public key format

Bruno Randolf bruno.randolf at 4g-systems.biz
Fri Feb 13 17:59:28 CET 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hello!

i would like to use tinc with public keys which are extracted from x509 
certificates. the only public key format i was able to extract from 
certificates with openssl commands looked like this: 

- -----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwXDZs8EBb/JyZ9daB3Zk9WHxD
ULpek5NANbuHikHe8drH+QdE6DZ8qo4IXroDlT53yR7y39hmB8c1a+vryqORe2dl
gK6WAlyIopjS7MY/4+gEgeXnkKjNWf9DavY/XySWwxDBEbX8DUzsBoJFeAsvu6tl
CeINpU3Fvv/7Vfcy5wIDAQAB
- -----END PUBLIC KEY-----

i think this is the X.509 subjectPublicKeyInfo format.
the public keys that tinc generates look like that 

- -----BEGIN RSA PUBLIC KEY-----
MIGJAoGBALBcNmzwQFv8nJn11oHdmT1YfENQul6Tk0A1u4eKQd7x2sf5B0ToNnyq
jgheugOVPnfJHvLf2GYHxzVr6+vKo5F7Z2WArpYCXIiimNLsxj/j6ASB5eeQqM1Z
/0Nq9j9fJJbDEMERtfwNTOwGgkV4Cy+7q2UJ4g2lTcW+//tV9zLnAgMBAAE=
- -----END RSA PUBLIC KEY-----

which may be a PKCS #1 RSAPublicKey (?)
unfortunately tinc crashes with a segementation fault when i try to use the 
first format: 

Trying to connect to mtx1 (172.16.1.1 port 655)
Connected to mtx1 (172.16.1.1 port 655)
 Sending ID to mtx1 (172.16.1.1 port 655): 0 mtx58 17
 Sending 11 bytes of metadata to mtx1 (172.16.1.1 port 6
 Got ID from mtx1 (172.16.1.1 port 655): 0 mtx1 17
 Sending METAKEY to mtx1 (172.16.1.1 port 655): 1 94 64
0 0 57C9352011BC165C8DFCCB0E9FCBC795C0B1E21014694F4E37B9BFF8BBAC210CE6D4F9293A
02985F4AF49F7181F8E793E39CAE8406D8FDC09610A301FC8337C426DC56BDF0B16D803A1F3337
A3C02538301DB424310AE84C034389768DDC164FDBD3E8A2A9DBFC6E30872AE4512EAD01D30352
08EDC185F684BE0979ED0FAACC
 Sending 269 bytes of metadata to mtx1 (172.16.1.1 port 655)
 Got METAKEY from mtx1 (172.16.1.1 port 655): 1 94 64 00940CFADF1B814D823495F0
1D8F4C5319953417CA04771401B07EC683E6802AD3C29B024AB14AB24E783EA9BD3DF125A71347
C258DB235BE0152D9040AF039403DDB1ED76A908C5C19893A180723AE8623B1716DA9B7DCB280D
443FB2B787A2C2647249D43C07ACE0A7F4FA0288DEE53EABFE9360A008E03416084F2AA4E38D21
 Got fatal signal 11 (Segmentation fault)
 Checkpoint trace: protocol_auth.c:215 <- protocol.c:135 <- meta.c:103 <- 
net.c:266 <- net.c:119 <- event.c:93 <- meta.c:44 <- protocol.c:74 <- 
protocol_auth.c:142 <- protocol_auth.c:131 <- conf.c:146 <- conf.c:106 <- 
conf.c:146 <- conf.c:106 <- conf.c:183 <- conf.c:106...

dows anyone know a way to convert the first key format to one tinc 
understands? or is there a way tinc can handle the subjectPublicKeyInfo  
format? looking at the source it seems like it's supposed to be able to read 
both formats.

thanks for your help,
bruno
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFALQJwfg2jtUL97G4RAj5sAJoCMNEs7zeKy1JU4y6AoeXQuWrIqQCgq4IR
qIWYg0dMvnBYSNLzcGDmneg=
=QFAJ
-----END PGP SIGNATURE-----


Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/





More information about the Tinc mailing list