search

usnistgov / ACVP-Server

A repository tracking releases of NIST's ACVP server. See www.github.com/usnistgov/ACVP for the protocol.
36 stars 13 forks source link

AES-XTS: ACVP server returning test cases that do not match my configuration #325

Closed amr-atsec closed 2 months ago

amr-atsec commented 2 months ago

environment Demo

testSessionId 503835

vsId 2285932

Algorithm registration "revision":"2.0", "algorithm":"ACVP-AES-XTS", "direction":[ "encrypt", "decrypt" ], "keyLen":[ 256 ], "payloadLen":[ { "min":64000, "max":65536, "increment":128 } ], "tweakMode":[ "number" ], "dataUnitLen":[ 64000 ], "dataUnitLenMatchesPayload":false

Expected behavior I expect the ACVP server to only provide me with test cases that have "dataUnitLen": 64000, because I selected this data unit length when configuring my AES-XTS settings. The problem is that in addition to test cases with "dataUnitLen": 64000, I also receive test cases with many different dataUnitLen.

Additional context The ACVP server is returning test cases that do not match my algorithm configuration.

livebe01 commented 2 months ago

Hi @amr-atsec, please see the description of dataUnitLen here: https://pages.nist.gov/ACVP/draft-celi-acvp-symmetric.html#name-block-cipher-algorithm-capa.

amr-atsec commented 2 months ago

Thank you for that