[gnutls-devel] GnuTLS | Importing ED25519 in pubkey (#613)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Sat Nov 10 23:45:59 CET 2018
New Issue was created.
Issue 613: https://gitlab.com/gnutls/gnutls/issues/613
Author: Dilyan Palauzov
The [DKIM base specification](https://tools.ietf.org/html/rfc6376#section-3.6.1) states for the k= flag “The "rsa" key type indicates that an ASN.1 DER-encoded [ITU-X660-1997] RSAPublicKey (see [RFC3447], Sections 3.1 and A.1.1) is being used in the "p=" tag.". The p= flag is a single, base64 encoded string. The key-data is imported using [gnutls_pubkey_import](https://www.gnutls.org/manual/html_node/Abstract-key-API.html#gnutls_005fpubkey_005fimport).
* Write in the documentation that gnutls_pubkey_import deals with ASN.1 data
[RFC8463 extends](https://tools.ietf.org/html/rfc8463#section-4.2) the base DKIM specification: “The p= value in the key record is the Ed25519 public key encoded in base64.”
Passing the ed25519 key over gnutls_pubkey_import returns -73 (GNUTLS_E_ASN1_TAG_ERROR) in _asn1_strict_der_decode(), with the key from DNS TXT 201803e._domainkey.kitterman.com .
As RFC 8463 doesn’t say anything about ASN.1 I guess ed25519 is not ASN.1 DER encoded, contrary to RSAPublicKey.
What function shall be used to import that data? / How shall the key from DNS be imported into a public key, after the base64 decoding?
For gnutls_pubkey_import_ecc_raw() the documentation states “In EdDSA curves the y parameter will be NULL and the other parameters will be in the native format for the curve.” What are the other parameters? There is only one other parameter - “x”.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/613
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel