Closed Bug 1227342 Opened 9 years ago Closed 4 years ago

Rotate Firefox Account private keys in Firefox for Android

Categories

(Firefox for Android Graveyard :: General, defect, P5)

Product:
Firefox for Android Graveyard
Component:
General
Type:
defect

Tracking

(firefox45 affected)

Status:
RESOLVED INCOMPLETE
Tracking Flags:
Tracking Status
firefox45 --- affected

People

(Reporter: nalexander, Unassigned)

References

Details

Attachments

(3 files)

MozReview Request: Bug 1227342 - Part 1: Remove accidentally duplicated FxADefaultLoginStateMachineDelegate.
(deleted), text/x-review-board-request
Details
MozReview Request: Bug 1227342 - Part 2: Maintain and serialize {keyPair,certificate}ExpiresAt.
(deleted), text/x-review-board-request
Details
MozReview Request: Bug 1227342 - DO NOT LAND - Part 3: Add isKeyPairExpired.
(deleted), text/x-review-board-request
Details
On iOS, we carefully rotate Firefox Account private keys every so often (each month, IIRC). See Cohabiting{Before,After}KeyPair around https://github.com/mozilla/firefox-ios/blob/b5c59377af0f8b00e204a5e10680daf6e24fa91c/Account/FxALoginStateMachine.swift#L74 and isKeyPairExpired around https://github.com/mozilla/firefox-ios/blob/b5c59377af0f8b00e204a5e10680daf6e24fa91c/Account/FxALoginStateMachine.swift#L62. On Android, we don't do so. This ticket tracks splitting our Cohabiting state into two Cohabiting{Before,After}KeyPair states, and doing the work to get the login state machine checking for expired keypairs.
This isn't correct; the test in TestFxAccountLoginStateMachine shows the issue: we expire, but then return to the same state, which the state machine sees as a cycle and knows not to proceed through. Not sure how this is addressed on iOS (damn fuzzy memory!). Probably not hard to address, but I don't have cycles for it now. Review commit: https://reviewboard.mozilla.org/r/33523/diff/#index_header See other reviews: https://reviewboard.mozilla.org/r/33523/
Please help me understand the implications of this bug: does it mean that in the current state, Android uses a single long-lived keypair for generating identity assertions to auth to tokenserver, periodically refreshing a certificate for that some keypair from the FxA auth server?
(In reply to Ryan Kelly [:rfkelly] from comment #4) > Please help me understand the implications of this bug: does it mean that in > the current state, Android uses a single long-lived keypair for generating > identity assertions to auth to tokenserver, periodically refreshing a > certificate for that some keypair from the FxA auth server? Correct. Android uses a single long-lived keypair for generating identity assertions to auth to the tokenserver.
Thanks Nick. I guess the risks here are somewhat mitigated by the fact that this keypair is useless without a corresponding identify certificate from the FxA server, and those expire relatively aggressively. It still seems like something we should do for completeness though.
Re-triaging per https://bugzilla.mozilla.org/show_bug.cgi?id=1473195 Needinfo :susheel if you think this bug should be re-triaged.
Priority: -- → P5
We have completed our launch of our new Firefox on Android. The development of the new versions use GitHub for issue tracking. If the bug report still reproduces in a current version of [Firefox on Android nightly](https://play.google.com/store/apps/details?id=org.mozilla.fenix) an issue can be reported at the [Fenix GitHub project](https://github.com/mozilla-mobile/fenix/). If you want to discuss your report please use [Mozilla's chat](https://wiki.mozilla.org/Matrix#Connect_to_Matrix) server https://chat.mozilla.org and join the [#fenix](https://chat.mozilla.org/#/room/#fenix:mozilla.org) channel.
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INCOMPLETE
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: