Add AES256-CBC to OpenSSHKeyV1KeyFile (Fixes #467)

src/main/java/com/hierynomus/sshj/userauth/keyprovider/OpenSSHKeyV1KeyFile.java

@@ -21,6 +21,7 @@ import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
 import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec;
 import net.schmizz.sshj.common.*;
 import net.schmizz.sshj.common.Buffer.PlainBuffer;
+import net.schmizz.sshj.transport.cipher.BlockCipher;
 import net.schmizz.sshj.transport.cipher.Cipher;
 import net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider;
 import net.schmizz.sshj.userauth.keyprovider.FileKeyProvider;
@@ -106,7 +107,7 @@ public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
             logger.debug("Reading unencrypted keypair");
             return readUnencrypted(privateKeyBuffer, publicKey);
         } else {
-            logger.info("Keypair is encrypted with: " + cipherName + ", " + kdfName + ", " + kdfOptions);
+            logger.info("Keypair is encrypted with: " + cipherName + ", " + kdfName + ", " + Arrays.toString(kdfOptions));
             PlainBuffer decrypted = decryptBuffer(privateKeyBuffer, cipherName, kdfName, kdfOptions);
             return readUnencrypted(decrypted, publicKey);
 //            throw new IOException("Cannot read encrypted keypair with " + cipherName + " yet.");
@@ -141,6 +142,8 @@ public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
     private Cipher createCipher(String cipherName) {
         if (cipherName.equals(BlockCiphers.AES256CTR().getName())) {
             return BlockCiphers.AES256CTR().create();
+        } else if (cipherName.equals(BlockCiphers.AES256CBC().getName())) {
+            return BlockCiphers.AES256CBC().create();
         }
         throw new IllegalStateException("Cipher '" + cipherName + "' not currently implemented for openssh-key-v1 format");
     }

src/test/java/net/schmizz/sshj/keyprovider/OpenSSHKeyFileTest.java

@@ -30,7 +30,6 @@ import org.junit.Test;
 
 import java.io.File;
 import java.io.IOException;
-import java.io.UnsupportedEncodingException;
 import java.math.BigInteger;
 import java.security.GeneralSecurityException;
 import java.security.PrivateKey;
@@ -189,12 +188,21 @@ public class OpenSSHKeyFileTest {
     }
 
     @Test
-    public void shouldLoadProtectedED25519PrivateKey() throws IOException {
+    public void shouldLoadProtectedED25519PrivateKeyAes256CTR() throws IOException {
+        checkOpenSSHKeyV1("src/test/resources/keytypes/ed25519_protected", "sshjtest");
+    }
+
+    @Test
+    public void shouldLoadProtectedED25519PrivateKeyAes256CBC() throws IOException {
+        checkOpenSSHKeyV1("src/test/resources/keytypes/ed25519_aes256cbc.pem", "foobar");
+    }
+
+    private void checkOpenSSHKeyV1(String key, String password) throws IOException {
         OpenSSHKeyV1KeyFile keyFile = new OpenSSHKeyV1KeyFile();
-        keyFile.init(new File("src/test/resources/keytypes/ed25519_protected"), new PasswordFinder() {
+        keyFile.init(new File(key), new PasswordFinder() {
             @Override
             public char[] reqPassword(Resource<?> resource) {
-                return "sshjtest".toCharArray();
+                return password.toCharArray();
             }
 
             @Override

src/test/resources/keytypes/ed25519_aes256cbc.pem

@@ -0,0 +1,8 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABBLQVXV9f
+Wpw8AL9RTpAr//AAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIJ8ww4hJG/gHJYdk
+jTTBDF1GNz+228nuWprPV+NbQauAAAAAoGHEO7x3fSRBohvrIR52U4XD3uqRnhrPYm01k1
+f4HHNNv46m92Zw6JKIB9Trrvp0sdMI8MVb79bN45rbn6mvpABtWl6T5TOTyMnKzDfAOx9c
+FTaasWFmgtgkXOsu5pLrYBAQgCHWbzjjz6KoV1DmD4SAn9Ojf9Oh+YdAEKZcsvklgpu+Kj
+nzN/DR0jt7Nzep2kNCLAS24QEkvQeATVSDiL8=
+-----END OPENSSH PRIVATE KEY-----

src/test/resources/keytypes/ed25519_aes256cbc.pem.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ8ww4hJG/gHJYdkjTTBDF1GNz+228nuWprPV+NbQauA ajvanerp@Heimdall.local