+ static @NonNull SshPublicKey encodePublicKey(final PublicKey publicKey) throws IOException {
+ final var baos = new ByteArrayOutputStream();
+
+ try (var dout = new DataOutputStream(baos)) {
+ if (publicKey instanceof RSAPublicKey rsa) {
+ dout.writeInt(KEY_TYPE_RSA_BYTES.length);
+ dout.write(KEY_TYPE_RSA_BYTES);
+ encodeBigInt(dout, rsa.getPublicExponent());
+ encodeBigInt(dout, rsa.getModulus());
+ } else if (publicKey instanceof DSAPublicKey dsa) {
+ final var dsaParams = dsa.getParams();
+ dout.writeInt(KEY_TYPE_DSA_BYTES.length);
+ dout.write(KEY_TYPE_DSA_BYTES);
+ encodeBigInt(dout, dsaParams.getP());
+ encodeBigInt(dout, dsaParams.getQ());
+ encodeBigInt(dout, dsaParams.getG());
+ encodeBigInt(dout, dsa.getY());
+ } else if (publicKey instanceof ECPublicKey ec) {
+ dout.writeInt(KEY_TYPE_ECDSA_BYTES.length);
+ dout.write(KEY_TYPE_ECDSA_BYTES);
+ dout.writeInt(ECDSA_SUPPORTED_CURVE_NAME_BYTES.length);
+ dout.write(ECDSA_SUPPORTED_CURVE_NAME_BYTES);
+
+ final var q = ec.getQ();
+ final var coordX = q.getAffineXCoord().getEncoded();
+ final var coordY = q.getAffineYCoord().getEncoded();
+ dout.writeInt(coordX.length + coordY.length + 1);
+ dout.writeByte(0x04);
+ dout.write(coordX);
+ dout.write(coordY);
+ } else {
+ throw new IOException("Unknown public key encoding: " + publicKey);
+ }
+ }
+ return new SshPublicKey(baos.toByteArray());
+ }
+
+ private @NonNull PublicKey decodeAsEcDSA() throws GeneralSecurityException {