From 02eced71234c20b4ef9a80a68c834f32e0f997ce Mon Sep 17 00:00:00 2001 From: exceptionfactory Date: Mon, 16 Aug 2021 11:34:03 -0500 Subject: [PATCH 1/2] Enhanced PKCS8 parsing to support PEM ASN.1 Private Keys --- .../userauth/keyprovider/PKCS8KeyFile.java | 10 ++- .../DSAPrivateKeyInfoKeyPairConverter.java | 90 +++++++++++++++++++ .../ECDSAPrivateKeyInfoKeyPairConverter.java | 90 +++++++++++++++++++ .../keyprovider/pkcs/KeyPairConverter.java | 35 ++++++++ .../pkcs/PrivateKeyInfoKeyPairConverter.java | 61 +++++++++++++ .../RSAPrivateKeyInfoKeyPairConverter.java | 65 ++++++++++++++ .../sshj/keyprovider/PKCS8KeyFileTest.java | 35 ++++++++ src/test/resources/keyformats/pkcs8-dsa | 9 ++ src/test/resources/keyformats/pkcs8-ecdsa | 5 ++ src/test/resources/keyformats/pkcs8-rsa-2048 | 28 ++++++ 10 files changed, 427 insertions(+), 1 deletion(-) create mode 100644 src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/DSAPrivateKeyInfoKeyPairConverter.java create mode 100644 src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/ECDSAPrivateKeyInfoKeyPairConverter.java create mode 100644 src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/KeyPairConverter.java create mode 100644 src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/PrivateKeyInfoKeyPairConverter.java create mode 100644 src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/RSAPrivateKeyInfoKeyPairConverter.java create mode 100644 src/test/resources/keyformats/pkcs8-dsa create mode 100644 src/test/resources/keyformats/pkcs8-ecdsa create mode 100644 src/test/resources/keyformats/pkcs8-rsa-2048 diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.java index 4cff69409..49f44cced 100644 --- a/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.java +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS8KeyFile.java @@ -18,7 +18,10 @@ import com.hierynomus.sshj.common.KeyDecryptionFailedException; import net.schmizz.sshj.common.IOUtils; import net.schmizz.sshj.common.SecurityUtils; +import net.schmizz.sshj.userauth.keyprovider.pkcs.KeyPairConverter; +import net.schmizz.sshj.userauth.keyprovider.pkcs.PrivateKeyInfoKeyPairConverter; import net.schmizz.sshj.userauth.password.PasswordUtils; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import org.bouncycastle.openssl.EncryptionException; import org.bouncycastle.openssl.PEMEncryptedKeyPair; import org.bouncycastle.openssl.PEMKeyPair; @@ -52,6 +55,7 @@ public String getName() { protected char[] passphrase; // for blanking out + protected KeyPairConverter privateKeyInfoKeyPairConverter = new PrivateKeyInfoKeyPairConverter(); protected KeyPair readKeyPair() throws IOException { @@ -82,8 +86,12 @@ protected KeyPair readKeyPair() } } else if (o instanceof PEMKeyPair) { kp = pemConverter.getKeyPair((PEMKeyPair) o); + } else if (o instanceof PrivateKeyInfo) { + final PrivateKeyInfo privateKeyInfo = (PrivateKeyInfo) o; + final PEMKeyPair pemKeyPair = privateKeyInfoKeyPairConverter.getKeyPair(privateKeyInfo); + kp = pemConverter.getKeyPair(pemKeyPair); } else { - log.debug("Expected PEMEncryptedKeyPair or PEMKeyPair, got: {}", o); + log.warn("Unexpected PKCS8 PEM Object [{}]", o); } } catch (EncryptionException e) { diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/DSAPrivateKeyInfoKeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/DSAPrivateKeyInfoKeyPairConverter.java new file mode 100644 index 000000000..c15714a44 --- /dev/null +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/DSAPrivateKeyInfoKeyPairConverter.java @@ -0,0 +1,90 @@ +/* + * Copyright (C)2021 - SSHJ Contributors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package net.schmizz.sshj.userauth.keyprovider.pkcs; + +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +import org.bouncycastle.crypto.params.DSAParameters; +import org.bouncycastle.openssl.PEMKeyPair; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.IOException; +import java.math.BigInteger; +import java.util.Objects; + +/** + * Key Pair Converter from DSA Private Key Information to PEM Key Pair + */ +class DSAPrivateKeyInfoKeyPairConverter implements KeyPairConverter { + private static final Logger logger = LoggerFactory.getLogger(DSAPrivateKeyInfoKeyPairConverter.class); + + private static final int P_INDEX = 0; + + private static final int Q_INDEX = 1; + + private static final int G_INDEX = 2; + + /** + * Get PEM Key Pair calculating DSA Public Key from DSA Private Key Information + * + * @param privateKeyInfo DSA Private Key Information + * @return PEM Key Pair + * @throws IOException Thrown on Public Key parsing failures + */ + @Override + public PEMKeyPair getKeyPair(final PrivateKeyInfo privateKeyInfo) throws IOException { + Objects.requireNonNull(privateKeyInfo, "Private Key Info required"); + final AlgorithmIdentifier algorithmIdentifier = privateKeyInfo.getPrivateKeyAlgorithm(); + final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm(); + if (X9ObjectIdentifiers.id_dsa.equals(algorithm)) { + logger.debug("DSA Algorithm Found [{}]", algorithm); + } else { + throw new IllegalArgumentException(String.format("DSA Algorithm OID required [%s]", algorithm)); + } + final ASN1Integer encodedPublicKey = getEncodedPublicKey(privateKeyInfo); + final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, encodedPublicKey); + return new PEMKeyPair(subjectPublicKeyInfo, privateKeyInfo); + } + + /** + * Get ASN.1 Encoded Public Key calculated according to RFC 6979 Section 2.2 + * + * @param privateKeyInfo DSA Private Key Information + * @return ASN.1 Encoded DSA Public Key + * @throws IOException Thrown on failures parsing private key + */ + private ASN1Integer getEncodedPublicKey(final PrivateKeyInfo privateKeyInfo) throws IOException { + final ASN1Integer privateKey = ASN1Integer.getInstance(privateKeyInfo.parsePrivateKey()); + final AlgorithmIdentifier algorithmIdentifier = privateKeyInfo.getPrivateKeyAlgorithm(); + final DSAParameters dsaParameters = getDsaParameters(algorithmIdentifier); + final BigInteger publicKey = dsaParameters.getG().modPow(privateKey.getValue(), dsaParameters.getP()); + return new ASN1Integer(publicKey); + } + + private DSAParameters getDsaParameters(final AlgorithmIdentifier algorithmIdentifier) { + final ASN1Sequence sequence = ASN1Sequence.getInstance(algorithmIdentifier.getParameters()); + final ASN1Integer p = ASN1Integer.getInstance(sequence.getObjectAt(P_INDEX)); + final ASN1Integer q = ASN1Integer.getInstance(sequence.getObjectAt(Q_INDEX)); + final ASN1Integer g = ASN1Integer.getInstance(sequence.getObjectAt(G_INDEX)); + return new DSAParameters(p.getValue(), q.getValue(), g.getValue()); + } +} diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/ECDSAPrivateKeyInfoKeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/ECDSAPrivateKeyInfoKeyPairConverter.java new file mode 100644 index 000000000..156bb8ac6 --- /dev/null +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/ECDSAPrivateKeyInfoKeyPairConverter.java @@ -0,0 +1,90 @@ +/* + * Copyright (C)2021 - SSHJ Contributors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package net.schmizz.sshj.userauth.keyprovider.pkcs; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.sec.ECPrivateKey; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.bouncycastle.math.ec.ECMultiplier; +import org.bouncycastle.math.ec.ECPoint; +import org.bouncycastle.math.ec.FixedPointCombMultiplier; +import org.bouncycastle.openssl.PEMKeyPair; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.IOException; +import java.math.BigInteger; +import java.util.Objects; + +/** + * Key Pair Converter from ECDSA Private Key Information to PEM Key Pair + */ +class ECDSAPrivateKeyInfoKeyPairConverter implements KeyPairConverter { + private static final Logger logger = LoggerFactory.getLogger(ECDSAPrivateKeyInfoKeyPairConverter.class); + + private static final boolean POINT_COMPRESSED = false; + + /** + * Get PEM Key Pair calculating ECDSA Public Key from ECDSA Private Key Information + * + * @param privateKeyInfo ECDSA Private Key Information + * @return PEM Key Pair + * @throws IOException Thrown on Public Key parsing failures + */ + @Override + public PEMKeyPair getKeyPair(final PrivateKeyInfo privateKeyInfo) throws IOException { + Objects.requireNonNull(privateKeyInfo, "Private Key Info required"); + final AlgorithmIdentifier algorithmIdentifier = privateKeyInfo.getPrivateKeyAlgorithm(); + final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm(); + if (X9ObjectIdentifiers.id_ecPublicKey.equals(algorithm)) { + logger.debug("ECDSA Algorithm Found [{}]", algorithm); + } else { + throw new IllegalArgumentException(String.format("ECDSA Algorithm OID required [%s]", algorithm)); + } + final byte[] encodedPublicKey = getEncodedPublicKey(privateKeyInfo); + final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, encodedPublicKey); + return new PEMKeyPair(subjectPublicKeyInfo, privateKeyInfo); + } + + /** + * Get Encoded Elliptic Curve Public Key calculated according to RFC 6979 Section 2.2 + * + * @param privateKeyInfo ECDSA Private Key Information + * @return Encoded Elliptic Curve Public Key + * @throws IOException Thrown on failures parsing private key + */ + private byte[] getEncodedPublicKey(final PrivateKeyInfo privateKeyInfo) throws IOException { + final X9ECParameters parameters = getParameters(privateKeyInfo.getPrivateKeyAlgorithm()); + final ECPrivateKey ecPrivateKey = ECPrivateKey.getInstance(privateKeyInfo.parsePrivateKey()); + final ECPoint publicKey = getPublicKey(parameters, ecPrivateKey.getKey()); + return publicKey.getEncoded(POINT_COMPRESSED); + } + + private X9ECParameters getParameters(final AlgorithmIdentifier algorithmIdentifier) { + final ASN1ObjectIdentifier encodedParameters = ASN1ObjectIdentifier.getInstance(algorithmIdentifier.getParameters()); + return ECUtil.getNamedCurveByOid(encodedParameters); + } + + private ECPoint getPublicKey(final X9ECParameters parameters, final BigInteger privateKey) { + final ECMultiplier multiplier = new FixedPointCombMultiplier(); + return multiplier.multiply(parameters.getG(), privateKey); + } +} diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/KeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/KeyPairConverter.java new file mode 100644 index 000000000..d00c7d38b --- /dev/null +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/KeyPairConverter.java @@ -0,0 +1,35 @@ +/* + * Copyright (C)2021 - SSHJ Contributors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package net.schmizz.sshj.userauth.keyprovider.pkcs; + +import org.bouncycastle.openssl.PEMKeyPair; + +import java.io.IOException; + +/** + * Converter from typed object to PEM Key Pair + * @param Object Type + */ +public interface KeyPairConverter { + /** + * Get PEM Key Pair from typed object + * + * @param object Typed Object + * @return PEM Key Pair + * @throws IOException Thrown on conversion failures + */ + PEMKeyPair getKeyPair(T object) throws IOException; +} diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/PrivateKeyInfoKeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/PrivateKeyInfoKeyPairConverter.java new file mode 100644 index 000000000..55382a1b7 --- /dev/null +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/PrivateKeyInfoKeyPairConverter.java @@ -0,0 +1,61 @@ +/* + * Copyright (C)2021 - SSHJ Contributors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package net.schmizz.sshj.userauth.keyprovider.pkcs; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +import org.bouncycastle.openssl.PEMKeyPair; + +import java.io.IOException; +import java.util.Objects; + +/** + * Key Pair Converter for Private Key Information using known Algorithm Object Identifiers + */ +public class PrivateKeyInfoKeyPairConverter implements KeyPairConverter { + private DSAPrivateKeyInfoKeyPairConverter dsaPrivateKeyInfoKeyPairConverter = new DSAPrivateKeyInfoKeyPairConverter(); + + private ECDSAPrivateKeyInfoKeyPairConverter ecdsaPrivateKeyInfoKeyPairConverter = new ECDSAPrivateKeyInfoKeyPairConverter(); + + private RSAPrivateKeyInfoKeyPairConverter rsaPrivateKeyInfoKeyPairConverter = new RSAPrivateKeyInfoKeyPairConverter(); + + /** + * Get PEM Key Pair delegating to configured converters based on Algorithm Object Identifier + * + * @param privateKeyInfo Private Key Information + * @return PEM Key Pair + * @throws IOException Thrown on conversion failures + */ + @Override + public PEMKeyPair getKeyPair(final PrivateKeyInfo privateKeyInfo) throws IOException { + Objects.requireNonNull(privateKeyInfo, "Private Key Info required"); + final AlgorithmIdentifier algorithmIdentifier = privateKeyInfo.getPrivateKeyAlgorithm(); + final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm(); + + if (PKCSObjectIdentifiers.rsaEncryption.equals(algorithm)) { + return rsaPrivateKeyInfoKeyPairConverter.getKeyPair(privateKeyInfo); + } else if (X9ObjectIdentifiers.id_ecPublicKey.equals(algorithm)) { + return ecdsaPrivateKeyInfoKeyPairConverter.getKeyPair(privateKeyInfo); + } else if (X9ObjectIdentifiers.id_dsa.equals(algorithm)) { + return dsaPrivateKeyInfoKeyPairConverter.getKeyPair(privateKeyInfo); + } else { + throw new IllegalArgumentException(String.format("Unsupported Algorithm [%s]", algorithm)); + } + } +} diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/RSAPrivateKeyInfoKeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/RSAPrivateKeyInfoKeyPairConverter.java new file mode 100644 index 000000000..8f0bc8aec --- /dev/null +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/RSAPrivateKeyInfoKeyPairConverter.java @@ -0,0 +1,65 @@ +/* + * Copyright (C)2021 - SSHJ Contributors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package net.schmizz.sshj.userauth.keyprovider.pkcs; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.pkcs.RSAPrivateKey; +import org.bouncycastle.asn1.pkcs.RSAPublicKey; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.openssl.PEMKeyPair; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.IOException; +import java.util.Objects; + +/** + * Key Pair Converter from RSA Private Key Information to PEM Key Pair + */ +class RSAPrivateKeyInfoKeyPairConverter implements KeyPairConverter { + private static final Logger logger = LoggerFactory.getLogger(RSAPrivateKeyInfoKeyPairConverter.class); + + /** + * Get PEM Key Pair parsing RSA Public Key attributes from RSA Private Key Information + * + * @param privateKeyInfo RSA Private Key Information + * @return PEM Key Pair + * @throws IOException Thrown on Public Key parsing failures + */ + @Override + public PEMKeyPair getKeyPair(final PrivateKeyInfo privateKeyInfo) throws IOException { + Objects.requireNonNull(privateKeyInfo, "Private Key Info required"); + final AlgorithmIdentifier algorithmIdentifier = privateKeyInfo.getPrivateKeyAlgorithm(); + final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm(); + if (PKCSObjectIdentifiers.rsaEncryption.equals(algorithm)) { + logger.debug("RSA Algorithm Found [{}]", algorithm); + } else { + throw new IllegalArgumentException(String.format("RSA Algorithm OID required [%s]", algorithm)); + } + + final RSAPublicKey rsaPublicKey = getRsaPublicKey(privateKeyInfo); + final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, rsaPublicKey); + return new PEMKeyPair(subjectPublicKeyInfo, privateKeyInfo); + } + + private RSAPublicKey getRsaPublicKey(final PrivateKeyInfo privateKeyInfo) throws IOException { + final RSAPrivateKey rsaPrivateKey = RSAPrivateKey.getInstance(privateKeyInfo.parsePrivateKey()); + return new RSAPublicKey(rsaPrivateKey.getModulus(), rsaPrivateKey.getPublicExponent()); + } +} diff --git a/src/test/java/net/schmizz/sshj/keyprovider/PKCS8KeyFileTest.java b/src/test/java/net/schmizz/sshj/keyprovider/PKCS8KeyFileTest.java index d9e9abdb4..3557f5b58 100644 --- a/src/test/java/net/schmizz/sshj/keyprovider/PKCS8KeyFileTest.java +++ b/src/test/java/net/schmizz/sshj/keyprovider/PKCS8KeyFileTest.java @@ -25,6 +25,9 @@ import java.io.File; import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.Reader; import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; @@ -59,4 +62,36 @@ public void testType() assertEquals(rsa.getType(), KeyType.RSA); } + @Test + public void testPkcs8Rsa() throws IOException { + final PKCS8KeyFile provider = new PKCS8KeyFile(); + provider.init(getReader("pkcs8-rsa-2048")); + assertEquals("RSA", provider.getPublic().getAlgorithm()); + assertEquals("RSA", provider.getPrivate().getAlgorithm()); + } + + @Test + public void testPkcs8Ecdsa() throws IOException { + final PKCS8KeyFile provider = new PKCS8KeyFile(); + provider.init(getReader("pkcs8-ecdsa")); + assertEquals("ECDSA", provider.getPublic().getAlgorithm()); + assertEquals("ECDSA", provider.getPrivate().getAlgorithm()); + } + + @Test + public void testPkcs8Dsa() throws IOException { + final PKCS8KeyFile provider = new PKCS8KeyFile(); + provider.init(getReader("pkcs8-dsa")); + assertEquals("DSA", provider.getPublic().getAlgorithm()); + assertEquals("DSA", provider.getPrivate().getAlgorithm()); + } + + private Reader getReader(final String filename) { + final String path = String.format("/keyformats/%s", filename); + final InputStream inputStream = getClass().getResourceAsStream(path); + if (inputStream == null) { + throw new IllegalArgumentException(String.format("Key File [%s] not found", path)); + } + return new InputStreamReader(inputStream); + } } diff --git a/src/test/resources/keyformats/pkcs8-dsa b/src/test/resources/keyformats/pkcs8-dsa new file mode 100644 index 000000000..d455b91d2 --- /dev/null +++ b/src/test/resources/keyformats/pkcs8-dsa @@ -0,0 +1,9 @@ +-----BEGIN PRIVATE KEY----- +MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALlumhAX50pMBL5i2/1alO+oIIQC +/QQxBrs7e0KvmIeSFmiM/Vi77AIbEQl8RmsP7e7Pa3J91h+HQKq4xVxIGROMCmBM +RrauKWUujHVZ7LBNoYXmek2dqQsico3KdPMca/A5vracvmPNzK8dbx5Yt6VsgIdC +VJS4rCdyYcyUASMtAhUAxn3o/n3wh0YW88AiN9WavRibhykCgYBOfIqfCB0aP0LG +BNv4JZQF4G9v4cZDXdU38xzc15o99F1VfBklCwqKhezeH8559Ss01UPGixePBaVf +NBsUDfgxk0Zk1VeXS2iKE0A27xtyf4b8nPhIpkxS/P8rTHOJPBVsE19XMyFIUH6X +IZVGfq7R6TQPoYC7h4VzajwQatTeXAQXAhUAo7/KYkrT2uGzEUTK0tPKihqGUJQ= +-----END PRIVATE KEY----- diff --git a/src/test/resources/keyformats/pkcs8-ecdsa b/src/test/resources/keyformats/pkcs8-ecdsa new file mode 100644 index 000000000..6ce66e53c --- /dev/null +++ b/src/test/resources/keyformats/pkcs8-ecdsa @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgSO8998+yUgpmRqyc +qJZdKVyBBPyJafnyrkXpW4QF52+hRANCAAT/wLRpL4zxm33zVOkTYAjzQ/oTzULv +hQg0/XtsCcpp3FEF3gsnJJZXe9KENxr5pQ3QexZ0QcUSE/zWjx5zhCef +-----END PRIVATE KEY----- diff --git a/src/test/resources/keyformats/pkcs8-rsa-2048 b/src/test/resources/keyformats/pkcs8-rsa-2048 new file mode 100644 index 000000000..907e45b98 --- /dev/null +++ b/src/test/resources/keyformats/pkcs8-rsa-2048 @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCrCGE/428Y6Wun +rkKPP2AibBbAVoo+G2SvagmqlPwX9VIovqlG6ez4+SKtoaxUkJGrm5eZg8o+Gc3r ++0qZFIMPcZTHr16WvucYfdGZwd4GIw+9wHr6orE7cSgjg8SEcr8ctNmv5VgmLk1H +wCwhfbh7/bNNnoKPnweE+B8KlRq0y5P6o05oxqM4EwPceRW1tWKebTK+Hc3Cp5FE ++IVhpKB1AY3FW5bebTOnP8TmXoCWEnDj702tyl+UmV5Mir+YARLICNkahGP9FGNi +5YeZfbibgWwdB3sBVQXWEbF+LW1RXwWlF+soRemaNC2VfMrCqZ2dccx/BJornkyr +1NH7QlHDAgMBAAECggEANxai5EYoQZjlkQPi8mrSVyQDi/4T1v9RxeJcrLICJOFi +jjcjJPEx39u3HMAHVtGd6e1avhqh6LC9D/ZHx9jAghfueQb2a42ft9bGzUSRc96V +MmQt+E6w0VmYOSA3CwY+oktqFmrDosClKagvTrZE1sMXnregjAwICv80WF9AU9z7 +wI0XPJEYlqYj96lfT8n8LyMOHRDcSOEtI9WnF++n+nduTDFrhQ6yzRoJFz3sQi3k +AwOFXgxenlRrtReCVjIyXSoki6md5alNiQr+AZI25YfMzmQQOmOjRWGefenOf18n +HiiPhYlxteOjVbcwBFYL0mdIEFHPcftahgOu5eSzMQKBgQDVra22+2DCP3YkKMBU +xiuT0Rvjb0LtAfmO89vCXi8o79gkp+YqHsojtUXf6KqgBteh9hFQ8kBJEaqn7dCu +VjmrWm7zoNiYl8USdb4pHiBRj3Nw7gIA3qusMs1TWedyTSb0miaT32z65QlPQde/ +vgOC++5HsuD8aNOT+fZpN8InuwKBgQDM6GZX/g0UQvU0Cg2u3RztXKZkvGQiEAMu +MbFDpJ/m8kfBrMLQZQqrYtx1ahYRVc3XFHyii51WnwgO97BPykFy3Clkj9/mU942 +YAHYjP7f+Ujt1DZIa06aneh0aduFJZkkOYdKIxtgTV0cL1pRAwwYOWXM9gd1gAIN +oa0QOckJmQKBgDpAMJ0zhjsuJbzRxyzVIUgYt2uXBz2pTikkXYJtPpoAWIIVq29M +GXsGjdfui6U4eExU0n+oqtHAmS9Sa5M7Oll2O8z6ylE+/qB7rK104waY/rWIjM9D +5LT63HKejbPhSH9iDqY9QG5dRd5vaquA12A74cd2AlONGDC88enZI3rFAoGBAIhO +oKYwLesoj4zKk0ebdz6+v0GLwOCX3kXAcLcar/Qlf25qyj1uuaZA4X6Jz5xAg+lr +i21lioiwyd+LDRJG7TrHEhH/U2YYrF1niFLRmErNvaHX5TRPjb51BMlMEeeEl1bt +nf3HVNK/JA03wtDZQhZrODkcAOI9ASCoSEPe7MkhAoGBAJM+3GNBzW1dkJbwu9wN +Cal4OhrhDCnvMM8x7ZSF2EIDT8A7ahEWtnRfUnGESNfBS1sjHp2izjeHE3DfZBsH +WKd63qdb55h9d+dG1rbmQJWAm7ci0JFdozzGMG5Q/V6CiN0cjKka8+MjcqIHbQJ/ +kZN//+dT1Bbj9vqhEdQqswuH +-----END PRIVATE KEY----- From beb0a4e31e615736477f459b528b40ec6e01ca45 Mon Sep 17 00:00:00 2001 From: exceptionfactory Date: Tue, 17 Aug 2021 07:53:43 -0500 Subject: [PATCH 2/2] Corrected copyright year to match existing license headers --- .../keyprovider/pkcs/DSAPrivateKeyInfoKeyPairConverter.java | 2 +- .../keyprovider/pkcs/ECDSAPrivateKeyInfoKeyPairConverter.java | 2 +- .../sshj/userauth/keyprovider/pkcs/KeyPairConverter.java | 2 +- .../keyprovider/pkcs/PrivateKeyInfoKeyPairConverter.java | 2 +- .../keyprovider/pkcs/RSAPrivateKeyInfoKeyPairConverter.java | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/DSAPrivateKeyInfoKeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/DSAPrivateKeyInfoKeyPairConverter.java index c15714a44..03b36bc19 100644 --- a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/DSAPrivateKeyInfoKeyPairConverter.java +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/DSAPrivateKeyInfoKeyPairConverter.java @@ -1,5 +1,5 @@ /* - * Copyright (C)2021 - SSHJ Contributors + * Copyright (C)2009 - SSHJ Contributors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/ECDSAPrivateKeyInfoKeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/ECDSAPrivateKeyInfoKeyPairConverter.java index 156bb8ac6..4d7cfd489 100644 --- a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/ECDSAPrivateKeyInfoKeyPairConverter.java +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/ECDSAPrivateKeyInfoKeyPairConverter.java @@ -1,5 +1,5 @@ /* - * Copyright (C)2021 - SSHJ Contributors + * Copyright (C)2009 - SSHJ Contributors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/KeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/KeyPairConverter.java index d00c7d38b..dec183eee 100644 --- a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/KeyPairConverter.java +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/KeyPairConverter.java @@ -1,5 +1,5 @@ /* - * Copyright (C)2021 - SSHJ Contributors + * Copyright (C)2009 - SSHJ Contributors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/PrivateKeyInfoKeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/PrivateKeyInfoKeyPairConverter.java index 55382a1b7..04527607d 100644 --- a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/PrivateKeyInfoKeyPairConverter.java +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/PrivateKeyInfoKeyPairConverter.java @@ -1,5 +1,5 @@ /* - * Copyright (C)2021 - SSHJ Contributors + * Copyright (C)2009 - SSHJ Contributors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/RSAPrivateKeyInfoKeyPairConverter.java b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/RSAPrivateKeyInfoKeyPairConverter.java index 8f0bc8aec..01b77cae4 100644 --- a/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/RSAPrivateKeyInfoKeyPairConverter.java +++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/RSAPrivateKeyInfoKeyPairConverter.java @@ -1,5 +1,5 @@ /* - * Copyright (C)2021 - SSHJ Contributors + * Copyright (C)2009 - SSHJ Contributors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.