@Override public char[] getResponse(String prompt, boolean echo) { if (!echo && promptPattern.matcher(prompt).matches()) { return pwdf.reqPassword(resource); } return EMPTY_RESPONSE; }
private byte[] getPassphraseBytes() { CharBuffer cb = CharBuffer.wrap(pwdf.reqPassword(resource)); ByteBuffer bb = IOUtils.UTF8.encode(cb); byte[] result = Arrays.copyOfRange(bb.array(), bb.position(), bb.limit()); Arrays.fill(cb.array(), '\u0000'); Arrays.fill(bb.array(), (byte) 0); return result; }
private void initializeCipher(String kdfName, byte[] kdfOptions, Cipher cipher) throws Buffer.BufferException { if (kdfName.equals(BCRYPT)) { PlainBuffer opts = new PlainBuffer(kdfOptions); byte[] passphrase = new byte[0]; if (pwdf != null) { CharBuffer charBuffer = CharBuffer.wrap(pwdf.reqPassword(null)); ByteBuffer byteBuffer = Charset.forName("UTF-8").encode(charBuffer); passphrase = Arrays.copyOfRange(byteBuffer.array(), byteBuffer.position(), byteBuffer.limit()); } byte[] keyiv = new byte[48]; new BCrypt().pbkdf(passphrase, opts.readBytes(), opts.readUInt32AsInt(), keyiv); byte[] key = Arrays.copyOfRange(keyiv, 0, 32); byte[] iv = Arrays.copyOfRange(keyiv, 32, 48); cipher.init(Cipher.Mode.Decrypt, key, iv); } else { throw new IllegalStateException("No support for KDF '" + kdfName + "'."); } }
@Override public SSHPacket buildReq() throws UserAuthException { final AccountResource accountResource = makeAccountResource(); log.debug("Requesting password for {}", accountResource); return super.buildReq() // the generic stuff .putBoolean(false) // no, we are not responding to a CHANGEREQ .putSensitiveString(pwdf.reqPassword(accountResource)); }
final char[] passphrase; if (pwdf != null) { passphrase = pwdf.reqPassword(resource); } else { passphrase = "".toCharArray();
@Override public void handle(Message cmd, SSHPacket buf) throws UserAuthException, TransportException { if (cmd == Message.USERAUTH_60 && newPasswordProvider != null) { log.info("Received SSH_MSG_USERAUTH_PASSWD_CHANGEREQ."); try { String prompt = buf.readString(); buf.readString(); // lang-tag AccountResource resource = makeAccountResource(); char[] newPassword = newPasswordProvider.provideNewPassword(resource, prompt); SSHPacket sshPacket = super.buildReq().putBoolean(true).putSensitiveString(pwdf.reqPassword(resource)).putSensitiveString(newPassword); params.getTransport().write(sshPacket); } catch (Buffer.BufferException e) { throw new TransportException(e); } } else if (cmd == Message.USERAUTH_60) { throw new UserAuthException("Password change request received; unsupported operation (newPassword was 'null')"); } else { super.handle(cmd, buf); } }
decryptorBuilder.setProvider(SecurityUtils.getSecurityProvider()); try { passphrase = pwdf == null ? null : pwdf.reqPassword(resource); kp = pemConverter.getKeyPair(encryptedKeyPair.decryptKeyPair(decryptorBuilder.build(passphrase))); } finally {
@Override public char[] getResponse(String prompt, boolean echo) { if (!echo && promptPattern.matcher(prompt).matches()) { return pwdf.reqPassword(resource); } return EMPTY_RESPONSE; }
@Override public char[] getResponse(String prompt, boolean echo) { if (!echo && promptPattern.matcher(prompt).matches()) { return pwdf.reqPassword(resource); } return EMPTY_RESPONSE; }
private byte[] getPassphraseBytes() { CharBuffer cb = CharBuffer.wrap(pwdf.reqPassword(resource)); ByteBuffer bb = IOUtils.UTF8.encode(cb); byte[] result = Arrays.copyOfRange(bb.array(), bb.position(), bb.limit()); Arrays.fill(cb.array(), '\u0000'); Arrays.fill(bb.array(), (byte) 0); return result; }
private void initializeCipher(String kdfName, byte[] kdfOptions, Cipher cipher) throws Buffer.BufferException { if (kdfName.equals(BCRYPT)) { PlainBuffer opts = new PlainBuffer(kdfOptions); byte[] passphrase = new byte[0]; if (pwdf != null) { CharBuffer charBuffer = CharBuffer.wrap(pwdf.reqPassword(null)); ByteBuffer byteBuffer = Charset.forName("UTF-8").encode(charBuffer); passphrase = Arrays.copyOfRange(byteBuffer.array(), byteBuffer.position(), byteBuffer.limit()); } byte[] keyiv = new byte[48]; new BCrypt().pbkdf(passphrase, opts.readBytes(), opts.readUInt32AsInt(), keyiv); byte[] key = Arrays.copyOfRange(keyiv, 0, 32); byte[] iv = Arrays.copyOfRange(keyiv, 32, 48); cipher.init(Cipher.Mode.Decrypt, key, iv); } else { throw new IllegalStateException("No support for KDF '" + kdfName + "'."); } }
@Override public SSHPacket buildReq() throws UserAuthException { final AccountResource accountResource = makeAccountResource(); log.debug("Requesting password for {}", accountResource); return super.buildReq() // the generic stuff .putBoolean(false) // no, we are not responding to a CHANGEREQ .putSensitiveString(pwdf.reqPassword(accountResource)); }
@Override public SSHPacket buildReq() throws UserAuthException { final AccountResource accountResource = makeAccountResource(); log.debug("Requesting password for {}", accountResource); return super.buildReq() // the generic stuff .putBoolean(false) // no, we are not responding to a CHANGEREQ .putSensitiveString(pwdf.reqPassword(accountResource)); }
final char[] passphrase; if (pwdf != null) { passphrase = pwdf.reqPassword(resource); } else { passphrase = "".toCharArray();
final char[] passphrase; if(pwdf != null) { passphrase = pwdf.reqPassword(resource);
@Override public void handle(Message cmd, SSHPacket buf) throws UserAuthException, TransportException { if (cmd == Message.USERAUTH_60 && newPasswordProvider != null) { log.info("Received SSH_MSG_USERAUTH_PASSWD_CHANGEREQ."); try { String prompt = buf.readString(); buf.readString(); // lang-tag AccountResource resource = makeAccountResource(); char[] newPassword = newPasswordProvider.provideNewPassword(resource, prompt); SSHPacket sshPacket = super.buildReq().putBoolean(true).putSensitiveString(pwdf.reqPassword(resource)).putSensitiveString(newPassword); params.getTransport().write(sshPacket); } catch (Buffer.BufferException e) { throw new TransportException(e); } } else if (cmd == Message.USERAUTH_60) { throw new UserAuthException("Password change request received; unsupported operation (newPassword was 'null')"); } else { super.handle(cmd, buf); } }
decryptorBuilder.setProvider("BC"); try { passphrase = pwdf == null ? null : pwdf.reqPassword(resource); kp = pemConverter.getKeyPair(encryptedKeyPair.decryptKeyPair(decryptorBuilder.build(passphrase))); } finally {
decryptorBuilder.setProvider(SecurityUtils.getSecurityProvider()); try { passphrase = pwdf == null ? null : pwdf.reqPassword(resource); kp = pemConverter.getKeyPair(encryptedKeyPair.decryptKeyPair(decryptorBuilder.build(passphrase))); } finally {