Bug#993507: libgnutls30: fails to negotiate X25519 where NSS & OpenSSL succeed, success with X448

Lionel Elie Mamane lionel at mamane.lu
Thu Sep 2 11:04:02 BST 2021 

Package: libgnutls30
Version: 3.7.2-2
Severity: normal

$ gnutls-cli --priority 'NORMAL:-GROUP-SECP256R1:-GROUP-SECP384R1:-GROUP-SECP521R1' fxtop.com
Processed 138 CA certificate(s).
Resolving 'fxtop.com:443'...
Connecting to '5.39.68.178:443'...
*** Fatal error: An illegal parameter has been received.

$ openssl s_client -curves X25519 -connect fxtop.com:443
CONNECTED(00000003)
(... snip ...)
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
(... snip ...)


I attach a pcapng of network corresponding traffic. The same is
reproducible with www.collaboraoffice.com instead of fxtop.com

Note, though (not included in pcapng file):

$ gnutls-cli --priority 'NORMAL:-GROUP-SECP256R1:-GROUP-SECP384R1:-GROUP-SECP521R1:-GROUP-X25519' fxtop.com
(...)
Resolving 'fxtop.com:443'...
Connecting to '5.39.68.178:443'...
(...)
- Description: (TLS1.3)-(ECDHE-X448)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)


-- System Information:
Debian Release: 10.10
  APT prefers oldstable
  APT policy: (600, 'oldstable'), (500, 'oldstable-updates'), (400, 'testing'), (300, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.7.0-1-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libgnutls30 depends on:
ii  libc6          2.31-13
ii  libgmp10       2:6.1.2+dfsg-4
ii  libhogweed6    3.7.3-1
ii  libidn2-0      2.0.5-1+deb10u1
ii  libnettle8     3.7.3-1
ii  libp11-kit0    0.23.22-1
ii  libtasn1-6     4.16.0-2
ii  libunistring2  0.9.10-1

libgnutls30 recommends no packages.

Versions of packages libgnutls30 suggests:
ii  gnutls-bin  3.6.7-4+deb10u7

-- no debconf information

-- 
Lionel Mamane
Tél: +352 46 67 74
Fax: +352 46 67 76

This message and any attachments may be intended to be confidential,
intended solely for the addressee and/or contain legally privileged
information. Any unauthorised use or dissemination is prohibited.
Unless cryptographically protected, emails are susceptible to
interception, alteration and spoofing, so in case of doubt, please
check by independent means.

We do not make any commitment by email, ever; if this emails appears
to contain a commitment, we will not recognise the latter as valid,
nor as engaging our liability. We make commitments only by a written
paper document signed by at least one person entitled to engage our
liability.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnutls_openssl_x25519.pcapng
Type: application/octet-stream
Size: 13240 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnutls-maint/attachments/20210902/a2a83693/attachment.obj>

More information about the Pkg-gnutls-maint mailing list