0

So in the .ssh directory, there is a file named "id_rsa" which is the private key file.

It contains the encrypted private key, and and encryption algorithm (AES128-CBC) as well as the Initialization Vector.

I understand that it gets decrypted automatically when you enter your passphrase and I understand that the decryption algorithm takes in the encrypted private key, and the passphrase (as the key), as well as the IV (I am given this already).

I just want to know how the passphrase is padded? Cause AES 128 takes in a key size of 128 bits, and a passphrase is usually a lot smaller than that.

I am trying to manually decrypt my private key (for learning purposes) . The only missing thing I have, is how I should pad my "passphrase" so I can pass it in the encryption algorithm.

Basically, to sum it all up, how is a passphrase which is a string converted to a 128 bit (16 byte) key?

AznBoyStride
  • 305
  • 2
  • 12
  • You may check https://stackoverflow.com/questions/43674870/how-is-a-private-key-encrypted-in-a-pem-certificate – gusto2 Apr 25 '18 at 05:36
  • 3
    The passphrase is not padded to create the private key; the key is **derived** from the passphrase using a password based key derivation method (PBKDF), which unfortunately probably is the OpenSSL specific one called `EVP_BytesToKey` using a single iteration. Read up on how to decrypt OpenSSL private keys, because that's the code used by OpenSSH. – Maarten Bodewes Apr 25 '18 at 08:54
  • 1
    Note that implementing a PBKDF or decoding ASN.1 defined structures is not for the faint of heart; you may have chosen a pretty tough (and not all that well documented) subject to learn about crypto. – Maarten Bodewes Apr 25 '18 at 09:41

0 Answers0