001    /*
002     * Copyright (C) 2012 eXo Platform SAS.
003     *
004     * This is free software; you can redistribute it and/or modify it
005     * under the terms of the GNU Lesser General Public License as
006     * published by the Free Software Foundation; either version 2.1 of
007     * the License, or (at your option) any later version.
008     *
009     * This software is distributed in the hope that it will be useful,
010     * but WITHOUT ANY WARRANTY; without even the implied warranty of
011     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012     * Lesser General Public License for more details.
013     *
014     * You should have received a copy of the GNU Lesser General Public
015     * License along with this software; if not, write to the Free
016     * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
017     * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
018     */
019    package org.crsh.auth;
020    
021    import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider;
022    import org.apache.sshd.common.util.SecurityUtils;
023    import org.bouncycastle.openssl.PEMReader;
024    import org.bouncycastle.openssl.PasswordFinder;
025    import org.slf4j.Logger;
026    import org.slf4j.LoggerFactory;
027    
028    import java.io.FileInputStream;
029    import java.io.InputStreamReader;
030    import java.security.KeyPair;
031    import java.security.PublicKey;
032    import java.util.ArrayList;
033    import java.util.List;
034    
035    /**
036     * A modified version of {@link org.apache.sshd.common.keyprovider.FileKeyPairProvider} that only load public keys
037     * either as {@link KeyPair} or as {@link PublicKey}.
038     *
039     * @author <a href="mailto:julien.viet@exoplatform.com">Julien Viet</a>
040     */
041    class FilePublicKeyProvider extends AbstractKeyPairProvider {
042    
043      /** . */
044      private static final Logger LOG = LoggerFactory.getLogger(FilePublicKeyProvider.class);
045    
046      /** . */
047      private String[] files;
048    
049      /** . */
050      private PasswordFinder passwordFinder;
051    
052      FilePublicKeyProvider(String[] files) {
053        this.files = files;
054      }
055    
056      FilePublicKeyProvider(String[] files, PasswordFinder passwordFinder) {
057        this.files = files;
058        this.passwordFinder = passwordFinder;
059      }
060    
061      public KeyPair[] loadKeys() {
062        if (!SecurityUtils.isBouncyCastleRegistered()) {
063          throw new IllegalStateException("BouncyCastle must be registered as a JCE provider");
064        }
065        List<KeyPair> keys = new ArrayList<KeyPair>();
066        for (String file : files) {
067          try {
068            PEMReader r = new PEMReader(new InputStreamReader(new FileInputStream(file)), passwordFinder);
069            try {
070              Object o = r.readObject();
071              if (o instanceof KeyPair) {
072                keys.add(new KeyPair(((KeyPair)o).getPublic(), null));
073              } else if (o instanceof PublicKey) {
074                keys.add(new KeyPair((PublicKey)o, null));
075              }
076            }
077            finally {
078              r.close();
079            }
080          }
081          catch (Exception e) {
082            LOG.info("Unable to read key {}: {}", file, e);
083          }
084        }
085        return keys.toArray(new KeyPair[keys.size()]);
086      }
087    }