To make a BerrySync compatible with FireFox Sync we need understand how sync connects to its servers. There are two challenges for me so far. First I opted to emulate sync's encryption steps on the BlackBerry in Java, next I need to make a make a custom sync server and start talking to it before I start talking to the real thing.
FireFox Sync Crypto
So in order to even make sense of the data I'm getting back from the Sync Server I need to know what to do with it! I'm going to break down how I've understand Sync is expecting this to be handled.
- When you sign up Sync makes a RSA 2048 bit key pair, that's whats used to encrypt during travel, I've been doing my reading here.
- Decrypt Weave Object with your private key
- Decode Base64 Weave payload to binary
- Decrypt payload binary with AES 256 bit key and 16 bit Initialization Vector, these are found in the Weave object
- Profit from here
FireFox Sync Server
I'm at the point where I should start looking for my own custom firefox sync server, Seneca may have one. I was also going to set up one on my laptop this weekend using these:
So basically my goal for next Friday is to have access to a custom FireFox Sync Server and to iron out how BerrySync is going to handle the RSA key pairs. I want to be able to talk to a production Firefox server during the coming week!