You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by lg...@apache.org on 2019/07/31 04:45:00 UTC
[mina-sshd] branch master updated (7ba6081 -> 363d84c)
This is an automated email from the ASF dual-hosted git repository.
lgoldstein pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git.
from 7ba6081 Fix typo in dependency name specified in SCP documentation
new c6ac1ae Fixed Javadoc of some classes
new 363d84c [SSHD-934] Fixed ECDSA public key encoding into OpenSSH format
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
CHANGES.md | 2 +
.../org/apache/sshd/common/cipher/ECCurves.java | 5 +-
.../sshd/common/config/keys/KeyEntryResolver.java | 2 +-
.../sshd/common/config/keys/PublicKeyEntry.java | 4 +-
.../config/keys/PublicKeyRawDataDecoder.java | 1 +
.../common/config/keys/PublicKeyRawDataReader.java | 1 +
.../config/keys/loader/openssh/kdf/BCrypt.java | 8 ++
.../keys/EcdsaPublicKeyEntryDecoderTest.java | 120 +++++++++++++++++++++
.../java/org/apache/sshd/common/io/IoSession.java | 1 +
.../server/subsystem/sftp/SftpEventListener.java | 2 +-
10 files changed, 140 insertions(+), 6 deletions(-)
create mode 100644 sshd-common/src/test/java/org/apache/sshd/common/config/keys/EcdsaPublicKeyEntryDecoderTest.java
[mina-sshd] 01/02: Fixed Javadoc of some classes
Posted by lg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
lgoldstein pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
commit c6ac1aee55fb491c4ebf6ca5a933b70aa655f4e5
Author: Lyor Goldstein <lg...@apache.org>
AuthorDate: Tue Jul 30 10:25:51 2019 +0300
Fixed Javadoc of some classes
---
.../java/org/apache/sshd/common/config/keys/KeyEntryResolver.java | 2 +-
.../java/org/apache/sshd/common/config/keys/PublicKeyEntry.java | 4 ++--
.../apache/sshd/common/config/keys/PublicKeyRawDataDecoder.java | 1 +
.../apache/sshd/common/config/keys/PublicKeyRawDataReader.java | 1 +
.../apache/sshd/common/config/keys/loader/openssh/kdf/BCrypt.java | 8 ++++++++
sshd-core/src/main/java/org/apache/sshd/common/io/IoSession.java | 1 +
.../org/apache/sshd/server/subsystem/sftp/SftpEventListener.java | 2 +-
7 files changed, 15 insertions(+), 4 deletions(-)
diff --git a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/KeyEntryResolver.java b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/KeyEntryResolver.java
index a10322a..b00b3d6 100644
--- a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/KeyEntryResolver.java
+++ b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/KeyEntryResolver.java
@@ -247,7 +247,7 @@ public interface KeyEntryResolver<PUB extends PublicKey, PRV extends PrivateKey>
* @param buf The buffer with the data bytes
* @param offset The offset in the buffer to decode the array
* @param available The max. available data starting from the offset
- * @param maxChars Max. allowed data in decoded buffer - if more than
+ * @param maxAllowed Max. allowed data in decoded buffer - if more than
* that is encoded then an {@link IndexOutOfBoundsException} will be thrown
* @return The decoded data buffer + the offset of the next byte after it
*/
diff --git a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyEntry.java b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyEntry.java
index 1c6dfbd..652ecb4 100644
--- a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyEntry.java
+++ b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyEntry.java
@@ -155,7 +155,7 @@ public class PublicKeyEntry implements Serializable, KeyTypeIndicator {
* @return The {@link PublicKey} or {@code null} if could not resolve it
* @throws IOException If failed to decode/encode the key
* @throws GeneralSecurityException If failed to generate the key
- * @see #resolvePublicKey(SessionContext, PublicKeyEntryResolver)
+ * @see #resolvePublicKey(SessionContext, Map, PublicKeyEntryResolver)
*/
public PublicKey appendPublicKey(
SessionContext session, Appendable sb, PublicKeyEntryResolver fallbackResolver)
@@ -216,7 +216,7 @@ public class PublicKeyEntry implements Serializable, KeyTypeIndicator {
* @throws IOException If failed to decode the key data
* @throws GeneralSecurityException If failed to generate the {@link PublicKey}
* from the decoded data
- * @see #resolvePublicKey(SessionContext, PublicKeyEntryResolver)
+ * @see #resolvePublicKey(SessionContext, Map, PublicKeyEntryResolver)
*/
public static List<PublicKey> resolvePublicKeyEntries(
SessionContext session, Collection<? extends PublicKeyEntry> entries, PublicKeyEntryResolver fallbackResolver)
diff --git a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyRawDataDecoder.java b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyRawDataDecoder.java
index d1e345b..81ceefa 100644
--- a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyRawDataDecoder.java
+++ b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyRawDataDecoder.java
@@ -30,6 +30,7 @@ import org.apache.sshd.common.session.SessionContext;
import org.apache.sshd.common.util.NumberUtils;
/**
+ * @param <PUB> Generic {@link PublicKey} type
* @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
*/
public interface PublicKeyRawDataDecoder<PUB extends PublicKey> {
diff --git a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyRawDataReader.java b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyRawDataReader.java
index 3567439..2836ab2 100644
--- a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyRawDataReader.java
+++ b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/PublicKeyRawDataReader.java
@@ -42,6 +42,7 @@ import org.apache.sshd.common.util.io.resource.PathResource;
import org.apache.sshd.common.util.io.resource.URLResource;
/**
+ * @param <PUB> The generic {@link PublicKey} type
* @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
*/
public interface PublicKeyRawDataReader<PUB extends PublicKey> {
diff --git a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/loader/openssh/kdf/BCrypt.java b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/loader/openssh/kdf/BCrypt.java
index 28a773c..bd430c1 100644
--- a/sshd-common/src/main/java/org/apache/sshd/common/config/keys/loader/openssh/kdf/BCrypt.java
+++ b/sshd-common/src/main/java/org/apache/sshd/common/config/keys/loader/openssh/kdf/BCrypt.java
@@ -614,6 +614,9 @@ public class BCrypt {
/**
* Compatibility with new OpenBSD function.
+ * @param hpass The hash password bytes
+ * @param hsalt The hash salt bytes
+ * @param output Target hash output buffer
*/
public void hash(byte[] hpass, byte[] hsalt, byte[] output) {
init_key();
@@ -642,6 +645,11 @@ public class BCrypt {
/**
* Compatibility with new OpenBSD function.
+ *
+ * @param password The password bytes
+ * @param salt The salt bytes
+ * @param rounds Number of hash rounds
+ * @param output Hash output buffer
*/
public void pbkdf(byte[] password, byte[] salt, int rounds, byte[] output) {
try {
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/io/IoSession.java b/sshd-core/src/main/java/org/apache/sshd/common/io/IoSession.java
index 6046541..9e6dcfc 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/io/IoSession.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/io/IoSession.java
@@ -88,6 +88,7 @@ public interface IoSession extends ConnectionEndpointsIndicator, PacketWriter, C
/**
* Handle received EOF.
+ * @throws IOException If failed to shutdown the stream
*/
void shudownOutputStream() throws IOException;
}
diff --git a/sshd-sftp/src/main/java/org/apache/sshd/server/subsystem/sftp/SftpEventListener.java b/sshd-sftp/src/main/java/org/apache/sshd/server/subsystem/sftp/SftpEventListener.java
index 8c2b3da..27528c3 100644
--- a/sshd-sftp/src/main/java/org/apache/sshd/server/subsystem/sftp/SftpEventListener.java
+++ b/sshd-sftp/src/main/java/org/apache/sshd/server/subsystem/sftp/SftpEventListener.java
@@ -376,7 +376,7 @@ public interface SftpEventListener extends SshdEventListener {
* @param path The {@link Path} about to be removed
* @param isDirectory Whether this is a folder or a file
* @throws IOException If failed to handle the call
- * @see #removedFile(ServerSession, Path, Throwable)
+ * @see #removed(ServerSession, Path, boolean, Throwable)
*/
default void removing(ServerSession session, Path path, boolean isDirectory) throws IOException {
// ignored
[mina-sshd] 02/02: [SSHD-934] Fixed ECDSA public key encoding into
OpenSSH format
Posted by lg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
lgoldstein pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
commit 363d84c99303537cf989d6da655843752a348295
Author: Lyor Goldstein <lg...@apache.org>
AuthorDate: Tue Jul 30 10:37:07 2019 +0300
[SSHD-934] Fixed ECDSA public key encoding into OpenSSH format
---
CHANGES.md | 2 +
.../org/apache/sshd/common/cipher/ECCurves.java | 5 +-
.../keys/EcdsaPublicKeyEntryDecoderTest.java | 120 +++++++++++++++++++++
3 files changed, 125 insertions(+), 2 deletions(-)
diff --git a/CHANGES.md b/CHANGES.md
index 60f3b07..5a416ae 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -16,3 +16,5 @@ peer version data is received.
* [SSHD-930](https://issues.apache.org/jira/browse/SSHD-930) - Added configuration allowing the user to specify whether client should wait
for the server's identification before sending its own.
+* [SSHD-934](https://issues.apache.org/jira/browse/SSHD-934) - Fixed ECDSA public key encoding into OpenSSH format.
+
diff --git a/sshd-common/src/main/java/org/apache/sshd/common/cipher/ECCurves.java b/sshd-common/src/main/java/org/apache/sshd/common/cipher/ECCurves.java
index 2102cfa..b0b2812 100644
--- a/sshd-common/src/main/java/org/apache/sshd/common/cipher/ECCurves.java
+++ b/sshd-common/src/main/java/org/apache/sshd/common/cipher/ECCurves.java
@@ -221,8 +221,7 @@ public enum ECCurves implements KeyTypeIndicator, KeySizeIndicator, NamedResourc
}
/**
- * @param name The curve name (case <U>insensitive</U> - ignored if
- * {@code null}/empty
+ * @param name The curve name (case <U>insensitive</U> - ignored if {@code null}/empty
* @return The matching {@link ECCurves} instance - {@code null} if no
* match found
*/
@@ -552,6 +551,8 @@ public enum ECCurves implements KeyTypeIndicator, KeySizeIndicator, NamedResourc
byte[] tmp = new byte[numElements];
System.arraycopy(vp, startIndex, tmp, numElements - vLen, vLen);
vp = tmp;
+ startIndex = 0;
+ vLen = vp.length;
}
s.write(vp, startIndex, vLen);
diff --git a/sshd-common/src/test/java/org/apache/sshd/common/config/keys/EcdsaPublicKeyEntryDecoderTest.java b/sshd-common/src/test/java/org/apache/sshd/common/config/keys/EcdsaPublicKeyEntryDecoderTest.java
new file mode 100644
index 0000000..d0f6afe
--- /dev/null
+++ b/sshd-common/src/test/java/org/apache/sshd/common/config/keys/EcdsaPublicKeyEntryDecoderTest.java
@@ -0,0 +1,120 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.sshd.common.config.keys;
+
+import java.io.ByteArrayOutputStream;
+import java.security.KeyPair;
+import java.security.PublicKey;
+import java.security.interfaces.ECPublicKey;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.sshd.common.cipher.ECCurves;
+import org.apache.sshd.common.util.security.SecurityUtils;
+import org.apache.sshd.util.test.JUnit4ClassRunnerWithParametersFactory;
+import org.apache.sshd.util.test.JUnitTestSupport;
+import org.apache.sshd.util.test.NoIoTestCase;
+import org.junit.Assume;
+import org.junit.FixMethodOrder;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+import org.junit.runners.MethodSorters;
+import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameters;
+import org.junit.runners.Parameterized.UseParametersRunnerFactory;
+
+/**
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ */
+@FixMethodOrder(MethodSorters.NAME_ASCENDING)
+@Category({ NoIoTestCase.class })
+@RunWith(Parameterized.class) // see https://github.com/junit-team/junit/wiki/Parameterized-tests
+@UseParametersRunnerFactory(JUnit4ClassRunnerWithParametersFactory.class)
+public class EcdsaPublicKeyEntryDecoderTest extends JUnitTestSupport {
+ public static final int TESTS_COUNT =
+ Integer.parseInt(System.getProperty(EcdsaPublicKeyEntryDecoderTest.class.getName(), "500"));
+
+ private final ECCurves curve;
+
+ public EcdsaPublicKeyEntryDecoderTest(ECCurves curve) {
+ this.curve = curve;
+ }
+
+ @Parameters(name = "{0}")
+ public static List<Object[]> parameters() {
+ return parameterize(ECCurves.VALUES);
+ }
+
+ @Test // see SSHD-934
+ public void testEncodeDecodePublicKey() throws Exception {
+ Assume.assumeTrue("ECC not supported", SecurityUtils.isECCSupported());
+ int keySize = curve.getKeySize();
+ String keyType = curve.getKeyType();
+ for (int index = 1; index <= TESTS_COUNT; index++) {
+ if (OUTPUT_DEBUG_MESSAGES && ((index % 50) == 0)) {
+ System.out.println(getCurrentTestName() + ": generated " + index + "/" + TESTS_COUNT + " test cases");
+ }
+
+ KeyPair keyPair = KeyUtils.generateKeyPair(keyType, keySize);
+ PublicKey expected = keyPair.getPublic();
+ @SuppressWarnings("unchecked")
+ PublicKeyEntryDecoder<PublicKey, ?> decoder =
+ (PublicKeyEntryDecoder<PublicKey, ?>) KeyUtils.getPublicKeyEntryDecoder(expected);
+ byte[] encodedPublicKey;
+ try (ByteArrayOutputStream ostrm = new ByteArrayOutputStream()) {
+ decoder.encodePublicKey(ostrm, expected);
+ encodedPublicKey = ostrm.toByteArray();
+ }
+
+ PublicKey actual;
+ try {
+ actual = decoder.decodePublicKey(
+ null, keyType, encodedPublicKey, 0, encodedPublicKey.length, Collections.emptyMap());
+ } catch (Exception e) {
+ String encData = PublicKeyEntry.toString(expected);
+ System.err.append("===> ").println(encData);
+ System.err.println("Failed (" + e.getClass().getSimpleName() + ")"
+ + " to decode at attempt #" + index + ": " + e.getMessage());
+ e.printStackTrace(System.err);
+ if (OUTPUT_DEBUG_MESSAGES) {
+ continue;
+ }
+ throw e;
+ }
+
+ if (KeyUtils.compareKeys(expected, actual)) {
+ continue;
+ }
+
+ assertObjectInstanceOf("Mismatched expected key type", ECPublicKey.class, expected);
+ ECPublicKey expKey = (ECPublicKey) expected;
+ assertObjectInstanceOf("Mismatched actual key type", ECPublicKey.class, actual);
+ ECPublicKey actKey = (ECPublicKey) actual;
+
+ assertECPublicKeyEquals("[" + index + "]", expKey, actKey);
+ }
+ }
+
+ @Override
+ public String toString() {
+ return getClass().getSimpleName() + "[" + curve + "]";
+ }
+}