wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix description of MAC calculation (#1590)

Browse source
This commit is contained in:
Hubert Chathi 2023-07-04 18:54:55 -04:00 committed by GitHub
parent bed9223610
commit 67c9f814e0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

1
changelogs/client_server/newsfragments/1590.clarification Normal file
View file

@ -0,0 +1 @@
Fix description of MAC calculation in SAS verification.

8
content/client-server-api/modules/end_to_end_encryption.md
View file

@ -776,7 +776,7 @@ The method used to calculate these MACs depends upon the value of the
message. All current implementations should use the `hkdf-hmac-sha256.v2` method which is message. All current implementations should use the `hkdf-hmac-sha256.v2` method which is
defined as follows: defined as follows:
The MAC used is HMAC as defined in [RFC 1. An HMAC key is generated using HKDF, as defined in [RFC
5869](https://tools.ietf.org/html/rfc5869), using SHA-256 as the hash 5869](https://tools.ietf.org/html/rfc5869), using SHA-256 as the hash
function. The shared secret is supplied as the input keying material. No salt function. The shared secret is supplied as the input keying material. No salt
is used, and in the info parameter is the concatenation of: is used, and in the info parameter is the concatenation of:
@ -790,6 +790,10 @@ is used, and in the info parameter is the concatenation of:
- The Key ID of the key being MAC-ed, or the string `KEY_IDS` if the - The Key ID of the key being MAC-ed, or the string `KEY_IDS` if the
item being MAC-ed is the list of key IDs. item being MAC-ed is the list of key IDs.
2. A MAC is then generated using HMAC as defined in [RFC
2104](https://tools.ietf.org/html/rfc2104) with the key generated above and
using SHA-256 as the hash function.
If a key is being MACed, the MAC is performed on the public key as encoded If a key is being MACed, the MAC is performed on the public key as encoded
according to the [key algorithm](#key-algorithms). For example, for `ed25519` according to the [key algorithm](#key-algorithms). For example, for `ed25519`
keys, it is the unpadded base64-encoded key. keys, it is the unpadded base64-encoded key.
@ -801,7 +805,7 @@ form `{algorithm}:{keyId}`. For example, the key list could look like:
reconstruct the list from the names in the `mac` property of the reconstruct the list from the names in the `mac` property of the
`m.key.verification.mac` message and ensure that no keys were added or removed. `m.key.verification.mac` message and ensure that no keys were added or removed.
The MAC values are base64-encoded and sent in a 3. The MAC values are base64-encoded and sent in a
[`m.key.verification.mac`](#mkeyverificationmac) message. [`m.key.verification.mac`](#mkeyverificationmac) message.
{{% boxes/note %}} {{% boxes/note %}}