mint icon indicating copy to clipboard operation
mint copied to clipboard
verified publisher icon bifurcation

Implement HelloRetryRequest

Open bifurcation opened this issue 10 years ago • 3 comments

When the client doesn't send a key share from a supported group, the server should send a HelloRetryRequest message. If the client hasn't generated key shares for all supported groups, it should generate one and retry the ClientHello.

bifurcation avatar Feb 22 '16 22:02 bifurcation

Fixed by #109

bifurcation avatar Nov 28 '16 14:11 bifurcation

Well, maybe not. That patch doesn't cover the case where the server gets an incomplete DH offer.

bifurcation avatar Nov 28 '16 14:11 bifurcation

Related to this, groups we don't know about in the ClientHello key_shares should be skipped over. Currently they cause a handshake failure, because share.SizeValid() for those shares is false. This is going to become a problem with the GREASE RFC being adopted for TLS 1.3, which will intentionally inject invalid group IDs into key_shares (and other extension fields). https://www.ietf.org/mail-archive/web/tls/current/msg22319.html

alexwebr avatar Mar 01 '17 01:03 alexwebr