RGLC draft change alignment

[chris-wood]

I think this catches everything, and should be the last update for the document. To the folks here: please check your implementation against the main branch of HPKE (and pending changes here) and shout if you see a discrepancy! 🙏

cc @dmcardle, @kevinjacobs, @rozbb, @kjacobs-moz, @blipp, @raphaelrobert, @fredericjacobs

[dmcardle]

Looks good. New test vectors pass for BoringSSL's C and BoGo implementations. Note that we only implement the SetupBase and SetupPSK functions, and only support DHKEM(X25519, HKDF-SHA256).

[kjacobs-moz]

I can confirm: the new vectors pass in NSS as well ([SetupBase*, SetupPSK*] with DHKEM(X25519, HKDF-SHA256) and [ChaCha20Poly1305, AES-128-GCM]. Thanks!

[rozbb]

Does not validate against rust-hpke. The newest changes to the spec remove the space after the RFC label, i.e., it's now HPKE-06 with no trailing space.

Lines that need changing are here and here.

[chris-wood]

Does not validate against rust-hpke. The newest changes to the spec remove the space after the RFC label, i.e., it's now HPKE-06 with no trailing space.

Great catch! Fixed. @dmcardle, @kjacobs-moz, can you please try again?

[dmcardle]

Yikes, I should have caught that dropped space.

BoringSSL's Go and C implementations are passing again after (1) dropping the space from "HPKE-06 " and (2) replacing the "iv" label with "base_nonce".

[kjacobs-moz]

Good catch indeed. All passing here with the updates.

[rozbb]

Passes with rust-hpke, which supports everything except for X448, P-384, and P-521