Strange bug in the TLS application protocol with PSK

Nikos Mavrogiannopoulos nmav at
Tue Oct 27 09:33:48 CET 2009

If you think this is a gnutls bug please send an example program that
reproduces this bug.


On Tue, Oct 27, 2009 at 10:09 AM, Vladimir Estis <techdisser at> wrote:
> Hello,
> I've used GNUTLS for testing of the TLS with the PSK cipher suite
> (TLS_PSK_WITH_3DES_EDE_CBC_SHA). But I've faced a problem with PSK kind of
> authentication in the gnutls-cli. I see that handshake was successfully
> done. But then I tried to send part of application data, and I found that
> first cipher block (8 bytes) was corrupted. I think, GNUTLS calculates
> checksum for application data, injures first block and then do ciphering
> across all data. I think this is bug in GNUTLS, but I couldn't find any
> discussion at the forums about this fact.
> Has anyone else encountered this behaviour of the GNUTLS?
> Thanks very much in advance for any help!
> With best regards, Vlad.
> _______________________________________________
> Help-gnutls mailing list
> Help-gnutls at

More information about the Gnutls-help mailing list