[gnutls-devel] GnuTLS | gnutls restricts TLSv1.3 identity to 128 characters (#1323)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Mon Feb 14 17:05:04 CET 2022



Hannes Reinecke created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1323



gnutls has a hard limit of 128 characters in the TLS PSK username. While this is mandatory for RFC 4279, this is a _lower_ bound on the length of the username. And TLS 1.3 does not impose such a limit, causing gnutls to fail when attempting to use longer usernames (eg as mandated by NVMe 2.0):
~~~
Using PSK identity 'NVMe0R01 nqn.2014-08.org.nvmexpress:uuid:13c0fc1d-adba-42b0-8121-c5034971d2a4 nqn.2014-08.org.nvmexpress:uuid:62f37f51-0cc7-46d5-9865-4de22e81bd9d'
./../auth/psk.h:74: _gnutls_copy_psk_username: Assertion `sizeof(info->username) > username->size' failed.
~~~

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1323
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220214/4e7ed1bf/attachment.html>


More information about the Gnutls-devel mailing list