User:Eskuat/WeeklyReports: Difference between revisions
| Line 9: | Line 9: | ||
#The MD5/SHA-1 combination in the pseudorandom function (PRF) has been replaced with cipher-suite-specified PRFs. All cipher suites in this document use P_SHA256. | #The MD5/SHA-1 combination in the pseudorandom function (PRF) has been replaced with cipher-suite-specified PRFs. All cipher suites in this document use P_SHA256. | ||
#The MD5/SHA-1 combination in the digitally-signed element has been replaced with a single hash. Signed elements now include a field that explicitly specifies the hash algorithm used.<br> | #The MD5/SHA-1 combination in the digitally-signed element has been replaced with a single hash. Signed elements now include a field that explicitly specifies the hash algorithm used.<br> | ||
#Substantial cleanup to the client's and server's ability to<br> specify which hash and signature algorithms they will accept.<br> Note that this also relaxes some of the constraints on signature<br> and hash algorithms from previous versions of TLS.<br> | #Substantial cleanup to the client's and server's ability to<br> specify which hash and signature algorithms they will accept.<br> Note that this also relaxes some of the constraints on signature<br> and hash algorithms from previous versions of TLS.[Signature Algorithm extension]<br> | ||
#Addition of support for authenticated encryption with additional<br> data modes.<br> | #Addition of support for authenticated encryption with additional<br> data modes.<br> | ||
#TLS Extensions definition and AES Cipher Suites were merged in<br> from external [TLSEXT] and [TLSAES].<br> | #TLS Extensions definition and AES Cipher Suites were merged in<br> from external [TLSEXT] and [TLSAES].<br> | ||
Revision as of 04:12, 11 July 2010
Coding part Week #1 (May, 23 - 30)
I've submitted a patch with TLS 1.1 implementation here bug 565047 and asked for review. Then I dedicated rest of the week to thorough review of RFC 5246 and continued learning the codebase.
The review is not 100% finished yet, I compared RFC 4346 and RFC 5246.
Some preliminary results below (Changes that doesn't require coding are omitted).
- The MD5/SHA-1 combination in the pseudorandom function (PRF) has been replaced with cipher-suite-specified PRFs. All cipher suites in this document use P_SHA256.
- The MD5/SHA-1 combination in the digitally-signed element has been replaced with a single hash. Signed elements now include a field that explicitly specifies the hash algorithm used.
- Substantial cleanup to the client's and server's ability to
specify which hash and signature algorithms they will accept.
Note that this also relaxes some of the constraints on signature
and hash algorithms from previous versions of TLS.[Signature Algorithm extension] - Addition of support for authenticated encryption with additional
data modes. - TLS Extensions definition and AES Cipher Suites were merged in
from external [TLSEXT] and [TLSAES]. - Tighter checking of EncryptedPreMasterSecret version numbers.
- Tightened up a number of requirements.
- Verify_data length now depends on the cipher suite (default is
still 12). - Alerts MUST now be sent in many cases.
- After a certificate_request, if no certificates are available,
clients now MUST send an empty certificate list. - TLS_RSA_WITH_AES_128_CBC_SHA is now the mandatory to implement
cipher suite. Added HMAC-SHA256 cipher suites. Removed IDEA and DES cipher suites. They are now deprecated and will be documented in a separate document. - Support for the SSLv2 backward-compatible hello is now a MAY, not
a SHOULD, with sending it a SHOULD NOT. Support will probably
become a SHOULD NOT in the future.
Coding part Week #4 (June, 13 - 20)
Spent this week writing code for TLS 1.2 PRF function and handshake hashes. PRF function is used for master secret generation( in ssl3_DeriveMasterSecret), for final encryption and MAC keys generation (in ssl3_DeriveConnectionKeysPKCS11) and also for verify_data generation (in ssl3_ComputeTLSFinished).
Coding part Week #5 (June, 20 - 27)
Working on TLS 1.2 proposal for PKCS 11.
Coding part Week #6 (June, 27 - July 4)
Got review on TLS 1.2 proposal for PKCS 11 from Robert. Going to ask for review from Nelson Bolyard and Wan-Teh Chang in a few days. Submitted a patch for freebl with TLS 1.2 PRF implementation and tests (see bug 485014). Submitted a patch for softoken that implements master and mac/session key derivation (link: FIXME).