Trying to create DKIM keys using PHP code mentioned below.
<?php
//Set these to match your domain and chosen DKIM selector
$domain = 'example.com';
$selector = 'phpmailer';
//Private key filename for this selector
$privatekeyfile = $selector . '_dkim_private.pem';
//Public key filename for this selector
$publickeyfile = $selector . '_dkim_public.pem';
if (file_exists($privatekeyfile)) {
echo "Using existing keys - if you want to generate new keys, delete old key files first.\n\n";
$privatekey = file_get_contents($privatekeyfile);
$publickey = file_get_contents($publickeyfile);
} else {
//Create a 2048-bit RSA key with an SHA256 digest
$pk = openssl_pkey_new(
[
'digest_alg' => 'sha256',
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
]
);
//Save private key
var_dump($pk);
//exit;
openssl_pkey_export_to_file($pk, $privatekeyfile);
//Save public key
$pubKey = openssl_pkey_get_details($pk);
$publickey = $pubKey['key'];
file_put_contents($publickeyfile, $publickey);
$privatekey = file_get_contents($privatekeyfile);
}
echo "<pre>"."Private key (keep this private!):\n\n" . $privatekey;
echo "\n\nPublic key:\n\n" . $publickey;
//Prepare public key for DNS, e.g.
//phpmailer._domainkey.example.com IN TXT "v=DKIM1; h=sha256; t=s; p=" "MIIBIjANBg...oXlwIDAQAB"...
$dnskey = "$selector._domainkey.$domain IN TXT";
$dnsvalue = '"v=DKIM1; h=sha256; t=s; p=" ';
//Some DNS servers don't like ;(semi colon) chars unless backslash-escaped
$dnsvalue2 = '"v=DKIM1\; h=sha256\; t=s\; p=" ';
//Strip and split the key into smaller parts and format for DNS
//Many DNS systems don't like long TXT entries
//but are OK if it's split into 255-char chunks
//Remove PEM wrapper
$publickey = preg_replace('/^-+.*?-+$/m', '', $publ开发者_运维知识库ickey);
//Strip line breaks
$publickey = str_replace(["\r", "\n"], '', $publickey);
//Split into chunks
$keyparts = str_split($publickey, 253); //Becomes 255 when quotes are included
//Quote each chunk
foreach ($keyparts as $keypart) {
$dnsvalue .= '"' . trim($keypart) . '" ';
$dnsvalue2 .= '"' . trim($keypart) . '" ';
}
echo "\n\nDNS key:\n\n" . trim($dnskey);
echo "\n\nDNS value:\n\n" . trim($dnsvalue);
echo "\n\nDNS value (with escaping):\n\n" . trim($dnsvalue2);
?>
Here in this code we are using 2048-bit RSA key with an SHA256 digest, but our DNS provider supports 1024 bit with RSA digest. key size I can manage 'private_key_bits' => 1024, please suggest how can this key can be created using RSA digest.
精彩评论