PHPCRED-24: Document current TLS implementation

Issue Information

Issue Type: Task
Priority: Major
Status: Open

Reported By:
Ben Tasker
Assigned To:
Ben Tasker
Project: PHPCredlocker (PHPCRED)
Resolution: Unresolved
Components: Crypto ,

Created: 2014-07-24 21:35:20
Time Spent Working

As the aim is to use the JS/PHP TLS implementation to add support for Double blind encryption (PHPCRED-11), need to document the current implementation of TLS so that it can be understood and more easily improved.

Need to cover

- Current intentions of the mechanism (i.e. prevent casual observation)
- Key exchange (known to be sorely in need of improvement)
- Key generation
- Key properties
- Crypto mechanism
- Format of data sent on the wire

Toggle State Changes


Also worth noting that the implementation was added to BT Framework (project BTFW) and some enhancements were made/planned so worth documenting those and assessing how easily they can be added to PHP Credlocker.

Longer term the plan is to have PHPCredlocker use BTFW, but in the meantime it should be considered a fork

Changes Made

- BTFW-6 - The JS Crypto component was converted to an object
- BTFW-8 - Xor functions now automatically Base64 encode their ciphertext
- BTFW-7 - Bugfix for keylength calculation

Planned Changes
- BTFW-9 - Add checksumming to Xor Functions
Wiki page complete for current version. Worth thinking about whether the content needs publishing somewhere, or at least how best to track changes between different versions of BT-TLS and PHPCredLocker