diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 90ed0827..c2db7f2b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -23,7 +23,7 @@ jobs: - --features serde toolchain: - stable - - 1.60.0 + - 1.61.0 name: test steps: - name: Checkout sources @@ -78,7 +78,7 @@ jobs: matrix: toolchain: - stable - - 1.60.0 + - 1.61.0 name: test simple_login command-line example steps: - name: install expect @@ -101,7 +101,7 @@ jobs: matrix: toolchain: - stable - - 1.60.0 + - 1.61.0 name: test digital_locker command-line example steps: - name: install expect diff --git a/Cargo.toml b/Cargo.toml index 4b4cce43..27db0ae0 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -8,7 +8,7 @@ license = "Apache-2.0 OR MIT" name = "opaque-ke" readme = "README.md" repository = "https://github.com/novifinancial/opaque-ke" -rust-version = "1.60" +rust-version = "1.61" version = "2.0.0" [features] @@ -31,7 +31,10 @@ curve25519-dalek = { version = "=4.0.0-rc.1", default-features = false, features derive-where = { version = "1", features = ["zeroize-on-drop"] } digest = "0.10" displaydoc = { version = "0.2", default-features = false } -elliptic-curve = { version = "0.12", features = ["hash2curve", "sec1"] } +elliptic-curve = { version = "=0.13.0-pre.5", features = [ + "hash2curve", + "sec1", +] } generic-array = "0.14" hkdf = "0.12" hmac = "0.12" @@ -54,7 +57,7 @@ chacha20poly1305 = "0.10" criterion = "0.4" hex = "0.4" json = "0.12" -p256 = { version = "0.12", default-features = false, features = [ +p256 = { version = "=0.13.0-pre", default-features = false, features = [ "hash2curve", "voprf", ] } @@ -78,3 +81,7 @@ targets = [] [[example]] name = "simple_login" required-features = ["argon2"] + +[patch.crates-io] +p256 = { git = "https://github.com/RustCrypto/elliptic-curves", rev = "136fed7944d53c0508b1a93cd97bdab46891bcf7" } +voprf = { git = "https://github.com/khonsulabs/voprf", branch = "draft-19" } diff --git a/README.md b/README.md index b1037d4d..013fe499 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ opaque-ke = "2" ### Minimum Supported Rust Version -Rust **1.60** or higher. +Rust **1.61** or higher. Audit ----- diff --git a/src/hash.rs b/src/hash.rs index f28e441e..20fdfc98 100644 --- a/src/hash.rs +++ b/src/hash.rs @@ -9,7 +9,7 @@ use digest::block_buffer::Eager; use digest::core_api::{BlockSizeUser, BufferKindUser, CoreProxy, FixedOutputCore}; -use digest::{Digest, FixedOutputReset, HashMarker, OutputSizeUser}; +use digest::{FixedOutputReset, HashMarker, OutputSizeUser}; use generic_array::typenum::{IsLess, Le, NonZero, U256}; pub(crate) type OutputSize = <::Core as OutputSizeUser>::OutputSize; @@ -35,7 +35,8 @@ where /// HKDF and HMAC Associated types could be simplified when they are made as /// defaults: pub trait Hash: - Digest + Default + + HashMarker + OutputSizeUser> + BlockSizeUser + FixedOutputReset @@ -49,7 +50,8 @@ where } impl< - T: Digest + T: Default + + HashMarker + OutputSizeUser> + BlockSizeUser + FixedOutputReset diff --git a/src/key_exchange/group/curve25519.rs b/src/key_exchange/group/curve25519.rs index d562f898..c330066a 100644 --- a/src/key_exchange/group/curve25519.rs +++ b/src/key_exchange/group/curve25519.rs @@ -12,7 +12,7 @@ use curve25519_dalek::montgomery::MontgomeryPoint; use curve25519_dalek::scalar::Scalar; use curve25519_dalek::traits::Identity; use digest::core_api::BlockSizeUser; -use digest::Digest; +use digest::{FixedOutput, HashMarker}; use elliptic_curve::hash2curve::{ExpandMsg, ExpandMsgXmd, Expander}; use generic_array::typenum::{IsLess, IsLessOrEqual, U256, U32, U64}; use generic_array::GenericArray; @@ -57,9 +57,9 @@ impl KeGroup for Curve25519 { // Implements the `HashToScalar()` function from // - fn hash_to_scalar<'a, H>(input: &[&[u8]], dst: &[u8]) -> Result + fn hash_to_scalar<'a, H>(input: &[&[u8]], dst: &[&[u8]]) -> Result where - H: Digest + BlockSizeUser, + H: BlockSizeUser + Default + FixedOutput + HashMarker, H::OutputSize: IsLess + IsLessOrEqual, { let mut uniform_bytes = GenericArray::<_, U64>::default(); diff --git a/src/key_exchange/group/elliptic_curve.rs b/src/key_exchange/group/elliptic_curve.rs index b1bf5771..73537b27 100644 --- a/src/key_exchange/group/elliptic_curve.rs +++ b/src/key_exchange/group/elliptic_curve.rs @@ -6,12 +6,12 @@ // of this source tree. use digest::core_api::BlockSizeUser; -use digest::Digest; +use digest::{FixedOutput, HashMarker}; use elliptic_curve::group::cofactor::CofactorGroup; use elliptic_curve::hash2curve::{ExpandMsgXmd, FromOkm, GroupDigest}; use elliptic_curve::sec1::{FromEncodedPoint, ModulusSize, ToEncodedPoint}; use elliptic_curve::{ - AffinePoint, Field, FieldSize, Group, ProjectivePoint, PublicKey, Scalar, SecretKey, + AffinePoint, Field, FieldBytesSize, Group, ProjectivePoint, PublicKey, Scalar, SecretKey, }; use generic_array::typenum::{IsLess, IsLessOrEqual, U256}; use generic_array::GenericArray; @@ -23,18 +23,18 @@ use crate::errors::InternalError; impl KeGroup for G where G: GroupDigest, - FieldSize: ModulusSize, + FieldBytesSize: ModulusSize, AffinePoint: FromEncodedPoint + ToEncodedPoint, ProjectivePoint: CofactorGroup + ToEncodedPoint, Scalar: FromOkm, { type Pk = ProjectivePoint; - type PkLen = as ModulusSize>::CompressedPointSize; + type PkLen = as ModulusSize>::CompressedPointSize; type Sk = Scalar; - type SkLen = FieldSize; + type SkLen = FieldBytesSize; fn serialize_pk(pk: Self::Pk) -> GenericArray { GenericArray::clone_from_slice(pk.to_encoded_point(true).as_bytes()) @@ -52,9 +52,9 @@ where // Implements the `HashToScalar()` function from // - fn hash_to_scalar(input: &[&[u8]], dst: &[u8]) -> Result + fn hash_to_scalar(input: &[&[u8]], dst: &[&[u8]]) -> Result where - H: Digest + BlockSizeUser, + H: BlockSizeUser + Default + FixedOutput + HashMarker, H::OutputSize: IsLess + IsLessOrEqual, { Self::hash_to_scalar::>(input, dst) @@ -85,7 +85,7 @@ where } fn deserialize_sk(bytes: &[u8]) -> Result { - SecretKey::::from_be_bytes(bytes) + SecretKey::::from_slice(bytes) .map(|secret_key| *secret_key.to_nonzero_scalar()) .map_err(|_| InternalError::PointError) } diff --git a/src/key_exchange/group/mod.rs b/src/key_exchange/group/mod.rs index c78382a4..b9a80157 100644 --- a/src/key_exchange/group/mod.rs +++ b/src/key_exchange/group/mod.rs @@ -14,9 +14,9 @@ mod elliptic_curve; pub mod ristretto255; use digest::core_api::BlockSizeUser; -use digest::{Digest, OutputSizeUser}; +use digest::{FixedOutput, HashMarker, OutputSizeUser}; use generic_array::sequence::Concat; -use generic_array::typenum::{IsLess, IsLessOrEqual, U11, U256}; +use generic_array::typenum::{IsLess, IsLessOrEqual, U256}; use generic_array::{ArrayLength, GenericArray}; use rand::{CryptoRng, RngCore}; use zeroize::Zeroize; @@ -48,9 +48,9 @@ pub trait KeGroup { /// # Errors /// [`InternalError::HashToScalar`] if the `input` is empty or longer then /// [`u16::MAX`]. - fn hash_to_scalar(input: &[&[u8]], dst: &[u8]) -> Result + fn hash_to_scalar(input: &[&[u8]], dst: &[&[u8]]) -> Result where - H: Digest + BlockSizeUser, + H: BlockSizeUser + Default + FixedOutput + HashMarker, H::OutputSize: IsLess + IsLessOrEqual; /// Corresponds to the DeriveAuthKeyPair() function defined in @@ -67,8 +67,11 @@ pub trait KeGroup { ::OutputSize: IsLess + IsLessOrEqual<::BlockSize>, { - let context_string = create_context_string::(voprf::Mode::Oprf); - let dst = GenericArray::from(STR_DERIVE_KEYPAIR).concat(context_string); + let dst_1 = GenericArray::from(STR_DERIVE_KEYPAIR) + .concat(STR_OPRF.into()) + .concat([voprf::Mode::Oprf.to_u8()].into()) + .concat([b'-'].into()); + let dst_2 = CS::ID.as_bytes(); let info_len = i2osp_2(info.len()) .map_err(|_| InternalError::OprfError(voprf::Error::DeriveKeyPair))?; @@ -79,7 +82,7 @@ pub trait KeGroup { // || contextString) let sk_s = Self::hash_to_scalar::( &[seed, &info_len, info, &counter.to_be_bytes()], - &dst, + &[&dst_1, dst_2], ) .map_err(|_| InternalError::OprfError(voprf::Error::DeriveKeyPair))?; @@ -110,21 +113,9 @@ pub trait KeGroup { // Helper functions used to compute DeriveAuthKeyPair() (taken from the voprf // crate) -const STR_VOPRF: [u8; 8] = *b"VOPRF10-"; +const STR_OPRF: [u8; 7] = *b"OPRFV1-"; const STR_DERIVE_KEYPAIR: [u8; 13] = *b"DeriveKeyPair"; -/// Generates the contextString parameter as defined in -/// -fn create_context_string(mode: voprf::Mode) -> GenericArray -where - ::OutputSize: - IsLess + IsLessOrEqual<::BlockSize>, -{ - GenericArray::from(STR_VOPRF) - .concat([mode.to_u8()].into()) - .concat(CS::ID.to_be_bytes().into()) -} - fn i2osp_2(input: usize) -> Result<[u8; 2], InternalError> { u16::try_from(input) .map(|input| input.to_be_bytes()) diff --git a/src/key_exchange/group/ristretto255.rs b/src/key_exchange/group/ristretto255.rs index f90bcb84..63aafc32 100644 --- a/src/key_exchange/group/ristretto255.rs +++ b/src/key_exchange/group/ristretto255.rs @@ -12,7 +12,7 @@ use curve25519_dalek::ristretto::{CompressedRistretto, RistrettoPoint}; use curve25519_dalek::scalar::Scalar; use curve25519_dalek::traits::Identity; use digest::core_api::BlockSizeUser; -use digest::Digest; +use digest::{FixedOutput, HashMarker}; use generic_array::typenum::{IsLess, IsLessOrEqual, U256, U32}; use generic_array::GenericArray; use rand::{CryptoRng, RngCore}; @@ -71,9 +71,9 @@ impl KeGroup for Ristretto255 { // Implements the `HashToScalar()` function from // - fn hash_to_scalar<'a, H>(input: &[&[u8]], dst: &[u8]) -> Result + fn hash_to_scalar<'a, H>(input: &[&[u8]], dst: &[&[u8]]) -> Result where - H: Digest + BlockSizeUser, + H: BlockSizeUser + Default + FixedOutput + HashMarker, H::OutputSize: IsLess + IsLessOrEqual, { ::hash_to_scalar::(input, dst) @@ -108,7 +108,7 @@ impl KeGroup for Ristretto255 { #[cfg(feature = "ristretto255-voprf")] impl voprf::CipherSuite for Ristretto255 { - const ID: u16 = voprf::Ristretto255::ID; + const ID: &'static str = voprf::Ristretto255::ID; type Group = ::Group; @@ -126,10 +126,10 @@ impl Group for Ristretto255 { fn hash_to_curve( input: &[&[u8]], - dst: &[u8], + dst: &[&[u8]], ) -> voprf::Result where - H: Digest + BlockSizeUser, + H: BlockSizeUser + Default + FixedOutput + HashMarker, H::OutputSize: IsLess + IsLessOrEqual, { ::hash_to_curve::(input, dst) @@ -137,10 +137,10 @@ impl Group for Ristretto255 { fn hash_to_scalar( input: &[&[u8]], - dst: &[u8], + dst: &[&[u8]], ) -> voprf::Result where - H: Digest + BlockSizeUser, + H: BlockSizeUser + Default + FixedOutput + HashMarker, H::OutputSize: IsLess + IsLessOrEqual, { ::hash_to_scalar::(input, dst) diff --git a/src/lib.rs b/src/lib.rs index d31899e7..6a221f7c 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -14,7 +14,7 @@ //! //! ### Minimum Supported Rust Version //! -//! Rust **1.60** or higher. +//! Rust **1.61** or higher. //! //! # Overview //! diff --git a/src/tests/full_test.rs b/src/tests/full_test.rs index dfe6cf14..2fdfd546 100644 --- a/src/tests/full_test.rs +++ b/src/tests/full_test.rs @@ -126,152 +126,151 @@ static STR_CREDENTIAL_IDENTIFIER: &str = "credential_identifier"; #[cfg(feature = "ristretto255")] static TEST_VECTOR_RISTRETTO255: &str = r#" { - - "client_s_pk": "dcddc4b2e2880d52e5e7feb1a960483279ec01322a9459a38617fe279328ea73", - "client_s_sk": "0429abf73dd54603a2517d43963092191b3bfa703d6f96e5c3ab07032af09306", - "client_e_pk": "f4078829250cbe512a46d47f607bcbd11f55d257c2758968f0a2fe052f153f23", - "client_e_sk": "44effcb2a3e3cdf444c73964afc454513b42b19b5fe9de78bafec9d6d152b808", - "server_s_pk": "d20495860077399f2ae24565bfafb29f41602805bda05323663a1b9a2f74532e", - "server_s_sk": "c40c8d1af35aa1aeb16539eda98e17dc2eecfa9e21938c286eb5c04d03a3d90c", - "server_e_pk": "3868e17fa3a9ea40b8099b94265b41f6989a7790b99525a6ebe6d8da02151517", - "server_e_sk": "6f11607b6c7493cb14935f2af3ea6d35368564840d3e13d0b8b85619ce5cb309", - "fake_sk": "d027dc1c2c5fd2abe413d4603a31c5f5af7798dcb8a349ddff1dba22619e3106", + "client_s_pk": "74809ab73f3fce1f0f96994b134a3419ceb3f4ddf70576cf954a2983dcb40b00", + "client_s_sk": "fc5227f5c05133d431605a7a81c4603dd608314ba144e869930c99f0a154a205", + "client_e_pk": "d8a5c8709fd94b9a5accba09a7655549a0618688503d03292c5fdff2a4f7ca56", + "client_e_sk": "94d7fb3feac2038d4874b20289d8b9ab7e5bf9bd32caf55cbfcc0a0feac9da02", + "server_s_pk": "f85a606216a069db8eb4fbc610d01c9f1309729c54587a5c2a8d938b4a0f5c3b", + "server_s_sk": "9df3e9139b27b1b86cb7dc660c9006d00148170efbd4ca5cf1048d10c102c708", + "server_e_pk": "ae6e6397fcbf62a1a28febc9c249f2cde43a6a6cb794e48de4e3e70067073a0c", + "server_e_sk": "f5e60f90edd94d9371b65bd83ca03e66bb81f19199f5518c7829dd6f2412db06", + "fake_sk": "967f3070bc4a34d75708d677442595daadfc8edfff517b133dab2d8e9356e705", "credential_identifier": "637265644964656e746966696572", "id_u": "696455", "id_s": "696453", "password": "70617373776f7264", - "blinding_factor": "2f4d3b99b3239f14c02937cd9c5928b72e792923c392f32259d38db66b378c09", - "oprf_seed": "a4fd682676da261afc2d1f6c2b4d173bee9b591de7b6a125a95cd6a129c582abfb47c58cb8519300c41993c4f65f3bc998857839782e81853a9b4222bbd0af51", - "masking_nonce": "84fee2957ecedff1f417fb7b9cc033a27cc2f23f346c22933121ec902c563d8ebe92eec260c4c48f11f560a20896334f11598174313af77b6c06b5aebe4dc8bc", - "envelope_nonce": "52cf21f9aa91b105dbacbf986c2f2ffc18c2c876ebbe753991eeb6018986c25d", - "client_nonce": "61c78d68faafff73962fe5938a6e51cf0d142f682055c6935da551d9c0c1f5e0", - "server_nonce": "3803f1c7e9fc0859f9d82c0a5dc853191c9cc7ecb4b8901d5eae9cb545210dbd", + "blinding_factor": "28205f2551a55a8e6703ac6ce61ba5c8cae6c4111372964a926685fa57dcc300", + "oprf_seed": "641ca025289d724e292d5187fbf6c702e6fa0a233b015bb97afc0dc44e1a17d71e67c21eb117a3947a734a798b413d9257930082548c6da147a87d78b99009e4", + "masking_nonce": "f5ba0c75c9ebbe84b0c2c3bf2eda017e5920a2dbc7d6887e3cd336b0f8ff6fc3e6d6e8f6f6b0b6e58c49ed150a19f388b3840a922e5ce7276d2c7c10748f0e04", + "envelope_nonce": "7b918e30a79047ec3449153ac013afc42ef7dc1d8fece7fda9d99c3111398d90", + "client_nonce": "c217cae6fa4e305d0dabe55c75598bf05f209eba5641dc296b1e377d34e64a69", + "server_nonce": "2b57918ed314d46741d879044983b6dd20647556f6fecba8af18a09e2667ca12", "context": "636f6e74657874", - "registration_request": "0029a6bfe36ad951c8180cd030870a8eaac946d7a0a8f6838b90273cd363553f", - "registration_response": "a2ff5ff073aa3ae6e8c1341cb10d0fe6822c902f254b40648523c456ce511f60d20495860077399f2ae24565bfafb29f41602805bda05323663a1b9a2f74532e", - "registration_upload": "94ddf2dd8051a97accbff76b961f475be5499153176c4e7673009f5471e82d452e44248ec8495c0622e895633ee23ab365a99eb86c422095b5e6687922b436cc23397830983684f1b7e0a6c828b4be843416ea3d666751741446a17b798836220429abf73dd54603a2517d43963092191b3bfa703d6f96e5c3ab07032af0930630f910034ee42f3650979f34c60116c8df87ab2014a8028719b7af16933757a1364a0a8dba5e31702d4ecd8bb0089963c8c7c806633106ec01f21d2c1f0e7c6d", - "credential_request": "0029a6bfe36ad951c8180cd030870a8eaac946d7a0a8f6838b90273cd363553f61c78d68faafff73962fe5938a6e51cf0d142f682055c6935da551d9c0c1f5e0f4078829250cbe512a46d47f607bcbd11f55d257c2758968f0a2fe052f153f23", - "credential_response": "a2ff5ff073aa3ae6e8c1341cb10d0fe6822c902f254b40648523c456ce511f6084fee2957ecedff1f417fb7b9cc033a27cc2f23f346c22933121ec902c563d8e6611595c09b73c4d0b376bff1e0f6170e741932a2fcc46eea41f0a25fcbc9b3776b3cd7caf89abb4e12051add84020e78bf66fdf085bf7bece614996aab5e003572942c0d2adb246190bac44854418aa91b97f21676ee6081cc392fbfa69a8b4310231dbdcc334d7236c3b29c1e68c6053694c70636941db4773f0de31b807d66f11607b6c7493cb14935f2af3ea6d35368564840d3e13d0b8b85619ce5cb309224143ae3d5f41168405da956adf330323607e9cfeccf142344926bfc456d221363994a0ad737282c8130e3e695f119bb549a0a1d4bcfe43877badbd1376c22d2357648f2c5d10eb4871ce565caa12943390ab4c4f39e8a21ef8dd58325d80c6", - "credential_finalization": "8d9d27b4b02011d4fd0c0712a66d870ff1477f564459fdb9710778129f7415fa1ffdf878838bd5886482a8fad35e7fe76f072fd58d755a3b417ab3b5546d8db7", - "client_registration_state": "2f4d3b99b3239f14c02937cd9c5928b72e792923c392f32259d38db66b378c090029a6bfe36ad951c8180cd030870a8eaac946d7a0a8f6838b90273cd363553f", - "client_login_state": "2f4d3b99b3239f14c02937cd9c5928b72e792923c392f32259d38db66b378c090029a6bfe36ad951c8180cd030870a8eaac946d7a0a8f6838b90273cd363553f61c78d68faafff73962fe5938a6e51cf0d142f682055c6935da551d9c0c1f5e0f4078829250cbe512a46d47f607bcbd11f55d257c2758968f0a2fe052f153f2344effcb2a3e3cdf444c73964afc454513b42b19b5fe9de78bafec9d6d152b80861c78d68faafff73962fe5938a6e51cf0d142f682055c6935da551d9c0c1f5e0", - "server_login_state": "a1ea9f94d030c645d25fa27e6b5c711cb392878042639ad7c3b14bdc8030ab6bfbbf1dd7b20dad15f07ac6a1cd62f13aa34eb903984d0836dc1de6a8cb66058920841cdfd8f3e28d52a50964109166b049f624b492879313ee506599d96962048872e2fa61c711e9f37f37b984048b3a29969e8686b9e21f1ce0a4e151e6f1a1f72c738d5eab793d8e9d2ec660bf49fff9a4faff5a984a10607caa260e4b94f767d47e9336d554b778ca41671d498d262f36c8874b035ecc954ed3baa8031ac7", - "password_file": "94ddf2dd8051a97accbff76b961f475be5499153176c4e7673009f5471e82d452e44248ec8495c0622e895633ee23ab365a99eb86c422095b5e6687922b436cc23397830983684f1b7e0a6c828b4be843416ea3d666751741446a17b798836220429abf73dd54603a2517d43963092191b3bfa703d6f96e5c3ab07032af0930630f910034ee42f3650979f34c60116c8df87ab2014a8028719b7af16933757a1364a0a8dba5e31702d4ecd8bb0089963c8c7c806633106ec01f21d2c1f0e7c6d", - "export_key": "69b3d2fa20b4b93b18fdb8dae139af6a5a210a8d40ed107fe0d76bd76aedc1d791c6c948eba8aa1750217c3021e7c07657569152120d4dd9928a22f4d904fbf8", - "session_key": "f72c738d5eab793d8e9d2ec660bf49fff9a4faff5a984a10607caa260e4b94f767d47e9336d554b778ca41671d498d262f36c8874b035ecc954ed3baa8031ac7" + "registration_request": "549790b0d74736be19aab565cbe0163eef5f5f8488a57f063acc0e4e35301159", + "registration_response": "ec358a9f69f92c1d88215ef9f4a1c3c45cd3470db243dbe4298d455b7447db43f85a606216a069db8eb4fbc610d01c9f1309729c54587a5c2a8d938b4a0f5c3b", + "registration_upload": "7eb2a312703c26e518cc4102da14f3151e76d86219fda92b021c8b6c8848f5614cd9ca81aaae9aa37733ef75867e570f4762513d1417fc77660eb5d8688d72fa24edea76c09d28b1877f151b84bf7f25e2a81fb589d51bc4725a7ab03a9694e0fc5227f5c05133d431605a7a81c4603dd608314ba144e869930c99f0a154a2056a35c3c5d994bb196547e57c4a12af3c33e5d3582d58f236b023f8a587e655bcbad3ec7974ae71caa39cb604a1a9445b9d2d8b8063f03d93a2ca9e8817a2af76", + "credential_request": "549790b0d74736be19aab565cbe0163eef5f5f8488a57f063acc0e4e35301159c217cae6fa4e305d0dabe55c75598bf05f209eba5641dc296b1e377d34e64a69d8a5c8709fd94b9a5accba09a7655549a0618688503d03292c5fdff2a4f7ca56", + "credential_response": "ec358a9f69f92c1d88215ef9f4a1c3c45cd3470db243dbe4298d455b7447db43f5ba0c75c9ebbe84b0c2c3bf2eda017e5920a2dbc7d6887e3cd336b0f8ff6fc331e708bf8c612085e1ea9e1545b6e5957d8d785741715e152965adb413cc86c4e075657bd56f81b41200d604133d9df1d0381ae71a79a0540b1f6128a265b7701947b3f2e3f0f3b9be424a49a09e0184a1062ff2b15ddd72f9ad68bc606eeef26597ce0db39ff2365856f27b06e823e63ecb6ae0ca2f334b61894049fa466408f5e60f90edd94d9371b65bd83ca03e66bb81f19199f5518c7829dd6f2412db0674d915e104875d7ba4eeb915f4822b3aad70fc66747187669047d7f53e0c6523540695161155a6e59f14e6cfef920e49899da214f171ee75a16fb0257c76cee2a01401ead72a1d4fe2edd175a9235b52603f91f97e167b6001f04a7d66e1aba6", + "credential_finalization": "d2c7bde39504f20420c0fddc12c731af8590a63c1020aea3adeba13290f55901cc19c27875c2a0b0f0b95d3e8d6183dfbcde45888f3895a74e954db099b7e3ef", + "client_registration_state": "28205f2551a55a8e6703ac6ce61ba5c8cae6c4111372964a926685fa57dcc300549790b0d74736be19aab565cbe0163eef5f5f8488a57f063acc0e4e35301159", + "client_login_state": "28205f2551a55a8e6703ac6ce61ba5c8cae6c4111372964a926685fa57dcc300549790b0d74736be19aab565cbe0163eef5f5f8488a57f063acc0e4e35301159c217cae6fa4e305d0dabe55c75598bf05f209eba5641dc296b1e377d34e64a69d8a5c8709fd94b9a5accba09a7655549a0618688503d03292c5fdff2a4f7ca5694d7fb3feac2038d4874b20289d8b9ab7e5bf9bd32caf55cbfcc0a0feac9da02c217cae6fa4e305d0dabe55c75598bf05f209eba5641dc296b1e377d34e64a69", + "server_login_state": "621d4360cf6fdfb7c791207ff86ea4164283ed8b689dccb9392c4deb7699d52f470cc327c98c87bf4ceb13376f6534440c3d92436bf6f4b0375ccc5917021cde227f00ac99e7ae2dd04629950f585b1d4e8a79ce36dc5c119c53f5a758338b2756c21997c3052d9a05b1a909e416dfefdf3bdf711763a65d1a9fa81defb2c79164f8cbc52564e0471fc1f6f9370c96e5676c11df6adc537bc35f92909b36332a77551d366292b3fe6a7db972ea50b8fb52cf423d141c849ec65323c65b5de440", + "password_file": "7eb2a312703c26e518cc4102da14f3151e76d86219fda92b021c8b6c8848f5614cd9ca81aaae9aa37733ef75867e570f4762513d1417fc77660eb5d8688d72fa24edea76c09d28b1877f151b84bf7f25e2a81fb589d51bc4725a7ab03a9694e0fc5227f5c05133d431605a7a81c4603dd608314ba144e869930c99f0a154a2056a35c3c5d994bb196547e57c4a12af3c33e5d3582d58f236b023f8a587e655bcbad3ec7974ae71caa39cb604a1a9445b9d2d8b8063f03d93a2ca9e8817a2af76", + "export_key": "a9da8db284bcb3756adb7f3dbc12337a0e1d23f34f4236e9ec91a3fa117e1c10f7e9f7af63e4a206e1acae1de3dc88a2bde37adab5ea69c729290ddd5042e18f", + "session_key": "64f8cbc52564e0471fc1f6f9370c96e5676c11df6adc537bc35f92909b36332a77551d366292b3fe6a7db972ea50b8fb52cf423d141c849ec65323c65b5de440" } "#; static TEST_VECTOR_P256: &str = r#" { - "client_s_pk": "024233c7da16965cf8dd009c16d6da1fb30678e1a77a8bed62ee4ab0ff19398df8", - "client_s_sk": "7b37ca3a844e38d48f199a982cf584b8377a06c3b0d82075da71c29d7d067a15", - "client_e_pk": "028a5cfff38ac26a0287940c0d0ca4cca86c2de48a0371cb668e4a47047ee407f2", - "client_e_sk": "3b97e770cbf587cfdedcc07d4ed0ee393645c36ee4505d13542061fd1e4075b1", - "server_s_pk": "03e5fd5f2d9a767013c18a9f3848c187ce4b832419420019289888fff4ccd3e105", - "server_s_sk": "344ad6c7f5426b17b06816601d61d2b828d9193d0ac71d4ff457b927d713f61a", - "server_e_pk": "03361978ce9712ef7b94b42b58d9ea705b3f846ca63c0f99375aaff06b995bc04b", - "server_e_sk": "9b226d6b94f4df66246f1fdc57a77333bf29e28b561343a747845a83c89d9974", - "fake_sk": "ec7f397fa39804a8be9559ebe5666c583813b5c0d199150a308408b5cc7d1ad3", + "client_s_pk": "03ba09cc920ee3df2e43ffb721110ddf265a982e6a89558ea1dc10addaa3455392", + "client_s_sk": "cf71ab13c11eafdbbb2ee3d1ab93e5ea4147066aebc4cb2b797532f5820ecbfe", + "client_e_pk": "03f67e124f8a46717bcd4a3c80f779d56d84b6c22d533b4348aa761aba2c5e1295", + "client_e_sk": "d01f9be5f5539c15cdc63d48c2ab9d6e3329096bc22d36d78450b7ff59f474ec", + "server_s_pk": "02225c43793bcb8dc6ec78412cae060c986bca1c180fe8b9bc56906c7a524d8300", + "server_s_sk": "2664e45be7fdc8c5cb74a2cebb5995996b0f88df038c9e3d9ea8e4b918623a3c", + "server_e_pk": "03ebd9e89b8999d83150784b3e3afd3bc7c1880d9269f4c7dc674b40736e65e613", + "server_e_sk": "ae42a6c3e349903d571aa8e66a15d6893255d42ddbc52e8549fa802d62d2f56e", + "fake_sk": "73fd9f31fe851b14415b70e6cf5a22959625068d3d57c50920e293917735aee1", "credential_identifier": "637265644964656e746966696572", "id_u": "696455", "id_s": "696453", "password": "70617373776f7264", - "blinding_factor": "7f765e59c9005b407dd9d9c80c9b6870bf34d723b463c9ef1bf37062f3a32932", - "oprf_seed": "6e2dbc907c0e8e6ac9b25e9786bce93b2b7c611efbbfe8f0ac6cc49a367f1b53", - "masking_nonce": "fc65e1213c391fc03baabad6f4fb2435d1f4143fd55362a77f6505a848198e72790e68a3d7e699187e7765b018e29330b1aa559c4b01681e3f9f1a122c88cfc7", - "envelope_nonce": "990e155dcd76335a870f03898bc52ce7c206d2a9fba98023d524c9e5eaeeb8f1", - "client_nonce": "1c5ac2e0c8134298298d6fbb27e2a30161548e0ab40b3e1f93fd048893290823", - "server_nonce": "28fb86796e386659fc1be72ecc9452928c864dae3c0bc407694c15b97303b8fd", + "blinding_factor": "2344f4c8de9c8c6d4044d0a6919152da6dfe485b2c1549e6b2cd1b35329a5b87", + "oprf_seed": "d52435ca68bb26647630447a6fe825a73aa2ead0ea85d3b3ded18dcdc10b621c", + "masking_nonce": "5b69b8162dfdef41d857061345ca8428f157ab217834de1e1219ff04bd434f92f85c4114ebfd79a2fb7cd3d92607e74968a32cd8e192c8ad1cfb98361cd26993", + "envelope_nonce": "51ae418ba3286101d479830117db34fd2dbdbf6279703987a324e52a1231df8d", + "client_nonce": "6d8a5cf32ffbb3e0bdbe098587fee2c85bcfd01c51b0970b6f129f9a6d5b2cd7", + "server_nonce": "c28f73203eee45450eb971fce7f6ccd1bc60810657c6bbf497cbdc6729882814", "context": "636f6e74657874", - "registration_request": "02626e2a7d0a3a65c5ce26319ffdcd8f12749597288d5a3f056a85061d440b3134", - "registration_response": "024881b1756686787aa2c9379842b3c043be2bc2160f8399388566df186aca076203e5fd5f2d9a767013c18a9f3848c187ce4b832419420019289888fff4ccd3e105", - "registration_upload": "02b2c2080e85eb9be5fce9af315ebbd582b97a888bc38db41eb3ff89d150094c4ee1897cecbb1eb404c07cb336778480ce59b45be07417b62c6065509d743081bd7b37ca3a844e38d48f199a982cf584b8377a06c3b0d82075da71c29d7d067a15290f38d81d8afca3b0b9f8fd39d43695c3ff00c9cc65dffa80c81d4346c4c231", - "credential_request": "02626e2a7d0a3a65c5ce26319ffdcd8f12749597288d5a3f056a85061d440b31341c5ac2e0c8134298298d6fbb27e2a30161548e0ab40b3e1f93fd048893290823028a5cfff38ac26a0287940c0d0ca4cca86c2de48a0371cb668e4a47047ee407f2", - "credential_response": "024881b1756686787aa2c9379842b3c043be2bc2160f8399388566df186aca0762fc65e1213c391fc03baabad6f4fb2435d1f4143fd55362a77f6505a848198e725bc35e08a2b8eca1fd54f864f551bbb26aca647e8a7fa7865d9da84c3cb9aa9e7c88a0643d3c2d83f722bc0f961bcfbe08b041e6010fd42e070411df6a00032b38a649251a11fcdade4133d9392a83163150617d97f66304bd2cd82b8dea34003b9b226d6b94f4df66246f1fdc57a77333bf29e28b561343a747845a83c89d997402dd41500c28354a2b4c2e99723d4e2c663032803766576eca885ba1e16c141093e3f50476135f37f2f0973be22ab0723f264bc54b48c8b7814f578c20145b1a62", - "credential_finalization": "4a4dc7da190d96ca9a464e97fd87caac8a6a8284dca988723392c4ff55e9ee19", - "client_registration_state": "7f765e59c9005b407dd9d9c80c9b6870bf34d723b463c9ef1bf37062f3a3293202626e2a7d0a3a65c5ce26319ffdcd8f12749597288d5a3f056a85061d440b3134", - "client_login_state": "7f765e59c9005b407dd9d9c80c9b6870bf34d723b463c9ef1bf37062f3a3293202626e2a7d0a3a65c5ce26319ffdcd8f12749597288d5a3f056a85061d440b31341c5ac2e0c8134298298d6fbb27e2a30161548e0ab40b3e1f93fd048893290823028a5cfff38ac26a0287940c0d0ca4cca86c2de48a0371cb668e4a47047ee407f23b97e770cbf587cfdedcc07d4ed0ee393645c36ee4505d13542061fd1e4075b11c5ac2e0c8134298298d6fbb27e2a30161548e0ab40b3e1f93fd048893290823", - "server_login_state": "c084be73543caee016de23f6987e9d9db9ce8a39490127388f7cfc8d73f7c37ba5ebebd95e175ba698748629e95da35b2750f870919bdeb0a80b5ac8988517f366adf6480ea66dec3384cf202fa979bb3501e0cc4c8cea8a268d5561cd45ce95", - "password_file": "02b2c2080e85eb9be5fce9af315ebbd582b97a888bc38db41eb3ff89d150094c4ee1897cecbb1eb404c07cb336778480ce59b45be07417b62c6065509d743081bd7b37ca3a844e38d48f199a982cf584b8377a06c3b0d82075da71c29d7d067a15290f38d81d8afca3b0b9f8fd39d43695c3ff00c9cc65dffa80c81d4346c4c231", - "export_key": "d8e44930ad9ae7e1e5d83dbc9b5fd51b814280864aa10e39e62aa07c72458c86", - "session_key": "66adf6480ea66dec3384cf202fa979bb3501e0cc4c8cea8a268d5561cd45ce95" + "registration_request": "0377bd074feb36a98dfbf37d584c453df4446ddd13fa947b8aab97a063f5576a92", + "registration_response": "02a6d7506a8ab1ef8c68d4e4dcd24e0c533ec946e3c4a5e5134553f4f8441b4ba402225c43793bcb8dc6ec78412cae060c986bca1c180fe8b9bc56906c7a524d8300", + "registration_upload": "033401de03ada6737181eeb0b23c474ac0c5188b3f3eaeebea3e5a2f7377acb18025241605e14316f3c616871895deff33a28627ffc839a81fbb1636f06f57d5e2cf71ab13c11eafdbbb2ee3d1ab93e5ea4147066aebc4cb2b797532f5820ecbfe0a60761e979c1229dc761f8b2ec1c4aefac063cc0b1311d538e855db87095540", + "credential_request": "0377bd074feb36a98dfbf37d584c453df4446ddd13fa947b8aab97a063f5576a926d8a5cf32ffbb3e0bdbe098587fee2c85bcfd01c51b0970b6f129f9a6d5b2cd703f67e124f8a46717bcd4a3c80f779d56d84b6c22d533b4348aa761aba2c5e1295", + "credential_response": "02a6d7506a8ab1ef8c68d4e4dcd24e0c533ec946e3c4a5e5134553f4f8441b4ba45b69b8162dfdef41d857061345ca8428f157ab217834de1e1219ff04bd434f92a7ea405a1a0f70f60491195ee22080080f953e784fd04278b63104417028dc2fd65cd99339e53b707fbe5711d1930ec28457c8ebf11738939ac8e2748a56606d726363fe2fe3a373b28256d0260b1d88f4f9fd44a2265f25a4130d04909b15e82aae42a6c3e349903d571aa8e66a15d6893255d42ddbc52e8549fa802d62d2f56e02dd382526b48be890830fd89fc56656552895ff19abc62b5df06d863581f62c0d53d05f8751af316de619ee42e43c476154ad5e28c0633445c8c613b22870d8fa", + "credential_finalization": "5f86d6931015c179e4d7b2c715553dd35419a40a8dfd5c65217f12c0e7de69d6", + "client_registration_state": "2344f4c8de9c8c6d4044d0a6919152da6dfe485b2c1549e6b2cd1b35329a5b870377bd074feb36a98dfbf37d584c453df4446ddd13fa947b8aab97a063f5576a92", + "client_login_state": "2344f4c8de9c8c6d4044d0a6919152da6dfe485b2c1549e6b2cd1b35329a5b870377bd074feb36a98dfbf37d584c453df4446ddd13fa947b8aab97a063f5576a926d8a5cf32ffbb3e0bdbe098587fee2c85bcfd01c51b0970b6f129f9a6d5b2cd703f67e124f8a46717bcd4a3c80f779d56d84b6c22d533b4348aa761aba2c5e1295d01f9be5f5539c15cdc63d48c2ab9d6e3329096bc22d36d78450b7ff59f474ec6d8a5cf32ffbb3e0bdbe098587fee2c85bcfd01c51b0970b6f129f9a6d5b2cd7", + "server_login_state": "9ebf2f5264481a9fdb9148065ae3d56f2ce113806f1a6be6717777e2b6f2f675890459ad11e18f50321fdbe7501fa6e864efcde5615595565521402ef6243e94bd09c3d173f084b3dcf0eb86260871c7d4c1825a04c9e84ecac2c0e87505b124", + "password_file": "033401de03ada6737181eeb0b23c474ac0c5188b3f3eaeebea3e5a2f7377acb18025241605e14316f3c616871895deff33a28627ffc839a81fbb1636f06f57d5e2cf71ab13c11eafdbbb2ee3d1ab93e5ea4147066aebc4cb2b797532f5820ecbfe0a60761e979c1229dc761f8b2ec1c4aefac063cc0b1311d538e855db87095540", + "export_key": "b1df1b63547d8d063bd6aa9c8685472620fbf090be1f99971d70a39c4aecc2cc", + "session_key": "bd09c3d173f084b3dcf0eb86260871c7d4c1825a04c9e84ecac2c0e87505b124" } "#; #[cfg(all(feature = "curve25519", feature = "ristretto255"))] static TEST_VECTOR_CURVE25519_RISTRETTO255: &str = r#" { - "client_s_pk": "f535ff1f431781ebdf247ba474600b35900c78bae062b78bca336f93125fae78", - "client_s_sk": "a2965d641d8faac6d78929faaea9d849260374dfbc48fcd8508d619e91549e0f", - "client_e_pk": "41b9b9e40898537c1afc044ea4362a91b0688841a2f8ac7576799ea554b9955c", - "client_e_sk": "3462f1906981bf3849bdda9e4fb11f227aa1ce36715fbab787137d9293877804", - "server_s_pk": "c3bb58d0ab702a78cd49c49ed666445715a3a9031352988fa3b8b5354f234555", - "server_s_sk": "66db13a9043ba998acf4c025817c212a679998aca94e284d92d7a3e624918405", - "server_e_pk": "092c508e525c26d207f26e08f31bc3d3da93280260b959a2b422f61365336266", - "server_e_sk": "a45b6ec2746a0930da83e7be61fec440b8101a6da0057684d552495818945a08", - "fake_sk": "b58d23d86aa0cdc9baf29cf03f6d1362e96980ea2e33b0407dc8e213ef31f40e", + "client_s_pk": "7bfb892bba1ae4ac84ae87ab25446cd91203335394e16eea0ad05052d646a942", + "client_s_sk": "cb8f82b8bcf5920266d6059ce780fa704c5aa57a1ca5f3aff79bf014db173605", + "client_e_pk": "26eedfaeaa51aed902511a3e3179d949adc2ccfe79e620f1e21a03b203a11f67", + "client_e_sk": "14604ae5e68315e7294a18942ae014db157e9a6b923e7e6f12b841ff94dc7d03", + "server_s_pk": "203eb4f95ec6afb37c0db900fb658b2e8e96050f69a6f5bee0ee6649f0b1253d", + "server_s_sk": "63852f4e742c1c8743b036e73ea1201dae1ff8c5c6bb438e3f53cccf7a997d0a", + "server_e_pk": "7ee92cbdf7eaf414e4cf276f5e1773dd952b733ee45a0ecf3a56bf79b7592137", + "server_e_sk": "a0236b1c0975561723cb831c2662454a2b17262f156cdd18b9c4fc46f7802c09", + "fake_sk": "83a2ecb15d13a2b40752876036d2cea52cec3f16f515b607e81b36b5c99fd204", "credential_identifier": "637265644964656e746966696572", "id_u": "696455", "id_s": "696453", "password": "70617373776f7264", - "blinding_factor": "ddd58385737d8c20704c0cb1a3a966bf34e74f0110fed80f1beff71b5f595c0c", - "oprf_seed": "a73d9a1a8258fb9e07525bc7ec95ec099b781674b1b8af4293062f5f8929ba600ce3e430a1604a6264eb234b6380bcaf7ebfe8c094c6ad512a66d90465ea1b24", - "masking_nonce": "75c3c3c4131c481038ed136f2aa8f73cb721336e8932aec3a4afa7a807bb80b9064711750bf956f5c87b0fbb2237e4a8dce44c5b5a556ee7c9878fff08a7703c", - "envelope_nonce": "2a19eea1b3a01bd1654e550c248e376280920e1512109d6193e6d384d4b9c78a", - "client_nonce": "e211715a5e81960e9645812027b02eb2bf1a29fc7c40706fbf7d89372bdcfff4", - "server_nonce": "d7b113083e27e038199d4d8e536a16d9cacded41a1ab1baf861ee2bbb3c64a08", + "blinding_factor": "9bbb78819f58bbb900830d507ee4e24097c8f1c0bfe468f09465c0db37dbb604", + "oprf_seed": "5003e5bc19d2cc1f3103e7dc9533d98883f862f3fee460ee2f2a37bf08da90ce60c7533cdf82aa83791471a6517b11900a5c67c34f516586ba90a3b4f5a88b7b", + "masking_nonce": "4fb0ae0456980c706da747b13ef7d54567701080229fbbef63aaaadc67fd169cc376479022fa7ccbae949cdd9b95370f84eb809cb8d19f361b846c75d6960442", + "envelope_nonce": "51f68bd9aebff5df62f4db2296f0b34decb08137d6b9365a49dc24bae2180a56", + "client_nonce": "5250aae5fa4181cca434921ea5a5c1fd8de2a4fb9f867f97340f322e077f9a16", + "server_nonce": "e6176d41c9244820193eb2e70d4ef11827fa552956b95d2fe8546a3a74aca09b", "context": "636f6e74657874", - "registration_request": "1e7066e92f802e894edc3383c84a30d9941dff5ae4bae093aac6249d7307fb4f", - "registration_response": "4ac42b2850dfa252c98ddf441ad4f2d39d195fa6d966326a971a917d9bf2a83dc3bb58d0ab702a78cd49c49ed666445715a3a9031352988fa3b8b5354f234555", - "registration_upload": "18a37ef21ebff958b228f6b0a4aa66764a20b438393a380833dc73bf05da8c4043a1d396008b10207c4a2c6c6c2a1bd1fff443741102e6884eb58236cd27c2c09626b7c2df397a8473337cfb760d4dbdfe8f50a26696d6c41f9f4c2086ab0957a2965d641d8faac6d78929faaea9d849260374dfbc48fcd8508d619e91549e0f1f13d125c3dc2fc99a3fa879d3a914202afae68113902a60a44266febeca8521fab72bcb5fddd144768fc59bcbe759e328b09aeffbfb906627ddfe670342a358", - "credential_request": "1e7066e92f802e894edc3383c84a30d9941dff5ae4bae093aac6249d7307fb4fddd58385737d8c20704c0cb1a3a966bf34e74f0110fed80f1beff71b5f595c0ce3c5ca3e5d685c064f212bdeba8f58804cc2b7c3732cf87f9c541444f1629970", - "credential_response": "4ac42b2850dfa252c98ddf441ad4f2d39d195fa6d966326a971a917d9bf2a83d75c3c3c4131c481038ed136f2aa8f73cb721336e8932aec3a4afa7a807bb80b9d2ce565f318da629a658c9b653853e649ccbe4ce9cd46a904f4352a67140bc9e44ccfb5823a385fd29f7ce9d4711fe8e4b4e050c62c7e041ec2c6bf82e84371c802a360dbdbc9614363ac2830c60624ab77d1de45eef3b15326a988a6862b0315dd5a0a966130f724c2265db5b04a8bf772fb57a5643c05f88daf3b89a6fb0c7d7b113083e27e038199d4d8e536a16d9cacded41a1ab1baf861ee2bbb3c64a084f2de1632c9028867527905d5a84a3dea08ba32b61db5cbc17c104ac09386d7a6b6483a41e1649ec4925eebb3b3f145c4b5abd046f49fd28c6345cb7c81b93aa73f57fcf10b04ad118e6cb532c522547aa379556d0a5f81125c1028a680de0ec", - "credential_finalization": "f9310bbda0fe43f1b6a66ab862ae57e27a7e0753c5039da335e44da00beaab2108c02286fe673ebad2f04ed66d0d891a9f493166af1b1bcddd5950fa9a5d2d73", - "client_registration_state": "ddd58385737d8c20704c0cb1a3a966bf34e74f0110fed80f1beff71b5f595c0c1e7066e92f802e894edc3383c84a30d9941dff5ae4bae093aac6249d7307fb4f", - "client_login_state": "ddd58385737d8c20704c0cb1a3a966bf34e74f0110fed80f1beff71b5f595c0c1e7066e92f802e894edc3383c84a30d9941dff5ae4bae093aac6249d7307fb4fddd58385737d8c20704c0cb1a3a966bf34e74f0110fed80f1beff71b5f595c0ce3c5ca3e5d685c064f212bdeba8f58804cc2b7c3732cf87f9c541444f1629970ba6394b0b2570047a038334a0186080289ba294018dd8cc1c8c2d2010e1b4303ddd58385737d8c20704c0cb1a3a966bf34e74f0110fed80f1beff71b5f595c0c", - "server_login_state": "4c1dc1603f7568dd19dacea6938a2eb0847f365e3733f1d94068648fed318d72dfb05320144e8b25aff7cdaf1ff2f6e23aace1b1d2b48eab23e0bbf315044c54dde886c08fc1bad2f87e6445d2938e4405211e141948a98f8693d3a044a78cc94c0c0f44848825a6a65f6555599c6c133b8cd7e6cd71d0f8f661f10cfd1afbd41c8edc5902c6500ff5529b3fef4a3eeb902a98da7b542f80dbc449b1eaa42bda5c8a5a4486395ca5d34b13312fedba5aaca2039185f514eff22c598b4aecb5c2", - "password_file": "18a37ef21ebff958b228f6b0a4aa66764a20b438393a380833dc73bf05da8c4043a1d396008b10207c4a2c6c6c2a1bd1fff443741102e6884eb58236cd27c2c09626b7c2df397a8473337cfb760d4dbdfe8f50a26696d6c41f9f4c2086ab0957a2965d641d8faac6d78929faaea9d849260374dfbc48fcd8508d619e91549e0f1f13d125c3dc2fc99a3fa879d3a914202afae68113902a60a44266febeca8521fab72bcb5fddd144768fc59bcbe759e328b09aeffbfb906627ddfe670342a358", - "export_key": "42635c7e79ad5b9d3c7c3d60c233a26c0f2c4081c2698a0fde7f40597705c6fd10265d227a6d74f6b77a731945777d19b38e73d53adee9337cb89eb197a08553", - "session_key": "1c8edc5902c6500ff5529b3fef4a3eeb902a98da7b542f80dbc449b1eaa42bda5c8a5a4486395ca5d34b13312fedba5aaca2039185f514eff22c598b4aecb5c2" + "registration_request": "a040df6470f0315f7c4213e93669a14888b15abebba558e071604ad235269c48", + "registration_response": "707da7eaed7b139127828cb70e5e3f035c93e190b11a554e87e4ab327807fb69203eb4f95ec6afb37c0db900fb658b2e8e96050f69a6f5bee0ee6649f0b1253d", + "registration_upload": "8e9d0972e928419f618f9ef73960cb49fb24545b354023e06f4b3c7d9fe35c15bc84106946c59822a2647d2d1f5a05fb04f85d2bc29eea90565c05e7c12d3141d1fa235c0c80cd7ac30f017c89cac4d3020d899f9d7fd9bdd1229cf83cf6c662cb8f82b8bcf5920266d6059ce780fa704c5aa57a1ca5f3aff79bf014db1736058921c28513973fb771ae13b2bdfaf1a4deb01adcc4ddee31238d58c066164ced970c88a2e50139b0e18a0932c148b501305ee4e6f88a1986ae14a3962c6653dc", + "credential_request": "a040df6470f0315f7c4213e93669a14888b15abebba558e071604ad235269c489bbb78819f58bbb900830d507ee4e24097c8f1c0bfe468f09465c0db37dbb60461d2995f4d4bf5e280f63f8ca2a58c81ba4c26242c53dab224ec0f6aa763c749", + "credential_response": "707da7eaed7b139127828cb70e5e3f035c93e190b11a554e87e4ab327807fb694fb0ae0456980c706da747b13ef7d54567701080229fbbef63aaaadc67fd169ce963d84e5acbbfb3534ddcff39d4472372ff03982c2041b8d100546109385c9e28b40aa49bf89fbda38b5bb4355e27248d12974e39034e18c3cda86b3957dc1b0ed7f6fb179684a55987a27c0206ffb54b4cda6b7fed260b41916e716a5a50fba556bcaaf666144cdd5002bdd2c5071b1e59998cd315d5bd7b0ba48cb7c13632e6176d41c9244820193eb2e70d4ef11827fa552956b95d2fe8546a3a74aca09bdb4a83eb029389ffcd4ae79484f167cd561f2189491e48baa94f515376257742f3c8db728907df5ad519f2a9eb2ef1eafa74abe335b4bbc7348cbef4ac4ebb6e7f6001e3ffea237ed8904d3163ba1546829d7c21862297364a2b09be991ab3bb", + "credential_finalization": "36b69c0ded4929dc77b9a380de915943273d660a7c7cc650067513e6df1e01198d3e3665fc0cb58a1d0d4899eca3129f940699e672a7846d71311b061a09fb6c", + "client_registration_state": "9bbb78819f58bbb900830d507ee4e24097c8f1c0bfe468f09465c0db37dbb604a040df6470f0315f7c4213e93669a14888b15abebba558e071604ad235269c48", + "client_login_state": "9bbb78819f58bbb900830d507ee4e24097c8f1c0bfe468f09465c0db37dbb604a040df6470f0315f7c4213e93669a14888b15abebba558e071604ad235269c489bbb78819f58bbb900830d507ee4e24097c8f1c0bfe468f09465c0db37dbb60461d2995f4d4bf5e280f63f8ca2a58c81ba4c26242c53dab224ec0f6aa763c749c76f18dd7cd7bbd1ab68fddafe32fa48fb1e900068b3d01117af64cd85b023029bbb78819f58bbb900830d507ee4e24097c8f1c0bfe468f09465c0db37dbb604", + "server_login_state": "32913d91522e45e609166e0386ad8e3eb0dcbc851f2b05b686ba21089d9908f37e7d2dce1fe75916466c9e318938e8b6d5045fe7c8959f54730668b22867eeac3aa3e3bf41ae32c1ef83cc66aa1b7fbca7e091673280812b99b899464ea43b7779fc4f3afaa2295867dbfd2bd3d734a40d7f82bc82fefdf1cebe5f438b016373363db7a74e1296085816f466a5142be250020747a5d9c305b028265e5b2ad12871217ae79f7e4bcc01156044f51104a2ca7eb21727c440a5252f4fa0b3609128", + "password_file": "8e9d0972e928419f618f9ef73960cb49fb24545b354023e06f4b3c7d9fe35c15bc84106946c59822a2647d2d1f5a05fb04f85d2bc29eea90565c05e7c12d3141d1fa235c0c80cd7ac30f017c89cac4d3020d899f9d7fd9bdd1229cf83cf6c662cb8f82b8bcf5920266d6059ce780fa704c5aa57a1ca5f3aff79bf014db1736058921c28513973fb771ae13b2bdfaf1a4deb01adcc4ddee31238d58c066164ced970c88a2e50139b0e18a0932c148b501305ee4e6f88a1986ae14a3962c6653dc", + "export_key": "5f35a4a1e7dbc865462a3ba67e4a6a5db9b1d3e83b3cd9f538fe17d6a7b62a816473bb7b0310a149b89f04255336f44727e817d0ee6ca76cd01b4429d22666d2", + "session_key": "363db7a74e1296085816f466a5142be250020747a5d9c305b028265e5b2ad12871217ae79f7e4bcc01156044f51104a2ca7eb21727c440a5252f4fa0b3609128" } "#; #[cfg(feature = "curve25519")] static TEST_VECTOR_CURVE25519_P256: &str = r#" { - "client_s_pk": "984c4d0154f43c559a6e9c11e53899796c14df117333d23415e6271694fad424", - "client_s_sk": "2b3e92c34952a4c3deb75b18f9096d22256f54819f608e181720da0d48590108", - "client_e_pk": "679d88f27a93d9a53ff507f56fd9ef726605e5b62f6584fe62b88115c30fec42", - "client_e_sk": "2f56650f9b56744b174e5ac45714559d515ed4487e71c5da7608015adc2cde09", - "server_s_pk": "9a90ad9a25286cdde32ee8028538f4a83cedcca0fc9a3e53412a0454926e834d", - "server_s_sk": "d327ef3da05a7f92e2a60c43194b124f0b8e4d7aa2cfb9d94b66ed19021b8409", - "server_e_pk": "4962df96cfa3cadf6dbf7ac56e2e5a7d6e8515645df41bf01e479c6298a19002", - "server_e_sk": "d9fec8c73c59b5f9ceea74cf32a3de88cbc0c31e6b769137d876053aa0800d04", - "fake_sk": "0e0289c3530bfd4c79ca732b87e71227b8dcb36a552c652bf601da293887710a", + "client_s_pk": "1ba0bdfca82aa3d6c0eb4a349c7d36042881e4960d7b99a063c601906e70eb15", + "client_s_sk": "167b99abd660ef266685854d4dcb8e26aea23f0d8cf00dfb10905a3eb89dbd03", + "client_e_pk": "6af220284b7ebffde097896915bf03c3c87dcbe7f6375e7222be62c64dcceb0a", + "client_e_sk": "361b739f6c6630fc685e6123442009ca89857f98381f25497598043060885802", + "server_s_pk": "5f226e9521e00b2d7ec7e3c41d47dd187a8c77499efa42a87163ab70e93e541d", + "server_s_sk": "3696a1d2493096c28dc7d29fe809696e344af03e853839f09bc86255c773be00", + "server_e_pk": "a69e109b1a8b586294bae24afec953d81c8a6516e1479fd783b3a0b7a338c03a", + "server_e_sk": "a87b0143fcdb990394a6f80f56560a65f4c1052f098558a6751a3f677308840f", + "fake_sk": "0d3daded07009f8fc0e2934905619afa1241063ab785684c1f7d03b7904b8a0c", "credential_identifier": "637265644964656e746966696572", "id_u": "696455", "id_s": "696453", "password": "70617373776f7264", - "blinding_factor": "9c0bc8990211537292deb41e9fcd040961d49091fbe65d1bb59e383277bb25eb", - "oprf_seed": "1bc1978fa716b5f9034f63d04aed6721e1671d862e482a7b8ec24e9911972d6a", - "masking_nonce": "ea49e91d388abfde7a79628609ca387ec24d1566ed95044aba000db31c97e8f432462af38aa60e5ce7c32d34604e5c121cefc8297671bdf71a966ecdb3bc5a2f", - "envelope_nonce": "997f10d36ebeffa5083d8b534794a62e957764ddb3c09825a68133d33df3c661", - "client_nonce": "1d191eb4375568db766e64b378df66f7076b642a46cf708919e5deab6b48d236", - "server_nonce": "f861a3400dd011365ef09f2634290d5268b9d45fc8da91b0ed815e623a688529", + "blinding_factor": "f0e66144c0390aef68713b73ccbea10a5a2abd9f733d75771e0c0f899f73f6dc", + "oprf_seed": "2fbf64932a13c55ed622b498dd07674d82c25d7b7952fe6b7b5a022dde50c164", + "masking_nonce": "8a6bae5f566ee9011549c82a090a8e47eec2269ff482a1c28f2678f7805b9db36c68cf2befa99fbc52bbcd69f2bc0416e921c8e1d231d3100c6a95233faf47e1", + "envelope_nonce": "72ffe3f86b162df0ecf3f3e6240e0c35014633087dea1e5223916c80a8b26438", + "client_nonce": "ad3b5bb65067f4e28090073f6a874b3ff8cce39d9a3ee5397f991ddcfd22375d", + "server_nonce": "0d10adb1b52bc0c05640f429f6e08387a9148e0e97d8be24afb0bcf457e72af9", "context": "636f6e74657874", - "registration_request": "02cadf5b02d05f65bf053761947c54ff9c52a32e64d8ba40d406eee86f86ac8f63", - "registration_response": "027746a0843ddcf383f24981d1605c354d69d6434149a3396caf667d816bc581c59a90ad9a25286cdde32ee8028538f4a83cedcca0fc9a3e53412a0454926e834d", - "registration_upload": "eb59650e50b056798293da46391143455a5c97ebff75d221976f32c150eb3e3f2ee763032e75976fba490d56539e7d29106024c262c7c08135ddb378392189142b3e92c34952a4c3deb75b18f9096d22256f54819f608e181720da0d48590108e9cc437cb299cf10fc8de53172ba891cf9c094b1b339dbd8a18282ef98137765", - "credential_request": "02cadf5b02d05f65bf053761947c54ff9c52a32e64d8ba40d406eee86f86ac8f639c0bc8990211537292deb41e9fcd040961d49091fbe65d1bb59e383277bb25ebc9bab2dbddaa4984ee8669b527b4edd2a56fa187a457480088c37e75f1835903", - "credential_response": "027746a0843ddcf383f24981d1605c354d69d6434149a3396caf667d816bc581c5ea49e91d388abfde7a79628609ca387ec24d1566ed95044aba000db31c97e8f436bcf21522e3fb43d01f3916cb7af262cbb7a87836f4b75eeae64c861c12eddb6fbe7448b8c87db4916fd6e2807c21429ab04495d3b48aeb36a03335e2c66bc01e4aa1e32c4974a016f065daab0cc0facd3ed7bf955eb2882f1e8016ae8a31dcf861a3400dd011365ef09f2634290d5268b9d45fc8da91b0ed815e623a688529dd126f42ce1494ebf2ece4f509d111a8ff72a1e7ca2ac15478069901c51a4a1db4aaba8cc5b9ef025dc650a5b07d8db9fd060cbf27b8b4640e2e6bca872d4380", - "credential_finalization": "923474270342f186a41a23e5572c2583f5387f8e847381a5fd94917aa33a3655", - "client_registration_state": "9c0bc8990211537292deb41e9fcd040961d49091fbe65d1bb59e383277bb25eb02cadf5b02d05f65bf053761947c54ff9c52a32e64d8ba40d406eee86f86ac8f63", - "client_login_state": "9c0bc8990211537292deb41e9fcd040961d49091fbe65d1bb59e383277bb25eb02cadf5b02d05f65bf053761947c54ff9c52a32e64d8ba40d406eee86f86ac8f639c0bc8990211537292deb41e9fcd040961d49091fbe65d1bb59e383277bb25ebc9bab2dbddaa4984ee8669b527b4edd2a56fa187a457480088c37e75f1835903583c4e5353c1cfc928a4975d1423ec85b72a06bc4d728ecfff81c501c5fbfc069c0bc8990211537292deb41e9fcd040961d49091fbe65d1bb59e383277bb25eb", - "server_login_state": "3c6cc54d29f32745040e127c8c5e606f431cdefccf214452d30182850d50300061c4876da2632558184289431e51e81a2ed1defe4460fa621f4169ff0e0fdd90c315d7a845a902fd4146c13d228d7a0e3d0cf138bd42969fae5e7b0e032e5f4e", - "password_file": "eb59650e50b056798293da46391143455a5c97ebff75d221976f32c150eb3e3f2ee763032e75976fba490d56539e7d29106024c262c7c08135ddb378392189142b3e92c34952a4c3deb75b18f9096d22256f54819f608e181720da0d48590108e9cc437cb299cf10fc8de53172ba891cf9c094b1b339dbd8a18282ef98137765", - "export_key": "5e8338e5f129bddb19dd5d85494c8b6fe25d0f739c6c38b1c71a183832e8120f", - "session_key": "c315d7a845a902fd4146c13d228d7a0e3d0cf138bd42969fae5e7b0e032e5f4e" + "registration_request": "0235cebe22f9659bc3758a89e65104443bf9a609a1aee9a3d7716a77829656854c", + "registration_response": "0264fda857b0776b071ae478d16eedc235e00cf48251a02f526af44def8a7296275f226e9521e00b2d7ec7e3c41d47dd187a8c77499efa42a87163ab70e93e541d", + "registration_upload": "eb1d8e736dfe169b9c0caf3565b406dfb4c8dd548aeefb45dff3624b13b31c6b2ee923ff4fa8200fe5588666e71310c7bd517378669c184f3a53cdfa10e5deb1167b99abd660ef266685854d4dcb8e26aea23f0d8cf00dfb10905a3eb89dbd03b386ec283d54779d2a4aa4d918efd0c7d41851e846067a7944a1e34d6475c3d2", + "credential_request": "0235cebe22f9659bc3758a89e65104443bf9a609a1aee9a3d7716a77829656854cf0e66144c0390aef68713b73ccbea10a5a2abd9f733d75771e0c0f899f73f6dcc9e23fda78eb4fd4b0867524983264f448e207696c68425b3f4f08a83af27516", + "credential_response": "0264fda857b0776b071ae478d16eedc235e00cf48251a02f526af44def8a7296278a6bae5f566ee9011549c82a090a8e47eec2269ff482a1c28f2678f7805b9db378322e861cc6b139c58bfe5ccc5b6f7db784d0c8f0e4ba5b9e9cdb171e2e66f57d45fa6dd000ee8cb99474a1cb5f893b9724709530acc0d7b5fe0eb959525a12e33f6a80cc640c0e41439e94d767b4e4847e23cae9cff89b2e5431888b8905f50d10adb1b52bc0c05640f429f6e08387a9148e0e97d8be24afb0bcf457e72af99f84b11795b6bad0f556d33a5487d5cb45d26ab165c3fae05f07fc81e2b45b22f438cf617efd92c71aae8f3845123b50d67ab4006630944cee0e014cbb0cbab9", + "credential_finalization": "90051b471dca75e3a79e782d1664353e81a81b2898212a5a4092227e4ee0395c", + "client_registration_state": "f0e66144c0390aef68713b73ccbea10a5a2abd9f733d75771e0c0f899f73f6dc0235cebe22f9659bc3758a89e65104443bf9a609a1aee9a3d7716a77829656854c", + "client_login_state": "f0e66144c0390aef68713b73ccbea10a5a2abd9f733d75771e0c0f899f73f6dc0235cebe22f9659bc3758a89e65104443bf9a609a1aee9a3d7716a77829656854cf0e66144c0390aef68713b73ccbea10a5a2abd9f733d75771e0c0f899f73f6dcc9e23fda78eb4fd4b0867524983264f448e207696c68425b3f4f08a83af27516d87a36c75ff8dea4632fa5f407b1ec710d058d4eb5503c26d4d5f17344ea4a0ef0e66144c0390aef68713b73ccbea10a5a2abd9f733d75771e0c0f899f73f6dc", + "server_login_state": "bfca2b0a372e348b68f4526018d14fb42c8a7d48bd0eeb55d94f847100fa2048ab556d443b62917da2eec3bbf0ccb21df79b9b20f05c4542587a53f245dfa1f3e79ab64a068fc5768cb7eebd6cfde730b6f5667c762f115a5b7380437011a3b2", + "password_file": "eb1d8e736dfe169b9c0caf3565b406dfb4c8dd548aeefb45dff3624b13b31c6b2ee923ff4fa8200fe5588666e71310c7bd517378669c184f3a53cdfa10e5deb1167b99abd660ef266685854d4dcb8e26aea23f0d8cf00dfb10905a3eb89dbd03b386ec283d54779d2a4aa4d918efd0c7d41851e846067a7944a1e34d6475c3d2", + "export_key": "ac662d2f1189b64582e38985458200a1e8a8182b802728499a39da70177427da", + "session_key": "e79ab64a068fc5768cb7eebd6cfde730b6f5667c762f115a5b7380437011a3b2" } "#; diff --git a/src/tests/opaque_vectors.rs b/src/tests/opaque_vectors.rs index f35013f5..6eca93c6 100644 --- a/src/tests/opaque_vectors.rs +++ b/src/tests/opaque_vectors.rs @@ -16,7 +16,7 @@ pub(crate) static VECTORS: &str = r#" #### Configuration ~~~ -OPRF: 0001 +OPRF: ristretto255-SHA512 Hash: SHA512 KSF: Identity KDF: HKDF-SHA512 @@ -68,64 +68,64 @@ b0790308 #### Intermediate Values ~~~ -client_public_key: 8e5e5c04b2154336fa52ac691eb6df5f59ec7315b8467b0bba -1ed4f413043b44 -auth_key: e1ff65c196e1c4b4bf46361798eec479b318831329680f33b4f77ad49d8 -c6e6ef49d87082d654d21f2e36454582353fefc23c07637bd8ca4aa88a4461ea96d6c -randomized_pwd: 4386bf4b83db06f47672fd60b4cface554558da7be3c616c56b2e -d29b544d1b50bc45893b1c05d8d6866a9bbe91395e4704740be58728e8872352f56d5 -319f8f +client_public_key: 2ec892bdbf9b3e2ea834be9eb11f5d187e64ba661ec041c0a3 +b66db8b7d6cc30 +auth_key: 6cd32316f18d72a9a927a83199fa030663a38ce0c11fbaef82aa9003773 +0494fc555c4d49506284516edd1628c27965b7555a4ebfed2223199f6c67966dde822 +randomized_pwd: aac48c25ab036e30750839d31d6e73007344cb1155289fb7d329b +eb932e9adeea73d5d5c22a0ce1952f8aba6d66007615cd1698d4ac85ef1fcf150031d +1435d9 envelope: ac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a3 -8dfec8e8bde8d4eb9e171240b3d2dfb43ef93efe5cd15412614b3df11ecb58890047e -2fa31c283e7c58c40495226cfa0ed7756e493431b85c464aad7fdaaf1ab41ac7 -handshake_secret: 885a0a7bd8e704d8fc26f62b8657f8c5d01ffb35b27ad538493 -968dcf6dba7a2d42d404d6ed6a87805a030ffafe791fb69fd044c1ac152ee0ee78853 -cebb0700 -server_mac_key: d29e33eb506fbf199c818d1300e7253404a7d5de9c660a90f79af -e4cc15da2ae31e511c6eb1c4df95f47c9759606732781a3d1884a4d53cba690bdb9e9 -ac4d7c -client_mac_key: 4d4d4c4b8b35501876ed01d07f5718357ff720163b84813b1bde4 -f3b6ca3e1de744a267e3d145e6095a0e5b1617714e10af7e10093d0ba8dd115e6bdb1 -f5ccd9 -oprf_key: 6c246eaa55e47d0490ffa8a6f784e803eed9384a250458def36a2acebf1 -5c905 +8dfecb9dbe7d48cf714fc3533becab6faf60b783c94d258477eb74ecc453413bf61c5 +3fd58f0fb3c1175410b674c02e1b59b2d729a865b709db3dc4ee2bb45703d5a8 +handshake_secret: 562564da0d4efdc73cb6efbb454388dabfa5052d4e7e83f4d02 +40c5afd8352881e762755c2f1a9110e36b05fe770f0f48658489c9730dcd365e6c2d4 +049c8fe3 +server_mac_key: 59473632c53a647f9f4ab4d6c3b81e241dd9cb19ca05f0eabed7e +593f0407ff57e7f060621e5e48d5291be600a1959fbecbc26d4a7157bd227a993c37b +645f73 +client_mac_key: f2d019bad603b45b2ac50376279a0a37d097723b5405aa4fb20a5 +9f60cdbdd52ec043372cedcdbbdb634c54483e1be51a88d13a5798180acb84c10b129 +7069fd +oprf_key: 5d4c6a8b7c7138182afb4345d1fae6a9f18a1744afbcc3854f8f5a2b4b4 +c6d05 ~~~ #### Output Values ~~~ -registration_request: 62235332ae15911d69812e9eeb6ac8fe4fa0ffc7590831d -5c5e1631e01049276 -registration_response: 6268d13fea98ebc8e6b88d0b3cc8a78d2ac8fa8efc741c -d2e966940c52c31c71b2fe7af9f48cc502d016729d2fe25cdd433f2c4bc904660b2a3 +registration_request: 5059ff249eb1551b7ce4991f3336205bde44a105a032e74 +7d21bf382e75f7a71 +registration_response: 7408a268083e03abc7097fc05b587834539065e86fb0c7 +b6342fcf5e01e5b019b2fe7af9f48cc502d016729d2fe25cdd433f2c4bc904660b2a3 82c9b79df1a78 -registration_upload: 8e5e5c04b2154336fa52ac691eb6df5f59ec7315b8467b0b -ba1ed4f413043b449afea0ddedbbce5c083c5d5d02aa5218bcc7100f541d841bb5974 -f084f7aa0b929399feb39efd17e13ce1035cbb23251da3b5126a574b239c7b73519d8 -847e2fac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a38dfe -c8e8bde8d4eb9e171240b3d2dfb43ef93efe5cd15412614b3df11ecb58890047e2fa3 -1c283e7c58c40495226cfa0ed7756e493431b85c464aad7fdaaf1ab41ac7 -KE1: 1670c409ebb699a6012629451d218d42a34eddba1d2978536c45e199c60a0b4e +registration_upload: 2ec892bdbf9b3e2ea834be9eb11f5d187e64ba661ec041c0 +a3b66db8b7d6cc301ac5844383c7708077dea41cbefe2fa15724f449e535dd7dd562e +66f5ecfb95864eadddec9db5874959905117dad40a4524111849799281fefe3c51fa8 +2785c5ac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a38dfe +cb9dbe7d48cf714fc3533becab6faf60b783c94d258477eb74ecc453413bf61c53fd5 +8f0fb3c1175410b674c02e1b59b2d729a865b709db3dc4ee2bb45703d5a8 +KE1: c4dedb0ba6ed5d965d6f250fbe554cd45cba5dfcce3ce836e4aee778aa3cd44d da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb380cae6a6cc0c3a0 0c961fead8a16f818929cc976f0475e4f723519318b96f4947a7a5f9663 -KE2: 36b4d06f413b72004392d7359cd6a998c667533203d6a671afe81ca09a282f72 -38fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6d378cc -6b0113bf0b6afd9e0728e62ba793d5d25bb97794c154d036bf09c98c472368bffc4e3 -5b7dc48f5a32dd3fede3b9e563f7a170d0e082d02c0a105cdf1ee0ea1928202076ff3 -7ce174f2c669d52d8adc424e925a3bc9a4ca5ce16d9b7a1791ff7e47a0d2fa42424e5 -476f8cfa7bb20b2796ad877295a996ffcb049313f4e971cd9960ecef2fe0d0f749498 +KE2: 7e308140890bcde30cbcea28b01ea1ecfbd077cff62c4def8efa075aabcbb471 +38fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6dd6ec6 +0bcdb26dc455ddf3e718f1020490c192d70dfc7e403981179d8073d1146a4f9aa1ced +4e4cd984c657eb3b54ced3848326f70331953d91b02535af44d9fe0610f003be80cb2 +098357928c8ea17bb065af33095f39d4e0b53b1687f02d522d96bad4ca354293d5c40 +1177ccbd302cf565b96c327f71bc9eaf2890675d2fbb71cd9960ecef2fe0d0f749498 6fa3d8b2bb01963537e60efb13981e138e3d4a1c8c39f573135474c51660b02425bca -633e339cec4e1acc69c94dd48497fe402848f3b062916ea7666973222944dabe1027e -5bea84b1b5d46dab64b1c6eda3170d4c9adba8afa61eb4153061d528b39102f32ecda -7d7625dbc229e6630a607e03 -KE3: 4e23f0f84a5261918a7fc23bf1978a935cf4e320d56984079f8c7f4a54847b9e -979f519928c5898927cf6aa8d51ac42dc2d0f5840956caa3a34dbc55ce74415f -export_key: 403a270110164ae0de7ea77c6824343211e8c1663ccaedde908dc9acf -661039a379c8ac7e4b0cb23a8d1375ae94a772f91536de131d9d86633cb9445f773df -ac -session_key: d2dea308255aa3cecf72bcd6ac96ff7ab2e8bad0494b90180ad340b7 -d8942a36ee358e76c372790d4a5c1ac900997ea2abbf35f2d65510f8dfd668e593b8e -1fe +633e339cec4e1acc69c94dd48497fe40287f33611c2cf0eef57adbf48942737d9421e +6b20e4b9d6e391d4168bf4bf96ea57aa42ad41c977605e027a9ef706a349f4b2919fe +3562c8e86c4eeecf2f9457d4 +KE3: df9a13cd256091f90f0fcb2ef6b3411e4aebff07bb0813299c0ec7f5dedd33a7 +681231a001a82f1dece1777921f42abfeee551ee34392e1c9743c5cc1dc1ef8c +export_key: 1ef15b4fa99e8a852412450ab78713aad30d21fa6966c9b8c9fb3262a +970dc62950d4dd4ed62598229b1b72794fc0335199d9f7fcc6eaedde92cc04870e63f +16 +session_key: 8a0f9f4928fc0c3b5bb261c4b7b3997600405424a8128632e85a5667 +b4b742484ed791933971be6d3fcf2b23c56b8e8f7e7edcae19a03b8fd87f5999fce12 +9d2 ~~~ ### OPAQUE-3DH Real Test Vector 2 @@ -133,7 +133,7 @@ d8942a36ee358e76c372790d4a5c1ac900997ea2abbf35f2d65510f8dfd668e593b8e #### Configuration ~~~ -OPRF: 0001 +OPRF: ristretto255-SHA512 Hash: SHA512 KSF: Identity KDF: HKDF-SHA512 @@ -187,64 +187,64 @@ b0790308 #### Intermediate Values ~~~ -client_public_key: 8e5e5c04b2154336fa52ac691eb6df5f59ec7315b8467b0bba -1ed4f413043b44 -auth_key: e1ff65c196e1c4b4bf46361798eec479b318831329680f33b4f77ad49d8 -c6e6ef49d87082d654d21f2e36454582353fefc23c07637bd8ca4aa88a4461ea96d6c -randomized_pwd: 4386bf4b83db06f47672fd60b4cface554558da7be3c616c56b2e -d29b544d1b50bc45893b1c05d8d6866a9bbe91395e4704740be58728e8872352f56d5 -319f8f +client_public_key: 2ec892bdbf9b3e2ea834be9eb11f5d187e64ba661ec041c0a3 +b66db8b7d6cc30 +auth_key: 6cd32316f18d72a9a927a83199fa030663a38ce0c11fbaef82aa9003773 +0494fc555c4d49506284516edd1628c27965b7555a4ebfed2223199f6c67966dde822 +randomized_pwd: aac48c25ab036e30750839d31d6e73007344cb1155289fb7d329b +eb932e9adeea73d5d5c22a0ce1952f8aba6d66007615cd1698d4ac85ef1fcf150031d +1435d9 envelope: ac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a3 -8dfec43084457c1ffa561c8f37fbad1b8de6c41e6df200e6ebe15d5ce4243fa973ef3 -e480644e56a6de865cc4d3d9e20e0510e63474e2b11f4b4c8f665cc439cc2d7d -handshake_secret: 19d0d9f286f44f573dd61435690b0359c3a70e5c363ba4819ac -fa113b0ddeab603f322185812ddcdd2abbfba77933cd5c3430ea6591e99c30a19884a -80d25dab -server_mac_key: 5096c1f1b295521bc8c5aeba462fc11e123eb710899f164dab737 -45f55f42b27a31f810efb06fc56890f3635a18f3f8c9ef7881f32a251a5f5a7354c82 -70f257 -client_mac_key: 1c284c2a22bfb415a5091c94726dd02ae9adb12d28db5207a87be -0c3f75c1c37df549315f51e0dd2053271a477a45bf0adbc246f7f7e47e201785b6429 -e93a84 -oprf_key: 6c246eaa55e47d0490ffa8a6f784e803eed9384a250458def36a2acebf1 -5c905 +8dfec1ac902dc5589e9a5f0de56ad685ea8486210ef41449cd4d8712828913c5d2b68 +0b2b3af4a26c765cff329bfb66d38ecf1d6cfa9e7a73c222c6efe0d9520f7d7c +handshake_secret: bc2abaa979af9cbb6859856b7d5d201a038fbdfa7e10f11d131 +d3f8f6fc3b263bde4db6d2d9207d4648ff80415a276d5f157f9d37a3eade559db2e5f +3fa026b2 +server_mac_key: 2420461c589866700b08c8818cbf390c872629a14cf32a264dad3 +375f85f33188c8f04bdb71880b2d4613187a0e416808ab62b45858b88319882602371 +ef5f75 +client_mac_key: 156e4ab0b9f71ef994bbbb73928e6d14d7335cf9561f113d61ac6 +b41fab35f9c72fe827d3c4d7dd91d8398ee619810e4f9286e6b32f329eb6b1476ce18 +fa8500 +oprf_key: 5d4c6a8b7c7138182afb4345d1fae6a9f18a1744afbcc3854f8f5a2b4b4 +c6d05 ~~~ #### Output Values ~~~ -registration_request: 62235332ae15911d69812e9eeb6ac8fe4fa0ffc7590831d -5c5e1631e01049276 -registration_response: 6268d13fea98ebc8e6b88d0b3cc8a78d2ac8fa8efc741c -d2e966940c52c31c71b2fe7af9f48cc502d016729d2fe25cdd433f2c4bc904660b2a3 +registration_request: 5059ff249eb1551b7ce4991f3336205bde44a105a032e74 +7d21bf382e75f7a71 +registration_response: 7408a268083e03abc7097fc05b587834539065e86fb0c7 +b6342fcf5e01e5b019b2fe7af9f48cc502d016729d2fe25cdd433f2c4bc904660b2a3 82c9b79df1a78 -registration_upload: 8e5e5c04b2154336fa52ac691eb6df5f59ec7315b8467b0b -ba1ed4f413043b449afea0ddedbbce5c083c5d5d02aa5218bcc7100f541d841bb5974 -f084f7aa0b929399feb39efd17e13ce1035cbb23251da3b5126a574b239c7b73519d8 -847e2fac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a38dfe -c43084457c1ffa561c8f37fbad1b8de6c41e6df200e6ebe15d5ce4243fa973ef3e480 -644e56a6de865cc4d3d9e20e0510e63474e2b11f4b4c8f665cc439cc2d7d -KE1: 1670c409ebb699a6012629451d218d42a34eddba1d2978536c45e199c60a0b4e +registration_upload: 2ec892bdbf9b3e2ea834be9eb11f5d187e64ba661ec041c0 +a3b66db8b7d6cc301ac5844383c7708077dea41cbefe2fa15724f449e535dd7dd562e +66f5ecfb95864eadddec9db5874959905117dad40a4524111849799281fefe3c51fa8 +2785c5ac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a38dfe +c1ac902dc5589e9a5f0de56ad685ea8486210ef41449cd4d8712828913c5d2b680b2b +3af4a26c765cff329bfb66d38ecf1d6cfa9e7a73c222c6efe0d9520f7d7c +KE1: c4dedb0ba6ed5d965d6f250fbe554cd45cba5dfcce3ce836e4aee778aa3cd44d da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb380cae6a6cc0c3a0 0c961fead8a16f818929cc976f0475e4f723519318b96f4947a7a5f9663 -KE2: 36b4d06f413b72004392d7359cd6a998c667533203d6a671afe81ca09a282f72 -38fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6d378cc -6b0113bf0b6afd9e0728e62ba793d5d25bb97794c154d036bf09c98c472368bffc4e3 -5b7dc48f5a32dd3fede3b9e563f7a170d0e082d02c0a105cdf1ee0279ab2faaf30bb2 -722ef0dbb4c66632703c736dc6aeb163c467a60e0abb09bf4d4d49c1c65f522667cb4 -b6da94faa9d7835ad67e8e3198afb4e64d6fb06bc35371cd9960ecef2fe0d0f749498 +KE2: 7e308140890bcde30cbcea28b01ea1ecfbd077cff62c4def8efa075aabcbb471 +38fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6dd6ec6 +0bcdb26dc455ddf3e718f1020490c192d70dfc7e403981179d8073d1146a4f9aa1ced +4e4cd984c657eb3b54ced3848326f70331953d91b02535af44d9fea502150b67fe367 +95dd8914f164e49f81c7688a38928372134b7dccd50e09f8fed9518b7b2f94835b3c4 +fe4c8475e7513f20eb97ff0568a39caee3fd6251876f71cd9960ecef2fe0d0f749498 6fa3d8b2bb01963537e60efb13981e138e3d4a1c8c39f573135474c51660b02425bca -633e339cec4e1acc69c94dd48497fe4028dfe19d6cf6d292ae99a497f9ba41702a194 -5f5d9f3ab60ea801b5a691098c7af74956a5e1324322877b6d399583670e54dc90752 -5235fd47c8e396fab340beed -KE3: 824fe89731cd47062819165662cd1c42c4b2d2321bd062e637fdd0361b0dad03 -02bd5e9a9d02c72452dc65298bf330071e061b8bb4e1c8762a350d99c8c003ac -export_key: 403a270110164ae0de7ea77c6824343211e8c1663ccaedde908dc9acf -661039a379c8ac7e4b0cb23a8d1375ae94a772f91536de131d9d86633cb9445f773df -ac -session_key: 5ea9a76f5f5cc59ba7871012836947c946f8c303cc94e048cdc83ada -c89db7187cf5c718ffdd7cb6d8c3005dc0f77814d5f26011b584f9622c649a357cb17 -a4c +633e339cec4e1acc69c94dd48497fe4028c463164503598ea84fab9005b9cd51b7bb3 +206fb22a412e8a86b9cb6ffca18f5ea6b4c24fdc94865e8bf74248e6be15b85b16041 +40ffad2175f9518452d381af +KE3: a86ece659d90525e2476aa1756d313b067581cb7b0643b97be6b8ab8d0f10843 +57e514ecfaff9dc18f6cca37da630545f0048393f16bc175eb819653ebc45b60 +export_key: 1ef15b4fa99e8a852412450ab78713aad30d21fa6966c9b8c9fb3262a +970dc62950d4dd4ed62598229b1b72794fc0335199d9f7fcc6eaedde92cc04870e63f +16 +session_key: 0968e91efeb702d6aa09023a9a79803332d8bd3442a79b8ad09490b9 +267161013bf475bed945238a5e976ef7d7de7ff41ae30439fe2fc39758fb3e56f2683 +e60 ~~~ ### OPAQUE-3DH Real Test Vector 3 @@ -252,7 +252,7 @@ a4c #### Configuration ~~~ -OPRF: 0003 +OPRF: P256-SHA256 Hash: SHA256 KSF: Identity KDF: HKDF-SHA256 @@ -303,53 +303,53 @@ blind_login: c497fddf6056d241e6cf9fb7ac37c384f49b357a221eb0a802c989b9 #### Intermediate Values ~~~ -client_public_key: 03763748cc2dfe4f6f80f8e4f3087b2d2222a7c9ba7d3c3aa8 -e89c4975eed0999f -auth_key: 1fa6020180e18dde869f4f8363fc1b6841dbbc9fc9d258ece830af7efc2 -5abdb -randomized_pwd: 4138e29dc8398d8c83b89129cb29ee5dc962fcb5fb2dca25981cb -351b83e0546 +client_public_key: 02dc91b178ba2c4bbf9b9403fca25457b906a7f507e59b6e70 +3031e09114ba2be0 +auth_key: 5bd4be1602516092dc5078f8d699f5721dc1720a49fb80d8e5c16377abd +0987b +randomized_pwd: 06be0a1a51d56557a3adad57ba29c5510565dcd8b5078fa319151 +b9382258fb0 envelope: a921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6567 -0e51fc82109537121d7c39d96f3e04732e1f0b8cc55d98bb4e5968ace317de1d42c3d -handshake_secret: 21c9ee3561e6924110d86f99a624fe2fdc1aeea03f1b17c279f -b94da851e3686 -server_mac_key: 87cab7092d3219b613459ea1ec2973be054367b331937d6973181 -2f418425082 -client_mac_key: 9dffe56b53981e86b37553beedb5d2226465a02d75d577bacef82 -9775494bd93 -oprf_key: 59984c44639e303cd46912ce722fc7d042023f25e264a3775667ea63c30 -add69 +0e51fe155412cb432898eda63529c3b2633521f770cccbd25d7548a4e20665a45e65a +handshake_secret: c59197dd9269abfdb3037ea1c203a97627e2c0aa142000d1c3f +06a2c8713077d +server_mac_key: a431a5c1d3cb5772cbc66af0c2851e23dd9ad153a0c8b99081c7d +0d543173fde +client_mac_key: 7329ffd54df21db5532fce8794fca78b505fef9397aad28a424f6 +ea3f97c51ca +oprf_key: 2dfb5cb9aa1476093be74ca0d43e5b02862a05f5d6972614d7433acdc66 +f7f31 ~~~ #### Output Values ~~~ -registration_request: 0271e8fd723a873d16ddbda1d3700b9a42eca179ba09a8f -c2a2e40a8142fa35fe0 -registration_response: 03c6fe2c086fa5333a15c5718ddda1f15a61e9ea9a0c4a -36f5f0dfe4f090250a70035f40ff9cf88aa1f5cd4fe5fd3da9ea65a4923a5594f84fd +registration_request: 029e949a29cfa0bf7c1287333d2fb3dc586c41aa652f507 +0d26a5315a1b50229f8 +registration_response: 0350d3694c00978f00a5ce7cd08a00547e4ab5fb5fc2b2 +f6717cdaa6c89136efef035f40ff9cf88aa1f5cd4fe5fd3da9ea65a4923a5594f84fd 9f2092d6067784874 -registration_upload: 03763748cc2dfe4f6f80f8e4f3087b2d2222a7c9ba7d3c3a -a8e89c4975eed0999f5b042a53415b5db1161dacf9f9ef0c30ed6b0179038e5e8e5a0 -aa087c8bc0753a921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6 -5670e51fc82109537121d7c39d96f3e04732e1f0b8cc55d98bb4e5968ace317de1d42 -c3d -KE1: 036514cf26a2578f1a45ea8faf540e52b237236ee97dc54948eca7b7f71ba9e1 -29ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f91fdaeeb1034 +registration_upload: 02dc91b178ba2c4bbf9b9403fca25457b906a7f507e59b6e +703031e09114ba2be07f0ed53532d3ae8e505ecc70d42d2b814b6b0e48156def71ea0 +29148b2803aafa921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6 +5670e51fe155412cb432898eda63529c3b2633521f770cccbd25d7548a4e20665a45e +65a +KE1: 037342f0bcb3ecea754c1e67576c86aa90c1de3875f390ad599a26686cdfee6e +07ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f91fdaeeb1034 93f36ca12467d1f5eaaabea67ca31377c4869c1e9a62346b6f01a991624b95d -KE2: 036ebcb79716cf2ecd0b3e5f3141709f72feb7369d2de41c61e0fa5695e78385 -3e38fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6d286 -5751562662eea8de000fdfd4cd1bf506b137d12f28bffaf11a0d720c6ddfe532b2aff -31acb0a8fbb89de1e29cc5a93a33f2e259cf59ad6c88a473d5f056aeb2b6b5eb03a0e -21e32a309373ed45506c3f58bf3d9978925cbf35b337e8ae220be71cd9960ecef2fe0 +KE2: 0246da9fe4d41d5ba69faa6c509a1d5bafd49a48615a47a8dd4b0823cc147648 +1138fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6d2f0 +c547f70deaeca54d878c14c1aa5e1ab405dec833777132eea905c2fbb12504a67dcbe +0e66740c76b62c13b04a38a77926e19072953319ec65e41f9bfd2ae2687bd3348bfe3 +3cb0bb9864fdb3b307f7dd68a17f3f150074a0bfc830ab889717d71cd9960ecef2fe0 d0f7494986fa3d8b2bb01963537e60efb13981e138e3d4a1020e67941e94deba83521 -4421d2d8c90de9b0f7f925d11e2032ce19b1832ae8e0fb6eda25f9a67e3930e862860 -02b8dd8b6339ddfdbaebaefe205fe474fb66884d -KE3: 4fd2178c39492f816796db05aa2400204944d6bc5ed4a1e4d7b8b24b9f1894bc -export_key: 00e1f2a1613c78183ec5127f805d320f31ce5dfef70d78f64d327d6c6 -e325ae1 -session_key: e39ed0c2a0b551bad5e9e8bb7017c66918d514b6412a4e30d4cac7a7 -08d35646 +4421d2d8c90de9b0f7f925d11e2032ce19b1832ae8e0fb5166145361a2c344d9737dd +5c826fede3bbfafa418ad379ce4fa65fbb15db6e +KE3: 272d04758b2b436bf0239ba7b9bd0a1686a9b6542ceaaf08732054beda956498 +export_key: c3c9a1b0e33ac84dd83d0b7e8af6794e17e7a3caadff289fbd9dc769a +853c64b +session_key: a224790a010afc0a3f37e23c1b7a5cb7f9e73e3d9a924116510d97d8 +0e2a1e0c ~~~ ### OPAQUE-3DH Real Test Vector 4 @@ -357,7 +357,7 @@ session_key: e39ed0c2a0b551bad5e9e8bb7017c66918d514b6412a4e30d4cac7a7 #### Configuration ~~~ -OPRF: 0003 +OPRF: P256-SHA256 Hash: SHA256 KSF: Identity KDF: HKDF-SHA256 @@ -410,53 +410,53 @@ blind_login: c497fddf6056d241e6cf9fb7ac37c384f49b357a221eb0a802c989b9 #### Intermediate Values ~~~ -client_public_key: 03763748cc2dfe4f6f80f8e4f3087b2d2222a7c9ba7d3c3aa8 -e89c4975eed0999f -auth_key: 1fa6020180e18dde869f4f8363fc1b6841dbbc9fc9d258ece830af7efc2 -5abdb -randomized_pwd: 4138e29dc8398d8c83b89129cb29ee5dc962fcb5fb2dca25981cb -351b83e0546 +client_public_key: 02dc91b178ba2c4bbf9b9403fca25457b906a7f507e59b6e70 +3031e09114ba2be0 +auth_key: 5bd4be1602516092dc5078f8d699f5721dc1720a49fb80d8e5c16377abd +0987b +randomized_pwd: 06be0a1a51d56557a3adad57ba29c5510565dcd8b5078fa319151 +b9382258fb0 envelope: a921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6567 -0e51f6f7b04d6f92795c9bdb72da5ebe7745b8a6c38fc64c391b1be60b4f49ff2ce67 -handshake_secret: 2bbe0da5102418c041884e9d42e62c946255138d74ea3d69acd -013bf2240c849 -server_mac_key: 2b23b08101bbecc22352f1580cd73c1678affdca160ec8cfccbe0 -e808029d192 -client_mac_key: e279a0b44ae7c1ffb57e7cf179369c6282a18e38e6d1d070eee81 -a44062d59e5 -oprf_key: 59984c44639e303cd46912ce722fc7d042023f25e264a3775667ea63c30 -add69 +0e51f4d7773a36a208a866301dbb2858e40dc5638017527cf91aef32d3848eebe0971 +handshake_secret: 0ee4a82c4a34992f72bfbcb5d2ce64044477dfe200b9d8c92bf +1759b219b3485 +server_mac_key: 77ebd7511216a51e9c2f3368ce6c1e40513f24b6f42085ef18e7f +737b427aab5 +client_mac_key: e48e2064cf570dbd18eb42550d4459c58ac4ae4e28881d1aefbab +d668f7f1df9 +oprf_key: 2dfb5cb9aa1476093be74ca0d43e5b02862a05f5d6972614d7433acdc66 +f7f31 ~~~ #### Output Values ~~~ -registration_request: 0271e8fd723a873d16ddbda1d3700b9a42eca179ba09a8f -c2a2e40a8142fa35fe0 -registration_response: 03c6fe2c086fa5333a15c5718ddda1f15a61e9ea9a0c4a -36f5f0dfe4f090250a70035f40ff9cf88aa1f5cd4fe5fd3da9ea65a4923a5594f84fd +registration_request: 029e949a29cfa0bf7c1287333d2fb3dc586c41aa652f507 +0d26a5315a1b50229f8 +registration_response: 0350d3694c00978f00a5ce7cd08a00547e4ab5fb5fc2b2 +f6717cdaa6c89136efef035f40ff9cf88aa1f5cd4fe5fd3da9ea65a4923a5594f84fd 9f2092d6067784874 -registration_upload: 03763748cc2dfe4f6f80f8e4f3087b2d2222a7c9ba7d3c3a -a8e89c4975eed0999f5b042a53415b5db1161dacf9f9ef0c30ed6b0179038e5e8e5a0 -aa087c8bc0753a921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6 -5670e51f6f7b04d6f92795c9bdb72da5ebe7745b8a6c38fc64c391b1be60b4f49ff2c -e67 -KE1: 036514cf26a2578f1a45ea8faf540e52b237236ee97dc54948eca7b7f71ba9e1 -29ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f91fdaeeb1034 +registration_upload: 02dc91b178ba2c4bbf9b9403fca25457b906a7f507e59b6e +703031e09114ba2be07f0ed53532d3ae8e505ecc70d42d2b814b6b0e48156def71ea0 +29148b2803aafa921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6 +5670e51f4d7773a36a208a866301dbb2858e40dc5638017527cf91aef32d3848eebe0 +971 +KE1: 037342f0bcb3ecea754c1e67576c86aa90c1de3875f390ad599a26686cdfee6e +07ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f91fdaeeb1034 93f36ca12467d1f5eaaabea67ca31377c4869c1e9a62346b6f01a991624b95d -KE2: 036ebcb79716cf2ecd0b3e5f3141709f72feb7369d2de41c61e0fa5695e78385 -3e38fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6d286 -5751562662eea8de000fdfd4cd1bf506b137d12f28bffaf11a0d720c6ddfe532b2aff -31acb0a8fbb89de1e29cc5a93a33f2e259cf59ad6c88a473d5f056aeb211efe68628e -45c388328e97b78809368c72b9efc78fe51ecc7f5b6f7f4c4c2e471cd9960ecef2fe0 +KE2: 0246da9fe4d41d5ba69faa6c509a1d5bafd49a48615a47a8dd4b0823cc147648 +1138fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6d2f0 +c547f70deaeca54d878c14c1aa5e1ab405dec833777132eea905c2fbb12504a67dcbe +0e66740c76b62c13b04a38a77926e19072953319ec65e41f9bfd2ae268d7f10604202 +1c80300e4c6f585980cf39fc51a4a6bba41b0729f9b240c729e5671cd9960ecef2fe0 d0f7494986fa3d8b2bb01963537e60efb13981e138e3d4a1020e67941e94deba83521 -4421d2d8c90de9b0f7f925d11e2032ce19b1832ae8e0f182fa038ada128f4440131f9 -8adc14cfbdf9045d95b6a55db9b38ffd0aa539f7 -KE3: a9a61a2442845e83b86c22d56ff038893208fcb0e2026d65e2a04f87497e873f -export_key: 00e1f2a1613c78183ec5127f805d320f31ce5dfef70d78f64d327d6c6 -e325ae1 -session_key: 9d15a7020c089b7c7ab7d6341e34a16260279b59dda8d63cabd3da0b -a14da32c +4421d2d8c90de9b0f7f925d11e2032ce19b1832ae8e0fdca637d2a5390f4c809a67b4 +6977c536fe9f643f703178a17a413d14e4bb523c +KE3: 298cd0077d018f122bc95d706e5fef06537814c567f08d5e40b0c0ae918f9287 +export_key: c3c9a1b0e33ac84dd83d0b7e8af6794e17e7a3caadff289fbd9dc769a +853c64b +session_key: 0c59872e9bcdde274f4f52f6ba0fd1acca211d6eb7db98677b457a73 +9ef1f0d8 ~~~ ## Fake Test Vectors {#fake-vectors} @@ -466,7 +466,7 @@ a14da32c #### Configuration ~~~ -OPRF: 0001 +OPRF: ristretto255-SHA512 Hash: SHA512 KSF: Identity KDF: HKDF-SHA512 @@ -509,7 +509,7 @@ server_private_keyshare: 6d8fba9741a357584770f85294430bce2252fe212a8a masking_key: 39ebd51f0e39a07a1c2d2431995b0399bca9996c5d10014d6ebab445 3dc10ce5cef38ed3df6e56bfff40c2d8dd4671c2b4cf63c3d54860f31fe40220d690b b71 -KE1: 20098d3321812eab08e9f3ccd5640d26194cb5cf73f4c5d551f9fea8f5a5765f +KE1: b0a26dcaca2230b8f5e4b1bcab9c84b586140221bb8b2848486874b0be448905 42d4e61ed3f8d64cdd3b9d153343eca15b9b0d5e388232793c6376bd2d9cfd0a0e4ed 8bcc15f3dd01a30365c97c0c0de0a3dd3fbf5d3cbec55fb6ac1d3bf740f ~~~ @@ -517,16 +517,16 @@ KE1: 20098d3321812eab08e9f3ccd5640d26194cb5cf73f4c5d551f9fea8f5a5765f #### Output Values ~~~ -KE2: e891a2527f657f5a72d723c735e9c3ae9179275f8e74f89a81418561b1db5670 +KE2: 928f79ad8df21963e91411b9f55165ba833dea918f441db967cdc09521d22925 9c035896a043e70f897d87180c543e7a063b83c1bb728fbd189c619e27b6e5a632b5a b1bff96636144faa4f9f9afaac75dd88ea99cf5175902ae3f3b2195693f165f11929b a510a5978e64dcdabecbd7ee1e4380ce270e58fea58e6462d92964a1aaef72698bca1 c673baeb04cc2bf7de5f3c2f5553464552d3a0f7698a9ca7f9c5e70c6cb1f706b2f17 5ab9d04bbd13926e816b6811a50b4aafa9799d5ed7971e10f6eeab2a7a420bf09da9b 27a4639645622c46358de9cf7ae813055ae2d125236e2e06d49f0b496db2a786f6ee1 -016f15b4fd6c0dbd95d6b117055d9141571ef6a1ac9c84f21e6914ecb5d2020fe50c2 -5b3c026b9f7a877c7526c13309cc4dd4d33050932c627813a67ceb1d3a8e0065fd55a -054296ef3097c6a8a04ac33c +016f15b4fd6c0dbd95d6b117055d914157cb5e11625c701e642293ad32bfcf88da653 +c9b6e71efc8a89607fd46ed5e7b9bf7cc7dbb997a4fd41194a04bcd0c5d88052e080a +2f02c68d8d9e9c0ce15c92ff ~~~ ### OPAQUE-3DH Fake Test Vector 2 @@ -534,7 +534,7 @@ c673baeb04cc2bf7de5f3c2f5553464552d3a0f7698a9ca7f9c5e70c6cb1f706b2f17 #### Configuration ~~~ -OPRF: 0003 +OPRF: P256-SHA256 Hash: SHA256 KSF: Identity KDF: HKDF-SHA256 @@ -575,21 +575,21 @@ server_private_keyshare: 1a2a0ff27f3ca75221378a2a21fe5222ce0b439452f8 70475857a34197ba8f6d masking_key: caecc6ccb4cae27cb54d8f3a1af1bac52a3d53107ce08497cdd362b1 992e4e5e -KE1: 0223afb7e2362271bdf2e20c62e25819e65d379308dfa4d9911f2fc7ada2296f -7f42d4e61ed3f8d64cdd3b9d153343eca15b9b0d5e388232793c6376bd2d9cfd0a039 +KE1: 0396875da2b4f7749bba411513aea02dc514a48d169d8a9531bd61d3af3fa9ba +ae42d4e61ed3f8d64cdd3b9d153343eca15b9b0d5e388232793c6376bd2d9cfd0a039 94d4f1221bfd205063469e92ea4d492f7cc76a327223633ab74590c30cf7285 ~~~ #### Output Values ~~~ -KE2: 029c5324a734851923b27ea573dce1c2ed10c497ee222c5500763c96c5209db0 -cd9c035896a043e70f897d87180c543e7a063b83c1bb728fbd189c619e27b6e5a6fac +KE2: 0201198dcd13f9792eb75dcfa815f61b049abfe2e3e9456d4bbbceec5f442efd +049c035896a043e70f897d87180c543e7a063b83c1bb728fbd189c619e27b6e5a6fac da65ce0a97b9085e7af07f61fd3fdd046d257cbf2183ce8766090b8041a8bf28d79dd 4c9031ddc75bb6ddb4c291e639937840e3d39fc0d5a3d6e7723c09f7945df485bcf9a efe3fe82d149e84049e259bb5b33d6a2ff3b25e4bfb7eff0962821e10f6eeab2a7a42 0bf09da9b27a4639645622c46358de9cf7ae813055ae2d1203f42965d5bcba2a590a4 -9eb2418061effe40b5c29a34b8e5163e0ef32044b2e4c1bf93ad07640bc9ed22e2a33 -8734d55d0d22f5cc16d179e5aa4cce845b9a04a8 +9eb2418061effe40b5c29a34b8e5163e0ef32044b2e4c196137813ed8ec48627f0b0d +90d9427f4ec137f8360769df167c25836eae5d91 ~~~ "#;