+The RSA signaturePrimitive mode capabilities (otherwise known as RSASP1 in <<RFC3447>>) are advertised as JSON objects within the array of 'capabilities' as part of the 'capability_exchange' element of the ACVP JSON registration message. See the ACVP specification for details on the registration message. In this mode, the only tested capability is the correct exponentiation of 's = msg^d mod n', where 'msg' is a message between '0' and 'n - 1', 'd' is the private exponent and 'n' is the modulus, all supplied by the testing ACVP server. In the event that 'keyFormat' is defined as 'crt', then 'd' is replaced with 'dmp1', 'dmq1', and 'iqmp'. For RSA / SignaturePrimitive / 1.0, only 2048-bit RSA keys are allowed for this capability. For RSA / SignaturePrimitive / 2.0, 2048-bit, 3072-bit, and 4096-bit modulus sizes are supported. See <<rsa_sigprim_tgjs>> for additional details on constraints for 'msg' and 'n'. See the ACVP specification for details on the registration message.
0 commit comments