0

Below is detailed info on the error. Any help would be appreciated.

Thanks

DKIM Signature

Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=awp1.com;
     s=default; h=Content-Type:Mime-Version:Subject:From:To:Date:Sender:Reply-To:
    Message-ID:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
    Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
    In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
    List-Post:List-Owner:List-Archive;
    bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=hjFILYWdG5vAk56ssyvqVvZtJ7
    E3FqFYB9y1ssKz/UQfsZYByVm/GovpCDpymrEdqxiUzDhufi8U8hyCj0liKwBHzIWt7XNsrC+tv1M
    Jfu8EA4gt73ith7wL0p1LS+NXMmlaN3Efk7tKfNTnOjGJV1GHKidqCpYgHvZJ9WfOQPkQLvGJOw90
    A/wXHcBEBT8o749pSyqh739boijJm0yViKtgXdjdYpUO4IDFehFQ93fUNAW9hOQaW+76QlRUibwD6
    PkB86C1FzsRmKgVF+2oaRB1hK6tlZzEpw3PINqSFQks7ETk7qmx73qqkgvP5e5Q002NOSARYofjY2
    6ABU1BzA==;


Signature Information:
v= Version:         1
a= Algorithm:       rsa-sha256
c= Method:          relaxed/relaxed
d= Domain:          awp1.com
s= Selector:        default
q= Protocol:        dns/txt
bh=                 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
h= Signed Headers:  Content-Type:Mime-Version:Subject:From:To:Date:Sender:Reply-To:
    Message-ID:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
    Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
    In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
    List-Post:List-Owner:List-Archive
b= Data:            hjFILYWdG5vAk56ssyvqVvZtJ7
    E3FqFYB9y1ssKz/UQfsZYByVm/GovpCDpymrEdqxiUzDhufi8U8hyCj0liKwBHzIWt7XNsrC+tv1M
    Jfu8EA4gt73ith7wL0p1LS+NXMmlaN3Efk7tKfNTnOjGJV1GHKidqCpYgHvZJ9WfOQPkQLvGJOw90
    A/wXHcBEBT8o749pSyqh739boijJm0yViKtgXdjdYpUO4IDFehFQ93fUNAW9hOQaW+76QlRUibwD6
    PkB86C1FzsRmKgVF+2oaRB1hK6tlZzEpw3PINqSFQks7ETk7qmx73qqkgvP5e5Q002NOSARYofjY2
    6ABU1BzA==
Public Key DNS Lookup

Building DNS Query for default._domainkey.awp1.com
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMt3AOXxBH/50PNk4YJp2CtxiEFH8BU0+aIYNNXmZVtUOGJx6ZCW/UmwehExS3LTJrM4DtzGLr2gaOdASOIoD+GMiZVa69PhjWCaFm/6D1dzDOzCUP/W89HHPIFMas7v6LMSg3jIvBnLWVYJbmiH9yu1C5xTzKt7Bfk27QmUJZiQIDAQAB;
Validating Signature

result = fail
Details: OpenSSL error: data too large for key size
Thomas
  • 4,225
  • 5
  • 23
  • 28
David Broderick
  • 1
  • 1
  • 1

1 Answers1

2

The publickey in the DNS (default._domainkey.awp1.com) seems to be a 1024 bit long RSA key (link to decoded key)

The length of the RSA signature in the DKIM signature (the b-tag, base64 encoded) is 2048 bit.

But for RSA, the key size and the size of the signature should be the same.

OpenSSL wherefore rightfully complains about the signature size (2048 bit) being to large for used key (1024 bit).

user228011
  • 226
  • 1
  • 2