1

I am having a Handshake session of PSK_only mode in TLS1.3 , where I use PSK's established out of band. consider, client Hello is sent with the extensions of supported_versions, PreSharedKey, psk_key_exchange_modes

Q1)If server sends a HelloRetryRequest(HRR) message, from spec it says supported_versions to be included, does that included PreSharedKey extension aswell?

Q2)Later, when the client has to respond with clientHello2 can it have the extensions, which were not sent as part of the HRR(considering preSharedKey extension won't be sent as part of HRR)?

Improve this question
1
  • Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer.
    – Community Bot
    Commented Jun 24 at 13:27

1 Answer 1

Reset to default
2

The HelloRetryRequest can only contain the extensions listed in section 4.2 of RFC 8446 (the table on page 37). Those are: key_share, supported_versions and cookie. Note that the purpose of a HelloRetryRequest message is to ask the client to correct specific parts of the initial ClientHello. It's doesn't contain all the information that would be present in a ServerHello.

If the client has sent a ClientHello with a pre_shared_key extension and receives a HelloRetryRequest, then the next ClientHello can – and must – contain the pre_shared_key extension. Note that the client isn't allowed to change the initial ClientHello except for the modifications requested in the HelloRetryRequest (see section 4.1.2 of the RFC).

Improve this answer
1
  • can the Hello retry request be sent by server incase where initial client hello doesn't have key_share as part of it. in my case I have sent client hello with complete data, all the keys I have on my client side, even on the server replies with HRR, then based on the ciphersuite hash type, the list of psk identities would be minimized, but all these psk identities would be present even during my first client hello, In this case is server allowed to send hello retry request
    – hjhjh
    Commented Jun 25 at 8:40

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .