error in TLS 1.2 implementation
nmav at gnutls.org
Fri Nov 12 00:01:23 CET 2010
On 11/11/2010 08:52 PM, Nephi Allred wrote:
> I believe that there is an error in gnutls's implementation of TLS
> 1.2, specifically in the PRF.
> The spec (RFC 5246) section 5 (page 13) states that all cipher suites
> in TLS 1.2 use P_SHA256 as the PRF. However, gnutls uses P_hash where
> hash is the MAC hash algorithm for the cipher suite. So for example
> when the cipher suite is TLS_RSA_WITH_AES_128_CBC_SHA then gnutls uses
> P_SHA1 as the PRF. This goes against the spec, or am I missing
Which version of gnutls do you use? TLS 1.2 is fully supported on 2.10.0
and later versions. What you say shouldn't occur in those versions.
More information about the Gnutls-devel