You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Dec 29, 2022. It is now read-only.
Shawn Willden edited this page Mar 7, 2015
·
1 revision
Timeout Signature Format v0.6b
All keyCzar timeout signatures are preceded with an OutputHeader (consisting of a VersionByte and KeyHash). Timeout signatures are generated by passing in an absolute timeout T in "epoch time", which is the number of milliseconds since January 1, 1970 00:00:00 GMT. The timeout will be given as an 8-byte big-endian long value representation. An input message M and timeout T will be concatenated and terminated with the VersionByte before being signed:
OutputHeader
T
Sign(T . M . VersionByte)
(Let "." be a byte-wise concatenation operator.)
HMAC-SHA1 Example
OutputHeader
T
Sign(T . M . VersionByte)
5 bytes
8 bytes
20 bytes
Timeout Signature Format v0.5b
Given an input message M and timeout T, both the OutputHeader, T, and M will be signed together: