How to load the ssh public key from a file in java?

advertisements

I trying to load public ssh rsa key (id_rsa.pub) from a file:

X509EncodedKeySpec spec = new X509EncodedKeySpec(readBytes(keyFile));
return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(spec);

but I get

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format

How to load this file to RSAPublicKey?

The x509 encoded data should be in DER format. You can produce such keys using OpenSSL: (Note, credit to http://codeartisan.blogspot.com/2009/05/public-key-cryptography-in-java.html for the OpenSSL refresher.)

To generate a key, use:

$ openssl genrsa -out private_key.pem 2048

Or, with a passphrase:

$ openssl genrsa -aes256 -out private_key.pem 2048

Or, using ssh-keygen (following your example):

$ ssh-keygen -t rsa -C "myEmail" -I X.509

I'll assume you saved the key as 'private_key.pem' Generate a public key in DER format:

$ openssl rsa -in private_key.pem -pubout -outform DER -out tst_public.der

A byte array containing the contents of the file will now be accepted by X509EncodedKeySpec.

If you want to load the private key, use OpenSSL to save an unencrypted copy of your private key (don't do this in an insecure environment):

$ openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt

You can then pass this file as a byte array to `PKCS8EncodedKeySpec`.

You can also generate your key pairs in Java:

private static int rsabits = 2048; // or higher, if you've got the cpu*time
public static SecureRandom sr = new SecureRandom(); // reseed periodically 

public static KeyPair newKeyPair() throws NoSuchAlgorithmException {
    KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
    generator.initialize(rsabits, sr);
    return generator.generateKeyPair();
}

Then you can use KeyPair.getPublic() and KeyPair.getPrivate() to access your keys. You can save or load them as byte arrays with something like:

public static byte[] pubKeyToBytes(PublicKey key){
    return key.getEncoded(); // X509 for a public key
}
public static byte[] privKeyToBytes(PrivateKey key){
    return key.getEncoded(); // PKCS8 for a private key
}
public static PublicKey bytesToPubKey(byte[] bytes) throws InvalidKeySpecException, NoSuchAlgorithmException{
    return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bytes));
}
public static PrivateKey bytesToPrivKey(byte[] bytes) throws InvalidKeySpecException, NoSuchAlgorithmException{
    return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bytes));
}

Related Articles

Load the RSA public key from the file

I've generated a private key with: openssl genrsa [-out file] –des3 After this I've generated a public key with: openssl rsa –pubout -in private.key [-out file] I want to sign some messages with my private key, and verify some other messages with my

How to load the RSA private key from the file

I am working on a test harness for a SAML 1.1 Assertion Consumer Service. The test must generate a signed SAMLResponse and submit it to the ACS encoded in Base64. The ACS must be able to verify the signed message using the X509 public cert. I am able

How to send an SSH public key to someone?

I need to send my SSH Public Key to one of my customers, but I am not quite sure how to do this. I have already created a SSH key pair on my computer, but now I am stuck.If you generated a key pair you should have two files id_rsa and id_rsa.pub (not

The ssh public key connects from Windows

My client provided me public key and asked me to do a ssh login. But i havent done any ssh login before. So can you please suggest me how to use public key for ssh login. I am using putty on windowsHere is a very nice tutorial on how to setup key bas

How to get the RSA public key of the unformatted string

I have an unformatted public key in a properties file, meaning it only contains the public key hexa value: K_PUB_CCE = 3082010902820100A515281FAC9ABAA8E966DC1B6EC0F1C431674B4E7BCB718955A34211D5CC6BA53F2C93F67C030A970D4E41341949E6BC3F9336287EEA21702FE

how to load the path of view from a gem into the rails

I am working on a rails app and it requires multiple layouts. I came up with a solution and said, i don't want my users to go into the stress of using a template engines such as liquid to customize their own private layout. i want to give them a veri