Keys tend to be specific to given hosts. (e.g. a host generates a public/private key pair, but only the public key is shared.)
There are the firefox client tests at: http://searchfox.org/mozilla-central/rev/b1aadb3572eaf7d2c70e19a2ba5413 809d9ac698/dom/push/test/xpcshell/test_notification_data.js and http://searchfox.org/mozilla-central/rev/b1aadb3572eaf7d2c70e19a2ba5413 809d9ac698/dom/push/test/xpcshell/test_crypto.js These also include a much older "aesgcm128" * draft as well. It's safe to ignore that since it's deprecated. Give me a little bit and I'll put together a very simple python script that will let folks save the subscription endpoint JSON data to a file, and generate testable data blocks. --- * why yes, there are three, very confusing draft names. Each of these relates to the "Content-Type" that is passed along as a header value. aesgcm128: The oldest form. Deprecated (DRAFT 00) aesgcm: The currently supported form (DRAFT 03) aes128gcm: The newest form that will soon be supported (DRAFT 06) On Fri, Feb 3, 2017 at 9:43 AM, Stefan Arentz <[email protected]> wrote: > Do we have test vectors that James can use? > > S. > > > On Fri, Feb 3, 2017 at 12:35 PM, Stefan Arentz <[email protected]> > wrote: > >> We link against OpenSSL on iOS. Not the most recent version, but we can >> fix that. Does that help? >> >> We should not try to implement this from scratch, we should at least use >> the proper crypto primitives in an established library. There is not a lot >> of choice on iOS, so I hope OpenSSL can help out here. >> >> S. >> >> >> On Fri, Feb 3, 2017 at 12:12 PM, <[email protected]> wrote: >> >>> Thanks, JR, Kit. >>> >>> So summarizing: >>> >>> 1. We have to use encryption for any messages with content >>> 2. FxA messages all have content. >>> 3. iOS doesn't use Gecko >>> 4. At least one crypto standard needs to be implemented for iOS. >>> >>> The hard dependency on not yet implemented encryption makes this a >>> bigger job that we've been expecting. >>> >>> I'll definitely have more questions next week when I have enough clues >>> to not make a fool of myself :) >>> >>> >>> >>> On Thursday, February 2, 2017 at 6:26:40 PM UTC, JR Conlin wrote: >>>> >>>> >>>> On Thu, Feb 2, 2017 at 10:12 AM, Kit Cambridge <[email protected]> wrote: >>>> >>>>> Unfortunately, Firefox for iOS can't use Gecko. :-( It'll need to >>>>> reimplement decryption (http://searchfox.org/mozilla- >>>>> central/source/dom/push/PushCrypto.jsm) in Swift. Edouard, didn't you >>>>> start looking into this last summer? >>>>> >>>> >>>> >>>> Hrm, then it's even more important to note that there are multiple >>>> HTTP ECE drafts that may need to be supported, ("aesgcm" (aka "DRAFT04") >>>> and "aes128gcm" (aka "DRAFT06")) DRAFT06 is recent, so not as critical to >>>> support yet, but does change things around quite a bit. >>>> >>>> https://datatracker.ietf.org/doc/draft-ietf-httpbis-encrypti >>>> on-encoding/ >>>> >>>> [email protected] is the author, and I can try to provide a synopsis of >>>> the differences for those interested. >>>> >>> >> >
_______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
