WIP: Generate shared secret using ECDH on secp256k1

go.mod

@@ -2,11 +2,15 @@ module git.ekzyis.com/ekzyis/nip44
 
 go 1.21.0
 
+require (
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0
+	github.com/stretchr/testify v1.8.4
+	golang.org/x/crypto v0.13.0
+)
+
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/stretchr/testify v1.8.4 // indirect
-	golang.org/x/crypto v0.13.0 // indirect
 	golang.org/x/sys v0.12.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -1,5 +1,7 @@
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
@@ -8,6 +10,7 @@ golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

nip44.go

@@ -11,6 +11,7 @@ import (
 	"io"
 	"math"
 
+	"github.com/decred/dcrd/dcrec/secp256k1/v4"
 	"golang.org/x/crypto/chacha20"
 	"golang.org/x/crypto/hkdf"
 )
@@ -24,7 +25,7 @@ type EncryptOptions struct {
 	Version int
 }
 
-func Encrypt(key []byte, plaintext string, options *EncryptOptions) (string, error) {
+func Encrypt(conversationKey []byte, plaintext string, options *EncryptOptions) (string, error) {
 	var (
 		version    int = 2
 		salt       []byte
@@ -53,7 +54,7 @@ func Encrypt(key []byte, plaintext string, options *EncryptOptions) (string, err
 	if len(salt) != 32 {
 		return "", errors.New("salt must be 32 bytes")
 	}
-	if enc, nonce, auth, err = messageKeys(key, salt); err != nil {
+	if enc, nonce, auth, err = messageKeys(conversationKey, salt); err != nil {
 		return "", err
 	}
 	if padded, err = pad(plaintext); err != nil {
@@ -70,7 +71,7 @@ func Encrypt(key []byte, plaintext string, options *EncryptOptions) (string, err
 	return base64.StdEncoding.EncodeToString(concat), nil
 }
 
-func Decrypt(key []byte, ciphertext string) (string, error) {
+func Decrypt(conversationKey []byte, ciphertext string) (string, error) {
 	var (
 		version     int = 2
 		decoded     []byte
@@ -97,7 +98,7 @@ func Decrypt(key []byte, ciphertext string) (string, error) {
 	}
 	dLen = len(decoded)
 	salt, ciphertext_, hmac_ = decoded[1:33], decoded[33:dLen-32], decoded[dLen-32:]
-	if enc, nonce, auth, err = messageKeys(key, salt); err != nil {
+	if enc, nonce, auth, err = messageKeys(conversationKey, salt); err != nil {
 		return "", err
 	}
 	if !bytes.Equal(hmac_, sha256Hmac(auth, ciphertext_)) {
@@ -114,6 +115,23 @@ func Decrypt(key []byte, ciphertext string) (string, error) {
 	return string(unpadded), nil
 }
 
+func GenerateConversationKey(sendPrivkey []byte, recvPubkey []byte) ([]byte, error) {
+	var (
+		privkey *secp256k1.PrivateKey
+		pubkey  *secp256k1.PublicKey
+		err     error
+	)
+	if len(recvPubkey) == 32 {
+		// pubkey must be in compressed format
+		recvPubkey = append([]byte{0x2}, recvPubkey...)
+	}
+	privkey = secp256k1.PrivKeyFromBytes(sendPrivkey)
+	if pubkey, err = secp256k1.ParsePubKey(recvPubkey); err != nil {
+		return nil, err
+	}
+	return secp256k1.GenerateSharedSecret(privkey, pubkey), nil
+}
+
 func chacha20_(key []byte, nonce []byte, message []byte) ([]byte, error) {
 	var (
 		cipher *chacha20.Cipher

nip44_test.go

@@ -8,53 +8,91 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func assertCrypt(t *testing.T, key string, salt string, plaintext string, expected string) {
+func assertCrypt(t *testing.T, privkey string, pubkey string, conversationKey string, salt string, plaintext string, expected string) {
 	var (
-		k         []byte
-		s         []byte
-		actual    string
-		decrypted string
-		err       error
-		ok        bool
+		decodedPrivkey []byte
+		decodedPubkey  []byte
+		k1             []byte
+		k2             []byte
+		s              []byte
+		actual         string
+		decrypted      string
+		ok             bool
+		err            error
 	)
-	k, err = hex.DecodeString(key)
-	if ok = assert.NoErrorf(t, err, "hex decode failed for key: %v", err); !ok {
+	decodedPrivkey, err = hex.DecodeString(privkey)
+	if ok = assert.NoErrorf(t, err, "hex decode failed for private key: %v", err); !ok {
+		return
+	}
+	decodedPubkey, err = hex.DecodeString(pubkey)
+	if ok = assert.NoErrorf(t, err, "hex decode failed for public key: %v", err); !ok {
+		return
+	}
+	k1, err = hex.DecodeString(conversationKey)
+	if ok = assert.NoErrorf(t, err, "hex decode failed for conversation key: %v", err); !ok {
+		return
+	}
+	k2, err = nip44.GenerateConversationKey(decodedPrivkey, decodedPubkey)
+	if ok = assert.NoErrorf(t, err, "failed to generate conversation key: %v", err); !ok {
+		return
+	}
+	if ok = assert.Equalf(t, k1, k2, "wrong conversation key"); !ok {
 		return
 	}
 	s, err = hex.DecodeString(salt)
 	if ok = assert.NoErrorf(t, err, "hex decode failed for salt: %v", err); !ok {
 		return
 	}
-	actual, err = nip44.Encrypt(k, plaintext, &nip44.EncryptOptions{Salt: s})
+	actual, err = nip44.Encrypt(k1, plaintext, &nip44.EncryptOptions{Salt: s})
 	if ok = assert.NoError(t, err, "encryption failed: %v", err); !ok {
 		return
 	}
 	if ok = assert.Equalf(t, expected, actual, "wrong encryption"); !ok {
 		return
 	}
-	decrypted, err = nip44.Decrypt(k, expected)
+	decrypted, err = nip44.Decrypt(k1, expected)
 	if ok = assert.NoErrorf(t, err, "decryption failed: %v", err); !ok {
 		return
 	}
 	assert.Equal(t, decrypted, plaintext, "wrong decryption")
 }
 
-func assertDecryptFail(t *testing.T, key string, ciphertext string, msg string) {
+func assertDecryptFail(t *testing.T, privkey string, pubkey string, conversationKey string, ciphertext string, msg string) {
 	var (
-		k   []byte
-		err error
-		ok  bool
+		decodedPrivkey []byte
+		decodedPubkey  []byte
+		k1             []byte
+		k2             []byte
+		ok             bool
+		err            error
 	)
-	k, err = hex.DecodeString(key)
-	if ok = assert.NoErrorf(t, err, "hex decode failed for key: %v", err); !ok {
+	decodedPrivkey, err = hex.DecodeString(privkey)
+	if ok = assert.NoErrorf(t, err, "hex decode failed for private key: %v", err); !ok {
 		return
 	}
-	_, err = nip44.Decrypt(k, ciphertext)
+	decodedPubkey, err = hex.DecodeString(pubkey)
+	if ok = assert.NoErrorf(t, err, "hex decode failed for public key: %v", err); !ok {
+		return
+	}
+	k1, err = hex.DecodeString(conversationKey)
+	if ok = assert.NoErrorf(t, err, "hex decode failed for conversation key: %v", err); !ok {
+		return
+	}
+	k2, err = nip44.GenerateConversationKey(decodedPrivkey, decodedPubkey)
+	if ok = assert.NoErrorf(t, err, "failed to generate conversation key: %v", err); !ok {
+		return
+	}
+	if ok = assert.Equalf(t, k1, k2, "wrong conversation key"); !ok {
+		return
+	}
+	_, err = nip44.Decrypt(k1, ciphertext)
 	assert.ErrorContains(t, err, msg)
 }
 
 func TestCrypt001(t *testing.T) {
 	assertCrypt(t,
+		"0000000000000000000000000000000000000000000000000000000000000001",
+		"0000000000000000000000000000000000000000000000000000000000000002",
 		"c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5",
 		"0000000000000000000000000000000000000000000000000000000000000001",
 		"a",
@@ -64,6 +102,8 @@ func TestCrypt001(t *testing.T) {
 
 func TestCrypt002(t *testing.T) {
 	assertCrypt(t,
+		"0000000000000000000000000000000000000000000000000000000000000002",
+		"0000000000000000000000000000000000000000000000000000000000000001",
 		"c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5",
 		"f00000000000000000000000000000f00000000000000000000000000000000f",
 		"🍕🫃",
@@ -73,6 +113,8 @@ func TestCrypt002(t *testing.T) {
 
 func TestCrypt003(t *testing.T) {
 	assertCrypt(t,
+		"5c0c523f52a5b6fad39ed2403092df8cebc36318b39383bca6c00808626fab3a",
+		"4b22aa260e4acb7021e32f38a6cdf4b673c6a277755bfce287e370c924dc936d",
 		"94da47d851b9c1ed33b3b72f35434f56aa608d60e573e9c295f568011f4f50a4",
 		"b635236c42db20f021bb8d1cdff5ca75dd1a0cc72ea742ad750f33010b24f73b",
 		"表ポあA鷗ŒéＢ逍Üߪąñ丂㐀𠀀",
@@ -82,6 +124,8 @@ func TestCrypt003(t *testing.T) {
 
 func TestCrypt004(t *testing.T) {
 	assertCrypt(t,
+		"8f40e50a84a7462e2b8d24c28898ef1f23359fff50d8c509e6fb7ce06e142f9c",
+		"b9b0a1e9cc20100c5faa3bbe2777303d25950616c4c6a3fa2e3e046f936ec2ba",
 		"ab99c122d4586cdd5c813058aa543d0e7233545dbf6874fc34a3d8d9a18fbbc3",
 		"b20989adc3ddc41cd2c435952c0d59a91315d8c5218d5040573fc3749543acaf",
 		"ability🤝的 ȺȾ",
@@ -91,6 +135,8 @@ func TestCrypt004(t *testing.T) {
 
 func TestCrypt005(t *testing.T) {
 	assertCrypt(t,
+		"875adb475056aec0b4809bd2db9aa00cff53a649e7b59d8edcbf4e6330b0995c",
+		"9c05781112d5b0a2a7148a222e50e0bd891d6b60c5483f03456e982185944aae",
 		"a449f2a85c6d3db0f44c64554a05d11a3c0988d645e4b4b2592072f63662f422",
 		"8d4442713eb9d4791175cb040d98d6fc5be8864d6ec2f89cf0895a2b2b72d1b1",
 		"pepper👀їжак",
@@ -100,6 +146,8 @@ func TestCrypt005(t *testing.T) {
 
 func TestCrypt006(t *testing.T) {
 	assertCrypt(t,
+		"eba1687cab6a3101bfc68fd70f214aa4cc059e9ec1b79fdb9ad0a0a4e259829f",
+		"dff20d262bef9dfd94666548f556393085e6ea421c8af86e9d333fa8747e94b3",
 		"decde9938ffcb14fa7ff300105eb1bf239469af9baf376e69755b9070ae48c47",
 		"2180b52ae645fcf9f5080d81b1f0b5d6f2cd77ff3c986882bb549158462f3407",
 		"( ͡° ͜ʖ ͡°)",
@@ -109,6 +157,8 @@ func TestCrypt006(t *testing.T) {
 
 func TestCrypt007(t *testing.T) {
 	assertCrypt(t,
+		"d5633530f5bcfebceb5584cfbbf718a30df0751b729dd9a789b9f30c0587d74e",
+		"b74e6a341fb134127272b795a08b59250e5fa45a82a2eb4095e4ce9ed5f5e214",
 		"c6f2fde7aa00208c388f506455c31c3fa07caf8b516d43bf7514ee19edcda994",
 		"e4cd5f7ce4eea024bc71b17ad456a986a74ac426c2c62b0a15eb5c5c8f888b68",
 		"مُنَاقَشَةُ سُبُلِ اِسْتِخْدَامِ اللُّغَةِ فِي النُّظُمِ الْقَائِمَةِ وَفِيم يَخُصَّ التَّطْبِيقَاتُ الْحاسُوبِيَّةُ،",
@@ -118,6 +168,8 @@ func TestCrypt007(t *testing.T) {
 
 func TestCrypt008(t *testing.T) {
 	assertCrypt(t,
+		"d5633530f5bcfebceb5584cfbbf718a30df0751b729dd9a789b9f30c0587d74e",
+		"b74e6a341fb134127272b795a08b59250e5fa45a82a2eb4095e4ce9ed5f5e214",
 		"c6f2fde7aa00208c388f506455c31c3fa07caf8b516d43bf7514ee19edcda994",
 		"38d1ca0abef9e5f564e89761a86cee04574b6825d3ef2063b10ad75899e4b023",
 		"الكل في المجمو عة (5)",
@@ -127,6 +179,8 @@ func TestCrypt008(t *testing.T) {
 
 func TestCrypt009(t *testing.T) {
 	assertCrypt(t,
+		"d5633530f5bcfebceb5584cfbbf718a30df0751b729dd9a789b9f30c0587d74e",
+		"b74e6a341fb134127272b795a08b59250e5fa45a82a2eb4095e4ce9ed5f5e214",
 		"c6f2fde7aa00208c388f506455c31c3fa07caf8b516d43bf7514ee19edcda994",
 		"4f1a31909f3483a9e69c8549a55bbc9af25fa5bbecf7bd32d9896f83ef2e12e0",
 		"𝖑𝖆𝖟𝖞 社會科學院語學研究所",
@@ -136,6 +190,8 @@ func TestCrypt009(t *testing.T) {
 
 func TestCrypt010(t *testing.T) {
 	assertCrypt(t,
+		"d5633530f5bcfebceb5584cfbbf718a30df0751b729dd9a789b9f30c0587d74e",
+		"b74e6a341fb134127272b795a08b59250e5fa45a82a2eb4095e4ce9ed5f5e214",
 		"c6f2fde7aa00208c388f506455c31c3fa07caf8b516d43bf7514ee19edcda994",
 		"a3e219242d85465e70adcd640b564b3feff57d2ef8745d5e7a0663b2dccceb54",
 		"🙈 🙉 🙊 0️⃣ 1️⃣ 2️⃣ 3️⃣ 4️⃣ 5️⃣ 6️⃣ 7️⃣ 8️⃣ 9️⃣ 🔟 Powerلُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ冗",
@@ -145,6 +201,8 @@ func TestCrypt010(t *testing.T) {
 
 func TestCrypt011(t *testing.T) {
 	assertCrypt(t,
+		"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364139",
+		"0000000000000000000000000000000000000000000000000000000000000002",
 		"7a1ccf5ce5a08e380f590de0c02776623b85a61ae67cfb6a017317e505b7cb51",
 		"a000000000000000000000000000000000000000000000000000000000000001",
 		"⁰⁴⁵₀₁₂",
@@ -154,6 +212,8 @@ func TestCrypt011(t *testing.T) {
 
 func TestCrypt012(t *testing.T) {
 	assertCrypt(t,
+		"0000000000000000000000000000000000000000000000000000000000000002",
+		"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdeb",
 		"aa971537d741089885a0b48f2730a125e15b36033d089d4537a4e1204e76b39e",
 		"b000000000000000000000000000000000000000000000000000000000000002",
 		"A Peer-to-Peer Electronic Cash System",
@@ -163,6 +223,8 @@ func TestCrypt012(t *testing.T) {
 
 func TestCrypt013(t *testing.T) {
 	assertCrypt(t,
+		"0000000000000000000000000000000000000000000000000000000000000001",
+		"79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
 		"79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
 		"79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
 		"A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending.",
@@ -172,6 +234,8 @@ func TestCrypt013(t *testing.T) {
 
 func TestCryptFail001(t *testing.T) {
 	assertDecryptFail(t,
+		"2573d1e9b9ac5de5d570f652cbb9e8d4f235e3d3d334181448e87c417f374e83",
+		"8348c2d35549098706e5bab7966d9a9c72fbf6554e918f41c2b6cb275f79ec13",
 		"8673ec68393a997bfad7eab8661461daf8b3931b7e885d78312a3fb7fe17f41a",
 		"##Atqupco0WyaOW2IGDKcshwxI9xO8HgD/P8Ddt46CbxDbOsrsqIEybscEwg5rnI/Cx03mDSmeweOLKD7dw5BDZQDxXSlCwX1LIcTJEZaJPTz98Ftu0zSE0d93ED7OtdlvNeZx",
 		"unknown version",
@@ -180,6 +244,8 @@ func TestCryptFail001(t *testing.T) {
 
 func TestCryptFail002(t *testing.T) {
 	assertDecryptFail(t,
+		"11063318c5cb3cd9cafcced42b4db5ea02ec976ed995962d2bc1fa1e9b52e29f",
+		"5c49873b6eac3dd363325250cc55d5dd4c7ce9a885134580405736d83506bb74",
 		"e2aad10de00913088e5cb0f73fa526a6a17e95763cc5b2a127022f5ea5a73445",
 		"AK1AjUvoYW3IS7C/BGRUoqEC7ayTfDUgnEPNeWTF/reBA4fZmoHrtrz5I5pCHuwWZ22qqL/Xt1VidEZGMLds0yaJ5VwUbeEifEJlPICOFt1ssZJxCUf43HvRwCVTFskbhSMh",
 		"unknown version",
@@ -188,6 +254,8 @@ func TestCryptFail002(t *testing.T) {
 
 func TestCryptFail003(t *testing.T) {
 	assertDecryptFail(t,
+		"2573d1e9b9ac5de5d570f652cbb9e8d4f235e3d3d334181448e87c417f374e83",
+		"8348c2d35549098706e5bab7966d9a9c72fbf6554e918f41c2b6cb275f79ec13",
 		"8673ec68393a997bfad7eab8661461daf8b3931b7e885d78312a3fb7fe17f41a",
 		"Atqupco0WyaOW2IGDKcshwxI9xO8HgD/P8Ddt46CbxDbOsrsqIEybscEwg5rnI/Cx03mDSmeweOLKD,7dw5BDZQDxXSlCwX1LIcTJEZaJPTz98Ftu0zSE0d93ED7OtdlvNeZx",
 		"invalid base64",
@@ -196,6 +264,8 @@ func TestCryptFail003(t *testing.T) {
 
 func TestCryptFail004(t *testing.T) {
 	assertDecryptFail(t,
+		"5a2f39347fed3883c9fe05868a8f6156a292c45f606bc610495fcc020ed158f7",
+		"775bbfeba58d07f9d1fbb862e306ac780f39e5418043dadb547c7b5900245e71",
 		"2e70c0a1cde884b88392458ca86148d859b273a5695ede5bbe41f731d7d88ffd",
 		"Agn/l3ULCEAS4V7LhGFM6IGA17jsDUaFCKhrbXDANholdUejFZPARM22IvOqp1U/UmFSkeSyTBYbbwy5ykmi+mKiEcWL+nVmTOf28MMiC+rTpZys/8p1hqQFpn+XWZRPrVay",
 		"invalid hmac",
@@ -204,6 +274,8 @@ func TestCryptFail004(t *testing.T) {
 
 func TestCryptFail005(t *testing.T) {
 	assertDecryptFail(t,
+		"067eda13c4a36090ad28a7a183e9df611186ca01f63cb30fcdfa615ebfd6fb6d",
+		"32c1ece2c5dd2160ad03b243f50eff12db605b86ac92da47eacc78144bf0cdd3",
 		"a808915e31afc5b853d654d2519632dac7298ee2ecddc11695b8eba925935c2a",
 		"AmWxSwuUmqp9UsQX63U7OQ6K1thLI69L7G2b+j4DoIr0U0P/M1/oKm95z8qz6Kg0zQawLzwk3DskvWA2drXP4zK+tzHpKvWq0KOdx5MdypboSQsP4NXfhh2KoUffjkyIOiMA",
 		"invalid hmac",
@@ -212,6 +284,8 @@ func TestCryptFail005(t *testing.T) {
 
 func TestCryptFail006(t *testing.T) {
 	assertDecryptFail(t,
+		"3e7be560fb9f8c965c48953dbd00411d48577e200cf00d7cc427e49d0e8d9c01",
+		"e539e5fee58a337307e2a937ee9a7561b45876fb5df405c5e7be3ee564b239cc",
 		"6ee3efc4255e3b8270e5dd3f7dc7f6b60878cda6218c8df34a3261cd48744931",
 		"Anq2XbuLvCuONcr7V0UxTh8FAyWoZNEdBHXvdbNmDZHBu7F9m36yBd58mVUBB5ktBTOJREDaQT1KAyPmZidP+IRea1lNw5YAEK7+pbnpfCw8CD0i2n8Pf2IDWlKDhLiVvatw",
 		"invalid padding",
@@ -220,6 +294,8 @@ func TestCryptFail006(t *testing.T) {
 
 func TestCryptFail007(t *testing.T) {
 	assertDecryptFail(t,
+		"c22e1d4de967aa39dc143354d8f596cec1d7c912c3140831fff2976ce3e387c1",
+		"4e405be192677a2da95ffc733950777213bf880cf7c3b084eeb6f3fe5bd43705",
 		"1675a773dbf6fbcbef6a293004a4504b6c856978be738b10584b0269d437c8d1",
 		"An1Cg+O1TIhdav7ogfSOYvCj9dep4ctxzKtZSniCw5MwhT0hvSnF9Xjp9Lml792qtNbmAVvR6laukTe9eYEjeWPpZFxtkVpYTbbL9wDKFeplDMKsUKVa+roSeSvv0ela9seDVl2Sfso=",
 		"invalid padding",
@@ -229,6 +305,8 @@ func TestCryptFail007(t *testing.T) {
 
 func TestCryptFail008(t *testing.T) {
 	assertDecryptFail(t,
+		"be1edab14c5912e5c59084f197f0945242e969c363096cccb59af8898815096f",
+		"9eaf0775d971e4941c97189232542e1daefcdb7dddafc39bcea2520217710ba2",
 		"1741a44c052d5ae363c7845441f73d2b6c28d9bfb3006190012bba12eb4c774b",
 		"Am+f1yZnwnOs0jymZTcRpwhDRHTdnrFcPtsBzpqVdD6bL9HUMo3Mjkz4bjQo/FJF2LWHmaCr9Byc3hU9D7we+EkNBWenBHasT1G52fZk9r3NKeOC1hLezNwBLr7XXiULh+NbMBDtJh9/aQh1uZ9EpAfeISOzbZXwYwf0P5M85g9XER8hZ2fgJDLb4qMOuQRG6CrPezhr357nS3UHwPC2qHo3uKACxhE+2td+965yDcvMTx4KYTQg1zNhd7PA5v/WPnWeq2B623yLxlevUuo/OvXplFho3QVy7s5QZVop6qV2g2/l/SIsvD0HIcv3V35sywOCBR0K4VHgduFqkx/LEF3NGgAbjONXQHX8ZKushsEeR4TxlFoRSovAyYjhWolz+Ok3KJL2Ertds3H+M/Bdl2WnZGT0IbjZjn3DS+b1Ke0R0X4Onww2ZG3+7o6ncIwTc+lh1O7YQn00V0HJ+EIp03heKV2zWdVSC615By/+Yt9KAiV56n5+02GAuNqA",
 		"invalid padding",