Converting an OpenSSL generated RSA public key to OpenSSH format (PHP)
I've been trying for a while to generate an RSA keypair using PHP's openssl extension and save the result as an OpenSSH compatible keypair - meaning the private key is PEM encoded (which is easy) and the public key is stored in an OpenSSH specific format of the following form:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABA...more base64 encoded stuff...
As far as I could gather this format consists of:
- the key type in clear text, followed by space (i.e. "openssh-rsa ")
- A base64 encoded string representing the following data:
- the length of the algorithm name in bytes (in this case 7) encoded as 32 bit unsigned long big endian
- the algorithm name, in this case 'ssh-rsa'
- the length of the RSA 'e' number in bytes, encoded as 32 bit unsigned long big endian
- the RSA 'e' number
- the length of the RSA 'n' number in bytes, encoded as 32 bit unsigned long big endian
- the RSA 'n' number
I've tried implementing this using PHP's pack() function, but no matter what I try the result is never equivalent to what I get from using the ssh-keygen -y -f command on the same RSA private key generated by openssl.
Here is a simplified version of my code:
<?php
// generate private key
$privKey = openssl_pkey_new(array(
'private_key_bits' => 1024,
'private_key_type' => OPENSSL_KEYTYPE_RSA
));
// convert public key to OpenSSH format
$keyInfo = openssl_pkey_get_details($privKey);
$data = pack("Na*", 7, 'ssh-rsa');
$data .= pack("Na*", strlen($keyInfo['rsa']['e']), $keyInfo['rsa']['e']);
$data .= pack("Na*", strlen($keyInfo['rsa']['n']), $keyInfo['rsa']['n']);
$pubKey = "ssh-rsa " . base64_encode($data);
echo "PHP generated RSA public key:\n$pubKey\n\n";
// For comparison, generate public key using ssh-keygen
openssl_pkey_export($privKey, $pem);
$umask = umask(0066); // this is needed for ssh-keygen to work properly
file_put_contents('/tmp/ssh-keygen-test', $pem);
umask($umask);
exec('ssh-keygen -y -f /tmp/ssh-keygen-test', $out, $ret);
$otherPubKey = $out[0];
echo "ssh-keygen generated RSA public key:\n$otherPubKey\n\n";
echo ($pubKey == $otherPubKey ? "yes! they are the same\n" : "FAIL! they are different\n");
?>
Any tips on how I can do this without relying on ssh-keygen?
Answer
Ok, I have just solved my own problem by taking a closer look at the C implementation references from Convert pem key to ssh-rsa format (which I did before but apparently I missed some important stuff). I needed to AND the first character of N and e with 0x80 and if it matches add another NULL character at the beginning of the number and increase the size by 1 respectively.
I am not sure why this is done (I didn't find any reference to this in on-line searching I did) but it works.
I've only done basic tests on this but it seems to work well, and here my code:
<?php
$privKey = openssl_pkey_get_private($rsaKey);
$pubKey = sshEncodePublicKey($privKey);
echo "PHP generated RSA public key:\n$pubKey\n\n";
function sshEncodePublicKey($privKey)
{
$keyInfo = openssl_pkey_get_details($privKey);
$buffer = pack("N", 7) . "ssh-rsa" .
sshEncodeBuffer($keyInfo['rsa']['e']) .
sshEncodeBuffer($keyInfo['rsa']['n']);
return "ssh-rsa " . base64_encode($buffer);
}
function sshEncodeBuffer($buffer)
{
$len = strlen($buffer);
if (ord($buffer[0]) & 0x80) {
$len++;
$buffer = "\x00" . $buffer;
}
return pack("Na*", $len, $buffer);
}
?>