RFC 7250 raw public keys?

Viktor Dukhovni openssl-users at dukhovni.org
Wed Jul 8 16:59:50 UTC 2020 

On Wed, Jul 08, 2020 at 12:48:38PM -0400, Felipe Gasper wrote:

> Does OpenSSL support authentication via raw public keys? (RFC 7250) I
> can’t find anything to this effect on openssl.org.

These are not presently supported.  However, you can use DANE-EE(3) TLSA
records to authenticate essentially empty leaf certificates:

    $ openssl req -new \
        -newkey ed25519 -nodes -keyout key.pem \
        -x509 -days 36500 -subj / -out cert.pem

The resulting certificate contains pretty much only a public key:

    $ openssl x509 -text -in cert.pem
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                03:ff:26:4b:48:53:95:3c:4e:db:5d:db:b8:e5:13:1c:a7:67:e0:49
            Signature Algorithm: ED25519
            Issuer:
            Validity
                Not Before: Jul  8 16:54:41 2020 GMT
                Not After : Jun 14 16:54:41 2120 GMT
            Subject:
            Subject Public Key Info:
                Public Key Algorithm: ED25519
                    ED25519 Public-Key:
                    pub:
                        ad:48:26:95:0f:70:c4:c6:8c:8b:da:9a:d1:3c:18:
                        ef:ec:60:b1:d9:d6:40:7a:5c:4f:6e:8e:36:a2:9e:
                        b0:c7
            X509v3 extensions:
                X509v3 Subject Key Identifier:
                    A1:47:10:54:37:97:45:C0:3D:5B:3A:F2:1A:3D:EE:9F:4A:46:7B:D2
                X509v3 Authority Key Identifier:
                    keyid:A1:47:10:54:37:97:45:C0:3D:5B:3A:F2:1A:3D:EE:9F:4A:46:7B:D2

                X509v3 Basic Constraints: critical
                    CA:TRUE
        Signature Algorithm: ED25519
             48:e7:e2:1a:a0:3b:00:42:7c:66:46:67:26:08:ed:df:f8:64:
             70:17:ff:72:8e:1d:42:8e:9b:99:e8:54:e5:e1:eb:97:fe:4e:
             dd:e6:89:b8:05:e5:b3:d8:da:a6:97:91:90:c5:54:56:0e:90:
             f5:b7:5a:54:c9:78:0b:b5:ed:03
    -----BEGIN CERTIFICATE-----
    MIIBFjCByaADAgECAhQD/yZLSFOVPE7bXdu45RMcp2fgSTAFBgMrZXAwADAgFw0y
    MDA3MDgxNjU0NDFaGA8yMTIwMDYxNDE2NTQ0MVowADAqMAUGAytlcAMhAK1IJpUP
    cMTGjIvamtE8GO/sYLHZ1kB6XE9ujjainrDHo1MwUTAdBgNVHQ4EFgQUoUcQVDeX
    RcA9WzryGj3un0pGe9IwHwYDVR0jBBgwFoAUoUcQVDeXRcA9WzryGj3un0pGe9Iw
    DwYDVR0TAQH/BAUwAwEB/zAFBgMrZXADQQBI5+IaoDsAQnxmRmcmCO3f+GRwF/9y
    jh1CjpuZ6FTl4euX/k7d5om4BeWz2Nqml5GQxVRWDpD1t1pUyXgLte0D
    -----END CERTIFICATE-----

And while it is larger than the bare key, the size penalty is not
prohibitive.

-- 
    Viktor.

More information about the openssl-users mailing list