search

usnistgov / ACVP-Server

A repository tracking releases of NIST's ACVP server. See www.github.com/usnistgov/ACVP for the protocol.
59 stars 20 forks source link

KAS-KDF-OneStepNoCounter-Sp800-56Cr2 not available on Prod #163

Closed powersmc closed 2 years ago

powersmc commented 2 years ago

environment Prod

testSessionId Could not create

vsId Could not create

Algorithm registration

         {
            "algorithm":"KAS-KDF",
            "mode":"OneStepNoCounter",
            "revision":"Sp800-56Cr2",
            "auxFunctions":[
               {
                  "auxFunctionName":"SHA2-256",
                  "l":256
               }
            ],
            "fixedInfoPattern":"algorithmId||uPartyInfo||vPartyInfo||label",
            "encoding":[
               "concatenation"
            ],
            "z":[
               384
            ]
         }

Endpoint in which the error is experienced /testSessions POST

Expected behavior Generating this algorithm should work on production based on the 2021-Aug-19 maintenance and https://github.com/usnistgov/ACVP/issues/1210

Additional context When providing the algorithm registration above to demo, it works as expected. When providing the same exact registration to prod, we are presented with the following error:

[{'acvVersion': '1.0'}, {'error': 'Validation error(s) on JSON payload.', 'context': ['Unable to map KAS-KDF-OneStepNoCounter-Sp800-56Cr2 - index 2 to an internal algorithm id.']}]

Kritner commented 2 years ago

Thanks @powersmc, this algorithm just hasn't been enabled on prod yet. We generally don't immediately enable new algorithms on prod until we've confirmed it's been tested on demo from someone that isn't us, or the activation is requested.

The algorithm should be enabled shortly

powersmc commented 2 years ago

@Kritner Ok, just noting that according to this: https://github.com/usnistgov/ACVP-Server/releases/tag/v1.1.0.20 This should have been enabled on production in August. Or at least that's how I interpret this:

Demo: 2021-07-28 Prod: 2021-08-19

Kritner commented 2 years ago

the release and code are there on prod, that particular algorithm just wasn't "enabled". Specific algorithms are a sort of "feature flag/toggle" on our end of things. It should be enabled now; let me know if you have any issues!

powersmc commented 2 years ago

Thanks for the explanation. I was able to go in and generate vectors on prod now, so it looks like this is resolved.