<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=utf-8" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<div></div>

<h2 dir="auto">

<a id="user-content-description-of-problem" class="anchor" href="#description-of-problem" aria-hidden="true"></a>Description of problem:</h2>

<p dir="auto">When applications using GnuTLS with client certificate key in smart card connect using TLS, the library should check the PKCS#11 module capabilities before negotiating the TLS 1.3 and failing later without any mechanisms to try</p>

<p dir="auto">originally reported in: <a href="https://bugzilla.redhat.com/show_bug.cgi?id=1681006" rel="nofollow noreferrer noopener" target="_blank">https://bugzilla.redhat.com/show_bug.cgi?id=1681006</a></p>

<h2 dir="auto">

<a id="user-content-version-of-gnutls-used" class="anchor" href="#version-of-gnutls-used" aria-hidden="true"></a>Version of gnutls used:</h2>

<p dir="auto">3.6.5</p>

<h2 dir="auto">

<a id="user-content-distributor-of-gnutls-eg-ubuntu-fedora-rhel" class="anchor" href="#distributor-of-gnutls-eg-ubuntu-fedora-rhel" aria-hidden="true"></a>Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)</h2>

<p dir="auto">RHEL</p>

<h2 dir="auto">

<a id="user-content-how-reproducible" class="anchor" href="#how-reproducible" aria-hidden="true"></a>How reproducible:</h2>

<p dir="auto">always</p>

<p dir="auto">Steps to Reproduce:</p>

<ul dir="auto">

<li>Prerequisites:

<ul>

<li>PKCS#11 module without support for RSA-PSS and raw-RSA mechanisms</li>

<li>The server requests TLS client authentication</li>

</ul>

</li>

<li>Start a server requesting TLS client authentication:</li>

</ul>

<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">$ gnutls-serv --http --require-client-cert --x509cafile ca.pem -d 9 --x509certfile cert.pem --x509keyfile key.pem</span></code></pre>

<ul dir="auto">

<li>Connect to the server using wget (or any other application) compiled against GnuTLS with private key in the PKCS#11 module:</li>

</ul>

<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">$ GNUTLS_DEBUG_LEVEL=9 wget --no-check-certificate --certificate="pkcs11:token=SomeDevice;object=cert;type=cert" --private-key="pkcs11:token=SomeDevice;object=key;type=private?pin-value=111111" --debug --tries 1 https://localhost:5556/</span></code></pre>

<h2 dir="auto">

<a id="user-content-actual-results" class="anchor" href="#actual-results" aria-hidden="true"></a>Actual results:</h2>

<p dir="auto">The TLS 1.3 connection fails:</p>

<pre class="code highlight js-syntax-highlight plaintext" lang="plaintext" v-pre="true"><code><span id="LC1" class="line" lang="plaintext">[...]</span>

<span id="LC2" class="line" lang="plaintext">gnutls[4]: checking cert compat with RSA-PSS-SHA512</span>

<span id="LC3" class="line" lang="plaintext">gnutls[4]: checking cert compat with RSA-PSS-RSAE-SHA512</span>

<span id="LC4" class="line" lang="plaintext">gnutls[4]: checking cert compat with ECDSA-SECP521R1-SHA512</span>

<span id="LC5" class="line" lang="plaintext">gnutls[4]: cannot use privkey of RSA with ECDSA-SECP521R1-SHA512</span>

<span id="LC6" class="line" lang="plaintext">gnutls[4]: checking cert compat with RSA-SHA1</span>

<span id="LC7" class="line" lang="plaintext">gnutls[3]: ASSERT: signature.c[_gnutls_session_sign_algo_enabled]:365</span>

<span id="LC8" class="line" lang="plaintext">gnutls[4]: Signature algorithm RSA-SHA1 is not enabled</span>

<span id="LC9" class="line" lang="plaintext">gnutls[4]: checking cert compat with ECDSA-SHA1</span>

<span id="LC10" class="line" lang="plaintext">gnutls[4]: cannot use privkey of RSA with ECDSA-SHA1</span>

<span id="LC11" class="line" lang="plaintext">gnutls[3]: ASSERT: tls13/certificate_verify.c[_gnutls13_send_certificate_verify]:192</span>

<span id="LC12" class="line" lang="plaintext">gnutls[3]: ASSERT: handshake-tls13.c[_gnutls13_handshake_client]:178</span>

<span id="LC13" class="line" lang="plaintext">GnuTLS: The signature is incompatible with the public key.</span>

<span id="LC14" class="line" lang="plaintext">gnutls[5]: REC[0x55bab44e9510]: Start of epoch cleanup</span>

<span id="LC15" class="line" lang="plaintext">gnutls[5]: REC[0x55bab44e9510]: Epoch #0 freed</span>

<span id="LC16" class="line" lang="plaintext">gnutls[5]: REC[0x55bab44e9510]: End of epoch cleanup</span>

<span id="LC17" class="line" lang="plaintext">gnutls[5]: REC[0x55bab44e9510]: Epoch #1 freed</span>

<span id="LC18" class="line" lang="plaintext">Closed fd 4</span>

<span id="LC19" class="line" lang="plaintext">Unable to establish SSL connection.</span></code></pre>

<h2 dir="auto">

<a id="user-content-expected-results" class="anchor" href="#expected-results" aria-hidden="true"></a>Expected results:</h2>

<p dir="auto">The TLS connection should be downgraded to TLS 1.2</p>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/issues/730">view it on GitLab</a>.

<br>

You're receiving this email because of your account on gitlab.com.

If you'd like to receive fewer emails, you can

<a href="https://gitlab.com/sent_notifications/ff89d92a3253e84cc3f60406864f5ff3/unsubscribe">unsubscribe</a>

from this thread or

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/issues/730"}}</script>

</p>

</div>

</body>

</html>