r00t2/go_sshkeys
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
2b6be62d56
go_sshkeys/_ref/ed25519/private/v1/plain.adoc
brent s 2b6be62d56
ed25519, rsa ref done
2022-03-07 02:34:27 -05:00

99 lines
4.0 KiB
Plaintext
Raw Blame History

===== v1 (Plain)
[TIP]
====
Since plaintext/unencrypted keys do not have a cipher or KDF (as there's no encryption key or algorithm used), they use the string "none" to identify these (and entirely leave out the KDF options).
====
[id=struct_ed25519_plain]
====== Structure
[source,text,linenums]
----
0.0 "openssh-key-v1" string plus terminating nullbyte (15 bytes)
1.0 uint32 allocator for 1.0.0 (4 bytes)
1.0.0 cipher name string (ASCII bytes)
2.0 uint32 allocator for 2.0.0 (4 bytes)
2.0.0 KDF name string (ASCII bytes)
3.0 uint32 allocator for KDF options (3.0.0 to 3.0.1) (4 bytes) (ALWAYS 0 for unencrypted keys, so no following substructure)
4.0 uint32 counter for # of keys (4 bytes)
4.0.0 uint32 allocator for public key #n (4.0.0.0 to 4.0.0.1) (4 bytes)
4.0.0.0 uint32 allocator for 4.0.0.0.0 (4 bytes)
4.0.0.0.0 public key #n keytype string (ASCII bytes)
4.0.0.1 uint32 allocator for 4.0.0.1.0 (4 bytes)
4.0.0.1.0 public key #n payload (bytes)
4.0.1 uint32 allocator for private key structure #n (4.0.1.0 to 4.0.1.5) (4 bytes)
4.0.1.0 uint32 decryption "checksum" #1 (should match 4.0.1.1) (4 bytes)
4.0.1.1 uint32 decryption "checksum" #2 (should match 4.0.1.0) (4 bytes)
4.0.1.2 Copy of 4.0.0.0; allocator for 4.0.1.2.0 (4 bytes)
4.0.1.2.0 Copy of 4.0.0.0.0 (ASCII bytes)
4.0.1.3 Copy of 4.0.0.1; allocator for 4.0.1.3.0 (4 bytes)
4.0.1.3.0 Copy of 4.0.0.1.0 (bytes)
4.0.1.4 uint32 allocator for 4.0.1.4.0 (4 bytes)
4.0.1.4.0 Private key #n (bytes)
4.0.1.5 uint32 allocator for 4.0.1.5.0 (4 bytes)
4.0.1.5.0 comment for key #n string (ASCII bytes)
4.0.1.6 sequential padding
----
[NOTE]
====
*Chunk 3.0.0 to 3.0.1:* These blocks are not present in unencrypted keys (see the <<struct_ed25519_crypt, encrypted key structure>> for what these look like). *3.0* reflects this, as it's always going to be `00000000` (0).
*Chunk 4.0:* This is technically currently unused; upstream hardcodes to 1 (left zero-padded `0x01`).
*Chunk 4.0.1.4.0:* This is a 64-byte block for ED25519, but the second half of the private key (`[32:]`) is always the same as the public key.
*Chunk 4.0.1.6:* The padding used aligns the private key (*4.0.1.0* to *4.0.1.5.0*) to the cipher blocksize. For plaintext keys, a blocksize of 8 is used.
====
[id=bytes_ed25519_plain]
====== Example
.`id_ed25519` Format
[source,text,linenums]
----
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACBEOIvJc2hN1mhXExEiv/ISyYO7prFixOl80R9zw52XsAAAAJjPbUqwz21K
sAAAAAtzc2gtZWQyNTUxOQAAACBEOIvJc2hN1mhXExEiv/ISyYO7prFixOl80R9zw52XsA
AAAEBqSF+KwoLTOqI6+TnpcaZY4ckcamLrBF8CvtJbNZflJ0Q4i8lzaE3WaFcTESK/8hLJ
g7umsWLE6XzRH3PDnZewAAAAElRoaXMgaXMgYSB0ZXN0IGtleQECAw==
-----END OPENSSH PRIVATE KEY-----
----
.Structure Reference (Hex) (Decoded Base64)
[source,text,linenums]
----
0.0 6f70656e7373682d6b65792d763100 ("openssh-key-v1" + 0x00)
1.0 00000004 (4)
1.0.0 6e6f6e65 ("none")
2.0 00000004
2.0.0 6e6f6e65 ("none")
3.0 00000000 (0)
4.0 00000001 (1)
4.0.0 00000033 (51)
4.0.0.0 0000000b (11)
4.0.0.0.0 7373682d65643235353139 ("ssh-ed25519")
4.0.0.1 00000020 (32)
4.0.0.1.0 44388bc973684dd66857131122bff212
c983bba6b162c4e97cd11f73c39d97b0 (bytes)
4.0.1 00000098 (141)
4.0.1.0 cf6d4ab0 (3480046256)
4.0.1.1 cf6d4ab0 (3480046256)
4.0.1.2 0000000b (11)
4.0.1.2.0 7373682d65643235353139 ("ssh-ed25519")
4.0.1.3 00000020 (32)
4.0.1.3.0 44388bc973684dd66857131122bff212
c983bba6b162c4e97cd11f73c39d97b0 (bytes)
4.0.1.4 00000040 (64)
4.0.1.4.0 6a485f8ac282d33aa23af939e971a658
e1c91c6a62eb045f02bed25b3597e527
44388bc973684dd66857131122bff212
c983bba6b162c4e97cd11f73c39d97b0 (bytes)
4.0.1.5 00000012 (18)
4.0.1.5.0 5468697320697320612074657374206b6579 ("This is a test key")
4.0.1.6 010203 ([1 2 3], 3 bytes)
----
Reference in New Issue View Git Blame Copy Permalink