Hi,
starting a couple of days ago, applications linked against gnutls can no
longer connect to https://www.openbsd.org. Short output:
$ gnutls-cli openbsd.org
Processed 133 CA certificate(s).
Resolving 'openbsd.org:443'...
Connecting to '129.128.5.194:443'...
*** Fatal error: An illegal parameter has been received.
$ gnutls-cli -v
gnutls-cli 3.6.10
More debug output can be produced with "gnutls-cli -d 999 openbsd.org".
The interesting part is probably this:
|<4>| HSK[0x1f80fb31a000]: CERTIFICATE VERIFY (15) was received. Length
516[516], frag offset 0, frag length: 516, sequence: 0
|<4>| HSK[0x1f80fb31a000]: Parsing certificate verify
|<4>| HSK[0x1f80fb31a000]: verifying TLS 1.3 handshake data using RSA-SHA256
|<3>| ASSERT: signature.c[_gnutls_session_sign_algo_enabled]:364
|<4>| Signature algorithm RSA-SHA256 is not enabled
|<3>| ASSERT: tls13-sig.c[_gnutls13_handshake_verify_data]:75
|<3>| ASSERT:
tls13/certificate_verify.c[_gnutls13_recv_certificate_verify]:131
|<3>| ASSERT: handshake-tls13.c[_gnutls13_handshake_client]:144
|<13>| BUF[HSK]: Emptied buffer
*** Fatal error: An illegal parameter has been received.
Can be reproduced on OpenBSD 6.6-stable with gnutls from ports. (But it
affects my Linux boxes, too.)
It only fails with gnutls, so I first reported it there:
https://gitlab.com/gnutls/gnutls/-/issues/984
However, Daiki Ueno said it looks like an issue with LibreSSL. Quoting
in full:
> This looks like an issue in the server side (LibreSSL). In TLS 1.3,
> non-PSS RSA signature schemes have been removed, while the server
> seems to sign the Certificate Verify message with RSA-SHA256, which is
> not permitted.
I'm not really an expert on TLS or cryptography, so no idea what's going
on, which is why I'm reporting it on misc first. :-)
Should this be reported to libre...@openbsd.org?
Thanks in advance,
Peter
