<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"Pré-formatação HTML Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
tt
{mso-style-priority:99;
font-family:"Courier New";}
span.Pr-formataoHTMLChar
{mso-style-name:"Pré-formatação HTML Char";
mso-style-priority:99;
mso-style-link:"Pré-formatação HTML";
font-family:Consolas;
color:black;}
span.EstiloDeEmail20
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EstiloDeEmail21
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body bgcolor=white lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>I did some quick research and found this: <a href="http://en.wikipedia.org/wiki/Digital_Signature_Algorithm">http://en.wikipedia.org/wiki/Digital_Signature_Algorithm</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>If my understanding is correct, the public key is (p, q, g, y).<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>The private key would be x, such that y = g^x mod p.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Is there some way to generate both public and private keys using OpenSSL, based on p, q, g and y?<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=PT-BR style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext'>De:</span></b><span lang=PT-BR style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext'> openssl-users [mailto:openssl-users-bounces@openssl.org] <b>Em nome de </b>Marcus Vinicius do Nascimento<br><b>Enviada em:</b> terça-feira, 12 de maio de 2015 17:06<br><b>Para:</b> openssl-users@openssl.org<br><b>Assunto:</b> [openssl-users] RES: Testing OpenSSL based solution<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Thanks for both answers.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>I tried using Y as the public key, but ssl seems not to accept that.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Here is the error scenario:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>From the FIP file:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>[mod = 1024]<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span lang=PT-BR style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>P = fda5442483ccf7a12399d6c13d56ff882d689524f1885fcb7424e26da2d200a1657b631dcc74c73ecbd89fe42cc554b7062835c73d7203161e09742392b2b7c75253eea04a0b55d511646fbe2e81a9d80463e956527f8d6d42f4193984d5dcc6a8dadff80f31e44405840828581f013e074859b885908aaab30d87660bbaf8cb<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span lang=PT-BR style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Q = dc678f95c673538f74dcbf67a80454c843937795<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span lang=PT-BR style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>G = efd89f2dcf6e6a6a77cf18f238b2419de127864218eb4550c9e1a73085f97d7988322d7eea91590646373aa66f7a3d0994cb5ac741a19874eb9e79862b000e5978f3305bb70be4f987a12a686167316e663f4de995b36e74062e39a79a4b30e4d36977276e3d33c5165911d303d5682f8e0a96c510e1d9606d09b5573a675362<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span lang=PT-BR style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span lang=PT-BR style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Msg = 58b7b3639a8d99babfe57f814024c5e7a0893bcf47b692768e6c11561796894b5f898bf5968ad85dae9019dbb24cd13759678f0edb0b687703a4a4e785e8b85293157593ab797e0eb338ff94474a9c8752c3a83edb5798aa221db73aec931bfd1be3d70781647215f6649874a825101eb325ee27f2a20a57145eb019f2a09993<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span lang=PT-BR style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Y = 808998aecbc5ab4679bf215e2166b371d249bb6e4bfc3404f2bcd2aaf61770851d236668252a11f061fb54067ddaa97ed7bf5a5c836db02e5b1f9f1a627ac1eb2dcfa484ed5fef383f4bae7aa18a3ef9ea94bab83439ccf261ec52529f298050b27df185eecccf8caa44b529c8fcbd88c6a33cc42b5b17244ea9e1099686a92b<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span lang=PT-BR style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>R = 33bf9a15b6823e7c5583f94bcea2f0439a881f8c<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>S = 48feaff1ec4803fb88fdc70773d9ac7b84905d3a<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Result = P<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>So I tried reformatting Y to pass it to PEM_read_bio_DSAPrivateKey.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Converting Y to Base64 = "gImYrsvFq0Z5vyFeIWazcdJJu25L/DQE8rzSqvYXcIUdI2ZoJSoR8GH7VAZ92ql+179aXINtsC5bH58aYnrB6y3PpITtX+84P0uueqGKPvnqlLq4NDnM8mHsUlKfKYBQsn3xhe7Mz4yqRLUpyPy9iMajPMQrWxckTqnhCZaGqSs="<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Reformatting in PEM format = "-----BEGIN DSA PRIVATE KEY-----<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>gImYrsvFq0Z5vyFeIWazcdJJu25L/DQE8rzSqvYXcIUdI2ZoJSoR8GH7VAZ92ql+<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>179aXINtsC5bH58aYnrB6y3PpITtX+84P0uueqGKPvnqlLq4NDnM8mHsUlKfKYBQ<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>sn3xhe7Mz4yqRLUpyPy9iMajPMQrWxckTqnhCZaGqSs=<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>-----END DSA PRIVATE KEY-----<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>"<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Code that matters:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> BIO * keybio = BIO_new_mem_buf(const_cast<char *>(key.c_str()), -1);<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> if (keybio == NULL)<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> {<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> errormsg = "Can not create DSA key";<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> return 0;<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> }<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> DSA *dsa = PEM_read_bio_DSAPrivateKey(keybio, &dsa, NULL, NULL);<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> if (dsa == NULL)<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> {<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> errormsg = "Can not read DSA key";<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> }<o:p></o:p></span></p><p class=MsoNormal style='margin-left:36.0pt'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> return dsa;<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>PEM_read_bio_DSAPrivateKey fails.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Am I missing something here?<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=PT-BR style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext'>De:</span></b><span lang=PT-BR style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext'> openssl-users [mailto:openssl-users-bounces@openssl.org] <b>Em nome de </b>Jakob Bohm<br><b>Enviada em:</b> terça-feira, 12 de maio de 2015 15:42<br><b>Para:</b> openssl-users@openssl.org<br><b>Assunto:</b> Re: [openssl-users] Testing OpenSSL based solution<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal>On 12/05/2015 20:10, Salz, Rich wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><pre>You can't easily have test vectors for DSA signatures since they include a random. Any test vector would have to include the random, and any API would have to be able to accept the random as part of the "sign" API. Verification should be okay.<o:p></o:p></pre><pre><o:p> </o:p></pre><pre><o:p> </o:p></pre></blockquote><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:10.0pt;font-family:"Courier New"'><br><tt>What Mr. Salz refers to by "Verification should be okay" </tt><br><tt>is probably this:</tt><br><br><tt>You can have test vectors in the form of known good </tt><br><tt>signatures with public keys listed in the test vector. </tt><br><tt>For DSA, those would be the (message, y, r, s) quads </tt><br><tt>mentioned by the OP (y is the public key, (r, s) is the </tt><br><tt>signature), depending on his class library, it might be </tt><br><tt>possible to reformat those vectors to the format used </tt><br><tt>by his code for real messages.</tt><br><br><tt>The importance of such test vectors is to detect if an </tt><br><tt>implementation is accidentally implementing a different </tt><br><tt>signature algorithm (such as accidentally appending a 0 </tt><br><tt>byte to each message both during signing and </tt><br><tt>verification). This would not be detected by signing </tt><br><tt>and verifying sample messages with random parameters.</tt><br><br></span><o:p></o:p></p><pre>Enjoy<o:p></o:p></pre><pre><o:p> </o:p></pre><pre>Jakob<o:p></o:p></pre><pre>-- <o:p></o:p></pre><pre>Jakob Bohm, CIO, Partner, WiseMo A/S. <a href="http://www.wisemo.com">http://www.wisemo.com</a><o:p></o:p></pre><pre>Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10<o:p></o:p></pre><pre>This public discussion message is non-binding and may contain errors.<o:p></o:p></pre><pre>WiseMo - Remote Service Management for PCs, Phones and Embedded <o:p></o:p></pre></div></body></html>