Closed Bug 981827 Opened 7 years ago Closed 7 years ago
Make Android and Desktop Fx
Accounts client use same key parameters
At the moment, Android uses 1024-bit RSA keys (the RS128 JWT algorithm): http://mxr.mozilla.org/mozilla-central/source/mobile/android/base/fxa/sync/FxAccountSyncAdapter.java#481 Desktop uses 1024-bit DSA keys (the DS128/DS160 JWT algorithm): http://mxr.mozilla.org/mozilla-central/source/services/fxaccounts/FxAccounts.jsm#162 Note that RS128 fails on (some?) Android 2.2 devices (Bug 975625) so we should move Android to using DS160 ASAP. I'll try to do some preliminary signature timings to understand what, if any, perf impact this change has.
This is working well for me locally. I'll push a try build so that we can tests on a 2.2 device.
Attachment #8393251 - Flags: review?(rnewman)
Status: NEW → ASSIGNED
edwong: this ticket tracks one way we might address Bug 975625, the issue tracking Android Sync generating bad signatures on (some?) 2.2 devices. Could you kindly do the following on the 2.2 device you were seeing failures on: 1) Install a recent 31 Nightly on the device. 2) Configure an FxAccount. 3) Verify (via logs) that the device is still failing, with "invalid-signature" error messages from the token server. 4) Install the try build 31 Nightly from  (on top of the 31 Nightly from step 1). This should use the same FxAccount you created above. 5) Verify (via logs and a smoketest) that the device is no longer failing. You should see a log message saying "Migrating V1 persisted State to V2...", if you are capturing the very first sync after upgrade. Otherwise, you should just see success.  https://email@example.com/try-android-armv6/fennec-31.0a1.en-US.android-arm-armv6.apk If your device is 2.2 but not armv6, then try https://firstname.lastname@example.org/try-android/fennec-31.0a1.en-US.android-arm.apk
edwong: further, could you smoke test the non-armv6 try build on a recent device, to make sure we haven't regressed the other 98% of our users running modern Android devices: https://email@example.com/try-android/fennec-31.0a1.en-US.android-arm.apk I have tested this on a Samsung Transformer Prime, and on a Samsung Galaxy S4.
Comment on attachment 8393251 [details] [review] github PR Looks good, but correct the bug number!
Attachment #8393251 - Flags: review?(rnewman) → review+
I'm swamped, load balancing to Karl
Flags: needinfo?(edwong) → needinfo?(kthiessen)
AaronMT: do you have a 2.2 device? Can you add this ticket (specifically, the steps in https://bugzilla.mozilla.org/show_bug.cgi?id=981827#c4) to your list of things to test? If not, can you set flags and route appropriately? Thanks!
(In reply to Nick Alexander :nalexander from comment #4) HTC Legend (hardly such) (ARMv6, Android 2.2) > 1) Install a recent 31 Nightly on the device. Nightly (03/26) > 2) Configure an FxAccount. > 3) Verify (via logs) that the device is still failing, with > "invalid-signature" error messages from the token server. Confirmed. > You should see a log message saying "Migrating V1 persisted State to V2...", > if you are capturing the very first sync after upgrade. Otherwise, you > should just see success. Confirmed: * I/FxAccounts( 1065): fennec :: StateFactory :: Migrating V1 persisted State to V2; stateLabel: Cohabiting .... and there we have it, Sync working on this 2.2 device now
After a bit of user error in fiddling about this morning, I can belatedly confirm that this works for me on the Samsung Galaxy running Android 2.2 that Edwin lent me for the purpose.
QA to the rescue! Thanks, AaronMT; thanks, kthiessen.
[Approval Request Comment] Bug caused by (feature/regressing bug #): initial FxA landing. User impact if declined: FxAccounts + Sync will not work on Android 2.2 devices. (Bug 975625). Testing completed (on m-c, etc.): just landed on m-c. We'll want to bake there for a few days before uplifting to Aurora and Beta. Try builds have been QA tested on a range of devices. Risk to taking this patch (and alternatives if risky): this is the punchline to Bug 988437 (discussed also in Bug 993673). The patch does carry some risk, but it's not adding much more than we've already landed by uplifting Bug 988437 all the way to Beta. And any risk here should be discovered on Nightly quickly. String or IDL/UUID changes made by this patch: none.
This will have to land in beta 8 (gtb: next Monday) maximum.
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 31
Comment on attachment 8404346 [details] [diff] [review] 0baee5959b90 Approving now. Sunday aurora will have this patch and beta8 next Tuesday.
Could someone try this out on Fx29b8 with the candidate builds that will be available tonight/tomorrow?
Component: Sync → Android Sync
Product: Firefox → Android Background Services
You need to log in before you can comment on or make changes to this bug.