From dev-return-37410-archive-asf-public=cust-asf.ponee.io@subversion.apache.org Fri Feb 2 15:31:48 2018 Return-Path: X-Original-To: archive-asf-public@eu.ponee.io Delivered-To: archive-asf-public@eu.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by mx-eu-01.ponee.io (Postfix) with ESMTP id 6AAD0180608 for ; Fri, 2 Feb 2018 15:31:48 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 5A554160C49; Fri, 2 Feb 2018 14:31:48 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id A26A8160C41 for ; Fri, 2 Feb 2018 15:31:47 +0100 (CET) Received: (qmail 55947 invoked by uid 500); 2 Feb 2018 14:31:46 -0000 Mailing-List: contact dev-help@subversion.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@subversion.apache.org Received: (qmail 55937 invoked by uid 99); 2 Feb 2018 14:31:46 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Feb 2018 14:31:46 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id A0C0EC0505 for ; Fri, 2 Feb 2018 14:31:45 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.501 X-Spam-Level: * X-Spam-Status: No, score=1.501 tagged_above=-999 required=6.31 tests=[KAM_COUK=0.85, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_NEUTRAL=0.652] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id uzF0m_terfHr for ; Fri, 2 Feb 2018 14:31:43 +0000 (UTC) Received: from know-smtprelay-omc-2.server.virginmedia.net (know-smtprelay-omc-2.server.virginmedia.net [80.0.253.66]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 479EC5F1EE for ; Fri, 2 Feb 2018 14:31:43 +0000 (UTC) Received: from localhost ([86.9.48.152]) by cmsmtp with ESMTPA id hcNNedGBPxdZshcNNehB0C; Fri, 02 Feb 2018 14:31:37 +0000 X-Originating-IP: [86.9.48.152] X-Authenticated-User: codematters@ntlworld.com X-Spam: 0 X-Authority: v=2.3 cv=cMnOTGWN c=1 sm=1 tr=0 a=rSjZpmdkpCpLRM02tfIJ4Q==:117 a=rSjZpmdkpCpLRM02tfIJ4Q==:17 a=NTDmIo5yAAAA:8 a=NEAV23lmAAAA:8 a=pqTqnhizRT4H0H0GhLYA:9 a=ZPXTKHJW2W2bAfCD:21 a=aLPdIbTDJvBeV8I6:21 a=1F6LMcGHgafuNE9Px5x4:22 From: Philip Martin To: Philip Martin Cc: Marc Strapetz , Julian Foad , dev@subversion.apache.org Subject: Re: x509 AlgorithmIdentifier parameters References: <87efmyh4h9.fsf@codematters.co.uk> <877es8h3t3.fsf_-_@codematters.co.uk> Date: Fri, 02 Feb 2018 14:31:37 +0000 In-Reply-To: <877es8h3t3.fsf_-_@codematters.co.uk> (Philip Martin's message of "Tue, 23 Jan 2018 17:40:08 +0000") Message-ID: <87shajfoom.fsf@codematters.co.uk> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-CMAE-Envelope: MS4wfP/5iTePI0+v2hesulblir2e0vD6uYPwNjNDQ3JgxrjbaUKb5i77HJdxWYG+rsohldXwkpTZb/ymym0xIilosCXmLzTGZV027b2zS+h9bjpB+PcUL6E8 1YUiREQmkhpizbN8kc2aI4jAkAJ8s7276Z9x1ldCloWGx8xbQfBZUJQtfuVWN0/4n2WK1du50Q9DOaxAzfI/9b0Tb3iLThK7QU3oHDMFpAS6M2aa1n6Q1wyW W3oieKvNcE1qTdqIr7bIJMd43oUHzlJk7c/pBCVRxZd6yIfVxkq1Og4tmPtkxIKC Philip Martin writes: > Looking back at the original mail it looks as if the error is produced > by x509parse.c:x509_get_alg() via svn_x509_parse_cert(), in particular > it is probably this assumption: > > /* > * assume the algorithm parameters must be NULL > */ > err = asn1_get_tag(p, end, &len, ASN1_NULL); > if (err) > return svn_error_create(SVN_ERR_X509_CERT_INVALID_ALG, err, NULL); > > if (*p != end) > { > err = svn_error_create(SVN_ERR_ASN1_LENGTH_MISMATCH, NULL, NULL); > return svn_error_create(SVN_ERR_X509_CERT_INVALID_ALG, err, NULL); > } Marc provided more information and I can reproduce the problem by using the openssl option: -sigopt rsa_padding_mode:pss when signing a server key. The server cert that is created looks like: $ openssl x509 -text -in server-cert.crt ... Signature Algorithm: rsassaPss Hash Algorithm: sha256 Mask Algorithm: mgf1 with sha256 Salt Length: 0xDE Trailer Field: 0xBC (default) ... I've setup my client to trust the issuer of these server certs but attempts to access a repository still fail: $ svn ls https://... Error validating server certificate for 'https://localhost:8887': - The certificate has an unknown error. ... (R)eject or accept (t)emporarily? Note the reason for the failure is "unknown error" which corresponds to SVN_AUTH_SSL_OTHER and SERF_SSL_CERT_UNKNOWN_FAILURE. I can choose to temporarily accept and the operation proceeds, but accepting permanently is not available because that is never offered for SVN_AUTH_SSL_OTHER. If I try the Java example code tools/examples/ExampleAuthn.java I get a java exception: at org.apache.subversion.javahl.remote.RemoteFactory.open(Native Method) at org.apache.subversion.javahl.remote.RemoteFactory.openRemoteSession(RemoteFactory.java:200) at ExampleAuthn.main(ExampleAuthn.java:102) Caused by: org.apache.subversion.javahl.ClientException: Found invalid algorithm in certificate Unexpected ASN1 tag which is the original problem report. Our JavaHL code calls svn_x509_parse_cert() when handling server cert failures, see AuthnCallback.c:AuthnCallback::SSLServerCertInfo::SSLServerCertInfo() and the Java exception is raised when svn_x509_parse_cert() returns an error. The command line client only uses svn_x509_parse_cert() in the "svn auth" command. If I try to get Firefox to accept the RSASSA-PSS cert it gives me the error SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED with an explanation: The certificate was signed using a signature algorithm that is disabled because it is not secure. but I think that is misleading and RSASSA-PSS is too new rather than obsolete. A few months ago OpenSSL gained some RSASSA-PSS support: https://github.com/openssl/openssl/pull/4368 https://github.com/openssl/openssl/issues/2878 The underlying issue is that Subversion/serf/openssl is not able to validate certs signed with RSASSA-PSS. The standard client allows the user to temporarily ignore the problem and proceed, JavaHL doesn't give the user that option. If we were to extend svn_x509_parse_cert() to parse parameters then JavaHL would be able to behave like the command line client. In Marc's case getting a new server cert that is not RSASSA-PSS might be the best solution. -- Philip