[Help-gnutls] Re: TLS/OpenPGP draft expiring soon

[Simon Josefsson]

Also, creating examples and a self test for the OpenPGP stuff would be
useful.  Have you managed to get it to work at all?  I tried this:

jas at mocca:~/src/gnutls$ gpg -a --export-secret-keys b565716f > ~/privkey.gpg

The above step would be nice to avoid, btw, although I'm not exactly
sure which file formats are supported/required.  This area seems
under-documented.

Starting the server:

jas at mocca:~/src/gnutls$ /home/jas/src/gnutls/src/gnutls-serv --pgpkeyring ~/.gnupg/pubring.gpg --pgptrustdb ~/.gnupg/secring.gpg --pgpkeyfile ~/privkey.gpg --pgpcertfile ~/josefsson.org/key.txt
Echo Server ready. Listening to port '5556'.

Error in handshake
Error: Decryption has failed.

Starting the client:

jas at mocca:~/src/gnutls$ /home/jas/src/gnutls/src/gnutls-cli --pgpkeyring ~/.gnupg/pubring.gpg --pgptrustdb ~/.gnupg/secring.gpg --pgpkeyfile ~/privkey.gpg --pgpcertfile ~/josefsson.org/key.txt --port 5556 localhost
Processed 1 client PGP certificate...
Resolving 'localhost'...
Connecting to '127.0.0.1:5556'...
*** Fatal error: A TLS fatal alert has been received.
*** Received alert [20]: Bad record MAC
*** Handshake has failed
GNUTLS ERROR: A TLS fatal alert has been received.
jas at mocca:~/src/gnutls$

Enabling debugging in the server indicate this:

|<2>| ASSERT: gnutls_pk.c:283
|<2>| ASSERT: auth_rsa.c:258
|<1>| auth_rsa: Possible PKCS #1 format attack

However, if I look at the decrypted RSA signature, it is just garbage.
Probably it is using the wrong private or public key.

I think the OpenPGP integration in GnuTLS generally needs some TLC,
and if you have time to work on it, that would appreciated.

Thanks,
Simon