[gnutls-devel] GnuTLS | Server side QUIC early data issue (#1239)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Sun May 16 18:36:23 CEST 2021

Daiki Ueno commented:

Thank you for the report. When running under `GNUTLS_DEBUG_LEVEL=10`, the server program outputs the following lines:
gnutls[3]: ASSERT: session_ticket.c[_gnutls_decrypt_session_ticket]:201
gnutls[3]: ASSERT: tls13/session_ticket.c[_gnutls13_unpack_session_ticket]:479
that means the session ticket sent from the client cannot be decrypted because of missing key. It seems that the server always regenerate STEK upon new session is created, while it needs to persist across sessions, so [stek.patch](/uploads/f6a53bcf5621a05fc3a4f017c91788dc/stek.patch) should fix the issue.

On the other hand, the crash is certainly an issue: given GnuTLS API currently doesn't support provisioning encryption parameters along with external PSK, we should reject early data upon resumption failure.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1239#note_576317324
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210516/337b5c47/attachment.html>

More information about the Gnutls-devel mailing list