Re: Netscape private key database info...

Dr Stephen Henson Wed, 29 Sep 1999 03:41:49 -0700
Ian Harvey wrote:
> 
> > I'm trying to extract private keys from Netscape Enterprise Server 3.5 or 3.6,
> > and wonder if anyone knows details of the format.
> 
> To answer my own question, here are the details:
> 
> The "key.db" file is in Berkeley DB v1.85 "Hash" format (www.sleepycat.com
> have code you can download to mess with this). This contains two records of
> interest; one is a 16-byte block with key "global-salt", and the other a
> variable length block with key "Server-Key".
> 
> The "Server-Key" block contains the following:
> 
> - a 16 byte "entry salt" BER-encoded as an integer (!) i.e.
>         02 10 x1 x2 x3 .... x16
> 
> - the following stuff, BER-encoded:
>     SEQUENCE {
>       SEQUENCE {
>         RC4 Encryption Algorithm Object ID (06 08 2A 86 48 86 F7 0D 03 04)
>         NULL item (05 00)
>         }
>       OCTETSTRING xx
>    }
> 
> The Octetstring needs to be decoded as follows:
> 
> Concatenate the global salt (16 bytes) and the password (use
> 'strlen(password)' bytes i.e. omitting terminating zero), and SHA-1 hash it:
> 
> saltedpasswd = SHA1( global_salt | password )
> 
> Concatenate the 'entry salt' (use the bytes in order x1..x16, i.e. treat the
> 'integer' encoding as MS byte-first) with the SHA-1 hash, and MD5 hash it.
> 
> rc4key = MD5 ( entry_salt | saltedpasswd );
> 
> This is used as a 16-byte RC4 key, to decode the above octet string.
> 
> The result contains the following, also BER-encoded:
> 
>   SEQUENCE {
>     version number (INTEGER, should be 0)
>     SEQUENCE {
>       RSA object ID  (06 09 2A 86 48 86 F7 0D 01 01 01)
>       NULL item (05 00)
>       }
>     OCTETSTRING yy
>   }
> 
> The resulting octet string contains the key as a BER-encoded "RSAPrivateKey"
> as defined in PKCS#1 i.e. you can base64-encode this to get a PEM.
> 

Yes thats pretty much it. Its actually follows the PKCS#8 format with th
key derivation algorithm you stated. A similar tecnique is used with
certificate server certificate siging keys.

Netscape 3.0 is identical except it has a password check entry which
contains an entry salt and the string "password-check" encrypted.

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
Re: Netscape private key database info...

Reply via email to
