Hi folks,
I have an ssh-format keypair and would like to extract the (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks like this: -----BEGIN DSA PRIVATE KEY----- MIIBuwIB..............XCIa3cIp -----END DSA PRIVATE KEY----- and the public key: ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA== So this looks like Base64-encoded numbers, but how are they encoded? The only reference I found was this: http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt But it does not detail how the "binary blob" translates to DSA tuples. - Bert - _______________________________________________ Cryptography mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography |
Bert, there are indeed Base64 encoded. For starters, you can try:
(DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey I am not sure about the publicKey, but you could try the same reader code. Internally, it strips off the PEM markings (-----BEGIN DSA...and so on), the does a Base64 decode and leaves you with bytes. The #asPrivateKey will take those bytes and do an ASN.1 decode on them. My point is that the PublicKey may also be ASN.1 encoded, so you may find some traction here. Let me know how it goes. Are you implementing SSH?! cheers, Robert On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote: > Hi folks, > > I have an ssh-format keypair and would like to extract the > (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key looks > like this: > > -----BEGIN DSA PRIVATE KEY----- > MIIBuwIB..............XCIa3cIp > -----END DSA PRIVATE KEY----- > > and the public key: > > ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA== > > So this looks like Base64-encoded numbers, but how are they > encoded? The only reference I found was this: > > http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt > > But it does not detail how the "binary blob" translates to DSA tuples. > > - Bert - > > > _______________________________________________ > Cryptography mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ > cryptography _______________________________________________ Cryptography mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography |
Thanks Rob, I'll try that (provided I find the
DSAPrivateKeyFileReader class). I'm not implementing ssh, but the OLPC happens to use that file format for their per-user keys. So rather than generating our own (via SecurityManager>>generateLocalKeyPair) which takes a rather long time on that slow machine, I'd rather just load that. - Bert - On Mar 29, 2007, at 15:33 , Robert Withers wrote: > Bert, there are indeed Base64 encoded. For starters, you can try: > > (DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey > > I am not sure about the publicKey, but you could try the same > reader code. Internally, it strips off the PEM markings (----- > BEGIN DSA...and so on), the does a Base64 decode and leaves you > with bytes. The #asPrivateKey will take those bytes and do an ASN. > 1 decode on them. My point is that the PublicKey may also be ASN.1 > encoded, so you may find some traction here. > > Let me know how it goes. > > Are you implementing SSH?! > > cheers, > Robert > > On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote: > >> Hi folks, >> >> I have an ssh-format keypair and would like to extract the >> (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key >> looks like this: >> >> -----BEGIN DSA PRIVATE KEY----- >> MIIBuwIB..............XCIa3cIp >> -----END DSA PRIVATE KEY----- >> >> and the public key: >> >> ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA== >> >> So this looks like Base64-encoded numbers, but how are they >> encoded? The only reference I found was this: >> >> http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt >> >> But it does not detail how the "binary blob" translates to DSA >> tuples. >> >> - Bert - >> >> >> _______________________________________________ >> Cryptography mailing list >> [hidden email] >> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >> cryptography > > _______________________________________________ > Cryptography mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ > cryptography _______________________________________________ Cryptography mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography |
It's in the Cryptography-X509 package.
What exactly is OLPC? I keep reading that acronym. Rob On Mar 29, 2007, at 6:45 AM, Bert Freudenberg wrote: > Thanks Rob, I'll try that (provided I find the > DSAPrivateKeyFileReader class). > > I'm not implementing ssh, but the OLPC happens to use that file > format for their per-user keys. So rather than generating our own > (via SecurityManager>>generateLocalKeyPair) which takes a rather > long time on that slow machine, I'd rather just load that. > > - Bert - > > On Mar 29, 2007, at 15:33 , Robert Withers wrote: > >> Bert, there are indeed Base64 encoded. For starters, you can try: >> >> (DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey >> >> I am not sure about the publicKey, but you could try the same >> reader code. Internally, it strips off the PEM markings (----- >> BEGIN DSA...and so on), the does a Base64 decode and leaves you >> with bytes. The #asPrivateKey will take those bytes and do an ASN. >> 1 decode on them. My point is that the PublicKey may also be ASN. >> 1 encoded, so you may find some traction here. >> >> Let me know how it goes. >> >> Are you implementing SSH?! >> >> cheers, >> Robert >> >> On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote: >> >>> Hi folks, >>> >>> I have an ssh-format keypair and would like to extract the >>> (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key >>> looks like this: >>> >>> -----BEGIN DSA PRIVATE KEY----- >>> MIIBuwIB..............XCIa3cIp >>> -----END DSA PRIVATE KEY----- >>> >>> and the public key: >>> >>> ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA== >>> >>> So this looks like Base64-encoded numbers, but how are they >>> encoded? The only reference I found was this: >>> >>> http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt >>> >>> But it does not detail how the "binary blob" translates to DSA >>> tuples. >>> >>> - Bert - >>> >>> >>> _______________________________________________ >>> Cryptography mailing list >>> [hidden email] >>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >>> cryptography >> >> _______________________________________________ >> Cryptography mailing list >> [hidden email] >> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >> cryptography > > > > > _______________________________________________ > Cryptography mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ > cryptography _______________________________________________ Cryptography mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography |
Hmm, the latest release on Squeakmap is for Squeak 3.4 ...
For OLPC see http://laptop.org - Bert - On Mar 29, 2007, at 16:38 , Robert Withers wrote: > It's in the Cryptography-X509 package. > > What exactly is OLPC? I keep reading that acronym. > > Rob > > On Mar 29, 2007, at 6:45 AM, Bert Freudenberg wrote: > >> Thanks Rob, I'll try that (provided I find the >> DSAPrivateKeyFileReader class). >> >> I'm not implementing ssh, but the OLPC happens to use that file >> format for their per-user keys. So rather than generating our own >> (via SecurityManager>>generateLocalKeyPair) which takes a rather >> long time on that slow machine, I'd rather just load that. >> >> - Bert - >> >> On Mar 29, 2007, at 15:33 , Robert Withers wrote: >> >>> Bert, there are indeed Base64 encoded. For starters, you can try: >>> >>> (DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey >>> >>> I am not sure about the publicKey, but you could try the same >>> reader code. Internally, it strips off the PEM markings (----- >>> BEGIN DSA...and so on), the does a Base64 decode and leaves you >>> with bytes. The #asPrivateKey will take those bytes and do an >>> ASN.1 decode on them. My point is that the PublicKey may also be >>> ASN.1 encoded, so you may find some traction here. >>> >>> Let me know how it goes. >>> >>> Are you implementing SSH?! >>> >>> cheers, >>> Robert >>> >>> On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote: >>> >>>> Hi folks, >>>> >>>> I have an ssh-format keypair and would like to extract the >>>> (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key >>>> looks like this: >>>> >>>> -----BEGIN DSA PRIVATE KEY----- >>>> MIIBuwIB..............XCIa3cIp >>>> -----END DSA PRIVATE KEY----- >>>> >>>> and the public key: >>>> >>>> ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA== >>>> >>>> So this looks like Base64-encoded numbers, but how are they >>>> encoded? The only reference I found was this: >>>> >>>> http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt >>>> >>>> But it does not detail how the "binary blob" translates to DSA >>>> tuples. >>>> >>>> - Bert - >>>> >>>> >>>> _______________________________________________ >>>> Cryptography mailing list >>>> [hidden email] >>>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >>>> cryptography >>> >>> _______________________________________________ >>> Cryptography mailing list >>> [hidden email] >>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >>> cryptography >> >> >> >> >> _______________________________________________ >> Cryptography mailing list >> [hidden email] >> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >> cryptography > > _______________________________________________ > Cryptography mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ > cryptography _______________________________________________ Cryptography mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography |
Use this Monticello repository:
MCHttpRepository location: 'http://www.squeaksource.com/Cryptography' user: '' password: '' Then load pretty much everything. You will definitely need DSA, ASN. 1, X509, Core, RandomAndPrime. OLPC is Neat. Thanks for the link. Rob On Mar 29, 2007, at 7:48 AM, Bert Freudenberg wrote: > Hmm, the latest release on Squeakmap is for Squeak 3.4 ... > > For OLPC see http://laptop.org > > - Bert - > > On Mar 29, 2007, at 16:38 , Robert Withers wrote: > >> It's in the Cryptography-X509 package. >> >> What exactly is OLPC? I keep reading that acronym. >> >> Rob >> >> On Mar 29, 2007, at 6:45 AM, Bert Freudenberg wrote: >> >>> Thanks Rob, I'll try that (provided I find the >>> DSAPrivateKeyFileReader class). >>> >>> I'm not implementing ssh, but the OLPC happens to use that file >>> format for their per-user keys. So rather than generating our own >>> (via SecurityManager>>generateLocalKeyPair) which takes a rather >>> long time on that slow machine, I'd rather just load that. >>> >>> - Bert - >>> >>> On Mar 29, 2007, at 15:33 , Robert Withers wrote: >>> >>>> Bert, there are indeed Base64 encoded. For starters, you can try: >>>> >>>> (DSAPrivateKeyFileReader fromFile: privateKeyFileName) >>>> asPrivateKey >>>> >>>> I am not sure about the publicKey, but you could try the same >>>> reader code. Internally, it strips off the PEM markings (----- >>>> BEGIN DSA...and so on), the does a Base64 decode and leaves you >>>> with bytes. The #asPrivateKey will take those bytes and do an >>>> ASN.1 decode on them. My point is that the PublicKey may also >>>> be ASN.1 encoded, so you may find some traction here. >>>> >>>> Let me know how it goes. >>>> >>>> Are you implementing SSH?! >>>> >>>> cheers, >>>> Robert >>>> >>>> On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote: >>>> >>>>> Hi folks, >>>>> >>>>> I have an ssh-format keypair and would like to extract the >>>>> (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key >>>>> looks like this: >>>>> >>>>> -----BEGIN DSA PRIVATE KEY----- >>>>> MIIBuwIB..............XCIa3cIp >>>>> -----END DSA PRIVATE KEY----- >>>>> >>>>> and the public key: >>>>> >>>>> ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA== >>>>> >>>>> So this looks like Base64-encoded numbers, but how are they >>>>> encoded? The only reference I found was this: >>>>> >>>>> http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt >>>>> >>>>> But it does not detail how the "binary blob" translates to DSA >>>>> tuples. >>>>> >>>>> - Bert - >>>>> >>>>> >>>>> _______________________________________________ >>>>> Cryptography mailing list >>>>> [hidden email] >>>>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >>>>> cryptography >>>> >>>> _______________________________________________ >>>> Cryptography mailing list >>>> [hidden email] >>>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >>>> cryptography >>> >>> >>> >>> >>> _______________________________________________ >>> Cryptography mailing list >>> [hidden email] >>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >>> cryptography >> >> _______________________________________________ >> Cryptography mailing list >> [hidden email] >> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >> cryptography > > > > > _______________________________________________ > Cryptography mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ > cryptography _______________________________________________ Cryptography mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography |
In reply to this post by Rob Withers
Hi Rob,
turns out the private key file has the public part in it, too, it stores (0, p, q, g, y, x). DSAPrivateKeyFileReader assumes some more fields whereas my key just has the blob data in it, and it is not encrypted by a passphrase. Using the ASN.1 reader on my blob worked fine, though. Thanks a lot! - Bert - On Mar 29, 2007, at 15:33 , Robert Withers wrote: > Bert, there are indeed Base64 encoded. For starters, you can try: > > (DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey > > I am not sure about the publicKey, but you could try the same > reader code. Internally, it strips off the PEM markings (----- > BEGIN DSA...and so on), the does a Base64 decode and leaves you > with bytes. The #asPrivateKey will take those bytes and do an ASN. > 1 decode on them. My point is that the PublicKey may also be ASN.1 > encoded, so you may find some traction here. > > Let me know how it goes. > > Are you implementing SSH?! > > cheers, > Robert > > On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote: > >> Hi folks, >> >> I have an ssh-format keypair and would like to extract the >> (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key >> looks like this: >> >> -----BEGIN DSA PRIVATE KEY----- >> MIIBuwIB..............XCIa3cIp >> -----END DSA PRIVATE KEY----- >> >> and the public key: >> >> ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA== >> >> So this looks like Base64-encoded numbers, but how are they >> encoded? The only reference I found was this: >> >> http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt >> >> But it does not detail how the "binary blob" translates to DSA >> tuples. >> >> - Bert - >> >> >> _______________________________________________ >> Cryptography mailing list >> [hidden email] >> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ >> cryptography > > _______________________________________________ > Cryptography mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ > cryptography _______________________________________________ Cryptography mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography |
FYI, attached is my simple DSA key reader. It does not use the Crypto
package. Sorry, we are space-constrained on the OLPC -- mine is about 30 lines of code including ASN.1 decoding. It helps a lot if you know precisely what to expect ;) I also attached a test key, it was generated with ssh-keygen -t dsa -f test.key So thanks anyway, you pointed me into the right direction and starting from a working example was a great help! - Bert - On Mar 30, 2007, at 11:36 , Bert Freudenberg wrote: > Hi Rob, > > turns out the private key file has the public part in it, too, it > stores (0, p, q, g, y, x). DSAPrivateKeyFileReader assumes some > more fields whereas my key just has the blob data in it, and it is > not encrypted by a passphrase. Using the ASN.1 reader on my blob > worked fine, though. > > Thanks a lot! > > - Bert - > > On Mar 29, 2007, at 15:33 , Robert Withers wrote: > >> Bert, there are indeed Base64 encoded. For starters, you can try: >> >> (DSAPrivateKeyFileReader fromFile: privateKeyFileName) asPrivateKey >> >> I am not sure about the publicKey, but you could try the same >> reader code. Internally, it strips off the PEM markings (----- >> BEGIN DSA...and so on), the does a Base64 decode and leaves you >> with bytes. The #asPrivateKey will take those bytes and do an ASN. >> 1 decode on them. My point is that the PublicKey may also be ASN. >> 1 encoded, so you may find some traction here. >> >> Let me know how it goes. >> >> Are you implementing SSH?! >> >> cheers, >> Robert >> >> On Mar 29, 2007, at 6:23 AM, Bert Freudenberg wrote: >> >>> Hi folks, >>> >>> I have an ssh-format keypair and would like to extract the >>> (p,q,g,x) and (p,q,g,y) DSA tuples from that. The private key >>> looks like this: >>> >>> -----BEGIN DSA PRIVATE KEY----- >>> MIIBuwIB..............XCIa3cIp >>> -----END DSA PRIVATE KEY----- >>> >>> and the public key: >>> >>> ssh-dss AAAAB3NzaC1k.........nNEnWCasjXraVA== >>> >>> So this looks like Base64-encoded numbers, but how are they >>> encoded? The only reference I found was this: >>> >>> http://www.openssh.com/txt/draft-ietf-secsh-publickeyfile-02.txt >>> >>> But it does not detail how the "binary blob" translates to DSA >>> tuples. >>> >>> - Bert - >>> _______________________________________________ Cryptography mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography |
Free forum by Nabble | Edit this page |