Issue with TLS_ECDHE_RSA_AES_128_CBC_SHA256 cipher suite.

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Nov 8 07:56:31 CET 2011


On 11/08/2011 04:14 AM, Fabrice Gautier wrote:
> Hi,
> 
> It looks like this cipher suite is using the wrong hash.
> From algorithms/ciphersuites.c:
>   GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256,
>                              GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA,
>                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_2,
>                              GNUTLS_VERSION_MAX, 1),
> Should be GNUTLS_MAC_SHA256 instead of GNUTLS_MAC_SHA1

Nice catch. I've committed a fix.


regards,
Nikos





More information about the Gnutls-help mailing list