[gnutls-help] No supported cipher suites have been found.

Mike Mestnik cheako+gnutls at mikemestnik.net
Fri Dec 4 20:15:21 CET 2015


That example had debug logging, level 5??, so I added that to my test.
[ 3374| 3] ASSERT: stream.c:952
[ 3374| 3] ASSERT: stream.c:952
[ 3374| 3] ASSERT: pgp.c:166
[ 3374| 3] ASSERT: stream.c:952
[ 3374| 3] ASSERT: privkey.c:1230
[ 3374| 3] ASSERT: privkey.c:1230
[ 3374| 3] ASSERT: pgp.c:166
[ 3374| 3] ASSERT: pgp.c:1644
[ 3374| 3] ASSERT: pgp.c:1644
[ 3374| 3] ASSERT: privkey.c:1230
[ 3374| 3] ASSERT: privkey.c:1230
[ 3374| 3] ASSERT: privkey.c:1230
[ 3374| 5] REC[0x4629640]: Allocating epoch #0
[ 3374| 3] ASSERT: gnutls_constate.c:588
[ 3374| 5] REC[0x4629640]: Allocating epoch #1
[ 3374| 3] ASSERT: gnutls_buffers.c:1154
[ 3374| 5] REC[0x4629640]: SSL 3.1 Handshake packet received. Epoch 0,
length: 205
[ 3374| 5] REC[0x4629640]: Expected Packet Handshake(22)
[ 3374| 5] REC[0x4629640]: Received Packet Handshake(22) with length: 205
[ 3374| 5] REC[0x4629640]: Decrypted Packet[0] Handshake(22) with length: 205
[ 3374| 4] HSK[0x4629640]: CLIENT HELLO (1) was received. Length
201[201], frag offset 0, frag length: 201, sequence: 0
[ 3374| 4] HSK[0x4629640]: Client's version: 3.3
[ 3374| 4] HSK[0x4629640]: Selected version TLS1.2
[ 3374| 3] ASSERT: gnutls_db.c:263
[ 3374| 4] EXT[0x4629640]: Found extension 'SUPPORTED ECC POINT FORMATS/11'
[ 3374| 4] EXT[0x4629640]: Found extension 'SUPPORTED ECC/10'
[ 3374| 4] EXT[0x4629640]: Found extension 'SESSION TICKET/35'
[ 3374| 4] EXT[0x4629640]: Found extension 'SIGNATURE ALGORITHMS/13'
[ 3374| 4] EXT[0x4629640]: Found extension 'STATUS REQUEST/5'
[ 3374| 4] EXT[0x4629640]: Found extension '(null)/15'
[ 3374| 4] EXT[0x4629640]: Found extension 'SUPPORTED ECC POINT FORMATS/11'
[ 3374| 4] EXT[0x4629640]: Found extension 'SUPPORTED ECC/10'
[ 3374| 4] EXT[0x4629640]: Parsing extension 'SESSION TICKET/35' (0 bytes)
[ 3374| 4] EXT[0x4629640]: Found extension 'SIGNATURE ALGORITHMS/13'
[ 3374| 4] EXT[0x4629640]: Found extension 'STATUS REQUEST/5'
[ 3374| 4] EXT[0x4629640]: Found extension '(null)/15'
[ 3374| 4] EXT[0x4629640]: Parsing extension 'SUPPORTED ECC POINT
FORMATS/11' (4 bytes)
[ 3374| 4] EXT[0x4629640]: Parsing extension 'SUPPORTED ECC/10' (52 bytes)
[ 3374| 4] HSK[0x4629640]: Selected ECC curve SECP521R1 (4)
[ 3374| 4] EXT[0x4629640]: Found extension 'SESSION TICKET/35'
[ 3374| 4] EXT[0x4629640]: Parsing extension 'SIGNATURE ALGORITHMS/13'
(32 bytes)
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (6.1) RSA-SHA512
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (6.2) DSA-SHA512
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (6.3) ECDSA-SHA512
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (5.1) RSA-SHA384
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (5.2) DSA-SHA384
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (5.3) ECDSA-SHA384
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (4.1) RSA-SHA256
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (4.2) DSA-SHA256
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (4.3) ECDSA-SHA256
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (3.1) RSA-SHA224
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (3.2) DSA-SHA224
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (3.3) ECDSA-SHA224
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (2.1) RSA-SHA1
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (2.2) DSA-SHA1
[ 3374| 4] EXT[0x4629640]: rcvd signature algo (2.3) ECDSA-SHA1
[ 3374| 4] EXT[0x4629640]: Parsing extension 'STATUS REQUEST/5' (5 bytes)
[ 3374| 4] EXT[0x4629640]: Found extension '(null)/15'
[ 3374| 4] HSK[0x4629640]: Received safe renegotiation CS
[ 3374| 3] ASSERT: server_name.c:307
[ 3374| 4] HSK[0x4629640]: Requested PK algorithm: EC (4) -- ctype: X.509 (1)
[ 3374| 4] HSK[0x4629640]: Requested PK algorithm: RSA (1) -- ctype: X.509 (1)
[ 3374| 4] HSK[0x4629640]: Requested PK algorithm: DSA (2) -- ctype: X.509 (1)
[ 3374| 3] ASSERT: cert.c:2059
[ 3374| 3] ASSERT: ciphersuites.c:1355
[ 3374| 2] Could not find an appropriate certificate: Insufficient
credentials for that request.
[ 3374| 3] ASSERT: ciphersuites.c:1430
[ 3374| 3] ASSERT: gnutls_handshake.c:964
[ 3374| 3] ASSERT: gnutls_handshake.c:665
[ 3374| 3] ASSERT: gnutls_handshake.c:2277
[ 3374| 3] ASSERT: gnutls_handshake.c:1481
[ 3374| 3] ASSERT: gnutls_handshake.c:3125
# Connection 1 try 1:

On Fri, Dec 4, 2015 at 9:48 AM, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> I can refer you to the tests in our test suite which run sessions with
> TLS-openpgp:
> e.g., https://gitlab.com/gnutls/gnutls/blob/master/tests/openpgp-auth.c
>
> On Thu, Dec 3, 2015 at 7:14 PM, Mike Mestnik
> <cheako+gnutls at mikemestnik.net> wrote:
>> Thanks for the quick reply.  I believe the cert is RSA, the key and
>> cert can be found in git:
>> https://github.com/cheako/ihlt/tree/gpgme/example
>>
>> libgnutls28-dev/experimental 3.4.7-1
>>
>> On Thu, Dec 3, 2015 at 3:57 AM, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
>>> On Thu, Dec 3, 2015 at 2:54 AM, Mike Mestnik
>>> <cheako+gnutls at mikemestnik.net> wrote:
>>>> I'm writing an example application using gnutls and I'm wondering how
>>>> to get SSL support for RFC 6091, as found in gnutls.
>>>> https://github.com/cheako/ihlt/tree/24f6f08cf7c4c118550858718f0a3bb07d3bfa6b
>>>
>>> Which version of gnutls are you using? Could it be that you are using
>>> certificates with DSA signatures? These are not enabled by default in
>>> new gnutls versions.
>>>
>>> regards,
>>> Nikos



More information about the Gnutls-help mailing list