Hi Wei. I have one question regarding to Crypto++5.0.4
As a FIPS 140 validated module, the module must employ conditional self-test for key transport keys. You have stated in your Security Policy that, "For key transport keys (i.e., RSA encryption), the Module encrypts a message with the public key, verifies that the ciphertext differs from the plaintext, decrypts the ciphertext with the private key, and verifies that the decrypted value equals the original message". However, I could not find this implementation. I hardcoded the plaintext as a result of the encryption, and also made the module to return the correct plaintext as a result of decryption. Of course, in this case the original plaintext and the encryption result are the same, so this should make the module transit to an error state, but it didn't. Is this requirement implemented? Thanks for any answers in advance. -- Yuichi Hagiwara: <[EMAIL PROTECTED]> C4 Technology, R&D Division Security Integration Department
