From c676bacffd1305e1efc49b34d87ffd0a0a695ea7 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 6 Nov 2018 16:12:09 +0100 Subject: Backport applet to JavaCard 2.2.1 to support more cards. --- src/cz/crcs/ectester/reader/command/Command.java | 28 ++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'src/cz/crcs/ectester/reader/command') diff --git a/src/cz/crcs/ectester/reader/command/Command.java b/src/cz/crcs/ectester/reader/command/Command.java index 5a4af21..d2e08ee 100644 --- a/src/cz/crcs/ectester/reader/command/Command.java +++ b/src/cz/crcs/ectester/reader/command/Command.java @@ -864,5 +864,33 @@ public abstract class Command implements Cloneable { return "Request JCSystem object deletion"; } } + + /** + * + */ + public static class GetInfo extends Command { + + /** + * @param cardManager cardManager to send APDU through + */ + public GetInfo(CardMngr cardManager) { + super(cardManager); + + this.cmd = new CommandAPDU(ECTesterApplet.CLA_ECTESTERAPPLET, ECTesterApplet.INS_GET_INFO, 0, 0); + } + + @Override + public Response.GetInfo send() throws CardException { + long elapsed = -System.nanoTime(); + ResponseAPDU response = cardManager.send(cmd); + elapsed += System.nanoTime(); + return new Response.GetInfo(response, getDescription(), elapsed); + } + + @Override + public String getDescription() { + return "Get applet info"; + } + } } -- cgit v1.2.3-70-g09d2 From 9e157bc1d0a42848bb8f780f4f7b294ad535feda Mon Sep 17 00:00:00 2001 From: J08nY Date: Fri, 9 Nov 2018 19:42:35 +0100 Subject: FIx loading of F2m field, fix some utility functions. --- src/cz/crcs/ectester/applet/ECKeyGenerator.java | 9 ++++----- src/cz/crcs/ectester/reader/ECTesterReader.java | 4 ++-- src/cz/crcs/ectester/reader/command/Command.java | 9 +++++++++ 3 files changed, 15 insertions(+), 7 deletions(-) (limited to 'src/cz/crcs/ectester/reader/command') diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index 7c52e8f..4326752 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -204,11 +204,10 @@ public class ECKeyGenerator { short i1 = Util.getShort(data, (short) (offset + 2)); short i2 = Util.getShort(data, (short) (offset + 4)); short i3 = Util.getShort(data, (short) (offset + 6)); -// if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); -// if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); - // TODO: fix this, ^^ fails on jcardsim, but is up to spec - if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i3, i2, i1); - if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i3, i2, i1); + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); + // if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i3, i2, i1); + // if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i3, i2, i1); } else { sw = ISO7816.SW_UNKNOWN; } diff --git a/src/cz/crcs/ectester/reader/ECTesterReader.java b/src/cz/crcs/ectester/reader/ECTesterReader.java index 1359dc2..2a74ea7 100644 --- a/src/cz/crcs/ectester/reader/ECTesterReader.java +++ b/src/cz/crcs/ectester/reader/ECTesterReader.java @@ -424,10 +424,10 @@ public class ECTesterReader { */ private void generate() throws CardException, IOException { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + Command curve = Command.prepareCurve(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass); Response allocate = new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass).send(); respWriter.outputResponse(allocate); - Command curve = Command.prepareCurve(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_LOCAL, cfg.bits, keyClass); OutputStreamWriter keysFile = FileUtil.openFiles(cfg.outputs); keysFile.write("index;time;pubW;privS\n"); @@ -552,10 +552,10 @@ public class ECTesterReader { */ private void ecdh() throws IOException, CardException { byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + Command curve = Command.prepareCurve(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_BOTH, cfg.bits, keyClass); List prepare = new LinkedList<>(); prepare.add(new Command.AllocateKeyAgreement(cardManager, cfg.ECKAType).send()); // Prepare KeyAgreement or required type prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, cfg.bits, keyClass).send()); - Command curve = Command.prepareCurve(cardManager, EC_Store.getInstance(), cfg, ECTesterApplet.KEYPAIR_BOTH, cfg.bits, keyClass); if (curve != null) prepare.add(curve.send()); diff --git a/src/cz/crcs/ectester/reader/command/Command.java b/src/cz/crcs/ectester/reader/command/Command.java index d2e08ee..7a3f3b0 100644 --- a/src/cz/crcs/ectester/reader/command/Command.java +++ b/src/cz/crcs/ectester/reader/command/Command.java @@ -133,6 +133,9 @@ public abstract class Command implements Cloneable { } else { keypair = dataStore.getObject(EC_Keypair.class, cfg.namedKey); } + if (keypair == null) { + throw new IOException("KeyPair not found."); + } data = keypair.flatten(); if (data == null) { @@ -155,6 +158,9 @@ public abstract class Command implements Cloneable { pub = dataStore.getObject(EC_Keypair.class, cfg.namedPublicKey); } } + if (pub == null) { + throw new IOException("Public key not found."); + } byte[] pubkey = pub.flatten(EC_Consts.PARAMETER_W); if (pubkey == null) { @@ -177,6 +183,9 @@ public abstract class Command implements Cloneable { priv = dataStore.getObject(EC_Keypair.class, cfg.namedPrivateKey); } } + if (priv == null) { + throw new IOException("Private key not found."); + } byte[] privkey = priv.flatten(EC_Consts.PARAMETER_S); if (privkey == null) { -- cgit v1.2.3-70-g09d2 From cc531b1ea70050da42bdd2b0cc611d33200a90a9 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sun, 11 Nov 2018 17:06:50 +0100 Subject: Add MNT curves, cleanup misc and compression tests. --- src/cz/crcs/ectester/common/util/CardUtil.java | 52 +++++++++++++++ src/cz/crcs/ectester/data/bn/curves.xml | 16 +++++ src/cz/crcs/ectester/data/categories.xml | 12 +++- src/cz/crcs/ectester/data/misc/keys.xml | 50 +++++++++++++++ src/cz/crcs/ectester/data/misc/results.xml | 14 ++++ src/cz/crcs/ectester/data/mnt/curves.xml | 74 ++++++++++++++++++++++ src/cz/crcs/ectester/data/mnt/mnt1.csv | 1 + src/cz/crcs/ectester/data/mnt/mnt2_1.csv | 1 + src/cz/crcs/ectester/data/mnt/mnt2_2.csv | 1 + src/cz/crcs/ectester/data/mnt/mnt3_1.csv | 1 + src/cz/crcs/ectester/data/mnt/mnt3_2.csv | 1 + src/cz/crcs/ectester/data/mnt/mnt3_3.csv | 1 + src/cz/crcs/ectester/data/mnt/mnt4.csv | 1 + src/cz/crcs/ectester/data/mnt/mnt5_1.csv | 1 + src/cz/crcs/ectester/data/mnt/mnt5_2.csv | 1 + src/cz/crcs/ectester/data/mnt/mnt5_3.csv | 1 + src/cz/crcs/ectester/data/other/keys.xml | 50 --------------- src/cz/crcs/ectester/data/other/results.xml | 14 ---- src/cz/crcs/ectester/reader/command/Command.java | 13 +--- .../ectester/reader/test/CardCompressionSuite.java | 13 ++-- .../ectester/reader/test/CardEdgeCasesSuite.java | 6 +- .../crcs/ectester/reader/test/CardMiscSuite.java | 67 ++++++++++++-------- 22 files changed, 280 insertions(+), 111 deletions(-) create mode 100644 src/cz/crcs/ectester/data/misc/keys.xml create mode 100644 src/cz/crcs/ectester/data/misc/results.xml create mode 100644 src/cz/crcs/ectester/data/mnt/curves.xml create mode 100644 src/cz/crcs/ectester/data/mnt/mnt1.csv create mode 100644 src/cz/crcs/ectester/data/mnt/mnt2_1.csv create mode 100644 src/cz/crcs/ectester/data/mnt/mnt2_2.csv create mode 100644 src/cz/crcs/ectester/data/mnt/mnt3_1.csv create mode 100644 src/cz/crcs/ectester/data/mnt/mnt3_2.csv create mode 100644 src/cz/crcs/ectester/data/mnt/mnt3_3.csv create mode 100644 src/cz/crcs/ectester/data/mnt/mnt4.csv create mode 100644 src/cz/crcs/ectester/data/mnt/mnt5_1.csv create mode 100644 src/cz/crcs/ectester/data/mnt/mnt5_2.csv create mode 100644 src/cz/crcs/ectester/data/mnt/mnt5_3.csv delete mode 100644 src/cz/crcs/ectester/data/other/keys.xml delete mode 100644 src/cz/crcs/ectester/data/other/results.xml (limited to 'src/cz/crcs/ectester/reader/command') diff --git a/src/cz/crcs/ectester/common/util/CardUtil.java b/src/cz/crcs/ectester/common/util/CardUtil.java index e7b370c..4f7a29a 100644 --- a/src/cz/crcs/ectester/common/util/CardUtil.java +++ b/src/cz/crcs/ectester/common/util/CardUtil.java @@ -409,6 +409,58 @@ public class CardUtil { } } + public static String getCurveName(byte curve) { + String result = ""; + switch (curve) { + case EC_Consts.CURVE_default: + result = "default"; + break; + case EC_Consts.CURVE_external: + result = "external"; + break; + case EC_Consts.CURVE_secp112r1: + result = "secp112r1"; + break; + case EC_Consts.CURVE_secp128r1: + result = "secp128r1"; + break; + case EC_Consts.CURVE_secp160r1: + result = "secp160r1"; + break; + case EC_Consts.CURVE_secp192r1: + result = "secp192r1"; + break; + case EC_Consts.CURVE_secp224r1: + result = "secp224r1"; + break; + case EC_Consts.CURVE_secp256r1: + result = "secp256r1"; + break; + case EC_Consts.CURVE_secp384r1: + result = "secp384r1"; + break; + case EC_Consts.CURVE_secp521r1: + result = "secp521r1"; + break; + case EC_Consts.CURVE_sect163r1: + result = "sect163r1"; + break; + case EC_Consts.CURVE_sect233r1: + result = "sect233r1"; + break; + case EC_Consts.CURVE_sect283r1: + result = "sect283r1"; + break; + case EC_Consts.CURVE_sect409r1: + result = "sect409r1"; + break; + case EC_Consts.CURVE_sect571r1: + result = "sect571r1"; + break; + } + return result; + } + public static String getParameterString(short params) { String what = ""; if (params == EC_Consts.PARAMETERS_DOMAIN_F2M || params == EC_Consts.PARAMETERS_DOMAIN_FP) { diff --git a/src/cz/crcs/ectester/data/bn/curves.xml b/src/cz/crcs/ectester/data/bn/curves.xml index ddf2263..c5ca22f 100644 --- a/src/cz/crcs/ectester/data/bn/curves.xml +++ b/src/cz/crcs/ectester/data/bn/curves.xml @@ -6,95 +6,111 @@ 158 prime bn158.csv + Barreto-Naehrig curve from eprint 2010/429. bn190 190 prime bn190.csv + Barreto-Naehrig curve from eprint 2010/429. bn222 222 prime bn222.csv + Barreto-Naehrig curve from eprint 2010/429. bn254 254 prime bn254.csv + Barreto-Naehrig curve from eprint 2010/429. bn286 286 prime bn286.csv + Barreto-Naehrig curve from eprint 2010/429. bn318 318 prime bn318.csv + Barreto-Naehrig curve from eprint 2010/429. bn350 350 prime bn350.csv + Barreto-Naehrig curve from eprint 2010/429. bn382 382 prime bn382.csv + Barreto-Naehrig curve from eprint 2010/429. bn414 414 prime bn414.csv + Barreto-Naehrig curve from eprint 2010/429. bn446 446 prime bn446.csv + Barreto-Naehrig curve from eprint 2010/429. bn478 478 prime bn478.csv + Barreto-Naehrig curve from eprint 2010/429. bn510 510 prime bn510.csv + Barreto-Naehrig curve from eprint 2010/429. bn542 542 prime bn542.csv + Barreto-Naehrig curve from eprint 2010/429. bn574 574 prime bn574.csv + Barreto-Naehrig curve from eprint 2010/429. bn606 606 prime bn606.csv + Barreto-Naehrig curve from eprint 2010/429. bn638 638 prime bn638.csv + Barreto-Naehrig curve from eprint 2010/429. \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/categories.xml b/src/cz/crcs/ectester/data/categories.xml index 082f92c..0776b99 100644 --- a/src/cz/crcs/ectester/data/categories.xml +++ b/src/cz/crcs/ectester/data/categories.xml @@ -5,7 +5,7 @@ anomalous anomalous - These prime field curves have the same order as the field order, and are susceptible to attacks reducing ECDLP over a multiplicative group of the curve, to DLP over an additive group of the underlying field, which is easy (linear time). + These prime field curves have the same order as the field order. Some are from https://dspace.jaist.ac.jp/dspace/bitstream/10119/4464/1/73-61.pdf. brainpool @@ -42,6 +42,11 @@ bn Barreto-Naehrig curves from: A Family of Implementation-Friendly BN Elliptic Curves - https://eprint.iacr.org/2010/429.pdf. + + MNT + mnt + MNT (Miyaji, Nakabayashi, and Takano) example curves from: New explicit conditions of elliptic curve traces for FR-reduction - https://dspace.jaist.ac.jp/dspace/bitstream/10119/4432/1/73-48.pdf. + other other @@ -94,4 +99,9 @@ supersingular Some supersingular curves, over F_p with order equal to p + 1. + + misc + misc + Miscellaneous data. + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/misc/keys.xml b/src/cz/crcs/ectester/data/misc/keys.xml new file mode 100644 index 0000000..e17b45b --- /dev/null +++ b/src/cz/crcs/ectester/data/misc/keys.xml @@ -0,0 +1,50 @@ + + + + openssl-bug/skey + 0x4543A4D2C9DDD5516FD16D5498034C76D4EAB340276B6BAD8FF57756F4ECA8E6 + secg/secp256r1 + + + openssl-bug/pkey + 0x296D416994A4801B9A48E8C67C98E0C05DE1C0E85D4DC676F32FEACDC4998F0E,0xA91F9BE06C1D50EEB0295A35CA0F130F17EA647147626318E28AEC97F0653749 + secg/secp256r1 + + + + compression/128/non-residue + 0xb6707fa8afeddf79b9579e8dda4eaf51,0x000000000000000000000000000000 + secg/secp128r1 + + + compression/160/non-residue + 0xb1cb90992ff28689c6f160dcfb51b9525492e3d9,0x0000000000000000000000000000000000000000 + secg/secp160r1 + + + compression/192/non-residue + 0x8910baef94195e069c142b129e97507bfc2e19b53b707441,0x000000000000000000000000000000000000000000000000 + secg/secp192r1 + + + compression/224/non-residue + 0xafd44b41555e8bea506518b35405d4f5be78355d6342e7f5287bd748,0x00000000000000000000000000000000000000000000000000000000 + secg/secp224r1 + + + compression/256/non-residue + 0xeb7a88c476ede6ecae7909aa19631d9918762e851c38a3ea00fe50b7b2e2e656,0x0000000000000000000000000000000000000000000000000000000000000000 + secg/secp256r1 + + + compression/384/non-residue + 0x45d50b222c11c0f20946133382a988caf2d4f64e669340ba60a5ab3151a6bf3883e7e77a6d358fd07db411bc8ad0f375,0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 + secg/secp384r1 + + + compression/521/non-residue + 0x1d7b127de8415bbf498c26f7a17c9e39dcd866b68359bc8e139f401f8ee8489419fb6166850c98cce7e1fdc620902961656d72f9b42703f06ccb9fe6e218e7e3fe3,0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 + secg/secp521r1 + + diff --git a/src/cz/crcs/ectester/data/misc/results.xml b/src/cz/crcs/ectester/data/misc/results.xml new file mode 100644 index 0000000..ba8c83c --- /dev/null +++ b/src/cz/crcs/ectester/data/misc/results.xml @@ -0,0 +1,14 @@ + + + + openssl-bug + DH + 0xdb6f7cd6a06846bf9da9b4928caa5e4b7c8f58d9 + + secg/secp256r1 + other/openssl-bug/pkey + other/openssl-bug/skey + https://eprint.iacr.org/2011/633 + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/curves.xml b/src/cz/crcs/ectester/data/mnt/curves.xml new file mode 100644 index 0000000..0087a5a --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/curves.xml @@ -0,0 +1,74 @@ + + + + mnt1 + 170 + prime + mnt1.csv + Example 1 + + + mnt2/1 + 159 + prime + mnt2_1.csv + Example 2/1 + + + mnt2/2 + 159 + prime + mnt2_2.csv + Example 2/2 + + + mnt3/1 + 160 + prime + mnt3_1.csv + Example 3/1 + + + mnt3/2 + 160 + prime + mnt3_2.csv + Example 3/2 + + + mnt3/3 + 160 + prime + mnt3_3.csv + Example 3/3 + + + mnt4 + 240 + prime + mnt4.csv + Example 4 + + + mnt5/1 + 240 + prime + mnt5_1.csv + Example 5/1 + + + mnt5/2 + 240 + prime + mnt5_2.csv + Example 5/2 + + + mnt5/3 + 240 + prime + mnt5_3.csv + Example 5/3 + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt1.csv b/src/cz/crcs/ectester/data/mnt/mnt1.csv new file mode 100644 index 0000000..7ff5784 --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt1.csv @@ -0,0 +1 @@ +0x26dccacc5041939206cf2b7dec50950e3c9fa4827af,0x22ffbb20cc052993fa27dc507800b624c650e4ff3d2,0x1c7be6fa8da953b5624efc72406af7fa77499803d08,0x25a3ae778f7ef6586abae5acde21e54b6c64edf33d0,0x05b4ace33aa53c670ce35535d6c273698a182da557d,0x0000a60fd646ad409b3312c3b23ba64e082ad7b354d,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt2_1.csv b/src/cz/crcs/ectester/data/mnt/mnt2_1.csv new file mode 100644 index 0000000..a53376f --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt2_1.csv @@ -0,0 +1 @@ +0x5affffffffffff4b46081000000059bb1bf600b7,0x3dd24a7e5c0bdfaccc215e22760469c73ee9d879,0x478c31a992b294e19f6e4416f958646dddede5e3,0x2725af3d7dea98cb9242ac6ddb9bd89bdcf38898,0x480b4184ed2c50c0230b4c73ca939c1b6b7f1103,0x5affffffffffff4b46081000000059bb1bf600b5,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt2_2.csv b/src/cz/crcs/ectester/data/mnt/mnt2_2.csv new file mode 100644 index 0000000..20dd8f4 --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt2_2.csv @@ -0,0 +1 @@ +0x5affffffffffff4b46081000000059bb1bf600b7,0x07b29491c1a02cd87844f5098d0381f6c45d6523,0x41cc630bd66ac817d43358b108ad3d214037993c,0x0d76b3e1f1ed76a282fa99575d29ff2e587049e9,0x36e1557ed145ad409f924420e12f74a900fab054,0x5affffffffffff4b46081000000059bb1bf600b5,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt3_1.csv b/src/cz/crcs/ectester/data/mnt/mnt3_1.csv new file mode 100644 index 0000000..d00719d --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt3_1.csv @@ -0,0 +1 @@ +0x8afffffffffffeeb0fa77000000089f0dd49fac7,0x6d01fd0a017c62075ae999977379867e07f2a6d4,0x7701535c00fd965341d38bba4cfbdcf9a4651825,0x1781998103c3ca14ea76b9d3a700a53e1c784789,0x53352dde04447c25c9bb332a3c7634d3b8801f34,0x8afffffffffffeeb0fa77000000089f0dd49fac5,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt3_2.csv b/src/cz/crcs/ectester/data/mnt/mnt3_2.csv new file mode 100644 index 0000000..86d8191 --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt3_2.csv @@ -0,0 +1 @@ +0x8afffffffffffeeb0fa77000000089f0dd49fac7,0x5fbe0085bd2b23afcd5b9c7704aeed2bfdbe89e4,0x3fd4005928c76d1fde3d12fa031f48c7fe7f0698,0x494e297179d42c761701ab03b2e5bca98a24dfe7,0x3274201d6596252a780390a222e3763bbecfe5f1,0x8afffffffffffeeb0fa77000000089f0dd49fac5,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt3_3.csv b/src/cz/crcs/ectester/data/mnt/mnt3_3.csv new file mode 100644 index 0000000..348b30d --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt3_3.csv @@ -0,0 +1 @@ +0x8afffffffffffeeb0fa77000000089f0dd49fac7,0x2ddf23acb05a91bda6ba9c20d7a584aa25075ce0,0x1f8125c46a31e79fd6cc25298b23ab130cd22b5a,0x3f710d05b65b5e16ae1b946d3fc582b16a927432,0x4a30945c64fd7f85e148ba816005468447616b1f,0x8afffffffffffeeb0fa77000000089f0dd49fac5,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt4.csv b/src/cz/crcs/ectester/data/mnt/mnt4.csv new file mode 100644 index 0000000..ea5eaa1 --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt4.csv @@ -0,0 +1 @@ +0xa2ffffffffffffffffffffffffc298b00000000000000000000005c866cf,0x4be28760aa064734852cb4ff51ef2928a7a3cd75087c35cb1433714f7407,0x329704eb1c042f7858c878aa369f70c5c517de4e05a823dcb8224b8a4d5a,0x82556d57811807a0d7675674b3d57222cfbf9a2a2a2cd146572d7b67627e,0x73afacea28dc870baa1d5b0bd4300ddd975e2eefc7c2db508fc2e92a8345,0xa2ffffffffffffffffffffffffc298b00000000000000000000005c866cd,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt5_1.csv b/src/cz/crcs/ectester/data/mnt/mnt5_1.csv new file mode 100644 index 0000000..2fd1622 --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt5_1.csv @@ -0,0 +1 @@ +0xd2fffffffffffffffffffffffe9058d000000000000000000000a0271007,0xd149265d4687dcab1f2046e0947e51ac5e8e7f25916d35539d4df2e9017a,0x489e7783a1f584712bd4f6d48cf2d1ca2c975678936e639083991c5fc369,0x1d871a744f1e02ed15d7d84abd95e80476e6307085f12dba27092ff06d60,0x5c0c8bae9661303107b0077949dee16a7f6dde4982657b9196de23d9f9d0,0xd2fffffffffffffffffffffffe9058d000000000000000000000a0271005,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt5_2.csv b/src/cz/crcs/ectester/data/mnt/mnt5_2.csv new file mode 100644 index 0000000..18ec3a5 --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt5_2.csv @@ -0,0 +1 @@ +0xd2fffffffffffffffffffffffe9058d000000000000000000000a0271007,0x26caaced434c5a4c2c9c1b09e0ddc167548a95516e7c81b20702485c9809,0x6031c89e2cdd91881dbd675beac3f3df8db1b8e0f45301215a01baf56ab3,0x16e55a2ef696238a7aaf19e51b6a81e1582f28b4bcb6575ab4e0331e569b,0x38de9844643fc9db3c568ec528983da16a177d56145a1d4bf88a2340d839,0xd2fffffffffffffffffffffffe9058d000000000000000000000a0271005,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/mnt/mnt5_3.csv b/src/cz/crcs/ectester/data/mnt/mnt5_3.csv new file mode 100644 index 0000000..73fce1d --- /dev/null +++ b/src/cz/crcs/ectester/data/mnt/mnt5_3.csv @@ -0,0 +1 @@ +0xd2fffffffffffffffffffffffe9058d000000000000000000000a0271007,0x44cfc0f3bc92ec82f818b443b564cf25dee3ebae7902e370f9e80283d3bd,0x2ddfd5f7d30c9daca565cd8278eddf6e9497f27450ac97a0a69aac57e27e,0xb071579c8cc322dc7fdce378e5b539b4b7580823aba3cfdd6637cbfa0bbb,0x15d1b75795732b1e2db1efa55cdbb19357e0aa0422cc03b442809339cf02,0xd2fffffffffffffffffffffffe9058d000000000000000000000a0271005,0x01 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/other/keys.xml b/src/cz/crcs/ectester/data/other/keys.xml deleted file mode 100644 index e17b45b..0000000 --- a/src/cz/crcs/ectester/data/other/keys.xml +++ /dev/null @@ -1,50 +0,0 @@ - - - - openssl-bug/skey - 0x4543A4D2C9DDD5516FD16D5498034C76D4EAB340276B6BAD8FF57756F4ECA8E6 - secg/secp256r1 - - - openssl-bug/pkey - 0x296D416994A4801B9A48E8C67C98E0C05DE1C0E85D4DC676F32FEACDC4998F0E,0xA91F9BE06C1D50EEB0295A35CA0F130F17EA647147626318E28AEC97F0653749 - secg/secp256r1 - - - - compression/128/non-residue - 0xb6707fa8afeddf79b9579e8dda4eaf51,0x000000000000000000000000000000 - secg/secp128r1 - - - compression/160/non-residue - 0xb1cb90992ff28689c6f160dcfb51b9525492e3d9,0x0000000000000000000000000000000000000000 - secg/secp160r1 - - - compression/192/non-residue - 0x8910baef94195e069c142b129e97507bfc2e19b53b707441,0x000000000000000000000000000000000000000000000000 - secg/secp192r1 - - - compression/224/non-residue - 0xafd44b41555e8bea506518b35405d4f5be78355d6342e7f5287bd748,0x00000000000000000000000000000000000000000000000000000000 - secg/secp224r1 - - - compression/256/non-residue - 0xeb7a88c476ede6ecae7909aa19631d9918762e851c38a3ea00fe50b7b2e2e656,0x0000000000000000000000000000000000000000000000000000000000000000 - secg/secp256r1 - - - compression/384/non-residue - 0x45d50b222c11c0f20946133382a988caf2d4f64e669340ba60a5ab3151a6bf3883e7e77a6d358fd07db411bc8ad0f375,0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 - secg/secp384r1 - - - compression/521/non-residue - 0x1d7b127de8415bbf498c26f7a17c9e39dcd866b68359bc8e139f401f8ee8489419fb6166850c98cce7e1fdc620902961656d72f9b42703f06ccb9fe6e218e7e3fe3,0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 - secg/secp521r1 - - diff --git a/src/cz/crcs/ectester/data/other/results.xml b/src/cz/crcs/ectester/data/other/results.xml deleted file mode 100644 index ba8c83c..0000000 --- a/src/cz/crcs/ectester/data/other/results.xml +++ /dev/null @@ -1,14 +0,0 @@ - - - - openssl-bug - DH - 0xdb6f7cd6a06846bf9da9b4928caa5e4b7c8f58d9 - - secg/secp256r1 - other/openssl-bug/pkey - other/openssl-bug/skey - https://eprint.iacr.org/2011/633 - - \ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/command/Command.java b/src/cz/crcs/ectester/reader/command/Command.java index 7a3f3b0..a3560df 100644 --- a/src/cz/crcs/ectester/reader/command/Command.java +++ b/src/cz/crcs/ectester/reader/command/Command.java @@ -392,18 +392,7 @@ public abstract class Command implements Cloneable { @Override public String getDescription() { - String name; - switch (curve) { - case EC_Consts.CURVE_default: - name = "default"; - break; - case EC_Consts.CURVE_external: - name = "external"; - break; - default: - name = "custom"; - break; - } + String name = CardUtil.getCurveName(curve); String what = CardUtil.getParameterString(params); String pair; diff --git a/src/cz/crcs/ectester/reader/test/CardCompressionSuite.java b/src/cz/crcs/ectester/reader/test/CardCompressionSuite.java index 2fc8da2..291cc04 100644 --- a/src/cz/crcs/ectester/reader/test/CardCompressionSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardCompressionSuite.java @@ -67,27 +67,28 @@ public class CardCompressionSuite extends CardTestSuite { for (short keyLength : keySizes) { String spec = keyLength + "b " + CardUtil.getKeyTypeString(field); + byte curveId = EC_Consts.getCurve(keyLength, field); Test allocateFirst = runTest(CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_BOTH, keyLength, field), Result.ExpectedValue.SUCCESS)); if (!allocateFirst.ok()) { - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "No support for " + spec + ".", allocateFirst)); + doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "No support for compression test on " + spec + ".", allocateFirst)); continue; } List compressionTests = new LinkedList<>(); compressionTests.add(allocateFirst); - Test setCustom = runTest(CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.getCurve(keyLength, field), domain, null), Result.ExpectedValue.SUCCESS)); + Test setCustom = runTest(CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, curveId, domain, null), Result.ExpectedValue.SUCCESS)); Test genCustom = runTest(CommandTest.expect(new Command.Generate(this.card, ECTesterApplet.KEYPAIR_BOTH), Result.ExpectedValue.SUCCESS)); compressionTests.add(setCustom); compressionTests.add(genCustom); Response.Export key = new Command.Export(this.card, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.KEY_PUBLIC, EC_Consts.PARAMETER_W).send(); byte[] pubkey = key.getParameter(ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.KEY_PUBLIC); + EC_Curve secgCurve = EC_Store.getInstance().getObject(EC_Curve.class, "secg", CardUtil.getCurveName(curveId)); ECPoint pub; try { - pub = ECUtil.fromX962(pubkey, null); + pub = ECUtil.fromX962(pubkey, secgCurve.toCurve()); } catch (IllegalArgumentException iae) { - // TODO: use external SECG curves so we have them here. doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "", compressionTests.toArray(new Test[0]))); continue; } @@ -129,7 +130,7 @@ public class CardCompressionSuite extends CardTestSuite { } private void runNonResidue() { - Map otherKeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "other"); + Map otherKeys = EC_Store.getInstance().getObjects(EC_Key.Public.class, "misc"); List compressionKeys = EC_Store.mapToPrefix(otherKeys.values()).get("compression"); for (EC_Key.Public key : compressionKeys) { @@ -137,7 +138,7 @@ public class CardCompressionSuite extends CardTestSuite { List tests = new LinkedList<>(); Test allocate = runTest(CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_LOCAL, curve.getBits(), curve.getField()), Result.ExpectedValue.SUCCESS)); if (!allocate.ok()) { - doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "No support for " + curve.getBits() + "b " + CardUtil.getKeyTypeString(curve.getField()) + ".", allocate)); + doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "No support for non-residue test on " + curve.getBits() + "b " + curve.getId() + ".", allocate)); continue; } tests.add(allocate); diff --git a/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java b/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java index c0fde69..ccec401 100644 --- a/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardEdgeCasesSuite.java @@ -111,7 +111,7 @@ public class CardEdgeCasesSuite extends CardTestSuite { } { - EC_KAResult openssl_bug = EC_Store.getInstance().getObject(EC_KAResult.class, "other", "openssl-bug"); + EC_KAResult openssl_bug = EC_Store.getInstance().getObject(EC_KAResult.class, "misc", "openssl-bug"); EC_Curve curve = EC_Store.getInstance().getObject(EC_Curve.class, openssl_bug.getCurve()); EC_Key.Private skey = EC_Store.getInstance().getObject(EC_Key.Private.class, openssl_bug.getOtherKey()); EC_Key.Public pkey = EC_Store.getInstance().getObject(EC_Key.Public.class, openssl_bug.getOneKey()); @@ -145,7 +145,7 @@ public class CardEdgeCasesSuite extends CardTestSuite { for (EC_Curve curve : curves) { Test key = runTest(CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), KeyPair.ALG_EC_FP), Result.ExpectedValue.SUCCESS)); if (!key.ok()) { - doTest(CompoundTest.all(Result.ExpectedValue.FAILURE, "No support for " + curve.getBits() + "b ALG_EC_FP.", key)); + doTest(CompoundTest.all(Result.ExpectedValue.FAILURE, "No support for " + curve.getBits() + "b " + curve.getId() + ".", key)); continue; } Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Result.ExpectedValue.SUCCESS); @@ -238,7 +238,7 @@ public class CardEdgeCasesSuite extends CardTestSuite { Test key = runTest(CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_BOTH, secp160r1.getBits(), KeyPair.ALG_EC_FP), Result.ExpectedValue.SUCCESS)); if (!key.ok()) { - doTest(CompoundTest.all(Result.ExpectedValue.FAILURE, "No support for " + secp160r1.getBits() + "b ALG_EC_FP.", key)); + doTest(CompoundTest.all(Result.ExpectedValue.FAILURE, "No support for " + secp160r1.getBits() + "b secp160r1.", key)); return; } Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, secp160r1.getParams(), secp160r1.flatten()), Result.ExpectedValue.SUCCESS); diff --git a/src/cz/crcs/ectester/reader/test/CardMiscSuite.java b/src/cz/crcs/ectester/reader/test/CardMiscSuite.java index 8623e36..a2ce2ce 100644 --- a/src/cz/crcs/ectester/reader/test/CardMiscSuite.java +++ b/src/cz/crcs/ectester/reader/test/CardMiscSuite.java @@ -7,12 +7,14 @@ import cz.crcs.ectester.common.output.TestWriter; import cz.crcs.ectester.common.test.CompoundTest; import cz.crcs.ectester.common.test.Result; import cz.crcs.ectester.common.test.Test; -import cz.crcs.ectester.common.util.CardUtil; import cz.crcs.ectester.data.EC_Store; import cz.crcs.ectester.reader.CardMngr; import cz.crcs.ectester.reader.ECTesterReader; import cz.crcs.ectester.reader.command.Command; +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; import java.util.Map; /** @@ -21,7 +23,9 @@ import java.util.Map; public class CardMiscSuite extends CardTestSuite { public CardMiscSuite(TestWriter writer, ECTesterReader.Config cfg, CardMngr cardManager) { - super(writer, cfg, cardManager, "miscellaneous", "Some miscellaneous tests, tries ECDH and ECDSA over supersingular curves, anomalous curves and some Barreto-Naehrig curves with small embedding degree and CM discriminant."); + super(writer, cfg, cardManager, "miscellaneous", "Some miscellaneous tests, tries ECDH and ECDSA over supersingular curves, anomalous curves,", + "Barreto-Naehrig curves with small embedding degree and CM discriminant, MNT curves,", + "some Montgomery curves transformed to short Weierstrass form and Curve25519 transformed to short Weierstrass form."); } @Override @@ -29,32 +33,45 @@ public class CardMiscSuite extends CardTestSuite { Map anCurves = EC_Store.getInstance().getObjects(EC_Curve.class, "anomalous"); Map ssCurves = EC_Store.getInstance().getObjects(EC_Curve.class, "supersingular"); Map bnCurves = EC_Store.getInstance().getObjects(EC_Curve.class, "Barreto-Naehrig"); + Map mntCurves = EC_Store.getInstance().getObjects(EC_Curve.class, "MNT"); + List mCurves = new ArrayList<>(); + mCurves.add(EC_Store.getInstance().getObject(EC_Curve.class, "other", "M-221")); + mCurves.add(EC_Store.getInstance().getObject(EC_Curve.class, "other", "M-383")); + mCurves.add(EC_Store.getInstance().getObject(EC_Curve.class, "other", "M-511")); + EC_Curve curve25519 = EC_Store.getInstance().getObject(EC_Curve.class, "other", "Curve25519"); - testCurves(anCurves, "anomalous", Result.ExpectedValue.FAILURE); - testCurves(ssCurves, "supersingular", Result.ExpectedValue.FAILURE); - testCurves(bnCurves, "Barreto-Naehrig", Result.ExpectedValue.ANY); + testCurves(anCurves.values(), "anomalous", Result.ExpectedValue.FAILURE); + testCurves(ssCurves.values(), "supersingular", Result.ExpectedValue.FAILURE); + testCurves(bnCurves.values(), "Barreto-Naehrig", Result.ExpectedValue.SUCCESS); + testCurves(mntCurves.values(), "MNT", Result.ExpectedValue.SUCCESS); + testCurves(mCurves, "Montgomery", Result.ExpectedValue.SUCCESS); + testCurve(curve25519, "Montgomery", Result.ExpectedValue.SUCCESS); } - private void testCurves(Map curves, String catName, Result.ExpectedValue expected) throws Exception { - for (EC_Curve curve : curves.values()) { - Test allocateFirst = runTest(CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Result.ExpectedValue.SUCCESS)); - if (!allocateFirst.ok()) { - doTest(CompoundTest.all(Result.ExpectedValue.FAILURE, "No support for " + curve.getBits() + "b " + CardUtil.getKeyTypeString(curve.getField()) + ".", allocateFirst)); - continue; - } - - Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Result.ExpectedValue.SUCCESS); - Test generate = CommandTest.expect(new Command.Generate(this.card, ECTesterApplet.KEYPAIR_BOTH), Result.ExpectedValue.ANY); - Test ka = CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH), expected); - Test sig = CommandTest.expect(new Command.ECDSA(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.Signature_ALG_ECDSA_SHA, ECTesterApplet.EXPORT_FALSE, null), expected); - Test perform = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform ECDH and ECDSA", ka, sig); - - if (cfg.cleanup) { - Test cleanup = CommandTest.expect(new Command.Cleanup(this.card), Result.ExpectedValue.ANY); - doTest(CompoundTest.greedyAll(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + " " + catName + " curve: " + curve.getId() + ".", allocateFirst, set, generate, perform, cleanup)); - } else { - doTest(CompoundTest.greedyAll(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + " " + catName + " curve: " + curve.getId() + ".", allocateFirst, set, generate, perform)); - } + private void testCurve(EC_Curve curve, String catName, Result.ExpectedValue expected) { + Test allocateFirst = runTest(CommandTest.expect(new Command.Allocate(this.card, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Result.ExpectedValue.SUCCESS)); + if (!allocateFirst.ok()) { + doTest(CompoundTest.all(Result.ExpectedValue.SUCCESS, "No support for " + curve.getBits() + "b " + catName + " curve: " + curve.getId() + ".", allocateFirst)); + return; + } + + Test set = CommandTest.expect(new Command.Set(this.card, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Result.ExpectedValue.SUCCESS); + Test generate = CommandTest.expect(new Command.Generate(this.card, ECTesterApplet.KEYPAIR_BOTH), Result.ExpectedValue.ANY); + Test ka = CommandTest.expect(new Command.ECDH(this.card, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.EXPORT_FALSE, EC_Consts.TRANSFORMATION_NONE, EC_Consts.KeyAgreement_ALG_EC_SVDP_DH), expected); + Test sig = CommandTest.expect(new Command.ECDSA(this.card, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.Signature_ALG_ECDSA_SHA, ECTesterApplet.EXPORT_FALSE, null), expected); + Test perform = CompoundTest.all(Result.ExpectedValue.SUCCESS, "Perform ECDH and ECDSA.", ka, sig); + + if (cfg.cleanup) { + Test cleanup = CommandTest.expect(new Command.Cleanup(this.card), Result.ExpectedValue.ANY); + doTest(CompoundTest.greedyAll(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + "b " + catName + " curve: " + curve.getId() + ".", allocateFirst, set, generate, perform, cleanup)); + } else { + doTest(CompoundTest.greedyAll(Result.ExpectedValue.SUCCESS, "Tests over " + curve.getBits() + "b " + catName + " curve: " + curve.getId() + ".", allocateFirst, set, generate, perform)); + } + } + + private void testCurves(Collection curves, String catName, Result.ExpectedValue expected) { + for (EC_Curve curve : curves) { + testCurve(curve, catName, expected); } } } -- cgit v1.2.3-70-g09d2