开发者

Issue in creating DKIM key with RSA digest

Trying to create DKIM keys using PHP code mentioned below.

<?php

//Set these to match your domain and chosen DKIM selector
$domain = 'example.com';
$selector = 'phpmailer';

//Private key filename for this selector
$privatekeyfile = $selector . '_dkim_private.pem';
//Public key filename for this selector
$publickeyfile = $selector . '_dkim_public.pem';

if (file_exists($privatekeyfile)) {
    echo "Using existing keys - if you want to generate new keys, delete old key files first.\n\n";
    $privatekey = file_get_contents($privatekeyfile);
    $publickey = file_get_contents($publickeyfile);
} else {
    //Create a 2048-bit RSA key with an SHA256 digest
    $pk = openssl_pkey_new(
        [
            'digest_alg' => 'sha256',
            'private_key_bits' => 2048,
            'private_key_type' => OPENSSL_KEYTYPE_RSA,
        ]
    );
    //Save private key

    var_dump($pk);
    //exit;
    openssl_pkey_export_to_file($pk, $privatekeyfile);
    //Save public key
    $pubKey = openssl_pkey_get_details($pk);
    $publickey = $pubKey['key'];
    file_put_contents($publickeyfile, $publickey);
    
    $privatekey = file_get_contents($privatekeyfile);
}
echo "<pre>"."Private key (keep this private!):\n\n" . $privatekey;
echo "\n\nPublic key:\n\n" . $publickey;

//Prepare public key for DNS, e.g.
//phpmailer._domainkey.example.com IN TXT "v=DKIM1; h=sha256; t=s; p=" "MIIBIjANBg...oXlwIDAQAB"...
$dnskey = "$selector._domainkey.$domain IN TXT";
$dnsvalue = '"v=DKIM1; h=sha256; t=s; p=" ';
//Some DNS servers don't like ;(semi colon) chars unless backslash-escaped
$dnsvalue2 = '"v=DKIM1\; h=sha256\; t=s\; p=" ';

//Strip and split the key into smaller parts and format for DNS
//Many DNS systems don't like long TXT entries
//but are OK if it's split into 255-char chunks
//Remove PEM wrapper
$publickey = preg_replace('/^-+.*?-+$/m', '', $publ开发者_运维知识库ickey);
//Strip line breaks
$publickey = str_replace(["\r", "\n"], '', $publickey);
//Split into chunks
$keyparts = str_split($publickey, 253); //Becomes 255 when quotes are included
//Quote each chunk
foreach ($keyparts as $keypart) {
    $dnsvalue .= '"' . trim($keypart) . '" ';
    $dnsvalue2 .= '"' . trim($keypart) . '" ';
}
echo "\n\nDNS key:\n\n" . trim($dnskey);
echo "\n\nDNS value:\n\n" . trim($dnsvalue);
echo "\n\nDNS value (with escaping):\n\n" . trim($dnsvalue2);
?>

Here in this code we are using 2048-bit RSA key with an SHA256 digest, but our DNS provider supports 1024 bit with RSA digest. key size I can manage 'private_key_bits' => 1024, please suggest how can this key can be created using RSA digest.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜