Issue #183: opendkim-testkey: Allow testing ed25519 keys #208
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…s in libopendkim instead of dkimf_canon and dkimf_sign.
…ield * opendkim/opendkim.c (): Add forward declaration for dkimf_lookup_strtoint (dkimf_add_signrequest): Extract sign algorithm from 4th field in key table and set it in the sign request. (dkimf_config_load): Allow 4th field in key table value.
…-expose-nametables
…-sign-algorithm
futatuki
added a commit
to futatuki/OpenDKIM
that referenced
this pull request
Mar 24, 2024
…ibopendkim-dkim_test_key-ed25519-support
|
Note: It seems this does not work with OpenSSL 1.1.1k (on CentOS 7, openssl11 package installed from EPEL). It fails with the error below: |
It seems even OpenDKIM develop branch head with some patches from PRs, with OpenSSL 1.1.1k cannot handle ed25519 private key PEM files created by OpenSSL 1.1.1k or 3.0.11, 3.0.12. It is not only opendkim-testkey but also opendkim milter, which adds broken signing header with those keys. |
futatuki
added a commit
to futatuki/OpenDKIM
that referenced
this pull request
Apr 9, 2024
…ibopendkim-dkim_test_key-ed25519-support
futatuki
added a commit
to futatuki/OpenDKIM
that referenced
this pull request
Apr 26, 2024
…ibopendkim-dkim_test_key-ed25519-support Fix issue trusteddomainproject#183: Allow opendkim-testkey to check KeyTable containing signing algorithm ed25519-sha256.
futatuki
added a commit
to futatuki/OpenDKIM
that referenced
this pull request
Apr 26, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a fix address issue #183, adding support for ed25519 keys to
opendkim-testkey.With PR #202, we can use more than one algorithm/key type in a KeyTable. However as issue #183 says, libopendkim function
dkim_test_key()does not support ed25519 keys.So I add new function
dkim_test_key2(), extendingdkim_test_key()so that we can pass an algorithm associated with the key, and support ed25519 keys. For the API compatibility, function interface fordkim_test_key()is not changed.As this PR requires PR #162, #207, and #202, they are already merged in this branch. So new code is only with in the last commit.