checking in some more research and primitive functions. i cannot, for the life of me, figure out why i can't (seemingly) properly decrypt private keys.

2020-09-17 08:37:05 -04:00
parent 5f5d77a2a6
commit 6b956a3a49
10 changed files with 190 additions and 65 deletions
--- a/sshkeys/ref/encrypted/private
+++ b/sshkeys/ref/encrypted/private
@@ -54,12 +54,24 @@ ANNOTATED HEX:
 		4.0.0.1 00000020 (32)
 			4.0.0.1.0 bfa2031aa5463113e40e16896af503c5299ead76b09cb63846f41cc4de1740f6 (bytes)
 	4.0.1 000000a0 (160)
-		4.0.1 (AES256-CTR encrypted block) (bytes)
-			c49777cd0d1a7d37db77a1814991278f8ce99d57
-			2e2c666b93b99867425c60da4652fddb85550985
-			32b51beeee2959f9db5cf5a0905052720c5de25f
-			2c4dd87ebcc7bb5ea3d7bcbeacc6b732e4c39295
-			d9991a97ef3f0838f8a9bfd43edb340318964908
-			8f6cfb78946fb914e358ac6abc64691072f5f278
-			8534d9d42d7f406bc5090b30df23cb7dd8c5cb93
-			8e41facd6e38e8845b8160bff840598118d447c2
+		4.0.1.0 - 4.0.1.5 (AES256-CBC encrypted block) (bytes)
+			c49777cd0d1a7d37db77a1814991278f
+			8ce99d572e2c666b93b99867425c60da
+			4652fddb8555098532b51beeee2959f9
+			db5cf5a0905052720c5de25f2c4dd87e
+			bcc7bb5ea3d7bcbeacc6b732e4c39295
+			d9991a97ef3f0838f8a9bfd43edb3403
+			189649088f6cfb78946fb914e358ac6a
+			bc64691072f5f2788534d9d42d7f406b
+			c5090b30df23cb7dd8c5cb938e41facd
+			6e38e8845b8160bff840598118d447c2
+
+DECRYPTED 4.0.1:
+(...)
+4.0.1 000000a0 (160)
+	4.0.1.0
+	4.0.1.1
+	4.0.1.2
+	4.0.2.3
+	4.0.2.4
+	4.0.2.5
--- a/sshkeys/ref/sources
+++ b/sshkeys/ref/sources
@@ -5,3 +5,27 @@ https://stackoverflow.com/a/56300901/733214
 https://stackoverflow.com/a/59283692/733214
 https://coolaj86.com/articles/the-openssh-private-key-format/
 https://coolaj86.com/articles/the-ssh-public-key-format/
+https://crypto.stackexchange.com/a/40910
+https://flak.tedunangst.com/post/new-openssh-key-format-and-bcrypt-pbkdf
+("(Technical note: PBKDF2, aka PKCS #5, supports pluggable hash functions, though in practice everybody uses HMAC-SHA1. The bcrypt pbkdf essentially is PBKDF2, but with bcrypt plugged into it instead.)"
+http://www.tedunangst.com/flak/post/bcrypt-pbkdf
+
+## UPSTREAM
+https://github.com/openssh/openssh-portable/blob/master/sshkey.c
+	funcs:
+	sshkey_generate (~L1714)
+	sshkey_private_to_blob2 (~L3833)
+	sshkey_private_to_fileblob (~L4413)
+https://github.com/openssh/openssh-portable/blob/master/cipher.c
+	funcs:
+	cipher_ivlen	
+https://github.com/openssh/openssh-portable/blob/master/ed25519.c
+	funcs:
+	crypto_sign_ed25519_keypair (~L26)
+https://github.com/openssh/openssh-portable/blob/master/authfile.c
+	funcs:
+	sshkey_save_private (~L68)
+	sshkey_save_private_blob (~L56)
+https://github.com/openssh/openssh-portable/blob/master/ssh-keygen.c
+	funcs:
+	main (~L3145; ~L3673 onwards for key generation)