Search in sources :

Example 26 with KeyPair

use of com.jcraft.jsch.KeyPair in project jcabi-github by jcabi.

the class RtPublicKeysITCase method key.

/**
 * Generates a random public key for test.
 * @return The encoded SSH public key.
 * @throws Exception If a problem occurs.
 */
private String key() throws Exception {
    final ByteArrayOutputStream stream = new ByteArrayOutputStream();
    try {
        final KeyPair kpair = KeyPair.genKeyPair(new JSch(), KeyPair.DSA);
        kpair.writePublicKey(stream, "");
        kpair.dispose();
    } finally {
        stream.close();
    }
    return new String(stream.toByteArray());
}
Also used : KeyPair(com.jcraft.jsch.KeyPair) ByteArrayOutputStream(java.io.ByteArrayOutputStream) JSch(com.jcraft.jsch.JSch)

Example 27 with KeyPair

use of com.jcraft.jsch.KeyPair in project halyard by spinnaker.

the class AppengineAccountValidator method validate.

@Override
public void validate(ConfigProblemSetBuilder p, AppengineAccount account) {
    String jsonKey = null;
    String jsonPath = account.getJsonPath();
    String project = account.getProject();
    String knownHostsPath = account.getSshKnownHostsFilePath();
    AppengineNamedAccountCredentials credentials = null;
    boolean hasPassword = account.getGitHttpsPassword() != null;
    boolean hasUsername = account.getGitHttpsUsername() != null && !account.getGitHttpsUsername().isEmpty();
    if (hasPassword != hasUsername) {
        if (!hasUsername) {
            p.addProblem(Severity.ERROR, "Git HTTPS password supplied without git HTTPS username.");
        } else {
            p.addProblem(Severity.ERROR, "Git HTTPS username supplied without git HTTPS password.");
        }
    }
    boolean hasSshPrivateKeyPassphrase = account.getSshPrivateKeyPassphrase() != null;
    boolean hasSshPrivateKeyFilePath = account.getSshPrivateKeyFilePath() != null && !account.getSshPrivateKeyFilePath().isEmpty();
    if (hasSshPrivateKeyPassphrase != hasSshPrivateKeyFilePath) {
        if (!hasSshPrivateKeyFilePath) {
            p.addProblem(Severity.ERROR, "SSH private key passphrase supplied without SSH private key filepath.");
        } else {
            p.addProblem(Severity.ERROR, "SSH private key filepath supplied without SSH private key passphrase.");
        }
    } else if (hasSshPrivateKeyPassphrase && hasSshPrivateKeyFilePath) {
        Path sshPrivateKeyFilePath = validatingFileDecryptPath(account.getSshPrivateKeyFilePath());
        if (sshPrivateKeyFilePath == null) {
            return;
        }
        String sshPrivateKey = validatingFileDecrypt(p, sshPrivateKeyFilePath.toString());
        if (sshPrivateKey == null) {
            return;
        } else if (sshPrivateKey.isEmpty()) {
            p.addProblem(Severity.WARNING, "The supplied SSH private key file is empty.");
        } else {
            try {
                // Assumes that the public key is sitting next to the private key with the extension
                // ".pub".
                KeyPair keyPair = KeyPair.load(new JSch(), sshPrivateKeyFilePath.toString());
                boolean decrypted = keyPair.decrypt(secretSessionManager.decrypt(account.getSshPrivateKeyPassphrase()));
                if (!decrypted) {
                    p.addProblem(Severity.ERROR, "Could not unlock SSH public/private keypair with supplied passphrase.");
                }
            } catch (JSchException e) {
                p.addProblem(Severity.ERROR, "Could not unlock SSH public/private keypair: " + e.getMessage() + ".");
            }
        }
    }
    if (knownHostsPath != null && !knownHostsPath.isEmpty()) {
        String knownHosts = validatingFileDecrypt(p, knownHostsPath);
        if (knownHosts == null) {
            return;
        }
        if (knownHosts.isEmpty()) {
            p.addProblem(Severity.WARNING, "The supplied known_hosts file is empty.");
        }
    }
    if (jsonPath != null && !jsonPath.isEmpty()) {
        jsonKey = validatingFileDecrypt(p, jsonPath);
        if (jsonKey == null) {
            return;
        }
        if (jsonKey.isEmpty()) {
            p.addProblem(Severity.WARNING, "The supplied credentials file is empty.");
        }
    }
    if (jsonPath != null && !jsonPath.isEmpty() && account.isSshTrustUnknownHosts()) {
        p.addProblem(Severity.WARNING, "You have supplied a known_hosts file path and set the `--ssh-trust-unknown-hosts` flag to true." + " Spinnaker will ignore your `--ssh-trust-unknown-hosts` flag.").setRemediation("Run `--ssh-trust-unknown-hosts false`.");
    }
    if (account.getProject() == null || account.getProject().isEmpty()) {
        p.addProblem(Severity.ERROR, "No appengine project supplied.");
        return;
    }
    try {
        credentials = new AppengineNamedAccountCredentials.Builder().jsonKey(jsonKey).project(project).region("halyard").applicationName("halyard " + halyardVersion).build();
    } catch (Exception e) {
        p.addProblem(Severity.ERROR, "Error instantiating appengine credentials: " + e.getMessage() + ".");
        return;
    }
    try {
        credentials.getAppengine().apps().get(project).execute();
    } catch (GoogleJsonResponseException e) {
        if (e.getStatusCode() == 404) {
            p.addProblem(Severity.ERROR, "No appengine application found for project " + project + ".").setRemediation("Run `gcloud app create --region <region>` to create an appengine application.");
        } else {
            p.addProblem(Severity.ERROR, "Failed to connect to appengine Admin API: " + e.getMessage() + ".");
        }
    } catch (Exception e) {
        p.addProblem(Severity.ERROR, "Failed to connect to appengine Admin API: " + e.getMessage() + ".");
    }
}
Also used : Path(java.nio.file.Path) JSchException(com.jcraft.jsch.JSchException) GoogleJsonResponseException(com.google.api.client.googleapis.json.GoogleJsonResponseException) KeyPair(com.jcraft.jsch.KeyPair) ConfigProblemSetBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder) AppengineNamedAccountCredentials(com.netflix.spinnaker.clouddriver.appengine.security.AppengineNamedAccountCredentials) JSch(com.jcraft.jsch.JSch) GoogleJsonResponseException(com.google.api.client.googleapis.json.GoogleJsonResponseException) JSchException(com.jcraft.jsch.JSchException)

Example 28 with KeyPair

use of com.jcraft.jsch.KeyPair in project wildfly-core by wildfly.

the class RemoteSshGitRepositoryTestCase method prepareTest.

@Before
public void prepareTest() throws Exception {
    remoteRoot = new File("target", "remote").toPath();
    Path repoConfigDir = remoteRoot.resolve("configuration");
    Files.createDirectories(repoConfigDir);
    File baseDir = remoteRoot.toAbsolutePath().toFile();
    Path jbossConfigDir = new File(System.getProperty("jboss.home", System.getenv("JBOSS_HOME"))).toPath().resolve("standalone").resolve("configuration");
    PathUtil.copyRecursively(jbossConfigDir, repoConfigDir, true);
    Path properties = repoConfigDir.resolve("logging.properties");
    if (Files.exists(properties)) {
        Files.delete(properties);
    }
    Path jbossAuthDir = new File(System.getProperty("jboss.home", System.getenv("JBOSS_HOME"))).toPath().resolve("standalone").resolve("tmp").resolve("auth");
    Files.createDirectories(jbossAuthDir);
    File gitDir = new File(baseDir, Constants.DOT_GIT);
    if (!gitDir.exists()) {
        try (Git git = Git.init().setDirectory(baseDir).setInitialBranch(Constants.MASTER).call()) {
            git.add().addFilepattern("configuration").call();
            git.commit().setSign(false).setMessage("Repository initialized").call();
        }
    }
    remoteRepository = new FileRepositoryBuilder().setWorkTree(baseDir).setGitDir(gitDir).setup().build();
    // Generate new key pair for the server
    ByteArrayOutputStream publicHostKey = new ByteArrayOutputStream();
    JSch jsch = new JSch();
    KeyPair hostKeyPair = KeyPair.genKeyPair(jsch, 2, 2048);
    ByteArrayOutputStream hostPrivateKey = new ByteArrayOutputStream();
    hostKeyPair.writePrivateKey(hostPrivateKey);
    hostPrivateKey.flush();
    hostKeyPair.writePublicKey(publicHostKey, "");
    sshServer = new SSHServer(EC_USER, SSH_DIR.resolve(EC_PUBKEY), remoteRepository, // create key pair gen
    hostPrivateKey.toByteArray());
    port = sshServer.start();
    // Add new server to known_hosts
    KNOWN_HOSTS = SSH_DIR.resolve("known_hosts").toFile();
    FileWriter fileWritter = new FileWriter(KNOWN_HOSTS, true);
    String knownHostTemplate = "[%s]:" + port + ' ' + publicHostKey.toString(US_ASCII.name()) + "\n";
    try (BufferedWriter bw = new BufferedWriter(fileWritter)) {
        bw.write(String.format(knownHostTemplate, "127.0.0.1"));
        bw.write(String.format(knownHostTemplate, "localhost"));
        bw.write(String.format(knownHostTemplate, InetAddress.getLocalHost().getHostName()));
        if (System.getenv().containsKey("COMPUTERNAME")) {
            bw.write(String.format(knownHostTemplate, System.getenv().get("COMPUTERNAME")));
        }
    }
}
Also used : Path(java.nio.file.Path) KeyPair(com.jcraft.jsch.KeyPair) Git(org.eclipse.jgit.api.Git) FileWriter(java.io.FileWriter) ByteArrayOutputStream(java.io.ByteArrayOutputStream) JSch(com.jcraft.jsch.JSch) File(java.io.File) FileRepositoryBuilder(org.eclipse.jgit.storage.file.FileRepositoryBuilder) BufferedWriter(java.io.BufferedWriter) Before(org.junit.Before)

Example 29 with KeyPair

use of com.jcraft.jsch.KeyPair in project devops-service by open-hand.

the class FileUtil method getSshKey.

/**
 * 生成一对RSA的ssh公私钥
 *
 * @param publicKeyComment 公钥的注释
 * @return 列表第一个元素为私钥,第二个为公钥
 */
public static List<String> getSshKey(String publicKeyComment) {
    List<String> sshKeyPair = new ArrayList<>();
    int type = KeyPair.RSA;
    JSch jsch = new JSch();
    try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream()) {
        KeyPair keyPair = KeyPair.genKeyPair(jsch, type);
        keyPair.writePrivateKey(outputStream);
        sshKeyPair.add(new String(outputStream.toByteArray()));
        outputStream.reset();
        keyPair.writePublicKey(outputStream, publicKeyComment);
        sshKeyPair.add(new String(outputStream.toByteArray()));
        keyPair.dispose();
    } catch (Exception e) {
        logger.info(e.getMessage());
    }
    return sshKeyPair;
}
Also used : KeyPair(com.jcraft.jsch.KeyPair) JSch(com.jcraft.jsch.JSch) CommonException(io.choerodon.core.exception.CommonException) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)

Example 30 with KeyPair

use of com.jcraft.jsch.KeyPair in project Bastillion by bastillion-io.

the class AuthKeysKtrl method generateUserKey.

/**
 * generates public private key from passphrase
 *
 * @param username username to set in public key comment
 * @param keyname  keyname to set in public key comment
 * @return public key
 */
public String generateUserKey(String username, String keyname) throws ServletException {
    // set key type
    int type = KeyPair.RSA;
    if ("dsa".equals(SSHUtil.KEY_TYPE)) {
        type = KeyPair.DSA;
    } else if ("ecdsa".equals(SSHUtil.KEY_TYPE)) {
        type = KeyPair.ECDSA;
    }
    JSch jsch = new JSch();
    String pubKey;
    try {
        KeyPair keyPair = KeyPair.genKeyPair(jsch, type, SSHUtil.KEY_LENGTH);
        OutputStream os = new ByteArrayOutputStream();
        keyPair.writePrivateKey(os, publicKey.getPassphrase().getBytes());
        // set private key
        try {
            getRequest().getSession().setAttribute(PVT_KEY, EncryptionUtil.encrypt(os.toString()));
        } catch (GeneralSecurityException ex) {
            log.error(ex.toString(), ex);
            throw new ServletException(ex.toString(), ex);
        }
        os = new ByteArrayOutputStream();
        keyPair.writePublicKey(os, username + "@" + keyname);
        pubKey = os.toString();
        keyPair.dispose();
    } catch (JSchException ex) {
        log.error(ex.toString(), ex);
        throw new ServletException(ex.toString(), ex);
    }
    return pubKey;
}
Also used : ServletException(javax.servlet.ServletException) JSchException(com.jcraft.jsch.JSchException) KeyPair(com.jcraft.jsch.KeyPair) ByteArrayOutputStream(java.io.ByteArrayOutputStream) OutputStream(java.io.OutputStream) GeneralSecurityException(java.security.GeneralSecurityException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) JSch(com.jcraft.jsch.JSch)

Aggregations

KeyPair (com.jcraft.jsch.KeyPair)37 JSch (com.jcraft.jsch.JSch)32 ByteArrayOutputStream (java.io.ByteArrayOutputStream)19 JSchException (com.jcraft.jsch.JSchException)16 File (java.io.File)11 IOException (java.io.IOException)10 OutputStream (java.io.OutputStream)5 FileOutputStream (java.io.FileOutputStream)3 Path (java.nio.file.Path)3 ServerException (org.eclipse.che.api.core.ServerException)3 SshPairImpl (org.eclipse.che.api.ssh.server.model.impl.SshPairImpl)3 BasicSSHUserPrivateKey (com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey)2 SSHKeyPair (io.cdap.cdap.runtime.spi.ssh.SSHKeyPair)2 SSHPublicKey (io.cdap.cdap.runtime.spi.ssh.SSHPublicKey)2 KeyException (java.security.KeyException)2 ArrayList (java.util.ArrayList)2 SuppressLint (android.annotation.SuppressLint)1 DialogInterface (android.content.DialogInterface)1 Intent (android.content.Intent)1 SharedPreferences (android.content.SharedPreferences)1