mirror of
https://github.com/mjl-/mox.git
synced 2024-12-27 08:53:48 +03:00
for generated dkim keys, use clearer file names
with ".rsa2048.privatekey.pkcs8.pem", instead of "rsakey.pkcs8.pem". "rsakey" doesn't say if it is a public or private key.
This commit is contained in:
parent
4e26fd13e2
commit
40040542f6
3 changed files with 9 additions and 9 deletions
8
doc.go
8
doc.go
|
@ -45,8 +45,8 @@ low-maintenance self-hosted email.
|
||||||
mox dane dialmx domain [destination-host]
|
mox dane dialmx domain [destination-host]
|
||||||
mox dane makerecord usage selector matchtype [certificate.pem | publickey.pem | privatekey.pem]
|
mox dane makerecord usage selector matchtype [certificate.pem | publickey.pem | privatekey.pem]
|
||||||
mox dns lookup [ptr | mx | cname | ips | a | aaaa | ns | txt | srv | tlsa] name
|
mox dns lookup [ptr | mx | cname | ips | a | aaaa | ns | txt | srv | tlsa] name
|
||||||
mox dkim gened25519 >$selector._domainkey.$domain.ed25519key.pkcs8.pem
|
mox dkim gened25519 >$selector._domainkey.$domain.ed25519.privatekey.pkcs8.pem
|
||||||
mox dkim genrsa >$selector._domainkey.$domain.rsakey.pkcs8.pem
|
mox dkim genrsa >$selector._domainkey.$domain.rsa2048.privatekey.pkcs8.pem
|
||||||
mox dkim lookup selector domain
|
mox dkim lookup selector domain
|
||||||
mox dkim txt <$selector._domainkey.$domain.key.pkcs8.pem
|
mox dkim txt <$selector._domainkey.$domain.key.pkcs8.pem
|
||||||
mox dkim verify message
|
mox dkim verify message
|
||||||
|
@ -693,7 +693,7 @@ strength. This is convenient because of maximum DNS message sizes. At the time
|
||||||
of writing, not many mail servers appear to support ed25519 DKIM keys though,
|
of writing, not many mail servers appear to support ed25519 DKIM keys though,
|
||||||
so it is recommended to sign messages with both RSA and ed25519 keys.
|
so it is recommended to sign messages with both RSA and ed25519 keys.
|
||||||
|
|
||||||
usage: mox dkim gened25519 >$selector._domainkey.$domain.ed25519key.pkcs8.pem
|
usage: mox dkim gened25519 >$selector._domainkey.$domain.ed25519.privatekey.pkcs8.pem
|
||||||
|
|
||||||
# mox dkim genrsa
|
# mox dkim genrsa
|
||||||
|
|
||||||
|
@ -702,7 +702,7 @@ Generate a new 2048 bit RSA private key for use with DKIM.
|
||||||
The generated file is in PEM format, and has a comment it is generated for use
|
The generated file is in PEM format, and has a comment it is generated for use
|
||||||
with DKIM, by mox.
|
with DKIM, by mox.
|
||||||
|
|
||||||
usage: mox dkim genrsa >$selector._domainkey.$domain.rsakey.pkcs8.pem
|
usage: mox dkim genrsa >$selector._domainkey.$domain.rsa2048.privatekey.pkcs8.pem
|
||||||
|
|
||||||
# mox dkim lookup
|
# mox dkim lookup
|
||||||
|
|
||||||
|
|
4
main.go
4
main.go
|
@ -1554,7 +1554,7 @@ func ctlcmdQueueDump(ctl *ctl, id string) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func cmdDKIMGenrsa(c *cmd) {
|
func cmdDKIMGenrsa(c *cmd) {
|
||||||
c.params = ">$selector._domainkey.$domain.rsakey.pkcs8.pem"
|
c.params = ">$selector._domainkey.$domain.rsa2048.privatekey.pkcs8.pem"
|
||||||
c.help = `Generate a new 2048 bit RSA private key for use with DKIM.
|
c.help = `Generate a new 2048 bit RSA private key for use with DKIM.
|
||||||
|
|
||||||
The generated file is in PEM format, and has a comment it is generated for use
|
The generated file is in PEM format, and has a comment it is generated for use
|
||||||
|
@ -2082,7 +2082,7 @@ mox dns lookup tlsa _25._tcp.xmox.nl
|
||||||
}
|
}
|
||||||
|
|
||||||
func cmdDKIMGened25519(c *cmd) {
|
func cmdDKIMGened25519(c *cmd) {
|
||||||
c.params = ">$selector._domainkey.$domain.ed25519key.pkcs8.pem"
|
c.params = ">$selector._domainkey.$domain.ed25519.privatekey.pkcs8.pem"
|
||||||
c.help = `Generate a new ed25519 key for use with DKIM.
|
c.help = `Generate a new ed25519 key for use with DKIM.
|
||||||
|
|
||||||
Ed25519 keys are much smaller than RSA keys of comparable cryptographic
|
Ed25519 keys are much smaller than RSA keys of comparable cryptographic
|
||||||
|
|
|
@ -109,7 +109,7 @@ func MakeDKIMRSAKey(selector, domain dns.Domain) ([]byte, error) {
|
||||||
block := &pem.Block{
|
block := &pem.Block{
|
||||||
Type: "PRIVATE KEY",
|
Type: "PRIVATE KEY",
|
||||||
Headers: map[string]string{
|
Headers: map[string]string{
|
||||||
"Note": dkimKeyNote("rsa", selector, domain),
|
"Note": dkimKeyNote("rsa-2048", selector, domain),
|
||||||
},
|
},
|
||||||
Bytes: pkcs8,
|
Bytes: pkcs8,
|
||||||
}
|
}
|
||||||
|
@ -194,7 +194,7 @@ func MakeDomainConfig(ctx context.Context, domain, hostname dns.Domain, accountN
|
||||||
|
|
||||||
addSelector := func(kind, name string, privKey []byte) error {
|
addSelector := func(kind, name string, privKey []byte) error {
|
||||||
record := fmt.Sprintf("%s._domainkey.%s", name, domain.ASCII)
|
record := fmt.Sprintf("%s._domainkey.%s", name, domain.ASCII)
|
||||||
keyPath := filepath.Join("dkim", fmt.Sprintf("%s.%s.%skey.pkcs8.pem", record, timestamp, kind))
|
keyPath := filepath.Join("dkim", fmt.Sprintf("%s.%s.%s.privatekey.pkcs8.pem", record, timestamp, kind))
|
||||||
p := configDirPath(ConfigDynamicPath, keyPath)
|
p := configDirPath(ConfigDynamicPath, keyPath)
|
||||||
if err := writeFile(p, privKey); err != nil {
|
if err := writeFile(p, privKey); err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -223,7 +223,7 @@ func MakeDomainConfig(ctx context.Context, domain, hostname dns.Domain, accountN
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("making dkim rsa private key: %s", err)
|
return fmt.Errorf("making dkim rsa private key: %s", err)
|
||||||
}
|
}
|
||||||
return addSelector("rsa", name, key)
|
return addSelector("rsa2048", name, key)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := addEd25519(year + "a"); err != nil {
|
if err := addEd25519(year + "a"); err != nil {
|
||||||
|
|
Loading…
Reference in a new issue