go_sshkeys/_ref/rsa/private/v1/plain.adoc

14 KiB
Raw Permalink Blame History

v1 (Plain)
Tip

Since plaintext/unencrypted keys do not have a cipher or KDF (as theres no encryption key or algorithm used), they use the string "none" to identify these (and entirely leave out the KDF options).

Structure
0.0 "openssh-key-v1" string plus terminating nullbyte (15 bytes)
1.0 uint32 allocator for 1.0.0 (4 bytes)
    1.0.0 cipher name string (ASCII bytes)
2.0 uint32 allocator for 2.0.0 (4 bytes)
    2.0.0 KDF name string (ASCII bytes)
3.0 uint32 allocator for KDF options (3.0.0 to 3.0.1) (4 bytes) (ALWAYS 0 for unencrypted keys, so no following substructure)
4.0 uint32 counter for # of keys (4 bytes)
    4.0.0 uint32 allocator for public key #n (4.0.0.0 to 4.0.0.1) (4 bytes)
        4.0.0.0 uint32 allocator for 4.0.0.0.0 (4 bytes)
            4.0.0.0.0 public key #n keytype string (ASCII bytes)
        4.0.0.1 uint32 allocator for 4.0.0.1.0 (4 bytes)
            4.0.0.1.0 public exponent ('e')
        4.0.0.2 uint32 allocator for 4.0.0.2.0 (4 bytes)
            4.0.0.2.0 modulus ('n')
    4.0.1 uint32 allocator for private key structure #n (4.0.1.0 to 4.0.1.5) (4 bytes)
        4.0.1.0 uint32 decryption "checksum" #1 (should match 4.0.1.1) (4 bytes)
        4.0.1.1 uint32 decryption "checksum" #2 (should match 4.0.1.0) (4 bytes)
        4.0.1.2 copy of 4.0.0.0; allocator for 4.0.1.2.0 (4 bytes)
            4.0.1.2.0 copy of 4.0.0.0.0 (ASCII bytes)
        4.0.1.3 copy of 4.0.0.2; allocator for 4.0.1.3.0 (4 bytes)
            4.0.1.3.0 copy of 4.0.0.2.0 (bytes)
        4.0.1.4 copy of 4.0.0.1; allocator for 4.0.1.4.0 (4 bytes)
            4.0.1.4.0 copy of 4.0.0.1.0 (bytes)
        4.0.1.5 uint32 allocator for 4.0.1.5.0 (4 bytes)
            4.0.1.5.0 private exponent ('d')
        4.0.1.6 uint32 allocator for 4.0.1.6.0 (4 bytes)
            4.0.1.6.0 CRT helper value ('q^(-1) % p')
        4.0.1.7 uint32 allocator for 4.0.1.7.0 (4 bytes)
            4.0.1.7.0 prime #1 ('p')
        4.0.1.8 uint32 allocator for 4.0.1.8.0 (4 bytes)
            4.0.1.8.0 prime #2 ('q')
        4.0.1.9 uint32 allocator for 4.0.1.9.0 (4 bytes)
            4.0.1.9.0 comment for key #n string (ASCII bytes)
        4.0.1.10 sequential padding
Note

Chunk 3.0.0 to 3.0.1: These blocks are not present in unencrypted keys (see the encrypted key structure for what these look like). 3.0 reflects this, as its always going to be 00000000 (0).

Chunk 4.0: This is technically currently unused; upstream hardcodes to 1 (left zero-padded 0x01).

Chunk 4.0.0.1.0, 4.0.0.2.0, 4.0.1.3.0, 4.0.1.4.0: Note that the ordering of e/n in 4.0.0 is changed to n/e in 4.0.1.

Chunk 4.0.1.10: The padding used aligns the private key (4.0.1.0 to 4.0.1.9.0) to the cipher blocksize. For plaintext keys, a blocksize of 8 is used.

Example

The following example, being encrypted, is protected with a passphrase. The passphrase used in this example key is test.

id_rsa Format
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn
NhAAAAAwEAAQAAAgEAt87ARgHOKhLwySTLmjDrmQBmgSyxQ2kZPzCyuf3Ur8swDJGPKnfW
RBDzYXrnyMoxjCV9PE304sQQi7vpOoaJS6FLNXXy9yFQvDgdy/t0LHoZaGb9MYSs6Wdhrd
oPwpkvbIZtdWmRn8ItnEvw3kBajHbVGaoqUyncaCV3ciml0LdTp4JaiblSdfnAJeIVNDxs
iM1mkKIh+K6e9nXuRk3H0RjaQQUH6l1rZIndYK/YpmRkkts+J58aeCQNuKu9psUHFMljZl
CnIIHn+l1HLBQosH6uXRW2TqHip1CFEv6atlX4ajE0htPMod2OkKzFyfuk1udnUH+6ufOn
9ox0gUKvKjcB0xqKm3URlYqncYe6cC7ZNNOFr87kI4DpXg5+m8D00jNn/HcDdBZ7fwkm+2
/bbQWq0c/RkYJIRbAU4YFTvw0dPDsfrbslo/HRUfm2hGM9jBaQ/NjK0FqsKusj2/GaN+SA
oAiRAxnBFtR72SSzmUJUO4ig9hJ5UrLY4SkPMCn1Qq6+nAyONs8yloZc1mQ8iSTVZuv0lx
gJOZoawJb+Htw7X4cb9e8LTUTg6idiDSBRQuC/z2d7TbAlUyEho/B0WqTQWGMxczJXhVpc
7L46xEA9BP8MwMWLfASQS0AhJcK8KmOiDrswnMbz5l2zAaBYuNrOB+cbOPPzWVQz9psZjw
cAAAdQU4NHElODRxIAAAAHc3NoLXJzYQAAAgEAt87ARgHOKhLwySTLmjDrmQBmgSyxQ2kZ
PzCyuf3Ur8swDJGPKnfWRBDzYXrnyMoxjCV9PE304sQQi7vpOoaJS6FLNXXy9yFQvDgdy/
t0LHoZaGb9MYSs6WdhrdoPwpkvbIZtdWmRn8ItnEvw3kBajHbVGaoqUyncaCV3ciml0LdT
p4JaiblSdfnAJeIVNDxsiM1mkKIh+K6e9nXuRk3H0RjaQQUH6l1rZIndYK/YpmRkkts+J5
8aeCQNuKu9psUHFMljZlCnIIHn+l1HLBQosH6uXRW2TqHip1CFEv6atlX4ajE0htPMod2O
kKzFyfuk1udnUH+6ufOn9ox0gUKvKjcB0xqKm3URlYqncYe6cC7ZNNOFr87kI4DpXg5+m8
D00jNn/HcDdBZ7fwkm+2/bbQWq0c/RkYJIRbAU4YFTvw0dPDsfrbslo/HRUfm2hGM9jBaQ
/NjK0FqsKusj2/GaN+SAoAiRAxnBFtR72SSzmUJUO4ig9hJ5UrLY4SkPMCn1Qq6+nAyONs
8yloZc1mQ8iSTVZuv0lxgJOZoawJb+Htw7X4cb9e8LTUTg6idiDSBRQuC/z2d7TbAlUyEh
o/B0WqTQWGMxczJXhVpc7L46xEA9BP8MwMWLfASQS0AhJcK8KmOiDrswnMbz5l2zAaBYuN
rOB+cbOPPzWVQz9psZjwcAAAADAQABAAACAEmfLHBeBL/hekR20n5eHd/YwzX2OsIvdIdU
8CGDRA9tqT8/hkKSYWY+C939pp1ML3BdC7590xqJQb9WcuKYRKHgZwlwxvKpi3b4Wyb6/t
tZxJeGuN9+ruuGFx/Vef6N8OrdJTakJEoDMtWprT64NAyTBGQVPoK0/61PZHp7qAjjhURQ
+Aa2DgtnD8mctrWHhkl9TBmed1DuUImTTu8l9GUSOUlVxIfhB0Tr25oAlRyAlbAk1M518d
oxRrWzRHFp9Z4j1AaFQ4vHvK0Rc5J6OJoJA7oRGkaAnRI7NDIZfMqPwMJ4FvvyFcK3xYS5
TzfJ7YqOgVlC7/3PVHVyaK/lj9cAzc9qmKIJUGF7BiSqg12V4n16/N7nDDl8obaqBHNebV
xeAb//IXTPVi02hCYkSQ4SyoFCWV1SVnSU84shJAEsrKyyVk4hyEXrlPXW6/bzkGbh+gSz
GBdOb5mUgjuk2e8sKLN8s+oF+jytcgCJg5QnaDVSPk5BYFTyPbDrcyIR06EepVE5CujVjW
nhRmTg4g8r8MzSTSYLgyqUFE9YAep827JDbyG6LbrsvNVz8kxeDUP9JrSuZ2ThON2vR3Ws
AWPkVyfBACf3FsvjzHD/9zRBuyU45UJqGlY4tEinveloBB7CGE72ew2mAHApfNc97u/r0Z
UWEcendslW4Y5fFjohAAABAAri4c8kVaDYInLmpCu7qD63ZUluWjPhO4yUdW2MMvfXUF/Z
l73V7AjFm/jR1lnR3wK+xmnrtaqvXbHscM4vKms6F7ex/OOtxiA8KQXNZS12IgZd0BGuM4
lEZ8bco2Q5UrDK7f+bx4rEBAgHQCdWbuTEdRrT/0UqJ4Gvi1wsm/CbNO5eYgEzC0vDga92
Z5hmfFua0HM8GfTvR1/SZGVeAwVT8vL43lnCrudLndZyDjEIFD3+3UHPS8Ed4rmp9A+uxy
pSMSq+5MYVWs/uk4ShY0jHFTRuvmk4lf5tI0jU3tsKE3xIcYX/lJwgkRW5yKEGMpmR8Eno
Qwx7pg3VQI1yrJgAAAEBAOULZbpq5MsprmYSnD5B/+ujbNbsuqcEX/kM6nHQm8BWsLkTTc
V1TEnaH+irFpzRSe7a7M9JE9kV9PJBxf2Gx3UR4MJhw0RgCoTM546M9JPkkoRMuCxCq20S
RqU+XPUK1HWcKlwJ1TscXDtEkyjuoBQ01uU3s6UTko363fCnJygjiZuNeVIgyzNEq40OhG
4eQP/ftccZJiwrUnqJClH6q88QkEaZE197mXSH9LSNRJCtgPwls0b6C7WH8JKVvw9xrBCo
CGhn1LrQCgwnpkVvCODCv4yu2HaPA2aiRAQoGAopJhevYf6rq5pwdbi8ISCaVDm7/jYTkX
Bx/udKjV2A/pkAAAEBAM1wd2WfrZgxBLzH3FJiQrnqUs6kDpI993GsKijjd/K5IxpYwkSM
a40X/oNXHva9u8EfPUq0JU6oWWhLh3KRH5xvNVR5BT4+PTpuzOE6AWkIKYyj+LYo0hEXSa
NidijrBYRPVGeVpQZ9ObHTBOGcxvwb4AphZOoz5Ku8h/VoMicdglyGjFzNo3dbA3cR6ZQ2
+WxT83gLmFCE4dhKRYxoerCTigm/b5s//sQe0C/VsnVyx9GAA55AWlWbYvwI+ASxnwQ9uk
xvdWWxxydZ9Lky1Pk9T0HakbGxRvKYVKEAg0HkdgvdSYcJfsSmVRq5bgmaBKONaok7Uz2x
hau1VzZBnp8AAAAYVGhpcyBpcyBhIGNvbW1lbnQgc3RyaW5nAQID
-----END OPENSSH PRIVATE KEY-----
Structure Reference (Hex) (Decoded Base64)
0.0 6f70656e7373682d6b65792d763100 ("openssh-key-v1" + 0x00)
1.0 0000000a (10)
    1.0.0 6165733235362d637472 ("none")
2.0 00000006 (6)
    2.0.0 626372797074 ("none")
3.0 00000000 (0)
4.0 00000001 (1)
    4.0.0 00000217 (535)
        4.0.0.0 00000007 (7)
            4.0.0.0.0 7373682d727361 ("ssh-rsa")
        4.0.0.1 00000003 (3)
            4.0.0.1.0 010001 (65537)
        4.0.0.2 00000201 (513)
            4.0.0.2.0 00b7cec04601ce2a12f0c924cb9a30eb990066812cb14369193f30b2b9fdd4af
                      cb300c918f2a77d64410f3617ae7c8ca318c257d3c4df4e2c4108bbbe93a8689
                      4ba14b3575f2f72150bc381dcbfb742c7a196866fd3184ace96761adda0fc299
                      2f6c866d7569919fc22d9c4bf0de405a8c76d519aa2a5329dc6825777229a5d0
                      b753a7825a89b95275f9c025e215343c6c88cd6690a221f8ae9ef675ee464dc7
                      d118da410507ea5d6b6489dd60afd8a6646492db3e279f1a78240db8abbda6c5
                      0714c9636650a72081e7fa5d472c1428b07eae5d15b64ea1e2a7508512fe9ab6
                      55f86a313486d3cca1dd8e90acc5c9fba4d6e767507fbab9f3a7f68c748142af
                      2a3701d31a8a9b7511958aa77187ba702ed934d385afcee42380e95e0e7e9bc0
                      f4d23367fc770374167b7f0926fb6fdb6d05aad1cfd191824845b014e18153bf
                      0d1d3c3b1fadbb25a3f1d151f9b684633d8c1690fcd8cad05aac2aeb23dbf19a
                      37e480a008910319c116d47bd924b39942543b88a0f6127952b2d8e1290f3029
                      f542aebe9c0c8e36cf3296865cd6643c8924d566ebf4971809399a1ac096fe1e
                      dc3b5f871bf5ef0b4d44e0ea27620d205142e0bfcf677b4db025532121a3f074
                      5aa4d0586331733257855a5cecbe3ac4403d04ff0cc0c58b7c04904b402125c2
                      bc2a63a20ebb309cc6f3e65db301a058b8dace07e71b38f3f3595433f69b198f
                      07 (bytes)
    4.0.1 00000750 (1872)
        4.0.1.0 53834712 (1401112338)
        4.0.1.1 53834712 (1401112338)
        4.0.1.2 00000007 (7)
            4.0.1.2.0 7373682d727361 ("ssh-rsa")
        4.0.1.3 00000201 (513)
            4.0.1.3.0 00b7cec04601ce2a12f0c924cb9a30eb990066812cb14369193f30b2b9fdd4af
                      cb300c918f2a77d64410f3617ae7c8ca318c257d3c4df4e2c4108bbbe93a8689
                      4ba14b3575f2f72150bc381dcbfb742c7a196866fd3184ace96761adda0fc299
                      2f6c866d7569919fc22d9c4bf0de405a8c76d519aa2a5329dc6825777229a5d0
                      b753a7825a89b95275f9c025e215343c6c88cd6690a221f8ae9ef675ee464dc7
                      d118da410507ea5d6b6489dd60afd8a6646492db3e279f1a78240db8abbda6c5
                      0714c9636650a72081e7fa5d472c1428b07eae5d15b64ea1e2a7508512fe9ab6
                      55f86a313486d3cca1dd8e90acc5c9fba4d6e767507fbab9f3a7f68c748142af
                      2a3701d31a8a9b7511958aa77187ba702ed934d385afcee42380e95e0e7e9bc0
                      f4d23367fc770374167b7f0926fb6fdb6d05aad1cfd191824845b014e18153bf
                      0d1d3c3b1fadbb25a3f1d151f9b684633d8c1690fcd8cad05aac2aeb23dbf19a
                      37e480a008910319c116d47bd924b39942543b88a0f6127952b2d8e1290f3029
                      f542aebe9c0c8e36cf3296865cd6643c8924d566ebf4971809399a1ac096fe1e
                      dc3b5f871bf5ef0b4d44e0ea27620d205142e0bfcf677b4db025532121a3f074
                      5aa4d0586331733257855a5cecbe3ac4403d04ff0cc0c58b7c04904b402125c2
                      bc2a63a20ebb309cc6f3e65db301a058b8dace07e71b38f3f3595433f69b198f
                      07 (bytes)
        4.0.1.4 00000003 (3)
            4.0.1.4.0 010001 (65537)
        4.0.1.5 00000200 (512)
            4.0.1.5.0 499f2c705e04bfe17a4476d27e5e1ddfd8c335f63ac22f748754f02183440f6d
                      a93f3f86429261663e0bddfda69d4c2f705d0bbe7dd31a8941bf5672e29844a1
                      e0670970c6f2a98b76f85b26fafedb59c49786b8df7eaeeb86171fd579fe8df0
                      eadd2536a4244a0332d5a9ad3eb8340c930464153e82b4ffad4f647a7ba808e3
                      854450f806b60e0b670fc99cb6b58786497d4c199e7750ee5089934eef25f465
                      12394955c487e10744ebdb9a00951c8095b024d4ce75f1da3146b5b3447169f5
                      9e23d40685438bc7bcad1173927a389a0903ba111a46809d123b3432197cca8f
                      c0c27816fbf215c2b7c584b94f37c9ed8a8e815942effdcf54757268afe58fd7
                      00cdcf6a98a20950617b0624aa835d95e27d7afcdee70c397ca1b6aa04735e6d
                      5c5e01bfff2174cf562d36842624490e12ca8142595d52567494f38b2124012c
                      acacb2564e21c845eb94f5d6ebf6f39066e1fa04b318174e6f9994823ba4d9ef
                      2c28b37cb3ea05fa3cad7200898394276835523e4e416054f23db0eb732211d3
                      a11ea551390ae8d58d69e14664e0e20f2bf0ccd24d260b832a94144f5801ea7c
                      dbb2436f21ba2dbaecbcd573f24c5e0d43fd26b4ae6764e138ddaf4775ac0163
                      e45727c10027f716cbe3cc70fff73441bb2538e5426a1a5638b448a7bde96804
                      1ec2184ef67b0da60070297cd73deeefebd1951611c7a776c956e18e5f163a21 (bytes)
        4.0.1.6 00000100 (256)
            4.0.1.6.0 0ae2e1cf2455a0d82272e6a42bbba83eb765496e5a33e13b8c94756d8c32f7d7
                      505fd997bdd5ec08c59bf8d1d659d1df02bec669ebb5aaaf5db1ec70ce2f2a6b
                      3a17b7b1fce3adc6203c2905cd652d7622065dd011ae33894467c6dca3643952
                      b0caedff9bc78ac40408074027566ee4c4751ad3ff452a2781af8b5c2c9bf09b
                      34ee5e6201330b4bc381af766798667c5b9ad0733c19f4ef475fd264655e0305
                      53f2f2f8de59c2aee74b9dd6720e3108143dfedd41cf4bc11de2b9a9f40faec7
                      2a52312abee4c6155acfee9384a16348c715346ebe693895fe6d2348d4dedb0a
                      137c487185ff949c209115b9c8a106329991f049e8430c7ba60dd5408d72ac98 (bytes)
        4.0.1.7 00000101 (257)
            4.0.1.7.0 00e50b65ba6ae4cb29ae66129c3e41ffeba36cd6ecbaa7045ff90cea71d09bc0
                      56b0b9134dc5754c49da1fe8ab169cd149eedaeccf4913d915f4f241c5fd86c7
                      7511e0c261c344600a84cce78e8cf493e492844cb82c42ab6d1246a53e5cf50a
                      d4759c2a5c09d53b1c5c3b449328eea01434d6e537b3a513928dfaddf0a72728
                      23899b8d795220cb3344ab8d0e846e1e40ffdfb5c719262c2b527a890a51faab
                      cf10904699135f7b997487f4b48d4490ad80fc25b346fa0bb587f09295bf0f71
                      ac10a8086867d4bad00a0c27a6456f08e0c2bf8caed8768f0366a2440428180a
                      292617af61feabab9a7075b8bc21209a5439bbfe3613917071fee74a8d5d80fe
                      99 (bytes)
        4.0.1.8 00000101 (257)
            4.0.1.8.0 00cd7077659fad983104bcc7dc526242b9ea52cea40e923df771ac2a28e377f2
                      b9231a58c2448c6b8d17fe83571ef6bdbbc11f3d4ab4254ea859684b8772911f
                      9c6f355479053e3e3d3a6ecce13a016908298ca3f8b628d2111749a3627628eb
                      05844f546795a5067d39b1d304e19cc6fc1be00a6164ea33e4abbc87f5683227
                      1d825c868c5ccda3775b037711e99436f96c53f3780b985084e1d84a458c687a
                      b0938a09bf6f9b3ffec41ed02fd5b27572c7d180039e405a559b62fc08f804b1
                      9f043dba4c6f7565b1c72759f4b932d4f93d4f41da91b1b146f29854a1008341
                      e4760bdd4987097ec4a6551ab96e099a04a38d6a893b533db185abb55736419e
                      9f (bytes)
        4.0.1.9 00000018 (24)
            4.0.1.9.0 54686973206973206120636f6d6d656e7420737472696e67 ("This is a comment string")
        4.0.1.10 010203 ([1 2 3], 3 bytes)