From de1736c211dc8d27961ef0495c82d25fbf813e05 Mon Sep 17 00:00:00 2001 From: J08nY Date: Sun, 26 Mar 2017 00:20:29 +0100 Subject: Refactored EC_Params, renamed EC_Data, added first test vectors. --- src/cz/crcs/ectester/reader/ec/EC_Data.java | 135 ++++++++++++++++++++++++++++ 1 file changed, 135 insertions(+) create mode 100644 src/cz/crcs/ectester/reader/ec/EC_Data.java (limited to 'src/cz/crcs/ectester/reader/ec/EC_Data.java') diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java new file mode 100644 index 0000000..c1fb54c --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -0,0 +1,135 @@ +package cz.crcs.ectester.reader.ec; + +import cz.crcs.ectester.reader.Util; + +import java.io.*; +import java.util.ArrayList; +import java.util.LinkedList; +import java.util.List; +import java.util.Scanner; +import java.util.regex.Pattern; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_Data { + private static final Pattern hex = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); + + int count; + byte[][] data; + + EC_Data() { + } + + public EC_Data(int count) { + this.count = count; + this.data = new byte[count][]; + } + + public EC_Data(byte[][] data) { + this.count = data.length; + this.data = data; + } + + public byte[][] getData() { + return data; + } + + public boolean hasData() { + return data != null; + } + + public byte[] flatten() { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + for (byte[] param : data) { + byte[] length = new byte[2]; + Util.setShort(length, 0, (short) param.length); + + out.write(length, 0, 2); + out.write(param, 0, param.length); + } + + return out.toByteArray(); + } + + public String[] expand() { + List out = new ArrayList<>(count); + for (byte[] param : data) { + out.add(Util.bytesToHex(param, false)); + } + + return out.toArray(new String[out.size()]); + } + + private static byte[] pad(byte[] data) { + if (data.length == 1) { + return new byte[]{(byte) 0, data[0]}; + } else if (data.length == 0 || data.length > 2) { + return data; + } + return null; + } + + private static byte[] parse(String param) { + byte[] data; + if (param.startsWith("0x") || param.startsWith("0X")) { + data = Util.hexToBytes(param.substring(2)); + } else { + data = Util.hexToBytes(param); + } + if (data == null) + return new byte[0]; + if (data.length < 2) + return pad(data); + return data; + } + + private boolean readHex(String[] hex) { + if (hex.length != count) { + return false; + } + + for (int i = 0; i < count; ++i) { + this.data[i] = parse(hex[i]); + } + return true; + } + + public boolean readCSV(InputStream in) { + Scanner s = new Scanner(in); + + s.useDelimiter(",|;"); + List data = new LinkedList<>(); + while (s.hasNext()) { + String field = s.next(); + data.add(field.replaceAll("\\s+", "")); + } + + if (data.isEmpty()) { + return false; + } + for (String param : data) { + if (!hex.matcher(param).matches()) { + return false; + } + } + return readHex(data.toArray(new String[data.size()])); + } + + public boolean readBytes(byte[] data) { + //TODO + return false; + } + + public void writeCSV(OutputStream out) throws IOException { + String[] hex = expand(); + Writer w = new OutputStreamWriter(out); + for (int i = 0; i < hex.length; ++i) { + w.write(hex[i]); + if (i < hex.length - 1) { + w.write(","); + } + } + w.flush(); + } +} -- cgit v1.2.3-70-g09d2 From 83c963ae78407e7a14ac71096f81254364d1e605 Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 28 Mar 2017 16:04:13 +0200 Subject: Added test-vectors, and test-vector testing --- !uploader/ectester.cap | Bin 13811 -> 13811 bytes dist/ECTester.jar | Bin 283414 -> 276755 bytes src/cz/crcs/ectester/data/EC_Category.java | 15 +- src/cz/crcs/ectester/data/EC_Store.java | 95 +++++++++---- src/cz/crcs/ectester/data/schema.xsd | 43 +++++- src/cz/crcs/ectester/data/test/results.xml | 174 ++++++++++++++++++++++++ src/cz/crcs/ectester/reader/ECTester.java | 55 +++++++- src/cz/crcs/ectester/reader/ec/EC_Data.java | 8 ++ src/cz/crcs/ectester/reader/ec/EC_KAResult.java | 48 +++++++ 9 files changed, 394 insertions(+), 44 deletions(-) create mode 100644 src/cz/crcs/ectester/data/test/results.xml create mode 100644 src/cz/crcs/ectester/reader/ec/EC_KAResult.java (limited to 'src/cz/crcs/ectester/reader/ec/EC_Data.java') diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index de865a9..6a16aa8 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 977185a..ffe19d1 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/data/EC_Category.java b/src/cz/crcs/ectester/data/EC_Category.java index 859b942..57d9ca3 100644 --- a/src/cz/crcs/ectester/data/EC_Category.java +++ b/src/cz/crcs/ectester/data/EC_Category.java @@ -1,5 +1,6 @@ package cz.crcs.ectester.data; +import cz.crcs.ectester.reader.ec.EC_Data; import cz.crcs.ectester.reader.ec.EC_Params; import java.util.Collections; @@ -15,7 +16,7 @@ public class EC_Category { private String directory; private String desc; - private Map objects; + private Map objects; public EC_Category(String name, String directory) { @@ -28,7 +29,7 @@ public class EC_Category { this.desc = desc; } - public EC_Category(String name, String directory, String desc, Map objects) { + public EC_Category(String name, String directory, String desc, Map objects) { this(name, directory, desc); this.objects = objects; } @@ -45,13 +46,13 @@ public class EC_Category { return desc; } - public Map getObjects() { + public Map getObjects() { return Collections.unmodifiableMap(objects); } - public Map getObjects(Class cls) { + public Map getObjects(Class cls) { Map objs = new TreeMap<>(); - for (Map.Entry entry : objects.entrySet()) { + for (Map.Entry entry : objects.entrySet()) { if (cls.isInstance(entry.getValue())) { objs.put(entry.getKey(), cls.cast(entry.getValue())); } @@ -59,8 +60,8 @@ public class EC_Category { return Collections.unmodifiableMap(objs); } - public T getObject(Class cls, String id) { - EC_Params obj = objects.get(id); + public T getObject(Class cls, String id) { + EC_Data obj = objects.get(id); if (cls.isInstance(obj)) { return cls.cast(obj); } else { diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index aec635e..abf0a9b 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -1,11 +1,8 @@ package cz.crcs.ectester.data; -import cz.crcs.ectester.reader.ec.EC_Curve; -import cz.crcs.ectester.reader.ec.EC_Key; -import cz.crcs.ectester.reader.ec.EC_Keypair; -import cz.crcs.ectester.reader.ec.EC_Params; +import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.reader.ec.*; import javacard.security.KeyPair; -import org.omg.PortableInterceptor.SYSTEM_EXCEPTION; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -36,7 +33,7 @@ public class EC_Store { private Map categories; - public EC_Store() { + public EC_Store() throws IOException { DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); try { @@ -61,18 +58,24 @@ public class EC_Store { @Override public void fatalError(SAXParseException exception) throws SAXException { System.err.println("EC_Store | Fatal : " + exception); + throw new SAXException(exception); } }); parse(); - } catch (ParserConfigurationException | IOException | SAXException e) { + } catch (ParserConfigurationException | SAXException e) { e.printStackTrace(); } } private void parse() throws SAXException, ParserConfigurationException, IOException { - Document categoriesDoc = db.parse(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/categories.xml")); + InputStream categories = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/categories.xml"); + if (categories == null) { + throw new IOException(); + } + Document categoriesDoc = db.parse(categories); + categories.close(); categoriesDoc.normalize(); NodeList catList = categoriesDoc.getElementsByTagName("category"); @@ -96,11 +99,11 @@ public class EC_Store { private EC_Category parseCategory(String name, String dir, String desc) throws ParserConfigurationException, IOException, SAXException { - Map objMap = new TreeMap<>(); + Map objMap = new TreeMap<>(); - InputStream curvesStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/curves.xml"); - if (curvesStream != null) { - Document curvesDoc = db.parse(curvesStream); + InputStream curves = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/curves.xml"); + if (curves != null) { + Document curvesDoc = db.parse(curves); curvesDoc.normalize(); NodeList curveList = curvesDoc.getElementsByTagName("curve"); @@ -138,11 +141,12 @@ public class EC_Store { throw new SAXException("?"); } } + curves.close(); } - InputStream keysStream = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/keys.xml"); - if (keysStream != null) { - Document keysDoc = db.parse(keysStream); + InputStream keys = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/keys.xml"); + if (keys != null) { + Document keysDoc = db.parse(keys); keysDoc.normalize(); NodeList directs = keysDoc.getDocumentElement().getChildNodes(); @@ -174,6 +178,51 @@ public class EC_Store { throw new SAXException("?"); } } + keys.close(); + } + + InputStream results = this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/results.xml"); + if (results != null) { + Document resultsDoc = db.parse(results); + resultsDoc.normalize(); + + NodeList directs = resultsDoc.getDocumentElement().getChildNodes(); + for (int i = 0; i < directs.getLength(); ++i) { + Node direct = directs.item(i); + if (direct instanceof Element) { + Element elem = (Element) direct; + + Node id = elem.getElementsByTagName("id").item(0); + Node ka = elem.getElementsByTagName("ka").item(0); + Node file = elem.getElementsByTagName("file").item(0); + Node curve = elem.getElementsByTagName("curve").item(0); + Node onekey = elem.getElementsByTagName("onekey").item(0); + Node otherkey = elem.getElementsByTagName("otherkey").item(0); + + NodeList descc = elem.getElementsByTagName("desc"); + String descs = null; + if (descc.getLength() != 0) { + descs = descc.item(0).getTextContent(); + } + + byte kab; + if (ka.getTextContent().equals("DH")) { + kab = EC_Consts.KA_ECDH; + } else { + kab = EC_Consts.KA_ECDHC; + } + + EC_KAResult kaResult = new EC_KAResult(kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs); + if (!kaResult.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + throw new IOException("Invalid csv data."); + } + + objMap.put(id.getTextContent(), kaResult); + } else { + throw new SAXException("?"); + } + } + results.close(); } return new EC_Category(name, dir, desc, objMap); @@ -199,7 +248,7 @@ public class EC_Store { } else { throw new SAXException("?"); } - if(!result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { + if (!result.readCSV(this.getClass().getResourceAsStream("/cz/crcs/ectester/data/" + dir + "/" + file.getTextContent()))) { throw new IOException("Invalid CSV data."); } return result; @@ -213,7 +262,7 @@ public class EC_Store { return categories.get(category); } - public Map getObjects(String category) { + public Map getObjects(String category) { EC_Category cat = categories.get(category); if (cat != null) { return cat.getObjects(); @@ -221,7 +270,7 @@ public class EC_Store { return null; } - public Map getObjects(Class objClass, String category) { + public Map getObjects(Class objClass, String category) { EC_Category cat = categories.get(category); if (cat != null) { return cat.getObjects(objClass); @@ -229,7 +278,7 @@ public class EC_Store { return null; } - public T getObject(Class objClass, String category, String id) { + public T getObject(Class objClass, String category, String id) { EC_Category cat = categories.get(category); if (cat != null) { return cat.getObject(objClass, id); @@ -237,12 +286,12 @@ public class EC_Store { return null; } - public T getObject(Class objClass, String query) { - String[] parts = query.split("/"); - if (parts.length != 2) { + public T getObject(Class objClass, String query) { + int split = query.indexOf("/"); + if (split < 0) { return null; } - return getObject(objClass, parts[0], parts[1]); + return getObject(objClass, query.substring(0, split), query.substring(split + 1)); } } diff --git a/src/cz/crcs/ectester/data/schema.xsd b/src/cz/crcs/ectester/data/schema.xsd index a4dbe15..8f9427d 100644 --- a/src/cz/crcs/ectester/data/schema.xsd +++ b/src/cz/crcs/ectester/data/schema.xsd @@ -1,5 +1,5 @@ - @@ -12,13 +12,13 @@ - + - + @@ -32,12 +32,12 @@ - + - + @@ -52,14 +52,43 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + - + diff --git a/src/cz/crcs/ectester/data/test/results.xml b/src/cz/crcs/ectester/data/test/results.xml new file mode 100644 index 0000000..e382cd4 --- /dev/null +++ b/src/cz/crcs/ectester/data/test/results.xml @@ -0,0 +1,174 @@ + + + + secp160r1-dh + DH + secg/secp160r1-dh-sha1.csv + secg/secp160r1 + test/secp160r1-U + test/secp160r1-V + + + sect163k1-dh + DH + secg/sect163k1-dh-sha1.csv + secg/sect163k1 + test/sect163k1-U + test/sect163k1-V + + + + brainpoolP224r1-dh + DH + brainpool/brainpoolP224r1-dh-sha1.csv + brainpool/brainpoolP224r1 + test/brainpoolP224r1-A + test/brainpoolP224r1-B + + + brainpoolP256r1-dh + DH + brainpool/brainpoolP256r1-dh-sha1.csv + brainpool/brainpoolP256r1 + test/brainpoolP256r1-A + test/brainpoolP256r1-B + + + brainpoolP384r1-dh + DH + brainpool/brainpoolP384r1-dh-sha1.csv + brainpool/brainpoolP384r1 + test/brainpoolP384r1-A + test/brainpoolP384r1-B + + + brainpoolP512r1-dh + DH + brainpool/brainpoolP512r1-dh-sha1.csv + brainpool/brainpoolP512r1 + test/brainpoolP512r1-A + test/brainpoolP512r1-B + + + + b163-dhc + DHC + nist/b163-dhc-sha1.csv + nist/B-163 + test/b163-A + test/b163-B + + + b233-dhc + DHC + nist/b233-dhc-sha1.csv + nist/B-233 + test/b233-A + test/b233-B + + + b283-dhc + DHC + nist/b283-dhc-sha1.csv + nist/B-283 + test/b283-A + test/b283-B + + + b409-dhc + DHC + nist/b409-dhc-sha1.csv + nist/B-409 + test/b409-A + test/b409-B + + + b571-dhc + DHC + nist/b571-dhc-sha1.csv + nist/B-571 + test/b571-A + test/b571-B + + + k163-dhc + DHC + nist/k163-dhc-sha1.csv + nist/B-163 + test/k163-A + test/k163-B + + + k233-dhc + DHC + nist/k233-dhc-sha1.csv + nist/B-233 + test/k233-A + test/k233-B + + + k283-dhc + DHC + nist/k283-dhc-sha1.csv + nist/B-283 + test/k283-A + test/k283-B + + + k409-dhc + DHC + nist/k409-dhc-sha1.csv + nist/B-409 + test/k409-A + test/k409-B + + + k571-dhc + DHC + nist/k571-dhc-sha1.csv + nist/B-571 + test/k571-A + test/k571-B + + + p192-dhc + DHC + nist/p192-dhc-sha1.csv + nist/P-192 + test/p192-A + test/p192-B + + + p224-dhc + DHC + nist/p224-dhc-sha1.csv + nist/P-224 + test/p224-A + test/p224-B + + + p256-dhc + DHC + nist/p256-dhc-sha1.csv + nist/P-256 + test/p256-A + test/p256-B + + + p384-dhc + DHC + nist/p384-dhc-sha1.csv + nist/P-384 + test/p384-A + test/p384-B + + + p521-dhc + DHC + nist/p521-dhc-sha1.csv + nist/P-521 + test/p521-A + test/p521-B + + \ No newline at end of file diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index b8b0c04..9926d3e 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -25,10 +25,7 @@ import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.data.EC_Category; import cz.crcs.ectester.data.EC_Store; -import cz.crcs.ectester.reader.ec.EC_Curve; -import cz.crcs.ectester.reader.ec.EC_Key; -import cz.crcs.ectester.reader.ec.EC_Keypair; -import cz.crcs.ectester.reader.ec.EC_Params; +import cz.crcs.ectester.reader.ec.*; import javacard.security.KeyPair; import org.apache.commons.cli.*; @@ -248,7 +245,7 @@ public class ECTester { actions.addOption(Option.builder("ln").longOpt("list-named").desc("Print the list of supported named curves and keys.").hasArg().argName("what").optionalArg(true).build()); actions.addOption(Option.builder("e").longOpt("export").desc("Export the defaut curve parameters of the card(if any).").build()); actions.addOption(Option.builder("g").longOpt("generate").desc("Generate [amount] of EC keys.").hasArg().argName("amount").optionalArg(true).build()); - actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support.").hasArg().argName("test_case").optionalArg(true).build()); + actions.addOption(Option.builder("t").longOpt("test").desc("Test ECC support. :\n- default:\n- invalid:\n- wrong:\n- nonprime:\n- smallpub:\n- test-vectors:").hasArg().argName("test_case").optionalArg(true).build()); actions.addOption(Option.builder("dh").longOpt("ecdh").desc("Do ECDH, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dhc").longOpt("ecdhc").desc("Do ECDHC, [count] times.").hasArg().argName("count").optionalArg(true).build()); actions.addOption(Option.builder("dsa").longOpt("ecdsa").desc("Sign data with ECDSA, [count] times.").hasArg().argName("count").optionalArg(true).build()); @@ -511,6 +508,20 @@ public class ECTester { } System.out.println(); } + + Map results = cat.getObjects(EC_KAResult.class); + size = results.size(); + if (size > 0) { + System.out.print("\t\tResults: "); + for (Map.Entry result : results.entrySet()) { + System.out.print(result.getKey()); + size--; + if (size > 0) + System.out.print(", "); + } + System.out.println(); + } + System.out.println(); } } else if (categories.containsKey(optListNamed)) { @@ -669,7 +680,30 @@ public class ECTester { * Do ECDH both ways, export and verify that the result is correct. * */ - //TODO + Map results = dataStore.getObjects(EC_KAResult.class, "test"); + for (EC_KAResult result : results.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, result.getCurve()); + EC_Params onekey = dataStore.getObject(EC_Keypair.class, result.getOneKey()); + if (onekey == null) { + onekey = dataStore.getObject(EC_Key.Private.class, result.getOneKey()); + } + EC_Params otherkey = dataStore.getObject(EC_Keypair.class, result.getOtherKey()); + if (otherkey == null) { + otherkey = dataStore.getObject(EC_Key.Public.class, result.getOtherKey()); + } + if (onekey == null || otherkey == null) { + throw new IOException("Test vector keys not located"); + } + + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); + commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, EC_Consts.PARAMETER_S, onekey.flatten(EC_Consts.PARAMETER_S))); + commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, EC_Consts.PARAMETER_W, otherkey.flatten(EC_Consts.PARAMETER_W))); + commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, result.getKA())); + //TODO add compare with result.getParam(0); + commands.add(new Command.Cleanup(cardManager)); + } } else { // These tests are dangerous, prompt before them. @@ -721,7 +755,14 @@ public class ECTester { List test = Command.sendAll(commands); systemOutLogger.println(Response.toString(test)); - // + for (Response response : test) { + if (response instanceof Response.ECDH) { + Response.ECDH ecdh = (Response.ECDH) response; + if (ecdh.hasSecret()) { + System.out.println(Util.bytesToHex(ecdh.getSecret(), false)); + } + } + } } /** diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index c1fb54c..2e1eb29 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -31,6 +31,10 @@ public class EC_Data { this.data = data; } + public int getCount() { + return count; + } + public byte[][] getData() { return data; } @@ -39,6 +43,10 @@ public class EC_Data { return data != null; } + public byte[] getParam(int index) { + return data[index]; + } + public byte[] flatten() { ByteArrayOutputStream out = new ByteArrayOutputStream(); for (byte[] param : data) { diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java new file mode 100644 index 0000000..e556f90 --- /dev/null +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -0,0 +1,48 @@ +package cz.crcs.ectester.reader.ec; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class EC_KAResult extends EC_Data { + + private byte ka; + private String curve; + private String oneKey; + private String otherKey; + + private String desc; + + public EC_KAResult(byte ka, String curve, String oneKey, String otherKey) { + super(1); + this.ka = ka; + this.curve = curve; + this.oneKey = oneKey; + this.otherKey = otherKey; + } + + public EC_KAResult(byte ka, String curve, String oneKey, String otherKey, String desc) { + this(ka, curve, oneKey, otherKey); + this.desc = desc; + } + + public byte getKA() { + return ka; + } + + public String getCurve() { + return curve; + } + + public String getOneKey() { + return oneKey; + } + + public String getOtherKey() { + return otherKey; + } + + public String getDesc() { + return desc; + } + +} -- cgit v1.2.3-70-g09d2 From 45d1bb40cbc4c71e5b94e78f3a541e8f9cd8d62f Mon Sep 17 00:00:00 2001 From: J08nY Date: Tue, 4 Apr 2017 23:25:20 +0200 Subject: Some docs, allow EC_* objects to print themselves. --- dist/ECTester.jar | Bin 290834 -> 155730 bytes src/cz/crcs/ectester/reader/Command.java | 29 ++++++++++++++++-------- src/cz/crcs/ectester/reader/ECTester.java | 27 +++++++++++++--------- src/cz/crcs/ectester/reader/Response.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Curve.java | 5 ++++ src/cz/crcs/ectester/reader/ec/EC_Data.java | 4 ++-- src/cz/crcs/ectester/reader/ec/EC_KAResult.java | 8 +++++++ src/cz/crcs/ectester/reader/ec/EC_Key.java | 9 ++++++++ src/cz/crcs/ectester/reader/ec/EC_Keypair.java | 5 ++++ 9 files changed, 65 insertions(+), 24 deletions(-) (limited to 'src/cz/crcs/ectester/reader/ec/EC_Data.java') diff --git a/dist/ECTester.jar b/dist/ECTester.jar index a256495..5a8f64b 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/reader/Command.java b/src/cz/crcs/ectester/reader/Command.java index 24418be..73f4987 100644 --- a/src/cz/crcs/ectester/reader/Command.java +++ b/src/cz/crcs/ectester/reader/Command.java @@ -44,7 +44,7 @@ public abstract class Command { /** * Creates the INS_ALLOCATE instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair to use, local/remote (KEYPAIR_* | ...) * @param keyLength key length to set * @param keyClass key class to allocate @@ -76,7 +76,7 @@ public abstract class Command { private byte keyPair; /** - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair clear, local/remote (KEYPAIR_* || ...) */ protected Clear(CardMngr cardManager, byte keyPair) { @@ -107,7 +107,7 @@ public abstract class Command { /** * Creates the INS_SET instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair to set params on, local/remote (KEYPAIR_* || ...) * @param curve curve to set (EC_Consts.CURVE_*) * @param params parameters to set (EC_Consts.PARAMETER_* | ...) @@ -149,9 +149,9 @@ public abstract class Command { private byte corruption; /** - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair to corrupt, local/remote (KEYPAIR_* || ...) - * @param key + * @param key key to corrupt (EC_Consts.KEY_* | ...) * @param params parameters to corrupt (EC_Consts.PARAMETER_* | ...) * @param corruption corruption type (EC_Consts.CORRUPTION_*) */ @@ -187,7 +187,7 @@ public abstract class Command { /** * Creates the INS_GENERATE instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair which keyPair to generate, local/remote (KEYPAIR_* || ...) */ protected Generate(CardMngr cardManager, byte keyPair) { @@ -217,7 +217,7 @@ public abstract class Command { /** * Creates the INS_EXPORT instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair keyPair to export from (KEYPAIR_* | ...) * @param key key to export from (EC_Consts.KEY_* | ...) * @param params params to export (EC_Consts.PARAMETER_* | ...) @@ -256,12 +256,12 @@ public abstract class Command { /** * Creates the INS_ECDH instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param pubkey keyPair to use for public key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param privkey keyPair to use for private key, (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDH secret * @param corruption whether to invalidate the pubkey before ECDH (EC_Consts.CORRUPTION_* || ...) - * @param type + * @param type ECDH algorithm type (EC_Consts.KA_* | ...) */ protected ECDH(CardMngr cardManager, byte pubkey, byte privkey, byte export, byte corruption, byte type) { super(cardManager); @@ -293,7 +293,7 @@ public abstract class Command { /** * Creates the INS_ECDSA instruction. * - * @param cardManager + * @param cardManager cardManager to send APDU through * @param keyPair keyPair to use for signing and verification (KEYPAIR_LOCAL || KEYPAIR_REMOTE) * @param export whether to export ECDSA signature * @param raw data to sign, can be null, in which case random data is signed. @@ -328,6 +328,10 @@ public abstract class Command { */ public static class Cleanup extends Command { + /** + * + * @param cardManager cardManager to send APDU through + */ protected Cleanup(CardMngr cardManager) { super(cardManager); @@ -347,6 +351,11 @@ public abstract class Command { * */ public static class Support extends Command { + + /** + * + * @param cardManager cardManager to send APDU through + */ protected Support(CardMngr cardManager) { super(cardManager); diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 716d4ea..cb3d298 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -529,7 +529,10 @@ public class ECTester { //TODO } else { // print given object - //TODO + EC_Data object = dataStore.getObject(EC_Data.class, optListNamed); + if (object != null) { + System.out.println(object); + } } } @@ -628,8 +631,8 @@ public class ECTester { /** * Tests Elliptic curve support for a given curve/curves. * - * @throws IOException - * @throws CardException + * @throws CardException if APDU transmission fails + * @throws IOException if an IO error occurs when writing to key file. */ private void test() throws IOException, CardException { List commands = new LinkedList<>(); @@ -915,9 +918,9 @@ public class ECTester { private List prepareCurve(byte keyPair, short keyLength, byte keyClass) throws IOException { List commands = new ArrayList<>(); - short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; if (optCustomCurve) { // Set custom curve (one of the SECG curves embedded applet-side) + short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null)); } else if (optNamedCurve != null) { // Set a named curve. @@ -934,20 +937,20 @@ public class ECTester { if (external == null) { throw new IOException("Couldn't read named curve data."); } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, external)); + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); } else if (optCurveFile != null) { // Set curve loaded from a file - EC_Params params = new EC_Params(domainParams); + EC_Curve curve = new EC_Curve(keyLength, keyClass); FileInputStream in = new FileInputStream(optCurveFile); - params.readCSV(in); + curve.readCSV(in); in.close(); - byte[] external = params.flatten(); + byte[] external = curve.flatten(); if (external == null) { throw new IOException("Couldn't read the curve file correctly."); } - commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, domainParams, external)); + commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); } else { // Set default curve /* This command was generally causing problems for simulating on jcardsim. @@ -1036,8 +1039,9 @@ public class ECTester { } /** + * * @return - * @throws IOException + * @throws IOException if an IO error occurs when writing to key file. */ private List testCurve() throws IOException { List commands = new LinkedList<>(); @@ -1052,10 +1056,11 @@ public class ECTester { } /** + * * @param category * @param field * @return - * @throws IOException + * @throws IOException if an IO error occurs when writing to key file. */ private List testCurves(String category, byte field) throws IOException { List commands = new LinkedList<>(); diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index 4bb5b88..c3f2fe4 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -524,7 +524,7 @@ public abstract class Response { @Override public String toString() { - return String.format("Requested JCSystem object deletion"); + return "Requested JCSystem object deletion"; } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java index 273b1f4..953884f 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -40,4 +40,9 @@ public class EC_Curve extends EC_Params { public String getDesc() { return desc; } + + @Override + public String toString() { + return "Elliptic curve (" + String.valueOf(bits) + "b): " + desc; + } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index 2e1eb29..c55b99d 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -21,12 +21,12 @@ public class EC_Data { EC_Data() { } - public EC_Data(int count) { + EC_Data(int count) { this.count = count; this.data = new byte[count][]; } - public EC_Data(byte[][] data) { + EC_Data(byte[][] data) { this.count = data.length; this.data = data; } diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java index e556f90..f1be49a 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -1,5 +1,7 @@ package cz.crcs.ectester.reader.ec; +import cz.crcs.ectester.applet.EC_Consts; + /** * @author Jan Jancar johny@neuromancer.sk */ @@ -45,4 +47,10 @@ public class EC_KAResult extends EC_Data { return desc; } + @Override + public String toString() { + String agreement = ka == EC_Consts.KA_ECDH ? "ECDH" : "ECDHC"; + return agreement + " over " + curve + ", " + oneKey + " + " + otherKey + ": " + desc; + } + } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Key.java b/src/cz/crcs/ectester/reader/ec/EC_Key.java index b78aaee..983ffa8 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Key.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Key.java @@ -37,6 +37,11 @@ public class EC_Key extends EC_Params { public Public(String curve, String desc) { super(EC_Consts.PARAMETER_W, curve, desc); } + + @Override + public String toString() { + return "EC Public key, over " + getCurve() + ": " + getDesc(); + } } public static class Private extends EC_Key { @@ -49,5 +54,9 @@ public class EC_Key extends EC_Params { super(EC_Consts.PARAMETER_S, curve, desc); } + @Override + public String toString() { + return "EC Private key, over " + getCurve() + ": " + getDesc(); + } } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java index 0ee3801..af4038a 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java @@ -27,4 +27,9 @@ public class EC_Keypair extends EC_Params { public String getDesc() { return desc; } + + @Override + public String toString() { + return "EC Keypair, over " + curve + ": " + desc; + } } -- cgit v1.2.3-70-g09d2 From a7eef06134bef0861e43261640d61153ebb2a6e5 Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 19 Apr 2017 01:10:17 +0200 Subject: Refactor testing, add Config class, make EC_Data read bytes - The ECTester.Config class now stores and reads all CLI options - Testing with the -t / --test option was partially refactored into: - Test: Encapsulates one Command and Response pair with expected result, a real result and a callback to dynamically assign result - TestSuite: Encapsulates a bunch of tests, represents a whole category of tests either that can be run on any curve or only on some. --- !uploader/ectester.cap | Bin 14053 -> 14353 bytes dist/ECTester.jar | Bin 295880 -> 322457 bytes src/cz/crcs/ectester/applet/ECKeyGenerator.java | 32 +- src/cz/crcs/ectester/applet/ECKeyTester.java | 49 +- src/cz/crcs/ectester/applet/ECTesterApplet.java | 7 +- src/cz/crcs/ectester/applet/ECUtil.java | 17 + src/cz/crcs/ectester/data/EC_Store.java | 8 +- src/cz/crcs/ectester/reader/ECTester.java | 666 +++++++++++------------- src/cz/crcs/ectester/reader/Response.java | 106 ++-- src/cz/crcs/ectester/reader/Test.java | 81 +++ src/cz/crcs/ectester/reader/TestSuite.java | 167 ++++++ src/cz/crcs/ectester/reader/Util.java | 82 ++- src/cz/crcs/ectester/reader/ec/EC_Curve.java | 10 +- src/cz/crcs/ectester/reader/ec/EC_Data.java | 40 +- src/cz/crcs/ectester/reader/ec/EC_KAResult.java | 13 +- src/cz/crcs/ectester/reader/ec/EC_Key.java | 10 + src/cz/crcs/ectester/reader/ec/EC_Keypair.java | 1 - src/cz/crcs/ectester/reader/ec/EC_Params.java | 28 +- 18 files changed, 854 insertions(+), 463 deletions(-) create mode 100644 src/cz/crcs/ectester/applet/ECUtil.java create mode 100644 src/cz/crcs/ectester/reader/Test.java create mode 100644 src/cz/crcs/ectester/reader/TestSuite.java (limited to 'src/cz/crcs/ectester/reader/ec/EC_Data.java') diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index 96d0c82..1e7235d 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/dist/ECTester.jar b/dist/ECTester.jar index 0126533..58f44b9 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/ECKeyGenerator.java b/src/cz/crcs/ectester/applet/ECKeyGenerator.java index b412370..a36bd0c 100644 --- a/src/cz/crcs/ectester/applet/ECKeyGenerator.java +++ b/src/cz/crcs/ectester/applet/ECKeyGenerator.java @@ -39,8 +39,8 @@ public class ECKeyGenerator { } public short clearPair(KeyPair keypair, byte key) { - sw = ISO7816.SW_NO_ERROR; try { + sw = ECUtil.nullCheck(keypair); if ((key & EC_Consts.KEY_PUBLIC) != 0) keypair.getPublic().clearKey(); if ((key & EC_Consts.KEY_PRIVATE) != 0) keypair.getPrivate().clearKey(); } catch (CardRuntimeException ce) { @@ -54,8 +54,8 @@ public class ECKeyGenerator { * @return */ public short generatePair(KeyPair keypair) { - sw = ISO7816.SW_NO_ERROR; try { + sw = ECUtil.nullCheck(keypair); keypair.genKeyPair(); } catch (CardRuntimeException ce) { sw = ce.getReason(); @@ -155,11 +155,12 @@ public class ECKeyGenerator { * @return */ public short setParameter(KeyPair keypair, byte key, short param, byte[] data, short offset, short length) { - sw = ISO7816.SW_NO_ERROR; - ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); - ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); - try { + sw = ECUtil.nullCheck(keypair); + + ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); + ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); + switch (param) { case EC_Consts.PARAMETER_FP: if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); @@ -174,8 +175,11 @@ public class ECKeyGenerator { short i1 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); short i2 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); short i3 = Util.makeShort(data[(short) (offset + 6)], data[(short) (offset + 7)]); - if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); - if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); +// if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); +// if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); + // TODO fix this + if ((key & EC_Consts.KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i3, i2, i1); + if ((key & EC_Consts.KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i3, i2, i1); } else { sw = ISO7816.SW_UNKNOWN; } @@ -275,12 +279,12 @@ public class ECKeyGenerator { * @return length of data written */ public short exportParameter(KeyPair keypair, byte key, short param, byte[] outputBuffer, short outputOffset) { - sw = ISO7816.SW_NO_ERROR; - ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); - ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); - short length = 0; try { + sw = ECUtil.nullCheck(keypair); + ECPublicKey ecPublicKey = (ECPublicKey) keypair.getPublic(); + ECPrivateKey ecPrivateKey = (ECPrivateKey) keypair.getPrivate(); + switch (param) { case EC_Consts.PARAMETER_FP: if ((key & EC_Consts.KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset); @@ -385,8 +389,10 @@ public class ECKeyGenerator { * @return sw */ public short copyCurve(KeyPair from, KeyPair to, short params, byte[] buffer, short offset) { - sw = ISO7816.SW_NO_ERROR; try { + sw = ECUtil.nullCheck(from); + sw = ECUtil.nullCheck(to); + short param = EC_Consts.PARAMETER_FP; while (param <= EC_Consts.PARAMETER_K) { short masked = (short) (param & params); diff --git a/src/cz/crcs/ectester/applet/ECKeyTester.java b/src/cz/crcs/ectester/applet/ECKeyTester.java index 64f3024..c4b58e0 100644 --- a/src/cz/crcs/ectester/applet/ECKeyTester.java +++ b/src/cz/crcs/ectester/applet/ECKeyTester.java @@ -4,10 +4,7 @@ package cz.crcs.ectester.applet; import javacard.framework.CardRuntimeException; import javacard.framework.ISO7816; import javacard.framework.Util; -import javacard.security.ECPrivateKey; -import javacard.security.ECPublicKey; -import javacard.security.KeyAgreement; -import javacard.security.Signature; +import javacard.security.*; /** * Class capable of testing ECDH/C and ECDSA. @@ -53,11 +50,15 @@ public class ECKeyTester { return sw; } - private short testKA(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - sw = ISO7816.SW_NO_ERROR; + private short testKA(KeyAgreement ka, KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { short length = 0; try { - ka.init(privateKey); + sw = ECUtil.nullCheck(privatePair); + sw = ECUtil.nullCheck(publicPair); + + ka.init(privatePair.getPrivate()); + short pubkeyLength = ((ECPublicKey) publicPair.getPublic()).getW(pubkeyBuffer, pubkeyOffset); + pubkeyLength = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, pubkeyLength); length = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); } catch (CardRuntimeException ce) { sw = ce.getReason(); @@ -66,12 +67,12 @@ public class ECKeyTester { } /** - * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}. + * Tests ECDH secret generation with keys from given {@code privatePair} and {@code publicPair}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. * Output should equal with ECDHC output. * - * @param privateKey - * @param publicKey + * @param privatePair + * @param publicPair * @param pubkeyBuffer * @param pubkeyOffset * @param outputBuffer @@ -79,19 +80,17 @@ public class ECKeyTester { * @param corruption * @return derived secret length **/ - public short testECDH(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); - return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + public short testECDH(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + return testKA(ecdhKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } /** - * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}. + * Tests ECDHC secret generation with keys from given {@code privatePair} and {@code publicPair}. * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. * Output should equal to ECDH output. * - * @param privateKey - * @param publicKey + * @param privatePair + * @param publicPair * @param pubkeyBuffer * @param pubkeyOffset * @param outputBuffer @@ -99,16 +98,14 @@ public class ECKeyTester { * @param corruption * @return derived secret length */ - public short testECDHC(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - length = EC_Consts.corruptParameter(corruption, pubkeyBuffer, pubkeyOffset, length); - return testKA(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); + public short testECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + return testKA(ecdhcKeyAgreement, privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); } /** * - * @param privateKey - * @param publicKey + * @param privatePair + * @param publicPair * @param pubkeyBuffer * @param pubkeyOffset * @param outputBuffer @@ -116,12 +113,12 @@ public class ECKeyTester { * @param corruption * @return */ - public short testKA(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { - short ecdhLength = testECDH(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); + public short testECDH_ECDHC(KeyPair privatePair, KeyPair publicPair, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset, byte corruption) { + short ecdhLength = testECDH(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, outputOffset, corruption); if (sw != ISO7816.SW_NO_ERROR) { return ecdhLength; } - short ecdhcLength = testECDHC(privateKey, publicKey, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption); + short ecdhcLength = testECDHC(privatePair, publicPair, pubkeyBuffer, pubkeyOffset, outputBuffer, (short) (outputOffset + ecdhLength), corruption); short length = (short) (ecdhLength + ecdhcLength); if (sw != ISO7816.SW_NO_ERROR) { return length; diff --git a/src/cz/crcs/ectester/applet/ECTesterApplet.java b/src/cz/crcs/ectester/applet/ECTesterApplet.java index 98f59c4..f802233 100644 --- a/src/cz/crcs/ectester/applet/ECTesterApplet.java +++ b/src/cz/crcs/ectester/applet/ECTesterApplet.java @@ -64,6 +64,7 @@ public class ECTesterApplet extends Applet { // STATUS WORDS public static final short SW_SIG_VERIFY_FAIL = (short) 0x0ee1; public static final short SW_DH_DHC_MISMATCH = (short) 0x0ee2; + public static final short SW_KEYPAIR_NULL = (short) 0x0ee3; private static final short ARRAY_LENGTH = (short) 0xff; @@ -551,13 +552,13 @@ public class ECTesterApplet extends Applet { short secretLength = 0; switch (type) { case EC_Consts.KA_ECDH: - secretLength = keyTester.testECDH((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); + secretLength = keyTester.testECDH(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); break; case EC_Consts.KA_ECDHC: - secretLength = keyTester.testECDHC((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); + secretLength = keyTester.testECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); break; case EC_Consts.KA_BOTH: - secretLength = keyTester.testKA((ECPrivateKey) priv.getPrivate(), (ECPublicKey) pub.getPublic(), ramArray, (short) 0, ramArray2, (short) 0, corruption); + secretLength = keyTester.testECDH_ECDHC(priv, pub, ramArray, (short) 0, ramArray2, (short) 0, corruption); break; default: ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); diff --git a/src/cz/crcs/ectester/applet/ECUtil.java b/src/cz/crcs/ectester/applet/ECUtil.java new file mode 100644 index 0000000..e7e4a8a --- /dev/null +++ b/src/cz/crcs/ectester/applet/ECUtil.java @@ -0,0 +1,17 @@ +package cz.crcs.ectester.applet; + +import javacard.framework.ISO7816; +import javacard.framework.ISOException; +import javacard.security.KeyPair; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class ECUtil { + + static short nullCheck(KeyPair keyPair) { + if (keyPair == null) + ISOException.throwIt(ECTesterApplet.SW_KEYPAIR_NULL); + return ISO7816.SW_NO_ERROR; + } +} diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index 0571cd8..ccd3586 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -151,12 +151,13 @@ public class EC_Store { } short bitsize = Short.parseShort(bits.getTextContent()); - EC_Curve curve = new EC_Curve(bitsize, alg, descs); + EC_Curve curve = new EC_Curve(id.getTextContent(), bitsize, alg, descs); InputStream csv = parseDataElement(dir, curveElem); if (!curve.readCSV(csv)) { throw new IOException("Invalid csv data."); } + csv.close(); objMap.put(id.getTextContent(), curve); } else { @@ -233,12 +234,13 @@ public class EC_Store { kab = EC_Consts.KA_ECDHC; } - EC_KAResult kaResult = new EC_KAResult(kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs); + EC_KAResult kaResult = new EC_KAResult(id.getTextContent(), kab, curve.getTextContent(), onekey.getTextContent(), otherkey.getTextContent(), descs); InputStream csv = parseDataElement(dir, elem); if (!kaResult.readCSV(csv)) { throw new IOException("Invalid csv data."); } + csv.close(); objMap.put(id.getTextContent(), kaResult); } else { @@ -276,6 +278,8 @@ public class EC_Store { if (!result.readCSV(csv)) { throw new IOException("Invalid CSV data."); } + csv.close(); + return result; } diff --git a/src/cz/crcs/ectester/reader/ECTester.java b/src/cz/crcs/ectester/reader/ECTester.java index 6965d14..8afda17 100644 --- a/src/cz/crcs/ectester/reader/ECTester.java +++ b/src/cz/crcs/ectester/reader/ECTester.java @@ -44,47 +44,7 @@ public class ECTester { private CardMngr cardManager; private DirtyLogger systemOutLogger; private EC_Store dataStore; - - //Options - private int optBits; - private boolean optAll; - private boolean optPrimeField = false; - private boolean optBinaryField = false; - - private String optNamedCurve = null; - private String optCurveFile = null; - private boolean optCustomCurve = false; - - private boolean optAnyPublic = false; - private String optNamedPublic = null; - private String optPublic = null; - - private boolean optAnyPrivate = false; - private String optNamedPrivate = null; - private String optPrivate = null; - - private boolean optAnyKey = false; - private String optNamedKey = null; - private String optKey = null; - - private boolean optAnyKeypart = false; - - private String optLog = null; - - private boolean optVerbose = false; - private String optInput = null; - private String optOutput = null; - private boolean optFresh = false; - private boolean optSimulate = false; - - //Action-related options - private String optListNamed; - private String optTestSuite; - private int optGenerateAmount; - private int optECDHCount; - private byte optECDHKA; - private int optECDSACount; - + private Config cfg; private Options opts = new Options(); private static final String CLI_HEADER = "\nECTester, a javacard Elliptic Curve Cryptograhy support tester/utility.\n\n"; @@ -104,8 +64,10 @@ public class ECTester { help(); return; } + cfg = new Config(); + //if not, read other options first, into attributes, then do action - if (!readOptions(cli)) { + if (!cfg.readOptions(cli)) { return; } @@ -117,10 +79,10 @@ public class ECTester { } //init CardManager - cardManager = new CardMngr(optVerbose, optSimulate); + cardManager = new CardMngr(cfg.verbose, cfg.simulate); //connect or simulate connection - if (optSimulate) { + if (cfg.simulate) { if (!cardManager.prepareLocalSimulatorApplet(AID, INSTALL_DATA, ECTesterApplet.class)) { System.err.println("Failed to establish a simulator."); System.exit(1); @@ -133,7 +95,7 @@ public class ECTester { cardManager.send(SELECT_ECTESTERAPPLET); } - systemOutLogger = new DirtyLogger(optLog, true); + systemOutLogger = new DirtyLogger(cfg.log, true); //do action if (cli.hasOption("export")) { @@ -208,7 +170,7 @@ public class ECTester { * -dh / --ecdh [count] * -dhc / --ecdhc [count] * -dsa / --ecdsa [count] - * -ln / --list-named + * -ln / --list-named [obj] * * Options: * -b / --bit-size // -a / --all @@ -291,194 +253,26 @@ public class ECTester { return parser.parse(opts, args); } - /** - * Reads and validates options, also sets defaults. - * - * @param cli cli object, with parsed args - * @return whether the options are valid. - */ - private boolean readOptions(CommandLine cli) { - optBits = Integer.parseInt(cli.getOptionValue("bit-size", "0")); - optAll = cli.hasOption("all"); - optPrimeField = cli.hasOption("fp"); - optBinaryField = cli.hasOption("f2m"); - - optNamedCurve = cli.getOptionValue("named-curve"); - optCustomCurve = cli.hasOption("custom"); - optCurveFile = cli.getOptionValue("curve"); - - optNamedPublic = cli.getOptionValue("named-public"); - optPublic = cli.getOptionValue("public"); - optAnyPublic = (optPublic != null) || (optNamedPublic != null); - - optNamedPrivate = cli.getOptionValue("named-private"); - optPrivate = cli.getOptionValue("private"); - optAnyPrivate = (optPrivate != null) || (optNamedPrivate != null); - - optNamedKey = cli.getOptionValue("named-key"); - optKey = cli.getOptionValue("key"); - optAnyKey = (optKey != null) || (optNamedKey != null); - optAnyKeypart = optAnyKey || optAnyPublic || optAnyPrivate; - - if (cli.hasOption("log")) { - optLog = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); - } - - optVerbose = cli.hasOption("verbose"); - optInput = cli.getOptionValue("input"); - optOutput = cli.getOptionValue("output"); - optFresh = cli.hasOption("fresh"); - optSimulate = cli.hasOption("simulate"); - - if (cli.hasOption("list-named")) { - optListNamed = cli.getOptionValue("list-named"); - return true; - } - - if ((optKey != null || optNamedKey != null) && (optPublic != null || optPrivate != null || optNamedPublic != null || optNamedPrivate != null)) { - System.err.print("Can only specify the whole key with --key/--named-key or pubkey and privkey with --public/--named-public and --private/--named-private."); - return false; - } - if (optBits < 0) { - System.err.println("Bit-size must not be negative."); - return false; - } - if (optBits == 0 && !optAll) { - System.err.println("You must specify either bit-size with -b or all bit-sizes with -a."); - return false; - } - - if (optKey != null && optNamedKey != null || optPublic != null && optNamedPublic != null || optPrivate != null && optNamedPrivate != null) { - System.err.println("You cannot specify both a named key and a key file."); - return false; - } - - if (cli.hasOption("export")) { - if (optPrimeField == optBinaryField) { - System.err.print("Need to specify field with -fp or -f2m. (not both)"); - return false; - } - if (optAnyKeypart) { - System.err.println("Keys should not be specified when exporting curve params."); - return false; - } - if (optNamedCurve != null || optCustomCurve || optCurveFile != null) { - System.err.println("Specifying a curve for curve export makes no sense."); - return false; - } - if (optOutput == null) { - System.err.println("You have to specify an output file for curve parameter export."); - return false; - } - if (optAll) { - System.err.println("You have to specify curve bit-size with -b"); - return false; - } - - } else if (cli.hasOption("generate")) { - if (optPrimeField == optBinaryField) { - System.err.print("Need to specify field with -fp or -f2m. (not both)"); - return false; - } - if (optAnyKeypart) { - System.err.println("Keys should not be specified when generating keys."); - return false; - } - if (optOutput == null) { - System.err.println("You have to specify an output file for the key generation process."); - return false; - } - if (optAll) { - System.err.println("You have to specify curve bit-size with -b"); - return false; - } - - optGenerateAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); - if (optGenerateAmount < 0) { - System.err.println("Amount of keys generated cant be negative."); - return false; - } - } else if (cli.hasOption("test")) { - if (!optBinaryField && !optPrimeField) { - optBinaryField = true; - optPrimeField = true; - } - - optTestSuite = cli.getOptionValue("test", "default").toLowerCase(); - String[] tests = new String[]{"default", "nonprime", "invalid", "test-vectors", "wrong"}; - List testsList = Arrays.asList(tests); - if (!testsList.contains(optTestSuite)) { - System.err.println("Unknown test case. Should be one of: " + Arrays.toString(tests)); - return false; - } - - } else if (cli.hasOption("ecdh") || cli.hasOption("ecdhc")) { - if (optPrimeField == optBinaryField) { - System.err.print("Need to specify field with -fp or -f2m. (not both)"); - return false; - } - if (optAll) { - System.err.println("You have to specify curve bit-size with -b"); - return false; - } - - if (cli.hasOption("ecdh")) { - optECDHCount = Integer.parseInt(cli.getOptionValue("ecdh", "1")); - optECDHKA = EC_Consts.KA_ECDH; - } else if (cli.hasOption("ecdhc")) { - optECDHCount = Integer.parseInt(cli.getOptionValue("ecdhc", "1")); - optECDHKA = EC_Consts.KA_ECDHC; - } - if (optECDHCount <= 0) { - System.err.println("ECDH count cannot be <= 0."); - return false; - } - - } else if (cli.hasOption("ecdsa")) { - if (optPrimeField == optBinaryField) { - System.err.print("Need to specify field with -fp or -f2m. (but not both)"); - return false; - } - if (optAll) { - System.err.println("You have to specify curve bit-size with -b"); - return false; - } - - if ((optAnyPublic) != (optAnyPrivate) && !optAnyKey) { - System.err.println("You cannot only specify a part of a keypair."); - return false; - } - - optECDSACount = Integer.parseInt(cli.getOptionValue("ecdsa", "1")); - if (optECDSACount <= 0) { - System.err.println("ECDSA count cannot be <= 0."); - return false; - } - } - - return true; - } - /** * List categories and named curves. */ private void list() { Map categories = dataStore.getCategories(); - if (optListNamed == null) { + if (cfg.listNamed == null) { // print all categories, briefly for (EC_Category cat : categories.values()) { System.out.println(cat); } - } else if (categories.containsKey(optListNamed)) { + } else if (categories.containsKey(cfg.listNamed)) { // print given category - System.out.println(categories.get(optListNamed)); + System.out.println(categories.get(cfg.listNamed)); } else { // print given object - EC_Data object = dataStore.getObject(EC_Data.class, optListNamed); + EC_Data object = dataStore.getObject(EC_Data.class, cfg.listNamed); if (object != null) { System.out.println(object); } else { - System.err.println("Named object " + optListNamed + " not found!"); + System.err.println("Named object " + cfg.listNamed + " not found!"); } } } @@ -499,17 +293,17 @@ public class ECTester { * @throws IOException if an IO error occurs when writing to key file. */ private void export() throws CardException, IOException { - byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List sent = new LinkedList<>(); - sent.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send()); + sent.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send()); sent.add(new Command.Clear(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); sent.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL).send()); // Cofactor generally isn't set on the default curve parameters on cards, // since its not necessary for ECDH, only ECDHC which not many cards implement // TODO: check if its assumend to be == 1? - short domainAll = optPrimeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; + short domainAll = cfg.primeField ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; short domain = (short) (domainAll ^ EC_Consts.PARAMETER_K); Response.Export export = new Command.Export(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.KEY_PUBLIC, domainAll).send(); if (!export.successful()) { @@ -521,7 +315,7 @@ public class ECTester { EC_Params exported = new EC_Params(domain, export.getParams()); - FileOutputStream out = new FileOutputStream(optOutput); + FileOutputStream out = new FileOutputStream(cfg.output); exported.writeCSV(out); out.close(); } @@ -533,18 +327,18 @@ public class ECTester { * @throws IOException if an IO error occurs when writing to key file. */ private void generate() throws CardException, IOException { - byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send(); - List curve = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass); + new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send(); + List curve = prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass); - FileWriter keysFile = new FileWriter(optOutput); + FileWriter keysFile = new FileWriter(cfg.output); keysFile.write("index;time;pubW;privS\n"); int generated = 0; int retry = 0; - while (generated < optGenerateAmount || optGenerateAmount == 0) { - if (optFresh || generated == 0) { + while (generated < cfg.generateAmount || cfg.generateAmount == 0) { + if (cfg.fresh || generated == 0) { Command.sendAll(curve); } @@ -583,19 +377,20 @@ public class ECTester { */ private void test() throws IOException, CardException { List commands = new LinkedList<>(); + TestSuite suite = null; - if (optTestSuite.equals("default")) { + if (cfg.testSuite.equals("default")) { commands.add(new Command.Support(cardManager)); - if (optNamedCurve != null) { - if (optPrimeField) { - commands.addAll(testCurves(optNamedCurve, KeyPair.ALG_EC_FP)); + if (cfg.namedCurve != null) { + if (cfg.primeField) { + commands.addAll(testCurves(cfg.namedCurve, KeyPair.ALG_EC_FP)); } - if (optBinaryField) { - commands.addAll(testCurves(optNamedCurve, KeyPair.ALG_EC_F2M)); + if (cfg.binaryField) { + commands.addAll(testCurves(cfg.namedCurve, KeyPair.ALG_EC_F2M)); } } else { - if (optAll) { - if (optPrimeField) { + if (cfg.all) { + if (cfg.primeField) { //iterate over prime curve sizes used: EC_Consts.FP_SIZES for (short keyLength : EC_Consts.FP_SIZES) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_FP)); @@ -604,7 +399,7 @@ public class ECTester { commands.add(new Command.Cleanup(cardManager)); } } - if (optBinaryField) { + if (cfg.binaryField) { //iterate over binary curve sizes used: EC_Consts.F2M_SIZES for (short keyLength : EC_Consts.F2M_SIZES) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, keyLength, KeyPair.ALG_EC_F2M)); @@ -614,60 +409,31 @@ public class ECTester { } } } else { - if (optPrimeField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_FP)); + if (cfg.primeField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_FP)); commands.addAll(testCurve()); commands.add(new Command.Cleanup(cardManager)); } - if (optBinaryField) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); - commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, KeyPair.ALG_EC_F2M)); + if (cfg.binaryField) { + commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); + commands.addAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, KeyPair.ALG_EC_F2M)); commands.addAll(testCurve()); commands.add(new Command.Cleanup(cardManager)); } } } - } else if (optTestSuite.equals("test-vectors")) { + } else if (cfg.testSuite.equals("test-vectors")) { /* Set original curves (secg/nist/brainpool). Set keypairs from test vectors. * Do ECDH both ways, export and verify that the result is correct. * */ - Map results = dataStore.getObjects(EC_KAResult.class, "test"); - for (EC_KAResult result : results.values()) { - EC_Curve curve = dataStore.getObject(EC_Curve.class, result.getCurve()); - if (optNamedCurve != null && !(result.getCurve().startsWith(optNamedCurve) || result.getCurve().equals(optNamedCurve))) { - continue; - } - if (curve.getBits() != optBits && !optAll) { - continue; - } - EC_Params onekey = dataStore.getObject(EC_Keypair.class, result.getOneKey()); - if (onekey == null) { - onekey = dataStore.getObject(EC_Key.Private.class, result.getOneKey()); - } - EC_Params otherkey = dataStore.getObject(EC_Keypair.class, result.getOtherKey()); - if (otherkey == null) { - otherkey = dataStore.getObject(EC_Key.Public.class, result.getOtherKey()); - } - if (onekey == null || otherkey == null) { - throw new IOException("Test vector keys not located"); - } - - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, EC_Consts.PARAMETER_S, onekey.flatten(EC_Consts.PARAMETER_S))); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, EC_Consts.PARAMETER_W, otherkey.flatten(EC_Consts.PARAMETER_W))); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, result.getKA())); - //TODO add compare with result.getParam(0); - commands.add(new Command.Cleanup(cardManager)); - } + suite = new TestSuite.TestVectors(dataStore, cfg); } else { // These tests are dangerous, prompt before them. - System.out.println("The test you selected (" + optTestSuite + ") is potentially dangerous."); + System.out.println("The test you selected (" + cfg.testSuite + ") is potentially dangerous."); System.out.println("Some of these tests have caused temporary DoS of some cards."); System.out.print("Do you want to proceed? (y/n): "); Scanner in = new Scanner(System.in); @@ -677,62 +443,40 @@ public class ECTester { } in.close(); - if (optTestSuite.equals("wrong")) { + if (cfg.testSuite.equals("wrong")) { /* Just do the default tests on the wrong curves. * These should generally fail, the curves aren't safe. */ - if (optPrimeField) { - commands.addAll(testCurves(optTestSuite, KeyPair.ALG_EC_FP)); + if (cfg.primeField) { + commands.addAll(testCurves(cfg.testSuite, KeyPair.ALG_EC_FP)); } - if (optBinaryField) { - commands.addAll(testCurves(optTestSuite, KeyPair.ALG_EC_F2M)); + if (cfg.binaryField) { + commands.addAll(testCurves(cfg.testSuite, KeyPair.ALG_EC_F2M)); } - } else if (optTestSuite.equals("nonprime")) { + } else if (cfg.testSuite.equals("nonprime")) { /* Do the default tests with the public keys set to provided nonprime keys. * These should fail, the curves aren't safe so that if the computation with * a small order public key succeeds the private key modulo the public key order * is revealed. */ - Map keys = dataStore.getObjects(EC_Key.class, "nonprime"); - for (EC_Key key : keys.values()) { - EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); - if ((curve.getBits() == optBits || optAll)) { - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH)); - commands.add(new Command.Cleanup(cardManager)); - } - } - } else if (optTestSuite.equals("invalid")) { + suite = new TestSuite.NonPrime(dataStore, cfg); + } else if (cfg.testSuite.equals("invalid")) { /* Set original curves (secg/nist/brainpool). Generate local. * Try ECDH with invalid public keys of increasing (or decreasing) order. */ - Map pubkeys = dataStore.getObjects(EC_Key.Public.class, "invalid"); - for (EC_Key.Public key : pubkeys.values()) { - EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); - if (optNamedCurve != null && !(key.getCurve().startsWith(optNamedCurve) || key.getCurve().equals(optNamedCurve))) { - continue; - } - if (curve.getBits() != optBits && !optAll) { - continue; - } - commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField())); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); - commands.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL)); - commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten())); - commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH)); - //commands.add(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDHC)); - commands.add(new Command.Cleanup(cardManager)); - - } + suite = new TestSuite.Invalid(dataStore, cfg); } } List test = Command.sendAll(commands); - systemOutLogger.println(Response.toString(test, optTestSuite)); + if (suite != null) { + List tests = suite.run(cardManager); + for (Test t : tests) { + System.out.println(t); + } + } + systemOutLogger.println(Response.toString(test, cfg.testSuite)); } @@ -743,34 +487,34 @@ public class ECTester { * @throws IOException if an IO error occurs when writing to key file. */ private void ecdh() throws IOException, CardException { - byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List prepare = new LinkedList<>(); - prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass).send()); - prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) optBits, keyClass))); + prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass).send()); + prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_BOTH, (short) cfg.bits, keyClass))); systemOutLogger.println(Response.toString(prepare)); - byte pubkey = (optAnyPublic || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; - byte privkey = (optAnyPrivate || optAnyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; + byte pubkey = (cfg.anyPublicKey || cfg.anyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; + byte privkey = (cfg.anyPrivateKey || cfg.anyKey) ? ECTesterApplet.KEYPAIR_REMOTE : ECTesterApplet.KEYPAIR_LOCAL; List generate = new LinkedList<>(); generate.add(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH)); - if (optAnyPublic || optAnyPrivate || optAnyKey) { + if (cfg.anyPublicKey || cfg.anyPrivateKey || cfg.anyKey) { generate.add(prepareKey(ECTesterApplet.KEYPAIR_REMOTE)); } FileWriter out = null; - if (optOutput != null) { - out = new FileWriter(optOutput); + if (cfg.output != null) { + out = new FileWriter(cfg.output); out.write("index;time;secret\n"); } int retry = 0; int done = 0; - while (done < optECDHCount) { + while (done < cfg.ECDHCount) { List ecdh = Command.sendAll(generate); - Response.ECDH perform = new Command.ECDH(cardManager, pubkey, privkey, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, optECDHKA).send(); + Response.ECDH perform = new Command.ECDH(cardManager, pubkey, privkey, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, cfg.ECDHKA).send(); ecdh.add(perform); systemOutLogger.println(Response.toString(ecdh)); @@ -804,38 +548,38 @@ public class ECTester { private void ecdsa() throws CardException, IOException { //read file, if asked to sign byte[] data = null; - if (optInput != null) { - File in = new File(optInput); + if (cfg.input != null) { + File in = new File(cfg.input); long len = in.length(); if (len == 0) { - throw new FileNotFoundException(optInput); + throw new FileNotFoundException(cfg.input); } data = Files.readAllBytes(in.toPath()); } Command generate; - if (optAnyKeypart) { + if (cfg.anyKeypart) { generate = prepareKey(ECTesterApplet.KEYPAIR_LOCAL); } else { generate = new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL); } - byte keyClass = optPrimeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; + byte keyClass = cfg.primeField ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; List prepare = new LinkedList<>(); - prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass).send()); - prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) optBits, keyClass))); + prepare.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass).send()); + prepare.addAll(Command.sendAll(prepareCurve(ECTesterApplet.KEYPAIR_LOCAL, (short) cfg.bits, keyClass))); systemOutLogger.println(Response.toString(prepare)); FileWriter out = null; - if (optOutput != null) { - out = new FileWriter(optOutput); + if (cfg.output != null) { + out = new FileWriter(cfg.output); out.write("index;time;signature\n"); } int retry = 0; int done = 0; - while (done < optECDSACount) { + while (done < cfg.ECDSACount) { List ecdsa = new LinkedList<>(); ecdsa.add(generate.send()); @@ -873,14 +617,14 @@ public class ECTester { private List prepareCurve(byte keyPair, short keyLength, byte keyClass) throws IOException { List commands = new ArrayList<>(); - if (optCustomCurve) { + if (cfg.customCurve) { // Set custom curve (one of the SECG curves embedded applet-side) short domainParams = keyClass == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M; commands.add(new Command.Set(cardManager, keyPair, EC_Consts.getCurve(keyLength, keyClass), domainParams, null)); - } else if (optNamedCurve != null) { + } else if (cfg.namedCurve != null) { // Set a named curve. - // parse optNamedCurve -> cat / id | cat | id - EC_Curve curve = dataStore.getObject(EC_Curve.class, optNamedCurve); + // parse cfg.namedCurve -> cat / id | cat | id + EC_Curve curve = dataStore.getObject(EC_Curve.class, cfg.namedCurve); if (curve == null) { throw new IOException("Curve could no be found."); } @@ -893,11 +637,11 @@ public class ECTester { throw new IOException("Couldn't read named curve data."); } commands.add(new Command.Set(cardManager, keyPair, EC_Consts.CURVE_external, curve.getParams(), external)); - } else if (optCurveFile != null) { + } else if (cfg.curveFile != null) { // Set curve loaded from a file - EC_Curve curve = new EC_Curve(keyLength, keyClass); + EC_Curve curve = new EC_Curve(null, keyLength, keyClass); - FileInputStream in = new FileInputStream(optCurveFile); + FileInputStream in = new FileInputStream(cfg.curveFile); curve.readCSV(in); in.close(); @@ -927,17 +671,17 @@ public class ECTester { short params = EC_Consts.PARAMETERS_NONE; byte[] data = null; - if (optKey != null || optNamedKey != null) { + if (cfg.key != null || cfg.namedKey != null) { params |= EC_Consts.PARAMETERS_KEYPAIR; EC_Params keypair; - if (optKey != null) { + if (cfg.key != null) { keypair = new EC_Params(EC_Consts.PARAMETERS_KEYPAIR); - FileInputStream in = new FileInputStream(optKey); + FileInputStream in = new FileInputStream(cfg.key); keypair.readCSV(in); in.close(); } else { - keypair = dataStore.getObject(EC_Keypair.class, optNamedKey); + keypair = dataStore.getObject(EC_Keypair.class, cfg.namedKey); } data = keypair.flatten(); @@ -946,19 +690,19 @@ public class ECTester { } } - if (optPublic != null || optNamedPublic != null) { + if (cfg.publicKey != null || cfg.namedPublicKey != null) { params |= EC_Consts.PARAMETER_W; EC_Params pub; - if (optPublic != null) { + if (cfg.publicKey != null) { pub = new EC_Params(EC_Consts.PARAMETER_W); - FileInputStream in = new FileInputStream(optPublic); + FileInputStream in = new FileInputStream(cfg.publicKey); pub.readCSV(in); in.close(); } else { - pub = dataStore.getObject(EC_Key.Public.class, optNamedPublic); + pub = dataStore.getObject(EC_Key.Public.class, cfg.namedPublicKey); if (pub == null) { - pub = dataStore.getObject(EC_Keypair.class, optNamedPublic); + pub = dataStore.getObject(EC_Keypair.class, cfg.namedPublicKey); } } @@ -968,19 +712,19 @@ public class ECTester { } data = pubkey; } - if (optPrivate != null || optNamedPrivate != null) { + if (cfg.privateKey != null || cfg.namedPrivateKey != null) { params |= EC_Consts.PARAMETER_S; EC_Params priv; - if (optPrivate != null) { + if (cfg.privateKey != null) { priv = new EC_Params(EC_Consts.PARAMETER_S); - FileInputStream in = new FileInputStream(optPrivate); + FileInputStream in = new FileInputStream(cfg.privateKey); priv.readCSV(in); in.close(); } else { - priv = dataStore.getObject(EC_Key.Public.class, optNamedPrivate); + priv = dataStore.getObject(EC_Key.Public.class, cfg.namedPrivateKey); if (priv == null) { - priv = dataStore.getObject(EC_Keypair.class, optNamedPrivate); + priv = dataStore.getObject(EC_Keypair.class, cfg.namedPrivateKey); } } @@ -1022,7 +766,7 @@ public class ECTester { return commands; for (Map.Entry entry : curves.entrySet()) { EC_Curve curve = entry.getValue(); - if (curve.getField() == field && (curve.getBits() == optBits || optAll)) { + if (curve.getField() == field && (curve.getBits() == cfg.bits || cfg.all)) { commands.add(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), field)); commands.add(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten())); commands.addAll(testCurve()); @@ -1037,4 +781,214 @@ public class ECTester { ECTester app = new ECTester(); app.run(args); } + + public static class Config { + + //Options + public int bits; + public boolean all; + public boolean primeField = false; + public boolean binaryField = false; + + public String namedCurve; + public String curveFile; + public boolean customCurve = false; + + public boolean anyPublicKey = false; + public String namedPublicKey; + public String publicKey; + + public boolean anyPrivateKey = false; + public String namedPrivateKey; + public String privateKey; + + public boolean anyKey = false; + public String namedKey; + public String key; + + public boolean anyKeypart = false; + + public String log; + + public boolean verbose = false; + public String input; + public String output; + public boolean fresh = false; + public boolean simulate = false; + + //Action-related ions + public String listNamed; + public String testSuite; + public int generateAmount; + public int ECDHCount; + public byte ECDHKA; + public int ECDSACount; + + /** + * Reads and validates options, also sets defaults. + * + * @param cli cli object, with parsed args + * @return whether the options are valid. + */ + public boolean readOptions(CommandLine cli) { + bits = Integer.parseInt(cli.getOptionValue("bit-size", "0")); + all = cli.hasOption("all"); + primeField = cli.hasOption("fp"); + binaryField = cli.hasOption("f2m"); + + namedCurve = cli.getOptionValue("named-curve"); + customCurve = cli.hasOption("custom"); + curveFile = cli.getOptionValue("curve"); + + namedPublicKey = cli.getOptionValue("named-public"); + publicKey = cli.getOptionValue("public"); + anyPublicKey = (publicKey != null) || (namedPublicKey != null); + + namedPrivateKey = cli.getOptionValue("named-private"); + privateKey = cli.getOptionValue("private"); + anyPrivateKey = (privateKey != null) || (namedPrivateKey != null); + + namedKey = cli.getOptionValue("named-key"); + key = cli.getOptionValue("key"); + anyKey = (key != null) || (namedKey != null); + anyKeypart = anyKey || anyPublicKey || anyPrivateKey; + + if (cli.hasOption("log")) { + log = cli.getOptionValue("log", String.format("ECTESTER_log_%d.log", System.currentTimeMillis() / 1000)); + } + + verbose = cli.hasOption("verbose"); + input = cli.getOptionValue("input"); + output = cli.getOptionValue("output"); + fresh = cli.hasOption("fresh"); + simulate = cli.hasOption("simulate"); + + if (cli.hasOption("list-named")) { + listNamed = cli.getOptionValue("list-named"); + return true; + } + + if ((key != null || namedKey != null) && (anyPublicKey || anyPrivateKey)) { + System.err.print("Can only specify the whole key with --key/--named-key or pubkey and privkey with --public/--named-public and --private/--named-private."); + return false; + } + if (bits < 0) { + System.err.println("Bit-size must not be negative."); + return false; + } + if (bits == 0 && !all) { + System.err.println("You must specify either bit-size with -b or all bit-sizes with -a."); + return false; + } + + if (key != null && namedKey != null || publicKey != null && namedPublicKey != null || privateKey != null && namedPrivateKey != null) { + System.err.println("You cannot specify both a named key and a key file."); + return false; + } + + if (cli.hasOption("export")) { + if (primeField == binaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (anyKeypart) { + System.err.println("Keys should not be specified when exporting curve params."); + return false; + } + if (namedCurve != null || customCurve || curveFile != null) { + System.err.println("Specifying a curve for curve export makes no sense."); + return false; + } + if (output == null) { + System.err.println("You have to specify an output file for curve parameter export."); + return false; + } + if (all) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + + } else if (cli.hasOption("generate")) { + if (primeField == binaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (anyKeypart) { + System.err.println("Keys should not be specified when generating keys."); + return false; + } + if (output == null) { + System.err.println("You have to specify an output file for the key generation process."); + return false; + } + if (all) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + + generateAmount = Integer.parseInt(cli.getOptionValue("generate", "0")); + if (generateAmount < 0) { + System.err.println("Amount of keys generated cant be negative."); + return false; + } + } else if (cli.hasOption("test")) { + if (!binaryField && primeField) { + binaryField = true; + primeField = true; + } + + testSuite = cli.getOptionValue("test", "default").toLowerCase(); + String[] tests = new String[]{"default", "nonprime", "invalid", "test-vectors", "wrong"}; + List testsList = Arrays.asList(tests); + if (!testsList.contains(testSuite)) { + System.err.println("Unknown test case. Should be one of: " + Arrays.toString(tests)); + return false; + } + + } else if (cli.hasOption("ecdh") || cli.hasOption("ecdhc")) { + if (primeField == binaryField) { + System.err.print("Need to specify field with -fp or -f2m. (not both)"); + return false; + } + if (all) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + + if (cli.hasOption("ecdh")) { + ECDHCount = Integer.parseInt(cli.getOptionValue("ecdh", "1")); + ECDHKA = EC_Consts.KA_ECDH; + } else if (cli.hasOption("ecdhc")) { + ECDHCount = Integer.parseInt(cli.getOptionValue("ecdhc", "1")); + ECDHKA = EC_Consts.KA_ECDHC; + } + if (ECDHCount <= 0) { + System.err.println("ECDH count cannot be <= 0."); + return false; + } + + } else if (cli.hasOption("ecdsa")) { + if (primeField == binaryField) { + System.err.print("Need to specify field with -fp or -f2m. (but not both)"); + return false; + } + if (all) { + System.err.println("You have to specify curve bit-size with -b"); + return false; + } + + if ((anyPublicKey) != (anyPrivateKey) && !anyKey) { + System.err.println("You cannot only specify a part of a keypair."); + return false; + } + + ECDSACount = Integer.parseInt(cli.getOptionValue("ecdsa", "1")); + if (ECDSACount <= 0) { + System.err.println("ECDSA count cannot be <= 0."); + return false; + } + } + return true; + } + } } diff --git a/src/cz/crcs/ectester/reader/Response.java b/src/cz/crcs/ectester/reader/Response.java index ee27260..e5b8c1c 100644 --- a/src/cz/crcs/ectester/reader/Response.java +++ b/src/cz/crcs/ectester/reader/Response.java @@ -2,6 +2,7 @@ package cz.crcs.ectester.reader; import cz.crcs.ectester.applet.ECTesterApplet; import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.reader.ec.EC_Curve; import javacard.framework.ISO7816; import javacard.security.KeyPair; @@ -12,11 +13,13 @@ import java.util.List; * @author Jan Jancar johny@neuromancer.sk */ public abstract class Response { + private ResponseAPDU resp; private long time; private short[] sws; private int numSW = 0; private byte[][] params; + //TODO replace params with EC_Data? private boolean success = true; protected Response(ResponseAPDU response, long time) { @@ -40,9 +43,14 @@ public abstract class Response { if (sw != ISO7816.SW_NO_ERROR) { success = false; } + } else { + success = false; } } + if ((short) resp.getSW() != ISO7816.SW_NO_ERROR) + success = false; + //try to parse numParams.. params = new byte[numParams][]; for (int i = 0; i < numParams; i++) { @@ -70,16 +78,8 @@ public abstract class Response { return time; } - public int getNaturalSW() { - return resp.getSW(); - } - - public short getSW1() { - return sws[0]; - } - - public short getSW2() { - return sws[1]; + public short getNaturalSW() { + return (short) resp.getSW(); } public short getSW(int index) { @@ -90,15 +90,15 @@ public abstract class Response { return numSW; } - protected boolean hasParam(int index) { + public boolean hasParam(int index) { return params.length >= index + 1 && params[index] != null; } - protected int getParamLength(int index) { + public int getParamLength(int index) { return params[index].length; } - protected byte[] getParam(int index) { + public byte[] getParam(int index) { return params[index]; } @@ -117,27 +117,32 @@ public abstract class Response { @Override public abstract String toString(); + public String toString(String inner) { + StringBuilder suffix = new StringBuilder(); + for (int j = 0; j < getNumSW(); ++j) { + suffix.append(" ").append(Util.getSWString(getSW(j))); + } + return String.format("%-62s:%4d ms : %s", inner, time / 1000000, suffix); + } + public static String toString(List responses) { return toString(responses, null); } - public static String toString(List responses, String prefix) { + public static String toString(List responses, String prefix) { if (prefix != null) prefix += " | "; StringBuilder out = new StringBuilder(); for (int i = 0; i < responses.size(); ++i) { Response r = responses.get(i); - String message = r.toString(); - String suffix = ""; - for (int j = 0; j < r.getNumSW(); ++j) { - suffix += " " + Util.getSWString(r.getSW(j)); - } - if (prefix != null) out.append(prefix); - out.append(String.format("%-62s:%4d ms : %s", message, r.time / 1000000, suffix)); + String message = r.toString(); + String full = r.toString(message); + + out.append(full); if (i < responses.size() - 1) { out.append("\n"); } @@ -149,6 +154,7 @@ public abstract class Response { * */ public static class Allocate extends Response { + private byte keyPair; private short keyLength; private byte keyClass; @@ -174,11 +180,15 @@ public abstract class Response { } else { key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Allocated %s %db %s", key, keyLength, field); + return super.toString(String.format("Allocated %s %db %s", key, keyLength, field)); } } + /** + * + */ public static class Clear extends Response { + private byte keyPair; protected Clear(ResponseAPDU response, long time, byte keyPair) { @@ -199,7 +209,7 @@ public abstract class Response { } else { key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Cleared %s", key); + return super.toString(String.format("Cleared %s", key)); } } @@ -207,6 +217,7 @@ public abstract class Response { * */ public static class Set extends Response { + private byte keyPair; private byte curve; private short parameters; @@ -238,13 +249,24 @@ public abstract class Response { name = "custom"; break; } + String what = ""; + if (parameters == EC_Consts.PARAMETERS_DOMAIN_F2M || parameters == EC_Consts.PARAMETERS_DOMAIN_FP) { + what = "curve"; + } else if (parameters == EC_Consts.PARAMETER_W) { + what = "pubkey"; + } else if (parameters == EC_Consts.PARAMETER_S) { + what = "privkey"; + } else if (parameters == EC_Consts.PARAMETERS_KEYPAIR) { + what = "keypair"; + } + String pair; if (keyPair == ECTesterApplet.KEYPAIR_BOTH) { pair = "both keypairs"; } else { pair = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Set %s curve parameters on %s", name, pair); + return super.toString(String.format("Set %s %s parameters on %s", name, what, pair)); } } @@ -253,6 +275,7 @@ public abstract class Response { * */ public static class Corrupt extends Response { + private byte keyPair; private byte key; private short params; @@ -282,7 +305,7 @@ public abstract class Response { } else { pair = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Corrupted params of %s, %s", pair, corrupt); + return super.toString(String.format("Corrupted params of %s, %s", pair, corrupt)); } } @@ -290,6 +313,7 @@ public abstract class Response { * */ public static class Generate extends Response { + private byte keyPair; protected Generate(ResponseAPDU response, long time, byte keyPair) { @@ -310,7 +334,7 @@ public abstract class Response { } else { key = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Generated %s", key); + return super.toString(String.format("Generated %s", key)); } } @@ -319,6 +343,7 @@ public abstract class Response { * */ public static class Export extends Response { + private byte keyPair; private byte key; private short parameters; @@ -419,7 +444,7 @@ public abstract class Response { } else { pair = ((keyPair == ECTesterApplet.KEYPAIR_LOCAL) ? "local" : "remote") + " keypair"; } - return String.format("Exported params from %s of %s", source, pair); + return super.toString(String.format("Exported params from %s of %s", source, pair)); } } @@ -427,6 +452,7 @@ public abstract class Response { * */ public static class ECDH extends Response { + private byte pubkey; private byte privkey; private byte export; @@ -452,18 +478,13 @@ public abstract class Response { return getParam(0); } + public int secretLength() { + return getParamLength(0); + } + @Override public String toString() { - String algo = ""; - if ((type & EC_Consts.KA_ECDH) != 0) { - algo += "ECDH"; - } - if (type == EC_Consts.KA_BOTH) { - algo += "+"; - } - if ((type & EC_Consts.KA_ECDHC) != 0) { - algo += "ECDHC"; - } + String algo = Util.getKA(type); String pub = pubkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; String priv = privkey == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; @@ -474,7 +495,7 @@ public abstract class Response { } else { validity = Util.getCorruption(corruption); } - return String.format("%s of %s pubkey and %s privkey(%s point)", algo, pub, priv, validity); + return super.toString(String.format("%s of %s pubkey and %s privkey(%s point)", algo, pub, priv, validity)); } } @@ -482,6 +503,7 @@ public abstract class Response { * */ public static class ECDSA extends Response { + private byte keyPair; private byte export; private byte[] raw; @@ -507,7 +529,7 @@ public abstract class Response { public String toString() { String key = keyPair == ECTesterApplet.KEYPAIR_LOCAL ? "local" : "remote"; String data = raw == null ? "random" : "provided"; - return String.format("ECDSA with %s keypair(%s data)", key, data); + return super.toString(String.format("ECDSA with %s keypair(%s data)", key, data)); } } @@ -524,7 +546,7 @@ public abstract class Response { @Override public String toString() { - return "Requested JCSystem object deletion"; + return super.toString("Requested JCSystem object deletion"); } } @@ -537,12 +559,12 @@ public abstract class Response { protected Support(ResponseAPDU response, long time) { super(response, time); - parse(3,0); + parse(3, 0); } @Override public String toString() { - return "Support of ECDH, ECDHC, ECDSA"; + return super.toString("Support of ECDH, ECDHC, ECDSA"); } } } diff --git a/src/cz/crcs/ectester/reader/Test.java b/src/cz/crcs/ectester/reader/Test.java new file mode 100644 index 0000000..78efef5 --- /dev/null +++ b/src/cz/crcs/ectester/reader/Test.java @@ -0,0 +1,81 @@ +package cz.crcs.ectester.reader; + +import javax.smartcardio.CardException; +import java.util.function.BiFunction; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public class Test { + private boolean hasRun = false; + private BiFunction callback; + private Result result; + private Result expected; + private Command command; + private Response response; + + public Test(Command command, Result expected) { + this.command = command; + this.expected = expected; + } + + public Test(Command command, Result expected, BiFunction callback) { + this(command, expected); + this.callback = callback; + } + + public Command getCommand() { + return command; + } + + public Response getResponse() { + if (!hasRun) { + return null; + } + return response; + } + + public Result getResult() { + if (!hasRun) { + return null; + } + return result; + } + + public Result getExpected() { + return expected; + } + + public boolean ok() { + return result == expected || expected == Result.ANY; + } + + public void run() throws CardException { + response = command.send(); + if (callback != null) { + result = callback.apply(command, response); + } else { + if (response.successful()) { + result = Result.SUCCESS; + } else { + result = Result.FAILURE; + } + } + hasRun = true; + } + + @Override + public String toString() { + if (hasRun) { + return (ok() ? "OK " : "NOK") + " " + response.toString(); + } else { + return ""; + } + } + + public enum Result { + SUCCESS, + FAILURE, + ANY + } +} diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java new file mode 100644 index 0000000..892e853 --- /dev/null +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -0,0 +1,167 @@ +package cz.crcs.ectester.reader; + +import cz.crcs.ectester.applet.ECTesterApplet; +import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.data.EC_Store; +import cz.crcs.ectester.reader.ec.*; + +import javax.smartcardio.CardException; +import java.io.IOException; +import java.util.Collections; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +/** + * @author Jan Jancar johny@neuromancer.sk + */ +public abstract class TestSuite { + + EC_Store dataStore; + ECTester.Config cfg; + String name; + boolean hasRun; + List tests = new LinkedList<>(); + + public TestSuite(EC_Store dataStore, ECTester.Config cfg, String name) { + this.dataStore = dataStore; + this.cfg = cfg; + this.name = name; + } + + public List run(CardMngr cardManager) throws IOException, CardException { + for (Test t : tests) { + t.run(); + System.out.println(t); + } + hasRun = true; + return tests; + } + + public List getTests() { + return Collections.unmodifiableList(tests); + } + + public boolean hasRun() { + return hasRun; + } + + public String getName() { + return name; + } + + public static class Default extends TestSuite { + + public Default(EC_Store dataStore, ECTester.Config cfg) { + super(dataStore, cfg, "default"); + } + + @Override + public List run(CardMngr cardManager) { + return null; + } + } + + public static class TestVectors extends TestSuite { + public TestVectors(EC_Store dataStore, ECTester.Config cfg) { + super(dataStore, cfg, "test"); + } + + @Override + public List run(CardMngr cardManager) throws IOException, CardException { + + Map results = dataStore.getObjects(EC_KAResult.class, "test"); + for (EC_KAResult result : results.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, result.getCurve()); + if (cfg.namedCurve != null && !(result.getCurve().startsWith(cfg.namedCurve) || result.getCurve().equals(cfg.namedCurve))) { + continue; + } + if (curve.getBits() != cfg.bits && !cfg.all) { + continue; + } + EC_Params onekey = dataStore.getObject(EC_Keypair.class, result.getOneKey()); + if (onekey == null) { + onekey = dataStore.getObject(EC_Key.Private.class, result.getOneKey()); + } + EC_Params otherkey = dataStore.getObject(EC_Keypair.class, result.getOtherKey()); + if (otherkey == null) { + otherkey = dataStore.getObject(EC_Key.Public.class, result.getOtherKey()); + } + if (onekey == null || otherkey == null) { + throw new IOException("Test vector keys couldn't be located."); + } + + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.SUCCESS)); + //tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_BOTH), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_LOCAL, EC_Consts.CURVE_external, EC_Consts.PARAMETER_S, onekey.flatten(EC_Consts.PARAMETER_S)), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, EC_Consts.PARAMETER_W, otherkey.flatten(EC_Consts.PARAMETER_W)), Test.Result.SUCCESS)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_TRUE, EC_Consts.CORRUPTION_NONE, result.getKA()), Test.Result.SUCCESS, (command, response) -> { + Response.ECDH dh = (Response.ECDH) response; + if (!dh.successful() || !dh.hasSecret()) + return Test.Result.FAILURE; + if (!Util.compareBytes(dh.getSecret(), 0, result.getParam(0), 0, dh.secretLength())) { + return Test.Result.FAILURE; + } + return Test.Result.SUCCESS; + })); + tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); + + } + return super.run(cardManager); + } + } + + public static class NonPrime extends TestSuite { + + + public NonPrime(EC_Store dataStore, ECTester.Config cfg) { + super(dataStore, cfg, "nonprime"); + } + + @Override + public List run(CardMngr cardManager) throws IOException, CardException { + Map keys = dataStore.getObjects(EC_Key.class, "nonprime"); + for (EC_Key key : keys.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); + if ((curve.getBits() == cfg.bits || cfg.all)) { + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.ANY)); + tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL), Test.Result.ANY)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten()), Test.Result.ANY)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_ECDH), Test.Result.FAILURE)); + tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); + } + } + return super.run(cardManager); + } + } + + public static class Invalid extends TestSuite { + + public Invalid(EC_Store dataStore, ECTester.Config cfg) { + super(dataStore, cfg, "invalid"); + } + + @Override + public List run(CardMngr cardManager) throws IOException, CardException { + Map pubkeys = dataStore.getObjects(EC_Key.Public.class, "invalid"); + for (EC_Key.Public key : pubkeys.values()) { + EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); + if (cfg.namedCurve != null && !(key.getCurve().startsWith(cfg.namedCurve) || key.getCurve().equals(cfg.namedCurve))) { + continue; + } + if (curve.getBits() != cfg.bits && !cfg.all) { + continue; + } + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL), Test.Result.SUCCESS)); + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten()), Test.Result.ANY)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH), Test.Result.FAILURE)); + tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); + } + return super.run(cardManager); + } + } +} diff --git a/src/cz/crcs/ectester/reader/Util.java b/src/cz/crcs/ectester/reader/Util.java index 41a7821..3a6a8ae 100644 --- a/src/cz/crcs/ectester/reader/Util.java +++ b/src/cz/crcs/ectester/reader/Util.java @@ -22,6 +22,25 @@ public class Util { array[offset] = (byte) ((value >> 8) & 0xFF); } + public static boolean compareBytes(byte[] one, int oneOffset, byte[] other, int otherOffset, int length) { + for (int i = 0; i < length; ++i) { + byte a = one[i + oneOffset]; + byte b = other[i + otherOffset]; + if (a != b) { + return false; + } + } + return true; + } + + public static boolean allValue(byte[] array, byte value) { + for (byte a : array) { + if (a != value) + return false; + } + return true; + } + public static byte[] hexToBytes(String hex) { return hexToBytes(hex, true); } @@ -103,6 +122,47 @@ public class Util { return out; } + public static String getSWSource(short sw) { + switch (sw) { + case ISO7816.SW_NO_ERROR: + case ISO7816.SW_APPLET_SELECT_FAILED: + case ISO7816.SW_BYTES_REMAINING_00: + case ISO7816.SW_CLA_NOT_SUPPORTED: + case ISO7816.SW_COMMAND_NOT_ALLOWED: + case ISO7816.SW_CONDITIONS_NOT_SATISFIED: + case ISO7816.SW_CORRECT_LENGTH_00: + case ISO7816.SW_DATA_INVALID: + case ISO7816.SW_FILE_FULL: + case ISO7816.SW_FILE_INVALID: + case ISO7816.SW_FILE_NOT_FOUND: + case ISO7816.SW_FUNC_NOT_SUPPORTED: + case ISO7816.SW_INCORRECT_P1P2: + case ISO7816.SW_INS_NOT_SUPPORTED: + case ISO7816.SW_LOGICAL_CHANNEL_NOT_SUPPORTED: + case ISO7816.SW_RECORD_NOT_FOUND: + case ISO7816.SW_SECURE_MESSAGING_NOT_SUPPORTED: + case ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED: + case ISO7816.SW_UNKNOWN: + case ISO7816.SW_WARNING_STATE_UNCHANGED: + case ISO7816.SW_WRONG_DATA: + case ISO7816.SW_WRONG_LENGTH: + case ISO7816.SW_WRONG_P1P2: + return "ISO"; + case CryptoException.ILLEGAL_VALUE: + case CryptoException.UNINITIALIZED_KEY: + case CryptoException.NO_SUCH_ALGORITHM: + case CryptoException.INVALID_INIT: + case CryptoException.ILLEGAL_USE: + return "CryptoException"; + case ECTesterApplet.SW_SIG_VERIFY_FAIL: + case ECTesterApplet.SW_DH_DHC_MISMATCH: + case ECTesterApplet.SW_KEYPAIR_NULL: + return "ECTesterApplet"; + default: + return "?"; + } + } + public static String getSWString(short sw) { if (sw == ISO7816.SW_NO_ERROR) { return "OK\t(0x9000)"; @@ -193,6 +253,12 @@ public class Util { case ECTesterApplet.SW_SIG_VERIFY_FAIL: str = "SIG_VERIFY_FAIL"; break; + case ECTesterApplet.SW_DH_DHC_MISMATCH: + str = "DH_DHC_MISMATCH"; + break; + case ECTesterApplet.SW_KEYPAIR_NULL: + str = "KEYPAIR_NULL"; + break; default: str = "unknown"; break; @@ -229,9 +295,23 @@ public class Util { corrupt = "INFINITY"; break; default: - corrupt = "UNKNOWN"; + corrupt = "unknown"; break; } return corrupt; } + + public static String getKA(byte ka) { + String algo = ""; + if ((ka & EC_Consts.KA_ECDH) != 0) { + algo += "ECDH"; + } + if (ka == EC_Consts.KA_BOTH) { + algo += "+"; + } + if ((ka & EC_Consts.KA_ECDHC) != 0) { + algo += "ECDHC"; + } + return algo; + } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java index 9b783ec..7d056a5 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -7,25 +7,27 @@ import javacard.security.KeyPair; * @author Jan Jancar johny@neuromancer.sk */ public class EC_Curve extends EC_Params { - private short bits; private byte field; private String desc; /** - * * @param bits * @param field KeyPair.ALG_EC_FP or KeyPair.ALG_EC_F2M */ public EC_Curve(short bits, byte field) { super(field == KeyPair.ALG_EC_FP ? EC_Consts.PARAMETERS_DOMAIN_FP : EC_Consts.PARAMETERS_DOMAIN_F2M); this.bits = bits; - this.field = field; } - public EC_Curve(short bits, byte field, String desc) { + public EC_Curve(String id, short bits, byte field) { this(bits, field); + this.id = id; + } + + public EC_Curve(String id, short bits, byte field, String desc) { + this(id, bits, field); this.desc = desc; } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index c55b99d..49b5316 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -13,11 +13,12 @@ import java.util.regex.Pattern; * @author Jan Jancar johny@neuromancer.sk */ public class EC_Data { - private static final Pattern hex = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); - + String id; int count; byte[][] data; + private static final Pattern HEX = Pattern.compile("(0x|0X)?[a-fA-F\\d]+"); + EC_Data() { } @@ -31,6 +32,20 @@ public class EC_Data { this.data = data; } + EC_Data(String id, int count) { + this(count); + this.id = id; + } + + EC_Data(String id, byte[][] data) { + this(data); + this.id = id; + } + + public String getId() { + return id; + } + public int getCount() { return count; } @@ -117,16 +132,29 @@ public class EC_Data { return false; } for (String param : data) { - if (!hex.matcher(param).matches()) { + if (!HEX.matcher(param).matches()) { return false; } } return readHex(data.toArray(new String[data.size()])); } - public boolean readBytes(byte[] data) { - //TODO - return false; + public boolean readBytes(byte[] bytes) { + int offset = 0; + for (int i = 0; i < count; i++) { + if (bytes.length - offset < 2) { + return false; + } + short paramLength = Util.getShort(bytes, offset); + offset += 2; + if (bytes.length < offset + paramLength) { + return false; + } + data[i] = new byte[paramLength]; + System.arraycopy(bytes, offset, data[i], 0, paramLength); + offset += paramLength; + } + return true; } public void writeCSV(OutputStream out) throws IOException { diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java index 1385f12..9e92fd9 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -1,6 +1,6 @@ package cz.crcs.ectester.reader.ec; -import cz.crcs.ectester.applet.EC_Consts; +import cz.crcs.ectester.reader.Util; /** * @author Jan Jancar johny@neuromancer.sk @@ -22,8 +22,13 @@ public class EC_KAResult extends EC_Data { this.otherKey = otherKey; } - public EC_KAResult(byte ka, String curve, String oneKey, String otherKey, String desc) { + public EC_KAResult(String id, byte ka, String curve, String oneKey, String otherKey) { this(ka, curve, oneKey, otherKey); + this.id = id; + } + + public EC_KAResult(String id, byte ka, String curve, String oneKey, String otherKey, String desc) { + this(id, ka, curve, oneKey, otherKey); this.desc = desc; } @@ -49,8 +54,8 @@ public class EC_KAResult extends EC_Data { @Override public String toString() { - String agreement = ka == EC_Consts.KA_ECDH ? "ECDH" : "ECDHC"; - return agreement + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); + String algo = Util.getKA(ka); + return algo + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Key.java b/src/cz/crcs/ectester/reader/ec/EC_Key.java index ad846b8..85fd652 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Key.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Key.java @@ -20,6 +20,16 @@ public class EC_Key extends EC_Params { this.desc = desc; } + private EC_Key(String id, short mask, String curve) { + this(mask, curve); + this.id = id; + } + + private EC_Key(String id, short mask, String curve, String desc) { + this(mask, curve, desc); + this.id = id; + } + public String getCurve() { return curve; } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java index bf87e9e..4da7218 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java @@ -6,7 +6,6 @@ import cz.crcs.ectester.applet.EC_Consts; * @author Jan Jancar johny@neuromancer.sk */ public class EC_Keypair extends EC_Params { - private String curve; private String desc; diff --git a/src/cz/crcs/ectester/reader/ec/EC_Params.java b/src/cz/crcs/ectester/reader/ec/EC_Params.java index 00747b1..cee9c16 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Params.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Params.java @@ -4,6 +4,7 @@ import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.reader.Util; import java.io.ByteArrayOutputStream; +import java.io.InputStream; import java.util.ArrayList; import java.util.List; @@ -25,6 +26,16 @@ public class EC_Params extends EC_Data { this.data = data; } + public EC_Params(String id, short params) { + this(params); + this.id = id; + } + + public EC_Params(String id, short params, byte[][] data) { + this(params, data); + this.id = id; + } + public short getParams() { return params; } @@ -67,8 +78,14 @@ public class EC_Params extends EC_Data { byte[] param = data[i]; if (masked == EC_Consts.PARAMETER_F2M) { //add m, e_1, e_2, e_3 - param = Util.concatenate(param, data[i + 1], data[i + 2], data[i + 3]); - if (param.length != 8) + param = Util.concatenate(param, data[i + 1]); + if (!Util.allValue(data[i + 2], (byte) 0)) { + param = Util.concatenate(param, data[i + 2]); + } + if (!Util.allValue(data[i + 3], (byte) 0)) { + param = Util.concatenate(param, data[i + 3]); + } + if (!(param.length == 4 || param.length == 8)) throw new RuntimeException("PARAMETER_F2M length is not 8.(should be)"); } if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { @@ -112,9 +129,6 @@ public class EC_Params extends EC_Data { if (masked == EC_Consts.PARAMETER_F2M) { //split into m, e1, e2, e3 - if (param.length != 8) { - throw new RuntimeException("PARAMETER_F2M length is not 8.(should be)"); - } for (int i = 0; i < 4; ++i) { out.add(String.format("%04x", Util.getShort(param, i * 2))); } @@ -136,4 +150,8 @@ public class EC_Params extends EC_Data { return out.toArray(new String[out.size()]); } + @Override + public String toString() { + return String.join(",", expand()); + } } -- cgit v1.2.3-70-g09d2 From 5e46fb3406b99b9d7f1e1be000a3e87abca6ad8a Mon Sep 17 00:00:00 2001 From: J08nY Date: Wed, 19 Apr 2017 20:01:53 +0200 Subject: Add id to EC_Params subclasses toString, fix EC_Params.expand --- src/cz/crcs/ectester/reader/ec/EC_Curve.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Data.java | 13 ++++++------- src/cz/crcs/ectester/reader/ec/EC_KAResult.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Key.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Keypair.java | 2 +- src/cz/crcs/ectester/reader/ec/EC_Params.java | 24 +++++++----------------- 6 files changed, 17 insertions(+), 28 deletions(-) (limited to 'src/cz/crcs/ectester/reader/ec/EC_Data.java') diff --git a/src/cz/crcs/ectester/reader/ec/EC_Curve.java b/src/cz/crcs/ectester/reader/ec/EC_Curve.java index 7d056a5..45080fb 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Curve.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Curve.java @@ -45,6 +45,6 @@ public class EC_Curve extends EC_Params { @Override public String toString() { - return "Elliptic curve (" + String.valueOf(bits) + "b)" + (desc == null ? "" : ": " + desc); + return "<" + getId() + "> " + (field == KeyPair.ALG_EC_FP ? "Prime" : "Binary") + " field Elliptic curve (" + String.valueOf(bits) + "b)" + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index 49b5316..5197665 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -158,14 +158,13 @@ public class EC_Data { } public void writeCSV(OutputStream out) throws IOException { - String[] hex = expand(); Writer w = new OutputStreamWriter(out); - for (int i = 0; i < hex.length; ++i) { - w.write(hex[i]); - if (i < hex.length - 1) { - w.write(","); - } - } + w.write(String.join(",", expand())); w.flush(); } + + @Override + public String toString() { + return String.join(",", expand()); + } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java index 9e92fd9..28115f7 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_KAResult.java +++ b/src/cz/crcs/ectester/reader/ec/EC_KAResult.java @@ -55,7 +55,7 @@ public class EC_KAResult extends EC_Data { @Override public String toString() { String algo = Util.getKA(ka); - return algo + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); + return "<" + getId() + "> " + algo + " result over " + curve + ", " + oneKey + " + " + otherKey + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Key.java b/src/cz/crcs/ectester/reader/ec/EC_Key.java index 85fd652..cecd228 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Key.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Key.java @@ -66,7 +66,7 @@ public class EC_Key extends EC_Params { @Override public String toString() { - return "EC Private key, over " + getCurve() + (getDesc() == null ? "" : ": " + getDesc()); + return "<" + getId() + "> EC Private key, over " + getCurve() + (getDesc() == null ? "" : ": " + getDesc()); } } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java index 4da7218..924906e 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Keypair.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Keypair.java @@ -29,6 +29,6 @@ public class EC_Keypair extends EC_Params { @Override public String toString() { - return "EC Keypair, over " + curve + (desc == null ? "" : ": " + desc); + return "<" + getId() + "> EC Keypair, over " + curve + (desc == null ? "" : ": " + desc); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Params.java b/src/cz/crcs/ectester/reader/ec/EC_Params.java index cee9c16..7192b61 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Params.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Params.java @@ -126,32 +126,22 @@ public class EC_Params extends EC_Data { short masked = (short) (params & paramMask); if (masked != 0) { byte[] param = data[index]; - if (masked == EC_Consts.PARAMETER_F2M) { - //split into m, e1, e2, e3 for (int i = 0; i < 4; ++i) { - out.add(String.format("%04x", Util.getShort(param, i * 2))); + out.add(Util.bytesToHex(data[index + i], false)); } - + index += 4; } else if (masked == EC_Consts.PARAMETER_G || masked == EC_Consts.PARAMETER_W) { - //split from X962 format into X and Y - //disregard the first 04 and then split into half(uncompress) - int half = (param.length - 1) / 2; - out.add(Util.bytesToHex(param, 1, half, false)); - out.add(Util.bytesToHex(param, half + 1, half, false)); + out.add(Util.bytesToHex(param, false)); + out.add(Util.bytesToHex(data[index + 1], false)); + index += 2; } else { - //read raw - out.add(Util.bytesToHex(data[index], false)); + out.add(Util.bytesToHex(param, false)); + index++; } - index++; } paramMask = (short) (paramMask << 1); } return out.toArray(new String[out.size()]); } - - @Override - public String toString() { - return String.join(",", expand()); - } } -- cgit v1.2.3-70-g09d2 From cc4e981402369ce14150d3949e0b02905865c37f Mon Sep 17 00:00:00 2001 From: J08nY Date: Mon, 1 May 2017 22:30:34 +0200 Subject: Reworked invalid curve testing, added generated anomalous curves --- !uploader/ectester.cap | Bin 14586 -> 14675 bytes FORMAT.md | 7 ++- TESTS.md | 4 +- dist/ECTester.jar | Bin 323844 -> 343742 bytes src/cz/crcs/ectester/applet/EC_Consts.java | 8 +-- src/cz/crcs/ectester/data/EC_Store.java | 16 ++---- .../crcs/ectester/data/anomalous/anomalous112.csv | 1 + .../crcs/ectester/data/anomalous/anomalous128.csv | 1 + .../crcs/ectester/data/anomalous/anomalous160.csv | 1 + .../crcs/ectester/data/anomalous/anomalous192.csv | 1 + .../crcs/ectester/data/anomalous/anomalous224.csv | 1 + .../crcs/ectester/data/anomalous/anomalous256.csv | 1 + .../crcs/ectester/data/anomalous/anomalous320.csv | 1 + .../crcs/ectester/data/anomalous/anomalous384.csv | 1 + .../crcs/ectester/data/anomalous/anomalous512.csv | 1 + .../crcs/ectester/data/anomalous/anomalous521.csv | 1 + src/cz/crcs/ectester/data/anomalous/curves.xml | 60 +++++++++++++++++++++ .../crcs/ectester/data/invalid/brainpool/keys.xml | 2 +- src/cz/crcs/ectester/data/invalid/nist/keys.xml | 6 --- src/cz/crcs/ectester/data/invalid/secg/keys.xml | 7 +-- src/cz/crcs/ectester/reader/TestSuite.java | 21 +++++--- src/cz/crcs/ectester/reader/ec/EC_Category.java | 12 +++++ src/cz/crcs/ectester/reader/ec/EC_Data.java | 36 +++++++++++-- src/cz/crcs/ectester/reader/ec/EC_Params.java | 1 - 24 files changed, 141 insertions(+), 49 deletions(-) create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous112.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous128.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous160.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous192.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous224.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous256.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous320.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous384.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous512.csv create mode 100644 src/cz/crcs/ectester/data/anomalous/anomalous521.csv (limited to 'src/cz/crcs/ectester/reader/ec/EC_Data.java') diff --git a/!uploader/ectester.cap b/!uploader/ectester.cap index ea66c8f..0d50b57 100644 Binary files a/!uploader/ectester.cap and b/!uploader/ectester.cap differ diff --git a/FORMAT.md b/FORMAT.md index a753c75..b68db39 100644 --- a/FORMAT.md +++ b/FORMAT.md @@ -5,7 +5,6 @@ CSV based, little-endian hexadecimal values. ### Prime field `p,a,b,gx,gy,n,h` - ### Binary field `m,e1,e2,e3,a,b,gx,gy,n,h` @@ -22,9 +21,9 @@ CSV based, little-endian hexadecimal values. # Notation - `p` - prime F_p - `m` - binary field exponent F_2^m - - e1 - largest exponent of the field polynomial - - e2 - middle exponenet of the field polynomial, or `0000` if field poly is a trinomial - - e3 - smallest exponent (except zero) of the field polynomial, or `0000` if field poly is a trinomial + - `e1` - largest exponent of the field polynomial + - `e2` - middle exponenet of the field polynomial, or `0000` if field poly is a trinomial + - `e3` - smallest exponent (except zero) of the field polynomial, or `0000` if field poly is a trinomial - `a` - a parameter in short Weierstrass curve equation - `b` - b parameter in short Weierstrass curve equation - `gx` - x coordinate of the curve base-point g diff --git a/TESTS.md b/TESTS.md index 710a04b..1e4f5ca 100644 --- a/TESTS.md +++ b/TESTS.md @@ -77,6 +77,4 @@ For example: ```bash java -jar ECTester.jar -t invalid -nc nist -a -fp ``` -tests using all(`-a`), prime-field(`-fp`) NIST curves and pregenerated *invalid* public keys for these curves. - -**TODO: CURRENTLY NOT IMPLEMENTED** \ No newline at end of file +tests using all(`-a`), prime-field(`-fp`) NIST curves and pregenerated *invalid* public keys for these curves. \ No newline at end of file diff --git a/dist/ECTester.jar b/dist/ECTester.jar index adfa6d4..d764a7b 100644 Binary files a/dist/ECTester.jar and b/dist/ECTester.jar differ diff --git a/src/cz/crcs/ectester/applet/EC_Consts.java b/src/cz/crcs/ectester/applet/EC_Consts.java index f749af5..d970542 100644 --- a/src/cz/crcs/ectester/applet/EC_Consts.java +++ b/src/cz/crcs/ectester/applet/EC_Consts.java @@ -1249,7 +1249,7 @@ public class EC_Consts { while (corruptionMask <= CORRUPTION_COMPRESS) { short corruptionPart = (short) (corruptionMask & corruption); switch (corruptionPart) { - case 0: + case (short) 0: break; case CORRUPTION_FIXED: if (length >= 1) { @@ -1301,14 +1301,14 @@ public class EC_Consts { length = 1; break; case CORRUPTION_COMPRESS: - if (length % 2 != 1) { + + if ((short) (length % 2) != 1) { // an uncompressed point should have odd length (since 1 byte type, + 2 * coords) ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); } - short half = (short) ((length - 1) / 2); + short half = (short) ((short)(length - 1) / 2); byte yLSB = buffer[(short) (offset + length)]; byte yBit = (byte) (yLSB & 0x01); - if (yBit == 1) { buffer[offset] = 3; } else { diff --git a/src/cz/crcs/ectester/data/EC_Store.java b/src/cz/crcs/ectester/data/EC_Store.java index 906eb8d..94eb011 100644 --- a/src/cz/crcs/ectester/data/EC_Store.java +++ b/src/cz/crcs/ectester/data/EC_Store.java @@ -178,21 +178,11 @@ public class EC_Store { if (direct instanceof Element) { Element elem = (Element) direct; - NodeList childs = elem.getChildNodes(); - String id = null; - for (int j = 0; j < childs.getLength(); ++j) { - Node child = childs.item(j); - if (child instanceof Element) { - Element childElem = (Element) child; - if (childElem.getTagName().equals("id")) { - id = childElem.getTextContent(); - break; - } - } - } - if (id == null) { + NodeList ids = elem.getElementsByTagName("id"); + if (ids.getLength() != 1) { throw new SAXException("key no id?"); } + String id = ids.item(0).getTextContent(); EC_Params result = parseKeylike(dir, elem); diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous112.csv b/src/cz/crcs/ectester/data/anomalous/anomalous112.csv new file mode 100644 index 0000000..6711b71 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous112.csv @@ -0,0 +1 @@ +0xa2d803b165bdb58f5282cd95ae0f,0x5de65e36c0ec85d5908cdce4c978,0x71801c406b1541de2f9e96b0dc55,0x8073044c904d588dde72e51009c8,0x9dda8938ea7144df116677ae5d93,0xa2d803b165bdb58f5282cd95ae0f,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous128.csv b/src/cz/crcs/ectester/data/anomalous/anomalous128.csv new file mode 100644 index 0000000..2dcf172 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous128.csv @@ -0,0 +1 @@ +0xe617383c9d207ab3a6ea5e83ab21b241,0x6ff1fa365aafec734e23d52b50edd6ba,0x1813525c76d5183ce9053236ab4d5699,0x27b56a1b55ed41fd2d25b8e7680c65fb,0xcd4b59a0a7814bf14ea6deb5d40d5c9,0xe617383c9d207ab3a6ea5e83ab21b241,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous160.csv b/src/cz/crcs/ectester/data/anomalous/anomalous160.csv new file mode 100644 index 0000000..bc50f6d --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous160.csv @@ -0,0 +1 @@ +0xc1980258d215dfa641705a68dec6398f69cfb7dd,0x539387a1d2901a0d0aa82e18d31e6b6e45c725c2,0x908c9541398e59bcb0679dcfc1d5e3165a4228e6,0x781ad9264fab66e82a9661efe5cfb7ae963ee2bb,0x8dc2f7237e152c3287658738986d1cce2397e8a6,0xc1980258d215dfa641705a68dec6398f69cfb7dd,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous192.csv b/src/cz/crcs/ectester/data/anomalous/anomalous192.csv new file mode 100644 index 0000000..35a5c07 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous192.csv @@ -0,0 +1 @@ +0x856728e701179222ea33faa5c3634dc2220f7f8a9a6f1215,0x35db21b91c3044ca550379891307606e9d6b81928a9f09eb,0x80839b7e6774fa9964008017048de3cbaa966a501cb1a5f1,0x78a3df2e57554cd64ac3723d0329c9582a80aac3316ea732,0x7150cc7660022e4b9f4460bc5afbbfa9a11eeb7a40ae5ae6,0x856728e701179222ea33faa5c3634dc2220f7f8a9a6f1215,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous224.csv b/src/cz/crcs/ectester/data/anomalous/anomalous224.csv new file mode 100644 index 0000000..bf24496 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous224.csv @@ -0,0 +1 @@ +0xed0377332aa665c2d0eaf466a536ddd7d478e66f573eeb8b0973b7a3,0x7fe9c52bb4892ac826d50355f24b6bfb0f4165d2f1dd550e231fa5fb,0xa0b20244694978a19e1910718b57b990542b5fb95c33be692f80e276,0x8225e0f325d74d4b4a729749ef24a0a3edd9c53c7e0bc3cb2cc87466,0x6dfacd713b83267a78a9c2bb0596cc12ddbe0bdfe4008daa277a95b3,0xed0377332aa665c2d0eaf466a536ddd7d478e66f573eeb8b0973b7a3,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous256.csv b/src/cz/crcs/ectester/data/anomalous/anomalous256.csv new file mode 100644 index 0000000..24d7454 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous256.csv @@ -0,0 +1 @@ +0x8a17b15dd963f53ed8253cb6dd2644819db58d1b1a70a8cf14a6f7ad5c61b7a9,0x7a6c106d27dea9b6c826b5aa585f3ed2dd17b23c8287f0a8de0364baba01b7d7,0x2d42716d40e73c4fe01de111ad155a84350613d8580379b764d207a87242a884,0x3489a3d1ba3181626a6f52badafe4ed68c07efa6ebcff001d78e5c770c3189ba,0x883a994b4dfea1a1fc2b7bffa46a3336e64d5e19bc81e5991bc2a821a2aaf9b1,0x8a17b15dd963f53ed8253cb6dd2644819db58d1b1a70a8cf14a6f7ad5c61b7a9,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous320.csv b/src/cz/crcs/ectester/data/anomalous/anomalous320.csv new file mode 100644 index 0000000..96e98e5 --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous320.csv @@ -0,0 +1 @@ +0xac418bcddf4be30b913032dab704fe4b24cf2fec47b36a0463ab5f7e1ab9985e38f4551408f82439,0x9e7dba38d327f78e918193af78700ebab0deecfbd884995dbbbed047ecab7c55c7d3d5fbb6fafd38,0x5eb3a1f211d52c0eb92e47bd151e05d471da8eb18a1ebe0cd4d6e99c50237c56230f69d517188e0b,0x88fb80cc5aa7dc8dfdd8f275d1c5ef9fe0680e3d5cabd08ac22407e3935ac0a15ecfe6690ee37783,0x44810f747b41aedc20a2d022d35a29391522c3843cb36bf73840b56ccca93626a336ab81f613010,0xac418bcddf4be30b913032dab704fe4b24cf2fec47b36a0463ab5f7e1ab9985e38f4551408f82439,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous384.csv b/src/cz/crcs/ectester/data/anomalous/anomalous384.csv new file mode 100644 index 0000000..6034b4a --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous384.csv @@ -0,0 +1 @@ +0xfddbf8939f25d39bb926c45a1d3eb5b45ef9af276821fbefbee51174464cdd8b90181d7a111275cf394dd6015589d827,0x7c80b4961ae672c74b5db842293ad567bed30efd6f693143f9bb3d3e1e7587e5b379c36188d3e19c8336a3025f66deb7,0x7aa96bf076ddf659bdcf4c0f2eea1ed80017ead209cc21931e6156171dd8b423edeeab77cc01b30c979993756d398ebd,0xfcf723a7b33621ab6af8e42cf3e5dc7b3143f1df037e82708acfad0fc953f797f31d38e2c651781f5f70aeb0b8abd165,0x259d66287d38573dcc4fa3260e1c0fe6d93c1ed739f91deae1a89d14109f027dd972cba62406f7fca1d0082634f08b2c,0xfddbf8939f25d39bb926c45a1d3eb5b45ef9af276821fbefbee51174464cdd8b90181d7a111275cf394dd6015589d827,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous512.csv b/src/cz/crcs/ectester/data/anomalous/anomalous512.csv new file mode 100644 index 0000000..ed7ee5b --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous512.csv @@ -0,0 +1 @@ +0x83503ecb98832514b71d0e9fcfea296a3a8ad4f58661c1d997823213343b1ffb7533cb0d589485fd45527d7af1f3896ee0efc67d008b24d5e6fae51edca998f1,0x3ee9f2b4493b7572e5becbe781655ef6a462d20051cc526d5ae89b45a145eb2b31006ac9cc62fd549d370eccd1cbb4945afada0a258cf6c0505814cbbdf4c1dd,0x7fb55135325e108e20914f6558af59dbe328a04629c576efc86184fdb48402a2968f2eb2d9fa6bc6e19f0ca41fb99984f1278197b3c901c20d9f3fa0a5242952,0x52cd825e32cbc4da7f927b5f7a36f15c4d7b42cb03d426654f8f3526711336f1d18dbe4c8ca8843539d3f416de4039c9fe030d30cba1b292fec155dedf8e5c5b,0x39258758239cde1ff6cf41d2b219585ed533c4a042c7714c2d14247e853668839979e60f82255c0657356912a4113e148efbaec32ecb2b4f489f637d88b868da,0x83503ecb98832514b71d0e9fcfea296a3a8ad4f58661c1d997823213343b1ffb7533cb0d589485fd45527d7af1f3896ee0efc67d008b24d5e6fae51edca998f1,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/anomalous521.csv b/src/cz/crcs/ectester/data/anomalous/anomalous521.csv new file mode 100644 index 0000000..e0d935e --- /dev/null +++ b/src/cz/crcs/ectester/data/anomalous/anomalous521.csv @@ -0,0 +1 @@ +0x1dcf4a3c1f9ac39550c7eb7bfb1dd6c345658a277d888d9b23273aac2914cde52ee7e8f424767d62fd266d46491d805564f32919b265d784941d61eefa43da0501f,0x14fb5e18b58eaa6e879edb5542e5c1e1140a0cb1df41c49b5d4be6b7abdaf2afd7a22b8bc95711dd9196968677a1edf9a99e60db654ad62755904ee34b592db2838,0x1c543ff6f595aaf4651f0315c95b1f433b9aa3b5be69f300d4a7f4441bb3331781fbc9527b62fe60d4eb7aaedb2cd50ea4a8ad70ab2935bf8e129cf6ffc30ec027c,0x11fd1c6612169a69250632396ec192b97490c6af601f2d0b2ffad81a2a8772c8f8c0ac6cf273335aed6852fda2a3fb0b32a366ad19662513751412d9d2e168c144d,0x11c894ae2c3647cae6ca89b7c090bf19a52781bddbebb2a21b4123cf16445f7bca20aa1fac5a0228c37e8b89c974c5a659810d29afa96f48cdca6ba77baa88fbac,0x1dcf4a3c1f9ac39550c7eb7bfb1dd6c345658a277d888d9b23273aac2914cde52ee7e8f424767d62fd266d46491d805564f32919b265d784941d61eefa43da0501f,0x1 \ No newline at end of file diff --git a/src/cz/crcs/ectester/data/anomalous/curves.xml b/src/cz/crcs/ectester/data/anomalous/curves.xml index b0b9b02..5486f35 100644 --- a/src/cz/crcs/ectester/data/anomalous/curves.xml +++ b/src/cz/crcs/ectester/data/anomalous/curves.xml @@ -29,4 +29,64 @@ miyaji128b2.csv Second curve in the "Proposed scheme B" section of Atsuko Miyaji's paper. + + anomalous112 + 112 + prime + anomalous112.csv + + + anomalous128 + 128 + prime + anomalous128.csv + + + anomalous160 + 160 + prime + anomalous160.csv + + + anomalous192 + 192 + prime + anomalous192.csv + + + anomalous224 + 224 + prime + anomalous224.csv + + + anomalous256 + 256 + prime + anomalous256.csv + + + anomalous320 + 320 + prime + anomalous320.csv + + + anomalous384 + 384 + prime + anomalous384.csv + + + anomalous512 + 512 + prime + anomalous512.csv + + + anomalous521 + 521 + prime + anomalous521.csv + diff --git a/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml b/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml index 985fab6..3823658 100644 --- a/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml +++ b/src/cz/crcs/ectester/data/invalid/brainpool/keys.xml @@ -1,7 +1,7 @@ 160r1-1 - 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0 + 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0000000000000000000000000000000000000000 brainpool/brainpoolP160r1 invalid order = 2 diff --git a/src/cz/crcs/ectester/data/invalid/nist/keys.xml b/src/cz/crcs/ectester/data/invalid/nist/keys.xml index 5427845..e69de29 100644 --- a/src/cz/crcs/ectester/data/invalid/nist/keys.xml +++ b/src/cz/crcs/ectester/data/invalid/nist/keys.xml @@ -1,6 +0,0 @@ - - 160r1-1 - 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0 - brainpool/brainpoolP160r1 - order = 2 - diff --git a/src/cz/crcs/ectester/data/invalid/secg/keys.xml b/src/cz/crcs/ectester/data/invalid/secg/keys.xml index 5427845..8b13789 100644 --- a/src/cz/crcs/ectester/data/invalid/secg/keys.xml +++ b/src/cz/crcs/ectester/data/invalid/secg/keys.xml @@ -1,6 +1 @@ - - 160r1-1 - 0xc4d7ddb433381eeb0c62b502b4059e616caf6fcf,0x0 - brainpool/brainpoolP160r1 - order = 2 - + diff --git a/src/cz/crcs/ectester/reader/TestSuite.java b/src/cz/crcs/ectester/reader/TestSuite.java index c2ccb54..e4d7dd6 100644 --- a/src/cz/crcs/ectester/reader/TestSuite.java +++ b/src/cz/crcs/ectester/reader/TestSuite.java @@ -8,10 +8,7 @@ import javacard.security.KeyPair; import javax.smartcardio.CardException; import java.io.IOException; -import java.util.Collections; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; +import java.util.*; /** * @author Jan Jancar johny@neuromancer.sk @@ -250,6 +247,7 @@ public abstract class TestSuite { * Try ECDH with invalid public keys of increasing (or decreasing) order. */ Map pubkeys = dataStore.getObjects(EC_Key.Public.class, "invalid"); + Map> curves = new HashMap<>(); for (EC_Key.Public key : pubkeys.values()) { EC_Curve curve = dataStore.getObject(EC_Curve.class, key.getCurve()); if (cfg.namedCurve != null && !(key.getCurve().startsWith(cfg.namedCurve) || key.getCurve().equals(cfg.namedCurve))) { @@ -258,13 +256,24 @@ public abstract class TestSuite { if (curve.getBits() != cfg.bits && !cfg.all) { continue; } + List keys = curves.getOrDefault(curve, new LinkedList<>()); + keys.add(key); + curves.putIfAbsent(curve, keys); + } + for (Map.Entry> e : curves.entrySet()) { + EC_Curve curve = e.getKey(); + List keys = e.getValue(); + tests.add(new Test(new Command.Allocate(cardManager, ECTesterApplet.KEYPAIR_BOTH, curve.getBits(), curve.getField()), Test.Result.SUCCESS)); tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_BOTH, EC_Consts.CURVE_external, curve.getParams(), curve.flatten()), Test.Result.SUCCESS)); tests.add(new Test(new Command.Generate(cardManager, ECTesterApplet.KEYPAIR_LOCAL), Test.Result.SUCCESS)); - tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, key.getParams(), key.flatten()), Test.Result.ANY)); - tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH), Test.Result.FAILURE)); + for (EC_Key.Public pub : keys) { + tests.add(new Test(new Command.Set(cardManager, ECTesterApplet.KEYPAIR_REMOTE, EC_Consts.CURVE_external, pub.getParams(), pub.flatten()), Test.Result.ANY)); + tests.add(new Test(new Command.ECDH(cardManager, ECTesterApplet.KEYPAIR_REMOTE, ECTesterApplet.KEYPAIR_LOCAL, ECTesterApplet.EXPORT_FALSE, EC_Consts.CORRUPTION_NONE, EC_Consts.KA_BOTH), Test.Result.FAILURE)); + } tests.add(new Test(new Command.Cleanup(cardManager), Test.Result.ANY)); } + return super.run(cardManager); } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Category.java b/src/cz/crcs/ectester/reader/ec/EC_Category.java index a0c8755..97dd1b4 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Category.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Category.java @@ -2,6 +2,7 @@ package cz.crcs.ectester.reader.ec; import java.util.Collections; import java.util.Map; +import java.util.Objects; import java.util.TreeMap; /** @@ -125,4 +126,15 @@ public class EC_Category { } return out.toString(); } + + @Override + public boolean equals(Object obj) { + return obj instanceof EC_Category && Objects.equals(this.name, ((EC_Category) obj).name); + } + + @Override + public int hashCode() { + return this.name.hashCode() ^ this.directory.hashCode(); + } + } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Data.java b/src/cz/crcs/ectester/reader/ec/EC_Data.java index 5197665..9dcbbe0 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Data.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Data.java @@ -3,16 +3,13 @@ package cz.crcs.ectester.reader.ec; import cz.crcs.ectester.reader.Util; import java.io.*; -import java.util.ArrayList; -import java.util.LinkedList; -import java.util.List; -import java.util.Scanner; +import java.util.*; import java.util.regex.Pattern; /** * @author Jan Jancar johny@neuromancer.sk */ -public class EC_Data { +public abstract class EC_Data { String id; int count; byte[][] data; @@ -167,4 +164,33 @@ public class EC_Data { public String toString() { return String.join(",", expand()); } + + @Override + public boolean equals(Object obj) { + if (obj instanceof EC_Data) { + EC_Data other = (EC_Data) obj; + if (this.id != null || other.id != null) { + return Objects.equals(this.id, other.id); + } + + if (this.count != other.count) + return false; + for (int i = 0; i < this.count; ++i) { + if (!Arrays.equals(this.data[i], other.data[i])) { + return false; + } + } + return true; + } else { + return false; + } + } + + @Override + public int hashCode() { + if (this.id != null) { + return this.id.hashCode(); + } + return Arrays.deepHashCode(this.data); + } } diff --git a/src/cz/crcs/ectester/reader/ec/EC_Params.java b/src/cz/crcs/ectester/reader/ec/EC_Params.java index 7192b61..ea2e633 100644 --- a/src/cz/crcs/ectester/reader/ec/EC_Params.java +++ b/src/cz/crcs/ectester/reader/ec/EC_Params.java @@ -4,7 +4,6 @@ import cz.crcs.ectester.applet.EC_Consts; import cz.crcs.ectester.reader.Util; import java.io.ByteArrayOutputStream; -import java.io.InputStream; import java.util.ArrayList; import java.util.List; -- cgit v1.2.3-70-g09d2