Joachim Vandersmissen
Joachim Vandersmissen
Why does Table 1 at https://github.com/usnistgov/ACVP/blob/master/src/rsa/sections/07-keygen-responses.adoc not mention Appendix B.3.6 for xP1, xP2, xQ1, and xQ2? When I request a testvector sample, these values are included in the expected output.
Based on https://eprint.iacr.org/2013/404.pdf Using testvectors from Appendix C of the aforementioned paper. Notes: * I implemented this based on the cipher v0.4 branch, so this should only be merged after...
**Protocol Section** https://github.com/usnistgov/ACVP/blob/master/src/drbg/sections/03-supported.adoc **Protocol Question** 1) What is the basis for the security strengths specified in Table 1, specifically for hash-based DRBGs? SP 800-90Ar1 Section 10.1 specifies: > The maximum...
Right now, it is impossible for FIPS modules to claim the TLS 1.0/1.1 PRF as approved, because the ACVP testing does not support the extended master secret[^1]. On the other...
**What type of change is being proposed?** Implement testing for X25519/X448 (aka ECDH with Curve25519 and Curve448). **Details on suggestion** I am aware that X25519 and X448 are currently not...
As mentioned in https://github.com/openssl/openssl/pull/22112, it would be nice if EdDSA was accessible using the EVP_PKEY_sign/verify APIs. Right now, EdDSA is actually quite counter-intuitive, because the DigestSign/Verify APIs need to be...
**environment** Demo **testSessionId** 475095 **vsId** 2098825 **Algorithm registration** ``` { "revision":"1.0", "algorithm":"ACVP-AES-GCM-SIV", "direction":[ "encrypt", "decrypt" ], "keyLen":[ 128, 256 ], "payloadLen":[ 128, 256, 120, 248 ], "ivLen":[ 96 ], "aadLen":[...
For example, the following registration: ``` [ { "acvVersion":"1.0" }, { "isSample":false, "operation":"register", "certificateRequest":"no", "debugRequest":"yes", "production":"no", "encryptAtRest":"yes", "algorithms":[ { "algorithm":"EDDSA", "mode":"sigGen", "revision":"1.0", "curve":[ "ED-25519", "ED-448" ], "pure":true, "preHash":false, "contextLength":[ 0...
FIPS 198-1, Section 6 specifies that: ``` Conceptually, the intermediate results of the compression function on the B-byte blocks (K0 ⊕ ipad) and (K0 ⊕ opad) can be precomputed once,...
**environment** Demo **testSessionId** 525016 **vsId** 2428060 **Algorithm registration** ``` [ { "acvVersion":"1.0" }, { "isSample":false, "operation":"register", "certificateRequest":"no", "debugRequest":"yes", "production":"no", "encryptAtRest":"yes", "algorithms":[ { "revision":"FIPS186-5", "algorithm":"RSA", "mode":"sigGen", "capabilities":[ { "sigType":"pkcs1v1.5", "properties":[ {...