Joachim Vandersmissen

@livebe01 of course. I understand you're very busy right now with PQC algorithms, the upcoming Ascon LWC standard, and possible additions to SP 800-132.

Why are you using `hensel_roots` for `f=0`?

Could you give an example q for which `generate_anomalous_q` currently does not work? > in this file shared/ecc.py you mentioned you'll implement "Accelerating the CM method" by Sutherland. Would you...

OK, so I understand the problem you're having. In your case, `p = 115792089237316195423570985008687907852837564279074904382605163141518161494337`. Then `4p - 1 = 3^2 * 11 * 30977 * 31259 * 9303467 * 4726907109366362731...

Seems like the server should in fact send failing test cases about 1/4 times: https://github.com/usnistgov/ACVP-Server/blob/master/gen-val/src/orleans/src/NIST.CVP.ACVTS.Libraries.Orleans.Grains/Aead/OracleObserverAesGcmSivCaseGrain.cs#L19. Why does the server later think those cases are valid?

@dspdon yes, that file has the same issue. Specifically, for `tcId` 62, 66, 70, 72, 73, 80, 81, 82, 85, 91, 95, 98, 103, 107, 109, 111, 113, and 115,...

I believe the following is happening for `"contextLength":[ 0 ],`: ``` var min = group.ContextLength.GetDomainMinMax().Minimum == 0 ? 1 : group.ContextLength.GetDomainMinMax().Minimum; var max = group.ContextLength.GetDomainMinMax().Maximum; var lengths = group.ContextLength.GetRandomValues(min, max,...

@jbrock24 do you need any help debugging this? I'd like this to be fixed as we have a module (specifically OpenSSL 3.0/3.1) which does not support the context for Ed25519....

Thank you!

Confirmed fixed.