[FlyWeb] Stable naming implementation

UNCONFIRMED
Unassigned

Status

()

Core
DOM: Flyweb
UNCONFIRMED
4 months ago
4 months ago

People

(Reporter: ron.waisberg, Unassigned)

Tracking

(Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(6 attachments)

561 bytes, application/x-shellscript
Details
2.97 KB, application/javascript
Details
13.51 KB, patch
ron.waisberg
: review?
djvj
Details | Diff | Splinter Review
306 bytes, text/plain
Details
294 bytes, application/x-x509-ca-cert
Details
1.66 KB, application/x-x509-ca-cert
Details
(Reporter)

Description

4 months ago
Created attachment 8853852 [details]
generate_signature.sh

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Steps to reproduce:

Bug for tracking implementation of stable naming for FlyWeb services.
(Reporter)

Comment 1

4 months ago
Created attachment 8853853 [details]
server.js
(Reporter)

Comment 2

4 months ago
Comment on attachment 8853852 [details]
generate_signature.sh

Generates RSA-SHA256 signature that is ASN.1 encoded in the format nsDataSignatureVerifier::VerifyData expects it
(Reporter)

Comment 3

4 months ago
Comment on attachment 8853853 [details]
server.js

Example service implementing authentication flow
Attachment #8853853 - Attachment description: Example service implementing authentication flow → server.js
(Reporter)

Comment 4

4 months ago
Created attachment 8853854 [details] [diff] [review]
stable_naming.patch

Initial implementation of stable naming authentication flow in Gecko.

TODO:
- Refactor and split up AuthenticateService()
- Further testing of error cases
- Sanitize mDisplayName
- Figure out why appending ";flyweb.local" also prepends "www." to the spec
- More flexible signature validation
Attachment #8853854 - Flags: review?(kvijayan)
(Reporter)

Comment 5

4 months ago
Created attachment 8853855 [details]
package.json
(Reporter)

Comment 6

4 months ago
Created attachment 8853856 [details]
public_key.der
(Reporter)

Comment 7

4 months ago
Created attachment 8853857 [details]
private_key.pem

Key pair generated for testing
(Reporter)

Updated

4 months ago
Component: General → DOM: Flyweb
(Reporter)

Comment 8

4 months ago
Comment on attachment 8853852 [details]
generate_signature.sh

Note - nsDataSignatureVerifier::VerifyData expects the signature to be ASN.1 encoded in this format: https://dxr.mozilla.org/mozilla-central/source/security/manager/ssl/nsDataSignatureVerifier.cpp#30

Currently this script only generates and encodes an RSA-SHA256 signature properly. While it can be easily expanded to other algorithms, it's quite limiting to force a custom ASN.1 structure on the end user.
(Reporter)

Updated

4 months ago
Blocks: 1228662
You need to log in before you can comment on or make changes to this bug.