ACVP-Server icon indicating copy to clipboard operation
ACVP-Server copied to clipboard
verified publisher icon usnistgov

SHAKE capability digest size property?

Open cpu opened this issue 1 year ago • 4 comments

Hi folks,

I was using a SHAKE-128 capability based on the example in this repo. It has a digestSize array property that isn't described in draft-celi-acvp-sha3.html as far as I can tell.

Additionally, when it's provided as written in the demo environment I get the following error:

[
  {
    "acvVersion": "1.0"
  },
  {
    "error": "Invalid JSON provided.",
    "context": "The JSON value could not be converted to System.Collections.Generic.List\u00601[System.String]. Path: $.digestSize[0] | LineNumber: 0 | BytePositionInLine: 99."
  }
]

As hinted at by the System.Collections.Generic.List\u00601[System.String] portion of the error I'm able to resolve the issue by changing my capability to use a digestSize property that's an array of strings. I also seem to be able to delete that property without adverse affect.

Should this property be provided at all? If it should be, is the intent that it's an array of integers or an array of strings? The registration.json in this repo might need an update, or perhaps it's a server-side bug.

environment Demo

testSessionId N/A

vsId N/A

Algorithm registration

I used the following registration based on the example in-repo:

{
  "algorithm": "SHAKE-128",
  "digestSize": [
    128
  ],
  "inBit": false,
  "outBit": false,
  "inEmpty": false,
  "outputLen": [
    {
      "min": 128,
      "max": 4096,
      "increment": 8
    }
  ],
  "revision": "1.0"
}

Endpoint in which the error is experienced

POSTing /acvp/v1/testSessions

Expected behavior

I expect the capability to be recognized and appropriate test vectors created.

Additional context

N/A

cpu avatar Oct 20 '24 13:10 cpu

Thanks for mentioning this @cpu. digestSize is not meant to be a valid registration property, although it appears that the server is accepting values for it. We'll look into fixing that. Its appearing in the example registration is likely an artifact of how the example JSON files are getting produced. You'll probably find a few other algorithms whose example registration files contain similar quirks. If you do, let us know. Just take them with a grain of salt and be sure to consult the individual algorithm specifications here: https://pages.nist.gov/ACVP/#supported.

livebe01 avatar Oct 24 '24 14:10 livebe01

Thanks for confirming this is a quirk of the example registration.

You'll probably find a few other algorithms whose example registration files contain similar quirks. If you do, let us know

Understood, thanks!

cpu avatar Oct 24 '24 14:10 cpu

Hi @cpu thanks again for letting us know about this and any more you find! I have removed digestSize as a parameter and have updated the sample files as well. This will probably go out with the next update and we'll reply here once it's done. Thanks again.

jbrock24 avatar Jan 31 '25 20:01 jbrock24

The fix for this is on Demo in release v1.1.0.41.

livebe01 avatar Nov 03 '25 21:11 livebe01

As of 11/12/25, the fix for this is on Prod in release v1.1.0.41.

livebe01 avatar Nov 17 '25 18:11 livebe01