1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-12-12 02:42:16 -05:00

Merge branch 'xep-0384' into premerge

This commit is contained in:
Jonas Schäfer 2022-01-04 18:39:12 +01:00
commit 1d6e75cc81

View File

@ -57,6 +57,14 @@
<email>xmpp@larma.de</email> <email>xmpp@larma.de</email>
<jid>jabber@larma.de</jid> <jid>jabber@larma.de</jid>
</author> </author>
<revision>
<version>0.8.2</version>
<date>2021-12-27</date>
<initials>fs</initials>
<remark>
<p>Fixed HMAC size inconsitency (32 bytes vs 16 bytes)</p>
</remark>
</revision>
<revision> <revision>
<version>0.8.1</version> <version>0.8.1</version>
<date>2021-10-07</date> <date>2021-10-07</date>
@ -330,7 +338,7 @@
<ol> <ol>
<li>Use HKDF-SHA-256 to generate 80 bytes of output from the message key by providing mk as HKDF input, 256 zero-bits as HKDF salt and &quot;OMEMO Message Key Material&quot; as HKDF info.</li> <li>Use HKDF-SHA-256 to generate 80 bytes of output from the message key by providing mk as HKDF input, 256 zero-bits as HKDF salt and &quot;OMEMO Message Key Material&quot; as HKDF info.</li>
<li>Divide the HKDF output into a 32-byte encryption key, a 32-byte authentication key and a 16 byte IV.</li> <li>Divide the HKDF output into a 32-byte encryption key, a 32-byte authentication key and a 16 byte IV.</li>
<li>Encrypt the plaintext (which consists of a 32 bytes key and a 32 bytes HMAC as specified in the section about <link url="#protocol-message_encryption">Message Encryption</link>) using AES-256-CBC with PKCS#7 padding, using the encryption key and IV derived in the previous step.</li> <li>Encrypt the plaintext (which consists of a 32 bytes key and a 16 bytes HMAC as specified in the section about <link url="#protocol-message_encryption">Message Encryption</link>) using AES-256-CBC with PKCS#7 padding, using the encryption key and IV derived in the previous step.</li>
<li>Split the associated data as returned by <tt>CONCAT</tt> into the original ad and the <tt>OMEMOMessage.proto</tt> structure.</li> <li>Split the associated data as returned by <tt>CONCAT</tt> into the original ad and the <tt>OMEMOMessage.proto</tt> structure.</li>
<li>Add the ciphertext to the <tt>OMEMOMessage.proto</tt> structure.</li> <li>Add the ciphertext to the <tt>OMEMOMessage.proto</tt> structure.</li>
<li>Serialize the <tt>OMEMOMessage.proto</tt> structure into a parseable byte array. To avoid potential problems regarding non-uniqueness of the serialization, make sure to only serialize <em>once</em> and to use that exact byte sequence in the following steps.</li> <li>Serialize the <tt>OMEMOMessage.proto</tt> structure into a parseable byte array. To avoid potential problems regarding non-uniqueness of the serialization, make sure to only serialize <em>once</em> and to use that exact byte sequence in the following steps.</li>