Startup troubles

Wed Jun 6 00:22:52 CEST 2012

On 06/05/12 22:07, Teddy Hogeborn wrote:

> Please note: To duplicate the situation exactly, the "gnutls-serv"
> command should be run on the Mandos *client*, and the "gnutls-cli"
> command should be run on the Mandos *server*.  (It is a bit
> counter-intuitive, but we designed it that way; the Mandos server and
> Mandos client runs the TLS protocol "backwards" so the Mandos client
> could have certificates and the Mandos server wouldn't need them.)
> 

OK, some progress.

I needed the --priority on both sides.

So now I can succeed with the RSA key. The DSA key fails though, as when using
mandos.

The error reported on the client side gnutls-serv is:

Error in handshake
Error: Public key signing has failed.

This is in the gnutls-serv debug output:

|<3>| HSK[0x8548ff0]: Selected cipher suite: DHE_DSS_AES_256_CBC_SHA256
|<3>| HSK[0x8548ff0]: Selected Compression Method: NULL
|<3>| HSK[0x8548ff0]: Safe renegotiation succeeded
|<3>| EXT[0x8548ff0]: Sending extension CERT TYPE (1 bytes)
|<3>| EXT[0x8548ff0]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x8548ff0]: SessionID:
c4d6d52f970e10171fdb9f56ee1b7a21f02773263546337888cddf573a9d6162
|<3>| HSK[0x8548ff0]: SERVER HELLO was queued [86 bytes]
|<3>| HSK[0x8548ff0]: CERTIFICATE was queued [1617 bytes]
|<3>| HSK[0x8548ff0]: signing handshake data: using DSA-SHA1
|<2>| ASSERT: privkey.c:1174
|<2>| ASSERT: pk.c:433
|<2>| Security level of algorithm requires hash SHA256(32) or better

It's not clear to me if there's an error there or if that's normal.

Any idea what's going wrong?

Dick

* Accepted connection from IPv4 192.168.46.7 port 40194 on Tue Jun  5 23:15:18
2012
|<2>| ASSERT: gnutls_constate.c:717
|<4>| REC[0x9469ff0]: Allocating epoch #1
|<2>| ASSERT: gnutls_buffers.c:974
|<4>| REC[0x9469ff0]: SSL 3.0 Handshake packet received. Epoch 0, length: 133
|<4>| REC[0x9469ff0]: Expected Packet Handshake(22)
|<4>| REC[0x9469ff0]: Received Packet Handshake(22) with length: 133
|<4>| REC[0x9469ff0]: Decrypted Packet[0] Handshake(22) with length: 133
|<3>| HSK[0x9469ff0]: CLIENT HELLO was received. Length 129[129], frag offset
0, frag length: 129, sequence: 0
|<3>| HSK[0x9469ff0]: Client's version: 3.3
|<2>| ASSERT: gnutls_db.c:265
|<2>| ASSERT: gnutls_db.c:297
|<3>| EXT[0x9469ff0]: Parsing extension 'SERVER NAME/0' (21 bytes)
|<3>| EXT[0x9469ff0]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes)
|<3>| EXT[0x9469ff0]: Parsing extension 'CERT TYPE/9' (2 bytes)
|<3>| HSK[0x9469ff0]: Selected certificate type OPENPGP (2)
|<3>| EXT[0x9469ff0]: Parsing extension 'SIGNATURE ALGORITHMS/13' (2 bytes)
|<3>| HSK[0x9469ff0]: Requested PK algorithm: RSA (1) -- ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: certificate[0] PK algorithm: DSA (2) - ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: Requested PK algorithm: RSA (1) -- ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: certificate[0] PK algorithm: DSA (2) - ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: Requested PK algorithm: RSA (1) -- ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: certificate[0] PK algorithm: DSA (2) - ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: Requested PK algorithm: RSA (1) -- ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: certificate[0] PK algorithm: DSA (2) - ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: Requested PK algorithm: RSA (1) -- ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: certificate[0] PK algorithm: DSA (2) - ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: Requested PK algorithm: RSA (1) -- ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: certificate[0] PK algorithm: DSA (2) - ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: Requested PK algorithm: RSA (1) -- ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: certificate[0] PK algorithm: DSA (2) - ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: Requested PK algorithm: DSA (2) -- ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: certificate[0] PK algorithm: DSA (2) - ctype: OPENPGP (2)
|<3>| HSK[0x9469ff0]: Removing ciphersuite: ECDHE_ECDSA_AES_256_CBC_SHA384
|<3>| HSK[0x9469ff0]: Removing ciphersuite: ECDHE_ECDSA_AES_256_GCM_SHA384
|<3>| HSK[0x9469ff0]: Removing ciphersuite: ECDHE_RSA_AES_256_GCM_SHA384
|<3>| HSK[0x9469ff0]: Removing ciphersuite: DHE_RSA_AES_256_CBC_SHA256
|<3>| HSK[0x9469ff0]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA256 (00.6A)
|<3>| HSK[0x9469ff0]: Removing ciphersuite: RSA_AES_256_CBC_SHA256
|<3>| HSK[0x9469ff0]: Requested cipher suites[size: 46]:
|<3>|   0x00, 0x6b DHE_RSA_AES_256_CBC_SHA256
|<3>|   0x00, 0x39 DHE_RSA_AES_256_CBC_SHA1
|<3>|   0x00, 0x88 DHE_RSA_CAMELLIA_256_CBC_SHA1
|<3>|   0x00, 0x67 DHE_RSA_AES_128_CBC_SHA256
|<3>|   0x00, 0x33 DHE_RSA_AES_128_CBC_SHA1
|<3>|   0x00, 0x45 DHE_RSA_CAMELLIA_128_CBC_SHA1
|<3>|   0x00, 0x16 DHE_RSA_3DES_EDE_CBC_SHA1
|<3>|   0x00, 0x6a DHE_DSS_AES_256_CBC_SHA256
|<3>| HSK[0x9469ff0]: Selected cipher suite: DHE_DSS_AES_256_CBC_SHA256
|<3>| HSK[0x9469ff0]: Selected Compression Method: NULL
|<3>| HSK[0x9469ff0]: Safe renegotiation succeeded
|<3>| EXT[0x9469ff0]: Sending extension CERT TYPE (1 bytes)
|<3>| EXT[0x9469ff0]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x9469ff0]: SessionID:
b41a8d65dd4094c7a83f909e65841e927733b20c1624e1e63fbef8f0b00c44f7
|<3>| HSK[0x9469ff0]: SERVER HELLO was queued [86 bytes]
|<3>| HSK[0x9469ff0]: CERTIFICATE was queued [1617 bytes]
|<3>| HSK[0x9469ff0]: signing handshake data: using DSA-SHA1
|<2>| ASSERT: privkey.c:1174
|<2>| ASSERT: pk.c:433
|<2>| Security level of algorithm requires hash SHA256(32) or better
|<2>| ASSERT: pk.c:443
|<2>| ASSERT: pk.c:455
|<2>| ASSERT: gnutls_sig.c:192
|<2>| ASSERT: privkey.c:1290
|<2>| ASSERT: gnutls_privkey.c:663
|<2>| ASSERT: gnutls_sig.c:159
|<2>| ASSERT: dhe.c:196
|<2>| ASSERT: gnutls_kx.c:186
|<2>| ASSERT: gnutls_handshake.c:2793
Error in handshake
Error: Public key signing has failed.
|<4>| REC: Sending Alert[2|80] - Internal error
|<4>| REC[0x9469ff0]: Preparing Packet Alert(21) with length: 2
|<4>| REC[0x9469ff0]: Sent Packet[1] Alert(21) in epoch 0 and length: 7
|<2>| ASSERT: gnutls_record.c:238
|<4>| REC[0x9469ff0]: Start of epoch cleanup
|<4>| REC[0x9469ff0]: End of epoch cleanup
|<4>| REC[0x9469ff0]: Epoch #0 freed
|<4>| REC[0x9469ff0]: Epoch #1 freed