Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2026-02-03 21:03:42 +01:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
matrix-spec/changelogs/client_server/newsfragments
History
Sumner Evans 9a5cacda90
Clarify that the key backup MAC is implemented incorrectly (#1712) 
* Clarify that the key backup MAC is implemented incorrectly

Due to a bug in libolm, all implementations of the
m.megolm_backup.v1.curve25519-aes-sha2 key backup algorithm incorrectly
pass an empty string through HMAC-SHA-256 to generate the `mac` property
of the `session_data`.

It was intended for the entire raw encrypted data to be passed through
HMAC-SHA-256, but the issue was caught too late in the process, and thus
we are stuck with this until a new key backup algorithm is introduced.

This commit clarifies the real-world behavior of all current
implementations.

Signed-off-by: Sumner Evans <sumner@beeper.com>
2024-01-16 14:11:44 -05:00
..
.gitignore Don't let the newsfragments wink out of existence 2018-07-06 17:32:57 -06:00
1685.clarification Batch receipts by thread as well as room (#1685) 2023-12-05 16:28:05 +00:00
1687.clarification Clarify that threads can be created based on replies (#1687) 2023-12-11 13:00:59 +00:00
1690.clarification Make clearer in the example that the fallback prefix sequence should be repeated for each line (#1690) 2024-01-15 12:35:06 +00:00
1695.clarification Clarify secret storage format (#1695) 2023-12-11 16:29:01 +00:00
1712.clarification Clarify that the key backup MAC is implemented incorrectly (#1712) 2024-01-16 14:11:44 -05:00