MozillaWiki

Firefox OS/Remote Control: Difference between revisions

Page Discussion

Firefox OS/Remote Control (view source)

Revision as of 09:29, 13 May 2016

45 bytes removed ,  13 May 2016
→‎Data encryption/decryption: Update data and key confirmation
(→‎J-PAKE key exchange: fix round 1 zpk to zkp)
(→‎Data encryption/decryption: Update data and key confirmation)
Line 76: Line 76:
# Client.sjs parses event and dispatch to Gecko or Gaia system app.
# Client.sjs parses event and dispatch to Gecko or Gaia system app.


=== Data encryption/decryption ===
=== Data used in JPAKE authentication ===
There are three kinds of data are encrypted while tranmission:
==== Singer ID for JPAKE round 1 & 2: ====
# Client polls '''UUID''' in establish secure connection stage
* TV: server
# Client sends '''PIN code''' in pin code pairing
* Fennec addon: client
# Client sends '''event''' in control event processing


As data are encrypted by symmetric key, AES-GCM, there are two things need noticed:
==== Weak secret: ====
# AES-GCM need initialization vector(IV) to encrypt/decrypt. Currently, IV is random value for each data, length is 12 bytes. Encrypted data is appended after IV. Receiver needs to slice first 12 bytes as IV to decrypt.
* TV: concatenate PIN and first 12 characters of TLS server cert SHA 256 fingerprint
# Each message type is string, use [https://developer.mozilla.org/en-US/docs/Web/API/TextEncoder/encode TextEncoder.encode()] to encode as an UInt8Array, then encrypt to ArrayBuffer. Vice versa.
* Fennec addon: concatenate user input PIN and first 12 characters connected TLS server cert SHA 256 fingerprint
# Data encryption/decryption is asynchronous but HTTP request need response immediately. For UUID and PIN code case, remote control uses a ticket number to get status after decryption. But for event, we reduce polling result but use latest event's result instead.
 
==== Key confirmation: ====
 
Double hash of AES key:
## TV converts AES key to array buffer
## Sign AES key array buffer, get signature 1 (array buffer)
## Sign signature 1, get signature 2
## Convert signature 2 to base 64, send to Fennec addon
## Fennec addon do the same as TV from step 1 to 4
## Compare received base 64 string of self and TV's signature 2
 
Single hash of AES key:
## Fennec addon converts AES key to array buffer
## Sign AES key array buffer, get signature 1 (array buffer)
## Convert signature 1 to base 64, send to TV
## TV use HMAC key, received signature, AES key array buffer to verify if the signature is valid.


=== Authentication and Event Protocol ===
=== Authentication and Event Protocol ===
Eric Tsai
133

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1132554"