Re: Strange bug in the TLS application protocol with PSK

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Strange bug in the TLS application protocol with PSK

From:	Vladimir Estis
Subject:	Re: Strange bug in the TLS application protocol with PSK
Date:	Wed, 28 Oct 2009 12:29:35 +0300

Hi Nikos,

No, I use GNUTLS only as reference test client and I don't use
functions from GNUTLS in my code. But problem described above was in
my code, that based on standart API for ciphering.

Thanks for your answers, GNUTLS works fine.
regards, Vlad.

2009/10/27 Nikos Mavrogiannopoulos <address@hidden>
>
> I'm quite intrigued... How did you manage to do that? Do you use
> custom push and pull functions?
>
> regards,
> Nikos
>
> On Tue, Oct 27, 2009 at 3:06 PM, Vladimir Estis <address@hidden> wrote:
> > Hi Nikos,
> >
> > Thanks for your answer. I've solved this problem. It was my error. I've
> > reset IV for cipher after every message. But TLS uses the last cipher block
> > of record as the CBC IV for next block. Thus, IV for first block of every
> > new message was lost, and I wasn't able to decrypt the first cipher block of
> > message. Now I call update() function instead of doFinal() and GNUTLS works
> > fine.
> >
> > Thank you again,
> > regards, Vlad.
> >
> > 2009/10/27 Nikos Mavrogiannopoulos <address@hidden>
> >>
> >> If you think this is a gnutls bug please send an example program that
> >> reproduces this bug.
> >>
> >> regards,
> >> Nikos
> >>
> >> On Tue, Oct 27, 2009 at 10:09 AM, Vladimir Estis <address@hidden>
> >> wrote:
> >> > Hello,
> >> >
> >> > I've used GNUTLS for testing of the TLS with the PSK cipher suite
> >> > (TLS_PSK_WITH_3DES_EDE_CBC_SHA). But I've faced a problem with PSK kind
> >> > of
> >> > authentication in the gnutls-cli. I see that handshake was successfully
> >> > done. But then I tried to send part of application data, and I found
> >> > that
> >> > first cipher block (8 bytes) was corrupted. I think, GNUTLS calculates
> >> > checksum for application data, injures first block and then do ciphering
> >> > across all data. I think this is bug in GNUTLS, but I couldn't find any
> >> > discussion at the forums about this fact.
> >> >
> >> > Has anyone else encountered this behaviour of the GNUTLS?
> >> > Thanks very much in advance for any help!
> >> >
> >> > With best regards, Vlad.
> >> >
> >> > _______________________________________________
> >> > Help-gnutls mailing list
> >> > address@hidden
> >> > http://lists.gnu.org/mailman/listinfo/help-gnutls
> >> >
> >> >
> >
> >

[Prev in Thread]

Current Thread

[Next in Thread]

Strange bug in the TLS application protocol with PSK, Vladimir Estis, 2009/10/27
- Re: Strange bug in the TLS application protocol with PSK, Nikos Mavrogiannopoulos, 2009/10/27
  - Message not available
    - Fwd: Strange bug in the TLS application protocol with PSK, Vladimir Estis, 2009/10/27
  - Message not available
    - Re: Strange bug in the TLS application protocol with PSK, Nikos Mavrogiannopoulos, 2009/10/27
    - Re: Strange bug in the TLS application protocol with PSK, Vladimir Estis <=

Prev by Date: Re: Bootstrap parallel connections using session resume ?
Next by Date: Re: Bootstrap parallel connections using session resume ?
Previous by thread: Re: Strange bug in the TLS application protocol with PSK
Next by thread: gnuTLS with Lighttpd
Index(es):
- Date
- Thread