mirrors
/
jgit
miroir de https://github.com/eclipse/jgit.git
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Versions 204 Wiki Activité
Parcourir la source

Apache MINA sshd client: enable support for ed25519 keys 

Include the net.i2p.crypto.eddsa bundle via a hard dependency.

Add tests for dealing with ed25519 host keys and user key files.

Manual tests: fetching from git.eclipse.org with an ed25519 user key,
and pushing this change itself using the same ed25519 key.

Note that sshd 2.0.0 does not yet support encrypted ed25519 private
keys.

Bug: 541272
Change-Id: I7072f4014d9eca755b4a2412e19c086235e5eae9
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
tags/v5.2.0.201812061821-r
Thomas Wolf il y a 5 ans
Parent
a08ffb0444
révision
db627c4177
10 fichiers modifiés avec 58 ajouts et 2 suppressions
Vue séparée Afficher les stats Diff
  1. 6
    0
      WORKSPACE
  2. 9
    0
      lib/BUILD
  3. 7
    0
      org.eclipse.jgit.packaging/org.eclipse.jgit.ssh.apache.feature/feature.xml
  4. 1
    0
      org.eclipse.jgit.ssh.apache.test/BUILD
  5. 1
    0
      org.eclipse.jgit.ssh.apache.test/META-INF/MANIFEST.MF
  6. 21
    0
      org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/ApacheSshTest.java
  7. 1
    0
      org.eclipse.jgit.ssh.apache/BUILD
  8. 2
    1
      org.eclipse.jgit.ssh.apache/META-INF/MANIFEST.MF
  9. 7
    0
      org.eclipse.jgit.ssh.apache/pom.xml
  10. 3
    1
      org.eclipse.jgit.test/src/org/eclipse/jgit/transport/ssh/SshTestBase.java

+ 6
- 0
WORKSPACE Voir le fichier

@@ -22,6 +22,12 @@ load(
"maven_jar",
)

maven_jar(
name = "eddsa",
artifact = "net.i2p.crypto:eddsa:0.3.0",
sha1 = "1901c8d4d8bffb7d79027686cfb91e704217c3e1",
)

maven_jar(
name = "jsch",
artifact = "com.jcraft:jsch:0.1.54",

+ 9
- 0
lib/BUILD Voir le fichier

@@ -27,6 +27,15 @@ java_library(
exports = ["@commons-logging//jar"],
)

java_library(
name = "eddsa",
visibility = [
"//org.eclipse.jgit.ssh.apache:__pkg__",
"//org.eclipse.jgit.ssh.apache.test:__pkg__",
],
exports = ["@eddsa//jar"],
)

java_library(
name = "gson",
visibility = [

+ 7
- 0
org.eclipse.jgit.packaging/org.eclipse.jgit.ssh.apache.feature/feature.xml Voir le fichier

@@ -47,4 +47,11 @@
version="0.0.0"
unpack="false"/>

<plugin
id="net.i2p.crypto.eddsa"
download-size="0"
install-size="0"
version="0.0.0"
unpack="false"/>

</feature>

+ 1
- 0
org.eclipse.jgit.ssh.apache.test/BUILD Voir le fichier

@@ -8,6 +8,7 @@ junit_tests(
srcs = glob(["tst/**/*.java"]),
tags = ["sshd"],
deps = [
"//lib:eddsa",
"//lib:junit",
"//lib:sshd-core",
"//lib:sshd-sftp",

+ 1
- 0
org.eclipse.jgit.ssh.apache.test/META-INF/MANIFEST.MF Voir le fichier

@@ -8,6 +8,7 @@ Bundle-Vendor: %Provider-Name
Bundle-RequiredExecutionEnvironment: JavaSE-1.8
Import-Package: org.eclipse.jgit.internal.transport.sshd.proxy;version="[5.2.0,5.3.0)",
org.eclipse.jgit.junit;version="[5.2.0,5.3.0)",
org.eclipse.jgit.junit.ssh;version="[5.2.0,5.3.0)",
org.eclipse.jgit.lib;version="[5.2.0,5.3.0)",
org.eclipse.jgit.transport;version="[5.2.0,5.3.0)",
org.eclipse.jgit.transport.ssh;version="[5.2.0,5.3.0)",

+ 21
- 0
org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/ApacheSshTest.java Voir le fichier

@@ -53,6 +53,7 @@ import org.eclipse.jgit.transport.SshSessionFactory;
import org.eclipse.jgit.transport.ssh.SshTestBase;
import org.eclipse.jgit.transport.sshd.SshdSessionFactory;
import org.eclipse.jgit.util.FS;
import org.junit.Test;
import org.junit.experimental.theories.Theories;
import org.junit.runner.RunWith;

@@ -81,4 +82,24 @@ public class ApacheSshTest extends SshTestBase {
}
}

// Using an ed25519 (unencrypted) user key is tested in the super class in
// testSshKeys(). sshd 2.0.0 cannot yet read encrypted ed25519 keys.

@Test
public void testEd25519HostKey() throws Exception {
File newHostKey = new File(getTemporaryDirectory(), "newhostkey");
copyTestResource("id_ed25519", newHostKey);
server.addHostKey(newHostKey.toPath(), true);
File newHostKeyPub = new File(getTemporaryDirectory(),
"newhostkey.pub");
copyTestResource("id_ed25519.pub", newHostKeyPub);
createKnownHostsFile(knownHosts, "localhost", testPort, newHostKeyPub);
cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
"Host git", //
"HostName localhost", //
"Port " + testPort, //
"User " + TEST_USER, //
"IdentityFile " + privateKey1.getAbsolutePath());
}

}

+ 1
- 0
org.eclipse.jgit.ssh.apache/BUILD Voir le fichier

@@ -10,6 +10,7 @@ java_library(
resource_strip_prefix = "org.eclipse.jgit.ssh.apache/resources",
resources = RESOURCES,
deps = [
"//lib:eddsa",
"//lib:slf4j-api",
"//lib:sshd-core",
"//lib:sshd-sftp",

+ 2
- 1
org.eclipse.jgit.ssh.apache/META-INF/MANIFEST.MF Voir le fichier

@@ -31,7 +31,8 @@ Export-Package: org.eclipse.jgit.internal.transport.sshd;version="5.2.0";x-inter
org.eclipse.jgit.util,
org.apache.sshd.client.session,
org.apache.sshd.client.keyverifier"
Import-Package: org.apache.sshd.agent;version="[2.0.0,2.1.0)",
Import-Package: net.i2p.crypto.eddsa;version="[0.3.0,0.4.0)",
org.apache.sshd.agent;version="[2.0.0,2.1.0)",
org.apache.sshd.client;version="[2.0.0,2.1.0)",
org.apache.sshd.client.auth;version="[2.0.0,2.1.0)",
org.apache.sshd.client.auth.keyboard;version="[2.0.0,2.1.0)",

+ 7
- 0
org.eclipse.jgit.ssh.apache/pom.xml Voir le fichier

@@ -63,6 +63,7 @@
<properties>
<translate-qualifier/>
<source-bundle-manifest>${project.build.directory}/META-INF/SOURCE-MANIFEST.MF</source-bundle-manifest>
<eddsa-version>0.3.0</eddsa-version>
</properties>

<dependencies>
@@ -84,6 +85,12 @@
<version>${apache-sshd-version}</version>
</dependency>

<dependency>
<groupId>net.i2p.crypto</groupId>
<artifactId>eddsa</artifactId>
<version>${eddsa-version}</version>
</dependency>

<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>

+ 3
- 1
org.eclipse.jgit.test/src/org/eclipse/jgit/transport/ssh/SshTestBase.java Voir le fichier

@@ -80,6 +80,7 @@ public abstract class SshTestBase extends SshTestHarness {
"id_ecdsa_256", //
"id_ecdsa_384", //
"id_ecdsa_521", //
"id_ed25519", //
// And now encrypted. Passphrase is "testpass".
"id_dsa_testpass", //
"id_rsa_1024_testpass", //
@@ -805,7 +806,8 @@ public abstract class SshTestBase extends SshTestHarness {
// JSch fails on ECDSA 384/521 keys. Compare
// https://sourceforge.net/p/jsch/patches/10/
assumeTrue(!(getSessionFactory() instanceof JschConfigSessionFactory
&& (keyName.startsWith("id_ecdsa_384")
&& (keyName.contains("ed25519")
|| keyName.startsWith("id_ecdsa_384")
|| keyName.startsWith("id_ecdsa_521"))));
File cloned = new File(getTemporaryDirectory(), "cloned");
String keyFileName = keyName + "_key";

Écrire Aperçu
Chargement…
Annuler
Enregistrer