From 24fee8973abdf1c521cd2c0047d89e86d9c3fc38 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 7 May 2021 02:29:40 +0000
Subject: [PATCH] upstream: correct mistake in spec - the private key blobs are
 encoded

verbatim and not as strings (i.e. no 4-byte length header)

OpenBSD-Commit-ID: 3606b5d443d72118c5b76c4af6dd87a5d5a4f837
---
 PROTOCOL.key | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/PROTOCOL.key b/PROTOCOL.key
index 959bd7aee..38df268b6 100644
--- a/PROTOCOL.key
+++ b/PROTOCOL.key
@@ -35,9 +35,9 @@ of the cipher block size.
 
 	uint32	checkint
 	uint32	checkint
-	string	privatekey1
+	byte[]	privatekey1
 	string	comment1
-	string	privatekey2
+	byte[]	privatekey2
 	string	comment2
 	...
 	string	privatekeyN
@@ -48,6 +48,9 @@ of the cipher block size.
 	...
 	char	padlen % 255
 
+where each private key is encoded using the same rules as used for
+SSH agent.
+
 Before the key is encrypted, a random integer is assigned
 to both checkint fields so successful decryption can be
 quickly checked by verifying that both checkint fields
@@ -65,4 +68,4 @@ For unencrypted keys the cipher "none" and the KDF "none"
 are used with empty passphrases. The options if the KDF "none"
 are the empty string.
 
-$OpenBSD: PROTOCOL.key,v 1.1 2013/12/06 13:34:54 markus Exp $
+$OpenBSD: PROTOCOL.key,v 1.2 2021/05/07 02:29:40 djm Exp $