Sign/verify data with ed25519 keys of a tinc 1.1 host
Anton Voyl
awiouy at gmail.com
Tue Jan 26 20:35:15 CET 2016
My intention was to sign the content of export-all with the nodes' public key, which would require the corresponding private key to verify.
Does this make sense ?
@
> Le 26 janv. 2016 à 20:19, Guus Sliepen <guus at tinc-vpn.org> a écrit :
>
>> On Tue, Jan 26, 2016 at 07:35:10PM +0100, Anton Voyl wrote:
>>
>> Is it possible to sign/verify data with the ed25519 keys of a tinc 1.1 host?
>
> In principle yes, but tinc does not offer a way to do that. Also,
> reusing a key for another purpose is not recommended. What do you want
> to do exactly?
>
>> More specifically, is it possible to sign a file with these keys using openssl? If so, how? If not, what program could be used, and how?
>
> No, because OpenSSL does not support Ed25519 keys. I don't know which
> tool can.
>
> Also, even though it looks like PEM encoding, the ed25519.priv file
> is actually just a base64 encoded dump of the raw key, there's no ASN.1
> involved. I don't know if there is a standard for Ed25519 key formats.
> Even OpenSSH's id_ed25519 files don't contain valid ASN.1.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
More information about the tinc
mailing list