RSA 186-5 KAT Tests

[GlennUL]

environment Demo & Prod

Additional context We have a vendor who needs to test RSA KeyGen 186-5 however they are only able to run the GDT tests and not the KAT tests. In section 8.1 of the ACVP documentation it states that setting the test session to 'infoGeneratedByServer' true enables the KAT tests but when we set it to false with a random public exponent it still includes the KAT tests. I came across an older ticket (https://github.com/usnistgov/ACVP/issues/660) where Chris makes it seem that in order to test without the KAT tests that it has to be a fixed public exponent. Is it not possible to test only the GDT tests if the public exponent is random?

Thanks!

[GlennUL]

Hi @jbrock24 any guidance on this situation? Thanks!

[jbrock24]

Hi @GlennUL, apologies for the reply timeframe. As far as I can tell, these are the only two conditions in which a KAT wouldn't be created:

            if (parameters.PubExpMode == PublicExponentModes.Fixed) return Task.FromResult(testGroups);
            if (parameters.KeyFormat == PrivateKeyModes.Crt) return Task.FromResult(testGroups);

I will ask how we want to handle this during our dev meeting this afternoon, and will have a fix/method to get this working for you.

[GlennUL]

Hi @jbrock24 I just wanted to check in to see if a possible workaround has been figured out.

[jbrock24]

@GlennUL We can do a custom vector set for you to handle this. If this is something you'd be interested in, let me know and I will work to begin getting that ready for you.

[GlennUL]

Thanks @jbrock24 Do you want me to setup a session on the Demo server so that way you can just drop the custom vector onto the server for us to download and process?

[jbrock24]

I'll let you know tomorrow, I'm going to set it up for then, thanks for your patience.

[jbrock24]

@GlennUL Please run another through the Demo and I'll process it, thanks!

[GlennUL]

Hi @jbrock24 I just set this up on the Demo server under test session 503648 and vsid 2284908.

[jbrock24]

Great thanks, I'll get that process moving, appreciated.

[GlennUL]

Thanks, I appreciate your assistance with this!

[jbrock24]

Should have those files available sometime soon, I've forwarded them to be posted for you. I'll let you know when it's accomplished.

[GlennUL]

Thanks for the update Joel!

[jbrock24]

Check that they're available for download, they should be, thanks a lot for your patience.

[GlennUL]

I've successfully downloaded the vector. Thanks again for all your assistance and I'll let you know when we need the Production vector.

[GlennUL]

Hi @jbrock24 We're ready to proceed with the Production testing. I have created the session on the server under test session 28946. I believe the vsid should be 339007 but I am unable to confirm without pulling in the vector since this test session has multiple keygen vectors being generated in it. If you need anything else please let me know. Thanks!

[jbrock24]

Hi @GlennUL Thanks for this, I'll get to this tomorrow and let you know by the afternoon, EST, where we are. Thanks again for your patience.

[GlennUL]

Thanks @jbrock24

[jbrock24]

@GlennUL What is the best email for me to reach out to you to continue this? Also, can you please check the TSID you gave me, the VSID is coming up incorrect as well. Thanks!

[livebe01]

Closing this ticket as it's being handled out of band.