24
edits
Talk:Services/Sync/SimplifiedCrypto: Difference between revisions
Talk:Services/Sync/SimplifiedCrypto (view source)
Revision as of 10:58, 4 December 2010
, 4 December 2010→Deriving encryption and HMAC keys from the Sync Key
| (4 intermediate revisions by the same user not shown) | |||
| Line 7: | Line 7: | ||
== Deriving encryption and HMAC keys from the Sync Key == | == Deriving encryption and HMAC keys from the Sync Key == | ||
The hmac used is an SHA-256 HMAC. | The hmac used is an SHA-256 HMAC.<br/> | ||
* Sourcecode of [http://hg.mozilla.org/services/fx-sync/file/12189166cd01/services/sync/modules/util.js#l571 Utils.makeHMACKey()] Sorry, it's a native method. | |||
* What is the value of HMAC_INPUT? | |||
** [http://hg.mozilla.org/services/fx-sync/file/37150bc0bf62/services/sync/modules/constants.js source] | |||
** it is the string "Sync-AES_256_CBC-HMAC256" | |||
* what is enc + HMAC_INPUT + u + "\x02"? (enc is a byte array, the others are strings) | |||
* \x?? = "The Latin-1 character specified by the two hexadecimal digits dd between 00 and FF. ie, copyright symbol is \xA9." | |||
** \x01 = SOH = \u0001 in unicode | |||
== Upgrading existing Sync Keys to the new AES key == | == Upgrading existing Sync Keys to the new AES key == | ||
PBKDF2 iteration count it 4096, key length 128 bit. | PBKDF2 iteration count it 4096, key length 128 bit.<br/> | ||
Keep in mind that while everywhere else Base64 is used, this is Base32. | |||
Example (Java): | Example (Java): | ||