[gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Mon Jul 10 14:58:38 CEST 2023
Daiki Ueno commented on a discussion on tests/tls-force-ems.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463690761
> if (debug)
> gnutls_global_set_log_level(2);
>
> - try("default", AES_GCM ":%FORCE_SESSION_HASH",
> - AES_GCM ":%FORCE_SESSION_HASH", 0, 0);
> + assert(gnutls_fips140_context_init(&fips_context) >= 0);
> +
> + /* Default: EMS is requested in non-FIPS mode, while it is
> + * required in FIPS mode.
> + */
> + FIPS_PUSH_CONTEXT();
> + try("default", AES_GCM "", AES_GCM "", 0, 0);
Yes, thanks for spotting this.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463690761
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20230710/aba7bf3c/attachment.html>
More information about the Gnutls-devel
mailing list