[gnutls-devel] GnuTLS | GnuTLS client sends early data after receiving Server Hello (#1146)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Sun Jan 10 08:54:01 CET 2021

Tatsuhiro Tsujikawa created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1146

## Description of problem:

GnuTLS client sends TLSv1.3 early data after receiving Server Hello.
That is, sending early data with weaker cryptographic property after 1RTT.

RFC 8446 says early data are sent along with Client Hello without waiting for Server first flight:

         Client                                               Server

         + early_data
         + key_share*
         + psk_key_exchange_modes
         + pre_shared_key
         (Application Data*)     -------->
                                                    + pre_shared_key
                                                        + key_share*
                                                       + early_data*
                                 <--------       [Application Data*]
         {Finished}              -------->
         [Application Data]      <------->        [Application Data]


gnutls-cli debug output shows that EARLY KEY and IV are generated after receiving Server Hello.
I used wireshark capture and observed that gnutls-cli sent early data and EOED after receiving Server first flight.

## Version of gnutls used:


## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)


## How reproducible:

Steps to Reproduce:

* gnutls-cli --port 443 -d 9999 -r --earlydata http.txt ANY-SITE-WHICH-ENABLES-EARLY-DATA
* http.txt contains HTTP/1.1 request

## Actual results:

Early data are sent after receiving Server Hello.

## Expected results:

Early data should send along with Client Hello without waiting for Server Hello.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1146
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210110/7abc7f2e/attachment.html>

More information about the Gnutls-devel mailing list