Closed AGWA closed 3 years ago
Thanks for the detailed explanation. Looks like a good plan to me!
Though I've never hit this "failed to parse public key" error I think, even when verifying Gmail/Fastmail emails. I wonder why?
Though I've never hit this "failed to parse public key" error I think, even when verifying Gmail/Fastmail emails. I wonder why?
Gmail and Fastmail use SubjectPublicKeyInfo, which is what go-msgauth currently expects.
I'll work on a PR.
Oh, I see, makes sense.
RFC 6376 Section 3.6.1 states that RSA public keys are encoded in the TXT record as "an ASN.1 DER-encoded [ITU-X660-1997] RSAPublicKey". This is the encoding produced by the dkim-keygen command.
Unfortunately, RFC 6376 contradicts itself in Appendix C, where it shows a public key in SubjectPublicKeyInfo format instead. Although Appendix C is only informative, it seems that other implementations have adopted it. opendkim's key generation tool uses SubjectPublicKeyInfo, as do the DKIM records for Gmail and Fastmail. Erratum 3017 has been filed against RFC 6376 proposing that both RSAPublicKey and SubjectPublicKeyInfo be allowed in the TXT record.
Currently, go-msgauth's DKIM verifier expects RSA public keys to use SubjectPublicKeyInfo format. If you try to verify a signature from a domain which uses RSAPublicKey format instead, you get this error:
I propose the following fix:
x509.ParsePKIXPublicKey
andx509.ParsePKCS1PublicKey
) in accordance with Erratum 3017.I'm happy to submit a PR for this.