User:Eskuat/WeeklyReports

From MozillaWiki
Jump to: navigation, search

Coding part Week #1 (May, 23 - 30)

I've submitted a patch with TLS 1.1 implementation here bug 565047 and asked for review. Then I dedicated rest of the week to thorough review of RFC 5246 and continued learning the codebase.
The review is not 100% finished yet, I compared RFC 4346 and RFC 5246.

Some preliminary results below (Changes that doesn't require coding are omitted).


  1. The MD5/SHA-1 combination in the pseudorandom function (PRF) has been replaced with cipher-suite-specified PRFs. All cipher suites in this document use P_SHA256.
  2. The MD5/SHA-1 combination in the digitally-signed element has been replaced with a single hash. Signed elements now include a field that explicitly specifies the hash algorithm used.
  3. Substantial cleanup to the client's and server's ability to specify which hash and signature algorithms they will accept. Note that this also relaxes some of the constraints on signature and hash algorithms from previous versions of TLS (Signature algorithms extension).
  4. Addition of support for authenticated encryption with additional data modes [AEAD].
  5. TLS Extensions definition merged in from external [TLSEXT].
  6. Tighter checking of EncryptedPreMasterSecret version numbers.
  7. Tightened up a number of requirements.
  8. Verify_data length now depends on the cipher suite (default is still 12).
  9. Alerts MUST now be sent in many cases.
  10. Removed IDEA and DES cipher suites.  They are now deprecated and will be documented in a separate document.

Coding part Week #4 (June, 13 - 20)

Spent this week writing code for TLS 1.2 PRF function and handshake hashes. PRF function is used for master secret generation( in ssl3_DeriveMasterSecret), for final encryption and MAC keys generation (in ssl3_DeriveConnectionKeysPKCS11) and also for verify_data generation (in ssl3_ComputeTLSFinished).

Coding part Week #5 (June, 20 - 27)

Working on TLS 1.2 proposal for PKCS 11.

Coding part Week #6 (June, 27 - July 4)

Got review on TLS 1.2 proposal for PKCS 11 from Robert. Going to ask for review from Nelson Bolyard and Wan-Teh Chang in a few days. Submitted a patch for freebl with TLS 1.2 PRF implementation and tests (see bug 485014). Submitted a patch for softoken that implements master and mac/session key derivation (link: FIXME).

Coding part Week #7 (July, 4 - 11)