Hi, I found a weird packet capture of DHE key exchange.
C --> S TLSv1.2 cipher suite used: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f) ServerKeyExchange message is sending: p length: 257 whereas pubkey length is: 256 256 means 256*8 = 2048 bit DHE key size. I am assuming, generally when using DHE, the p length and pubkey length should match. Here p length = 257*8 = 2056 bits whereas pubkey len is 2048 bits, which is unusual. Since SKE msg advertised a p len of 257, the client promptly responded with a client public key size of 257 in its CKE msg to match the p len advertised by SKE. Thus I feel the client behaviour is correct here. Can I know whether using diff p len and pubkey len allowed in DHE key exchange? with regards, Saravanan
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
