Wrong HMAC generated from iPhone client

RESOLVED FIXED

Status

RESOLVED FIXED
9 years ago
8 years ago

People

(Reporter: Mardak, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

9 years ago
I wrote a simple objective c to see what's going on with the iphone client.

On Firefox the expected HMAC is:

Components.utils.import("resource://weave/util.js"); prompt('',Utils.sha256HMAC("hello", Svc.KeyFactory.keyFromString(Components.interfaces.nsIKeyObject.HMAC, "world")))

3cfa76ef14937c1c0ea519f8fc057a80fcd04a7420f8e8bcd0a7567c272e007b

My objective c code is:

#import <stdio.h>
#import <CommonCrypto/CommonHMAC.h>

int main() {
  unsigned char cHMAC[CC_SHA256_DIGEST_LENGTH];
  CCHmac(kCCHmacAlgSHA256, "world", 5, "hello", 5, cHMAC);
  int i;
  for (i = 0; i <= 32; i++)
    printf("%02x", cHMAC[i]);
  printf("\n");
  return 0;
}

3cfa76ef14937c1c0ea519f8fc057a80fcd04a7420f8e8bcd0a7567c272e007b

So this seems to be doing the "right thing" except that it's kinda reverse of what I would have expected. I'm printing out from cHMAC[0] first to get the most-significant bit of the Firefox version.
(Reporter)

Comment 1

9 years ago
Is there another version of the code somewhere Dan?

The current one checked in is doing..

NSData* HMAC = [self generateHmacSha256FromBytes:[ciphertext base64Encoding] andKey:[theKey base64Encoding]];
[payload setObject:[HMAC base16Encoding] forKey:@"hmac"];

It needs to pass in the data is the ciphertext value not additionally base64 encoded. The key is the decrypted base64 encoding of the symmetric key.

Comment 2

9 years ago
I was running the hmac over the b64 data and using the the binary key.  it turns out both need to be in b64 format to match what the firefox sync client is doing
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED

Comment 4

8 years ago
how does one verify this fix in the client?  please list how to test.

Comment 5

8 years ago
Moving FFHome-related bugs to new component -> Firefox Home
Component: Experimental Clients → Firefox Home
QA Contact: experimental.clients → firefox-home
You need to log in before you can comment on or make changes to this bug.