ACVP icon indicating copy to clipboard operation
ACVP copied to clipboard

Published 20 hours ago verified publisher icon usnistgov

KAS-ECC: fixedInfoPattern restrictions

Open smuellerDD opened this issue 10 months ago • 16 comments

Protocol Section See FixedInfoPatternConstruction in the KAS-ECC (and perhaps in the FFC specification).

Protocol Question The specification outlines a number of options. It does not hint that the listed options can only be used once. With that in mind, I tried to define a fixedInfoPattern with multiple literals which is used by one of our clients.

E.g. I would like to define a fixedInfoPattern along the following line of tought:

literal1 || partyUId || literal2 || some other data || partyVId || some other data || literal3

Note, this "some other data" is even a part that is not yet defined in the specification. Anyhow, leaving that out for the moment, the server still returns me:

[
  {
    "acvVersion": "1.0"
  },
  {
    "error": "Validation error(s) on JSON payload.",
    "context": [
      "KAS-ECC-Sp800-56Ar3: Duplicate pieces of fixedInfoPattern found; pieces should be unique."
    ]
  }
]

Thus, the server seems to require the uniqueness of fixedInfoPattern components. Is there a reason for that?

Can we add additional components to the fixedInfoPattern which implies that the protocol is extended by more possibilities?

smuellerDD avatar Aug 28 '23 09:08 smuellerDD