From d5298ceaa4e9668ce7c762cee3f5797d8300f558 Mon Sep 17 00:00:00 2001 From: VasilevNStas Date: Sun, 28 Jun 2026 19:49:12 +0300 Subject: [PATCH] docs(auth): specify big-endian byte order for timestamp in HMAC input --- auth.proto | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/auth.proto b/auth.proto index 197b01d..01fcc43 100644 --- a/auth.proto +++ b/auth.proto @@ -20,11 +20,13 @@ message Auth { uint32 timestamp = 2; // Truncated HMAC-SHA256 (12 bytes) over (client_id || timestamp), - // computed with the pre-shared key issued to this client. Proves - // possession of the PSK without revealing it. Receivers MUST - // assert len(hmac) == 12 and reject the Auth before performing any - // comparison; a shorter or absent value weakens authentication - // non-deterministically across implementations. + // computed with the pre-shared key issued to this client. The + // timestamp is serialised as 4 bytes in big-endian (network byte + // order) before concatenation. Proves possession of the PSK + // without revealing it. Receivers MUST assert len(hmac) == 12 + // and reject the Auth before performing any comparison; a shorter + // or absent value weakens authentication non-deterministically + // across implementations. bytes hmac = 3; // Free-form device label reported by the client (e.g. "SM-G998B",