IETF Logo Mail Archive

[Ietf-dkim] Question regarding RFC 6376

David Harris <David.Harris@pmail.gen.nz> Mon, 11 March 2024 13:50 UTC

Return-Path: <David.Harris@pmail.gen.nz>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFD37C14F60C for <ietf-dkim@ietfa.amsl.com>; Mon, 11 Mar 2024 06:50:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dIUkUiBC8g1n for <ietf-dkim@ietfa.amsl.com>; Mon, 11 Mar 2024 06:50:29 -0700 (PDT)
Received: from hera.pmail.gen.nz (hera.pmail.gen.nz [192.156.225.8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21A8AC14F5E0 for <ietf-dkim@ietf.org>; Mon, 11 Mar 2024 06:50:27 -0700 (PDT)
Received: from Spooler by hera.pmail.gen.nz (Mercury/32 v4.91.226) ID MO023FDA; 12 Mar 2024 02:45:56 +1300
Received: from spooler by hera.pmail.gen.nz (Mercury/32 v4.91.349); 12 Mar 2024 02:45:47 +1300
From: David Harris <David.Harris@pmail.gen.nz>
Organization: Pegasus Mail
To: ietf-dkim@ietf.org
Date: Tue, 12 Mar 2024 02:45:44 +1300
MIME-Version: 1.0
Message-ID: <65EF0B08.26692.1826077F@David.Harris.pmail.gen.nz>
Priority: normal
X-mailer: Pegasus Mail for Windows (4.81.1156)
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Content-description: Mail message body
X-AC-Weight: [####] (Whitelisted) -9999
X-CC-Diagnostic:
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/B_xQ4A1egs2XWb-Y7y1l-dmECSc>
Subject: [Ietf-dkim] Question regarding RFC 6376
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2024 13:50:31 -0000

Apologies in advance if this is the wrong place for this message - if it is and 
you happen to know the right place, I'd be grateful for a correction.

I'm trying to implement DKIM as per RFC6376 and associated errata in my 
mail server, but am having all manner of problems establishing clarity on 
section 3.7 of the RFC.

I note in advance that I have read the erratum that corrects this part of the 
pseudocode in section 3.7

   data-hash    =  hash-alg (h-headers, D-SIG, body-hash)

to this instead:

   data-hash    =  hash-alg (h-headers, D-SIG)


Question 1:

My first question is the exact meaning of this piece of pseudocode:

   body-hash    =  hash-alg (canon-body, l-param)

Does this mean:

1:  Pass the canonicalized body to the hash algorithm, then pass the value of 
any l= tag to the hash algorithm as well.

-- or --

2:  Pass the canonicalized body to the hash algorithm, restricting the amount 
passed to the value of any "l=" tag.

>From the way the other two pseudocode items are written, (A) would seem to 
be the correct interpretation, but that raises the question of what should be 
passed - a binary form of the l= value? Or a string representation? And what 
should be done if there is no l= tag at all?


Question 2:

I am puzzled by the reference to an item called "a-hash-alg" in the NOTE 
part at the end of this section: "a-hash-alg" does not appear anywhere else in 
the document, and since it has not been mentioned in an erratum anywhere 
(as far as I could see), I assume it must have some specific meaning defined 
somewhere else. Could someone direct me to a reference explaining this 
term?

Question 3:

The main problem I am having is understanding exactly how the signing 
process is meant to be handled: traditionally, you would either use your hash 
algorithm (SHA-256 in this case) to generate a digest of the content, then 
have your crypto library (OpenSSL in my case) generate a signature for that 
digest. There are also "streaming" APIs available that perform the hashing 
and signing as a combined task.

I would have assumed from the pseudocode that the intended action here 
was to do one of the following:

*  Pass d-domain, selector, and data-hash in that order to an SHA-256 hash 
algorithm, then generate an RSA signature using the hash generated by that 
process as its digest.

*  Call a streaming RSA-SHA256 API passing each of the three items in the 
correct order then finalizing the signature.

Either of these approaches *should* generate the same signature. The 
problem comes from the NOTE section, where it says:

-------------------------- Cut here ----------------------------
   When using such an API, the last two steps in the
   algorithm would probably be combined into a single call that would
   perform both the "a-hash-alg" and the "sig-alg".
-------------------------- Cut here ----------------------------

It is difficult to interpret this without knowing what "a-hash-alg" means, but on 
the assumption that it is a typo, that suggests that the pseudocode sections 
"data-hash" and "sig-alg" would be rolled into one step -- but I can't see how 
that could work, since "sig-alg" requires "data-hash" (which I understand to 
be an actual hash result) as its input. The NOTE comment seems so at odds 
with the two intended actions I described above that I am not sure which 
approach is the one I need to take.

I have spent quite some time trying to perform internet searches to clarify this 
section, but it's historically something I do quite poorly, so if there is a nice 
clean explanation of this somewhere, I'd be really grateful if someone could 
send me a link to it.

I'm sorry to send such a long message, but hope someone will feel charitable 
enough to help me out on these issues.

Cheers!

-- David --

------------------ David Harris -+- Pegasus Mail ----------------------
Box 5451, Dunedin, New Zealand | e-mail: David.Harris@pmail.gen.nz
              Phone: Number provided on request only.

Things the newspapers could have said better, #997
   "Mr Benjamin Porter visited the school yesterday and lectured
   on "Destructive Pests". A large number were present."

v2.23.0 | Report a Bug | By Email