Skip to content

Commit

Permalink
Make
Browse files Browse the repository at this point in the history
  • Loading branch information
Max Yakimakha committed May 13, 2019
1 parent 9c13420 commit dd949fc
Showing 1 changed file with 36 additions and 14 deletions.
50 changes: 36 additions & 14 deletions index.html
View file
Expand Up @@ -1212,9 +1212,9 @@
}
}
</style>
<meta content="Bikeshed version 10ff3eb4050069e20bb9b943c8b76fe5bfe3a48f" name="generator">
<meta content="Bikeshed version ee4d7efc3ed6155392d49e10a542e2351fd5792d" name="generator">
<link href="https://webscreens.github.io/openscreenprotocol/" rel="canonical">
<meta content="93fe1e6b5ad8afba95b674b385c80aa2996252a5" name="document-revision">
<meta content="9c13420b0295475cf19c9c67f575a16c6b6e0fd2" name="document-revision">
<style>
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #999988; font-style: italic } /* Comment */
Expand Down Expand Up @@ -1466,7 +1466,7 @@
<div class="head">
<p data-fill-with="logo"></p>
<h1 class="p-name no-ref" id="title">Open Screen Protocol</h1>
<h2 class="no-num no-toc no-ref heading settled" id="subtitle"><span class="content">Editor’s Draft, <time class="dt-updated" datetime="2019-05-10">10 May 2019</time></span></h2>
<h2 class="no-num no-toc no-ref heading settled" id="subtitle"><span class="content">Editor’s Draft, <time class="dt-updated" datetime="2019-05-13">13 May 2019</time></span></h2>
<div data-fill-with="spec-metadata">
<dl>
<dt>This version:
Expand Down Expand Up @@ -1855,6 +1855,22 @@ <h2 class="heading settled" data-level="5" id="messages"><span class="secno">5.
request they are associated with.</p>
<p class="issue" id="issue-7a02cf11"><a class="self-link" href="#issue-7a02cf11"></a> Clarify scoping/uniqueness of request IDs. <a href="https://github.com/webscreens/openscreenprotocol/issues/139">&lt;https://github.com/webscreens/openscreenprotocol/issues/139></a></p>
<h2 class="heading settled" data-level="6" id="authentication"><span class="secno">6. </span><span class="content">Authentication</span><a class="self-link" href="#authentication"></a></h2>
<p>Each supported authentication method is implemeted via authentication messages
specific to that method. Authentication method is explicitly specified by
the message itself. Authentication status message is common for all authentication
methods. Any new authentication method added must define new authentication messages.
Default authentication method is a challenge-response authentication with
auth-request-hkdf-scrypt-psk and auth-response-hkdf-scrypt-psk-result.</p>
<p>Prior to authentication, agents exchange auth-capabilities messages specifying
pre-shared key ease of input for the user and supported PSK input methods.
The agent with the lowest PSK ease of input presents PSK to the user when the agent
either sends or receives an authentication request. In case both agents have the same
PSK ease of input value, the receiver presents PSK to the user. The same pre-shared key
is used by both agents to issue an authentication request.</p>
<p>PSK ease of input is an integer in [0, 100] range, where 0 means it is not possible for
the user to input PSK on this device and 100 means that it’s easy for the user to
input PSK on the device. Supported PSK input methods are numeric, alphanumeric and
scanning a QR-code.</p>
<p>In order for one agent (the challenger) to authenticate another (the responder),
the challenger may send an authentication-request message and expect an
authentication-response message to be sent back from the responder. To
Expand Down Expand Up @@ -1918,18 +1934,17 @@ <h2 class="heading settled" data-level="6" id="authentication"><span class="secn
<li data-md>
<p>Let salt be the salt from the authentication-request message.</p>
<li data-md>
<p>Let info be a CBOR-serialized certificate-fingerprint-pair object (CDDL
defined in Appendix A) with the following values:</p>
<p>Let info be a 64 byte array containing certificate fingerprint pair with the following values:</p>
</ol>
<ul>
<li data-md>
<p>challenger-fingerprint: The result of running sha-256 on the
Distinguished Encoding Rules (DER) form (see
<p>Bytes 0-31 of the array are challenger fingerprint: The result of running
sha-256 on the Distinguished Encoding Rules (DER) form (see
https://tools.ietf.org/html/rfc8122#section-5) of the certificate used by
the challenger in the QUIC crypto handshake during connection establishment.</p>
<li data-md>
<p>responder-fingerprint: The result of running sha-256 on the
Distinguished Encoding Rules (DER) form (see
<p>Bytes 32-63 of the array are responder fingerprint: The result of running
sha-256 on the Distinguished Encoding Rules (DER) form (see
https://tools.ietf.org/html/rfc8122#section-5) of the certificate used by
the responder in the QUIC crypto handshake during connection establishment.</p>
</ul>
Expand Down Expand Up @@ -2892,11 +2907,6 @@ <h2 class="heading settled" id="appendix-a"><span class="content">Appendix A: Me
<span class="nx">cost-too-high</span><span class="p">:</span> <span class="mi">6</span>
<span class="p">)</span></p>

<p><span class="nx">certificate-fingerprint-pair </span><span class="p">=</span> <span class="p">[</span>
<span class="nx">challenger-fingerprint</span><span class="p">:</span> <span class="nx">bytes</span>
<span class="nx"> responder-fingerprint</span><span class="p">:</span> <span class="nx">bytes</span>
<span class="p">]</span></p>

<p><span class="c1">; type key 1003</span>
<span class="nx">auth-status </span><span class="p">=</span> <span class="p">{</span>
<span class="mi">1</span> <span class="p">:</span> <span class="nx">auth-status-result </span><span class="c1">; result</span>
Expand All @@ -2911,6 +2921,18 @@ <h2 class="heading settled" id="appendix-a"><span class="content">Appendix A: Me
<span class="nx">proof-invalid</span><span class="p">:</span> <span class="mi">5</span>
<span class="p">)</span></p>

<p><span class="c1">; type key 1004</span>
<span class="nx">auth-capabilities </span><span class="p">=</span> <span class="p">{</span>
<span class="mi">0</span><span class="p">:</span> <span class="kt">uint</span> <span class="c1">; psk-ease-of-input</span>
<span class="mi">1</span><span class="p">:</span> <span class="p">[</span><span class="o">*</span> <span class="nx">psk-input-method</span><span class="p">]</span> <span class="c1">; psk-input-methods</span>
<span class="p">}</span></p>

<p><span class="nx">psk-input-method </span><span class="p">=</span> <span class="o">&amp;</span><span class="p">(</span>
<span class="nx">numeric</span><span class="p">:</span> <span class="mi">0</span>
<span class="nx">alphanumeric</span><span class="p">:</span> <span class="mi">1</span>
<span class="nx">qr-code</span><span class="p">:</span> <span class="mi">2</span>
<span class="p">)</span></p>

<p><span class="c1">; type key 14</span>
<span class="nx">presentation-url-availability-request </span><span class="p">=</span> <span class="p">{</span>
<span class="nx">request</span>
Expand Down

0 comments on commit dd949fc

Please sign in to comment.