Sign/verify data with ed25519 keys of a tinc 1.1 host

Guus Sliepen guus at tinc-vpn.org
Tue Jan 26 20:19:18 CET 2016


On Tue, Jan 26, 2016 at 07:35:10PM +0100, Anton Voyl wrote:

> Is it possible to sign/verify data with the ed25519 keys of a tinc 1.1 host?

In principle yes, but tinc does not offer a way to do that. Also,
reusing a key for another purpose is not recommended. What do you want
to do exactly?

> More specifically, is it possible to sign a file with these keys using openssl? If so, how? If not, what program could be used, and how?

No, because OpenSSL does not support Ed25519 keys. I don't know which
tool can.

Also, even though it looks like PEM encoding, the ed25519.priv file
is actually just a base64 encoded dump of the raw key, there's no ASN.1
involved.  I don't know if there is a standard for Ed25519 key formats.
Even OpenSSH's id_ed25519 files don't contain valid ASN.1.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160126/b8f84a80/attachment.sig>


More information about the tinc mailing list