Hi, starting a couple of days ago, applications linked against gnutls can no longer connect to https://www.openbsd.org. Short output:
$ gnutls-cli openbsd.org Processed 133 CA certificate(s). Resolving 'openbsd.org:443'... Connecting to '129.128.5.194:443'... *** Fatal error: An illegal parameter has been received. $ gnutls-cli -v gnutls-cli 3.6.10 More debug output can be produced with "gnutls-cli -d 999 openbsd.org". The interesting part is probably this: |<4>| HSK[0x1f80fb31a000]: CERTIFICATE VERIFY (15) was received. Length 516[516], frag offset 0, frag length: 516, sequence: 0 |<4>| HSK[0x1f80fb31a000]: Parsing certificate verify |<4>| HSK[0x1f80fb31a000]: verifying TLS 1.3 handshake data using RSA-SHA256 |<3>| ASSERT: signature.c[_gnutls_session_sign_algo_enabled]:364 |<4>| Signature algorithm RSA-SHA256 is not enabled |<3>| ASSERT: tls13-sig.c[_gnutls13_handshake_verify_data]:75 |<3>| ASSERT: tls13/certificate_verify.c[_gnutls13_recv_certificate_verify]:131 |<3>| ASSERT: handshake-tls13.c[_gnutls13_handshake_client]:144 |<13>| BUF[HSK]: Emptied buffer *** Fatal error: An illegal parameter has been received. Can be reproduced on OpenBSD 6.6-stable with gnutls from ports. (But it affects my Linux boxes, too.) It only fails with gnutls, so I first reported it there: https://gitlab.com/gnutls/gnutls/-/issues/984 However, Daiki Ueno said it looks like an issue with LibreSSL. Quoting in full: > This looks like an issue in the server side (LibreSSL). In TLS 1.3, > non-PSS RSA signature schemes have been removed, while the server > seems to sign the Certificate Verify message with RSA-SHA256, which is > not permitted. I'm not really an expert on TLS or cryptography, so no idea what's going on, which is why I'm reporting it on misc first. :-) Should this be reported to libre...@openbsd.org? Thanks in advance, Peter