MozillaWiki

Firefox OS/Remote Control: Difference between revisions

Page Discussion

Firefox OS/Remote Control (view source)

Revision as of 04:06, 18 April 2016

341 bytes removed ,  18 April 2016
Re-authentication
(Update first time peer authentication)
(Re-authentication)
Line 44: Line 44:
# Server replies with the handshake finish with client's ID for connection in the future.
# Server replies with the handshake finish with client's ID for connection in the future.


=== PIN code pairing ===
==== Re-authentication ====
PIN code is a mechanism to ensure the device connects to TV is physical near TV. While connects to TV, user needs to enter 4 digits PIN code on TV screen. After pass pairing, user is redirected to control page and not need to enter PIN code until: 1) 90 days, pairing expired or 2) user revokes all pairing in remote control app. Pairing can be turned off in remote control app. Following describes how PIN code pairing is done:
User is only required to input PIN code when first time connect to TV. In the second time, client and server leverage previous AES key value and derive new AES and HMAC key. This can reduce number of user input and make the procedure from send tab to TV to remote control more smoothly.


[[File:RemoteControl PINCodePairing.png]]
[[File:RemoteControl SecondTimeHandshake.png]]


# User opens the URL.
# The user sends the tab to TV on fennec.
# Client requests page with UUID requires pairing.
# Client sends request to handshake with ID.
# Server get the UUID and generate a PIN code.
# Server looks up ID/AES key mapping and replies with the handshake type is 2nd time handshake.
# Remote control service sends PIN code to Gaia system app to trigger pairing notification on screen. (send chrome event)
# Client computes J-PAKE round 1 and sends the result to server.
# Server returns pairing.html as requested page for PIN code pairing.
# Server computes J-PAKE round 1 and sends the result to client.
# User enter PIN code on screen.
# Client and server computes J-PAKE round 2 with previous AES key value as weak secret.
# Client encrypts PIN code.
# Client sends round 2 result to server.
# Client sends PIN code to pairing.sjs. [[Firefox_OS/Remote_Control#Pair_PIN_code|Detail]]
# Server sends round 2 result to client.
# Pairing.sjs replies a ticket number.
# Both client and server compute J-PAKE final round, gets new AES and HMAC key.
# Pairing.sjs decrypts PIN code using symmetric key received in establish secure connection. [https://github.com/MDTsai/gecko-dev/blob/Bug_1235013_new_httpserver/b2g/remotecontrol/pairing.sjs#L48 source]
# Server use two keys to get a signature of H(H(AES key)), then send the signature to client.
# Pairing.sjs confirms PIN code correct from remote control service and delete pending PIN code.
# Client verifies the signature matches it has.
# Pairing.sjs requests Gaia system app to dismiss pairing notification on screen. (send chrome event)
# Client use two keys to get a signature of H(AES key), then send the signature to server.
# Client queries PIN code pairing result from pairing.sjs by ticket number. [[Firefox_OS/Remote_Control#Poll_pair_result|Detail]]
# Server verifies the signature matches it has.
# Client reloads the URL with UUID.
# Server replies with the handshake finish.


After PIN code pairing, client reloads the URL with a valid UUID and get control page.
After authentication, client can sends control event to server.


=== Control event processing ===
=== Control event processing ===
Eric Tsai
133

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1128024"