WKD: Error running auto-key-locate wkd in Windows 10 (#33751) · Issues · The Tor Project / TPA / TPA team

WKD: Error running auto-key-locate wkd in Windows 10

I'm reviewing our instructions to verify Tor Browser[1] and it looks like looks like our wkd has some issues with Windows. It works fine with macOS and Linux. I asked in gnupg-users mailing list[2], and Werner Koch suggested that "A reason for the failed handhake might be that no common parameters could be found. We would need to look at the server log or run tests with that server to see what it expects. I copy the full TLS log below. I have no GNUTLS based build currently available, if that works, it log could give also some conclusion. However, on Windows we always use NTBTLS." Here's the log: ``` DBG: ntbtls(2): handshake DBG: ntbtls(2): client state: 0 (hello_request) DBG: ntbtls(3): flush output DBG: ntbtls(2): client state: 1 (client_hello) DBG: ntbtls(3): flush output DBG: ntbtls(2): write client_hello DBG: ntbtls(3): client_hello, max version: [3:3] DBG: ntbtls(3): client_hello, current time: 1585298512 DBG: client_hello, random bytes: 5e7dbc5008b76aa83d09c4393a4bdbe792ad9fee5198c6d9f88357ad16020156 DBG: ntbtls(3): client_hello, session id len.: 0 DBG: client_hello, session id: DBG: ntbtls(5): client_hello, add ciphersuite: 49192 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 107 TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 49172 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 57 TLS-DHE-RSA-WITH-AES-256-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49271 TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 196 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 136 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49191 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 103 TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 49171 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 51 TLS-DHE-RSA-WITH-AES-128-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49270 TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 190 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 69 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49170 TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 22 TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49208 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 179 TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 49206 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 145 TLS-DHE-PSK-WITH-AES-256-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49307 TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 49303 TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 49207 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 178 TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 49205 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 144 TLS-DHE-PSK-WITH-AES-128-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49302 TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 49306 TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 49204 TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 143 TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 61 TLS-RSA-WITH-AES-256-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 53 TLS-RSA-WITH-AES-256-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 192 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 132 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 60 TLS-RSA-WITH-AES-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 47 TLS-RSA-WITH-AES-128-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 186 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 65 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 10 TLS-RSA-WITH-3DES-EDE-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 183 TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 149 TLS-RSA-PSK-WITH-AES-256-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49305 TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 182 TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 148 TLS-RSA-PSK-WITH-AES-128-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49304 TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 147 TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 175 TLS-PSK-WITH-AES-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 141 TLS-PSK-WITH-AES-256-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49301 TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 DBG: ntbtls(5): client_hello, add ciphersuite: 174 TLS-PSK-WITH-AES-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 140 TLS-PSK-WITH-AES-128-CBC-SHA DBG: ntbtls(5): client_hello, add ciphersuite: 49300 TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 DBG: ntbtls(5): client_hello, add ciphersuite: 139 TLS-PSK-WITH-3DES-EDE-CBC-SHA DBG: ntbtls(3): client_hello, got 54 ciphersuites DBG: ntbtls(3): client_hello, compress len.: 2 DBG: ntbtls(3): client_hello, compress alg.: 1 0 DBG: ntbtls(3): client_hello, adding server name extension: 'openpgpkey.torproject.org' DBG: ntbtls(3): client_hello, adding signature_algorithms extension DBG: ntbtls(3): client hello, adding supported_elliptic_curves extension DBG: ntbtls(3): client hello, adding supported_point_formats extension DBG: ntbtls(3): client_hello, adding session ticket extension DBG: ntbtls(3): client_hello, total extension length: 88 DBG: ntbtls(3): write record DBG: ntbtls(3): output record: msgtype = 22, version = [3:3], msglen = 242 DBG: output record sent to network: 16030300f2010000ee03035e7dbc5008b76aa83d09c4393a4bdbe792ad9fee51 \ DBG: 98c6d9f88357ad1602015600006c00ffc028006bc0140039c07700c40088c027 \ DBG: 0067c0130033c07600be0045c0120016c03800b3c0360091c09bc097c03700b2 \ DBG: c0350090c096c09ac034008f003d003500c00084003c002f00ba0041000a00b7 \ DBG: 0095c09900b60094c098009300af008dc09500ae008cc094008b020100005800 \ DBG: 00001e001c0000196f70656e7067706b65792e746f7270726f6a6563742e6f72 \ DBG: 67000d001600140601050104010301020106030503040303030203000a000e00 \ DBG: 0c001700180019001a001b001c000b0002010000230000 DBG: ntbtls(3): flush output DBG: ntbtls(3): message length: 247, out_left: 247 DBG: ntbtls(3): es_write returned: success DBG: ntbtls(2): client state: 2 (server_hello) DBG: ntbtls(3): flush output DBG: ntbtls(2): read server_hello DBG: ntbtls(3): read record DBG: ntbtls(3): fetch input DBG: ntbtls(3): in_left: 0, nb_want: 5 DBG: ntbtls(3): es_read returned: success DBG: ntbtls(3): input record: msgtype = 21, version = [3:3], msglen = 2 DBG: ntbtls(3): fetch input DBG: ntbtls(3): in_left: 5, nb_want: 7 DBG: ntbtls(3): es_read returned: success DBG: input record from network: 15030300020228 DBG: ntbtls(2): got an alert message, type: [2:40] DBG: ntbtls(1): is a fatal alert message (msg 40) DBG: ntbtls(1): (handshake failed) DBG: ntbtls(1): read_record returned: Fatal alert message received <TLS> DBG: ntbtls(2): handshake ready TLS handshake failed: Fatal alert message received <TLS> error connecting to 'https://openpgpkey.torproject.org/.well-known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf?l=torbrowser': Fatal alert message received DBG: ntbtls(2): release command 'WKD_GET' failed: Fatal alert message received <TLS> ``` [1] gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser at torproject.org https://support.torproject.org/tbb/how-to-verify-signature/ [2] https://lists.gnupg.org/pipermail/gnupg-users/2020-March/063385.html

issue