On Tue, Jul 28, 2015 at 3:13 PM, Tim Riemann <[email protected]> wrote: > Hi, > I am currently trying to run some tests with GnuTLS 3.4.1 on a self written > TLS-PSK server, but I am not able to select the cipher suites which I need > to test. For example, I am not able to select TLS_PSK_AES_128_GCM_SHA256 > with the following priority string: "+PSK:+AES-128-GCM:+MAC-ALL". Using the > tool “gnutls-priority” (https://gist.github.com/stbuehler/5693466) I > verified that the cipher suite from above should be enabled. But if I > connect to my TLS-PSK server, GnuTLS shows the message “Error in priorities: > No or insufficient priorities were set.”. What priority string do I need to > select this specific cipher suite?
If you simply need to test the PSK ciphersuites, you can start from the "normal" priority string, and enable PSK, i.e., "NORMAL:-KX-ALL:+PSK". That way you ensure that all required values are set. > I also want to check NULL cipher suites such as “TLS_PSK_NULL_SHA1”. How can > I configure GnuTLS to only use this cipher suite? It would be awesome if you > can give me any hints J. append -CIPHER-ALL:+NULL. regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
