Hello. I am currently developing my own version of Cryptomator library in Typescript so I can access it on browser. However, one thing I seriously cannot figure out is how to verify the JWT stored in vault.cryptomator. All I can find online is the following:
The JWT is signed using the 512 bit raw masterkey.
I have no idea how this is derived. Of course I tried both encryption master key and MAC key (though I expected them to not work considering they are 256 bits), their concat variant. Can someone tell me how this signing key is derived? Thank you.
Damn, I must have messed something up. Thank you.
In terms of that project, yep, I am aware of it. That inspired me to start this project. I am doing a rewrite of it, because it’s missing some features and could use some stricter typing. That, and lack of things to do on a PC where I can’t install anything.
Edit: Solved! I re-used the one I used for AES-SIV, which uses those two in the other way around, which is why it originally did not work.