Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this:
-----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY-----
and the public key:
ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA==
So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this:
http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt
But it does not detail how the "binary blob" translates to DSA tuples.
- Bert -
Bert, there are indeed Base64 encoded. For starters, you can try:
(DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey
I am not sure about the publicKey, but you could try the same reader code. Internally, it strips off the PEM markings (-----BEGIN DSA...and so on), the does a Base64 decode and leaves you with bytes. The #asPrivateKey will take those bytes and do an ASN.1 decode on them. My point is that the PublicKey may also be ASN.1 encoded, so you may find some traction here.
Let me know how it goes.
Are you implementing SSH?!
cheers, Robert
On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote:
Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this:
-----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY-----
and the public key:
ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA==
So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this:
http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt
But it does not detail how the "binary blob" translates to DSA tuples.
- Bert -
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Thanks Rob, I'll try that (provided I find the DSAPrivateKeyFileReader class).
I'm not implementing ssh, but the OLPC happens to use that file format for their per-user keys. So rather than generating our own (via SecurityManager>>generateLocalKeyPair) which takes a rather long time on that slow machine, I'd rather just load that.
- Bert -
On Mar 29, 2007, at 15:33 , Robert Withers wrote:
Bert, there are indeed Base64 encoded. For starters, you can try:
(DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey
I am not sure about the publicKey, but you could try the same reader code. Internally, it strips off the PEM markings (----- BEGIN DSA...and so on), the does a Base64 decode and leaves you with bytes. The #asPrivateKey will take those bytes and do an ASN. 1 decode on them. My point is that the PublicKey may also be ASN.1 encoded, so you may find some traction here.
Let me know how it goes.
Are you implementing SSH?!
cheers, Robert
On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote:
Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this:
-----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY-----
and the public key:
ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA==
So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this:
http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt
But it does not detail how the "binary blob" translates to DSA tuples.
- Bert -
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
It's in the Cryptography-X509 package.
What exactly is OLPC? I keep reading that acronym.
Rob
On Mar 29, 2007, at 6:45 AM, Bert Freudenberg wrote:
Thanks Rob, I'll try that (provided I find the DSAPrivateKeyFileReader class).
I'm not implementing ssh, but the OLPC happens to use that file format for their per-user keys. So rather than generating our own (via SecurityManager>>generateLocalKeyPair) which takes a rather long time on that slow machine, I'd rather just load that.
- Bert -
On Mar 29, 2007, at 15:33 , Robert Withers wrote:
Bert, there are indeed Base64 encoded. For starters, you can try:
(DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey
I am not sure about the publicKey, but you could try the same reader code. Internally, it strips off the PEM markings (----- BEGIN DSA...and so on), the does a Base64 decode and leaves you with bytes. The #asPrivateKey will take those bytes and do an ASN. 1 decode on them. My point is that the PublicKey may also be ASN. 1 encoded, so you may find some traction here.
Let me know how it goes.
Are you implementing SSH?!
cheers, Robert
On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote:
Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this:
-----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY-----
and the public key:
ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA==
So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this:
http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt
But it does not detail how the "binary blob" translates to DSA tuples.
- Bert -
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Hmm, the latest release on Squeakmap is for Squeak 3.4 ...
For OLPC see http://laptop.org
- Bert -
On Mar 29, 2007, at 16:38 , Robert Withers wrote:
It's in the Cryptography-X509 package.
What exactly is OLPC? I keep reading that acronym.
Rob
On Mar 29, 2007, at 6:45 AM, Bert Freudenberg wrote:
Thanks Rob, I'll try that (provided I find the DSAPrivateKeyFileReader class).
I'm not implementing ssh, but the OLPC happens to use that file format for their per-user keys. So rather than generating our own (via SecurityManager>>generateLocalKeyPair) which takes a rather long time on that slow machine, I'd rather just load that.
- Bert -
On Mar 29, 2007, at 15:33 , Robert Withers wrote:
Bert, there are indeed Base64 encoded. For starters, you can try:
(DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey
I am not sure about the publicKey, but you could try the same reader code. Internally, it strips off the PEM markings (----- BEGIN DSA...and so on), the does a Base64 decode and leaves you with bytes. The #asPrivateKey will take those bytes and do an ASN.1 decode on them. My point is that the PublicKey may also be ASN.1 encoded, so you may find some traction here.
Let me know how it goes.
Are you implementing SSH?!
cheers, Robert
On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote:
Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this:
-----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY-----
and the public key:
ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA==
So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this:
http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt
But it does not detail how the "binary blob" translates to DSA tuples.
- Bert -
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Use this Monticello repository:
MCHttpRepository location: 'http://www.squeaksource.com/Cryptography' user: '' password: ''
Then load pretty much everything. You will definitely need DSA, ASN. 1, X509, Core, RandomAndPrime.
OLPC is Neat. Thanks for the link.
Rob
On Mar 29, 2007, at 7:48 AM, Bert Freudenberg wrote:
Hmm, the latest release on Squeakmap is for Squeak 3.4 ...
For OLPC see http://laptop.org
- Bert -
On Mar 29, 2007, at 16:38 , Robert Withers wrote:
It's in the Cryptography-X509 package.
What exactly is OLPC? I keep reading that acronym.
Rob
On Mar 29, 2007, at 6:45 AM, Bert Freudenberg wrote:
Thanks Rob, I'll try that (provided I find the DSAPrivateKeyFileReader class).
I'm not implementing ssh, but the OLPC happens to use that file format for their per-user keys. So rather than generating our own (via SecurityManager>>generateLocalKeyPair) which takes a rather long time on that slow machine, I'd rather just load that.
- Bert -
On Mar 29, 2007, at 15:33 , Robert Withers wrote:
Bert, there are indeed Base64 encoded. For starters, you can try:
(DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey
I am not sure about the publicKey, but you could try the same reader code. Internally, it strips off the PEM markings (----- BEGIN DSA...and so on), the does a Base64 decode and leaves you with bytes. The #asPrivateKey will take those bytes and do an ASN.1 decode on them. My point is that the PublicKey may also be ASN.1 encoded, so you may find some traction here.
Let me know how it goes.
Are you implementing SSH?!
cheers, Robert
On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote:
Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this:
-----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY-----
and the public key:
ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA==
So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this:
http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt
But it does not detail how the "binary blob" translates to DSA tuples.
- Bert -
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Hi Rob,
turns out the private key file has the public part in it, too, it stores (0, p, q, g, y, x). DSAPrivateKeyFileReader assumes some more fields whereas my key just has the blob data in it, and it is not encrypted by a passphrase. Using the ASN.1 reader on my blob worked fine, though.
Thanks a lot!
- Bert -
On Mar 29, 2007, at 15:33 , Robert Withers wrote:
Bert, there are indeed Base64 encoded. For starters, you can try:
(DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey
I am not sure about the publicKey, but you could try the same reader code. Internally, it strips off the PEM markings (----- BEGIN DSA...and so on), the does a Base64 decode and leaves you with bytes. The #asPrivateKey will take those bytes and do an ASN. 1 decode on them. My point is that the PublicKey may also be ASN.1 encoded, so you may find some traction here.
Let me know how it goes.
Are you implementing SSH?!
cheers, Robert
On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote:
Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this:
-----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY-----
and the public key:
ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA==
So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this:
http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt
But it does not detail how the "binary blob" translates to DSA tuples.
- Bert -
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
FYI, attached is my simple DSA key reader. It does not use the Crypto package. Sorry, we are space-constrained on the OLPC -- mine is about 30 lines of code including ASN.1 decoding. It helps a lot if you know precisely what to expect ;)
I also attached a test key, it was generated with
ssh-keygen -t dsa -f test.key
So thanks anyway, you pointed me into the right direction and starting from a working example was a great help!
- Bert -
On Mar 30, 2007, at 11:36 , Bert Freudenberg wrote:
Hi Rob,
turns out the private key file has the public part in it, too, it stores (0, p, q, g, y, x). DSAPrivateKeyFileReader assumes some more fields whereas my key just has the blob data in it, and it is not encrypted by a passphrase. Using the ASN.1 reader on my blob worked fine, though.
Thanks a lot!
- Bert -
On Mar 29, 2007, at 15:33 , Robert Withers wrote:
Bert, there are indeed Base64 encoded. For starters, you can try:
(DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey
I am not sure about the publicKey, but you could try the same reader code. Internally, it strips off the PEM markings (----- BEGIN DSA...and so on), the does a Base64 decode and leaves you with bytes. The #asPrivateKey will take those bytes and do an ASN. 1 decode on them. My point is that the PublicKey may also be ASN. 1 encoded, so you may find some traction here.
Let me know how it goes.
Are you implementing SSH?!
cheers, Robert
On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote:
Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this:
-----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY-----
and the public key:
ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA==
So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this:
http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt
But it does not detail how the "binary blob" translates to DSA tuples.
- Bert -
cryptography@lists.squeakfoundation.org
-
Bert Freudenberg -
Robert Withers