[gnutls-dev] Possible bug in GnuTLS AES/SHA1

James Westby jw+debian at jameswestby.net
Sun Feb 4 22:04:57 CET 2007

On (09/01/07 08:50), Simon Josefsson wrote:
> James Westby <jw+debian at jameswestby.net> writes:
> > As for debugging the actual data on the wire I'm not sure of the best
> > approach for doing this.
> Using wireshark and comparing between two sessions, one that work, and
> one that doesn't, and look for differences, is the only I can think
> of...  there are some TLS dump tools around, but none as versatile as
> wireshark + RFC + pen&paper.

I have sat down tonight and gone through two packet captures that Marc
provided me with. One is the failing one, the other obtained by
disallowing SHA. The only difference that I can see is in the cipher
suite negotiated, which is purely the server's decision. Everything that
was going on seemed to tie in OK with the RFC as well.

It seems that the client doesn't fall back to SSL v3, I don't know where
I got that from. Both of the sequences use TLS1.0 all the way through.

This only leaves the encrypted bits to check. Do you know of anyway to
do this? Apparently wireshark can do some of it if you give it the
server's private key. Marc would it be possible for you to generate a
testing key and certificate and provide them to me along with a trace of
the session when using them?



  James Westby   --    GPG Key ID: B577FE13    --     http://jameswestby.net/
  seccure key - (3+)k7|M*edCX/.A:n*N!>|&7U.L#9E)Tu)T0>AM - secp256r1/nistp256

More information about the Gnutls-devel mailing list