DKIM=Fail OpenSSL 错误:数据对于密钥大小来说太大

tag-icon tag-icon openssl dkim
DKIM=Fail OpenSSL 错误:数据对于密钥大小来说太大

以下是错误的详细信息。如有任何帮助,我们将不胜感激。

谢谢

DKIM Signature

Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=awp1.com;
     s=default; h=Content-Type:Mime-Version:Subject:From:To:Date:Sender:Reply-To:
    Message-ID:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
    Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
    In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
    List-Post:List-Owner:List-Archive;
    bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=hjFILYWdG5vAk56ssyvqVvZtJ7
    E3FqFYB9y1ssKz/UQfsZYByVm/GovpCDpymrEdqxiUzDhufi8U8hyCj0liKwBHzIWt7XNsrC+tv1M
    Jfu8EA4gt73ith7wL0p1LS+NXMmlaN3Efk7tKfNTnOjGJV1GHKidqCpYgHvZJ9WfOQPkQLvGJOw90
    A/wXHcBEBT8o749pSyqh739boijJm0yViKtgXdjdYpUO4IDFehFQ93fUNAW9hOQaW+76QlRUibwD6
    PkB86C1FzsRmKgVF+2oaRB1hK6tlZzEpw3PINqSFQks7ETk7qmx73qqkgvP5e5Q002NOSARYofjY2
    6ABU1BzA==;


Signature Information:
v= Version:         1
a= Algorithm:       rsa-sha256
c= Method:          relaxed/relaxed
d= Domain:          awp1.com
s= Selector:        default
q= Protocol:        dns/txt
bh=                 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
h= Signed Headers:  Content-Type:Mime-Version:Subject:From:To:Date:Sender:Reply-To:
    Message-ID:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
    Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
    In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
    List-Post:List-Owner:List-Archive
b= Data:            hjFILYWdG5vAk56ssyvqVvZtJ7
    E3FqFYB9y1ssKz/UQfsZYByVm/GovpCDpymrEdqxiUzDhufi8U8hyCj0liKwBHzIWt7XNsrC+tv1M
    Jfu8EA4gt73ith7wL0p1LS+NXMmlaN3Efk7tKfNTnOjGJV1GHKidqCpYgHvZJ9WfOQPkQLvGJOw90
    A/wXHcBEBT8o749pSyqh739boijJm0yViKtgXdjdYpUO4IDFehFQ93fUNAW9hOQaW+76QlRUibwD6
    PkB86C1FzsRmKgVF+2oaRB1hK6tlZzEpw3PINqSFQks7ETk7qmx73qqkgvP5e5Q002NOSARYofjY2
    6ABU1BzA==
Public Key DNS Lookup

Building DNS Query for default._domainkey.awp1.com
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMt3AOXxBH/50PNk4YJp2CtxiEFH8BU0+aIYNNXmZVtUOGJx6ZCW/UmwehExS3LTJrM4DtzGLr2gaOdASOIoD+GMiZVa69PhjWCaFm/6D1dzDOzCUP/W89HHPIFMas7v6LMSg3jIvBnLWVYJbmiH9yu1C5xTzKt7Bfk27QmUJZiQIDAQAB;
Validating Signature

result = fail
Details: OpenSSL error: data too large for key size

答案1

DNS 中的公钥(default._domainkey.awp1.com)似乎是一个 1024 位长的 RSA 密钥(解码密钥链接

DKIM 签名(b 标签,base64 编码)中的 RSA 签名的长度为 2048 位。

但对于 RSA,密钥大小和签名大小应该相同

因此,OpenSSL 理所当然地抱怨签名大小(2048 位)对于使用的密钥(1024 位)来说太大。

相关内容