From e37a8871d9802675bfbd7ce547eaccfb90099085 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Tue, 19 Apr 2011 23:49:39 -0400
Subject: [PATCH] added simple OpenSSH Keytrans function with test case

---
 Crypt/Monkeysphere/Keytrans.pm           | 49 ++++++++++++++++++++++++
 unit-tests/40.keytrans/01.openssh_pack.t | 21 ++++++++++
 2 files changed, 70 insertions(+)
 create mode 100644 Crypt/Monkeysphere/Keytrans.pm
 create mode 100644 unit-tests/40.keytrans/01.openssh_pack.t

diff --git a/Crypt/Monkeysphere/Keytrans.pm b/Crypt/Monkeysphere/Keytrans.pm
new file mode 100644
index 0000000..d89d2a5
--- /dev/null
+++ b/Crypt/Monkeysphere/Keytrans.pm
@@ -0,0 +1,49 @@
+package Crypt::Monkeysphere::Keytrans;
+
+use strict;
+use warnings;
+use Math::BigInt;
+
+use Exporter qw(import);
+our @EXPORT_OK=qw(openssh_rsa_pubkey_pack);
+
+
+# takes a Math::BigInt and returns it properly packed for openssh output.
+
+sub openssh_mpi_pack {
+  my $num = shift;
+
+  my $val = $num->as_hex();
+  $val =~ s/^0x//;
+  # ensure we've got an even multiple of 2 nybbles here.
+  $val = '0'.$val
+    if (length($val) % 2);
+  $val = pack('H*', $val);
+  # packed binary ones-complement representation of the value.
+
+  my $mpilen = length($val);
+
+  my $ret = pack('N', $mpilen);
+
+  # if the first bit of the leading byte is high, we should include a
+  # 0 byte:
+  if (ord($val) & 0x80) {
+    $ret = pack('NC', $mpilen+1, 0);
+  }
+
+  return $ret.$val;
+}
+
+# this output is not base64-encoded yet.  Pass it through
+# encode_base64($output, '') if you want to make a file.
+
+sub openssh_rsa_pubkey_pack {
+  my ($modulus, $exponent) = @_;
+
+  return openssh_mpi_pack(Math::BigInt->new('0x'.unpack('H*', "ssh-rsa"))).
+      openssh_mpi_pack($exponent).
+	openssh_mpi_pack($modulus);
+}
+
+
+1;
diff --git a/unit-tests/40.keytrans/01.openssh_pack.t b/unit-tests/40.keytrans/01.openssh_pack.t
new file mode 100644
index 0000000..01eef0c
--- /dev/null
+++ b/unit-tests/40.keytrans/01.openssh_pack.t
@@ -0,0 +1,21 @@
+# -*- perl -*-
+use Test::More;
+
+use strict;
+use warnings;
+
+use Crypt::Monkeysphere::Keytrans qw(openssh_rsa_pubkey_pack);
+use MIME::Base64;
+use File::Temp qw(tempdir);
+
+plan tests =>1;
+
+# this is dkg's ssh pubkey:
+my $exp = Math::BigInt->new('0x10001');
+my $mod = Math::BigInt->new('0xBC358E82F23E5660301E5DBB370B42FD3EBAFE700B8E82F928798C0BA55DE5F96B984C2EA6D0BA67699E7777DA3FAF9CEA29A2030B81761603F8714E76AA2905A8DA2BAAFB19DEC147032E57585B6F4B3B1A4531942A1B3E635E1328AA50D98FA8CA7B2E64537CC26E0DE94F197A97854FE7C3B4F04F4FD96BCE8A311B2767CB0DB6E3A2D1871EE3B6B6309C0322EFCF9D3D30533575509B9A071C0C03A4B9C480D7B7E628BBF2A6714A54B5AA77F05CA7CDADD45A7C2C070DEB51F15122660B15919D7919A299E38D6BBD762C2E4BB306A0B506C7917DA3C0619E6116ADE290FDB35BA24D279212F24F097D1F70326B9207C27E536A29FEAA022504371CC01B');
+my $sshpubkey = 'AAAAB3NzaC1yc2EAAAADAQABAAABAQC8NY6C8j5WYDAeXbs3C0L9Prr+cAuOgvkoeYwLpV3l+WuYTC6m0LpnaZ53d9o/r5zqKaIDC4F2FgP4cU52qikFqNorqvsZ3sFHAy5XWFtvSzsaRTGUKhs+Y14TKKpQ2Y+oynsuZFN8wm4N6U8ZepeFT+fDtPBPT9lrzooxGydnyw2246LRhx7jtrYwnAMi78+dPTBTNXVQm5oHHAwDpLnEgNe35ii78qZxSlS1qnfwXKfNrdRafCwHDetR8VEiZgsVkZ15GaKZ441rvXYsLkuzBqC1BseRfaPAYZ5hFq3ikP2zW6JNJ5IS8k8JfR9wMmuSB8J+U2op/qoCJQQ3HMAb';
+
+my $out = encode_base64(openssh_rsa_pubkey_pack($mod, $exp), '');
+
+is($out, $sshpubkey);
+
-- 
2.26.2