PHP hackers wanted -- here's a seed
Brad Fitzpatrick
brad at danga.com
Wed May 25 01:43:54 PDT 2005
PHP hackers,
The TypeKey auth code in PHP,
http://www.uva.ne.jp/Auth_TypeKey/Auth_TypeKey.phps
does DSA verification using one of two PHP modules (gmp or bcmath).
While it expects all the parameters in raw form, not PEM/ASN.1, it
shouldn't be too hard to parse the ASN.1 either by hand or with some
library that google is totally failing to find for me.
The Crypt::DSA module needed raw 'r' and 's' parameters from the
signature, so I did this ghetto thing by hand:
my ($len, $len_r, $len_s, $r, $s);
unless ($sig =~ /^\x30/ &&
($len = ord(substr($sig,1,1))) &&
substr($sig,2,1) eq "\x02" &&
($len_r = ord(substr($sig,3,1))) &&
($r = substr($sig,4,$len_r)) &&
substr($sig,4+$len_r,1) eq "\x02" &&
($len_s = ord(substr($sig,5+$len_r,1))) &&
($s = substr($sig,6+$len_r,$len_s))) {
return $self->_fail("asn1_parse_error", "Failed to parse ASN.1 signature");
}
Which puts gets $r and $s from the DER-packed ASN1 of
SEQUENCE(INTEGER,INTEGER). You can port that to PHP, then you just need
to decode the PEM file:
http://www.livejournal.com/misc/openid.bml?openid.mode=getpubkey
-----BEGIN PUBLIC KEY-----
MIIBtjCCASsGByqGSM44BAEwggEeAoGBANuhjw/GIilXNuvnf9q3ygn1XSzzRtql
3BpsWSRVwXA05G/d9pEBIH35ADEQ6F035f88OfuZYRlUZt6Zx5q4ReA4KXWdAIaA
snDem9vNYJM+O2yK5sh6yYC6AnDn+zx0gUyr9npXun2nfQcrrXT4b2/Q1mAzawTX
q51pCAaDVICVAhUA611/IduNCUoRyE4a4DZ5jUUfGlUCgYBtFIHm3xwTszWVyWzr
YpE6I7PGkgO6bHTLyH4ngmFbhLt3zCj5Kzi9ifRb906CStAsCQAH6x5BKGybq6hD
8JqJk0kaQ8CpHaCjXcFLAjaNxH5pHftfYq3F8waUkeAwvtIQpEL4UKaLaMqbTm3N
FxWoTcEZ2khdlgGbyNXTmDxN3gOBhAACgYAT/V4S6EYk8Sz25Lq1THXo20b0HH8B
F8bvrfeWL26j6zL+Xzxw2T2s6Jo1vSbhflyZ6mou9tjSTN5xNBbKWCGm7jljLEE2
l9P4G6t5+IIgzf3TFrnApYPSb75HmSVChWiafDkfETB1Ubu2BBmGr9DWMicSvage
nsxOWTm7SqJt1Q==
-----END PUBLIC KEY-----
Remove the BEGIN/END lines, put it all together, un-base64 it, and you
just got another DER-packed ASN.1, which I'm told is of schema:
(ASN1_DER
(SEQUENCE
(SEQUENCE
(OBJECT dsaEncryption)
(SEQUENCE
(INTEGER p)
(INTEGER q)
(INTEGER g)))
(BITSTRING
(ASN1_DER
(INTEGER y)))))
And indeed looks like that:
$ dumpasn1 ljpub
0 438: SEQUENCE {
4 299: SEQUENCE {
8 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
17 286: SEQUENCE {
21 129: INTEGER
: 00 DB A1 8F 0F C6 22 29 57 36 EB E7 7F DA B7 CA
: 09 F5 5D 2C F3 46 DA A5 DC 1A 6C 59 24 55 C1 70
: 34 E4 6F DD F6 91 01 20 7D F9 00 31 10 E8 5D 37
: E5 FF 3C 39 FB 99 61 19 54 66 DE 99 C7 9A B8 45
: E0 38 29 75 9D 00 86 80 B2 70 DE 9B DB CD 60 93
: 3E 3B 6C 8A E6 C8 7A C9 80 BA 02 70 E7 FB 3C 74
: 81 4C AB F6 7A 57 BA 7D A7 7D 07 2B AD 74 F8 6F
: 6F D0 D6 60 33 6B 04 D7 AB 9D 69 08 06 83 54 80
: [ Another 1 bytes skipped ]
153 21: INTEGER
: 00 EB 5D 7F 21 DB 8D 09 4A 11 C8 4E 1A E0 36 79
: 8D 45 1F 1A 55
176 128: INTEGER
: 6D 14 81 E6 DF 1C 13 B3 35 95 C9 6C EB 62 91 3A
: 23 B3 C6 92 03 BA 6C 74 CB C8 7E 27 82 61 5B 84
: BB 77 CC 28 F9 2B 38 BD 89 F4 5B F7 4E 82 4A D0
: 2C 09 00 07 EB 1E 41 28 6C 9B AB A8 43 F0 9A 89
: 93 49 1A 43 C0 A9 1D A0 A3 5D C1 4B 02 36 8D C4
: 7E 69 1D FB 5F 62 AD C5 F3 06 94 91 E0 30 BE D2
: 10 A4 42 F8 50 A6 8B 68 CA 9B 4E 6D CD 17 15 A8
: 4D C1 19 DA 48 5D 96 01 9B C8 D5 D3 98 3C 4D DE
: }
: }
307 132: BIT STRING, encapsulates {
311 128: INTEGER
: 13 FD 5E 12 E8 46 24 F1 2C F6 E4 BA B5 4C 75 E8
: DB 46 F4 1C 7F 01 17 C6 EF AD F7 96 2F 6E A3 EB
: 32 FE 5F 3C 70 D9 3D AC E8 9A 35 BD 26 E1 7E 5C
: 99 EA 6A 2E F6 D8 D2 4C DE 71 34 16 CA 58 21 A6
: EE 39 63 2C 41 36 97 D3 F8 1B AB 79 F8 82 20 CD
: FD D3 16 B9 C0 A5 83 D2 6F BE 47 99 25 42 85 68
: 9A 7C 39 1F 11 30 75 51 BB B6 04 19 86 AF D0 D6
: 32 27 12 BD A8 1E 9E CC 4E 59 39 BB 4A A2 6D D5
: }
: }
Hopefully something in this email proves useful.
- Brad
More information about the yadis
mailing list