Support GCM modes for ntbtls.
Open, NormalPublic

Description

Trying to configure gpg to use the new https://keys.openpgp.org on Windows 10, GPG4Win 3.1.9.

I receive the following errors when attempting to refresh keys:

2019-07-01 07:03:23 dirmngr[248] DBG: dns: dnsserver[0] '8.8.8.8'
2019-07-01 07:03:23 dirmngr[248] DBG: dns: dnsserver[1] '4.4.4.4'
2019-07-01 07:03:23 dirmngr[248] DBG: dns: libdns initialized
2019-07-01 07:03:24 dirmngr[248] DBG: dns: getsrv(_pgpkey-https._tcp.keys.openpgp.org) -> 0 records
2019-07-01 07:03:24 dirmngr[248] DBG: dns: resolve_dns_name(keys.openpgp.org): Success
2019-07-01 07:03:24 dirmngr[248] resolve_dns_addr for 'keys.openpgp.org': 'keys.openpgp.org' [already known]
2019-07-01 07:03:24 dirmngr[248] DBG: Using TLS library: NTBTLS 0.1.2
2019-07-01 07:03:24 dirmngr[248] DBG: http.c:connect_server: trying name='keys.openpgp.org' port=443
2019-07-01 07:03:24 dirmngr[248] DBG: dns: resolve_dns_name(keys.openpgp.org): Success
2019-07-01 07:03:24 dirmngr[248] DBG: http.c:1899:socket_new: object 0x02eb85d0 for fd 868 created
2019-07-01 07:03:24 dirmngr[248] TLS handshake failed: Fatal alert message received <TLS>
2019-07-01 07:03:24 dirmngr[248] error connecting to 'https://keys.openpgp.org:443': Fatal alert message received

Possibly related to T3411, but it seems NTBTLS 0.1.2 should support keys.openpgp.org TLS with no problems.

I can't find a way to enable NTBTLS debug logging, let me know if that's possible and would provide useful info.

I should note that I have an identical keyserver conf on a Fedora 30 machine and refreshing keys finishes without TLS errors using GnuTLS 3.6.8.

historic_bruno created this object in space S1 Public.
werner triaged this task as Normal priority.
werner added a subscriber: werner.

They can't agree on a common ciphersuite. The reason is that the server does not support any CBC mode. Which is a bad idea because CBC is still a very common cipher mode.

I re-title the this bug as a feature request to support an GCM mode in ntbtls.

werner renamed this task from TLS handshake failed: Fatal alert message received (hkps://keys.openpgp.org, Windows, GPG4Win 3.1.9, NTBTLS 0.1.2) to Support GCM modes for ntbtls..Mon, Jul 1, 5:48 PM
Valodim added a subscriber: Valodim.Tue, Jul 2, 4:02 PM
Which is a bad idea because CBC is still a very common cipher mode.

I checked ntbtls' ciphersuites.c, and it seemed to be up to date. What ciphersuite do you suggest we include for compatibility in the meantime?

werner added a comment.Tue, Jul 2, 4:19 PM

Anything using CBC mode - ECC is just fine.

gniibe claimed this task.Wed, Jul 10, 4:51 AM
gniibe added a subscriber: gniibe.

I pushed my change as: rT7b2c4d9dd50b: Support GCM.
Please test.