001 /*
002 * Copyright (C) 2012 eXo Platform SAS.
003 *
004 * This is free software; you can redistribute it and/or modify it
005 * under the terms of the GNU Lesser General Public License as
006 * published by the Free Software Foundation; either version 2.1 of
007 * the License, or (at your option) any later version.
008 *
009 * This software is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * You should have received a copy of the GNU Lesser General Public
015 * License along with this software; if not, write to the Free
016 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
017 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
018 */
019 package org.crsh.auth;
020
021 import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider;
022 import org.apache.sshd.common.util.SecurityUtils;
023 import org.bouncycastle.openssl.PEMReader;
024 import org.bouncycastle.openssl.PasswordFinder;
025 import org.slf4j.Logger;
026 import org.slf4j.LoggerFactory;
027
028 import java.io.FileInputStream;
029 import java.io.InputStreamReader;
030 import java.security.KeyPair;
031 import java.security.PublicKey;
032 import java.util.ArrayList;
033 import java.util.List;
034
035 /**
036 * A modified version of {@link org.apache.sshd.common.keyprovider.FileKeyPairProvider} that only load public keys
037 * either as {@link KeyPair} or as {@link PublicKey}.
038 *
039 * @author <a href="mailto:julien.viet@exoplatform.com">Julien Viet</a>
040 */
041 class FilePublicKeyProvider extends AbstractKeyPairProvider {
042
043 /** . */
044 private static final Logger LOG = LoggerFactory.getLogger(FilePublicKeyProvider.class);
045
046 /** . */
047 private String[] files;
048
049 /** . */
050 private PasswordFinder passwordFinder;
051
052 FilePublicKeyProvider(String[] files) {
053 this.files = files;
054 }
055
056 FilePublicKeyProvider(String[] files, PasswordFinder passwordFinder) {
057 this.files = files;
058 this.passwordFinder = passwordFinder;
059 }
060
061 public KeyPair[] loadKeys() {
062 if (!SecurityUtils.isBouncyCastleRegistered()) {
063 throw new IllegalStateException("BouncyCastle must be registered as a JCE provider");
064 }
065 List<KeyPair> keys = new ArrayList<KeyPair>();
066 for (String file : files) {
067 try {
068 PEMReader r = new PEMReader(new InputStreamReader(new FileInputStream(file)), passwordFinder);
069 try {
070 Object o = r.readObject();
071 if (o instanceof KeyPair) {
072 keys.add(new KeyPair(((KeyPair)o).getPublic(), null));
073 } else if (o instanceof PublicKey) {
074 keys.add(new KeyPair((PublicKey)o, null));
075 }
076 }
077 finally {
078 r.close();
079 }
080 }
081 catch (Exception e) {
082 LOG.info("Unable to read key {}: {}", file, e);
083 }
084 }
085 return keys.toArray(new KeyPair[keys.size()]);
086 }
087 }