yeah, the private keys should be inserted as byte[] rather than string.
I just fixed this in https://github.com/openssh/openssh-portable/commit/24fee8
On Wed, 5 May 2021, Tyson Whitehead wrote:
> The PROTOCOL.key file says the list of N private keys in in the OpenSSH
format
> are stored like so
>
> uint32 checkint
> uint32 checkint
> string privatekey1
> string comment1
> string privatekey2
> string comment2
> ...
>
> I would then expect then that each privatekey should have the string
wrapping
> that proceeds them with a 32-bit count of the number of bytes in the
private
> key.
>
> When I do a dump of the file though it seems that each of the privatekeys
are
> just embedded at these points without the string wrapping. For example
>
> $ sed -n '2,9p' ~/.ssh/id_ecdsa_sk | base64 -d | xxd -g 1
> ...
> 000000a0: 4e 95 00 00 00 04 73 73 68 3a 00 00 00 e0 ea 93 N.....ssh:......
> 000000b0: 0b 34 ea 93 0b 34 00 00 00 22 73 6b 2d 65 63 64
.4...4..."sk-ecd
> 000000c0: 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 32 35 36 sa-sha2-nistp256
> 000000d0: 40 6f 70 65 6e 73 73 68 2e 63 6f 6d 00 00 00 08 @openssh.com....
> ...
>
> you can see the two ea 93 0b 34 checkints are followed by 00 00 00 22 which
is
> the immediate start of a "sk-ecdsa-sha2-nistp256 at openssh.com"
key without a
> string wrapper (0x22 being the length of the
> "sk-ecdsa-sha2-nistp256 at openssh.com" identifier).
>
> As a point of comparison, the public keys declared earlier in the file are
> actually string wrapped. Using the same example
>
> byte[] AUTH_MAGIC
> string ciphername
> string kdfname
> string kdfoptions
> int number of keys N
> string publickey1
> string publickey2
> ...
>
> $ sed -n '2,9p' ~/.ssh/id_ecdsa_sk | base64 -d | xxd -g 1
> ...
> 00000020: 00 00 00 00 00 00 01 00 00 00 7f 00 00 00 22 73
.............."s
> 00000030: 6b 2d 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 k-ecdsa-sha2-nis
> 00000040: 74 70 32 35 36 40 6f 70 65 6e 73 73 68 2e 63 6f tp256 at
openssh.co
> 00000050: 6d 00 00 00 08 6e 69 73 74 70 32 35 36 00 00 00 m....nistp256...
> ...
>
> we see the number of keys 01 is followed by the length of the entire first
key
> 00 00 00 7f, which is then followed by the 00 00 00 22 that starts the
> "sk-ecdsa-sha2-nistp256 at openssh.com" key that is wrapped
(again the size of
> the key type identifier).
>
> Thanks! -Tyson
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>