views:

30

answers:

1

I'm doing publicKey.getEncoded(), then appending "ssh-rsa" to the front, then base64 encoding it. Then I add the SSH2 header/footer. But it won't decode...

+1  A: 

Java public keys are encoded as a standard X.509 SubjectPublicKeyInfo structure.

SSH2 uses its own simple format. Base-64 encode the result of the encode method shown below, and affix the necessary SSH2 header and footer.

public static byte[] encode(RSAPublicKey key)
  throws IOException
{
  ByteArrayOutputStream buf = new ByteArrayOutputStream();
  byte[] name = "ssh-rsa".getBytes("US-ASCII");
  write(name, buf);
  write(key.getPublicExponent().toByteArray(), buf);
  write(key.getModulus().toByteArray(), buf);
  return buf.toByteArray();
}

private static void write(byte[] str, OutputStream os)
  throws IOException
{
  for (int shift = 24; shift >= 0; shift -= 8)
    os.write((str.length >>> shift) & 0xFF);
  os.write(str);
}
erickson
Do I need to do something similar if I needed to PEM encode the privatekey?
pizzathehut
It depends on the application you want to inter-operate with. If you need the key only (not embedded in a certificate) in OpenSSL's format, yes, you need to find out what the format is (probably the modulus and public exponent in a similar format, maybe as an ASN.1 Sequence) and encode it yourself.
erickson