matrix-spec

mirror of https://github.com/matrix-org/matrix-spec synced 2025-12-20 16:38:37 +01:00

History

Sumner Evans 9a5cacda90 Clarify that the key backup MAC is implemented incorrectly (#1712 ) * Clarify that the key backup MAC is implemented incorrectly Due to a bug in libolm, all implementations of the m.megolm_backup.v1.curve25519-aes-sha2 key backup algorithm incorrectly pass an empty string through HMAC-SHA-256 to generate the `mac` property of the `session_data`. It was intended for the entire raw encrypted data to be passed through HMAC-SHA-256, but the issue was caught too late in the process, and thus we are stuck with this until a new key backup algorithm is introduced. This commit clarifies the real-world behavior of all current implementations. Signed-off-by: Sumner Evans <sumner@beeper.com>	2024-01-16 14:11:44 -05:00
..
modules	Clarify that the key backup MAC is implemented incorrectly (#1712 )	2024-01-16 14:11:44 -05:00
_index.md	Fix grammar in client-server-api intro (#1597 )	2023-07-12 13:04:32 -04:00

Clarify that the key backup MAC is implemented incorrectly (#1712 )

* Clarify that the key backup MAC is implemented incorrectly

Due to a bug in libolm, all implementations of the
m.megolm_backup.v1.curve25519-aes-sha2 key backup algorithm incorrectly
pass an empty string through HMAC-SHA-256 to generate the `mac` property
of the `session_data`.

It was intended for the entire raw encrypted data to be passed through
HMAC-SHA-256, but the issue was caught too late in the process, and thus
we are stuck with this until a new key backup algorithm is introduced.

This commit clarifies the real-world behavior of all current
implementations.

Signed-off-by: Sumner Evans <sumner@beeper.com>

2024-01-16 14:11:44 -05:00

modules

Clarify that the key backup MAC is implemented incorrectly (#1712 )

2024-01-16 14:11:44 -05:00

_index.md

Fix grammar in client-server-api intro (#1597 )

2023-07-12 13:04:32 -04:00