public class OpenSSHPrivateKeySpec
extends java.security.spec.EncodedKeySpec
| Constructor and Description |
|---|
OpenSSHPrivateKeySpec(byte[] encodedKey)
Accept an encoded key and determine the format.
|
OpenSSHPrivateKeySpec(byte[] encodedKey,
char[] password)
Accept an encoded key, determine the format, and carry the passphrase used to decrypt a
passphrase-protected openssh-key-v1 key.
|
| Modifier and Type | Method and Description |
|---|---|
java.lang.String |
getFormat()
Return the format, either OpenSSH for the OpenSSH propriety format or ASN.1.
|
char[] |
getPassword()
Return the passphrase used to decrypt an encrypted openssh-key-v1 key, or
null
if none was supplied. |
public OpenSSHPrivateKeySpec(byte[] encodedKey)
The encoded key should be the Base64 decoded blob between the "---BEGIN and ---END" markers. This constructor will endeavour to find the OpenSSH format magic value. If it can not then it will default to ASN.1. It does not attempt to validate the ASN.1
Example: OpenSSHPrivateKeySpec privSpec = new OpenSSHPrivateKeySpec(rawPriv);
KeyFactory kpf = KeyFactory.getInstance("RSA", "BC"); PrivateKey prk = kpf.generatePrivate(privSpec);
OpenSSHPrivateKeySpec rcPrivateSpec = kpf.getKeySpec(prk, OpenSSHPrivateKeySpec.class);
encodedKey - The encoded key.public OpenSSHPrivateKeySpec(byte[] encodedKey,
char[] password)
Only the openssh-key-v1 format supports encryption; for an unencrypted key (or the ASN.1
format) the password is ignored and may be null. The password characters are used
as their UTF-8 bytes, matching the OpenSSH client.
encodedKey - The encoded key.password - The passphrase, or null for an unencrypted key.public java.lang.String getFormat()
getFormat in class java.security.spec.EncodedKeySpecpublic char[] getPassword()
null
if none was supplied.null.