1 | |
package org.apache.maven.wagon.providers.ssh; |
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
|
12 | |
|
13 | |
|
14 | |
|
15 | |
|
16 | |
|
17 | |
|
18 | |
|
19 | |
|
20 | |
|
21 | |
import org.apache.mina.util.Base64; |
22 | |
import org.apache.sshd.server.PublickeyAuthenticator; |
23 | |
import org.apache.sshd.server.session.ServerSession; |
24 | |
import org.codehaus.plexus.util.IOUtil; |
25 | |
|
26 | |
import javax.crypto.Cipher; |
27 | |
import java.io.InputStream; |
28 | |
import java.math.BigInteger; |
29 | |
import java.security.KeyFactory; |
30 | |
import java.security.PrivateKey; |
31 | |
import java.security.PublicKey; |
32 | |
import java.security.interfaces.RSAPublicKey; |
33 | |
import java.security.spec.DSAPublicKeySpec; |
34 | |
import java.security.spec.RSAPublicKeySpec; |
35 | |
import java.util.ArrayList; |
36 | |
import java.util.List; |
37 | |
|
38 | |
|
39 | |
|
40 | |
|
41 | |
public class TestPublickeyAuthenticator |
42 | |
implements PublickeyAuthenticator |
43 | |
{ |
44 | 0 | public List<PublickeyAuthenticatorRequest> publickeyAuthenticatorRequests = |
45 | |
new ArrayList<PublickeyAuthenticatorRequest>(); |
46 | |
|
47 | |
public boolean keyAuthz; |
48 | |
|
49 | |
public TestPublickeyAuthenticator( boolean keyAuthz ) |
50 | 0 | { |
51 | 0 | this.keyAuthz = keyAuthz; |
52 | 0 | } |
53 | |
|
54 | |
public boolean authenticate( String username, PublicKey key, ServerSession session ) |
55 | |
{ |
56 | 0 | if ( !keyAuthz ) |
57 | |
{ |
58 | 0 | return false; |
59 | |
} |
60 | |
try |
61 | |
{ |
62 | 0 | InputStream is = |
63 | |
Thread.currentThread().getContextClassLoader().getResourceAsStream( "ssh-keys/id_rsa.pub" ); |
64 | 0 | PublicKey publicKey = decodePublicKey( IOUtil.toString( is ) ); |
65 | 0 | publickeyAuthenticatorRequests.add( new PublickeyAuthenticatorRequest( username, key ) ); |
66 | |
|
67 | 0 | return ( (RSAPublicKey) publicKey ).getModulus().equals( ( (RSAPublicKey) publicKey ).getModulus() ); |
68 | |
} |
69 | 0 | catch ( Exception e ) |
70 | |
{ |
71 | 0 | throw new RuntimeException( e.getMessage(), e ); |
72 | |
} |
73 | |
} |
74 | |
|
75 | |
public static byte[] decrypt( byte[] text, PrivateKey key ) |
76 | |
throws Exception |
77 | |
{ |
78 | 0 | byte[] dectyptedText = null; |
79 | 0 | Cipher cipher = Cipher.getInstance( "RSA/ECB/PKCS1Padding" ); |
80 | 0 | cipher.init( Cipher.DECRYPT_MODE, key ); |
81 | 0 | dectyptedText = cipher.doFinal( text ); |
82 | 0 | return dectyptedText; |
83 | |
} |
84 | |
|
85 | |
public static class PublickeyAuthenticatorRequest |
86 | |
{ |
87 | |
public String username; |
88 | |
|
89 | |
public PublicKey publicKey; |
90 | |
|
91 | |
public PublickeyAuthenticatorRequest( String username, PublicKey publicKey ) |
92 | 0 | { |
93 | 0 | this.username = username; |
94 | 0 | this.publicKey = publicKey; |
95 | 0 | } |
96 | |
|
97 | |
@Override |
98 | |
public String toString() |
99 | |
{ |
100 | 0 | final StringBuilder sb = new StringBuilder(); |
101 | 0 | sb.append( "PublickeyAuthenticatorRequest" ); |
102 | 0 | sb.append( "{username='" ).append( username ).append( '\'' ); |
103 | 0 | sb.append( ", publicKey=" ).append( publicKey ); |
104 | 0 | sb.append( '}' ); |
105 | 0 | return sb.toString(); |
106 | |
} |
107 | |
} |
108 | |
|
109 | |
private byte[] bytes; |
110 | |
|
111 | |
private int pos; |
112 | |
|
113 | |
public PublicKey decodePublicKey( String keyLine ) |
114 | |
throws Exception |
115 | |
{ |
116 | 0 | bytes = null; |
117 | 0 | pos = 0; |
118 | |
|
119 | 0 | for ( String part : keyLine.split( " " ) ) |
120 | |
{ |
121 | 0 | if ( part.startsWith( "AAAA" ) ) |
122 | |
{ |
123 | 0 | bytes = Base64.decodeBase64( part.getBytes() ); |
124 | 0 | break; |
125 | |
} |
126 | |
} |
127 | 0 | if ( bytes == null ) |
128 | |
{ |
129 | 0 | throw new IllegalArgumentException( "no Base64 part to decode" ); |
130 | |
} |
131 | |
|
132 | 0 | String type = decodeType(); |
133 | 0 | if ( type.equals( "ssh-rsa" ) ) |
134 | |
{ |
135 | 0 | BigInteger e = decodeBigInt(); |
136 | 0 | BigInteger m = decodeBigInt(); |
137 | 0 | RSAPublicKeySpec spec = new RSAPublicKeySpec( m, e ); |
138 | 0 | return KeyFactory.getInstance( "RSA" ).generatePublic( spec ); |
139 | |
} |
140 | 0 | else if ( type.equals( "ssh-dss" ) ) |
141 | |
{ |
142 | 0 | BigInteger p = decodeBigInt(); |
143 | 0 | BigInteger q = decodeBigInt(); |
144 | 0 | BigInteger g = decodeBigInt(); |
145 | 0 | BigInteger y = decodeBigInt(); |
146 | 0 | DSAPublicKeySpec spec = new DSAPublicKeySpec( y, p, q, g ); |
147 | 0 | return KeyFactory.getInstance( "DSA" ).generatePublic( spec ); |
148 | |
} |
149 | |
else |
150 | |
{ |
151 | 0 | throw new IllegalArgumentException( "unknown type " + type ); |
152 | |
} |
153 | |
} |
154 | |
|
155 | |
private String decodeType() |
156 | |
{ |
157 | 0 | int len = decodeInt(); |
158 | 0 | String type = new String( bytes, pos, len ); |
159 | 0 | pos += len; |
160 | 0 | return type; |
161 | |
} |
162 | |
|
163 | |
private int decodeInt() |
164 | |
{ |
165 | 0 | return ( ( bytes[pos++] & 0xFF ) << 24 ) | ( ( bytes[pos++] & 0xFF ) << 16 ) | ( ( bytes[pos++] & 0xFF ) << 8 ) |
166 | |
| ( bytes[pos++] & 0xFF ); |
167 | |
} |
168 | |
|
169 | |
private BigInteger decodeBigInt() |
170 | |
{ |
171 | 0 | int len = decodeInt(); |
172 | 0 | byte[] bigIntBytes = new byte[len]; |
173 | 0 | System.arraycopy( bytes, pos, bigIntBytes, 0, len ); |
174 | 0 | pos += len; |
175 | 0 | return new BigInteger( bigIntBytes ); |
176 | |
} |
177 | |
|
178 | |
} |