search

usnistgov / ACVP-Server

A repository tracking releases of NIST's ACVP server. See www.github.com/usnistgov/ACVP for the protocol.
36 stars 13 forks source link

RSA test cases all include 'deferred' member without actual test data #344

Open mmccarl opened 1 week ago

mmccarl commented 1 week ago

environment Prod

testSessionId 29798

vsId 349435, 349436

Algorithm registration RSA

the above listed vector sets contain 'deferred' member in the test cases:

[ { "acvVersion": "1.0" }, { "vsId": 349435, "algorithm": "RSA", "mode": "keyGen", "revision": "FIPS186-5", "isSample": false, "testGroups": [ { "tgId": 1, "infoGeneratedByServer": false, "modulo": 2048, "testType": "AFT", "keyFormat": "crt", "primeTest": "2powSecStr", "randPQ": "probableWithProbableAux", "pubExp": "fixed", "fixedPubExp": "010001", "tests": [ { "tcId": 1, "deferred": true }, { "tcId": 2, "deferred": true }, etc...

AEGISOLVE-TEAM commented 5 days ago

Are there any updates to this question. We are being blocked by this issue.

livebe01 commented 10 hours ago

Hi, I noticed that you're referencing Prod vector sets. Have you run the same tests on Demo?

AEGISOLVE-TEAM commented 9 hours ago

@livebe01 Yes - Demo Testing was run already: RSA-request (tsId-498227) (vsId-2238543) RSA-request (tsId-498227) (vsId-2238544)

A comparison of the JSON registration request of Demo to Production - shows no differences in the parameters with the exception of isSample. The Demo vectors do not have the deferred field.

Demo vsid-2238543:

[ { "acvVersion": "1.0" }, { "vsId": 2238543, "algorithm": "RSA", "mode": "keyGen", "revision": "FIPS186-5", "isSample": true, "testGroups": [ { "tgId": 1, "infoGeneratedByServer": false, "modulo": 2048, "testType": "AFT", "keyFormat": "crt", "primeTest": "2powSecStr", "randPQ": "probableWithProbableAux", "pubExp": "fixed", "fixedPubExp": "010001", "tests": [ { "tcId": 1, "bitlens": [ 191, 162, 545, 152 ], "xP": "B9E86D608719EA0F3CFDA89D073F91D67E0ADAFBE9788995AE07497247936B4A7904482F47D4D68203B10878BB55B94EA6439F9BDC4BF214878BCFF838D9B1565C1CE9F64C1924A62B188D3618AE03847B4987DE62E37874BDDA5184A2891F7E9BE6A2526647963EE66EFD0ECBE261F38FEBDFDBADCE55B2963BA0405C6265BB", "xQ": "D61F2DC9E847BCCA7E762413817021787E3F13CF4C74BFB721716C433F68BF26870C16C372095FCE6AFA469CC6986E66ED12E577970EDD7F52776CE1B114B6D5F7A4A42794EF96ED3B0D23857FAE1095CFE594DCB8D4DC3BF5F0BC211E225F7E348BC76ABB514A92B50AC92C5605E32816036394E96B7C723748DA3D85A14998", "xP1": "5D4ABAF7F7ADCDD91E1952B3972CA2D2743016249E03B903", "xP2": "030EC321B9146960284990290A3B8AF498FD44F1D7", "xQ1": "0157681A968352ABB39839194F81FF0E317FD28198CE2ABAE516E1902D6F60233AE0C1F4A4746DA3B32361B6D56B61578096DD9E323AA6984B0D8F032606CE154E0E84B0D9", "xQ2": "00C2EED1328B928B1B854A75F0686E3D0EFFC5D7", "e": "010001" }, { "tcId": 2, "bitlens": [ 161, 490, 534, 164 ], "xP": "BBA43A627F000DFFFC98BE728B618642E4F5BAF26FB3FD8C20F605AD3C9AAAE03E2564E0A64E5318B765252CEAE224808D984AA84FA83CB1F4B84B6CB4B15632AB634CE7A0F5E5B9236BDF08F28E2773DF819C794773529BCE49DEA42FFD0A8422DC37A5E216013AD6FD995C4E3E6EEDDBF4C9418BFA279830195EFF36130750", "xQ": "CCA07DFAB98ECC2B1302F57F707C8B40EEB44A0BD197BED8D32AC6A4E9329FBDD0356F4AED1C0949DA05BA8591C6655E3BB7A011AD7CD14F5941B15C759421DE6D403D0C9AA803174B58CEFE72B4FB8C050374F08B2A0E1E044DFC085BDB2898B8F1B720DF7C61C26C96B775A609106FC8859621815AEAD98905EB586EC5FF96", "xP1": "0119FC01E2490D7D39E2258309025C3F02965D8153", "xP2": "03387C8E2218ADC9A876C6E4714888D145B7710CBB993C2DC76ECDFB712E2829F8EB4B8CEC07F06C5750538A1C649B34B010E0CC98F6A1A6C56895138505", "xQ1": "3B5016CD5A9594DC9D4EA06F83E3996A8EA10139639C9A305F7A7EA59688B897D6EAC73C2AB8EBE46469C372C8C3FC40D9BC872DF5B686428C40864579F84661C06933", "xQ2": "0BA2C02A49E22A0527D7976482C13426FE745EE09D", "e": "010001" }, { "tcId": 3, "bitlens": [ 218, 329, 486, 191 ], "xP": "EA296ADCDF9E5D8C6C81356FB60F15B570841125B031DB13B020327F78037D5D589519BA8DD75DEFD9C21BBEFAD695ECC85D730AD630CF1653CF4DD82A24409A24E93D82BABF1D6D14499BD9D2C9C4057423DF9E16BE57A5DA1982C36BF8BE6551B50653671C0FB8C0F646E8E2DBA1F011322F6CDF1168DE648F00277C35B3EE", "xQ": "EFF8D26FEC632E979810C172D1B1C9C8BA8E2F8BF1701A156D6C711A26888CA29F145ACEB9D27ECC3A70B2B38C603C6E25F1D922BBD4485C3562DD05CB56F95BAA06CB45DFD1C71D364BA49656EB5B50EE03AE065E52BA7C1B7FA999173C9CCEBBD01C7A3E3D70E4BDA2F32F5A974EF87A6BA1EB7B354579A7F3E3ADBADB10BC", "xP1": "0347026DF9E9D54625C5F029975EFF55E25CBF369CCE4433FA33388D", "xP2": "01578DACB0FE34E642FC318C3A4FB73A2AD64709CE46C00B77FC5C044DE94B3836AAE5A7C736ABC002B7", "xQ1": "281B60E4D3AE2BDAD6F1B763E00FCE718CE05B14DA7A44623B185B70964383A6E5AFE1F2EF8F36CFD5BC039434F94F4A657282C7FB830BEA0E4F73097D", "xQ2": "6E81CED1237D035673C1E28950D1BE37EFF4DC3E43549E5B", "e": "010001" } ] } ] } ]

jbrock24 commented 7 hours ago

The isSample setting makes it so that the IUT will fill out the results file for validation, and the deferred crypto will be ran on what is provided. When isSample is True, the Server does all the work the IUT would have done. You can see here within the code how that's handled.

The IUT needs to fill in the appropriate fields for the server and submit those answers/results for Validation. When you submit that for this algorithm, the Server runs all the Generation steps needed with the provided IUT data, and creates the Validation.

livebe01 commented 5 hours ago

Something this situation highlights is that, even if a Demo run with "isSample": true is done, it's best to always do a Demo run with "isSample": false prior to moving on to do a run on Prod. This is the best way to work out any kinks prior to a Prod run. It ensures that equivalent vector sets are being produced across Demo and Prod (as Prod only allows "isSample": false).