diff --git a/xep-0384.xml b/xep-0384.xml index 60a23140..96b1641a 100644 --- a/xep-0384.xml +++ b/xep-0384.xml @@ -330,7 +330,7 @@
  1. Use HKDF-SHA-256 to generate 80 bytes of output from the message key by providing mk as HKDF input, 256 zero-bits as HKDF salt and "OMEMO Message Key Material" as HKDF info.
  2. Divide the HKDF output into a 32-byte encryption key, a 32-byte authentication key and a 16 byte IV.
  3. -
  4. Encrypt the plaintext (which consists of a 32 bytes key and a 32 bytes HMAC as specified in the section about Message Encryption) using AES-256-CBC with PKCS#7 padding, using the encryption key and IV derived in the previous step.
  5. +
  6. Encrypt the plaintext (which consists of a 32 bytes key and a 16 bytes HMAC as specified in the section about Message Encryption) using AES-256-CBC with PKCS#7 padding, using the encryption key and IV derived in the previous step.
  7. Split the associated data as returned by CONCAT into the original ad and the OMEMOMessage.proto structure.
  8. Add the ciphertext to the OMEMOMessage.proto structure.
  9. Serialize the OMEMOMessage.proto structure into a parseable byte array. To avoid potential problems regarding non-uniqueness of the serialization, make sure to only serialize once and to use that exact byte sequence in the following steps.