ACVP key generation does not agree with NIST (on branch 192) #27
Description
NIST implemented LMS in ACVP server produces different results for seed and i parameters than this library.
Example of NIST test vector:
"tgId": 1,
"testType": "AFT",
"lmsMode": "LMS_SHA256_M24_H5",
"lmOtsMode": "LMOTS_SHA256_N24_W2",
"tests": [
{
"tcId": 1,
"deferred": false,
"publicKey": "0000000A00000006571284648295F8BE3EF86D53828FED4DBA9A7B575BA634DAC138C7D8C3F903BDA344B53230D93C6F",
"seed": "863A95143B2F407A888B271D8C66B96FBB30950352043C7ACE311704E4893C4E",
"i": "571284648295F8BE3EF86D53828FED4D"
},
(taken from https://github.com/usnistgov/ACVP-Server/blob/master/gen-val/json-files/LMS-keyGen-1.0/internalProjection.json)
The same parameters produce different results with the hss-sigs library (branch '192'):
$ cat ./config.h | grep SECRET_METHOD
#define SECRET_METHOD 2
$ ./demo genkey seed=863A95143B2F407A888B271D8C66B96FBB30950352043C7ACE311704E4893C4E i=571284648295F8BE3EF86D53828FED4D nistTestKey1 'SHA192,5/2'
Parameter set being used: there are 1 levels of Merkle trees
Level 0: hash function = SHA-256/192; 5 level Merkle tree; Winternitz param 2
Maximum of 10916 bytes of aux data
aux_len = 268
Generating private key nistTestKey1.prv (will take a while)
Success!
Writing public key nistTestKey1.pub
*** Warning: the key was not generated manually
This key should not be used for real security
Writing aux data nistTestKey1.aux
$ xxd -p -s 4 -c 1000000 nistTestKey1.pub
0000000a00000006571284648295f8be3ef86d53828fed4d6f8b6a3f971e865232452216c92831d8d79ea88a0e3d7292