Re: ed25519 key generation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 26/03/18 06:13, Viktor Dukhovni wrote:
>> On Mar 25, 2018, at 7:46 AM, Jeremy Harris <jgh@xxxxxxxxxxx> wrote:
>>
>>> Not sure what format DKIM wants the key in, but if it is SKPI
>>> in base64 form 
>>
>> It is not.  The _raw_ pubkey, base64'd is what is wanted.
>> No ASN.1 wrapping; that's why I said "raw".
> 
> I'm afraid you're wrong about that:
> 
>   $ dig +noall +ans +nocl +nottl +nosplit -t txt 20161025._domainkey.gmail.com
>   20161025._domainkey.gmail.com. TXT "k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviPGBk4ZB64UfSqWyAicdR7lodhytae+EYRQVtKDhM+1mXjEqRtP/pDT3sBhazkmA48n2k5NJUyMEoO8nc2r6sUA+/Dom5jRBZp6qDKJOwjJ5R/OpHamlRG+YRJQqR" "tqEgSiJWG7h7efGYWmh4URhFM9k9+rmG/CwCgwx7Et+c8OMlngaLl04/bPmfpjdEyLWyNimk761CX6KymzYiRDNz1MOJOJ7OzFaS4PFbVLn0m5mf0HVNtBpPwWuCNvaFVflUYxEyblbB6h/oWOPGbzoSgtRA47SHV53SwZjIsVpbq4LxUW9IxAEwYzGcSgZ4n5Q8X8TndowsDUzoccPFGhdwIDAQAB"
> 
> $ printf "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviPGBk4ZB64UfSqWyAicdR7lodhytae+EYRQVtKDhM+1mXjEqRtP/pDT3sBhazkmA48n2k5NJUyMEoO8nc2r6sUA+/Dom5jRBZp6qDKJOwjJ5R/OpHamlRG+YRJQqRtqEgSiJWG7h7efGYWmh4URhFM9k9+rmG/CwCgwx7Et+c8OMlngaLl04/bPmfpjdEyLWyNimk761CX6KymzYiRDNz1MOJOJ7OzFaS4PFbVLn0m5mf0HVNtBpPwWuCNvaFVflUYxEyblbB6h/oWOPGbzoSgtRA47SHV53SwZjIsVpbq4LxUW9IxAEwYzGcSgZ4n5Q8X8TndowsDUzoccPFGhdwIDAQAB" | openssl base64 -A -d | openssl asn1parse -inform DER
>     0:d=0  hl=4 l= 290 cons: SEQUENCE          
>     4:d=1  hl=2 l=  13 cons: SEQUENCE          
>     6:d=2  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>    17:d=2  hl=2 l=   0 prim: NULL              
>    19:d=1  hl=4 l= 271 prim: BIT STRING
> 
> That's an ASN1 encoding of X.509 SPKI object.  Which is
> not surprising, even for RSA one must still encode the
> modulus and exponent somehow, and other algorithms might
> have parameters...  So ASN.1 it is.

That is an RSA key.  We're talking about Ed25519 keys.
-- 
Jeremy
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux