The current implementation of siteId uses a url safe Base64 algorithm that limits maximum size of the remote context_id to about 72 chars. Since we prepend the lti_key to context_id, this length becomes even more constraining. Move to a fixed length one-way hash algorithm. See: BLTI-23
Description
The current implementation of siteId uses a url safe Base64 algorithm that limits maximum size of the remote context_id to about 72 chars. Since we prepend the lti_key to context_id, this length becomes even more constraining. Move to a fixed length one-way hash algorithm. See: BLTI-23
Implemented using a SHA-1 hash of the effective context_id and then stores the original context_id in a site.property "lti_context_id" which will be useful for later reference. Since SHA-1 hashes to 40 chars, that would leave us 59 chars (i.e. 58 + ":") to use for LTI key. This also means that the new maximum supported size of an effective context_id is the maximum message size of SHA-1: maximum length of (264 ? 1) bits.
Lance Speelmon added a comment - 31-Jan-2010 08:46 Implemented using a SHA-1 hash of the effective context_id and then stores the original context_id in a site.property "lti_context_id" which will be useful for later reference. Since SHA-1 hashes to 40 chars, that would leave us 59 chars (i.e. 58 + ":") to use for LTI key. This also means that the new maximum supported size of an effective context_id is the maximum message size of SHA-1: maximum length of (264 ? 1) bits.
Committed revision 73035.
Bug
Resolved
Major
Maximum length of a context_id is too constraining - migrate to SHA-1 hash for siteId
Committed revision 73035.