diff --git a/Cargo.toml b/Cargo.toml index e9d49ced..bc4d5ff3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -13,7 +13,7 @@ version = "3.0.0-pre.2" [features] argon2 = ["dep:argon2"] -curve25519 = ["dep:curve25519-dalek", "curve25519-dalek?/precomputed-tables"] +curve25519 = ["dep:curve25519-dalek"] default = ["ristretto255-voprf", "serde"] ristretto255 = ["dep:curve25519-dalek", "voprf/ristretto255"] ristretto255-voprf = ["ristretto255", "voprf/ristretto255-ciphersuite"] @@ -25,7 +25,6 @@ argon2 = { version = "0.5", default-features = false, features = [ "alloc", ], optional = true } curve25519-dalek = { version = "=4.0.0-rc.2", default-features = false, features = [ - "rand_core", "zeroize", ], optional = true } derive-where = { version = "1", features = ["zeroize-on-drop"] } diff --git a/src/key_exchange/group/curve25519.rs b/src/key_exchange/group/curve25519.rs index e13b362e..8a1094ce 100644 --- a/src/key_exchange/group/curve25519.rs +++ b/src/key_exchange/group/curve25519.rs @@ -7,7 +7,7 @@ //! Key Exchange group implementation for Curve25519 -use curve25519_dalek::constants::ED25519_BASEPOINT_TABLE; +use curve25519_dalek::constants::X25519_BASEPOINT; use curve25519_dalek::montgomery::MontgomeryPoint; use curve25519_dalek::scalar::Scalar; use curve25519_dalek::traits::Identity; @@ -47,7 +47,10 @@ impl KeGroup for Curve25519 { fn random_sk(rng: &mut R) -> Self::Sk { loop { - let scalar = Scalar::random(rng); + // Sample 32 random bytes and then clamp, as described in https://cr.yp.to/ecdh.html + let mut scalar_bytes = [0u8; 32]; + rng.fill_bytes(&mut scalar_bytes); + let scalar = Scalar::from_bits_clamped(scalar_bytes); if scalar != Scalar::ZERO { break scalar; @@ -68,6 +71,7 @@ impl KeGroup for Curve25519 { .fill_bytes(&mut uniform_bytes); let scalar = Scalar::from_bytes_mod_order_wide(&uniform_bytes.into()); + let scalar = Scalar::from_bits_clamped(scalar.to_bytes()); if scalar == Scalar::ZERO { Err(InternalError::HashToScalar) @@ -81,7 +85,7 @@ impl KeGroup for Curve25519 { } fn public_key(sk: Self::Sk) -> Self::Pk { - (ED25519_BASEPOINT_TABLE * &sk).to_montgomery() + X25519_BASEPOINT * sk } fn diffie_hellman(pk: Self::Pk, sk: Self::Sk) -> GenericArray { @@ -96,7 +100,10 @@ impl KeGroup for Curve25519 { bytes .try_into() .ok() - .and_then(|bytes| Scalar::from_canonical_bytes(bytes).into()) + .and_then(|bytes| { + let scalar = Scalar::from_bits_clamped(bytes); + (scalar.as_bytes() == &bytes).then_some(scalar) + }) .filter(|scalar| scalar != &Scalar::ZERO) .ok_or(InternalError::PointError) } diff --git a/src/tests/full_test.rs b/src/tests/full_test.rs index 49fdfa85..59100792 100644 --- a/src/tests/full_test.rs +++ b/src/tests/full_test.rs @@ -546,114 +546,114 @@ static TEST_VECTOR_P384_RISTRETTO255: &str = r#" #[cfg(feature = "curve25519")] static TEST_VECTOR_CURVE25519_P256: &str = r#" { - "client_s_pk": "69ed76a73e8ea5e916b69acc1e4e0afa5cdba3f81ea6dfb699fe86ee92a74666", - "client_s_sk": "5e82508b626cbb47668722477adac4eb3bb73f2f2e3eddab756c49374dd4d500", - "client_e_pk": "cda917dd1ed9c3cd6f0eaadcae788f3020a17e6c28901212cf142dc0d98f043b", - "client_e_sk": "4824a46e04261c514c698c1c614a75c7e6f9ff83d24221d8f8d9ee980ab93d0b", - "server_s_pk": "8008812d4b13c79df164a3ea848f5d74769f4897bbd4e7eb61b2386271ed3852", - "server_s_sk": "a4f987b8dc2d2fe1844fb7c204a217354332562145bd4d97d2b3a3a4c7620806", - "server_e_pk": "145283edcc8a938cb055a101ae70d0c02e809c806dccbd72b3f02f858898d76e", - "server_e_sk": "2eb55ba2a40a448e1a1ad2cbba84b2f0e0af5487286b3b60c013662a1684e507", - "fake_sk": "3550ed59a267c5a5844c08e1aecd01eac985756d6abeb8879b3aff1fff14cd05", + "client_s_pk": "e109acb05ead255b0ddef3b1b2a04161149fdbcf9d1a1583cf3bb39dd43f3d6f", + "client_s_sk": "88e628927240f786517e00a5b77ed2fb383e11361c0d4b3324ffb6b927aef373", + "client_e_pk": "334dff6942070b0b1395835e54dc7531699fd5ceed7f197f81d5d28090316b21", + "client_e_sk": "78ab0d232c8231d1a84ad3cfb4d27226d432954ba9a422a825baac4ac4ee3257", + "server_s_pk": "b005c8dca395f0ecd2b6355d600d46199e2f9f389aa84e719d75424b4b8b2b44", + "server_s_sk": "88193c55d0a16c2c833be2a0004ebba32ed63019d94b1a498cdfc04310a9a563", + "server_e_pk": "20303db181367b52118c89bd7e0d4d97d1c6382bd65ca166cd9876c9b6fc9f1d", + "server_e_sk": "58bbac2fd1ee62043eb05631a361b71abfede72530899129035a0ea5454e8042", + "fake_sk": "08f3aeac6bd5d6a30cd59e0c74e0ec90254828a3ff8b18a622a3e8bc6a31be73", "credential_identifier": "637265644964656e746966696572", "id_u": "696455", "id_s": "696453", "password": "70617373776f7264", - "blinding_factor": "f5cffca6a1adc8fc3ccfdad0be1fe9ed584ba0375a7f8d0d4e0a66b68c9bca0a", - "oprf_seed": "0be066c853e54cb56e6df6026ff4a935989f3c8060453f410f19dc6949fe929a", - "masking_nonce": "db49cc5073b8e0a2aeaebfa54701561d186fce1c74ec517cab5988e500c5b63c1d390a5056830cceea8ad0236b320ce719fbbfebbfa5aa9f911935326d27f378", - "envelope_nonce": "95b05ff76c53bee8de8b561ef7fde3e40c10f879792081011940ae2aac7a623c", - "client_nonce": "2a98b15c271c8d52116650c7b490635bc79b23b8ed9b23d550015808a15e9867", - "server_nonce": "2e71ec9dd06a8e6db234da612669bc9ac17afa4b16a2593951592c7936538938", + "blinding_factor": "6b68b1711d94273abfec09e6a747b8d5f9b3b42250dc867d9a69808ddde97602", + "oprf_seed": "a1ebc0d9b741fbe1b4d3d5b97a89eeca2e3f42ea54afad209e3462d9d8c2f5c3", + "masking_nonce": "653f38d85dd789596c39617ef7a54d33b20dc40bab5b1acfc8deef215c14322ab9d7801cd27ac622bcd31f62cf0d739a1e296a2ca8b2f8be854290e0aad33068", + "envelope_nonce": "aa76064915e29d00600b6a2b694c0da826a9388bf58fa39fb41fa22b3e6083f0", + "client_nonce": "be19d2540482db6096279c55970711cda737c4cc1695a8e417d1ebf19691f223", + "server_nonce": "1eaa5da8f04d0b707e147ff78af9aa56f9d9b6042205063c24579d10048cb06e", "context": "636f6e74657874", - "registration_request": "0330ee3076f2b0087fc6e97734fd6a15fb8a428672ecbe122ce154ed0119b34d0f", - "registration_response": "03b6c765c7b2416a30d2278e095195c8a5bd9f4ebb5ae5c19d5c2bf66c4a72abe38008812d4b13c79df164a3ea848f5d74769f4897bbd4e7eb61b2386271ed3852", - "registration_upload": "5229aae7151510d1c3f74a22feb06ea4c285a25dbaff68be39f07a011711de610b2004db6b44786aa1221747f6469bd0611b97dfcb77c0f048820d976f3372465e82508b626cbb47668722477adac4eb3bb73f2f2e3eddab756c49374dd4d500361476577ea22e5abea82926a0f63e39d2677305de5f148dac7cf5a729d1748a", - "credential_request": "0330ee3076f2b0087fc6e97734fd6a15fb8a428672ecbe122ce154ed0119b34d0ff5cffca6a1adc8fc3ccfdad0be1fe9ed584ba0375a7f8d0d4e0a66b68c9bca0a95bc1257ac1517d07a6803a279bbd1701879ec5778581bf425eaff863d1f5a69", - "credential_response": "03b6c765c7b2416a30d2278e095195c8a5bd9f4ebb5ae5c19d5c2bf66c4a72abe3db49cc5073b8e0a2aeaebfa54701561d186fce1c74ec517cab5988e500c5b63c1f2aa4a06a3e29a3db080b36676f704c00d9ab9a631a7f5a02a0d9e310a49d719ea9d4b6e3dabbf41a5fda497be1086038cf184e92b08b3c81c5b7eeb59dd58aba37ddd1ad1e5574e28c1b1b381074be7d57c26bf646640e5129090604ac78982e71ec9dd06a8e6db234da612669bc9ac17afa4b16a2593951592c79365389380520386dadb6647eee03d638d0335b58208784b516b9500bc0ecfeef287bfb6ed8b1dc49fd245b6f10d9f029a32bcbbc3cbdbb4667f5927d05b0cf956bce1a40", - "credential_finalization": "17f80bc4647799102a0514c4e529bb2f75142f186270f4ecf909b8b86b3512b4", - "client_registration_state": "f5cffca6a1adc8fc3ccfdad0be1fe9ed584ba0375a7f8d0d4e0a66b68c9bca0a0330ee3076f2b0087fc6e97734fd6a15fb8a428672ecbe122ce154ed0119b34d0f", - "client_login_state": "f5cffca6a1adc8fc3ccfdad0be1fe9ed584ba0375a7f8d0d4e0a66b68c9bca0a0330ee3076f2b0087fc6e97734fd6a15fb8a428672ecbe122ce154ed0119b34d0ff5cffca6a1adc8fc3ccfdad0be1fe9ed584ba0375a7f8d0d4e0a66b68c9bca0a95bc1257ac1517d07a6803a279bbd1701879ec5778581bf425eaff863d1f5a691bb3b820ad232af99bb59252cb6d384c1c14584ae61a3b316632b64b78bb0301f5cffca6a1adc8fc3ccfdad0be1fe9ed584ba0375a7f8d0d4e0a66b68c9bca0a", - "server_login_state": "a25294f501e4d072ce9eaf533a058342341b5fbbe3a4b634f6a75e7b472cea48893146600bead24ed784b5d1dacb4052fad1c346647388292ed2e003622536832fc7d8269cecbb5e4e35d692a5dfbb9c7b0bc4d6de5df8284006563b90033122", - "password_file": "5229aae7151510d1c3f74a22feb06ea4c285a25dbaff68be39f07a011711de610b2004db6b44786aa1221747f6469bd0611b97dfcb77c0f048820d976f3372465e82508b626cbb47668722477adac4eb3bb73f2f2e3eddab756c49374dd4d500361476577ea22e5abea82926a0f63e39d2677305de5f148dac7cf5a729d1748a", - "export_key": "bbf3e4488d69ade22fa6c799633f3719a19624d2f91e217295cb54e7be1d0161", - "session_key": "2fc7d8269cecbb5e4e35d692a5dfbb9c7b0bc4d6de5df8284006563b90033122" + "registration_request": "02efc05fc89c30469d017160a3ac0630a3546b19dd20193a7cbea801482e4d0f00", + "registration_response": "02120dbe7291cf53739fef3955f49956147f518e9f2ee9f17e4c061fefe09c3cccb005c8dca395f0ecd2b6355d600d46199e2f9f389aa84e719d75424b4b8b2b44", + "registration_upload": "ba486310fcc3cbacf1b3835bcd06aa33d302a8cff11874a34f10d2ed3940f81d547dc06cd2faa5afe8fe75880c1e6ebca4b4734f8a9e95a8ff29e19db3d5d99e88e628927240f786517e00a5b77ed2fb383e11361c0d4b3324ffb6b927aef373ef4454dd53eedad0082f2dafb2ef474394d8a15dfc4a907f5fbf75403b399a9e", + "credential_request": "02efc05fc89c30469d017160a3ac0630a3546b19dd20193a7cbea801482e4d0f00be19d2540482db6096279c55970711cda737c4cc1695a8e417d1ebf19691f223334dff6942070b0b1395835e54dc7531699fd5ceed7f197f81d5d28090316b21", + "credential_response": "02120dbe7291cf53739fef3955f49956147f518e9f2ee9f17e4c061fefe09c3ccc653f38d85dd789596c39617ef7a54d33b20dc40bab5b1acfc8deef215c14322a25ceb12702124627c855cd281b4bedb24821ddee72fac2ff840343772ebb3145b9062e1b6804a9b48782be7194cf1092b0f0873ca01a56c04612b8070602e1a361731d0a51df56d9badcb8dfae739c71d640cd5fc49a53d40d109c261a587b9158bbac2fd1ee62043eb05631a361b71abfede72530899129035a0ea5454e80424a84ce00257ddfcfa70d36591f2c2db293276114660134be94d3f5dad10c312ccdc54d5a631789a6d39697a35e12a4900ff7f356b3aa97773f225d32dc901b21", + "credential_finalization": "e1ac3b00c834a871e3163ea28b4611810e530b57c9e0e698b5fe6353c9f7ebba", + "client_registration_state": "6b68b1711d94273abfec09e6a747b8d5f9b3b42250dc867d9a69808ddde9760202efc05fc89c30469d017160a3ac0630a3546b19dd20193a7cbea801482e4d0f00", + "client_login_state": "6b68b1711d94273abfec09e6a747b8d5f9b3b42250dc867d9a69808ddde9760202efc05fc89c30469d017160a3ac0630a3546b19dd20193a7cbea801482e4d0f00be19d2540482db6096279c55970711cda737c4cc1695a8e417d1ebf19691f223334dff6942070b0b1395835e54dc7531699fd5ceed7f197f81d5d28090316b2178ab0d232c8231d1a84ad3cfb4d27226d432954ba9a422a825baac4ac4ee3257be19d2540482db6096279c55970711cda737c4cc1695a8e417d1ebf19691f223", + "server_login_state": "6c744915f5aba566f8cc9c601e3a0388c679a07da549905f0350ec3fbc2bbecf8b62a285aa728a8a124d9b30b986745e334143e0fdd1b112fcfb7f87c412da6b405910d03caf6cb3ec6b21c3c7095f136ff050f3c294ee268c537116b90c8c18", + "password_file": "ba486310fcc3cbacf1b3835bcd06aa33d302a8cff11874a34f10d2ed3940f81d547dc06cd2faa5afe8fe75880c1e6ebca4b4734f8a9e95a8ff29e19db3d5d99e88e628927240f786517e00a5b77ed2fb383e11361c0d4b3324ffb6b927aef373ef4454dd53eedad0082f2dafb2ef474394d8a15dfc4a907f5fbf75403b399a9e", + "export_key": "c8d95a7b0a2c3baa488949effc399d39e64ee09cae26e26ee0ded26e295d9f0b", + "session_key": "405910d03caf6cb3ec6b21c3c7095f136ff050f3c294ee268c537116b90c8c18" } "#; #[cfg(feature = "curve25519")] static TEST_VECTOR_CURVE25519_P384: &str = r#" { - "client_s_pk": "2b9f0f954c3de559cbcb62080b83ece704a0ed3483210af87accea63da3dbf07", - "client_s_sk": "41f6de16ddb0c830acc051fab8347a091a8dea09235a33efce6ef8b74f2e0606", - "client_e_pk": "aaffa1e339b2889ae79e17aa6182f0c3a2b6978c6815804154d50684fbcc7a1f", - "client_e_sk": "f36d354b03a9e4bfad55282a50f83c2e847f2cca355119f763e1f6355622020d", - "server_s_pk": "8305087c15191b88261b4d9d758d2989e3c9db173af3a9afec50e894d208974b", - "server_s_sk": "d51fc8cab005d03f715d9a10dd96f4fc26f8b8ac0730f1009bb3bed0d943b806", - "server_e_pk": "36d6599df3721f0f48c0dfef90d559be4c480ed9a64a944daee1e084e481ca7f", - "server_e_sk": "07bb627db23b616e4db6400cdbfe64bcd2f8bdeac75d6c1b3986abec53db0507", - "fake_sk": "3ff9c80e135aaaa4b659bfc7aae930df48b850584081b1785941731a917bed03", + "client_s_pk": "47bf6620ef1793404dedc4b92516e8633b3580d8e9ab7d38f4664a9cc4308e3c", + "client_s_sk": "7051dd78600860b1c96bfd4729fc792111c06b7653057ab9dd32efe03052a564", + "client_e_pk": "741bb246da7c5b1361038e78d25006c3d8388b7361e9ca082e5a9770edfd7e42", + "client_e_sk": "68ea700379d9f0d73594cd3edcd2096a8ce99af9faf736c11262d15b91584f51", + "server_s_pk": "cef452814c8d96e7187efdc6f39b4cf3b9af79a3303fdc1ff06d73fcdfa9fc09", + "server_s_sk": "40265c6e7b69c63b1dd77b0a5b55736ed5a3a3e1ef4d6a2be5d84a2b8c9f4078", + "server_e_pk": "95f2ea9503fae836c029d7a85229eb537b6a82c9f0362802e488878eaef5655f", + "server_e_sk": "f0209a74b6f09e05d3214bbdbbd4d1c3386a7d47213746876e8d840a56299f65", + "fake_sk": "8865f09f0d9270e951c7fb723922095ace2febd5a673fd2bfe85456140afb97e", "credential_identifier": "637265644964656e746966696572", "id_u": "696455", "id_s": "696453", "password": "70617373776f7264", - "blinding_factor": "3b2613f0fd19417836768e52e0fa8b10ba72c7d73295fe05fe3f2760ac9f5634866ffe7ce82a3bf7331fe69aa3b012eb", - "oprf_seed": "6a37fc383dc9b4603df4cbf145d6921e80c8fda01fa29881575b8a39715acbc1ad7d2a3d9b4e6393aef845a2dfd8ab2a", - "masking_nonce": "691c753a5a2de16b8e5a39d80f92f59e20c7bdf4f541b89ae931b601f98b9443c6cdf44de136cebb8d73c341bd383d5307c54a34ead807befba2728a7544c9c7", - "envelope_nonce": "4f4a4a91c9ae4ccb46ac6fe2e8e03a9ce5361341cb5ca8c5416092f9f7f9db92", - "client_nonce": "b3c6c95ff54e295b657ab1bd9a0baab8ebd8e1d8e066f60ab2902345d6aef8a7", - "server_nonce": "d29f696f00f3db18aeca7e6f9d8a588f93a3d8740fa61080a202aa68f5612eb0", + "blinding_factor": "23b19816e290cafe9796db34c4922211de1498df4bab2e5ce0c318e533658771d117e9a9eae9d016d7433d3400b4d99c", + "oprf_seed": "b29c73aa3651b3eda0cd7e327c0c60693c2b667707d4d7825f862ccca1e319ab0ca5de2f6fa89829cc73c1340fcff00b", + "masking_nonce": "25431b6a925130d744101b95fd1ddd822173d97a945b3a7f721cff33c4d3afd4fd93c70914553bde5d50144117cd601449bcdc15f2606a38402aea3ba404a8b1", + "envelope_nonce": "f7a5c2edad92af2dc4d0901e54090341a66cd925d0b487f92a64c8cf0aaefe2d", + "client_nonce": "48b90f2c8909576edc61743b84d66ce93ae5432d60bb29eadb076e027a163731", + "server_nonce": "b4e8004b2f78bd47a132a9ae1640984990066856553ec12e6d409c55af0f93db", "context": "636f6e74657874", - "registration_request": "03a0069896a068b38e870bfea488861af330a6d0aadb6308f18008c47f3cb296fa26658e8aaf720f7007a85895f386445b", - "registration_response": "0359cc30b4847552e7ceaccc4c9e1d10741d1410f6c4f89a3861d999bc4d0377ffe4e06e54759ca1803530c67c7509b1128305087c15191b88261b4d9d758d2989e3c9db173af3a9afec50e894d208974b", - "registration_upload": "6b062577189bbb1bc882bf3f47312c660938d218ff5ab92301a4dc1518d2bd2b8c61ddca8e0adffca028c40d603d2ef192453e71a24fdfcf90cd4d960db0641b8ace898e125b2f2f414e04c12829f80241f6de16ddb0c830acc051fab8347a091a8dea09235a33efce6ef8b74f2e060670fcc24972ff7946b119e8f2836b032eea9243ed3a55480ca1bc4ae1f5c4362ab1d258c80ac805bd51d5b176f1ab6d5a", - "credential_request": "03a0069896a068b38e870bfea488861af330a6d0aadb6308f18008c47f3cb296fa26658e8aaf720f7007a85895f386445b3b2613f0fd19417836768e52e0fa8b10ba72c7d73295fe05fe3f2760ac9f56348f3bbbf19a30d072fddd1a0faa3f560904a635a20360c12bf85c5ee2f1d98952", - "credential_response": "0359cc30b4847552e7ceaccc4c9e1d10741d1410f6c4f89a3861d999bc4d0377ffe4e06e54759ca1803530c67c7509b112691c753a5a2de16b8e5a39d80f92f59e20c7bdf4f541b89ae931b601f98b9443b3ec87b09e29174bf0b02f765aea2a95bedf4cac2aba3b11ea67ff8e4101d6c2787b2837c53f00686f5cf7702da632d2dfb6347f4b778486dfebdc068c586be74bd661ce1cbac7c09aed4d164bfd2bfbc3337486edc4072728207b9b7474bdd5d5044d7551c53edd0df3af6095a692cfd29f696f00f3db18aeca7e6f9d8a588f93a3d8740fa61080a202aa68f5612eb0b801faec75954a61b8b3d94beb2682c5f78103da1f1e577741db6b2bcfe4e60bfc16b1af016923f3668151ad8c66caff5e23e68e583340df67b520c42d1660bbd82e848651de383c1cbbe385538b9441", - "credential_finalization": "0001d2ea15799e41464afce25b78741c894a51fb1ea8e1eccef3aebc98131782c76e21c949c97cf31d20defab16a5756", - "client_registration_state": "3b2613f0fd19417836768e52e0fa8b10ba72c7d73295fe05fe3f2760ac9f5634866ffe7ce82a3bf7331fe69aa3b012eb03a0069896a068b38e870bfea488861af330a6d0aadb6308f18008c47f3cb296fa26658e8aaf720f7007a85895f386445b", - "client_login_state": "3b2613f0fd19417836768e52e0fa8b10ba72c7d73295fe05fe3f2760ac9f5634866ffe7ce82a3bf7331fe69aa3b012eb03a0069896a068b38e870bfea488861af330a6d0aadb6308f18008c47f3cb296fa26658e8aaf720f7007a85895f386445b3b2613f0fd19417836768e52e0fa8b10ba72c7d73295fe05fe3f2760ac9f56348f3bbbf19a30d072fddd1a0faa3f560904a635a20360c12bf85c5ee2f1d98952244453214d35510dfef82e676f335cc04025ede506f059fed843116d3840ab003b2613f0fd19417836768e52e0fa8b10ba72c7d73295fe05fe3f2760ac9f5634", - "server_login_state": "f00e2773cadcbb3de4d739ffb6e4e120337daa6d11ba69f9bca1bd374681c355dd8b5132aaacb1f77c6486898b81114250cd096b06362a915367cd41c9ab4387630cbf19b264cc85e53973f0b00895c81327132383d7c8fc8bc9e00692e7349b607bf25dbef56cc296e3649301c2eef0a85c600906019adaa5c24b3baae6ee24665abe16daca22fabda03c9759b8f6b2", - "password_file": "6b062577189bbb1bc882bf3f47312c660938d218ff5ab92301a4dc1518d2bd2b8c61ddca8e0adffca028c40d603d2ef192453e71a24fdfcf90cd4d960db0641b8ace898e125b2f2f414e04c12829f80241f6de16ddb0c830acc051fab8347a091a8dea09235a33efce6ef8b74f2e060670fcc24972ff7946b119e8f2836b032eea9243ed3a55480ca1bc4ae1f5c4362ab1d258c80ac805bd51d5b176f1ab6d5a", - "export_key": "cdf7f3110e45cc681bdd4244b0a0f0a14479fa8e4ddbf44b85729127887cb26ddd0d886852c9a500583c0b7abc3a94ec", - "session_key": "607bf25dbef56cc296e3649301c2eef0a85c600906019adaa5c24b3baae6ee24665abe16daca22fabda03c9759b8f6b2" + "registration_request": "036da1da44ad100ce9c80f074b98e8564e131d6d9186c666e44e2f2ac74822a86aa9af120bc2ebbba3f81dddea21fb418e", + "registration_response": "02faff596ac44ab490917a3153c50d67f46bfd12877c2d42d9ae855af3160461aa055ba4900a7c2df6b89acee908376b09cef452814c8d96e7187efdc6f39b4cf3b9af79a3303fdc1ff06d73fcdfa9fc09", + "registration_upload": "4f6f6c4b7d2dce29897218c5c609aea30288112ed8c33d8cd67f2b19c3fd1928fb65782af6070e84bb7a542813fff00fb7f71a7797089072babfe06ba01d1845e0c8b6a9b17b65f6b992c00ce34f115b7051dd78600860b1c96bfd4729fc792111c06b7653057ab9dd32efe03052a564d02881210e8c7e043f278032e691a23e8451377624aebcbf7364155158c8cc0a3df1f2c3e669785b81f17016ba7a7acd", + "credential_request": "036da1da44ad100ce9c80f074b98e8564e131d6d9186c666e44e2f2ac74822a86aa9af120bc2ebbba3f81dddea21fb418e48b90f2c8909576edc61743b84d66ce93ae5432d60bb29eadb076e027a163731741bb246da7c5b1361038e78d25006c3d8388b7361e9ca082e5a9770edfd7e42", + "credential_response": "02faff596ac44ab490917a3153c50d67f46bfd12877c2d42d9ae855af3160461aa055ba4900a7c2df6b89acee908376b0925431b6a925130d744101b95fd1ddd822173d97a945b3a7f721cff33c4d3afd4ef3e8ead079f059d604ce87722708a50b49fd35ab475d7bad69d507e5a7f1bc499ac79e68265a5a89ee3ef56e250e3b724113ba179d07bf846ff2c068e0e46e2c57c5d98571d169bef75148c2adad3e4d6a927b53763fa8fd197ab6b73500a6dcbc6718556f48a74e87e737802d08c9df0209a74b6f09e05d3214bbdbbd4d1c3386a7d47213746876e8d840a56299f65f7bc99ca5350019cc62b759ddacbb55172e13b762614ebe959987840db244c7f548798cdd6a3354f79d58c1fd39715cc31b7ab7feb1702aec24da864500831fb39a83920b1e2e32ef23e73987fde2e24", + "credential_finalization": "554a499b045b2c94d68f0bddeb41f76c32f7b357000eadbfea0487ba8dc0b146491f4ff614619e955686d64d4575f564", + "client_registration_state": "23b19816e290cafe9796db34c4922211de1498df4bab2e5ce0c318e533658771d117e9a9eae9d016d7433d3400b4d99c036da1da44ad100ce9c80f074b98e8564e131d6d9186c666e44e2f2ac74822a86aa9af120bc2ebbba3f81dddea21fb418e", + "client_login_state": "23b19816e290cafe9796db34c4922211de1498df4bab2e5ce0c318e533658771d117e9a9eae9d016d7433d3400b4d99c036da1da44ad100ce9c80f074b98e8564e131d6d9186c666e44e2f2ac74822a86aa9af120bc2ebbba3f81dddea21fb418e48b90f2c8909576edc61743b84d66ce93ae5432d60bb29eadb076e027a163731741bb246da7c5b1361038e78d25006c3d8388b7361e9ca082e5a9770edfd7e4268ea700379d9f0d73594cd3edcd2096a8ce99af9faf736c11262d15b91584f5148b90f2c8909576edc61743b84d66ce93ae5432d60bb29eadb076e027a163731", + "server_login_state": "ef411e8209facbabbeb99d7b73600d6f6c54df43969048381619b7e2c448eff411a67be3f782d9e7a64fb86434cf4923976f0526ff3ddb232492982e34b85e22ca4d6ce6d77608e69966e6ee946df1895483da7e27974d8013f668aab235376d0fc20aa7385934f47c498b804483c436514ac31e3817067615464a89afb46ffff7cc2bd52e05cbee3a23c6ec9a43705e", + "password_file": "4f6f6c4b7d2dce29897218c5c609aea30288112ed8c33d8cd67f2b19c3fd1928fb65782af6070e84bb7a542813fff00fb7f71a7797089072babfe06ba01d1845e0c8b6a9b17b65f6b992c00ce34f115b7051dd78600860b1c96bfd4729fc792111c06b7653057ab9dd32efe03052a564d02881210e8c7e043f278032e691a23e8451377624aebcbf7364155158c8cc0a3df1f2c3e669785b81f17016ba7a7acd", + "export_key": "c90f604c28e60aa7b386ae9b37fc1d9d2f9aabf9c4e6ead8eb2b132667121f19bc6e99afdfc287aff26224fc451a9328", + "session_key": "0fc20aa7385934f47c498b804483c436514ac31e3817067615464a89afb46ffff7cc2bd52e05cbee3a23c6ec9a43705e" } "#; #[cfg(all(feature = "curve25519", feature = "ristretto255"))] static TEST_VECTOR_CURVE25519_RISTRETTO255: &str = r#" { - "client_s_pk": "6d34d8019596453f74f6cb7e19518f18c59007bf391c27e628ede13399c55926", - "client_s_sk": "12fb7611a1d2750132a1a7dc1dec9a6661d76219cf36da56c740e562d4f4e903", - "client_e_pk": "3d5f9259f557807b564983284b24b8215fc5bd7b3a0f8bc34009f1cd952a0169", - "client_e_sk": "d9951ecf26494ec47d14201a20d8c1ffaea23a77a517bf5e0a989dc43c250305", - "server_s_pk": "4289e6432b1aab39b48e7aaa1f5df5469557a02e88890e65abca69a8c20ea628", - "server_s_sk": "303fb01ec84103188c0d36d38141374e6a926fbb87d3cee44d91d4fad2c46007", - "server_e_pk": "9caa20ec8b9211dd813d50d1ca6a58ee33a973d0653d51e6491978cd0947ac3c", - "server_e_sk": "5af7853127d11fa5ef474b299a555b6646e1f4c99d3a28b66a4c0cb845e6700c", - "fake_sk": "456a7f74f53bec33901e9d0baae516274fb61897febbe70f6cf24a0db26bd90a", + "client_s_pk": "425d9690de8c494cf18020f0b8977aa02d2701e20ae22f7e9a22396b219bdd09", + "client_s_sk": "48064fdc57a4f75dd1e07013c7123cc9f63bcc7cc812fd4d6785b10d323b2549", + "client_e_pk": "643a85ac2e212108b822e2ed22705aa1da98db515cc010ea5f803a227be1c919", + "client_e_sk": "70662c87da47502582f94edcc41babaf50eff95125ac666a9ff02f06c852276a", + "server_s_pk": "a4fac053abfb5d79def37a3ea1d19d85d34b84a0ac4cbfc4cea1f368cd99553c", + "server_s_sk": "50e025031678aea84429d14259ab2d7e2d95f552e7a694d58d00e1ed4517b14f", + "server_e_pk": "957eb70736694ad3058275fae43bb48204d88d65b80b7b197192f78c0942d013", + "server_e_sk": "6802638853a41e9773fe51a9ab442465176e2ccef3eb3855a343a411ac35e952", + "fake_sk": "881be0fdc6ba406b4725daf16cf0dd6cef20c8e401db26c6827fb93f30906c69", "credential_identifier": "637265644964656e746966696572", "id_u": "696455", "id_s": "696453", "password": "70617373776f7264", - "blinding_factor": "59b12e9ad422cf4a8df17bf618ec359bbd2fc445a6aeb1456bc3ac66c2a2a209", - "oprf_seed": "5613715923e625b9ad4f9cf1020489badf36d5e1b69d269ab1f9ea6bf958cd90141e26c4184fae38b8147b7ffae552480009783009f469ac996082cbf3ef08df", - "masking_nonce": "ae7b75049b66fee73f8473e93151e88f526ce3552efff099ef5309990a77692b900f195b54ea5c5009265a2824a67ff59438f012c48eed75c5183fc8e1a8f194", - "envelope_nonce": "97a68221ec1b0221b0d6b7926725692ebf5a1afb1bf99b07bdb18c7b3da11b5e", - "client_nonce": "d3c3ea320a38ab0e4cb16ac0be440d98ceda8eb9bdb9501f514ebd6dc3b15f22", - "server_nonce": "7bbd7b539f0234343795758fac2b92a621f32a7df93729a043c66f23820f9955", + "blinding_factor": "7dbc12dd8b1280bc76567b32f150e1c96a7d88d8dbb7083eae67c85990905e01", + "oprf_seed": "4c335f4d75f53e9bf593fbbb4971763fc27caed1151ea054aa582178794a95b11ce9fbead333205f705cb9dc717ed643fa743ddfa606f7d7e02fcb750d70294c", + "masking_nonce": "4df6e5189bce92a87ade075e4bfb5aba25e1a215c9da97bfefe3751abbd516f74e65aa7f5571e603936e8aba0d60a317fe991478e12e97e5303ddac6b5eed135", + "envelope_nonce": "bc787b112a62e219225fb7b157a7455014726c9ef4176551526615511d2b08c1", + "client_nonce": "1e930824df3cd0e4d0423a87371ad1d903770fed134a2ff5839493ea29d4ac5f", + "server_nonce": "6d41b975cd7106c6db6e1d89af45e3e7f1635cd0c1c866be96d517314d04b585", "context": "636f6e74657874", - "registration_request": "6237782184147685be0a8b918a185ee99802843d61a61ca46638912607d13443", - "registration_response": "10fc453b29cd35dabe1fe44bb2d88c17f4246231e2226cdead9359a0af24ab794289e6432b1aab39b48e7aaa1f5df5469557a02e88890e65abca69a8c20ea628", - "registration_upload": "ce6867cd81ae2d0d886f1a29e12056ddc7a6a2a91be7d2dfcd312f2c39a38315da43e121023f254420fdd065cdc874afdfdb87051ad466a499a0bdd85b47f88a6bebfa99ab12e050ea429edf3a1434e84282e25b54204fcd699632c0a8d57af212fb7611a1d2750132a1a7dc1dec9a6661d76219cf36da56c740e562d4f4e9038343767a8c365ccd2a4de1f9f5c566c2a8997da0fb5613ebe13eec395a79755ebbdf53cbfe4dbd36e2d7e34c37f92bc4b0e1abb38ad57a3c2efd820bee87a298", - "credential_request": "6237782184147685be0a8b918a185ee99802843d61a61ca46638912607d1344359b12e9ad422cf4a8df17bf618ec359bbd2fc445a6aeb1456bc3ac66c2a2a209b8971a309718d5a516b9e8b90eb675faeb977a2b9b6db8f7e6fbdeace0dbfb08", - "credential_response": "10fc453b29cd35dabe1fe44bb2d88c17f4246231e2226cdead9359a0af24ab79ae7b75049b66fee73f8473e93151e88f526ce3552efff099ef5309990a77692bacea3237a61667305c089852b2c0e65394a19104b67881e310c14892c2043291f9e0a6c2f595d1414f446dee9a959bab717337cd4cedbf7689e5031e8017549641d8d7cb49d2deda605c1bb0a5234403f8fd331c912942583da3d386acfb84a1d6fc6c65c43d3a0f53af7134aefd32861bd702203cb067a517817598118450667bbd7b539f0234343795758fac2b92a621f32a7df93729a043c66f23820f99558df623d1eaf64ae2ff70a8964c0e244725575aa7fbb3a0a2590b0b763d8e6c67f1b3dd73198035b65fc9447680d05d7e82dfc22e8e3d0d0beb9a86df6d625382bd090f1711d585cfd9f623457d0ceb0606d682893be399e258f371a3863f82d1", - "credential_finalization": "a639983ef8826f6180e70677a81aaeeae7b85d10aa1e1a32b452bf126febc6d8c7aeeb7dd28de7e2f2efa820bd16db22897d6613820f3c60f8789dde1a096332", - "client_registration_state": "59b12e9ad422cf4a8df17bf618ec359bbd2fc445a6aeb1456bc3ac66c2a2a2096237782184147685be0a8b918a185ee99802843d61a61ca46638912607d13443", - "client_login_state": "59b12e9ad422cf4a8df17bf618ec359bbd2fc445a6aeb1456bc3ac66c2a2a2096237782184147685be0a8b918a185ee99802843d61a61ca46638912607d1344359b12e9ad422cf4a8df17bf618ec359bbd2fc445a6aeb1456bc3ac66c2a2a209b8971a309718d5a516b9e8b90eb675faeb977a2b9b6db8f7e6fbdeace0dbfb0812612ac1580fe55bc8c0b20ab0ae6a3910a3d91c79a4b736754c2ad3df3c620859b12e9ad422cf4a8df17bf618ec359bbd2fc445a6aeb1456bc3ac66c2a2a209", - "server_login_state": "fc2e26ba4d3bd654d52fd02d6eb09186c50ae295a36c669065971943f0c0eafa4b423c1cff4dff8fed7699d5d0a5f481a1d93423c5bba6d945a9bf5899fa8ab7efeccdd5551aaa1f7fbedcf75f7df5c7eb14ed5130b71f064ef9a546260a1f27849133bff708279af47d15959832bf22591b0f1d5775a2e1c9c121a83b1d6f71f4f4481e08a77a1a3e781cf3ed28162190c578a1f3d811482cc1fcc99e76e9bfa3a9c5be230007fc37fd073003f8c77a96a168c557967ab4bae73c5852d9ba43", - "password_file": "ce6867cd81ae2d0d886f1a29e12056ddc7a6a2a91be7d2dfcd312f2c39a38315da43e121023f254420fdd065cdc874afdfdb87051ad466a499a0bdd85b47f88a6bebfa99ab12e050ea429edf3a1434e84282e25b54204fcd699632c0a8d57af212fb7611a1d2750132a1a7dc1dec9a6661d76219cf36da56c740e562d4f4e9038343767a8c365ccd2a4de1f9f5c566c2a8997da0fb5613ebe13eec395a79755ebbdf53cbfe4dbd36e2d7e34c37f92bc4b0e1abb38ad57a3c2efd820bee87a298", - "export_key": "c5a83c54eaf05404a79c2b6fd0e4a25f5a8204cd5ea32971e9a29b57e568b301dbf2b17ef7941a89fd2289d53610a594c08970eabaa39257525bb6384796e931", - "session_key": "f4f4481e08a77a1a3e781cf3ed28162190c578a1f3d811482cc1fcc99e76e9bfa3a9c5be230007fc37fd073003f8c77a96a168c557967ab4bae73c5852d9ba43" + "registration_request": "ac14c0042d20a0feb27ef3215db82e66786872cddc0568508318526477cc1830", + "registration_response": "3243003d14d0d29621c4136f9ce9a09d4fc24e77fccffeb9619134a26d14c226a4fac053abfb5d79def37a3ea1d19d85d34b84a0ac4cbfc4cea1f368cd99553c", + "registration_upload": "3b7ccbd3e9aba6b0e1b04e2fe7a5a1e7a9e1d4c2ab66e87e2626ab585c50fb3d8f6ce5c600adf8bb328211944c9ff00135fafad3b3552806bda433db0ea2be69f9abc83d572dfefa4d0062dd98f73a51cf9398621fd7398584488614f611ed3748064fdc57a4f75dd1e07013c7123cc9f63bcc7cc812fd4d6785b10d323b254917976677c28c001c43665f9709975a5c403a2fbbaf2fe853b80497ca5bb0e8300c671775ced7247fe6304c34c4f1f96ddcab1323682741cf899a9d208d392ce0", + "credential_request": "ac14c0042d20a0feb27ef3215db82e66786872cddc0568508318526477cc18301e930824df3cd0e4d0423a87371ad1d903770fed134a2ff5839493ea29d4ac5f643a85ac2e212108b822e2ed22705aa1da98db515cc010ea5f803a227be1c919", + "credential_response": "3243003d14d0d29621c4136f9ce9a09d4fc24e77fccffeb9619134a26d14c2264df6e5189bce92a87ade075e4bfb5aba25e1a215c9da97bfefe3751abbd516f77933211492cc397232556fd7092e998fb80ef2d5fb351cec4ab89864fc6822dcb7c88065773da1f9f89df37a18e012c60a90a8464242bd0b627dfd62a435f2ae4ddb54d57b3fb76f625cdb71b1e1927558c3e378503dd17251997c9d19dba8bb0331f474eb49035edc30b4cb8eec75ad261c6ef789ce1dd24d1dc1c1a4004cb36802638853a41e9773fe51a9ab442465176e2ccef3eb3855a343a411ac35e952925e2d2267d597d6f6a672cd95f6ea7ec152ea4d47d4cc7806ae406910627c2f2e8511ea4a4440a7538f7a964f7e789c8041e7a7bafb60c9c07bf9748a435da4a0b6cd195136427cca4414894202913585e488eb1f3406d3e272415827ddc137", + "credential_finalization": "f3b767aeabf8fccbabee31baae90ccb95f0aff73824f8832e1ef91d988f873d4c1c92c6dd47cc3b6cf3d9ba3d74d2111e7709060da1ad17eda5697ad5bdf1523", + "client_registration_state": "7dbc12dd8b1280bc76567b32f150e1c96a7d88d8dbb7083eae67c85990905e01ac14c0042d20a0feb27ef3215db82e66786872cddc0568508318526477cc1830", + "client_login_state": "7dbc12dd8b1280bc76567b32f150e1c96a7d88d8dbb7083eae67c85990905e01ac14c0042d20a0feb27ef3215db82e66786872cddc0568508318526477cc18301e930824df3cd0e4d0423a87371ad1d903770fed134a2ff5839493ea29d4ac5f643a85ac2e212108b822e2ed22705aa1da98db515cc010ea5f803a227be1c91970662c87da47502582f94edcc41babaf50eff95125ac666a9ff02f06c852276a1e930824df3cd0e4d0423a87371ad1d903770fed134a2ff5839493ea29d4ac5f", + "server_login_state": "74116bce8ba020be04b87f65f0cc7687f01538ba573c931ce11b761dd032e7112a2da04f92adda01a33682e425fda5ec0d473f8fabf9bf5f35ccf226e05dd89399de8bb7f84e9ff90a9e0090c98cd3fcfa930da647db50ccea008d44810297c92e0a27400591aabfe0878c2c7040b6a67da760c0d88fba2443b5f0840afe274edd42475990df27dfd26d3823e429e7092664f5cc3e12e9ca4854f44e8d589d79a1a9b796137c2e72e3ff79aceeaf34aa885f1986b849ddee8d3b8635a79a5e41", + "password_file": "3b7ccbd3e9aba6b0e1b04e2fe7a5a1e7a9e1d4c2ab66e87e2626ab585c50fb3d8f6ce5c600adf8bb328211944c9ff00135fafad3b3552806bda433db0ea2be69f9abc83d572dfefa4d0062dd98f73a51cf9398621fd7398584488614f611ed3748064fdc57a4f75dd1e07013c7123cc9f63bcc7cc812fd4d6785b10d323b254917976677c28c001c43665f9709975a5c403a2fbbaf2fe853b80497ca5bb0e8300c671775ced7247fe6304c34c4f1f96ddcab1323682741cf899a9d208d392ce0", + "export_key": "2bd139ff06ca5fe9897640fefbd00380b080239efb84d796df997c235306c9829e52694193f0d0e2bb69235e42276fffa933b436ebd6132a59d7062f3a74b83d", + "session_key": "dd42475990df27dfd26d3823e429e7092664f5cc3e12e9ca4854f44e8d589d79a1a9b796137c2e72e3ff79aceeaf34aa885f1986b849ddee8d3b8635a79a5e41" } "#;