Repository: mina-sshd Updated Branches: refs/heads/master 33555f14e -> b2240515a
[SSHD-760] Added PKCS8 decode test cases for several RSA key sizes as well as DSA ones Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/b2240515 Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/b2240515 Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/b2240515 Branch: refs/heads/master Commit: b2240515ae5173993125a1c74dd54733ba0704cd Parents: 33555f1 Author: Goldstein Lyor <l...@c-b4.com> Authored: Thu Aug 3 13:55:10 2017 +0300 Committer: Goldstein Lyor <l...@c-b4.com> Committed: Thu Aug 3 13:55:10 2017 +0300 ---------------------------------------------------------------------- .../loader/AbstractKeyPairResourceParser.java | 2 +- .../pem/PKCS8PEMResourceKeyPairParser.java | 6 +- .../common/config/keys/KeyRandomArtTest.java | 6 +- .../pem/PKCS8PEMResourceKeyPairParserTest.java | 110 +++++++++++++++++++ .../pem/PemKeyPairResourceParserTest.java | 58 ---------- 5 files changed, 118 insertions(+), 64 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/b2240515/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/AbstractKeyPairResourceParser.java ---------------------------------------------------------------------- diff --git a/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/AbstractKeyPairResourceParser.java b/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/AbstractKeyPairResourceParser.java index de144be..c2c877f 100644 --- a/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/AbstractKeyPairResourceParser.java +++ b/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/AbstractKeyPairResourceParser.java @@ -103,7 +103,7 @@ public abstract class AbstractKeyPairResourceParser extends AbstractLoggingBean int endIndex = markerPos.getKey(); String endLine = lines.get(endIndex); Collection<KeyPair> kps = - extractKeyPairs(resourceKey, startLine, endLine, passwordProvider, lines.subList(startIndex, endIndex)); + extractKeyPairs(resourceKey, startLine, endLine, passwordProvider, lines.subList(startIndex, endIndex)); if (GenericUtils.isNotEmpty(kps)) { if (GenericUtils.isEmpty(keyPairs)) { keyPairs = new LinkedList<>(kps); http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/b2240515/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java ---------------------------------------------------------------------- diff --git a/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java b/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java index 91a65b4..b333f23 100644 --- a/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java +++ b/sshd-core/src/main/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParser.java @@ -84,12 +84,12 @@ public class PKCS8PEMResourceKeyPairParser extends AbstractPEMResourceKeyPairPar return decodePEMPrivateKeyPKCS8(GenericUtils.join(oidAlgorithm, '.'), keyBytes, passwordProvider); } - public static final PrivateKey decodePEMPrivateKeyPKCS8( + public static PrivateKey decodePEMPrivateKeyPKCS8( String oid, byte[] keyBytes, FilePasswordProvider passwordProvider) throws GeneralSecurityException { KeyPairPEMResourceParser parser = - PEMResourceParserUtils.getPEMResourceParserByOid( - ValidateUtils.checkNotNullAndNotEmpty(oid, "No PKCS8 algorithm OID")); + PEMResourceParserUtils.getPEMResourceParserByOid( + ValidateUtils.checkNotNullAndNotEmpty(oid, "No PKCS8 algorithm OID")); if (parser == null) { throw new NoSuchAlgorithmException("decodePEMPrivateKeyPKCS8(" + oid + ") unknown algorithm identifier"); } http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/b2240515/sshd-core/src/test/java/org/apache/sshd/common/config/keys/KeyRandomArtTest.java ---------------------------------------------------------------------- diff --git a/sshd-core/src/test/java/org/apache/sshd/common/config/keys/KeyRandomArtTest.java b/sshd-core/src/test/java/org/apache/sshd/common/config/keys/KeyRandomArtTest.java index a272cb1..cf72615 100644 --- a/sshd-core/src/test/java/org/apache/sshd/common/config/keys/KeyRandomArtTest.java +++ b/sshd-core/src/test/java/org/apache/sshd/common/config/keys/KeyRandomArtTest.java @@ -71,8 +71,10 @@ public class KeyRandomArtTest extends BaseTestSupport { params.add(new Object[]{KeyUtils.DSS_ALGORITHM, keySize}); } - for (ECCurves curve : ECCurves.VALUES) { - params.add(new Object[]{KeyUtils.EC_ALGORITHM, curve.getKeySize()}); + if (SecurityUtils.isECCSupported()) { + for (ECCurves curve : ECCurves.VALUES) { + params.add(new Object[]{KeyUtils.EC_ALGORITHM, curve.getKeySize()}); + } } if (SecurityUtils.isEDDSACurveSupported()) { http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/b2240515/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParserTest.java ---------------------------------------------------------------------- diff --git a/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParserTest.java b/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParserTest.java new file mode 100644 index 0000000..1a42c6e --- /dev/null +++ b/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PKCS8PEMResourceKeyPairParserTest.java @@ -0,0 +1,110 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.sshd.common.config.keys.loader.pem; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.security.GeneralSecurityException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.PrivateKey; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.List; + +import org.apache.commons.ssl.PEMItem; +import org.apache.commons.ssl.PEMUtil; +import org.apache.sshd.common.config.keys.KeyUtils; +import org.apache.sshd.common.util.security.SecurityUtils; +import org.apache.sshd.util.test.BaseTestSupport; +import org.apache.sshd.util.test.JUnit4ClassRunnerWithParametersFactory; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.Parameterized; +import org.junit.runners.Parameterized.Parameters; +import org.junit.runners.Parameterized.UseParametersRunnerFactory; + +/** + * TODO Add javadoc + * + * @author <a href="mailto:d...@mina.apache.org";>Apache MINA SSHD Project</a> + */ +@RunWith(Parameterized.class) // see https://github.com/junit-team/junit/wiki/Parameterized-tests +@UseParametersRunnerFactory(JUnit4ClassRunnerWithParametersFactory.class) +public class PKCS8PEMResourceKeyPairParserTest extends BaseTestSupport { + private final String algorithm; + private final int keySize; + + public PKCS8PEMResourceKeyPairParserTest(String algorithm, int keySize) { + this.algorithm = algorithm; + this.keySize = keySize; + } + + @Parameters(name = "{0} / {1}") + public static List<Object[]> parameters() { + return Collections.unmodifiableList(new ArrayList<Object[]>() { + // Not serializing it + private static final long serialVersionUID = 1L; + + { + addTestCases(KeyUtils.RSA_ALGORITHM, RSA_SIZES); + addTestCases(KeyUtils.DSS_ALGORITHM, DSS_SIZES); + // TODO add test cases for ECDSA + } + + private void addTestCases(String algorithm, Collection<Integer> keySizes) { + for (Integer ks : keySizes) { + add(new Object[]{algorithm, ks}); + } + } + }); + } + + @Test // see SSHD-760 + public void testPkcs8() throws IOException, GeneralSecurityException { + KeyPairGenerator generator = SecurityUtils.getKeyPairGenerator(algorithm); + if (keySize > 0) { + generator.initialize(keySize); + } + KeyPair kp = generator.generateKeyPair(); + + try (ByteArrayOutputStream os = new ByteArrayOutputStream()) { + Collection<Object> items = new ArrayList<>(); + PrivateKey prv1 = kp.getPrivate(); + items.add(new PEMItem(prv1.getEncoded(), "PRIVATE KEY")); + byte[] bytes = PEMUtil.encode(items); + os.write(bytes); + os.close(); + + try (ByteArrayInputStream bais = new ByteArrayInputStream(os.toByteArray())) { + KeyPair kp2 = SecurityUtils.loadKeyPairIdentity(getCurrentTestName(), bais, null); + + assertEquals("Mismatched public key", kp.getPublic(), kp2.getPublic()); + assertEquals("Mismatched private key", prv1, kp2.getPrivate()); + } + } + } + + @Override + public String toString() { + return getClass().getSimpleName() + "[" + algorithm + "/" + keySize + "]"; + } +} http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/b2240515/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PemKeyPairResourceParserTest.java ---------------------------------------------------------------------- diff --git a/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PemKeyPairResourceParserTest.java b/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PemKeyPairResourceParserTest.java deleted file mode 100644 index ba5c6a9..0000000 --- a/sshd-core/src/test/java/org/apache/sshd/common/config/keys/loader/pem/PemKeyPairResourceParserTest.java +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.sshd.common.config.keys.loader.pem; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.util.ArrayList; -import java.util.Collection; - -import org.apache.commons.ssl.PEMItem; -import org.apache.commons.ssl.PEMUtil; -import org.apache.sshd.common.util.security.SecurityUtils; -import org.junit.Assert; -import org.junit.Test; - -public class PemKeyPairResourceParserTest { - public PemKeyPairResourceParserTest() { - } - - @Test - public void testPkcs8() throws Exception { - String algorithm = "RSA"; - int keySize = 512; - KeyPairGenerator generator = SecurityUtils.getKeyPairGenerator(algorithm); - generator.initialize(keySize); - KeyPair kp = generator.generateKeyPair(); - - ByteArrayOutputStream os = new ByteArrayOutputStream(); - Collection<Object> items = new ArrayList<>(); - items.add(new PEMItem(kp.getPrivate().getEncoded(), "PRIVATE KEY")); - byte[] bytes = PEMUtil.encode(items); - os.write(bytes); - os.close(); - - KeyPair kp2 = SecurityUtils.loadKeyPairIdentity("the-key", new ByteArrayInputStream(os.toByteArray()), null); - - Assert.assertEquals(kp.getPublic(), kp2.getPublic()); - Assert.assertEquals(kp.getPrivate(), kp2.getPrivate()); - } -}
