That example had debug logging, level 5??, so I added that to my test. [ 3374| 3] ASSERT: stream.c:952 [ 3374| 3] ASSERT: stream.c:952 [ 3374| 3] ASSERT: pgp.c:166 [ 3374| 3] ASSERT: stream.c:952 [ 3374| 3] ASSERT: privkey.c:1230 [ 3374| 3] ASSERT: privkey.c:1230 [ 3374| 3] ASSERT: pgp.c:166 [ 3374| 3] ASSERT: pgp.c:1644 [ 3374| 3] ASSERT: pgp.c:1644 [ 3374| 3] ASSERT: privkey.c:1230 [ 3374| 3] ASSERT: privkey.c:1230 [ 3374| 3] ASSERT: privkey.c:1230 [ 3374| 5] REC[0x4629640]: Allocating epoch #0 [ 3374| 3] ASSERT: gnutls_constate.c:588 [ 3374| 5] REC[0x4629640]: Allocating epoch #1 [ 3374| 3] ASSERT: gnutls_buffers.c:1154 [ 3374| 5] REC[0x4629640]: SSL 3.1 Handshake packet received. Epoch 0, length: 205 [ 3374| 5] REC[0x4629640]: Expected Packet Handshake(22) [ 3374| 5] REC[0x4629640]: Received Packet Handshake(22) with length: 205 [ 3374| 5] REC[0x4629640]: Decrypted Packet[0] Handshake(22) with length: 205 [ 3374| 4] HSK[0x4629640]: CLIENT HELLO (1) was received. Length 201[201], frag offset 0, frag length: 201, sequence: 0 [ 3374| 4] HSK[0x4629640]: Client's version: 3.3 [ 3374| 4] HSK[0x4629640]: Selected version TLS1.2 [ 3374| 3] ASSERT: gnutls_db.c:263 [ 3374| 4] EXT[0x4629640]: Found extension 'SUPPORTED ECC POINT FORMATS/11' [ 3374| 4] EXT[0x4629640]: Found extension 'SUPPORTED ECC/10' [ 3374| 4] EXT[0x4629640]: Found extension 'SESSION TICKET/35' [ 3374| 4] EXT[0x4629640]: Found extension 'SIGNATURE ALGORITHMS/13' [ 3374| 4] EXT[0x4629640]: Found extension 'STATUS REQUEST/5' [ 3374| 4] EXT[0x4629640]: Found extension '(null)/15' [ 3374| 4] EXT[0x4629640]: Found extension 'SUPPORTED ECC POINT FORMATS/11' [ 3374| 4] EXT[0x4629640]: Found extension 'SUPPORTED ECC/10' [ 3374| 4] EXT[0x4629640]: Parsing extension 'SESSION TICKET/35' (0 bytes) [ 3374| 4] EXT[0x4629640]: Found extension 'SIGNATURE ALGORITHMS/13' [ 3374| 4] EXT[0x4629640]: Found extension 'STATUS REQUEST/5' [ 3374| 4] EXT[0x4629640]: Found extension '(null)/15' [ 3374| 4] EXT[0x4629640]: Parsing extension 'SUPPORTED ECC POINT FORMATS/11' (4 bytes) [ 3374| 4] EXT[0x4629640]: Parsing extension 'SUPPORTED ECC/10' (52 bytes) [ 3374| 4] HSK[0x4629640]: Selected ECC curve SECP521R1 (4) [ 3374| 4] EXT[0x4629640]: Found extension 'SESSION TICKET/35' [ 3374| 4] EXT[0x4629640]: Parsing extension 'SIGNATURE ALGORITHMS/13' (32 bytes) [ 3374| 4] EXT[0x4629640]: rcvd signature algo (6.1) RSA-SHA512 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (6.2) DSA-SHA512 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (6.3) ECDSA-SHA512 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (5.1) RSA-SHA384 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (5.2) DSA-SHA384 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (5.3) ECDSA-SHA384 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (4.1) RSA-SHA256 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (4.2) DSA-SHA256 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (4.3) ECDSA-SHA256 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (3.1) RSA-SHA224 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (3.2) DSA-SHA224 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (3.3) ECDSA-SHA224 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (2.1) RSA-SHA1 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (2.2) DSA-SHA1 [ 3374| 4] EXT[0x4629640]: rcvd signature algo (2.3) ECDSA-SHA1 [ 3374| 4] EXT[0x4629640]: Parsing extension 'STATUS REQUEST/5' (5 bytes) [ 3374| 4] EXT[0x4629640]: Found extension '(null)/15' [ 3374| 4] HSK[0x4629640]: Received safe renegotiation CS [ 3374| 3] ASSERT: server_name.c:307 [ 3374| 4] HSK[0x4629640]: Requested PK algorithm: EC (4) -- ctype: X.509 (1) [ 3374| 4] HSK[0x4629640]: Requested PK algorithm: RSA (1) -- ctype: X.509 (1) [ 3374| 4] HSK[0x4629640]: Requested PK algorithm: DSA (2) -- ctype: X.509 (1) [ 3374| 3] ASSERT: cert.c:2059 [ 3374| 3] ASSERT: ciphersuites.c:1355 [ 3374| 2] Could not find an appropriate certificate: Insufficient credentials for that request. [ 3374| 3] ASSERT: ciphersuites.c:1430 [ 3374| 3] ASSERT: gnutls_handshake.c:964 [ 3374| 3] ASSERT: gnutls_handshake.c:665 [ 3374| 3] ASSERT: gnutls_handshake.c:2277 [ 3374| 3] ASSERT: gnutls_handshake.c:1481 [ 3374| 3] ASSERT: gnutls_handshake.c:3125 # Connection 1 try 1:
On Fri, Dec 4, 2015 at 9:48 AM, Nikos Mavrogiannopoulos <[email protected]> wrote: > I can refer you to the tests in our test suite which run sessions with > TLS-openpgp: > e.g., https://gitlab.com/gnutls/gnutls/blob/master/tests/openpgp-auth.c > > On Thu, Dec 3, 2015 at 7:14 PM, Mike Mestnik > <[email protected]> wrote: >> Thanks for the quick reply. I believe the cert is RSA, the key and >> cert can be found in git: >> https://github.com/cheako/ihlt/tree/gpgme/example >> >> libgnutls28-dev/experimental 3.4.7-1 >> >> On Thu, Dec 3, 2015 at 3:57 AM, Nikos Mavrogiannopoulos <[email protected]> >> wrote: >>> On Thu, Dec 3, 2015 at 2:54 AM, Mike Mestnik >>> <[email protected]> wrote: >>>> I'm writing an example application using gnutls and I'm wondering how >>>> to get SSL support for RFC 6091, as found in gnutls. >>>> https://github.com/cheako/ihlt/tree/24f6f08cf7c4c118550858718f0a3bb07d3bfa6b >>> >>> Which version of gnutls are you using? Could it be that you are using >>> certificates with DSA signatures? These are not enabled by default in >>> new gnutls versions. >>> >>> regards, >>> Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
