/** {@inheritDoc} */
 public void addIdentity(String privateKey, final String passphrase, String comment)
     throws IOException {
   if (!SecurityUtils.isBouncyCastleRegistered()) {
     throw new IllegalStateException("BouncyCastle must be registered as a JCE provider");
   }
   try {
     PEMReader r =
         new PEMReader(
             new StringReader(privateKey),
             passphrase == null
                 ? null
                 : new PasswordFinder() {
                   public char[] getPassword() {
                     return passphrase.toCharArray();
                   }
                 });
     try {
       Object o = r.readObject();
       if (o instanceof KeyPair) {
         agent.getAgent().addIdentity((KeyPair) o, comment);
       }
     } finally {
       r.close();
     }
   } catch (Exception e) {
     listener.getLogger().println(Messages.SSHAgentBuildWrapper_UnableToReadKey(e.getMessage()));
     e.printStackTrace(listener.getLogger());
   }
 }
Exemplo n.º 2
0
 private static Key loadKeyEncryptionKey() throws Exception {
   Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
   PEMReader pr = new PEMReader(new FileReader(EncryptTool.PRIVATE_KEY));
   KeyPair k = (KeyPair) pr.readObject();
   pr.close();
   return k.getPrivate();
 }
Exemplo n.º 3
0
  public static X509CertificateObject getCertificate() {
    if (cert == null) {
      try {

        File f = new File(XMPConfig.getCertfile());
        FileReader fr;
        fr = new FileReader(f);

        PEMReader r = new PEMReader(fr);
        Object o = r.readObject();
        if (o instanceof X509CertificateObject) {
          cert = (X509CertificateObject) o;
        }
        cert.checkValidity();
        r.close();
      } catch (FileNotFoundException e) {
        logger.error("FATAL: couldn't load certificate file", e);
        System.exit(1);
      } catch (NullPointerException e) {
        logger.error("FATAL: couldn't load certificate file", e);
        System.exit(1);
      } catch (IOException e) {
        logger.error("FATAL: couldn't load certificate file", e);
        System.exit(1);
      } catch (CertificateExpiredException e) {
        logger.error("FATAL: couldn't load certificate file", e);
        System.exit(1);
      } catch (CertificateNotYetValidException e) {
        logger.error("FATAL: couldn't load certificate file", e);
        System.exit(1);
      }
    }
    return cert;
  }
Exemplo n.º 4
0
 public static List<X509CertificateObject> getTrustedCerts() {
   if (intermediates == null) {
     intermediates = new ArrayList<X509CertificateObject>();
     File dir = new File(XMPConfig.getTrustedCertsDir());
     File[] listFiles = dir.listFiles();
     for (File file : listFiles) {
       try {
         FileReader fr;
         fr = new FileReader(file);
         PEMReader p = new PEMReader(fr);
         Object o = p.readObject();
         X509CertificateObject cert = null;
         if (o instanceof X509CertificateObject) {
           cert = (X509CertificateObject) o;
           intermediates.add(cert);
         }
         p.close();
       } catch (FileNotFoundException e) {
         e.printStackTrace();
       } catch (NullPointerException e) {
         e.printStackTrace();
       } catch (IOException e) {
         e.printStackTrace();
       }
     }
   }
   return intermediates;
 }
Exemplo n.º 5
0
  /** @param args */
  public static void main(String[] args) throws Exception {
    if (args.length < 3) {
      System.err.println(
          "Usage: OSSLoadAgent OSS_URL SECRET_NAME WRAPPED_PASSPHRASE AGENT_AUTH_SOCK [KEY_FILE]");
      System.exit(1);
    }

    SSHAgentClient sshAgent = new SSHAgentClient(args[2]);

    // Get the secret from OSS
    // FIXME ? Provide a way to specify the ssh signing key fingerprint
    byte[] secret = OSSClient.getSecret(args[0], args[1], null);
    // Use the secret to unwrap the passphrase
    byte[] unwrap = CryptoHelper.unwrapBlob(secret, Hex.decode(args[3]));
    String password = new String(unwrap, "UTF-8");

    // Read private keys
    // openssh store it in PEM format
    List<File> sshKeyFiles;
    if (args.length > 4) {
      sshKeyFiles = new ArrayList<File>(1);
      sshKeyFiles.add(new File(args[4]));
    } else {
      sshKeyFiles = getDefaultsKeyFiles();
    }

    for (File sshKeyFile : sshKeyFiles) {
      Reader fRd = new BufferedReader(new FileReader(sshKeyFile));
      PEMReader pem = new PEMReader(fRd, new DefaultPasswordFinder(password.toCharArray()), "BC");

      Object o;
      try {
        while ((o = pem.readObject()) != null) {
          if (o instanceof KeyPair) {
            KeyPair kp = (KeyPair) o;
            // Add the identity in the ssh-agent
            byte[] keyblob = CryptoHelper.sshPrivateKeyBlobFromKeyPair(kp);
            System.out.println("Loading " + sshKeyFile.getPath());
            sshAgent.addIdentity(keyblob, sshKeyFile.getPath());
          }
        }
      } catch (EncryptionException ee) {
        System.err.println("Can't read private key in " + sshKeyFile.getAbsolutePath());
        ee.printStackTrace();
      }

      pem.close();
    }

    System.out.println("Keys in agent:");
    List<SSHKey> identities = sshAgent.requestIdentities();
    for (SSHKey identity : identities) {
      System.out.println(identity);
    }
  }
Exemplo n.º 6
0
 private static KeyPair getKey() {
   if (keyPair == null) {
     try {
       File f = new File(XMPConfig.getKeyfile());
       FileReader r = new FileReader(f);
       PEMReader pr = new PEMReader(r);
       Object o = pr.readObject();
       keyPair = (KeyPair) o;
       pr.close();
     } catch (FileNotFoundException e) {
       logger.error("FATAL: couldn't load private key", e);
       System.exit(1);
     } catch (NullPointerException e) {
       logger.error("FATAL: couldn't load private key", e);
       System.exit(1);
     } catch (IOException e) {
       logger.error("FATAL: couldn't load private key", e);
       System.exit(1);
     }
   }
   return keyPair;
 }
Exemplo n.º 7
0
 @Override
 protected KeyPair[] loadKeys() {
   if (!SecurityUtils.isBouncyCastleRegistered()) {
     throw new IllegalStateException("BouncyCastle must be registered as a JCE provider");
   }
   List<KeyPair> keys = new ArrayList<KeyPair>();
   if (key != null) {
     try {
       PEMReader r =
           new PEMReader(new InputStreamReader(new ByteArrayInputStream(key.getContent())));
       try {
         Object o = r.readObject();
         if (o instanceof KeyPair) {
           keys.add((KeyPair) o);
         }
       } finally {
         r.close();
       }
     } catch (Exception e) {
       LOG.info("Unable to read key {}: {}", key, e);
     }
   }
   return keys.toArray(new KeyPair[keys.size()]);
 }
  @Override
  public KeyConfiguration getKeyConfiguration() throws ConfigurationLoadingException {

    if (keyConfiguration == null) {
      // Load values out of configuration
      logger.trace("Loading Key Configuration");
      keyConfiguration = new KeyConfiguration();

      FileReader fileReader;
      try {

        // Load Key Agreement Private Key
        fileReader =
            new FileReader(
                propertiesConfiguration.getString(
                    PropertiesConfigurationEntries.SECURITY_KEYAGREEMENT_KEYPATH));
        PEMReader pemReader = new PEMReader(fileReader);
        KeyPair keyPair = (KeyPair) pemReader.readObject();
        keyConfiguration.setKeyAgreementPrivateKey(keyPair.getPrivate());
        pemReader.close();
        fileReader.close();

        // Load Blob Private Key
        fileReader =
            new FileReader(
                propertiesConfiguration.getString(
                    PropertiesConfigurationEntries.SECURITY_BLOB_KEYPATH_PRIVATE));
        pemReader = new PEMReader(fileReader);
        keyPair = (KeyPair) pemReader.readObject();
        keyConfiguration.setBlobPrivateKey(keyPair.getPrivate());
        pemReader.close();
        fileReader.close();

        // Load Blob Public Key
        fileReader =
            new FileReader(
                propertiesConfiguration.getString(
                    PropertiesConfigurationEntries.SECURITY_BLOB_KEYPATH_PUBLIC));
        pemReader = new PEMReader(fileReader);
        X509Certificate cert = (X509Certificate) pemReader.readObject();
        PublicKey publicKey = (PublicKey) cert.getPublicKey();
        keyConfiguration.setBlobPublicKey(publicKey);
        pemReader.close();
        fileReader.close();

      } catch (FileNotFoundException e) {
        logger.error("Error loading the Key Configuration: " + e.getMessage());
        keyConfiguration = null;
        throw new ConfigurationLoadingException(
            "Error loading the Key Configuration: " + e.getMessage());
      } catch (IOException e) {
        logger.error("Error loading the Key Configuration: " + e.getMessage());
        keyConfiguration = null;
        throw new ConfigurationLoadingException(
            "Error loading the Key Configuration: " + e.getMessage());
      } catch (Exception e) {
        logger.error("Error loading the Key Configuration: " + e.getMessage());
        throw new RuntimeException(e.getMessage());
      }
    } else {
      logger.trace("Key Configuration already loaded");
    }

    return keyConfiguration;
  }