mirror of
https://code.briarproject.org/briar/briar.git
synced 2026-02-11 18:29:05 +01:00
Upgrade Bouncy Castle to 1.69, drop Montgomery ladder tests.
This commit is contained in:
akwizgran
@@ -10,7 +10,7 @@ apply from: '../dagger.gradle'
|
||||
|
||||
dependencies {
|
||||
implementation project(path: ':bramble-api', configuration: 'default')
|
||||
implementation 'org.bouncycastle:bcprov-jdk15on:1.58'
|
||||
implementation 'org.bouncycastle:bcprov-jdk15on:1.69'
|
||||
implementation 'com.h2database:h2:1.4.192' // The last version that supports Java 1.6
|
||||
implementation 'org.bitlet:weupnp:0.1.4'
|
||||
implementation 'net.i2p.crypto:eddsa:0.2.0'
|
||||
|
||||
@@ -1,115 +0,0 @@
|
||||
package org.briarproject.bramble.crypto;
|
||||
|
||||
import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
|
||||
import org.bouncycastle.asn1.x9.X9ECParameters;
|
||||
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
|
||||
import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
|
||||
import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
|
||||
import org.bouncycastle.crypto.params.ECDomainParameters;
|
||||
import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
|
||||
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
|
||||
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
|
||||
import org.bouncycastle.math.ec.ECCurve;
|
||||
import org.bouncycastle.math.ec.ECPoint;
|
||||
import org.bouncycastle.math.ec.MontgomeryLadderMultiplier;
|
||||
import org.briarproject.bramble.test.BrambleTestCase;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.SecureRandom;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
public class EllipticCurveMultiplicationTest extends BrambleTestCase {
|
||||
|
||||
@Test
|
||||
public void testMultiplierProducesSameResultsAsDefault() throws Exception {
|
||||
// Instantiate the default implementation of the curve
|
||||
X9ECParameters defaultX9Parameters =
|
||||
TeleTrusTNamedCurves.getByName("brainpoolp256r1");
|
||||
ECCurve defaultCurve = defaultX9Parameters.getCurve();
|
||||
ECPoint defaultG = defaultX9Parameters.getG();
|
||||
BigInteger defaultN = defaultX9Parameters.getN();
|
||||
BigInteger defaultH = defaultX9Parameters.getH();
|
||||
ECDomainParameters defaultParameters = new ECDomainParameters(
|
||||
defaultCurve, defaultG, defaultN, defaultH);
|
||||
// Instantiate an implementation using the Montgomery ladder multiplier
|
||||
ECDomainParameters montgomeryParameters =
|
||||
constantTime(defaultParameters);
|
||||
// Generate two key pairs with each set of parameters, using the same
|
||||
// deterministic PRNG for both sets of parameters
|
||||
byte[] seed = new byte[32];
|
||||
new SecureRandom().nextBytes(seed);
|
||||
// Montgomery ladder multiplier
|
||||
SecureRandom random = new PseudoSecureRandom(seed);
|
||||
ECKeyGenerationParameters montgomeryGeneratorParams =
|
||||
new ECKeyGenerationParameters(montgomeryParameters, random);
|
||||
ECKeyPairGenerator montgomeryGenerator = new ECKeyPairGenerator();
|
||||
montgomeryGenerator.init(montgomeryGeneratorParams);
|
||||
AsymmetricCipherKeyPair montgomeryKeyPair1 =
|
||||
montgomeryGenerator.generateKeyPair();
|
||||
ECPrivateKeyParameters montgomeryPrivate1 =
|
||||
(ECPrivateKeyParameters) montgomeryKeyPair1.getPrivate();
|
||||
ECPublicKeyParameters montgomeryPublic1 =
|
||||
(ECPublicKeyParameters) montgomeryKeyPair1.getPublic();
|
||||
AsymmetricCipherKeyPair montgomeryKeyPair2 =
|
||||
montgomeryGenerator.generateKeyPair();
|
||||
ECPrivateKeyParameters montgomeryPrivate2 =
|
||||
(ECPrivateKeyParameters) montgomeryKeyPair2.getPrivate();
|
||||
ECPublicKeyParameters montgomeryPublic2 =
|
||||
(ECPublicKeyParameters) montgomeryKeyPair2.getPublic();
|
||||
// Default multiplier
|
||||
random = new PseudoSecureRandom(seed);
|
||||
ECKeyGenerationParameters defaultGeneratorParams =
|
||||
new ECKeyGenerationParameters(defaultParameters, random);
|
||||
ECKeyPairGenerator defaultGenerator = new ECKeyPairGenerator();
|
||||
defaultGenerator.init(defaultGeneratorParams);
|
||||
AsymmetricCipherKeyPair defaultKeyPair1 =
|
||||
defaultGenerator.generateKeyPair();
|
||||
ECPrivateKeyParameters defaultPrivate1 =
|
||||
(ECPrivateKeyParameters) defaultKeyPair1.getPrivate();
|
||||
ECPublicKeyParameters defaultPublic1 =
|
||||
(ECPublicKeyParameters) defaultKeyPair1.getPublic();
|
||||
AsymmetricCipherKeyPair defaultKeyPair2 =
|
||||
defaultGenerator.generateKeyPair();
|
||||
ECPrivateKeyParameters defaultPrivate2 =
|
||||
(ECPrivateKeyParameters) defaultKeyPair2.getPrivate();
|
||||
ECPublicKeyParameters defaultPublic2 =
|
||||
(ECPublicKeyParameters) defaultKeyPair2.getPublic();
|
||||
// The key pairs generated with both sets of parameters should be equal
|
||||
assertEquals(montgomeryPrivate1.getD(), defaultPrivate1.getD());
|
||||
assertEquals(montgomeryPublic1.getQ(), defaultPublic1.getQ());
|
||||
assertEquals(montgomeryPrivate2.getD(), defaultPrivate2.getD());
|
||||
assertEquals(montgomeryPublic2.getQ(), defaultPublic2.getQ());
|
||||
// OK, all of the above was just sanity checks - now for the test!
|
||||
ECDHCBasicAgreement agreement = new ECDHCBasicAgreement();
|
||||
agreement.init(montgomeryPrivate1);
|
||||
BigInteger sharedSecretMontgomeryMontgomery =
|
||||
agreement.calculateAgreement(montgomeryPublic2);
|
||||
agreement.init(montgomeryPrivate1);
|
||||
BigInteger sharedSecretMontgomeryDefault =
|
||||
agreement.calculateAgreement(defaultPublic2);
|
||||
agreement.init(defaultPrivate1);
|
||||
BigInteger sharedSecretDefaultMontgomery =
|
||||
agreement.calculateAgreement(montgomeryPublic2);
|
||||
agreement.init(defaultPrivate1);
|
||||
BigInteger sharedSecretDefaultDefault =
|
||||
agreement.calculateAgreement(defaultPublic2);
|
||||
// Shared secrets calculated with different multipliers should be equal
|
||||
assertEquals(sharedSecretMontgomeryMontgomery,
|
||||
sharedSecretMontgomeryDefault);
|
||||
assertEquals(sharedSecretMontgomeryMontgomery,
|
||||
sharedSecretDefaultMontgomery);
|
||||
assertEquals(sharedSecretMontgomeryMontgomery,
|
||||
sharedSecretDefaultDefault);
|
||||
}
|
||||
|
||||
private static ECDomainParameters constantTime(ECDomainParameters in) {
|
||||
ECCurve curve = in.getCurve().configure().setMultiplier(
|
||||
new MontgomeryLadderMultiplier()).create();
|
||||
BigInteger x = in.getG().getAffineXCoord().toBigInteger();
|
||||
BigInteger y = in.getG().getAffineYCoord().toBigInteger();
|
||||
ECPoint g = curve.createPoint(x, y);
|
||||
return new ECDomainParameters(curve, g, in.getN(), in.getH());
|
||||
}
|
||||
}
|
||||
@@ -20,13 +20,9 @@ import org.bouncycastle.crypto.signers.DSADigestSigner;
|
||||
import org.bouncycastle.crypto.signers.DSAKCalculator;
|
||||
import org.bouncycastle.crypto.signers.ECDSASigner;
|
||||
import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
|
||||
import org.bouncycastle.math.ec.ECCurve;
|
||||
import org.bouncycastle.math.ec.ECPoint;
|
||||
import org.bouncycastle.math.ec.MontgomeryLadderMultiplier;
|
||||
import org.whispersystems.curve25519.Curve25519;
|
||||
import org.whispersystems.curve25519.Curve25519KeyPair;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.GeneralSecurityException;
|
||||
import java.security.KeyPair;
|
||||
import java.security.Provider;
|
||||
@@ -55,14 +51,12 @@ public class EllipticCurvePerformanceTest {
|
||||
for (String name : SEC_NAMES) {
|
||||
ECDomainParameters params =
|
||||
convertParams(SECNamedCurves.getByName(name));
|
||||
runTest(name + " default", params);
|
||||
runTest(name + " constant", constantTime(params));
|
||||
runTest(name, params);
|
||||
}
|
||||
for (String name : BRAINPOOL_NAMES) {
|
||||
ECDomainParameters params =
|
||||
convertParams(TeleTrusTNamedCurves.getByName(name));
|
||||
runTest(name + " default", params);
|
||||
runTest(name + " constant", constantTime(params));
|
||||
runTest(name, params);
|
||||
}
|
||||
runCurve25519Test();
|
||||
runEd25519Test();
|
||||
@@ -193,13 +187,4 @@ public class EllipticCurvePerformanceTest {
|
||||
return new ECDomainParameters(in.getCurve(), in.getG(), in.getN(),
|
||||
in.getH());
|
||||
}
|
||||
|
||||
private static ECDomainParameters constantTime(ECDomainParameters in) {
|
||||
ECCurve curve = in.getCurve().configure().setMultiplier(
|
||||
new MontgomeryLadderMultiplier()).create();
|
||||
BigInteger x = in.getG().getAffineXCoord().toBigInteger();
|
||||
BigInteger y = in.getG().getAffineYCoord().toBigInteger();
|
||||
ECPoint g = curve.createPoint(x, y);
|
||||
return new ECDomainParameters(curve, g, in.getN(), in.getH());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -26,7 +26,7 @@ dependencyVerification {
|
||||
'net.ltgt.gradle.incap:incap:0.2:incap-0.2.jar:b625b9806b0f1e4bc7a2e3457119488de3cd57ea20feedd513db070a573a4ffd',
|
||||
'org.apache-extras.beanshell:bsh:2.0b6:bsh-2.0b6.jar:a17955976070c0573235ee662f2794a78082758b61accffce8d3f8aedcd91047',
|
||||
'org.bitlet:weupnp:0.1.4:weupnp-0.1.4.jar:88df7e6504929d00bdb832863761385c68ab92af945b04f0770b126270a444fb',
|
||||
'org.bouncycastle:bcprov-jdk15on:1.58:bcprov-jdk15on-1.58.jar:eb61ab61065ed96f9f2d5cde94d326233c09fdec9333c1185f2fa65ee88a4236',
|
||||
'org.bouncycastle:bcprov-jdk15on:1.69:bcprov-jdk15on-1.69.jar:e469bd39f936999f256002631003ff022a22951da9d5bd9789c7abfa9763a292',
|
||||
'org.briarproject:jtorctl:0.3:jtorctl-0.3.jar:f2939238a097898998432effe93b0334d97a787972ab3a91a8973a1d309fc864',
|
||||
'org.checkerframework:checker-compat-qual:2.5.3:checker-compat-qual-2.5.3.jar:d76b9afea61c7c082908023f0cbc1427fab9abd2df915c8b8a3e7a509bccbc6d',
|
||||
'org.checkerframework:checker-qual:2.5.2:checker-qual-2.5.2.jar:64b02691c8b9d4e7700f8ee2e742dce7ea2c6e81e662b7522c9ee3bf568c040a',
|
||||
|
||||
@@ -188,7 +188,7 @@ dependencyVerification {
|
||||
'org.apache.maven:maven-settings:2.2.1:maven-settings-2.2.1.jar:9a9f556713a404e770c9dbdaed7eb086078014c989291960c76fdde6db4192f7',
|
||||
'org.bouncycastle:bcpkix-jdk15on:1.56:bcpkix-jdk15on-1.56.jar:7043dee4e9e7175e93e0b36f45b1ec1ecb893c5f755667e8b916eb8dd201c6ca',
|
||||
'org.bouncycastle:bcprov-jdk15on:1.56:bcprov-jdk15on-1.56.jar:963e1ee14f808ffb99897d848ddcdb28fa91ddda867eb18d303e82728f878349',
|
||||
'org.bouncycastle:bcprov-jdk15on:1.58:bcprov-jdk15on-1.58.jar:eb61ab61065ed96f9f2d5cde94d326233c09fdec9333c1185f2fa65ee88a4236',
|
||||
'org.bouncycastle:bcprov-jdk15on:1.69:bcprov-jdk15on-1.69.jar:e469bd39f936999f256002631003ff022a22951da9d5bd9789c7abfa9763a292',
|
||||
'org.checkerframework:checker-compat-qual:2.5.3:checker-compat-qual-2.5.3.jar:d76b9afea61c7c082908023f0cbc1427fab9abd2df915c8b8a3e7a509bccbc6d',
|
||||
'org.checkerframework:checker-qual:2.5.2:checker-qual-2.5.2.jar:64b02691c8b9d4e7700f8ee2e742dce7ea2c6e81e662b7522c9ee3bf568c040a',
|
||||
'org.checkerframework:checker-qual:2.8.1:checker-qual-2.8.1.jar:9103499008bcecd4e948da29b17864abb64304e15706444ae209d17ebe0575df',
|
||||
|
||||
Reference in New Issue
Block a user