[EMAIL PROTECTED] (Niels Möller) writes:

> Simon Josefsson <[EMAIL PROTECTED]> writes:
>
>> If it would help someone, there is code in libssh2 that I wrote which
>> decodes unencrypted OpenSSL private keys (which apparently is what
>> OpenSSH is using) and imports them into a libgcrypt sexp.
>
> Does openssl and openssh use the PKCS#1 format for private keys, as
> the DER encoding of ASN.1 objects? (Maybe that spec is for RSA keys
> only, but if so there ought to be some related spec for DSA).

Yup.  It is just ASN.1 encoding of some integers in a sequence.

> I would have expected openssh to use something closer to the ssh
> wireformat, i.e., the wireformat ssh-rsa/ssh-dsa with some additional
> felds for the secret information, like I think the old proprietary ssh
> program did.
>
> For PKCS#1 format, the program pkcs1-conv (from nettle-1.14 and later)
> can also convert RSA keys in pkcs#1 formats to sexp format.

Then I would think that pkcs1-conv would handle this.

/Simon
_______________________________________________
lsh-bugs mailing list
lsh-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/lsh-bugs

Reply via email to