[Dcrup] Re: [Editorial Errata Reported] RFC8463 (7930)
Viktor Dukhovni <ietf-dane@dukhovni.org> Sat, 11 May 2024 05:07 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA4A3C169426 for <dcrup@ietfa.amsl.com>; Fri, 10 May 2024 22:07:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.995
X-Spam-Level:
X-Spam-Status: No, score=-1.995 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, URI_HEX=0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dukhovni.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 66WY7zkU4l5t for <dcrup@ietfa.amsl.com>; Fri, 10 May 2024 22:07:38 -0700 (PDT)
Received: from chardros.imrryr.org (chardros.imrryr.org [144.6.86.210]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C95A0C151088 for <dcrup@ietf.org>; Fri, 10 May 2024 22:07:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dukhovni.org; i=@dukhovni.org; q=dns/txt; s=f8320d6e; t=1715404087; h=date : from : to : cc : subject : message-id : references : mime-version : content-type : in-reply-to : from; bh=wJlWfiPCpia6IrVw8FHbazGo1lFJSm9mh4+aTValXL0=; b=ojdM2SELqfoJEtSfbUDVbQFeZ5+cCc4xTPOeOUmgbCAnAgk8gxj3Y+IAqcnTn43oU8A1i Oai2t3jzOaTaVL/LSigRVtt3fa8myh+FejIrV+Bo3tMIH9eyA9PP0e++7EPvmrXbitTt6oj Ahj5rJvxnWiTCbIHVkALQLwDG3bIucs=
Received: by chardros.imrryr.org (Postfix, from userid 1000) id 136388DF27A; Sat, 11 May 2024 01:08:07 -0400 (EDT)
Date: Sat, 11 May 2024 01:08:07 -0400
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dcrup@ietf.org
Message-ID: <Zj79NxPmqtBwp-6r@chardros.imrryr.org>
References: <20240509203958.F19D933CD1@rfcpa.amsl.com> <55570A01-CF1B-4D47-B74A-D3BDBDD2E65E@amsl.com> <CAN8C-_KycC_9g5Tviawp8P4YDqzHAptzTiw=i10QhL9JtWouug@mail.gmail.com> <CAL0qLwZ0KYzbMRVfizwc4uKZEVN19C4UoWj8=pK5viT2i4PW+w@mail.gmail.com> <20240510223917.mvkXC0XH@steffen%sdaoden.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20240510223917.mvkXC0XH@steffen%sdaoden.eu>
Message-ID-Hash: VF4YKKHEVWG4GPM54IWSQKL5XPH4DWMC
X-Message-ID-Hash: VF4YKKHEVWG4GPM54IWSQKL5XPH4DWMC
X-MailFrom: ietf-dane@dukhovni.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dcrup.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: steffen@sdaoden.eu
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Dcrup] Re: [Editorial Errata Reported] RFC8463 (7930)
List-Id: DKIM Crypto Update <dcrup.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/Q4rzuQZkFTSXBc7RoWvSZ5Beh1U>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Owner: <mailto:dcrup-owner@ietf.org>
List-Post: <mailto:dcrup@ietf.org>
List-Subscribe: <mailto:dcrup-join@ietf.org>
List-Unsubscribe: <mailto:dcrup-leave@ietf.org>
On Sat, May 11, 2024 at 12:39:17AM +0200, Steffen Nurpmeso wrote: > Here is key and data > > cat <<'_EOT' | python3 rfc8032-ed25519.py > nWGxne/9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A= > ZnJvbTpKb2UgU2l4UGFjayA8am9lQGZvb3RiYWxsLmV4YW1wbGUuY29tPg0KdG86U3V6aWUgUSA8c3V6aWVAc2hvcHBpbmcuZXhhbXBsZS5uZXQ+DQpzdWJqZWN0OklzIGRpbm5lciByZWFkeT8NCmRhdGU6RnJpLCAxMSBKdWwgMjAwMyAyMTowMDozNyAtMDcwMCAoUERUKQ0KbWVzc2FnZS1pZDo8MjAwMzA3MTIwNDAwMzcuNDYzNDEuNUY4SkBmb290YmFsbC5leGFtcGxlLmNvbT4NCmRraW0tc2lnbmF0dXJlOnY9MTsgYT1lZDI1NTE5LXNoYTI1NjsgYz1yZWxheGVkL3JlbGF4ZWQ7IGQ9Zm9vdGJhbGwuZXhhbXBsZS5jb207IGk9QGZvb3RiYWxsLmV4YW1wbGUuY29tOyBxPWRucy90eHQ7IHM9YnJpc2JhbmU7IHQ9MTUyODYzNzkwOTsgaD1mcm9tIDogdG8gOiBzdWJqZWN0IDogZGF0ZSA6IG1lc3NhZ2UtaWQgOiBmcm9tIDogc3ViamVjdCA6IGRhdGU7IGJoPTJqVVNPSDlOaHRWR0NRV05yOUJySUFQcmVLUWpPNlNuN1hJa2ZKVk96djg9OyBiPQ== > _EOT Perhaps you failed to hash the data with SHA256 prior to passing it to PureEdDSA (Ed25519) for signing. The signature input should be the raw binary data hash, whose hex dump is below: $ printf "%s\n" 'ZnJvbTpKb2UgU2l4UGFjayA8am9lQGZvb3RiYWxsLmV4YW1wbGUuY29tPg0KdG86U3V6aWUgUSA8c3V6aWVAc2hvcHBpbmcuZXhhbXBsZS5uZXQ+DQpzdWJqZWN0OklzIGRpbm5lciByZWFkeT8NCmRhdGU6RnJpLCAxMSBKdWwgMjAwMyAyMTowMDozNyAtMDcwMCAoUERUKQ0KbWVzc2FnZS1pZDo8MjAwMzA3MTIwNDAwMzcuNDYzNDEuNUY4SkBmb290YmFsbC5leGFtcGxlLmNvbT4NCmRraW0tc2lnbmF0dXJlOnY9MTsgYT1lZDI1NTE5LXNoYTI1NjsgYz1yZWxheGVkL3JlbGF4ZWQ7IGQ9Zm9vdGJhbGwuZXhhbXBsZS5jb207IGk9QGZvb3RiYWxsLmV4YW1wbGUuY29tOyBxPWRucy90eHQ7IHM9YnJpc2JhbmU7IHQ9MTUyODYzNzkwOTsgaD1mcm9tIDogdG8gOiBzdWJqZWN0IDogZGF0ZSA6IG1lc3NhZ2UtaWQgOiBmcm9tIDogc3ViamVjdCA6IGRhdGU7IGJoPTJqVVNPSDlOaHRWR0NRV05yOUJySUFQcmVLUWpPNlNuN1hJa2ZKVk96djg9OyBiPQ==' | openssl base64 -A -d | openssl dgst -sha256 -binary | xxd -p -c64 48ce9a2c710ece1710ff156996b836a7f45470e43efe5643074d6e1690ed62e7 When I fail to hash the data, the signature I obtain is: QGeDV9CRdXSybek0z54GoycZ4/kl1PsNnGoOsCZ0ZOOwiGYFE8Ft0SZpy1XLW/fw lwNFC1k6VaxsnQAH8+9cAA== which mathes your proposed erratum. Mystery solved. -- Viktor.
- [Dcrup] [Editorial Errata Reported] RFC8463 (7930) RFC Errata System
- [Dcrup] Re: [standards] [Editorial Errata Reporte… John R Levine
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Alessandro Vesely
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… John R Levine
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Viktor Dukhovni
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Viktor Dukhovni
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… John R Levine
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Viktor Dukhovni
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Hector Santos
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Alessandro Vesely
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Viktor Dukhovni
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Rebecca VanRheenen
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Alessandro Vesely
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Viktor Dukhovni
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Steffen Nurpmeso
- [Dcrup] Re: [Ietf-dkim] [standards] [Editorial Er… Hector Santos
- [Dcrup] Re: [Ietf-dkim] [standards] [Editorial Er… Viktor Dukhovni
- [Dcrup] Re: [Ietf-dkim] [standards] [Editorial Er… Steffen Nurpmeso
- [Dcrup] Re: [Ietf-dkim] [standards] [Editorial Er… Viktor Dukhovni
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Murray S. Kucherawy
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Murray S. Kucherawy
- [Dcrup] Re: [Editorial Errata Reported] RFC8463 (… Orie Steele
- [Dcrup] Re: [standards] [Editorial Errata Reporte… Murray S. Kucherawy