Fixing ECDH tests.

1/ Catching unchecked exceptions to not crash the JVM. Wycheproof found that some Java security providers would throw unchecked exceptions when processing attacker-controlled input. To prevent DoS attacks, we'd catch these exceptions in Tink. 2/ Do not report errors if the shared secret is correct. Android M and N ignore the public key parameters, thus we'd stop reporting errors in tests that modify parameters if the shared secret is still correct. 3/ Skipping CVE-2017-10176 test because it's not a severe issue. PiperOrigin-RevId: 191113399 GitOrigin-RevId: b069f3af3f515b30b5cc1e2af791b226fb0635c5

Fixing ECDH tests.
1/ Catching unchecked exceptions to not crash the JVM. Wycheproof found that some Java security providers would throw unchecked exceptions when processing attacker-controlled input. To prevent DoS attacks, we'd catch these exceptions in Tink. 2/ Do not report errors if the shared secret is correct. Android M and N ignore the public key parameters, thus we'd stop reporting errors in tests that modify parameters if the shared secret is still correct. 3/ Skipping CVE-2017-10176 test because it's not a severe issue. PiperOrigin-RevId: 191113399 GitOrigin-RevId: b069f3af3f515b30b5cc1e2af791b226fb0635c5
157277bf · Thai Duong · Tink Team · 3d7f6fe3 · 157277bf · 157277bf
Commit 157277bf authored 7 years ago by Thai Duong Committed by Tink Team 7 years ago
--- a/java/src/main/java/com/google/crypto/tink/subtle/EllipticCurves.java
+++ b/java/src/main/java/com/google/crypto/tink/subtle/EllipticCurves.java
@@ -162,13 +162,19 @@ public final class EllipticCurves {
  /** Checks that the public key's params spec is the same as the private key's params spec. */
  static void validatePublicKeySpec(ECPublicKey publicKey, ECPrivateKey privateKey)
      throws GeneralSecurityException {
-    ECParameterSpec publicKeySpec = publicKey.getParams();
-    ECParameterSpec privateKeySpec = privateKey.getParams();
-    if (!publicKeySpec.getCurve().equals(privateKeySpec.getCurve())
-        || !publicKeySpec.getGenerator().equals(privateKeySpec.getGenerator())
-        || !publicKeySpec.getOrder().equals(privateKeySpec.getOrder())
-        || publicKeySpec.getCofactor() != privateKeySpec.getCofactor()) {
-      throw new GeneralSecurityException("invalid public key spec");
+    try {
+      ECParameterSpec publicKeySpec = publicKey.getParams();
+      ECParameterSpec privateKeySpec = privateKey.getParams();
+      if (!publicKeySpec.getCurve().equals(privateKeySpec.getCurve())
+          || !publicKeySpec.getGenerator().equals(privateKeySpec.getGenerator())
+          || !publicKeySpec.getOrder().equals(privateKeySpec.getOrder())
+          || publicKeySpec.getCofactor() != privateKeySpec.getCofactor()) {
+        throw new GeneralSecurityException("invalid public key spec");
+      }
+    } catch (IllegalArgumentException | NullPointerException ex) {
+      // The Java security providers on Android K and Android L might throw these unchecked
+      // exceptions, converting them to a checked one to not crash the JVM.
+      throw new GeneralSecurityException(ex.toString());
    }
  }

@@ -646,9 +652,15 @@ public final class EllipticCurves {
    PublicKey publicKey = kf.generatePublic(publicKeySpec);
    KeyAgreement ka = EngineFactory.KEY_AGREEMENT.getInstance("ECDH");
    ka.init(myPrivateKey);
-    ka.doPhase(publicKey, true /* lastPhase */);
-    byte[] secret = ka.generateSecret();
-    validateSharedSecret(secret, myPrivateKey);
-    return secret;
+    try {
+      ka.doPhase(publicKey, true /* lastPhase */);
+      byte[] secret = ka.generateSecret();
+      validateSharedSecret(secret, myPrivateKey);
+      return secret;
+    } catch (IllegalStateException ex) {
+      // Due to CVE-2017-10176 some versions of OpenJDK might throw this unchecked exception,
+      // converting it to a checked one to not crash the JVM. See also b/73760761.
+      throw new GeneralSecurityException(ex.toString());
+    }
  }
 }
--- a/java/src/test/java/com/google/crypto/tink/WycheproofTestUtil.java
+++ b/java/src/test/java/com/google/crypto/tink/WycheproofTestUtil.java
@@ -22,6 +22,7 @@ import java.io.File;
 import java.io.FileInputStream;
 import java.nio.charset.Charset;
 import java.security.NoSuchAlgorithmException;
+import org.json.JSONArray;
 import org.json.JSONObject;

 /** Wycheproof Test helpers. */
@@ -88,4 +89,17 @@ public class WycheproofTestUtil {
        throw new NoSuchAlgorithmException("Unknown curve name: " + curveName);
    }
  }
+
+  /** @return true if the test case has one of the flags. */
+  public static boolean checkFlags(JSONObject testcase, String... flags) throws Exception {
+    JSONArray entries = testcase.getJSONArray("flags");
+    for (int i = 0; i < entries.length(); i++) {
+      for (String flag : flags) {
+        if (flag.equals(entries.get(i))) {
+          return true;
+        }
+      }
+    }
+    return false;
+  }
 }
--- a/java/src/test/java/com/google/crypto/tink/subtle/EllipticCurvesTest.java
+++ b/java/src/test/java/com/google/crypto/tink/subtle/EllipticCurvesTest.java
@@ -466,6 +466,11 @@ public class EllipticCurvesTest {
      JSONArray tests = group.getJSONArray("tests");
      for (int j = 0; j < tests.length(); j++) {
        JSONObject testcase = tests.getJSONObject(j);
+        if (WycheproofTestUtil.checkFlags(testcase, "CVE_2017_10176")) {
+          System.out.println("Skipping CVE-2017-10176 test, see b/73760761");
+          continue;
+        }
+
        String tcId =
            String.format(
                "testcase %d (%s)", testcase.getInt("tcId"), testcase.getString("comment"));
@@ -485,13 +490,24 @@ public class EllipticCurvesTest {
          ECPublicKey pubKey = (ECPublicKey) kf.generatePublic(x509keySpec);
          String sharedSecret = Hex.encode(EllipticCurves.computeSharedSecret(privKey, pubKey));
          if (result.equals("invalid")) {
-            System.out.printf(
-                "FAIL %s: accepting invalid parameters, shared secret: %s%n", tcId, sharedSecret);
-            errors++;
+            if (expectedSharedSecret.equals(sharedSecret)
+                && WycheproofTestUtil.checkFlags(
+                    testcase, "WrongOrder", "WeakPublicKey", "UnnamedCurve")) {
+              System.out.println(
+                  tcId + " accepted invalid parameters but shared secret is correct.");
+            } else {
+              System.out.println(
+                  "FAIL " + tcId + " accepted invalid parameters, shared secret: " + sharedSecret);
+              errors++;
+            }
          } else if (!expectedSharedSecret.equals(sharedSecret)) {
-            System.out.printf(
-                "FAIL %s: incorrect shared secret, computed: %s, expected: %s%n",
-                tcId, sharedSecret, expectedSharedSecret);
+            System.out.println(
+                "FAIL "
+                    + tcId
+                    + " incorrect shared secret, computed: "
+                    + sharedSecret
+                    + " expected: "
+                    + expectedSharedSecret);
            errors++;
          }
        } catch (NoSuchAlgorithmException ex) {
@@ -501,12 +517,14 @@ public class EllipticCurvesTest {
          }
        } catch (GeneralSecurityException ex) {
          if (result.equals("valid")) {
-            System.out.printf("FAIL %s, exception %s%n", tcId, ex);
+            System.out.println("FAIL " + tcId + " exception: " + ex.toString());
+            ex.printStackTrace();
            errors++;
          }
        } catch (Exception ex) {
          // Other exceptions typically indicate that something is wrong with the implementation.
-          System.out.printf("FAIL %s, exception %s%n", tcId, ex);
+          System.out.println("FAIL " + tcId + " exception: " + ex.toString());
+          ex.printStackTrace();
          errors++;
        }
      }

--- a/testdata/wycheproof/ecdh_test.json
+++ b/testdata/wycheproof/ecdh_test.json
@@ -2129,7 +2129,7 @@
          "curve" : "secp384r1",
          "public" : "308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f0231ff000000000000000000000000000000000000000000000000389cb27e0bc8d220a7e5f24db74f58851313e695333ad68d020101036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6",
          "private" : "0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2",
-          "shared" : "",
+          "shared" : "455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6",
          "result" : "invalid",
          "flags" : [
            "WrongOrder",
@@ -2209,7 +2209,7 @@
          "curve" : "secp384r1",
          "public" : "308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc529730201ff036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6",
          "private" : "0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2",
-          "shared" : "",
+          "shared" : "455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6",
          "result" : "invalid",
          "flags" : [
            "UnnamedCurve"
@@ -2221,7 +2221,7 @@
          "curve" : "secp384r1",
          "public" : "308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973020100036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6",
          "private" : "0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2",
-          "shared" : "",
+          "shared" : "455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6",
          "result" : "invalid",
          "flags" : [
            "UnnamedCurve"
@@ -2246,7 +2246,7 @@
          "curve" : "secp384r1",
          "public" : "308201e53082017d06072a8648ce3d020130820170020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6",
          "private" : "0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2",
-          "shared" : "",
+          "shared" : "455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6",
          "result" : "invalid",
          "flags" : [
            "UnnamedCurve"
@@ -2271,7 +2271,7 @@
          "curve" : "secp384r1",
          "public" : "308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100f47e533e4e43e4bf04e901db0eea6efba14bbcdc3b1c5753a7c141487e4f43784e57a72310202323361f44760c8368bf306404300b81acc1b1bc1b40fb16fe24f11591045eb44323c4e3a8ac583ebeb781b0bc86b1a858dbefdfdcdcc9e0bb8af37c973d0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef04610400000000000000000000000000000000fffffffffffd38000000000000000000000000000000000000000000000001cf3646298bba2f24e84189cf0d1e75188fc4fcf5b0844281822e789e3d534b159f4c419342260197625ad924a2c72c4d0f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc529730201010362000400000000000000000000000000000000fffffffffffd38000000000000000000000000000000000000000000000001cf3646298bba2f24e84189cf0d1e75188fc4fcf5b0844281822e789e3d534b159f4c419342260197625ad924a2c72c4d0f",
          "private" : "0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2",
-          "shared" : "",
+          "shared" : "5df0762488bc0a7be1121508949382861f781c331676048c2d45d245be6f476c872113e6710bc746c3d06970510193ce",
          "result" : "invalid",
          "flags" : [
            "ModifiedPrime",
@@ -2327,7 +2327,7 @@
          "curve" : "secp384r1",
          "public" : "308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430cba7f9015366e8e6bba0f30bcd1ab0a279e92e2ceb5fe5bbfee62db1fe23a64639709b7e5efcd539d6f2882e40713f3304309c564d918760892977fab2a7c507ca1337cd282c27e832eb3d0dc8ab1b03c5bdb72351d7a3fb388eac1f6fdfe2faaac8046104f610585fa59340e1df571af1e2d8cd3d6bbcf0fde2c272444b2a1ec58f71b7aed0cf709ee9c6777304c3149ef788719c07f9f6ffa32808b6371504fd55a5b02c3a571bc6aba9915f80c902b753d9abbefc8f510e7a9908466b795508188cb28c023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc5297302010103620004f610585fa59340e1df571af1e2d8cd3d6bbcf0fde2c272444b2a1ec58f71b7aed0cf709ee9c6777304c3149ef788719cf80609005cd7f749c8eafb02aa5a4fd3c5a8e43954566ea07f36fd48ac2654400370aef08566f7b99486aaf8e7734d73",
          "private" : "0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2",
-          "shared" : "",
+          "shared" : "1565d888a631c08afaeda6da8d1aea4c916aa0a157abb44dff9f8181948e434d8b4f3366d29a34b2e3a3cb419675ac13",
          "result" : "invalid",
          "flags" : [
            "WeakPublicKey",
@@ -3043,7 +3043,7 @@
          "curve" : "secp521r1",
          "public" : "30820245308201b806072a8648ce3d0201308201ab020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd166500242fe000000000000000000000000000000000000000000000000000000000000000005ae79787c40d069948033feb708f65a2fc44a36477663b851449048e16ec79bf7020101038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf",
          "private" : "1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7",
-          "shared" : "",
+          "shared" : "00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de",
          "result" : "invalid",
          "flags" : [
            "WrongOrder",
@@ -3123,7 +3123,7 @@
          "curve" : "secp521r1",
          "public" : "30820245308201b806072a8648ce3d0201308201ab020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913864090201ff038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf",
          "private" : "1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7",
-          "shared" : "",
+          "shared" : "00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de",
          "result" : "invalid",
          "flags" : [
            "UnnamedCurve"
@@ -3135,7 +3135,7 @@
          "curve" : "secp521r1",
          "public" : "30820245308201b806072a8648ce3d0201308201ab020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409020100038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf",
          "private" : "1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7",
-          "shared" : "",
+          "shared" : "00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de",
          "result" : "invalid",
          "flags" : [
            "UnnamedCurve"
@@ -3160,7 +3160,7 @@
          "curve" : "secp521r1",
          "public" : "30820286308201f906072a8648ce3d0201308201ec020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf",
          "private" : "1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7",
-          "shared" : "",
+          "shared" : "00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de",
          "result" : "invalid",
          "flags" : [
            "UnnamedCurve"
@@ -3185,7 +3185,7 @@
          "curve" : "secp521r1",
          "public" : "30820244308201b706072a8648ce3d0201308201aa020101304d06072a8648ce3d0101024201e99d17d498f3c68ed8e50430ec4f36c14dbeeaf7652e985636bf0548ffb981e9e011607fd0059cd4fe51e882f19a3839ebe7f1d7376cb761431b214ed76970cc0130818604411662e82b670c3971271afbcf13b0c93eb24115089ad167a9c940fab700467e161fee9f802ffa632b01ae177d0e65c7c614180e28c893489ebce4deb128968f33fb044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f0004818504000000000000000000000000000000000000000000000a14517cc6b91f8000000000000000000000000000000000000000000000000000000000000000000000032c006b0f530bec5bed532357d436727699f0e3c5b9366f1a435be640b97cd43d937655b1f157c7d0c7df25011fef7c3ab7d8e556e6125b59b847fcdd89a4051796a797024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913864090201010381860004000000000000000000000000000000000000000000000a14517cc6b91f8000000000000000000000000000000000000000000000000000000000000000000000032c006b0f530bec5bed532357d436727699f0e3c5b9366f1a435be640b97cd43d937655b1f157c7d0c7df25011fef7c3ab7d8e556e6125b59b847fcdd89a4051796a797",
          "private" : "1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7",
-          "shared" : "",
+          "shared" : "00ebef6771455911ee573c183e990f7086650f9bafdb722c896751bd2c0f87959c78a39382d10fdfb46fd3515c8feb590943dd79778b13adbc7f670ba2a009753483",
          "result" : "invalid",
          "flags" : [
            "ModifiedPrime",
@@ -3241,7 +3241,7 @@
          "curve" : "secp521r1",
          "public" : "30820246308201b906072a8648ce3d0201308201ac020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308188044201b2ac25ed3b202bee00aaaeb8521977f025a9123df3eaa422077dbb7bd05d7ad92f456d1f8c73d070e1dbd4e250951eb525b8fca24f330b5b2724de0f0cc159e1ca0442014c822bd9cc28dc26c31385e52f86855f59c8b4f278915b23c7c002e73372016a8e6dac70a1d07eb309bb83efcbbeefe92cdee4d3d9c7218ca663298389e52c8acc04818504017d26208a6b9b4ccbc6bdeb8fdda68f6cabba6876b2fb96fab4efc899fd851be71b3491f45432ecb992fcb950416a733e3da561a7621fc4fca2deb3d83f9073bbdc019017d42efa595d03524e404362b124986e50878635d5382d39c793d4f980f3b48ce2ea0702667dee3a92f374920e04f8544e48b451051d68c69ec67098722cc6fc024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913864090201010381860004017d26208a6b9b4ccbc6bdeb8fdda68f6cabba6876b2fb96fab4efc899fd851be71b3491f45432ecb992fcb950416a733e3da561a7621fc4fca2deb3d83f9073bbdc006fe82bd105a6a2fcadb1bfbc9d4edb6791af7879ca2ac7d2c6386c2b067f0c4b731d15f8fd998211c56d0c8b6df1fb07abb1b74baefae2973961398f678dd33903",
          "private" : "1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7",
-          "shared" : "",
+          "shared" : "0173a7def25e016ec3326d4c881dd62a1f33bfcf88d77ccbadc1b49044d9d179342840cf2ac6c09e41c9b1e7b6127f70e294c5fa8ffa132a222767f09a7f350eb300",
          "result" : "invalid",
          "flags" : [
            "WeakPublicKey",