blob: 1d9c18923a5877d70f1026a428acdd6dc7ea9544 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
# Submission
docdoc
## Format
NAME MAC
<PEM CHAIN>
silentct:separator
...
<PEM CHAIN>
`NAME`: identifier that the monitor uses to locate the right secret.
`MAC`: HMAC with SHA256 as the hash function, computed for line two and forward.
The HMAC key is derived by the node and the monitor from their shared secret:
hkdf := hkdf.New(sha256.New, SECRET, []byte("silentct"), NAME)
key := make([]byte, 16)
io.ReadFull(hkdf, key)
`<PEM CHAIN>`: certificate chain in PEM format the node considers legitimate.
|