[gnutls-help] gnutls_protocol_get_name() and session resumption

Jeremy Harris jgh at wizmail.org
Mon Apr 15 17:45:00 CEST 2019

On 15/04/2019 07:33, Nikos Mavrogiannopoulos wrote:
> On Sun, Apr 14, 2019 at 9:19 PM Jeremy Harris <jgh at wizmail.org> wrote:
>> On 14/04/2019 15:09, Nikos Mavrogiannopoulos wrote:
>>> On Sat, Apr 13, 2019 at 8:20 PM Jeremy Harris <jgh at wizmail.org> wrote:
>>>> GnuTLS 3.6.7
>>>> On resuming a TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256 session
>>>> I'm getting a reported ciphersuite TLS1.3:NULL:256
>>>> The "NULL" derives from gnutls_cipher_suite_get_name() and
>>>> the difference from the original is that the kx has changed
>>>> Should I be using gnutls_kx_get_name() (&c for cipher and mac)
>>>> separately, rather than gnutls_cipher_suite_get_name() ?
>>> There are no key exchange methods under TLS1.3, or they are kind of
>>> implied, that's why you see null there. I'd recommend to use
>>> gnutls_session_get_desc() which gives a description applicable for
>>> gnutls but uniform across versions.
>> Using that, the original connection gets
>>  (TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
>> and the resumed session gets
>>  (TLS1.3)-(ECDHE-PSK-SECP256R1)-(AES-256-GCM)
>> Assuming the ECDHE is "implied by the TLS1.3" and the PSK part
>> is saying the key was shared by the initial connection...
>> what has happened to the cipher?
> The cipher is in both cases AES-256-GCM. What has changed is the key
> exchange and authentication method.

Ah. So what is the distinction between the elements
(ECDHE-SECP256R1)  and  (RSA-PSS-RSAE-SHA256) ?

Also, where did the MAC information go?  Is it still valid and required
to use gnutls_mac_get_name(gnutls_mac_get()) ?


More information about the Gnutls-help mailing list