001 /* 002 * Copyright (C) 2012 eXo Platform SAS. 003 * 004 * This is free software; you can redistribute it and/or modify it 005 * under the terms of the GNU Lesser General Public License as 006 * published by the Free Software Foundation; either version 2.1 of 007 * the License, or (at your option) any later version. 008 * 009 * This software is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * You should have received a copy of the GNU Lesser General Public 015 * License along with this software; if not, write to the Free 016 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 017 * 02110-1301 USA, or see the FSF site: http://www.fsf.org. 018 */ 019 package org.crsh.auth; 020 021 import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider; 022 import org.apache.sshd.common.util.SecurityUtils; 023 import org.bouncycastle.openssl.PEMReader; 024 import org.bouncycastle.openssl.PasswordFinder; 025 import org.slf4j.Logger; 026 import org.slf4j.LoggerFactory; 027 028 import java.io.FileInputStream; 029 import java.io.InputStreamReader; 030 import java.security.KeyPair; 031 import java.security.PublicKey; 032 import java.util.ArrayList; 033 import java.util.List; 034 035 /** 036 * A modified version of {@link org.apache.sshd.common.keyprovider.FileKeyPairProvider} that only load public keys 037 * either as {@link KeyPair} or as {@link PublicKey}. 038 * 039 * @author <a href="mailto:julien.viet@exoplatform.com">Julien Viet</a> 040 */ 041 class FilePublicKeyProvider extends AbstractKeyPairProvider { 042 043 /** . */ 044 private static final Logger LOG = LoggerFactory.getLogger(FilePublicKeyProvider.class); 045 046 /** . */ 047 private String[] files; 048 049 /** . */ 050 private PasswordFinder passwordFinder; 051 052 FilePublicKeyProvider(String[] files) { 053 this.files = files; 054 } 055 056 FilePublicKeyProvider(String[] files, PasswordFinder passwordFinder) { 057 this.files = files; 058 this.passwordFinder = passwordFinder; 059 } 060 061 public KeyPair[] loadKeys() { 062 if (!SecurityUtils.isBouncyCastleRegistered()) { 063 throw new IllegalStateException("BouncyCastle must be registered as a JCE provider"); 064 } 065 List<KeyPair> keys = new ArrayList<KeyPair>(); 066 for (String file : files) { 067 try { 068 PEMReader r = new PEMReader(new InputStreamReader(new FileInputStream(file)), passwordFinder); 069 try { 070 Object o = r.readObject(); 071 if (o instanceof KeyPair) { 072 keys.add(new KeyPair(((KeyPair)o).getPublic(), null)); 073 } else if (o instanceof PublicKey) { 074 keys.add(new KeyPair((PublicKey)o, null)); 075 } 076 } 077 finally { 078 r.close(); 079 } 080 } 081 catch (Exception e) { 082 LOG.info("Unable to read key {}: {}", file, e); 083 } 084 } 085 return keys.toArray(new KeyPair[keys.size()]); 086 } 087 }