You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
5.2.2.1. AES_CBC_HMAC_SHA2 Encryption
The number of octets in the input key K MUST be the sum of
MAC_KEY_LEN and ENC_KEY_LEN. The values of these parameters are
specified by the Authenticated Encryption algorithms in Sections
5.2.3 through 5.2.5.
5.2.3. AES_128_CBC_HMAC_SHA_256
The input key K is 32 octets long.
ENC_KEY_LEN is 16 octets.
MAC_KEY_LEN is 16 octets.
5.2.5. AES_256_CBC_HMAC_SHA_512 AES_256_CBC_HMAC_SHA_512 is based on AES_128_CBC_HMAC_SHA_256, but
with the following differences: The input key K is 64 octets long instead of 32.
ENC_KEY_LEN is 32 octets instead of 16.
MAC_KEY_LEN is 32 octets instead of 16.
but in code:
localfunctionderive_keys(enc, secret_key)
localkey_size_bytes=16ifenc==str_const.A128CBC_HS256thenkey_size_bytes=16elseifenc==str_const.A256CBC_HS512thenkey_size_bytes=32endifnotsecret_keythensecret_key=resty_random.bytes(key_size_bytes,true)
endif#secret_key~=key_size_bytesthenerror({reason="The pre-shared content key must be "..key_size_bytes})
endlocalderived_key_size=key_size_bytes/2mac_key=string_sub(secret_key, 1, derived_key_size)
enc_key=string_sub(secret_key, derived_key_size)
returnsecret_key, mac_key, enc_keyend
The text was updated successfully, but these errors were encountered:
Great! BTW, I think it would be nice to make this library compatible with other implementations (with RFC). Right now I'm working on PR. Would be great to hear your opinion.
Thanks!
from rfc
but in code:
The text was updated successfully, but these errors were encountered: