Re: GnuTLS and Ed25519

From: Scott Kitterman <>
Date: Wed, 19 Dec 2018 18:37:23 +0000

The Exim implementation of DKIM/Ed25519 uses GnuTLS. You can probably look at their code to see how they handled it.

This was also discussed during the IETF DCRUP (DKIM Crypto UPdate) working group. The WG mailing list archive will have information on this.

The Ed25519 public keys that go in DNS are definitely not ASN.1. I don't recall about private keys and GnuTLS. For libsodium, they aren't ASN.1. For my dkimpy-milter, I use Base64 encoded binary for the private keys.

Scott K

On December 19, 2018 6:00:59 PM UTC, Alice Wonder <> wrote:
>Hi -
>OpenDKIM 2.11.0 Beta2 w/ patch from
>Built against GnuTLS 3.6.5 / Nettle 3.4.1
>It works beautifully with rsa-sha256
>If I try ed25519-sha256 I get an error:
>opendkim.service: main process exited, code=killed, status=6/ABRT
>This is what private key looks like (yes I'm aware this one is now no
>longer usable):
>-----END PRIVATE KEY-----
>I can use certtool from GnuTLS to generate a self-signed cert from the
>private key so I know GnuTLS is able to work with it.
>My question of course is, does OpenDKIM expect Ed25519 private keys to
>be in a different format than base64 encoded ANS.1 DER?
>Or is it an issue with the build? Or support just not finished yet?
>Playing around I tried a private key file with just a base64 encoding
>the raw bytes, and in that case OpenDKIM doesn't crash but I do get an
>obvious error from GnuTLS function stating it can't import it.
>Any suggestions appreciated. Mainly I'm just looking to be able to test
>validation, but I have to be able to sign to have something to test
>validation with ;)
Received on Wed Dec 19 2018 - 18:38:10 PST

This archive was generated by hypermail 2.3.0 : Thu Dec 20 2018 - 06:00:00 PST