Skip to content

Commit

Permalink
Include null terminator in prefix for payload encryption spec
Browse files Browse the repository at this point in the history 
The spec does not currently mention the null terminator in the prefix.
However, in the implementation, this null character survives into the
associated data used for encryption.

Change-Id: Ifa645371aabf9894444b89872376b9c8537a4732
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3582637
Reviewed-by: John Delaney <johnidel@chromium.org>
Commit-Queue: Alex Turner <alexmt@chromium.org>
Cr-Commit-Position: refs/heads/main@{#991174}
  • Loading branch information
@alexmturner
alexmturner authored and Chromium LUCI CQ committed Apr 11, 2022
1 parent 0d78c04 commit b7a3255
Showing 1 changed file with 7 additions and 6 deletions.
13 changes: 7 additions & 6 deletions content/browser/aggregation_service/payload_encryption.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,10 +27,10 @@ This map is serialized to binary and used as the plaintext input.

The associated data is a string encoded as UTF-8. It consists of a prefix and a
variable body. The prefix is a constant and is used for domain separation[^2];
its value is "`aggregation_service`". The body is exactly the value of the
`shared_info` string provided in the report plaintext. This is generated by the
browser and encodes information both needed by the aggregation service and
available for use by the reporting origin.
its value is "`aggregation_service\0`" (where `\0` is a null terminator). The
body is exactly the value of the `shared_info` string provided in the report
plaintext. This is generated by the browser and encodes information both needed
by the aggregation service and available for use by the reporting origin.

An example shared\_info field is:

Expand All @@ -40,10 +40,11 @@ seconds]\",\"privacy_budget_key\":\"[string]\",\"version\":\"[api
version]\",\"report_id\":\"[UUID]\",\"reporting_origin\":\"https://reporter.example\"}",
```

The corresponding associated data would then be the following (encoded as UTF-8):
The corresponding associated data would then be the following (encoded as UTF-8,
again using `\0` to indicate a null character):

```jsonc
aggregation_service{"scheduled_report_time":"[timestamp in
aggregation_service\0{"scheduled_report_time":"[timestamp in
seconds]","privacy_budget_key":"[string]","version":"[api
version]","report_id":"[UUID]","reporting_origin":"https://reporter.example"}
```
Expand Down

0 comments on commit b7a3255

Please sign in to comment.