update format spec, working on better structs
This commit is contained in:
parent
6e032d8969
commit
ff9fbdab69
@ -5,8 +5,18 @@ const (
|
|||||||
KeyV1Magic string = "openssh-key-v1"
|
KeyV1Magic string = "openssh-key-v1"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Key cipher names.
|
// Cipher names. I believe only AES256-CTR is supported upstream currently.
|
||||||
const (
|
const (
|
||||||
CipherED25519 = iota
|
CIPHER_AES256_CTR = "aes256-ctr"
|
||||||
CipherRSA = iota
|
)
|
||||||
|
|
||||||
|
// Key types.
|
||||||
|
const (
|
||||||
|
KEY_ED25519 string = "ssh-ed25519"
|
||||||
|
KEY_RSA string = "ssh-rsa"
|
||||||
|
)
|
||||||
|
|
||||||
|
// KDF names. I believe only bcrypt is supported upstream currently.
|
||||||
|
const (
|
||||||
|
KDF_BCRYPT string = "bcrypt"
|
||||||
)
|
)
|
||||||
|
@ -32,7 +32,7 @@ PRIVATE:
|
|||||||
4.0.1.5 Sequential padding to align private key to cipher blocksize (8 for unencrypted keys)[1].
|
4.0.1.5 Sequential padding to align private key to cipher blocksize (8 for unencrypted keys)[1].
|
||||||
|
|
||||||
|
|
||||||
[0] If it is an encrypted key, everything below 4.0.1 is AES256-CBC encrypted.
|
[0] If it is an encrypted key, everything below 4.0.1 is encrypted per 1.0.0, 2.0.0, and 3.0.0.
|
||||||
[1] Pad determined by: 8 - ((4.0.1.3 + 4.0.1.4) % 8) (??)
|
[1] Pad determined by: 8 - ((4.0.1.3 + 4.0.1.4) % 8) (??)
|
||||||
|
|
||||||
|
|
||||||
|
@ -3,19 +3,35 @@ package sshkeys
|
|||||||
// EncryptedSSHKeyV1 represents an encrypted private key.
|
// EncryptedSSHKeyV1 represents an encrypted private key.
|
||||||
type EncryptedSSHKeyV1 struct {
|
type EncryptedSSHKeyV1 struct {
|
||||||
SSHKeyV1
|
SSHKeyV1
|
||||||
Salt string
|
KDFOpts SSHKDFOpts
|
||||||
Rounds uint32
|
|
||||||
Passphrase string
|
Passphrase string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// SSHKDFOpts contains a set of KDF options.
|
||||||
|
type SSHKDFOpts struct {
|
||||||
|
Salt []byte // Also referred to as IV (initialization vector). (https://en.wikipedia.org/wiki/Initialization_vector)
|
||||||
|
Rounds uint32 // Also referred to as work factor.
|
||||||
|
}
|
||||||
|
|
||||||
// SSHKeyV1 represents an unencrypted private key.
|
// SSHKeyV1 represents an unencrypted private key.
|
||||||
// We don't bother with the legacy (pre v1) keys. Sorry not sorry.
|
// We don't bother with the legacy (pre v1) keys. Sorry not sorry.
|
||||||
// Patch your shit.
|
// Patch your shit.
|
||||||
type SSHKeyV1 struct {
|
type SSHKeyV1 struct {
|
||||||
CipherName string
|
Magic string
|
||||||
KDFName string
|
CipherName string
|
||||||
KDFOpts string
|
KDFName string
|
||||||
NumKeys uint32
|
KDFOpts SSHKDFOpts
|
||||||
Publickey string
|
PublicKeys []SSHPubKey
|
||||||
Privatekey string
|
PrivateKeys []SSHPrivKey
|
||||||
|
}
|
||||||
|
|
||||||
|
// SSHPubKey contains the Public key of an SSH Keypair.
|
||||||
|
type SSHPubKey struct {
|
||||||
|
KeyType string
|
||||||
|
PrivateKey *SSHPrivKey
|
||||||
|
}
|
||||||
|
|
||||||
|
// SSHPrivKey contains the Private key of an SSH Keypair.
|
||||||
|
type SSHPrivKey struct {
|
||||||
|
PublicKey *SSHPubKey
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user