From 93b3ae453f9538fa2c23108cfb45103744c7ba6c Mon Sep 17 00:00:00 2001 From: Hubert Chathi Date: Wed, 25 Jan 2023 16:20:57 -0500 Subject: [PATCH] add support for stable identifier for fixed MAC in SAS verification --- spec/unit/crypto/verification/sas.spec.ts | 2 +- src/crypto/verification/SAS.ts | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/spec/unit/crypto/verification/sas.spec.ts b/spec/unit/crypto/verification/sas.spec.ts index 5309c0d80f7..3c4f224428e 100644 --- a/spec/unit/crypto/verification/sas.spec.ts +++ b/spec/unit/crypto/verification/sas.spec.ts @@ -215,7 +215,7 @@ describe("SAS verification", function () { ]); // make sure that it uses the preferred method - expect(macMethod).toBe("org.matrix.msc3783.hkdf-hmac-sha256"); + expect(macMethod).toBe("hkdf-hmac-sha256.v2"); expect(keyAgreement).toBe("curve25519-hkdf-sha256"); // make sure Alice and Bob verified each other diff --git a/src/crypto/verification/SAS.ts b/src/crypto/verification/SAS.ts index 4c05f53549d..a8d237d2da1 100644 --- a/src/crypto/verification/SAS.ts +++ b/src/crypto/verification/SAS.ts @@ -159,6 +159,7 @@ function generateSas(sasBytes: Uint8Array, methods: string[]): IGeneratedSas { const macMethods = { "hkdf-hmac-sha256": "calculate_mac", "org.matrix.msc3783.hkdf-hmac-sha256": "calculate_mac_fixed_base64", + "hkdf-hmac-sha256.v2": "calculate_mac_fixed_base64", "hmac-sha256": "calculate_mac_long_kdf", } as const; @@ -202,7 +203,12 @@ type KeyAgreement = keyof typeof calculateKeyAgreement; */ const KEY_AGREEMENT_LIST: KeyAgreement[] = ["curve25519-hkdf-sha256", "curve25519"]; const HASHES_LIST = ["sha256"]; -const MAC_LIST: MacMethod[] = ["org.matrix.msc3783.hkdf-hmac-sha256", "hkdf-hmac-sha256", "hmac-sha256"]; +const MAC_LIST: MacMethod[] = [ + "hkdf-hmac-sha256.v2", + "org.matrix.msc3783.hkdf-hmac-sha256", + "hkdf-hmac-sha256", + "hmac-sha256", +]; const SAS_LIST = Object.keys(sasGenerators); const KEY_AGREEMENT_SET = new Set(KEY_AGREEMENT_LIST);