Ed25519
openssh ed2215 私鑰格式
我生成了一個 ed2215 私鑰,如下所示:
$ ssh-keygen -o -a 100 -t ed25519 -f id_ed25519它看起來像
-----BEGIN OPENSSH PRIVATE KEY----- ... -----END OPENSSH PRIVATE KEY-----
...截斷的數據在哪裡。雖然感覺像 base64,但我看到每條截斷的行最多有 64 個字元,而正常的 base64 編碼不具備這種特性。
私鑰的格式(或編碼)是什麼?(如果我有字節數組中的私鑰,在我將它寫入與openssh輸出一致的文件之前,我需要應用哪種轉換)
雖然感覺像 base64,但我看到每條截斷的行最多有 64 個字元
它是 base64 編碼的。刪除
-----BEGIN OPENSSH PRIVATE KEY-----and-----END OPENSSH PRIVATE KEY-----和新行 ("\n"),然後您可以按照 https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.key?annotate=HEAD進行解析。引用該文件:This document describes the private key format for OpenSSH. 1. Overall format The key consists of a header, a list of public keys, and an encrypted list of matching private keys. #define AUTH_MAGIC "openssh-key-v1" byte[] AUTH_MAGIC string ciphername string kdfname string kdfoptions int number of keys N string publickey1 string publickey2 ... string publickeyN string encrypted, padded list of private keys 2. KDF options for kdfname "bcrypt" The options: string salt uint32 rounds are concatenated and represented as a string. 3. Unencrypted list of N private keys The list of privatekey/comment pairs is padded with the bytes 1, 2, 3, ... until the total length is a multiple of the cipher block size. uint32 checkint uint32 checkint string privatekey1 string comment1 string privatekey2 string comment2 ... string privatekeyN string commentN char 1 char 2 char 3 ... char padlen % 255 Before the key is encrypted, a random integer is assigned to both checkint fields so successful decryption can be quickly checked by verifying that both checkint fields hold the same value. 4. Encryption The KDF is used to derive a key, IV (and other values required by the cipher) from the passphrase. These values are then used to encrypt the unencrypted list of private keys. 5. No encryption For unencrypted keys the cipher "none" and the KDF "none" are used with empty passphrases. The options if the KDF "none" are the empty string.