[gnutls-help] gnutls offers rsa_pcks_sha1, but does not accept it

Philip Schaten philip at noerdcampus.de
Sun Jun 6 15:47:34 CEST 2021


Hello again,

I wrote to this list on 15-05-2021 having trouble with my universities
mail server.
Thanks to Daiki Ueno, I got this to work on my system by changing the
crypto policies, but I believe I may have found a bug in gnutls as
well:

- Using gnutls-cli, I try to establish a connection to the mail server.
- From wireshark, I can see that gnutls offers rsa_pcks_sha1 as a
signature algorithm.
- The server is admittedly badly configured and chooses that signature
algorithm.
- gnutls aborts, complaining that "One of the involved algorithms has
insufficient security level." (btw. Why can't it just state for what
exact reason the security level was deemed insufficient? that would be
incredibly useful...)

Openssl, in contrast, doesn't even offer rsa_pcks_sha1 if it's not
allowed per the systems crypto policies.

Sooo I believe that the bug here is to offer SHA1 in the first place,
ignoring the crpto policies.

But I am very new to this (4 weeks ago I had'nt heard about GnuTLS),
maybe I'm missing something here: Maybe TLSv1.2 is disabled completely
to mitigate some sort of man-in-the-middle attack where the attacker
forces the use of sha1 to be able to spoof the servers identity..? 

Very much looking forward to your responses.

Best
Philip 




More information about the Gnutls-help mailing list