SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) supports

[Neustradamus]

Can you add the SCRAM supports?

For example Rouncube has needed: roundcube/roundcubemail#6917

---

Cyrus SASL supports:

• SCRAM-SHA-1
• SCRAM-SHA-1-PLUS
• SCRAM-SHA-224
• SCRAM-SHA-224-PLUS
• SCRAM-SHA-256
• SCRAM-SHA-256-PLUS
• SCRAM-SHA-384
• SCRAM-SHA-384-PLUS
• SCRAM-SHA-512
• SCRAM-SHA-512-PLUS

-> https://cyrusimap.org/sasl/sasl/authentication_mechanisms.html
-> https://github.com/cyrusimap/cyrus-sasl/commits/master

Dovecot SASL supports:

• SCRAM-SHA-1
• SCRAM-SHA-256

-> https://doc.dovecot.org/configuration_manual/authentication/password_schemes/

GNU SASL supports:

• SCRAM-SHA-1
• SCRAM-SHA-1-PLUS
• SCRAM-SHA-256
• SCRAM-SHA-256-PLUS

-> http://www.gnu.org/software/gsasl/

---

"When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802]".

• SCRAM-SHA-1(-PLUS):
  -- https://tools.ietf.org/html/rfc5802
  -- https://tools.ietf.org/html/rfc6120

• SCRAM-SHA-256(-PLUS):
  -- https://tools.ietf.org/html/rfc7677 since 2015-11-02
  -- https://tools.ietf.org/html/rfc8600 since 2019-06-21: https://mailarchive.ietf.org/arch/msg/ietf-announce/suJMmeMhuAOmGn_PJYgX5Vm8lNA

• SCRAM-SHA-512(-PLUS):
  -- https://tools.ietf.org/html/draft-melnikov-scram-sha-512

• SCRAM-SHA3-512(-PLUS):
  -- https://tools.ietf.org/html/draft-melnikov-scram-sha3-512

• SCRAM BIS: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms:
  -- https://tools.ietf.org/html/draft-melnikov-scram-bis

https://xmpp.org/extensions/inbox/hash-recommendations.html

-PLUS variants:

• RFC5056: On the Use of Channel Bindings to Secure Channels: https://tools.ietf.org/html/rfc5056
• RFC5929: Channel Bindings for TLS: https://tools.ietf.org/html/rfc5929
• Channel-Binding Types: https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml
• RFC 9266: Channel Bindings for TLS 1.3: https://tools.ietf.org/html/rfc9266

IMAP:

• RFC9051: Internet Message Access Protocol (IMAP) - Version 4rev2: https://tools.ietf.org/html/rfc9051

LDAP:

• RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge Response Authentication Mechanism (SCRAM) Secrets: https://tools.ietf.org/html/rfc5803

HTTP:

• RFC7804: Salted Challenge Response HTTP Authentication Mechanism: https://tools.ietf.org/html/rfc7804

2FA:

• Extensions to Salted Challenge Response (SCRAM) for 2 factor authentication: https://datatracker.ietf.org/doc/html/draft-ietf-kitten-scram-2fa

IANA:

• Simple Authentication and Security Layer (SASL) Mechanisms: https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml

Linked to:

• State of Play scram-sasl/info#1

[jparise]

I don't have any plans to implement this myself, but I would gladly review a patch that adds this support.

[Neustradamus]

@jparise: 11 months after, have you looked?

I have added drafts "Channel Bindings for SCRAM over TLS 1.3 / SCRAM-SHA-512(-PLUS) / SCRAM-SHA3-512(-PLUS) / 2FA" and added details of Cyrus SASL / Dovecot SASL / GNU SASL.

Thanks a lot in advance.

[jparise]

As I said earlier, I'd be glad to review a Pull Request that adds support for these new algorithms.

[schengawegga]

@Neustradamus I have developed a first draft of SCRAM support, but i have to test it first before i can create a pull request. Do you have a docker container within a SMTP server wich supports any or all kinds of SCRAM?

[Neustradamus]

@schengawegga: Nice, thanks a lot for your work!

I think that @mbhangui or @maranda can help you for a test account.

cc: @nevans, @hsbt, @shugo.

[mbhangui]

indimail has docker images at https://hub.docker.com/r/cprogrammer/indimail. Some documentation is here.

The steps would be to

1. Create a domain using vadddomain
2. create an user using vadduser
3. Modify user password using vmoduser for SCRAM-SHA1, or SCRAM-SHA-256 (and the PLUS methods).

You can reach out to me privately if you need any help in setting up accounts using indimail docker.

gsasl also has a tiny smtp server in the examples directory. One can compile it and do a basic test. AFAIK, The gsasl utility too can act as a server using the --server option. But I have never tried those option. But I have used the client options to test SCRAM auth methods against indimail server.

[Neustradamus]

@schengawegga: Have you seen the @mbhangui comment?

[schengawegga]

@Neustradamus @mbhangui
Yes, i´ve seen @mbhangui comment.
Thanks you for the detailed instructions.
But my time is very short at the moment.
I will have a closer look on the docker container when i´m not so busy anymore.

[schengawegga]

@mbhangui now i tried about 4 hours to run and configure indimail to test my developement, but it won´t work on my own.
It is possible, that you can give me a fully configured indimail server within an .vbox image?
My problem at the moment is a mysql certificate error on vadduser command.

[mbhangui]

@mbhangui now i tried about 4 hours to run and configure indimail to test my developement, but it won´t work on my own. It is possible, that you can give me a fully configured indimail server within an .vbox image? My problem at the moment is a mysql certificate error on vadduser command.

Which image did you use? Sure I can give a full configured indimail server with .vbox image, but that could take me a day or two.

[mbhangui]

So I tried this and it worked. You can repeat the steps exactly as below

1. Pull the image
   $ podman pull ghcr.io/mbhangui/indimail:rockylinux8

2. List the image
   $ podman images|grep rocky
   ghcr.io/mbhangui/indimail rockylinux8 274da2d2b6d7 2 months ago 1.09 GB

3. Run docker or podman command. This will run SMTP on port 25 without authentication and on port 587 with authentication. You can use port 2587 on the host where you run podman command to use SMTP for testing SCRAM methods.

$ podman run --rm -d --publish-all --name indimail -h indimail.org --cap-add SYS_PTRACE --cap-add SYS_ADMIN --cap-add IPC_LOCK --cap-add SYS_RESOURCE --cap-add=NET_ADMIN --cap-add=CAP_NET_RAW --cap-add=SYS_NICE -p 2025:25 -p 2587:587 274da2d2b6d7
2e11d469150726b874e808d9ad967b8c8c9a2629edee4186c1e827406828f048

4. Open a shell on the running container

$ podman exec -ti indimail bash
indimail.org:(root) / >

5. In the container, create domain using vadddomain and one user testuser01 that support SCRAM authentication using vadduser

indimail.org:(root) / > vadddomain example.com password
indimail.org:(root) / > vadduser -C -m SCRAM-SHA-256 -d testuser01@example.com somepassword

6. On the host where you ran the podman command, test SCRAM-SHA-256 with the gsasl command. You will require to install the gsasl RPM or debian package on your host. Alternatively you can run gsasl command on the indimail container on port 587 instead of port 2587

a) without channel binding
$ gsasl -d --no-cb --hostname=argos.indimail.org --x509-ca-file="" -a testuser01@example.com --password 'somepassword' --mechanism SCRAM-SHA-256 --smtp --connect localhost:2587

b) or you can use channel binding
$ gsasl -d --hostname=argos.indimail.org --x509-ca-file="" -a testuser01@example.com --password 'somepassword' --mechanism SCRAM-SHA-256-PLUS --smtp --connect localhost:2587

Any issue let me know. You can replace podman with docker command. The syntax is the same for both. I prefer podman because it runs without needing a daemon running as root.

The response to the gsasl command will be like this and in the end you should get 235 ok, go ahead (#2.0.0)

Trying ‘localhost’...
220 indimail.org (NO UCE) ESMTP IndiMail 1.285 Thu, 30 Mar 2023 09:17:45 +0000
EHLO [127.0.0.1]
250-indimail.org
250-AUTH LOGIN PLAIN CRAM-MD5 CRAM-SHA1 CRAM-SHA224 CRAM-SHA256 CRAM-SHA384 CRAM-SHA512 CRAM-RIPEMD DIGEST-MD5 SCRAM-SHA-1 SCRAM-SHA-256
250-PIPELINING
250-8BITMIME
250-SIZE 20971520
250-ETRN
250-STARTTLS
250 HELP
STARTTLS
220 ready for tls
TLS X.509 Verification: The certificate is NOT trusted. The certificate chain is revoked. The certificate doesn't match the local copy (TOFU). The revocation or OCSP data are old and have been superseded. The revocation or OCSP data are issued with a future date. The certificate issuer is unknown. The certificate issuer is not a CA. The certificate chain uses insecure algorithm. The certificate chain violates the signer's constraints. The certificate chain does not match the intended purpose. The certificate chain uses not yet valid certificate. The certificate chain uses expired certificate. The signature in the certificate is invalid. The name in the certificate does not match the expected. The certificate requires the server to include an OCSP status in its response, but the OCSP status is missing. The received OCSP status response is invalid. The certificate contains an unknown critical extension.
EHLO [127.0.0.1]
250-indimail.org
250-AUTH LOGIN PLAIN CRAM-MD5 CRAM-SHA1 CRAM-SHA224 CRAM-SHA256 CRAM-SHA384 CRAM-SHA512 CRAM-RIPEMD DIGEST-MD5 SCRAM-SHA-1 SCRAM-SHA-256 SCRAM-SHA-1-PLUS SCRAM-SHA-256-PLUS
250-PIPELINING
250-8BITMIME
250-SIZE 20971520
250-ETRN
250 HELP
AUTH SCRAM-SHA-256
334
biwsbj10ZXN0dXNlcjAxQGV4YW1wbGUuY29tLHI9TlNqa1pCSjdkSGc4NEpHcGVLRVJjYS9w
334 cj1OU2prWkJKN2RIZzg0SkdwZUtFUmNhL3AwU1M2M3c1Z2RLUkZBQm1ZeTQ1b1pyZDEscz13YitqSjBvMTB5bWJoSHdZLGk9NDA5Ng==
Yz1iaXdzLHI9TlNqa1pCSjdkSGc4NEpHcGVLRVJjYS9wMFNTNjN3NWdkS1JGQUJtWXk0NW9acmQxLHA9U1FTN1lCR0Z0cXlnM1NrZWVDQzVxbStqTGdYUzBrNVlCQ0hFY1NSREFvRT0=
334 dj1zaDlVUEJtSDZvcTVtQ2NNZWpVRStQd2hmNFhrQW53Y0F0VHBzUHorejRnPQ==

235 ok, go ahead (#2.0.0)
Client authentication finished (server trusted)...
Session finished...
QUIT
221 indimail.org closing connection