Mirrors/sshj
1
0
Fork 0
mirror of https://github.com/hierynomus/sshj.git synced 2025-12-06 23:30:55 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fail gracefully when reading an OpenSSH Known Hosts file that uses key types requiring BouncyCastle, but we're not including BouncyCastle.

Browse Source
This commit is contained in:
David Solin
2016-09-09 14:39:21 -05:00
parent 613ace1864
commit 68b924863e
3 changed files with 22 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/main/java/net/schmizz/sshj/common/Buffer.java
View File

@@ -426,8 +426,18 @@ public class Buffer<T extends Buffer<T>> {
public PublicKey readPublicKey() public PublicKey readPublicKey()
throws BufferException { throws BufferException {
try { try {
final String type = readString(); final KeyType type = KeyType.fromString(readString());
return KeyType.fromString(type).readPubKeyFromBuffer(type, this); switch(type) {
case RSA:
case DSA:
return type.readPubKeyFromBuffer(this);
default:
if (SecurityUtils.isBouncyCastleRegistered()) {
return type.readPubKeyFromBuffer(this);
} else {
throw new BufferException("BouncyCastle is required to read a key of type " + type);
}
}
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new SSHRuntimeException(e); throw new SSHRuntimeException(e);
} }

19
src/main/java/net/schmizz/sshj/common/KeyType.java
View File

@@ -46,7 +46,7 @@ public enum KeyType {
/** SSH identifier for RSA keys */ /** SSH identifier for RSA keys */
RSA("ssh-rsa") { RSA("ssh-rsa") {
@Override @Override
public PublicKey readPubKeyFromBuffer(String type, Buffer<?> buf) public PublicKey readPubKeyFromBuffer(Buffer<?> buf)
throws GeneralSecurityException { throws GeneralSecurityException {
final BigInteger e, n; final BigInteger e, n;
try { try {
@@ -77,7 +77,7 @@ public enum KeyType {
/** SSH identifier for DSA keys */ /** SSH identifier for DSA keys */
DSA("ssh-dss") { DSA("ssh-dss") {
@Override @Override
public PublicKey readPubKeyFromBuffer(String type, Buffer<?> buf) public PublicKey readPubKeyFromBuffer(Buffer<?> buf)
throws GeneralSecurityException { throws GeneralSecurityException {
BigInteger p, q, g, y; BigInteger p, q, g, y;
try { try {
@@ -114,7 +114,7 @@ public enum KeyType {
private final Logger log = LoggerFactory.getLogger(getClass()); private final Logger log = LoggerFactory.getLogger(getClass());
@Override @Override
public PublicKey readPubKeyFromBuffer(String type, Buffer<?> buf) public PublicKey readPubKeyFromBuffer(Buffer<?> buf)
throws GeneralSecurityException { throws GeneralSecurityException {
try { try {
// final String algo = buf.readString(); it has been already read // final String algo = buf.readString(); it has been already read
@@ -127,7 +127,7 @@ public enum KeyType {
buf.readRawBytes(y); buf.readRawBytes(y);
if(log.isDebugEnabled()) { if(log.isDebugEnabled()) {
log.debug(String.format("Key algo: %s, Key curve: %s, Key Len: %s, 0x04: %s\nx: %s\ny: %s", log.debug(String.format("Key algo: %s, Key curve: %s, Key Len: %s, 0x04: %s\nx: %s\ny: %s",
type, sType,
curveName, curveName,
keyLen, keyLen,
x04, x04,
@@ -176,14 +176,14 @@ public enum KeyType {
ED25519("ssh-ed25519") { ED25519("ssh-ed25519") {
private final Logger log = LoggerFactory.getLogger(KeyType.class); private final Logger log = LoggerFactory.getLogger(KeyType.class);
@Override @Override
public PublicKey readPubKeyFromBuffer(String type, Buffer<?> buf) throws GeneralSecurityException { public PublicKey readPubKeyFromBuffer(Buffer<?> buf) throws GeneralSecurityException {
try { try {
final int keyLen = buf.readUInt32AsInt(); final int keyLen = buf.readUInt32AsInt();
final byte[] p = new byte[keyLen]; final byte[] p = new byte[keyLen];
buf.readRawBytes(p); buf.readRawBytes(p);
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug(String.format("Key algo: %s, Key curve: 25519, Key Len: %s\np: %s", log.debug(String.format("Key algo: %s, Key curve: 25519, Key Len: %s\np: %s",
type, sType,
keyLen, keyLen,
Arrays.toString(p)) Arrays.toString(p))
); );
@@ -213,9 +213,9 @@ public enum KeyType {
/** Unrecognized */ /** Unrecognized */
UNKNOWN("unknown") { UNKNOWN("unknown") {
@Override @Override
public PublicKey readPubKeyFromBuffer(String type, Buffer<?> buf) public PublicKey readPubKeyFromBuffer(Buffer<?> buf)
throws GeneralSecurityException { throws GeneralSecurityException {
throw new UnsupportedOperationException("Don't know how to decode key:" + type); throw new UnsupportedOperationException("Don't know how to decode key:" + sType);
} }
@Override @Override
@@ -238,7 +238,7 @@ public enum KeyType {
this.sType = type; this.sType = type;
} }
public abstract PublicKey readPubKeyFromBuffer(String type, Buffer<?> buf) public abstract PublicKey readPubKeyFromBuffer(Buffer<?> buf)
throws GeneralSecurityException; throws GeneralSecurityException;
public abstract void putPubKeyIntoBuffer(PublicKey pk, Buffer<?> buf); public abstract void putPubKeyIntoBuffer(PublicKey pk, Buffer<?> buf);
@@ -263,5 +263,4 @@ public enum KeyType {
public String toString() { public String toString() {
return sType; return sType;
} }
} }

7
src/main/java/net/schmizz/sshj/transport/verification/OpenSSHKnownHosts.java
View File

@@ -207,7 +207,7 @@ public class OpenSSHKnownHosts
if (type != KeyType.UNKNOWN) { if (type != KeyType.UNKNOWN) {
final String sKey = split[i++]; final String sKey = split[i++];
key = getKey(sKey); key = new Buffer.PlainBuffer(Base64.decode(sKey)).readPublicKey();
} else if (isBits(sType)) { } else if (isBits(sType)) {
type = KeyType.RSA; type = KeyType.RSA;
// int bits = Integer.valueOf(sType); // int bits = Integer.valueOf(sType);
@@ -232,11 +232,6 @@ public class OpenSSHKnownHosts
} }
} }
private PublicKey getKey(String sKey)
throws IOException {
return new Buffer.PlainBuffer(Base64.decode(sKey)).readPublicKey();
}
private boolean isBits(String type) { private boolean isBits(String type) {
try { try {
Integer.parseInt(type); Integer.parseInt(type);