BerrySync - Fifefox sync crypto, a step closer

BerrySync
To make a BerrySync compatible with FireFox Sync we need understand how sync connects to its servers. There are two challenges for me so far. First I opted to emulate sync's encryption steps  on the BlackBerry in Java, next I need to make a make a custom sync server and start talking to it before I start talking to the real thing.


FireFox Sync Crypto
So in order to even make sense of the data I'm getting back from the Sync Server I need to know what to do with it! I'm going to break down how I've understand Sync is expecting this to be handled.

• When you sign up Sync makes a RSA 2048 bit key pair, that's whats used to encrypt during travel, I've been doing my reading here.
• Decrypting
1. Decrypt Weave Object with your private key
2. Decode Base64 Weave payload to binary
3. Decrypt payload binary with AES 256 bit key and 16 bit Initialization Vector, these are found in the Weave object
4. Profit from here

Normally you would use Sync's client JavaScript to take care of this, however I attempted to port this to Java on the BlackBerry. Check out my encryption equivalent attempt of steps 2 and 3 here.Thankfully these algorithms are standardized and RIM's crypto library has had exactly what I've needed to far. I still need to confirm how BerrySync is going to handle the RSA keypair.


FireFox Sync Server
I'm at the point where I should start looking for my own custom firefox sync server, Seneca may have one. I was also going to set up one on my laptop this weekend using these:

• http://tobyelliott.wordpress.com/2009/09/11/weave-minimal-server/
• http://annasob.wordpress.com/2011/02/07/sync-server/

So basically my goal for next Friday is to have access to a custom FireFox Sync Server and to iron out how BerrySync is going to handle the RSA key pairs. I want to be able to talk to a production Firefox server during the coming week!

hello cdot! - BerrySync

My first week at CDOT, Seneca's Center for Developing Open Technology is coming to a close and there have been some wicked developments.

The Atmosphere
I'm really enjoying working here as a summer student. The orientation was welcoming, bundling in breakfast and lunch. That day all of the summer researchers were gathered together and given the history of CDOT as well as their expectations for the summer.

Respective project heads gave brief speeches about what their teams would be working on this summer, my project in particular ill mention farther down.

Every morning teams meet up for scrums where you briefly talk about what you didn't yesterday and your goals for today. I'm really enjoying these, it helps everyone keep in touch with the cool projects going on here and it also allows people to offer advice before it even hits IRC.

Speaking of IRC, we are all expected to be there. The name of the game is, be involved. Your knowledge can help people and the knowledge of your community is at your figure tips.

My Project
Creatively named BerrySync the short description is that, we aim to develop a enterprise product roughly equivalent to Firefox Home for the iPhone, except for the BlackBerry.We aren't promising a copy of the feature set nor are we limiting ourselves to Home's feature set, Home is a guideline. Similarly were investigating the interaction of FireFox Sync for integration and perhaps in the near future customization.

So this first week, I've been setting up my environment and figuring out what I need research in depth. I just got my computer and my dual boot is installing as we speak. I'll post again with updates on my current task / demo / I'm a learner by doing.