FYI, attached is my simple DSA key reader. It does not use the Crypto package. Sorry, we are space-constrained on the OLPC -- mine is about 30 lines of code including ASN.1 decoding. It helps a lot if you know precisely what to expect ;)
I also attached a test key, it was generated with
ssh-keygen -t dsa -f test.key
So thanks anyway, you pointed me into the right direction and starting from a working example was a great help!
- Bert -
On Mar 30, 2007, at 11:36 , Bert Freudenberg wrote:
Hi Rob,
turns out the private key file has the public part in it, too, it stores (0, p, q, g, y, x). DSAPrivateKeyFileReader assumes some more fields whereas my key just has the blob data in it, and it is not encrypted by a passphrase. Using the ASN.1 reader on my blob worked fine, though.
Thanks a lot!
- Bert -
On Mar 29, 2007, at 15:33 , Robert Withers wrote:
Bert, there are indeed Base64 encoded. For starters, you can try:
(DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey
I am not sure about the publicKey, but you could try the same reader code. Internally, it strips off the PEM markings (----- BEGIN DSA...and so on), the does a Base64 decode and leaves you with bytes. The #asPrivateKey will take those bytes and do an ASN. 1 decode on them. My point is that the PublicKey may also be ASN. 1 encoded, so you may find some traction here.
Let me know how it goes.
Are you implementing SSH?!
cheers, Robert
On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote:
Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this:
-----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY-----
and the public key:
ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA==
So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this:
http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt
But it does not detail how the "binary blob" translates to DSA tuples.
- Bert -