Pairing is working

Makefile

@@ -7,6 +7,7 @@ include common-c.mk
 include opus.mk
 include h264bitstream.mk
 include libgamestream.mk
+include ports.mk
 
 EXTRA_INC_PATHS := $(EXTRA_INC_PATHS) $(COMMON_C_INCLUDE) $(OPUS_INCLUDE) $(H264BS_INCLUDE) $(LIBGS_C_INCLUDE)
 

http.cpp

@@ -3,17 +3,17 @@
 #include "ppapi/cpp/var_array_buffer.h"
 
 #include <http.h>
-#include "libgamestream/errors.h" //fix-me
-
+#include <errors.h>
 #include <string.h>
 
 #include <mkcert.h>
 #include <openssl/bio.h>
 #include <openssl/pem.h>
 
-extern const char* gs_error;
-X509 *g_cert;
-EVP_PKEY *g_privateKey;
+X509 *g_Cert;
+EVP_PKEY *g_PrivateKey;
+char *g_UniqueId;
+char *g_CertHex;
 
 void MoonlightInstance::MakeCert(int32_t callbackId, pp::VarArray args)
 {
@@ -23,7 +23,7 @@ void MoonlightInstance::MakeCert(int32_t callbackId, pp::VarArray args)
     
     pp::VarDictionary retData;
     
-	CERT_KEY_PAIR certKeyPair = mkcert_generate();
+    CERT_KEY_PAIR certKeyPair = mkcert_generate();
     
     BIO* bio = BIO_new(BIO_s_mem());
     
@@ -55,19 +55,24 @@ void MoonlightInstance::LoadCert(const char* certStr, const char* keyStr)
     char* _certStr = strdup(certStr);
     char* _keyStr = strdup(keyStr);
     
-	BIO *bio = BIO_new_mem_buf(_certStr, -1);
-    if(!(g_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL))) {
+    BIO *bio = BIO_new_mem_buf(_certStr, -1);
+    if(!(g_Cert = PEM_read_bio_X509(bio, NULL, NULL, NULL))) {
         PostMessage(pp::Var("Error loading cert into memory"));
     }
-    BIO_reset(bio);
     BIO_free_all(bio);
     
     bio = BIO_new_mem_buf(_keyStr, -1);
-    if(PEM_read_bio_PrivateKey(bio, &g_privateKey, NULL, NULL) == NULL) {
+    if(PEM_read_bio_PrivateKey(bio, &g_PrivateKey, NULL, NULL) == NULL) {
         PostMessage(pp::Var("Error loading private key into memory"));
     }
     BIO_free_all(bio);
     
+    // Convert the PEM cert to hex
+    g_CertHex = (char*)malloc((strlen(certStr) * 2) + 1);
+    for (int i = 0; i < strlen(certStr); i++) {
+        sprintf(&g_CertHex[i * 2], "%02x", certStr[i]);
+    }
+    
     free(_certStr);
     free(_keyStr);
 }
@@ -76,8 +81,10 @@ void MoonlightInstance::NvHTTPInit(int32_t callbackId, pp::VarArray args)
 {
     std::string _cert = args.Get(0).AsString();
     std::string _key = args.Get(1).AsString();
+    std::string _uniqueId = args.Get(2).AsString();
     
     LoadCert(_cert.c_str(), _key.c_str());
+    g_UniqueId = strdup(_uniqueId.c_str());
     
     http_init();
     
@@ -91,25 +98,27 @@ void MoonlightInstance::NvHTTPInit(int32_t callbackId, pp::VarArray args)
 void MoonlightInstance::NvHTTPRequest(int32_t /*result*/, int32_t callbackId, std::string url)
 {
     char* _url = strdup(url.c_str());
-	PHTTP_DATA data = http_create_data();
+    PHTTP_DATA data = http_create_data();
+    int err;
     
-	if (data == NULL) {
-		pp::VarDictionary ret;
+    if (data == NULL) {
+        pp::VarDictionary ret;
         ret.Set("callbackId", pp::Var(callbackId));
         ret.Set("type", pp::Var("reject"));
         ret.Set("ret", pp::Var("Error when creating data buffer."));
         PostMessage(ret);
         goto clean_data;
-	}
-
-	if(http_request(_url , data) != GS_OK) {
-		pp::VarDictionary ret;
+    }
+    
+    err = http_request(_url , data);
+    if (err) {
+        pp::VarDictionary ret;
         ret.Set("callbackId", pp::Var(callbackId));
         ret.Set("type", pp::Var("reject"));
-        ret.Set("ret", pp::Var(gs_error));
+        ret.Set("ret", pp::Var(err));
         PostMessage(ret);
         goto clean_data;
-	}
+    }
     
     {
         pp::VarDictionary ret;
@@ -120,6 +129,6 @@ void MoonlightInstance::NvHTTPRequest(int32_t /*result*/, int32_t callbackId, st
     }
     
 clean_data:
-	http_free_data(data);
-	free(_url);
+    http_free_data(data);
+    free(_url);
 }

index.html

@@ -82,7 +82,6 @@
     </div>
     <script defer src="static/js/jquery-2.2.0.min.js"></script>
     <script defer src="static/js/material.min.js"></script>
-    <script defer src="static/js/crypto-js.js"></script>
     <script type="text/javascript" src="static/js/messages.js"></script>
     <script type="text/javascript" src="static/js/common.js"></script>
     <script type="text/javascript" src="static/js/index.js"></script>

libgamestream.mk

@@ -3,6 +3,7 @@ LIBGS_C_DIR := libgamestream
 LIBGS_C_SOURCE := \
 	$(LIBGS_C_DIR)/http.c \
     $(LIBGS_C_DIR)/mkcert.c \
+    $(LIBGS_C_DIR)/pairing.c \
 
 LIBGS_C_INCLUDE := \
     $(LIBGS_C_DIR) \

libgamestream/http.c

@@ -28,10 +28,9 @@
 #include <openssl/pem.h>
 
 static CURL *curl;
-const char* gs_error;
 
-extern X509 *g_cert;
-extern EVP_PKEY *g_privateKey;
+extern X509 *g_Cert;
+extern EVP_PKEY *g_PrivateKey;
 
 static size_t _write_curl(void *contents, size_t size, size_t nmemb, void *userp)
 {
@@ -52,14 +51,11 @@ static size_t _write_curl(void *contents, size_t size, size_t nmemb, void *userp
 static CURLcode sslctx_function(CURL * curl, void * sslctx, void * parm)
 {
     SSL_CTX* ctx = (SSL_CTX*)sslctx;
-    //X509_STORE* store = SSL_CTX_get_cert_store(ctx);
     
-    //X509_STORE_add_cert(store, cert);
-    
-    if(!SSL_CTX_use_certificate(ctx, g_cert))
+    if(!SSL_CTX_use_certificate(ctx, g_Cert))
         printf("SSL_CTX_use_certificate problem\n");
     
-    if(!SSL_CTX_use_PrivateKey(ctx, g_privateKey))
+    if(!SSL_CTX_use_PrivateKey(ctx, g_PrivateKey))
         printf("Use Key failed\n");
     
     return CURLE_OK;
@@ -96,11 +92,9 @@ int http_request(char* url, PHTTP_DATA data) {
     data->size = 0;
   }
 
-  //return GS_FAILED;
   CURLcode res = curl_easy_perform(curl);
   
   if(res != CURLE_OK) {
-    gs_error = curl_easy_strerror(res);
     return GS_FAILED;
   } else if (data->memory == NULL) {
     return GS_OUT_OF_MEMORY;

libgamestream/pairing.c

@@ -0,0 +1,234 @@
+/*
+ * This file is part of Moonlight Embedded.
+ *
+ * Copyright (C) 2015 Iwan Timmer
+ *
+ * Moonlight is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Moonlight is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Moonlight; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "http.h"
+#include "mkcert.h"
+#include "pairing.h"
+#include "errors.h"
+
+#include <sys/stat.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <string.h>
+#include <openssl/sha.h>
+#include <openssl/aes.h>
+#include <openssl/rand.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+
+const char* gs_error;
+
+extern X509 *g_Cert;
+extern EVP_PKEY *g_PrivateKey;
+extern char* g_UniqueId;
+extern char* g_CertHex;
+
+static int xml_search(char* data, size_t len, char* node, char** result) {
+    char startTag[256];
+    char endTag[256];
+    char* startOffset;
+    char* endOffset;
+    
+    data = strdup(data);
+    
+    sprintf(startTag, "<%s>", node);
+    sprintf(endTag, "</%s>", node);
+    
+    startOffset = strstr(data, startTag);
+    if (startOffset == NULL) {
+        return GS_FAILED;
+    }
+    
+    endOffset = strstr(data, endTag);
+    if (endOffset == NULL) {
+        return GS_FAILED;
+    }
+    
+    *endOffset = 0;
+    
+    *result = malloc(strlen(startOffset + strlen(startTag)) + 1);
+    strcpy(*result, startOffset + strlen(startTag));
+    
+    return GS_OK;
+}
+
+static void bytes_to_hex(unsigned char *in, char *out, size_t len) {
+    for (int i = 0; i < len; i++) {
+        sprintf(out + i * 2, "%02x", in[i]);
+    }
+    out[len * 2] = 0;
+}
+
+static int sign_it(const unsigned char *msg, size_t mlen, unsigned char **sig, size_t *slen, EVP_PKEY *pkey) {
+    int result = GS_FAILED;
+    
+    *sig = NULL;
+    *slen = 0;
+    
+    EVP_MD_CTX *ctx = EVP_MD_CTX_create();
+    if (ctx == NULL)
+        return GS_FAILED;
+    
+    const EVP_MD *md = EVP_get_digestbyname("SHA256");
+    if (md == NULL)
+        goto cleanup;
+    
+    int rc = EVP_DigestInit_ex(ctx, md, NULL);
+    if (rc != 1)
+        goto cleanup;
+    
+    rc = EVP_DigestSignInit(ctx, NULL, md, NULL, pkey);
+    if (rc != 1)
+        goto cleanup;
+    
+    rc = EVP_DigestSignUpdate(ctx, msg, mlen);
+    if (rc != 1)
+        goto cleanup;
+    
+    size_t req = 0;
+    rc = EVP_DigestSignFinal(ctx, NULL, &req);
+    if (rc != 1 || !(req > 0))
+        goto cleanup;
+    
+    *sig = OPENSSL_malloc(req);
+    if (*sig == NULL)
+        goto cleanup;
+    
+    *slen = req;
+    rc = EVP_DigestSignFinal(ctx, *sig, slen);
+    if (rc != 1 || req != *slen)
+        goto cleanup;
+    
+    result = GS_OK;
+    
+cleanup:
+    EVP_MD_CTX_destroy(ctx);
+    ctx = NULL;
+    
+    return result;
+}
+
+int gs_pair(const char* address, const char* pin) {
+    int ret = GS_OK;
+    char url[4096];
+    
+    unsigned char salt_data[16];
+    char salt_hex[33];
+    RAND_bytes(salt_data, 16);
+    bytes_to_hex(salt_data, salt_hex, 16);
+    
+    sprintf(url, "http://%s:47989/pair?uniqueid=%s&devicename=roth&updateState=1&phrase=getservercert&salt=%s&clientcert=%s", address, g_UniqueId, salt_hex, g_CertHex);
+    PHTTP_DATA data = http_create_data();
+    if (data == NULL)
+        return GS_OUT_OF_MEMORY;
+    else if ((ret = http_request(url, data)) != GS_OK)
+        goto cleanup;
+    
+    unsigned char salt_pin[20];
+    unsigned char aes_key_hash[20];
+    AES_KEY enc_key, dec_key;
+    memcpy(salt_pin, salt_data, 16);
+    memcpy(salt_pin+16, pin, 4);
+    SHA1(salt_pin, 20, aes_key_hash);
+    AES_set_encrypt_key((unsigned char *)aes_key_hash, 128, &enc_key);
+    AES_set_decrypt_key((unsigned char *)aes_key_hash, 128, &dec_key);
+    
+    unsigned char challenge_data[16];
+    unsigned char challenge_enc[16];
+    char challenge_hex[33];
+    RAND_bytes(challenge_data, 16);
+    AES_encrypt(challenge_data, challenge_enc, &enc_key);
+    bytes_to_hex(challenge_enc, challenge_hex, 16);
+    
+    sprintf(url, "http://%s:47989/pair?uniqueid=%s&devicename=roth&updateState=1&clientchallenge=%s", address, g_UniqueId, challenge_hex);
+    if ((ret = http_request(url, data)) != GS_OK)
+        goto cleanup;
+    
+    char *result;
+    if (xml_search(data->memory, data->size, "challengeresponse", &result) != GS_OK) {
+        ret = GS_INVALID;
+        goto cleanup;
+    }
+    
+    unsigned char challenge_response_data_enc[48];
+    unsigned char challenge_response_data[48];
+    for (int count = 0; count < strlen(result); count += 2) {
+        sscanf(&result[count], "%2hhx", &challenge_response_data_enc[count / 2]);
+    }
+    free(result);
+    
+    for (int i = 0; i < 48; i += 16) {
+        AES_decrypt(&challenge_response_data_enc[i], &challenge_response_data[i], &dec_key);
+    }
+    
+    unsigned char client_secret_data[16];
+    RAND_bytes(client_secret_data, 16);
+    
+    unsigned char challenge_response[16 + 256 + 16];
+    unsigned char challenge_response_hash[32];
+    unsigned char challenge_response_hash_enc[32];
+    char challenge_response_hex[65];
+    memcpy(challenge_response, challenge_response_data + 20, 16);
+    memcpy(challenge_response + 16, g_Cert->signature->data, 256);
+    memcpy(challenge_response + 16 + 256, client_secret_data, 16);
+    SHA1(challenge_response, 16 + 256 + 16, challenge_response_hash);
+    
+    for (int i = 0; i < 32; i += 16) {
+        AES_encrypt(&challenge_response_hash[i], &challenge_response_hash_enc[i], &enc_key);
+    }
+    bytes_to_hex(challenge_response_hash_enc, challenge_response_hex, 32);
+    
+    sprintf(url, "http://%s:47989/pair?uniqueid=%s&devicename=roth&updateState=1&serverchallengeresp=%s", address, g_UniqueId, challenge_response_hex);
+    if ((ret = http_request(url, data)) != GS_OK)
+        goto cleanup;
+    
+    if (xml_search(data->memory, data->size, "pairingsecret", &result) != GS_OK) {
+        ret = GS_INVALID;
+        goto cleanup;
+    }
+    
+    unsigned char *signature = NULL;
+    size_t s_len;
+    if (sign_it(client_secret_data, 16, &signature, &s_len, g_PrivateKey) != GS_OK) {
+        gs_error = "Failed to sign data";
+        ret = GS_FAILED;
+        goto cleanup;
+    }
+    
+    unsigned char client_pairing_secret[16 + 256];
+    char client_pairing_secret_hex[(16 + 256) * 2 + 1];
+    memcpy(client_pairing_secret, client_secret_data, 16);
+    memcpy(client_pairing_secret + 16, signature, 256);
+    bytes_to_hex(client_pairing_secret, client_pairing_secret_hex, 16 + 256);
+    
+    sprintf(url, "http://%s:47989/pair?uniqueid=%s&devicename=roth&updateState=1&clientpairingsecret=%s", address, g_UniqueId, client_pairing_secret_hex);
+    if ((ret = http_request(url, data)) != GS_OK)
+        goto cleanup;
+    
+    sprintf(url, "https://%s:47984/pair?uniqueid=%s&devicename=roth&updateState=1&phrase=pairchallenge", address, g_UniqueId);
+    if ((ret = http_request(url, data)) != GS_OK)
+        goto cleanup;
+    
+cleanup:
+    http_free_data(data);
+    
+    return ret;
+}

libgamestream/pairing.h

@@ -0,0 +1,30 @@
+/*
+ * This file is part of Moonlight Embedded.
+ *
+ * Copyright (C) 2015 Iwan Timmer
+ *
+ * Moonlight is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Moonlight is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Moonlight; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int gs_pair(const char* address, const char* pin);
+
+#ifdef __cplusplus
+}
+#endif

main.cpp

@@ -5,6 +5,8 @@
 #include <string.h>
 #include <unistd.h>
 
+#include <pairing.h>
+
 #include "ppapi/cpp/input_event.h"
 
 // Requests the NaCl module to connection to the server specified after the :
@@ -131,22 +133,24 @@ void MoonlightInstance::HandleMessage(const pp::Var& var_message) {
     pp::VarArray params(msg.Get("params"));
     
     if (strcmp(method.c_str(), MSG_START_REQUEST) == 0) {
-        handleStartStream(callbackId, params);
+        HandleStartStream(callbackId, params);
     } else if (strcmp(method.c_str(), MSG_STOP_REQUEST) == 0) {
-        handleStopStream(callbackId, params);
+        HandleStopStream(callbackId, params);
     } else if (strcmp(method.c_str(), MSG_OPENURL) == 0) {
-        handleOpenURL(callbackId, params);
+        HandleOpenURL(callbackId, params);
     } else if (strcmp(method.c_str(), "httpInit") == 0) {
         NvHTTPInit(callbackId, params);
     } else if (strcmp(method.c_str(), "makeCert") == 0) {
         MakeCert(callbackId, params);
+    } else if (strcmp(method.c_str(), "pair") == 0) {
+        HandlePair(callbackId, params);
     } else {
         pp::Var response("Unhandled message received: " + method);
         PostMessage(response);
     }
 }
 
-void MoonlightInstance::handleStartStream(int32_t callbackId, pp::VarArray args) {
+void MoonlightInstance::HandleStartStream(int32_t callbackId, pp::VarArray args) {
     std::string host = args.Get(0).AsString();
     std::string width = args.Get(1).AsString();
     std::string height = args.Get(2).AsString();
@@ -191,7 +195,7 @@ void MoonlightInstance::handleStartStream(int32_t callbackId, pp::VarArray args)
     PostMessage(ret);
 }
 
-void MoonlightInstance::handleStopStream(int32_t callbackId, pp::VarArray args) {
+void MoonlightInstance::HandleStopStream(int32_t callbackId, pp::VarArray args) {
     // Begin connection teardown
     StopConnection();
     
@@ -202,7 +206,7 @@ void MoonlightInstance::handleStopStream(int32_t callbackId, pp::VarArray args)
     PostMessage(ret);
 }
 
-void MoonlightInstance::handleOpenURL(int32_t callbackId, pp::VarArray args) {
+void MoonlightInstance::HandleOpenURL(int32_t callbackId, pp::VarArray args) {
     std::string url = args.Get(0).AsString();
     
     openHttpThread.message_loop().PostWork(m_CallbackFactory.NewCallback(&MoonlightInstance::NvHTTPRequest, callbackId, url));
@@ -210,6 +214,20 @@ void MoonlightInstance::handleOpenURL(int32_t callbackId, pp::VarArray args) {
     PostMessage(pp::Var (url.c_str()));
 }
 
+void MoonlightInstance::HandlePair(int32_t callbackId, pp::VarArray args) {
+     openHttpThread.message_loop().PostWork(m_CallbackFactory.NewCallback(&MoonlightInstance::PairCallback, callbackId, args));
+}
+
+void MoonlightInstance::PairCallback(int32_t /*result*/, int32_t callbackId, pp::VarArray args) {
+    int err = gs_pair(args.Get(0).AsString().c_str(), args.Get(1).AsString().c_str());
+    
+    pp::VarDictionary ret;
+    ret.Set("callbackId", pp::Var(callbackId));
+    ret.Set("type", err ? pp::Var("reject") : pp::Var("resolve"));
+    ret.Set("ret", pp::Var(err));
+    PostMessage(ret);
+}
+
 bool MoonlightInstance::Init(uint32_t argc,
                              const char* argn[],
                              const char* argv[]) {

moonlight.hpp

@@ -67,12 +67,13 @@ class MoonlightInstance : public pp::Instance, public pp::MouseLock {
         bool Init(uint32_t argc, const char* argn[], const char* argv[]);
         
         void HandleMessage(const pp::Var& var_message);
-        void handlePair(int32_t callbackId, pp::VarArray args);
-        void handleShowGames(int32_t callbackId, pp::VarArray args);
-        void handleStartStream(int32_t callbackId, pp::VarArray args);
-        void handleStopStream(int32_t callbackId, pp::VarArray args);
-        void handleOpenURL(int32_t callbackId, pp::VarArray args);
-        
+        void HandlePair(int32_t callbackId, pp::VarArray args);
+        void HandleShowGames(int32_t callbackId, pp::VarArray args);
+        void HandleStartStream(int32_t callbackId, pp::VarArray args);
+        void HandleStopStream(int32_t callbackId, pp::VarArray args);
+        void HandleOpenURL(int32_t callbackId, pp::VarArray args);
+        void PairCallback(int32_t /*result*/, int32_t callbackId, pp::VarArray args);
+    
         void UpdateModifiers(PP_InputEvent_Type eventType, short keyCode);
         bool HandleInputEvent(const pp::InputEvent& event);
         
@@ -81,8 +82,6 @@ class MoonlightInstance : public pp::Instance, public pp::MouseLock {
         void MouseLockLost();
         void DidLockMouse(int32_t result);
         void DidChangeFocus(bool got_focus);
-        void DidChangeView(const pp::Rect& position,
-                           const pp::Rect& clip_ignored);
         
         void OnConnectionStopped(uint32_t unused);
         void OnConnectionStarted(uint32_t error);

ports.mk

@@ -0,0 +1,2 @@
+EXTRA_INC_PATHS := $(EXTRA_INC_PATHS) ports/include
+EXTRA_LIB_PATHS := $(EXTRA_LIB_PATHS) ports/lib/pnacl/Release

static/js/utils.js

@@ -25,17 +25,6 @@ function NvAPI(address, clientUid) {
     _self = this;
 };
 
-//FOR TEST ONLY
-var api;
-function init() {
-    api = new NvAPI('localhost', guuid());
-    return sendMessage('makeCert', []).then(function (cert) {
-        return sendMessage('httpInit', [cert.cert, cert.privateKey]).then(function (ret) {
-            return api.pair(cert, "1234");
-        });
-    });
-}
-
 NvAPI.prototype = {
     init: function () {
         return sendMessage('openUrl', [_self._baseUrlHttps+'/serverinfo?'+_self._buildUidStr()]).then(function(ret) {
@@ -86,7 +75,7 @@ NvAPI.prototype = {
         });
     },
     
-    getArtBox: function (appId) {
+    getBoxArt: function (appId) {
         return sendMessage('openUrl', [
             _self._baseUrlHttps+
             '/appasset?'+_self._buildUidStr()+
@@ -97,89 +86,35 @@ NvAPI.prototype = {
         });
     },
     
-    launchApp: function (context, appId) {
+    launchApp: function (context, appId, mode, sops, rikey, rikeyid, localAudio, surroundAudioInfo) {
         return sendMessage('openUrl', [
             _self.baseUrlHttps +
             '/launch?' + _self._buildUidStr() +
             '&appid=' + appId +
-            '&mode=' +
-            '&additionalStates=1&sops=' + 
-            '&rikey' +
-            '&rikeyid' + 
-            '&localAudioPlayMode' + 
-            '&surroundAudioInfo'
+            '&mode=' + mode +
+            '&additionalStates=1&sops=' + sops +
+            '&rikey=' + rikey +
+            '&rikeyid=' + rikeyid +
+            '&localAudioPlayMode=' + localAudio +
+            '&surroundAudioInfo=' + suroundAudioInfo
         ]).then(function (ret) {
             return true;
         });
     },
     
-    resumeApp: function (context) {
+    resumeApp: function (context, rikey, rikeyid) {
         return sendMessage('openUrl', [
             _self._baseUrlHttps +
             '/resume?' + _self._buildUidStr() +
-            '&rikey=' +
-            '&rikeyid='
+            '&rikey=' + rikey +
+            '&rikeyid=' + rikeyid
         ]).then(function (ret) {
             return true;
         });
     },
     
     quitApp: function () {
-        return sendMessage('openUrl', [_self._baseUrlHttps+'/unpair?'+_self._buildUidStr()]);
-    },
-    
-    pair: function (cert, pin) {
-        if (_self.paired)
-            return $.when(false);
-        
-        if (_self.currentGame)
-            return $.when(false);
-        
-        var salt_data = CryptoJS.lib.WordArray.random(16);
-        var cert_hex = cert.cert.toHex(); 
-        
-        return sendMessage('openUrl',[
-            _self._baseUrlHttp+
-            '/pair?'+_self._buildUidStr()+
-            '&devicename=roth&updateState=1&phrase=getservercert&salt='+salt_data.toString()+
-            '&clientcert='+cert_hex
-        ]).then(function (ret) {
-            var salt_pin_hex = salt_data.toString();
-            var aes_key_hash = CryptoJS.SHA1(CryptoJS.enc.Hex.parse(salt_pin_hex + salt_pin_hex.substr(0, 8)));
-            
-            console.log(aes_key_hash);
-            
-            var challenge_data = CryptoJS.lib.WordArray.random(16);
-            var challenge_enc = CryptoJS.AES.encrypt(challenge_data, aes_key_hash, {mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.NoPadding});
-            var challange_enc_hex = challenge_enc.ciphertext.toString()
-            
-            return sendMessage('openUrl', [
-                _self._baseUrlHttp+
-                '/pair?'+_self._buildUidStr()+
-                '&devicename=roth&updateState=1&clientchallenge=' + challange_enc_hex
-            ]).then(function (ret) {
-                console.log(ret);
-                
-                $xml = _self._parseXML(ret);
-                var challengeresponse = $xml.find('challengeresponse').text();
-                
-                for (var i = 0; i < 96; i += 32) {
-                    var data = CryptoJS.enc.Hex.parse(challengeresponse.substr(i, 32));
-                    var challenge_dec = CryptoJS.AES.decrypt(data, aes_key_hash, {mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.NoPadding});
-                    console.log(challenge_dec);
-                }
-                
-                return sendMessage('openUrl', [
-                    _self._baseUrlHttp+
-                    '/pair?'+
-                    '&devicename=roth&updateState=1&serverchallengeresp='
-                ]).then(function (ret) {
-                    console.log(ret);
-                    
-                    return true;
-                });
-            });
-        });
+        return sendMessage('openUrl', [_self._baseUrlHttps+'/cancel?'+_self._buildUidStr()]);
     },
     
     unpair: function () {