1

I've been trying to crack this for several days now and I don't seem to get it working.

Basically I got a .private file which is the result of the following command:

dnssec-keygen -C -a DSA -b 1024 -n HOST -T KEY Hostmame

The file is in a certain format ( I removed the values for security reasons)

Private-key-format: v1.2
Algorithm: 3 (DSA)
Prime(p):   $value
Subprime(q): $value
Base(g): $value
Private_value(x): $value
Public_value(y): $value

So my question is does anybody knows how to read this file and get a PrivateKey object form it to sign a message to send towards the secured DNS Server ?

I've tried several things already, but I don't seem to get the right decoding for the values...

things tried : The readDSAPrivateKey method of this link on github: https://github.com/bitsai/courses/blob/master/Network%20Security/A3/Honoroff-Tsai/src/DNSSEC.java

Also tried this one:

ObjectInputStream keyIn = new ObjectInputStream(new FileInputStream(args[3]));
PrivateKey privkey = (PrivateKey) keyIn.readObject();
keyIn.close();

Any help or point outs would be appreciated...

4

1 回答 1

1

似乎这些值是用 Base64 编码编码的。

正确的解码方法是:

byte[] data = base64.fromString(val);
if (line.startsWith("Prime(p): ")){
   p = new BigInteger(1, data);
}

如此处所述: https ://github.com/dblacka/jdnssec-tools/blob/master/src/com/verisignlabs/dnssec/security/DnsKeyConverter.java

于 2014-08-25T11:30:43.250 回答