RFC Errata
RFC 9180, "Hybrid Public Key Encryption", February 2022
Source of RFC: IRTF
Errata ID: 7121
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Shane Lontis
Date Reported: 2022-09-07
Section Appendix A says:
A.1.1 skEm 52c4a758a802cd8b936eceea314432798d5baf2d7e9235dc084ab1b9cfa2f736 skRm 4612c550263fc8ad58375df3f557aac531d26850903e55a9f23f21d8534e8ac8 A.1.2 skEm 463426a9ffb42bb17dbe6044b9abd1d4e4d95f9041cef0e99d7824eef2b6f588 skRm c5eb01eb457fe6c6f57577c5413b931550a162c71a03ac8d196babbd4e5ce0fd A.1.3 skEm ff4442ef24fbc3c1ff86375b0be1e77e88a0de1e79b30896d73411c5ff4c3518 skRm fdea67cf831f1ca98d8e27b1f6abeb5b7745e9d35348b80fa407ff6958f9137e skSm dc4a146313cce60a278a5323d321f051c5707e9c45ba21a3479fecdf76fc69dd A.1.4 skEm 14de82a5897b613616a00c39b87429df35bc2b426bcfd73febcb45e903490768 skRm cb29a95649dc5656c2d054c1aa0d3df0493155e9d5da6d7e344ed8b6a64a9423 skSm fc1c87d2f3832adb178b431fce2ac77c7ca2fd680f3406c77b5ecdf818b119f4 A.2.1 skEm f4ec9b33b792c372c1d2c2063507b684ef925b8c75a42dbcbf57d63ccd381600 skRm 8057991eef8f1f1af18f4a9491d16a1ce333f695d4db8e38da75975c4478e0fb A.2.2 skEm 0c35fdf49df7aa01cd330049332c40411ebba36e0c718ebc3edf5845795f6321 skRm 77d114e0212be51cb1d76fa99dd41cfd4d0166b08caa09074430a6c59ef17879 A.2.3 skEm c94619e1af28971c8fa7957192b7e62a71ca2dcdde0a7cc4a8a9e741d600ab13 skRm 3ca22a6d1cda1bb9480949ec5329d3bf0b080ca4c45879c95eddb55c70b80b82 skSm 2def0cb58ffcf83d1062dd085c8aceca7f4c0c3fd05912d847b61f3e54121f05 A.2.4 skEm 5e6dd73e82b856339572b7245d3cbb073a7561c0bee52873490e305cbb710410 skRm 7b36a42822e75bf3362dfabbe474b3016236408becb83b859a6909e22803cb0c skSm 90761c5b0a7ef0985ed66687ad708b921d9803d51637c8d1cb72d03ed0f64418 A.7.1 skEm 095182b502f1f91f63ba584c7c3ec473d617b8b4c2cec3fad5af7fa6748165ed skRm 33d196c830a12f9ac65d6e565a590d80f04ee9b19c83c87f2c170d972a812848 A.7.2 skEm 1d72396121a6a826549776ef1a9d2f3a2907fc6a38902fa4e401afdb0392e627 skRm 98f304d4ecb312689690b113973c61ffe0aa7c13f2fbe365e48f3ed09e5a6a0c A.7.3 skEm 83d3f217071bbf600ba6f081f6e4005d27b97c8001f55cb5ff6ea3bbea1d9295 skRm ed88cda0e91ca5da64b6ad7fc34a10f096fa92f0b9ceff9d2c55124304ed8b4a skSm c85f136e06d72d28314f0e34b10aadc8d297e9d71d45a5662c2b7c3b9f9f9405 A.7.4 skEm a2b43f5c67d0d560ee04de0122c765ea5165e328410844db97f74595761bbb81 skRm c4962a7f97d773a47bdf40db4b01dc6a56797c9e0deaab45f4ea3aa9b1d72904 skSm 6175b2830c5743dff5b7568a7e20edb1fe477fb0487ca21d6433365be90234d0
It should say:
A.1.1 skEm 50c4a758a802cd8b936eceea314432798d5baf2d7e9235dc084ab1b9cfa2f776 skRm 4012c550263fc8ad58375df3f557aac531d26850903e55a9f23f21d8534e8a48 A.1.2 skEm 403426a9ffb42bb17dbe6044b9abd1d4e4d95f9041cef0e99d7824eef2b6f548 skRm c0eb01eb457fe6c6f57577c5413b931550a162c71a03ac8d196babbd4e5ce07d A.1.3 skEm f84442ef24fbc3c1ff86375b0be1e77e88a0de1e79b30896d73411c5ff4c3558 skRm f8ea67cf831f1ca98d8e27b1f6abeb5b7745e9d35348b80fa407ff6958f9137e skSm d84a146313cce60a278a5323d321f051c5707e9c45ba21a3479fecdf76fc695d A.1.4 skEm 10de82a5897b613616a00c39b87429df35bc2b426bcfd73febcb45e903490768 skRm c829a95649dc5656c2d054c1aa0d3df0493155e9d5da6d7e344ed8b6a64a9463 skSm f81c87d2f3832adb178b431fce2ac77c7ca2fd680f3406c77b5ecdf818b11974 A.2.1 skEm f0ec9b33b792c372c1d2c2063507b684ef925b8c75a42dbcbf57d63ccd381640 skRm 8057991eef8f1f1af18f4a9491d16a1ce333f695d4db8e38da75975c4478e07b A.2.2 skEm 0835fdf49df7aa01cd330049332c40411ebba36e0c718ebc3edf5845795f6361 skRm 70d114e0212be51cb1d76fa99dd41cfd4d0166b08caa09074430a6c59ef17879 A.2.3 skEm c84619e1af28971c8fa7957192b7e62a71ca2dcdde0a7cc4a8a9e741d600ab53 skRm 38a22a6d1cda1bb9480949ec5329d3bf0b080ca4c45879c95eddb55c70b80b42 skSm 28ef0cb58ffcf83d1062dd085c8aceca7f4c0c3fd05912d847b61f3e54121f45 A.2.4 skEm 586dd73e82b856339572b7245d3cbb073a7561c0bee52873490e305cbb710450 skRm 7836a42822e75bf3362dfabbe474b3016236408becb83b859a6909e22803cb4c skSm 90761c5b0a7ef0985ed66687ad708b921d9803d51637c8d1cb72d03ed0f64458 A.7.1 skEm 085182b502f1f91f63ba584c7c3ec473d617b8b4c2cec3fad5af7fa67481656d skRm 30d196c830a12f9ac65d6e565a590d80f04ee9b19c83c87f2c170d972a812848 A.7.2 skEm 1872396121a6a826549776ef1a9d2f3a2907fc6a38902fa4e401afdb0392e667 skRm 98f304d4ecb312689690b113973c61ffe0aa7c13f2fbe365e48f3ed09e5a6a4c A.7.3 skEm 80d3f217071bbf600ba6f081f6e4005d27b97c8001f55cb5ff6ea3bbea1d9255 skRm e888cda0e91ca5da64b6ad7fc34a10f096fa92f0b9ceff9d2c55124304ed8b4a skSm c85f136e06d72d28314f0e34b10aadc8d297e9d71d45a5662c2b7c3b9f9f9445 A.7.4 skEm a0b43f5c67d0d560ee04de0122c765ea5165e328410844db97f74595761bbb41 skRm c0962a7f97d773a47bdf40db4b01dc6a56797c9e0deaab45f4ea3aa9b1d72944 skSm 6075b2830c5743dff5b7568a7e20edb1fe477fb0487ca21d6433365be9023450
Notes:
The introduction section in Appendix A states that
'Each key pair (skX, pkX) is written in its serialized form, where skXm = SerializePrivateKey(skX) '
For X25519 entries this means that values for skXm should be clamped in the following way to modify the first and last bytes:
skXm[0] &= 248;
skXm[skXmlen - 1] &= 127;
skXm[skXmlen - 1] |= 64;
(See Section 5 of https://www.ietf.org/rfc/rfc7748.txt)