<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>
GitLab
</title>


<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">
<div></div>
<h2 dir="auto">
<a id="user-content-description-of-problem" class="anchor" href="#description-of-problem" aria-hidden="true"></a>Description of problem:</h2>
<p dir="auto">When server receives a ClientHello that does include only groups from unassigned ranges in supported_groups (and a fake key_share for those groups), it aborts the connection with an illegal_parameter instead of handshake_failure.</p>
<h2 dir="auto">
<a id="user-content-version-of-gnutls-used" class="anchor" href="#version-of-gnutls-used" aria-hidden="true"></a>Version of gnutls used:</h2>
<p dir="auto"><a href="https://gitlab.com/gnutls/gnutls/commit/4e87865c0152a98b899272dbe7cf3a459e04b351" data-original="4e87865c0152a98b8" data-link="false" data-link-reference="false" data-project="179611" data-commit="4e87865c0152a98b899272dbe7cf3a459e04b351" data-reference-type="commit" data-container="body" data-placement="bottom" title="certtool: added example of converting to DER in manpage" class="gfm gfm-commit has-tooltip">4e87865c</a></p>
<h2 dir="auto">
<a id="user-content-distributor-of-gnutls-eg-ubuntu-fedora-rhel" class="anchor" href="#distributor-of-gnutls-eg-ubuntu-fedora-rhel" aria-hidden="true"></a>Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)</h2>
<p dir="auto">local compile on Fedora 27</p>
<h2 dir="auto">
<a id="user-content-how-reproducible" class="anchor" href="#how-reproducible" aria-hidden="true"></a>How reproducible:</h2>
<p dir="auto">Steps to Reproduce:</p>
<ul dir="auto">
<li>tlsfuzzer scripts/test-tls13-unrecognised-groups.py</li>
</ul>
<h2 dir="auto">
<a id="user-content-actual-results" class="anchor" href="#actual-results" aria-hidden="true"></a>Actual results:</h2>
  <details><summary>tlsfuzzer output</summary><p>
</p>
<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">only unknown supported_groups from EC range, key_share of size 256 ...</span>
<span id="LC2" class="line" lang="plaintext">Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f9839900750> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f9839900790>) with last message being: <tlslite.messages.Message object at 0x7f9839900b50></span>
<span id="LC3" class="line" lang="plaintext">Error while processing</span>
<span id="LC4" class="line" lang="plaintext">Traceback (most recent call last):</span>
<span id="LC5" class="line" lang="plaintext">  File "scripts/test-tls13-unrecognised-groups.py", line 310, in main</span>
<span id="LC6" class="line" lang="plaintext">    runner.run()</span>
<span id="LC7" class="line" lang="plaintext">  File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 212, in run</span>
<span id="LC8" class="line" lang="plaintext">    node.process(self.state, msg)</span>
<span id="LC9" class="line" lang="plaintext">  File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/expect.py", line 1110, in process</span>
<span id="LC10" class="line" lang="plaintext">    raise AssertionError(problem_desc)</span>
<span id="LC11" class="line" lang="plaintext">AssertionError: Expected alert description "handshake_failure" does not match received "illegal_parameter"</span></code></pre>
  </details>
  <details><summary>gnutls output</summary><p>
</p>
<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">* Accepted connection from IPv4 127.0.0.1 port 53708 on Fri Aug  3 14:30:00 2018</span>
<span id="LC2" class="line" lang="plaintext">|<5>| REC[0x205df60]: Allocating epoch #1</span>
<span id="LC3" class="line" lang="plaintext">|<3>| ASSERT: buffers.c[get_last_packet]:1172</span>
<span id="LC4" class="line" lang="plaintext">|<5>| REC[0x205df60]: SSL 3.0 Handshake packet received. Epoch 0, length: 16384</span>
<span id="LC5" class="line" lang="plaintext">|<5>| REC[0x205df60]: Expected Packet Handshake(22)</span>
<span id="LC6" class="line" lang="plaintext">|<5>| REC[0x205df60]: Received Packet Handshake(22) with length: 16384</span>
<span id="LC7" class="line" lang="plaintext">|<5>| REC[0x205df60]: Decrypted Packet[0] Handshake(22) with length: 16384</span>
<span id="LC8" class="line" lang="plaintext">|<4>| HSK[0x205df60]: CLIENT HELLO (1) was received. Length 58826[16380], frag offset 0, frag length: 16380, sequence: 0</span>
<span id="LC9" class="line" lang="plaintext">|<3>| ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1281</span>
<span id="LC10" class="line" lang="plaintext">|<3>| ASSERT: buffers.c[get_last_packet]:1172</span>
<span id="LC11" class="line" lang="plaintext">|<5>| REC[0x205df60]: SSL 3.0 Handshake packet received. Epoch 0, length: 16384</span>
<span id="LC12" class="line" lang="plaintext">|<5>| REC[0x205df60]: Expected Packet Handshake(22)</span>
<span id="LC13" class="line" lang="plaintext">|<5>| REC[0x205df60]: Received Packet Handshake(22) with length: 16384</span>
<span id="LC14" class="line" lang="plaintext">|<5>| REC[0x205df60]: Decrypted Packet[1] Handshake(22) with length: 16384</span>
<span id="LC15" class="line" lang="plaintext">|<3>| ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1281</span>
<span id="LC16" class="line" lang="plaintext">|<3>| ASSERT: buffers.c[get_last_packet]:1172</span>
<span id="LC17" class="line" lang="plaintext">|<5>| REC[0x205df60]: SSL 3.0 Handshake packet received. Epoch 0, length: 16384</span>
<span id="LC18" class="line" lang="plaintext">|<5>| REC[0x205df60]: Expected Packet Handshake(22)</span>
<span id="LC19" class="line" lang="plaintext">|<5>| REC[0x205df60]: Received Packet Handshake(22) with length: 16384</span>
<span id="LC20" class="line" lang="plaintext">|<5>| REC[0x205df60]: Decrypted Packet[2] Handshake(22) with length: 16384</span>
<span id="LC21" class="line" lang="plaintext">|<3>| ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1281</span>
<span id="LC22" class="line" lang="plaintext">|<3>| ASSERT: buffers.c[get_last_packet]:1172</span>
<span id="LC23" class="line" lang="plaintext">|<5>| REC[0x205df60]: SSL 3.0 Handshake packet received. Epoch 0, length: 9678</span>
<span id="LC24" class="line" lang="plaintext">|<5>| REC[0x205df60]: Expected Packet Handshake(22)</span>
<span id="LC25" class="line" lang="plaintext">|<5>| REC[0x205df60]: Received Packet Handshake(22) with length: 9678</span>
<span id="LC26" class="line" lang="plaintext">|<5>| REC[0x205df60]: Decrypted Packet[3] Handshake(22) with length: 9678</span>
<span id="LC27" class="line" lang="plaintext">|<4>| HSK[0x205df60]: Client's version: 3.3</span>
<span id="LC28" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Parsing extension 'Supported Versions/43' (5 bytes)</span>
<span id="LC29" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Found version: 127.28</span>
<span id="LC30" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Negotiated version: 127.28</span>
<span id="LC31" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Parsing extension 'Supported Groups/10' (450 bytes)</span>
<span id="LC32" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x1f)</span>
<span id="LC33" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x20)</span>
<span id="LC34" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x21)</span>
<span id="LC35" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x22)</span>
<span id="LC36" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x23)</span>
<span id="LC37" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x24)</span>
<span id="LC38" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x25)</span>
<span id="LC39" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x26)</span>
<span id="LC40" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x27)</span>
<span id="LC41" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x28)</span>
<span id="LC42" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x29)</span>
<span id="LC43" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x2a)</span>
<span id="LC44" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x2b)</span>
<span id="LC45" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x2c)</span>
<span id="LC46" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x2d)</span>
<span id="LC47" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x2e)</span>
<span id="LC48" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x2f)</span>
<span id="LC49" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x30)</span>
<span id="LC50" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x31)</span>
<span id="LC51" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x32)</span>
<span id="LC52" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x33)</span>
<span id="LC53" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x34)</span>
<span id="LC54" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x35)</span>
<span id="LC55" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x36)</span>
<span id="LC56" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x37)</span>
<span id="LC57" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x38)</span>
<span id="LC58" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x39)</span>
<span id="LC59" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x3a)</span>
<span id="LC60" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x3b)</span>
<span id="LC61" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x3c)</span>
<span id="LC62" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x3d)</span>
<span id="LC63" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x3e)</span>
<span id="LC64" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x3f)</span>
<span id="LC65" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x40)</span>
<span id="LC66" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x41)</span>
<span id="LC67" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x42)</span>
<span id="LC68" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x43)</span>
<span id="LC69" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x44)</span>
<span id="LC70" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x45)</span>
<span id="LC71" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x46)</span>
<span id="LC72" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x47)</span>
<span id="LC73" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x48)</span>
<span id="LC74" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x49)</span>
<span id="LC75" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x4a)</span>
<span id="LC76" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x4b)</span>
<span id="LC77" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x4c)</span>
<span id="LC78" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x4d)</span>
<span id="LC79" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x4e)</span>
<span id="LC80" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x4f)</span>
<span id="LC81" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x50)</span>
<span id="LC82" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x51)</span>
<span id="LC83" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x52)</span>
<span id="LC84" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x53)</span>
<span id="LC85" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x54)</span>
<span id="LC86" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x55)</span>
<span id="LC87" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x56)</span>
<span id="LC88" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x57)</span>
<span id="LC89" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x58)</span>
<span id="LC90" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x59)</span>
<span id="LC91" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x5a)</span>
<span id="LC92" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x5b)</span>
<span id="LC93" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x5c)</span>
<span id="LC94" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x5d)</span>
<span id="LC95" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x5e)</span>
<span id="LC96" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x5f)</span>
<span id="LC97" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x60)</span>
<span id="LC98" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x61)</span>
<span id="LC99" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x62)</span>
<span id="LC100" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x63)</span>
<span id="LC101" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x64)</span>
<span id="LC102" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x65)</span>
<span id="LC103" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x66)</span>
<span id="LC104" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x67)</span>
<span id="LC105" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x68)</span>
<span id="LC106" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x69)</span>
<span id="LC107" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x6a)</span>
<span id="LC108" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x6b)</span>
<span id="LC109" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x6c)</span>
<span id="LC110" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x6d)</span>
<span id="LC111" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x6e)</span>
<span id="LC112" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x6f)</span>
<span id="LC113" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x70)</span>
<span id="LC114" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x71)</span>
<span id="LC115" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x72)</span>
<span id="LC116" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x73)</span>
<span id="LC117" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x74)</span>
<span id="LC118" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x75)</span>
<span id="LC119" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x76)</span>
<span id="LC120" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x77)</span>
<span id="LC121" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x78)</span>
<span id="LC122" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x79)</span>
<span id="LC123" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x7a)</span>
<span id="LC124" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x7b)</span>
<span id="LC125" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x7c)</span>
<span id="LC126" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x7d)</span>
<span id="LC127" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x7e)</span>
<span id="LC128" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x7f)</span>
<span id="LC129" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x80)</span>
<span id="LC130" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x81)</span>
<span id="LC131" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x82)</span>
<span id="LC132" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x83)</span>
<span id="LC133" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x84)</span>
<span id="LC134" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x85)</span>
<span id="LC135" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x86)</span>
<span id="LC136" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x87)</span>
<span id="LC137" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x88)</span>
<span id="LC138" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x89)</span>
<span id="LC139" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x8a)</span>
<span id="LC140" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x8b)</span>
<span id="LC141" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x8c)</span>
<span id="LC142" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x8d)</span>
<span id="LC143" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x8e)</span>
<span id="LC144" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x8f)</span>
<span id="LC145" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x90)</span>
<span id="LC146" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x91)</span>
<span id="LC147" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x92)</span>
<span id="LC148" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x93)</span>
<span id="LC149" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x94)</span>
<span id="LC150" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x95)</span>
<span id="LC151" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x96)</span>
<span id="LC152" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x97)</span>
<span id="LC153" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x98)</span>
<span id="LC154" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x99)</span>
<span id="LC155" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x9a)</span>
<span id="LC156" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x9b)</span>
<span id="LC157" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x9c)</span>
<span id="LC158" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x9d)</span>
<span id="LC159" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x9e)</span>
<span id="LC160" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0x9f)</span>
<span id="LC161" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa0)</span>
<span id="LC162" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa1)</span>
<span id="LC163" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa2)</span>
<span id="LC164" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa3)</span>
<span id="LC165" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa4)</span>
<span id="LC166" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa5)</span>
<span id="LC167" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa6)</span>
<span id="LC168" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa7)</span>
<span id="LC169" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa8)</span>
<span id="LC170" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xa9)</span>
<span id="LC171" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xaa)</span>
<span id="LC172" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xab)</span>
<span id="LC173" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xac)</span>
<span id="LC174" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xad)</span>
<span id="LC175" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xae)</span>
<span id="LC176" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xaf)</span>
<span id="LC177" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb0)</span>
<span id="LC178" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb1)</span>
<span id="LC179" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb2)</span>
<span id="LC180" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb3)</span>
<span id="LC181" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb4)</span>
<span id="LC182" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb5)</span>
<span id="LC183" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb6)</span>
<span id="LC184" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb7)</span>
<span id="LC185" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb8)</span>
<span id="LC186" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xb9)</span>
<span id="LC187" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xba)</span>
<span id="LC188" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xbb)</span>
<span id="LC189" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xbc)</span>
<span id="LC190" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xbd)</span>
<span id="LC191" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xbe)</span>
<span id="LC192" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xbf)</span>
<span id="LC193" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc0)</span>
<span id="LC194" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc1)</span>
<span id="LC195" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc2)</span>
<span id="LC196" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc3)</span>
<span id="LC197" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc4)</span>
<span id="LC198" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc5)</span>
<span id="LC199" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc6)</span>
<span id="LC200" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc7)</span>
<span id="LC201" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc8)</span>
<span id="LC202" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xc9)</span>
<span id="LC203" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xca)</span>
<span id="LC204" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xcb)</span>
<span id="LC205" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xcc)</span>
<span id="LC206" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xcd)</span>
<span id="LC207" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xce)</span>
<span id="LC208" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xcf)</span>
<span id="LC209" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd0)</span>
<span id="LC210" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd1)</span>
<span id="LC211" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd2)</span>
<span id="LC212" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd3)</span>
<span id="LC213" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd4)</span>
<span id="LC214" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd5)</span>
<span id="LC215" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd6)</span>
<span id="LC216" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd7)</span>
<span id="LC217" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd8)</span>
<span id="LC218" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xd9)</span>
<span id="LC219" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xda)</span>
<span id="LC220" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xdb)</span>
<span id="LC221" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xdc)</span>
<span id="LC222" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xdd)</span>
<span id="LC223" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xde)</span>
<span id="LC224" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xdf)</span>
<span id="LC225" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe0)</span>
<span id="LC226" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe1)</span>
<span id="LC227" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe2)</span>
<span id="LC228" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe3)</span>
<span id="LC229" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe4)</span>
<span id="LC230" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe5)</span>
<span id="LC231" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe6)</span>
<span id="LC232" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe7)</span>
<span id="LC233" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe8)</span>
<span id="LC234" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xe9)</span>
<span id="LC235" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xea)</span>
<span id="LC236" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xeb)</span>
<span id="LC237" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xec)</span>
<span id="LC238" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xed)</span>
<span id="LC239" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xee)</span>
<span id="LC240" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xef)</span>
<span id="LC241" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf0)</span>
<span id="LC242" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf1)</span>
<span id="LC243" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf2)</span>
<span id="LC244" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf3)</span>
<span id="LC245" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf4)</span>
<span id="LC246" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf5)</span>
<span id="LC247" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf6)</span>
<span id="LC248" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf7)</span>
<span id="LC249" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf8)</span>
<span id="LC250" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xf9)</span>
<span id="LC251" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xfa)</span>
<span id="LC252" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xfb)</span>
<span id="LC253" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xfc)</span>
<span id="LC254" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xfd)</span>
<span id="LC255" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Received group unknown (0xfe)</span>
<span id="LC256" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Parsing extension 'Signature Algorithms/13' (6 bytes)</span>
<span id="LC257" class="line" lang="plaintext">|<4>| EXT[0x205df60]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256</span>
<span id="LC258" class="line" lang="plaintext">|<4>| EXT[0x205df60]: rcvd signature algo (8.9) RSA-PSS-SHA256</span>
<span id="LC259" class="line" lang="plaintext">|<4>| HSK[0x205df60]: Received safe renegotiation CS</span>
<span id="LC260" class="line" lang="plaintext">|<2>| checking 13.01 (GNUTLS_AES_128_GCM_SHA256) for compatibility</span>
<span id="LC261" class="line" lang="plaintext">|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235</span>
<span id="LC262" class="line" lang="plaintext">|<4>| HSK[0x205df60]: Requested server name: ''</span>
<span id="LC263" class="line" lang="plaintext">|<4>| HSK[0x205df60]: checking compat of GNUTLS_AES_128_GCM_SHA256 with certificate[3] (RSA-PSS/X.509)</span>
<span id="LC264" class="line" lang="plaintext">|<4>| checking cert compat with RSA-PSS-RSAE-SHA256</span>
<span id="LC265" class="line" lang="plaintext">|<4>| checking cert compat with RSA-PSS-SHA256</span>
<span id="LC266" class="line" lang="plaintext">|<4>| Selected signature algorithm: RSA-PSS-SHA256</span>
<span id="LC267" class="line" lang="plaintext">|<2>| Selected (RSA-PSS) cert based on ciphersuite 13.1: GNUTLS_AES_128_GCM_SHA256</span>
<span id="LC268" class="line" lang="plaintext">|<4>| HSK[0x205df60]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256</span>
<span id="LC269" class="line" lang="plaintext">|<4>| HSK[0x205df60]: Selected version TLS1.3</span>
<span id="LC270" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Parsing extension 'Key Share/51' (58242 bytes)</span>
<span id="LC271" class="line" lang="plaintext">|<3>| ASSERT: key_share.c[key_share_recv_params]:575</span>
<span id="LC272" class="line" lang="plaintext">|<3>| ASSERT: hello_ext.c[hello_ext_parse]:265</span>
<span id="LC273" class="line" lang="plaintext">|<3>| ASSERT: extv.c[_gnutls_extv_parse]:69</span>
<span id="LC274" class="line" lang="plaintext">|<3>| ASSERT: hello_ext.c[_gnutls_parse_hello_extensions]:298</span>
<span id="LC275" class="line" lang="plaintext">|<3>| ASSERT: handshake.c[read_client_hello]:776</span>
<span id="LC276" class="line" lang="plaintext">|<3>| ASSERT: handshake.c[_gnutls_recv_handshake]:1494</span>
<span id="LC277" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (Maximum Record Size/1) for 'hello retry request'</span>
<span id="LC278" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (OCSP Status Request/5) for 'hello retry request'</span>
<span id="LC279" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (Supported Groups/10) for 'hello retry request'</span>
<span id="LC280" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (Supported EC Point Formats/11) for 'hello retry request'</span>
<span id="LC281" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (SRP/12) for 'hello retry request'</span>
<span id="LC282" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (Signature Algorithms/13) for 'hello retry request'</span>
<span id="LC283" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (SRTP/14) for 'hello retry request'</span>
<span id="LC284" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (Heartbeat/15) for 'hello retry request'</span>
<span id="LC285" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (ALPN/16) for 'hello retry request'</span>
<span id="LC286" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (Encrypt-then-MAC/22) for 'hello retry request'</span>
<span id="LC287" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (Extended Master Secret/23) for 'hello retry request'</span>
<span id="LC288" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Not sending extension (Session Ticket/35) for 'hello retry request'</span>
<span id="LC289" class="line" lang="plaintext">|<4>| EXT[0x205df60]: Preparing extension (Key Share/51) for 'hello retry request'</span>
<span id="LC290" class="line" lang="plaintext">|<3>| ASSERT: key_share.c[key_share_send_params]:733</span>
<span id="LC291" class="line" lang="plaintext">|<3>| ASSERT: hello_ext.c[hello_ext_send]:360</span>
<span id="LC292" class="line" lang="plaintext">|<3>| ASSERT: extv.c[_gnutls_extv_append]:220</span>
<span id="LC293" class="line" lang="plaintext">|<3>| ASSERT: hello_ext.c[_gnutls_gen_hello_extensions]:429</span>
<span id="LC294" class="line" lang="plaintext">|<3>| ASSERT: tls13/hello_retry.c[_gnutls13_send_hello_retry_request]:86</span>
<span id="LC295" class="line" lang="plaintext">|<3>| ASSERT: handshake-tls13.c[_gnutls13_handshake_server]:288</span>
<span id="LC296" class="line" lang="plaintext">Error in handshake: No common key share with peer.</span>
<span id="LC297" class="line" lang="plaintext">|<5>| REC: Sending Alert[2|47] - Illegal parameter</span>
<span id="LC298" class="line" lang="plaintext">|<5>| REC[0x205df60]: Preparing Packet Alert(21) with length: 2 and min pad: 0</span>
<span id="LC299" class="line" lang="plaintext">|<5>| REC[0x205df60]: Sent Packet[1] Alert(21) in epoch 0 and length: 7</span>
<span id="LC300" class="line" lang="plaintext">|<5>| REC[0x205df60]: Start of epoch cleanup</span>
<span id="LC301" class="line" lang="plaintext">|<5>| REC[0x205df60]: End of epoch cleanup</span>
<span id="LC302" class="line" lang="plaintext">|<5>| REC[0x205df60]: Epoch #0 freed</span>
<span id="LC303" class="line" lang="plaintext">|<5>| REC[0x205df60]: Epoch #1 freed</span></code></pre>
  </details>
<h2 dir="auto">
<a id="user-content-expected-results" class="anchor" href="#expected-results" aria-hidden="true"></a>Expected results:</h2>
<p dir="auto">Test cases pass, server sends <code>handshake_failure</code></p>

</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #777;">
—
<br>
Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/issues/537">view it on GitLab</a>.
<br>
You're receiving this email because of your account on gitlab.com.
If you'd like to receive fewer emails, you can
<a href="https://gitlab.com/sent_notifications/d97280ddbd32bd270b4f60a81a90e33e/unsubscribe">unsubscribe</a>
from this thread or
adjust your notification settings.
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/issues/537"}}</script>
</p>
</div>
</body>
</html>