search

usnistgov / ACVP-Server

A repository tracking releases of NIST's ACVP server. See www.github.com/usnistgov/ACVP for the protocol.
36 stars 13 forks source link

request for intermediate hash input from x9.42 DER encoding #295

Closed MarkSimontonOfCG closed 5 months ago

MarkSimontonOfCG commented 7 months ago

environment Demo

testSessionId 454282

vsId 1944424

Algorithm registration

[
    {
        "copyright": "Copyright (c) Microsoft Corporation 2023",
        "abstract": "ACVP capabilities definition for the Microsoft SymCrypt module",
        "acvVersion": "1.0"
    },
    {
        "isSample": true,
        "algorithms": [
        {
            "algorithm": "kdf-components",
            "mode": "ansix9.42",
            "revision": "1.0",
            "prereqVals": [
                {
                    "algorithm": "SHA",
                    "valValue": "same"
                }
                ],
                "kdfType": [
                    "DER"
                ],
                "keyLen": [
                    8, 464
                ],
                "oid": ["AES-128-KW"],
                "suppInfoLen": [
                    0, 464
                ],
                "zzLen": [{
                    "min": 8,
                    "max": 464,
                    "increment": 8
                }],
                "hashAlg": [
                    "SHA2-256"
                ]
            }
        ]
    }
]

Endpoint in which the error is experienced NA

Expected behavior The MS-ACVP generated derivedKey should match the Demo server Derived key

Additional context Add any other context about the problem here. am including 2 examples of where the test code I have key material does not match the output from the Demo server. I believe the problemis in how my code is prepending the TAG + LENGTH header to the value for constructed types; but I don't know what the difference is if someone could provide the matching values to those listed here I would be able to finish this test.

some general observations, key-encryption-key generated for input that only includes ZZ | OtherInfo(OID, counter), works every time. If the key material, includes optional material with maximum length >= 464 bits the key-encryption-key, do not match.

TEST CASE 4 SUSPECTED BYTES 30 82 01 03 30 = APPLICATION | SEQUENCE 82 = VALUE > 128 BYTES, 2 BYTES 0103 = 259 BYTES

TEST CASE 4 SUSPECTED BYTES 30 82 01 03 30 = APPLICATION | SEQUENCE 82 = VALUE > 128 BYTES, 2 BYTES 0103 = 259 BYTES

session ID 454282, vecorSetID = 1944424 t0 expected

          {
            "tcId": 3,
            "derivedKey": "AFFDDF7E23C46864BCC26C0327C8E3489D9A87C5B75395CA4ACC1311FA1886627A9848FD35DCC375F87CC10B2357F6BAC7B4EBC4D8FDE22F0CA2"
          }

msacvp-results

                {
                    "tcId": 3,
                    "derivedKey": "2ACB21059C39C1B030FE9C5F4873CCF3DB709925C25B2080648A9730ED8EB8A80974D0AB9212B349A3A0FDD9FEE2097949F061A57333FDD95599"
                }

Details

***ACVP [INFO][win_kdf135_x942_DER_handler:546]-->  ******** TEST CASE: 1:3 ************************
***ACVP [INFO][win_BCryptOpenAlgorithmProvider:343]--> Opening algorithm SHA256...
***ACVP [INFO][win_BCryptOpenAlgorithmProvider:355]--> Opened  algorithm SHA256...
***ACVP [INFO][win_kdf135_x942_DER_handler:605]--> key_material_bytes_max: 32768

***ACVP [INFO][show_tc_param_values:184]--> CON_OUT-TEST-1944424.1.3-20231114_103217
***ACVP [INFO][show_tc_param_values:185]-->      test:  1944424.1.3
***ACVP [INFO][show_tc_param_values:186]--> algorithm:  4, DER
***ACVP [INFO][show_tc_param_values:187]-->      mode:  34, ANSI x9.42
***ACVP [INFO][show_tc_param_values:188]-->  testType:  1, AFT
OID[11] =
06 09 60 86 48 01 65 03 04 01 05 
zz[9] =
7E 2F D3 0A 31 F6 D4 BB B9 
***ACVP [INFO][show_tc_param_values:191]-->    keyLen:  464
partyUInfo[58] =
C8 60 1B EA 67 DE 20 10 1B 0D DF C0 D6 79 CC B2 87 60 59 46 80 D1 D2 13 2D 02 73 BD 1E 24 64 25 
45 6F 3F 78 61 94 C7 F5 E9 20 DB C7 DB F8 62 2E 22 64 79 DA 8E CA B8 07 D9 7C 
partyVInfo[58] =
22 00 AF 02 B4 6C DE 00 41 7E 70 12 18 17 F5 76 BD 67 6C 33 E9 EF C2 38 09 72 F8 43 9A 95 9D 0D 
08 56 46 84 99 C6 AB AF 0C 66 9C A2 9F 09 F4 C8 CA 60 BB 64 46 54 76 69 84 48 
suppPubInfo[58] =
9B 55 E1 F3 72 8C F9 70 29 04 83 95 9D 09 13 96 47 6E B0 97 A0 33 E7 CA CD C1 89 07 BE 8C 65 99 
53 1E 9D F5 3E 2F 8E 22 08 44 42 D9 7D AC E0 67 FF 81 D0 87 C5 26 C7 38 4B 1F 
suppPrivInfo[58] =
16 14 27 07 73 3A 0B 51 19 88 CC 1A 12 D0 B5 7F 2A 1B D3 03 4B 83 C4 F7 97 91 E8 D9 4F FC 0D 4D 
62 60 15 BE 81 93 E2 A7 E8 20 72 71 A3 0F F2 B3 DF 1E DE F7 C3 43 22 2C D3 A8 

ZZ [9] =
7E 2F D3 0A 31 F6 D4 BB B9 
count[6] =
04 04 00 00 00 01 
OtherInfo(oid, count)[19] =
30 11 06 09 60 86 48 01 65 03 04 01 05 04 04 00 00 00 01 
A0 3A
C8 60 1B EA 67 DE 20 10 1B 0D DF C0 D6 79 CC B2 87 60 59 46 80 D1 D2 13 2D 02 73 BD 1E 24 64 25 
45 6F 3F 78 61 94 C7 F5 E9 20 DB C7 DB F8 62 2E 22 64 79 DA 8E CA B8 07 D9 7C 
A1 3A
22 00 AF 02 B4 6C DE 00 41 7E 70 12 18 17 F5 76 BD 67 6C 33 E9 EF C2 38 09 72 F8 43 9A 95 9D 0D 
08 56 46 84 99 C6 AB AF 0C 66 9C A2 9F 09 F4 C8 CA 60 BB 64 46 54 76 69 84 48 
A2 3A
9B 55 E1 F3 72 8C F9 70 29 04 83 95 9D 09 13 96 47 6E B0 97 A0 33 E7 CA CD C1 89 07 BE 8C 65 99 
53 1E 9D F5 3E 2F 8E 22 08 44 42 D9 7D AC E0 67 FF 81 D0 87 C5 26 C7 38 4B 1F 
A3 3A
16 14 27 07 73 3A 0B 51 19 88 CC 1A 12 D0 B5 7F 2A 1B D3 03 4B 83 C4 F7 97 91 E8 D9 4F FC 0D 4D 
62 60 15 BE 81 93 E2 A7 E8 20 72 71 A3 0F F2 B3 DF 1E DE F7 C3 43 22 2C D3 A8 
***ACVP [INFO][get_optional_other_info_key_material:568]--> bytes used: 240
Optional Key Material[240] =
A0 3A C8 60 1B EA 67 DE 20 10 1B 0D DF C0 D6 79 CC B2 87 60 59 46 80 D1 D2 13 2D 02 73 BD 1E 24 
64 25 45 6F 3F 78 61 94 C7 F5 E9 20 DB C7 DB F8 62 2E 22 64 79 DA 8E CA B8 07 D9 7C A1 3A 22 00 
AF 02 B4 6C DE 00 41 7E 70 12 18 17 F5 76 BD 67 6C 33 E9 EF C2 38 09 72 F8 43 9A 95 9D 0D 08 56 
46 84 99 C6 AB AF 0C 66 9C A2 9F 09 F4 C8 CA 60 BB 64 46 54 76 69 84 48 A2 3A 9B 55 E1 F3 72 8C 
F9 70 29 04 83 95 9D 09 13 96 47 6E B0 97 A0 33 E7 CA CD C1 89 07 BE 8C 65 99 53 1E 9D F5 3E 2F 
8E 22 08 44 42 D9 7D AC E0 67 FF 81 D0 87 C5 26 C7 38 4B 1F A3 3A 16 14 27 07 73 3A 0B 51 19 88 
CC 1A 12 D0 B5 7F 2A 1B D3 03 4B 83 C4 F7 97 91 E8 D9 4F FC 0D 4D 62 60 15 BE 81 93 E2 A7 E8 20 
72 71 A3 0F F2 B3 DF 1E DE F7 C3 43 22 2C D3 A8 
key_material_other_info_buf[263] =
30 82 01 03 30 11 06 09 60 86 48 01 65 03 04 01 05 04 04 00 00 00 01 A0 3A C8 60 1B EA 67 DE 20 
10 1B 0D DF C0 D6 79 CC B2 87 60 59 46 80 D1 D2 13 2D 02 73 BD 1E 24 64 25 45 6F 3F 78 61 94 C7 
F5 E9 20 DB C7 DB F8 62 2E 22 64 79 DA 8E CA B8 07 D9 7C A1 3A 22 00 AF 02 B4 6C DE 00 41 7E 70 
12 18 17 F5 76 BD 67 6C 33 E9 EF C2 38 09 72 F8 43 9A 95 9D 0D 08 56 46 84 99 C6 AB AF 0C 66 9C 
A2 9F 09 F4 C8 CA 60 BB 64 46 54 76 69 84 48 A2 3A 9B 55 E1 F3 72 8C F9 70 29 04 83 95 9D 09 13 
96 47 6E B0 97 A0 33 E7 CA CD C1 89 07 BE 8C 65 99 53 1E 9D F5 3E 2F 8E 22 08 44 42 D9 7D AC E0 
67 FF 81 D0 87 C5 26 C7 38 4B 1F A3 3A 16 14 27 07 73 3A 0B 51 19 88 CC 1A 12 D0 B5 7F 2A 1B D3 
03 4B 83 C4 F7 97 91 E8 D9 4F FC 0D 4D 62 60 15 BE 81 93 E2 A7 E8 20 72 71 A3 0F F2 B3 DF 1E DE 
F7 C3 43 22 2C D3 A8 
keyMaterialBuffer[272] =
7E 2F D3 0A 31 F6 D4 BB B9 30 82 01 03 30 11 06 09 60 86 48 01 65 03 04 01 05 04 04 00 00 00 01 
A0 3A C8 60 1B EA 67 DE 20 10 1B 0D DF C0 D6 79 CC B2 87 60 59 46 80 D1 D2 13 2D 02 73 BD 1E 24 
64 25 45 6F 3F 78 61 94 C7 F5 E9 20 DB C7 DB F8 62 2E 22 64 79 DA 8E CA B8 07 D9 7C A1 3A 22 00 
AF 02 B4 6C DE 00 41 7E 70 12 18 17 F5 76 BD 67 6C 33 E9 EF C2 38 09 72 F8 43 9A 95 9D 0D 08 56 
46 84 99 C6 AB AF 0C 66 9C A2 9F 09 F4 C8 CA 60 BB 64 46 54 76 69 84 48 A2 3A 9B 55 E1 F3 72 8C 
F9 70 29 04 83 95 9D 09 13 96 47 6E B0 97 A0 33 E7 CA CD C1 89 07 BE 8C 65 99 53 1E 9D F5 3E 2F 
8E 22 08 44 42 D9 7D AC E0 67 FF 81 D0 87 C5 26 C7 38 4B 1F A3 3A 16 14 27 07 73 3A 0B 51 19 88 
CC 1A 12 D0 B5 7F 2A 1B D3 03 4B 83 C4 F7 97 91 E8 D9 4F FC 0D 4D 62 60 15 BE 81 93 E2 A7 E8 20 
72 71 A3 0F F2 B3 DF 1E DE F7 C3 43 22 2C D3 A8 
***ACVP [INFO][show_tc_and_hash_param_values:144]--> (tc->tcId           = 3)
***ACVP [INFO][show_tc_and_hash_param_values:145]--> itteration: 1 / 2
***ACVP [INFO][show_tc_and_hash_param_values:147]--> (hash_param.algSHA      = SHA256
HASH Result[32] =
2A CB 21 05 9C 39 C1 B0 30 FE 9C 5F 48 73 CC F3 DB 70 99 25 C2 5B 20 80 64 8A 97 30 ED 8E B8 A8 
pbHashConcatBuffer[32] =
2A CB 21 05 9C 39 C1 B0 30 FE 9C 5F 48 73 CC F3 DB 70 99 25 C2 5B 20 80 64 8A 97 30 ED 8E B8 A8 
ZZ [9] =
7E 2F D3 0A 31 F6 D4 BB B9 
count[6] =
04 04 00 00 00 02 
OtherInfo(oid, count)[19] =
30 11 06 09 60 86 48 01 65 03 04 01 05 04 04 00 00 00 02 
A0 3A
C8 60 1B EA 67 DE 20 10 1B 0D DF C0 D6 79 CC B2 87 60 59 46 80 D1 D2 13 2D 02 73 BD 1E 24 64 25 
45 6F 3F 78 61 94 C7 F5 E9 20 DB C7 DB F8 62 2E 22 64 79 DA 8E CA B8 07 D9 7C 
A1 3A
22 00 AF 02 B4 6C DE 00 41 7E 70 12 18 17 F5 76 BD 67 6C 33 E9 EF C2 38 09 72 F8 43 9A 95 9D 0D 
08 56 46 84 99 C6 AB AF 0C 66 9C A2 9F 09 F4 C8 CA 60 BB 64 46 54 76 69 84 48 
A2 3A
9B 55 E1 F3 72 8C F9 70 29 04 83 95 9D 09 13 96 47 6E B0 97 A0 33 E7 CA CD C1 89 07 BE 8C 65 99 
53 1E 9D F5 3E 2F 8E 22 08 44 42 D9 7D AC E0 67 FF 81 D0 87 C5 26 C7 38 4B 1F 
A3 3A
16 14 27 07 73 3A 0B 51 19 88 CC 1A 12 D0 B5 7F 2A 1B D3 03 4B 83 C4 F7 97 91 E8 D9 4F FC 0D 4D 
62 60 15 BE 81 93 E2 A7 E8 20 72 71 A3 0F F2 B3 DF 1E DE F7 C3 43 22 2C D3 A8 
***ACVP [INFO][get_optional_other_info_key_material:568]--> bytes used: 240
Optional Key Material[240] =
A0 3A C8 60 1B EA 67 DE 20 10 1B 0D DF C0 D6 79 CC B2 87 60 59 46 80 D1 D2 13 2D 02 73 BD 1E 24 
64 25 45 6F 3F 78 61 94 C7 F5 E9 20 DB C7 DB F8 62 2E 22 64 79 DA 8E CA B8 07 D9 7C A1 3A 22 00 
AF 02 B4 6C DE 00 41 7E 70 12 18 17 F5 76 BD 67 6C 33 E9 EF C2 38 09 72 F8 43 9A 95 9D 0D 08 56 
46 84 99 C6 AB AF 0C 66 9C A2 9F 09 F4 C8 CA 60 BB 64 46 54 76 69 84 48 A2 3A 9B 55 E1 F3 72 8C 
F9 70 29 04 83 95 9D 09 13 96 47 6E B0 97 A0 33 E7 CA CD C1 89 07 BE 8C 65 99 53 1E 9D F5 3E 2F 
8E 22 08 44 42 D9 7D AC E0 67 FF 81 D0 87 C5 26 C7 38 4B 1F A3 3A 16 14 27 07 73 3A 0B 51 19 88 
CC 1A 12 D0 B5 7F 2A 1B D3 03 4B 83 C4 F7 97 91 E8 D9 4F FC 0D 4D 62 60 15 BE 81 93 E2 A7 E8 20 
72 71 A3 0F F2 B3 DF 1E DE F7 C3 43 22 2C D3 A8 
key_material_other_info_buf[263] =
30 82 01 03 30 11 06 09 60 86 48 01 65 03 04 01 05 04 04 00 00 00 02 A0 3A C8 60 1B EA 67 DE 20 
10 1B 0D DF C0 D6 79 CC B2 87 60 59 46 80 D1 D2 13 2D 02 73 BD 1E 24 64 25 45 6F 3F 78 61 94 C7 
F5 E9 20 DB C7 DB F8 62 2E 22 64 79 DA 8E CA B8 07 D9 7C A1 3A 22 00 AF 02 B4 6C DE 00 41 7E 70 
12 18 17 F5 76 BD 67 6C 33 E9 EF C2 38 09 72 F8 43 9A 95 9D 0D 08 56 46 84 99 C6 AB AF 0C 66 9C 
A2 9F 09 F4 C8 CA 60 BB 64 46 54 76 69 84 48 A2 3A 9B 55 E1 F3 72 8C F9 70 29 04 83 95 9D 09 13 
96 47 6E B0 97 A0 33 E7 CA CD C1 89 07 BE 8C 65 99 53 1E 9D F5 3E 2F 8E 22 08 44 42 D9 7D AC E0 
67 FF 81 D0 87 C5 26 C7 38 4B 1F A3 3A 16 14 27 07 73 3A 0B 51 19 88 CC 1A 12 D0 B5 7F 2A 1B D3 
03 4B 83 C4 F7 97 91 E8 D9 4F FC 0D 4D 62 60 15 BE 81 93 E2 A7 E8 20 72 71 A3 0F F2 B3 DF 1E DE 
F7 C3 43 22 2C D3 A8 
keyMaterialBuffer[272] =
7E 2F D3 0A 31 F6 D4 BB B9 30 82 01 03 30 11 06 09 60 86 48 01 65 03 04 01 05 04 04 00 00 00 02 
A0 3A C8 60 1B EA 67 DE 20 10 1B 0D DF C0 D6 79 CC B2 87 60 59 46 80 D1 D2 13 2D 02 73 BD 1E 24 
64 25 45 6F 3F 78 61 94 C7 F5 E9 20 DB C7 DB F8 62 2E 22 64 79 DA 8E CA B8 07 D9 7C A1 3A 22 00 
AF 02 B4 6C DE 00 41 7E 70 12 18 17 F5 76 BD 67 6C 33 E9 EF C2 38 09 72 F8 43 9A 95 9D 0D 08 56 
46 84 99 C6 AB AF 0C 66 9C A2 9F 09 F4 C8 CA 60 BB 64 46 54 76 69 84 48 A2 3A 9B 55 E1 F3 72 8C 
F9 70 29 04 83 95 9D 09 13 96 47 6E B0 97 A0 33 E7 CA CD C1 89 07 BE 8C 65 99 53 1E 9D F5 3E 2F 
8E 22 08 44 42 D9 7D AC E0 67 FF 81 D0 87 C5 26 C7 38 4B 1F A3 3A 16 14 27 07 73 3A 0B 51 19 88 
CC 1A 12 D0 B5 7F 2A 1B D3 03 4B 83 C4 F7 97 91 E8 D9 4F FC 0D 4D 62 60 15 BE 81 93 E2 A7 E8 20 
72 71 A3 0F F2 B3 DF 1E DE F7 C3 43 22 2C D3 A8 
***ACVP [INFO][show_tc_and_hash_param_values:144]--> (tc->tcId           = 3)
***ACVP [INFO][show_tc_and_hash_param_values:145]--> itteration: 2 / 2
***ACVP [INFO][show_tc_and_hash_param_values:147]--> (hash_param.algSHA      = SHA256
HASH Result[32] =
09 74 D0 AB 92 12 B3 49 A3 A0 FD D9 FE E2 09 79 49 F0 61 A5 73 33 FD D9 55 99 64 22 99 00 F9 15 
pbHashConcatBuffer[64] =
2A CB 21 05 9C 39 C1 B0 30 FE 9C 5F 48 73 CC F3 DB 70 99 25 C2 5B 20 80 64 8A 97 30 ED 8E B8 A8 
09 74 D0 AB 92 12 B3 49 A3 A0 FD D9 FE E2 09 79 49 F0 61 A5 73 33 FD D9 55 99 64 22 99 00 F9 15 
derivedKey[58] =
2A CB 21 05 9C 39 C1 B0 30 FE 9C 5F 48 73 CC F3 DB 70 99 25 C2 5B 20 80 64 8A 97 30 ED 8E B8 A8 
09 74 D0 AB 92 12 B3 49 A3 A0 FD D9 FE E2 09 79 49 F0 61 A5 73 33 FD D9 55 99 
***ACVP [INFO][win_kdf135_x942_DER_handler:798]-->    **** [OUT] ****

Test Case 4 Expected

        {
            "tcId": 4,
            "derivedKey": "84"
        }

msacvp-results

        {
            "tcId": 4,
            "derivedKey": "8C"
        }

Details

***ACVP [INFO][win_kdf135_x942_DER_handler:546]-->  ******** TEST CASE: 1:4 ************************
***ACVP [INFO][win_BCryptOpenAlgorithmProvider:343]--> Opening algorithm SHA256...
***ACVP [INFO][win_BCryptOpenAlgorithmProvider:355]--> Opened  algorithm SHA256...
***ACVP [INFO][win_kdf135_x942_DER_handler:605]--> key_material_bytes_max: 32768

***ACVP [INFO][show_tc_param_values:184]--> CON_OUT-TEST-1944424.1.4-20231114_103217
***ACVP [INFO][show_tc_param_values:185]-->      test:  1944424.1.4
***ACVP [INFO][show_tc_param_values:186]--> algorithm:  4, DER
***ACVP [INFO][show_tc_param_values:187]-->      mode:  34, ANSI x9.42
***ACVP [INFO][show_tc_param_values:188]-->  testType:  1, AFT
OID[11] =
06 09 60 86 48 01 65 03 04 01 05 
zz[37] =
2D 0C 63 7A D1 F7 A8 68 69 0B 46 76 87 B1 08 1D 46 31 5F 54 15 CD F0 F3 2F 17 A2 16 A2 24 67 AC 
13 EE E7 D5 98 
***ACVP [INFO][show_tc_param_values:191]-->    keyLen:  8
partyUInfo[58] =
F7 01 E3 F7 40 E9 CC 1B 69 6D F0 F9 05 A5 08 35 1F B2 63 24 61 01 B5 CA 9F E4 8F B5 46 AA 6D 3A 
BB 5C 65 9D 66 35 CC 7A AD B5 8D 3B 77 6F 06 A0 6E 51 92 56 B9 22 CF 5D 9E 4A 
partyVInfo[58] =
35 A4 1B 38 6C B2 E1 27 D2 43 C6 DD E6 43 29 E3 94 4F 2A 38 C9 E4 BD EE 09 B3 E7 A8 A3 A6 E8 2B 
41 00 49 C2 57 BF 94 31 16 19 16 88 54 8B 86 AC D0 21 11 B9 0A E7 E8 7F 66 73 
suppPubInfo[58] =
7A 42 CE 2F 0A A7 0D 26 AC 03 D7 A0 78 60 5B 14 7D 01 65 29 7E 4B 92 E1 AF 19 D2 D1 47 34 C7 7C 
D3 A5 64 63 19 06 99 74 2B 45 06 DD 4F 32 CB 66 82 D2 C5 27 7E 6B D0 DF A6 E8 
suppPrivInfo[58] =
5C 64 FF 77 3B C9 A7 72 98 0B 5F F1 B7 68 1D C7 CC AB 89 EC A1 63 92 52 D0 4F 12 7F 0F 2A C4 20 
88 C4 A5 33 2C 03 07 05 88 97 0F 01 C7 BA 4B 6E 82 B1 93 B0 8B 91 5F 01 97 2B 

ZZ [37] =
2D 0C 63 7A D1 F7 A8 68 69 0B 46 76 87 B1 08 1D 46 31 5F 54 15 CD F0 F3 2F 17 A2 16 A2 24 67 AC 
13 EE E7 D5 98 
count[6] =
04 04 00 00 00 01 
OtherInfo(oid, count)[19] =
30 11 06 09 60 86 48 01 65 03 04 01 05 04 04 00 00 00 01 
A0 3A
F7 01 E3 F7 40 E9 CC 1B 69 6D F0 F9 05 A5 08 35 1F B2 63 24 61 01 B5 CA 9F E4 8F B5 46 AA 6D 3A 
BB 5C 65 9D 66 35 CC 7A AD B5 8D 3B 77 6F 06 A0 6E 51 92 56 B9 22 CF 5D 9E 4A 
A1 3A
35 A4 1B 38 6C B2 E1 27 D2 43 C6 DD E6 43 29 E3 94 4F 2A 38 C9 E4 BD EE 09 B3 E7 A8 A3 A6 E8 2B 
41 00 49 C2 57 BF 94 31 16 19 16 88 54 8B 86 AC D0 21 11 B9 0A E7 E8 7F 66 73 
A2 3A
7A 42 CE 2F 0A A7 0D 26 AC 03 D7 A0 78 60 5B 14 7D 01 65 29 7E 4B 92 E1 AF 19 D2 D1 47 34 C7 7C 
D3 A5 64 63 19 06 99 74 2B 45 06 DD 4F 32 CB 66 82 D2 C5 27 7E 6B D0 DF A6 E8 
A3 3A
5C 64 FF 77 3B C9 A7 72 98 0B 5F F1 B7 68 1D C7 CC AB 89 EC A1 63 92 52 D0 4F 12 7F 0F 2A C4 20 
88 C4 A5 33 2C 03 07 05 88 97 0F 01 C7 BA 4B 6E 82 B1 93 B0 8B 91 5F 01 97 2B 
***ACVP [INFO][get_optional_other_info_key_material:568]--> bytes used: 240
Optional Key Material[240] =
A0 3A F7 01 E3 F7 40 E9 CC 1B 69 6D F0 F9 05 A5 08 35 1F B2 63 24 61 01 B5 CA 9F E4 8F B5 46 AA 
6D 3A BB 5C 65 9D 66 35 CC 7A AD B5 8D 3B 77 6F 06 A0 6E 51 92 56 B9 22 CF 5D 9E 4A A1 3A 35 A4 
1B 38 6C B2 E1 27 D2 43 C6 DD E6 43 29 E3 94 4F 2A 38 C9 E4 BD EE 09 B3 E7 A8 A3 A6 E8 2B 41 00 
49 C2 57 BF 94 31 16 19 16 88 54 8B 86 AC D0 21 11 B9 0A E7 E8 7F 66 73 A2 3A 7A 42 CE 2F 0A A7 
0D 26 AC 03 D7 A0 78 60 5B 14 7D 01 65 29 7E 4B 92 E1 AF 19 D2 D1 47 34 C7 7C D3 A5 64 63 19 06 
99 74 2B 45 06 DD 4F 32 CB 66 82 D2 C5 27 7E 6B D0 DF A6 E8 A3 3A 5C 64 FF 77 3B C9 A7 72 98 0B 
5F F1 B7 68 1D C7 CC AB 89 EC A1 63 92 52 D0 4F 12 7F 0F 2A C4 20 88 C4 A5 33 2C 03 07 05 88 97 
0F 01 C7 BA 4B 6E 82 B1 93 B0 8B 91 5F 01 97 2B 
key_material_other_info_buf[263] =
30 82 01 03 30 11 06 09 60 86 48 01 65 03 04 01 05 04 04 00 00 00 01 A0 3A F7 01 E3 F7 40 E9 CC 
1B 69 6D F0 F9 05 A5 08 35 1F B2 63 24 61 01 B5 CA 9F E4 8F B5 46 AA 6D 3A BB 5C 65 9D 66 35 CC 
7A AD B5 8D 3B 77 6F 06 A0 6E 51 92 56 B9 22 CF 5D 9E 4A A1 3A 35 A4 1B 38 6C B2 E1 27 D2 43 C6 
DD E6 43 29 E3 94 4F 2A 38 C9 E4 BD EE 09 B3 E7 A8 A3 A6 E8 2B 41 00 49 C2 57 BF 94 31 16 19 16 
88 54 8B 86 AC D0 21 11 B9 0A E7 E8 7F 66 73 A2 3A 7A 42 CE 2F 0A A7 0D 26 AC 03 D7 A0 78 60 5B 
14 7D 01 65 29 7E 4B 92 E1 AF 19 D2 D1 47 34 C7 7C D3 A5 64 63 19 06 99 74 2B 45 06 DD 4F 32 CB 
66 82 D2 C5 27 7E 6B D0 DF A6 E8 A3 3A 5C 64 FF 77 3B C9 A7 72 98 0B 5F F1 B7 68 1D C7 CC AB 89 
EC A1 63 92 52 D0 4F 12 7F 0F 2A C4 20 88 C4 A5 33 2C 03 07 05 88 97 0F 01 C7 BA 4B 6E 82 B1 93 
B0 8B 91 5F 01 97 2B 
keyMaterialBuffer[300] =
2D 0C 63 7A D1 F7 A8 68 69 0B 46 76 87 B1 08 1D 46 31 5F 54 15 CD F0 F3 2F 17 A2 16 A2 24 67 AC 
13 EE E7 D5 98 30 82 01 03 30 11 06 09 60 86 48 01 65 03 04 01 05 04 04 00 00 00 01 A0 3A F7 01 
E3 F7 40 E9 CC 1B 69 6D F0 F9 05 A5 08 35 1F B2 63 24 61 01 B5 CA 9F E4 8F B5 46 AA 6D 3A BB 5C 
65 9D 66 35 CC 7A AD B5 8D 3B 77 6F 06 A0 6E 51 92 56 B9 22 CF 5D 9E 4A A1 3A 35 A4 1B 38 6C B2 
E1 27 D2 43 C6 DD E6 43 29 E3 94 4F 2A 38 C9 E4 BD EE 09 B3 E7 A8 A3 A6 E8 2B 41 00 49 C2 57 BF 
94 31 16 19 16 88 54 8B 86 AC D0 21 11 B9 0A E7 E8 7F 66 73 A2 3A 7A 42 CE 2F 0A A7 0D 26 AC 03 
D7 A0 78 60 5B 14 7D 01 65 29 7E 4B 92 E1 AF 19 D2 D1 47 34 C7 7C D3 A5 64 63 19 06 99 74 2B 45 
06 DD 4F 32 CB 66 82 D2 C5 27 7E 6B D0 DF A6 E8 A3 3A 5C 64 FF 77 3B C9 A7 72 98 0B 5F F1 B7 68 
1D C7 CC AB 89 EC A1 63 92 52 D0 4F 12 7F 0F 2A C4 20 88 C4 A5 33 2C 03 07 05 88 97 0F 01 C7 BA 
4B 6E 82 B1 93 B0 8B 91 5F 01 97 2B 
***ACVP [INFO][show_tc_and_hash_param_values:144]--> (tc->tcId           = 4)
***ACVP [INFO][show_tc_and_hash_param_values:145]--> itteration: 1 / 1
***ACVP [INFO][show_tc_and_hash_param_values:147]--> (hash_param.algSHA      = SHA256
HASH Result[32] =
8C D5 B2 B5 BC 4F 64 00 E5 D8 FF 4B E8 2A 89 16 81 67 D2 64 A9 FA 81 53 A0 05 2A 43 5B DE 9D F2 
pbHashConcatBuffer[32] =
8C D5 B2 B5 BC 4F 64 00 E5 D8 FF 4B E8 2A 89 16 81 67 D2 64 A9 FA 81 53 A0 05 2A 43 5B DE 9D F2 
derivedKey[1] =
8C 
***ACVP [INFO][win_kdf135_x942_DER_handler:798]-->    **** [OUT] ****
jbrock24 commented 7 months ago

Our DER encoding process (the DER encoding method) does:

  1. Concatenates a bit string of an octet byte counter, begins at 1, to the OID of 06 09 60 86 48 01 65 03 04 01 05, which is the OID for AES-128-KW.
  2. Creates an empty bit string and concatenates the PartyU, PartyV, PubInfo, and PrivInfo as the data.
  3. Encodes the previous two bit strings as:

30 || LEN (of DATA) || OID || COUNTER || DATA

This is how they are all processed and created, please let me know if you have any other questions.

MarkSimontonOfCG commented 7 months ago

so as I read your response data = PartyU || PartyV || PubInfo || PrivInfo this implies there is no DER HEADER for the data internal parts, is that correct?

jbrock24 commented 7 months ago

Sorry, those are also encoded, their encoding can be found here along with the other encoding code. The ANSIX942 code can be found here. Specifically, the code I mentioned yesterday is found here.