Define hkdf-hmac-sha256.v2 MAC method for SAS verification (#1412)

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2023-02-09 23:58:16 -05:00 · 2023-02-09 23:58:16 -05:00 · ad94985754
commit ad94985754
parent e9a463d871
7 changed files with 73 additions and 33 deletions
--- a/data/event-schemas/examples/m.key.verification.accept.yaml
+++ b/data/event-schemas/examples/m.key.verification.accept.yaml
@ -5,7 +5,7 @@
        "method": "m.sas.v1",
        "key_agreement_protocol": "curve25519",
        "hash": "sha256",
-        "message_authentication_code": "hkdf-hmac-sha256",
+        "message_authentication_code": "hkdf-hmac-sha256.v2",
        "short_authentication_string": ["decimal", "emoji"],
        "commitment": "fQpGIW1Snz+pwLZu6sTy2aHy/DYWWTspTJRPyNp0PKkymfIsNffysMl6ObMMFdIJhk6g6pwlIqZ54rxo8SLmAg"
    }
--- a/data/event-schemas/examples/m.key.verification.start$m.sas.v1.yaml
+++ b/data/event-schemas/examples/m.key.verification.start$m.sas.v1.yaml
@ -6,7 +6,7 @@
        "method": "m.sas.v1",
        "key_agreement_protocols": ["curve25519"],
        "hashes": ["sha256"],
-        "message_authentication_codes": ["hkdf-hmac-sha256"],
+        "message_authentication_codes": ["hkdf-hmac-sha256.v2", "hkdf-hmac-sha256"],
        "short_authentication_string": ["decimal", "emoji"]
    }
 }
--- a/data/event-schemas/schema/m.key.verification.accept.yaml
+++ b/data/event-schemas/schema/m.key.verification.accept.yaml
@ -26,7 +26,7 @@ properties:
      message_authentication_code:
        type: string
        description: |-
-          The message authentication code the device is choosing to use, out of
+          The message authentication code method the device is choosing to use, out of
          the options in the `m.key.verification.start` message.
      short_authentication_string:
        type: array
--- a/data/event-schemas/schema/m.key.verification.mac.yaml
+++ b/data/event-schemas/schema/m.key.verification.mac.yaml
@ -3,7 +3,9 @@ allOf:
  - $ref: core-event-schema/event.yaml

 description: |-
-  Sends the MAC of a device's key to the partner device.
+  Sends the MAC of a device's key to the partner device.  The MAC is calculated
+  using the method given in `message_authentication_code` property of the
+  `m.key.verification.accept` message.
 properties:
  content:
    properties:
--- a/data/event-schemas/schema/m.key.verification.start$m.sas.v1.yaml
+++ b/data/event-schemas/schema/m.key.verification.start$m.sas.v1.yaml
@ -41,8 +41,11 @@ properties:
      message_authentication_codes:
        type: array
        description: |-
-          The message authentication codes that the sending device understands.
-          Must include at least `hkdf-hmac-sha256`.
+          The message authentication code methods that the sending device understands.
+          Must include at least `hkdf-hmac-sha256.v2`.  Should also include
+          `hkdf-hmac-sha256` for compatibility with older clients, though this
+          identifier is deprecated and will be removed in a future version of
+          the spec.
        items:
          type: string
      short_authentication_string: