[openssl-users] fips_ecdhvs failing for non Prime Curves
Bala Duvvuri
b_duvvuri at yahoo.com
Mon Feb 23 10:25:42 UTC 2015
Hi All,
I am trying to test the FIPS ECDH support present in OpenSSL i.e trying to run the fips_ecdhvs.c test.
The test vectors " ECC CDH Primitive Test Vectors" from NIST website have been downloaded - http://csrc.nist.gov/groups/STM/cavp/#09 and given as the input.
The test passes for the vectors that have the field type - NID_X9_62_prime_field (NIST Prime-Curve P-192, P-256 etc ) but outputs wrong shared key for other curves like (NIST Binary-Curve K-163/B-163/K-233 etc)
The test is run using the command - ./fips_ecdhvs ecdhver KAS_ECC_CDH_PrimitiveTest.txt Out
One observation is the non prime test vectors have 0 at the begining:
QIUTx = 000000071f8b2877d6027d9c1ade4244f2dea12692ef23d5
QIUTy = 00000005c15ee776221c72b84b347ce383f38067b89c3e9a
If we print the EC key using ec_print_key, we find the leading 0's missing, is this ok?
QIUTx = 071f8b2877d6027d9c1ade4244f2dea12692ef23d5
QIUTy = 05c15ee776221c72b84b347ce383f38067b89c3e9a
Please let me know how to make the above test work?
thanks,
Bala
More information about the openssl-users
mailing list