Re: Converting private key from OpenSSH to lsh (or the other way around)

2007-06-04 Thread Niels Möller
Kaloian Doganov <[EMAIL PROTECTED]> writes:

> I've noticed that I can convince pkcs1-conv to process PEM-formatted
> input if I drop the "--private-rsa-key" argument:
>
> $ cat /tmp/id_rsa.nopass.pem | pkcs1-conv

When reading PEM data, the type of the data follows from the PEM start
line. For DER data, its harder to derive the intended type from the
data.

Regards,
/Niels
___
lsh-bugs mailing list
lsh-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/lsh-bugs


Re: Converting private key from OpenSSH to lsh (or the other way around)

2007-06-03 Thread Kaloian Doganov
[EMAIL PROTECTED] (Niels Möller) writes:

Nice. BTW, pkcs1-conv is intended to work also with PEM-formatted
input, if you had any problem with that, I'd like to hear. You
still need to use openssl for decrypting the key, though.

Yes, I've got "Invalid PKCS#1 private key." from pkcs1-conv when I
tried to feed it with PEM-formatted input instead of DER-formatted
one:

$ openssl rsa -inform PEM -outform PEM -in ~/.ssh/id_rsa \
  -out /tmp/id_rsa.nopass.pem

$ cat /tmp/id_rsa.nopass.pem | pkcs1-conv --private-rsa-key
Invalid PKCS#1 private key.

I've noticed that I can convince pkcs1-conv to process PEM-formatted
input if I drop the "--private-rsa-key" argument:

$ cat /tmp/id_rsa.nopass.pem | pkcs1-conv

This outputs the expected result, completely identical to the working
example using DER (posted in my previous message).

You're brave, trying to play around with the experimental release
;-)

I'm just experimenting, so the experimental release is just perfect
for me. ;-)
___
lsh-bugs mailing list
lsh-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/lsh-bugs


Re: Converting private key from OpenSSH to lsh (or the other way around)

2007-06-03 Thread Niels Möller
Kaloian Doganov <[EMAIL PROTECTED]> writes:

> Indeed, I've managed to convert OpenSSH RSA key pair to GNU lsh by the
> following steps:
>
>   1. Decrypt OpenSSH key:
>
>  $ openssl rsa -inform PEM -outform DER -in ~/.ssh/id_rsa \
>-out /tmp/id_rsa.nopass
>
>   2. Convert OpenSSH key to GNU lsh:
>
>  $ cat /tmp/id_rsa.nopass | pkcs1-conv --private-rsa-key | \
>sexp-conv -s advanced | sed -e "s/rsa/rsa-pkcs1/" | \
>sexp-conv -s canonical | lsh-writekey

Nice. BTW, pkcs1-conv is intended to work also with PEM-formatted input, if
you had any problem with that, I'd like to hear. You still need to use
openssl for decrypting the key, though.

> I've done it using GNU lsh version lsh-2.9-exp, secsh protocol version
> 2.0.

You're brave, trying to play around with the experimental release ;-)

I use the client parts of the latest version daily. The server is less
tested.

Happy hacking,
/Niels
___
lsh-bugs mailing list
lsh-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/lsh-bugs


Re: Converting private key from OpenSSH to lsh (or the other way around)

2007-06-03 Thread Kaloian Doganov
[EMAIL PROTECTED] (Niels Möller) writes:

For PKCS#1 format, the program pkcs1-conv (from nettle-1.14 and
later) can also convert RSA keys in pkcs#1 formats to sexp format.

Simon Josefsson <[EMAIL PROTECTED]> writes:

Then I would think that pkcs1-conv would handle this.

Indeed, I've managed to convert OpenSSH RSA key pair to GNU lsh by the
following steps:

  1. Decrypt OpenSSH key:

 $ openssl rsa -inform PEM -outform DER -in ~/.ssh/id_rsa \
   -out /tmp/id_rsa.nopass

  2. Convert OpenSSH key to GNU lsh:

 $ cat /tmp/id_rsa.nopass | pkcs1-conv --private-rsa-key | \
   sexp-conv -s advanced | sed -e "s/rsa/rsa-pkcs1/" | \
   sexp-conv -s canonical | lsh-writekey

I've done it using GNU lsh version lsh-2.9-exp, secsh protocol version
2.0.

My initial goal -- to use single key pair for both OpenSSH and GNU lsh
-- is achieved.  That way, I can start playing with GNU lsh without
taking the risk to switch completely to it.

Thanks for your help! :-)


-- 
Protect your digital freedom and privacy, eliminate DRM, learn more at
http://www.defectivebydesign.org/what_is_drm
___
lsh-bugs mailing list
lsh-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/lsh-bugs


Re: Converting private key from OpenSSH to lsh (or the other way around)

2007-05-31 Thread Simon Josefsson
[EMAIL PROTECTED] (Niels Möller) writes:

> Simon Josefsson <[EMAIL PROTECTED]> writes:
>
>> If it would help someone, there is code in libssh2 that I wrote which
>> decodes unencrypted OpenSSL private keys (which apparently is what
>> OpenSSH is using) and imports them into a libgcrypt sexp.
>
> Does openssl and openssh use the PKCS#1 format for private keys, as
> the DER encoding of ASN.1 objects? (Maybe that spec is for RSA keys
> only, but if so there ought to be some related spec for DSA).

Yup.  It is just ASN.1 encoding of some integers in a sequence.

> I would have expected openssh to use something closer to the ssh
> wireformat, i.e., the wireformat ssh-rsa/ssh-dsa with some additional
> felds for the secret information, like I think the old proprietary ssh
> program did.
>
> For PKCS#1 format, the program pkcs1-conv (from nettle-1.14 and later)
> can also convert RSA keys in pkcs#1 formats to sexp format.

Then I would think that pkcs1-conv would handle this.

/Simon
___
lsh-bugs mailing list
lsh-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/lsh-bugs


Re: Converting private key from OpenSSH to lsh (or the other way around)

2007-05-31 Thread Niels Möller
Simon Josefsson <[EMAIL PROTECTED]> writes:

> If it would help someone, there is code in libssh2 that I wrote which
> decodes unencrypted OpenSSL private keys (which apparently is what
> OpenSSH is using) and imports them into a libgcrypt sexp.

Does openssl and openssh use the PKCS#1 format for private keys, as
the DER encoding of ASN.1 objects? (Maybe that spec is for RSA keys
only, but if so there ought to be some related spec for DSA).

I would have expected openssh to use something closer to the ssh
wireformat, i.e., the wireformat ssh-rsa/ssh-dsa with some additional
felds for the secret information, like I think the old proprietary ssh
program did.

For PKCS#1 format, the program pkcs1-conv (from nettle-1.14 and later)
can also convert RSA keys in pkcs#1 formats to sexp format.

Regards,
/Niels
___
lsh-bugs mailing list
lsh-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/lsh-bugs


Re: Converting private key from OpenSSH to lsh (or the other way around)

2007-05-31 Thread Niels Möller
Kaloian Doganov <[EMAIL PROTECTED]> writes:

> Is there any chance to convert my current OpenSSH key to
> a format, usable by lsh?

There are unfortunately no tools for converting private keys, and
since you generally don't move private keys around, the format for
private keys is usually thought of as out of the scope for the ssh
standard.

> I know there is no an authomatic tool for doing that, but I would do
> it manually if there is a known method of doing it.

If you can get openssh to output the private key in human readable
form (unencrypted, and with the various bignums written in hex, say),
you can probably assemble a key in sexp-form that is usable with lsh,
using the human-friendly "advanced" flavor of sexp-syntax. Some things
to keep in mind:

  1. bignums in sexp are signed, which means that you need to add a
 zero octet in front of any number whose most significant bit of
 the most significant byte is one.

  2. openssh and lsh might use different conventions for the
 additional information for RSA private keys (the bare minimum is
 just n and the secret exponent d, but for the crt optimization,
 you also keep the factors p, q and a few other precomputed
 numbers). lsh's conventions come from the spki spec, openssh's
 probably come from pkcs#1. I expect these to be compatible, but I
 don't remember for sure.

Then pass the result to

  sexp-conv -s canonical | lsh-writekey

to split it into public and private halves, and reencrypt the private
key.

Or you could try hacking the lsh-decode-key program to recognize
(unencrypted) openssh private keys.

> If not, is there a way to convert a key pair in the opposite direction
> -- from lsh to OpenSSH format?  If there is, I can simply generate a
> new key pair with lsh and use it both with lsh and OpenSSH.

In this case, you need only convert the public half of the key. That's
a supported mode of operation. Generate a new key in the usual way
(lsh-keygen | lsh-writekey), then use

  lsh-export-key < .lsh/identity.pub

to convert it to ietf standard format, or

  lsh-export-key --openssh < .lsh/identity.pub

for openssh's one-line format.

Regards,
/Niels
___
lsh-bugs mailing list
lsh-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/lsh-bugs