Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Safeprimes keyvery spec update #849

Closed
smuellerDD opened this issue Apr 27, 2020 · 4 comments · Fixed by #971
Closed

Safeprimes keyvery spec update #849

smuellerDD opened this issue Apr 27, 2020 · 4 comments · Fixed by #971

Comments

@smuellerDD
Copy link
Contributor

The safe prime key verification spec does not seem to document which checks are to be performed by the IUT. Casually, I would test that y is proper (i.e. complies with SP800-56A rev 3). However, the ACVP server seems to require in addition that the IUT re-calculates y from the provided x and compares the provided y with the calculated y. Only with both tests, I get a passing safeprimes key verification test.

May I ask to clarify that in the spec?

@Kritner
Copy link
Contributor

Kritner commented Apr 27, 2020

@smuellerDD I'm not really following, can you provide an example of json that you think the server expects? IIRC for keyVer we're only expecting "testPassed": true and "testPassed": false for all test cases for that algorithm type.

@smuellerDD
Copy link
Contributor Author

smuellerDD commented Apr 27, 2020 via email

@celic
Copy link
Collaborator

celic commented Apr 27, 2020

Just to close the loop a bit and make the eventual spec update easier... This is what the server checks considers an invalid key...

Invalid key pair, x must satisfy 0 < x < q
Invalid key pair, y != g^x mod p

These come from the DSA KeyVer methods in FIPS186-4. Eventually these should live elsewhere in a standard once FIPS186-5 is published.

@smuellerDD
Copy link
Contributor Author

smuellerDD commented Apr 27, 2020 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants