From simon at josefsson.org Wed Jul 2 18:22:07 2008 From: simon at josefsson.org (Simon Josefsson) Date: Wed, 02 Jul 2008 18:22:07 +0200 Subject: [Help-gnutls] Re: adding trusted CAs In-Reply-To: (Rainer Gerhards's message of "Wed, 21 May 2008 11:58:32 +0200") References: Message-ID: <87hcb8uuhc.fsf@mocca.josefsson.org> "Rainer Gerhards" writes: > Hi all, > > this is probably an exceptionally dumb question, but... ;) > > I would like to ship a number of trusted roots with the default > rsyslog install - much like web browsers do. The idea is that I would > like to be able to automatically verify certificates that have been > obtained by one of those well-known CA. > > Question now: how do I do that? Do I simply add the certificate blocks > into a single big .pem file? Or do I need to supply multiple files. Yes, that is typically the simplest. The gnutls_certificate_set_x509_trust_file function will read multiple CAs from a file. > Also (the probably really dumb one ;)): how do I obtain these > certificates? Ask the CAs? Or export them from the browser (I've not > found this option in Firefox). > > Advise is appreciated. Extracting them from a browser has been done: http://curl.haxx.se/docs/caextract.html I don't recommend shipping these CAs as "trusted" CAs without verifying them though. It is generally safest to ask users to install the CAs they trust manually. /Simon From lennart at scopeport.org Thu Jul 3 18:05:10 2008 From: lennart at scopeport.org (Lennart Koopmann) Date: Thu, 03 Jul 2008 18:05:10 +0200 Subject: [Help-gnutls] gnutls_priority_set_direct undefined Message-ID: <1215101110.2764.5.camel@sundaysister> Hello everyone, i am currently experimenting with the GNU TLS library. I started with the TLS anonymous test client from the documentation. When i try to compile (a slightly modified) version, i get an error message that tells me that gnutls_priority_set_direct was not defined. (The original message is in German and i am not sure about the translation) When i comment out the gnutls_priority_set_direct line the program compiles fine but i get an "GnuTLS internal error". I am connecting to the gnutls-serv on localhost. The problem existed before my modifications to the example. ? Could anybody please help me with that problem? ? GNU TLS 2.0.4 on Fedora Core 9 Thank you very much! So long Lennart Koopmann From nmav at gnutls.org Thu Jul 3 22:46:42 2008 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 3 Jul 2008 23:46:42 +0300 Subject: [Help-gnutls] gnutls_priority_set_direct undefined In-Reply-To: <1215101110.2764.5.camel@sundaysister> References: <1215101110.2764.5.camel@sundaysister> Message-ID: Hello, Note that the manual in the website is for the latest version of gnutls. Thus in order to use the examples there you should download the latest available version. So either you need to upgrade or install the -doc package of gnutls in your distribution and use the older documentation. regards, Nikos On Thu, Jul 3, 2008 at 7:05 PM, Lennart Koopmann wrote: > Hello everyone, > > i am currently experimenting with the GNU TLS library. I started with > the TLS anonymous test client from the documentation. When i try to > compile (a slightly modified) version, i get an error message that tells > me that gnutls_priority_set_direct was not defined. (The original > message is in German and i am not sure about the translation) > > When i comment out the gnutls_priority_set_direct line the program > compiles fine but i get an "GnuTLS internal error". > > I am connecting to the gnutls-serv on localhost. The problem existed > before my modifications to the example. > ? > Could anybody please help me with that problem? > ? > GNU TLS 2.0.4 on Fedora Core 9 > > Thank you very much! > > So long > Lennart Koopmann > > > > _______________________________________________ > Help-gnutls mailing list > Help-gnutls at gnu.org > http://lists.gnu.org/mailman/listinfo/help-gnutls > From lennart at scopeport.org Sat Jul 5 20:11:05 2008 From: lennart at scopeport.org (Lennart Koopmann) Date: Sat, 05 Jul 2008 20:11:05 +0200 Subject: [Help-gnutls] GNUTLS ERROR: A TLS fatal alert has been received. Message-ID: <1215281465.2763.8.camel@sundaysister> Hello everyone, i installed GNUTLS version 2.5.1 from hand because the one from the Fedora repository is too old. When i try to anonymous connect to a "gnutls-server --http" my client returns: *** Handshake failed GNUTLS ERROR: A TLS fatal alert has been received. The server says: Error in handshake Error: Could not negotiate a supported cipher suite. Could you please help me with that? I don't really know how to proceed now. I can upload the source code of my test program if you want. It's mostly a copy & paste from the documentation. (7.3.1 Simple Client Example with Anonymous Authentication) [lennart at sundaysister Debug]$ ldd GNUTLSTest [...] libgnutls.so.26 => /usr/lib/libgnutls.so.26 (0x00111000) [...] Thank you all! So long Lennart -- FSF Member #5673 From nmav at gnutls.org Sun Jul 6 10:50:49 2008 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sun, 06 Jul 2008 11:50:49 +0300 Subject: [Help-gnutls] GNUTLS ERROR: A TLS fatal alert has been received. In-Reply-To: <1215281465.2763.8.camel@sundaysister> References: <1215281465.2763.8.camel@sundaysister> Message-ID: <48708769.80608@gnutls.org> Lennart Koopmann wrote: > Hello everyone, > > i installed GNUTLS version 2.5.1 from hand because the one from the > Fedora repository is too old. > When i try to anonymous connect to a "gnutls-server --http" my client > returns: > > *** Handshake failed > GNUTLS ERROR: A TLS fatal alert has been received. > > The server says: > > Error in handshake > Error: Could not negotiate a supported cipher suite. > > Could you please help me with that? I don't really know how to proceed > now. I can upload the source code of my test program if you want. It's > mostly a copy & paste from the documentation. (7.3.1 Simple Client > Example with Anonymous Authentication) For debugging you can use the -d 4 (or higher) option to gnutls-serv and see with details what was the reason of failure. On your own program you can use gnutls_global_set_log_function and gnutls_global_set_log_level. regards, Nikos From nmav at gnutls.org Sun Jul 6 11:02:09 2008 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sun, 06 Jul 2008 12:02:09 +0300 Subject: [Help-gnutls] GNUTLS ERROR: A TLS fatal alert has been received. In-Reply-To: <48708769.80608@gnutls.org> References: <1215281465.2763.8.camel@sundaysister> <48708769.80608@gnutls.org> Message-ID: <48708A11.6030400@gnutls.org> Nikos Mavrogiannopoulos wrote: > Lennart Koopmann wrote: >> Hello everyone, >> >> i installed GNUTLS version 2.5.1 from hand because the one from the >> Fedora repository is too old. >> When i try to anonymous connect to a "gnutls-server --http" my client >> returns: >> >> *** Handshake failed >> GNUTLS ERROR: A TLS fatal alert has been received. >> >> The server says: >> >> Error in handshake >> Error: Could not negotiate a supported cipher suite. >> >> Could you please help me with that? I don't really know how to proceed >> now. I can upload the source code of my test program if you want. It's >> mostly a copy & paste from the documentation. (7.3.1 Simple Client >> Example with Anonymous Authentication) > > For debugging you can use the -d 4 (or higher) option to gnutls-serv and > see with details what was the reason of failure. On your own program you > can use gnutls_global_set_log_function and gnutls_global_set_log_level. But probably what you need is to run gnutls-serv with the option --priority "NORMAL:+ANON-DH". To see other possibilities use the gnutls-serv -l. regards, Nikos From lennart at scopeport.org Sun Jul 6 16:48:06 2008 From: lennart at scopeport.org (Lennart Koopmann) Date: Sun, 06 Jul 2008 16:48:06 +0200 Subject: [Help-gnutls] GNUTLS ERROR: A TLS fatal alert has been received. In-Reply-To: <48708A11.6030400@gnutls.org> References: <1215281465.2763.8.camel@sundaysister> <48708769.80608@gnutls.org> <48708A11.6030400@gnutls.org> Message-ID: <1215355686.13274.3.camel@sundaysister> Thank you again, Nikos! :) The ?--priority "NORMAL:+ANON-DH" allows a connection with my anonymous test client! * connection from ::ffff:127.0.0.1, port 43292 - Anonymous Diffie-Hellman parameters - Using prime: 1032 bits - Secret key: 1023 bits - Peer's public key: 1024 bits - Version: TLS1.1 - Key Exchange: ANON-DH - Cipher: CAMELLIA-256-CBC - MAC: SHA1 - Compression: NULL Best regards Lennart Am Sonntag, den 06.07.2008, 12:02 +0300 schrieb Nikos Mavrogiannopoulos: > Nikos Mavrogiannopoulos wrote: > > Lennart Koopmann wrote: > >> Hello everyone, > >> > >> i installed GNUTLS version 2.5.1 from hand because the one from the > >> Fedora repository is too old. > >> When i try to anonymous connect to a "gnutls-server --http" my client > >> returns: > >> > >> *** Handshake failed > >> GNUTLS ERROR: A TLS fatal alert has been received. > >> > >> The server says: > >> > >> Error in handshake > >> Error: Could not negotiate a supported cipher suite. > >> > >> Could you please help me with that? I don't really know how to proceed > >> now. I can upload the source code of my test program if you want. It's > >> mostly a copy & paste from the documentation. (7.3.1 Simple Client > >> Example with Anonymous Authentication) > > > > For debugging you can use the -d 4 (or higher) option to gnutls-serv and > > see with details what was the reason of failure. On your own program you > > can use gnutls_global_set_log_function and gnutls_global_set_log_level. > > But probably what you need is to run gnutls-serv with the option > --priority "NORMAL:+ANON-DH". To see other possibilities use the > gnutls-serv -l. > > regards, > Nikos > > From lennart at scopeport.org Wed Jul 9 14:15:36 2008 From: lennart at scopeport.org (Lennart Koopmann) Date: Wed, 09 Jul 2008 14:15:36 +0200 Subject: [Help-gnutls] How to correctly set Diffie Hellman prime bits? Message-ID: <1215605736.2685.15.camel@sundaysister> Hello again list, i am continuing experimenting with GNUTLS. I have written a client and a server that perform anonymous (ANON-DH) TLS negotiation. I successfully connected to a gnutls-serv --http ?--priority "NORMAL: +ANON-DH" instance. When i tried to connect to my own server (which is mostly an example from the documentation) i got the following error: > GNUTLS ERROR: The Diffie Hellman prime sent by the server is not > acceptable (not long enough). So i manually set the Diffie Hellman prime bits in the server to 1024 and in the client to 1023 (gnutls_dh_set_prime_bits (session, DH_BITS)) - With no effect. Still the same error. I also tried to set the DH prime bits in the server to 2048. The server needed longer to start up after this change so i guess that took effect. I then set the DH prime bits in the client to 0 and in the server to 1024. Now i can connect: Output of server: > [lennart at sundaysister Debug]$ ./GNUTLSTest-Server > Server ready. Listening to port '5556'. > > - Anonymous DH using prime of -50 bits > - connection from 112.93.99.0, port 50879 > - Handshake was completed > > - Peer has closed the GNUTLS connection Output of client: > [lennart at sundaysister Debug]$ ./GNUTLSTest > - Anonymous DH using prime of 8 bits > - Handshake was completed > - Received 22 bytes: hello, this is a test! Notice the "?Anonymous DH using prime of -50 bits". This is the output of gnutls_dh_get_prime_bits(session)). No change whereever i place the output in the source code or what i set DH_BITS to. I guess a DH prime of 8 bits will not provide strong encryption, right? ;) Could you please help me with that? So long Lennart From ludo at gnu.org Wed Jul 9 23:19:37 2008 From: ludo at gnu.org (Ludovic =?iso-8859-1?Q?Court=E8s?=) Date: Wed, 09 Jul 2008 23:19:37 +0200 Subject: [Help-gnutls] Re: How to correctly set Diffie Hellman prime bits? References: <1215605736.2685.15.camel@sundaysister> Message-ID: <87abgqu55i.fsf@gnu.org> Hi, Lennart Koopmann writes: > When i tried to connect to my own server (which is mostly an example > from the documentation) i got the following error: > >> GNUTLS ERROR: The Diffie Hellman prime sent by the server is not >> acceptable (not long enough). The solution may be to apply this patch: http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=b32735e1e275c4a2dbf544c04cdf344181fea555 Thanks, Ludovic. From lennart at scopeport.org Thu Jul 10 11:12:39 2008 From: lennart at scopeport.org (Lennart Koopmann) Date: Thu, 10 Jul 2008 11:12:39 +0200 Subject: [Help-gnutls] Re: How to correctly set Diffie Hellman prime bits? In-Reply-To: <87abgqu55i.fsf@gnu.org> References: <1215605736.2685.15.camel@sundaysister> <87abgqu55i.fsf@gnu.org> Message-ID: <1215681159.2701.3.camel@sundaysister> Hey Ludovic, thank you very much! Seems like this was fixed in GnuTLS 2.5.2? I installed it and everything works fine with 1024 DH bits :) Have a nice day! Best regards Lennart Koopmann Am Mittwoch, den 09.07.2008, 23:19 +0200 schrieb Ludovic Court?s: > Hi, > > Lennart Koopmann writes: > > > When i tried to connect to my own server (which is mostly an example > > from the documentation) i got the following error: > > > >> GNUTLS ERROR: The Diffie Hellman prime sent by the server is not > >> acceptable (not long enough). > > The solution may be to apply this patch: > > http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=b32735e1e275c4a2dbf544c04cdf344181fea555 > > Thanks, > Ludovic. > > > > _______________________________________________ > Help-gnutls mailing list > Help-gnutls at gnu.org > http://lists.gnu.org/mailman/listinfo/help-gnutls > From simon at josefsson.org Thu Jul 10 11:25:48 2008 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 10 Jul 2008 11:25:48 +0200 Subject: [Help-gnutls] Re: How to correctly set Diffie Hellman prime bits? In-Reply-To: <1215605736.2685.15.camel@sundaysister> (Lennart Koopmann's message of "Wed, 09 Jul 2008 14:15:36 +0200") References: <1215605736.2685.15.camel@sundaysister> Message-ID: <87zloq6qg3.fsf@mocca.josefsson.org> Lennart Koopmann writes: > Could you please help me with that? Try GnuTLS 2.5.2. /Simon From daniel at haxx.se Fri Jul 25 23:21:50 2008 From: daniel at haxx.se (Daniel Stenberg) Date: Fri, 25 Jul 2008 23:21:50 +0200 (CEST) Subject: [Help-gnutls] NSS info for the comparison table Message-ID: Hi I pointed out your excellent SSL/TLS lib comparison table to the NSS guys the other day and they seem to have ideas about corrections/updates for it. Here's the thread on the NSS list: http://thread.gmane.org/gmane.comp.mozilla.crypto/9950 -- / daniel.haxx.se From fxchip at gmail.com Tue Jul 29 22:25:41 2008 From: fxchip at gmail.com (Zach C.) Date: Tue, 29 Jul 2008 13:25:41 -0700 Subject: [Help-gnutls] X.509 certificates around JUST A PUBLIC key... can it be done? Message-ID: <4219888f0807291325s267ecdecscf696a4bdc5e2738@mail.gmail.com> So here's the dilemma. I am writing a library/interface for the iPhone to work in Linux. I'm currently working on the pairing functionality; I'm trying to repeat the process as exactly as possible to iTunes's implementation. Here's what happens: iTunes asks device for its public key. iPhone responds with its public key. iTunes generates a root certificate (CA certificate) with (root) private key, host certificate (presumably for encrypted communications) with (host) private key, and device certificate, whose public key info *is* the public key sent by the iPhone. All three certificates are signed with the root private key. iTunes then generates a UUID and sends out a PairRecord containing all three certificates and that UUID as a HostID. The iPhone will then verify the certificates against the root certificate (presumably, or maybe more specifically the public key in the root certificate), and if everything is in order (i.e. the root certificate really was used to sign the others), it will send a "pair successful" message back. I'm fully aware that I can currently generate the Root and Host certificates without a problem in GnuTLS. The problem I'm having, though, is that I *need* to be able to generate a certificate around the public key sent by the iPhone and then sign that certificate with the root private key. I'm wondering if that's possible in GnuTLS... I was considering doing a gnutls_x509_privkey_import_rsa_raw and *only* setting the modulus and public exponent (however I would get them), but I'm not sure if that would work or if GnuTLS would throw an error out about it. And if it did it properly, whether setting the new "private key" struct on a new certificate would do what I'm describing here. Thanks in advance! :) -------------- next part -------------- An HTML attachment was scrubbed... URL: From sdecugis at nict.go.jp Wed Jul 30 11:24:19 2008 From: sdecugis at nict.go.jp (Sebastien Decugis) Date: Wed, 30 Jul 2008 18:24:19 +0900 Subject: [Help-gnutls] TLS and SCTP Message-ID: <48903343.9040101@nict.go.jp> Hello, I am trying to implement TLS over a SCTP association with multiple streams (the final goal is to make an open-source implementation of Diameter). From RFC 3436, it is told that each pair of (bi-directional) stream is an independent TLS session (separate handshake, and so on). The remaining streams have no TLS protection, and will therefore not be used in my implementation. I understand how to specify my own transport-layer handlers in GNU TLS with the set_push_function and set_pull_function, but I think it is not sufficient support to handle the TLS over the multiple streams as expected. We can create a wrapper function to send data on a specific stream, but not to receive only from a given stream. The logic must be: we receive a message, we can retrieve its stream number, and then we know the TLS context (session) this message belongs to. I cannot see a way to achieve this with the API of gnutls. Has someone ran into this issue already and could give me some hints / pointers? The only workaround I can see yet is to use only 1 stream in my SCTP association, but this is not very satisfactory... Thank you in advance! Best regards, Sebastien. -- Sebastien Decugis Research fellow Network Architecture Group NICT (nict.go.jp)