You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As the Derived Key implementation is not clearly documented, I thought derivedSeedHex would be interchangeable with seedHex; thus, I copied the implementation provided in this repository (including src/lib/ecies/index.js) and configured it on a React Native project running on top of Expo.
After fiddling around to make the crypto, buffer, and stream implementation load correctly, I tried it with my own seedHex (directly out of my browser's localStorage).
Everything seemed to be working; however, as soon as I replaced the seedHex with the derivedSeedHex (given by doing the derived authorization flow on the identity), the implementation started to throw the following error:
[Unhandled promise rejection: Error: Incorrect MAC]
at src/lib/ecies/index.js:26:1 in kdf
at src/lib/ecies/index.js:170:2 in decrypt
at http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:192892:18 in decryptShared
at src/pages/Inbox/index.tsx:41:20 in useCallback$argument_0
at [native code]:null in flushedQueue
at [native code]:null in invokeCallbackAndReturnFlushedQueue
The error comes from the following section, and removing it, will cause invalid encryption.
assert(hmacGood.equals(msgMac), "Incorrect MAC");
With that said:
Does the Derived Keys support decrypting messages? (or in other words, Am I doing something wrong?)
If they don't support decryption: when will this feature be available?
If they do support decryption: is it only from the messages encoded using Derived Keys?
All and all, how should I proceed to implement such a feature?
The text was updated successfully, but these errors were encountered:
farsadf
changed the title
derivedSeedHex and Messages throws Incorrect HMAC errorderivedSeedHex and Messages throws Incorrect HMAC error
Nov 2, 2021
So after talking with Ribal from CloutFeed, he told me that there is an endpoint (/get-shared-secrets) to handle this situation; however, such an implementation does have its limitations, primarily a very unusual UX and character length limitation on Nginx.
@maebeam, Is there any sort of alternative method to achieve the same result without this unusual UX?
Hey @farsadf sorry for responding to this just now. Also please tag me for anything related to derived keys in the future. Decrypting/encrypting messages with derived keys doesn't work for now, besides the shared secret endpoint you mentioned. It's a non-trivial crypto problem to have derived keys handle message but I already conceptualized how to make it possible (rotating messaging keys working similar to derived keys but with HD wallet hardened-derivation). It's on my priority list, so it will be possible soon.
@AeonSw4n Fantastic mate! Is there an estimated TAT?
Although I'm not that confident with these sorts of issues, if you think that I might be of help, I'd be more than interested to do some parts.
As the Derived Key implementation is not clearly documented, I thought
derivedSeedHex
would be interchangeable withseedHex
; thus, I copied the implementation provided in this repository (includingsrc/lib/ecies/index.js
) and configured it on a React Native project running on top of Expo.After fiddling around to make the
crypto
,buffer
, andstream
implementation load correctly, I tried it with my ownseedHex
(directly out of my browser's localStorage).Everything seemed to be working; however, as soon as I replaced the
seedHex
with thederivedSeedHex
(given by doing the derived authorization flow on the identity), the implementation started to throw the following error:The error comes from the following section, and removing it, will cause invalid encryption.
With that said:
The text was updated successfully, but these errors were encountered: