001 /* 002 * Copyright (C) 2012 eXo Platform SAS. 003 * 004 * This is free software; you can redistribute it and/or modify it 005 * under the terms of the GNU Lesser General Public License as 006 * published by the Free Software Foundation; either version 2.1 of 007 * the License, or (at your option) any later version. 008 * 009 * This software is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * You should have received a copy of the GNU Lesser General Public 015 * License along with this software; if not, write to the Free 016 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 017 * 02110-1301 USA, or see the FSF site: http://www.fsf.org. 018 */ 019 package org.crsh.auth; 020 021 import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider; 022 import org.apache.sshd.common.util.SecurityUtils; 023 import org.bouncycastle.openssl.PEMKeyPair; 024 import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; 025 import org.crsh.ssh.util.KeyPairUtils; 026 import org.slf4j.Logger; 027 import org.slf4j.LoggerFactory; 028 import java.io.FileInputStream; 029 import java.io.InputStreamReader; 030 import java.security.KeyPair; 031 import java.security.PublicKey; 032 import java.util.ArrayList; 033 import java.util.List; 034 035 /** 036 * A modified version of {@link org.apache.sshd.common.keyprovider.FileKeyPairProvider} that only load public keys 037 * either as {@link KeyPair} or as {@link PublicKey}. 038 * 039 * @author <a href="mailto:julien.viet@exoplatform.com">Julien Viet</a> 040 */ 041 class FilePublicKeyProvider extends AbstractKeyPairProvider { 042 043 /** . */ 044 private static final Logger LOG = LoggerFactory.getLogger(FilePublicKeyProvider.class); 045 046 /** . */ 047 private String[] files; 048 049 FilePublicKeyProvider(String[] files) { 050 this.files = files; 051 } 052 053 public Iterable<KeyPair> loadKeys() { 054 if (!SecurityUtils.isBouncyCastleRegistered()) { 055 throw new IllegalStateException("BouncyCastle must be registered as a JCE provider"); 056 } 057 List<KeyPair> keys = new ArrayList<KeyPair>(); 058 for (String file : files) { 059 try { 060 Object o = KeyPairUtils.readKey(new InputStreamReader(new FileInputStream(file))); 061 if (o instanceof KeyPair) { 062 keys.add(new KeyPair(((KeyPair)o).getPublic(), null)); 063 } else if (o instanceof PublicKey) { 064 keys.add(new KeyPair((PublicKey)o, null)); 065 } else if (o instanceof PEMKeyPair) { 066 PEMKeyPair keyPair = (PEMKeyPair)o; 067 JcaPEMKeyConverter converter = new JcaPEMKeyConverter(); 068 keys.add(new KeyPair(converter.getPublicKey(keyPair.getPublicKeyInfo()), null)); 069 } 070 } 071 catch (Exception e) { 072 LOG.info("Unable to read key {}: {}", file, e); 073 } 074 } 075 return keys; 076 } 077 }