Re: [DNSOP] Any suggestion on what I'm doing that is stupid here on NSEC3?
Shumon Huque <shuque@upenn.edu> Wed, 12 February 2014 15:57 UTC
Return-Path: <shuque@upenn.edu>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67D3E1A09BD for <dnsop@ietfa.amsl.com>; Wed, 12 Feb 2014 07:57:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.989
X-Spam-Level:
X-Spam-Status: No, score=-2.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, GB_I_LETTER=-2, HOST_MISMATCH_COM=0.311, J_CHICKENPOX_24=0.6] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wBDQAN_F9sPo for <dnsop@ietfa.amsl.com>; Wed, 12 Feb 2014 07:57:11 -0800 (PST)
Received: from mopeypopo.net.isc.upenn.edu (www.huque.com [IPv6:2607:f470:2:1::a:2]) by ietfa.amsl.com (Postfix) with ESMTP id 1ADE41A0601 for <dnsop@ietf.org>; Wed, 12 Feb 2014 07:57:11 -0800 (PST)
Received: by mopeypopo.net.isc.upenn.edu (Postfix, from userid 500) id 0B0C6A01A1; Wed, 12 Feb 2014 10:57:10 -0500 (EST)
Date: Wed, 12 Feb 2014 10:57:09 -0500
From: Shumon Huque <shuque@upenn.edu>
To: Nicholas Weaver <nweaver@icsi.berkeley.edu>
Message-ID: <20140212155709.GA15950@upenn.edu>
References: <390BFAA1-3108-4922-A6C0-E666C0BD25A9@icsi.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <390BFAA1-3108-4922-A6C0-E666C0BD25A9@icsi.berkeley.edu>
Organization: University of Pennsylvania
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: dnsop WG <dnsop@ietf.org>
Subject: Re: [DNSOP] Any suggestion on what I'm doing that is stupid here on NSEC3?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Feb 2014 15:57:13 -0000
It might be because NSEC3 uses base32 with extended hex alphabet. Looks like you're using plain base32. See http://tools.ietf.org/html/rfc4648#section-7 --Shumon. On Wed, Feb 12, 2014 at 07:35:47AM -0800, Nicholas Weaver wrote: > I'm trying to do my own implementation of NSEC3 as part of my dynamic DNSSEC server (in order to do NSEC3 lies for NXDOMAIN, since you can't do such a lie with NSEC, NSEC lies only allow "0 answer noerror" which is unfortunately NOT the same) > > But I appear to be doing something stupid, and am not operating the hash right: > > > > Looking at com, the NSEC3 for "com" is: > CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - ... > > (Algorithm 1 -> SHA-1, flag = 1, iterations = 0, salt = None, fetched by "dig +dnssec MX com @a.gtld-servers.net") > > Reading RFC5155, the calculation of the hash is: > > > The hash calculation uses three of the NSEC3 RDATA fields: Hash > > Algorithm, Salt, and Iterations. > > > > Define H(x) to be the hash of x using the Hash Algorithm selected by > > the NSEC3 RR, k to be the number of Iterations, and || to indicate > > concatenation. Then define: > > > > IH(salt, x, 0) = H(x || salt), and > > > > IH(salt, x, k) = H(IH(salt, x, k-1) || salt), if k > 0 > > > > Then the calculated hash of an owner name is > > > > IH(salt, owner name, iterations), > > > > where the owner name is in the canonical form, defined as: > > > > The wire format of the owner name where: > > > > 1. The owner name is fully expanded (no DNS name compression) and > > fully qualified; > > > > 2. All uppercase US-ASCII letters are replaced by the corresponding > > lowercase US-ASCII letters; > > > > 3. If the owner name is a wildcard name, the owner name is in its > > original unexpanded form, including the "*" label (no wildcard > > substitution); > > So it should be the base32 encoding of the SHA1 hash of the wire format for "com" (since there is no salt), which in python is: > > "\x03com\x00", (3 characters, the string "com", and 0 as a terminator in wire format. This matches the wire format I get from my name packer in my DNS server) > > Yet when I try to calculate the SHA1 hash in python's library, I get: > >>> m = hashlib.sha1() > >>> m.update("\x03com\x00") # There is no salt and 0 additional iterations > >>> base64.b32encode(m.digest()) > 'MUAZYTWQIHEVT3OPHOPXIEDA27S5IL4W' > >>> m.hexdigest() > '65019c4ed041c959edcf3b9f741060d7e5d42f96' > > But at the same time, this matches the sha1sum for a file containing just the string "\x03com\x00", so the hash is correct for sha1. > > > So the conclusion is I'm not putting in the right input into the hash function. Thoughts on what I'm doing wrong? > > -- > Nicholas Weaver it is a tale, told by an idiot, > nweaver@icsi.berkeley.edu full of sound and fury, > 510-666-2903 .signifying nothing > PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop -- Shumon Huque University of Pennsylvania.
- [DNSOP] Any suggestion on what I'm doing that is … Nicholas Weaver
- Re: [DNSOP] Any suggestion on what I'm doing that… Shumon Huque
- Re: [DNSOP] Any suggestion on what I'm doing that… Mukund Sivaraman
- Re: [DNSOP] Any suggestion on what I'm doing that… Nicholas Weaver