diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2021-05-07 02:29:40 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2021-05-07 12:36:18 +1000 |
| commit | 24fee8973abdf1c521cd2c0047d89e86d9c3fc38 (patch) | |
| tree | 575e54bdfdd393cd0ab8837e9a6c4c4801b788d0 | |
| parent | f43859159cc62396ad5d080f0b1f2635a67dac02 (diff) | |
| download | openssh-git-24fee8973abdf1c521cd2c0047d89e86d9c3fc38.tar.gz | |
upstream: correct mistake in spec - the private key blobs are encoded
verbatim and not as strings (i.e. no 4-byte length header)
OpenBSD-Commit-ID: 3606b5d443d72118c5b76c4af6dd87a5d5a4f837
| -rw-r--r-- | PROTOCOL.key | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/PROTOCOL.key b/PROTOCOL.key index 959bd7ae..38df268b 100644 --- a/PROTOCOL.key +++ b/PROTOCOL.key @@ -35,9 +35,9 @@ of the cipher block size. uint32 checkint uint32 checkint - string privatekey1 + byte[] privatekey1 string comment1 - string privatekey2 + byte[] privatekey2 string comment2 ... string privatekeyN @@ -48,6 +48,9 @@ of the cipher block size. ... char padlen % 255 +where each private key is encoded using the same rules as used for +SSH agent. + Before the key is encrypted, a random integer is assigned to both checkint fields so successful decryption can be quickly checked by verifying that both checkint fields @@ -65,4 +68,4 @@ For unencrypted keys the cipher "none" and the KDF "none" are used with empty passphrases. The options if the KDF "none" are the empty string. -$OpenBSD: PROTOCOL.key,v 1.1 2013/12/06 13:34:54 markus Exp $ +$OpenBSD: PROTOCOL.key,v 1.2 2021/05/07 02:29:40 djm Exp $ |