[gnutls-devel] GnuTLS | support non-NULL-terminated PSKs (!917)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Mar 23 16:56:57 CET 2020
Ander Juaristi commented on a discussion on tests/pskself2.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/917#note_309838321
> + close(sockets[1]);
> + server(sockets[0], prio);
> + wait(&status);
> + check_wait_status(status);
> + } else {
> + close(sockets[0]);
> + client(sockets[1], prio, exp_hint);
> + exit(0);
> + }
> +}
> +
> +void doit(void)
> +{
> + generate_dh_params();
> +
> + run_test("NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+PSK", 1);
I've repeated this set of tests with TLS 1.2 as well.
The tests above, which have `exp_hint` == 1 (expect a hint to be sent from server) don't make sense with TLS 1.3 as there is no hint.
```
run_test("NORMAL:-VERS-ALL:+VERS-TLS1.2:+PSK", 0);
run_test("NORMAL:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-FFDHE2048:+DHE-PSK", 0);
run_test("NORMAL:-VERS-ALL:+VERS-TLS1.2:-GROUP-ALL:+GROUP-SECP256R1:+ECDHE-PSK", 0);
run_test("NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK", 0);
run_test("NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-FFDHE2048:+DHE-PSK", 0);
run_test("NORMAL:-VERS-ALL:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+ECDHE-PSK", 0);
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/917#note_309838321
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200323/f3b5e645/attachment-0001.html>
More information about the Gnutls-devel
mailing list