rsa-openssl-format

Crates.iorsa-openssl-format
lib.rsrsa-openssl-format
version0.1.0
sourcesrc
created_at2023-12-10 12:25:56.17579
updated_at2023-12-10 12:25:56.17579
descriptionParse and encode RSA public keys in the format that OpenSSL uses for authorized_keys
homepage
repositoryhttps://github.com/paulgb/rsa-openssl-format
max_upload_size
id1064174
size32,220
Paul Butler (paulgb)

documentation

README

rsa-openssl-format

This is a Rust crate for converting RSA public keys from the rsa crate (rsa::RsaPublicKey) to and from the serialized key format used by OpenSSL for authorized_keys entries.

Disclaimer

I couldn’t find an official spec for the encoding format that OpenSSL uses for authorized_keys files. I have tested this on thousands of keys generated by ssh-keygen to confirm that it generates the same output.

Example

This example shows how to convert an RSA public key from the rsa crate to the format used by OpenSSL for authorized_keys files.

use rsa::{pkcs1::{DecodeRsaPublicKey, EncodeRsaPublicKey}, RsaPublicKey};
use rsa_openssl_format::AuthorizedKeysFormat;

const PEM_KEY: &str = r#"-----BEGIN RSA PUBLIC KEY-----
MIIBigKCAYEAxTpMM4DEZE6ohGi/M6JBI99x8QpZ0eOk9Wy1EiEojGiSubbbdO/o
PByrKCgy+eDi0eyn2h9FMkpwqQEhUHiNpbHJLu3dQ4wR9SWLM5Ppm5WVTpBZx7C2
mrNh66mqDmVELYMM1S6VF6GYRGpTK1XOCqnDjSuTpaE8DvntL5bSruyAqfd7848w
CUXObvImjC000lUqYKkPtqjYBxHPK4FbgWhwuZdwwOqg1QyUSlQ74q7YC3WbiK2u
qB069H/PA1rk0wvC6b9b93U/cOA9TYQ9fL8Hv0WsojqHKFUf5zO25BXPaC5eGm/P
IpDHhLcSObVXc5COAZJv3ukYu6a8PHJYlyVrYq78RC/Pe6JFEm+X6Vha4GCsncgE
fdEBx9JvsMFAXDkgc9xL3LfZDyUy+D+O7ld6H3v5upYEbWLyiFIN/DdGaJtl2IVE
ggnQZewCyy9qhdrqheao1PNvmtFm9yPQJ6FrCbs6Gi2il/48NRdX5T1nhcokMdUe
m+sGH+Vv9LyBAgMBAAE=
-----END RSA PUBLIC KEY-----
"#;

const OPENSSL_KEY: &str = "ssh-rsa \
AAAAB3NzaC1yc2EAAAADAQABAAABgQDFOkwzgMRkTqiEaL8zokEj33HxClnR46T\
1bLUSISiMaJK5ttt07+g8HKsoKDL54OLR7KfaH0UySnCpASFQeI2lscku7d1DjB\
H1JYszk+mblZVOkFnHsLaas2HrqaoOZUQtgwzVLpUXoZhEalMrVc4KqcONK5Olo\
TwO+e0vltKu7ICp93vzjzAJRc5u8iaMLTTSVSpgqQ+2qNgHEc8rgVuBaHC5l3DA\
6qDVDJRKVDvirtgLdZuIra6oHTr0f88DWuTTC8Lpv1v3dT9w4D1NhD18vwe/Ray\
iOocoVR/nM7bkFc9oLl4ab88ikMeEtxI5tVdzkI4Bkm/e6Ri7prw8cliXJWtirv\
xEL897okUSb5fpWFrgYKydyAR90QHH0m+wwUBcOSBz3Evct9kPJTL4P47uV3ofe\
/m6lgRtYvKIUg38N0Zom2XYhUSCCdBl7ALLL2qF2uqF5qjU82+a0Wb3I9AnoWsJ\
uzoaLaKX/jw1F1flPWeFyiQx1R6b6wYf5W/0vIE= my-comment";

fn main() {
    // Convert a PEM-format key to OpenSSL format.    
    let key = RsaPublicKey::from_pkcs1_pem(PEM_KEY).unwrap();
    let openssl_key = key.to_openssl("my-comment");

    assert_eq!(OPENSSL_KEY, openssl_key);

    // Convert an OpenSSL-format key to PEM format.
    let (key, comment) = RsaPublicKey::from_openssl(&OPENSSL_KEY).unwrap();
    let pem_key = key.to_pkcs1_pem(rsa::pkcs8::LineEnding::LF).unwrap();

    assert_eq!(PEM_KEY, pem_key);
    assert_eq!("my-comment", comment);
}
Commit count: 3

cargo fmt