Thank you, Matt. I actually am _not_ familiar with the spec. I was looking for some work on OpenSSL exactly because I want to know TLS better.
Your suggestion seems like a good start. It is pretty dense, but that was exactly what I was looking for. Thank you again. -- Arrais On Tue, Apr 4, 2017 at 2:10 PM Matt Caswell <m...@openssl.org> wrote: > > > On 04/04/17 15:34, Thiago Arrais wrote: > > Hmmm... The Getting Started page talks about writing test cases. > > > > It seems like a good start. Is there any area that needs special > attention? > > Actually I have a suggestion for a fairly small self-contained piece of > work suitable for a starting project. > > The spec has this requirement: > > As of TLS 1.3, servers are permitted to send the "supported_groups" > extension to the client. If the server has a group it prefers to the > ones in the "key_share" extension but is still willing to accept the > ClientHello, it SHOULD send "supported_groups" to update the client's > view of its preferences; this extension SHOULD contain all groups the > server supports, regardless of whether they are currently supported > by the client. Clients MUST NOT act upon any information found in > "supported_groups" prior to successful completion of the handshake, > but MAY use the information learned from a successfully completed > handshake to change what groups they use in their "key_share" > extension in subsequent connections. > > At the moment we only ever send supported_groups client -> server. Never > server -> client. I wouldn't worry about the client acting on this > information at this stage. Just start with the server sending it if the > selected key_share is not for the most preferred group. > > Hint: you will need to look at ssl/statem/extensions.c and you will also > need to add code to ssl/statem/extensions_srvr.c. > > I strongly suggest you spend some time looking at some other github pull > requests to get a feel for how our submission and review process works, > and the kind of review comments that come up. You should also > familiarise yourself with our coding style: > > https://www.openssl.org/policies/codingstyle.html > > All submissions should include tests. Adding something to > test/recipes/70-test_tls13messages.t would probably be sufficient, i.e. > a test to demonstrate that sending a preferred key_share results in no > supported_groups extension in the EncryptedExtensions message, and then > a test to demonstrate that sending an acceptable but non-preferred > key_share results in the supported_groups extension being sent. > > If you are not already familiar with the TLSv1.3 spec then you will need > to be. Make sure you read it through and gain a good understanding of it > before you start. > > Matt > -- > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev >
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
