[darcs-users] Re: openssl keys

Adam Megacz adam at megacz.com
Sun Mar 14 06:22:42 UTC 2004

David Roundy <droundy at abridgegame.org> writes:
>> One possibility would be to provide an option to use openssl to
>> sign using ssh keys -- this would make darcs a lot more attractive
>> to people who already use them.

> If you are willing to figure out the commands needed for signing and
> verifying using openssl, that would be great.

Okay, I figured them out.  If this meets with your approval, I think
it would be better for you to add the small amount of Haskell code
required to invoke these commands... I'm sure you know both darcs
internals and Haskell better than I do ;) It should be very
straightforward and simple; no more than 15 minutes of coding.

I'd like to recommend that the current patch-pushing commands be
renamed like this:

  darcs push      -- previously known as "darcs push --and-apply"
  darcs send      -- emails a signed patchset (previously "darcs push")

Anyways, under this scheme, 'darcs send --sign' would take an extra

  darcs send --sign {pgp,ssh-dsa,ssh-rsa}

If the argument is omitted it should probably default to pgp.  Future
signing algorithms might include X.509, PEM, etc.

If the user chooses ssh-{dsa|rsa}, the following commands should be
invoked to sign the patchset (I only give dsa here; for rsa just
change the 'd' to an 'r'):

  (while true; do echo; done) | \
  openssl req -new -key ~/.ssh/id_dsa -outform PEM -days 365 | \
  openssl x509 -req -extensions v3_ca -signkey ~/.ssh/id_dsa -outform PEM -days 365 2>/dev/null | \
  openssl x509 -outform PEM

This will generate a 'bogus' certificate from the user's ssh key.  The
output of this command needs to be saved in a temporary file (which
can be deleted after the next command) called $CERT.

Then pipe the patchset to this command:

  openssl smime -sign -signer $CERT -inkey .ssh/id_dsa -noattr -text

The output is a ready-to-send email.  See 'openssl smime -h' for info
on how to add additional headers (like to/from/subject).

To verify a patchset, first we extract the certificate from the
message by piping it to this command (and saving the output in $CERT):

  openssl smime -pk7out | openssl pkcs7 -print_certs

Then we extract the public key from the cert by piping $CERT to

  openssl x509 -pubkey | grep -B999 PUBLIC | grep -v PUBLIC.KEY | tr -d '\n'

The result will be a base64-encoded single-line string.  Search
through ~/.ssh/authorized_keys (or ~/.ssh/authorized_keys2) for a line
that contains this (very long) string.  If found, the public key is
trusted.  All that remains is to confirm that the message was signed
with the key it says it was signed with.  We do this by piping the
message to

  openssl smime -verify -CAfile $CERT -certfile $CERT

It will return exit code 0 upon successful verification and nonzero

It might be useful for 'darcs apply' to have an option to specify an
alternate 'trusted keys' file (in case you want people to be able to
send patches but not be able to log into the account used to apply

This would be a huge help for all those people out there who were
forced (by cvs's lameness) into setting up ssh keying for their repo.
Now those groups can adopt darcs without having to set up new keys.

  - a

More information about the darcs-users mailing list