Confirmed users
632
edits
Loop/Architecture/Context: Difference between revisions
no edit summary
No edit summary |
|||
| Line 25: | Line 25: | ||
Base64(IV || ciphertext || tag) | Base64(IV || ciphertext || tag) | ||
Where IV is 12 bytes in length, and tag is | Where IV is 12 bytes in length, and tag is 16 bytes (128 bits) in length. | ||
Encryption consists of selecting a random 12-byte IV value. This IV, the plaintext JSON representation of the room context fields, and '''kRm''' are used as input to the AES-GCM encryption algorithm, which is configured to generate a | Encryption consists of selecting a random 12-byte IV value. This IV, the plaintext JSON representation of the room context fields, and '''kRm''' are used as input to the AES-GCM encryption algorithm, which is configured to generate a 128-bit validation tag. The IV is then concatenated with the ciphertext and the validation tag. The resulting bytestring is Base64 encoded, and included as the "context.value" field in the appropriate Loop Server API call, alongside the wrapped room key '''kR''' and the algorithm name ("AES-GCM"). | ||
Decryption consists of Base64 decoding the "context" field, splitting off the first 12 bytes for use as an IV, and splitting off the final | Decryption consists of Base64 decoding the "context" field, splitting off the first 12 bytes for use as an IV, and splitting off the final 16 bytes as the validation tag. These are then used as input to the AES-GCM decryption algorithm (along with '''kRm'''), the output of which is a JSON object containing fields that correspond to the various room context information fields. | ||
== Loop Server API Changes == | == Loop Server API Changes == | ||