将RSA公钥转换为RSA DER [英] Convert RSA public key to RSA DER
问题描述
我有ssh-keygen生成的id_rsa.pub密钥. 如何以编程方式将id_rsa.pub文件转换为RSA DER格式的密钥?
I have id_rsa.pub key generated by ssh-keygen. How can I programmatically convert id_rsa.pub files to RSA DER formatted keys?
推荐答案
如果使用ssh-keygen生成密钥:
If you use ssh-keygen to generate a key:
$ ssh-keygen
然后,您可以仅使用openssl拔出公钥,并以DER格式编写它,如下所示:
Then you can just use openssl to pull out the public key and write it in the DER format like this:
$ openssl rsa -in id_rsa -out pub.der -outform DER -pubout
writing RSA key
您可以像这样将DER输出作为PEM查看:
You can view the DER output as PEM like this:
$ openssl rsa -in pub.der -inform DER -pubin -text
我不使用Ruby,所以我不知道使用来自Ruby的OpenSSL有多么容易.
I don't use Ruby, so I don't know how easy it is to use OpenSSL from Ruby.
我的回答太快了-您编写了id_rsa.pub,而您可能没有id_rsa本身.另一个Stack Overflow问题是反向转换,但是在那里找到的源代码可能会有所帮助:将pem密钥转换为ssh-rsa格式拥有PEM后,您可以使用openssl将PEM转换为DER.
I answered too quickly -- you wrote id_rsa.pub and you may not have the id_rsa itself. Another Stack Overflow question is for the reverse conversion, but the source code found there might help: Convert pem key to ssh-rsa format Once you have PEM you can use openssl to convert the PEM to DER.
编辑,2014年5月:Ruby已成为我最喜欢的编程语言,最初的问题(自编辑以来)询问了有关Ruby的问题.以下是读取id_rsa.pub(公共密钥)并编写OpenSSL生成的,DER格式的公共密钥的代码:
Edit, May 2014: Ruby has become my favorite programming language, and the original question (since edited) asked about Ruby. Here is code to read the id_rsa.pub (public key) and write an OpenSSL-generated, DER-formatted public key:
require 'openssl'
require 'base64'
def read_length(s)
# four bytes, big-endian
length = s[0..3].unpack('N')[0]
end
def read_integer(s, length)
# shift all bytes into one integer
s[4..3 + length].unpack('C*').inject { |n, b| (n << 8) + b }
end
def cut(s, length)
s[4 + length..-1]
end
def decode_pub(pub)
# the second field is the Base64 piece needed
s = Base64.decode64(pub.split[1])
# first field reading "ssh-rsa" is ignored
i = read_length(s)
s = cut(s, i)
# public exponent e
i = read_length(s)
e = read_integer(s, i)
s = cut(s, i)
# modulus n
i = read_length(s)
n = read_integer(s, i)
[ e, n ]
end
def make_asn1(e, n)
# Simple RSA public key in ASN.1
e0 = OpenSSL::ASN1::Integer.new(e)
n1 = OpenSSL::ASN1::Integer.new(n)
OpenSSL::ASN1::Sequence.new([ e0, n1 ])
end
pub = File.read('id_rsa.pub')
asn1 = make_asn1(*decode_pub(pub))
# Let OpenSSL deal with converting from the simple ASN.1
key = OpenSSL::PKey::RSA.new(asn1.to_der)
# Write out the public key in both PEM and DER formats
File.open('id_rsa.pem', 'w') { |f| f.write key.to_pem }
File.open('id_rsa.der', 'w') { |f| f.write key.to_der }
您可以在外壳中使用以下openssl命令检查输出:
You can check the output with these openssl commands in the shell:
$ openssl rsa -pubin -text -in id_rsa.pem
$ openssl rsa -pubin -text -inform DER -in id_rsa.der
这篇关于将RSA公钥转换为RSA DER的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!