public class OpenSSHKeyPairResourceWriter extends Object implements KeyPairResourceWriter<OpenSSHKeyEncryptionContext>
KeyPairResourceWriter for writing keys in the modern OpenSSH format, using the OpenBSD bcrypt KDF for
passphrase-protected encrypted private keys.| Modifier and Type | Class and Description |
|---|---|
static class |
OpenSSHKeyPairResourceWriter.KeyEncryptor
A key encryptor for modern-style OpenSSH private keys using the bcrypt KDF.
|
| Modifier and Type | Field and Description |
|---|---|
static String |
DASHES |
static OpenSSHKeyPairResourceWriter |
INSTANCE |
static int |
LINE_LENGTH |
| Constructor and Description |
|---|
OpenSSHKeyPairResourceWriter() |
| Modifier and Type | Method and Description |
|---|---|
static OpenSSHKeyEncryptionContext |
determineEncryption(OpenSSHKeyEncryptionContext options) |
static byte[] |
encodePrivateKey(KeyPair key,
String keyType,
int blockSize,
String comment) |
static byte[] |
encodePublicKey(PublicKey key,
String keyType) |
static String |
firstLine(String text) |
static void |
write(OutputStream out,
byte[] bytes,
int lineLength) |
static void |
write(OutputStream out,
String s) |
void |
writePrivateKey(KeyPair key,
String comment,
OpenSSHKeyEncryptionContext options,
OutputStream out)
Writes a serialization of a private key from a given
KeyPair to a given OutputStream. |
void |
writePublicKey(PublicKey key,
String comment,
OutputStream out)
Writes a serialization of a
PublicKey to a given OutputStream. |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitwritePublicKeypublic static final String DASHES
public static final int LINE_LENGTH
public static final OpenSSHKeyPairResourceWriter INSTANCE
public void writePrivateKey(KeyPair key, String comment, OpenSSHKeyEncryptionContext options, OutputStream out) throws IOException, GeneralSecurityException
KeyPairResourceWriterKeyPair to a given OutputStream.writePrivateKey in interface KeyPairResourceWriter<OpenSSHKeyEncryptionContext>key - to write the private key ofcomment - to write with the private keyoptions - for writing the key; may be null if no encryption is wanted. The caller
is responsible for clearing the options when no longer needed. If the passphrase
obtained from the context is null or an empty/blank string (length zero
or containing only whitespace), the key is written unencrypted.out - The OutputStream to write to - recommend using a
SecureByteArrayOutputStream in order to reduce sensitive data exposure
in memoryIOException - if the key cannot be writtenGeneralSecurityException - if the key is inconsistent or unknown, or the encryption specified cannot be
appliedpublic static OpenSSHKeyEncryptionContext determineEncryption(OpenSSHKeyEncryptionContext options)
public static byte[] encodePrivateKey(KeyPair key, String keyType, int blockSize, String comment) throws IOException, GeneralSecurityException
IOExceptionGeneralSecurityExceptionpublic static byte[] encodePublicKey(PublicKey key, String keyType) throws IOException, GeneralSecurityException
IOExceptionGeneralSecurityExceptionpublic static void write(OutputStream out, byte[] bytes, int lineLength) throws IOException
IOExceptionpublic void writePublicKey(PublicKey key, String comment, OutputStream out) throws IOException, GeneralSecurityException
PublicKey to a given OutputStream.
Writes the public key in the single-line OpenSSH format "key-type pub-key comment" without terminating line
ending. If the comment has multiple lines, only the first line is written.writePublicKey in interface KeyPairResourceWriter<OpenSSHKeyEncryptionContext>key - to writecomment - to write with the keyout - The OutputStream to write to - recommend using a
SecureByteArrayOutputStream in order to reduce sensitive data exposure
in memoryIOException - if the key cannot be writtenGeneralSecurityException - if the key is unknownpublic static void write(OutputStream out, String s) throws IOException
IOExceptionCopyright © 2018–2024 The Apache Software Foundation. All rights reserved.