ssh_key library
Encoding and decoding public and private keys.
The file formats supported by this library focuses on formats used by various implementations of the SSH protocol. But some of the formats are used by other programs too.
Currently, this library only supports public and private keys using the RSA algorithm.
See the PubKeyEncoding and PvtKeyEncoding enumerations for the file formats that are supported. Some of these formats can represent additional information besides the key (namely a comment and/or other attributes). That additional information is supported by the decoding and encoding operations implemented in this library.
Decoding keys
Decoding public keys
To decode text into a public key, use the publicKeyDecode function.
It returns an instance of the abstract Pointy Castle class
PublicKey
. Its type should be determined and then up-casted
into that class to access additional members and methods.
For example, into a PointyCastle RSAPublicKey
to use it as an RSA public
key, or into a ssh_key RSAPublicKeyWithInfo to access any
comments/properties that were in the text.
final k = publicKeyDecode(str);
if (k is RSAPublicKeyWithInfo) {
final rsaKey = k as RSAPublicKeyWithInfo;
// rsaKey is a PointyCastle RSAPublicKey with additional properties
// and methods.
}
When there are multiple public keys to be decoded (such as in the OpenSSH authorized_keys file), use the publicKeyDecodeAll function.
Decoding private keys
Note: private key support is currently experimental, and only supports private keys that are not protected by a passphrase.
To decode text into a private key, use the privateKeyDecode function.
It returns an instance of the abstract Pointy Castle class
PrivateKey
. Its type should be determined and then up-casted
into that class to access additional members and methods.
For example, casting it into a PointyCastle RSAPrivateKey
to use it as an RSA private key, or into a RSAPrivateKeyWithInfo to access any
comment that was in the encoding.
Encoding keys
Encoding public keys
To encode a public key into text, use the encode
method on the public
key.
That method is defined in the PublicKeyExt extension on the Pointy
Castle PublicKey
class. Therefore, it can be invoked on a PublicKey
or a subclass (e.g. RSAPublicKey or RSAPublicKeyWithInfo).
RSAPublicKey k = ...
String text = k.encode(PubKeyEncoding.pkcs1);
Encoding private keys
To encode a private key into text, use the encode
method on the private
key.
That method is defined in the PrivateKeyExt extension on the Pointy
Castle PrivateKey
class. Therefore, it can be invoked on a PrivateKey
or a subclass (e.g. RSAPrivateKey or RSAPrivateKeyWithInfo).
Classes
- GenericPublicKey
- Generic public key.
- Properties
- Name-value pairs for public keys.
- RSAPrivateKeyWithInfo
- An RSA private key with additional information.
- RSAPublicKeyWithInfo
- An RSA public key with additional information.
Enums
- FingerprintType
- Types of fingerprints of public keys.
- PubKeyEncoding
- Supported public key encodings.
- PvtKeyEncoding
- Supported private key encodings.
Mixins
- PrivateKeyMixin
- Common members for private keys that are enhanced with encoding information.
- PublicKeyMixin
- Common members for public keys that are enhanced with encoding information.
Extensions
- PrivateKeyExt on PrivateKey
-
Extension on the Pointy Castle
PrivateKey
class. - PublicKeyExt on PublicKey
-
Extension on the Pointy Castle
PublicKey
class.
Functions
-
privateKeyDecode(
String str, {int offset = 0, bool allowPreamble = false, String passphrase = ''}) → PrivateKey - Decodes the first private key from text.
-
publicKeyDecode(
String str, {int offset = 0, bool allowPreamble = false}) → PublicKey - Decodes the first public key from text.
-
publicKeyDecodeAll(
String str, {int offset = 0}) → List< PublicKey> - Decodes multiple public keys from text.
Exceptions / Errors
- KeyBad
- Indicates a key was found, but has bad data.
- KeyException
- Base class for exceptions from this package.
- KeyMissing
- Indicates a key could not be found in the text.
- KeyUnsupported
- Indicates a key was found, but it is not supported by this implementation.