public class OpenSSHPrivateKeyUtil
extends java.lang.Object
| Modifier and Type | Method and Description |
|---|---|
static byte[] |
encodePrivateKey(AsymmetricKeyParameter params)
Encode a cipher parameters into an OpenSSH private key.
|
static AsymmetricKeyParameter |
parsePrivateKeyBlob(byte[] blob)
Parse a private key.
|
static AsymmetricKeyParameter |
parsePrivateKeyBlob(byte[] blob,
byte[] passphrase)
Parse a private key, decrypting it with the supplied passphrase if it is a
passphrase-protected
openssh-key-v1 key. |
public static byte[] encodePrivateKey(AsymmetricKeyParameter params) throws java.io.IOException
params - the cipher parameters.java.io.IOExceptionpublic static AsymmetricKeyParameter parsePrivateKeyBlob(byte[] blob)
This method accepts the body of the OpenSSH private key. The easiest way to extract the body is to use PemReader, for example:
byte[] blob = new PemReader([reader]).readPemObject().getContent(); CipherParameters params = parsePrivateKeyBlob(blob);
blob - The key.public static AsymmetricKeyParameter parsePrivateKeyBlob(byte[] blob, byte[] passphrase)
openssh-key-v1 key.
This method accepts the body of the OpenSSH private key (see
parsePrivateKeyBlob(byte[]) for how to extract it from PEM). For an
unencrypted key passphrase is ignored and may be null; for an
encrypted key it must carry the passphrase bytes (the OpenSSH client uses the raw
UTF-8 bytes). The bcrypt KDF and the OpenSSH cipher suite
(aes128/192/256-ctr, aes128/192/256-cbc, 3des-cbc, aes128/256-gcm@openssh.com and
chacha20-poly1305@openssh.com) are supported.
blob - The key.passphrase - The passphrase bytes, or null for an unencrypted key. The
array is not modified; the caller is responsible for clearing it.