Hi Everyone,
I don't have time at the moment to check this...
FIPS 186-4 updates DSS. Confer,
http://csrc.nist.gov/groups/ST/toolkit/documents/FIPS186-3_ChangeNotice041012.pdf.
I want to know about "5. Processing Step Error in the Secret Number Generation for ECDSA" because Crypto++ can operate on curves with a non-0 cofactor:
In Appendices B.5.1 and B.5.2, processing step 1 (i.e., N = len(q)) is
incorrect. This change notice specifies the following change to
step 1: “N = len(n),” ; i.e., “q” is changed to “n”.
This change may be significant if the cofactor is greater than one; for
the NIST-recommended curves, the cofactor is one, so in this case,
both values produce the same value for N.
A cofactor of 2 and 4 are common. Crypto++ operates on ANSI X9.62 and WTLS curves, and some of them have a cofactor that is quite large.
We are tracking this at "
Verify conformance with FIPS 186-4, Item 5 change", https://github.com/weidai11/cryptopp/issues/51.
Can someone step the code and ensure the FIPS 186-4 constraint is being satisfied?
Jeff