Re: [DNSOP] Any suggestion on what I'm doing that is stupid here on NSEC3?

Mukund Sivaraman <muks@isc.org> Wed, 12 February 2014 16:09 UTC

Return-Path: <muks@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E69671A03FB for <dnsop@ietfa.amsl.com>; Wed, 12 Feb 2014 08:09:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.465
X-Spam-Level:
X-Spam-Status: No, score=-0.465 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_SORBS_WEB=0.77, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BUc5dx1M5IvL for <dnsop@ietfa.amsl.com>; Wed, 12 Feb 2014 08:09:32 -0800 (PST)
Received: from mail.banu.com (mail.banu.com [IPv6:2a01:4f8:140:644b::225]) by ietfa.amsl.com (Postfix) with ESMTP id 4466F1A0335 for <dnsop@ietf.org>; Wed, 12 Feb 2014 08:09:32 -0800 (PST)
Received: from totoro.home.mukund.org (unknown [115.118.26.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.banu.com (Postfix) with ESMTPSA id 7768FE60091; Wed, 12 Feb 2014 16:09:29 +0000 (GMT)
Date: Wed, 12 Feb 2014 21:39:24 +0530
From: Mukund Sivaraman <muks@isc.org>
To: Nicholas Weaver <nweaver@icsi.berkeley.edu>
Message-ID: <20140212160924.GA23506@totoro.home.mukund.org>
References: <390BFAA1-3108-4922-A6C0-E666C0BD25A9@icsi.berkeley.edu>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ReaqsoxgOBHFXBhH"
Content-Disposition: inline
In-Reply-To: <390BFAA1-3108-4922-A6C0-E666C0BD25A9@icsi.berkeley.edu>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: dnsop WG <dnsop@ietf.org>
Subject: Re: [DNSOP] Any suggestion on what I'm doing that is stupid here on NSEC3?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Feb 2014 16:09:34 -0000

Hi Nicholas

On Wed, Feb 12, 2014 at 07:35:47AM -0800, Nicholas Weaver wrote:
> Looking at com, the NSEC3 for "com" is:
> CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - ...
> 
> (Algorithm 1 -> SHA-1, flag = 1, iterations = 0, salt = None, fetched by "dig +dnssec MX com @a.gtld-servers.net")
> 
> Reading RFC5155, the calculation of the hash is:
> 
> [snip]
> 
> So it should be the base32 encoding of the SHA1 hash of the wire
> format for "com" (since there is no salt), which in python is:
> 
> "\x03com\x00", (3 characters, the string "com", and 0 as a terminator
> in wire format.  This matches the wire format I get from my name
> packer in my DNS server)
> 
> Yet when I try to calculate the SHA1 hash in python's library, I get:
> >>> m = hashlib.sha1() 
> >>> m.update("\x03com\x00") # There is no salt and 0 additional iterations
> >>> base64.b32encode(m.digest()) 
> 'MUAZYTWQIHEVT3OPHOPXIEDA27S5IL4W'

This is where the problem is. NSEC3 uses base32hex encoding, not
base32. See the difference in RFC 4648 section 7. It should be trivial
to convert the output of the above b32encode() to the base32hex encoding
using a simple lookup map.

If you want to look at some C++ code, clone the BIND 10 repo and look at
the following files:

src/lib/dns/nsec3hash.{h,cc}
src/lib/util/encode/base32hex.h
src/lib/util/encode/base_n.cc

I suggest avoiding the last file and just doing your own base64hex
implementation.. it can make you upset. ;)

		Mukund