Sorry that I couldn't send this earlier. Here's a quick python script that will let you make test vectors based on the client subscription data:
https://github.com/jrconlin/pusher Hopefully, it's fairly self-explanatory, but let me know if you have any problems or questions. On Fri, Feb 3, 2017 at 10:34 AM, JR Conlin <[email protected]> wrote: > Keys tend to be specific to given hosts. (e.g. a host generates a > public/private key pair, but only the public key is shared.) > > There are the firefox client tests at: > http://searchfox.org/mozilla-central/rev/b1aadb3572eaf7d2c70 > e19a2ba5413809d9ac698/dom/push/test/xpcshell/test_notification_data.js > and > http://searchfox.org/mozilla-central/rev/b1aadb3572eaf7d2c70 > e19a2ba5413809d9ac698/dom/push/test/xpcshell/test_crypto.js > > These also include a much older "aesgcm128" * draft as well. It's safe to > ignore that since it's deprecated. > > Give me a little bit and I'll put together a very simple python script > that will let folks save the subscription endpoint JSON data to a file, and > generate testable data blocks. > > --- > * why yes, there are three, very confusing draft names. Each of these > relates to the "Content-Type" that is passed along as a header value. > > aesgcm128: The oldest form. Deprecated (DRAFT 00) > aesgcm: The currently supported form (DRAFT 03) > aes128gcm: The newest form that will soon be supported (DRAFT 06) > > On Fri, Feb 3, 2017 at 9:43 AM, Stefan Arentz <[email protected]> wrote: > >> Do we have test vectors that James can use? >> >> S. >> >> >> On Fri, Feb 3, 2017 at 12:35 PM, Stefan Arentz <[email protected]> >> wrote: >> >>> We link against OpenSSL on iOS. Not the most recent version, but we can >>> fix that. Does that help? >>> >>> We should not try to implement this from scratch, we should at least use >>> the proper crypto primitives in an established library. There is not a lot >>> of choice on iOS, so I hope OpenSSL can help out here. >>> >>> S. >>> >>> >>> On Fri, Feb 3, 2017 at 12:12 PM, <[email protected]> wrote: >>> >>>> Thanks, JR, Kit. >>>> >>>> So summarizing: >>>> >>>> 1. We have to use encryption for any messages with content >>>> 2. FxA messages all have content. >>>> 3. iOS doesn't use Gecko >>>> 4. At least one crypto standard needs to be implemented for iOS. >>>> >>>> The hard dependency on not yet implemented encryption makes this a >>>> bigger job that we've been expecting. >>>> >>>> I'll definitely have more questions next week when I have enough clues >>>> to not make a fool of myself :) >>>> >>>> >>>> >>>> On Thursday, February 2, 2017 at 6:26:40 PM UTC, JR Conlin wrote: >>>>> >>>>> >>>>> On Thu, Feb 2, 2017 at 10:12 AM, Kit Cambridge <[email protected]> >>>>> wrote: >>>>> >>>>>> Unfortunately, Firefox for iOS can't use Gecko. :-( It'll need to >>>>>> reimplement decryption (http://searchfox.org/mozilla- >>>>>> central/source/dom/push/PushCrypto.jsm) in Swift. Edouard, didn't >>>>>> you start looking into this last summer? >>>>>> >>>>> >>>>> >>>>> Hrm, then it's even more important to note that there are multiple >>>>> HTTP ECE drafts that may need to be supported, ("aesgcm" (aka "DRAFT04") >>>>> and "aes128gcm" (aka "DRAFT06")) DRAFT06 is recent, so not as critical to >>>>> support yet, but does change things around quite a bit. >>>>> >>>>> https://datatracker.ietf.org/doc/draft-ietf-httpbis-encrypti >>>>> on-encoding/ >>>>> >>>>> [email protected] is the author, and I can try to provide a synopsis of >>>>> the differences for those interested. >>>>> >>>> >>> >> >
_______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
