subversion-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Philip Martin <>
Subject Re: x509 AlgorithmIdentifier parameters
Date Fri, 02 Feb 2018 14:31:37 GMT
Philip Martin <> writes:

> Looking back at the original mail it looks as if the error is produced
> by x509parse.c:x509_get_alg() via svn_x509_parse_cert(), in particular
> it is probably this assumption:
>   /*
>    * assume the algorithm parameters must be NULL
>    */
>   err = asn1_get_tag(p, end, &len, ASN1_NULL);
>   if (err)
>     return svn_error_create(SVN_ERR_X509_CERT_INVALID_ALG, err, NULL);
>   if (*p != end)
>     {
>       err = svn_error_create(SVN_ERR_ASN1_LENGTH_MISMATCH, NULL, NULL);
>       return svn_error_create(SVN_ERR_X509_CERT_INVALID_ALG, err, NULL);
>     }

Marc provided more information and I can reproduce the problem by using
the openssl option:

  -sigopt rsa_padding_mode:pss

when signing a server key.  The server cert that is created looks like:

  $ openssl x509 -text -in server-cert.crt
      Signature Algorithm: rsassaPss
         Hash Algorithm: sha256
         Mask Algorithm: mgf1 with sha256
         Salt Length: 0xDE
         Trailer Field: 0xBC (default)

I've setup my client to trust the issuer of these server certs but
attempts to access a repository still fail:

  $ svn ls https://...
  Error validating server certificate for 'https://localhost:8887':
   - The certificate has an unknown error.
  (R)eject or accept (t)emporarily? 

Note the reason for the failure is "unknown error" which corresponds to
temporarily accept and the operation proceeds, but accepting permanently
is not available because that is never offered for SVN_AUTH_SSL_OTHER.

If I try the Java example code tools/examples/ I get a
java exception:

     	at Method)
	at org.apache.subversion.javahl.remote.RemoteFactory.openRemoteSession(
	at ExampleAuthn.main(
  Caused by: org.apache.subversion.javahl.ClientException: Found invalid algorithm in certificate
  Unexpected ASN1 tag

which is the original problem report.  Our JavaHL code calls
svn_x509_parse_cert() when handling server cert failures, see


and the Java exception is raised when svn_x509_parse_cert() returns an
error.  The command line client only uses svn_x509_parse_cert() in the
"svn auth" command.

If I try to get Firefox to accept the RSASSA-PSS cert it gives me the

  The certificate was signed using a signature algorithm that is
  disabled because it is not secure.

but I think that is misleading and RSASSA-PSS is too new rather than
obsolete.  A few months ago OpenSSL gained some RSASSA-PSS support:

The underlying issue is that Subversion/serf/openssl is not able to
validate certs signed with RSASSA-PSS.  The standard client allows the
user to temporarily ignore the problem and proceed, JavaHL doesn't give
the user that option.  If we were to extend svn_x509_parse_cert() to
parse parameters then JavaHL would be able to behave like the command
line client.

In Marc's case getting a new server cert that is not RSASSA-PSS might be
the best solution.


View raw message