Key conversion PGP <-> PEM
Avi Rubin
an RSA PEM key to use with TIS PEM version 7.0?
*********************************************************************
Aviel D. Rubin Email: ru...@faline.bellcore.com
Bellcore (MRE-2M354) ftp://thumper.bellcore.com/pub/rubin/rubin.html
445 South St.
Morristown, NJ 07960 Voice: +1 201 829 4105
USA FAX: +1 201 829 2645
Derek Atkins
Does someone know of a tool that converts a PGP key into
an RSA PEM key to use with TIS PEM version 7.0?
I haven't heard of one. The biggest problem is that the signature is
on different data, so signatures on a PGP certificate will probably
not work once converted to a PEM certificate. (A smart converter
could theoretically put the ASN.1 encoding of a PEM certificate into a
PGP certificate, so a PEM signature might still work).
I'm not sure what is actually included in the signature of a PEM
certificate; what is included in the MD5 that is put into RSA? I
might be able to figure it out by searching RIPEM source, but I don't
have the time to do so. If it is _just_ the user's name, key,
timestamp, lifetime, then it should be possible to convert between
them.
One problem you might come across is that the PGP signature is based
upon the format of the PGP key certificate, so it might be difficult
to actually get signatures to work between PGP and PEM certificates.
But don't take my word for that.
-derek
--
Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
Home page: http://www.mit.edu:8001/people/warlord/home_page.html
war...@MIT.EDU PP-ASEL N1NWH PGP key available
Derek Atkins
The hash is over the certificate version number, serial number,
signature algorithm, issuer name, validity period, subject name, and
public key.
Ok, this means that signatures are not going to cross easily. Sigh.
Maybe I can work on fixing this in PGP 3.0 :-)
Moving the bare public key is the first step. Having a single RSA key
that can be used under either PGP or PEM is one step toward a
seemless, multi-protocl environment. The Internet drafts that I
mentioned above provide multi-protocol flexibility, leaving room for
the integration of PGP and MIME.
Oh, this is easy. Getting the N and E components out of a PGP
certificate is simple. Want for me to write some code to do this? It
wouldn't be difficult. In what format do you want the numbers stored?
MPI format? Just a byte-string? An ASN.1 structure? (Isn't
interoperability great? ;-)
Avi Rubin
If you wrote code to extract N and E from a PGP key, and
Mark Feldman (or anyone else) wrote code to take this and
produce a PEM key, this would indeed be very useful. As Mark
correctly deduced, I am interesting in making Betsi interoperate
with TIS/PEM 7.0, and since the public key has been so widely
distributed, it would be nice to use the same rsa key for
both.
By the way, there is now a certificate revocation list (currently empty)
at thumper.bellcore.com in /pub/certify/Betsi.revocation.list that is
dated and signed by Betsi. It can also be accessed from the web
page: http://info.bellcore.com/BETSI/betsi.html
Also, I am willing to distribute registered authors' public
keys signed by Betsi. I will probably just do this by putting
a big public key ring at the ftp site on thumper. Alternatively,
I could register the keys at the public key servers or mail them
back to the authors. I haven't decided yet.
One other thing I am considering is offering a time-stamping
service with Betsi.
Anyway, these changes and others are in the updated copy of
the paper also available on thumper or from the web page.
Avi