Lib.rs

密码学
#公钥 #rsa密钥 #openssl #格式 #转换 #编码 #授权密钥

rsa-openssl-format

解析并编码OpenSSL用于授权密钥的格式下的RSA公钥

所有权Paul Butler

1 个不稳定版本

0.1.0 2023年12月10日

#1606 in 密码学

MIT许可证

22KB
140

rsa-openssl-format

这是一个Rust crate,用于将RSA公钥从rsa crate (rsa::RsaPublicKey) 转换为OpenSSL用于authorized_keys条目的序列化密钥格式。

免责声明

我找不到OpenSSL用于authorized_keys文件的编码格式的官方规范。我已经在数千个由ssh-keygen生成的密钥上进行了测试,以确认它生成相同的输出。

示例

此示例展示了如何将RSA公钥从rsa crate转换为OpenSSL用于authorized_keys文件的格式。

use rsa::{pkcs1::{DecodeRsaPublicKey, EncodeRsaPublicKey}, RsaPublicKey};
use rsa_openssl_format::AuthorizedKeysFormat;

const PEM_KEY: &str = r#"-----BEGIN RSA PUBLIC KEY-----
MIIBigKCAYEAxTpMM4DEZE6ohGi/M6JBI99x8QpZ0eOk9Wy1EiEojGiSubbbdO/o
PByrKCgy+eDi0eyn2h9FMkpwqQEhUHiNpbHJLu3dQ4wR9SWLM5Ppm5WVTpBZx7C2
mrNh66mqDmVELYMM1S6VF6GYRGpTK1XOCqnDjSuTpaE8DvntL5bSruyAqfd7848w
CUXObvImjC000lUqYKkPtqjYBxHPK4FbgWhwuZdwwOqg1QyUSlQ74q7YC3WbiK2u
qB069H/PA1rk0wvC6b9b93U/cOA9TYQ9fL8Hv0WsojqHKFUf5zO25BXPaC5eGm/P
IpDHhLcSObVXc5COAZJv3ukYu6a8PHJYlyVrYq78RC/Pe6JFEm+X6Vha4GCsncgE
fdEBx9JvsMFAXDkgc9xL3LfZDyUy+D+O7ld6H3v5upYEbWLyiFIN/DdGaJtl2IVE
ggnQZewCyy9qhdrqheao1PNvmtFm9yPQJ6FrCbs6Gi2il/48NRdX5T1nhcokMdUe
m+sGH+Vv9LyBAgMBAAE=
-----END RSA PUBLIC KEY-----
"#;

const OPENSSL_KEY: &str = "ssh-rsa \
AAAAB3NzaC1yc2EAAAADAQABAAABgQDFOkwzgMRkTqiEaL8zokEj33HxClnR46T\
1bLUSISiMaJK5ttt07+g8HKsoKDL54OLR7KfaH0UySnCpASFQeI2lscku7d1DjB\
H1JYszk+mblZVOkFnHsLaas2HrqaoOZUQtgwzVLpUXoZhEalMrVc4KqcONK5Olo\
TwO+e0vltKu7ICp93vzjzAJRc5u8iaMLTTSVSpgqQ+2qNgHEc8rgVuBaHC5l3DA\
6qDVDJRKVDvirtgLdZuIra6oHTr0f88DWuTTC8Lpv1v3dT9w4D1NhD18vwe/Ray\
iOocoVR/nM7bkFc9oLl4ab88ikMeEtxI5tVdzkI4Bkm/e6Ri7prw8cliXJWtirv\
xEL897okUSb5fpWFrgYKydyAR90QHH0m+wwUBcOSBz3Evct9kPJTL4P47uV3ofe\
/m6lgRtYvKIUg38N0Zom2XYhUSCCdBl7ALLL2qF2uqF5qjU82+a0Wb3I9AnoWsJ\
uzoaLaKX/jw1F1flPWeFyiQx1R6b6wYf5W/0vIE= my-comment";

fn main() {
    // Convert a PEM-format key to OpenSSL format.    
    let key = RsaPublicKey::from_pkcs1_pem(PEM_KEY).unwrap();
    let openssl_key = key.to_openssl("my-comment");

    assert_eq!(OPENSSL_KEY, openssl_key);

    // Convert an OpenSSL-format key to PEM format.
    let (key, comment) = RsaPublicKey::from_openssl(&OPENSSL_KEY).unwrap();
    let pem_key = key.to_pkcs1_pem(rsa::pkcs8::LineEnding::LF).unwrap();

    assert_eq!(PEM_KEY, pem_key);
    assert_eq!("my-comment", comment);
}

依赖项

~4MB
~86K SLoC