Strange bug in the TLS application protocol with PSK

Vladimir Estis techdisser at
Tue Oct 27 09:09:27 CET 2009


I've used GNUTLS for testing of the TLS with the PSK cipher suite
(TLS_PSK_WITH_3DES_EDE_CBC_SHA). But I've faced a problem with PSK kind of
authentication in the gnutls-cli. I see that handshake was successfully
done. But then I tried to send part of application data, and I found that
first cipher block (8 bytes) was corrupted. I think, GNUTLS calculates
checksum for application data, injures first block and then do ciphering
across all data. I think this is bug in GNUTLS, but I couldn't find any
discussion at the forums about this fact.

Has anyone else encountered this behaviour of the GNUTLS?
Thanks very much in advance for any help!

With best regards, Vlad.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20091027/375a737b/attachment.htm>

More information about the Gnutls-help mailing list