Hi Team,
We are trying to generate PPK Version3 using Java code.
Followed this documentation for generating the same:
https://tartarus.org/~simon/putty-snapshots/htmldoc/AppendixC.html#ppk-keys
Able to generate PPK file successfully with and without encryption. Facing issues while we try to convert PPK to PEM file via puttygen.
1. Built the PPK file version 3 format as specified by the document
2. public-lines are written as Base64 encoded
3. Private-lines - Argon2 KDF generated 80 bytes of data (CipherKey + IV + MAC Key)
4. Private-MAC key is generated as per the document specification
i) algorithm name, encryption, comment, public-lines (base64), private-lines with padding (unencrypted + base64)
But when the generated PPK is converted to PEM with passphrase, getting "wrong passphrase" error in PuttyGen tool.
Could you please help if any specific step is missing during PPK file generation via Java?
Sharing Argon2 logic:
*************************************
byte[] out = new byte[80];
Argon2BytesGenerator encoder = new Argon2BytesGenerator();
Argon2Parameters parameters = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id).withParallelism(parallelism).withIterations(iterations)
.withMemoryAsKB(memoryInKB).withSalt(salt.getBytes()).withSecret("".getBytes()).withAdditional("".getBytes()).build();
encoder.init(parameters);
encoder.generateBytes(password, out, 0, 80);
return out;
encryption/decryption logic: (bouncy castle)
SecretKey keyValue = new SecretKeySpec(Arrays.copyOfRange(keyIVMac, 0, 32), "AES");
AlgorithmParameterSpec ivSpec = new IvParameterSpec(Arrays.copyOfRange(keyIVMac, 32, 48));
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding", BouncyCastleProvider.PROVIDER_NAME);
cipher.init(Cipher.ENCRYPT_MODE, keyValue, ivSpec);
data = cipher.doFinal(keyWriter.array(), 0, encrypted_len);
Please share any suggestions on this.
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)