Re: Getting x-keyid

2021-02-15 Thread Ryan Kelly 
On Tue, 16 Feb 2021 at 06:55, Albert Sukaev  wrote:

>
> P.S. I didn’t understand if I should reply both you and sync-dev or only
> you and I firstly sent a message only to you(I think you haven’t received
> it and that’s why I’m duplicating the message here)
>

Hi Albert, sorry for the delay replying here, I did receive your other
emails but I just haven't had a chance to respond.

I did actually respond to them just now via private reply without really
thinking about it, but I'll take the opportunity to repeat the responses on
the mailing list here, because they will wind up in a searchable archive
which might help some other folks in future. Thanks for the reminder to
consider the public list :-)


> And I have some new questions:
>
> 1)If I'm not mistaken the POST request to /account/device is not
>
> necessary for the sync operation.
>

Correct.


> But in the Fiddler I saw that some
>
> crypto values are included in this request. Can you also explain me
>
> how the next values are generated: pushpublickey, pushauthkey,
>
> pushcallback and kid, IV, hmac, ciphertext values from the
>
> "availableCommands":{"https://identity.mozilla.com/cmd/open-uri
> ":"{\"kid\":\"\",\"IV\":\"...\",\"hmac\":\"...\",\"ciphertext\":\"...\"}"}}
>
> )? I can’t find where they are generated in the source code.
>

These are to do with the "send-tab" feature, which is separate from the
rest of Firefox Sync. There's a bit of documentation available here:


https://github.com/mozilla/fxa/blob/main/packages/fxa-auth-server/docs/device_registration.md

But for the details of how the values are generated your best be is
probably looking in the source-code for send-tab, which on Desktop starts
here:


https://searchfox.org/mozilla-central/rev/b32d4ca055ca9cf717be480df640f8970724a0ce/services/fxaccounts/FxAccountsCommands.js


> 2) In the article
> https://mozilla-services.readthedocs.io/en/latest/sync/storageformat5.html
>
> I see that for the encryption of sync data only the value of kB is
>
> needed. But the GET request to
>
> https://token.services.mozilla.com/1.0/sync/1.5 returns me some extra
>
> data: 'hashed_fxa_uid', 'key', 'id'. I think 'key' and 'id' are used
>
> for the Hawk authentication
>


Right, they're the credentials used to authenticate requests to the Sync
storage server.



> but what about 'hashed_fxa_uid'?
>


This value is used for metrics purposes, it's included in the sync
telemetry ping as a lightly-anonymized user identifier. The sync telemetry
ping is documented here:


https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/data/sync-ping.html

And the "hashed_fxa_uid" value ends up as the "uid" field in this telemetry
ping.

   Cheers,

 Ryan
___
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev

Re: Getting x-keyid

2021-02-15 Thread Albert Sukaev 
Hello Ryan!


Thank you for your response, this link from github helped me to get

the correct keyid.



> As an aside, I'm curious to hear more about what you're working on that
relates the accessing data in Firefox Sync, if you'd be willing to share.

I'm studying cryptography and i'm interested in studying how modern

companies use it in their products.


And I have some new questions:

1)If I'm not mistaken the POST request to /account/device is not

necessary for the sync operation. But in the Fiddler I saw that some

crypto values are included in this request. Can you also explain me

how the next values are generated: pushpublickey, pushauthkey,

pushcallback and kid, IV, hmac, ciphertext values from the

"availableCommands":{"https://identity.mozilla.com/cmd/open-uri
":"{\"kid\":\"\",\"IV\":\"...\",\"hmac\":\"...\",\"ciphertext\":\"...\"}"}}

)? I can’t find where they are generated in the source code.


2) In the article
https://mozilla-services.readthedocs.io/en/latest/sync/storageformat5.html

I see that for the encryption of sync data only the value of kB is

needed. But the GET request to

https://token.services.mozilla.com/1.0/sync/1.5 returns me some extra

data: 'hashed_fxa_uid', 'key', 'id'. I think 'key' and 'id' are used

for the Hawk authentication but what about 'hashed_fxa_uid'?


Best wishes,

Albert


P.S. I didn’t understand if I should reply both you and sync-dev or only
you and I firstly sent a message only to you(I think you haven’t received
it and that’s why I’m duplicating the message here)
___
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev

Re: Getting x-keyid

2021-02-08 Thread Ryan Kelly 
Hi Albert,

On Tue, 9 Feb 2021 at 07:36, Albert Sukaev  wrote:

> I'm studying the auth/sync flow


As an aside, I'm curious to hear more about what you're working on that
relates the accessing data in Firefox Sync, if you'd be willing to share.


> and I have a problem with getting
> correct x-keyid value to make a GET request to
> https://token.services.mozilla.com/1.0/sync/1.5.
> During the authentication flow via api.accounts.firefox.com I got kB,
> keyRotationSecret(b'0x00'*32), keyRotationTimestamp,
> identifier(b"https://identity.mozilla.com/apps/oldsync";) and user uid
> (from https://api.accounts.firefox.com/v1/account/login?keys=true).
> Then I'm trying to get the kid:
> tmp = derive_key(kB + keyRotationSecret,
> b"identity.mozilla.com/picl/v1/scoped_key\n
> " + identifier, 48,
> unhexlify(uid))
> kid = str(keyRotationTimestamp) + '-' +
> base64.urlsafe_b64encode(tmp[:16]).decode('utf-8').rstrip("=")
>

For legacy backwards-compatibility reasons, the key-derivation for sync is
different than the derivation for general FxA scoped keys. The simplest way
to explain the differences is probably to link to the code we have here,
which does the derivation:


https://github.com/mozilla/fxa-crypto-relier/blob/168f4a6c47de9021a0d9ae23a3e6757013a38dbd/src/deriver/ScopedKeys.js#L107

Hopefully this helps, but please do reply here if you have further
questions and I'll do my best to get them answered.

  Cheers,

Ryan
___
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev

Getting x-keyid

2021-02-08 Thread Albert Sukaev 
Hello!

I'm studying the auth/sync flow and I have a problem with getting
correct x-keyid value to make a GET request to
https://token.services.mozilla.com/1.0/sync/1.5.
During the authentication flow via api.accounts.firefox.com I got kB,
keyRotationSecret(b'0x00'*32), keyRotationTimestamp,
identifier(b"https://identity.mozilla.com/apps/oldsync";) and user uid
(from https://api.accounts.firefox.com/v1/account/login?keys=true).
Then I'm trying to get the kid:
tmp = derive_key(kB + keyRotationSecret,
b"identity.mozilla.com/picl/v1/scoped_key\n" + identifier, 48,
unhexlify(uid))
kid = str(keyRotationTimestamp) + '-' +
base64.urlsafe_b64encode(tmp[:16]).decode('utf-8').rstrip("=")

where derive_key is the following function:
def derive_key(secret, info, size, salt):
kdf = HKDF(
algorithm=hashes.SHA256(),
length=size,
salt=salt,
info=info
)
return kdf.derive(secret)

So, i'm getting a value of kid but a GET-request to
https://token.services.mozilla.com/1.0/sync/1.5 gives me an error
message for wrong x-keyid. I also looked at the traffic in the Fiddler
and the x-keyid of the original flow (from the browser with the same
credentials) differs from the kid I had generated. I also had a look
at the source code of Firefox 85.0 (FXAccountsKeys.jsm) and noticed
that the first part of kid there (before the first '-') has the length
10 and in the original traffic from the Firefox i see in the Fiddler
that the first part has the length 13.

Can you explain me what's wrong with my kid generation? And how many
characters should be before the first '-' symbol in the kid?
___
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev