Include the net.i2p.crypto.eddsa bundle via a hard dependency.
Add tests for dealing with
ed25519 host keys and user key files.
Manual tests: fetching from git.eclipse.org with an
ed25519 user key,
and pushing this change itself using the same
ed25519 key.
Note that sshd 2.0.0 does not yet support encrypted
ed25519 private
keys.
Bug: 541272
Change-Id: I7072f4014d9eca755b4a2412e19c086235e5eae9
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
"maven_jar",
)
+maven_jar(
+ name = "eddsa",
+ artifact = "net.i2p.crypto:eddsa:0.3.0",
+ sha1 = "1901c8d4d8bffb7d79027686cfb91e704217c3e1",
+)
+
maven_jar(
name = "jsch",
artifact = "com.jcraft:jsch:0.1.54",
exports = ["@commons-logging//jar"],
)
+java_library(
+ name = "eddsa",
+ visibility = [
+ "//org.eclipse.jgit.ssh.apache:__pkg__",
+ "//org.eclipse.jgit.ssh.apache.test:__pkg__",
+ ],
+ exports = ["@eddsa//jar"],
+)
+
java_library(
name = "gson",
visibility = [
version="0.0.0"
unpack="false"/>
+ <plugin
+ id="net.i2p.crypto.eddsa"
+ download-size="0"
+ install-size="0"
+ version="0.0.0"
+ unpack="false"/>
+
</feature>
srcs = glob(["tst/**/*.java"]),
tags = ["sshd"],
deps = [
+ "//lib:eddsa",
"//lib:junit",
"//lib:sshd-core",
"//lib:sshd-sftp",
Bundle-RequiredExecutionEnvironment: JavaSE-1.8
Import-Package: org.eclipse.jgit.internal.transport.sshd.proxy;version="[5.2.0,5.3.0)",
org.eclipse.jgit.junit;version="[5.2.0,5.3.0)",
+ org.eclipse.jgit.junit.ssh;version="[5.2.0,5.3.0)",
org.eclipse.jgit.lib;version="[5.2.0,5.3.0)",
org.eclipse.jgit.transport;version="[5.2.0,5.3.0)",
org.eclipse.jgit.transport.ssh;version="[5.2.0,5.3.0)",
import org.eclipse.jgit.transport.ssh.SshTestBase;
import org.eclipse.jgit.transport.sshd.SshdSessionFactory;
import org.eclipse.jgit.util.FS;
+import org.junit.Test;
import org.junit.experimental.theories.Theories;
import org.junit.runner.RunWith;
}
}
+ // Using an ed25519 (unencrypted) user key is tested in the super class in
+ // testSshKeys(). sshd 2.0.0 cannot yet read encrypted ed25519 keys.
+
+ @Test
+ public void testEd25519HostKey() throws Exception {
+ File newHostKey = new File(getTemporaryDirectory(), "newhostkey");
+ copyTestResource("id_ed25519", newHostKey);
+ server.addHostKey(newHostKey.toPath(), true);
+ File newHostKeyPub = new File(getTemporaryDirectory(),
+ "newhostkey.pub");
+ copyTestResource("id_ed25519.pub", newHostKeyPub);
+ createKnownHostsFile(knownHosts, "localhost", testPort, newHostKeyPub);
+ cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
+ "Host git", //
+ "HostName localhost", //
+ "Port " + testPort, //
+ "User " + TEST_USER, //
+ "IdentityFile " + privateKey1.getAbsolutePath());
+ }
+
}
resource_strip_prefix = "org.eclipse.jgit.ssh.apache/resources",
resources = RESOURCES,
deps = [
+ "//lib:eddsa",
"//lib:slf4j-api",
"//lib:sshd-core",
"//lib:sshd-sftp",
org.eclipse.jgit.util,
org.apache.sshd.client.session,
org.apache.sshd.client.keyverifier"
-Import-Package: org.apache.sshd.agent;version="[2.0.0,2.1.0)",
+Import-Package: net.i2p.crypto.eddsa;version="[0.3.0,0.4.0)",
+ org.apache.sshd.agent;version="[2.0.0,2.1.0)",
org.apache.sshd.client;version="[2.0.0,2.1.0)",
org.apache.sshd.client.auth;version="[2.0.0,2.1.0)",
org.apache.sshd.client.auth.keyboard;version="[2.0.0,2.1.0)",
<properties>
<translate-qualifier/>
<source-bundle-manifest>${project.build.directory}/META-INF/SOURCE-MANIFEST.MF</source-bundle-manifest>
+ <eddsa-version>0.3.0</eddsa-version>
</properties>
<dependencies>
<version>${apache-sshd-version}</version>
</dependency>
+ <dependency>
+ <groupId>net.i2p.crypto</groupId>
+ <artifactId>eddsa</artifactId>
+ <version>${eddsa-version}</version>
+ </dependency>
+
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
"id_ecdsa_256", //
"id_ecdsa_384", //
"id_ecdsa_521", //
+ "id_ed25519", //
// And now encrypted. Passphrase is "testpass".
"id_dsa_testpass", //
"id_rsa_1024_testpass", //
// JSch fails on ECDSA 384/521 keys. Compare
// https://sourceforge.net/p/jsch/patches/10/
assumeTrue(!(getSessionFactory() instanceof JschConfigSessionFactory
- && (keyName.startsWith("id_ecdsa_384")
+ && (keyName.contains("ed25519")
+ || keyName.startsWith("id_ecdsa_384")
|| keyName.startsWith("id_ecdsa_521"))));
File cloned = new File(getTemporaryDirectory(), "cloned");
String keyFileName = keyName + "_key";