001    /*
002     * Copyright (C) 2012 eXo Platform SAS.
003     *
004     * This is free software; you can redistribute it and/or modify it
005     * under the terms of the GNU Lesser General Public License as
006     * published by the Free Software Foundation; either version 2.1 of
007     * the License, or (at your option) any later version.
008     *
009     * This software is distributed in the hope that it will be useful,
010     * but WITHOUT ANY WARRANTY; without even the implied warranty of
011     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012     * Lesser General Public License for more details.
013     *
014     * You should have received a copy of the GNU Lesser General Public
015     * License along with this software; if not, write to the Free
016     * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
017     * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
018     */
019    package org.crsh.auth;
020    
021    import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider;
022    import org.apache.sshd.common.util.SecurityUtils;
023    import org.bouncycastle.openssl.PEMKeyPair;
024    import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
025    import org.crsh.ssh.util.KeyPairUtils;
026    import org.slf4j.Logger;
027    import org.slf4j.LoggerFactory;
028    import java.io.FileInputStream;
029    import java.io.InputStreamReader;
030    import java.security.KeyPair;
031    import java.security.PublicKey;
032    import java.util.ArrayList;
033    import java.util.List;
034    
035    /**
036     * A modified version of {@link org.apache.sshd.common.keyprovider.FileKeyPairProvider} that only load public keys
037     * either as {@link KeyPair} or as {@link PublicKey}.
038     *
039     * @author <a href="mailto:julien.viet@exoplatform.com">Julien Viet</a>
040     */
041    class FilePublicKeyProvider extends AbstractKeyPairProvider {
042    
043      /** . */
044      private static final Logger LOG = LoggerFactory.getLogger(FilePublicKeyProvider.class);
045    
046      /** . */
047      private String[] files;
048    
049      FilePublicKeyProvider(String[] files) {
050        this.files = files;
051      }
052    
053      public Iterable<KeyPair> loadKeys() {
054        if (!SecurityUtils.isBouncyCastleRegistered()) {
055          throw new IllegalStateException("BouncyCastle must be registered as a JCE provider");
056        }
057        List<KeyPair> keys = new ArrayList<KeyPair>();
058        for (String file : files) {
059          try {
060              Object o = KeyPairUtils.readKey(new InputStreamReader(new FileInputStream(file)));
061              if (o instanceof KeyPair) {
062                keys.add(new KeyPair(((KeyPair)o).getPublic(), null));
063              } else if (o instanceof PublicKey) {
064                keys.add(new KeyPair((PublicKey)o, null));
065              } else if (o instanceof PEMKeyPair) {
066                PEMKeyPair keyPair = (PEMKeyPair)o;
067                JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
068                keys.add(new KeyPair(converter.getPublicKey(keyPair.getPublicKeyInfo()), null));
069              }
070          }
071          catch (Exception e) {
072            LOG.info("Unable to read key {}: {}", file, e);
073          }
074        }
075        return keys;
076      }
077    }