You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Jean-Baptiste Onofré (Jira)" <ji...@apache.org> on 2022/11/30 17:14:00 UTC
[jira] [Created] (SSHD-1314) OpenSSHKeyPairProvider is not able to load SimpleKey
Jean-Baptiste Onofré created SSHD-1314:
------------------------------------------
Summary: OpenSSHKeyPairProvider is not able to load SimpleKey
Key: SSHD-1314
URL: https://issues.apache.org/jira/browse/SSHD-1314
Project: MINA SSHD
Issue Type: Bug
Affects Versions: 2.9.2
Reporter: Jean-Baptiste Onofré
Since this commit:
{code:java}
commit 5a8fe830b2a2308a2b24ac8115a391af477f64f5
Author: Thomas Wolf <tw...@apache.org>
Date: Sat Nov 5 21:00:40 2022 +0100 Better file handling for host keys
Store host keys in the OpenSSH format. This makes it possible to use
EdDSA host keys. Also set file permissions and read legacy files more
carefully. .../AbstractGeneratorHostKeyProvider.java | 88 ++++++++++++++---
.../SimpleGeneratorHostKeyProvider.java | 109 ++++++++++++++++++---
.../SimpleGeneratorHostKeyProviderTest.java | 26 ++++-
3 files changed, 194 insertions(+), 29 deletions(-)
{code}
it's not possible to "convert" a simple key to SSH key.
Basically, the following code worked with sshd 2.9.1:
{code:java}
File privateKeyTemp = File.createTempFile(this.getClass().getCanonicalName(), ".priv");
privateKeyTemp.deleteOnExit();
File publicKeyTemp = File.createTempFile(this.getClass().getCanonicalName(), ".pub");
publicKeyTemp.deleteOnExit();
SimpleGeneratorHostKeyProvider simpleGenerator = new SimpleGeneratorHostKeyProvider(privateKeyTemp.toPath());
simpleGenerator.setKeySize(2048);
simpleGenerator.setAlgorithm("DSA");
List<KeyPair> keys = simpleGenerator.loadKeys(null);
KeyPair simpleKeyPair = keys.stream().findFirst().get();
Assert.assertEquals("DSA", simpleKeyPair.getPrivate().getAlgorithm());
OpenSSHKeyPairProvider provider =
new OpenSSHKeyPairProvider(privateKeyTemp.toPath(), publicKeyTemp.toPath(), "DSA", 2048, null);
KeyPair convertedKeyPair = provider.loadKeys(null).iterator().next();
Assert.assertEquals("DSA", convertedKeyPair.getPrivate().getAlgorithm());
Assert.assertArrayEquals(simpleKeyPair.getPrivate().getEncoded(),convertedKeyPair.getPrivate().getEncoded());
Assert.assertArrayEquals(simpleKeyPair.getPublic().getEncoded(),convertedKeyPair.getPublic().getEncoded());
//also test that the original file has been replaced
KeyPair keyPair = KeyPairLoader.getKeyPair(Files.newInputStream(privateKeyTemp.toPath()));
Assert.assertArrayEquals(simpleKeyPair.getPrivate().getEncoded(),keyPair.getPrivate().getEncoded()); {code}
but it fails now with sshd 2.9.2 with:
{code:java}
INFO: generateKeyPair(DSA) generating host key - size=2048
Nov 30, 2022 6:12:35 PM org.apache.karaf.shell.ssh.keygenerator.OpenSSHKeyPairProvider loadKeys
WARNING: Failed to parse keypair in /tmp/org.apache.karaf.shell.ssh.keygenerator.OpenSSHGeneratorKeyFileProviderTest8057592323787152069.priv. Attempting to parse it 'directly'
Nov 30, 2022 6:12:35 PM org.apache.karaf.shell.ssh.keygenerator.OpenSSHKeyPairProvider loadKeys
WARNING: Failed to parse keypair in /tmp/org.apache.karaf.shell.ssh.keygenerator.OpenSSHGeneratorKeyFileProviderTest8057592323787152069.priv. Attempting to parse it as a legacy 'simple' key
Nov 30, 2022 6:12:35 PM org.apache.karaf.shell.ssh.keygenerator.OpenSSHKeyPairProvider loadKeys
WARNING: /tmp/org.apache.karaf.shell.ssh.keygenerator.OpenSSHGeneratorKeyFileProviderTest8057592323787152069.priv is not a 'simple' key either
{code}
because we go on the last try in the {{loadkeys()}} method.
I will work on a fix.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org