gnutls-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] Possible bug in GnuTLS AES/SHA1

From: James Westby
Subject: Re: [gnutls-dev] Possible bug in GnuTLS AES/SHA1
Date: Mon, 8 Jan 2007 22:32:22 +0000
User-agent: Mutt/1.5.13 (2006-08-11) 
Apologies for posting again so quickly, but I remembered something else
that I wanted to mention in the mail.

When opening the tcpdumps in wireshark there is a breakdown of the
handshake. Wireshark interprets it like this (without the version
negotiation patch applied):

  Server                 Client

                        Hello (SSL3.0 and TLS1.0) no compression
                        13 cipher suites
                        0x0035 0x002f 0x000a 0x0016 0x0013 0x0005 0x0004
                        0x0009 0x0012 0x0008 0x0003 0x0011 0x0014

Hello (TLS1.0) no compression
0x002f TLS_RSA_WITH_AES_128_CBC_SHA

Certificate, Certificate request, Hello done

                        Certificate (none)

                        Client key exchange, Change cipher spec,
                        Encrypted handshake

Change cipher spec

Encrypted handshake

                        Encrypted alert (Bad record MAC).



Which reads reasonable to me.

As for debugging the actual data on the wire I'm not sure of the best
approach for doing this.

Thanks,

James

-- 
  James Westby   --    GPG Key ID: B577FE13    --     http://jameswestby.net/
  seccure key - (3+)k7|M*edCX/.A:n*N!>|&7U.L#9E)Tu)T0>AM - secp256r1/nistp256
reply via email to
[Prev in Thread] Current Thread [Next in Thread]