Le mercredi 04 mai 2011 à 09:07 +0100, Bob Halley a écrit : > On 4 May 2011, at 08:56, Stephane Bortzmeyer wrote: > > > On Wed, May 04, 2011 at 09:32:22AM +0200, > > Nicolas Delvaux <[email protected]> wrote > > a message of 25 lines which said: > > > >>>>> len(res.key) > >> 260 > >> > >> I don't understand this result because I know this key length is 2048 > >> bits (so 256*8). > > > > Wireshark displays the same numbers so I assume it is not a DNSpython > > issue but my lack of understanding of key representation. There are > > four bytes at the beginning of the key which look like some sort of > > tag (03 01 00 01) but even after reading RFC 5702 and 3110, I do not > > understand where do they come from and if I can expect to find them in > > any key (.FR uses RSA+SHA-256). > > > The values encoded in the RSA DNSKEY key field are: > > The length of the exponent (takes either 1 byte or 3 bytes, usually 1) > The exponent (length as specified above) > The modulus (remaining bytes) > > 03 01 00 01 means: > > "The exponent is 3 bytes long" > > "The exponent is 0x010001, i.e. 65537". > > You can take a look at _validate_rrsig() dns/dnssec.py in dnspython to see > how subfields are broken out of RSA and DSA key fields.
Many thanks, it works now. Nicolas _______________________________________________ dnspython-users mailing list [email protected] http://howl.play-bow.org/mailman/listinfo.cgi/dnspython-users
