Skip to content
This repository has been archived by the owner before Nov 9, 2022. It is now read-only.

Add PSK support to thaliWifiInfrastructure and thaliMobileNativeWrapper #664

11 of 14 tasks
yaronyg opened this issue Mar 23, 2016 · 1 comment
11 of 14 tasks


Copy link

yaronyg commented Mar 23, 2016

We need to enable the express servers hosted by thaliMobileNativeWrapper and thaliWifiInfrastructure to accept connections over HTTPS using PSK. Shawn has an example of how this is done over here but the basic idea is that when we call createServer we need to use https, not http and we need to pass in options next to our router. We should just need:

    ciphers : 'PSK-AES256-CBC-SHA',
   pskCallback : function (id) {
       debug('inside the callback for identity: %s', id);
       debug('identity %s', id);
       debug('key %s', JSON.stringify(pskey));
       if (id == identity) {
           debug('identity passed');
           return pskey;
       return null;

Where the id in the pskCallback is the identity value submitted by the client and the callback then returns either the pskey that is supposed to be used to validate that caller or null if the caller isn't to be validated at all. That id will be fed into the dictionary returned by thaliNotificationBeacons.generatePskSecrets. If there is a match then we will return the right key. Note, however, that in addition to the output of generatePskSecrets we also need to hard code in the pre-generated beacon secrets. But that is handled above us.

We don't want to put all this logic in either thaliMobileNativeWrapper or thaliWifiInfrastructure. Instead what we want to do is to require that both functions in their start methods take an argument like the addressBookCallback where they will call that submitted function when they get a PSK connection.

  • Add test to wifiInfrastructure that we try to connect with normal HTTP and we try to connect with HTTPS and make sure they all fail
  • Update desktop JXcore version to PSK release
  • Add pskCallbackDictionary argument to thaliMobileNativeWrapper
  • Change thaliMobileNativeWrapper to HTTPS and use pskCallback with pskCallbackDictionary
  • Update thaliMobileNativeWrapper tests to use PSK
  • Fix tests where we fail PSK connection and add tests where we try to connect with normal
  • testThaliMobileNativeWrapper there is a test 'will fail bad PSK connection between peers'
    TLS and not PSK
  • Add pskCallbackDictionary argument to thaliWifiInfrastructure
  • Change thaliWifiInfrastructure to HTTPS and use pskCallback with pskCallbackDictionary
  • Update thaliWifiInfrastructure tests to use PSK
  • Implement thaliNotificationBeacons.generatePskSecrets
  • Test thaliNotificationBeacons.generatePskSecrets
  • Test generateBeaconStreamAndSecrets
  • Define in thaliConfig the standard public key, PSK ID and PSK value for beacon requests
@yaronyg yaronyg self-assigned this Mar 23, 2016
@yaronyg yaronyg added this to the New Infra milestone Mar 23, 2016
@yaronyg yaronyg removed this from the New Infra milestone Apr 6, 2016
@yaronyg yaronyg removed their assignment Apr 6, 2016
Copy link
Member Author

yaronyg commented Jul 11, 2016

See also #723

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet

No branches or pull requests

4 participants