[gnutls-help] gnutls_protocol_get_name() and session resumption

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Apr 14 16:09:03 CEST 2019


On Sat, Apr 13, 2019 at 8:20 PM Jeremy Harris <jgh at wizmail.org> wrote:
>
> GnuTLS 3.6.7
>
> On resuming a TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256 session
> I'm getting a reported ciphersuite TLS1.3:NULL:256
>
> The "NULL" derives from gnutls_cipher_suite_get_name() and
> the difference from the original is that the kx has changed
> from 12 (GNUTLS_KX_ECDHE_RSA) to 14 (GNUTLS_KX_ECDHE_PSK).
>
>
> Should I be using gnutls_kx_get_name() (&c for cipher and mac)
> separately, rather than gnutls_cipher_suite_get_name() ?

There are no key exchange methods under TLS1.3, or they are kind of
implied, that's why you see null there. I'd recommend to use
gnutls_session_get_desc() which gives a description applicable for
gnutls but uniform across versions.

regards,
Nikos



More information about the Gnutls-help mailing list