mirrors
/
gitblit
miroir de https://github.com/gitblit/gitblit.git
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Versions 43 Wiki Activité
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
2841 Révisions
11 Branches
Aborescence: d41034ad2f
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de 'd41034ad2f'
${ noResults }
gitblit/src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java

FileKeyPairProvider.java 5.5KB
Brut Annotations Historique

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154 
  1. /*

  2.  * Licensed to the Apache Software Foundation (ASF) under one

  3.  * or more contributor license agreements.  See the NOTICE file

  4.  * distributed with this work for additional information

  5.  * regarding copyright ownership.  The ASF licenses this file

  6.  * to you under the Apache License, Version 2.0 (the

  7.  * "License"); you may not use this file except in compliance

  8.  * with the License.  You may obtain a copy of the License at

  9.  *

  10.  *   http://www.apache.org/licenses/LICENSE-2.0

  11.  *

  12.  * Unless required by applicable law or agreed to in writing,

  13.  * software distributed under the License is distributed on an

  14.  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

  15.  * KIND, either express or implied.  See the License for the

  16.  * specific language governing permissions and limitations

  17.  * under the License.

  18.  */

  19. package com.gitblit.transport.ssh;

  20. 

  21. import java.io.FileInputStream;

  22. import java.io.InputStreamReader;

  23. import java.security.KeyPair;

  24. import java.util.Arrays;

  25. import java.util.Iterator;

  26. import java.util.NoSuchElementException;

  27. 

  28. import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider;

  29. import org.apache.sshd.common.util.SecurityUtils;

  30. import org.bouncycastle.openssl.PEMDecryptorProvider;

  31. import org.bouncycastle.openssl.PEMEncryptedKeyPair;

  32. import org.bouncycastle.openssl.PEMKeyPair;

  33. import org.bouncycastle.openssl.PEMParser;

  34. import org.bouncycastle.openssl.PasswordFinder;

  35. import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;

  36. import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;

  37. 

  38. /**

  39.  * This host key provider loads private keys from the specified files.

  40.  *

  41.  * Note that this class has a direct dependency on BouncyCastle and won't work

  42.  * unless it has been correctly registered as a security provider.

  43.  *

  44.  * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>

  45.  */

  46. public class FileKeyPairProvider extends AbstractKeyPairProvider {

  47. 

  48.     private String[] files;

  49.     private PasswordFinder passwordFinder;

  50. 

  51.     public FileKeyPairProvider() {

  52.     }

  53. 

  54.     public FileKeyPairProvider(String[] files) {

  55.         this.files = files;

  56.     }

  57. 

  58.     public FileKeyPairProvider(String[] files, PasswordFinder passwordFinder) {

  59.         this.files = files;

  60.         this.passwordFinder = passwordFinder;

  61.     }

  62. 

  63.     public String[] getFiles() {

  64.         return files;

  65.     }

  66. 

  67.     public void setFiles(String[] files) {

  68.         this.files = files;

  69.     }

  70. 

  71.     public PasswordFinder getPasswordFinder() {

  72.         return passwordFinder;

  73.     }

  74. 

  75.     public void setPasswordFinder(PasswordFinder passwordFinder) {

  76.         this.passwordFinder = passwordFinder;

  77.     }

  78. 

  79.     public Iterable<KeyPair> loadKeys() {

  80.         if (!SecurityUtils.isBouncyCastleRegistered()) {

  81.             throw new IllegalStateException("BouncyCastle must be registered as a JCE provider");

  82.         }

  83.         return new Iterable<KeyPair>() {

  84.             @Override

  85. 			public Iterator<KeyPair> iterator() {

  86.                 return new Iterator<KeyPair>() {

  87.                     private final Iterator<String> iterator = Arrays.asList(files).iterator();

  88.                     private KeyPair nextKeyPair;

  89.                     private boolean nextKeyPairSet = false;

  90.                     @Override

  91. 					public boolean hasNext() {

  92.                         return nextKeyPairSet || setNextObject();

  93.                     }

  94.                     @Override

  95. 					public KeyPair next() {

  96.                         if (!nextKeyPairSet) {

  97.                             if (!setNextObject()) {

  98.                                 throw new NoSuchElementException();

  99.                             }

  100.                         }

  101.                         nextKeyPairSet = false;

  102.                         return nextKeyPair;

  103.                     }

  104.                     @Override

  105. 					public void remove() {

  106.                         throw new UnsupportedOperationException();

  107.                     }

  108.                     private boolean setNextObject() {

  109.                         while (iterator.hasNext()) {

  110.                             String file = iterator.next();

  111.                             nextKeyPair = doLoadKey(file);

  112.                             if (nextKeyPair != null) {

  113.                                 nextKeyPairSet = true;

  114.                                 return true;

  115.                             }

  116.                         }

  117.                         return false;

  118.                     }

  119. 

  120.                 };

  121.             }

  122.         };

  123.     }

  124. 

  125.     protected KeyPair doLoadKey(String file) {

  126.         try {

  127.             PEMParser r = new PEMParser(new InputStreamReader(new FileInputStream(file)));

  128.             try {

  129.                 Object o = r.readObject();

  130. 

  131.                 JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();

  132.                 pemConverter.setProvider("BC");

  133.                 if (passwordFinder != null && o instanceof PEMEncryptedKeyPair) {

  134.                     JcePEMDecryptorProviderBuilder decryptorBuilder = new JcePEMDecryptorProviderBuilder();

  135.                     PEMDecryptorProvider pemDecryptor = decryptorBuilder.build(passwordFinder.getPassword());

  136.                     o = pemConverter.getKeyPair(((PEMEncryptedKeyPair) o).decryptKeyPair(pemDecryptor));

  137.                 }

  138. 

  139.                 if (o instanceof PEMKeyPair) {

  140.                     o = pemConverter.getKeyPair((PEMKeyPair)o);

  141.                     return (KeyPair) o;

  142.                 } else if (o instanceof KeyPair) {

  143.                     return (KeyPair) o;

  144.                 }

  145.             } finally {

  146.                 r.close();

  147.             }

  148.         } catch (Exception e) {

  149.             log.warn("Unable to read key " + file, e);

  150.         }

  151.         return null;

  152.     }

  153. 

  154. }