Jira Dsa | @sskaje

By @sskaje
Link: https://sskaje.me/2014/05/dsa/

I was looking into Jira’s licensing and chose to patch + keygen jars.

I extracted the public key from class file, base64 decoded and then printed details using openssl:

$ openssl dsa -inform DER -in pub.dsa.DER -pubin -text
read DSA key
pub:
    00:8b:df:c1:e6:6f:98:6a:39:a2:dc:1a:c0:8d:e7:
    a3:b5:1d:6a:7c:5a:97:78:57:da:16:b0:f7:ad:8a:
    2f:f9:c7:42:b9:c2:e0:51:b6:3e:f5:05:7f:7e:0e:
    79:c4:8a:d4:ab:47:0c:f4:28:49:0f:83:1e:b7:dd:
    7f:ab:ca:50:9a:61:c3:42:a7:de:05:e6:e0:b4:bc:
    54:af:cb:ad:8e:e8:9f:fc:21:da:25:28:6d:2d:97:
    96:1b:88:a8:47:39:98:b0:14:bb:d1:dd:fb:5a:b1:
    b1:09:10:e7:47:74:97:32:ab:9c:3a:8f:b0:cd:16:
    03:d8:6d:91:d2:49:c3:69:d2
P:
    00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:
    e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:
    51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:
    c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:
    6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:
    10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:
    c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:
    54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:
    f2:22:03:19:9d:d1:48:01:c7
Q:
    00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:
    84:0b:f0:58:1c:f5
G:
    00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:
    57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:
    07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:
    81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:
    32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:
    ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:
    f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:
    a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:
    25:64:01:4c:3b:fe:cf:49:2a
writing DSA key
-----BEGIN PUBLIC KEY-----
MIIBuDCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9E
AMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f
6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv
8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtc
NrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwky
jMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/h
WuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBAIvfweZvmGo5otwawI3no7Udanxa
l3hX2haw962KL/nHQrnC4FG2PvUFf34OecSK1KtHDPQoSQ+DHrfdf6vKUJphw0Kn
3gXm4LS8VK/LrY7on/wh2iUobS2XlhuIqEc5mLAUu9Hd+1qxsQkQ50d0lzKrnDqP
sM0WA9htkdJJw2nS
-----END PUBLIC KEY-----

$ openssl dsa -inform DER -in pub.dsa.DER -pubin -text

read DSA key

pub:

00:8b:df:c1:e6:6f:98:6a:39:a2:dc:1a:c0:8d:e7:

a3:b5:1d:6a:7c:5a:97:78:57:da:16:b0:f7:ad:8a:

2f:f9:c7:42:b9:c2:e0:51:b6:3e:f5:05:7f:7e:0e:

79:c4:8a:d4:ab:47:0c:f4:28:49:0f:83:1e:b7:dd:

7f:ab:ca:50:9a:61:c3:42:a7:de:05:e6:e0:b4:bc:

54:af:cb:ad:8e:e8:9f:fc:21:da:25:28:6d:2d:97:

96:1b:88:a8:47:39:98:b0:14:bb:d1:dd:fb:5a:b1:

b1:09:10:e7:47:74:97:32:ab:9c:3a:8f:b0:cd:16:

03:d8:6d:91:d2:49:c3:69:d2

00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:

e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:

51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:

c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:

6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:

10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:

c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:

54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:

f2:22:03:19:9d:d1:48:01:c7

00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:

84:0b:f0:58:1c:f5

00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:

57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:

07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:

81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:

32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:

ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:

f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:

a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:

25:64:01:4c:3b:fe:cf:49:2a

writing DSA key

-----BEGIN PUBLIC KEY-----

MIIBuDCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9E

AMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f

6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv

8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtc

NrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwky

jMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/h

WuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBAIvfweZvmGo5otwawI3no7Udanxa

l3hX2haw962KL/nHQrnC4FG2PvUFf34OecSK1KtHDPQoSQ+DHrfdf6vKUJphw0Kn

3gXm4LS8VK/LrY7on/wh2iUobS2XlhuIqEc5mLAUu9Hd+1qxsQkQ50d0lzKrnDqP

sM0WA9htkdJJw2nS

-----END PUBLIC KEY-----

This is a (1024,160) L/N pair, key size 1024 bits and length of Q is 160.

from http://en.wikipedia.org/wiki/Digital_Signature_Algorithm I learnt:

Per-user keys
Given a set of parameters, the second phase computes private and public keys for a single user:

Choose x by some random method, where 0 < x < q. Calculate y = gx mod p. Public key is (p, q, g, y). Private key is x. There exist efficient algorithms for computing the modular exponentiations h(p–1)/q mod p and gx mod p, such as exponentiation by squaring.

y is the PUB above, x is what I want.

I googled some lines in the public key and found this http://www.herongyang.com/Cryptography/keytool-Export-Key-openssl-dsa-Command.html, keys in Jira and this blog shares a same P/G/Q.
As it’s said in that blog, his key pair is generated by ‘keytool’, which is a key and certificate management tool provided by Java http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html

So I made an experiment:

sskajetekiMacBook-Pro:keytool sskaje$ keytool -genkeypair -alias MyKeyPair -keyalg DSA -keysize 1024 -keystore MyKeyStore.ks
Enter keystore password:  
Re-enter new password: 
What is your first and last name?
  [Unknown]:  
What is the name of your organizational unit?
  [Unknown]:  
What is the name of your organization?
  [Unknown]:  
What is the name of your City or Locality?
  [Unknown]:  
What is the name of your State or Province?
  [Unknown]:  
What is the two-letter country code for this unit?
  [Unknown]:  
Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
  [no]:  yes

Enter key password for <MyKeyPair>
	(RETURN if same as keystore password):  
sskajetekiMacBook-Pro:keytool sskaje$ file MyKeyStore.ks 
MyKeyStore.ks: Java KeyStore
sskajetekiMacBook-Pro:keytool sskaje$ keytool -exportcert -keystore MyKeyStore.ks -alias MyKeyPair | openssl x509 -inform der -text
Enter keystore password:  123123
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1399600700 (0x536c363c)
    Signature Algorithm: dsaWithSHA1
        Issuer: C=Unknown, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=Unknown
        Validity
            Not Before: May  9 01:58:20 2014 GMT
            Not After : Aug  7 01:58:20 2014 GMT
        Subject: C=Unknown, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=Unknown
        Subject Public Key Info:
            Public Key Algorithm: dsaEncryption
                pub: 
                    00:a9:f9:cd:a2:09:2b:34:7e:87:bf:e9:cd:9b:c0:
                    ae:8d:67:c0:0f:c9:98:0e:0f:b6:53:53:02:d2:ae:
                    1a:c0:68:0f:23:bf:12:63:cb:55:77:f2:06:41:fc:
                    c7:4c:f8:80:d1:11:9e:31:4b:58:84:a4:90:10:8f:
                    3a:c8:51:ff:79:3c:f9:d7:d9:d8:d0:1a:2b:83:cd:
                    e8:aa:a2:61:2f:55:d2:b3:88:6a:29:4e:92:7a:d1:
                    13:87:9b:e9:c1:66:3d:ef:4a:a6:25:94:c1:b0:e6:
                    86:34:93:fd:ef:f4:a2:33:14:c3:f9:00:3d:b9:a9:
                    58:79:2a:46:04:ee:4d:77:c1
                P:   
                    00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:
                    e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:
                    51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:
                    c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:
                    6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:
                    10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:
                    c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:
                    54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:
                    f2:22:03:19:9d:d1:48:01:c7
                Q:   
                    00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:
                    84:0b:f0:58:1c:f5
                G:   
                    00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:
                    57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:
                    07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:
                    81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:
                    32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:
                    ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:
                    f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:
                    a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:
                    25:64:01:4c:3b:fe:cf:49:2a
    Signature Algorithm: dsaWithSHA1
         r:   
             00:92:ab:4a:15:1c:16:c9:9a:cf:b9:03:a1:30:2e:
             1f:b3:8d:0c:46:14
         s:   
             4b:23:27:41:16:88:7d:fd:04:83:a4:a7:81:fa:65:
             cc:7d:67:62:62
-----BEGIN CERTIFICATE-----
MIIDEzCCAtCgAwIBAgIEU2w2PDALBgcqhkjOOAQDBQAwbDEQMA4GA1UEBhMHVW5r
bm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UE
ChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjAe
Fw0xNDA1MDkwMTU4MjBaFw0xNDA4MDcwMTU4MjBaMGwxEDAOBgNVBAYTB1Vua25v
d24xEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xEDAOBgNVBAoT
B1Vua25vd24xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggG4
MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/
gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQ
IsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZ
ndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5
eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbh
PBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8G
kotmXoB7VSVkAUw7/s9JKgOBhQACgYEAqfnNogkrNH6Hv+nNm8CujWfAD8mYDg+2
U1MC0q4awGgPI78SY8tVd/IGQfzHTPiA0RGeMUtYhKSQEI86yFH/eTz519nY0Bor
g83oqqJhL1XSs4hqKU6SetETh5vpwWY970qmJZTBsOaGNJP97/SiMxTD+QA9ualY
eSpGBO5Nd8EwCwYHKoZIzjgEAwUAAzAAMC0CFQCSq0oVHBbJms+5A6EwLh+zjQxG
FAIUSyMnQRaIff0Eg6SngfplzH1nYmI=
-----END CERTIFICATE-----

sskajetekiMacBook-Pro:keytool sskaje$ keytool -genkeypair -alias MyKeyPair -keyalg DSA -keysize 1024 -keystore MyKeyStore.ks

Enter keystore password:

Re-enter new password:

What is your first and last name?

[Unknown]:

What is the name of your organizational unit?

[Unknown]:

What is the name of your organization?

[Unknown]:

What is the name of your City or Locality?

[Unknown]:

What is the name of your State or Province?

[Unknown]:

What is the two-letter country code for this unit?

[Unknown]:

Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?

[no]: yes

Enter key password for <MyKeyPair>

(RETURN if same as keystore password):

sskajetekiMacBook-Pro:keytool sskaje$ file MyKeyStore.ks

MyKeyStore.ks: Java KeyStore

sskajetekiMacBook-Pro:keytool sskaje$ keytool -exportcert -keystore MyKeyStore.ks -alias MyKeyPair | openssl x509 -inform der -text

Enter keystore password: 123123

Certificate:

Data:

Version: 3 (0x2)

Serial Number: 1399600700 (0x536c363c)

Signature Algorithm: dsaWithSHA1

Issuer: C=Unknown, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=Unknown

Validity

Not Before: May 9 01:58:20 2014 GMT

Not After : Aug 7 01:58:20 2014 GMT

Subject: C=Unknown, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=Unknown

Subject Public Key Info:

Public Key Algorithm: dsaEncryption

pub:

00:a9:f9:cd:a2:09:2b:34:7e:87:bf:e9:cd:9b:c0:

ae:8d:67:c0:0f:c9:98:0e:0f:b6:53:53:02:d2:ae:

1a:c0:68:0f:23:bf:12:63:cb:55:77:f2:06:41:fc:

c7:4c:f8:80:d1:11:9e:31:4b:58:84:a4:90:10:8f:

3a:c8:51:ff:79:3c:f9:d7:d9:d8:d0:1a:2b:83:cd:

e8:aa:a2:61:2f:55:d2:b3:88:6a:29:4e:92:7a:d1:

13:87:9b:e9:c1:66:3d:ef:4a:a6:25:94:c1:b0:e6:

86:34:93:fd:ef:f4:a2:33:14:c3:f9:00:3d:b9:a9:

58:79:2a:46:04:ee:4d:77:c1

00:fd:7f:53:81:1d:75:12:29:52:df:4a:9c:2e:ec:

e4:e7:f6:11:b7:52:3c:ef:44:00:c3:1e:3f:80:b6:

51:26:69:45:5d:40:22:51:fb:59:3d:8d:58:fa:bf:

c5:f5:ba:30:f6:cb:9b:55:6c:d7:81:3b:80:1d:34:

6f:f2:66:60:b7:6b:99:50:a5:a4:9f:9f:e8:04:7b:

10:22:c2:4f:bb:a9:d7:fe:b7:c6:1b:f8:3b:57:e7:

c6:a8:a6:15:0f:04:fb:83:f6:d3:c5:1e:c3:02:35:

54:13:5a:16:91:32:f6:75:f3:ae:2b:61:d7:2a:ef:

f2:22:03:19:9d:d1:48:01:c7

00:97:60:50:8f:15:23:0b:cc:b2:92:b9:82:a2:eb:

84:0b:f0:58:1c:f5

00:f7:e1:a0:85:d6:9b:3d:de:cb:bc:ab:5c:36:b8:

57:b9:79:94:af:bb:fa:3a:ea:82:f9:57:4c:0b:3d:

07:82:67:51:59:57:8e:ba:d4:59:4f:e6:71:07:10:

81:80:b4:49:16:71:23:e8:4c:28:16:13:b7:cf:09:

32:8c:c8:a6:e1:3c:16:7a:8b:54:7c:8d:28:e0:a3:

ae:1e:2b:b3:a6:75:91:6e:a3:7f:0b:fa:21:35:62:

f1:fb:62:7a:01:24:3b:cc:a4:f1:be:a8:51:90:89:

a8:83:df:e1:5a:e5:9f:06:92:8b:66:5e:80:7b:55:

25:64:01:4c:3b:fe:cf:49:2a

Signature Algorithm: dsaWithSHA1

00:92:ab:4a:15:1c:16:c9:9a:cf:b9:03:a1:30:2e:

1f:b3:8d:0c:46:14

4b:23:27:41:16:88:7d:fd:04:83:a4:a7:81:fa:65:

cc:7d:67:62:62

-----BEGIN CERTIFICATE-----

MIIDEzCCAtCgAwIBAgIEU2w2PDALBgcqhkjOOAQDBQAwbDEQMA4GA1UEBhMHVW5r

bm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UE

ChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjAe

Fw0xNDA1MDkwMTU4MjBaFw0xNDA4MDcwMTU4MjBaMGwxEDAOBgNVBAYTB1Vua25v

d24xEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xEDAOBgNVBAoT

B1Vua25vd24xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggG4

MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/

gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQ

IsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZ

ndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5

eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbh

PBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8G

kotmXoB7VSVkAUw7/s9JKgOBhQACgYEAqfnNogkrNH6Hv+nNm8CujWfAD8mYDg+2

U1MC0q4awGgPI78SY8tVd/IGQfzHTPiA0RGeMUtYhKSQEI86yFH/eTz519nY0Bor

g83oqqJhL1XSs4hqKU6SetETh5vpwWY970qmJZTBsOaGNJP97/SiMxTD+QA9ualY

eSpGBO5Nd8EwCwYHKoZIzjgEAwUAAzAAMC0CFQCSq0oVHBbJms+5A6EwLh+zjQxG

FAIUSyMnQRaIff0Eg6SngfplzH1nYmI=

-----END CERTIFICATE-----

A new key with the same P/G/Q.

http://www.ecrypt.eu.org/documents/D.SPA.20.pdf

Few on DSA by @sskaje: https://sskaje.me/2014/05/dsa/

Tag: jira dsa

Few on DSA

Incoming search terms: