From 84838ce0c668d2576ef63766d4b6834b1d60f1b7 Mon Sep 17 00:00:00 2001 From: brent saner Date: Tue, 2 Sep 2025 00:23:38 -0400 Subject: [PATCH] clean up the CRT notes --- .githooks/pre-commit/01-keymanual | 1 + _ref/KEY_GUIDE.html | 11 +++++++++-- _ref/rsa/private/v1/plain.adoc | 7 ++++++- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/.githooks/pre-commit/01-keymanual b/.githooks/pre-commit/01-keymanual index 15269dd..a216dd4 100755 --- a/.githooks/pre-commit/01-keymanual +++ b/.githooks/pre-commit/01-keymanual @@ -6,3 +6,4 @@ set -e cd "${PWD}/_ref" asciidoctor -o ./KEY_GUIDE.html ./KEY_GUIDE.adoc git add KEY_GUIDE.html +echo "Generated KEY_GUIDE.html" diff --git a/_ref/KEY_GUIDE.html b/_ref/KEY_GUIDE.html index e2d5a6d..028dc00 100644 --- a/_ref/KEY_GUIDE.html +++ b/_ref/KEY_GUIDE.html @@ -635,7 +635,7 @@ pre.rouge .gs {

OpenSSH Key Structure Guide

brent saner <bts@square-r00t.net>, https://r00t2.io
-Last updated 2025-09-01 23:58:24 -0400 +Last updated 2025-09-02 00:23:41 -0400
Table of Contents
@@ -1264,7 +1264,7 @@ ftSfkGNUzTzPFbF5iEukTvKm42a7F/I/ExMVgpN/eQxJ7+m5TOgja0KC1h5fCN4L 4.0.1.5 uint32 allocator for 4.0.1.5.0 (4 bytes) 4.0.1.5.0 private exponent ('d') 4.0.1.6 uint32 allocator for 4.0.1.6.0 (4 bytes) - 4.0.1.6.0 CRT (Chinese Remainder Theorem) helper value ('q^(-1) % p') + 4.0.1.6.0 CRT 4.0.1.7 uint32 allocator for 4.0.1.7.0 (4 bytes) 4.0.1.7.0 prime #1 ('p') 4.0.1.8 uint32 allocator for 4.0.1.8.0 (4 bytes) @@ -1289,9 +1289,16 @@ ftSfkGNUzTzPFbF5iEukTvKm42a7F/I/ExMVgpN/eQxJ7+m5TOgja0KC1h5fCN4L

Chunk 4.0: This is technically currently unused; upstream hardcodes to 1 (left zero-padded 0x01).

+

Chunk 4.0.0.1.0, 4.0.1.4.0: This is almost always 65537 for a couple reasons. It’s the "Fermat Prime" F4.

+
+

Chunk 4.0.0.1.0, 4.0.0.2.0, 4.0.1.3.0, 4.0.1.4.0: Note that the ordering of e/n in 4.0.0 is changed to n/e in 4.0.1.

+

Chunk 4.0.1.6.0: The CRT coefficient, or Chinese Remainder Theorem, is a helper used during decryption and signing. It’s commonly referred to as qnlv or inverse coefficient. +The value for this chunk is the result of q^(-1) % p.

+
+

Chunk 4.0.1.10: The padding used aligns the private key (4.0.1.0 to 4.0.1.9.0) to the cipher blocksize. For plaintext keys, a blocksize of 8 is used.

diff --git a/_ref/rsa/private/v1/plain.adoc b/_ref/rsa/private/v1/plain.adoc index f668d76..6b524e7 100644 --- a/_ref/rsa/private/v1/plain.adoc +++ b/_ref/rsa/private/v1/plain.adoc @@ -43,7 +43,7 @@ Since plaintext/unencrypted keys do not have a cipher or KDF (as there's no encr 4.0.1.5 uint32 allocator for 4.0.1.5.0 (4 bytes) 4.0.1.5.0 private exponent ('d') 4.0.1.6 uint32 allocator for 4.0.1.6.0 (4 bytes) - 4.0.1.6.0 CRT (Chinese Remainder Theorem) helper value ('q^(-1) % p') + 4.0.1.6.0 CRT 4.0.1.7 uint32 allocator for 4.0.1.7.0 (4 bytes) 4.0.1.7.0 prime #1 ('p') 4.0.1.8 uint32 allocator for 4.0.1.8.0 (4 bytes) @@ -59,8 +59,13 @@ Since plaintext/unencrypted keys do not have a cipher or KDF (as there's no encr *Chunk 4.0:* This is technically currently unused; upstream hardcodes to 1 (left zero-padded 0x01). +*Chunk 4.0.0.1.0, 4.0.1.4.0:* This is almost always `65537` for a couple reasons. It's the https://en.wikipedia.org/wiki/Fermat_number["Fermat Prime"^] __F~4~__. + *Chunk 4.0.0.1.0, 4.0.0.2.0, 4.0.1.3.0, 4.0.1.4.0:* Note that the ordering of `e`/`n` in *4.0.0* is changed to `n`/`e` in *4.0.1*. +*Chunk 4.0.1.6.0:* The CRT coefficient, or https://en.wikipedia.org/wiki/Chinese_remainder_theorem[Chinese Remainder Theorem^], is a helper used during decryption and signing. It's commonly referred to as `qnlv` or _inverse coefficient_. +The value for this chunk is the result of `q^(-1) % p`. + *Chunk 4.0.1.10:* The padding used aligns the private key (*4.0.1.0* to *4.0.1.9.0*) to the cipher blocksize. For plaintext keys, a blocksize of 8 is used. ====