From 3df00e5702bd2a8056400a54b77de01af3f78db5 Mon Sep 17 00:00:00 2001
From: Kevin Lewi <klewi@fb.com>
Date: Thu, 25 May 2023 23:45:13 -0500
Subject: [PATCH] Update keypair generation to use derive_auth_keypair

---
 src/envelope.rs                  |   2 +-
 src/key_exchange/traits.rs       |  26 +-
 src/key_exchange/tripledh.rs     |  33 +-
 src/keypair.rs                   |  37 +-
 src/opaque.rs                    |   8 +-
 src/serialization/tests.rs       |  16 +-
 src/tests/full_test.rs           | 658 +++++++++++++++----------------
 src/tests/opaque_vectors.rs      | 314 +++++++--------
 src/tests/test_opaque_vectors.rs |  34 +-
 9 files changed, 577 insertions(+), 551 deletions(-)

diff --git a/src/envelope.rs b/src/envelope.rs
index e7e3c9f7..f50fcf24 100644
--- a/src/envelope.rs
+++ b/src/envelope.rs
@@ -33,7 +33,7 @@ use crate::serialization::{Input, MacExt};
 const STR_AUTH_KEY: [u8; 7] = *b"AuthKey";
 const STR_EXPORT_KEY: [u8; 9] = *b"ExportKey";
 const STR_PRIVATE_KEY: [u8; 10] = *b"PrivateKey";
-const STR_OPAQUE_DERIVE_AUTH_KEY_PAIR: [u8; 24] = *b"OPAQUE-DeriveAuthKeyPair";
+const STR_OPAQUE_DERIVE_AUTH_KEY_PAIR: [u8; 33] = *b"OPAQUE-DeriveDiffieHellmanKeyPair";
 type NonceLen = U32;
 
 #[cfg_attr(feature = "serde", derive(serde::Deserialize, serde::Serialize))]
diff --git a/src/key_exchange/traits.rs b/src/key_exchange/traits.rs
index c31d0e9e..5c246f28 100644
--- a/src/key_exchange/traits.rs
+++ b/src/key_exchange/traits.rs
@@ -6,9 +6,9 @@
 // of this source tree. You may select, at your option, one of the above-listed
 // licenses.
 
-use digest::core_api::BlockSizeUser;
+use digest::core_api::{BlockSizeUser, OutputSizeUser};
 use digest::Output;
-use generic_array::typenum::{IsLess, Le, NonZero, U256};
+use generic_array::typenum::{IsLess, IsLessOrEqual, Le, NonZero, U256};
 use generic_array::{ArrayLength, GenericArray};
 use rand::{CryptoRng, RngCore};
 use zeroize::ZeroizeOnDrop;
@@ -31,12 +31,23 @@ where
     type KE2Message: Deserialize + Serialize + ZeroizeOnDrop + Clone;
     type KE3Message: Deserialize + Serialize + ZeroizeOnDrop + Clone;
 
-    fn generate_ke1<R: RngCore + CryptoRng>(
+    fn generate_ke1<OprfCs: voprf::CipherSuite, R: RngCore + CryptoRng>(
         rng: &mut R,
-    ) -> Result<(Self::KE1State, Self::KE1Message), ProtocolError>;
+    ) -> Result<(Self::KE1State, Self::KE1Message), ProtocolError>
+    where
+        <OprfCs::Hash as OutputSizeUser>::OutputSize:
+            IsLess<U256> + IsLessOrEqual<<OprfCs::Hash as BlockSizeUser>::BlockSize>;
 
     #[allow(clippy::too_many_arguments)]
-    fn generate_ke2<'a, 'b, 'c, 'd, R: RngCore + CryptoRng, S: SecretKey<G>>(
+    fn generate_ke2<
+        'a,
+        'b,
+        'c,
+        'd,
+        OprfCs: voprf::CipherSuite,
+        R: RngCore + CryptoRng,
+        S: SecretKey<G>,
+    >(
         rng: &mut R,
         l1_bytes: impl Iterator<Item = &'a [u8]>,
         l2_bytes: impl Iterator<Item = &'b [u8]>,
@@ -46,7 +57,10 @@ where
         id_u: impl Iterator<Item = &'c [u8]>,
         id_s: impl Iterator<Item = &'d [u8]>,
         context: &[u8],
-    ) -> Result<GenerateKe2Result<Self, D, G>, ProtocolError<S::Error>>;
+    ) -> Result<GenerateKe2Result<Self, D, G>, ProtocolError<S::Error>>
+    where
+        <OprfCs::Hash as OutputSizeUser>::OutputSize:
+            IsLess<U256> + IsLessOrEqual<<OprfCs::Hash as BlockSizeUser>::BlockSize>;
 
     #[allow(clippy::too_many_arguments)]
     fn generate_ke3<'a, 'b, 'c, 'd>(
diff --git a/src/key_exchange/tripledh.rs b/src/key_exchange/tripledh.rs
index e09d2b05..5c66d458 100644
--- a/src/key_exchange/tripledh.rs
+++ b/src/key_exchange/tripledh.rs
@@ -12,9 +12,12 @@ use core::ops::Add;
 
 use derive_where::derive_where;
 use digest::core_api::BlockSizeUser;
+use digest::OutputSizeUser;
 use digest::{Digest, Output};
 use generic_array::sequence::Concat;
-use generic_array::typenum::{IsLess, Le, NonZero, Sum, Unsigned, U1, U2, U256, U32};
+use generic_array::typenum::{
+    IsLess, IsLessOrEqual, Le, NonZero, Sum, Unsigned, U1, U2, U256, U32,
+};
 use generic_array::{ArrayLength, GenericArray};
 use hkdf::{Hkdf, HkdfExtract};
 use hmac::{Hmac, Mac};
@@ -161,10 +164,14 @@ where
     type KE2Message = Ke2Message<D, KG>;
     type KE3Message = Ke3Message<D>;
 
-    fn generate_ke1<R: RngCore + CryptoRng>(
+    fn generate_ke1<OprfCs: voprf::CipherSuite, R: RngCore + CryptoRng>(
         rng: &mut R,
-    ) -> Result<(Self::KE1State, Self::KE1Message), ProtocolError> {
-        let client_e_kp = KeyPair::<KG>::generate_random(rng);
+    ) -> Result<(Self::KE1State, Self::KE1Message), ProtocolError>
+    where
+        <OprfCs::Hash as OutputSizeUser>::OutputSize:
+            IsLess<U256> + IsLessOrEqual<<OprfCs::Hash as BlockSizeUser>::BlockSize>,
+    {
+        let client_e_kp = KeyPair::<KG>::generate_random::<OprfCs, _>(rng);
         let client_nonce = generate_nonce::<R>(rng);
 
         let ke1_message = Ke1Message {
@@ -182,7 +189,15 @@ where
     }
 
     #[allow(clippy::type_complexity)]
-    fn generate_ke2<'a, 'b, 'c, 'd, R: RngCore + CryptoRng, S: SecretKey<KG>>(
+    fn generate_ke2<
+        'a,
+        'b,
+        'c,
+        'd,
+        OprfCs: voprf::CipherSuite,
+        R: RngCore + CryptoRng,
+        S: SecretKey<KG>,
+    >(
         rng: &mut R,
         serialized_credential_request: impl Iterator<Item = &'a [u8]>,
         l2_bytes: impl Iterator<Item = &'b [u8]>,
@@ -192,8 +207,12 @@ where
         id_u: impl Iterator<Item = &'c [u8]>,
         id_s: impl Iterator<Item = &'d [u8]>,
         context: &[u8],
-    ) -> Result<GenerateKe2Result<Self, D, KG>, ProtocolError<S::Error>> {
-        let server_e_kp = KeyPair::<KG>::generate_random(rng);
+    ) -> Result<GenerateKe2Result<Self, D, KG>, ProtocolError<S::Error>>
+    where
+        <OprfCs::Hash as OutputSizeUser>::OutputSize:
+            IsLess<U256> + IsLessOrEqual<<OprfCs::Hash as BlockSizeUser>::BlockSize>,
+    {
+        let server_e_kp = KeyPair::<KG>::generate_random::<OprfCs, _>(rng);
         let server_nonce = generate_nonce::<R>(rng);
 
         let mut transcript_hasher = D::new()
diff --git a/src/keypair.rs b/src/keypair.rs
index a89a9d86..1224a15e 100644
--- a/src/keypair.rs
+++ b/src/keypair.rs
@@ -11,6 +11,9 @@
 #![allow(unsafe_code)]
 
 use derive_where::derive_where;
+use digest::core_api::BlockSizeUser;
+use digest::OutputSizeUser;
+use generic_array::typenum::{IsLess, IsLessOrEqual, U256};
 use generic_array::{ArrayLength, GenericArray};
 use rand::{CryptoRng, RngCore};
 
@@ -56,10 +59,24 @@ impl<KG: KeGroup, S: SecretKey<KG>> KeyPair<KG, S> {
     }
 }
 
+const STR_OPAQUE_DERIVE_AUTH_KEY_PAIR: [u8; 33] = *b"OPAQUE-DeriveDiffieHellmanKeyPair";
+
 impl<KG: KeGroup> KeyPair<KG> {
     /// Generating a random key pair given a cryptographic rng
-    pub(crate) fn generate_random<R: RngCore + CryptoRng>(rng: &mut R) -> Self {
-        let sk = KG::random_sk(rng);
+    pub(crate) fn generate_random<CS: voprf::CipherSuite, R: RngCore + CryptoRng>(
+        rng: &mut R,
+    ) -> Self
+    where
+        <CS::Hash as OutputSizeUser>::OutputSize:
+            IsLess<U256> + IsLessOrEqual<<CS::Hash as BlockSizeUser>::BlockSize>,
+    {
+        let mut scalar_bytes = GenericArray::<_, <KG as KeGroup>::SkLen>::default();
+        rng.fill_bytes(&mut scalar_bytes);
+        let sk = KG::derive_auth_keypair::<CS>(
+            GenericArray::clone_from_slice(&scalar_bytes),
+            &STR_OPAQUE_DERIVE_AUTH_KEY_PAIR,
+        )
+        .unwrap();
         let pk = KG::public_key(sk);
         Self {
             pk: PublicKey(pk),
@@ -76,7 +93,11 @@ where
 {
     /// Test-only strategy returning a proptest Strategy based on
     /// generate_random
-    fn uniform_keypair_strategy() -> proptest::prelude::BoxedStrategy<Self> {
+    fn uniform_keypair_strategy<CS: voprf::CipherSuite>() -> proptest::prelude::BoxedStrategy<Self>
+    where
+        <CS::Hash as OutputSizeUser>::OutputSize:
+            IsLess<U256> + IsLessOrEqual<<CS::Hash as BlockSizeUser>::BlockSize>,
+    {
         use proptest::prelude::*;
         use rand::rngs::StdRng;
         use rand::SeedableRng;
@@ -86,7 +107,7 @@ where
         any::<[u8; 32]>()
             .prop_filter_map("valid random keypair", |seed| {
                 let mut rng = StdRng::from_seed(seed);
-                Some(Self::generate_random(&mut rng))
+                Some(Self::generate_random::<CS, _>(&mut rng))
             })
             .no_shrink()
             .boxed()
@@ -243,15 +264,15 @@ mod tests {
 
                 proptest! {
                     #[test]
-                    fn pub_from_priv(kp in KeyPair::<$point>::uniform_keypair_strategy()) {
+                    fn pub_from_priv(kp in KeyPair::<$point>::uniform_keypair_strategy::<$point>()) {
                         let pk = kp.public();
                         let sk = kp.private();
                         prop_assert_eq!(&sk.public_key()?, pk);
                     }
 
                     #[test]
-                    fn dh(kp1 in KeyPair::<$point>::uniform_keypair_strategy(),
-                                      kp2 in KeyPair::<$point>::uniform_keypair_strategy()) {
+                    fn dh(kp1 in KeyPair::<$point>::uniform_keypair_strategy::<$point>(),
+                                      kp2 in KeyPair::<$point>::uniform_keypair_strategy::<$point>()) {
 
                         let dh1 = kp2.private().diffie_hellman(kp1.public().clone())?;
                         let dh2 = kp1.private().diffie_hellman(kp2.public().clone())?;
@@ -260,7 +281,7 @@ mod tests {
                     }
 
                     #[test]
-                    fn private_key_slice(kp in KeyPair::<$point>::uniform_keypair_strategy()) {
+                    fn private_key_slice(kp in KeyPair::<$point>::uniform_keypair_strategy::<$point>()) {
                         let sk_bytes = kp.private().serialize().to_vec();
 
                         let kp2 = KeyPair::<$point>::from_private_key_slice(&sk_bytes)?;
diff --git a/src/opaque.rs b/src/opaque.rs
index 23876099..737739e5 100644
--- a/src/opaque.rs
+++ b/src/opaque.rs
@@ -205,7 +205,7 @@ where
 {
     /// Generate a new instance of server setup
     pub fn new<R: CryptoRng + RngCore>(rng: &mut R) -> Self {
-        let keypair = KeyPair::generate_random(rng);
+        let keypair = KeyPair::generate_random::<CS::OprfCs, _>(rng);
         Self::new_with_key(rng, keypair)
     }
 }
@@ -234,7 +234,7 @@ where
         Self {
             oprf_seed,
             keypair,
-            fake_keypair: KeyPair::<CS::KeGroup>::generate_random(rng),
+            fake_keypair: KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(rng),
         }
     }
 
@@ -542,7 +542,7 @@ where
         password: &[u8],
     ) -> Result<ClientLoginStartResult<CS>, ProtocolError> {
         let blind_result = blind::<CS, _>(rng, password)?;
-        let (ke1_state, ke1_message) = CS::KeyExchange::generate_ke1(rng)?;
+        let (ke1_state, ke1_message) = CS::KeyExchange::generate_ke1::<CS::OprfCs, _>(rng)?;
 
         let credential_request = CredentialRequest {
             blinded_element: blind_result.message,
@@ -757,7 +757,7 @@ where
         let credential_response_component =
             CredentialResponse::<CS>::serialize_without_ke(&beta, &masking_nonce, &masked_response);
 
-        let result = CS::KeyExchange::generate_ke2(
+        let result = CS::KeyExchange::generate_ke2::<CS::OprfCs, _, _>(
             rng,
             credential_request_bytes,
             credential_response_component,
diff --git a/src/serialization/tests.rs b/src/serialization/tests.rs
index 76cd4274..3b4b4ff5 100644
--- a/src/serialization/tests.rs
+++ b/src/serialization/tests.rs
@@ -153,7 +153,7 @@ fn server_registration_roundtrip() -> Result<(), ProtocolError> {
         // length-MAC_SIZE hmac
         mock_envelope_bytes.extend_from_slice(&Output::<OprfHash<CS>>::default());
 
-        let mock_client_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
+        let mock_client_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
         // serialization order: oprf_key, public key, envelope
         let mut bytes = Vec::<u8>::new();
         bytes.extend_from_slice(&mock_client_kp.public().serialize());
@@ -233,7 +233,7 @@ fn registration_response_roundtrip() -> Result<(), ProtocolError> {
         let pt = random_point::<CS>();
         let beta_bytes = CS::KeGroup::serialize_pk(pt);
         let mut rng = OsRng;
-        let skp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
+        let skp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
         let pubkey_bytes = skp.public().serialize();
 
         let mut input = Vec::new();
@@ -288,7 +288,7 @@ fn registration_upload_roundtrip() -> Result<(), ProtocolError> {
         RegistrationUploadLen<CS>: ArrayLength<u8>,
     {
         let mut rng = OsRng;
-        let skp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
+        let skp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
         let pubkey_bytes = skp.public().serialize();
 
         let mut key = [0u8; 32];
@@ -348,7 +348,7 @@ fn credential_request_roundtrip() -> Result<(), ProtocolError> {
         let alpha = random_point::<CS>();
         let alpha_bytes = CS::KeGroup::serialize_pk(alpha);
 
-        let client_e_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
+        let client_e_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
         let mut client_nonce = [0u8; NonceLen::USIZE];
         rng.fill_bytes(&mut client_nonce);
 
@@ -424,7 +424,7 @@ fn credential_response_roundtrip() -> Result<(), ProtocolError> {
             vec![0u8; <OprfGroup<CS> as Group>::ElemLen::USIZE + Envelope::<CS>::len()];
         rng.fill_bytes(&mut masked_response);
 
-        let server_e_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
+        let server_e_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
         let mut mac = Output::<OprfHash<CS>>::default();
         rng.fill_bytes(&mut mac);
         let mut server_nonce = [0u8; NonceLen::USIZE];
@@ -531,7 +531,7 @@ fn client_login_roundtrip() -> Result<(), ProtocolError> {
         let pw = b"hunter2";
         let mut rng = OsRng;
 
-        let client_e_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
+        let client_e_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
         let mut client_nonce = [0; NonceLen::USIZE];
         rng.fill_bytes(&mut client_nonce);
 
@@ -590,7 +590,7 @@ fn ke1_message_roundtrip() -> Result<(), ProtocolError> {
     {
         let mut rng = OsRng;
 
-        let client_e_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
+        let client_e_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
         let mut client_nonce = vec![0u8; NonceLen::USIZE];
         rng.fill_bytes(&mut client_nonce);
 
@@ -630,7 +630,7 @@ fn ke2_message_roundtrip() -> Result<(), ProtocolError> {
     {
         let mut rng = OsRng;
 
-        let server_e_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
+        let server_e_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
         let mut mac = Output::<OprfHash<CS>>::default();
         rng.fill_bytes(&mut mac);
         let mut server_nonce = vec![0u8; NonceLen::USIZE];
diff --git a/src/tests/full_test.rs b/src/tests/full_test.rs
index 977d27ab..c4bde978 100644
--- a/src/tests/full_test.rs
+++ b/src/tests/full_test.rs
@@ -209,452 +209,452 @@ static STR_CREDENTIAL_IDENTIFIER: &str = "credential_identifier";
 #[cfg(feature = "ristretto255")]
 static TEST_VECTOR_RISTRETTO255: &str = r#"
 {
-    "client_s_pk": "58f84ab1de6d6baed997b8622a7340470a2e321778cf15a6a349f57143181b6d",
-    "client_s_sk": "ca1860c537f99dce6da9d0bf674f7c5c483c7e12c07487821d0fc60b78702a03",
-    "client_e_pk": "5898671746f581bbaa9019ea3e5dc5809612960e38f3fd3569237e8d0cf14a23",
-    "client_e_sk": "bd61a18173fe09b88529b4c04424637ce066fabc0f077985713ae12457d7b601",
-    "server_s_pk": "32033f92bfd82242f7dc9b2574f6916a53aa4ef83ecab4f4d912aad9957d8027",
-    "server_s_sk": "ab8f8598cb4166fb5ee1d437b6f5b563b59e4b699ded8e176c25ee77358bac01",
-    "server_e_pk": "f4ac5c4ef8dfae76705ddc1dd6c64b916680f69975cad5733ba7a4570bdd5629",
-    "server_e_sk": "7bf9ca648ab766269eeed497f640264cc248caaf94498b3aba2324395d061308",
-    "fake_sk": "23c51f2bd15324bbc088313184ff2daf81454c24002887b8abd8dc1d78f35000",
+    "client_s_pk": "26716bbe69e8a0f5af491ee125ebcf1ba570fded8429a5efe3a411572046f168",
+    "client_s_sk": "f4a4b1f3c2c54257b91a0d87db527505428cbee4b6139e653160d44418f2110c",
+    "client_e_pk": "6ef6b77b5640a9edc6f70c51498008113d616abcaecb93665184f960d109fe52",
+    "client_e_sk": "e2ea723e5c50da359eb157b61305ceba76e782def7900f49c4d6710255dab502",
+    "server_s_pk": "88a0a8d7d4af520eed596ed1ba0f559ef3938e0760ba4dc0edda61516f786c34",
+    "server_s_sk": "119d9d4d6a0d346b32bd098545374bb13d3c62292ee46244ad198388e33d7d0c",
+    "server_e_pk": "bc7cc5a25ae069bda90f1c7dd1171025ab795f27e45b78839f6991f29a56e052",
+    "server_e_sk": "5b7e3196121b14d54f326ad51849264aeaeef95ea4f4bfde96b31266df92200b",
+    "fake_sk": "45caf0bf77b445fedbac477bde6b4302122c29c572b8a4b0760e25c7ae992d0a",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "16d9379d74dd857d97ed7470bc022290f0aed9d14c8de873c03139360d7c2203",
-    "oprf_seed": "089519f6ab43cb90f6c37abe2f4d6ef7928106fd5920c9856d717c6db229d6887b98ea296e8c48f962065e8c224ee1d687b5e9ea9be5c9fd66a1d5edf4326aa3",
-    "masking_nonce": "ff24215c44990ee27982e667ed57e1fefe21a38ecae3cf8dad951237ba6166cfef780945009e3cfc031f59552a8d7b84571c7c13722d88a52f2b7d279e27ff84",
-    "envelope_nonce": "add2e39416fb5917d1328dd9987b9e8e2ee30c04eb4f4a8ae5c52e63b719846a",
-    "client_nonce": "db1f9c4b2e3f4f307d35490a2d9ace7ccd2e124c5a08655bfb97597f24d5da55",
-    "server_nonce": "00285d1b30f04f84f020dc60d702581cf36fc8f683b75b1efd21e01056a1a102",
+    "blinding_factor": "4c590eff6854bda8024117051aa86c838b5d37bf408714a6004c671e7f72fb03",
+    "oprf_seed": "77b3fa30df8c1a6cf848a3cd747f5e28dae23b522e80b9ed67d4d06f09f53136dbc44bbb511b56fec4de8780572bac59b2647c1a71f080e42e70e573f10c6e8a",
+    "masking_nonce": "586157850ffa2085e7f857a27b5c942f5419331ca8f9d7467dfd2825e1ec6a3cf85ec715b14eeaadc89615d07c8d49d6859940ff84649df740f97ecaef168f9b",
+    "envelope_nonce": "21946497a938b40c9bdeb84d286fc7e9b3ef1e6d150660bd2330e400eac5c5bc",
+    "client_nonce": "d49d84dcfdde7c09eecf7b6ddaab79c3269a9d2511ba72d01d363fae862b5a83",
+    "server_nonce": "1e5a5cc267d99866ea30678c1ee43c53400b78e4a27b7dcf2b4521667b78c3b3",
     "context": "636f6e74657874",
-    "registration_request": "3025151fce8a32a8961aaf77031402a3d0cf70370052b22b6131c78de82e8366",
-    "registration_response": "1a566c5cb551027e996788ad999b14ecd8bc0f230348aef90674e733d946cd6332033f92bfd82242f7dc9b2574f6916a53aa4ef83ecab4f4d912aad9957d8027",
-    "registration_upload": "90c46263e6709e038ffd12d5e97eca652800edc492b942a798951da8af74ef289e8fe0c9fef7a8f785445c82f6185f1e8682ae907197ce97ae0521c0f5ce4f636781ad5b5c3f9df7c4af0dfdd0f77ce98846d019cf4189b8f0a793cd59e2b42aca1860c537f99dce6da9d0bf674f7c5c483c7e12c07487821d0fc60b78702a039923ef46ae4f5b0240484250d690a6b1533bc8d5cd89e5b5bb78ebe4cb40d4439275e924b80683c6b8833cb503059bd3bcb083aa72bf70d1d2cb4e6d40cd61d7",
-    "credential_request": "3025151fce8a32a8961aaf77031402a3d0cf70370052b22b6131c78de82e8366db1f9c4b2e3f4f307d35490a2d9ace7ccd2e124c5a08655bfb97597f24d5da555898671746f581bbaa9019ea3e5dc5809612960e38f3fd3569237e8d0cf14a23",
-    "credential_response": "1a566c5cb551027e996788ad999b14ecd8bc0f230348aef90674e733d946cd63ff24215c44990ee27982e667ed57e1fefe21a38ecae3cf8dad951237ba6166cfd7635651e5f867c08c02e7564b86a03d1b1b198dec5b9b54f998d3bfba0f4fe956d3e795c672c275ac2fb0a5ce38920bc17f532348243f79db5aaf34db507ce41096d9a326ee453f02ab1d1c9b738507fbe87197b13c65720e4f16737f9da173613b90bd5b2ee6812c0462299a7c3b179e439e88af08abf607796e4e9d23e17f7bf9ca648ab766269eeed497f640264cc248caaf94498b3aba2324395d061308a0c9863142b43845b16e9bf9e1d236038a0cf8a470a7291c60e8579dae1e2128d7919f28f7a4ff9fdd915f00b42007aa1de6f9a0bded2cbbf297e923bcef57f42fb06bcfca035fbc66cf74300c54daec3738dbaca2ba470bb81330efab584256",
-    "credential_finalization": "6a3f177d73886db031e081e116a1eb7c13ef763a60a0ae8b7477f4fcf6c7d22618651402f3ab7bd501f42442a010a185253c87bb051cca80686b54ceb5c410d3",
-    "client_registration_state": "16d9379d74dd857d97ed7470bc022290f0aed9d14c8de873c03139360d7c22033025151fce8a32a8961aaf77031402a3d0cf70370052b22b6131c78de82e8366",
-    "client_login_state": "16d9379d74dd857d97ed7470bc022290f0aed9d14c8de873c03139360d7c22033025151fce8a32a8961aaf77031402a3d0cf70370052b22b6131c78de82e8366db1f9c4b2e3f4f307d35490a2d9ace7ccd2e124c5a08655bfb97597f24d5da555898671746f581bbaa9019ea3e5dc5809612960e38f3fd3569237e8d0cf14a23bd61a18173fe09b88529b4c04424637ce066fabc0f077985713ae12457d7b601db1f9c4b2e3f4f307d35490a2d9ace7ccd2e124c5a08655bfb97597f24d5da55",
-    "server_login_state": "01410c086ece65443dcbca42c6703d08bae0d293f4b9b78449df626f7f8b04d8cada3f693670e74683f4ec6f9df9d1773fa4212a6ddc52343874bcfb0a87dd82cd25afdbb29dd431c859b337de3123e325d9aa9c99e9a59fd98858c6835e8c34d0945a251261f456ffa67399c8745e478c7377a3774930a49f0b7c351ed654e38d62e93a5ec5cd0305521bcce9695b3ce23b4713a699bd9e1e102049652bc407fc6579cf4c7f8e5e3dcfaadb73a36c49bc2084b82246c01c630dde63a5bbfb40",
-    "password_file": "90c46263e6709e038ffd12d5e97eca652800edc492b942a798951da8af74ef289e8fe0c9fef7a8f785445c82f6185f1e8682ae907197ce97ae0521c0f5ce4f636781ad5b5c3f9df7c4af0dfdd0f77ce98846d019cf4189b8f0a793cd59e2b42aca1860c537f99dce6da9d0bf674f7c5c483c7e12c07487821d0fc60b78702a039923ef46ae4f5b0240484250d690a6b1533bc8d5cd89e5b5bb78ebe4cb40d4439275e924b80683c6b8833cb503059bd3bcb083aa72bf70d1d2cb4e6d40cd61d7",
-    "export_key": "55833fcf856af07df1ec4d98a2180ca90227edddf53bca6787cb86f40337290491dec6dbc95efd56e15e7f2bb9bea2c2e683b956b1f85b2f9abce2a87cf61e4b",
-    "session_key": "8d62e93a5ec5cd0305521bcce9695b3ce23b4713a699bd9e1e102049652bc407fc6579cf4c7f8e5e3dcfaadb73a36c49bc2084b82246c01c630dde63a5bbfb40"
+    "registration_request": "70815fce02606dcb4a45ac1b3e312e201501d5cada02691953297e982e1f9b32",
+    "registration_response": "9e2ae845f8f4bd555c4c8df2b5bcff75fa6d1f0650011c422ad349b8d16edc3788a0a8d7d4af520eed596ed1ba0f559ef3938e0760ba4dc0edda61516f786c34",
+    "registration_upload": "66723c5c39695106d654570842a1edab79711a36ea4f34f65078b8c35731ea494d10c64e8239e9ed8a476faf6a4df44dd60a58fb0036ef65d5241541c7ca87aa050a7ea198c68d490d02f23419d0e002c7819805f8c9a6517a062d67a2de8b4df4a4b1f3c2c54257b91a0d87db527505428cbee4b6139e653160d44418f2110cedf21caa38e4cfbef0a7e5254082231d0b0dd056ff9014f2fa313e2107925dd8e69e45c126b8dae8c00567da34d09c8658aa7acab6e2fcb43359b263b4642773",
+    "credential_request": "70815fce02606dcb4a45ac1b3e312e201501d5cada02691953297e982e1f9b32d49d84dcfdde7c09eecf7b6ddaab79c3269a9d2511ba72d01d363fae862b5a83306781008374dd7ae51f6ea634f742c5db39774daed51d781e1a2e155a804666",
+    "credential_response": "9e2ae845f8f4bd555c4c8df2b5bcff75fa6d1f0650011c422ad349b8d16edc37586157850ffa2085e7f857a27b5c942f5419331ca8f9d7467dfd2825e1ec6a3c0e282fab682070fe5f5eaac1c4c01607c753263d6089bec28cf159483d9d8d3bae87a9ae56d6234b34187cd59740eb5e1cbcfe14e048f04ddd020b223365877b175ec2778d8cb0b427ea592751b1456d7f0c7295bc35bc70803e1a69e9ef0039b805f52c349b47ac42896152b738cd2babd230633a30d005fbfdae4a62b168f55b7e3196121b14d54f326ad51849264aeaeef95ea4f4bfde96b31266df92200bfe12195f75aa85845eb390e4eec3ee3594370f9fde7f3864dac00fb5c967dd00f198994831bc346a4b558e0570302b653436f9ecba165dc1f2ac3137f0a0df68aa209353dbf8539a39a4f9d7ff289195b2df5c5e84cb8ff02bbe552c384009f1",
+    "credential_finalization": "5f944d84bb4b92fa2a2ae5719eb7f3c486f4dc3c9622d8b23b8512383b2e9be96ecf3540c7a343a519a447ddd74bf651602dbaa54e6b41e44d24fbe00e4888d3",
+    "client_registration_state": "4c590eff6854bda8024117051aa86c838b5d37bf408714a6004c671e7f72fb0370815fce02606dcb4a45ac1b3e312e201501d5cada02691953297e982e1f9b32",
+    "client_login_state": "4c590eff6854bda8024117051aa86c838b5d37bf408714a6004c671e7f72fb0370815fce02606dcb4a45ac1b3e312e201501d5cada02691953297e982e1f9b32d49d84dcfdde7c09eecf7b6ddaab79c3269a9d2511ba72d01d363fae862b5a83306781008374dd7ae51f6ea634f742c5db39774daed51d781e1a2e155a8046668d4d5de82f0c234b84eb97934b87f2d43960fae1b6bd5d3d6944caf5154d6308d49d84dcfdde7c09eecf7b6ddaab79c3269a9d2511ba72d01d363fae862b5a83",
+    "server_login_state": "30234f3b8cead1e011aa7dfeaae19b64913115daaa46f3cfd033c2a64fdd0a3959e62584463cf961b0471a6aff255eb0537edafef843dd59145ae1a96536b42476799bfed1b5332d0547740d550554fdf83b2fa13ef9850c8664a6932e7da165b629fb87a8993b3dca588a96199e5e5d5454e4597d60482390925ecece9f62fd87a6422c13f1ed7bc5b844ebb29f7b35a2230d9a4d798763d91feb7f2be228b6c46277fd8d9589066c3c656d7daf75c71ce257ff9c7b7c8d017cc5dc766858c1",
+    "password_file": "66723c5c39695106d654570842a1edab79711a36ea4f34f65078b8c35731ea494d10c64e8239e9ed8a476faf6a4df44dd60a58fb0036ef65d5241541c7ca87aa050a7ea198c68d490d02f23419d0e002c7819805f8c9a6517a062d67a2de8b4df4a4b1f3c2c54257b91a0d87db527505428cbee4b6139e653160d44418f2110cedf21caa38e4cfbef0a7e5254082231d0b0dd056ff9014f2fa313e2107925dd8e69e45c126b8dae8c00567da34d09c8658aa7acab6e2fcb43359b263b4642773",
+    "export_key": "f529f81953f783863c758dc677dc5673d39e3b17508c5ccff96a3bb8dc29b3d09966c6b8cb11afe53ac1784b3768d8789d47c85a300ec2431a4b48b63d0724fc",
+    "session_key": "87a6422c13f1ed7bc5b844ebb29f7b35a2230d9a4d798763d91feb7f2be228b6c46277fd8d9589066c3c656d7daf75c71ce257ff9c7b7c8d017cc5dc766858c1"
 }
 "#;
 
 #[cfg(feature = "ristretto255")]
 static TEST_VECTOR_RISTRETTO255_P256: &str = r#"
 {
-    "client_s_pk": "f88bd648ec3275a06d2f64f7f2e35f9b79cef7d6ead6ba05945b700658643e2f",
-    "client_s_sk": "04e1b7f9448b6913ff7de5e0b4ccc2f6e88eb6ef80963c75f89db0f634cb000b",
-    "client_e_pk": "907bd6c4d780c85415ce1b9e8cff2a6c10bec716d6eab80cf3f9646469033a3c",
-    "client_e_sk": "8c0e7d7310db05a12a418c0616c8969855008946702d7d0e2b0b1f10dd24c402",
-    "server_s_pk": "681525049da7bedd96b863b95f13859b616aa9729b752676dde32513acfb7611",
-    "server_s_sk": "30aa1bf8df6bf6ed30e7c9579e3bda2804dad268ea2d3bc793173a35e895ad00",
-    "server_e_pk": "68732765fd7a76511f7c2a50bf7df6efe54efa15b0bfce2ba162ee922c4e0452",
-    "server_e_sk": "4961b6b17fef0eb216c13c97e5a2c28db78feddbbbdcfe9eaea937c6fb625d05",
-    "fake_sk": "d3fd635217181a826cb07eaad0d6c722e73731a3c719f26322ccef9d2130990d",
+    "client_s_pk": "96860d1458e14e8724abc569401bcd1b6bcfeddf09742103d760a6014804cc73",
+    "client_s_sk": "0daf879c98ee31788e0014af07cebe6ff594ea3c4f6e308abcc2bb878b8fa605",
+    "client_e_pk": "5a049d36bf732157b108dbfc9230a9e67fea0020f16035856c10ca81d8930f07",
+    "client_e_sk": "b1683ccba5ced8986407ca6f6047749a239418ebe1bde10c793db752e6980c06",
+    "server_s_pk": "12396a13fddef61cf0134aa4c2a6aaf3d1be57cb13ea4f4b9838d71fc54ee80c",
+    "server_s_sk": "0f383b8fc12a075e1625771cb0e5dbe415f11f5bf1782b890c72c079214db30d",
+    "server_e_pk": "922dc5a69f7cad85dd41191458f4964176c47dd563d02bfd49c3023329b3ec6c",
+    "server_e_sk": "02ea163c9f6e9178774981e0c1e85f15279bfedc3dda8e6d61d29a3a6cb7100c",
+    "fake_sk": "85dd0108f49dfba87cc20ddbf26e50fa2f75617eadd79f981166918dd46d0b07",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "ce2a220c656632c5bb630351bf2bc9258631acd226c5ecb1686aa82ea5baf308",
-    "oprf_seed": "3d108c5667216961a69098fc9a94294cd8761aa4af76c51ea35df3a06f2139f6",
-    "masking_nonce": "ef9aebb14f7f965ac8fcba0418a83340646747cb00d056b57f7ba2671945728ce3648bf46c6d2b21890ad09c25142e57360cea1300ed7d74dc0580e61fa5b5e7",
-    "envelope_nonce": "23abd8c07fec3913673426fd49f4d2832c29855b5846fea5ffa6d91ede58f6ac",
-    "client_nonce": "dff3b604d150842e692aa20fd0621ba8718581fd6fa4a3409108bba35d5f7bdc",
-    "server_nonce": "e3d70b5657db6fa047f106843a746091c602d2c2e8280d9ac8994cf39bf93d30",
+    "blinding_factor": "0c4bce66bf65a8546ef873df3753d1d7be8b03c7117e4db915db6c39e8e2ba3c",
+    "oprf_seed": "189debd660e17b3e4bf4e867d341715e9106d1c8fe50f1c7494b844f84581520",
+    "masking_nonce": "cf06408b0fb43754f84212958c57c9f1f80ee9c286f09f4a8abb0df17a34f5c7fb0678eb323d4c08bf48261066876c41e552f0fa0597bcf72723745084074c33",
+    "envelope_nonce": "48485d8f1020b7a37c39b1d30b32a8e1627f090602bc6d252210feced34f5380",
+    "client_nonce": "2299b1cbada1e9f1aab6ae243db020674b38e3c3d9d48c09a77e68cb5a3dbc89",
+    "server_nonce": "e930041050fbfe8ee81dc9769d9b70ef4bc1aa214fcc816566a94c216dd25a1b",
     "context": "636f6e74657874",
-    "registration_request": "03ae0926f45e0b5efab9e15e6acddd7dd4bdbf15b1accccbae1927d5450532229a",
-    "registration_response": "03f2a9e0737a10e41a5501f853d2401a89a7c8c626926e6899205357a7d971c238681525049da7bedd96b863b95f13859b616aa9729b752676dde32513acfb7611",
-    "registration_upload": "7e7ea08bc8cceb5d89b7ceb8e91deadb721a2ad684272510e85570acb9563451ad667e253cfd587092cfc3a788aec8b0cf3e248d84cc7ff98e7d5488736deb3704e1b7f9448b6913ff7de5e0b4ccc2f6e88eb6ef80963c75f89db0f634cb000bfc47ba0ccf49efab4a706d72cf038a01c6f32fa4fa10a30c6ce94df37a86504f",
-    "credential_request": "03ae0926f45e0b5efab9e15e6acddd7dd4bdbf15b1accccbae1927d5450532229adff3b604d150842e692aa20fd0621ba8718581fd6fa4a3409108bba35d5f7bdc907bd6c4d780c85415ce1b9e8cff2a6c10bec716d6eab80cf3f9646469033a3c",
-    "credential_response": "03f2a9e0737a10e41a5501f853d2401a89a7c8c626926e6899205357a7d971c238ef9aebb14f7f965ac8fcba0418a83340646747cb00d056b57f7ba2671945728cb166cbc26eadb074abec8888288bb157ba6e995e4983277dde3a8b164e78efcf261a0a2ae4dcbb379a1e651b128bf356108a2be9e10f5e0d95f5e51c748b890b96e6304f8380ee71f623e3bfde447ee58bb60e40281e44f8496e5a799c24506f4961b6b17fef0eb216c13c97e5a2c28db78feddbbbdcfe9eaea937c6fb625d05c0b7b235a518f55c3026b2bc375841f35c3b2e1fc381c3963b721a97d34d887ea4dfb155d59da8ad912aac17df06e6a21b118cac0cfd15903f0c20658fa717b4",
-    "credential_finalization": "10653ec75b594a7401ffcde895d463002c3eac839f0343ac779fa9210e4782dc",
-    "client_registration_state": "ce2a220c656632c5bb630351bf2bc9258631acd226c5ecb1686aa82ea5baf30803ae0926f45e0b5efab9e15e6acddd7dd4bdbf15b1accccbae1927d5450532229a",
-    "client_login_state": "ce2a220c656632c5bb630351bf2bc9258631acd226c5ecb1686aa82ea5baf30803ae0926f45e0b5efab9e15e6acddd7dd4bdbf15b1accccbae1927d5450532229adff3b604d150842e692aa20fd0621ba8718581fd6fa4a3409108bba35d5f7bdc907bd6c4d780c85415ce1b9e8cff2a6c10bec716d6eab80cf3f9646469033a3c8c0e7d7310db05a12a418c0616c8969855008946702d7d0e2b0b1f10dd24c402dff3b604d150842e692aa20fd0621ba8718581fd6fa4a3409108bba35d5f7bdc",
-    "server_login_state": "2b6792d84ae19d64f39ae233b54ce79ab8793f9648c24f4bd22df7b4f9e4e6e77fe5ead3ce6faf1d05cbc64518cfe259cfe522b381eadc79019c0c81f613233d91910ea0c4c286eeec89dd2ceec93478f936454f4f41206c75407862150cdf3a",
-    "password_file": "7e7ea08bc8cceb5d89b7ceb8e91deadb721a2ad684272510e85570acb9563451ad667e253cfd587092cfc3a788aec8b0cf3e248d84cc7ff98e7d5488736deb3704e1b7f9448b6913ff7de5e0b4ccc2f6e88eb6ef80963c75f89db0f634cb000bfc47ba0ccf49efab4a706d72cf038a01c6f32fa4fa10a30c6ce94df37a86504f",
-    "export_key": "b776d68ad88a7534f571625727ce09a13ff203b9c26e16da9aaa1b7698cd1645",
-    "session_key": "91910ea0c4c286eeec89dd2ceec93478f936454f4f41206c75407862150cdf3a"
+    "registration_request": "03bd2e315c39a7f0262844c53d8474cf45ff0eb1702b583f190b902b80dd636211",
+    "registration_response": "0295b6e042acf53567b5e0c33f6ef78867387f97be9cfa032d63dd59b0a3bbe69612396a13fddef61cf0134aa4c2a6aaf3d1be57cb13ea4f4b9838d71fc54ee80c",
+    "registration_upload": "1cbf711b9e1dff7c2aaf72a2b6f1539575829b8810bfe226e24fbbefbcd2894dc919828b717bfe9b990b34447ae288e858d92188d447aeed5e567d22145b3d4c0daf879c98ee31788e0014af07cebe6ff594ea3c4f6e308abcc2bb878b8fa6052b8c9a902bbc1e1ebc7ddfe5bc8d8f0373643ebc8aa14068cfd59023c08a9c2b",
+    "credential_request": "03bd2e315c39a7f0262844c53d8474cf45ff0eb1702b583f190b902b80dd6362112299b1cbada1e9f1aab6ae243db020674b38e3c3d9d48c09a77e68cb5a3dbc898e49984d760ede86d52699fa452d5297c4939007ce7aa197374e1048a6035d46",
+    "credential_response": "0295b6e042acf53567b5e0c33f6ef78867387f97be9cfa032d63dd59b0a3bbe696cf06408b0fb43754f84212958c57c9f1f80ee9c286f09f4a8abb0df17a34f5c7537e2b0fddecff2140a12fff250cf71dc909d80397aef7ef4b127762dcfcc718c7023064997840e593afea87022470bdee8954a0640992403f8ec4a14b7c845d49010dae5bf99c6db15c34fb354c3c385c7dc45853ec9b1dcf9afab48281a8cb02ea163c9f6e9178774981e0c1e85f15279bfedc3dda8e6d61d29a3a6cb7100caa4daad8755b1ffb28695e317278215428bd4d1ecd969e62059a93fba1af40018caf3978ca1456277ec344116a4f189a32c91fd28c1d23cc7be0e80e10a57422",
+    "credential_finalization": "4db5e4b91877f7bcee7d63b015793559fc788e7196b3c53f34b63ff8bf9bb91d",
+    "client_registration_state": "0c4bce66bf65a8546ef873df3753d1d7be8b03c7117e4db915db6c39e8e2ba3c03bd2e315c39a7f0262844c53d8474cf45ff0eb1702b583f190b902b80dd636211",
+    "client_login_state": "0c4bce66bf65a8546ef873df3753d1d7be8b03c7117e4db915db6c39e8e2ba3c03bd2e315c39a7f0262844c53d8474cf45ff0eb1702b583f190b902b80dd6362112299b1cbada1e9f1aab6ae243db020674b38e3c3d9d48c09a77e68cb5a3dbc898e49984d760ede86d52699fa452d5297c4939007ce7aa197374e1048a6035d46f62b5e93fa459dcdf3ee17e3e2447f0809e85f15b17e46d06f8894baa3c0e20a2299b1cbada1e9f1aab6ae243db020674b38e3c3d9d48c09a77e68cb5a3dbc89",
+    "server_login_state": "3a31ecc4fdee405375e58df2e9f4fe25965859cb6173d7e6709fb24fd2698d53933d8bc443c8860da1d4096d8b2ea2a5c651d744a22da9b2c9f73ff0ad17fc0b5c0df6a11fedcc36dcd1173ab7e55f3f2627d399e464ec29671cee7566d6d912",
+    "password_file": "1cbf711b9e1dff7c2aaf72a2b6f1539575829b8810bfe226e24fbbefbcd2894dc919828b717bfe9b990b34447ae288e858d92188d447aeed5e567d22145b3d4c0daf879c98ee31788e0014af07cebe6ff594ea3c4f6e308abcc2bb878b8fa6052b8c9a902bbc1e1ebc7ddfe5bc8d8f0373643ebc8aa14068cfd59023c08a9c2b",
+    "export_key": "e785a045278a7fa931ef1f8910d0ba85dc3d6c7537dfe5a9f4bd7bfa317e1762",
+    "session_key": "5c0df6a11fedcc36dcd1173ab7e55f3f2627d399e464ec29671cee7566d6d912"
 }
 "#;
 
 #[cfg(feature = "ristretto255")]
 static TEST_VECTOR_RISTRETTO255_P384: &str = r#"
 {
-    "client_s_pk": "86a1adb5a45e87b1cb92f082a5bf5890e9e21e2d78d4773ab7f0d021664b7b69",
-    "client_s_sk": "950ac3b5fcca8fbcc740e24a9f0a0703bf06c1e345459cb662bed0ae91f10904",
-    "client_e_pk": "d697f15ff9e34fd51a2a8980995503d17bd11cbb0407d51502138f384f908112",
-    "client_e_sk": "c320ee0eb5eef9e6e00872cef1196e362d20712ae9da185e7466397324a72907",
-    "server_s_pk": "d0433b254df7a9952f281f10b86d9c4cc14faef3a3c67943a01b208782da620e",
-    "server_s_sk": "94985ed3d85392c7957c53b9f24ab138acbdbba80357c79eeccea19602434b0d",
-    "server_e_pk": "00ea32a0e605deb301bc73b4df661100d7de331c6e4548b9e5dbf02872fe7529",
-    "server_e_sk": "e4d2a0ea0adf9edb4a8d7e0d236ea9022bdcae7d7c24665928c7c9e765ffe700",
-    "fake_sk": "26e8e0bf9739b54dafab24a3454cceef1b3c61b0b6e521dc5cba404722517101",
+    "client_s_pk": "4e2c60441878e85783c9800406ebd5e7e881dff80616d03b567947b82e5c7a57",
+    "client_s_sk": "dce2e0634b405f06caf29c1265fe223cb534535bb7c27cdf2e12f6291b39c00a",
+    "client_e_pk": "5e49aef294f9dce3c6522d66805d864337dc0fadfe88fe2e0f037c32c105a82d",
+    "client_e_sk": "dfb45d06440e1cbcdda340d9582de46237c44413f05b40339a6187115bfcc404",
+    "server_s_pk": "543f5a039f83eacc40c62fc5c5acecfd4650873dce4d6dbceb04a327baf86f2f",
+    "server_s_sk": "0c0d7c18c7ff0860f5d6648d5ebea2fec4a3cff45d436f3be5aa680608e7f605",
+    "server_e_pk": "e063a148282a82945d5ea35b9bcbc4fdacc175f73bee2ba4d0f72e7b3aec1338",
+    "server_e_sk": "a50f4953424642bcfc681fd4b6f8f9c71bd4a052bbc5f46047d22727da26af0b",
+    "fake_sk": "4305d00aa1b28f5fa20a4c939c97ce51150b948f87307191d5febc66ea2ea606",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "454092e5dcb20854d987421466835f4a270bcaffeae8e094a0cd1c4f636946b90bb5d8d0cc2bddfcde1bc97042021043",
-    "oprf_seed": "e4d402280ebe5718f2b2887ef5595a6b2020f6fb983b5f117ab7db986e2fdca9675b4bc94ff4db6cd249810ff08bb760",
-    "masking_nonce": "ed6dd7938ad35abd1088e892d55706ea3394d88351e18b6574b7b2931210e5b6320a60040a96d8a68f8ca197dc77c9072964e0a267eb4d51bf6327d40ec3091f",
-    "envelope_nonce": "866f1e43f59ab3076f7ffa80e3d180d74dfe472a4399378477927ac88e99483c",
-    "client_nonce": "c4eb516c8f385cabe449e30bd55975cb8c73b8cd4121e392202c95dc1ca58ff6",
-    "server_nonce": "7eba5738ead262ae3288e908cc31126d8755b79471e34a0fed7bda22abdf830b",
+    "blinding_factor": "ebb318997438ae2f5e3238f03b75b975c15574221dc5366b28fd9f3401230420fbdaea1919df12380f986f7c6dcaee4d",
+    "oprf_seed": "f28b12958dfe452b0819cc0df743666cb27c9f7d5b07818de0c79b21bbc8a3987257a81a1c57c21bccebd2af0e6fbe94",
+    "masking_nonce": "cbe822a5e60816a19d6b707308876147e4c0be5436e0658802c88d257f9523f873c3c248f599aa0854a047ff227676b2ef036e847aad26113df99cf494ada455",
+    "envelope_nonce": "f5af3d4e880da0abaf85dfb4da5b7b23549c83c90bffbce20fc84d8a22014b00",
+    "client_nonce": "97cb195111c2bd433a1d1cafed854d9039936ae9559942cc701dafcb9dd51524",
+    "server_nonce": "4b15d916d5fb9bfc3e0a110dfcade484e4c98f6bebd9860f7b7956880a806efe",
     "context": "636f6e74657874",
-    "registration_request": "031032c75bd6d20572956af17c27c8a628f493993903e8a2dbd4db1b069f2dacbf05767428f0e4c58150af7d6577c42cc1",
-    "registration_response": "024fbffd6d812d62d98009ac0277c0740e3245e98bf3c62a8dda34152b350b8a74f34fb5677b848b45e982d663ee7ae522d0433b254df7a9952f281f10b86d9c4cc14faef3a3c67943a01b208782da620e",
-    "registration_upload": "82961e5ba6f42e3dede98b0eb333668f768df6e28335896e1d1c764d45b26101937f31c8f82cda4be30080d8edeefdce8d43a11a8dc089111f48d173d9a057fa35dc0dfe0a59457a6bfec84298d5e4d8950ac3b5fcca8fbcc740e24a9f0a0703bf06c1e345459cb662bed0ae91f1090468008a29cf8f061e01bdc0940a04bee4a49391c2eb3a10552254f3904e2b374a2018fd6153e948d7bb74e47de4b3765e",
-    "credential_request": "031032c75bd6d20572956af17c27c8a628f493993903e8a2dbd4db1b069f2dacbf05767428f0e4c58150af7d6577c42cc1c4eb516c8f385cabe449e30bd55975cb8c73b8cd4121e392202c95dc1ca58ff6d697f15ff9e34fd51a2a8980995503d17bd11cbb0407d51502138f384f908112",
-    "credential_response": "024fbffd6d812d62d98009ac0277c0740e3245e98bf3c62a8dda34152b350b8a74f34fb5677b848b45e982d663ee7ae522ed6dd7938ad35abd1088e892d55706ea3394d88351e18b6574b7b2931210e5b631a1b6b837aa901a6016382e5174dc0afe05c4c382066c68a4712a9472382b22e0f41eec742cfb4fb44606388b40c4460b87996048768e54f2d130cabead02de5e564ca78adb2f72c45c966cf8feadeecbbefbdab76b21474a1513c098a61e2fb00c6b3e23b248d9d95740d44b81e54ae4d2a0ea0adf9edb4a8d7e0d236ea9022bdcae7d7c24665928c7c9e765ffe700bac9e8a7cec2359871b91d1f87d975888ff28262c2520d729a48f27e6c8f722b7b778392ded7de3648a63e312aaca0dfdac3177583b016d64ee3735f983e2b1dbe622fa1f92d9a38fe55550948416592",
-    "credential_finalization": "17a0cf86d1021759062b89f802a798b5d2492f7373462e1b75d6197a21d599e1f16b0fafad97ba72b0ad69683e69a145",
-    "client_registration_state": "454092e5dcb20854d987421466835f4a270bcaffeae8e094a0cd1c4f636946b90bb5d8d0cc2bddfcde1bc97042021043031032c75bd6d20572956af17c27c8a628f493993903e8a2dbd4db1b069f2dacbf05767428f0e4c58150af7d6577c42cc1",
-    "client_login_state": "454092e5dcb20854d987421466835f4a270bcaffeae8e094a0cd1c4f636946b90bb5d8d0cc2bddfcde1bc97042021043031032c75bd6d20572956af17c27c8a628f493993903e8a2dbd4db1b069f2dacbf05767428f0e4c58150af7d6577c42cc1c4eb516c8f385cabe449e30bd55975cb8c73b8cd4121e392202c95dc1ca58ff6d697f15ff9e34fd51a2a8980995503d17bd11cbb0407d51502138f384f908112c320ee0eb5eef9e6e00872cef1196e362d20712ae9da185e7466397324a72907c4eb516c8f385cabe449e30bd55975cb8c73b8cd4121e392202c95dc1ca58ff6",
-    "server_login_state": "1ac407a2442a2b126afd56a7790d790c1dcbd16b3d9d89963267f26c798a0266d896e8c1daa912d5933be902cfa301e42f1fe785b8429087cc492f9e8731139628530254e4524a0df9a6840748dc8bd12b65bf3141f09a696b55760bd4f65fc3e952e42d4d61618bd93459e43b4ee699eba8d9d3ed3c0c31bd605b654e9fc289a87799c43267570e7644c16436463fd0",
-    "password_file": "82961e5ba6f42e3dede98b0eb333668f768df6e28335896e1d1c764d45b26101937f31c8f82cda4be30080d8edeefdce8d43a11a8dc089111f48d173d9a057fa35dc0dfe0a59457a6bfec84298d5e4d8950ac3b5fcca8fbcc740e24a9f0a0703bf06c1e345459cb662bed0ae91f1090468008a29cf8f061e01bdc0940a04bee4a49391c2eb3a10552254f3904e2b374a2018fd6153e948d7bb74e47de4b3765e",
-    "export_key": "6507d9329bb8fb8468d7fbf89781f02e3d56e887aa8cd0e56b622bb9b2cf78e079000936c0cbacdf3acbae65b929f143",
-    "session_key": "e952e42d4d61618bd93459e43b4ee699eba8d9d3ed3c0c31bd605b654e9fc289a87799c43267570e7644c16436463fd0"
+    "registration_request": "0335ded8e0d44b32ef46a01d530365171b4a0656bc97362c731e5228c8d82cc66a7be5bbb4af2df2c69fab5946951bddba",
+    "registration_response": "037afbd911baaeaf20b8f81a323b9394b0483b622b92a02d19c6956b229264f645b2c82d42207a43c14445c9b77d5812d1543f5a039f83eacc40c62fc5c5acecfd4650873dce4d6dbceb04a327baf86f2f",
+    "registration_upload": "f0009445fd1d418db028788a28b21992786ad8b697a2a8baebe30547733f9143bdb7d21117484fed96d101d15e148c5a63623687e4844834c2d22a48913aaf0feeeb831dfb5ca91a91be5d2d7d46680fdce2e0634b405f06caf29c1265fe223cb534535bb7c27cdf2e12f6291b39c00a659cfc677db765aa62682b8095a1ab39dcd73ddbe49b668eb63f7bd5f4396f6e6b40ad646ebbb1af13b3589b73d69371",
+    "credential_request": "0335ded8e0d44b32ef46a01d530365171b4a0656bc97362c731e5228c8d82cc66a7be5bbb4af2df2c69fab5946951bddba97cb195111c2bd433a1d1cafed854d9039936ae9559942cc701dafcb9dd51524962707435be9a80153f6e4ec9ebc2440163ba73c232a418c958e25e77aa85863",
+    "credential_response": "037afbd911baaeaf20b8f81a323b9394b0483b622b92a02d19c6956b229264f645b2c82d42207a43c14445c9b77d5812d1cbe822a5e60816a19d6b707308876147e4c0be5436e0658802c88d257f9523f8020480a4ed9d375068b49232966147564a442f1dfe5cab652453c60a29d384863194bfb106012b50ca488869460200f16360b01a1337cfe3f03e118eb48bbba6ccd4c56eb181539277bc2b72f1dc15afabecd59885ca66fe42595382d085692bbd0278b83759deb8230883bf2c3181eea50f4953424642bcfc681fd4b6f8f9c71bd4a052bbc5f46047d22727da26af0b3405b452e6d6dabfe98ba19092987ebbfae106116b40a0f65dacbd709ac4f7756c3e6d1965246cca600fc88be6abd548299f728d756bc966b3021c2fb1a8c43a0b53a886a9594c93b3975536e59c71e1",
+    "credential_finalization": "4adf8d88cfd65aeec5b01e53cb0c791fba6239a7140994105b2d43c30d1921e9f3510d03c6f097f1d170cb7ae665e7cf",
+    "client_registration_state": "ebb318997438ae2f5e3238f03b75b975c15574221dc5366b28fd9f3401230420fbdaea1919df12380f986f7c6dcaee4d0335ded8e0d44b32ef46a01d530365171b4a0656bc97362c731e5228c8d82cc66a7be5bbb4af2df2c69fab5946951bddba",
+    "client_login_state": "ebb318997438ae2f5e3238f03b75b975c15574221dc5366b28fd9f3401230420fbdaea1919df12380f986f7c6dcaee4d0335ded8e0d44b32ef46a01d530365171b4a0656bc97362c731e5228c8d82cc66a7be5bbb4af2df2c69fab5946951bddba97cb195111c2bd433a1d1cafed854d9039936ae9559942cc701dafcb9dd51524962707435be9a80153f6e4ec9ebc2440163ba73c232a418c958e25e77aa85863dea54ac07a062a89450b947cd563d9b3c7bbec1460212b78c21d509f45f1310997cb195111c2bd433a1d1cafed854d9039936ae9559942cc701dafcb9dd51524",
+    "server_login_state": "ed32e9f19429767a8297ece379a7f2ca317543fa601f9d575577c4004a22240814814df482a466fb9456f2a8ea175f61d589b838e49246593d6fa7e2f41335961f0d890be0ff0f196d6c54b0ea909e9833cce7f57c20cdde215c23d0107bb32173700ee1021612393ecb5a619d95774b74ac82c7a2243ea01091aa34059bb6b93763af9e3270d17e15d31e2c36a22c1d",
+    "password_file": "f0009445fd1d418db028788a28b21992786ad8b697a2a8baebe30547733f9143bdb7d21117484fed96d101d15e148c5a63623687e4844834c2d22a48913aaf0feeeb831dfb5ca91a91be5d2d7d46680fdce2e0634b405f06caf29c1265fe223cb534535bb7c27cdf2e12f6291b39c00a659cfc677db765aa62682b8095a1ab39dcd73ddbe49b668eb63f7bd5f4396f6e6b40ad646ebbb1af13b3589b73d69371",
+    "export_key": "d610a300a933f98e70927f01cd97b7aead44e98b1405c40b42c15e25e20dc0ce237eca5cc623d2f7f185aa3db7846cf1",
+    "session_key": "73700ee1021612393ecb5a619d95774b74ac82c7a2243ea01091aa34059bb6b93763af9e3270d17e15d31e2c36a22c1d"
 }
 "#;
 
 static TEST_VECTOR_P256: &str = r#"
 {
-    "client_s_pk": "032d82f5e7db19c5f87db1cb296d5f847315e98aa4ae2f14cb94fe9fefae5b23a1",
-    "client_s_sk": "4c2bd02fd037cfe6aa8aa243bbf0419c6f4196565470192554bdf3da966ae1d5",
-    "client_e_pk": "03b2ee310f831c43b6ecf8683ab3a0f903f4c54d42b5851652667d24a051805e54",
-    "client_e_sk": "11fd841fa4c27ed5849632ce256a242c526f1f828e170a68800fa4a7a9c93047",
-    "server_s_pk": "022cc9aadeaed45bdae85464af1512614edde6adf97c1407d6721e5cd1a985734a",
-    "server_s_sk": "e6334d73a9a34212886d4c4b7368df72f06a90b2887e5632f0eadad4cc8c9d3d",
-    "server_e_pk": "03ca02f4d31f1e66624dc21864e410876f2dc8fdcfff031090f170736d73060a10",
-    "server_e_sk": "6a6b22ac2bc7bd6401cc2e42f588a4550651cbd30d9529b69ebb88d7b073e6a2",
-    "fake_sk": "8362d70183ab78942b21ae3cba95f1edb5d314fb2f2afa49a452222a02f6dcc4",
+    "client_s_pk": "02c2e8f49855c9f783a851dcefbd8987ce90d8e85cf191c7aa475950c771a1a392",
+    "client_s_sk": "5ae546ad6e00e6434492285305f0a087a2c0fd4c70d867c87e59aa18df7168d1",
+    "client_e_pk": "039f4ec8755bb55f7b815f08fdda9da51a05edbc22025a3d4f5ff7b6ddcdecf847",
+    "client_e_sk": "efaaaad9104f1eaf18014d70ac70a61073cb1cf471b02b89dc16f6a338c9aac5",
+    "server_s_pk": "03923edfe871973dc0e549692526eeed3967fec567cd4ccba30ea3696614e5c9d6",
+    "server_s_sk": "21cbcff4c92ceb1acade2eccf301c7defe655f55d7354d1326a1259de4f6afc9",
+    "server_e_pk": "037ae15922e04a5e1d288494176932c8b4defae649eae82dd40876e9bc5afe7236",
+    "server_e_sk": "6162bef0095725abad6b72a7e3e64599fc1b5df9064e7ce40766fb0ac7e7964e",
+    "fake_sk": "da212727cf2f6f38c536014c883c22c35cb9efc4a27228563d364ab4d12ec5fa",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "87700138241d25149a2ca6fd9a27e7f9d71a8e718fe1c411862a975cdb17a413",
-    "oprf_seed": "8b10b0445efce9c59e6e5a39f89961722fba14a809068620b9d77433bafb254e",
-    "masking_nonce": "52b2cf34ba108ffd2ef1e516585d845b90e34af198f379b6465744f5812274680c5dc1dca7e6a73a4dd48159cbd4b35913ff51bac2605a63563602e681aeb171",
-    "envelope_nonce": "f97a0c9a7de14b073531d24ba6d7893191a2724fffa6fe242099c17c6640e210",
-    "client_nonce": "4c5dbddfb063ecba7fd528c0caec52893ef206bf86362dafb27fe13d96e0b538",
-    "server_nonce": "fab1f9fa3f0356fc5d9b766ea3bdd53884ab38bac8371842d047a3b815c79428",
+    "blinding_factor": "9d781bd63f99a84b819c99c7ce497e6288f9122834048945997f2d76147efde4",
+    "oprf_seed": "b09d533d8960cb471b05a36882927adbcbe7ef600ba74e1af31d1486230e8adf",
+    "masking_nonce": "2590367466a06ccc880d11398181d1c302144c05e4ac5a0528ef3336fc26e4f13e45edf9d43d0d4e9c6ec08536895968111c4d23f6f9ecc6734999e7466ae9c5",
+    "envelope_nonce": "aacb6bb400ab28256d2e54d9eca742857f6d5e29c92b7b0044c95215b6db4892",
+    "client_nonce": "27e8fe90451e2934e8dc358fe30ba07d15175e2c70a6fda88b1bab732e80c140",
+    "server_nonce": "fefe1c85ec03f03f8ab66d4037a661f677954cda1695765381fe56ee553275bf",
     "context": "636f6e74657874",
-    "registration_request": "030e9bc97e025d9b5eacf7e76b16ada9a568401c509d2d1c507914c56d820be7ea",
-    "registration_response": "03dc5d4ba61011266879896966f26fde5e188a5d30df17deca56d5e227efbc8102022cc9aadeaed45bdae85464af1512614edde6adf97c1407d6721e5cd1a985734a",
-    "registration_upload": "035153b60a0f66ddf3d45d00c6bf6506a0898e6d438f1f73fbec916d538f6b43b042eaa5fe4bb07b55cce02bdc53225886bff138edf3a57a7f28d256d52b1755c84c2bd02fd037cfe6aa8aa243bbf0419c6f4196565470192554bdf3da966ae1d5489d88b7908412724d6c28f209a1c45ff7d509cbdb67b017c08802a4532e04d5",
-    "credential_request": "030e9bc97e025d9b5eacf7e76b16ada9a568401c509d2d1c507914c56d820be7ea4c5dbddfb063ecba7fd528c0caec52893ef206bf86362dafb27fe13d96e0b53803b2ee310f831c43b6ecf8683ab3a0f903f4c54d42b5851652667d24a051805e54",
-    "credential_response": "03dc5d4ba61011266879896966f26fde5e188a5d30df17deca56d5e227efbc810252b2cf34ba108ffd2ef1e516585d845b90e34af198f379b6465744f5812274682cc3c3b734abf18e0ee058a9983f91017022b220d76a7bea6a99e7a7ca8bce9dfe0d670272cdfe25136f9bf00b4607a79133c37f367da3e8b9ead9059f40a2bca60b7d99ba5a2557de3be49de1b62e5771a2855d1fbce37ffbf403ca5fa3a37c3b6a6b22ac2bc7bd6401cc2e42f588a4550651cbd30d9529b69ebb88d7b073e6a203e0f0020d7d9a024e799db237b7dedc4faa8a4a8ce17e93ff490ea66ebc654ba67c17359620d1e627a528c40c961d55d77de2882a9c510ea920974f1ddc97f3c5",
-    "credential_finalization": "a6836d9d17ed9a5e7c562002058f0a68e1c41925f7736e959965811b6e3e0783",
-    "client_registration_state": "87700138241d25149a2ca6fd9a27e7f9d71a8e718fe1c411862a975cdb17a413030e9bc97e025d9b5eacf7e76b16ada9a568401c509d2d1c507914c56d820be7ea",
-    "client_login_state": "87700138241d25149a2ca6fd9a27e7f9d71a8e718fe1c411862a975cdb17a413030e9bc97e025d9b5eacf7e76b16ada9a568401c509d2d1c507914c56d820be7ea4c5dbddfb063ecba7fd528c0caec52893ef206bf86362dafb27fe13d96e0b53803b2ee310f831c43b6ecf8683ab3a0f903f4c54d42b5851652667d24a051805e5411fd841fa4c27ed5849632ce256a242c526f1f828e170a68800fa4a7a9c930474c5dbddfb063ecba7fd528c0caec52893ef206bf86362dafb27fe13d96e0b538",
-    "server_login_state": "f7954aa457f509c7695b9e3313a7a445086cb7c0340f75249544d638fe2faba161395f0bfaeb1f56bfb8c93b56b5cb77e5e63c15d328e7e5bb4310e92cb2cdd867e4fa4ba1fdae0282a7b8dadb9bb30081ff2fd351c3ff24dac160d46e3192cb",
-    "password_file": "035153b60a0f66ddf3d45d00c6bf6506a0898e6d438f1f73fbec916d538f6b43b042eaa5fe4bb07b55cce02bdc53225886bff138edf3a57a7f28d256d52b1755c84c2bd02fd037cfe6aa8aa243bbf0419c6f4196565470192554bdf3da966ae1d5489d88b7908412724d6c28f209a1c45ff7d509cbdb67b017c08802a4532e04d5",
-    "export_key": "dfaad05e13c091a4cd11d9342bbf361111bfd7ae0b09866175a6c76403afef15",
-    "session_key": "67e4fa4ba1fdae0282a7b8dadb9bb30081ff2fd351c3ff24dac160d46e3192cb"
+    "registration_request": "03493e2bda2f5ce79408178469ddb1424bd6880b796945caf97eca254091493c4f",
+    "registration_response": "03f66c48699b84e856f2110cb770c46c59fd75831d5fe0a4b1c164a2b13272798503923edfe871973dc0e549692526eeed3967fec567cd4ccba30ea3696614e5c9d6",
+    "registration_upload": "033975e189b8c31851993d7b38abf30c0fc666ab8fb93e5ad8581a035fbeb60283bf546c8d3d8f1759d16dd4db3653c45248c8420703beba195304e1f5600cded75ae546ad6e00e6434492285305f0a087a2c0fd4c70d867c87e59aa18df7168d107ed74db82d4ef8d7268bc2dbcb146681347aafd7ed9bb8e78399766d753688f",
+    "credential_request": "03493e2bda2f5ce79408178469ddb1424bd6880b796945caf97eca254091493c4f27e8fe90451e2934e8dc358fe30ba07d15175e2c70a6fda88b1bab732e80c140026a65dd93748b6d545fe24839cdcba11db412e3649d704e88a0a24b3600671a77",
+    "credential_response": "03f66c48699b84e856f2110cb770c46c59fd75831d5fe0a4b1c164a2b1327279852590367466a06ccc880d11398181d1c302144c05e4ac5a0528ef3336fc26e4f1fc2abe70c70551c2922019c4e8aa092a32492dd50e0be8aaa44913d2c7253c8255ffec37fd5612b651b7ac26e5f2aeebb0caeddae68e8dd49aa0ee522dce90900da3537d718ae15954a5b5c2678d6efa31c846f6bd46605b56fdf70a448c3143c46162bef0095725abad6b72a7e3e64599fc1b5df9064e7ce40766fb0ac7e7964e03f609f0b7575cf87465a11900d2ac4e91f8097f34c5668b974e55af50ae1ddf4895d3f8760cfd8699c9bf6ea54fdaaa7af049e2ec205505ab33fad7c0ce680c14",
+    "credential_finalization": "e6aa42333906d3294b5f6f153c746974bfbb3f9d6eee94fabff2757994ae0828",
+    "client_registration_state": "9d781bd63f99a84b819c99c7ce497e6288f9122834048945997f2d76147efde403493e2bda2f5ce79408178469ddb1424bd6880b796945caf97eca254091493c4f",
+    "client_login_state": "9d781bd63f99a84b819c99c7ce497e6288f9122834048945997f2d76147efde403493e2bda2f5ce79408178469ddb1424bd6880b796945caf97eca254091493c4f27e8fe90451e2934e8dc358fe30ba07d15175e2c70a6fda88b1bab732e80c140026a65dd93748b6d545fe24839cdcba11db412e3649d704e88a0a24b3600671a77d406726833e0a9451751dbb50af5764e45187906840cdfe814282d5aa0efa95527e8fe90451e2934e8dc358fe30ba07d15175e2c70a6fda88b1bab732e80c140",
+    "server_login_state": "dab1a874a0f1db74fa0c9526e6b55b2c4843f26d181b410278b76f1a5a65b0b960e1c6fa8b17cca50f4dc45d53a7f5ef975e31406b31418b87d2d9cab0991e2326ca86363e475842c54ce152c8075b5d633ce3d44f3123bccfbb9a444833f6ed",
+    "password_file": "033975e189b8c31851993d7b38abf30c0fc666ab8fb93e5ad8581a035fbeb60283bf546c8d3d8f1759d16dd4db3653c45248c8420703beba195304e1f5600cded75ae546ad6e00e6434492285305f0a087a2c0fd4c70d867c87e59aa18df7168d107ed74db82d4ef8d7268bc2dbcb146681347aafd7ed9bb8e78399766d753688f",
+    "export_key": "5b8816c59a360431bf7afe5d93644136617c2d25bd67673785cc593cc40b1e35",
+    "session_key": "26ca86363e475842c54ce152c8075b5d633ce3d44f3123bccfbb9a444833f6ed"
 }
 "#;
 
 static TEST_VECTOR_P256_P384: &str = r#"
 {
-    "client_s_pk": "02ffaa7a9ad8d8fbdf51462333be3baf795e927626afc30a825299b2738be56e64",
-    "client_s_sk": "867143397117121b3cf8bbbdbb577e7a3ec3de33a5d052e6ea5e736d8da5243a",
-    "client_e_pk": "02d71ac13b7c461a0aff3ffcf6fb43961f3cc78d159a88190e11814cf8c1c47e63",
-    "client_e_sk": "e48b752d3f498fbd8e605e95a076f342574b6d6717483fe11a8f8bb1f7f404a9",
-    "server_s_pk": "03b0c19cb4a9c38a4f8dfd3108d346153612258eda0a918a66898ead514a087484",
-    "server_s_sk": "799ec708dff22260a940b1daab1bf246f7dc0b3ef36edf5e325e4783ed580b15",
-    "server_e_pk": "0266a3ee38dd097628288b9f12ddcd8ba2d581dd3f390bc82c88019fb6da84b4ab",
-    "server_e_sk": "2d40040888e6eabc3ef1192abe45de7e72de591e88f9cb85624f6fe69a829abe",
-    "fake_sk": "1f63b1381351cdee56bb69a649210a0e401946033210a1d1abb310ee84b057be",
+    "client_s_pk": "0300ffa27e9e1c07e726f3446303fd6e169a824e938be7142c5d57c966c41f48cd",
+    "client_s_sk": "63bcffa26f32783271d78d3b84dbdefda3a4533bc11d7ce73de145c6a80ea659",
+    "client_e_pk": "03f46e7129db840987843f76ec3c1521c7c753740bcb22f00b37b2cf52a9dc5974",
+    "client_e_sk": "502bd0e6474522e6c0572f81e4d7ba6cb87430aa34bad5eb7509d0dd5f2aa01e",
+    "server_s_pk": "02ec3bb6cdaa17e7e0872a57e2c89e2647983bced0b86ffd0d7fcdfa304f90e03f",
+    "server_s_sk": "47965063ae881466b08ba9e96cf1fc48d6bfb7e23d0a6bac30498b114dfc5a54",
+    "server_e_pk": "0304fc747fa5640c258d4846be2f6529ad35d61782f3e45a48efd6d6dbd1cedf07",
+    "server_e_sk": "1bdbabc050b6f5d59d01b02a03d187b0954c8a9341b696cb60c49a8511ab9712",
+    "fake_sk": "cf19797c598f15e3cddc5e01388999e85ca49ef729dc2e8ac10d8f10ff59d2c7",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "898b728c633b5f335da29527ae279122049cc0a48adde3de699707f9008e58808383b39014554696359c1ff9198092cf",
-    "oprf_seed": "a681bb60cbc5f65264fbdd29b487fb7eff1bc1b1fad69ba6dad7d802714251fcadd91cbddb9d203be691c99be04dd3a9",
-    "masking_nonce": "596d13dbdaf0a67f38ab3560f1a8ad539f6879365d2499c35c61822ab457656b5d3102a21c019920324671b47f0c86e6d573179babcd8b87980804a0cec8655c",
-    "envelope_nonce": "027b3fe224cd45ea4a88125341fb12f903c36665fcfd9f86e20e91b094e935b3",
-    "client_nonce": "86c1a1f3bf1872e0f19ce42ca68f4e69c0c7fa2bcd0f9728af650b849f35995d",
-    "server_nonce": "f649bf73c6e0625c8c204a300b6da5f9efcd182634df70175e6cfeb74bbde7ed",
+    "blinding_factor": "ef8bb36f1ad0921181910a8a1a497e18c1192264c5389f4e2cdc270d322e0a0c9b74284ee2af3d476cc7893fe7597d01",
+    "oprf_seed": "1f9b1338fb64584fdd2ef104c15a15a75cd9b922dedcdc4037409c4dd69c5aee2ecada1652d380f3335352baf92974c0",
+    "masking_nonce": "889e0b260347814b97b922fca5c96f89e3974776f2d6486399d17f7634d90d3a7fe5cecf435269a054b3b24d968c20c586ead3fe3b529b7a129f2cd75bb11645",
+    "envelope_nonce": "df7b5518d79f0c5748cbe6ba671786680e895ab470e8a8399018ab4a245e308d",
+    "client_nonce": "ed8e76fe71017d89879ec9580cbee48e1dff47f05d52e4e7655ea65a813897a5",
+    "server_nonce": "92fd03780d2b4035ebe83915fe37fa650477ac7d20a8d83b553d43a569beb584",
     "context": "636f6e74657874",
-    "registration_request": "03b9f9c8b76887dd8c74246c02bf77a29af14cb5ba2b02e13992db2c8c87f48068c040a9898dca0d4122e42ccf65219522",
-    "registration_response": "038fe2c1e3b7d968e312b48077edd6545550fcabfdfa25b9420c78c8331dc413028fe973e15270b96673c101ce98c944c303b0c19cb4a9c38a4f8dfd3108d346153612258eda0a918a66898ead514a087484",
-    "registration_upload": "02e07f9bd7377e8275dd95713f4a8de1a13699f61359b69095cfcada7efbb1ab72b8ff9db6b14b4f8bcb1bf6978cf1b02ce7c75af8d63433d6a75caa620ad851cde67df132e8e71a92c2f6cc137c09ddfd867143397117121b3cf8bbbdbb577e7a3ec3de33a5d052e6ea5e736d8da5243a4f30fd6be311843b3b8309d41a0a11f5f1d42eadc5539959457a6eed12d4adfb599fe45a546effd7dca5dcac5b5ff498",
-    "credential_request": "03b9f9c8b76887dd8c74246c02bf77a29af14cb5ba2b02e13992db2c8c87f48068c040a9898dca0d4122e42ccf6521952286c1a1f3bf1872e0f19ce42ca68f4e69c0c7fa2bcd0f9728af650b849f35995d02d71ac13b7c461a0aff3ffcf6fb43961f3cc78d159a88190e11814cf8c1c47e63",
-    "credential_response": "038fe2c1e3b7d968e312b48077edd6545550fcabfdfa25b9420c78c8331dc413028fe973e15270b96673c101ce98c944c3596d13dbdaf0a67f38ab3560f1a8ad539f6879365d2499c35c61822ab457656b967df0a08fb74ca0bbbb915587e55808699b877c9d9f7370e0ba290f3d95e175d66fb98adf8f3aff5b9c06a5dd2a7b5d20a2a76a4f2dc6ef5a67113461a85a03174b585c78445c7a6b1438edd882f75cb56e380f4447e3d366430ca3f2ef372e439b5bb7ac2e1f9dc5b3487232e60a1ddf2d40040888e6eabc3ef1192abe45de7e72de591e88f9cb85624f6fe69a829abe033f366e71bf3f7573a431bac0b35aa60db23b40d2003af7d8eb5f55940b75af3e62ea7b191b1f5b9fae34bb92f0c10b06b95918e784f4afb06c846c254113bdfb3a5b5ca81890dc601dfdb80fabb3865d",
-    "credential_finalization": "188fe8130fab154ddf481a80349f50685d160e6e1db4d11acdff51e1b5d617032e8a62b39e43116f2ffc3651df61995b",
-    "client_registration_state": "898b728c633b5f335da29527ae279122049cc0a48adde3de699707f9008e58808383b39014554696359c1ff9198092cf03b9f9c8b76887dd8c74246c02bf77a29af14cb5ba2b02e13992db2c8c87f48068c040a9898dca0d4122e42ccf65219522",
-    "client_login_state": "898b728c633b5f335da29527ae279122049cc0a48adde3de699707f9008e58808383b39014554696359c1ff9198092cf03b9f9c8b76887dd8c74246c02bf77a29af14cb5ba2b02e13992db2c8c87f48068c040a9898dca0d4122e42ccf6521952286c1a1f3bf1872e0f19ce42ca68f4e69c0c7fa2bcd0f9728af650b849f35995d02d71ac13b7c461a0aff3ffcf6fb43961f3cc78d159a88190e11814cf8c1c47e63e48b752d3f498fbd8e605e95a076f342574b6d6717483fe11a8f8bb1f7f404a986c1a1f3bf1872e0f19ce42ca68f4e69c0c7fa2bcd0f9728af650b849f35995d",
-    "server_login_state": "6c196b4c6cd855c215852c5c11fd1590038eb9d7c69adc062777e3fed1464526d6a8aafd04e9a5845b32bc92bab852520200c994e54b7c3a8844c75c7952d1c0d2cf5232bd3fe6fa24d7b74e6373ccf66d48ead98331257efc320a16864908f4fce34bf2c26ec5f73072d3522d3b42306dfde8ce0b6827dff1202bd1ca11e767d758b4237c30e30d8878db1ebd4bb595",
-    "password_file": "02e07f9bd7377e8275dd95713f4a8de1a13699f61359b69095cfcada7efbb1ab72b8ff9db6b14b4f8bcb1bf6978cf1b02ce7c75af8d63433d6a75caa620ad851cde67df132e8e71a92c2f6cc137c09ddfd867143397117121b3cf8bbbdbb577e7a3ec3de33a5d052e6ea5e736d8da5243a4f30fd6be311843b3b8309d41a0a11f5f1d42eadc5539959457a6eed12d4adfb599fe45a546effd7dca5dcac5b5ff498",
-    "export_key": "431c7293c534c3a555c36ac8b665130066c667b26f86403b3b3e1f06c5e941447f52976265a234fcb0edf4bdef99aaff",
-    "session_key": "fce34bf2c26ec5f73072d3522d3b42306dfde8ce0b6827dff1202bd1ca11e767d758b4237c30e30d8878db1ebd4bb595"
+    "registration_request": "03f98a111741a24c1ad90f15985ac345636e631cddde1d05dd8d7f5fc00e57483c5504f390e8bda613345aa89d3493bed0",
+    "registration_response": "029daa00653cd0b4f9ac0b9e5640e6c6b608543e02955a40de853bcc530f3180bdd52991e528e570e650a6c50d6ed06b5602ec3bb6cdaa17e7e0872a57e2c89e2647983bced0b86ffd0d7fcdfa304f90e03f",
+    "registration_upload": "020b1901303ffe1ea63379d6e310d39712521ca43609a8bcfa4db28866411355862282ab14133a5a1c095c9af7b4ffc61aa5371b3ed762a24f94448e6ca0bb87b7c0ce558dce762c73aeb6ba1f4b56681363bcffa26f32783271d78d3b84dbdefda3a4533bc11d7ce73de145c6a80ea659033f437455f7be8b3ed47fd871057beb6e30785364bb586c074c0c4b475d17129383f531042647448933a17914cc2b61",
+    "credential_request": "03f98a111741a24c1ad90f15985ac345636e631cddde1d05dd8d7f5fc00e57483c5504f390e8bda613345aa89d3493bed0ed8e76fe71017d89879ec9580cbee48e1dff47f05d52e4e7655ea65a813897a5027204ea166787e2d7766ae8101143be5283f79ba8107b33f8db03339d72970597",
+    "credential_response": "029daa00653cd0b4f9ac0b9e5640e6c6b608543e02955a40de853bcc530f3180bdd52991e528e570e650a6c50d6ed06b56889e0b260347814b97b922fca5c96f89e3974776f2d6486399d17f7634d90d3a68490a295fd49a787786c1db2bb1e31e38b56e8151e958f8770041746fb5496696be499beb470f04a2ea7074502918277c024cd785b534de8ced805918a2a0bce17eded3cf11e6fc2e54d67d641632fe1d2fb56bf641540c34a023d32913fa9eddfad0aadd9fddfbe1c9af4a96da04887b1bdbabc050b6f5d59d01b02a03d187b0954c8a9341b696cb60c49a8511ab971202d56b40e364d4947215d3befb46b114cedd8ae3f75f9d38767a7cc87315e3473d94ca79a51b45a5bdc935be80d9bf697d384ded48d5d5b9bdb85432e3d85ee5aba8729d55ec530313d28ca3208090ce11",
+    "credential_finalization": "6ab06573cb9bb92a5e4ae2c6623bffc5463f94b81c2d38c1416e4dce35c32e49d2225ac5957a9913e1badcab819f35af",
+    "client_registration_state": "ef8bb36f1ad0921181910a8a1a497e18c1192264c5389f4e2cdc270d322e0a0c9b74284ee2af3d476cc7893fe7597d0103f98a111741a24c1ad90f15985ac345636e631cddde1d05dd8d7f5fc00e57483c5504f390e8bda613345aa89d3493bed0",
+    "client_login_state": "ef8bb36f1ad0921181910a8a1a497e18c1192264c5389f4e2cdc270d322e0a0c9b74284ee2af3d476cc7893fe7597d0103f98a111741a24c1ad90f15985ac345636e631cddde1d05dd8d7f5fc00e57483c5504f390e8bda613345aa89d3493bed0ed8e76fe71017d89879ec9580cbee48e1dff47f05d52e4e7655ea65a813897a5027204ea166787e2d7766ae8101143be5283f79ba8107b33f8db03339d72970597de1f1c0591eaeacea4eaddf441e4f78007347895f79775d836aeef03269ef260ed8e76fe71017d89879ec9580cbee48e1dff47f05d52e4e7655ea65a813897a5",
+    "server_login_state": "4af2c9dc93a9681293550723eccabed75aec6fc72b688bca2c68d8bdd8fe21c66b94753b04b4f9b9d1dfb3661397ca712f8990baea7679888d3045640cf0f17c98a6704146f5e4f6cfa2c764532fa1bfe78bfdbda526213af50d2c6b8dbd83eeb78c21b07ad43485cacaa2bb6743962ea4d450fab27f9d3848b4d4f5a50ecea2ce3fcf3007867d8e708182d76f97ba2a",
+    "password_file": "020b1901303ffe1ea63379d6e310d39712521ca43609a8bcfa4db28866411355862282ab14133a5a1c095c9af7b4ffc61aa5371b3ed762a24f94448e6ca0bb87b7c0ce558dce762c73aeb6ba1f4b56681363bcffa26f32783271d78d3b84dbdefda3a4533bc11d7ce73de145c6a80ea659033f437455f7be8b3ed47fd871057beb6e30785364bb586c074c0c4b475d17129383f531042647448933a17914cc2b61",
+    "export_key": "f79bdebcf6534e9fbb727a295edb160e952a8bda27b0e1d3f2379ece6bde6fc5d0d4486e2a37ef41d2fd1d0fe1719fc9",
+    "session_key": "b78c21b07ad43485cacaa2bb6743962ea4d450fab27f9d3848b4d4f5a50ecea2ce3fcf3007867d8e708182d76f97ba2a"
 }
 "#;
 
 #[cfg(feature = "ristretto255")]
 static TEST_VECTOR_P256_RISTRETTO255: &str = r#"
 {
-    "client_s_pk": "027e83df2e0b7380bb430352afc9326a63cd53d6bf6955b60114ae56a9ada8a005",
-    "client_s_sk": "125dee3f99fd11e6dfc10f3269010644abbe1676856c1fd28c3f1c11fb12e8a9",
-    "client_e_pk": "02e1a67fc34629e5d0bc6c7d2873673e873514114e15a72a27e71fde337351ab79",
-    "client_e_sk": "3ba3bfd9cf3b5970a7557260fbd9c1f5480ad2434f3ca788bf0e298e3adb1728",
-    "server_s_pk": "0363418a22f5e2d041a3cc49ac195bb72c484fe2422756874eea2502b1f37265f2",
-    "server_s_sk": "9ca7d0b89c84808c6a3a234383f2a400171d0362fd9cd66874a812b29309aea7",
-    "server_e_pk": "02d3da0962e20af7c63624aff08fcf98f622cdc75d1c475bdec059064cb176da41",
-    "server_e_sk": "7c7aea17291d0c297fc2685c2876b0b57a67b91dfa7d20edce1872341c86a74c",
-    "fake_sk": "2fb1ab3f8edf772701cc7c2a4773ac7441fc17157c00132d0bc4df63703953c3",
+    "client_s_pk": "026a80b08688346c0a5d884119239af863b0729ef14bf8b86b285b5751b6e2b067",
+    "client_s_sk": "8ea03094d56fdfd7937b9a4b8b89e2b09f8a2a493d6409d39dfec1f4612a4fdf",
+    "client_e_pk": "0326c437e32e7a5604807b24f92385cd732e6b70f70793fd59022d9470e6579622",
+    "client_e_sk": "4fe1d7f5159e429d35bb4d3c66ca20f50b133893f1e1712e89d9edd34c044612",
+    "server_s_pk": "02267105ddf0f2a9531a0875ab315f1c831766134af1b7e4ad9c4f298ce0536eea",
+    "server_s_sk": "8871c04d141df9881e3ef15210660112c164cc32867f3ec0bd67d68cbbd87424",
+    "server_e_pk": "03315305fc11f61944bc790a112f01e1020df7a830479618e7a42dd2204d30075b",
+    "server_e_sk": "225599a7b01f047bee6fba835c86f271410b786b3933cd7542abc8c58afb10f8",
+    "fake_sk": "61ea20ed0bde67756fe11072c5a8aa3103085a293d60bcbb0b5c5e09920d07d8",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "5b4e8ccffa209c8df0ec71d0d1092de288ae05e472e71f9f95ff8d4b34a45a0f",
-    "oprf_seed": "a519f2078900c38d7764481978296720f9b02b472e5aa5e08a32ec1d72c23dc2e3fbd680d367668ce032f45c214aa4efe76b4722f487732aed6c4063a5ab067b",
-    "masking_nonce": "4e3843835669dac4e6875c1627391e2a5589d4f4a3cfb507f0956c16566feb62692db88b2fbaf002a729a31afecbc016e06b004b11c8f9f53d10430c51db1c9f",
-    "envelope_nonce": "d9d3327bd827540d1e5f267605c222cd154c5da6dadd43845d8498c58420fc06",
-    "client_nonce": "246142ff274fe7c3385f6268e7e9c0c1ae2804c664308cec59d2cd0e5af683a4",
-    "server_nonce": "4f9277be8c0deeccb8c67c5312332ea8fc268360c9a46603c2f5f06f94e45f37",
+    "blinding_factor": "269627e7fb86bc28052c4538cd8a4a8cf30ed530196e0e2d99a8382a78c21f00",
+    "oprf_seed": "3abaf808e5435b5fb9929d98dc3060827fe627bbaefdaeb9205b9cdf2037a625ce8a687ab3f85c0a70629f94c1f23212f8d67b3dd0fc422c5f65a600350267b2",
+    "masking_nonce": "093ba9502b07a9a838f28bd2bfb9699315549db299ef6196fa32233acdfaabf9b97a0dd265db7ff52ca1b1f3fadedfa9dca26751b166972e6ab6569ff08ff5b5",
+    "envelope_nonce": "d7e0137e8adf2de3b00cd9e0c888f36ecba2ee18f92e51b7298fbaa654d286ba",
+    "client_nonce": "1186e18b135739cd36cde4a2dd72ce5d1c4a92a96da279ead6f54813f84d9d86",
+    "server_nonce": "9589f0bbec5cc2c68b98684158b8ef40f81f7f0fb8b2197e90d8e3666cfd1682",
     "context": "636f6e74657874",
-    "registration_request": "0ca151ef38b3b82f1b2166b6627671943ae8371b207dadfc4c4ccbc93db0fc51",
-    "registration_response": "ca2757e756faaed5e3956fff22ed9d7f5e7114856b11753b3f84f904831d8c290363418a22f5e2d041a3cc49ac195bb72c484fe2422756874eea2502b1f37265f2",
-    "registration_upload": "0273a4a83ef4a4c014623a59d3188370e4592b0c1d2d695dda98a07339a1536e77c5aab89c3434cfb25289d087d3f35680d82a3eaf34b539317a82a219652e2bc1b151f423e945eab65a598624a9328265f91a8e69f5975c7517905db6091894b2125dee3f99fd11e6dfc10f3269010644abbe1676856c1fd28c3f1c11fb12e8a90944628ebe4b83026cca4f2b719ab0e836c01f42bc854a2262f7f0cfcf83b026426371c91a3a3f6ebc47225e092b76fb54636aec37618815f2ba0f9da6290def",
-    "credential_request": "0ca151ef38b3b82f1b2166b6627671943ae8371b207dadfc4c4ccbc93db0fc51246142ff274fe7c3385f6268e7e9c0c1ae2804c664308cec59d2cd0e5af683a402e1a67fc34629e5d0bc6c7d2873673e873514114e15a72a27e71fde337351ab79",
-    "credential_response": "ca2757e756faaed5e3956fff22ed9d7f5e7114856b11753b3f84f904831d8c294e3843835669dac4e6875c1627391e2a5589d4f4a3cfb507f0956c16566feb624c697ec15f81508a6d26927d6240ec09672cc5c6afefba3e6ad828b722c2f13ad1814ee338fbe739ce915c8c77e65a0c1c6baf42e96474997c9eaf8a3c828bf609f60be9d98b30e4d86b14717b16929839e77583d990205a05689ac46773e83e6b35f95770c9c5919484c4e9bed34a85d1ee7db3f9914329f9f559bbed677f8a457c7aea17291d0c297fc2685c2876b0b57a67b91dfa7d20edce1872341c86a74c02c44f9047c059de10dc36ce904b3f1754dbee6b1e0657a194d563db45348198b3448dc365a3112a25c17fd5d02837cb4cb342ca831ba383b61ca684f9afdad1dab235ecd48f3c093bce9ca95449a1b26f7f2cb51b882ee5757ab3b99a078e0670",
-    "credential_finalization": "156511d3bed0e04bb931e21d4e01203ecb8035c8f2a13203a6d7c76156bd98c70161ec4dd434a0da576d7841483d2d6468e2d2df6b046a132a13a148be9f2ed9",
-    "client_registration_state": "5b4e8ccffa209c8df0ec71d0d1092de288ae05e472e71f9f95ff8d4b34a45a0f0ca151ef38b3b82f1b2166b6627671943ae8371b207dadfc4c4ccbc93db0fc51",
-    "client_login_state": "5b4e8ccffa209c8df0ec71d0d1092de288ae05e472e71f9f95ff8d4b34a45a0f0ca151ef38b3b82f1b2166b6627671943ae8371b207dadfc4c4ccbc93db0fc51246142ff274fe7c3385f6268e7e9c0c1ae2804c664308cec59d2cd0e5af683a402e1a67fc34629e5d0bc6c7d2873673e873514114e15a72a27e71fde337351ab793ba3bfd9cf3b5970a7557260fbd9c1f5480ad2434f3ca788bf0e298e3adb1728246142ff274fe7c3385f6268e7e9c0c1ae2804c664308cec59d2cd0e5af683a4",
-    "server_login_state": "00f0c2c254202ccf13ae33839e39a895a23778a8063334ba699cc4157646951fac5da2dc3363fc5cf051157b5f092c1d662ebe258211b02a051335aed2372387e8de8436dcd35b59eed28f6ca2cd4a0e969456e435393fabd0aa6b5e437018c49697c130b7075c7bc3deedb60ead5dd3b4b1f1cd8a86586f26fb1fca907bf27c9c97cc96869f519d4139e5ed967f4b82cee172a06c72702699d194ee49424bf11f73bf6ea75fe40712b3e9c7ae85328a02dacb453f7a95820836026f20dd4815",
-    "password_file": "0273a4a83ef4a4c014623a59d3188370e4592b0c1d2d695dda98a07339a1536e77c5aab89c3434cfb25289d087d3f35680d82a3eaf34b539317a82a219652e2bc1b151f423e945eab65a598624a9328265f91a8e69f5975c7517905db6091894b2125dee3f99fd11e6dfc10f3269010644abbe1676856c1fd28c3f1c11fb12e8a90944628ebe4b83026cca4f2b719ab0e836c01f42bc854a2262f7f0cfcf83b026426371c91a3a3f6ebc47225e092b76fb54636aec37618815f2ba0f9da6290def",
-    "export_key": "47c8aeb7e4b5fcb65728f8b2b07e7d0112496c3e72e5ecb17f00794e90d00fb4e4a9f8f2dccfdd19df8302e3c38d2b7f819ff373c3c829e34705e54dd95fcb09",
-    "session_key": "9c97cc96869f519d4139e5ed967f4b82cee172a06c72702699d194ee49424bf11f73bf6ea75fe40712b3e9c7ae85328a02dacb453f7a95820836026f20dd4815"
+    "registration_request": "f28816d64e1d4f17a0f36830ed92349d29de1e0444f21147a23d1952a4355573",
+    "registration_response": "7c734fdd7907d3aeef3fd17a8bb1d08642ab04f36c1eca4d8e6b10147c8a505f02267105ddf0f2a9531a0875ab315f1c831766134af1b7e4ad9c4f298ce0536eea",
+    "registration_upload": "03ce990fb3f9331bccd12eeadcf92f938dcf3acb07ec660c2936f8adc34554d7c7ecb4d45aa36908729dc4ca3e7c6e0a4a605fef0e7aa9c84de814e304a27dae2b8738f10785f2a1005d906a37f12b259b83a9f8406b6d6783180ba471e27393858ea03094d56fdfd7937b9a4b8b89e2b09f8a2a493d6409d39dfec1f4612a4fdfaa6224b035117cd28adba5aeba7c4733b66b44fa47052f2f50fd68b02360a769157fbd7e00af377f755d2ae0d1f6042eeb8e45c0c870eb7a985c8cd867aad53e",
+    "credential_request": "f28816d64e1d4f17a0f36830ed92349d29de1e0444f21147a23d1952a43555731186e18b135739cd36cde4a2dd72ce5d1c4a92a96da279ead6f54813f84d9d8603eb66e9a64dd24d6aa1a89dc0002e3e12f01b3dc6d9005bd72a03ef934377f23b",
+    "credential_response": "7c734fdd7907d3aeef3fd17a8bb1d08642ab04f36c1eca4d8e6b10147c8a505f093ba9502b07a9a838f28bd2bfb9699315549db299ef6196fa32233acdfaabf92bdd08e08a4ac46f690d1dc4ad05eb4323770753adbf0c354f7fe215200c3091b4342949f456fb3d0e2d6a59ce9da891930dde787b9b6943446bebf9b029a82e878e2ca9412df818403c9a8b817985f9697219d1319bd90b57793a64472995b72b0f15551d35c1f90db203b8dbfc3448fe35982b350349255b4d1a8bc100d0f280225599a7b01f047bee6fba835c86f271410b786b3933cd7542abc8c58afb10f8027a0c4c39a84d38b39f2b54c62c20b312fd37090e841337483b27047c143b94a1d57a81fed7757d80845053b83cb02890e60ec0f48d241965f752dbc826b88753d2d256b76e8c181f48d7c24351da7b2bad1c41790c20776db86c654bf48cb9ae",
+    "credential_finalization": "643a6547dc003d7caa81adadfb74be774853e0a422bf58fc61e5918a3dff35e9854b4150c73ddea93283deb6aa4216437fad406fdea480ec229fcdae3c83d6da",
+    "client_registration_state": "269627e7fb86bc28052c4538cd8a4a8cf30ed530196e0e2d99a8382a78c21f00f28816d64e1d4f17a0f36830ed92349d29de1e0444f21147a23d1952a4355573",
+    "client_login_state": "269627e7fb86bc28052c4538cd8a4a8cf30ed530196e0e2d99a8382a78c21f00f28816d64e1d4f17a0f36830ed92349d29de1e0444f21147a23d1952a43555731186e18b135739cd36cde4a2dd72ce5d1c4a92a96da279ead6f54813f84d9d8603eb66e9a64dd24d6aa1a89dc0002e3e12f01b3dc6d9005bd72a03ef934377f23bd8fabb81cc58414997e3c76aba160146183de4cc966657e5b1def258df81ff6b1186e18b135739cd36cde4a2dd72ce5d1c4a92a96da279ead6f54813f84d9d86",
+    "server_login_state": "13bab355577815ab29a0571bc571f6911d88f92cc64d6e930872674364b7400cacb5cab973263ca4da8687f36f894c06fb8939e96a7c6d1d4bed17dc1e00a12878b01cb72645993a5186b124808b8604a24b63aa3d934424dc78f9e56d02b506941b0af906d06edec7ab2eed07847fa424b5881e71282aa306d223902b37c354ed6f8a57a79a4433771a1b3aec9ab490df027ac3383a42cf7d09bed5c35e1dd1e092354e18d809935e1c19929906398286669f2603153de7026674823149fed0",
+    "password_file": "03ce990fb3f9331bccd12eeadcf92f938dcf3acb07ec660c2936f8adc34554d7c7ecb4d45aa36908729dc4ca3e7c6e0a4a605fef0e7aa9c84de814e304a27dae2b8738f10785f2a1005d906a37f12b259b83a9f8406b6d6783180ba471e27393858ea03094d56fdfd7937b9a4b8b89e2b09f8a2a493d6409d39dfec1f4612a4fdfaa6224b035117cd28adba5aeba7c4733b66b44fa47052f2f50fd68b02360a769157fbd7e00af377f755d2ae0d1f6042eeb8e45c0c870eb7a985c8cd867aad53e",
+    "export_key": "2fe20c906ff2656ba5c9c4bb313788f88395ef86281e4448462d5b1f5438d4afc91d2ccf9b8f340c0434db96a1996bc90cfa8a378c349c18e4291e793277e31f",
+    "session_key": "ed6f8a57a79a4433771a1b3aec9ab490df027ac3383a42cf7d09bed5c35e1dd1e092354e18d809935e1c19929906398286669f2603153de7026674823149fed0"
 }
 "#;
 
 static TEST_VECTOR_P384: &str = r#"
 {
-    "client_s_pk": "02d30caa7523fe782794a4dafdc34b236b3ef01a887ed6f705ff4644cb06df4140cfeaeeeb123d8a4394c485cf6c930fab",
-    "client_s_sk": "26f4f688d5c314da59d08a7672d444ff48c3580fd02ed9998a3906d507c506bf7059f166bec930032afc7fa59fdc6455",
-    "client_e_pk": "022d5b9d95e3686a8274435bf61414a0a371bd1351760fed07da6b281a419aef32c1b9b1eab59222111198d30ed63c7cbd",
-    "client_e_sk": "319076296bb7ce07bd9d383d7bfc6544222b99938e0ec627e7e284391f55e6a98b076a7843f383cbe802a907584fd271",
-    "server_s_pk": "03801a686045ee201b54f8367fc5a3ce577a5310b6431eadbf4abbf2f87213cf8b3853875f7f7badb10d029fe0c6f1cad4",
-    "server_s_sk": "209af74445ade701f4a99011c8e7304e3914ef9101fd92ea8b62d8ae6220a446cf544ca0eaf22552a21b149fc5e12008",
-    "server_e_pk": "021fdb138cd5b99a905285673be1b62085de588b4921ea35f3188aa6d4a57159d072ebda60a163996641473cd82e917633",
-    "server_e_sk": "061bc6ed455e852e8ad7eaf6836bbf061642043e48aef18416575071dc976577296eca9902af72c0d59e324e96abf34e",
-    "fake_sk": "3232e916073a895b65040efcec1a4038bf2fc4c41f8ae2e66bbccc5cf9ce8e31ca84e609b29af7207556452a4ebcf023",
+    "client_s_pk": "027ad019b16564c074d6f2ae68bdf20a738d7d2e9839a0abfa438a760d0c06c16048fcb8fd4f1dd115a7dfc3fea5f09b58",
+    "client_s_sk": "834a110fe6c0e7b6cea98c3bc534a928d6a842116774a1e01b513584405cd2e31970f765d7bf0db0ade9bf27fcd9cd0c",
+    "client_e_pk": "036a8b6a879e4b771b980f60263761fe7fe8ea7caf25f72093e4e7becaaea14a11a6acdc9ff156f0f9663623e17738a541",
+    "client_e_sk": "44760cfc351b43df634d788300fe8a21d3a1045654421a0c7db0e4def8a4f95f78900b61e9ceeff021f381270cdb5418",
+    "server_s_pk": "02f66681149226426db92504e9c0604e8f9fdbfc5f36f399e77d2a9b1383a00d693a04e3549bf909acbbd700162cefbca9",
+    "server_s_sk": "5dc037810ae1265de50fe0262b18f9f494866dfd9e8b10d7cd9126e513de0f3248510c8af60e8e61d875eb702610a010",
+    "server_e_pk": "0345d90f8c96cdec81eaaeb147250f54e25824b5fa9df6a333fa932cc73e3768228f3ba8b81a1480c1c8cd705775ea9761",
+    "server_e_sk": "c82bf9be4884f55e97240bb1fddf2c21cb9d44ea208a6448dcd0dfa25b4500b60990c58e8de1041a10068c8b1390353c",
+    "fake_sk": "c75ce826bfcfaa3328fbf6ca2060c5f80313048082da3bbe9b81654c4f6bdf87374e15ad49594315e973e0cd289c6bf9",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "6522c4e1432f30cdf2d3ad20ddb2677ef444a9447ccb643992a545ed1c9a8c255af28ec952ff87046256a0d942c4be48",
-    "oprf_seed": "0b2ab841c8c79a53710e424a768939d9a36fc5baffc4fad5e8731736c831b3750f61010140ef62708b58dbc0734c4228",
-    "masking_nonce": "3df9ef31bbf2e58364690728a86862b5bb9b6cfb874631006b3fc8da98e13c4a196cf0ae225742a918be575c1f98c5c54ccaa679c55693834d2d7e0ad7374f29",
-    "envelope_nonce": "b358bd034c790212f83b8b9d2f1373a5067314392e244606292856afc9020405",
-    "client_nonce": "c14909f325841eed32aae25899d84c7044c2223e58a18f715977df310e2c2e7d",
-    "server_nonce": "8c4e71dab0435f22238d5e1ae8686d694ca8f6f0131ad5e106b6a909a53de050",
+    "blinding_factor": "bc8fd9384462ca535b97649453851e7d053165c1d813f88f168e91deadbd58ff2f1ce08628948d75db1ae9ddca1d5b97",
+    "oprf_seed": "b06de4f6d4a0dd8efe8afb46f51d197a3e098d0af21b52b4a5117d4980ca8fcd90c629400a43476271e89291d6618096",
+    "masking_nonce": "5469703e134b2b70a9ad0aad851cdd22038fce9291147198b87d5731ec1ab5000ebf49eacbb3b90e6ea84bc1ec0032b233b9edf505289298db7ef65720e1f2aa",
+    "envelope_nonce": "f4320d83faae12c799f3ceca6a84c4aabc9bc1896b11b217087a9b820c6ff075",
+    "client_nonce": "4edb4057671642bb7630028923812954abdd34f57bf6f62ad4f24568680bc0be",
+    "server_nonce": "aa49c4593ad1ff89776852ab9f555a68eba4b5d86c7ec7f39577cdb04684e24f",
     "context": "636f6e74657874",
-    "registration_request": "03182483430a1dcccd138466a63f05f523e44f2d0078fd9f21d0c3e145137437ca75f187d38d0d2b806b0c1f21fde2207f",
-    "registration_response": "0256a3f872e6307d2b7c93aee4573a3d18a61ac0cff31d5e2de354f36728663d4f491a040d1b88f2abd7594f2e5cd130fa03801a686045ee201b54f8367fc5a3ce577a5310b6431eadbf4abbf2f87213cf8b3853875f7f7badb10d029fe0c6f1cad4",
-    "registration_upload": "03c8c502f79257e6d92cbfe79767b539fd4e0dbec4fc6543bf9191587986a6e205b899f38ee12a383420488a69d6ce104478ee84a8c4031e77d13a8a8d42041d78ff48e67a970e399d4333812ae0579fa18b2eebcdf6c6fd3f1d180bca053c941726f4f688d5c314da59d08a7672d444ff48c3580fd02ed9998a3906d507c506bf915bdbf6215beb014ea81a290fa38804957f72f2b7473bf33d7e7cecf84f3edf5c67aeebae6b538c6a629a9046719966",
-    "credential_request": "03182483430a1dcccd138466a63f05f523e44f2d0078fd9f21d0c3e145137437ca75f187d38d0d2b806b0c1f21fde2207fc14909f325841eed32aae25899d84c7044c2223e58a18f715977df310e2c2e7d022d5b9d95e3686a8274435bf61414a0a371bd1351760fed07da6b281a419aef32c1b9b1eab59222111198d30ed63c7cbd",
-    "credential_response": "0256a3f872e6307d2b7c93aee4573a3d18a61ac0cff31d5e2de354f36728663d4f491a040d1b88f2abd7594f2e5cd130fa3df9ef31bbf2e58364690728a86862b5bb9b6cfb874631006b3fc8da98e13c4a42035f0afefe847d522d37a6a7e40965f1c81ebfda02b4632df08d7f8136ed222dcf9c723cefa9deb7fb60a4df1682bf9ff2906db5af47728b8ca3815ce820c4677787e631a39e6912ba7705a634c251bf420771a9cac8436a2b53b524b60f9e0047d97bad37d741e5abaf710b9c81bff8ed6d84a319c62dcbab952221e0e9d9511642043e48aef18416575071dc976577296eca9902af72c0d59e324e96abf34e025a82f2ecec7de30ae500fe0efc1b9b6bf925d0ec00b2e21e8a446acc37f063f5f77703d6cc87c3c688f4430fd8c6875a8abe86e344e263b4a450dd7a4684f26052c244defcec09768c6d305b73e09d8e9135228d98c8b84cc586d8cff97bb675",
-    "credential_finalization": "8c0e0cf31d1490a4678994bc4f47e8a5e1b4380d770881d000370ad8c5ef3ffd2e8d7f6101e9411e453a367a65ff146d",
-    "client_registration_state": "6522c4e1432f30cdf2d3ad20ddb2677ef444a9447ccb643992a545ed1c9a8c255af28ec952ff87046256a0d942c4be4803182483430a1dcccd138466a63f05f523e44f2d0078fd9f21d0c3e145137437ca75f187d38d0d2b806b0c1f21fde2207f",
-    "client_login_state": "6522c4e1432f30cdf2d3ad20ddb2677ef444a9447ccb643992a545ed1c9a8c255af28ec952ff87046256a0d942c4be4803182483430a1dcccd138466a63f05f523e44f2d0078fd9f21d0c3e145137437ca75f187d38d0d2b806b0c1f21fde2207fc14909f325841eed32aae25899d84c7044c2223e58a18f715977df310e2c2e7d022d5b9d95e3686a8274435bf61414a0a371bd1351760fed07da6b281a419aef32c1b9b1eab59222111198d30ed63c7cbd319076296bb7ce07bd9d383d7bfc6544222b99938e0ec627e7e284391f55e6a98b076a7843f383cbe802a907584fd271c14909f325841eed32aae25899d84c7044c2223e58a18f715977df310e2c2e7d",
-    "server_login_state": "79814d2b3ba60f503d5ac2a71cf10e66ef8f0d3af2cfcb20898415721147c48458b752bbd88d86c3399addfe7e1adca52f32055b893d59fb1b4c16b8bca49a6c425cb713061ea35d73472b9a70059f9007e0e881d934ae2d2f8b2cfd2a2ea2607aa2592bc9b387e4776df01efd287465a729a66b17550afd9a540536c437e89084d101d66afbf0be092f4b0ab1167ac4",
-    "password_file": "03c8c502f79257e6d92cbfe79767b539fd4e0dbec4fc6543bf9191587986a6e205b899f38ee12a383420488a69d6ce104478ee84a8c4031e77d13a8a8d42041d78ff48e67a970e399d4333812ae0579fa18b2eebcdf6c6fd3f1d180bca053c941726f4f688d5c314da59d08a7672d444ff48c3580fd02ed9998a3906d507c506bf915bdbf6215beb014ea81a290fa38804957f72f2b7473bf33d7e7cecf84f3edf5c67aeebae6b538c6a629a9046719966",
-    "export_key": "b05096e7ff9666fb3845c8ef552b69332b96d3ee63ad46c3da497d0ea85bbe8ee866f7fd606f958ecd08a2100adaa8fa",
-    "session_key": "7aa2592bc9b387e4776df01efd287465a729a66b17550afd9a540536c437e89084d101d66afbf0be092f4b0ab1167ac4"
+    "registration_request": "0305632a043103148c0c50187844d031dc33aa81ab6b9d13919469b317703774ee3eea7c7b4b63445fb446ce2c4bde9173",
+    "registration_response": "03f878aaf28a28fbce8805a11b0feccf82233c46a75f7c8513c47a23bba92bced8f95d97c795c70a7755ac3c5b290a14a302f66681149226426db92504e9c0604e8f9fdbfc5f36f399e77d2a9b1383a00d693a04e3549bf909acbbd700162cefbca9",
+    "registration_upload": "03499599951aa81858e10fd6394610cdceee52195ca2f5eab241fb8a30d24f4f6ce3f33839c025bf5ebbc056d489e55797cab6175299333799ad308b718815a97d3326c82311f380dbc3d3f3bbb1c9922fa75b4eb2125fa386b75b610a07c2f639834a110fe6c0e7b6cea98c3bc534a928d6a842116774a1e01b513584405cd2e360093806a0701ac9820c29ac81ab66b91d12243b036b20309c2dab1a473869c03efadc490a20af8f3e5dec0f5643a621",
+    "credential_request": "0305632a043103148c0c50187844d031dc33aa81ab6b9d13919469b317703774ee3eea7c7b4b63445fb446ce2c4bde91734edb4057671642bb7630028923812954abdd34f57bf6f62ad4f24568680bc0be025cbaa73207a363589d904f9ccc29197ddad82e32580db1e4fcc26eaee9e202cb40e8b0a08b5d1f1240e835f9da08d0e2",
+    "credential_response": "03f878aaf28a28fbce8805a11b0feccf82233c46a75f7c8513c47a23bba92bced8f95d97c795c70a7755ac3c5b290a14a35469703e134b2b70a9ad0aad851cdd22038fce9291147198b87d5731ec1ab5003eff2203d3b86ee028fe1889fd24b6459a3ed00fda3cf90bfbb9508ce62367a185609ec407a7765a2cdfb9d4558c984bc3c235451a584c133ca70c57ef5573f3dcf29dfdce332106e53d4778331e8dcf4f807f3f13c41748fd251c5af002f64efc48cfbd7243d78ab451b9c9cc0dad4fca77583abe51538f2f42cb198cb698b7fccb9d44ea208a6448dcd0dfa25b4500b60990c58e8de1041a10068c8b1390353c021e31dcaffe65a256f1b32c8e91fda21d475a4b4fe06c961a6e23a7aca49214846a5d999db011e5de464859ee8d023cf96d3c35ef24a969602bc8b9346dc55a5a4fcb14aa9f42932986885a79317945d277e9601dc4ccdb5fee028f17fb33f14e",
+    "credential_finalization": "4d9dd316ad4c575ef6c6a26f90e72f26672d8740e03c9d8808c95449f3279ec8709c5d2f1fc1cf14270d3919ee952e86",
+    "client_registration_state": "bc8fd9384462ca535b97649453851e7d053165c1d813f88f168e91deadbd58ff2f1ce08628948d75db1ae9ddca1d5b970305632a043103148c0c50187844d031dc33aa81ab6b9d13919469b317703774ee3eea7c7b4b63445fb446ce2c4bde9173",
+    "client_login_state": "bc8fd9384462ca535b97649453851e7d053165c1d813f88f168e91deadbd58ff2f1ce08628948d75db1ae9ddca1d5b970305632a043103148c0c50187844d031dc33aa81ab6b9d13919469b317703774ee3eea7c7b4b63445fb446ce2c4bde91734edb4057671642bb7630028923812954abdd34f57bf6f62ad4f24568680bc0be025cbaa73207a363589d904f9ccc29197ddad82e32580db1e4fcc26eaee9e202cb40e8b0a08b5d1f1240e835f9da08d0e2e546cb8ed99c8d3ad4c1f32c4cf19ce4da1e2a13700df0a0a1eed43f251261f6e7edb92cb124f652241186604c5f1cdb4edb4057671642bb7630028923812954abdd34f57bf6f62ad4f24568680bc0be",
+    "server_login_state": "2e33ed0981c481b9141212ab38ca6e8ed1cbc132f8b96c70c2268b6b10aca88c38411cae2cf819b786922785bb2b7019e20c7da8c330d03e251b1fb4555995389964ad78cda9a6ea30c9b0e5b3733656c40cdf92f31ad08331baddf5c98a4ff6641618b739a79bd6a29f917505c30ca462b3d43b762fd7cfc8181fe439055f4f151e5ea1796bcc0f146305e9712c6376",
+    "password_file": "03499599951aa81858e10fd6394610cdceee52195ca2f5eab241fb8a30d24f4f6ce3f33839c025bf5ebbc056d489e55797cab6175299333799ad308b718815a97d3326c82311f380dbc3d3f3bbb1c9922fa75b4eb2125fa386b75b610a07c2f639834a110fe6c0e7b6cea98c3bc534a928d6a842116774a1e01b513584405cd2e360093806a0701ac9820c29ac81ab66b91d12243b036b20309c2dab1a473869c03efadc490a20af8f3e5dec0f5643a621",
+    "export_key": "4e00ea96339443ec9427a94d5ffc38faf7abfe49bc45f33a2b8893ca05266eb7c3d9dda533244384656e3595e589d4d0",
+    "session_key": "641618b739a79bd6a29f917505c30ca462b3d43b762fd7cfc8181fe439055f4f151e5ea1796bcc0f146305e9712c6376"
 }
 "#;
 
 static TEST_VECTOR_P384_P256: &str = r#"
 {
-    "client_s_pk": "0254911f1d17aee72f5b891cfaeb8d0b0e68e9db9fb25f2dc42d672382f45b01e559639dc93a21a294461318be76144819",
-    "client_s_sk": "526e10a69a7f9c7ae685defcd8dc4f23f2b668f63cf558c9d76cdb83bbb5b216ef9e91763fa2e015c66ec827316131cc",
-    "client_e_pk": "03a01066dccb456e0e4a238d7afd1dcc788283154f0f7936295b950b316c66d0f52376b26e64585da98308c1ceea732c93",
-    "client_e_sk": "6de338c62147b2f5cd9579109b40584768e7dc1ae451f7d566fb28011bc13c180f3f1001a700c59488716b45011ad5e6",
-    "server_s_pk": "03df5ea7a932ff02124130743543236f3b8de290a1f27c8b9d518112beb72c527a8818a13914cf27c2375f75f832a23093",
-    "server_s_sk": "fd59eb004849e24eb70cd7d6e1ddcd87afae0743b82f2921c0bfe093831db2f17d031c4d63af482c778002394e3cb9ae",
-    "server_e_pk": "033b51d2ec7c6d8db890b5dbc0eaf13298ff25eb516249c2f367d84cb45d1717ed55f1b46f8b142ca899d480cc8a493e86",
-    "server_e_sk": "81443e69a1cc93d7a779235de18be512a0bfc4a2288b16e5323092e54ef4139dac21ed831d34e78e7d03dff908cae373",
-    "fake_sk": "05ef5e97565fa9fc1f485e4aad8516ad9104533397b2bac011aec371c2e98938a9b09b66fed328d4c9ca7bd1c941792c",
+    "client_s_pk": "03aa7fcc3a2b13ed9080a84f4c73ef1e8431cb0f981911d8e9b1bbf6d1b13a97c6b4230bfeb638d960f2deea221c699e80",
+    "client_s_sk": "e465935788fc3d6f16cdef00c912f9e032a6aa4d9452c86cbbf2549217f390b0a81faffdca2b752ec7bfdee0dbcda7a5",
+    "client_e_pk": "020c105b40758cf0d0c596644d387eaf598dc215652fb8c7ae3f9cab07b72ca87feb3385ede83ca6792df13959ca866650",
+    "client_e_sk": "a5c0e6f2080c4952fefdb7e50753942e8f46ed5dcd16925d976a6919d601721e7d2bd75f89b07e4a48cb7e9a5afdd450",
+    "server_s_pk": "0295c88cdbfefcacbab08754dd36b58abc72026e761a6e0337b4feee1392dd4dd0f2ac6817bb1e12df2c6020a790343695",
+    "server_s_sk": "82aaee1871a785361798e2b78179a333ae3c4da7fb8d537534e244f889c2bbc51f92c4505b24bef69dbb5028cf87653e",
+    "server_e_pk": "03363da7ae2f5ebf0ae9e3d98fe6c7ecc41fec55afa834959e71a61d848d850cf50f2636c877f78e8a7a3d525408dd79ef",
+    "server_e_sk": "a271eb33e9b9ec5f8bc797a66596bf477cbf8d4b7fbe69b18509dfe633f4159cbd3a5e92d3bd0fd2de81a7d9bb6499f5",
+    "fake_sk": "90574e2a941462615a8958064f02cfd2070ee0c2f12761eb77e70d6b5f5eb8417843b6812c89b6841ff7bdbbd2db33cc",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "3f3ff410cb7927e1ffe1d1c0f0d2360f49ef04effc2242782f155c858b50c4d6",
-    "oprf_seed": "9c98df8aaf13048694099325ff6bea1ddee273bf632e192c25fdf4a748d95a91",
-    "masking_nonce": "e4315a82379378b7d190c95a24d62871ec68b6b47f206d03a9ae0c27e6397556f50ecae65da56ee71155638cfdc932e8ec1997c16a96be1f55631977618c0b09",
-    "envelope_nonce": "26c52be641cd24569f0b566bb6fc3a8f6490229bac9ffef3345170be8d1135e4",
-    "client_nonce": "0f0f56edf27a8591093e280f79f6b304a003a4aab3565a59d4c4f6ea1e27e76b",
-    "server_nonce": "42679ba32e3301bab082c2d9580ea367cd8b737f422315329213c8b0dd5c2254",
+    "blinding_factor": "48408a664deda29200696fdb750224da0210d17f45a0b59de34162e63b57b994",
+    "oprf_seed": "94b2ded5dc7b7bf787234c8deaa2107d2522b51125d2e58b331e36b6329ad4c1",
+    "masking_nonce": "2b7d2d7e3e856bb56a1b52b0e2caf2b166b72f3542dd96913979eec031ffe9dacce0484db3069adde7e122d145a993c31bb0f6f663c178e1f95fafc7a0be8a58",
+    "envelope_nonce": "e2476436fb2d0a4fbb17821008da5e16650a8fa03f68138b733a5d200e6c2983",
+    "client_nonce": "3bd63f9517a75441ea79144e4f6b050b815cb05211737902a074ae83c6aeb2f8",
+    "server_nonce": "cbbb2b55ef928799ec4007730505e0cf2189d5e60c5d914948d32e4a02ca4488",
     "context": "636f6e74657874",
-    "registration_request": "030d2425e25d95ca6380beac64813feb5b127681fc2d3d37814a453f3815fb28dd",
-    "registration_response": "02c4610c2be8d4e308b8a31d9f4ea07686631b8237adfd7bbebd8c8c3be951d7d603df5ea7a932ff02124130743543236f3b8de290a1f27c8b9d518112beb72c527a8818a13914cf27c2375f75f832a23093",
-    "registration_upload": "02120a5aada0251e2a005bddd90a69003b97b8343467a25010e5a5f444c3cfb74ad562c4b4dcb66dc4083a81516e99cf0f4b77b4a187e359ada76ffcc29ba6e895aa3e2b1386be6eed16ad865b92d4f130526e10a69a7f9c7ae685defcd8dc4f23f2b668f63cf558c9d76cdb83bbb5b2162335ec8cc8815e9d4e604a48e1248be2bd92015103fe0396a167d7f5e031c640",
-    "credential_request": "030d2425e25d95ca6380beac64813feb5b127681fc2d3d37814a453f3815fb28dd0f0f56edf27a8591093e280f79f6b304a003a4aab3565a59d4c4f6ea1e27e76b03a01066dccb456e0e4a238d7afd1dcc788283154f0f7936295b950b316c66d0f52376b26e64585da98308c1ceea732c93",
-    "credential_response": "02c4610c2be8d4e308b8a31d9f4ea07686631b8237adfd7bbebd8c8c3be951d7d6e4315a82379378b7d190c95a24d62871ec68b6b47f206d03a9ae0c27e6397556e9aa0bfbbab92e92dd3a8e20799eba9ca690e2a7178256c394d413e9ea29321322ca32d89b4988835bc56366def8916684bdf2a06198f9535f898e35736ac1679925faffb6584c2ddf7d38185a095c5a471073142df269826c8a7baadf69ed8a3923d7b2a7073dfb2aeb780b75ab8cc991a0bfc4a2288b16e5323092e54ef4139dac21ed831d34e78e7d03dff908cae3730304fd477b4439cd862643630c4c141dccb9794d02228624d7fe1394c388fbdcdcfc6d522119b53354745e51e114f9ea1d25057b52c5403716ccf21ff0c3c22a946d65d3272add1236b8c8c0d01f801282",
-    "credential_finalization": "aad107b4b6396ef9ce3233c46992276908c3490026164817aec4b3ee301821a6",
-    "client_registration_state": "3f3ff410cb7927e1ffe1d1c0f0d2360f49ef04effc2242782f155c858b50c4d6030d2425e25d95ca6380beac64813feb5b127681fc2d3d37814a453f3815fb28dd",
-    "client_login_state": "3f3ff410cb7927e1ffe1d1c0f0d2360f49ef04effc2242782f155c858b50c4d6030d2425e25d95ca6380beac64813feb5b127681fc2d3d37814a453f3815fb28dd0f0f56edf27a8591093e280f79f6b304a003a4aab3565a59d4c4f6ea1e27e76b03a01066dccb456e0e4a238d7afd1dcc788283154f0f7936295b950b316c66d0f52376b26e64585da98308c1ceea732c936de338c62147b2f5cd9579109b40584768e7dc1ae451f7d566fb28011bc13c180f3f1001a700c59488716b45011ad5e60f0f56edf27a8591093e280f79f6b304a003a4aab3565a59d4c4f6ea1e27e76b",
-    "server_login_state": "2bee3adc9a7db1e964fd11f6b0a4cc87286762fa7548ab5d3393966f19da7cc5ca72928b4ad955a857ead83fe4a375afb7bb050f8c09c755823d7062e52c37bca3853ad81a963f92049b08f96b940e17cd5f2a8767714c5e28be1c5fa95a8d26",
-    "password_file": "02120a5aada0251e2a005bddd90a69003b97b8343467a25010e5a5f444c3cfb74ad562c4b4dcb66dc4083a81516e99cf0f4b77b4a187e359ada76ffcc29ba6e895aa3e2b1386be6eed16ad865b92d4f130526e10a69a7f9c7ae685defcd8dc4f23f2b668f63cf558c9d76cdb83bbb5b2162335ec8cc8815e9d4e604a48e1248be2bd92015103fe0396a167d7f5e031c640",
-    "export_key": "3cf2a36cb8f9df152f797718fbdead0dac400eb45300e6c93fa40c0b42713795",
-    "session_key": "a3853ad81a963f92049b08f96b940e17cd5f2a8767714c5e28be1c5fa95a8d26"
+    "registration_request": "0350999de8c8a3dfb259b5ce85966712c2989449758ac6ac14076c93c8abf3e656",
+    "registration_response": "03138b9a92582ac291858e1954b2dff11098c89fae57c2ff137400ba95b901a39a0295c88cdbfefcacbab08754dd36b58abc72026e761a6e0337b4feee1392dd4dd0f2ac6817bb1e12df2c6020a790343695",
+    "registration_upload": "03808b6fa408dc690f92e06196131aad15dff9164e10e11991d1cdcc763f979cfb4577cf766164fa6ffc75a67b13ac2a910b878ac6b600b274baa71d8eb97323ccf45443577c62faf1222bf0fe017d983ae465935788fc3d6f16cdef00c912f9e032a6aa4d9452c86cbbf2549217f390b0d55fc01d6e91ea395a9233165418b5584f38f31175083cccfae69578e85758b1",
+    "credential_request": "0350999de8c8a3dfb259b5ce85966712c2989449758ac6ac14076c93c8abf3e6563bd63f9517a75441ea79144e4f6b050b815cb05211737902a074ae83c6aeb2f802386993c958a9a14fc3a788d73f89fc932930a077c86d3222d9c40f07e3f0795d9f5c7191118978242bb722f72a082ac7",
+    "credential_response": "03138b9a92582ac291858e1954b2dff11098c89fae57c2ff137400ba95b901a39a2b7d2d7e3e856bb56a1b52b0e2caf2b166b72f3542dd96913979eec031ffe9da93db2760bead8c6834ed76bade81fe8cb849f92f957991ff9f41d1ecb7fa4eeb82acab5ba32fdbeff970a50986e16c069a230989b18a6d2488f096a52949a6e4c824f25e803253cd8498991c3707cb1ee9edc14c5b4b8b4d2e03b4059c075a785bcba61873a9d3994029e98580a55437d67cbf8d4b7fbe69b18509dfe633f4159cbd3a5e92d3bd0fd2de81a7d9bb6499f5039cf64cf96647d66faf21348683a4d80ee69fcbd8cb6545dc8a13aa52e226c77389c0f1a7bb2396bee9a6807ec566835041259eb94980ac4c5634dde99c9d0f5124e2653102170a34626f32907745e5c3",
+    "credential_finalization": "4fe1618a77247445239c7733cb0d25380fc728d86f5785fd08bbe13419fd94f5",
+    "client_registration_state": "48408a664deda29200696fdb750224da0210d17f45a0b59de34162e63b57b9940350999de8c8a3dfb259b5ce85966712c2989449758ac6ac14076c93c8abf3e656",
+    "client_login_state": "48408a664deda29200696fdb750224da0210d17f45a0b59de34162e63b57b9940350999de8c8a3dfb259b5ce85966712c2989449758ac6ac14076c93c8abf3e6563bd63f9517a75441ea79144e4f6b050b815cb05211737902a074ae83c6aeb2f802386993c958a9a14fc3a788d73f89fc932930a077c86d3222d9c40f07e3f0795d9f5c7191118978242bb722f72a082ac76bcd42cbe5150c7632326bf7b038ac8fd5cb09530c144cdfe798847035a7f14c82849c114e13883295de509a7a9a15d73bd63f9517a75441ea79144e4f6b050b815cb05211737902a074ae83c6aeb2f8",
+    "server_login_state": "882a3c1a309a19a32907ed72540b465f308380cb9adcb3e1d906d6e0c255f91de5ff8b87edbe0af9daa50908efb34a9a8da444ced5f1b0e2bfce8ffd4947e1e64d169ed4727febf302256f84ee462e2219c5217236da8749c8e3aec996eedf2e",
+    "password_file": "03808b6fa408dc690f92e06196131aad15dff9164e10e11991d1cdcc763f979cfb4577cf766164fa6ffc75a67b13ac2a910b878ac6b600b274baa71d8eb97323ccf45443577c62faf1222bf0fe017d983ae465935788fc3d6f16cdef00c912f9e032a6aa4d9452c86cbbf2549217f390b0d55fc01d6e91ea395a9233165418b5584f38f31175083cccfae69578e85758b1",
+    "export_key": "7c242005347a90ed8a263e0963f554d1c0fc2d0df3b3bdb4a818e94569da2cfa",
+    "session_key": "4d169ed4727febf302256f84ee462e2219c5217236da8749c8e3aec996eedf2e"
 }
 "#;
 
 #[cfg(feature = "ristretto255")]
 static TEST_VECTOR_P384_RISTRETTO255: &str = r#"
 {
-    "client_s_pk": "02cc4db2cf4cd01a188ad2d24f37c13d542253202a15c1967fbc01ff3c67ec3976a09d950be6e61fd331ceee6c73afe071",
-    "client_s_sk": "90a2c638013427e671591d125152921d0d18a84a6de44fd7b2b58e139b295628c137d26fc8e4b31e3d23e0a886aa70e2",
-    "client_e_pk": "031c9d7101bd543a64537944c7ffbef579852d03e109386d1cb7d40438a494a3f466daf8ce56866ff94cca71e4c8a4baf4",
-    "client_e_sk": "6e84980c5aaa6d78d3d634668b9a8427219ebf3da0dbc364d41cf29549c8dbecdcf55c91794b1147ed1f80b3f21aab9a",
-    "server_s_pk": "0330a19238b845ed798b626d991645d5454b35bdf78c1aaaa8370ca1ee90839bdfeb3022f0967103a9bf7dd65f0bd764e7",
-    "server_s_sk": "c947228ef3e8f98e14dcf8d44209508133425fa3ecd5b5dea57271b34619ec78503954df1c0d8a17067fdea51568feb0",
-    "server_e_pk": "035ec4661b6d7d838d34438a683e2260be53e49adf362f7e68e366d4eada87a475c98898f57b38f89777f470f33056a5f5",
-    "server_e_sk": "91d5f270837a3109f011a0fb1dc05fb26cb6c312dbaf5258d9c731a581e9398134cb0c5cadad0b09aeb1bbb1856973ac",
-    "fake_sk": "440fc2ef4f616072e5cc984cb49a0a6100d8ba22a002b4a7e88baf000da81acf26399e0cb1277cd55e4cbf0d595714d6",
+    "client_s_pk": "02c1d4d7d66aeb737564a1b854dd415b93cdc77c09652783d62947bac97d501bbb6a9fae15244f06b38f0f1c82a5585e5a",
+    "client_s_sk": "a0563c18fa5e065414411f2b7a05a42ccafffe6c3f820a453fdc5ec4bcbf75164646c3dda5ad48424c33342cd7e7e4df",
+    "client_e_pk": "02cfab78104a87ec00bbb5a59b9da3a2e8007ccf2b280129594f61f38702bdb9431f770201bda3cab38a583e907b686c16",
+    "client_e_sk": "5254f4ded1c5274d284bd01dd1eed07ec23ae9748857606282c6170d5a722058763367284abe9caf9389d942a523db5b",
+    "server_s_pk": "038b01c3863136ab24e59be966b61516c622bb2cbe4d615d598b692aec4584ccf03617949fa2eb768890b50f91316997f0",
+    "server_s_sk": "6dd0f63b233b2bd25288bce7b7c4128e595d7e7ae14a502151f17496d821b976f2ffc636ad02dab23786054c943a5248",
+    "server_e_pk": "0243dc3cd7669109cbe9dcd71c10c0df3c571603c90cb8f836471851c8c4e59b2b33df99a83e5f82b9997509b0937c5af7",
+    "server_e_sk": "0c6514cb587895583f71bea545cd793eb5c6c3a7b47af02bf7eec36995013ff5e62d020aebaa8584cd0c09db2a57c394",
+    "fake_sk": "bd88b0857965e266c8b9c070af374335ceed0a2588081b338128985d8e6d9ac5cf7dd28a4eab2ed92a8d1c5e40586667",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "18b3146671040f5e23f8df4e40411af98c64f356f34d4abdf8e7023c173a130e",
-    "oprf_seed": "d79e4976efa4866928d3e4fe7e463ec9e1ed756b67a2b156a991ce8c08b7a5d351d42f6e79416d30cae9032afbdedd4e46a360d3a67a2c088cc4f17f23cf548a",
-    "masking_nonce": "f28da85667feea48ee90660484e463b5a3e9c26d78ee966919413e28e5e3298314a233fe33720e72f2086e9adafa8f3ed4b994271e764a836572492e0706b6c5",
-    "envelope_nonce": "b33217f0bfca84df0f5c0e06944d7099ae657138e093e8b8fbd06886ca704f1b",
-    "client_nonce": "6d6547ddbb040af90fd6fcd961e605ed2eec4c2dee24ae729f5145eaab8c3867",
-    "server_nonce": "90901fa0e77d2e184ea1cde30eecd25e7c076245fb9ed40dcf2e64249d58c0be",
+    "blinding_factor": "945e750cc030ea56fb69fd959b1c869bbbd11598a55cca1c344680bb3af39e0c",
+    "oprf_seed": "6ede60508d189654155ebdf35e3e1f9ffac1b0a3a7c3af5623a16f0db771341826aed1298ce0a2c9458d810d0db29fb91d2220c58e5a4866ce8d26449d2ca5dd",
+    "masking_nonce": "581e546cc899d1aefb99c2b7444b66702b7e810f863303b3ae542cacee4e5fabf1b048c70e198d7f4ff92d9ef651e462ae64813d2a61dfb76834ab41ada048d4",
+    "envelope_nonce": "c1711624ac043ceaefff11d3e7cd8d0968ce5cd737edccffdf981b6e550eda63",
+    "client_nonce": "c45770702f6a169965cdc6bde6bd684ae0cca88beff84a10a10531c44881a251",
+    "server_nonce": "e22873960b1dce985b72c7aceca1211b0d62901a12ec24d5836bee01d0fa3069",
     "context": "636f6e74657874",
-    "registration_request": "b4ab9b7315e3a66face7d81f24d8e2d538e6a09acb929fa3990d8fe3f5cdc665",
-    "registration_response": "aa9159f5472d0f32d06205095eeca6cf2bfb402e2174120b1bb2d42719c5f93b0330a19238b845ed798b626d991645d5454b35bdf78c1aaaa8370ca1ee90839bdfeb3022f0967103a9bf7dd65f0bd764e7",
-    "registration_upload": "02c1c9a0f2a01152ca24c81449e4d86c9d88f2709fc5e8c03c368b8952eae9ef9485a9dc65cf9cee71991266a9c339122601b02d1deee0df0ae3d4cd90cd0ee7b775cecaf73519fa7b1744344dd8f667f566c7fff174152c539fa0e276135862cb2581154db6ce754b594f13c4cdc7649d90a2c638013427e671591d125152921d0d18a84a6de44fd7b2b58e139b2956288a1c235698eb9f64a9b3ff2392a2f927c724a4bd9eac605f445d744614ccd15ed9222d0d0c6a4ba5c3edfa58b2ba386b9cfdb23229c2baf9cd01d30cc6a4267d",
-    "credential_request": "b4ab9b7315e3a66face7d81f24d8e2d538e6a09acb929fa3990d8fe3f5cdc6656d6547ddbb040af90fd6fcd961e605ed2eec4c2dee24ae729f5145eaab8c3867031c9d7101bd543a64537944c7ffbef579852d03e109386d1cb7d40438a494a3f466daf8ce56866ff94cca71e4c8a4baf4",
-    "credential_response": "aa9159f5472d0f32d06205095eeca6cf2bfb402e2174120b1bb2d42719c5f93bf28da85667feea48ee90660484e463b5a3e9c26d78ee966919413e28e5e329838f55cc8db1b7a3159515f4f8659424bec2003f52ddc1cacf3375ebc99ce25796776206afc2336e9eac2526801f3dc865ea4f41312342de7f0380a3dbf19d07fca963efbd55279d227397bdd4061f0d6018f8e921568a13a48ead1841adb79e6fccca36e58c831e08ba390d374b54d2ea57872867e522510a5b5acd6e8db6eea17728d8193047d15a92c6b7ccc21f731a286cb6c312dbaf5258d9c731a581e9398134cb0c5cadad0b09aeb1bbb1856973ac02a333fd1a99cd9efdc223198828ceb73535ad7583f8b2d1a660e9111fb90e7d59699c6a59b7222ffef86be508701cfb16327891268981272101c472e0018e8f685976e9fc02a760a05c4260477400092cfb9e57f91c487194cbb6eee9abe2d99957151a0f11bcfee0fe3862012119847c",
-    "credential_finalization": "4a6ecd34b51d45a77f34f8a959dbac7e507c749ec869eb936d6c591691f74c13c8906a9e02071768eb28f6f0244e9a673c42bdbf326319c5ae93a8837fad2a5b",
-    "client_registration_state": "18b3146671040f5e23f8df4e40411af98c64f356f34d4abdf8e7023c173a130eb4ab9b7315e3a66face7d81f24d8e2d538e6a09acb929fa3990d8fe3f5cdc665",
-    "client_login_state": "18b3146671040f5e23f8df4e40411af98c64f356f34d4abdf8e7023c173a130eb4ab9b7315e3a66face7d81f24d8e2d538e6a09acb929fa3990d8fe3f5cdc6656d6547ddbb040af90fd6fcd961e605ed2eec4c2dee24ae729f5145eaab8c3867031c9d7101bd543a64537944c7ffbef579852d03e109386d1cb7d40438a494a3f466daf8ce56866ff94cca71e4c8a4baf46e84980c5aaa6d78d3d634668b9a8427219ebf3da0dbc364d41cf29549c8dbecdcf55c91794b1147ed1f80b3f21aab9a6d6547ddbb040af90fd6fcd961e605ed2eec4c2dee24ae729f5145eaab8c3867",
-    "server_login_state": "2e28f843e78b3a64e90d4fe4e69e6c905a6f0dc88ec4da004cc6aa83709f5f62631c0359489957187f9bbc1e188a9577cd839e20210ae14da99c921d779a7e7b05542f09b2fa76e5ab43a73b14f3b4be10d14c56271eb1a5a1ee01ef781d220321ca21deaf632855aa442d91f32b6f4d89c5b87cadaf158b93cf71c0c84b7f7ec26fc66b9419dbf492de4a2e9874ef8002c792726b7dc1db770453a5eb1dc94fe245885e7d3aa33ed6e262db3b9344624a5d92b97521a169c78f837d8e5a4f7b",
-    "password_file": "02c1c9a0f2a01152ca24c81449e4d86c9d88f2709fc5e8c03c368b8952eae9ef9485a9dc65cf9cee71991266a9c339122601b02d1deee0df0ae3d4cd90cd0ee7b775cecaf73519fa7b1744344dd8f667f566c7fff174152c539fa0e276135862cb2581154db6ce754b594f13c4cdc7649d90a2c638013427e671591d125152921d0d18a84a6de44fd7b2b58e139b2956288a1c235698eb9f64a9b3ff2392a2f927c724a4bd9eac605f445d744614ccd15ed9222d0d0c6a4ba5c3edfa58b2ba386b9cfdb23229c2baf9cd01d30cc6a4267d",
-    "export_key": "d22fbb27898c9d010471f75d5c914cc96543a381e895660e9650f718bbd410c3d1fdee25d251af597cd21bd1b4165861e19bc424dc9cd9c9381cc278fa812b38",
-    "session_key": "c26fc66b9419dbf492de4a2e9874ef8002c792726b7dc1db770453a5eb1dc94fe245885e7d3aa33ed6e262db3b9344624a5d92b97521a169c78f837d8e5a4f7b"
+    "registration_request": "38f651deae743ceb93947f3b29c0b6a8bdca06cd2ddbf8bf4034f188eb21a341",
+    "registration_response": "9a35389a31de25ffdb70f4c76630c55089acf2b4f4de9543f59ece5ebe3a4626038b01c3863136ab24e59be966b61516c622bb2cbe4d615d598b692aec4584ccf03617949fa2eb768890b50f91316997f0",
+    "registration_upload": "037243f014bbdfa0dbbc3caa7333fcad50be492f2c08233f81a798fed8fabef6b4b400920800531dc9eb25d3af5d9f20a1ac1cb96ceb4f40c0dc2a86f9b3fd0cb869b697b95cef3ceb267219df86f74d143102a91ea5499b1beb4d184964722caef65d052c9527104424e0320809928391a0563c18fa5e065414411f2b7a05a42ccafffe6c3f820a453fdc5ec4bcbf75161189765050d2b8e8e288f7e7d4dae5a4d864e39de8dfe6b56d4ecd2f7aa1d73b970ef1d89e00dd468e92465676f11fcbb3ce89dfa165700034942a4120ac8c14",
+    "credential_request": "38f651deae743ceb93947f3b29c0b6a8bdca06cd2ddbf8bf4034f188eb21a341c45770702f6a169965cdc6bde6bd684ae0cca88beff84a10a10531c44881a25102ff65f91c0f286b9469d0f33463b70868e2693f8c511c92dba2e55689bbd298a440c2c6b0c831fe87dfb8ad6286460d1b",
+    "credential_response": "9a35389a31de25ffdb70f4c76630c55089acf2b4f4de9543f59ece5ebe3a4626581e546cc899d1aefb99c2b7444b66702b7e810f863303b3ae542cacee4e5fab6a5aae2fee1f37a48874d26eda94d6285d5002bcc0c070fccf0c7731f55ceca1b678e1c355d4d933992866bee7f9f28b43359b348e63292bc9ffbd5d41ff8f14d5398384c86920b882e92476b954d4481234fbc01021b0c5e78327bc170aa0278eec426b7cedddd0d6b3d807bc3d9f52f3fc3a40a425f5514200f16eb92e0d7c67530fb4f215bc3e6b14e95cd4f03cbd7eb5c6c3a7b47af02bf7eec36995013ff5e62d020aebaa8584cd0c09db2a57c3940241e8e3ea63ecb7374164f8713b915f2d563a18f99c13e855a82d8f2af5af048835e4146f56612b9fd4e67f823a70e48a19df97488e6d1b7ff3a0a1e949ed25aa4835d88ea7a44f5028e8ad58ca0203c0087439e22dd7aea4ce64d8fae6432bfcb601acd244fe9e44b392c69cfc116ad4",
+    "credential_finalization": "50f417b52847e0af257a96f03ec433bc1b202528727cd0d768247c7584d0e14879d9eff7a4a61c1b954f923c64b0c2fffb328cdba031b7be95b3dc49e23042d6",
+    "client_registration_state": "945e750cc030ea56fb69fd959b1c869bbbd11598a55cca1c344680bb3af39e0c38f651deae743ceb93947f3b29c0b6a8bdca06cd2ddbf8bf4034f188eb21a341",
+    "client_login_state": "945e750cc030ea56fb69fd959b1c869bbbd11598a55cca1c344680bb3af39e0c38f651deae743ceb93947f3b29c0b6a8bdca06cd2ddbf8bf4034f188eb21a341c45770702f6a169965cdc6bde6bd684ae0cca88beff84a10a10531c44881a25102ff65f91c0f286b9469d0f33463b70868e2693f8c511c92dba2e55689bbd298a440c2c6b0c831fe87dfb8ad6286460d1bd089e7b04a5bddab582c56c919ed4972e43ec70695d516b48b3d54f3a98a5c4b47e663fbc0691f3eaf2d33d7c6e951acc45770702f6a169965cdc6bde6bd684ae0cca88beff84a10a10531c44881a251",
+    "server_login_state": "ab1b5088cc404142917da8cb9f0460800e222acd0abb20a0411824bbb3a33530caa46508d6a4d6778394fa3a1c7dc7c922241761e84567b0900365479ca10cdcae0c9adf368396b41a0c857c52274c3705ea4cc35b3dce1c83cd6b17b75723a0a93996c25c33f2fd1d2367416c40743ca0019db466d62c64cf832670a5e4e2e0526b13f76de824546a13c404d9545a6d401c13d0034c9e4b748854eaf316b74c5df9c3dc2caa274f196b9bd5c0e2ebf9036ec462f72da000d8e9631490aa19e0",
+    "password_file": "037243f014bbdfa0dbbc3caa7333fcad50be492f2c08233f81a798fed8fabef6b4b400920800531dc9eb25d3af5d9f20a1ac1cb96ceb4f40c0dc2a86f9b3fd0cb869b697b95cef3ceb267219df86f74d143102a91ea5499b1beb4d184964722caef65d052c9527104424e0320809928391a0563c18fa5e065414411f2b7a05a42ccafffe6c3f820a453fdc5ec4bcbf75161189765050d2b8e8e288f7e7d4dae5a4d864e39de8dfe6b56d4ecd2f7aa1d73b970ef1d89e00dd468e92465676f11fcbb3ce89dfa165700034942a4120ac8c14",
+    "export_key": "9763c031678a1b0398640298c9b2ab1651c580ca573e77279fb8e5869fd2d728faf4eff799ff9f6da74452935afe513da1dbaee132514c79529cd48680fa9df7",
+    "session_key": "526b13f76de824546a13c404d9545a6d401c13d0034c9e4b748854eaf316b74c5df9c3dc2caa274f196b9bd5c0e2ebf9036ec462f72da000d8e9631490aa19e0"
 }
 "#;
 
 #[cfg(feature = "curve25519")]
 static TEST_VECTOR_CURVE25519_P256: &str = r#"
 {
-    "client_s_pk": "38b0b198b9052e984915d69db446e9f3a849a1757326f515931ee09edcdbc961",
-    "client_s_sk": "40055b17e92514255397f1d41a3dab3ec99e26e59a3aa87e51e57be393f8bd79",
-    "client_e_pk": "e4aa7ebf12ea0bbbea4cae36dc7fc6487a1d978c776d9dfc99b242352ad02020",
-    "client_e_sk": "188d93b88f1f0d53e37e23d3cd02739313225730c604bca989ff7b28092e4a6f",
-    "server_s_pk": "f55eb503c79e571e2f02df2eb26fc7d8eb643f9bbd6e21e2380b146ac4b63015",
-    "server_s_sk": "e0413670da0428b85919a9bc5224cd1018a22e2ff0d28806b823939fac56a161",
-    "server_e_pk": "ad21cc835ae87a3b57f3b4a7a33e910119911fb2191d7d2a9886b236b650076f",
-    "server_e_sk": "f8d2b5904465387c3f9cf701a90c452118236f55b712e577d80ca1d25a8fbb53",
-    "fake_sk": "506072af99437e36b7a20edabf6f74b9de5bff63b68498b42093eaa3ff217d59",
+    "client_s_pk": "356d33885c60c90a4bca2ca9e758c72842016738cb29114efe5b363a77e60e18",
+    "client_s_sk": "98e74559a5af2af21de2f4caf01dd88232ee6a542e6bd2ed68b9dfa9ddf65e6f",
+    "client_e_pk": "d9a367a4aa1f2822a5e50d3616f8763bda41a0882f2d29d78e25db36594dd44a",
+    "client_e_sk": "f8ca80bc3fc0301986545adc309928a756d2aa1e79c6c617386a2ce9bc31da5c",
+    "server_s_pk": "fd69aa024b1896f5911c50d2990ec5075738a5a86a9722b9779eb3032eb74838",
+    "server_s_sk": "b06d35d129927c7427b2532656d7b33db7e6ff0070c630ab37a5022af8899b6d",
+    "server_e_pk": "05369b574ab94ef297688d377c4fb4693b80898733128ebce44ad6614290aa64",
+    "server_e_sk": "a02c5c8d35a1924823bd9ece4a67906211a29674355896061f2c72b63a806959",
+    "fake_sk": "48faf5b2e5852fa92c7e431eee79383886885e9b2fa0e5957728614af670c964",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "77f72593b0d5929fad255520968e9c50e23be4435e6a905f76f3bea8f7c27b64",
-    "oprf_seed": "dc731ad0171dfde4bfecabfc1cdeb4a0290154a8471e638d113ee4982256d9a1",
-    "masking_nonce": "a0e80933055bd24cb72ff56934bc806238f4b73343ad51a79d310d9aa5b42de9ed163be75585cf084abd740d9f4deea8ce8fa9b5d51ac05d5cf05e2ff7978885",
-    "envelope_nonce": "badbb8f3e2fce06a7e3b55837b0780808dcee7ac66790a7350a54397cdbc2a6f",
-    "client_nonce": "4f233bf42d70daef2c8d15f8f1f1dd05c17d42a823729e5e03b95b888ffd292f",
-    "server_nonce": "a6c2b03c340452bbb0beb83145c9b2def77c20dd9273f9b659e7994767d54a6a",
+    "blinding_factor": "afde4969d9abad215bc2d476b968a4113ce39c8736da16e107e067abbb9343c9",
+    "oprf_seed": "1b55db8ba8bed7c6dffee2682971f938ae43f91898698c5f34a6c6dd64e69a19",
+    "masking_nonce": "da87388c66103598f4b49a44abc7ac2ebf6caad4db2e32e19fb59d845e9d9b820f7afe413703648d03501421f9d2e25bd38bf35bd0a5b7167927cebe237c3dad",
+    "envelope_nonce": "3c9f900ce6674b8ea3ee734678bd1e9397a1842392f2c79b3400434bee6934f4",
+    "client_nonce": "e1b52de2ccb8b8b9175bca18cac32ac5138717d2bdea57dd1e8182f71e98af8e",
+    "server_nonce": "d26610cea1112c2c57955b5e24242be031632dfd8ce1a018cc62ee653e5a8e33",
     "context": "636f6e74657874",
-    "registration_request": "02ff13cea4ee0d08c43547401b92ef22cbee3809a82793f408ce06334b6b68e4a4",
-    "registration_response": "02523d3ffef8304612b881bd531046ebaa9bc4b2a8907aea0bc04c9cf96234c6bdf55eb503c79e571e2f02df2eb26fc7d8eb643f9bbd6e21e2380b146ac4b63015",
-    "registration_upload": "8010abb90d3e91b604211096baed17a17870e86184b1235d6b63e03e23ce17235c5cff09c6da8bde2b79f14b65182675bd12e43afefb7180c0293b0c691400c340055b17e92514255397f1d41a3dab3ec99e26e59a3aa87e51e57be393f8bd79379d6e9677361f90c04568ece1ed408c3a4bcfee8d2d51fb37be07cf1ff2dd45",
-    "credential_request": "02ff13cea4ee0d08c43547401b92ef22cbee3809a82793f408ce06334b6b68e4a44f233bf42d70daef2c8d15f8f1f1dd05c17d42a823729e5e03b95b888ffd292fe4aa7ebf12ea0bbbea4cae36dc7fc6487a1d978c776d9dfc99b242352ad02020",
-    "credential_response": "02523d3ffef8304612b881bd531046ebaa9bc4b2a8907aea0bc04c9cf96234c6bda0e80933055bd24cb72ff56934bc806238f4b73343ad51a79d310d9aa5b42de90715f6d20ea09505d5fee194b49e0bca9298e609c0edd5b8c809664f0cb1bb2f23e54a172f9b51bacce6cdea6a8c726ef7b5f89e60656777b81d5a46d35a06ccb38baffc1310edb238c576e1131e5727fd675308d58bbf261adea4a8d5ca48b0f8d2b5904465387c3f9cf701a90c452118236f55b712e577d80ca1d25a8fbb53a84a2876fce2b84c8e614654eec37c5108839ecde31e59ff7ecda7c8b54fe935f8f1e6658dc5ec3e6a09d1b1e8061e2aed69c4bed011d9643073774efa449f79",
-    "credential_finalization": "d00d48e102832a2b524a0c78c860cc2a7f6f51ba7b64167aec2625c298e194e2",
-    "client_registration_state": "77f72593b0d5929fad255520968e9c50e23be4435e6a905f76f3bea8f7c27b6402ff13cea4ee0d08c43547401b92ef22cbee3809a82793f408ce06334b6b68e4a4",
-    "client_login_state": "77f72593b0d5929fad255520968e9c50e23be4435e6a905f76f3bea8f7c27b6402ff13cea4ee0d08c43547401b92ef22cbee3809a82793f408ce06334b6b68e4a44f233bf42d70daef2c8d15f8f1f1dd05c17d42a823729e5e03b95b888ffd292fe4aa7ebf12ea0bbbea4cae36dc7fc6487a1d978c776d9dfc99b242352ad02020188d93b88f1f0d53e37e23d3cd02739313225730c604bca989ff7b28092e4a6f4f233bf42d70daef2c8d15f8f1f1dd05c17d42a823729e5e03b95b888ffd292f",
-    "server_login_state": "bc8e945f9bf279ca6e692eef43108aeedf80a8a3218185e17ebf3d4ce615439af1241c85909d21f186c53031317205e55cecd1a946a8c5f24279a8da6dc22246e0a3ffe2e9ba8378de1889ab273d5e163a354f45f0313040368c17f0928c5a27",
-    "password_file": "8010abb90d3e91b604211096baed17a17870e86184b1235d6b63e03e23ce17235c5cff09c6da8bde2b79f14b65182675bd12e43afefb7180c0293b0c691400c340055b17e92514255397f1d41a3dab3ec99e26e59a3aa87e51e57be393f8bd79379d6e9677361f90c04568ece1ed408c3a4bcfee8d2d51fb37be07cf1ff2dd45",
-    "export_key": "0829e4020fc39969675e55a41b666c6a6e90828e4d77ec9cadb2a06960757397",
-    "session_key": "e0a3ffe2e9ba8378de1889ab273d5e163a354f45f0313040368c17f0928c5a27"
+    "registration_request": "035741c014e89d5a10fd6f2b81e2cfc9f35e53222c619fb6fd20608843530b74ae",
+    "registration_response": "0264db058e5010d658021d7c1b972d626fa353712c83bf7a7500d4a9bc22e85358fd69aa024b1896f5911c50d2990ec5075738a5a86a9722b9779eb3032eb74838",
+    "registration_upload": "9dc1380a44873401d0dc181baecf898e9bc1f4bbcd75e7de3e28ef9f6b570479e059b27ad6ed0f9b240d9dde050aedbf30a5684e23dfe1af47f6bb75b240c74a98e74559a5af2af21de2f4caf01dd88232ee6a542e6bd2ed68b9dfa9ddf65e6f85396cff1f5d230d09bd9e662bd5a4d9594a32d2ab2b2f8a581542db82467f5e",
+    "credential_request": "035741c014e89d5a10fd6f2b81e2cfc9f35e53222c619fb6fd20608843530b74aee1b52de2ccb8b8b9175bca18cac32ac5138717d2bdea57dd1e8182f71e98af8ed9a367a4aa1f2822a5e50d3616f8763bda41a0882f2d29d78e25db36594dd44a",
+    "credential_response": "0264db058e5010d658021d7c1b972d626fa353712c83bf7a7500d4a9bc22e85358da87388c66103598f4b49a44abc7ac2ebf6caad4db2e32e19fb59d845e9d9b82aac713b4beab61312d2d57d98249f1a6e5e7c8bd435d704149679a381fe3c8da8b9b682af290e93422d1c52fa5cb94135823f8587b3c2a9056ab36845659ff2cad86ca029fd836b316471f1a42ee1a928331a4f7c1ec7aefc6429a13008c88bea02c5c8d35a1924823bd9ece4a67906211a29674355896061f2c72b63a806959606d4e3a19bfa8f940c87e5dc9e63ddf6c083d7406942c8c32e6bf7b35c504231d00490013365017c87b0c786f7d58e0bbe69c3c7f22f75e67c4a2ebf716c595",
+    "credential_finalization": "e9e0ec963e9096dcfcbed47fdf6ac5c0fa43103a11753d7f82652ea3d64a2657",
+    "client_registration_state": "afde4969d9abad215bc2d476b968a4113ce39c8736da16e107e067abbb9343c9035741c014e89d5a10fd6f2b81e2cfc9f35e53222c619fb6fd20608843530b74ae",
+    "client_login_state": "afde4969d9abad215bc2d476b968a4113ce39c8736da16e107e067abbb9343c9035741c014e89d5a10fd6f2b81e2cfc9f35e53222c619fb6fd20608843530b74aee1b52de2ccb8b8b9175bca18cac32ac5138717d2bdea57dd1e8182f71e98af8ed9a367a4aa1f2822a5e50d3616f8763bda41a0882f2d29d78e25db36594dd44af8ca80bc3fc0301986545adc309928a756d2aa1e79c6c617386a2ce9bc31da5ce1b52de2ccb8b8b9175bca18cac32ac5138717d2bdea57dd1e8182f71e98af8e",
+    "server_login_state": "f34318b0b8512ad4aed925465f80e25f3ca18b6ac57f0341beeaeda4ce944580d541e1e80e929cd4f2ce6e91c71a816e09833176a3a3e48801e9583b7da585535266262802364c33b9f4ebbf1e5fafe05b4beb6871bd197c5c3110d22404dd5b",
+    "password_file": "9dc1380a44873401d0dc181baecf898e9bc1f4bbcd75e7de3e28ef9f6b570479e059b27ad6ed0f9b240d9dde050aedbf30a5684e23dfe1af47f6bb75b240c74a98e74559a5af2af21de2f4caf01dd88232ee6a542e6bd2ed68b9dfa9ddf65e6f85396cff1f5d230d09bd9e662bd5a4d9594a32d2ab2b2f8a581542db82467f5e",
+    "export_key": "644446d460267013ccc320a626484f6d8b4fa773f1558c43eb0ddce656a53570",
+    "session_key": "5266262802364c33b9f4ebbf1e5fafe05b4beb6871bd197c5c3110d22404dd5b"
 }
 "#;
 
 #[cfg(feature = "curve25519")]
 static TEST_VECTOR_CURVE25519_P384: &str = r#"
 {
-    "client_s_pk": "48f5981857f751260755dda39b0bb9301d289cdcd33e1f67e73be3ef6dc3be1a",
-    "client_s_sk": "50aca1815bff3bb177b08c8266268de689ceae2d1c531e8b8bc43eec5135be44",
-    "client_e_pk": "d45cd2abb676ce52929d3acb84d5f28728f151dc38cd9a5563ebe3f5a01c9d3e",
-    "client_e_sk": "2086a9563d612e810c1577ff8ca15c9bde4bdc9a8b798ffbdc2a8c741f523a7c",
-    "server_s_pk": "6b4714a941d5ead7b95ef5a8a46931b2e1a70a9bcfafaf46e62f899501334c13",
-    "server_s_sk": "a0f72a112e1eabac338b8db81ec6351849ce5bc87b18621228574f23cc49e742",
-    "server_e_pk": "aff17bf2ef5da674aaf387d9a9d703f11a49420b16a0ed737b7273302c9c3f2f",
-    "server_e_sk": "880bb9e8b1f6cd5cfd33244645594597abe0f6745c14673fe7f7b23093645c6e",
-    "fake_sk": "68d483d304f72cd4a23b168b205a8dc24b5701dfc0b01beaa06d1b981dfa6a68",
+    "client_s_pk": "f94d2f4ed06a99e5dc09edb4ed4566a29cb6706243ad0665019b559932a93375",
+    "client_s_sk": "8034c5724cb6345b3534de5b1e44f6e4e97f5a98c3f5c7203f84aa370f00dd54",
+    "client_e_pk": "3a8ec2f554673ecf8c706759d6f24a3a068594f49e22769c763a3f712e289a22",
+    "client_e_sk": "60dac79209e340f068112840c69c681f458d55916af81521e3aac61058aed542",
+    "server_s_pk": "70dafba720cf8ed7c5001107f1679974c8dd53f51bb12c6362024bd46d294e6a",
+    "server_s_sk": "b0beb05237a893edeefad4bfb87d8a56d79120e2ef71ccf335fb36719822bf54",
+    "server_e_pk": "7e5ac26d2eece1e95a7db76a2c9b0f63119c59755bde71baa153b700d10afa09",
+    "server_e_sk": "004fb840dc8e2b4bf44cbce8bc9fb2439439ea8c81bf9299fe62a6a7eb133572",
+    "fake_sk": "a8b7f29cc8faa909eccd741c8a9c043adf30b76ceb29979015e4905aa8c98975",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "6b5d786310cb26e3fe5db136630c8093ff5c0e02e4592aaa661db37afa3633a685cca5f854e7f4a995637f9a47148c45",
-    "oprf_seed": "bb6299ef75f1fd683b01fe618c97e76f78d00beeaf89f8d9bd26c4957370c763995903e646d79a1e227792e76f3bab25",
-    "masking_nonce": "6d5c6727439f651e6bcdd9efc0b94c245eb99dd1f93168a39adb606fa2d10999f0982eb5d81ba9d6137e9a3dd67137079f85fa26337a34920644c2876e359ba0",
-    "envelope_nonce": "f0763b1b82e7ef64ff776c9c54c904fca0daff3ccb3c5491ed0572dde5d80b43",
-    "client_nonce": "de803700c352584a1acb7dad14ad0b0f3dd9f705cc5d7d116525655b1488aa4e",
-    "server_nonce": "b223d9c59395281d0c1a0ca400239a13c654b574e009f2fa17c5c0b1bbe122df",
+    "blinding_factor": "b448ff1079b9bb899acb01f271303e43a1db682c515780cff8ede88795ab7aae65af947df67425dacce97080a82d63ee",
+    "oprf_seed": "453a628c1033f01a8a7e289afd6a0701249eb387115e68dda5e9762815acc3c6890201190623466deb6ebcfa8d348c97",
+    "masking_nonce": "043b357b425f2fa9a3bcd694f4599838ade3d2a565f3debb64549400922f698bee9d14b0246b92eecf22aee99d9267643e33bf2e6d1985da0b12fb06a1acf102",
+    "envelope_nonce": "872593dc9342df3095eabdd5f238c27874e6bfdac3f7f2b413f396aa878dcc30",
+    "client_nonce": "5b11f9c0204aa46756eb81a3929a54e3723294459cb82b37694cf7c1b8c130c0",
+    "server_nonce": "2ed607c5c0d2cf6babe59b07b175eb2daca2c7b7f4f18ab8109edde08a2467db",
     "context": "636f6e74657874",
-    "registration_request": "021479a9b9259fd3468c21a845ae0394f7ae3799eaec2071a704de76a8842650396f5cdf675fce44c576273caa0f0ef91f",
-    "registration_response": "03aba676b07a6ee5d7f377bc6d63bd44181ff54a2b2e855dc6acafab8a9eefcd907add6d5a727f9b4ed2371f1b634709566b4714a941d5ead7b95ef5a8a46931b2e1a70a9bcfafaf46e62f899501334c13",
-    "registration_upload": "0e1968eb57014818e1a47db69ffc2e6bd43413fe50724a0f2e66b0bbe00c5968abbc8ddf519182bc468fbd10aba973679e7bf15a3e892dd654ac44e182b5e98b19f191ddd7116c820646da8be696b74450aca1815bff3bb177b08c8266268de689ceae2d1c531e8b8bc43eec5135be44c61537ea762ad6c261d760b4a62f812776e6080b270454f250b7a038519b004883883d61431cf5a579c276997d145473",
-    "credential_request": "021479a9b9259fd3468c21a845ae0394f7ae3799eaec2071a704de76a8842650396f5cdf675fce44c576273caa0f0ef91fde803700c352584a1acb7dad14ad0b0f3dd9f705cc5d7d116525655b1488aa4ed45cd2abb676ce52929d3acb84d5f28728f151dc38cd9a5563ebe3f5a01c9d3e",
-    "credential_response": "03aba676b07a6ee5d7f377bc6d63bd44181ff54a2b2e855dc6acafab8a9eefcd907add6d5a727f9b4ed2371f1b634709566d5c6727439f651e6bcdd9efc0b94c245eb99dd1f93168a39adb606fa2d10999a439ad64da556f040fc4b1830ec5f2eb687f0428ba6922790261799bf57da9170c3dc0b4fafcc0d5c29369bf0a0cb5b2c45be562bd2f5916995f4305016814fcfb91a1a7a0ce6e9a838459243bc3f97f8409d7850cdb1898995e8f604ef2d3f5b517103ae49c7295e184908524105e5a880bb9e8b1f6cd5cfd33244645594597abe0f6745c14673fe7f7b23093645c6e7a62bf93aba31ac9fa1cf47d544296b394f332be17ebe261dc877a52925a522ceff4305ad5d438eac1c18eeb41806f132972edc808a6d61d2916a5079dccb7036df014ced5e1e997fd0f261f2e352210",
-    "credential_finalization": "87f513c31cd2b9cf2925aa837f94830451dd7e77c992a4553be03975c5ebf267a4d2cee9107c070a6d36a080d5382050",
-    "client_registration_state": "6b5d786310cb26e3fe5db136630c8093ff5c0e02e4592aaa661db37afa3633a685cca5f854e7f4a995637f9a47148c45021479a9b9259fd3468c21a845ae0394f7ae3799eaec2071a704de76a8842650396f5cdf675fce44c576273caa0f0ef91f",
-    "client_login_state": "6b5d786310cb26e3fe5db136630c8093ff5c0e02e4592aaa661db37afa3633a685cca5f854e7f4a995637f9a47148c45021479a9b9259fd3468c21a845ae0394f7ae3799eaec2071a704de76a8842650396f5cdf675fce44c576273caa0f0ef91fde803700c352584a1acb7dad14ad0b0f3dd9f705cc5d7d116525655b1488aa4ed45cd2abb676ce52929d3acb84d5f28728f151dc38cd9a5563ebe3f5a01c9d3e2086a9563d612e810c1577ff8ca15c9bde4bdc9a8b798ffbdc2a8c741f523a7cde803700c352584a1acb7dad14ad0b0f3dd9f705cc5d7d116525655b1488aa4e",
-    "server_login_state": "372da5d4c6d77a4fb44434763763edce2d6b83f72097c725c91aae2ff35a42d5954d68fb3cb2e62cbfc1aae56c5c275a5589be237d12cb26f934e78173539d1a48026c1ce9b7d3af0673bdf5088304464103037ccc6358fb87fba80e5b8b1596f51996af62e3d8091418b330cf334522719051d9f5adb904ce2fd2216a1e69fa71c245df8762e6d90d179f6b45ddee4c",
-    "password_file": "0e1968eb57014818e1a47db69ffc2e6bd43413fe50724a0f2e66b0bbe00c5968abbc8ddf519182bc468fbd10aba973679e7bf15a3e892dd654ac44e182b5e98b19f191ddd7116c820646da8be696b74450aca1815bff3bb177b08c8266268de689ceae2d1c531e8b8bc43eec5135be44c61537ea762ad6c261d760b4a62f812776e6080b270454f250b7a038519b004883883d61431cf5a579c276997d145473",
-    "export_key": "fb264c2b17768a2d567fe50b42ae3895f367f8c26c01e1d66491667d1971811d295af553a92bf8895499a90818721bc8",
-    "session_key": "f51996af62e3d8091418b330cf334522719051d9f5adb904ce2fd2216a1e69fa71c245df8762e6d90d179f6b45ddee4c"
+    "registration_request": "03840be924a75bf138c7d6ae38a34cee612df596e2e375482cdec3416bcee6e18ced4de0fb21325b54695724bcb2f6fb4b",
+    "registration_response": "037179bd08a76c2e668c9665df3a6b47d2753a6cd0d3cc84ceaccc8719f538a603a4704e4cc1e8c04dcb3e1f30fb69badd70dafba720cf8ed7c5001107f1679974c8dd53f51bb12c6362024bd46d294e6a",
+    "registration_upload": "036855719f79f2e7431c00616260933a2ead332dddc0d6a431945095f3abc62da8d6f332c5d8508850d33745ef81d4a87c7c684c6546aa31ce1084a279bbdc6d76b7c58c398d438e046e1e2b60ae9c9a8034c5724cb6345b3534de5b1e44f6e4e97f5a98c3f5c7203f84aa370f00dd5432cae335c0d7f1dd6abcce898bc8a7c7fe2ccc1e8b37accacd9f28f8a236f71979e28d47fe3ccaadb292fff9d4cc4c67",
+    "credential_request": "03840be924a75bf138c7d6ae38a34cee612df596e2e375482cdec3416bcee6e18ced4de0fb21325b54695724bcb2f6fb4b5b11f9c0204aa46756eb81a3929a54e3723294459cb82b37694cf7c1b8c130c03a8ec2f554673ecf8c706759d6f24a3a068594f49e22769c763a3f712e289a22",
+    "credential_response": "037179bd08a76c2e668c9665df3a6b47d2753a6cd0d3cc84ceaccc8719f538a603a4704e4cc1e8c04dcb3e1f30fb69badd043b357b425f2fa9a3bcd694f4599838ade3d2a565f3debb64549400922f698b817494112f8b8547a859357085e26d06cdb5cf3fc1d815fc35c158d0fd079bcee961df7356749be2fd54f310f89260a7cf67de23b12ef4b3a1f4f39f9454279602f6c32842f7618aa41cb16cd94c58490e2174641dcc05134e3d7806c5a0af9eacc7c53bf8aea591bb25a7ac9ae6307d004fb840dc8e2b4bf44cbce8bc9fb2439439ea8c81bf9299fe62a6a7eb133572891c828f84395e2fa18bddf2779342d51d87a6cc0382ff7b4f792ec1d25dc9110c60c54343806bb3fabf01c74cd948cb089a4f5841b43f85335ccfea5c6bac71b282f1fda62f6c49d11fc7da20ff4f08",
+    "credential_finalization": "e85722888bbf3939cee3510febedb204e6768dcdfb99d258754e5a9bbd7f8ea1a0d65a6dd28af223e94f334c5801a06c",
+    "client_registration_state": "b448ff1079b9bb899acb01f271303e43a1db682c515780cff8ede88795ab7aae65af947df67425dacce97080a82d63ee03840be924a75bf138c7d6ae38a34cee612df596e2e375482cdec3416bcee6e18ced4de0fb21325b54695724bcb2f6fb4b",
+    "client_login_state": "b448ff1079b9bb899acb01f271303e43a1db682c515780cff8ede88795ab7aae65af947df67425dacce97080a82d63ee03840be924a75bf138c7d6ae38a34cee612df596e2e375482cdec3416bcee6e18ced4de0fb21325b54695724bcb2f6fb4b5b11f9c0204aa46756eb81a3929a54e3723294459cb82b37694cf7c1b8c130c03a8ec2f554673ecf8c706759d6f24a3a068594f49e22769c763a3f712e289a2260dac79209e340f068112840c69c681f458d55916af81521e3aac61058aed5425b11f9c0204aa46756eb81a3929a54e3723294459cb82b37694cf7c1b8c130c0",
+    "server_login_state": "92be6961dc5d248b0724bd3f428e036d968756f0b7e0e551c5f4100294b1c8dffa147894e74b1e0229d8fdca0971a529d85fe7c10eba397a9499c59e8513c72df6687652590a36cf7bf3cc4a06d9ab452431ee154bf2a41542c6ec5c4f5de94db19f799a9ab8cf49cc4ecd52b35f6b7a01d454a8f5bc0f3853e43278463da212a614bb4a32b3c3bbb8ee2e9e284a5749",
+    "password_file": "036855719f79f2e7431c00616260933a2ead332dddc0d6a431945095f3abc62da8d6f332c5d8508850d33745ef81d4a87c7c684c6546aa31ce1084a279bbdc6d76b7c58c398d438e046e1e2b60ae9c9a8034c5724cb6345b3534de5b1e44f6e4e97f5a98c3f5c7203f84aa370f00dd5432cae335c0d7f1dd6abcce898bc8a7c7fe2ccc1e8b37accacd9f28f8a236f71979e28d47fe3ccaadb292fff9d4cc4c67",
+    "export_key": "7175fbd9eed61a7cb5b723faafec8c945733622a90c75a72ec262599cff1afeb0ddc1f30eadb69c71def535001ef5e99",
+    "session_key": "b19f799a9ab8cf49cc4ecd52b35f6b7a01d454a8f5bc0f3853e43278463da212a614bb4a32b3c3bbb8ee2e9e284a5749"
 }
 "#;
 
 #[cfg(all(feature = "curve25519", feature = "ristretto255"))]
 static TEST_VECTOR_CURVE25519_RISTRETTO255: &str = r#"
 {
-    "client_s_pk": "363782085dc9ce45941b115cbca3b7ec9edca78b1a1577b1e38f45257db10c47",
-    "client_s_sk": "f814cf6d954ce49ba9f7d08057fa0532a6f3f26015e6b840f699abb2ff6d3e61",
-    "client_e_pk": "39d8880879a8d2e59f79bb9e3c2764295ac555fbf55a313dfe833dbfd0492e1b",
-    "client_e_sk": "20138f08d643dec02a1a7712a2dafaf2fc84b5b0b100f400dc79cc177aa04c52",
-    "server_s_pk": "2a5ae7873d58cae6380a31e9bb05139569b6788157fd831a86a0b24817e20e47",
-    "server_s_sk": "088119352422e4c69bec2b9dbe2981547cfbb6a50000885c1f0daa183f62dc5a",
-    "server_e_pk": "95ed39658ea9dcd4a0faf9592d516221039d40830a5e5c00811bad7c239a6019",
-    "server_e_sk": "78b4f265e4c44bde1e29235a298565e70ce9213f6e80bf17ca539cf38e801545",
-    "fake_sk": "18e90cf8c31de503cb9dda3dbc702965b7dee7d1484a7f01a85dd8aae577864f",
+    "client_s_pk": "6f00b5a7c3400e5b3480e4ff963affa27a2e894bfc246da63404ab5dfcb12861",
+    "client_s_sk": "402429cb18f30b6e5e6c3c4a9fb95480d31e9490c96ec09038bad2a2bba70378",
+    "client_e_pk": "e5571e70f949d095f6f8385e0056abdf4182175d61f466a80d9ed8cbeb6da42d",
+    "client_e_sk": "68d89ca14f80c9cf0cbe905ccc3573999c5eefacde6a2373591f6316828e9c65",
+    "server_s_pk": "deafeb091131b492b8ad5af1aa10a3e95f503cc27f156daa5d612cf917b7512e",
+    "server_s_sk": "40e5d55900e9402b0bf311e604fc6574cfc1786a9024132fd617b5e1015b9d7e",
+    "server_e_pk": "40c97d16c9e95f8f7c7db8c9057afea8b3fccc06890e002ba36834e5271c3352",
+    "server_e_sk": "480173d0dc1d7cc60382fb0c3fca5814acac964ae0e4984f31d9f3aac2a62850",
+    "fake_sk": "50e9872b44d1595ab4478ce74d0e3b00666fd713ed5e1e5f172ef0bbf3014a6b",
     "credential_identifier": "637265644964656e746966696572",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "9d0ccae042dd9cf119313ba1681b32577fd3405d1d1b063cdbb4bede1782780d",
-    "oprf_seed": "432646fd0cd923ba8c94e5ef119ade9b554d74322f1dd0363b89c122139886d6e15de59bed3d1763509fb0aa7f389aad1fc94dfeaf98ca38f03d88fe072bb56f",
-    "masking_nonce": "67470c894da0aa7310fe5348bfa58aad824e21dec080afbd3d9925be73291d31c65b7b3bda7d01782d3b48c79c94b56820d005a77a92fe9a93dd72eb1432064d",
-    "envelope_nonce": "109c0d52194e20d434558b22cd5957dfc10f6123029a8215ab956ac617ce2030",
-    "client_nonce": "bfd99626a535067869df816d1896f7407b8589ef8d553422b55682b1305e1912",
-    "server_nonce": "914e71cb6641c8f34cf5bc7c1f0aa091cda4acba1ea00e4dc0f638751b0fc51f",
+    "blinding_factor": "8a6a055fcb9a6b7d2ba698bbec4099dbbc6a35766b63b16c04731399657faa05",
+    "oprf_seed": "acd7d6bb5cbc48e3a5002158e14292e10fd0bbe27084b2ff2b917e8ae4cfe6901cbcc8eaffd83229cea4895e3aefb0456f14b887bd2077a5743cce5e86304c5c",
+    "masking_nonce": "8e287233c7add7f2d3b3faa6aece0bd88274c45431d1f20302bba6f281a75c5db416d615c291a870f6b2350d872543df723d719144fd5282f853711d1430f348",
+    "envelope_nonce": "32a0ece9a749a9982968975690b8cff5853da742018ddca972f5b2a64b368558",
+    "client_nonce": "e6763553592f4f197b5411ccc02eae73f45480f2695169b07477d7fa953d384a",
+    "server_nonce": "dc3e7e45e29129c8ce05ae2bbfde44c41ab01b976724f5e1fddc432d812390d4",
     "context": "636f6e74657874",
-    "registration_request": "ea550f244163c4643ee2055f2c8d71c16de90eac9091ba7830bdaf1116f26245",
-    "registration_response": "60bddc35d89a7ddd0cac9033930c20008152fa131e1658b9540675da55b9ec2f2a5ae7873d58cae6380a31e9bb05139569b6788157fd831a86a0b24817e20e47",
-    "registration_upload": "848d316d978d6f23b9910a8c1d38ba25c3ecb932500a2fce369532dd23d4d96f786b66a08ba667941c2df7876960a888afedcb174fd3b092ee3d3d5d4cca3a09a9c814b8211cf8c76b47dcdf43a7684a04c151565a5f470b7b7ef251af4a7234f814cf6d954ce49ba9f7d08057fa0532a6f3f26015e6b840f699abb2ff6d3e61ad7b596ad41fdd9d83dce933936475d4a9942c3a02504bb2aff07b53fd21601c600eae15cb46e38609fcc42aa84402df182e3837e3e6579bd56b39dced7b2b90",
-    "credential_request": "ea550f244163c4643ee2055f2c8d71c16de90eac9091ba7830bdaf1116f26245bfd99626a535067869df816d1896f7407b8589ef8d553422b55682b1305e191239d8880879a8d2e59f79bb9e3c2764295ac555fbf55a313dfe833dbfd0492e1b",
-    "credential_response": "60bddc35d89a7ddd0cac9033930c20008152fa131e1658b9540675da55b9ec2f67470c894da0aa7310fe5348bfa58aad824e21dec080afbd3d9925be73291d311e2c7ded740a4e877a46f9ce3de36b47d8df2a6d367f5bf6969971769c031e14977c80b0229187f28920e21d81a2d35dc962eb942522ef344e6f54caaf831f452013ddb1ddb1a0ab839846d20dad7a8fb21b739f8cbe5001168bcab7b509899a5b9a0259d3c91e4b8b2316e228612086efd0bc2d3af3a3471a0a627348b6111378b4f265e4c44bde1e29235a298565e70ce9213f6e80bf17ca539cf38e801545b90d704cc69eefd36b223c3fbfa934baeacb845da2e6cc9b097d77c49a2cc6585ea732c3a6bc71b3502053627f293e5fbd30f10ced8506b71f9a371eb99d739b856325235c5633d6f138674e9774539dc3fef6dfc389cc40682ab53e7e7a4139",
-    "credential_finalization": "a399820723647257ee945cc7ebb8d4e4295d7cb5039152b226f048ffa551dba512a82bb58b5240546d4217b065cc077e5d312ad5943fac507e89136e8d86d020",
-    "client_registration_state": "9d0ccae042dd9cf119313ba1681b32577fd3405d1d1b063cdbb4bede1782780dea550f244163c4643ee2055f2c8d71c16de90eac9091ba7830bdaf1116f26245",
-    "client_login_state": "9d0ccae042dd9cf119313ba1681b32577fd3405d1d1b063cdbb4bede1782780dea550f244163c4643ee2055f2c8d71c16de90eac9091ba7830bdaf1116f26245bfd99626a535067869df816d1896f7407b8589ef8d553422b55682b1305e191239d8880879a8d2e59f79bb9e3c2764295ac555fbf55a313dfe833dbfd0492e1b20138f08d643dec02a1a7712a2dafaf2fc84b5b0b100f400dc79cc177aa04c52bfd99626a535067869df816d1896f7407b8589ef8d553422b55682b1305e1912",
-    "server_login_state": "353a2f9da6867c1092c5d76c955a9d31d38c1f2b8e36789db99fcf7d2c8b80d1550622cd4342c3115f4d3cebb08ecd06a4372fef6a694ea26afa0b6b1106a22fc32c478826167cf97c3dbf8d5ccb08cfb809c8dae83fff45dc94c626795822d5a830c8e5788dfef06981bdb6839cd2ab06a83ec28daa256f9933909d0db6528531977c21609847312aa424536b1b9ce5efeda0a27a127ab60112a8e7fafd80edf2d2b37a55fda89f696fd288fcfa4634a908a1c0daecdb85d6a9fbb894743b1b",
-    "password_file": "848d316d978d6f23b9910a8c1d38ba25c3ecb932500a2fce369532dd23d4d96f786b66a08ba667941c2df7876960a888afedcb174fd3b092ee3d3d5d4cca3a09a9c814b8211cf8c76b47dcdf43a7684a04c151565a5f470b7b7ef251af4a7234f814cf6d954ce49ba9f7d08057fa0532a6f3f26015e6b840f699abb2ff6d3e61ad7b596ad41fdd9d83dce933936475d4a9942c3a02504bb2aff07b53fd21601c600eae15cb46e38609fcc42aa84402df182e3837e3e6579bd56b39dced7b2b90",
-    "export_key": "70a22e875296165db438ad81e8c965533edcbed32268515bec41736a5472fc75c3b091a7db670798e6db6f0acc1b26b9a67e4fdee0819ed4af6b1672d8c37510",
-    "session_key": "31977c21609847312aa424536b1b9ce5efeda0a27a127ab60112a8e7fafd80edf2d2b37a55fda89f696fd288fcfa4634a908a1c0daecdb85d6a9fbb894743b1b"
+    "registration_request": "184bb0c06beba0eb813d28339db050e46b1d78ef51e0f715e246435b1f387030",
+    "registration_response": "c23d5b2943f63db89b026e555cd40be4e42679d748d6b773154b9734eb17f65ddeafeb091131b492b8ad5af1aa10a3e95f503cc27f156daa5d612cf917b7512e",
+    "registration_upload": "e44f23560d80e1ad23fcd321329069f44c7ecadbf5cd382642b9ab8d4660213ba69f7c5367f5e2662a2576b2c1c0284ba19da7de6db380081d6fb00126d69d143054ac49ac14a8a4422f72c205abee5f58917dcfb92932adbb7e1da5fa729278402429cb18f30b6e5e6c3c4a9fb95480d31e9490c96ec09038bad2a2bba7037886ea885ea9a847da454f4c1778e2d3cf693bed5995fcb60ea884675dd9acd5bbc5042fa6df3b87e7ea739fa8a9028097c5801348dba62a33b88b337030303639",
+    "credential_request": "184bb0c06beba0eb813d28339db050e46b1d78ef51e0f715e246435b1f387030e6763553592f4f197b5411ccc02eae73f45480f2695169b07477d7fa953d384ae5571e70f949d095f6f8385e0056abdf4182175d61f466a80d9ed8cbeb6da42d",
+    "credential_response": "c23d5b2943f63db89b026e555cd40be4e42679d748d6b773154b9734eb17f65d8e287233c7add7f2d3b3faa6aece0bd88274c45431d1f20302bba6f281a75c5decb46e775794d8612374cc354c24bb650bec4bae29d5ee748314a317a650176f02a606fbbd9565d62d0d82c8b989ed3c6cdca843b2c900591e661b76de3df23652ecea5aed831de1f3e68ee6a71953ada0ee5a0349f7a8469f0ea58113cc82e9a5f293cb03a74d05eb14d57ffe14b5a8dccc5b1fe8b5e31e8eec756ce7418d18480173d0dc1d7cc60382fb0c3fca5814acac964ae0e4984f31d9f3aac2a62850976c2d5a50e59e96708446af04c477438782bd8ab1be69ed331deb0f17a24c1ee2bdc5fedb0ecd1c2a842ace5d81b4ed0e93c89d883e7b8c59a3a3ca5f9c868eadb3d9835e09fd6bbbb45d91543c061cde3e3d94df2cc61f80993946065bc032",
+    "credential_finalization": "45929de91f8996598dbe7c65db1f445a62510e8a27ddcef0ae1bcb033f4b74d03f4beb4f83f46602a20152adf0aad3afa465d5b2346f31be62bcc9adac4b5aab",
+    "client_registration_state": "8a6a055fcb9a6b7d2ba698bbec4099dbbc6a35766b63b16c04731399657faa05184bb0c06beba0eb813d28339db050e46b1d78ef51e0f715e246435b1f387030",
+    "client_login_state": "8a6a055fcb9a6b7d2ba698bbec4099dbbc6a35766b63b16c04731399657faa05184bb0c06beba0eb813d28339db050e46b1d78ef51e0f715e246435b1f387030e6763553592f4f197b5411ccc02eae73f45480f2695169b07477d7fa953d384ae5571e70f949d095f6f8385e0056abdf4182175d61f466a80d9ed8cbeb6da42d68d89ca14f80c9cf0cbe905ccc3573999c5eefacde6a2373591f6316828e9c65e6763553592f4f197b5411ccc02eae73f45480f2695169b07477d7fa953d384a",
+    "server_login_state": "56f1f25910e0eca4e3d2d604b9cf8d3878138b4d89ef4966ae001cb5847f658f81850a6ee1aad03cf3864fa652ca9a7b04f02669d5a3e46f49641b8f188af27c06540e830a2f68264f3c7cb533f623b3fbef2ba87777f6909c20c42e911f26c92abdf474b4b1c9d591864a59b508a820b53ba819a0b14189e28b94302707cfe4164a6e3ec2dcba09aa66b70ee18c83ebbc9338aa0092d130051ad98a4bb931dd7bbc6ec93018ee8087435ac9f7171bb1b1b9fe022170963e39681129e2fe104b",
+    "password_file": "e44f23560d80e1ad23fcd321329069f44c7ecadbf5cd382642b9ab8d4660213ba69f7c5367f5e2662a2576b2c1c0284ba19da7de6db380081d6fb00126d69d143054ac49ac14a8a4422f72c205abee5f58917dcfb92932adbb7e1da5fa729278402429cb18f30b6e5e6c3c4a9fb95480d31e9490c96ec09038bad2a2bba7037886ea885ea9a847da454f4c1778e2d3cf693bed5995fcb60ea884675dd9acd5bbc5042fa6df3b87e7ea739fa8a9028097c5801348dba62a33b88b337030303639",
+    "export_key": "931b2394c380c1ae3a7e9cedaa9fc438fbc19e920fe74965813a7d4ee2c5cec8c13b144c826b259dd67a2507b3cf2e84f95d8e52dc2111050e7a91ee9d72be99",
+    "session_key": "164a6e3ec2dcba09aa66b70ee18c83ebbc9338aa0092d130051ad98a4bb931dd7bbc6ec93018ee8087435ac9f7171bb1b1b9fe022170963e39681129e2fe104b"
 }
 "#;
 
@@ -879,11 +879,11 @@ where
     let mut rng = OsRng;
 
     // Inputs
-    let server_s_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
-    let server_e_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
-    let client_s_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
-    let client_e_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
-    let fake_kp = KeyPair::<CS::KeGroup>::generate_random(&mut rng);
+    let server_s_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
+    let server_e_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
+    let client_s_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
+    let client_e_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
+    let fake_kp = KeyPair::<CS::KeGroup>::generate_random::<CS::OprfCs, _>(&mut rng);
     let credential_identifier = b"credIdentifier";
     let id_u = b"idU";
     let id_s = b"idS";
diff --git a/src/tests/opaque_vectors.rs b/src/tests/opaque_vectors.rs
index 3a0668d6..d02347e3 100644
--- a/src/tests/opaque_vectors.rs
+++ b/src/tests/opaque_vectors.rs
@@ -6,8 +6,8 @@
 // of this source tree. You may select, at your option, one of the above-listed
 // licenses.
 
-//! The OPAQUE test vectors taken from https://github.com/cfrg/draft-irtf-cfrg-opaque/blob/master/draft-irtf-cfrg-opaque.md,
-//! which are presented in https://www.ietf.org/archive/id/draft-irtf-cfrg-opaque-08.txt
+//! The OPAQUE test vectors taken from
+//! https://github.com/cfrg/draft-irtf-cfrg-opaque/blob/727b9acb908dce296e15bc14a53a7d04ba9604d0/poc/vectors/formatted.txt
 
 pub(crate) static VECTORS: &str = r#"
 ## Real Test Vectors {#real-vectors}
@@ -52,14 +52,10 @@ server_nonce: 71cd9960ecef2fe0d0f7494986fa3d8b2bb01963537e60efb13981e
 138e3d4a1
 client_nonce: da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb38
 0cae6a6cc
-server_public_keyshare: c8c39f573135474c51660b02425bca633e339cec4e1ac
-c69c94dd48497fe4028
-client_public_keyshare: 0c3a00c961fead8a16f818929cc976f0475e4f7235193
-18b96f4947a7a5f9663
-server_private_keyshare: 2e842960258a95e28bcfef489cffd19d8ec99cc1375d
-840f96936da7dbb0b40d
-client_private_keyshare: 22c919134c9bdd9dc0c5ef3450f18b54820f43f646a9
-5223bf4a85b2018c2001
+client_keyshare_seed: 82850a697b42a505f5b68fcdafce8c31f0af2b581f063cf
+1091933541936304b
+server_keyshare_seed: 05a4f54206eef1ba2f615bc0aa285cb22f26d1153b5b40a
+1e85ff80da12f982f
 blind_registration: 76cfbfe758db884bebb33582331ba9f159720ca8784a2a070
 a265d9c2d6abe01
 blind_login: 6ecc102d2e7a7cf49617aad7bbe188556792d4acd60a1a8a8d2b65d4
@@ -69,25 +65,25 @@ b0790308
 #### Intermediate Values
 
 ~~~
-client_public_key: 2ec892bdbf9b3e2ea834be9eb11f5d187e64ba661ec041c0a3
-b66db8b7d6cc30
+client_public_key: 76a845464c68a5d2f7e442436bb1424953b17d3e2e289ccbac
+cafb57ac5c3675
 auth_key: 6cd32316f18d72a9a927a83199fa030663a38ce0c11fbaef82aa9003773
 0494fc555c4d49506284516edd1628c27965b7555a4ebfed2223199f6c67966dde822
 randomized_password: aac48c25ab036e30750839d31d6e73007344cb1155289fb7
 d329beb932e9adeea73d5d5c22a0ce1952f8aba6d66007615cd1698d4ac85ef1fcf15
 0031d1435d9
 envelope: ac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a3
-8dfecb9dbe7d48cf714fc3533becab6faf60b783c94d258477eb74ecc453413bf61c5
-3fd58f0fb3c1175410b674c02e1b59b2d729a865b709db3dc4ee2bb45703d5a8
-handshake_secret: 562564da0d4efdc73cb6efbb454388dabfa5052d4e7e83f4d02
-40c5afd8352881e762755c2f1a9110e36b05fe770f0f48658489c9730dcd365e6c2d4
-049c8fe3
-server_mac_key: 59473632c53a647f9f4ab4d6c3b81e241dd9cb19ca05f0eabed7e
-593f0407ff57e7f060621e5e48d5291be600a1959fbecbc26d4a7157bd227a993c37b
-645f73
-client_mac_key: f2d019bad603b45b2ac50376279a0a37d097723b5405aa4fb20a5
-9f60cdbdd52ec043372cedcdbbdb634c54483e1be51a88d13a5798180acb84c10b129
-7069fd
+8dfec634b0f5b96109c198a8027da51854c35bee90d1e1c781806d07d49b76de6a28b
+8d9e9b6c93b9f8b64d16dddd9c5bfb5fea48ee8fd2f75012a8b308605cdd8ba5
+handshake_secret: 7032215dfe771d18168271a8dd8c220098f6cfa6e63ccec7770
+61f6e6b74acee646d655454ee28e1a089c2bcdf0659999d2b60782290b2a5a067d663
+09ea1e46
+server_mac_key: 4d9c9d82092b7a932d8ab42a9acfc7e08ce84c94eaa309c32321d
+f90c5f93b093bdd8df15f573ec4d8952a1616d15127e270d97f9c638a6613187966e2
+fa031a
+client_mac_key: 7ee640a0a860b1751d67f5994a3db290a0afd928434d65c166f34
+c73a245a7ab75d8ba15683f0701034f87d5c047f5082e138880fb37bec387c4863ba9
+1c9750
 oprf_key: 5d4c6a8b7c7138182afb4345d1fae6a9f18a1744afbcc3854f8f5a2b4b4
 c6d05
 ~~~
@@ -100,33 +96,33 @@ registration_request: 5059ff249eb1551b7ce4991f3336205bde44a105a032e74
 registration_response: 7408a268083e03abc7097fc05b587834539065e86fb0c7
 b6342fcf5e01e5b019b2fe7af9f48cc502d016729d2fe25cdd433f2c4bc904660b2a3
 82c9b79df1a78
-registration_upload: 2ec892bdbf9b3e2ea834be9eb11f5d187e64ba661ec041c0
-a3b66db8b7d6cc301ac5844383c7708077dea41cbefe2fa15724f449e535dd7dd562e
+registration_upload: 76a845464c68a5d2f7e442436bb1424953b17d3e2e289ccb
+accafb57ac5c36751ac5844383c7708077dea41cbefe2fa15724f449e535dd7dd562e
 66f5ecfb95864eadddec9db5874959905117dad40a4524111849799281fefe3c51fa8
 2785c5ac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a38dfe
-cb9dbe7d48cf714fc3533becab6faf60b783c94d258477eb74ecc453413bf61c53fd5
-8f0fb3c1175410b674c02e1b59b2d729a865b709db3dc4ee2bb45703d5a8
+c634b0f5b96109c198a8027da51854c35bee90d1e1c781806d07d49b76de6a28b8d9e
+9b6c93b9f8b64d16dddd9c5bfb5fea48ee8fd2f75012a8b308605cdd8ba5
 KE1: c4dedb0ba6ed5d965d6f250fbe554cd45cba5dfcce3ce836e4aee778aa3cd44d
-da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb380cae6a6cc0c3a0
-0c961fead8a16f818929cc976f0475e4f723519318b96f4947a7a5f9663
+da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb380cae6a6cc6e29b
+ee50701498605b2c085d7b241ca15ba5c32027dd21ba420b94ce60da326
 KE2: 7e308140890bcde30cbcea28b01ea1ecfbd077cff62c4def8efa075aabcbb471
 38fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6dd6ec6
 0bcdb26dc455ddf3e718f1020490c192d70dfc7e403981179d8073d1146a4f9aa1ced
-4e4cd984c657eb3b54ced3848326f70331953d91b02535af44d9fe0610f003be80cb2
-098357928c8ea17bb065af33095f39d4e0b53b1687f02d522d96bad4ca354293d5c40
-1177ccbd302cf565b96c327f71bc9eaf2890675d2fbb71cd9960ecef2fe0d0f749498
-6fa3d8b2bb01963537e60efb13981e138e3d4a1c8c39f573135474c51660b02425bca
-633e339cec4e1acc69c94dd48497fe40287f33611c2cf0eef57adbf48942737d9421e
-6b20e4b9d6e391d4168bf4bf96ea57aa42ad41c977605e027a9ef706a349f4b2919fe
-3562c8e86c4eeecf2f9457d4
-KE3: df9a13cd256091f90f0fcb2ef6b3411e4aebff07bb0813299c0ec7f5dedd33a7
-681231a001a82f1dece1777921f42abfeee551ee34392e1c9743c5cc1dc1ef8c
+4e4cd984c657eb3b54ced3848326f70331953d91b02535af44d9fedc80188ca46743c
+52786e0382f95ad85c08f6afcd1ccfbff95e2bdeb015b166c6b20b92f832cc6df01e0
+b86a7efd92c1c804ff865781fa93f2f20b446c8371b671cd9960ecef2fe0d0f749498
+6fa3d8b2bb01963537e60efb13981e138e3d4a1c4f62198a9d6fa9170c42c3c71f197
+1b29eb1d5d0bd733e40816c91f7912cc4aa47faa9314446793501f622f63a84db1bf5
+b346d13f48d2f1a93902475e625fac1d0dea3ad473c0db2de94098b7142c5099758f8
+568c98495d409b5a601b3e59
+KE3: 2a5e2036d390f4c79e6d5a15ffa8ede52b8da7ff07b9a016a201f22f3420aaa3
+3326ba6fe19b947f23cfbb8a2534b488cca31e35a2521e1ab7a49e299c82a07b
 export_key: 1ef15b4fa99e8a852412450ab78713aad30d21fa6966c9b8c9fb3262a
 970dc62950d4dd4ed62598229b1b72794fc0335199d9f7fcc6eaedde92cc04870e63f
 16
-session_key: 8a0f9f4928fc0c3b5bb261c4b7b3997600405424a8128632e85a5667
-b4b742484ed791933971be6d3fcf2b23c56b8e8f7e7edcae19a03b8fd87f5999fce12
-9d2
+session_key: db06b9d5d2c6034db948f58da84a6c5bdeaab7037adc338d7fada357
+3c5dbcfe649c4f172615f97f63da944bee601abb69121203f0bf56cb7742efdd1afbb
+21a
 ~~~
 
 ### OPAQUE-3DH Real Test Vector 2
@@ -171,14 +167,10 @@ server_nonce: 71cd9960ecef2fe0d0f7494986fa3d8b2bb01963537e60efb13981e
 138e3d4a1
 client_nonce: da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb38
 0cae6a6cc
-server_public_keyshare: c8c39f573135474c51660b02425bca633e339cec4e1ac
-c69c94dd48497fe4028
-client_public_keyshare: 0c3a00c961fead8a16f818929cc976f0475e4f7235193
-18b96f4947a7a5f9663
-server_private_keyshare: 2e842960258a95e28bcfef489cffd19d8ec99cc1375d
-840f96936da7dbb0b40d
-client_private_keyshare: 22c919134c9bdd9dc0c5ef3450f18b54820f43f646a9
-5223bf4a85b2018c2001
+client_keyshare_seed: 82850a697b42a505f5b68fcdafce8c31f0af2b581f063cf
+1091933541936304b
+server_keyshare_seed: 05a4f54206eef1ba2f615bc0aa285cb22f26d1153b5b40a
+1e85ff80da12f982f
 blind_registration: 76cfbfe758db884bebb33582331ba9f159720ca8784a2a070
 a265d9c2d6abe01
 blind_login: 6ecc102d2e7a7cf49617aad7bbe188556792d4acd60a1a8a8d2b65d4
@@ -188,8 +180,8 @@ b0790308
 #### Intermediate Values
 
 ~~~
-client_public_key: 2ec892bdbf9b3e2ea834be9eb11f5d187e64ba661ec041c0a3
-b66db8b7d6cc30
+client_public_key: 76a845464c68a5d2f7e442436bb1424953b17d3e2e289ccbac
+cafb57ac5c3675
 auth_key: 6cd32316f18d72a9a927a83199fa030663a38ce0c11fbaef82aa9003773
 0494fc555c4d49506284516edd1628c27965b7555a4ebfed2223199f6c67966dde822
 randomized_password: aac48c25ab036e30750839d31d6e73007344cb1155289fb7
@@ -198,15 +190,15 @@ d329beb932e9adeea73d5d5c22a0ce1952f8aba6d66007615cd1698d4ac85ef1fcf15
 envelope: ac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a3
 8dfec1ac902dc5589e9a5f0de56ad685ea8486210ef41449cd4d8712828913c5d2b68
 0b2b3af4a26c765cff329bfb66d38ecf1d6cfa9e7a73c222c6efe0d9520f7d7c
-handshake_secret: bc2abaa979af9cbb6859856b7d5d201a038fbdfa7e10f11d131
-d3f8f6fc3b263bde4db6d2d9207d4648ff80415a276d5f157f9d37a3eade559db2e5f
-3fa026b2
-server_mac_key: 2420461c589866700b08c8818cbf390c872629a14cf32a264dad3
-375f85f33188c8f04bdb71880b2d4613187a0e416808ab62b45858b88319882602371
-ef5f75
-client_mac_key: 156e4ab0b9f71ef994bbbb73928e6d14d7335cf9561f113d61ac6
-b41fab35f9c72fe827d3c4d7dd91d8398ee619810e4f9286e6b32f329eb6b1476ce18
-fa8500
+handshake_secret: ce0bce1d698443e07b85551d38654ddf2d9fa3791cab39c0ceb
+84a87408d3189da191d5f28d994178c794a363c8b2431d66de8e6d048bf1afc09588a
+1790017d
+server_mac_key: 87212e945d15bd1ff230240795a0b09e1e1d42d7ce8b78fbe4bf5
+6a60288ed64d8cd9e13a27537d3d06323fee990d994653809466a47b0786885f933c6
+9f1c68
+client_mac_key: c0f37b7c91f2d16b5466e55d27dbdf1f6727c2ee830b1bcd03cf4
+7c4fc3b5520a166a0a21e9f12a4880555272153c77b97b3e534c327aea1b60e8b5d18
+a14b9a
 oprf_key: 5d4c6a8b7c7138182afb4345d1fae6a9f18a1744afbcc3854f8f5a2b4b4
 c6d05
 ~~~
@@ -219,33 +211,33 @@ registration_request: 5059ff249eb1551b7ce4991f3336205bde44a105a032e74
 registration_response: 7408a268083e03abc7097fc05b587834539065e86fb0c7
 b6342fcf5e01e5b019b2fe7af9f48cc502d016729d2fe25cdd433f2c4bc904660b2a3
 82c9b79df1a78
-registration_upload: 2ec892bdbf9b3e2ea834be9eb11f5d187e64ba661ec041c0
-a3b66db8b7d6cc301ac5844383c7708077dea41cbefe2fa15724f449e535dd7dd562e
+registration_upload: 76a845464c68a5d2f7e442436bb1424953b17d3e2e289ccb
+accafb57ac5c36751ac5844383c7708077dea41cbefe2fa15724f449e535dd7dd562e
 66f5ecfb95864eadddec9db5874959905117dad40a4524111849799281fefe3c51fa8
 2785c5ac13171b2f17bc2c74997f0fce1e1f35bec6b91fe2e12dbd323d23ba7a38dfe
 c1ac902dc5589e9a5f0de56ad685ea8486210ef41449cd4d8712828913c5d2b680b2b
 3af4a26c765cff329bfb66d38ecf1d6cfa9e7a73c222c6efe0d9520f7d7c
 KE1: c4dedb0ba6ed5d965d6f250fbe554cd45cba5dfcce3ce836e4aee778aa3cd44d
-da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb380cae6a6cc0c3a0
-0c961fead8a16f818929cc976f0475e4f723519318b96f4947a7a5f9663
+da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb380cae6a6cc6e29b
+ee50701498605b2c085d7b241ca15ba5c32027dd21ba420b94ce60da326
 KE2: 7e308140890bcde30cbcea28b01ea1ecfbd077cff62c4def8efa075aabcbb471
 38fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6dd6ec6
 0bcdb26dc455ddf3e718f1020490c192d70dfc7e403981179d8073d1146a4f9aa1ced
 4e4cd984c657eb3b54ced3848326f70331953d91b02535af44d9fea502150b67fe367
 95dd8914f164e49f81c7688a38928372134b7dccd50e09f8fed9518b7b2f94835b3c4
 fe4c8475e7513f20eb97ff0568a39caee3fd6251876f71cd9960ecef2fe0d0f749498
-6fa3d8b2bb01963537e60efb13981e138e3d4a1c8c39f573135474c51660b02425bca
-633e339cec4e1acc69c94dd48497fe4028c463164503598ea84fab9005b9cd51b7bb3
-206fb22a412e8a86b9cb6ffca18f5ea6b4c24fdc94865e8bf74248e6be15b85b16041
-40ffad2175f9518452d381af
-KE3: a86ece659d90525e2476aa1756d313b067581cb7b0643b97be6b8ab8d0f10843
-57e514ecfaff9dc18f6cca37da630545f0048393f16bc175eb819653ebc45b60
+6fa3d8b2bb01963537e60efb13981e138e3d4a1c4f62198a9d6fa9170c42c3c71f197
+1b29eb1d5d0bd733e40816c91f7912cc4a376718206a20e4941b5423a1fb1603b8452
+d3a2071b37132c9f9324b1cf160e10d40469f54d5f1c4a25f1ed1bb74dd5b87b27ae3
+9a8b53e22382f2e45f156d74
+KE3: d015536b2ecafb1a87f6ed057982cf73e75ec56a774549f672d59c0c4b7e3762
+e0c6d8a2382ae855c8ef5240bbe1e404b8c455c03dc1a716d459f67828f0574f
 export_key: 1ef15b4fa99e8a852412450ab78713aad30d21fa6966c9b8c9fb3262a
 970dc62950d4dd4ed62598229b1b72794fc0335199d9f7fcc6eaedde92cc04870e63f
 16
-session_key: 0968e91efeb702d6aa09023a9a79803332d8bd3442a79b8ad09490b9
-267161013bf475bed945238a5e976ef7d7de7ff41ae30439fe2fc39758fb3e56f2683
-e60
+session_key: 494a13c9d02c5af791ce743e8c08abd0be287e4ddd32a1dcc93072a6
+3b4109d67ae53fa3ae2d1333501a40dfbab630235688f3b000828f7084e5f4a6b3a10
+48d
 ~~~
 
 ### OPAQUE-3DH Real Test Vector 3
@@ -288,14 +280,10 @@ server_nonce: 71cd9960ecef2fe0d0f7494986fa3d8b2bb01963537e60efb13981e
 138e3d4a1
 client_nonce: da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb38
 0cae6a6cc
-server_public_keyshare: 41f55f0bef355cfb34ccd468fdacad75865ee7efef95f
-4cb6c25d477f7205026
-client_public_keyshare: 10a83b9117d3798cb2957fbdb0268a0d63dbf9d66bde5
-c00c78affd80026c911
-server_private_keyshare: 00a4f54206eef1ba2f615bc0aa285cb22f26d1153b5b
-40a1e85ff80da12f986f
-client_private_keyshare: 80850a697b42a505f5b68fcdafce8c31f0af2b581f06
-3cf1091933541936304b
+client_keyshare_seed: 82850a697b42a505f5b68fcdafce8c31f0af2b581f063cf
+1091933541936304b
+server_keyshare_seed: 05a4f54206eef1ba2f615bc0aa285cb22f26d1153b5b40a
+1e85ff80da12f982f
 blind_registration: c575731ffe1cb0ca5ba63b42c4699767b8b9ab78ba39316ee
 04baddb2034a70a
 blind_login: 6ecc102d2e7a7cf49617aad7bbe188556792d4acd60a1a8a8d2b65d4
@@ -407,14 +395,10 @@ server_nonce: 71cd9960ecef2fe0d0f7494986fa3d8b2bb01963537e60efb13981e
 138e3d4a1
 client_nonce: da7e07376d6d6f034cfa9bb537d11b8c6b4238c334333d1f0aebb38
 0cae6a6cc
-server_public_keyshare: 41f55f0bef355cfb34ccd468fdacad75865ee7efef95f
-4cb6c25d477f7205026
-client_public_keyshare: 10a83b9117d3798cb2957fbdb0268a0d63dbf9d66bde5
-c00c78affd80026c911
-server_private_keyshare: 00a4f54206eef1ba2f615bc0aa285cb22f26d1153b5b
-40a1e85ff80da12f986f
-client_private_keyshare: 80850a697b42a505f5b68fcdafce8c31f0af2b581f06
-3cf1091933541936304b
+client_keyshare_seed: 82850a697b42a505f5b68fcdafce8c31f0af2b581f063cf
+1091933541936304b
+server_keyshare_seed: 05a4f54206eef1ba2f615bc0aa285cb22f26d1153b5b40a
+1e85ff80da12f982f
 blind_registration: c575731ffe1cb0ca5ba63b42c4699767b8b9ab78ba39316ee
 04baddb2034a70a
 blind_login: 6ecc102d2e7a7cf49617aad7bbe188556792d4acd60a1a8a8d2b65d4
@@ -523,14 +507,10 @@ server_nonce: 71cd9960ecef2fe0d0f7494986fa3d8b2bb01963537e60efb13981e
 138e3d4a1
 client_nonce: ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f
 91fdaeeb1
-server_public_keyshare: 020e67941e94deba835214421d2d8c90de9b0f7f925d1
-1e2032ce19b1832ae8e0f
-client_public_keyshare: 03493f36ca12467d1f5eaaabea67ca31377c4869c1e9a
-62346b6f01a991624b95d
-server_private_keyshare: 9addab838c920fa7044f3a46b91ecaea24b0e7203992
-8ee7d4c37a5b9bc17349
-client_private_keyshare: 89d5a7e18567f255748a86beac13913df755a5adf776
-d69e143147b545d22134
+client_keyshare_seed: 633b875d74d1556d2a2789309972b06db21dfcc4f5ad51d
+7e74d783b7cfab8dc
+server_keyshare_seed: 05a4f54206eef1ba2f615bc0aa285cb22f26d1153b5b40a
+1e85ff80da12f982f
 blind_registration: 411bf1a62d119afe30df682b91a0a33d777972d4f2daa4b34
 ca527d597078153
 blind_login: c497fddf6056d241e6cf9fb7ac37c384f49b357a221eb0a802c989b9
@@ -540,20 +520,20 @@ blind_login: c497fddf6056d241e6cf9fb7ac37c384f49b357a221eb0a802c989b9
 #### Intermediate Values
 
 ~~~
-client_public_key: 02dc91b178ba2c4bbf9b9403fca25457b906a7f507e59b6e70
-3031e09114ba2be0
+client_public_key: 03b218507d978c3db570ca994aaf36695a731ddb2db272c817
+f79746fc37ae5214
 auth_key: 5bd4be1602516092dc5078f8d699f5721dc1720a49fb80d8e5c16377abd
 0987b
 randomized_password: 06be0a1a51d56557a3adad57ba29c5510565dcd8b5078fa3
 19151b9382258fb0
 envelope: a921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6567
-0e51fe155412cb432898eda63529c3b2633521f770cccbd25d7548a4e20665a45e65a
-handshake_secret: c59197dd9269abfdb3037ea1c203a97627e2c0aa142000d1c3f
-06a2c8713077d
-server_mac_key: a431a5c1d3cb5772cbc66af0c2851e23dd9ad153a0c8b99081c7d
-0d543173fde
-client_mac_key: 7329ffd54df21db5532fce8794fca78b505fef9397aad28a424f6
-ea3f97c51ca
+0e51fad30bbcfc1f8eda0211553ab9aaf26345ad59a128e80188f035fe4924fad67b8
+handshake_secret: 12f661f08a195208b2558d6c4c9fff5527a6af971087ce9eca8
+00a77ca9c277a
+server_mac_key: e07959284f64abd523651d0619d67cd5e026081671400af6282ff
+bff85949d93
+client_mac_key: d6672fd556c0811391bb48177255341979bfd0418c15169a62cb4
+f18a40a37d6
 oprf_key: 2dfb5cb9aa1476093be74ca0d43e5b02862a05f5d6972614d7433acdc66
 f7f31
 ~~~
@@ -566,27 +546,27 @@ registration_request: 029e949a29cfa0bf7c1287333d2fb3dc586c41aa652f507
 registration_response: 0350d3694c00978f00a5ce7cd08a00547e4ab5fb5fc2b2
 f6717cdaa6c89136efef035f40ff9cf88aa1f5cd4fe5fd3da9ea65a4923a5594f84fd
 9f2092d6067784874
-registration_upload: 02dc91b178ba2c4bbf9b9403fca25457b906a7f507e59b6e
-703031e09114ba2be07f0ed53532d3ae8e505ecc70d42d2b814b6b0e48156def71ea0
+registration_upload: 03b218507d978c3db570ca994aaf36695a731ddb2db272c8
+17f79746fc37ae52147f0ed53532d3ae8e505ecc70d42d2b814b6b0e48156def71ea0
 29148b2803aafa921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6
-5670e51fe155412cb432898eda63529c3b2633521f770cccbd25d7548a4e20665a45e
-65a
+5670e51fad30bbcfc1f8eda0211553ab9aaf26345ad59a128e80188f035fe4924fad6
+7b8
 KE1: 037342f0bcb3ecea754c1e67576c86aa90c1de3875f390ad599a26686cdfee6e
-07ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f91fdaeeb1034
-93f36ca12467d1f5eaaabea67ca31377c4869c1e9a62346b6f01a991624b95d
+07ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f91fdaeeb1022
+ed3f32f318f81bab80da321fecab3cd9b6eea11a95666dfa6beeaab321280b6
 KE2: 0246da9fe4d41d5ba69faa6c509a1d5bafd49a48615a47a8dd4b0823cc147648
 1138fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6d2f0
 c547f70deaeca54d878c14c1aa5e1ab405dec833777132eea905c2fbb12504a67dcbe
-0e66740c76b62c13b04a38a77926e19072953319ec65e41f9bfd2ae2687bd3348bfe3
-3cb0bb9864fdb3b307f7dd68a17f3f150074a0bfc830ab889717d71cd9960ecef2fe0
-d0f7494986fa3d8b2bb01963537e60efb13981e138e3d4a1020e67941e94deba83521
-4421d2d8c90de9b0f7f925d11e2032ce19b1832ae8e0fb5166145361a2c344d9737dd
-5c826fede3bbfafa418ad379ce4fa65fbb15db6e
-KE3: 272d04758b2b436bf0239ba7b9bd0a1686a9b6542ceaaf08732054beda956498
+0e66740c76b62c13b04a38a77926e19072953319ec65e41f9bfd2ae26837b6ce688bf
+9af2542f04eec9ab96a1b9328812dc2f5c89182ed47fead61f09f71cd9960ecef2fe0
+d0f7494986fa3d8b2bb01963537e60efb13981e138e3d4a103c1701353219b53acf33
+7bf6456a83cefed8f563f1040b65afbf3b65d3bc9a19b037d9b23fea94aa69aff597a
+63f2e8109064925589923667840390535d331279
+KE3: c1252b9a0af176f5878b8f9b55934c2463ee7226d2b7d97cadfb901ca4a55b8f
 export_key: c3c9a1b0e33ac84dd83d0b7e8af6794e17e7a3caadff289fbd9dc769a
 853c64b
-session_key: a224790a010afc0a3f37e23c1b7a5cb7f9e73e3d9a924116510d97d8
-0e2a1e0c
+session_key: 1fc4d7b0d75bb02c36a9b10b563671967e27283c9fe0082fa16cfa94
+a12151b2
 ~~~
 
 ### OPAQUE-3DH Real Test Vector 6
@@ -630,14 +610,10 @@ server_nonce: 71cd9960ecef2fe0d0f7494986fa3d8b2bb01963537e60efb13981e
 138e3d4a1
 client_nonce: ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f
 91fdaeeb1
-server_public_keyshare: 020e67941e94deba835214421d2d8c90de9b0f7f925d1
-1e2032ce19b1832ae8e0f
-client_public_keyshare: 03493f36ca12467d1f5eaaabea67ca31377c4869c1e9a
-62346b6f01a991624b95d
-server_private_keyshare: 9addab838c920fa7044f3a46b91ecaea24b0e7203992
-8ee7d4c37a5b9bc17349
-client_private_keyshare: 89d5a7e18567f255748a86beac13913df755a5adf776
-d69e143147b545d22134
+client_keyshare_seed: 633b875d74d1556d2a2789309972b06db21dfcc4f5ad51d
+7e74d783b7cfab8dc
+server_keyshare_seed: 05a4f54206eef1ba2f615bc0aa285cb22f26d1153b5b40a
+1e85ff80da12f982f
 blind_registration: 411bf1a62d119afe30df682b91a0a33d777972d4f2daa4b34
 ca527d597078153
 blind_login: c497fddf6056d241e6cf9fb7ac37c384f49b357a221eb0a802c989b9
@@ -647,20 +623,20 @@ blind_login: c497fddf6056d241e6cf9fb7ac37c384f49b357a221eb0a802c989b9
 #### Intermediate Values
 
 ~~~
-client_public_key: 02dc91b178ba2c4bbf9b9403fca25457b906a7f507e59b6e70
-3031e09114ba2be0
+client_public_key: 03b218507d978c3db570ca994aaf36695a731ddb2db272c817
+f79746fc37ae5214
 auth_key: 5bd4be1602516092dc5078f8d699f5721dc1720a49fb80d8e5c16377abd
 0987b
 randomized_password: 06be0a1a51d56557a3adad57ba29c5510565dcd8b5078fa3
 19151b9382258fb0
 envelope: a921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6567
 0e51f4d7773a36a208a866301dbb2858e40dc5638017527cf91aef32d3848eebe0971
-handshake_secret: 0ee4a82c4a34992f72bfbcb5d2ce64044477dfe200b9d8c92bf
-1759b219b3485
-server_mac_key: 77ebd7511216a51e9c2f3368ce6c1e40513f24b6f42085ef18e7f
-737b427aab5
-client_mac_key: e48e2064cf570dbd18eb42550d4459c58ac4ae4e28881d1aefbab
-d668f7f1df9
+handshake_secret: 1546f3fb57232805f5d44afd97ade62d104f976261f631b5734
+04b80fcac744f
+server_mac_key: 04142fcb444d419a62fcdb5624dc3e31888146bcf4ab980f77445
+cf43d4e61ae
+client_mac_key: a93654bfe439ea07a85a944d650148cd0794d76341a74c8409f9c
+01e7a91c2d3
 oprf_key: 2dfb5cb9aa1476093be74ca0d43e5b02862a05f5d6972614d7433acdc66
 f7f31
 ~~~
@@ -673,27 +649,27 @@ registration_request: 029e949a29cfa0bf7c1287333d2fb3dc586c41aa652f507
 registration_response: 0350d3694c00978f00a5ce7cd08a00547e4ab5fb5fc2b2
 f6717cdaa6c89136efef035f40ff9cf88aa1f5cd4fe5fd3da9ea65a4923a5594f84fd
 9f2092d6067784874
-registration_upload: 02dc91b178ba2c4bbf9b9403fca25457b906a7f507e59b6e
-703031e09114ba2be07f0ed53532d3ae8e505ecc70d42d2b814b6b0e48156def71ea0
+registration_upload: 03b218507d978c3db570ca994aaf36695a731ddb2db272c8
+17f79746fc37ae52147f0ed53532d3ae8e505ecc70d42d2b814b6b0e48156def71ea0
 29148b2803aafa921f2a014513bd8a90e477a629794e89fec12d12206dde662ebdcf6
 5670e51f4d7773a36a208a866301dbb2858e40dc5638017527cf91aef32d3848eebe0
 971
 KE1: 037342f0bcb3ecea754c1e67576c86aa90c1de3875f390ad599a26686cdfee6e
-07ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f91fdaeeb1034
-93f36ca12467d1f5eaaabea67ca31377c4869c1e9a62346b6f01a991624b95d
+07ab3d33bde0e93eda72392346a7a73051110674bbf6b1b7ffab8be4f91fdaeeb1022
+ed3f32f318f81bab80da321fecab3cd9b6eea11a95666dfa6beeaab321280b6
 KE2: 0246da9fe4d41d5ba69faa6c509a1d5bafd49a48615a47a8dd4b0823cc147648
 1138fe59af0df2c79f57b8780278f5ae47355fe1f817119041951c80f612fdfc6d2f0
 c547f70deaeca54d878c14c1aa5e1ab405dec833777132eea905c2fbb12504a67dcbe
 0e66740c76b62c13b04a38a77926e19072953319ec65e41f9bfd2ae268d7f10604202
 1c80300e4c6f585980cf39fc51a4a6bba41b0729f9b240c729e5671cd9960ecef2fe0
-d0f7494986fa3d8b2bb01963537e60efb13981e138e3d4a1020e67941e94deba83521
-4421d2d8c90de9b0f7f925d11e2032ce19b1832ae8e0fdca637d2a5390f4c809a67b4
-6977c536fe9f643f703178a17a413d14e4bb523c
-KE3: 298cd0077d018f122bc95d706e5fef06537814c567f08d5e40b0c0ae918f9287
+d0f7494986fa3d8b2bb01963537e60efb13981e138e3d4a103c1701353219b53acf33
+7bf6456a83cefed8f563f1040b65afbf3b65d3bc9a19b606ebbf63c85a49acaa94b61
+b9c5ad3d1c8368f5e73635df42c386d9dcb77c77
+KE3: 690ab24fe2cb5889bc42426cce3445ee425fbd2f368c95aac23dfbee9729c788
 export_key: c3c9a1b0e33ac84dd83d0b7e8af6794e17e7a3caadff289fbd9dc769a
 853c64b
-session_key: 0c59872e9bcdde274f4f52f6ba0fd1acca211d6eb7db98677b457a73
-9ef1f0d8
+session_key: a2f482abd58500c560d0f4dbd6c6e55d573cfb350ade0a016f079dfe
+e5f42657
 ~~~
 
 ## Fake Test Vectors {#fake-vectors}
@@ -739,16 +715,16 @@ server_public_key: 825f832667480f08b0c9069da5083ac4d0e9ee31b49c4e0310
 031fea04d52966
 server_nonce: 1e10f6eeab2a7a420bf09da9b27a4639645622c46358de9cf7ae813
 055ae2d12
-server_public_keyshare: 5236e2e06d49f0b496db2a786f6ee1016f15b4fd6c0db
-d95d6b117055d914157
-server_private_keyshare: 6d8fba9741a357584770f85294430bce2252fe212a8a
-372152a73c7ffe414503
+client_keyshare_seed: a270dc715dc2b4612bc7864312a05c3e9788ee1bad1f276
+d1e15bdeb4c355e94
+server_keyshare_seed: 360b0937f47d45f6123a4d8f0d0c0814b6120d840ebb8bc
+5b4f6b62df07f78c2
 masking_key: 39ebd51f0e39a07a1c2d2431995b0399bca9996c5d10014d6ebab445
 3dc10ce5cef38ed3df6e56bfff40c2d8dd4671c2b4cf63c3d54860f31fe40220d690b
 b71
 KE1: b0a26dcaca2230b8f5e4b1bcab9c84b586140221bb8b2848486874b0be448905
-42d4e61ed3f8d64cdd3b9d153343eca15b9b0d5e388232793c6376bd2d9cfd0a0e4ed
-8bcc15f3dd01a30365c97c0c0de0a3dd3fbf5d3cbec55fb6ac1d3bf740f
+42d4e61ed3f8d64cdd3b9d153343eca15b9b0d5e388232793c6376bd2d9cfd0ab641d
+7f20a245a09f1d4dbb6e301661af7f352beb0791d055e48d3645232f77f
 ~~~
 
 #### Output Values
@@ -760,10 +736,10 @@ b1bff96636144faa4f9f9afaac75dd88ea99cf5175902ae3f3b2195693f165f11929b
 a510a5978e64dcdabecbd7ee1e4380ce270e58fea58e6462d92964a1aaef72698bca1
 c673baeb04cc2bf7de5f3c2f5553464552d3a0f7698a9ca7f9c5e70c6cb1f706b2f17
 5ab9d04bbd13926e816b6811a50b4aafa9799d5ed7971e10f6eeab2a7a420bf09da9b
-27a4639645622c46358de9cf7ae813055ae2d125236e2e06d49f0b496db2a786f6ee1
-016f15b4fd6c0dbd95d6b117055d914157cb5e11625c701e642293ad32bfcf88da653
-c9b6e71efc8a89607fd46ed5e7b9bf7cc7dbb997a4fd41194a04bcd0c5d88052e080a
-2f02c68d8d9e9c0ce15c92ff
+27a4639645622c46358de9cf7ae813055ae2d1298251c5ba55f6b0b2d58d9ff0c88fe
+4176484be62a96db6e2a8c4d431bd1bf27e077203e6dc290083d0769a2e8d3c8755c8
+5974c32294c6f9fa0adbb34b977472a794b9fb2bdacd6347c8f9d1e0a50b6e763f384
+f32b42c8bc40ad608ba6135e
 ~~~
 
 ### OPAQUE-3DH Fake Test Vector 2
@@ -807,10 +783,10 @@ server_public_key: 78b3040047ff26572a7619617601a61b9c81899bee92f00cfc
 aa5eed96863555
 server_nonce: 1e10f6eeab2a7a420bf09da9b27a4639645622c46358de9cf7ae813
 055ae2d12
-server_public_keyshare: 2d9055eb8f83e1b497370adad5cc2a417bf9be436a792
-def0c7b7ccb92b9e275
-server_private_keyshare: 300b0937f47d45f6123a4d8f0d0c0814b6120d840ebb
-8bc5b4f6b62df07f7842
+client_keyshare_seed: a270dc715dc2b4612bc7864312a05c3e9788ee1bad1f276
+d1e15bdeb4c355e94
+server_keyshare_seed: 360b0937f47d45f6123a4d8f0d0c0814b6120d840ebb8bc
+5b4f6b62df07f78c2
 masking_key: 79ad2621b0757a447dff7108a8ae20a068ce67872095620f415ea611
 c9dcc04972fa359538cd2fd6528775ca775487b2b56db642049b8a90526b975a38484
 c6a
@@ -874,15 +850,15 @@ server_public_key: 0221e034c0e202fe883dcfc96802a7624166fed4cfcab4ae30
 cf5f3290d01c88bf
 server_nonce: 1e10f6eeab2a7a420bf09da9b27a4639645622c46358de9cf7ae813
 055ae2d12
-server_public_keyshare: 03f42965d5bcba2a590a49eb2418061effe40b5c29a34
-b8e5163e0ef32044b2e4c
-server_private_keyshare: 1a2a0ff27f3ca75221378a2a21fe5222ce0b439452f8
-70475857a34197ba8f6d
+client_keyshare_seed: a270dc715dc2b4612bc7864312a05c3e9788ee1bad1f276
+d1e15bdeb4c355e94
+server_keyshare_seed: 360b0937f47d45f6123a4d8f0d0c0814b6120d840ebb8bc
+5b4f6b62df07f78c2
 masking_key: caecc6ccb4cae27cb54d8f3a1af1bac52a3d53107ce08497cdd362b1
 992e4e5e
 KE1: 0396875da2b4f7749bba411513aea02dc514a48d169d8a9531bd61d3af3fa9ba
-ae42d4e61ed3f8d64cdd3b9d153343eca15b9b0d5e388232793c6376bd2d9cfd0a039
-94d4f1221bfd205063469e92ea4d492f7cc76a327223633ab74590c30cf7285
+ae42d4e61ed3f8d64cdd3b9d153343eca15b9b0d5e388232793c6376bd2d9cfd0a021
+47a6583983cc9973b5082db5f5070890cb373d70f7ac1b41ed2305361009784
 ~~~
 
 #### Output Values
@@ -893,8 +869,8 @@ KE2: 0201198dcd13f9792eb75dcfa815f61b049abfe2e3e9456d4bbbceec5f442efd
 da65ce0a97b9085e7af07f61fd3fdd046d257cbf2183ce8766090b8041a8bf28d79dd
 4c9031ddc75bb6ddb4c291e639937840e3d39fc0d5a3d6e7723c09f7945df485bcf9a
 efe3fe82d149e84049e259bb5b33d6a2ff3b25e4bfb7eff0962821e10f6eeab2a7a42
-0bf09da9b27a4639645622c46358de9cf7ae813055ae2d1203f42965d5bcba2a590a4
-9eb2418061effe40b5c29a34b8e5163e0ef32044b2e4c196137813ed8ec48627f0b0d
-90d9427f4ec137f8360769df167c25836eae5d91
+0bf09da9b27a4639645622c46358de9cf7ae813055ae2d12023f82bbb24e75b8683fd
+13b843cd566efae996cd0016cffdcc24ee2bc937d026f459621ce1b4126bc75fb6114
+1194c77ea9dc92d11aa1993f35336ccdbbcf13fc
 ~~~
 "#;
diff --git a/src/tests/test_opaque_vectors.rs b/src/tests/test_opaque_vectors.rs
index 2fc2fc02..d1aef5ac 100644
--- a/src/tests/test_opaque_vectors.rs
+++ b/src/tests/test_opaque_vectors.rs
@@ -42,12 +42,10 @@ pub struct OpaqueTestVectorParameters {
     pub dummy_masking_key: Vec<u8>,
     pub context: Vec<u8>,
     pub client_private_key: Option<Vec<u8>>,
-    pub client_keyshare: Vec<u8>,
-    pub client_private_keyshare: Vec<u8>,
+    pub client_keyshare_seed: Vec<u8>,
     pub server_public_key: Vec<u8>,
     pub server_private_key: Vec<u8>,
-    pub server_keyshare: Vec<u8>,
-    pub server_private_keyshare: Vec<u8>,
+    pub server_keyshare_seed: Vec<u8>,
     pub client_identity: Option<Vec<u8>>,
     pub server_identity: Option<Vec<u8>>,
     pub credential_identifier: Vec<u8>,
@@ -127,12 +125,10 @@ where
         },
         context: parse!(values, "Context"),
         client_private_key: decode(values, "client_private_key"),
-        client_keyshare: parse!(values, "client_public_keyshare"),
-        client_private_keyshare: parse!(values, "client_private_keyshare"),
+        client_keyshare_seed: parse!(values, "client_keyshare_seed"),
         server_public_key: parse!(values, "server_public_key"),
         server_private_key: parse!(values, "server_private_key"),
-        server_keyshare: parse!(values, "server_public_keyshare"),
-        server_private_keyshare: parse!(values, "server_private_keyshare"),
+        server_keyshare_seed: parse!(values, "server_keyshare_seed"),
         client_identity: decode(values, "client_identity"),
         server_identity: decode(values, "server_identity"),
         credential_identifier: parse!(values, "credential_identifier"),
@@ -460,7 +456,7 @@ where
     for parameters in tvs {
         let client_login_start = [
             parameters.blind_login.as_slice(),
-            &parameters.client_private_keyshare,
+            &parameters.client_keyshare_seed,
             &parameters.client_nonce,
         ]
         .concat();
@@ -522,16 +518,16 @@ where
         let record =
             ServerRegistration::<CS>::deserialize(&get_password_file_bytes::<CS>(parameters))?;
 
-        let mut server_private_keyshare_and_nonce_rng = CycleRng::new(
+        let mut server_keyshare_seed_and_nonce_rng = CycleRng::new(
             [
                 parameters.masking_nonce.as_slice(),
-                &parameters.server_private_keyshare,
+                &parameters.server_keyshare_seed,
                 &parameters.server_nonce,
             ]
             .concat(),
         );
         let server_login_start_result = ServerLogin::<CS>::start(
-            &mut server_private_keyshare_and_nonce_rng,
+            &mut server_keyshare_seed_and_nonce_rng,
             &server_setup,
             Some(record),
             CredentialRequest::<CS>::deserialize(&parameters.KE1).unwrap(),
@@ -580,7 +576,7 @@ where
     for parameters in tvs {
         let client_login_start = [
             parameters.blind_login.as_slice(),
-            &parameters.client_private_keyshare,
+            &parameters.client_keyshare_seed,
             &parameters.client_nonce,
         ]
         .concat();
@@ -662,16 +658,16 @@ where
         let record =
             ServerRegistration::<CS>::deserialize(&get_password_file_bytes::<CS>(parameters))?;
 
-        let mut server_private_keyshare_and_nonce_rng = CycleRng::new(
+        let mut server_keyshare_seed_and_nonce_rng = CycleRng::new(
             [
                 parameters.masking_nonce.as_slice(),
-                &parameters.server_private_keyshare,
+                &parameters.server_keyshare_seed,
                 &parameters.server_nonce,
             ]
             .concat(),
         );
         let server_login_start_result = ServerLogin::<CS>::start(
-            &mut server_private_keyshare_and_nonce_rng,
+            &mut server_keyshare_seed_and_nonce_rng,
             &server_setup,
             Some(record),
             CredentialRequest::<CS>::deserialize(&parameters.KE1).unwrap(),
@@ -729,17 +725,17 @@ where
             .concat(),
         )?;
 
-        let mut server_private_keyshare_and_nonce_rng = CycleRng::new(
+        let mut server_keyshare_seed_and_nonce_rng = CycleRng::new(
             [
                 parameters.dummy_masking_key.as_slice(),
                 &parameters.masking_nonce,
-                &parameters.server_private_keyshare,
+                &parameters.server_keyshare_seed,
                 &parameters.server_nonce,
             ]
             .concat(),
         );
         let server_login_start_result = ServerLogin::<CS>::start(
-            &mut server_private_keyshare_and_nonce_rng,
+            &mut server_keyshare_seed_and_nonce_rng,
             &server_setup,
             None,
             CredentialRequest::<CS>::deserialize(&parameters.KE1).unwrap(),