triptico.com

Un naufragio personal

Private Key Redaction: UR DOIN IT RONG

Matt Palmer said:

Because posting private keys on the Internet is a bad idea, some people like to “redact” their private keys, so that it looks kinda-sorta like a private key, but it isn’t actually giving away anything secret. Unfortunately, due to the way that private keys are represented, it is easy to “redact” a key in such a way that it doesn’t actually redact anything at all. RSA private keys are particularly bad at this[...]

A very clear explanation follows about the only really meaningful parts of a private RSA key in base64 DER format and how to rebuild a full key using only these parts, even if the rest have been redacted out, garbled or obfuscated.

https://www.hezmatt.org/~mpalmer/blog/2020/05/17/private-key-redaction-ur-doin-it-rong.html