以下是错误的详细信息。如有任何帮助,我们将不胜感激。
谢谢
DKIM Signature
Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=awp1.com;
s=default; h=Content-Type:Mime-Version:Subject:From:To:Date:Sender:Reply-To:
Message-ID:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=hjFILYWdG5vAk56ssyvqVvZtJ7
E3FqFYB9y1ssKz/UQfsZYByVm/GovpCDpymrEdqxiUzDhufi8U8hyCj0liKwBHzIWt7XNsrC+tv1M
Jfu8EA4gt73ith7wL0p1LS+NXMmlaN3Efk7tKfNTnOjGJV1GHKidqCpYgHvZJ9WfOQPkQLvGJOw90
A/wXHcBEBT8o749pSyqh739boijJm0yViKtgXdjdYpUO4IDFehFQ93fUNAW9hOQaW+76QlRUibwD6
PkB86C1FzsRmKgVF+2oaRB1hK6tlZzEpw3PINqSFQks7ETk7qmx73qqkgvP5e5Q002NOSARYofjY2
6ABU1BzA==;
Signature Information:
v= Version: 1
a= Algorithm: rsa-sha256
c= Method: relaxed/relaxed
d= Domain: awp1.com
s= Selector: default
q= Protocol: dns/txt
bh= 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
h= Signed Headers: Content-Type:Mime-Version:Subject:From:To:Date:Sender:Reply-To:
Message-ID:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive
b= Data: hjFILYWdG5vAk56ssyvqVvZtJ7
E3FqFYB9y1ssKz/UQfsZYByVm/GovpCDpymrEdqxiUzDhufi8U8hyCj0liKwBHzIWt7XNsrC+tv1M
Jfu8EA4gt73ith7wL0p1LS+NXMmlaN3Efk7tKfNTnOjGJV1GHKidqCpYgHvZJ9WfOQPkQLvGJOw90
A/wXHcBEBT8o749pSyqh739boijJm0yViKtgXdjdYpUO4IDFehFQ93fUNAW9hOQaW+76QlRUibwD6
PkB86C1FzsRmKgVF+2oaRB1hK6tlZzEpw3PINqSFQks7ETk7qmx73qqkgvP5e5Q002NOSARYofjY2
6ABU1BzA==
Public Key DNS Lookup
Building DNS Query for default._domainkey.awp1.com
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMt3AOXxBH/50PNk4YJp2CtxiEFH8BU0+aIYNNXmZVtUOGJx6ZCW/UmwehExS3LTJrM4DtzGLr2gaOdASOIoD+GMiZVa69PhjWCaFm/6D1dzDOzCUP/W89HHPIFMas7v6LMSg3jIvBnLWVYJbmiH9yu1C5xTzKt7Bfk27QmUJZiQIDAQAB;
Validating Signature
result = fail
Details: OpenSSL error: data too large for key size
答案1
DNS 中的公钥(default._domainkey.awp1.com)似乎是一个 1024 位长的 RSA 密钥(解码密钥链接)
DKIM 签名(b 标签,base64 编码)中的 RSA 签名的长度为 2048 位。
但对于 RSA,密钥大小和签名大小应该相同。
因此,OpenSSL 理所当然地抱怨签名大小(2048 位)对于使用的密钥(1024 位)来说太大。