diff --git a/oprf/keys.go b/oprf/keys.go index c4859ba4e..151f77849 100644 --- a/oprf/keys.go +++ b/oprf/keys.go @@ -66,7 +66,7 @@ func GenerateKey(s Suite, rnd io.Reader) (*PrivateKey, error) { return &PrivateKey{p, privateKey, nil}, nil } -// DeriveKey generates a private key from a given seed and optional info string. +// DeriveKey generates a private key from a 32-byte seed and an optional info string. func DeriveKey(s Suite, mode Mode, seed, info []byte) (*PrivateKey, error) { const maxTries = 255 p, ok := s.(params) @@ -76,6 +76,9 @@ func DeriveKey(s Suite, mode Mode, seed, info []byte) (*PrivateKey, error) { if !isValidMode(mode) { return nil, ErrInvalidMode } + if len(seed) != 32 { + return nil, ErrInvalidSeed + } p.m = mode lenInfo := []byte{0, 0} diff --git a/oprf/oprf.go b/oprf/oprf.go index febe5b1e1..c8a8774c0 100644 --- a/oprf/oprf.go +++ b/oprf/oprf.go @@ -4,7 +4,7 @@ // computing the output of a PRF. One party (the server) holds the PRF secret // key, and the other (the client) holds the PRF input. // -// This package is compatible with the OPRF specification at draft-irtf-cfrg-voprf [1]. +// This package is compatible with the OPRF specification at RFC-9497 [1]. // // # Protocol Overview // @@ -43,7 +43,7 @@ // // # References // -// [1] draft-irtf-cfrg-voprf: https://datatracker.ietf.org/doc/draft-irtf-cfrg-voprf +// [1] RFC-9497: https://www.rfc-editor.org/info/rfc9497 package oprf import ( @@ -237,19 +237,20 @@ func mustWrite(h io.Writer, bytes []byte) { panic(err) } if len(bytes) != bytesLen { - panic("failed to write") + panic("oprf: failed to write") } } var ( - ErrInvalidSuite = errors.New("invalid suite") - ErrInvalidMode = errors.New("invalid mode") - ErrDeriveKeyPairError = errors.New("key pair derivation failed") - ErrInvalidInput = errors.New("invalid input") - ErrInvalidInfo = errors.New("invalid info") - ErrInvalidProof = errors.New("proof verification failed") - ErrInverseZero = errors.New("inverting a zero value") - ErrNoKey = errors.New("must provide a key") + ErrInvalidSuite = errors.New("oprf: invalid suite") + ErrInvalidMode = errors.New("oprf: invalid mode") + ErrDeriveKeyPairError = errors.New("oprf: key pair derivation failed") + ErrInvalidInput = errors.New("oprf: invalid input") + ErrInvalidSeed = errors.New("oprf: invalid seed size") + ErrInvalidInfo = errors.New("oprf: invalid info") + ErrInvalidProof = errors.New("oprf: proof verification failed") + ErrInverseZero = errors.New("oprf: inverting a zero value") + ErrNoKey = errors.New("oprf: must provide a key") ) type ( diff --git a/oprf/testdata/allVectors.json b/oprf/testdata/rfc9497.json similarity index 100% rename from oprf/testdata/allVectors.json rename to oprf/testdata/rfc9497.json diff --git a/oprf/vectors_test.go b/oprf/vectors_test.go index f21703b86..774dc50fa 100644 --- a/oprf/vectors_test.go +++ b/oprf/vectors_test.go @@ -107,6 +107,7 @@ func (v *vector) SetUpParties(t *testing.T) (id params, s commonServer, c common suite, err := GetSuite(v.Identifier) test.CheckNoErr(t, err, "suite id") seed := toBytes(t, v.Seed, "seed for key derivation") + test.CheckOk(len(seed) == 32, ErrInvalidSeed.Error(), t) keyInfo := toBytes(t, v.KeyInfo, "info for key derivation") privateKey, err := DeriveKey(suite, v.Mode, seed, keyInfo) test.CheckNoErr(t, err, "deriving key") @@ -237,10 +238,9 @@ func (v *vector) test(t *testing.T) { } func TestVectors(t *testing.T) { - // Draft published at https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-10 + // RFC-9497 published at https://www.rfc-editor.org/info/rfc9497 // Test vectors at https://github.com/cfrg/draft-irtf-cfrg-voprf - // Version supported: v10 - v := readFile(t, "testdata/allVectors.json") + v := readFile(t, "testdata/rfc9497.json") for i := range v { suite, err := GetSuite(v[i].Identifier) diff --git a/zk/dleq/dleq.go b/zk/dleq/dleq.go index 6527b0c3a..1e7cce84a 100644 --- a/zk/dleq/dleq.go +++ b/zk/dleq/dleq.go @@ -6,7 +6,7 @@ // // References: // -// [1] draft-irtf-cfrg-voprf: https://datatracker.ietf.org/doc/draft-irtf-cfrg-voprf +// [1] RFC-9497: https://www.rfc-editor.org/info/rfc9497 package dleq import (