Open thomluther opened 3 months ago
See details in Question about encryption & (hopefully) some useful data #18
First review shows that it does not seem to be easy to find how the ECDH encryption keys are used for the additional header fields. Most likely the request is encrypted, but there is also an excrypted indent field that might be required which part of which field/key to be used for the encryption. Testing will not be continued for the time being.
The App encrypts also request bodies via ECDH like login requests. This is indicated by additional header fields. Verify if encrypted bodies can be used by the API library as well.