You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by gn...@apache.org on 2014/01/23 17:05:07 UTC
git commit: [SSHD-268] Upgrade to BouncyCastle 1.49
Updated Branches:
refs/heads/master e22356a77 -> c0957cc2b
[SSHD-268] Upgrade to BouncyCastle 1.49
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/c0957cc2
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/c0957cc2
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/c0957cc2
Branch: refs/heads/master
Commit: c0957cc2bf562c4087fffc59632cbf701acda0be
Parents: e22356a
Author: Guillaume Nodet <gn...@apache.org>
Authored: Thu Jan 23 17:04:59 2014 +0100
Committer: Guillaume Nodet <gn...@apache.org>
Committed: Thu Jan 23 17:04:59 2014 +0100
----------------------------------------------------------------------
assembly/pom.xml | 8 +++++--
pom.xml | 11 ++++++---
sshd-core/pom.xml | 9 ++++++--
.../common/keyprovider/FileKeyPairProvider.java | 23 ++++++++++++++++---
.../keyprovider/ResourceKeyPairProvider.java | 24 ++++++++++++++++----
.../PEMGeneratorHostKeyProvider.java | 4 ++--
sshd-sftp/pom.xml | 9 ++++++--
7 files changed, 70 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/c0957cc2/assembly/pom.xml
----------------------------------------------------------------------
diff --git a/assembly/pom.xml b/assembly/pom.xml
index 5aa88a1..403a2a4 100644
--- a/assembly/pom.xml
+++ b/assembly/pom.xml
@@ -61,8 +61,12 @@
<artifactId>slf4j-simple</artifactId>
</dependency>
<dependency>
- <groupId>bouncycastle</groupId>
- <artifactId>bcprov-jdk15</artifactId>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpg-jdk15on</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpkix-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>tomcat</groupId>
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/c0957cc2/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index edfa948..6cb8bd9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -115,9 +115,14 @@
<version>1.1.1</version>
</dependency>
<dependency>
- <groupId>bouncycastle</groupId>
- <artifactId>bcprov-jdk15</artifactId>
- <version>140</version>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpg-jdk15on</artifactId>
+ <version>1.49</version>
+ </dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpkix-jdk15on</artifactId>
+ <version>1.49</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/c0957cc2/sshd-core/pom.xml
----------------------------------------------------------------------
diff --git a/sshd-core/pom.xml b/sshd-core/pom.xml
index 97d3b23..da5c00c 100644
--- a/sshd-core/pom.xml
+++ b/sshd-core/pom.xml
@@ -54,8 +54,13 @@
<optional>true</optional>
</dependency>
<dependency>
- <groupId>bouncycastle</groupId>
- <artifactId>bcprov-jdk15</artifactId>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpg-jdk15on</artifactId>
+ <optional>true</optional>
+ </dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpkix-jdk15on</artifactId>
<optional>true</optional>
</dependency>
<dependency>
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/c0957cc2/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/FileKeyPairProvider.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/FileKeyPairProvider.java b/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/FileKeyPairProvider.java
index 7085f12..8d2e979 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/FileKeyPairProvider.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/FileKeyPairProvider.java
@@ -25,8 +25,13 @@ import java.util.ArrayList;
import java.util.List;
import org.apache.sshd.common.util.SecurityUtils;
-import org.bouncycastle.openssl.PEMReader;
+import org.bouncycastle.openssl.PEMDecryptorProvider;
+import org.bouncycastle.openssl.PEMEncryptedKeyPair;
+import org.bouncycastle.openssl.PEMKeyPair;
+import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.PasswordFinder;
+import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
+import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
/**
* This host key provider loads private keys from the specified files.
@@ -76,10 +81,22 @@ public class FileKeyPairProvider extends AbstractKeyPairProvider {
List<KeyPair> keys = new ArrayList<KeyPair>();
for (int i = 0; i < files.length; i++) {
try {
- PEMReader r = new PEMReader(new InputStreamReader(new FileInputStream(files[i])), passwordFinder);
+ PEMParser r = new PEMParser(new InputStreamReader(new FileInputStream(files[i])));
try {
Object o = r.readObject();
- if (o instanceof KeyPair) {
+
+ JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
+ pemConverter.setProvider("BC");
+ if (passwordFinder != null && o instanceof PEMEncryptedKeyPair) {
+ JcePEMDecryptorProviderBuilder decryptorBuilder = new JcePEMDecryptorProviderBuilder();
+ PEMDecryptorProvider pemDecryptor = decryptorBuilder.build(passwordFinder.getPassword());
+ o = pemConverter.getKeyPair(((PEMEncryptedKeyPair) o).decryptKeyPair(pemDecryptor));
+ }
+
+ if (o instanceof PEMKeyPair) {
+ o = pemConverter.getKeyPair((PEMKeyPair)o);
+ keys.add((KeyPair) o);
+ } else if (o instanceof KeyPair) {
keys.add((KeyPair) o);
}
} finally {
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/c0957cc2/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/ResourceKeyPairProvider.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/ResourceKeyPairProvider.java b/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/ResourceKeyPairProvider.java
index 83073c6..0ed6335 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/ResourceKeyPairProvider.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/keyprovider/ResourceKeyPairProvider.java
@@ -26,8 +26,13 @@ import java.util.List;
import org.apache.sshd.common.util.IoUtils;
import org.apache.sshd.common.util.SecurityUtils;
-import org.bouncycastle.openssl.PEMReader;
+import org.bouncycastle.openssl.PEMDecryptorProvider;
+import org.bouncycastle.openssl.PEMEncryptedKeyPair;
+import org.bouncycastle.openssl.PEMKeyPair;
+import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.PasswordFinder;
+import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
+import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -149,17 +154,28 @@ public class ResourceKeyPairProvider extends AbstractKeyPairProvider {
new ArrayList<KeyPair>(this.resources.length);
for (String resource : resources) {
- PEMReader r = null;
+ PEMParser r = null;
InputStreamReader isr = null;
InputStream is = null;
try {
is = this.cloader.getResourceAsStream(resource);
isr = new InputStreamReader(is);
- r = new PEMReader(isr, passwordFinder);
+ r = new PEMParser(isr);
Object o = r.readObject();
- if (o instanceof KeyPair) {
+ JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
+ pemConverter.setProvider("BC");
+ if (passwordFinder != null && o instanceof PEMEncryptedKeyPair) {
+ JcePEMDecryptorProviderBuilder decryptorBuilder = new JcePEMDecryptorProviderBuilder();
+ PEMDecryptorProvider pemDecryptor = decryptorBuilder.build(passwordFinder.getPassword());
+ o = pemConverter.getKeyPair(((PEMEncryptedKeyPair) o).decryptKeyPair(pemDecryptor));
+ }
+
+ if (o instanceof PEMKeyPair) {
+ o = pemConverter.getKeyPair((PEMKeyPair)o);
+ keys.add((KeyPair) o);
+ } else if (o instanceof KeyPair) {
keys.add((KeyPair) o);
} // end of if
} catch (Exception e) {
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/c0957cc2/sshd-core/src/main/java/org/apache/sshd/server/keyprovider/PEMGeneratorHostKeyProvider.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/server/keyprovider/PEMGeneratorHostKeyProvider.java b/sshd-core/src/main/java/org/apache/sshd/server/keyprovider/PEMGeneratorHostKeyProvider.java
index 4ea8fca..cc70521 100644
--- a/sshd-core/src/main/java/org/apache/sshd/server/keyprovider/PEMGeneratorHostKeyProvider.java
+++ b/sshd-core/src/main/java/org/apache/sshd/server/keyprovider/PEMGeneratorHostKeyProvider.java
@@ -24,7 +24,7 @@ import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.security.KeyPair;
-import org.bouncycastle.openssl.PEMReader;
+import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.PEMWriter;
/**
@@ -50,7 +50,7 @@ public class PEMGeneratorHostKeyProvider extends AbstractGeneratorHostKeyProvide
}
protected KeyPair doReadKeyPair(InputStream is) throws Exception {
- PEMReader r = new PEMReader(new InputStreamReader(is));
+ PEMParser r = new PEMParser(new InputStreamReader(is));
return (KeyPair) r.readObject();
}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/c0957cc2/sshd-sftp/pom.xml
----------------------------------------------------------------------
diff --git a/sshd-sftp/pom.xml b/sshd-sftp/pom.xml
index 24dc927..03330db 100644
--- a/sshd-sftp/pom.xml
+++ b/sshd-sftp/pom.xml
@@ -60,8 +60,13 @@
<scope>test</scope>
</dependency>
<dependency>
- <groupId>bouncycastle</groupId>
- <artifactId>bcprov-jdk15</artifactId>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpg-jdk15on</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpkix-jdk15on</artifactId>
<scope>test</scope>
</dependency>
</dependencies>