Test com.jcraft.jsch.KeyPair

erik-wramner · Jul 31, 2023 · 4bda37f · 4bda37f
1 parent 5d3359f
commit 4bda37f
Show file tree

Hide file tree

Showing 3 changed files with 69 additions and 0 deletions.
diff --git a/integration-tests/pom.xml b/integration-tests/pom.xml
@@ -56,6 +56,12 @@
             <artifactId>rest-assured</artifactId>
             <scope>test</scope>
         </dependency>
+
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcpkix-jdk18on</artifactId>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
     <build>
         <plugins>
@@ -83,12 +89,14 @@
             <build>
                 <plugins>
                     <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-surefire-plugin</artifactId>
                         <configuration>
                             <skipTests>${native.surefire.skip}</skipTests>
                         </configuration>
                     </plugin>
                     <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-failsafe-plugin</artifactId>
                         <executions>
                             <execution>

diff --git a/integration-tests/src/main/java/io/quarkus/it/jsch/JSchResource.java b/integration-tests/src/main/java/io/quarkus/it/jsch/JSchResource.java
@@ -1,11 +1,16 @@
 package io.quarkus.it.jsch;
 
+import java.nio.charset.StandardCharsets;
+
 import jakarta.ws.rs.GET;
 import jakarta.ws.rs.Path;
+import jakarta.ws.rs.Produces;
 import jakarta.ws.rs.QueryParam;
+import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.Response;
 
 import com.jcraft.jsch.JSch;
+import com.jcraft.jsch.KeyPair;
 import com.jcraft.jsch.Session;
 
 @Path("/jsch")
@@ -21,4 +26,13 @@ public Response connect(@QueryParam("host") String host, @QueryParam("port") int
         session.disconnect();
         return Response.ok(serverVersion).build();
     }
+
+    @GET
+    @Path("/keypair/decrypt")
+    @Produces(MediaType.TEXT_PLAIN)
+    public boolean decryptKeypair(@QueryParam("privateKey") String privateKey,
+            @QueryParam("passphrase") String passphrase) throws Exception {
+        KeyPair keyPair = KeyPair.load(new JSch(), privateKey, null);
+        return keyPair.decrypt(passphrase.getBytes(StandardCharsets.UTF_8));
+    }
 }
diff --git a/integration-tests/src/test/java/io/quarkus/it/jsch/JSchTest.java b/integration-tests/src/test/java/io/quarkus/it/jsch/JSchTest.java
@@ -1,20 +1,32 @@
 package io.quarkus.it.jsch;
 
 import static io.restassured.RestAssured.given;
+import static java.nio.charset.StandardCharsets.UTF_8;
 import static org.hamcrest.CoreMatchers.endsWith;
 import static org.hamcrest.core.Is.is;
 
 import java.nio.file.Files;
+import java.nio.file.Path;
+import java.security.KeyPairGenerator;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.spec.RSAKeyGenParameterSpec;
 
 import org.apache.sshd.server.SshServer;
 import org.apache.sshd.server.auth.hostbased.AcceptAllHostBasedAuthenticator;
 import org.apache.sshd.server.auth.password.AcceptAllPasswordAuthenticator;
 import org.apache.sshd.server.auth.pubkey.AcceptAllPublickeyAuthenticator;
 import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
 import org.apache.sshd.server.shell.UnknownCommandFactory;
+import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import org.bouncycastle.openssl.MiscPEMGenerator;
+import org.bouncycastle.util.io.pem.PemWriter;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.io.TempDir;
 
 import io.quarkus.test.junit.QuarkusTest;
 
@@ -45,6 +57,41 @@ void shouldConnect() {
                 .body(endsWith(sshd.getVersion()));
     }
 
+    @Test
+    void shouldDecryptUsingKeyPair(@TempDir Path keypairDir) throws Exception {
+        String passphrase = "password";
+        byte[] seed = passphrase.getBytes(UTF_8);
+
+        SecureRandom rnd = SecureRandom.getInstanceStrong();
+        rnd.setSeed(seed);
+
+        RSAKeyGenParameterSpec spec = new RSAKeyGenParameterSpec(1024, RSAKeyGenParameterSpec.F0);
+        // Generate a Keypair
+        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
+        keyPairGenerator.initialize(spec, rnd);
+
+        java.security.KeyPair keyPair = keyPairGenerator.generateKeyPair();
+        // Save the private key
+        Path privateKeyPath = keypairDir.resolve("test_rsa");
+        try (PemWriter writer = new PemWriter(Files.newBufferedWriter(privateKeyPath))) {
+            PrivateKey privateKey = keyPair.getPrivate();
+            writer.writeObject(new MiscPEMGenerator(PrivateKeyInfo.getInstance(privateKey.getEncoded())).generate());
+        }
+
+        // Save the public key
+        Path publicKeyPath = keypairDir.resolve("test_rsa.pub");
+        try (PemWriter writer = new PemWriter(Files.newBufferedWriter(publicKeyPath))) {
+            PublicKey publicKey = keyPair.getPublic();
+            writer.writeObject(new MiscPEMGenerator(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded())).generate());
+        }
+        given().queryParam("privateKey", privateKeyPath.toAbsolutePath().toString())
+                .queryParam("passphrase", passphrase)
+                .get("/jsch/keypair/decrypt")
+                .then()
+                .statusCode(is(200))
+                .body(is("true"));
+    }
+
     @AfterEach
     void stopServer() throws Exception {
         if (sshd != null) {