Hi All, I have a query regarding FIPS compliance for Diffie-Hellman api's in the openssl stack.
FIPS uses the recommendation for pairwise-key establishment schemes from NIST. Document is SP800-56A. Rev.1 As per FIPS compliance requirement for DH, there are a couple of KAT (Known Answer Test) specified in the aforementioned document (which are specified in Sec. 5.6.2.4 and Sec. 5.7.1.1). [Sec. 5.6.2.4 - FFC Full Public Key Validation] [Sec. 5.7.1.1 - FFC DH Primitive] Generating 'p' randomly as a safe prime and using 'g' order as 5, the keys generated are not consistently passing Sec 5.6.2.4 KAT test. The public key does not fall into 'q' cyclic group where 'q' is defined as [q=(p-1)/2] and is a prime number. If I loop for few times I do get such generated values which passes this KAT. But I was expecting that FIPS compliant DH api's in openssl stack will generate and return only such values which satisfy this KAT. The only difference I found in normal and FIPS compliant DH code is that in latter, FIPS_self_tests api is also called; which really doesn't help in the issue noted above. I would really appreciate if anyone can throw some light on the state and any development on this issue. Regards, Nilay Tripathi One Convergence
