I was looking into Jira’s licensing and chose to patch + keygen jars.
I extracted the public key from class file, base64 decoded and then printed details using openssl:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
$ openssl dsa -inform DER -in pub.dsa.DER -pubin -text read DSA key pub: 00:8b:df:c1:e6:6f:98:6a:39:a2:dc:1a:c0:8d:e7: a3:b5:1d:6a:7c:5a:97:78:57:da:16:b0:f7:ad:8a: 2f:f9:c7:42:b9:c2:e0:51:b6:3e:f5:05:7f:7e:0e: 79:c4:8a:d4:ab:47:0c:f4:28:49:0f:83:1e:b7:dd: 7f:ab:ca:50:9a:61:c3:42:a7:de:05:e6:e0:b4:bc: 54:af:cb:ad:8e:e8:9f:fc:21:da:25:28:6d:2d:97: 96:1b:88:a8:47:39:98:b0:14:bb:d1:dd:fb:5a:b1: b1:09:10:e7:47:74:97:32:ab:9c:3a:8f:b0:cd:16: 03:d8:6d:91:d2:49:c3:69:d2 P: 00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec: e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6: 51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf: c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34: 6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b: 10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7: c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35: 54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef: f2:22:03:19:9d:d1:48:01:c7 Q: 00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb: 84:0b:f0:58:1c:f5 G: 00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8: 57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d: 07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10: 81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09: 32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3: ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62: f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89: a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55: 25:64:01:4c:3b:fe:cf:49:2a writing DSA key -----BEGIN PUBLIC KEY----- MIIBuDCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9E AMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f 6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv 8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtc NrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwky jMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/h WuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBAIvfweZvmGo5otwawI3no7Udanxa l3hX2haw962KL/nHQrnC4FG2PvUFf34OecSK1KtHDPQoSQ+DHrfdf6vKUJphw0Kn 3gXm4LS8VK/LrY7on/wh2iUobS2XlhuIqEc5mLAUu9Hd+1qxsQkQ50d0lzKrnDqP sM0WA9htkdJJw2nS -----END PUBLIC KEY----- |
This is a (1024,160) L/N pair, key size 1024 bits and length of Q is 160.
from http://en.wikipedia.org/wiki/Digital_Signature_Algorithm I learnt:
Per-user keys
Given a set of parameters, the second phase computes private and public keys for a single user:Choose x by some random method, where 0 < x < q. Calculate y = gx mod p. Public key is (p, q, g, y). Private key is x. There exist efficient algorithms for computing the modular exponentiations h(p–1)/q mod p and gx mod p, such as exponentiation by squaring.
y is the PUB above, x is what I want.
I googled some lines in the public key and found this http://www.herongyang.com/Cryptography/keytool-Export-Key-openssl-dsa-Command.html, keys in Jira and this blog shares a same P/G/Q.
As it’s said in that blog, his key pair is generated by ‘keytool’, which is a key and certificate management tool provided by Java http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html
So I made an experiment:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 |
sskajetekiMacBook-Pro:keytool sskaje$ keytool -genkeypair -alias MyKeyPair -keyalg DSA -keysize 1024 -keystore MyKeyStore.ks Enter keystore password: Re-enter new password: What is your first and last name? [Unknown]: What is the name of your organizational unit? [Unknown]: What is the name of your organization? [Unknown]: What is the name of your City or Locality? [Unknown]: What is the name of your State or Province? [Unknown]: What is the two-letter country code for this unit? [Unknown]: Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct? [no]: yes Enter key password for <MyKeyPair> (RETURN if same as keystore password): sskajetekiMacBook-Pro:keytool sskaje$ file MyKeyStore.ks MyKeyStore.ks: Java KeyStore sskajetekiMacBook-Pro:keytool sskaje$ keytool -exportcert -keystore MyKeyStore.ks -alias MyKeyPair | openssl x509 -inform der -text Enter keystore password: 123123 Certificate: Data: Version: 3 (0x2) Serial Number: 1399600700 (0x536c363c) Signature Algorithm: dsaWithSHA1 Issuer: C=Unknown, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=Unknown Validity Not Before: May 9 01:58:20 2014 GMT Not After : Aug 7 01:58:20 2014 GMT Subject: C=Unknown, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=Unknown Subject Public Key Info: Public Key Algorithm: dsaEncryption pub: 00:a9:f9:cd:a2:09:2b:34:7e:87:bf:e9:cd:9b:c0: ae:8d:67:c0:0f:c9:98:0e:0f:b6:53:53:02:d2:ae: 1a:c0:68:0f:23:bf:12:63:cb:55:77:f2:06:41:fc: c7:4c:f8:80:d1:11:9e:31:4b:58:84:a4:90:10:8f: 3a:c8:51:ff:79:3c:f9:d7:d9:d8:d0:1a:2b:83:cd: e8:aa:a2:61:2f:55:d2:b3:88:6a:29:4e:92:7a:d1: 13:87:9b:e9:c1:66:3d:ef:4a:a6:25:94:c1:b0:e6: 86:34:93:fd:ef:f4:a2:33:14:c3:f9:00:3d:b9:a9: 58:79:2a:46:04:ee:4d:77:c1 P: 00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec: e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6: 51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf: c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34: 6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b: 10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7: c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35: 54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef: f2:22:03:19:9d:d1:48:01:c7 Q: 00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb: 84:0b:f0:58:1c:f5 G: 00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8: 57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d: 07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10: 81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09: 32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3: ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62: f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89: a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55: 25:64:01:4c:3b:fe:cf:49:2a Signature Algorithm: dsaWithSHA1 r: 00:92:ab:4a:15:1c:16:c9:9a:cf:b9:03:a1:30:2e: 1f:b3:8d:0c:46:14 s: 4b:23:27:41:16:88:7d:fd:04:83:a4:a7:81:fa:65: cc:7d:67:62:62 -----BEGIN CERTIFICATE----- MIIDEzCCAtCgAwIBAgIEU2w2PDALBgcqhkjOOAQDBQAwbDEQMA4GA1UEBhMHVW5r bm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UE ChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjAe Fw0xNDA1MDkwMTU4MjBaFw0xNDA4MDcwMTU4MjBaMGwxEDAOBgNVBAYTB1Vua25v d24xEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xEDAOBgNVBAoT B1Vua25vd24xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggG4 MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/ gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQ IsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZ ndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5 eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbh PBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8G kotmXoB7VSVkAUw7/s9JKgOBhQACgYEAqfnNogkrNH6Hv+nNm8CujWfAD8mYDg+2 U1MC0q4awGgPI78SY8tVd/IGQfzHTPiA0RGeMUtYhKSQEI86yFH/eTz519nY0Bor g83oqqJhL1XSs4hqKU6SetETh5vpwWY970qmJZTBsOaGNJP97/SiMxTD+QA9ualY eSpGBO5Nd8EwCwYHKoZIzjgEAwUAAzAAMC0CFQCSq0oVHBbJms+5A6EwLh+zjQxG FAIUSyMnQRaIff0Eg6SngfplzH1nYmI= -----END CERTIFICATE----- |
A new key with the same P/G/Q.
http://www.ecrypt.eu.org/documents/D.SPA.20.pdf