Services/KeyExchange: Difference between revisions

Services/KeyExchange (view source)

209 bytes added , 7 October 2010

canmove, Confirmed users

725

edits

@@ Line 97: / Line 97: @@
 ...
 </pre>
-<p>computes msg 2 and key</p>
+<p>computes key, computes and uploads msg 2</p>
 <pre>
 C: PUT /a7i HTTP/1.1
 C:
-C: {"type": "client2-msg2", XXX, "credentials":"XXX", "hmac":"XXX"}</pre></li>
+C: {"type": "client2-msg2", XXX}
+</pre></li>
-<li>Mobile retrieves Desktop's msg 2 and computes key, uploads hash of key to prove its knowledge (msg 3).
+<li>Mobile retrieves Desktop's msg 2
+<pre>
+C: GET /a7i HTTP/1.1
+C:
+S: HTTP/1.1 200 OK
+...
+</pre>
+<p>computes key, uploads hash of key to prove its knowledge (msg 3)</p>
 <pre>
 C: PUT /a7i HTTP/1.1
 C:
-C: {"type": "client1-msg3", XXX}</pre></li>
+C: {"type": "client1-msg3", XXX}
+</pre></li>
 </li>
-<li>Desktop retrieves Mobile's msg 3 and verifies the key's hash. If the hash matches, it encrypts and uploads Sync credentials
+<li>Desktop retrieves Mobile's msg 3 (hashed key)
-</li>
+<pre>
+C: GET /a7i HTTP/1.1
+C:
+S: HTTP/1.1 200 OK
+...
+</pre>
+verifies it against its own version. If the hash matches, it encrypts and uploads Sync credentials.
+<pre>
+C: PUT /a7i HTTP/1.1
+C:
+C: {"type": "client2-msg3", XXX}
+</pre>
+</li></li>
 <li>Mobile retrieves encrypted credentials
@@ Line 121: / Line 144: @@
 ...
 </pre>
-<p>computes key and decrypts Sync credentials.</p></li>
+<p>decrypts Sync credentials and verifies HMAC.</p></li>
 <li>Mobile deletes the session [OPTIONAL]
 <pre>