On Wed, Mar 07, 2012 at 12:13:35PM +0000, Chris Thompson wrote:
> This is wrong (although I have seen the same thing stated in a number
> of other places). When the default public exponent was changed from
> 3 to 2^16+1 (change 2088) the one selected by -e was changed from
> 2^16+1 to 2^30+3 ... *not* 2^32+1. And so it remains today.
...
> And you will find that the ones generated by "dnssec-keygen -e" start
> BEAAAA...
Umm, no:
[littledebian:~/dns] owens% dnssec-keygen -e example.com
Generating key pair....................................++++++
.............++++++
Kexample.com.+005+43304
[littledebian:~/dns] owens% cat Kexample.com.+005+43304.key
; This is a zone-signing key, keyid 43304, for example.com.
; Created: 20120307140855 (Wed Mar 7 09:08:55 2012)
; Publish: 20120307140855 (Wed Mar 7 09:08:55 2012)
; Activate: 20120307140855 (Wed Mar 7 09:08:55 2012)
example.com. IN DNSKEY 256 3 5
BQEAAAABw3A8Wji6BjyanbOXUtIH1UcroHZKh06qRKXASbxHAQHJogaw
6m2wYX77KvtzVSto/nbHXM/53Vbu/Ar8CAXC/+r/R5BOHw73qA12LqXr
7utMeLmBPjq4RUqluurlVTHt5/FD85tr0yr8mu7h39gVmMY0bnRpgx6p aj2zjpv3O3U=
The code definitely uses 2^32+1:
[littledebian:bind-9.9.0/lib/dns] owens% grep -A 3 -B 5 F5 opensslrsa_link.c
if (exp == 0) {
/* RSA_F4 0x10001 */
BN_set_bit(e, 0);
BN_set_bit(e, 16);
} else {
/* F5 0x100000001 */
BN_set_bit(e, 0);
BN_set_bit(e, 32);
}
Note - I have no opinion on whether this is good, bad, or merely ugly since I
don't write crypto code and don't understand enough about RSA to be able to
form an opinion. But that's what BIND does, as of the current version.
Bill.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
