sas: clarify HKDF calculation uses base64-encoded keys

Signed-off-by: Sumner Evans <sumner@beeper.com>
2026-03-23 19:44:09 +01:00 · 2024-01-29 23:33:54 -07:00 · 2024-01-29 23:33:54 -07:00 · 9b78c492e2
parent 9a5cacda90
commit 9b78c492e2
2 changed files with 5 additions and 4 deletions
--- a/changelogs/client_server/newsfragments/1719.clarification
+++ b/changelogs/client_server/newsfragments/1719.clarification
@ -0,0 +1 @@
 Clarify that the HKDF calculation for SAS uses base64-encoded keys rather than the raw key bytes.
--- a/content/client-server-api/modules/end_to_end_encryption.md
+++ b/content/client-server-api/modules/end_to_end_encryption.md
@ -836,15 +836,15 @@ is the concatenation of:
 -   The Device ID of the device which sent the
    `m.key.verification.start` message, followed by `|`.
 -   The public key from the `m.key.verification.key` message sent by
-    the device which sent the `m.key.verification.start` message,
+    the device which sent the `m.key.verification.start` message, encoded as
-    followed by `|`.
+    unpadded base64, followed by `|`.
 -   The Matrix ID of the user who sent the `m.key.verification.accept`
    message, followed by `|`.
 -   The Device ID of the device which sent the
    `m.key.verification.accept` message, followed by `|`.
 -   The public key from the `m.key.verification.key` message sent by
-    the device which sent the `m.key.verification.accept` message,
+    the device which sent the `m.key.verification.accept` message, encoded as
-    followed by `|`.
+    unpadded base64, followed by `|`.
 -   The `transaction_id` being used.
 When the `key_agreement_protocol` is the deprecated method `curve25519`,
		`@ -0,0 +1 @@`
							`Clarify that the HKDF calculation for SAS uses base64-encoded keys rather than the raw key bytes.`