MozillaWiki

Services/Sync/SimplifiedCrypto: Difference between revisions

Page Discussion

Services/Sync/SimplifiedCrypto (view source)

Revision as of 08:20, 26 November 2010

257 bytes removed ,  26 November 2010
→‎Passphrase / Sync Key
(Update.)
Line 48: Line 48:


So long as the salt is available, other clients can apply PBKDF2 to their stored passphrase and the salt to yield the new key without any re-entry or J-PAKE-style key distribution.
So long as the salt is available, other clients can apply PBKDF2 to their stored passphrase and the salt to yield the new key without any re-entry or J-PAKE-style key distribution.
The generated base32 alphanumeric key doesn't actually need to be decoded: it is used as input into hash operations which yield an encryption key and an HMAC key.
('''Note:''' however, for NSS convenience in the future, we intend to decode it. Still pending.)


A known fixed string (which includes encryption algo details) and the username are used as input to SHA256-HMAC. The hash operations are chained.
A known fixed string (which includes encryption algo details) and the username are used as input to SHA256-HMAC. The hash operations are chained.


      let m = Utils.decodeKeyBase32(syncKey);


    let m = this.keyStr;
    if (m) {
       // Reuse the hasher.
       // Reuse the hasher.
       let h = Utils.makeHMACHasher();
       let h = Utils.makeHMACHasher();
Line 71: Line 66:
        
        
       // Save them.
       // Save them.
       this._encrypt = btoa(enc);    // WeaveCrypto expects it.
       this._encrypt = btoa(enc);    // WeaveCrypto expects base64
       this._hmac    = hmac;
       this._hmac    = hmac;
    }




Philikon
canmove, Confirmed users
725

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/270184"