以 RSA OpenSSH 格式读取 KeyPair 的公钥？答案

【问题标题】：Read KeyPair's publickey in RSA OpenSSH format?以 RSA OpenSSH 格式读取 KeyPair 的公钥？
【发布时间】：2014-09-12 15:31:34
【问题描述】：

我通过执行以下操作在 Java 中创建了 KeyPair：

KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024, new SecureRandom());
KeyPair keyPair = keyPairGenerator.generateKeyPair();

如何从keyPair 获取以“-----BEGIN” 开头的RSA OpenSSH 格式的publicKey？

【问题讨论】：

这段代码生成一个新的随机密钥对，它不会从任何地方读取它。
How to read .pem file to get private and public key的可能重复

标签： java encryption cryptography public-key-encryption

【解决方案1】：

这是一个我没有测试过的快速技巧。这需要 Java 6 或更高版本。有关详细信息，请参阅以下 RFC：

RFC 4716
RFC 4253
RFC 4251

import java.io.*;
import java.math.BigInteger;
import java.nio.*;
import java.nio.charset.Charset;
import java.security.*;
import java.security.interfaces.RSAPublicKey;

import javax.xml.bind.DatatypeConverter;

public class SecshPublicKey {
    
    /*
     * Taken from RFC 4716, with reference to RFCs 4253 and 4251.
     */
    public static void main(String[] args) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(1024, new SecureRandom());
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        
        ByteArrayOutputStream binaryOS = new ByteArrayOutputStream();
        writeSshString(binaryOS, "ssh-rsa");
        RSAPublicKey rsaPub = (RSAPublicKey)keyPair.getPublic();
        writeSshMPInt(binaryOS, rsaPub.getPublicExponent());
        writeSshMPInt(binaryOS, rsaPub.getModulus());
        
        // Now base64-encode the result.
        
        String b64Encoded = sshBase64Encode(binaryOS.toByteArray());
        
        // Now write out the result
        
        System.out.println("---- BEGIN SSH2 PUBLIC KEY ----");
        System.out.println(b64Encoded);
        System.out.println("---- END SSH2 PUBLIC KEY ----");
    }

    private static String sshBase64Encode(byte[] byteArray) {
        String b64_prelim = DatatypeConverter.printBase64Binary(byteArray);
        
        // Break into lines of at most 72 characters.
        
        StringBuilder b64_final = new StringBuilder(b64_prelim.length() * 2);
        
        while (b64_prelim.length() > 72) {
            b64_final.append(b64_prelim.substring(0, 72));
            b64_final.append("\n");
            b64_prelim = b64_prelim.substring(72);
        }
        b64_final.append(b64_prelim);
        return b64_final.toString();
    }

    private static void writeSshMPInt(OutputStream os, BigInteger mpint) throws IOException {
        ByteBuffer lengthBuf = ByteBuffer.allocate(4);
        lengthBuf.order(ByteOrder.BIG_ENDIAN);
        byte [] x;
        if (mpint.equals(BigInteger.ZERO)) {
            x = new byte[0];
        } else {
            x = mpint.toByteArray();
        }
        lengthBuf.putInt(x.length);
        os.write(lengthBuf.array());
        os.write(x);
    }

    private static void writeSshString(OutputStream os, String s) throws IOException {
        ByteBuffer lengthBuf = ByteBuffer.allocate(4);
        lengthBuf.order(ByteOrder.BIG_ENDIAN);
        byte [] encoded = s.getBytes(Charset.forName("UTF-8"));
        lengthBuf.putInt(encoded.length);
        os.write(lengthBuf.array());
        os.write(encoded);
    }

}

【讨论】：