TLSv1.2 interop issue

Florian Weimer fweimer at
Thu Jan 5 10:49:13 CET 2012

* Nikos Mavrogiannopoulos:

>> gnutls_sig.c:630 says:
>> |    return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); /* too bad we only support SHA1 and SHA256 */
> Can you try gnutls 3.0.x? It doesn't have this limitation.

I tried, but it seems to require nettle 2.4 to build, which I currently

>> This is a bit puzzling.  Why does GNUTLS pick RSA-SHA512 if it doesn't
>> support the algorithm?
> Could you send me the transaction as a tcpdump raw file (to open with
> wireshark).

I'll send it by separate mail.

Florian Weimer                <fweimer at>
BFK edv-consulting GmbH
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99

More information about the Gnutls-help mailing list