|
|
|
|
|
|
by dreae
3198 days ago
|
|
|
I've left a comment on your github issue, but the tl;dr is that the encryption document doesn't seem to reflect the code. The comment in the ruby test case suggests that the actual step is 'E = hash( Z2 + R )' instead of 'E = hash( Z2 + D )' where 'R' is the user's randomly generated 'AssignedKey' and 'D' is the masked HSM ciphertext 'KMS(R) ^ Z2'. Perhaps somewhere during implementation someone realized the document doesn't make sense as written. |
|
|