public class OpenSSHKeyPairResourceWriter extends Object implements KeyPairResourceWriter<OpenSSHKeyEncryptionContext>
KeyPairResourceWriter
for writing keys in the modern OpenSSH format, using the OpenBSD bcrypt KDF for
passphrase-protected encrypted private keys.Modifier and Type | Class and Description |
---|---|
static class |
OpenSSHKeyPairResourceWriter.KeyEncryptor
A key encryptor for modern-style OpenSSH private keys using the bcrypt KDF.
|
Modifier and Type | Field and Description |
---|---|
static String |
DASHES |
static OpenSSHKeyPairResourceWriter |
INSTANCE |
static int |
LINE_LENGTH |
Constructor and Description |
---|
OpenSSHKeyPairResourceWriter() |
Modifier and Type | Method and Description |
---|---|
static OpenSSHKeyEncryptionContext |
determineEncryption(OpenSSHKeyEncryptionContext options) |
static byte[] |
encodePrivateKey(KeyPair key,
String keyType,
int blockSize,
String comment) |
static byte[] |
encodePublicKey(PublicKey key,
String keyType) |
static String |
firstLine(String text) |
static void |
write(OutputStream out,
byte[] bytes,
int lineLength) |
static void |
write(OutputStream out,
String s) |
void |
writePrivateKey(KeyPair key,
String comment,
OpenSSHKeyEncryptionContext options,
OutputStream out)
Writes a serialization of a private key from a given
KeyPair to a given OutputStream . |
void |
writePublicKey(PublicKey key,
String comment,
OutputStream out)
Writes a serialization of a
PublicKey to a given OutputStream . |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
writePublicKey
public static final String DASHES
public static final int LINE_LENGTH
public static final OpenSSHKeyPairResourceWriter INSTANCE
public void writePrivateKey(KeyPair key, String comment, OpenSSHKeyEncryptionContext options, OutputStream out) throws IOException, GeneralSecurityException
KeyPairResourceWriter
KeyPair
to a given OutputStream
.writePrivateKey
in interface KeyPairResourceWriter<OpenSSHKeyEncryptionContext>
key
- to write the private key ofcomment
- to write with the private keyoptions
- for writing the key; may be null
if no encryption is wanted. The caller
is responsible for clearing the options when no longer needed. If the passphrase
obtained from the context is null
or an empty/blank string (length zero
or containing only whitespace), the key is written unencrypted.out
- The OutputStream
to write to - recommend using a
SecureByteArrayOutputStream
in order to reduce sensitive data exposure
in memoryIOException
- if the key cannot be writtenGeneralSecurityException
- if the key is inconsistent or unknown, or the encryption specified cannot be
appliedpublic static OpenSSHKeyEncryptionContext determineEncryption(OpenSSHKeyEncryptionContext options)
public static byte[] encodePrivateKey(KeyPair key, String keyType, int blockSize, String comment) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
public static byte[] encodePublicKey(PublicKey key, String keyType) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
public static void write(OutputStream out, byte[] bytes, int lineLength) throws IOException
IOException
public void writePublicKey(PublicKey key, String comment, OutputStream out) throws IOException, GeneralSecurityException
PublicKey
to a given OutputStream
.
Writes the public key in the single-line OpenSSH format "key-type pub-key comment" without terminating line
ending. If the comment has multiple lines, only the first line is written.writePublicKey
in interface KeyPairResourceWriter<OpenSSHKeyEncryptionContext>
key
- to writecomment
- to write with the keyout
- The OutputStream
to write to - recommend using a
SecureByteArrayOutputStream
in order to reduce sensitive data exposure
in memoryIOException
- if the key cannot be writtenGeneralSecurityException
- if the key is unknownpublic static void write(OutputStream out, String s) throws IOException
IOException
Copyright © 2008–2024 The Apache Software Foundation. All rights reserved.