Talk:Services/Sync/SimplifiedCrypto

From MozillaWiki
Jump to navigation Jump to search

sync key representation

The sync key is represented to the user as:

X-XXXXX-XXXXX-XXXXX-XXXXX-XXXXX

Deriving encryption and HMAC keys from the Sync Key

The hmac used is an SHA-256 HMAC.

(A deep link to Utils.makeHMACKey() would be helpful here.)

Upgrading existing Sync Keys to the new AES key

example: 

	/**
	 * See https://wiki.mozilla.org/Services/Sync/SimplifiedCrypto#Upgrading_existing_Sync_Keys_to_the_new_AES_key
	 * for details on the algorithm.
	 * @param aV3Passphrase
	 * @return the v4 syncKey (serves the same purpose as the passphrase before)
	 * @throws Exception see {@link #passwordToSymmetricKey(char[], byte[])}
	 * @throws UnsupportedEncodingException should not happen (ASCII) 
	 */
	public String upgradeV3PassphraseToV4SyncKey(final String aV3Passphrase) throws UnsupportedEncodingException, Exception {
		String salt = mSyncID;
		KeySpec ks = new PBEKeySpec(aV3Passphrase.toCharArray(), salt.getBytes("ASCII"), 4096, 128);
		PBKDF2HmacSHA1Factory f = new PBKDF2HmacSHA1Factory();
		SecretKey s = f.engineGenerateSecret(ks);
        
		String base32 = biz.wolschon.android.codec.binary.Base32.encode(s.getEncoded()).toLowerCase();
		String syncKey = base32.replace('l', '8').replace('o', '9');

		syncKey = syncKey.charAt(0)
		+ "-" + syncKey.substring(1, 6)
		+ "-" + syncKey.substring(6, 11)
		+ "-" + syncKey.substring(11, 16)
		+ "-" + syncKey.substring(16, 21)
		+ "-" + syncKey.substring(21, 26);
		Log.d(LOG_TAG, "upgraded passphrase to syncKey \"" + syncKey + "\"");
		return syncKey;
	}
Retrieved from "https://wiki.mozilla.org/index.php?title=Talk:Services/Sync/SimplifiedCrypto&oldid=271823"