diff --git a/contrib/convertkey/pom.xml b/contrib/convertkey/pom.xml
new file mode 100644
index 0000000000..bc71b9ee2b
--- /dev/null
+++ b/contrib/convertkey/pom.xml
@@ -0,0 +1,89 @@
+
+ 4.0.0
+
+ com.googlesource.gerrit
+ convertkey
+ 0.0.1-SNAPSHOT
+ jar
+
+ convertkey
+ http://maven.apache.org
+
+
+
+
+ org.apache.maven.plugins
+ maven-dependency-plugin
+ 2.8
+
+
+ copy-dependencies
+ prepare-package
+
+ copy-dependencies
+
+
+ ${project.build.directory}/lib
+ false
+ false
+ true
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-jar-plugin
+ 2.4
+
+
+
+ true
+ lib/
+ com.googlesource.gerrit.convertkey.ConvertKey
+
+
+
+
+
+
+
+
+ UTF-8
+
+
+
+
+ junit
+ junit
+ 3.8.1
+ test
+
+
+ org.apache.sshd
+ sshd-core
+ 0.14.0
+
+
+ org.bouncycastle
+ bcprov-jdk15on
+ 1.52
+
+
+ org.bouncycastle
+ bcpkix-jdk15on
+ 1.52
+
+
+ com.jcraft
+ jsch
+ 0.1.53
+
+
+ org.slf4j
+ slf4j-nop
+ 1.7.12
+
+
+
diff --git a/contrib/convertkey/src/main/java/com/googlesource/gerrit/convertkey/ConvertKey.java b/contrib/convertkey/src/main/java/com/googlesource/gerrit/convertkey/ConvertKey.java
new file mode 100644
index 0000000000..5c6ef58acb
--- /dev/null
+++ b/contrib/convertkey/src/main/java/com/googlesource/gerrit/convertkey/ConvertKey.java
@@ -0,0 +1,73 @@
+// Copyright (C) 2015 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.googlesource.gerrit.convertkey;
+
+import com.jcraft.jsch.HostKey;
+import com.jcraft.jsch.JSchException;
+
+import org.apache.sshd.common.util.Buffer;
+import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
+
+import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.StringWriter;
+import java.security.KeyPair;
+import java.security.GeneralSecurityException;
+
+public class ConvertKey {
+ public static void main(String[] args)
+ throws GeneralSecurityException, JSchException, IOException {
+ SimpleGeneratorHostKeyProvider p;
+
+ if (args.length != 1) {
+ System.err.println("Error: requires path to the SSH host key");
+ return;
+ } else {
+ File file = new File(args[0]);
+ if (!file.exists() || !file.isFile() || !file.canRead()) {
+ System.err.println("Error: ssh key should exist and be readable");
+ return;
+ }
+ }
+
+ p = new SimpleGeneratorHostKeyProvider();
+ // Gerrit's SSH "simple" keys are always RSA.
+ p.setPath(args[0]);
+ p.setAlgorithm("RSA");
+ Iterable keys = p.loadKeys(); // forces the key to generate.
+ for (KeyPair k : keys) {
+ System.out.println("Public Key (" + k.getPublic().getAlgorithm() + "):");
+ // From Gerrit's SshDaemon class; use JSch to get the public
+ // key/type
+ final Buffer buf = new Buffer();
+ buf.putRawPublicKey(k.getPublic());
+ final byte[] keyBin = buf.getCompactData();
+ HostKey pub = new HostKey("localhost", keyBin);
+ System.out.println(pub.getType() + " " + pub.getKey());
+ System.out.println("Private Key:");
+ // Use Bouncy Castle to write the private key back in PEM format
+ // (PKCS#1)
+ // http://stackoverflow.com/questions/25129822/export-rsa-public-key-to-pem-string-using-java
+ StringWriter privout = new StringWriter();
+ JcaPEMWriter privWriter = new JcaPEMWriter(privout);
+ privWriter.writeObject(k.getPrivate());
+ privWriter.close();
+ System.out.println(privout);
+ }
+ }
+
+}