public key format
Bruno Randolf
bruno.randolf at 4g-systems.biz
Fri Feb 13 17:59:28 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
hello!
i would like to use tinc with public keys which are extracted from x509
certificates. the only public key format i was able to extract from
certificates with openssl commands looked like this:
- -----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwXDZs8EBb/JyZ9daB3Zk9WHxD
ULpek5NANbuHikHe8drH+QdE6DZ8qo4IXroDlT53yR7y39hmB8c1a+vryqORe2dl
gK6WAlyIopjS7MY/4+gEgeXnkKjNWf9DavY/XySWwxDBEbX8DUzsBoJFeAsvu6tl
CeINpU3Fvv/7Vfcy5wIDAQAB
- -----END PUBLIC KEY-----
i think this is the X.509 subjectPublicKeyInfo format.
the public keys that tinc generates look like that
- -----BEGIN RSA PUBLIC KEY-----
MIGJAoGBALBcNmzwQFv8nJn11oHdmT1YfENQul6Tk0A1u4eKQd7x2sf5B0ToNnyq
jgheugOVPnfJHvLf2GYHxzVr6+vKo5F7Z2WArpYCXIiimNLsxj/j6ASB5eeQqM1Z
/0Nq9j9fJJbDEMERtfwNTOwGgkV4Cy+7q2UJ4g2lTcW+//tV9zLnAgMBAAE=
- -----END RSA PUBLIC KEY-----
which may be a PKCS #1 RSAPublicKey (?)
unfortunately tinc crashes with a segementation fault when i try to use the
first format:
Trying to connect to mtx1 (172.16.1.1 port 655)
Connected to mtx1 (172.16.1.1 port 655)
Sending ID to mtx1 (172.16.1.1 port 655): 0 mtx58 17
Sending 11 bytes of metadata to mtx1 (172.16.1.1 port 6
Got ID from mtx1 (172.16.1.1 port 655): 0 mtx1 17
Sending METAKEY to mtx1 (172.16.1.1 port 655): 1 94 64
0 0 57C9352011BC165C8DFCCB0E9FCBC795C0B1E21014694F4E37B9BFF8BBAC210CE6D4F9293A
02985F4AF49F7181F8E793E39CAE8406D8FDC09610A301FC8337C426DC56BDF0B16D803A1F3337
A3C02538301DB424310AE84C034389768DDC164FDBD3E8A2A9DBFC6E30872AE4512EAD01D30352
08EDC185F684BE0979ED0FAACC
Sending 269 bytes of metadata to mtx1 (172.16.1.1 port 655)
Got METAKEY from mtx1 (172.16.1.1 port 655): 1 94 64 00940CFADF1B814D823495F0
1D8F4C5319953417CA04771401B07EC683E6802AD3C29B024AB14AB24E783EA9BD3DF125A71347
C258DB235BE0152D9040AF039403DDB1ED76A908C5C19893A180723AE8623B1716DA9B7DCB280D
443FB2B787A2C2647249D43C07ACE0A7F4FA0288DEE53EABFE9360A008E03416084F2AA4E38D21
Got fatal signal 11 (Segmentation fault)
Checkpoint trace: protocol_auth.c:215 <- protocol.c:135 <- meta.c:103 <-
net.c:266 <- net.c:119 <- event.c:93 <- meta.c:44 <- protocol.c:74 <-
protocol_auth.c:142 <- protocol_auth.c:131 <- conf.c:146 <- conf.c:106 <-
conf.c:146 <- conf.c:106 <- conf.c:183 <- conf.c:106...
dows anyone know a way to convert the first key format to one tinc
understands? or is there a way tinc can handle the subjectPublicKeyInfo
format? looking at the source it seems like it's supposed to be able to read
both formats.
thanks for your help,
bruno
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFALQJwfg2jtUL97G4RAj5sAJoCMNEs7zeKy1JU4y6AoeXQuWrIqQCgq4IR
qIWYg0dMvnBYSNLzcGDmneg=
=QFAJ
-----END PGP SIGNATURE-----
Tinc: Discussion list about the tinc VPN daemon
Archive: http://mail.nl.linux.org/lists/
Tinc site: http://tinc.nl.linux.org/
More information about the Tinc
mailing list