in HRR handshake CCS is sent at wrong time by gnutls
[reported by @tomato42]
running cc1e19fb
standard config: ./gnutls-http-serv --priority NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2 -p 4433 -a -d 6
the test from https://github.com/tomato42/tlsfuzzer/pull/396 fails, the CCS is not sent after HRR but rather after ServerHello
the test fails because it's waiting for CCS while server is waiting for CH:
HRR because of empty key_shares ...
Error encountered while processing node
<tlsfuzzer.expect.ExpectChangeCipherSpec object at 0x7f048b8d6a50> (child:
<tlsfuzzer.messages.ClientHelloGenerator object at 0x7f048b8d6bd0>) with last
message being: None
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-hrr.py", line 212, in main
runner.run()
File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 196, in run
raise AssertionError("Unexpected closure from peer")
AssertionError: Unexpected closure from peer
|<4>| EXT[0x669a30]: Not sending extension (Session Ticket/35) for 'hello
retry request'
|<4>| EXT[0x669a30]: Preparing extension (Key Share/51) for 'hello retry
request'
|<4>| HSK[0x669a30]: Selected group SECP256R1 (2)
|<4>| EXT[0x669a30]: requesting retry with group SECP256R1
|<4>| EXT[0x669a30]: Sending extension Key Share/51 (2 bytes)
|<4>| EXT[0x669a30]: Preparing extension (Supported Versions/43) for 'hello
retry request'
|<4>| EXT[0x669a30]: Sending extension Supported Versions/43 (2 bytes)
|<4>| EXT[0x669a30]: Not sending extension (Post Handshake Auth/49) for 'hello
retry request'
|<4>| EXT[0x669a30]: Not sending extension (Safe Renegotiation/65281) for
'hello retry request'
|<4>| EXT[0x669a30]: Not sending extension (Server Name Indication/0) for
'hello retry request'
|<4>| EXT[0x669a30]: Preparing extension (Cookie/44) for 'hello retry request'
|<4>| EXT[0x669a30]: Not sending extension (PSK Key Exchange Modes/45) for
'hello retry request'
|<4>| EXT[0x669a30]: Not sending extension (Pre Shared Key/41) for 'hello
retry request'
|<4>| EXT[0x669a30]: Not sending extension (ClientHello Padding/21) for 'hello
retry request'
|<4>| HSK[0x669a30]: HELLO RETRY REQUEST was queued [88 bytes]
|<5>| REC[0x669a30]: Preparing Packet Handshake(22) with length: 88 and min
pad: 0
|<5>| REC[0x669a30]: Sent Packet[1] Handshake(22) in epoch 0 and length: 93
|<3>| ASSERT: buffers.c[get_last_packet]:1170
when you comment out the ExpectChangeCipherSpace() from line 148 it fails because the server sends CCS instead of EE:
HRR because of empty key_shares ...
Error encountered while processing node
<tlsfuzzer.expect.ExpectEncryptedExtensions object at 0x7f7779762b90> (child:
<tlsfuzzer.expect.ExpectCertificate object at 0x7f7779762cd0>) with last
message being: <tlslite.messages.Message object at 0x7f77797746d0>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-hrr.py", line 212, in main
runner.run()
File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 210, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: ChangeCipherSpec()