Thanks so much for the detail. It has helped greatly.
I did take a look at NIST SP 800-56A section 5.6.2.4 for validating
the
public value. I am in learning mode, so I found the 2nd step
confusing...
1. Verify that 2 <= y <= p - 2
2. Verify that y^q = 1 (mod p)
Are the parenthesis around "mod p" correct? This is how it is in the
NIST doc.
Yes, the parens are correct. That's just a more traditional notation
for modular equivalence:
A = B (mod p)
is the same as saying (in C notation)
A % p == B % p
So in your case you would want to check:
y^q % p == 1
Hope this help,
--Richard
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
