[9fans] secretpem(1)

[9fans] secretpem(1)

[lucio]

It's undocumented and no sources seems to be available for it.  I was
hoping to learn something from it, so in my opinion it would be
preferable if somebody located the sources and added them to the
distribution.  If not, then it may make sense to drop secretpem from
the distribution.

++L

Re: [9fans] secretpem(1)

[Pietro Gagliardi]

I have a program grepman that searches the actual man pages rather
than just the index (which is what lookman does). It turned up
nothing. The First Edition manual, which Uriel hosts, also has
nothing. I can't seem to figure out what this does.

On Jun 3, 2008, at 3:49 AM, lucio@proxima.alt.za wrote:

> It's undocumented and no sources seems to be available for it.  I was
> hoping to learn something from it, so in my opinion it would be
> preferable if somebody located the sources and added them to the
> distribution.  If not, then it may make sense to drop secretpem from
> the distribution.
>
> ++L
>
>

Re: [9fans] secretpem(1)

[Russ Cox]

> I have a program grepman that searches the actual man pages rather
> than just the index (which is what lookman does). It turned up
> nothing. The First Edition manual, which Uriel hosts, also has
> nothing. I can't seem to figure out what this does.

cpu% auth/secretpem
usage: auth/secretpem key.pem > /mnt/factotum/ctl
cpu%

The mere mention of factotum should have told you that
it wasn't from the first edition, or even the third.
"man pem" will explain what PEM format is, and point
you at rsa(8).  At that point a reasonable guess is that
it converts RSA-format PEM keys (like you'd have if you
generated an SSH key on Unix) into factotum format.

Let's see.

unix=; ssh-keygen -b 1024 -f /tmp/a
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /tmp/a.
Your public key has been saved in /tmp/a.pub.
The key fingerprint is:
9e:2e:8f:7b:70:8c:e0:ea:17:c8:ae:68:e2:8b:2d:53 rsc@unix
unix=;

cpu% auth/secretpem /mnt/term/tmp/a
key proto=sshrsa size=1024 ek=23 ...
cpu%

Now that I know what it does, I have to admit
I don't see why it exists:

cpu% auth/pemdecode 'RSA PRIVATE KEY' /mnt/term/tmp/a |
	auth/asn12rsa |
	sed s/rsa/sshrsa/
key proto=sshrsa size=1024 ek=23 ...
cpu%

Perhaps it predates the more general pemdecode and asn12rsa.
That pipeline should answer the original poster (Lucio?)'s
question about its implementation.

Plan 9 from User Space has an asn12dsa as well.  See
http://swtch.com/plan9port/man/man1/rsa.html

Russ

Re: [9fans] secretpem(1)

[lucio]

> Perhaps it predates the more general pemdecode and asn12rsa.
> That pipeline should answer the original poster (Lucio?)'s
> question about its implementation.

That's my diagnosis, too.  I was looking for PEM implementations and
that one stood out as a very lonesome, abandoned item :-)

If no sources can be tracked down, then I guess it should simply be
dispensed with.

In passing, it will probably take me a lifetime, but I'm working on a
full PEM and S/MIME library/implementation/whatever.  What slows me
down even further than is my natural habit was looking at OpenSSL for
guidelines (a whole lot of DES alternatives that I can't find
elsewhere).  The stuff needs rototilling in a massive way.  Like, Eric
Young's (or is it Sun Microsystems's?) des(1) includes uu(en|de)code
code in the base program :-(

I guess it helps that occasionally I come across uuencoded data, but
it adds to the programming overheads.

++L

Re: [9fans] secretpem(1)

[geoff]

openssl is an attractive nuisance, in the legal sense.
it's best avoided as a source of code.