Open smuellerDD opened 2 years ago
Hi @smuellerDD, sure. As you quoted from the symmetric spec, "Keying Option 2 (2) is 2 distinct keys only suitable for decrypt (K1, K2, K1)." Similarly, the MAC spec states, "Keying Option 2 (2) is 2 distinct only suitable for decrypt (K1, K2, K1)." The source of these requirements can be found in SP 800-131Ar2 Section 2.
Nothing seems amiss w/ the first example you provided. For the second example, it looks like we have an issue in our logic somewhere. You shouldn't be receiving keyingOption 1 vectors when your capabilities registration only advertises keyingOption 2. I'm not sure if the correct behavior is to reject the registration because "direction": ["encrypt"] is disallowed with keyingOption 2 or if it should be allowed and no "direction": ["encrypt"] vectors should be returned. I'll look into what the correct thing to do is and get a fix out.
As a heads up, keyLen
and ivLen
are not valid TDES registration properties. They can be removed. payloadLen
as well for this particular mode, is not supported. For most TDES modes, the only properties should be direction
and keyingOption
.
keyLen
is only valid for TDES-KW.
I do recall working with you @smuellerDD on TDES 2-key KATs. These particular tests you're getting with 3 keys are staticly generated KATs. Do you happen to remember if that was over email or a separate issue on this repository?
Am Freitag, 19. November 2021, 16:52:50 CET schrieb Chris Celi:
Hi Chris,
As a heads up,
keyLen
andivLen
are not valid TDES registration properties. They can be removed.payloadLen
as well for this particular mode, is not supported. For most TDES modes, the only properties should bedirection
andkeyingOption
.
keyLen
is only valid for TDES-KW.I do recall working with you @smuellerDD on TDES 2-key KATs. These particular tests you're getting with 3 keys are staticly generated KATs. Do you happen to remember if that was over email or a separate issue on this repository?
Unfortunately I do not recall.
Ciao Stephan
https://github.com/usnistgov/ACVP/blob/master/src/symmetric/sections/05-capabilities.adoc#block-cipher-algorithm-capabilities-json-values states:
"The Keying Option used in TDES. Keying option 1 (1) is 3 distinct keys (K1, K2, K3). Keying Option 2 (2) is 2 distinct keys only suitable for decrypt (K1, K2, K1)."
I vaguely remember that Chris stated that anything but 3key TDES is not testable any more. But 2key TDES is a legacy algorithm and I would expect it being testable.
Now I tried to obtain 2key TDES for which I only partially got the right vectors.
Example for a 2key TDES vector:
Example for TDES vector that is not 2key albeit being queried for:
Here is the query for the latter vector:
Thus, could you please help me clarify what TDES option is supported?
Thanks