[MONGOCRYPT-540] Define v2 token types and implement token derivation Created: 17/Feb/23  Updated: 28/Oct/23  Resolved: 21/Feb/23

Status: Closed
Project: Libmongocrypt
Component/s: None
Affects Version/s: None
Fix Version/s: 1.8.0, 1.8.0-alpha0

Type: Task Priority: Unknown
Reporter: Erwin Pe Assignee: Erwin Pe
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Epic Link: PM-2972
Binding Changes: Not Needed

 Description   

The following token types were added in v2:

ServerTokenDerivationLevel1Token = HMAC(indexKey, 2)

ServerDerivedFromDataToken = HMAC(ServerTokenDerivationLevel1Token, value)

Only ServerDerivedFromDataToken is really used in the v2 payloads. ServerTokenDerivationLevel1Token is just an intermediate type used for deriving the ServerDerivedFromDataToken.

 



 Comments   
Comment by Githook User [ 21/Feb/23 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: MONGOCRYPT-540 Define QE v2 token types and implement token derivation (#578)
Branch: master
https://github.com/mongodb/libmongocrypt/commit/34f7fa4cc54207105b5f6a86254e6f4b605550cc

Comment by Erwin Pe [ 17/Feb/23 ]

PR: https://github.com/mongodb/libmongocrypt/pull/578

Generated at Thu Feb 08 09:08:55 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.