258e236d97fcefbc399d96b21367b72d96aa4db8e17e085eb6a,0x5 \ No newline at end of file -- cgit v1.2.3-70-g09d2 From d6d1f38f8c8cf5bf9f6b1acc714d191e04632d56 Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 24 May 2017 01:12:26 +0200 Subject: Fix logging to file, add -y / --yes option to force yes --- !uploader/ectester.cap | Bin 14877 -> 14882 bytes dist/ECTester.jar | Bin 710757 -> 712232 bytes src/cz/crcs/ectester/reader/ECTester.java | 37 +++++++++++++++++++---------- src/cz/crcs/ectester/reader/TestSuite.java | 27 +++++++++++---------- 4 files changed, 39 insertions(+), 25 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index c0b0b0b..cf783e5 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 21b95f5..d672e37 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 4ba8e9a..b1bd1b5 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -150,8 +150,14 @@ public class ECTester { System.err.println("Not a number. " + nfex.getMessage()); } catch (FileNotFoundException fnfe) { System.err.println("File " + fnfe.getMessage() + " not found."); - } catch (ParseException | IOException | CardException ex) { + } catch (ParseException | IOException ex) { System.err.println(ex.getMessage()); + } catch (CardException ex) { + if (systemOutLogger != null) + systemOutLogger.println(ex.getMessage()); + } finally { + if (systemOutLogger != null) + systemOutLogger.flush(); } } @@ -201,6 +207,7 @@ public class ECTester { * * -f / --fresh * -s / --simulate + * -y / --yes */ OptionGroup actions = new OptionGroup(); actions.setRequired(true); @@ -250,6 +257,7 @@ public class ECTester { opts.addOption(Option.builder("f").longOpt("fresh").desc("Generate fresh keys (set domain parameters before every generation).").build()); opts.addOption(Option.builder("s").longOpt("simulate").desc("Simulate a card with jcardsim instead of using a terminal.").build()); + opts.addOption(Option.builder("y").longOpt("yes").desc("Accept all warnings and prompts.").build()); CommandLineParser parser = new DefaultParser(); return parser.parse(opts, args); @@ -385,32 +393,35 @@ public class ECTester { switch (cfg.testSuite) { case "default": - suite = new TestSuite.Default(dataStore, cfg); + suite = new TestSuite.Default(dataStore, cfg, systemOutLogger); break; case "test-vectors": - suite = new TestSuite.TestVectors(dataStore, cfg); + suite = new TestSuite.TestVectors(dataStore, cfg, systemOutLogger); break; default: // These tests are dangerous, prompt before them. System.out.println("The test you selected (" + cfg.testSuite + ") is potentially dangerous."); System.out.println("Some of these tests have caused temporary DoS of some cards."); - System.out.print("Do you want to proceed? (y/n): "); - Scanner in = new Scanner(System.in); - String confirmation = in.nextLine(); - if (!Arrays.asList("yes", "YES", "y", "Y").contains(confirmation)) { - return; + if (!cfg.yes) { + System.out.print("Do you want to proceed? (y/n): "); + Scanner in = new Scanner(System.in); + String confirmation = in.nextLine(); + if (!Arrays.asList("yes", "YES", "y", "Y").contains(confirmation)) { + return; + } + in.close(); } - in.close(); + switch (cfg.testSuite) { case "wrong": - suite = new TestSuite.Wrong(dataStore, cfg); + suite = new TestSuite.Wrong(dataStore, cfg, systemOutLogger); break; case "nonprime": - suite = new TestSuite.NonPrime(dataStore, cfg); + suite = new TestSuite.NonPrime(dataStore, cfg, systemOutLogger); break; case "invalid": - suite = new TestSuite.Invalid(dataStore, cfg); + suite = new TestSuite.Invalid(dataStore, cfg, systemOutLogger); break; default: System.err.println("Unknown test suite."); @@ -595,6 +606,7 @@ public class ECTester { public String output; public boolean fresh = false; public boolean simulate = false; + public boolean yes = false; //Action-related ions public String listNamed; @@ -642,6 +654,7 @@ public class ECTester { output = cli.getOptionValue("output"); fresh = cli.hasOption("fresh"); simulate = cli.hasOption("simulate"); + yes = cli.hasOption("yes"); if (cli.hasOption("list-named")) { listNamed = cli.getOptionValue("list-named"); diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index 414c2a9..958c51d 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -4,7 +4,6 @@ import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.reader.ec.*; -import javacard.security.Key; import javacard.security.KeyPair; import javax.smartcardio.CardException; @@ -18,12 +17,14 @@ public abstract class TestSuite { EC_Store dataStore; ECTester.Config cfg; + DirtyLogger systemOut; String name; List tests = new LinkedList<>(); - TestSuite(EC_Store dataStore, ECTester.Config cfg, String name) { + TestSuite(EC_Store dataStore, ECTester.Config cfg, DirtyLogger systemOut, String name) { this.dataStore = dataStore; this.cfg = cfg; + this.systemOut = systemOut; this.name = name; } @@ -31,7 +32,7 @@ public abstract class TestSuite { for (Test t : tests) { if (!t.hasRun()) { t.run(); - System.out.println(t); + systemOut.println(t.toString()); } } return tests; @@ -97,8 +98,8 @@ public abstract class TestSuite { public static class Default extends TestSuite { - public Default(EC_Store dataStore, ECTester.Config cfg) { - super(dataStore, cfg, "default"); + public Default(EC_Store dataStore, ECTester.Config cfg, DirtyLogger systemOut) { + super(dataStore, cfg, systemOut, "default"); } @Override @@ -150,8 +151,8 @@ public abstract class TestSuite { public static class TestVectors extends TestSuite { - public TestVectors(EC_Store dataStore, ECTester.Config cfg) { - super(dataStore, cfg, "test"); + public TestVectors(EC_Store dataStore, ECTester.Config cfg, DirtyLogger systemOut) { + super(dataStore, cfg, systemOut, "test"); } @Override @@ -206,8 +207,8 @@ public abstract class TestSuite { public static class NonPrime extends TestSuite { - public NonPrime(EC_Store dataStore, ECTester.Config cfg) { - super(dataStore, cfg, "nonprime"); + public NonPrime(EC_Store dataStore, ECTester.Config cfg, DirtyLogger systemOut) { + super(dataStore, cfg, systemOut, "nonprime"); } @Override @@ -242,8 +243,8 @@ public abstract class TestSuite { public static class Invalid extends TestSuite { - public Invalid(EC_Store dataStore, ECTester.Config cfg) { - super(dataStore, cfg, "invalid"); + public Invalid(EC_Store dataStore, ECTester.Config cfg, DirtyLogger systemOut) { + super(dataStore, cfg, systemOut, "invalid"); } @Override @@ -288,8 +289,8 @@ public abstract class TestSuite { public static class Wrong extends TestSuite { - public Wrong(EC_Store dataStore, ECTester.Config cfg) { - super(dataStore, cfg, "wrong"); + public Wrong(EC_Store dataStore, ECTester.Config cfg, DirtyLogger systemOut) { + super(dataStore, cfg, systemOut, "wrong"); } @Override -- cgit v1.2.3-70-g09d2 From dc05a5025543f14c633f663f2b366ab3b53b45da Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 24 May 2017 18:54:49 +0200 Subject: Added ANSSI curve and GOST curves --- dist/ECTester.jar | Bin 712232 -> 715834 bytes src/cz/crcs/ectester/data/anssi/curves.xml | 10 ++++++++++ src/cz/crcs/ectester/data/anssi/frp256v1.csv | 1 + src/cz/crcs/ectester/data/categories.xml | 10 ++++++++++ src/cz/crcs/ectester/data/gost/curves.xml | 16 ++++++++++++++++ src/cz/crcs/ectester/data/gost/gost256.csv | 1 + src/cz/crcs/ectester/data/gost/gost512.csv | 1 + 7 files changed, 39 insertions(+) create mode 100644 src/cz/crcs/ectester/data/anssi/curves.xml create mode 100644 src/cz/crcs/ectester/data/anssi/frp256v1.csv create mode 100644 src/cz/crcs/ectester/data/gost/curves.xml create mode 100644 src/cz/crcs/ectester/data/gost/gost256.csv create mode 100644 src/cz/crcs/ectester/data/gost/gost512.csv diff --git a/dist/ECTester.jar b/dist/ECTester.jar index d672e37..5544cfd 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/data/anssi/curves.xml b/src/cz/crcs/ectester/data/anssi/curves.xml new file mode 100644 index 0000000..0456e67 --- /dev/null +++ b/src/cz/crcs/ectester/data/anssi/curves.xml @@ -0,0 +1,10 @@ + + + + FRP256v1 + 256 + prime + frp256v1.csv + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anssi/frp256v1.csv b/src/cz/crcs/ectester/data/anssi/frp256v1.csv new file mode 100644 index 0000000..3e5428d --- /dev/null +++ b/src/cz/crcs/ectester/data/anssi/frp256v1.csv @@ -0,0 +1 @@ +0xf1fd178c0b3ad58f10126de8ce42435b3961adbcabc8ca6de8fcf353d86e9c03,0xf1fd178c0b3ad58f10126de8ce42435b3961adbcabc8ca6de8fcf353d86e9c00,0xee353fca5428a9300d4aba754a44c00fdfec0c9ae4b1a1803075ed967b7bb73f,0xb6b3d4c356c139eb31183d4749d423958c27d2dcaf98b70164c97a2dd98f5cff,0x6142e0f7c8b204911f9271f0f3ecef8c2701c307e8e4c9e183115a1554062cfb,0xf1fd178c0b3ad58f10126de8ce42435b53dc67e140d2bf941ffdd459c6d655e1,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/categories.xml b/src/cz/crcs/ectester/data/categories.xml index 29dcba0..c53a7c0 100644 --- a/src/cz/crcs/ectester/data/categories.xml +++ b/src/cz/crcs/ectester/data/categories.xml @@ -21,6 +21,16 @@ secg SEC 2: Recommended Elliptic Curve Domain Parameters version 2.0 January 27, 2010 + + anssi + anssi + Agence nationale de la sécurité des systèmes d'information: Publication d'un paramétrage de courbe elliptique visant des applications de passeport électronique et de l'administration électronique française. 21 November 2011 + + + GOST + gost + GOST R 34.10-2001: RFC5832 + nonprime nonprime diff --git a/src/cz/crcs/ectester/data/gost/curves.xml b/src/cz/crcs/ectester/data/gost/curves.xml new file mode 100644 index 0000000..2b83c5e --- /dev/null +++ b/src/cz/crcs/ectester/data/gost/curves.xml @@ -0,0 +1,16 @@ + + + + gost256 + 256 + prime + gost256.csv + + + gost512 + 512 + prime + gost512.csv + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/gost/gost256.csv b/src/cz/crcs/ectester/data/gost/gost256.csv new file mode 100644 index 0000000..baea45a --- /dev/null +++ b/src/cz/crcs/ectester/data/gost/gost256.csv @@ -0,0 +1 @@ +0x8000000000000000000000000000000000000000000000000000000000000431,0x7,0x5fbff498aa938ce739b8e022fbafef40563f6e6a3472fc2a514c0ce9dae23b7e,0x2,0x8e2a8a0e65147d4bd6316030e16d19c85c97f0a9ca267122b96abbcea7e8fc8,0x8000000000000000000000000000000150fe8a1892976154c59cfc193accf5b3,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/gost/gost512.csv b/src/cz/crcs/ectester/data/gost/gost512.csv new file mode 100644 index 0000000..5b24d59 --- /dev/null +++ b/src/cz/crcs/ectester/data/gost/gost512.csv @@ -0,0 +1 @@ +0x4531acd1fe0023c7550d267b6b2fee80922b14b2ffb90f04d4eb7c09b5d2d15df1d852741af4704a0458047e80e4546d35b8336fac224dd81664bbf528be6373,0x7,0x1cff0806a31116da29d8cfa54e57eb748bc5f377e49400fdd788b649eca1ac4361834013b2ad7322480a89ca58e0cf74bc9e540c2add6897fad0a3084f302adc,0x24d19cc64572ee30f396bf6ebbfd7a6c5213b3b3d7057cc825f91093a68cd762fd60611262cd838dc6b60aa7eee804e28bc849977fac33b4b530f1b120248a9a,0x2bb312a43bd2ce6e0d020613c857acddcfbf061e91e5f2c3f32447c259f39b2c83ab156d77f1496bf7eb3351e1ee4e43dc1a18b91b24640b6dbb92cb1add371e,0x4531acd1fe0023c7550d267b6b2fee80922b14b2ffb90f04d4eb7c09b5d2d15da82f2d7ecb1dbac719905c5eecc423f1d86e25edbe23c595d644aaf187e6e6df,0x1 \ No newline at end of file -- cgit v1.2.3-70-g09d2 From 7cc7c46edc4fc788c4ce2e7aaf64d01b645629d0 Mon Sep 17 00:00:00 2001 From: J08nY Date: Fri, 2 Jun 2017 00:47:35 +0200 Subject: Fix ECDH tests --- !uploader/ectester.cap | Bin 14882 -> 15878 bytes dist/ECTester.jar | Bin 715834 -> 721244 bytes src/cz/crcs/ectester/applet/AppletUtil.java | 1 - src/cz/crcs/ectester/applet/ECKeyTester.java | 45 +++++++++++++ src/cz/crcs/ectester/applet/ECTesterApplet.java | 65 +++++++++++++++++- src/cz/crcs/ectester/applet/EC_Consts.java | 85 +++++++++++++++++++----- src/cz/crcs/ectester/reader/Command.java | 35 ++++++++++ src/cz/crcs/ectester/reader/TestSuite.java | 12 ++-- 8 files changed, 220 insertions(+), 23 deletions(-) diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index cf783e5..689610b 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 5544cfd..ff5c75f 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/AppletUtil.java b/src/cz/crcs/ectester/applet/AppletUtil.java index 296541d..532b44e 100644 --- a/src/cz/crcs/ectester/applet/AppletUtil.java +++ b/src/cz/crcs/ectester/applet/AppletUtil.java @@ -51,7 +51,6 @@ public class AppletUtil { sum += read; read = apdu.receiveBytes((short) 0); } while (sum < total); - // TODO figure this out, in buffer + out buffer(apdubuf) or just send each param on its own? return 0; } } diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 7664c72..b18073f 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -66,6 +66,21 @@ public class ECKeyTester { return length; } + private short testKA_direct(KeyAgreement ka, KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outpuBuffer, short outputOffset, short corruption) { + short length = 0; + try { + sw = AppletUtil.kaCheck(ka); + sw = AppletUtil.keypairCheck(privatePair); + + ka.init(privatePair.getPrivate()); + pubkeyLength = EC_Consts.corruptParameter(corruption, pubkey, pubkeyOffset, pubkeyLength); + length = ka.generateSecret(pubkey, pubkeyOffset, pubkeyLength, outpuBuffer, outputOffset); + } catch (CardRuntimeException ce) { + sw = ce.getReason(); + } + return length; + } + /** * Tests ECDH secret generation with keys from given {@code privatePair} and {@code publicPair}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. @@ -84,6 +99,10 @@ public class ECKeyTester { return testKA(ecdhKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } + public short testECDH_direct(KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outpuBuffer, short outputOffset, short corruption) { + return testKA_direct(ecdhKeyAgreement, privatePair, pubkey, pubkeyOffset, pubkeyLength, outpuBuffer, outputOffset, corruption); + } + /** * Tests ECDHC secret generation with keys from given {@code privatePair} and {@code publicPair}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. @@ -102,6 +121,10 @@ public class ECKeyTester { return testKA(ecdhcKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } + public short testECDHC_direct(KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outpuBuffer, short outputOffset, short corruption) { + return testKA_direct(ecdhcKeyAgreement, privatePair, pubkey, pubkeyOffset, pubkeyLength, outpuBuffer, outputOffset, corruption); + } + /** * @param privatePair KeyPair from which the private key is used * @param publicPair KeyPair from which the public key is used @@ -126,7 +149,22 @@ public class ECKeyTester { sw = ECTesterApplet.SW_DH_DHC_MISMATCH; } return length; + } + public short testBOTH_direct(KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset, short corruption) { + short ecdhLength = testECDH_direct(privatePair, pubkey, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset, corruption); + if (sw != ISO7816.SW_NO_ERROR) { + return ecdhLength; + } + short ecdhcLength = testECDHC_direct(privatePair, pubkey, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset, corruption); + short length = (short) (ecdhLength + ecdhcLength); + if (sw != ISO7816.SW_NO_ERROR) { + return length; + } + if (javacard.framework.Util.arrayCompare(outputBuffer, outputOffset, outputBuffer, (short) (outputOffset + ecdhLength), ecdhLength) != 0) { + sw = ECTesterApplet.SW_DH_DHC_MISMATCH; + } + return length; } /** @@ -146,6 +184,13 @@ public class ECKeyTester { return testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } + public short testANY_direct(KeyPair privatePair, byte[] pubkey, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset, short corruption) { + short ecdhLength = testECDH_direct(privatePair, pubkey, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset, corruption); + if (sw == ISO7816.SW_NO_ERROR) + return ecdhLength; + return testECDHC_direct(privatePair, pubkey, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset, corruption); + } + /** * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. * Then checks for correct signature length. diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index a7d8537..c2e2c63 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -51,9 +51,10 @@ public class ECTesterApplet extends Applet implements ExtendedLength { public static final byte INS_GENERATE = (byte) 0x5e; public static final byte INS_EXPORT = (byte) 0x5f; public static final byte INS_ECDH = (byte) 0x60; - public static final byte INS_ECDSA = (byte) 0x61; - public static final byte INS_CLEANUP = (byte) 0x62; - public static final byte INS_SUPPORT = (byte) 0x63; + public static final byte INS_ECDH_DIRECT = (byte) 0x61; + public static final byte INS_ECDSA = (byte) 0x62; + public static final byte INS_CLEANUP = (byte) 0x63; + public static final byte INS_SUPPORT = (byte) 0x64; // PARAMETERS for P1 and P2 public static final byte KEYPAIR_LOCAL = (byte) 0x01; @@ -164,6 +165,9 @@ public class ECTesterApplet extends Applet implements ExtendedLength { case INS_ECDH: length = insECDH(apdu); break; + case INS_ECDH_DIRECT: + length = insECDH_direct(apdu); + break; case INS_ECDSA: length = insECDSA(apdu); break; @@ -357,6 +361,26 @@ public class ECTesterApplet extends Applet implements ExtendedLength { return ecdh(pubkey, privkey, export, corruption, type, apdu.getBuffer(), (short) 0); } + /** + * + * @param apdu P1 = byte privkey (KEYPAIR_*) + * @return P2 = byte export (EXPORT_TRUE || EXPORT_FALSE) + * DATA = short corruption (EC_Consts.CORRUPTION_* | ...) + * byte type (EC_Consts.KA_* | ...) + * short length + * byte[] pubkey + */ + private short insECDH_direct(APDU apdu) { + byte privkey = apduArray[ISO7816.OFFSET_P1]; + byte export = apduArray[ISO7816.OFFSET_P2]; + short cdata = apdu.getOffsetCdata(); + short corruption = Util.getShort(apduArray, cdata); + byte type = apduArray[(short) (cdata + 2)]; + short length = Util.getShort(apduArray, (short) (cdata + 3)); + + return ecdh_direct(privkey, export, corruption, type, (short) (cdata + 5), length, apdu.getBuffer(), (short) 0); + } + /** * Performs ECDSA signature and verification on data provided or random, using the keyPair in P1(local/remote). * returns ecdsa SW, {@code if(export == EXPORT_TRUE)} => short signature_length, byte[] signature @@ -581,6 +605,41 @@ public class ECTesterApplet extends Applet implements ExtendedLength { return length; } + private short ecdh_direct(byte privkey, byte export, short corruption, byte type, short keyOffset, short keyLength, byte[] outBuffer, short outOffset) { + short length = 0; + + KeyPair priv = ((privkey & KEYPAIR_LOCAL) != 0) ? localKeypair : remoteKeypair; + + short secretLength = 0; + switch (type) { + case EC_Consts.KA_ECDH: + secretLength = keyTester.testECDH_direct(priv, apduArray, keyOffset, keyLength, outBuffer, outOffset, corruption); + break; + case EC_Consts.KA_ECDHC: + secretLength = keyTester.testECDHC_direct(priv, apduArray, keyOffset, keyLength, outBuffer, outOffset, corruption); + break; + case EC_Consts.KA_BOTH: + secretLength = keyTester.testBOTH_direct(priv, apduArray, keyOffset, keyLength, outBuffer, outOffset, corruption); + break; + case EC_Consts.KA_ANY: + secretLength = keyTester.testANY_direct(priv, apduArray, keyOffset, keyLength, outBuffer, outOffset, corruption); + break; + default: + ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); + } + + Util.setShort(outBuffer, outOffset, keyTester.getSW()); + length += 2; + + if ((export == EXPORT_TRUE)) { + Util.setShort(outBuffer, (short) (outOffset + length), secretLength); + length += 2; + Util.arrayCopyNonAtomic(ramArray2, (short) 0, outBuffer, (short) (outOffset + length), secretLength); + length += secretLength; + } + return length; + } + /** * @param sign keyPair to use for signing and verification * @param export whether to export ECDSA signature diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index 53eab41..04cd55e 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -68,6 +68,45 @@ public class EC_Consts { public static RandomData randomData = null; + // secp112r1 + public static final byte[] EC112_FP_P = new byte[]{ + (byte) 0xdb, (byte) 0x7c, (byte) 0x2a, (byte) 0xbf, + (byte) 0x62, (byte) 0xe3, (byte) 0x5e, (byte) 0x66, + (byte) 0x80, (byte) 0x76, (byte) 0xbe, (byte) 0xad, + (byte) 0x20, (byte) 0x8b}; + + public static final byte[] EC112_FP_A = new byte[]{ + (byte) 0xdb, (byte) 0x7c, (byte) 0x2a, (byte) 0xbf, + (byte) 0x62, (byte) 0xe3, (byte) 0x5e, (byte) 0x66, + (byte) 0x80, (byte) 0x76, (byte) 0xbe, (byte) 0xad, + (byte) 0x20, (byte) 0x88}; + + public static final byte[] EC112_FP_B = new byte[]{ + (byte) 0x65, (byte) 0x9e, (byte) 0xf8, (byte) 0xba, + (byte) 0x04, (byte) 0x39, (byte) 0x16, (byte) 0xee, + (byte) 0xde, (byte) 0x89, (byte) 0x11, (byte) 0x70, + (byte) 0x2b, (byte) 0x22}; + + public static final byte[] EC112_FP_G_X = new byte[]{ + (byte) 0x09, (byte) 0x48, (byte) 0x72, (byte) 0x39, + (byte) 0x99, (byte) 0x5a, (byte) 0x5e, (byte) 0xe7, + (byte) 0x6b, (byte) 0x55, (byte) 0xf9, (byte) 0xc2, + (byte) 0xf0, (byte) 0x98}; + + public static final byte[] EC112_FP_G_Y = new byte[]{ + (byte) 0xa8, (byte) 0x9c, (byte) 0xe5, (byte) 0xaf, + (byte) 0x87, (byte) 0x24, (byte) 0xc0, (byte) 0xa2, + (byte) 0x3e, (byte) 0x0e, (byte) 0x0f, (byte) 0xf7, + (byte) 0x75, (byte) 0x00}; + + public static final byte[] EC112_FP_R = new byte[]{ + (byte) 0xdb, (byte) 0x7c, (byte) 0x2a, (byte) 0xbf, + (byte) 0x62, (byte) 0xe3, (byte) 0x5e, (byte) 0x76, + (byte) 0x28, (byte) 0xdf, (byte) 0xac, (byte) 0x65, + (byte) 0x61, (byte) 0xc5}; + + public static final short EC112_FP_K = 1; + // secp128r1 from http://www.secg.org/sec2-v2.pdf public static final byte[] EC128_FP_P = new byte[]{ @@ -971,31 +1010,34 @@ public class EC_Consts { public static final byte CURVE_external = (byte) 0xff; // SECP recommended curves over FP - public static final byte CURVE_secp128r1 = (byte) 1; - public static final byte CURVE_secp160r1 = (byte) 2; - public static final byte CURVE_secp192r1 = (byte) 3; - public static final byte CURVE_secp224r1 = (byte) 4; - public static final byte CURVE_secp256r1 = (byte) 5; - public static final byte CURVE_secp384r1 = (byte) 6; - public static final byte CURVE_secp521r1 = (byte) 7; + public static final byte CURVE_secp112r1 = (byte) 1; + public static final byte CURVE_secp128r1 = (byte) 2; + public static final byte CURVE_secp160r1 = (byte) 3; + public static final byte CURVE_secp192r1 = (byte) 4; + public static final byte CURVE_secp224r1 = (byte) 5; + public static final byte CURVE_secp256r1 = (byte) 6; + public static final byte CURVE_secp384r1 = (byte) 7; + public static final byte CURVE_secp521r1 = (byte) 8; - public static final byte FP_CURVES = (byte) 7; + public static final byte FP_CURVES = (byte) 8; // SECP recommended curves over F2M - public static final byte CURVE_sect163r1 = (byte) 8; - public static final byte CURVE_sect233r1 = (byte) 9; - public static final byte CURVE_sect283r1 = (byte) 10; - public static final byte CURVE_sect409r1 = (byte) 11; - public static final byte CURVE_sect571r1 = (byte) 12; + public static final byte CURVE_sect163r1 = (byte) 9; + public static final byte CURVE_sect233r1 = (byte) 10; + public static final byte CURVE_sect283r1 = (byte) 11; + public static final byte CURVE_sect409r1 = (byte) 12; + public static final byte CURVE_sect571r1 = (byte) 13; - public static final byte F2M_CURVES = (byte) 12; + public static final byte F2M_CURVES = (byte) 13; - public static final short[] FP_SIZES = new short[]{112, 128, 160, 192, 224, 256, 384, 512, 521}; + public static final short[] FP_SIZES = new short[]{112, 128, 160, 192, 224, 256, 384, 521}; public static final short[] F2M_SIZES = new short[]{163, 233, 283, 409, 571}; public static byte getCurve(short keyLength, byte keyClass) { if (keyClass == KeyPair.ALG_EC_FP) { switch (keyLength) { + case (short) 112: + return CURVE_secp112r1; case (short) 128: return CURVE_secp128r1; case (short) 160: @@ -1037,6 +1079,19 @@ public class EC_Consts { public static short getCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset) { byte alg = getCurveType(curve); switch (curve) { + case CURVE_secp112r1: { + EC_FP_P = EC112_FP_P; + EC_A = EC112_FP_A; + EC_B = EC112_FP_B; + EC_G_X = EC112_FP_G_X; + EC_G_Y = EC112_FP_G_Y; + EC_R = EC112_FP_R; + EC_K = EC112_FP_K; + EC_W_X = null; + EC_W_Y = null; + EC_S = null; + break; + } case CURVE_secp128r1: { EC_FP_P = EC128_FP_P; EC_A = EC128_FP_A; diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index 6c2b769..5b7be01 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -429,6 +429,41 @@ public abstract class Command { } } + /** + * + */ + public static class ECDH_direct extends Command { + private byte privkey; + private byte export; + private short corruption; + private byte type; + private byte[] pubkey; + + protected ECDH_direct(CardMngr cardManager, byte privkey, byte export, short corruption, byte type, byte[] pubkey) { + super(cardManager); + this.privkey = privkey; + this.export = export; + this.corruption = corruption; + this.type = type; + this.pubkey = pubkey; + + byte[] data = new byte[3 + pubkey.length]; + Util.setShort(data, 0, corruption); + data[2] = type; + System.arraycopy(pubkey, 0, data, 3, pubkey.length); + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_ECDH_DIRECT, privkey, export, data); + } + + @Override + public Response.ECDH send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.ECDH(response, elapsed, ECTesterApplet.KEYPAIR_REMOTE, privkey, export, corruption, type); + } + } + public static class ECDSA extends Command { private byte keyPair; private byte export; diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index 958c51d..7118dd8 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -232,8 +232,11 @@ public abstract class TestSuite { tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.ANY)); tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL), Test.Result.ANY)); - tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten()), Test.Result.ANY)); - tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH), Test.Result.FAILURE)); + + //tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten()), Test.Result.ANY)); + //tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH), Test.Result.FAILURE)); + tests.add(new Test(new Command.ECDH_direct(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH, key.flatten()), Test.Result.FAILURE)); + tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); } } @@ -277,8 +280,9 @@ public abstract class TestSuite { tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.SUCCESS)); tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL), Test.Result.SUCCESS)); for (EC_Key.Public pub : keys) { - tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, pub.getParams(), pub.flatten()), Test.Result.ANY)); - tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ANY), Test.Result.FAILURE)); + // tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, pub.getParams(), pub.flatten()), Test.Result.ANY)); + // tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ANY), Test.Result.FAILURE)); + tests.add(new Test(new Command.ECDH_direct(cardManager, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ANY, pub.flatten()), Test.Result.FAILURE)); } tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); } -- cgit v1.2.3-70-g09d2 From 350188e444b6743ac23c030c2c407ae3311416b1 Mon Sep 17 00:00:00 2001 From: J08nY Date: Fri, 2 Jun 2017 02:22:00 +0200 Subject: Add printing of curve refresh command when generating. --- dist/ECTester.jar | Bin 721244 -> 721271 bytes src/cz/crcs/ectester/reader/ECTester.java | 3 ++- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/dist/ECTester.jar b/dist/ECTester.jar index ff5c75f..f44b150 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index b1bd1b5..3b5b84f 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -349,7 +349,8 @@ public class ECTester { int retry = 0; while (generated < cfg.generateAmount || cfg.generateAmount == 0) { if ((cfg.fresh || generated == 0) && curve != null) { - curve.send(); + Response fresh = curve.send(); + systemOutLogger.println(fresh.toString()); } Command.Generate generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL); -- cgit v1.2.3-70-g09d2 From 3f1483635615a0c599ae2e75858be4e39eb08a64 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sat, 3 Jun 2017 15:49:12 +0200 Subject: Add some more examples to TESTS.md --- TESTS.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/TESTS.md b/TESTS.md index 1e4f5ca..465ca5d 100644 --- a/TESTS.md +++ b/TESTS.md @@ -25,6 +25,16 @@ java -jar ECTester.jar -nc secg -a -fp -t ``` tests all(`-a`), prime field(`-fp`) SECG curves, using the default test suite. +```bash +java -jar ECTester.jar -u -a -f2m -t +``` +tests all(`-a`), binary field(`-f2m`), custom(`-u`) curves. + +```bash +java -jar ECTester.jar -b 128 -fp -t +``` +tests a 128 bit(`-b`), prime field(`-fp`) curve, (if a default one is present). + ## Test-Vectors Tests using known test vectors provided by NIST/SECG/Brainpool: -- cgit v1.2.3-70-g09d2