diff options
Diffstat (limited to 'org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/EncryptedFileKeyPairProvider.java')
-rw-r--r-- | org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/EncryptedFileKeyPairProvider.java | 158 |
1 files changed, 0 insertions, 158 deletions
diff --git a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/EncryptedFileKeyPairProvider.java b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/EncryptedFileKeyPairProvider.java deleted file mode 100644 index ef8e611811..0000000000 --- a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/EncryptedFileKeyPairProvider.java +++ /dev/null @@ -1,158 +0,0 @@ -/* - * Copyright (C) 2018, Thomas Wolf <thomas.wolf@paranor.ch> - * and other copyright owners as documented in the project's IP log. - * - * This program and the accompanying materials are made available - * under the terms of the Eclipse Distribution License v1.0 which - * accompanies this distribution, is reproduced below, and is - * available at http://www.eclipse.org/org/documents/edl-v10.php - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or - * without modification, are permitted provided that the following - * conditions are met: - * - * - Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * - Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * - Neither the name of the Eclipse Foundation, Inc. nor the - * names of its contributors may be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ -package org.eclipse.jgit.internal.transport.sshd; - -import static java.text.MessageFormat.format; - -import java.io.IOException; -import java.io.InputStream; -import java.nio.file.Path; -import java.security.GeneralSecurityException; -import java.security.InvalidKeyException; -import java.security.KeyPair; -import java.security.NoSuchProviderException; -import java.security.PrivateKey; -import java.util.Collection; -import java.util.Iterator; -import java.util.List; - -import javax.security.auth.DestroyFailedException; - -import org.apache.sshd.common.config.keys.FilePasswordProvider; -import org.apache.sshd.common.config.keys.loader.KeyPairResourceParser; -import org.apache.sshd.common.keyprovider.FileKeyPairProvider; -import org.apache.sshd.common.util.io.IoUtils; -import org.apache.sshd.common.util.security.SecurityUtils; -import org.eclipse.jgit.internal.transport.sshd.RepeatingFilePasswordProvider.ResourceDecodeResult; - -/** - * A {@link FileKeyPairProvider} that asks repeatedly for a passphrase for an - * encrypted private key if the {@link FilePasswordProvider} is a - * {@link RepeatingFilePasswordProvider}. - */ -public abstract class EncryptedFileKeyPairProvider extends FileKeyPairProvider { - - // TODO: remove this class once we're based on sshd > 2.1.0. See upstream - // issue SSHD-850 https://issues.apache.org/jira/browse/SSHD-850 and commit - // https://github.com/apache/mina-sshd/commit/f19bd2e34 - - /** - * Creates a new {@link EncryptedFileKeyPairProvider} for the given - * {@link Path}s. - * - * @param paths - * to read keys from - */ - public EncryptedFileKeyPairProvider(List<Path> paths) { - super(paths); - } - - @Override - protected KeyPair doLoadKey(String resourceKey, InputStream inputStream, - FilePasswordProvider provider) - throws IOException, GeneralSecurityException { - if (!(provider instanceof RepeatingFilePasswordProvider)) { - return super.doLoadKey(resourceKey, inputStream, provider); - } - KeyPairResourceParser parser = SecurityUtils.getKeyPairResourceParser(); - if (parser == null) { - // This is an internal configuration error, thus no translation. - throw new NoSuchProviderException( - "No registered key-pair resource parser"); //$NON-NLS-1$ - } - RepeatingFilePasswordProvider realProvider = (RepeatingFilePasswordProvider) provider; - // Read the stream now so that we can process the content several - // times. - List<String> lines = IoUtils.readAllLines(inputStream); - Collection<KeyPair> ids = null; - while (ids == null) { - try { - ids = parser.loadKeyPairs(resourceKey, realProvider, lines); - realProvider.handleDecodeAttemptResult(resourceKey, "", null); //$NON-NLS-1$ - // No exception; success. Exit the loop even if ids is still - // null! - break; - } catch (IOException | GeneralSecurityException - | RuntimeException e) { - ResourceDecodeResult loadResult = realProvider - .handleDecodeAttemptResult(resourceKey, "", e); //$NON-NLS-1$ - if (loadResult == null - || loadResult == ResourceDecodeResult.TERMINATE) { - throw e; - } else if (loadResult == ResourceDecodeResult.RETRY) { - continue; - } - // IGNORE doesn't make any sense here, but OK, let's ignore it. - // ids == null, so we'll throw an exception below. - break; - } - } - if (ids == null) { - // The javadoc on loadKeyPairs says it might return null if no - // key pair found. Bad API. - throw new InvalidKeyException( - format(SshdText.get().identityFileNoKey, resourceKey)); - } - Iterator<KeyPair> keys = ids.iterator(); - if (!keys.hasNext()) { - throw new InvalidKeyException(format( - SshdText.get().identityFileUnsupportedFormat, resourceKey)); - } - KeyPair result = keys.next(); - if (keys.hasNext()) { - log.warn(format(SshdText.get().identityFileMultipleKeys, - resourceKey)); - keys.forEachRemaining(k -> { - PrivateKey pk = k.getPrivate(); - if (pk != null) { - try { - pk.destroy(); - } catch (DestroyFailedException e) { - // Ignore - } - } - }); - } - return result; - } -} |