On Sat, Jul 27, 2002 at 10:04:43AM -0700, [EMAIL PROTECTED] wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Here's what I think I found out how message signing could work with the >freenet.crypt classes. > > Please correct me and tell me which of these assumptions are wrong: > > 1. The private ssk key is a Base64-encoded DSAPrivateKey > 2. The public ssk key is the Base64-encoded fingerprint of the DSAPublicKey > 3. Message signing and verification can be done with the DSA.sign(...) > and DSA.verify(...) methods > > 4. I can create a SHA-digest of the method by creating an instance of > SHA1, call sha1.update(bytesToBeHashed), and then sha1.digest(); sha1.update can be called many times, as well, so dont copy all the bytes into one big byte[].
> 5. I convert the byte[] representation to a BigInteger with new
> BigInteger(1, sha1DigestBytes);
Or Util.byteArrayToMPI, but the effect is the same.
> 6. I get the byte[] representation of the private key by calling
> Base64.decode(privateSSKkeyString);
> 7. I convert the byte[] representation to a BigInteger with new
> BigInteger(1, privateKeyBytes);
Ditto.
>
> 8. I need a DSAGroup to call DSA.sign(...), freenet.crypt.Global
> defines three DSAGroups, but I don't know what are the differences
> between them
Group B is used for SVKs (which include SSKs)
>
> 9. I need a java.util.Random instance to call DSA.sign(...). Can I
> simply create one with new java.util.Random()?.
You should use a better random than java.util.Random, which is not very
random at all. At least use java.security.SecureRandom, or better yet,
freenet.crypt.Yarrow.
>
> 10. After calling DSA.sign(...), I have an DSASignature instance and
> only need to call toString() to get the String representaiton to
> include in the message
>
> 11. To verify a message, I create the SHA-digest in the same way I did
> before
>
> 12. I create an instance of DSASignature by calling new
> DSASignature(signatureStringThatWasIncludedInTheMessage). 12. I need
> an instance of DSAPublicKey, and the same DSAGroup as used for signing
> to verify the message with DSA.verify(...)
>
> The only question that would remain if all of my assumption above were
> correct is:
>
> Is there any way to create an instance of DSAPublicKey when I only now
> the SSK public key String, which is the public key fingerprint? Or
> does the complete public key (which is much longer than the
> fingerprint) needs to be published for message verification to work?
Yes, you need the full public key. The fingerprint is what is included
in the key, but the full public key is included in the metadata for that key.
The node verifies the retrieved full public key against the fingerprint
in the Freenet key.
Scott
msg03536/pgp00000.pgp
Description: PGP signature
