Re: ed25519 key generation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 25/03/18 12:46, Jeremy Harris wrote:
> On 25/03/18 02:05, Viktor Dukhovni wrote:
>>> Is there a way yet to get the raw public-key out,
>>> documented or not?  As you may guess, this is for DKIM.
>>
>> Not sure what format DKIM wants the key in, but if it is SKPI
>> in base64 form 
> 
> It is not.  The _raw_ pubkey, base64'd is what is wanted.
> No ASN.1 wrapping; that's why I said "raw".
> 

I just had the exact same conversation off-list...

To generate an Ed25519 private key:

$ openssl genpkey -algorithm ed25519 -outform PEM -out test25519.pem

OpenSSL does not support outputting only the raw key from the command
line. You *can* get it in SubjectPublicKeyInfo format which, for an
Ed25519 key will always consist of 12 bytes of ASN.1 header followed by
32 bytes of raw key. Therefore to get a base64 encoded raw public key:

$ openssl pkey -outform DER -pubout -in test25519.pem | tail -c +13 |
openssl base64


Matt
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux