Confirm
471
edits
Changes
m
→Obtaining keys kA and kB
[[File:PICL-IdPAuth-keys-client.png|keyFetchToken: client decrypts keys]]
Finally, the server-provided wrap(kB) value is simply XORed with the password-derived wrapKey unwrapBKey (both are 32-byte strings) to obtain kB. There is no MAC on wrap(kB).
[[File:PICL-IdPAuth-key-unwrap.png|unwrapping kB]]
