Thanks everyone for the feedback on these erratas. I've processed them accordingly.
Thanks! Paul On Fri, Jul 28, 2023 at 1:48 AM Tobias Brunner <[email protected]> wrote: > Hi Tero, > > > https://www.rfc-editor.org/errata/eid6339 > > > > This complains that "Curve25519 and Curve448 for IKEv2" RFC > > 8051, has Appendix A public keys for X25519 generated > > incorrectly. I am not able to verify this as I do not have > > code to verify the generated test vectors. If someone has code > > that can verify the test vectors, please do so and report > > here. > > The original test vector works for us (verified with multiple X25519 > implementations). I think most of the confusion comes from the > different formatting of the values when compared to the test vectors in > RFC 7749 (in particular d_i/r). > > In the latter, the values are given as long hex strings. It states: > > "The inputs are generally given as 64 or 112 hexadecimal digits that > need to be decoded as 32 or 56 binary bytes before processing." > > So these values are byte strings, i.e. each two hex digits simply > represent a byte. For the random_i/r, pub_i/r and SHARED_SECRET values > in RFC 8031 this has been made a bit clearer by separating the > individual bytes. > > But then there are the d_i and d_r values. These are given as long hex > strings, however, unlike those in RFC 7749, they are not byte strings > but actually the numbers in base 16 after decoding the binary values > fixed_i/r as little-endian. Note that RFC 7749 also gives the decoded > numeric values of some of the inputs, but does so in base 10 thus > avoiding this confusion. > > So in RFC 8031 it would have been clearer if these values were either > prefixed with 0x: > > d_i = 0x549D5F4A460900E6D9F63F53586AD1DD8CEAF925739B78B676B4558630B41F70 > d_r = 0x4856A039B8F178E9A1550722DCEF01559ECDBA30E0D0ADDD600D295352645408 > > or also given in base 10: > > d_i = 38272331938479145686941743521879072306 > 324697418955568337792079861743202082672 > d_r = 32719579781175365148694953981896303820 > 370069993938279311538545124444601603080 > > Regards, > Tobias > >
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
