I am having a compatibility issue with another library, similar to Issue #198 . The shared key obtained isn't the expected one.
So, in order to determine which one is correct, I have tested against the Test vector provided by the RFC:
https://www.rfc-editor.org/rfc/rfc7748#section-6.1
It seems your library doesn't provide the expected value.
I attach the code I used for testing in case my test is wrongly implemented:
If we avoid the validation (commenting it) the test obviously doesn't pass: you get a derived secret which is not the same in both cases and not equal to expected value.
Hi,
I am having a compatibility issue with another library, similar to Issue #198 . The shared key obtained isn't the expected one. So, in order to determine which one is correct, I have tested against the Test vector provided by the RFC: https://www.rfc-editor.org/rfc/rfc7748#section-6.1
It seems your library doesn't provide the expected value.
I attach the code I used for testing in case my test is wrongly implemented:
I have tried to debug the issue and it seems that the public keys are not validated (while they are the ones provided by the test vector in the spec), in https://github.com/indutny/elliptic/blob/43ac7f230069bd1575e1e4a58394a512303ba803/lib/elliptic/ec/key.js#L103
The validation fails on the validation of the montgomery curve: https://github.com/indutny/elliptic/blob/43ac7f230069bd1575e1e4a58394a512303ba803/lib/elliptic/curve/mont.js#L25
If we avoid the validation (commenting it) the test obviously doesn't pass: you get a derived secret which is not the same in both cases and not equal to expected value.