23 lines
773 B
Plaintext
23 lines
773 B
Plaintext
The file has a header like
|
|
u8[3]: magic = b'WOT'
|
|
u8: version = 0
|
|
|
|
After the header the entries are laid out as
|
|
u8[32]: salt
|
|
u8[32]: sha256(host concat salt)
|
|
u8[32]: sha256-fingerprint
|
|
u16le: comment-bytes
|
|
utf8[]: comment
|
|
|
|
If port is not 22, the host is [host]:port. This is in accordance with how
|
|
OpenSSH stores it in .ssh/known_hosts. Internationalized domain names are
|
|
punycoded and all domain names are converted into lower case. This differs
|
|
from OpenSSH, which is not IDN-aware.
|
|
|
|
Sha256 is used instead of a password hash since we want checking for whether
|
|
a host is present to be reasonably fast.
|
|
|
|
The comment field can have any other valid Unicode, but must not contain
|
|
newline characters. An implementation should check for them when displaying
|
|
the comment.
|