Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Question about RSA sigVer e length #1116

Closed
jbarnesweb opened this issue Jan 26, 2021 · 5 comments
Closed

Question about RSA sigVer e length #1116

jbarnesweb opened this issue Jan 26, 2021 · 5 comments
Milestone

Comments

@jbarnesweb
Copy link

jbarnesweb commented Jan 26, 2021

This is the capability file I'm using to download a test session.

The question is about the pubExpMode attribute. When I set it to random, the e values I receive contain some 8-byte values, which are incompatible with a 32-bit library. FIPS 186-4 clearly clarifies the range of e as follows.

The exponent e shall be an odd positive integer such that:
2^16 < e < 2^56.
Note that the value of e may be any value that meets constraint 1(b), i.e., e may be
either a fixed value or a random value.

Is there a way to claim random capability for pubExpMode and constrain the test case e values to 32 bits?

[
	{
		"acvVersion": "1.0"
	},
	{
		"isSample": false,
		"algorithms": [
			{
				"algorithm": "RSA",
				"mode": "sigVer",
				"revision": "FIPS186-4",
				"prereqVals": [
					{
						"algorithm": "DRBG",
						"valValue": "same"
					},
					{
						"algorithm": "SHA",
						"valValue": "same"
					}
				],
				"pubExpMode": "random",
				"conformances": [
				],
				"capabilities": [
					{
						"sigType": "pkcs1v1.5",
						"properties": [
							{
								"modulo": 1024,
								"hashPair": [
									{
										"hashAlg": "SHA-1"
									},
									{
										"hashAlg": "SHA2-256"
									},
									{
										"hashAlg": "SHA2-384"
									},
									{
										"hashAlg": "SHA2-512"
									}
								]
							},
							{
								"modulo": 2048,
								"hashPair": [
									{
										"hashAlg": "SHA-1"
									},
									{
										"hashAlg": "SHA2-256"
									},
									{
										"hashAlg": "SHA2-384"
									},
									{
										"hashAlg": "SHA2-512"
									}
								]
							},
							{
								"modulo": 3072,
								"hashPair": [
									{
										"hashAlg": "SHA-1"
									},
									{
										"hashAlg": "SHA2-256"
									},
									{
										"hashAlg": "SHA2-384"
									},
									{
										"hashAlg": "SHA2-512"
									}
								]
							}
						]
					}
				]
			}
		]
	}
]

@celic
Copy link
Collaborator

celic commented Feb 17, 2021

There is not at the moment. This would require an update on the server to create the new registration property and tie it in.

@celic
Copy link
Collaborator

celic commented Feb 17, 2021

Duplicate #1061

@jbrock24
Copy link
Collaborator

Was able to track down the culprit behind this, the fix will go out with the next release. I'll post here when it's ready!

@jbrock24 jbrock24 reopened this Sep 13, 2023
@livebe01 livebe01 added this to the v1.1.0.31 milestone Sep 20, 2023
@livebe01
Copy link
Collaborator

The fix for this is on Demo in release v1.1.0.31.

@livebe01
Copy link
Collaborator

The fix for this is on Prod in release v1.1.0.31.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants