On Thu, Feb 05, 2004 at 11:24:30AM +0900, yuichi hagiwara wrote: > However, I could not find this implementation. > I hardcoded the plaintext as a result of the encryption, and also made > the module to return the correct plaintext as a result of decryption. Of > course, in this case the original plaintext and the encryption result > are the same, so this should make the module transit to an error state, > but it didn't.
The implementation of the test is in EncryptionPairwiseConsistencyTest() in fipstest.cpp, but you're right that it's missing the check for ciphertext not to be the same as the plaintext. The usefulness of the test is arguable (the ciphertext would be different from the plaintext regardless of the key generated because of OAEP pre-processing), but it is a FIPS 140-2 requirement and was somehow missed during the validation process. Thanks for reporting the problem, and I've checked the fix into CVS.
