On Tue, 11 Feb 2014 14:06:55 +0100 Nikos Mavrogiannopoulos <[email protected]>
wrote:
NM> On Mon, Feb 10, 2014 at 5:51 PM, Ted Zlatanov <[email protected]> wrote:
>> I didn't see that somehow build-aux/config.rpath got included in the
>> patch, which was already pretty long. Sorry about that.
NM> There seems to be something wrong with the patch for documentation.
NM> There are duplicate sections (e.g. "Introduction to the library"), and
NM> it seems like it duplicates existing documention. Is that intentional?
Ugh. I was editing the document and everything looked OK with `git
diff' but when I redirected it I caught some garbage in the patch. I'm
sorry about that, no idea what happened[1]. See attached.
Should I mention for each priority string (I only did for "NORMAL") if
it enables or disabled DHE?
The FAQ patch stands.
Ted
[1] Emacs has started losing the transient mark on Shift+PageDown and I
keep missing that, and forgetting to ask how to fix it... I think it
was the reason for that large erroneous block of text.
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 95f2d29..5d16edf 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -879,12 +879,11 @@ are listed in @ref{The Alert Protocol}.
@section Priority strings
@cindex Priority strings
-In order to specify cipher suite preferences on a TLS session
-there are priority functions that accept a string
-specifying the enabled for the handshake algorithms.
-That string may contain a single initial keyword such as
-in @ref{tab:prio-keywords} and may be followed by
-additional algorithm or special keywords.
+The GnuTLS priority string specifies the TLS session's handshake
+algorithms and options in a compact, easy-to-use format. That string
+may contain a single initial keyword such as in
+@ref{tab:prio-keywords} and may be followed by additional algorithm or
+special keywords.
@showfuncB{gnutls_priority_set_direct,gnutls_priority_set}
@@ -905,12 +904,202 @@ limited to 128 bit ciphers and sorted by terms of speed
performance. The message authenticity security level is of 64 bits or more,
and the certificate verification profile is set to GNUTLS_PROFILE_LOW (80-bits).
+@itemize @bullet
+@item
+Performance 128-bit Software Ciphers
+
+@itemize @minus
+@item
+GNUTLS_CIPHER_ARCFOUR_128
+@item
+GNUTLS_CIPHER_AES_128_CBC
+@item
+GNUTLS_CIPHER_CAMELLIA_128_CBC
+@item
+GNUTLS_CIPHER_AES_256_CBC
+@item
+GNUTLS_CIPHER_CAMELLIA_256_CBC
+@item
+GNUTLS_CIPHER_3DES_CBC
+@item
+GNUTLS_CIPHER_AES_128_GCM
+@item
+GNUTLS_CIPHER_AES_256_GCM
+@end itemize
+
+@item
+Performance Key Exchange Algorithms
+
+@itemize @minus
+@item
+GNUTLS_KX_RSA
+@item
+GNUTLS_KX_ECDHE_ECDSA
+@item
+GNUTLS_KX_ECDHE_RSA
+@item
+GNUTLS_KX_DHE_RSA
+@item
+GNUTLS_KX_DHE_DSS
+@end itemize
+
+@item
+Normal MAC
+
+@itemize @minus
+@item
+GNUTLS_MAC_SHA1
+@item
+GNUTLS_MAC_SHA256
+@item
+GNUTLS_MAC_SHA384
+@item
+GNUTLS_MAC_AEAD
+@item
+GNUTLS_MAC_MD5
+@end itemize
+
+@item
+Normal ECC
+@itemize @minus
+@item
+GNUTLS_ECC_CURVE_SECP192R1
+@item
+GNUTLS_ECC_CURVE_SECP224R1
+@item
+GNUTLS_ECC_CURVE_SECP256R1
+@item
+GNUTLS_ECC_CURVE_SECP384R1
+@item
+GNUTLS_ECC_CURVE_SECP521R1
+@end itemize
+
+@item
+Default Signing
+
+@itemize @minus
+@item
+GNUTLS_SIGN_RSA_SHA256
+@item
+GNUTLS_SIGN_DSA_SHA256
+@item
+GNUTLS_SIGN_ECDSA_SHA256
+@item
+GNUTLS_SIGN_RSA_SHA384
+@item
+GNUTLS_SIGN_ECDSA_SHA384
+@item
+GNUTLS_SIGN_RSA_SHA512
+@item
+GNUTLS_SIGN_ECDSA_SHA512
+@item
+GNUTLS_SIGN_RSA_SHA224
+@item
+GNUTLS_SIGN_DSA_SHA224
+@item
+GNUTLS_SIGN_ECDSA_SHA224
+@item
+GNUTLS_SIGN_RSA_SHA1
+@item
+GNUTLS_SIGN_DSA_SHA1
+@item
+GNUTLS_SIGN_ECDSA_SHA1
+@end itemize
+
+@end itemize
+
@item NORMAL @tab
Means all the known to be secure ciphersuites. The ciphers are sorted by security
margin, although the 256-bit ciphers are included as a fallback only.
The message authenticity security level is of 64 bits or more,
and the certificate verification profile is set to GNUTLS_PROFILE_LOW (80-bits).
+This priority string implicitly enables DHE and ECDHE.
+
+@itemize @bullet
+
+@item
+Secure Key Exchange Algorithms
+
+@itemize @minus
+@item
+GNUTLS_KX_ECDHE_ECDSA
+@item
+GNUTLS_KX_ECDHE_RSA
+@item
+GNUTLS_KX_DHE_RSA
+@item
+GNUTLS_KX_DHE_DSS
+@item
+GNUTLS_KX_RSA
+@end itemize
+
+@item
+Normal MAC
+
+@itemize @minus
+@item
+GNUTLS_MAC_SHA1
+@item
+GNUTLS_MAC_SHA256
+@item
+GNUTLS_MAC_SHA384
+@item
+GNUTLS_MAC_AEAD
+@item
+GNUTLS_MAC_MD5
+@end itemize
+
+@item
+Normal ECC
+
+@itemize @minus
+@item
+GNUTLS_ECC_CURVE_SECP192R1
+@item
+GNUTLS_ECC_CURVE_SECP224R1
+@item
+GNUTLS_ECC_CURVE_SECP256R1
+@item
+GNUTLS_ECC_CURVE_SECP384R1
+@item
+GNUTLS_ECC_CURVE_SECP521R1
+@end itemize
+
+@item
+Default Signing
+
+@itemize @minus
+@item
+GNUTLS_SIGN_RSA_SHA256
+@item
+GNUTLS_SIGN_DSA_SHA256
+@item
+GNUTLS_SIGN_ECDSA_SHA256
+@item
+GNUTLS_SIGN_RSA_SHA384
+@item
+GNUTLS_SIGN_ECDSA_SHA384
+@item
+GNUTLS_SIGN_RSA_SHA512
+@item
+GNUTLS_SIGN_ECDSA_SHA512
+@item
+GNUTLS_SIGN_RSA_SHA224
+@item
+GNUTLS_SIGN_DSA_SHA224
+@item
+GNUTLS_SIGN_ECDSA_SHA224
+@item
+GNUTLS_SIGN_RSA_SHA1
+@item
+GNUTLS_SIGN_DSA_SHA1
+@item
+GNUTLS_SIGN_ECDSA_SHA1
+@end itemize
+
+@end itemize
+
@item PFS @tab
Means all the known to be secure ciphersuites that support perfect forward
secrecy. The ciphers are sorted by security
@@ -925,12 +1114,164 @@ security level 128-bit or more.
The message authenticity security level is of 80 bits or more,
and the certificate verification profile is set to GNUTLS_PROFILE_LOW (80-bits).
+@itemize @bullet
+
+@item
+Secure 128-bit and higher Ciphers
+
+@itemize @minus
+@item
+GNUTLS_CIPHER_AES_128_CBC
+@item
+GNUTLS_CIPHER_CAMELLIA_128_CBC
+@item
+GNUTLS_CIPHER_AES_128_GCM
+@item
+GNUTLS_CIPHER_AES_256_CBC
+@item
+GNUTLS_CIPHER_CAMELLIA_256_CBC
+@item
+GNUTLS_CIPHER_AES_256_GCM
+@end itemize
+
+@item
+Secure 128-bit and higher MACs
+
+@itemize @minus
+@item
+GNUTLS_MAC_SHA1
+@item
+GNUTLS_MAC_SHA256
+@item
+GNUTLS_MAC_SHA384
+@item
+GNUTLS_MAC_AEAD
+@end itemize
+
+@item
+Secure Key Exchange Algorithms
+
+@itemize @minus
+@item
+GNUTLS_KX_ECDHE_ECDSA
+@item
+GNUTLS_KX_ECDHE_RSA
+@item
+GNUTLS_KX_DHE_RSA
+@item
+GNUTLS_KX_DHE_DSS
+@item
+GNUTLS_KX_RSA
+@end itemize
+
+@item
+Secure 128-bit and higher Signing
+
+@itemize @minus
+@item
+GNUTLS_SIGN_RSA_SHA256
+@item
+GNUTLS_SIGN_DSA_SHA256
+@item
+GNUTLS_SIGN_ECDSA_SHA256
+@item
+GNUTLS_SIGN_RSA_SHA384
+@item
+GNUTLS_SIGN_ECDSA_SHA384
+@item
+GNUTLS_SIGN_RSA_SHA512
+@item
+GNUTLS_SIGN_ECDSA_SHA512
+@end itemize
+
+@item
+Secure 128-bit and higher ECC
+
+@itemize @minus
+@item
+GNUTLS_ECC_CURVE_SECP256R1
+@item
+GNUTLS_ECC_CURVE_SECP384R1
+@item
+GNUTLS_ECC_CURVE_SECP521R1
+@end itemize
+
+@end itemize
+
@item SECURE192 @tab
Means all the known to be secure ciphersuites that offer a
security level 192-bit or more.
The message authenticity security level is of 128 bits or more,
and the certificate verification profile is set to GNUTLS_PROFILE_HIGH (128-bits).
+@itemize @bullet
+
+@item
+Secure Key Exchange Algorithms
+
+@itemize @minus
+@item
+GNUTLS_KX_ECDHE_ECDSA
+@item
+GNUTLS_KX_ECDHE_RSA
+@item
+GNUTLS_KX_DHE_RSA
+@item
+GNUTLS_KX_DHE_DSS
+@item
+GNUTLS_KX_RSA
+@end itemize
+
+@item
+Secure 192-bit and higher Ciphers
+
+@itemize @minus
+@item
+GNUTLS_CIPHER_AES_256_CBC
+@item
+GNUTLS_CIPHER_CAMELLIA_256_CBC
+@item
+GNUTLS_CIPHER_AES_256_GCM
+@end itemize
+
+@item
+Secure 192-bit and higher MACs
+
+@itemize @minus
+@item
+GNUTLS_MAC_SHA256
+@item
+GNUTLS_MAC_SHA384
+@item
+GNUTLS_MAC_AEAD
+@end itemize
+
+@item
+Secure 192-bit and higher Signing
+
+@itemize @minus
+@item
+GNUTLS_SIGN_RSA_SHA384
+@item
+GNUTLS_SIGN_ECDSA_SHA384
+@item
+GNUTLS_SIGN_RSA_SHA512
+@item
+GNUTLS_SIGN_ECDSA_SHA512
+@end itemize
+
+@item
+Secure 192-bit and higher ECC
+
+@itemize @minus
+@item
+GNUTLS_ECC_CURVE_SECP384R1
+@item
+GNUTLS_ECC_CURVE_SECP521R1
+@end itemize
+
+@end itemize
+
@item SECURE256 @tab
Currently alias for SECURE192.
@@ -939,15 +1280,215 @@ Means all the NSA Suite B cryptography (RFC5430) ciphersuites
with an 128 bit security level, as well as the enabling of the corresponding
verification profile.
+@itemize @bullet
+
+@item
+Suite B 128-bit and higher Ciphers
+
+@itemize @minus
+@item
+GNUTLS_CIPHER_AES_128_GCM
+@item
+GNUTLS_CIPHER_AES_256_GCM
+@end itemize
+
+@item
+Suite B 128-bit and higher MACs
+
+@itemize @minus
+@item
+GNUTLS_MAC_AEAD
+@end itemize
+
+@item
+Suite B Key Exchange Algorithms
+
+@itemize @minus
+@item
+GNUTLS_KX_ECDHE_ECDSA
+@end itemize
+
+@item
+Suite B 128-bit and higher Signing
+
+@itemize @minus
+@item
+GNUTLS_SIGN_ECDSA_SHA256
+@item
+GNUTLS_SIGN_ECDSA_SHA384
+@end itemize
+
+@item
+Suite B 128-bit and higher ECC
+
+@itemize @minus
+@item
+GNUTLS_ECC_CURVE_SECP256R1
+@item
+GNUTLS_ECC_CURVE_SECP384R1
+@end itemize
+
+@end itemize
+
@item SUITEB192 @tab
Means all the NSA Suite B cryptography (RFC5430) ciphersuites
with an 192 bit security level, as well as the enabling of the corresponding
verification profile.
+@itemize @bullet
+
+@item
+Suite B 192-bit and higher Ciphers
+
+@itemize @minus
+@item
+GNUTLS_CIPHER_AES_256_GCM
+@end itemize
+
+@item
+Suite B 192-bit and higher MACs
+
+@itemize @minus
+@item
+GNUTLS_MAC_AEAD
+@end itemize
+
+@item
+Suite B Key Exchange Algorithms
+
+@itemize @minus
+@item
+GNUTLS_KX_ECDHE_ECDSA
+@end itemize
+
+@item
+Suite B 192-bit and higher Signing
+
+@itemize @minus
+@item
+GNUTLS_SIGN_ECDSA_SHA384
+@end itemize
+
+@item
+Suite B 192-bit and higher ECC
+
+@itemize @minus
+@item
+GNUTLS_ECC_CURVE_SECP384R1
+@end itemize
+
+@end itemize
+
@item EXPORT @tab
Means all ciphersuites are enabled, including the
low-security 40 bit ciphers.
+@itemize @bullet
+
+@item
+All Key Exchange Algorithms
+
+@itemize @minus
+@item
+GNUTLS_KX_RSA
+@item
+GNUTLS_KX_ECDHE_ECDSA
+@item
+GNUTLS_KX_ECDHE_RSA
+@item
+GNUTLS_KX_DHE_RSA
+@item
+GNUTLS_KX_DHE_DSS
+@item
+GNUTLS_KX_RSA_EXPORT
+@end itemize
+
+@item
+All Ciphers
+
+@itemize @minus
+@item
+GNUTLS_CIPHER_AES_128_CBC
+@item
+GNUTLS_CIPHER_AES_256_CBC
+@item
+GNUTLS_CIPHER_CAMELLIA_128_CBC
+@item
+GNUTLS_CIPHER_CAMELLIA_256_CBC
+@item
+GNUTLS_CIPHER_AES_128_GCM
+@item
+GNUTLS_CIPHER_3DES_CBC
+@item
+GNUTLS_CIPHER_ARCFOUR_128
+@item
+GNUTLS_CIPHER_ARCFOUR_40
+@end itemize
+
+@item
+Normal ECC
+
+@itemize @minus
+@item
+GNUTLS_ECC_CURVE_SECP192R1
+@item
+GNUTLS_ECC_CURVE_SECP224R1
+@item
+GNUTLS_ECC_CURVE_SECP256R1
+@item
+GNUTLS_ECC_CURVE_SECP384R1
+@item
+GNUTLS_ECC_CURVE_SECP521R1
+@end itemize
+
+@item
+Default Signing
+
+@itemize @minus
+@item
+GNUTLS_SIGN_RSA_SHA256
+@item
+GNUTLS_SIGN_DSA_SHA256
+@item
+GNUTLS_SIGN_ECDSA_SHA256
+@item
+GNUTLS_SIGN_RSA_SHA384
+@item
+GNUTLS_SIGN_ECDSA_SHA384
+@item
+GNUTLS_SIGN_RSA_SHA512
+@item
+GNUTLS_SIGN_ECDSA_SHA512
+@item
+GNUTLS_SIGN_RSA_SHA224
+@item
+GNUTLS_SIGN_DSA_SHA224
+@item
+GNUTLS_SIGN_ECDSA_SHA224
+@item
+GNUTLS_SIGN_RSA_SHA1
+@item
+GNUTLS_SIGN_DSA_SHA1
+@item
+GNUTLS_SIGN_ECDSA_SHA1
+@end itemize
+
+@item
+Secure 128-bit and higher MACs
+
+@itemize @minus
+@item
+GNUTLS_MAC_SHA1
+@item
+GNUTLS_MAC_SHA256
+@item
+GNUTLS_MAC_SHA384
+@item
+GNUTLS_MAC_AEAD
+@end itemize
+
+@end itemize
+
@item NONE @tab
Means nothing is enabled. This disables even protocols and
compression methods. It should be followed by the
@@ -1010,6 +1551,8 @@ PSK, DHE-PSK, ECDHE-RSA, ANON-ECDH, ANON-DH. The
Catch all name is KX-ALL which will add all the algorithms from NORMAL
priority.
+Add @code{!DHE-RSA:!DHE-DSS} to the priority string to disable DHE.
+
@item MAC @tab
MD5, SHA1, SHA256, AEAD (used with
GCM ciphers only). All algorithms from NORMAL priority can be accessed with MAC-ALL.
_______________________________________________
Gnutls-help mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnutls-help
