Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EdDSA: the requested test vectors for SigGen mode has unexpected 'context' and 'contextLength' parameters in some tests #1528

Closed
almau opened this issue Aug 9, 2024 · 3 comments
Closed

EdDSA: the requested test vectors for SigGen mode has unexpected 'context' and 'contextLength' parameters in some tests #1528

almau opened this issue Aug 9, 2024 · 3 comments
Assignees
@jbrock24
Milestone
v1.1.0.36

Comments

@almau
Copy link

almau commented Aug 9, 2024

The RFC 8032 defines various parameter sets for the EdDSA algorithm. The need for providing the "context" is applicable solely to Ed25519ctx. The RFC also specifies that "the context (if present at all) MUST be empty" for Ed25519.

The following registration JSON object used to report to the demo ACVP server the EdDSA sigGen mode capabilities without supporting the "context":

{
    "algorithm": "EDDSA",
    "mode": "sigGen",
    "revision": "1.0",
    "prereqVals": [
        {
            "algorithm": "SHA",
            "valValue": "same"
        }
    ],
    "pure": true,
    "preHash": false,
    "contextLength": [0],
    "curve": [
        "ED-25519",
        "ED-448"
    ]
},

A test vector request is generated by the demo server upon accepting such settings. The request contains several tests, some of which simply have the "message" value, and others which also have the values "message", "context" and "contextLength" = 1.

[
   {
    "vsId": 2471370,
    "algorithm": "EDDSA",
    "mode": "sigGen",
    "revision": "1.0",
    "isSample": true,
    "testGroups": [
        {
            "tgId": 1,
            "testType": "AFT",
            "curve": "ED-25519",
            "preHash": false,
            "tests": [
                {
                    "tcId": 1,
                    "message": "C19FF187A64E7AF49D492EDAC284EF1690FF85F82757D0FE77AE2B5F1B356213A526C1D9B34BE5CA730CBB2DD3D43C381807B422ED01478278A4D38C18EE00587601AFFFBC071E442173F96FDA48A24B3A444E1B8DD81555267DE0D290073E6D7B9575761F777D662341FA03566D0059776393575C7BEDEC78CF763A6E41861C"
                },
                {...}
            ]
        },
        {
            "tgId": 2,
            "testType": "AFT",
            "curve": "ED-448",
            "preHash": false,
            "tests": [
                {
                    "tcId": 11,
                    "message": "C0192F9CCCA0B148517A373D1FA58BD25025C2E8A3213F8DF8B943B01F34A917C2D687B62743F3A547F8F812E381A135772F712D9655B748D056DFBF46F841498D1BBEC0DA0302C252593E5A6910E4D77889A9607D3732819762BA2A0545FE85536223C8581ABF218FEF64C9D64FAA8B80E505457E94ABB0E316DB9A2592B2B7",
                    "context": "E1",
                    "contextLength": 1
                },
                {...}
            ]
        },
        {
            "tgId": 3,
            "testType": "BFT",
            "curve": "ED-25519",
            "preHash": false,
            "tests": [
                {
                    "tcId": 21,
                    "message": "9420C1BA"
                },
                {...}
            ]
        }
        ]
    }
]

The specified configuration was implemented in the hotfix update released on May 23, 2024 in response to the issue #1501

No "context" or "contextLength" values need to be included in any of the test cases in the expected test vector request. An empty "context" with "contextLength" = 0 could be included as an alternative to represent the test with solely the "message" value.

Test 11 in the request, which is given as an example, needs to be:

{
    "tcId": 11,
    "message": "C0192F9CCCA0B148517A373D1FA58BD25025C2E8A3213F8DF8B943B01F34A917C2D687B62743F3A547F8F812E381A135772F712D9655B748D056DFBF46F841498D1BBEC0DA0302C252593E5A6910E4D77889A9607D3732819762BA2A0545FE85536223C8581ABF218FEF64C9D64FAA8B80E505457E94ABB0E316DB9A2592B2B7"
}

or alternatively:

{
    "tcId": 11,
    "message": "C0192F9CCCA0B148517A373D1FA58BD25025C2E8A3213F8DF8B943B01F34A917C2D687B62743F3A547F8F812E381A135772F712D9655B748D056DFBF46F841498D1BBEC0DA0302C252593E5A6910E4D77889A9607D3732819762BA2A0545FE85536223C8581ABF218FEF64C9D64FAA8B80E505457E94ABB0E316DB9A2592B2B7",
    "context": "",
    "contextLength": 0
}
@livebe01 livebe01 added this to the v1.1.0.36 milestone Sep 26, 2024
@almau
Copy link
Author

almau commented Oct 7, 2024

The latest build, v1.1.0.36, fixes the reported bug.
The zero-length context was validated in session 548075.

@livebe01
Copy link
Collaborator

livebe01 commented Oct 7, 2024

Great. Thanks for letting us know!

@livebe01
Copy link
Collaborator

The fix for this issue has been deployed to ACVTS Prod as part of the v1.1.0.36 release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jbrock24 jbrock24

Labels
None yet
Projects
None yet
Milestone
v1.1.0.36
Development

No branches or pull requests
3 participants
@almau @jbrock24 @livebe01