char proto_name[32];
const char *curve_name = NULL;
unsigned dh_bits = 0;
+ unsigned mac_id;
char *desc;
kx = session->security_parameters.kx_algorithm;
type = gnutls_certificate_type_get(session);
if (type == GNUTLS_CRT_X509)
- snprintf(proto_name, sizeof(proto_name), "%s-PKIX",
+ snprintf(proto_name, sizeof(proto_name), "%s",
gnutls_protocol_get_name(get_num_version
(session)));
else
if (desc == NULL)
return NULL;
- snprintf(desc, DESC_SIZE,
- "(%s)-(%s)-(%s)-(%s)",
- proto_name,
- kx_name,
- gnutls_cipher_get_name(gnutls_cipher_get(session)),
- gnutls_mac_get_name(gnutls_mac_get(session)));
+ mac_id = gnutls_mac_get(session);
+ if (mac_id == GNUTLS_MAC_AEAD) { /* no need to print */
+ snprintf(desc, DESC_SIZE,
+ "(%s)-(%s)-(%s)",
+ proto_name,
+ kx_name,
+ gnutls_cipher_get_name(gnutls_cipher_get(session)));
+ } else {
+ snprintf(desc, DESC_SIZE,
+ "(%s)-(%s)-(%s)-(%s)",
+ proto_name,
+ kx_name,
+ gnutls_cipher_get_name(gnutls_cipher_get(session)),
+ gnutls_mac_get_name(mac_id));
+ }
return desc;
}