From n.mavrogiannopoulos at gmail.com Sun May 1 11:14:43 2016 From: n.mavrogiannopoulos at gmail.com (Nikos Mavrogiannopoulos) Date: Sun, 01 May 2016 11:14:43 +0200 Subject: [gnutls-help] Disabling all uses of elliptical curves In-Reply-To: References: Message-ID: <1462094083.5297.0.camel@gmail.com> On Fri, 2016-04-29 at 10:44 -0400, jonetsu wrote: > Hello, > > It was suggested previously to compile with the '--disable-ecdhe' > option to disable the use of elliptical curves.? Will this compile > option effectively get rid of all and every uses of elliptical curves > or will there still be some uses allowed ? Digital signatures will still be allowed. From nmav at gnutls.org Mon May 9 10:37:41 2016 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Mon, 09 May 2016 10:37:41 +0200 Subject: [gnutls-help] GnuTLS 3.5.0 released Message-ID: <1462783061.30519.7.camel@gnutls.org> We are proud to announce a new GnuTLS release: Version 3.5.0. GnuTLS is a modern C library that implements the standard network security protocol Transport Layer Security (TLS), for use by network applications.??GnuTLS is developed for GNU/Linux, but works on many Unix-like systems and as well as Windows. The GnuTLS library is distributed under the terms of the GNU Lesser General Public License version 2 (or later).??The OpenSSL compatibility library, the self tests and the command line tools are all distributed under the GNU General Public License version 3.0 (or later).??The manual is distributed under the GNU Free Documentation License version 1.3 (or later). The project pages of the library are available at: http://www.gnutls.org/ What's New ========== Version 3.5.0 is the first stable release on the 3.5.x branch and is the result of a year of planning and work [0] on the git master branch. The GnuTLS 3.5.x branch is marked as stable-next, meaning it is considered of stable quality but does not yet replace the current stable releases based on 3.4.0, which will continue to be supported. An extended summary of the most important changes is available at: http://nmav.gnutls.org/2016/05/gnutls-3-5-0.html [0]. https://gitlab.com/gnutls/gnutls/milestones/4 * Version 3.5.0 (released 2016-05-09) ** libgnutls: Added SHA3 based signing algorithms for DSA, RSA and ? ?ECDSA. ** libgnutls: Added support for curve X25519 (RFC 7748,? ? ?draft-ietf-tls-rfc4492bis-07). This curve is disabled by default as ? ?it is still on specification status. It can be enabled using the ? ?priority string modifier +CURVE-X25519. ** libgnutls: Added support for TLS false start? ? ?(draft-ietf-tls-falsestart-01) by introducing gnutls_init() flag ? ?GNUTLS_ENABLE_FALSE_START (#73). ** libgnutls: Added new APIs to access the FIPS186-4 (Shawe-Taylor ? ?based) provable RSA and DSA parameter generation from a seed. ** libgnutls: The CHACHA20-POLY1305 ciphersuite is enabled by default. ? ?This cipher is prioritized after AES-GCM. ** libgnutls: On a rehandshake ensure that the certificate of the peer ? ?or its username remains the same as in previous handshakes. That is ? ?to protect applications which do not check user credentials on ? ?rehandshakes. The threat to address depends on the application ? ?protocol. Primarily it protects against applications which ? ?authenticate the peer initially and perform accounting using the ? ?session's information, from being misled by a rehandshake which ? ?switches the peer's identity. Applications can disable this ? ?protection by using the %GNUTLS_ALLOW_ID_CHANGE flag in ? ?gnutls_init(). ** libgnutls: Be strict in TLS extension decoding. That is, do not ? ?tolerate parsing errors in the extensions field and treat it as a ? ?typical Hello message structure. Reported by Hubert Kario (#40). ** libgnutls: Old and unsupported version numbers in client hellos are ???rejected with a "protocol_version" alert message. Reported by Hubert ???Kario (#42). ** libgnutls: Lifted the limitation of calling the ? ?gnutls_session_get_data*() functions, only on non-resumed sessions.? ? ?This brings the API in par with its usage (#79). ** libgnutls: Follow RFC5280 strictly in name constraints computation. ? ?The permitted subtrees is intersected with any previous values.? ? ?Report and patch by Daiki Ueno. ** libgnutls: Enforce the RFC 7627 (extended master secret) ? ?requirements on session resumption. Reported by Hubert Kario (#69). ** libgnutls: Consider the max-record TLS extension even when under ? ?DTLS. Reported by Peter Dettman (#61). ** libgnutls: Replaced writev() system call with sendmsg(). ** libgnutls: Replaced select() system call with poll() on POSIX ? ?systems. ** libgnutls: Preload the system priority file on library load. This ? ?allows applications that chroot() to also use the system priorities. ** libgnutls: Applications are allowed to override the built-in key and ???certificate URLs. ** libgnutls: The gnutls.h header marks constant and pure functions ? ?explictly. ** certtool: Added the ability to sign certificates using SHA3. ** certtool: Added the --provable and --verify-allow-broken options. ** gnutls-cli: The --dane option will cause verification failure if ? ?gnutls is not compiled with DANE support. ** crywrap: The tool was unbundled from gnutls' distribution. It can be ? ?found at?https://github.com/nmav/crywrap ** guile: .go files are now built and installed ** guile: Fix compatibility issue of the test suite with Guile 2.1 ** guile: When --with-guile-site-dir is passed, modules are installed ? ?in a versioned directory, typically $(datadir)/guile/site/2.0 ** guile: Tests no longer leave zombie processes behind ** API and ABI modifications: GNUTLS_FORCE_CLIENT_CERT: Added GNUTLS_ENABLE_FALSE_START: Added GNUTLS_INDEFINITE_TIMEOUT: Added GNUTLS_ALPN_SERVER_PRECEDENCE: Added GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING: Added GNUTLS_E_HANDSHAKE_DURING_FALSE_START: Added gnutls_check_version_numeric: Added gnutls_x509_crt_equals: Added gnutls_x509_crt_equals2: Added gnutls_x509_crt_set_subject_alt_othername: Added gnutls_x509_crt_set_issuer_alt_othername: Added gnutls_x509_crt_get_signature_oid: Added gnutls_x509_crt_get_pk_oid: Added gnutls_x509_crq_set_subject_alt_othername: Added gnutls_x509_crq_get_pk_oid: Added gnutls_x509_crq_get_signature_oid: Added gnutls_x509_crl_get_signature_oid: Added gnutls_x509_privkey_generate2: Added gnutls_x509_privkey_get_seed: Added gnutls_x509_privkey_verify_seed: Added gnutls_privkey_generate2: Added gnutls_privkey_get_seed: Added gnutls_privkey_verify_seed: Added gnutls_decode_ber_digest_info: Added gnutls_encode_ber_digest_info: Added gnutls_dh_params_import_dsa: Added gnutls_session_get_master_secret: Added Community ========= If you need help to use GnuTLS, or want to help others, you are invited to join our help-gnutls mailing list, see: ? http://lists.gnutls.org/mailman/listinfo/gnutls-help If you wish to participate in the development of GnuTLS, you are invited to join our gnutls-dev mailing list, see: ? http://lists.gnutls.org/mailman/listinfo/gnutls-dev Internationalization ==================== The GnuTLS library messages have been translated into Czech, Dutch, French, German, Italian, Malay, Polish, Simplified Chinese, Swedish, and Vietnamese.??We welcome the addition of more translations. Getting the Software ==================== GnuTLS may be downloaded directly from .??A list of GnuTLS mirrors can be found at . Here are the XZ and LZIP compressed sources: ? ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-3.5.0.tar.xz Here are OpenPGP detached signatures signed using key 0x96865171: ? ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-3.5.0.tar.xz.sig Note that it has been signed with my openpgp key: pub???3104R/96865171 2008-05-04 [expires: 2028-04-29] uid??????????????????Nikos Mavrogiannopoulos gnutls.org> uid??????????????????Nikos Mavrogiannopoulos gmail.com> sub???2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub???2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos From cmouse at cmouse.fi Wed May 11 11:52:52 2016 From: cmouse at cmouse.fi (Aki Tuomi) Date: Wed, 11 May 2016 12:52:52 +0300 Subject: [gnutls-help] Generating EC key with GnuTLS Message-ID: <20160511095252.GA24103@pi.ip.fi> I am trying to use GnuTLS library to generate EC key with following code: int ec; gnutls_privkey_t priv; const char *curve = "secp521r1"; gnutls_pk_algorithm_t pk_algo; gnutls_ecc_curve_t pk_curve; int bits; pk_curve = gnutls_ecc_curve_get_id(curve); bits = GNUTLS_CURVE_TO_BITS(curve); pk_algo = GNUTLS_PK_EC; if ((ec = gnutls_privkey_init(&priv)) != GNUTLS_E_SUCCESS) return print_error(ec); ec = gnutls_privkey_generate(priv, pk_algo, bits, 0); if (ec != GNUTLS_E_SUCCESS) { gnutls_privkey_deinit(priv); return print_error(ec); } This gives me ERROR: The curve is unsupported on gnutls_privkey_generate. I am completely at loss why this happens? libgnutls-dev: 3.4.10-4ubuntu1 Regards, Aki -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: From n.mavrogiannopoulos at gmail.com Wed May 11 23:08:01 2016 From: n.mavrogiannopoulos at gmail.com (Nikos Mavrogiannopoulos) Date: Wed, 11 May 2016 23:08:01 +0200 Subject: [gnutls-help] Generating EC key with GnuTLS In-Reply-To: <20160511095252.GA24103@pi.ip.fi> References: <20160511095252.GA24103@pi.ip.fi> Message-ID: <1463000881.3307.0.camel@gmail.com> On Wed, 2016-05-11 at 12:52 +0300, Aki Tuomi wrote: > I am trying to use GnuTLS library to generate EC key with following > code: > > ? int ec; > ? gnutls_privkey_t priv; > ? const char *curve = "secp521r1"; > ? gnutls_pk_algorithm_t pk_algo; > ? gnutls_ecc_curve_t pk_curve; > ? int bits; > ? pk_curve = gnutls_ecc_curve_get_id(curve); > ? bits = GNUTLS_CURVE_TO_BITS(curve); You have a typo on that line. Use pk_curve. regards, Nikos From cmouse at cmouse.fi Thu May 12 05:29:09 2016 From: cmouse at cmouse.fi (Aki Tuomi) Date: Thu, 12 May 2016 06:29:09 +0300 Subject: [gnutls-help] Generating EC key with GnuTLS In-Reply-To: <1463000881.3307.0.camel@gmail.com> References: <20160511095252.GA24103@pi.ip.fi> <1463000881.3307.0.camel@gmail.com> Message-ID: <20160512032909.GA30166@pi.ip.fi> On Wed, May 11, 2016 at 11:08:01PM +0200, Nikos Mavrogiannopoulos wrote: > On Wed, 2016-05-11 at 12:52 +0300, Aki Tuomi wrote: > > I am trying to use GnuTLS library to generate EC key with following > > code: > > > > ? int ec; > > ? gnutls_privkey_t priv; > > ? const char *curve = "secp521r1"; > > ? gnutls_pk_algorithm_t pk_algo; > > ? gnutls_ecc_curve_t pk_curve; > > ? int bits; > > ? pk_curve = gnutls_ecc_curve_get_id(curve); > > ? bits = GNUTLS_CURVE_TO_BITS(curve); > > You have a typo on that line. Use pk_curve. > > regards, > Nikos > > Oh doh. Thank you. Aki > _______________________________________________ > Gnutls-help mailing list > Gnutls-help at lists.gnutls.org > http://lists.gnupg.org/mailman/listinfo/gnutls-help From nmav at gnutls.org Fri May 20 07:46:23 2016 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 20 May 2016 07:46:23 +0200 Subject: [gnutls-help] gnutls 3.4.12 Message-ID: <1463723183.1970.4.camel@gnutls.org> Hello,? ?I've just released gnutls 3.4.12. This is a bug fix release of the current stable branch. * Version 3.4.12 (released 2016-05-20) ** libgnutls: The CHACHA20-POLY1305 ciphersuite is enabled by default. ? ?This cipher is prioritized after AES-GCM. ** libgnutls: Fixes in gnutls_privkey_import_ecc_raw(). ** libgnutls: Fixed gnutls_pkcs11_get_raw_issuer() usage with the ???GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. Previously that ???operation could fail on certain PKCS#11 modules. ** libgnutls: gnutls_pkcs11_obj_import_url() and ? ?gnutls_x509_crt_import_url() can accept the? ? ?GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. ** libgnutls: gnutls_certificate_set_key() was enhanced to import the ? ?DNS name of the certificates if the provided names are NULL. ** libgnutls: when receiving SNI names, only save and expose to ? ?application the supported DNS names. ** libgnutls: when importing the certificate names at the ???gnutls_certificate_set* functions, only consider the CN as a ? ?fallback if DNS names are provided via the alternative name ? ?extension. ** gnutls-cli: on OCSP verification do not fail if we have a single ? ?valid reply. Report and reproducer by Thomas Klute. ** libgnutls: The GNUTLS_KEYLOGFILE environment variable can be used to ???log session keys in client side. These session keys are compatible ? ?with the NSS Key Log Format and can be used to decrypt the session ? ?for debugging using wireshark. ** API and ABI modifications: No changes since last version. Getting the Software ==================== GnuTLS may be downloaded directly from .??A list of GnuTLS mirrors can be found at . Here are the XZ compressed sources: ? ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.12.tar.xz Here are OpenPGP detached signatures signed using key 0x96865171: ? ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.12.tar.xz.sig Note that it has been signed with my openpgp key: pub???3104R/96865171 2008-05-04 [expires: 2028-04-29] uid??????????????????Nikos Mavrogiannopoulos gnutls.org> uid??????????????????Nikos Mavrogiannopoulos gmail.com> sub???2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub???2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos From nmav at gnutls.org Fri May 20 07:50:14 2016 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 20 May 2016 07:50:14 +0200 Subject: [gnutls-help] gnutls 3.3.23 Message-ID: <1463723414.1970.6.camel@gnutls.org> Hello,? ?I've just released gnutls 3.3.23. This is a bug-fix release on the previous stable branch. * Version 3.3.23 (released 2016-05-20) ** libgnutls: Corrected behavior of ALPN extension parsing during ? ?session resumption. Report and patches by Yuriy M. Kaminskiy. ** libgnutls: Properly print the IP Adress name constraints. ** libgnutls: Fixes in gnutls_privkey_import_ecc_raw(). ** libgnutls: Fixed gnutls_pkcs11_get_raw_issuer() usage with the ???GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. Previously that ???operation could fail on certain PKCS#11 modules. ** libgnutls: gnutls_pkcs11_obj_import_url() and ? ?gnutls_x509_crt_import_pkcs11_url() can accept the ? ?GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. ** libgnutls: gnutls_certificate_set_key() was enhanced to import the ? ?DNS name of the certificates if the provided names are NULL. ** libgnutls: when receiving SNI names, only save and expose to ? ?application the supported DNS names. ** libgnutls: when importing the certificate names at the ???gnutls_certificate_set* functions, only consider the CN as a ? ?fallback if DNS names are provided via the alternative name ? ?extension. ** ocsptool: use HTTP/1.0 for requests. This avoids issue with servers ???serving chunk encoding which ocsptool doesn't support. Reported by ? ?Thomas Klute. ** certtool: do not require a CA for OCSP signing tag. This follows the ???recommendations in RFC6960 in 4.2.2.2 which allow a CA to delegate ? ?OCSP signing to another certificate without requiring it to be a ? ?CA. Reported by Thomas Klute. ** gnutls-cli: on OCSP verification do not fail if we have a single ? ?valid reply. Report and reproducer by Thomas Klute. ** API and ABI modifications: No changes since last version. Getting the Software ==================== GnuTLS may be downloaded directly from .??A list of GnuTLS mirrors can be found at . Here are the XZ compressed sources: ? ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.23.tar.xz Here are OpenPGP detached signatures signed using key 0x96865171: ? ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.23.tar.xz.sig Note that it has been signed with my openpgp key: pub???3104R/96865171 2008-05-04 [expires: 2028-04-29] uid??????????????????Nikos Mavrogiannopoulos gnutls.org> uid??????????????????Nikos Mavrogiannopoulos gmail.com> sub???2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub???2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos