我有以下公钥(例如):
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKAmiieDC6SEYpxdI5Kn
iRUmUwE5EQL2nyDNDrV4dpC28mIcvKlCHWrq8YL7vpKya5GRUYl5xFNoB73s0UGn
8AtZBlG82/vbAPI5g9OoF2Df+0PusG5da+yFZXJNIyx1Kmgp4Ca4BR4WHGYo2LiW
zvhjCi9OBO6ERFrlCX1tGCI8mVxo54PzSMbo6LxYmJcJgUneVERjmQe1+tvggeP5
J44xJB5ompRkXg3VEeqYiqC8RfU3cL2DxTLsQqz/ndtpyGwjd1VCreXZCveDJlHN
WDZHvaHIReJa4aQp93NZVLhhVl0sHF1QM/7RSrDvRK7CGAZKq8COQ3/F2zLpMOPM
PQIDAQAB
-----END PUBLIC KEY-----
我需要能够将其转换为可以插入ssh known_hosts文件的格式。例如:
localhost ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDj0HsJJ4I0p+gRYrpv3JFORk0NFB8YwlRdGBxja453pBzMBm6LyEmSqZAvv0UCguLI+Avo1HmDLJlrWd+1wVECRNSxD9twqcD5pkQcowy5hWOH0KbmBIdoYQqkm+nGhwSLSDJ5wO9k/F26D03d5/c0gNjB9UU9HrJ8zyB185vezxc6VM/kLlcoUMHT1aL/+cxbvlq5tkJDCmEQg05k4LgBWdfwUAXA1n3DlI9bU+CWb9hnmBUPFMHge56+Z1fhaJfvVW6VxLMh/W1NxK1Cxo4ig+0U0fYInqoMNcBT/6C7P2OdA8DbESCF5E7/9/eTLfsbW7EB7Ka3Mfyfm2a0Cswx
我认为这两个公钥应该是一样的。它们只是以两种不同的形式表达出来。 (对吗?)对于我的生活,我无法弄清楚如何做到这一点。
到目前为止,我正在从PEM文件加载私钥并像这样解析它。 PEMParser来自充气城堡:
FileReader keyPairReader = new FileReader(new File(applicationPropertiesService.getConfigDir(), KEY_PAIR_FILE));
PEMParser parser = new PEMParser(keyPairReader);
PEMKeyPair pemKeyPair = (PEMKeyPair) parser.readObject();
从这里我可以获得一个SubjectPublicKeyInfo对象,我可以获取我的数据并将其编码为base64:
String pkBase64 = new BASE64Encoder().encode(publicKey.getEncoded())
这为我提供了上面第一个公钥中的base64字符串。但是,对于我的生活,我无法弄清楚如何获得ssh-rsa格式。
任何帮助都将不胜感激。
谢谢!
答案 0 :(得分:0)
好的,这不是我认为的那样。事实证明,Ebbe M. Pedersen提供的链接毕竟是正确的。我一直在将结果字符串与错误的已知键值进行比较。所以,这一直在起作用,我的大脑根本没有工作。
答案 1 :(得分:0)
package hr.yottabyte.crypto.utils;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
public class CryptoUtils {
public static String encodeAsOpenSSH(X509Certificate certificate) throws Exception {
PublicKey key = certificate.getPublicKey();
String subject = certificate.getSubjectDN().getName();
X509EncodedKeySpec spec = new X509EncodedKeySpec(key.getEncoded());
KeyFactory kf = KeyFactory.getInstance("RSA");
RSAPublicKey pubKey = (RSAPublicKey) kf.generatePublic(spec);
return encodeAsOpenSSH(pubKey, subject);
}
public static String encodeAsOpenSSH(RSAPublicKey key, String subject) {
return encodeAsOpenSSH(key) + " " + subject;
}
public static String encodeAsOpenSSH(RSAPublicKey key) {
byte[] keyBlob = keyBlob(key.getPublicExponent(), key.getModulus());
byte[] encodedByteArray = Base64.getEncoder().encode(keyBlob);
String encodedString = new String(encodedByteArray);
return "ssh-rsa " + encodedString;
}
private static byte[] keyBlob(BigInteger publicExponent, BigInteger modulus) {
try {
ByteArrayOutputStream out = new ByteArrayOutputStream();
writeLengthFirst("ssh-rsa".getBytes(), out);
writeLengthFirst(publicExponent.toByteArray(), out);
writeLengthFirst(modulus.toByteArray(), out);
return out.toByteArray();
} catch (IOException e) {
System.out.println("Failed");
e.printStackTrace();
}
return null;
}
private static void writeLengthFirst(byte[] array, ByteArrayOutputStream out) throws IOException {
out.write((array.length >>> 24) & 0xFF);
out.write((array.length >>> 16) & 0xFF);
out.write((array.length >>> 8) & 0xFF);
out.write((array.length >>> 0) & 0xFF);
if (array.length == 1 && array[0] == (byte) 0x00)
out.write(new byte[0]);
else
out.write(array);
}
}