[EMAIL PROTECTED] (Niels Möller) writes: > Simon Josefsson <[EMAIL PROTECTED]> writes: > >> If it would help someone, there is code in libssh2 that I wrote which >> decodes unencrypted OpenSSL private keys (which apparently is what >> OpenSSH is using) and imports them into a libgcrypt sexp. > > Does openssl and openssh use the PKCS#1 format for private keys, as > the DER encoding of ASN.1 objects? (Maybe that spec is for RSA keys > only, but if so there ought to be some related spec for DSA).
Yup. It is just ASN.1 encoding of some integers in a sequence. > I would have expected openssh to use something closer to the ssh > wireformat, i.e., the wireformat ssh-rsa/ssh-dsa with some additional > felds for the secret information, like I think the old proprietary ssh > program did. > > For PKCS#1 format, the program pkcs1-conv (from nettle-1.14 and later) > can also convert RSA keys in pkcs#1 formats to sexp format. Then I would think that pkcs1-conv would handle this. /Simon _______________________________________________ lsh-bugs mailing list lsh-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/lsh-bugs