package sshkeys import ( "bytes" "crypto/cipher" ) // EncryptedSSHKeyV1 represents an encrypted private key. type EncryptedSSHKeyV1 struct { SSHKeyV1 CipherName string Crypt SSHCrypt KDFOpts SSHKDFOpts Passphrase []byte } // SSHEncryptionKey contains the PublicKey and PrivateKey bytes (as derived by KDF, different from the actual SSH keypair), // the Cipher, and the stream. type SSHCrypt struct { Stream cipher.Stream Cipher cipher.Block CryptSalt []byte PrivateKey []byte CryptKey []byte } // SSHKDFOpts contains a set of KDF options. type SSHKDFOpts struct { Salt []byte // Also referred to as IV (initialization vector). (https://en.wikipedia.org/wiki/Initialization_vector) Rounds uint32 // Also referred to as work factor. } // SSHKeyV1 represents an unencrypted private key. // We don't bother with the legacy (pre v1) keys. Sorry not sorry. // Patch your shit. type SSHKeyV1 struct { Magic string DefKeyType string KDFName string KeySize uint32 BlockSize uint32 Keys []SSHPrivKey // 1 by default. Buffer bytes.Buffer } // SSHPubKey contains the Public key of an SSH Keypair. type SSHPubKey struct { KeyType string Key interface{} } // SSHPrivKey contains the Private key of an SSH Keypair. type SSHPrivKey struct { PublicKey *SSHPubKey BitSize uint32 Key interface{} // ED25519 keys are actually "sk + pk", where sk is the secret key and pk is the pubkey. // We store that here. KeyAlt []byte Checksum []byte Comment string }