Hi, With 3.6.5 (on Fedora 29) I am seeing a problem where the server apparently ignores the order given in the priority string (NORMAL:-SIGN-ALL:+SIGN-RSA-SHA256:+SIGN-ECDSA-SHA512:-VERS-TLS1.3).
Is that the right way to do it? The manual appears to say "Don't use NONE-and-add-your-own, because versioning problems - and indeed I do get problems across versions when trying to do that. Server debug: 1942 GnuTLS global init required. 1942 initialising GnuTLS server session 1942 GnuTLS<5>: REC[0x564c6e85c480]: Allocating epoch #0 1942 Expanding various TLS configuration options for session credentials. 1942 certificate file = TESTSUITE/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem : TESTSUITE/aux -fixed/exim-ca/example_ec.com/server1.example_ec.com/server1.example_ec.com.pem 1942 key file = TESTSUITE/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key : TESTSUITE/au x-fixed/exim-ca/example_ec.com/server1.example_ec.com/server1.example_ec.com.unlocked.key 1942 GnuTLS<3>: ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110 1942 GnuTLS<3>: ASSERT: x509.c[get_alt_name]:1815 1942 GnuTLS<3>: ASSERT: mpi.c[wrap_nettle_mpi_print]:60 1942 TLS: cert/key TESTSUITE/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem registered 1942 GnuTLS<3>: ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110 1942 GnuTLS<3>: ASSERT: x509.c[get_alt_name]:1815 1942 GnuTLS<3>: ASSERT: pk.c[_wrap_nettle_pk_sign]:783 1942 GnuTLS<2>: Security level of algorithm requires hash SHA512(64) or better 1942 GnuTLS<3>: ASSERT: mpi.c[wrap_nettle_mpi_print]:60 1942 GnuTLS<3>: ASSERT: mpi.c[wrap_nettle_mpi_print]:60 1942 TLS: cert/key TESTSUITE/aux-fixed/exim-ca/example_ec.com/server1.example_ec.com/server1.example_ec.com.pem registered 1942 verify certificates = TESTSUITE/aux-fixed/exim-ca/example.com/server2.example.com/ca_chain.pem size=sss 1942 Added 2 certificate authorities. 1942 Initialising GnuTLS server params. 1942 Loading default hard-coded DH params 1942 GnuTLS<3>: ASSERT: dh.c[gnutls_dh_params_import_pkcs3]:488 1942 Loaded fixed standard D-H parameters >>>>> 1942 GnuTLS session cipher/priority "NORMAL:-SIGN-ALL:+SIGN-RSA-SHA256:+SIGN-ECDSA-SHA512:-VERS-TLS1.3" >>>>> 1942 GnuTLS<2>: added 5 protocols, 29 ciphersuites, 2 sig algos and 9 groups into priority list 1942 TLS: a client certificate will not be requested. 1942 SMTP>> 220 TLS go ahead 1942 GnuTLS<5>: REC[0x564c6e85c480]: Allocating epoch #1 1942 GnuTLS<3>: ASSERT: buffers.c[get_last_packet]:1171 1942 GnuTLS<5>: REC[0x564c6e85c480]: SSL 3.1 Handshake packet received. Epoch 0, length: 154 1942 GnuTLS<5>: REC[0x564c6e85c480]: Expected Packet Handshake(22) 1942 GnuTLS<5>: REC[0x564c6e85c480]: Received Packet Handshake(22) with length: 154 1942 GnuTLS<5>: REC[0x564c6e85c480]: Decrypted Packet[0] Handshake(22) with length: 154 1942 GnuTLS<4>: HSK[0x564c6e85c480]: CLIENT HELLO (1) was received. Length 150[150], frag offset 0, frag length: 150, seque nce: 0 1942 GnuTLS<4>: HSK[0x564c6e85c480]: Client's version: 3.3 1942 GnuTLS<4>: EXT[0x564c6e85c480]: Parsing extension 'Encrypt-then-MAC/22' (0 bytes) 1942 GnuTLS<4>: EXT[0x564c6e85c480]: Parsing extension 'Safe Renegotiation/65281' (1 bytes) 1942 GnuTLS<3>: ASSERT: db.c[_gnutls_server_restore_session]:334 1942 GnuTLS<3>: ASSERT: server_name.c[gnutls_server_name_get]:235 1942 TLS: no SNI presented in handshake. 1942 GnuTLS<4>: EXT[0x564c6e85c480]: Parsing extension 'Supported Groups/10' (20 bytes) 1942 GnuTLS<4>: EXT[0x564c6e85c480]: Received group SECP256R1 (0x17) [+groups 0x18, 19, 1d, 100-104] 1942 GnuTLS<4>: EXT[0x564c6e85c480]: Selected group SECP256R1 1942 GnuTLS<4>: EXT[0x564c6e85c480]: Parsing extension 'Supported EC Point Formats/11' (2 bytes) 1942 GnuTLS<4>: EXT[0x564c6e85c480]: Parsing extension 'Signature Algorithms/13' (6 bytes) 1942 GnuTLS<4>: EXT[0x564c6e85c480]: rcvd signature algo (4.1) RSA-SHA256 1942 GnuTLS<4>: EXT[0x564c6e85c480]: rcvd signature algo (6.3) ECDSA-SHA512 1942 GnuTLS<4>: EXT[0x564c6e85c480]: Parsing extension 'Session Ticket/35' (0 bytes) 1942 GnuTLS<4>: EXT[0x564c6e85c480]: Parsing extension 'Record Size Limit/28' (2 bytes) 1942 GnuTLS<2>: checking c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384) for compatibility 1942 GnuTLS<3>: ASSERT: server_name.c[gnutls_server_name_get]:235 1942 GnuTLS<4>: HSK[0x564c6e85c480]: Requested server name: '' 1942 GnuTLS<4>: HSK[0x564c6e85c480]: checking compat of GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 with certificate[0] (RSA/X.509) 1942 GnuTLS<3>: ASSERT: cert.c[cert_select_sign_algorithm]:1283 1942 GnuTLS<4>: HSK[0x564c6e85c480]: checking compat of GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 with certificate[1] (EC/ECDSA/X.509) 1942 GnuTLS<4>: checking cert compat with RSA-SHA256 1942 GnuTLS<4>: cannot use privkey of EC/ECDSA with RSA-SHA256 1942 GnuTLS<4>: checking cert compat with ECDSA-SHA512 >>>>>>>>>> 1942 GnuTLS<4>: Selected signature algorithm: ECDSA-SHA512 >>>>>>>>>> 1942 GnuTLS<2>: Selected (EC/ECDSA) cert based on ciphersuite c0.2c: GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 1942 GnuTLS<4>: HSK[0x564c6e85c480]: Selected group SECP256R1 (2) 1942 GnuTLS<4>: HSK[0x564c6e85c480]: Selected cipher suite: GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 1942 GnuTLS<4>: HSK[0x564c6e85c480]: Selected version TLS1.2 1942 GnuTLS<4>: HSK[0x564c6e85c480]: Safe renegotiation succeeded -- Thanks, Jeremy _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
