yeah, the private keys should be inserted as byte[] rather than string. I just fixed this in https://github.com/openssh/openssh-portable/commit/24fee8 On Wed, 5 May 2021, Tyson Whitehead wrote: > The PROTOCOL.key file says the list of N private keys in in the OpenSSH format > are stored like so > > uint32 checkint > uint32 checkint > string privatekey1 > string comment1 > string privatekey2 > string comment2 > ... > > I would then expect then that each privatekey should have the string wrapping > that proceeds them with a 32-bit count of the number of bytes in the private > key. > > When I do a dump of the file though it seems that each of the privatekeys are > just embedded at these points without the string wrapping. For example > > $ sed -n '2,9p' ~/.ssh/id_ecdsa_sk | base64 -d | xxd -g 1 > ... > 000000a0: 4e 95 00 00 00 04 73 73 68 3a 00 00 00 e0 ea 93 N.....ssh:...... > 000000b0: 0b 34 ea 93 0b 34 00 00 00 22 73 6b 2d 65 63 64 .4...4..."sk-ecd > 000000c0: 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 32 35 36 sa-sha2-nistp256 > 000000d0: 40 6f 70 65 6e 73 73 68 2e 63 6f 6d 00 00 00 08 @openssh.com.... > ... > > you can see the two ea 93 0b 34 checkints are followed by 00 00 00 22 which is > the immediate start of a "sk-ecdsa-sha2-nistp256@xxxxxxxxxxx" key without a > string wrapper (0x22 being the length of the > "sk-ecdsa-sha2-nistp256@xxxxxxxxxxx" identifier). > > As a point of comparison, the public keys declared earlier in the file are > actually string wrapped. Using the same example > > byte[] AUTH_MAGIC > string ciphername > string kdfname > string kdfoptions > int number of keys N > string publickey1 > string publickey2 > ... > > $ sed -n '2,9p' ~/.ssh/id_ecdsa_sk | base64 -d | xxd -g 1 > ... > 00000020: 00 00 00 00 00 00 01 00 00 00 7f 00 00 00 22 73 .............."s > 00000030: 6b 2d 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 k-ecdsa-sha2-nis > 00000040: 74 70 32 35 36 40 6f 70 65 6e 73 73 68 2e 63 6f tp256@xxxxxxxxxx > 00000050: 6d 00 00 00 08 6e 69 73 74 70 32 35 36 00 00 00 m....nistp256... > ... > > we see the number of keys 01 is followed by the length of the entire first key > 00 00 00 7f, which is then followed by the 00 00 00 22 that starts the > "sk-ecdsa-sha2-nistp256@xxxxxxxxxxx" key that is wrapped (again the size of > the key type identifier). > > Thanks! -Tyson > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
