Yadis.... now OpenID
Karl Koscher
mrsaturn at teencity.org
Tue May 17 22:53:13 PDT 2005
> DSA signature is now BASE64(DER(ASN1(SEQUENCE(INTEGER,INTEGER))))
Of course, this makes it more difficult for PHP implementations, because
its OpenSSL support is severely crippled. The TypeKey clients currently
do the signature verification with either bcmath or gmp -- whichever is
enabled, and neither are supported "out of the box" with the standard
PHP distribution.
PHP also has zero support for ASN.1/DER, so you'll have to extract the r
and s values yourself. Thankfully, this isn't too hard. The basic format is:
0x30 - Start of a structure
0xXX - The length of the entire structure, including both ints
0x02 - Start of an integer (r)
0xYY - Length of the integer
<variable> - The integer encoded in the least number of bits possible
such that it can never be interpreted as a negative signed number.
Basically, if the highest-order bit is a 1, you prepend it with a 0x00.
0x02 - Start of an integer (s)
0xZZ - Length of the integer
<variable>
I'm not certain, but this might be proceeded by a variable number of
0x00s to bring the total length to 48 bytes.
That's it. The PEM public key you get is encoded the same way, with a
slightly different structure that's mentioned in RFC 2459 -- search for
Dss-Parms and DSAPublicKey. DER is described in
http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
This all took me entirely too long to figure out.
- Karl
More information about the yadis
mailing list