Testing fake logins.

src/common.ts

@@ -13,6 +13,7 @@ import {
     Oprf,
     SuiteID,
     deriveKeyPair,
+    generateKeyPair,
     getKeySizes
 } from '@cloudflare/voprf-ts'
 import { CredentialResponse, KE1 } from './messages.js'
@@ -235,4 +236,9 @@ export class AKE3DH implements AKEFn {
         )
         return { private_key: keypair.privateKey, public_key: keypair.publicKey }
     }
+
+    async generateDHKeyPair(): Promise<AKEKeyPair> {
+        const keypair = await generateKeyPair(this.suiteID)
+        return { private_key: keypair.privateKey, public_key: keypair.publicKey }
+    }
 }

src/messages.ts

@@ -204,13 +204,11 @@ export class RegistrationRecord extends Serializable {
         return new RegistrationRecord(cfg, client_public_key, masking_key, envelope)
     }
 
-    static async createFake(cfg: Config): Promise<RegistrationRecord> {
-        const seed = cfg.prng.random(cfg.constants.Nseed)
-        const { public_key: client_public_key } = await cfg.ake.deriveDHKeyPair(
-            new Uint8Array(seed)
-        )
+    static async createFakeRecord(cfg: Config): Promise<RegistrationRecord> {
+        const { public_key: client_public_key } = await cfg.ake.generateDHKeyPair()
         const masking_key = new Uint8Array(cfg.prng.random(cfg.hash.Nh))
-        const envelope = Envelope.deserialize(cfg, new Array(Envelope.sizeSerialized(cfg)).fill(0))
+        const zero_envelope_bytes = new Array(Envelope.sizeSerialized(cfg))
+        const envelope = Envelope.deserialize(cfg, zero_envelope_bytes)
 
         return new RegistrationRecord(cfg, client_public_key, masking_key, envelope)
     }

src/opaque_client.ts

@@ -99,11 +99,7 @@ export class OpaqueClient implements RegistrationClient, AuthClient {
           }
         | Error
     > {
-        if (
-            this.status !== OpaqueClient.States.REG_STARTED ||
-            typeof this.password === 'undefined' ||
-            typeof this.blind === 'undefined'
-        ) {
+        if (this.status !== OpaqueClient.States.REG_STARTED || !this.password || !this.blind) {
             return new Error('client not ready')
         }
         const te = new TextEncoder()

src/thecrypto.ts

@@ -164,6 +164,7 @@ export interface AKEFn {
     readonly Nsk: number // Nsk: The size of AKE private keys.
     readonly Npk: number // Npk: The size of AKE public keys.
     deriveDHKeyPair(seed: Uint8Array): Promise<AKEKeyPair>
+    generateDHKeyPair(): Promise<AKEKeyPair>
 }
 
 export interface OPRFFn {

src/util.ts

@@ -87,7 +87,7 @@ export function decode_vector_16(a: Uint8Array): {
 
 export function checked_vector(a: Uint8Array, n: number, str = 'array'): Uint8Array {
     if (a.length < n) {
-        throw new Error(`${str} has wrong length`)
+        throw new Error(`${str} has wrong length of ${a.length} expected ${n}`)
     }
     return a.slice(0, n)
 }

test/common.ts

@@ -5,6 +5,7 @@
 
 export class KVStorage {
     kvStorage: Map<string, Uint8Array>
+    default_key?: string
 
     constructor() {
         this.kvStorage = new Map<string, Uint8Array>()
@@ -22,6 +23,26 @@ export class KVStorage {
         }
         return false
     }
+
+    set_default(k: string, v: Uint8Array): boolean {
+        const ok = this.store(k, v)
+        this.default_key = k
+        return ok
+    }
+
+    lookup_or_default(k: string): Uint8Array {
+        const err_msj = 'no default entry has been set'
+        if (!this.default_key) {
+            throw new Error(err_msj)
+        }
+
+        const v = this.kvStorage.get(k) ?? this.kvStorage.get(this.default_key)
+        if (!v) {
+            throw new Error(err_msj)
+        }
+
+        return v
+    }
 }
 
 export function fromHexString(x: string): string {