Class SshKeys


  • @Beta
    public class SshKeys
    extends Object
    Utilities for ssh key pairs
    See Also:
    • Constructor Detail

      • SshKeys

        public SshKeys()
    • Method Detail

      • publicKeySpecFromOpenSSH

        public static RSAPublicKeySpec publicKeySpecFromOpenSSH​(String idRsaPub)
        Executes Pems#publicKeySpecFromOpenSSH(ByteSource) on the string which was OpenSSH Base64 Encoded id_rsa.pub
        Parameters:
        idRsaPub - formatted ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB...
        See Also:
        Pems#publicKeySpecFromOpenSSH(ByteSource)
      • publicKeySpecFromOpenSSH

        public static RSAPublicKeySpec publicKeySpecFromOpenSSH​(com.google.common.io.ByteSource supplier)
                                                         throws IOException
        Returns RSAPublicKeySpec which was OpenSSH Base64 Encoded id_rsa.pub
        Parameters:
        supplier - the input stream factory, formatted ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB...
        Returns:
        the RSAPublicKeySpec which was OpenSSH Base64 Encoded id_rsa.pub
        Throws:
        IOException - if an I/O error occurs
      • generateRsaKeyPair

        public static KeyPair generateRsaKeyPair​(KeyPairGenerator generator,
                                                 SecureRandom rand)
        Parameters:
        generator - to generate RSA key pairs
        rand - for initializing generator
        Returns:
        new 2048 bit keyPair
        See Also:
        Crypto#rsaKeyPairGenerator()
      • generate

        public static Map<String,​String> generate()
        return a "public" -> rsa public key, "private" -> its corresponding private key
      • privateKeyMatchesPublicKey

        public static boolean privateKeyMatchesPublicKey​(String privateKeyPEM,
                                                         String publicKeyOpenSSH)
        Parameters:
        privateKeyPEM - RSA private key in PEM format
        publicKeyOpenSSH - RSA public key in OpenSSH format
        Returns:
        true if the keypairs match
      • privateKeyMatchesPublicKey

        public static boolean privateKeyMatchesPublicKey​(RSAPrivateCrtKeySpec privateKey,
                                                         RSAPublicKeySpec publicKey)
        Returns:
        true if the keypairs match
      • privateKeyHasFingerprint

        public static boolean privateKeyHasFingerprint​(RSAPrivateCrtKeySpec privateKey,
                                                       String fingerprint)
        Returns:
        true if the keypair has the same fingerprint as supplied
      • privateKeyHasFingerprint

        public static boolean privateKeyHasFingerprint​(String privateKeyPEM,
                                                       String fingerprint)
        Parameters:
        privateKeyPEM - RSA private key in PEM format
        fingerprint - ex. 2b:a9:62:95:5b:8b:1d:61:e0:92:f7:03:10:e9:db:d9
        Returns:
        true if the keypair has the same fingerprint as supplied
      • fingerprintPrivateKey

        public static String fingerprintPrivateKey​(String privateKeyPEM)
        Parameters:
        privateKeyPEM - RSA private key in PEM format
        Returns:
        fingerprint ex. 2b:a9:62:95:5b:8b:1d:61:e0:92:f7:03:10:e9:db:d9
      • fingerprintPublicKey

        public static String fingerprintPublicKey​(String publicKeyOpenSSH)
        Parameters:
        publicKeyOpenSSH - RSA public key in OpenSSH format
        Returns:
        fingerprint ex. 2b:a9:62:95:5b:8b:1d:61:e0:92:f7:03:10:e9:db:d9
      • privateKeyHasSha1

        public static boolean privateKeyHasSha1​(RSAPrivateCrtKeySpec privateKey,
                                                String fingerprint)
        Returns:
        true if the keypair has the same SHA1 fingerprint as supplied
      • privateKeyHasSha1

        public static boolean privateKeyHasSha1​(String privateKeyPEM,
                                                String sha1HexColonDelimited)
        Parameters:
        privateKeyPEM - RSA private key in PEM format
        sha1HexColonDelimited - ex. 2b:a9:62:95:5b:8b:1d:61:e0:92:f7:03:10:e9:db:d9
        Returns:
        true if the keypair has the same fingerprint as supplied
      • sha1PrivateKey

        public static String sha1PrivateKey​(String privateKeyPEM)
        Parameters:
        privateKeyPEM - RSA private key in PEM format
        Returns:
        sha1HexColonDelimited ex. 2b:a9:62:95:5b:8b:1d:61:e0:92:f7:03:10:e9:db:d9
      • sha1

        public static String sha1​(RSAPrivateCrtKeySpec privateKey)
        Create a SHA-1 digest of the DER encoded private key.
        Parameters:
        publicExponent -
        modulus -
        Returns:
        hex sha1HexColonDelimited ex. 2b:a9:62:95:5b:8b:1d:61:e0:92:f7:03:10:e9:db:d9
      • publicKeyHasFingerprint

        public static boolean publicKeyHasFingerprint​(RSAPublicKeySpec publicKey,
                                                      String fingerprint)
        Returns:
        true if the keypair has the same fingerprint as supplied
      • publicKeyHasFingerprint

        public static boolean publicKeyHasFingerprint​(String publicKeyOpenSSH,
                                                      String fingerprint)
        Parameters:
        publicKeyOpenSSH - RSA public key in OpenSSH format
        fingerprint - ex. 2b:a9:62:95:5b:8b:1d:61:e0:92:f7:03:10:e9:db:d9
        Returns:
        true if the keypair has the same fingerprint as supplied
      • fingerprint

        public static String fingerprint​(BigInteger publicExponent,
                                         BigInteger modulus)
        Create a fingerprint per the following spec
        Parameters:
        publicExponent -
        modulus -
        Returns:
        hex fingerprint ex. 2b:a9:62:95:5b:8b:1d:61:e0:92:f7:03:10:e9:db:d9