Add support for other keytypes to openssh-key-v1 keyfiles (#485)

* Added support for RSA to openssh-key-v1 keyfile * Fixed exception * Added ECDSA support to openssh-key-v1 * Added integration tests for different keytypes
2025-12-08 08:10:55 +03:00 · 2019-01-17 13:01:49 +01:00
parent 00cd335f47
commit cac340dd43
20 changed files with 287 additions and 22 deletions
--- a/src/main/java/com/hierynomus/sshj/userauth/keyprovider/OpenSSHKeyV1KeyFile.java
+++ b/src/main/java/com/hierynomus/sshj/userauth/keyprovider/OpenSSHKeyV1KeyFile.java
@@ -21,23 +21,27 @@ import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
 import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec;
 import net.schmizz.sshj.common.*;
 import net.schmizz.sshj.common.Buffer.PlainBuffer;
-import net.schmizz.sshj.transport.cipher.BlockCipher;
 import net.schmizz.sshj.transport.cipher.Cipher;
 import net.schmizz.sshj.userauth.keyprovider.BaseFileKeyProvider;
 import net.schmizz.sshj.userauth.keyprovider.FileKeyProvider;
 import net.schmizz.sshj.userauth.keyprovider.KeyFormat;
+import org.bouncycastle.asn1.nist.NISTNamedCurves;
+import org.bouncycastle.asn1.x9.X9ECParameters;
+import org.bouncycastle.jce.spec.ECNamedCurveSpec;
 import org.mindrot.jbcrypt.BCrypt;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import java.io.BufferedReader;
 import java.io.IOException;
+import java.math.BigInteger;
 import java.nio.ByteBuffer;
 import java.nio.CharBuffer;
 import java.nio.charset.Charset;
-import java.security.GeneralSecurityException;
-import java.security.KeyPair;
-import java.security.PublicKey;
+import java.security.*;
+import java.security.spec.ECPrivateKeySpec;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.RSAPrivateKeySpec;
 import java.util.Arrays;

 /**
@@ -125,10 +129,12 @@ public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
    private void initializeCipher(String kdfName, byte[] kdfOptions, Cipher cipher) throws Buffer.BufferException {
        if (kdfName.equals(BCRYPT)) {
            PlainBuffer opts = new PlainBuffer(kdfOptions);
-            CharBuffer charBuffer = CharBuffer.wrap(pwdf.reqPassword(null));
-            ByteBuffer byteBuffer = Charset.forName("UTF-8").encode(charBuffer);
-            byte[] passphrase = Arrays.copyOfRange(byteBuffer.array(),
-                    byteBuffer.position(), byteBuffer.limit());
+            byte[] passphrase = new byte[0];
+            if (pwdf != null) {
+                CharBuffer charBuffer = CharBuffer.wrap(pwdf.reqPassword(null));
+                ByteBuffer byteBuffer = Charset.forName("UTF-8").encode(charBuffer);
+                passphrase = Arrays.copyOfRange(byteBuffer.array(), byteBuffer.position(), byteBuffer.limit());
+            }
            byte[] keyiv = new byte[48];
            new BCrypt().pbkdf(passphrase, opts.readBytes(), opts.readUInt32AsInt(), keyiv);
            byte[] key = Arrays.copyOfRange(keyiv, 0, 32);
@@ -183,13 +189,40 @@ public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
        }
        // The private key section contains both the public key and the private key
        String keyType = keyBuffer.readString(); // string keytype
-        logger.info("Read key type: {}", keyType);
+        KeyType kt = KeyType.fromString(keyType);
+        logger.info("Read key type: {}", keyType, kt);
+        KeyPair kp;
+        switch (kt) {
+            case ED25519:
+                byte[] pubKey = keyBuffer.readBytes(); // string publickey (again...)
+                keyBuffer.readUInt32(); // length of privatekey+publickey
+                byte[] privKey = new byte[32];
+                keyBuffer.readRawBytes(privKey); // string privatekey
+                keyBuffer.readRawBytes(new byte[32]); // string publickey (again...)
+                kp = new KeyPair(publicKey, new EdDSAPrivateKey(new EdDSAPrivateKeySpec(privKey, EdDSANamedCurveTable.getByName("Ed25519"))));
+                break;
+            case RSA:
+                BigInteger n = keyBuffer.readMPInt(); // Modulus
+                BigInteger e = keyBuffer.readMPInt(); // Public Exponent
+                BigInteger d = keyBuffer.readMPInt(); // Private Exponent
+                keyBuffer.readMPInt(); // iqmp (q^-1 mod p)
+                keyBuffer.readMPInt(); // p (Prime 1)
+                keyBuffer.readMPInt(); // q (Prime 2)
+                kp = new KeyPair(publicKey, SecurityUtils.getKeyFactory("RSA").generatePrivate(new RSAPrivateKeySpec(n, d)));
+                break;
+            case ECDSA256:
+                kp = new KeyPair(publicKey, createECDSAPrivateKey(kt, keyBuffer, "P-256"));
+                break;
+            case ECDSA384:
+                kp = new KeyPair(publicKey, createECDSAPrivateKey(kt, keyBuffer, "P-384"));
+                break;
+            case ECDSA521:
+                kp = new KeyPair(publicKey, createECDSAPrivateKey(kt, keyBuffer, "P-521"));
+                break;

-        byte[] pubKey = keyBuffer.readBytes(); // string publickey (again...)
-        keyBuffer.readUInt32();
-        byte[] privKey = new byte[32];
-        keyBuffer.readRawBytes(privKey); // string privatekey
-        keyBuffer.readRawBytes(new byte[32]); // string publickey (again...)
+            default:
+                throw new IOException("Cannot decode keytype " + keyType + " in openssh-key-v1 files (yet).");
+        }
        String comment = keyBuffer.readString(); // string comment
        byte[] padding = new byte[keyBuffer.available()];
        keyBuffer.readRawBytes(padding); // char[] padding
@@ -198,6 +231,16 @@ public class OpenSSHKeyV1KeyFile extends BaseFileKeyProvider {
                throw new IOException("Padding of key format contained wrong byte at position: " + i);
            }
        }
-        return new KeyPair(publicKey, new EdDSAPrivateKey(new EdDSAPrivateKeySpec(privKey, EdDSANamedCurveTable.getByName("Ed25519"))));
+        return kp;
+    }
+
+    private PrivateKey createECDSAPrivateKey(KeyType kt, PlainBuffer buffer, String name) throws GeneralSecurityException, Buffer.BufferException {
+        PublicKey pk = kt.readPubKeyFromBuffer(buffer); // Public key
+        BigInteger s = new BigInteger(1, buffer.readBytes());
+        X9ECParameters ecParams = NISTNamedCurves.getByName(name);
+        ECNamedCurveSpec ecCurveSpec = new ECNamedCurveSpec(name, ecParams.getCurve(), ecParams.getG(), ecParams.getN());
+        ECPrivateKeySpec pks = new ECPrivateKeySpec(s, ecCurveSpec);
+        return SecurityUtils.getKeyFactory("ECDSA").generatePrivate(pks);
+
    }
 }
--- a/src/main/java/net/schmizz/sshj/userauth/keyprovider/KeyProviderUtil.java
+++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/KeyProviderUtil.java
@@ -89,7 +89,7 @@ public class KeyProviderUtil {

    private static KeyFormat keyFormatFromHeader(String header, boolean separatePubKey) {
        if (header.startsWith("-----BEGIN") && header.endsWith("PRIVATE KEY-----")) {
-            if (separatePubKey && header.contains(OpenSSHKeyV1KeyFile.OPENSSH_PRIVATE_KEY)) {
+            if (header.contains(OpenSSHKeyV1KeyFile.OPENSSH_PRIVATE_KEY)) {
                return KeyFormat.OpenSSHv1;
            } else if (separatePubKey) {
                // Can delay asking for password since have unencrypted pubkey