Bug#961472: libmail-dkim-perl: dkimproxy-sign breaks RFC with hardcoded deprecated signing algo

2020-05-24 Thread Christer Mjellem Strand 

[..]

While ideally the user should be allowed to choose, if it is going to
be hardcoded, at least the hardcoded value should be SHA-256 rather
than SHA-1. The supplied patch addresses this, and I would appreciate
if it could be applied.


Actually, looking a bit more closely at the code, it turns out the user 
*is* allowed to choose, by applying the --algorithm argument. This, 
however, appears entirely undocumented, as there's no mention of it in 
neither the man page nor with dkimproxy-sign --help. I suppose that's 
worthy of another report, as there are apparently a slew of 
undocumented arguments:


my $type = "dkim";
my $selector = "selector1";
my $algorithm = "rsa-sha1";
my $method = "simple";
my $domain; # undef => auto-select domain
my $expiration;
my $identity;
my $key_file = "private.key";
my $key_protocol;
my @extra_tag;
my $debug_canonicalization;
my $binary;
my $help;

I still think the patch should be applied, though (even with its 
mis-spelled name..), as it at least updates the default to a sane and 
RFC-conformant level.


Cheers

--
Christer Mjellem Strand
System Administrator

pgpDILXEDpD4O.pgp
Description: PGP signature

Bug#961472: libmail-dkim-perl: dkimproxy-sign breaks RFC with hardcoded deprecated signing algo

2020-05-24 Thread Christer Mjellem Strand 
Package: libmail-dkim-perl
Version: 0.54-1
Severity: normal

Dear Maintainer,

This package ships with /usr/bin/dkimproxy-sign, from dkim-proxy, which is 
hardcoded to use rsa-sha1 for signing.
Beyond being generally weak, SHA-1 is now explicitly banned for DKIM use by RFC 
8301:

"Due to the recognized weakness of the SHA-1 hash algorithm (see [RFC6194]) and 
the wide availability of the SHA-256
hash algorithm (it has been a required part of DKIM [RFC6376] since it was 
originally standardized in 2007), the
SHA-1 hash algorithm MUST NOT be used."

While ideally the user should be allowed to choose, if it is going to be 
hardcoded, at least the hardcoded value
should be SHA-256 rather than SHA-1. The supplied patch addresses this, and I 
would appreciate if it could be
applied.

Thanks.

-- System Information:
Debian Release: 10.4
  APT prefers stable
  APT policy: (900, 'stable'), (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.19.0-0.bpo.5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libmail-dkim-perl depends on:
ii  libcrypt-openssl-rsa-perl 0.31-1+b1
ii  libdigest-sha-perl6.02-1+b1
ii  liberror-perl 0.17027-2
ii  libmailtools-perl 2.18-1
ii  libnet-dns-perl   1.19-1
ii  libperl5.24 [libdigest-sha-perl]  5.24.1-3+deb9u5
ii  perl [libdigest-sha-perl] 5.28.1-6

libmail-dkim-perl recommends no packages.

libmail-dkim-perl suggests no packages.

-- no debconf information
--- /usr/bin/dkimproxy-sign 2018-12-04 21:15:55.0 +0100
+++ /usr/local/bin/dkimproxy-sign   2020-05-24 22:34:35.585654976 +0200
@@ -16,7 +16,7 @@
 
 my $type = "dkim";
 my $selector = "selector1";
-my $algorithm = "rsa-sha1";
+my $algorithm = "rsa-sha256";
 my $method = "simple";
 my $domain; # undef => auto-select domain
 my $expiration;