#social 2017-09-13
2017-09-13 UTC
dmitriz, cdchapman, xmpp-social, KevinMarks, jankusanagi_ and lambda joined the channel
# 
lambda gargon: can you point me to the http signature implementation in mastodon?
dmitriz and cdchapman joined the channel
# cwebber moin moin
# cwebber I'm at the library
# cwebber I can listen in but can't talk
# cwebber :)
# cwebber disconnects :)
# xmpp-social [ajordan] sandro: same hahaha
# cwebber hm
# cwebber tries to figure out how to export/import PEM using libgcrypt...
# xmpp-social [ajordan] cwebber: oh god
# cwebber or, if all you have is libgcrypt and a base64 encoder, since I don't think they provide anything for it
# cwebber libgcrypt stores its keys in canonical sexps not PEM :P
# cwebber I thought I could just base64 decode the PEM and slot that in but I need to figure out the modulus-n vs the exponent and I don't know how to do that
# cwebber makes life so hard for themselves :P
# cwebber hey Gargron, I thought you were going to switch to using the versioned contexts?
# cwebber for as2
# cwebber peeking at http://dpaste.com/3AP9K4V
# dlongley cwebber: any reason why you need to use libgcrypt vs. something else?
# cwebber dlongley: well I found the code to parse the PEM data in the r6rs industria library... but it's really because I already have partial libgcrypt bindings for the guile-gcrypt library
# dlongley i see
# cwebber dlongley: because I make life hard for myself by using a language with very few libraries :P
# dlongley indeed :)
# dlongley after you base64 decode the PEM you'll have DER format ... which is an encoding for some ASN.1 structures ... for which there may be several options
# dlongley could have a PKCS#8 or a PKCS#1 structure, for example.
# cwebber dlongley: oh thanks, that's helpful
# dlongley PrivateKeyInfo vs. RSAPrivateKey
# dlongley you could peek at some code here if you wanted to get an idea for what to do: https://github.com/digitalbazaar/forge
# cwebber dlongley: wow helpful info, thanks :)
# dlongley sure
dmitriz joined the channel
# dlongley you'll either need to end up writing some generalized DER/BER and ASN.1 parsers ... or find some ... or do just do something really specific to the private key formats you want to support.
# cwebber dlongley: it looks like what I need to snarf is here https://github.com/weinholt/industria/blob/master/weinholt/crypto/rsa.sls#L133
# dlongley oh, yeah, if all you need is public key, that will be helpful
# dlongley oh, i see they have private key in there too
# dlongley note that it looks like that's only pkcs#1 ... and i searched for but did not find any pkcs#8 stuff
# dlongley doesn't mean it's not there
# cwebber ah
# dlongley but "SubjectPublicKeyInfo" is another format for public keys
# cwebber gnutls' guile library has pem parsing
# dlongley it's just a wrapper that includes algorithm details around an RSAPublicKey (for example)
# cwebber but then I may end up writing a transformer from their format to gcrypt's :P
# dlongley generally, when you see "-----PUBLIC KEY-----" <-- that's a SubjectPublicKeyInfo ...
# dlongley and if you see: "-----RSA PUBLIC KEY-----" <-- that's an RSAPublicKey
# cwebber dlongley: interesting :)
# dlongley you misspelled painful
# cwebber haha
# cwebber dlongley, grizzled veteran of the crypto yak-mines? ;)
# dlongley yes, i avoid those mines like the plague now, probably have yak-lung now... is that too many mixed metaphors?
# cwebber haha
# cwebber took a PEM-encoded arrow to the knee
# dlongley and i couldn't even tell what kind of poison was in it.
# cwebber lol
# dlongley anyway, good luck :)
# cwebber thanks dlongley :)
KevinMarks, tantek, quite, dmitriz, cdchapman and KevinMarks_ joined the channel
# cwebber dlongley: gosh. okay. After trying to deal with parsing various PEM type things for most of the day, you were right that I misspelled "painful" when I said "interesting"
# cwebber lessons learned: https://octodon.social/@cwebber/6484344
dmitriz, cdchapman, KevinMarks and KevinMarks_ joined the channel