MozillaWiki

CloudServices/Sagrada/TokenServer: Difference between revisions

Page Discussion

CloudServices/Sagrada/TokenServer (view source)

Revision as of 23:07, 11 January 2012

71 bytes added ,  11 January 2012
→‎Metadata token (optional)
No edit summary
Line 175: Line 175:
Example:
Example:


   app_token = {'email': 'my@email.com', 'someparam': 1324654308.907832}   
   meta_token = {'email': 'my@email.com', 'someparam': 1324654308.907832}   


To avoid information leakage, the token is encrypted and signed using the shared secret and base64-ed. The encryption is AES-CBC and signature is HMAC-SHA1:
To avoid information leakage, the token is encrypted and signed then base64-ed. The encryption is AES-CBC using the encryption key, the signature is HMAC-SHA1 using the signing key:


   app_token, signature = AES-CBC+HMAC-SHA1(app_token, secret_key)
   meta_token = AES-CBC(meta_token, enc_secret)
   app_token = b64encode(app_token, signature)
  meta_token, signature = HMAC-SHA1(meta_token, sig_secret)
   meta_token = b64encode(meta_token, signature)




'''The metadata token is crypted'''
'''The metadata token is encrypted'''


== Shared Secrets File ==
== Shared Secrets File ==
Rfkelly
Confirmed users
358

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/386368"