RSA Revision Tag Syntax Issue?

[mtdownz]

environment
Demo Server

testSessionId
The test session ID

vsId
N/A - Non assigned

Algorithm registration

[
  { "acvVersion": "1.0" },
  {
    "isSample": true,
    "algorithms": [
      {
        "algorithm": "RSA",
        "revision": "FIPS186-4",
        "mode": "sigVer",
        "prereqVals": [
          {
            "algorithm": "SHA",
            "valValue": "same"
          },
          {
            "algorithm": "DRBG",
            "valValue": "same"
          }
        ],
        "pubExpMode": "random",
        "capabilities": [
          {
            "sigType": "ansx9.31",
            "properties": [
              {
                "modulo": 2048,
                "hashPair": [
                  { "hashAlg": "SHA-1" },
                  { "hashAlg": "SHA2-256" },
                  { "hashAlg": "SHA2-384" },
                  { "hashAlg": "SHA2-512" }
                ]
              }
            ]
          }
        ]
      }
    ]
  }
]

Endpoint in which the error is experienced
***ACVP [INFO][log_network_status:1467]--> POST Registration...
Status: 400
Url: https://demo.acvts.nist.gov:443/acvp/v1/testSessions
Resp: Recieved

Expected behavior
Following your guidance per the RSA ACVP documentation section 5, we changed our RSA vector request information from using “1.0” to either “FIPS186-4” or “FIPS186-2” (legacy sigver) but receive the following error from the Demo server (also attached):

***ACVP [ERR][log_network_status:1491]--> 400 error received from server. Message:
***ACVP [ERR][log_network_status:1492]-->

[
  {
    "acvVersion": "1.0"
  },
  {
    "error": "Validation error(s) on JSON payload.",
    "context": [
      "Unable to map RSA-keyGen-FIPS186-4 - index 0 to an internal algorithm id."
    ]
  }
]

Note: When we use a value of “1.0” in the Revision tag with the attached JSON there is no issues and we receive the vectors. Is the Demo server currently supporting these updated “Revision” values documented in Section 5
https://usnistgov.github.io/ACVP/draft-celi-acvp-rsa.html

These tags are important for accessing FIPS 186-2 Legacy SigVer.

Additional context
The intent is to access Legacy SigVer using this method. Is there another method available?

[Kritner]

This seems to be a specification error, probably just a typo from when we were in the process of moving over to the new metanorma documentation.

"186-5" is the only valid value aside from "1.0" to access legacy sig ver you'd use algo "RSA", mode "LegacySigVer", revision "1.0"

I'll get the specification updated to reflect the above.

[Kritner]

After talking about it internally, it seems there was an intention of getting the algorithms renamed to fit the current specification. That may be happening, but in the interim the above from #990 (comment) can be used.

[mtdownz]

Thank you.

[Kritner]

I mentioned it in cisco/libacvp#485, but I'll reiterate here, I plan on getting the algorithms renamed within our ACVP implementation to support the naming of the algorithms from the document linked here https://usnistgov.github.io/ACVP/draft-celi-acvp-rsa.html

This will be a breaking change to clients when it rolls out, and it will likely be a (at least few day) gap in time between when it rolls out between demo and prod.

I'll update this ticket with the few algorithm identifier changes once i have a chance to switch over to that task and identify them.

[Kritner]

Here are the expected changes to the current vs new algorithm identifiers. Not sure at the moment when this change will be going out to demo and then prod, but will keep the issue updated.

Old Identifier	New Identifier
RSA / keyGen / 1.0	RSA / keyGen / FIPS186-4
RSA / sigGen / 1.0	RSA / sigGen / FIPS186-4
RSA / sigVer / 1.0	RSA / sigVer / FIPS186-4
RSA / legacySigVer / 1.0	RSA / sigVer / FIPS186-2