Skip to content

Commit

Permalink
hpke: fix encapsulation seed in test for xyber
Browse files Browse the repository at this point in the history
Instead of providing an ephemeral keypair for test vectors,
for which Kyber does not have an analogue, we provide the encapsulation seed.
  • Loading branch information
bwesterb committed Apr 14, 2023
1 parent 808526a commit aef7250
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 13 deletions.
2 changes: 1 addition & 1 deletion hpke/testdata/hybrid-x25119-kyber768-test-vectors.json

Large diffs are not rendered by default.

26 changes: 14 additions & 12 deletions hpke/vectors_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -228,16 +228,17 @@ type vector struct {
KdfID uint16 `json:"kdf_id"`
AeadID uint16 `json:"aead_id"`
Info string `json:"info"`
Ier string `json:"ier,omitempty"`
IkmR string `json:"ikmR"`
IkmE string `json:"ikmE"`
IkmE string `json:"ikmE,omitempty"`
SkRm string `json:"skRm"`
SkEm string `json:"skEm"`
SkEm string `json:"skEm,omitempty"`
SkSm string `json:"skSm,omitempty"`
Psk string `json:"psk,omitempty"`
PskID string `json:"psk_id,omitempty"`
PkSm string `json:"pkSm,omitempty"`
PkRm string `json:"pkRm"`
PkEm string `json:"pkEm"`
PkEm string `json:"pkEm,omitempty"`
Enc string `json:"enc"`
SharedSecret string `json:"shared_secret"`
KeyScheduleContext string `json:"key_schedule_context"`
Expand Down Expand Up @@ -344,10 +345,8 @@ func TestHybridKemRoundTrip(t *testing.T) {
t.Error(err)
}

ikmE, pkE, skE, err := generateHybridKeyPair(rnd, kemID.Scheme())
if err != nil {
t.Error(err)
}
ier := make([]byte, 64)
_, _ = rnd.Read(ier)

receiver, err := suite.NewReceiver(skR, info)
if err != nil {
Expand All @@ -366,9 +365,10 @@ func TestHybridKemRoundTrip(t *testing.T) {
opener Opener
enc []byte
)
rnd2 := bytes.NewBuffer(ier)
switch mode {
case modeBase:
enc, sealer, err2 = sender.Setup(rnd)
enc, sealer, err2 = sender.Setup(rnd2)
if err2 != nil {
t.Error(err2)
}
Expand All @@ -377,7 +377,7 @@ func TestHybridKemRoundTrip(t *testing.T) {
t.Error(err2)
}
case modePSK:
enc, sealer, err2 = sender.SetupPSK(rnd, psk, pskid)
enc, sealer, err2 = sender.SetupPSK(rnd2, psk, pskid)
if err2 != nil {
t.Error(err2)
}
Expand All @@ -389,6 +389,10 @@ func TestHybridKemRoundTrip(t *testing.T) {
panic("unsupported mode")
}

if rnd2.Len() != 0 {
t.Fatal()
}

innerSealer := sealer.(*sealContext)

encryptions, err2 := generateEncryptions(sealer, opener, msg)
Expand All @@ -405,13 +409,11 @@ func TestHybridKemRoundTrip(t *testing.T) {
KemID: uint16(kemID),
KdfID: uint16(kdfID),
AeadID: uint16(aeadID),
Ier: hex.EncodeToString(ier),
Info: hex.EncodeToString(info),
IkmR: hex.EncodeToString(ikmR),
IkmE: hex.EncodeToString(ikmE),
SkRm: hex.EncodeToString(mustEncodePrivateKey(skR)),
SkEm: hex.EncodeToString(mustEncodePrivateKey(skE)),
PkRm: hex.EncodeToString(mustEncodePublicKey(pkR)),
PkEm: hex.EncodeToString(mustEncodePublicKey(pkE)),
Enc: hex.EncodeToString(enc),
SharedSecret: hex.EncodeToString(innerSealer.sharedSecret),
KeyScheduleContext: hex.EncodeToString(innerSealer.keyScheduleContext),
Expand Down

0 comments on commit aef7250

Please sign in to comment.