Hello,
opendkim-testkey test public dkim keys.
when I check a key published with "h=sha256" I get an error
"signature-key hash mismatch" an returncode 69
$ dig test._domainkey.testkey1.datev.de txt +short
"v=DKIM1\;p=MIGfMA0GCSqGSIb3...."
$ opendkim-testkey -d testkey1.datev.de -s test; echo $?
0
$ dig test._domainkey.testkey2.datev.de txt +short
"v=DKIM1\;h=sha256\;p=MIGfMA0GCSqGSIb3...."
$ opendkim-testkey -d testkey2.datev.de -s test; echo $?
opendkim-testkey: signature-key hash mismatch
69
I checked, that both keys *are* the same. ( difference is only h= )
I also tested a key from John Levine ( I suspect he's doing things right ;-)
# opendkim-testkey -d iecc.com -s k1008; echo $?
opendkim-testkey: signature-key hash mismatch
69
Is it a Bug or a Feature ?
Btw: all signatures from such keys verifies!
--
Andreas
Received on Mon Aug 23 2010 - 09:03:37 PST