Search in sources :

Example 1 with DSAPublicKey

use of java.security.interfaces.DSAPublicKey in project camel by apache.

the class SftpOperations method createSession.

protected Session createSession(final RemoteFileConfiguration configuration) throws JSchException {
    final JSch jsch = new JSch();
    JSch.setLogger(new JSchLogger(endpoint.getConfiguration().getJschLoggingLevel()));
    SftpConfiguration sftpConfig = (SftpConfiguration) configuration;
    if (isNotEmpty(sftpConfig.getCiphers())) {
        LOG.debug("Using ciphers: {}", sftpConfig.getCiphers());
        Hashtable<String, String> ciphers = new Hashtable<String, String>();
        ciphers.put("cipher.s2c", sftpConfig.getCiphers());
        ciphers.put("cipher.c2s", sftpConfig.getCiphers());
        JSch.setConfig(ciphers);
    }
    if (isNotEmpty(sftpConfig.getPrivateKeyFile())) {
        LOG.debug("Using private keyfile: {}", sftpConfig.getPrivateKeyFile());
        if (isNotEmpty(sftpConfig.getPrivateKeyPassphrase())) {
            jsch.addIdentity(sftpConfig.getPrivateKeyFile(), sftpConfig.getPrivateKeyPassphrase());
        } else {
            jsch.addIdentity(sftpConfig.getPrivateKeyFile());
        }
    }
    if (sftpConfig.getPrivateKey() != null) {
        LOG.debug("Using private key information from byte array");
        byte[] passphrase = null;
        if (isNotEmpty(sftpConfig.getPrivateKeyPassphrase())) {
            try {
                passphrase = sftpConfig.getPrivateKeyPassphrase().getBytes("UTF-8");
            } catch (UnsupportedEncodingException e) {
                throw new JSchException("Cannot transform passphrase to byte[]", e);
            }
        }
        jsch.addIdentity("ID", sftpConfig.getPrivateKey(), null, passphrase);
    }
    if (sftpConfig.getPrivateKeyUri() != null) {
        LOG.debug("Using private key uri : {}", sftpConfig.getPrivateKeyUri());
        byte[] passphrase = null;
        if (isNotEmpty(sftpConfig.getPrivateKeyPassphrase())) {
            try {
                passphrase = sftpConfig.getPrivateKeyPassphrase().getBytes("UTF-8");
            } catch (UnsupportedEncodingException e) {
                throw new JSchException("Cannot transform passphrase to byte[]", e);
            }
        }
        try {
            InputStream is = ResourceHelper.resolveMandatoryResourceAsInputStream(endpoint.getCamelContext(), sftpConfig.getPrivateKeyUri());
            ByteArrayOutputStream bos = new ByteArrayOutputStream();
            IOHelper.copyAndCloseInput(is, bos);
            jsch.addIdentity("ID", bos.toByteArray(), null, passphrase);
        } catch (IOException e) {
            throw new JSchException("Cannot read resource: " + sftpConfig.getPrivateKeyUri(), e);
        }
    }
    if (sftpConfig.getKeyPair() != null) {
        LOG.debug("Using private key information from key pair");
        KeyPair keyPair = sftpConfig.getKeyPair();
        if (keyPair.getPrivate() != null && keyPair.getPublic() != null) {
            if (keyPair.getPrivate() instanceof RSAPrivateKey && keyPair.getPublic() instanceof RSAPublicKey) {
                jsch.addIdentity(new RSAKeyPairIdentity("ID", keyPair), null);
            } else if (keyPair.getPrivate() instanceof DSAPrivateKey && keyPair.getPublic() instanceof DSAPublicKey) {
                jsch.addIdentity(new DSAKeyPairIdentity("ID", keyPair), null);
            } else {
                LOG.warn("Only RSA and DSA key pairs are supported");
            }
        } else {
            LOG.warn("PrivateKey and PublicKey in the KeyPair must be filled");
        }
    }
    if (isNotEmpty(sftpConfig.getKnownHostsFile())) {
        LOG.debug("Using knownhosts file: {}", sftpConfig.getKnownHostsFile());
        jsch.setKnownHosts(sftpConfig.getKnownHostsFile());
    }
    if (isNotEmpty(sftpConfig.getKnownHostsUri())) {
        LOG.debug("Using known hosts uri: {}", sftpConfig.getKnownHostsUri());
        try {
            InputStream is = ResourceHelper.resolveMandatoryResourceAsInputStream(endpoint.getCamelContext(), sftpConfig.getKnownHostsUri());
            jsch.setKnownHosts(is);
        } catch (IOException e) {
            throw new JSchException("Cannot read resource: " + sftpConfig.getKnownHostsUri(), e);
        }
    }
    if (sftpConfig.getKnownHosts() != null) {
        LOG.debug("Using known hosts information from byte array");
        jsch.setKnownHosts(new ByteArrayInputStream(sftpConfig.getKnownHosts()));
    }
    String knownHostsFile = sftpConfig.getKnownHostsFile();
    if (knownHostsFile == null && sftpConfig.isUseUserKnownHostsFile()) {
        knownHostsFile = System.getProperty("user.home") + "/.ssh/known_hosts";
        LOG.info("Known host file not configured, using user known host file: {}", knownHostsFile);
    }
    if (ObjectHelper.isNotEmpty(knownHostsFile)) {
        LOG.debug("Using known hosts information from file: {}", knownHostsFile);
        jsch.setKnownHosts(knownHostsFile);
    }
    final Session session = jsch.getSession(configuration.getUsername(), configuration.getHost(), configuration.getPort());
    if (isNotEmpty(sftpConfig.getStrictHostKeyChecking())) {
        LOG.debug("Using StrickHostKeyChecking: {}", sftpConfig.getStrictHostKeyChecking());
        session.setConfig("StrictHostKeyChecking", sftpConfig.getStrictHostKeyChecking());
    }
    session.setServerAliveInterval(sftpConfig.getServerAliveInterval());
    session.setServerAliveCountMax(sftpConfig.getServerAliveCountMax());
    // compression
    if (sftpConfig.getCompression() > 0) {
        LOG.debug("Using compression: {}", sftpConfig.getCompression());
        session.setConfig("compression.s2c", "zlib@openssh.com,zlib,none");
        session.setConfig("compression.c2s", "zlib@openssh.com,zlib,none");
        session.setConfig("compression_level", Integer.toString(sftpConfig.getCompression()));
    }
    // set the PreferredAuthentications 
    if (sftpConfig.getPreferredAuthentications() != null) {
        LOG.debug("Using PreferredAuthentications: {}", sftpConfig.getPreferredAuthentications());
        session.setConfig("PreferredAuthentications", sftpConfig.getPreferredAuthentications());
    }
    // set user information
    session.setUserInfo(new ExtendedUserInfo() {

        public String getPassphrase() {
            return null;
        }

        public String getPassword() {
            return configuration.getPassword();
        }

        public boolean promptPassword(String s) {
            return true;
        }

        public boolean promptPassphrase(String s) {
            return true;
        }

        public boolean promptYesNo(String s) {
            LOG.warn("Server asks for confirmation (yes|no): " + s + ". Camel will answer no.");
            // Return 'false' indicating modification of the hosts file is disabled.
            return false;
        }

        public void showMessage(String s) {
            LOG.trace("Message received from Server: " + s);
        }

        public String[] promptKeyboardInteractive(String destination, String name, String instruction, String[] prompt, boolean[] echo) {
            // must return an empty array if password is null
            if (configuration.getPassword() == null) {
                return new String[0];
            } else {
                return new String[] { configuration.getPassword() };
            }
        }
    });
    // set the SO_TIMEOUT for the time after the connect phase
    if (configuration.getSoTimeout() > 0) {
        session.setTimeout(configuration.getSoTimeout());
    }
    // set proxy if configured
    if (proxy != null) {
        session.setProxy(proxy);
    }
    return session;
}
Also used : JSchException(com.jcraft.jsch.JSchException) KeyPair(java.security.KeyPair) Hashtable(java.util.Hashtable) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) JSch(com.jcraft.jsch.JSch) DSAPublicKey(java.security.interfaces.DSAPublicKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) ByteArrayInputStream(java.io.ByteArrayInputStream) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) Session(com.jcraft.jsch.Session)

Example 2 with DSAPublicKey

use of java.security.interfaces.DSAPublicKey in project robovm by robovm.

the class SHA1withDSA_SignatureImpl method engineInitVerify.

/**
     * Initializes this signature object with PublicKey object
     * passed as argument to the method.
     *
     * @params
     *    publicKey DSAPublicKey object
     * @throws
     *    InvalidKeyException if publicKey is not DSAPublicKey object
     */
protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
    // parameters and public key
    BigInteger p, q, y;
    int n1;
    if (publicKey == null || !(publicKey instanceof DSAPublicKey)) {
        throw new InvalidKeyException("publicKey is not an instance of DSAPublicKey");
    }
    DSAParams params = ((DSAPublicKey) publicKey).getParams();
    p = params.getP();
    q = params.getQ();
    y = ((DSAPublicKey) publicKey).getY();
    // checks described in DSA standard
    n1 = p.bitLength();
    if (p.compareTo(BigInteger.valueOf(1)) != 1 || n1 < 512 || n1 > 1024 || (n1 & 077) != 0) {
        throw new InvalidKeyException("bad p");
    }
    if (q.signum() != 1 || q.bitLength() != 160) {
        throw new InvalidKeyException("bad q");
    }
    if (y.signum() != 1) {
        throw new InvalidKeyException("y <= 0");
    }
    dsaKey = (DSAKey) publicKey;
    msgDigest.reset();
}
Also used : BigInteger(java.math.BigInteger) DSAParams(java.security.interfaces.DSAParams) InvalidKeyException(java.security.InvalidKeyException) DSAPublicKey(java.security.interfaces.DSAPublicKey)

Example 3 with DSAPublicKey

use of java.security.interfaces.DSAPublicKey in project robovm by robovm.

the class OpenSSLSignature method engineInitVerify.

@Override
protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
    // If we had an existing context, destroy it first.
    destroyContextIfExists();
    if (publicKey instanceof OpenSSLKeyHolder) {
        OpenSSLKey pkey = ((OpenSSLKeyHolder) publicKey).getOpenSSLKey();
        checkEngineType(pkey);
        key = pkey;
    } else if (publicKey instanceof RSAPublicKey) {
        if (engineType != EngineType.RSA) {
            throw new InvalidKeyException("Signature not initialized as RSA");
        }
        RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
        key = OpenSSLRSAPublicKey.getInstance(rsaPublicKey);
    } else if (publicKey instanceof DSAPublicKey) {
        if (engineType != EngineType.DSA) {
            throw new InvalidKeyException("Signature not initialized as DSA");
        }
        DSAPublicKey dsaPublicKey = (DSAPublicKey) publicKey;
        key = OpenSSLDSAPublicKey.getInstance(dsaPublicKey);
    } else if (publicKey instanceof ECPublicKey) {
        if (engineType != EngineType.EC) {
            throw new InvalidKeyException("Signature not initialized as EC");
        }
        ECPublicKey ecPublicKey = (ECPublicKey) publicKey;
        key = OpenSSLECPublicKey.getInstance(ecPublicKey);
    } else {
        throw new InvalidKeyException("Need DSA or RSA or EC public key");
    }
}
Also used : RSAPublicKey(java.security.interfaces.RSAPublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) InvalidKeyException(java.security.InvalidKeyException) DSAPublicKey(java.security.interfaces.DSAPublicKey)

Example 4 with DSAPublicKey

use of java.security.interfaces.DSAPublicKey in project robovm by robovm.

the class OpenSSLDSAPublicKey method equals.

@Override
public boolean equals(Object o) {
    if (o == this) {
        return true;
    }
    if (o instanceof OpenSSLDSAPublicKey) {
        OpenSSLDSAPublicKey other = (OpenSSLDSAPublicKey) o;
        /*
             * We can shortcut the true case, but it still may be equivalent but
             * different copies.
             */
        if (key.equals(other.getOpenSSLKey())) {
            return true;
        }
    }
    if (!(o instanceof DSAPublicKey)) {
        return false;
    }
    ensureReadParams();
    DSAPublicKey other = (DSAPublicKey) o;
    return params.getY().equals(other.getY()) && params.equals(other.getParams());
}
Also used : DSAPublicKey(java.security.interfaces.DSAPublicKey)

Example 5 with DSAPublicKey

use of java.security.interfaces.DSAPublicKey in project robovm by robovm.

the class NativeCryptoTest method test_OpenSSLKey_toJava.

public void test_OpenSSLKey_toJava() throws Exception {
    OpenSSLKey key1;
    BigInteger e = BigInteger.valueOf(65537);
    key1 = new OpenSSLKey(NativeCrypto.RSA_generate_key_ex(1024, e.toByteArray()));
    assertTrue(key1.getPublicKey() instanceof RSAPublicKey);
    key1 = new OpenSSLKey(NativeCrypto.DSA_generate_key(1024, null, null, null, null));
    assertTrue(key1.getPublicKey() instanceof DSAPublicKey);
    long group1 = NULL;
    try {
        group1 = NativeCrypto.EC_GROUP_new_by_curve_name("prime256v1");
        assertTrue(group1 != NULL);
        key1 = new OpenSSLKey(NativeCrypto.EC_KEY_generate_key(group1));
    } finally {
        if (group1 != NULL) {
            NativeCrypto.EC_GROUP_clear_free(group1);
        }
    }
    assertTrue(key1.getPublicKey() instanceof ECPublicKey);
}
Also used : RSAPublicKey(java.security.interfaces.RSAPublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) BigInteger(java.math.BigInteger) DSAPublicKey(java.security.interfaces.DSAPublicKey)

Aggregations

DSAPublicKey (java.security.interfaces.DSAPublicKey)31 DSAParams (java.security.interfaces.DSAParams)19 DSAPrivateKey (java.security.interfaces.DSAPrivateKey)11 PublicKey (java.security.PublicKey)10 DSAPublicKeySpec (java.security.spec.DSAPublicKeySpec)10 BigInteger (java.math.BigInteger)9 RSAPublicKey (java.security.interfaces.RSAPublicKey)8 InvalidKeyException (java.security.InvalidKeyException)7 DSAPrivateKeySpec (java.security.spec.DSAPrivateKeySpec)6 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)6 IOException (java.io.IOException)5 GeneralSecurityException (java.security.GeneralSecurityException)5 KeyPairGenerator (java.security.KeyPairGenerator)5 X509Certificate (java.security.cert.X509Certificate)5 KeyFactory (java.security.KeyFactory)4 KeyPair (java.security.KeyPair)4 CertPathValidatorException (java.security.cert.CertPathValidatorException)4 DSAParameterSpec (java.security.spec.DSAParameterSpec)4 CertificateException (java.security.cert.CertificateException)3 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)3