You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by gn...@apache.org on 2017/08/02 12:57:32 UTC
mina-sshd git commit: [SSHD-760] Unable to read PKCS8 key files
Repository: mina-sshd
Updated Branches:
refs/heads/master 76988ba83 -> 072215ea8
[SSHD-760] Unable to read PKCS8 key files
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/072215ea
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/072215ea
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/072215ea
Branch: refs/heads/master
Commit: 072215ea8981ccb66723a2a876633d96190adf8d
Parents: 76988ba
Author: Guillaume Nodet <gn...@apache.org>
Authored: Wed Aug 2 14:57:16 2017 +0200
Committer: Guillaume Nodet <gn...@apache.org>
Committed: Wed Aug 2 14:57:23 2017 +0200
----------------------------------------------------------------------
pom.xml | 5 ++
sshd-core/pom.xml | 5 ++
.../pem/PKCS8PEMResourceKeyPairParser.java | 6 +--
.../pem/PemKeyPairResourceParserTest.java | 57 ++++++++++++++++++++
4 files changed, 70 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/072215ea/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index ad4f298..296914d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -385,6 +385,11 @@
<artifactId>org.eclipse.jgit.pgm</artifactId>
<version>${jgit.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.servicemix.bundles</groupId>
+ <artifactId>org.apache.servicemix.bundles.not-yet-commons-ssl</artifactId>
+ <version>0.3.11_1</version>
+ </dependency>
</dependencies>
</dependencyManagement>
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/072215ea/sshd-core/pom.xml
----------------------------------------------------------------------
diff --git a/sshd-core/pom.xml b/sshd-core/pom.xml
index 8174dd0..a27b588 100644
--- a/sshd-core/pom.xml
+++ b/sshd-core/pom.xml
@@ -117,6 +117,11 @@
<artifactId>ganymed-ssh2</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.apache.servicemix.bundles</groupId>
+ <artifactId>org.apache.servicemix.bundles.not-yet-commons-ssl</artifactId>
+ <scope>test</scope>
+ </dependency>
</dependencies>
<build>
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/072215ea/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java b/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java
index a8b3075..cc28967 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java
@@ -70,7 +70,7 @@ public class PKCS8PEMResourceKeyPairParser extends AbstractPEMResourceKeyPairPar
throws IOException, GeneralSecurityException {
// Save the data before getting the algorithm OID since we will need it
byte[] encBytes = IoUtils.toByteArray(stream);
- List<Integer> oidAlgorithm = getPKCS8AlgorithmIdentifier(stream, false);
+ List<Integer> oidAlgorithm = getPKCS8AlgorithmIdentifier(encBytes);
PrivateKey prvKey = decodePEMPrivateKeyPKCS8(oidAlgorithm, encBytes, passwordProvider);
PublicKey pubKey = ValidateUtils.checkNotNull(KeyUtils.recoverPublicKey(prvKey),
"Failed to recover public key of OID=%s", oidAlgorithm);
@@ -101,8 +101,8 @@ public class PKCS8PEMResourceKeyPairParser extends AbstractPEMResourceKeyPairPar
return factory.generatePrivate(keySpec);
}
- public static List<Integer> getPKCS8AlgorithmIdentifier(InputStream input, boolean okToClose) throws IOException {
- try (DERParser parser = new DERParser(NoCloseInputStream.resolveInputStream(input, okToClose))) {
+ public static List<Integer> getPKCS8AlgorithmIdentifier(byte[] input) throws IOException {
+ try (DERParser parser = new DERParser(input)) {
return getPKCS8AlgorithmIdentifier(parser);
}
}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/072215ea/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PemKeyPairResourceParserTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PemKeyPairResourceParserTest.java b/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PemKeyPairResourceParserTest.java
new file mode 100644
index 0000000..3cf60e0
--- /dev/null
+++ b/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PemKeyPairResourceParserTest.java
@@ -0,0 +1,57 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sshd.common.config.keys.loader.pem;
+
+import org.apache.commons.ssl.PEMItem;
+import org.apache.commons.ssl.PEMUtil;
+import org.apache.sshd.common.util.security.SecurityUtils;
+import org.junit.Test;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.util.ArrayList;
+import java.util.Collection;
+
+import static org.junit.Assert.assertEquals;
+
+public class PemKeyPairResourceParserTest {
+
+ @Test
+ public void testPkcs8() throws Exception {
+ String algorithm = "RSA";
+ int keySize = 512;
+ KeyPairGenerator generator = SecurityUtils.getKeyPairGenerator(algorithm);
+ generator.initialize(keySize);
+ KeyPair kp = generator.generateKeyPair();
+
+ ByteArrayOutputStream os = new ByteArrayOutputStream();
+ Collection<Object> items = new ArrayList<>();
+ items.add(new PEMItem(kp.getPrivate().getEncoded(), "PRIVATE KEY"));
+ byte[] bytes = PEMUtil.encode(items);
+ os.write(bytes);
+ os.close();
+
+ KeyPair kp2 = SecurityUtils.loadKeyPairIdentity("the-key", new ByteArrayInputStream(os.toByteArray()), null);
+
+ assertEquals(kp.getPublic(), kp2.getPublic());
+ assertEquals(kp.getPrivate(), kp2.getPrivate());
+ }
+}