private KeyPair readDecodedKeyPair(final PlainBuffer keyBuffer) throws IOException, GeneralSecurityException { byte[] bytes = new byte[AUTH_MAGIC.length]; keyBuffer.readRawBytes(bytes); // byte[] AUTH_MAGIC if (!ByteArrayUtils.equals(bytes, 0, AUTH_MAGIC, 0, AUTH_MAGIC.length)) { throw new IOException("This key does not contain the 'openssh-key-v1' format magic header"); } String cipherName = keyBuffer.readString(); // string ciphername String kdfName = keyBuffer.readString(); // string kdfname byte[] kdfOptions = keyBuffer.readBytes(); // string kdfoptions int nrKeys = keyBuffer.readUInt32AsInt(); // int number of keys N; Should be 1 if (nrKeys != 1) { throw new IOException("We don't support having more than 1 key in the file (yet)."); } PublicKey publicKey = readPublicKey(new PlainBuffer(keyBuffer.readBytes())); // string publickey1 PlainBuffer privateKeyBuffer = new PlainBuffer(keyBuffer.readBytes()); // string (possibly) encrypted, padded list of private keys if ("none".equals(cipherName)) { logger.debug("Reading unencrypted keypair"); return readUnencrypted(privateKeyBuffer, publicKey); } else { logger.info("Keypair is encrypted with: " + cipherName + ", " + kdfName + ", " + Arrays.toString(kdfOptions)); PlainBuffer decrypted = decryptBuffer(privateKeyBuffer, cipherName, kdfName, kdfOptions); return readUnencrypted(decrypted, publicKey); // throw new IOException("Cannot read encrypted keypair with " + cipherName + " yet."); } }
String keyType = keyBuffer.readString(); // string keytype KeyType kt = KeyType.fromString(keyType); logger.info("Read key type: {}", keyType, kt); throw new IOException("Cannot decode keytype " + keyType + " in openssh-key-v1 files (yet)."); keyBuffer.readString(); // string comment byte[] padding = new byte[keyBuffer.available()];
@Test public void testPassword() throws Buffer.BufferException { char[] pass = "lolcatz".toCharArray(); // test if put correctly as a string assertEquals(new Buffer.PlainBuffer().putSensitiveString(pass).readString(), "lolcatz"); // test that char[] was blanked out assertArrayEquals(pass, " ".toCharArray()); }
String keyType = keyBuffer.readString(); // string keytype KeyType kt = KeyType.fromString(keyType); logger.info("Read key type: {}", keyType, kt); throw new IOException("Cannot decode keytype " + keyType + " in openssh-key-v1 files (yet)."); String comment = keyBuffer.readString(); // string comment byte[] padding = new byte[keyBuffer.available()];
private KeyPair readDecodedKeyPair(final PlainBuffer keyBuffer) throws IOException, GeneralSecurityException { byte[] bytes = new byte[AUTH_MAGIC.length]; keyBuffer.readRawBytes(bytes); // byte[] AUTH_MAGIC if (!ByteArrayUtils.equals(bytes, 0, AUTH_MAGIC, 0, AUTH_MAGIC.length)) { throw new IOException("This key does not contain the 'openssh-key-v1' format magic header"); } String cipherName = keyBuffer.readString(); // string ciphername String kdfName = keyBuffer.readString(); // string kdfname byte[] kdfOptions = keyBuffer.readBytes(); // string kdfoptions int nrKeys = keyBuffer.readUInt32AsInt(); // int number of keys N; Should be 1 if (nrKeys != 1) { throw new IOException("We don't support having more than 1 key in the file (yet)."); } PublicKey publicKey = readPublicKey(new PlainBuffer(keyBuffer.readBytes())); // string publickey1 PlainBuffer privateKeyBuffer = new PlainBuffer(keyBuffer.readBytes()); // string (possibly) encrypted, padded list of private keys if ("none".equals(cipherName)) { logger.debug("Reading unencrypted keypair"); return readUnencrypted(privateKeyBuffer, publicKey); } else { logger.info("Keypair is encrypted with: " + cipherName + ", " + kdfName + ", " + Arrays.toString(kdfOptions)); PlainBuffer decrypted = decryptBuffer(privateKeyBuffer, cipherName, kdfName, kdfOptions); return readUnencrypted(decrypted, publicKey); // throw new IOException("Cannot read encrypted keypair with " + cipherName + " yet."); } }
/** * Check whether the signature is generated using the expected algorithm, and if so, return the signature blob * * @param sig The full signature * @param expectedKeyAlgorithm The expected key algorithm * @return The blob part of the signature */ protected byte[] extractSig(byte[] sig, String expectedKeyAlgorithm) { Buffer.PlainBuffer buffer = new Buffer.PlainBuffer(sig); try { String algo = buffer.readString(); if (!expectedKeyAlgorithm.equals(algo)) { throw new SSHRuntimeException("Expected '" + expectedKeyAlgorithm + "' key algorithm, but got: " + algo); } return buffer.readBytes(); } catch (Buffer.BufferException e) { throw new SSHRuntimeException(e); } }
private PublicKey readPublicKey(final PlainBuffer plainBuffer) throws Buffer.BufferException, GeneralSecurityException { return KeyType.fromString(plainBuffer.readString()).readPubKeyFromBuffer(plainBuffer); }
public AuthAgent(AgentProxy agentProxy, Identity identity) throws Buffer.BufferException { super("publickey"); this.agentProxy = agentProxy; this.identity = identity; this.comment = new String(identity.getComment()); this.algorithm = (new Buffer.PlainBuffer(identity.getBlob())).readString(); }
private static String unpackString(byte[] packedString) throws BufferException { if (packedString.length == 0) { return ""; } return new Buffer.PlainBuffer(packedString).readString(); }
public AuthAgent(AgentProxy agentProxy, Identity identity) throws Buffer.BufferException { super("publickey"); this.agentProxy = agentProxy; this.identity = identity; this.comment = new String(identity.getComment()); this.algorithm = (new Buffer.PlainBuffer(identity.getBlob())).readString(); }
public AuthAgent(AgentProxy agentProxy, Identity identity) throws Buffer.BufferException { super("publickey"); this.agentProxy = agentProxy; this.identity = identity; this.comment = new String(identity.getComment()); this.algorithm = (new Buffer.PlainBuffer(identity.getBlob())).readString(); }
/** * Check whether the signature is generated using the expected algorithm, and if so, return the signature blob * * @param sig The full signature * @param expectedKeyAlgorithm The expected key algorithm * @return The blob part of the signature */ protected byte[] extractSig(byte[] sig, String expectedKeyAlgorithm) { Buffer.PlainBuffer buffer = new Buffer.PlainBuffer(sig); try { String algo = buffer.readString(); if (!expectedKeyAlgorithm.equals(algo)) { throw new SSHRuntimeException("Expected '" + expectedKeyAlgorithm + "' key algorithm, but got: " + algo); } return buffer.readBytes(); } catch (Buffer.BufferException e) { throw new SSHRuntimeException(e); } }
@Test public void testDataTypes() throws Buffer.BufferException { // bool assertEquals(handyBuf.putBoolean(true).readBoolean(), true); // byte assertEquals(handyBuf.putByte((byte) 10).readByte(), (byte) 10); // byte array assertArrayEquals(handyBuf.putBytes("some string".getBytes()).readBytes(), "some string".getBytes()); // mpint BigInteger bi = new BigInteger("1111111111111111111111111111111"); assertEquals(handyBuf.putMPInt(bi).readMPInt(), bi); // string assertEquals(handyBuf.putString("some string").readString(), "some string"); // uint32 assertEquals(handyBuf.putUInt32(0xffffffffL).readUInt32(), 0xffffffffL); }
private PublicKey readPublicKey(final PlainBuffer plainBuffer) throws Buffer.BufferException, GeneralSecurityException { return KeyType.fromString(plainBuffer.readString()).readPubKeyFromBuffer(plainBuffer); }
private static String unpackString(byte[] packedString) throws BufferException { if (packedString.length == 0) { return ""; } return new Buffer.PlainBuffer(packedString).readString(); }