From 6a9f2181e9fa0fad8732261bb923b0c24b232747 Mon Sep 17 00:00:00 2001
From: J08nY
Date: Sat, 27 Apr 2024 00:06:25 +0200
Subject: Add XDH to standalone CLI.

---
 .../java/cz/crcs/ectester/common/util/ECUtil.java  | 54 +++++++++++++++++++---
 1 file changed, 48 insertions(+), 6 deletions(-)

(limited to 'common')

diff --git a/common/src/main/java/cz/crcs/ectester/common/util/ECUtil.java b/common/src/main/java/cz/crcs/ectester/common/util/ECUtil.java
index f9be536..74fccc9 100644
--- a/common/src/main/java/cz/crcs/ectester/common/util/ECUtil.java
+++ b/common/src/main/java/cz/crcs/ectester/common/util/ECUtil.java
@@ -2,20 +2,22 @@ package cz.crcs.ectester.common.util;
 
 import cz.crcs.ectester.common.ec.*;
 import cz.crcs.ectester.data.EC_Store;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.crypto.digests.SHA1Digest;
 import org.bouncycastle.crypto.signers.PlainDSAEncoding;
 import org.bouncycastle.crypto.signers.StandardDSAEncoding;
+import org.bouncycastle.jcajce.interfaces.EdDSAPrivateKey;
+import org.bouncycastle.jcajce.interfaces.EdDSAPublicKey;
+import org.bouncycastle.jcajce.interfaces.XDHPrivateKey;
+import org.bouncycastle.jcajce.interfaces.XDHPublicKey;
 
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.math.BigInteger;
 import java.nio.charset.StandardCharsets;
-import java.security.KeyPair;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.interfaces.ECKey;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
+import java.security.*;
+import java.security.interfaces.*;
 import java.security.spec.*;
 import java.util.LinkedList;
 import java.util.List;
@@ -456,6 +458,46 @@ public class ECUtil {
         return null;
     }
 
+    public static byte[] pubkeyToBytes(PublicKey pubkey) {
+        if (pubkey instanceof ECPublicKey) {
+            ECPublicKey ecPublicKey = (ECPublicKey) pubkey;
+            return ECUtil.toX962Uncompressed(ecPublicKey.getW(), ecPublicKey.getParams());
+        } else if (pubkey instanceof XECPublicKey) {
+            XECPublicKey xedPublicKey = (XECPublicKey) pubkey;
+            return xedPublicKey.getU().toByteArray();
+        } else if (pubkey instanceof EdECPublicKey) {
+            EdECPublicKey edECPublicKey = (EdECPublicKey) pubkey;
+            return edECPublicKey.getPoint().getY().toByteArray();
+        } else if (pubkey instanceof XDHPublicKey) {
+            XDHPublicKey xdhPublicKey = (XDHPublicKey) pubkey;
+            return xdhPublicKey.getU().toByteArray();
+            // Special-case BouncyCastle XDH
+        } else if (pubkey instanceof EdDSAPublicKey) {
+            EdDSAPublicKey edDSAPublicKey = (EdDSAPublicKey) pubkey;
+            // Special-case BouncyCastle EdDSA
+            return edDSAPublicKey.getPointEncoding();
+        }
+        return null;
+    }
+
+    public static byte[] privkeyToBytes(PrivateKey privkey) {
+        if (privkey instanceof ECPrivateKey) {
+            ECPrivateKey ecPrivateKey = (ECPrivateKey) privkey;
+            return ecPrivateKey.getS().toByteArray();
+        } else if (privkey instanceof XECPrivateKey) {
+            XECPrivateKey xecPrivateKey = (XECPrivateKey) privkey;
+            return xecPrivateKey.getScalar().get();
+        } else if (privkey instanceof EdECPrivateKey) {
+            EdECPrivateKey edECPrivateKey = (EdECPrivateKey) privkey;
+            return edECPrivateKey.getBytes().get();
+        } else if (privkey instanceof XDHPrivateKey || privkey instanceof EdDSAPrivateKey) {
+            // Special-case BouncyCastle XDH and EdDSA
+            PrivateKeyInfo xpkinfo = PrivateKeyInfo.getInstance(privkey.getEncoded());
+            return ASN1OctetString.getInstance(xpkinfo.getPrivateKey().getOctets()).getOctets();
+        }
+        return null;
+    }
+
     public static boolean equalKeyPairParameters(ECPrivateKey priv, ECPublicKey pub) {
         if (priv == null || pub == null) {
             return false;
-- 
cgit v1.2.3-70-g09d2


From 2d6081dd3044a1d76a7e30f25d704a42fe8d2411 Mon Sep 17 00:00:00 2001
From: J08nY
Date: Sat, 27 Apr 2024 00:24:22 +0200
Subject: Add note about required Java versions.

---
 .github/workflows/build.yml | 4 ++--
 README.md                   | 5 ++++-
 common/build.gradle.kts     | 2 +-
 standalone/build.gradle.kts | 2 +-
 4 files changed, 8 insertions(+), 5 deletions(-)

(limited to 'common')

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 8ad7bcd..10769c1 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -52,7 +52,7 @@ jobs:
 
     strategy:
       matrix:
-        java: [ "11", "17", "21" ]
+        java: [ "15", "17", "21" ]
     name: Build reader on Java ${{ matrix.java }}
     steps:
       - uses: actions/checkout@v4
@@ -88,7 +88,7 @@ jobs:
 
     strategy:
       matrix:
-        java: [ "17", "21" ]
+        java: [ "15", "17", "21" ]
     env:
       # ffs: https://github.com/adoptium/adoptium-support/issues/485 !!!
       # also, add the wolfcrypt JNI path
diff --git a/README.md b/README.md
index f9cbfd7..726be68 100644
--- a/README.md
+++ b/README.md
@@ -36,12 +36,15 @@ There are three parts of ECTester, the JavaCard applet used for testing, the rea
 standalone app which tests software libraries. The target platform for ECTester is Linux, but things should work on
 Windows as well, although testing of standalone libraries will be limited to Java libraries and Microsoft CNG library.
 
+The ECTester parts require different Java versions. Reader and standalone parts require Java >= 15 while the applet build
+will be able to target different JavaCard versions based on the Java version, see [this list](https://github.com/martinpaljak/ant-javacard/wiki/JavaCard-SDK-and-JDK-version-compatibility).
+
 To build ECTester simply do:
 ```bash
 git submodule update --init --recursive       # To initialize submodules (JavaCard SDKs, Microsoft CNG, BoringSSL, ...)
 ./gradlew :applet:buildJavaCard               # To build the applet (cap) -> "applet/build/javacard/applet[221,222,305].cap".
 ./gradlew :reader:uberJar                     # To build the reader tool (jar) -> "reader/build/libs/ECTesterReader.jar"
-./gradlew :standalone:libs                    # To build the native library shims. (Necessary
+./gradlew :standalone:libs                    # To build the native library shims.
 ./gradlew :standalone:uberJar                 # To build the standalone tool (jar) -> "standalone/build/libs/ECTesterStandalone.jar"
 ```
 The applet comes in several flavors, targeting JavaCard `2.2.1`, `2.2.2` and `3.0.5`. The `2.2.2` and later flavors
diff --git a/common/build.gradle.kts b/common/build.gradle.kts
index 0aca7fb..1aff0d7 100644
--- a/common/build.gradle.kts
+++ b/common/build.gradle.kts
@@ -23,5 +23,5 @@ dependencies {
 }
 
 java {
-    sourceCompatibility = JavaVersion.VERSION_11
+    sourceCompatibility = JavaVersion.VERSION_15
 }
\ No newline at end of file
diff --git a/standalone/build.gradle.kts b/standalone/build.gradle.kts
index f8d7f9b..5ad3fb4 100644
--- a/standalone/build.gradle.kts
+++ b/standalone/build.gradle.kts
@@ -25,7 +25,7 @@ dependencies {
 }
 
 java {
-    sourceCompatibility = JavaVersion.VERSION_11
+    sourceCompatibility = JavaVersion.VERSION_15
 }
 
 application {
-- 
cgit v1.2.3-70-g09d2