Two questions about Firefox Sync encryption

Richard Newman rnewman at mozilla.com
Wed Jun 29 08:16:03 PDT 2011


> And when I use the HMAC key and the ciphertext to create the HMAC, should I be setting my SHA-256 HMAC function to the appropriate format, for example passing the function a base64 encoded HMAC key and telling the function that it is in base64 as opposed to passing it a base64 encoded HMAC key and telling the function that it is in ASCII?
>  
> I hope my questions make sense.  Thanks again for the assistance.

To add to Philipp's points, you might find it helpful to port some of our test cases to verify that your implementation is doing the right thing:

Pure crypto bits: 

  https://hg.mozilla.org/services/services-central/file/default/services/crypto/tests/unit

WBO encryption: 

  https://hg.mozilla.org/services/services-central/file/default/services/sync/tests/unit/test_records_crypto.js

-R


More information about the Services-dev mailing list