Skip to content

Releases: usnistgov/ACVP-Server

v1.1.0.12

10 Sep 16:01
@Kritner Kritner
v1.1.0.12
4ee7d8f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.1.0.12

Web API:

  • Correction to public API implementation around vendor phone numbers.
  • Additional information included in /validations/{id} endpoint
  • More strict validation of casing, especially around "algo/mode/revision" for test session registrations

Algorithms:

Old Identifier New Identifier
RSA / keyGen / 1.0 RSA / keyGen / FIPS186-4
RSA / sigGen / 1.0 RSA / sigGen / FIPS186-4
RSA / sigVer / 1.0 RSA / sigVer / FIPS186-4
RSA / legacySigVer / 1.0 RSA / sigVer / FIPS186-2
  • DRBG output bit length no longer required to be a mod of the output length of the underlying cipher
    • minimum output length is now the output length of the underlying cipher
    • usnistgov/ACVP#808
  • KeyWrap only include testPassed property in the expected answers sample projection when the case is a failing test
  • various TDES modes now validate the iv included within the resultsArray for MCT tests
  • KMAC ACVP server was creating a customization string for use in IUT testing, but not using it for its own crypto invoke
  • ParallelHash - Correction to right_encode / left_encode functions, now properly encodes "0"
  • KAS SP800-56Ar3 fixes NRE when macMethods not provided within a keyConfirmation registration property.
  • KAS KDFs parameter validation NRE fix
  • KAS-SSC-IFC adds hashFunctionZ property to group level when hash is not "none"
  • AES-XPN - corrects IV/Salt generation
  • AES/TDES MCT sample results files no longer include the "pt": "" or "ct": "" at the root of the test case
  • New algorithms
    • ConditioningComponent / AES-CBC-MAC / SP800-90B
    • ConditioningComponent / BlockCipher_DF / SP800-90B
    • ConditioningComponent / Hash_DF / SP800-90B
    • KAS-IFC / null / Sp800-56Br2
    • KTS-IFC / null / Sp800-56Br2
    • KAS-IFC-SSC / null / Sp800-56Br2
    • KAS-ECC / null / Sp800-56Ar3
    • KAS-ECC / null / Sp800-56Ar3

Misc:

  • C-based SHA implementations added and used as all hash + hmac functions
  • Internal modeling changes to metadata
    • should not have impact to users, though help with testing is always welcome
Loading

v1.1.0.11

09 Sep 20:10
@Kritner Kritner
v1.1.0.11
12aecae
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.1.0.11
  • New algorithm "TLS-v1.3 / KDF / RFC4886"
    • DEMO
  • New algorithm - "KAS-KDF / HKDF / Sp800-56Cr1"
  • New algorithm - "KAS-IFC-SSC / null / Sp800-56Br2"
  • KAS-ECC Update ephemeral nonce to always be at the byte boundary
  • KAS-IFC
  • Only client cert auth is required for "Algorithms" endpoint, previously required JWT
  • Updates CTR modes (AES and TDES) with a new boolean property performCounterTests
  • ANSI 9.63 - fixes padding on z in certain situations
  • AES-CCM changes tagLen from MathDomain -> int[] to match specification
Loading