usnistgov
ACVP Server includes maskFunction for PKCS#1 v1.5 SigGen
environment Demo
testSessionId 525016
vsId 2428060
Algorithm registration
[
{
"acvVersion":"1.0"
},
{
"isSample":false,
"operation":"register",
"certificateRequest":"no",
"debugRequest":"yes",
"production":"no",
"encryptAtRest":"yes",
"algorithms":[
{
"revision":"FIPS186-5",
"algorithm":"RSA",
"mode":"sigGen",
"capabilities":[
{
"sigType":"pkcs1v1.5",
"properties":[
{
"modulo":2048,
"hashPair":[
{
"hashAlg":"SHA2-224"
},
{
"hashAlg":"SHA2-256"
},
{
"hashAlg":"SHA2-384"
},
{
"hashAlg":"SHA2-512"
},
{
"hashAlg":"SHA3-224"
},
{
"hashAlg":"SHA3-256"
},
{
"hashAlg":"SHA3-384"
},
{
"hashAlg":"SHA3-512"
}
]
},
{
"modulo":3072,
"hashPair":[
{
"hashAlg":"SHA2-224"
},
{
"hashAlg":"SHA2-256"
},
{
"hashAlg":"SHA2-384"
},
{
"hashAlg":"SHA2-512"
},
{
"hashAlg":"SHA3-224"
},
{
"hashAlg":"SHA3-256"
},
{
"hashAlg":"SHA3-384"
},
{
"hashAlg":"SHA3-512"
}
]
},
{
"modulo":4096,
"hashPair":[
{
"hashAlg":"SHA2-224"
},
{
"hashAlg":"SHA2-256"
},
{
"hashAlg":"SHA2-384"
},
{
"hashAlg":"SHA2-512"
},
{
"hashAlg":"SHA3-224"
},
{
"hashAlg":"SHA3-256"
},
{
"hashAlg":"SHA3-384"
},
{
"hashAlg":"SHA3-512"
}
]
}
]
},
{
"sigType":"pss",
"properties":[
{
"modulo":2048,
"maskFunction":[
"mgf1"
],
"hashPair":[
{
"hashAlg":"SHA2-256",
"saltLen":32
},
{
"hashAlg":"SHA2-384",
"saltLen":48
},
{
"hashAlg":"SHA2-512",
"saltLen":64
}
]
},
{
"modulo":3072,
"maskFunction":[
"mgf1"
],
"hashPair":[
{
"hashAlg":"SHA2-256",
"saltLen":32
},
{
"hashAlg":"SHA2-384",
"saltLen":48
},
{
"hashAlg":"SHA2-512",
"saltLen":64
}
]
},
{
"modulo":4096,
"maskFunction":[
"mgf1"
],
"hashPair":[
{
"hashAlg":"SHA2-256",
"saltLen":32
},
{
"hashAlg":"SHA2-384",
"saltLen":48
},
{
"hashAlg":"SHA2-512",
"saltLen":64
}
]
}
]
}
],
"prereqVals":[
{
"algorithm":"SHA",
"valValue":"same"
},
{
"algorithm":"DRBG",
"valValue":"same"
}
]
},
]
}
]
Expected behavior According to https://github.com/usnistgov/ACVP/blob/master/src/rsa/sections/06-siggen-test-vectors.adoc:
The 'maskFunction' property will only be present for RSA / sigGen / FIPS186-5 inside of test groups for the 'sigType' "pss".
Additional context
The actual test vectors contain a maskFunction property for PKCS#1 v1.5 padding too:
[
{
"acvVersion": "1.0"
},
{
"vsId": 2428060,
"algorithm": "RSA",
"mode": "sigGen",
"revision": "FIPS186-5",
"isSample": false,
"testGroups": [
{
"tgId": 1,
"sigType": "pkcs1v1.5",
"modulo": 2048,
"hashAlg": "SHA2-224",
"saltLen": 0,
"maskFunction": "none",
"testType": "GDT",
"tests": [
...
]
},
...
}
]
@livebe01 this ticket has been open for a while now, is this something the CAVP is looking at?
Sure, this is something we can look at. I'm thinking it'd be quicker to update the documentation to match the behavior than to update the behavior to match the documentation.
@livebe01 it's a pretty simple fix, because it works fine with SigVer. Compare https://github.com/usnistgov/ACVP-Server/blob/65370b861b96efd30dfe0daae607bde26a78a5c8/gen-val/src/generation/src/NIST.CVP.ACVTS.Libraries.Generation/RSA/Fips186_5/SigGen/ContractResolvers/PromptProjectionContractResolver.cs#L12-L22 with https://github.com/usnistgov/ACVP-Server/blob/master/gen-val/src/generation/src/NIST.CVP.ACVTS.Libraries.Generation/RSA/Fips186_5/SigVer/ContractResolvers/PromptProjectionContractResolver.cs#L13-L29
Simply follow the same method as SigVer and it should work. If you want, I can open a PR to ACVP-Server, but I cannot test it (and I know you cannot merge it).
This is fixed, unsure if it will go out with the .36 release. We will reply here when it's available on Demo. Thanks for the feedback & help @jvdsn.
