Understand "different rsp files"

GaloisInc / hacrypto

Experiments in high-assurance crypto.

BSD 3-Clause "New" or "Revised" License

47 stars 14 forks source link

Understand "different rsp files" #73

Closed jldodds closed 10 years ago

jldodds commented 10 years ago

Understand the following comment on a footnote of page 48 of the FIPS 140-2 User Guide

Due to the nature of the cryptographic operations involved the following responses files will always be different: KeyPair.rsp DSA PQGGen.rsp DSA SigGen.rsp DSA SigGen15.rsp RSA SigGenPSS.rsp RSA SigGenRSA.rsp RSA SigGenPSS.rsp RSA These files are listed in the file ./fips/fips-nodiff.txt that is referenced by the fips_test_diff makefile target.

jldodds commented 10 years ago

KeyPair DSA generates a number of keys. The check for correctness is:

Verifies that the x value is in the correct range (0<x<q), and that y = g x mod p

There is no test to generate for KeyPair

PQGen is the same but for P and Q. Supplied test is just an n

jldodds commented 10 years ago

These are all files that require some randomized generation of the rsp file. The verification is to validate that they are correct outputs