[Openswan Users] Allowed chars in RSA key?

Paul Wouters paul at xelerance.com
Thu Dec 1 23:22:06 CET 2005

On Thu, 1 Dec 2005, Nick wrote:

> I am making an interface for the ipsec config files, and I need to find
> out what characters are allowed to be in the rsa key for input validation.
>  I see 0-9, a-z, A-Z, +, and / in my key, but I don't know if others
> should be allowed.

>From the man page:

the left participant's public  key  for  RSA signature authentication, in
RFC 2537 format using ipsec_ttodata(3)

IPSEC_TTODATA(3)                                 IPSEC_TTODATA(3)

       ipsec  ttodata,  datatot  - convert binary data bytes from
       and to text formats

       Ttodata, ttodatav, and datatot  convert  arbitrary  binary
       data  (e.g. encryption or authentication keys) from and to
       more-or-less human-readable text formats.

       Currently supported formats are hexadecimal,  base64,  and


       A  base64  text  value begins with a 0s (or 0S) prefix and
       continues with four-digit groups of base64 digits (A-Z, a-
       z,  0-9, +, and /), each group encoding the value of three
       binary bytes as described in section 6.8 of RFC 2045.   If
       flags  has  the  TTODATAV_IGNORESPACE  bit  on, blanks are
       ignore (after the prefix).  Note that the last one or  two
       digits  of  a base64 group can be = to indicate that fewer
       than three binary bytes are encoded.


More information about the Users mailing list