[gnutls-devel] GnuTLS | For 2nd ClientHello in 0-RTT(TLS1.3), it should not be encrypted and early data extension should not exist. (#1429)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Fri Nov 25 07:11:28 CET 2022




Daiki Ueno commented:


Thanks for the report with the reproducer. I've tried it, but it seems the test is skipped:
```console
$ ./tests/ssl-opt.sh -f "TLS 1.3 G->m: EarlyData: HRR check, enabled. good"
TLS 1.3 G->m: EarlyData: HRR check, enabled. good. ..................... SKIP
------------------------------------------------------------------------
PASSED (1 / 1 tests (1 skipped))
```
Do you have any idea?

Anyway I think I was able to reproduce it partially with gnutls-serv/gnutls-cli:
```console
$ gnutls-serv --x509certfile=doc/credentials/x509/cert-rsa-pss.pem --x509keyfile=doc/credentials/x509/key-rsa-pss.pem --earlydata --priority=NORMAL:-GROUP-ALL:+GROUP-X448 &
$ echo aaa > earlydata.txt
$ SSLKEYLOGFILE=$PWD/keylog.txt gnutls-cli --x509cafile=doc/credentials/x509/ca.pem -p 5556 localhost --inline-commands --earlydata=earlydata.txt
...
^resume^
```
It seems even gnutls-serv itself cannot handle the mis-crafted ClientHello.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1429#note_1185362594
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20221125/dc2fc922/attachment.html>


More information about the Gnutls-devel mailing list