search

usnistgov / ACVP

Industry Working Group on Automated Cryptographic Algorithm Validation
https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program
172 stars 66 forks source link

How to specify Dkm Nonce Types in capabilities JSON for KAS FFC dhStatic #985

Closed harrywangca closed 4 years ago

harrywangca commented 4 years ago

I am trying to test KAS FFC dhStatic scheme.

I got 400 error while vector downloading, the server message is:

    "error": "Validation error(s) on JSON payload.",
    "context": [
      "KAS-FFC-Component-1.0: No Dkm Nonce Types supplied."
    ]

I know I need to specify Dkm Nonce Type in my register string, but I could not find how to do this in the spec. I wish someone can quickly show me how to do this here. The spec should be updated eventually.

Here is my capabilities JSON object string:

[{
    "acvVersion": "1.0"
}, {
    "isSample": true,
    "algorithms": [{
        "algorithm": "KAS-FFC",
        "revision": "1.0",
        "mode": "Component",
        "prereqVals": [{
            "algorithm": "DSA",
            "valValue": "same"
        }, {
            "algorithm": "SHA",
            "valValue": "same"
        }, {
            "algorithm": "DRBG",
            "valValue": "same"
        }, {
            "algorithm": "CCM",
            "valValue": "same"
        }, {
            "algorithm": "CMAC",
            "valValue": "same"
        }, {
            "algorithm": "HMAC",
            "valValue": "same"
        }],
        "function": ["dpGen", "keyPairGen", "keyRegen"],
        "scheme": {
            "dhStatic": {
                "kasRole": ["initiator", "responder"],
                "kdfNoKc": {
                    "kdfOption": {
                        "concatenation": "literal[1234567890]"
                    },
                    "parameterSet": {
                        "fb": {
                            "hashAlg": ["SHA2-256"],
                            "macOption": {
                                "HMAC-SHA2-512": {
                                    "keyLen": [112],
                                    "macLen": 112
                                }
                            }
                        },
                        "fc": {
                            "hashAlg": ["SHA2-256"],
                            "macOption": {
                                "HMAC-SHA2-512": {
                                    "keyLen": [128],
                                    "macLen": 128
                                }
                            }
                        }
                    }
                }
            }
        }
    }]
}]

This is the spec I am referring to: https://usnistgov.github.io/ACVP/draft-fussell-acvp-kas-ffc.txt

Harry

Kritner commented 4 years ago

KdfNoKc is not a valid registration option for KAS-FFC / Component / 1.0. Was your intention to test against the shared secret computation, or against the KDF?

If you're attempting to test against shared secret computation only through the KAS-FFC / Component registration, then you need to specify a NoKdfNoKc object rather than KdfNoKc.

If your intention is to test KAS from shared secret computation through the KDF then KAS-FFC / null / 1.0 should be used. Continue with the KdfNoKc option in your registration, and include a dkmNonceTypes under that object. It looks like the dkmNonceTypes is missing from the specification so that will need to be updated.

dkmNonceTypes is a string[] that accepts the following values:

It should be noted that there is newer kas testing available to at a minimum demo (and prod depending on the actual algorithm) that should have slightly simpler registrations, and goes against a more up to date version of the sp (in case you were unaware):

Full kas testing (shared secret computation, KDF, and optionally key confirmation): https://usnistgov.github.io/ACVP/draft-hammett-acvp-kas-ffc-sp800-56ar3.html

Shared secret testing for KAS FFC schemes: https://usnistgov.github.io/ACVP/draft-hammett-acvp-kas-ssc-ffc.html

KDF testing: https://usnistgov.github.io/ACVP/draft-hammett-acvp-kas-kdf-hkdf.html https://usnistgov.github.io/ACVP/draft-hammett-acvp-kas-kdf-onestep.html https://usnistgov.github.io/ACVP/draft-hammett-acvp-kas-kdf-twostep.html

harrywangca commented 4 years ago

I am implementing ACVP testing based on our old CAVS testing stuffs. So far I have passed ACVP tests for dhEphem, dhHybrid1, dhHybridOneFlow, and dhOneFlow, all with kdfNoKC option.

Thank you for the info. I now can down load vectors for dhStatic.