[aerogear-dev] Question around encryption for iOS push certificate passphrase

Matthias Wessendorf matzew at apache.org
Wed Feb 5 14:47:23 EST 2014 

On Wed, Feb 5, 2014 at 8:00 PM, Bruno Oliveira <bruno at abstractj.org> wrote:

> There is no magic, the password must exist in some place. If not possible
> require the password, is possible to follow the same approach provided for
> password reset functionality.
>
> If you want to stick to the KeyStore, you still need to provide the
> password in some place, but that's more suitable when you have a key
> exchange or something like this.
>
> So if you patiently read my the code proposed, you will realize that is
> possible to achieve it via property file, database or whatever:
>
> @Test
>     public void testPasswordValidationWithRandomSaltProvided() throws
> Exception {
>         Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2();
>         byte[] salt = new Random().randomBytes();
>         byte[] IV = new Random().randomBytes();
>         int iterations = 100000;
>
>         read.secretFile("secret.properties");
>         String PASSWORD = read.load("password_to_my_superpassphrase");
>


yeah, but that is really per variant, not global. So we would need a lot of
these secret file :-)



So, the passphrase is upload to the server (for all iOS variants), w/ this
HTTP request:

http://aerogear.org/docs/specs/aerogear-push-rest/Variants/iOS/


Somewhen later a totally different system submits a HTTP request to trigger
the PUSH message delivery:
http://aerogear.org/docs/specs/aerogear-push-rest/Sender/

And internally, only for iOS variant, all it needs is the certificate (from
the apple developer portal) + its passphrase

Perhaps I am wrong, but I feel that if (for iOS variants) we start to
require "password_to_my_superpassphrase" on the request for creating the
logical construct of the variant,
and use the same for the Sender, we would have that magical password, but I
fear that this opens a new can of worms.



>
>         //Encrypt step
>         SecretKey secretKey = pbkdf2.generateSecretKey(PASSWORD, salt,
> iterations);
>         CryptoBox box1 = new CryptoBox(secretKey.getEncoded());
>         String passphrase = "My bonnie lies over the ocean";
>         byte[] ciphertext = box1.encrypt(IV, passphrase.getBytes());
>
>         //Decrypt step
>         SecretKey recoveredKey = pbkdf2.generateSecretKey(PASSWORD, salt,
> iterations);
> }
>
> If it's not clear, let me know where should I introduce this functionality
> rather than a pet project and I can do that.
>


The AGPUSH-358 ticket is still yours :-) I just felt looking at it, while
reading up on our crypto bits.



>
> --
> abstractj
>
> On February 5, 2014 at 4:47:04 PM, Matthias Wessendorf (matzew at apache.org)
> wrote:
> > > as said in the comments, I don't have that PASSWORD here
> >
> >
> > That is only submitted when the user creates a new iOS variant,
> > it's never entered when the server tries to connect to the APNs
>
>


-- 
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20140205/cce32c16/attachment.html

More information about the aerogear-dev mailing list