From 664d237425030010647c0e802d7a80b82186f684 Mon Sep 17 00:00:00 2001 From: Yves Langisch Date: Thu, 11 Aug 2022 07:30:00 +0200 Subject: [PATCH] PKCS5 support is now part of PKCS8 classes. Also refer to https://github.com/hierynomus/sshj/pull/793. --- .../manta/MantaPublicKeyAuthentication.java | 65 +++++++++---------- .../auth/SFTPPublicKeyAuthentication.java | 20 +++--- .../OpenSSHPrivateKeyConfigurator.java | 3 +- 3 files changed, 40 insertions(+), 48 deletions(-) diff --git a/manta/src/main/java/ch/cyberduck/core/manta/MantaPublicKeyAuthentication.java b/manta/src/main/java/ch/cyberduck/core/manta/MantaPublicKeyAuthentication.java index 7ba2ea6ccc2..62adcc3aa29 100644 --- a/manta/src/main/java/ch/cyberduck/core/manta/MantaPublicKeyAuthentication.java +++ b/manta/src/main/java/ch/cyberduck/core/manta/MantaPublicKeyAuthentication.java @@ -48,7 +48,6 @@ import net.schmizz.sshj.userauth.keyprovider.KeyFormat; import net.schmizz.sshj.userauth.keyprovider.KeyProviderUtil; import net.schmizz.sshj.userauth.keyprovider.OpenSSHKeyFile; -import net.schmizz.sshj.userauth.keyprovider.PKCS5KeyFile; import net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile; import net.schmizz.sshj.userauth.keyprovider.PuTTYKeyFile; import net.schmizz.sshj.userauth.password.PasswordFinder; @@ -76,39 +75,39 @@ public String authenticate(final Host bookmark, final LoginCallback prompt, fina log.info(String.format("Reading private key %s with key format %s", identity, format)); } provider.init( - new InputStreamReader(identity.getInputStream(), StandardCharsets.UTF_8), - new PasswordFinder() { - @Override - public char[] reqPassword(Resource resource) { - if(StringUtils.isEmpty(credentials.getIdentityPassphrase())) { - try { - // Use password prompt - final Credentials input = prompt.prompt(bookmark, - LocaleFactory.localizedString("Private key password protected", "Credentials"), - String.format("%s (%s)", - LocaleFactory.localizedString("Enter the passphrase for the private key file", "Credentials"), - identity.getAbbreviatedPath()), - new LoginOptions() - .icon(bookmark.getProtocol().disk()) - .user(false).password(true) - ); - credentials.setSaved(input.isSaved()); - credentials.setIdentityPassphrase(input.getPassword()); - } - catch(LoginCanceledException e) { - // Return null if user cancels - return StringUtils.EMPTY.toCharArray(); + new InputStreamReader(identity.getInputStream(), StandardCharsets.UTF_8), + new PasswordFinder() { + @Override + public char[] reqPassword(Resource resource) { + if(StringUtils.isEmpty(credentials.getIdentityPassphrase())) { + try { + // Use password prompt + final Credentials input = prompt.prompt(bookmark, + LocaleFactory.localizedString("Private key password protected", "Credentials"), + String.format("%s (%s)", + LocaleFactory.localizedString("Enter the passphrase for the private key file", "Credentials"), + identity.getAbbreviatedPath()), + new LoginOptions() + .icon(bookmark.getProtocol().disk()) + .user(false).password(true) + ); + credentials.setSaved(input.isSaved()); + credentials.setIdentityPassphrase(input.getPassword()); + } + catch(LoginCanceledException e) { + // Return null if user cancels + return StringUtils.EMPTY.toCharArray(); + } } + config.setPassword(credentials.getIdentityPassphrase()); + return credentials.getIdentityPassphrase().toCharArray(); } - config.setPassword(credentials.getIdentityPassphrase()); - return credentials.getIdentityPassphrase().toCharArray(); - } - @Override - public boolean shouldRetry(Resource resource) { - return false; + @Override + public boolean shouldRetry(Resource resource) { + return false; + } } - } ); return this.computeFingerprint(provider); } @@ -137,8 +136,6 @@ private String computeFingerprint(final FileKeyProvider provider) throws Backgro private FileKeyProvider buildProvider(final Local identity, final KeyFormat format) throws InteroperabilityException { switch(format) { - case PKCS5: - return new PKCS5KeyFile.Factory().create(); case PKCS8: return new PKCS8KeyFile.Factory().create(); case OpenSSH: @@ -156,8 +153,8 @@ private KeyFormat detectKeyFormat(final Local identity) throws BackgroundExcepti final KeyFormat format; try (InputStream is = identity.getInputStream()) { format = KeyProviderUtil.detectKeyFileFormat( - new InputStreamReader(is, StandardCharsets.UTF_8), - true); + new InputStreamReader(is, StandardCharsets.UTF_8), + true); } catch(IOException e) { throw new DefaultIOExceptionMappingService().map(e); diff --git a/ssh/src/main/java/ch/cyberduck/core/sftp/auth/SFTPPublicKeyAuthentication.java b/ssh/src/main/java/ch/cyberduck/core/sftp/auth/SFTPPublicKeyAuthentication.java index f41761499b6..e8307a75f7f 100644 --- a/ssh/src/main/java/ch/cyberduck/core/sftp/auth/SFTPPublicKeyAuthentication.java +++ b/ssh/src/main/java/ch/cyberduck/core/sftp/auth/SFTPPublicKeyAuthentication.java @@ -43,7 +43,6 @@ import net.schmizz.sshj.userauth.keyprovider.KeyFormat; import net.schmizz.sshj.userauth.keyprovider.KeyProviderUtil; import net.schmizz.sshj.userauth.keyprovider.OpenSSHKeyFile; -import net.schmizz.sshj.userauth.keyprovider.PKCS5KeyFile; import net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile; import net.schmizz.sshj.userauth.keyprovider.PuTTYKeyFile; import net.schmizz.sshj.userauth.method.AuthPublickey; @@ -71,14 +70,11 @@ public Boolean authenticate(final Host bookmark, final LoginCallback prompt, fin final AtomicBoolean canceled = new AtomicBoolean(); try { final KeyFormat format = KeyProviderUtil.detectKeyFileFormat( - new InputStreamReader(identity.getInputStream(), StandardCharsets.UTF_8), true); + new InputStreamReader(identity.getInputStream(), StandardCharsets.UTF_8), true); if(log.isInfoEnabled()) { log.info(String.format("Reading private key %s with key format %s", identity, format)); } switch(format) { - case PKCS5: - provider = new PKCS5KeyFile.Factory().create(); - break; case PKCS8: provider = new PKCS8KeyFile.Factory().create(); break; @@ -101,13 +97,13 @@ public char[] reqPassword(Resource resource) { try { // Use password prompt final Credentials input = prompt.prompt(bookmark, - LocaleFactory.localizedString("Private key password protected", "Credentials"), - String.format("%s (%s)", - LocaleFactory.localizedString("Enter the passphrase for the private key file", "Credentials"), - identity.getAbbreviatedPath()), - new LoginOptions() - .icon(bookmark.getProtocol().disk()) - .user(false).password(true) + LocaleFactory.localizedString("Private key password protected", "Credentials"), + String.format("%s (%s)", + LocaleFactory.localizedString("Enter the passphrase for the private key file", "Credentials"), + identity.getAbbreviatedPath()), + new LoginOptions() + .icon(bookmark.getProtocol().disk()) + .user(false).password(true) ); credentials.setSaved(input.isSaved()); credentials.setIdentityPassphrase(input.getPassword()); diff --git a/ssh/src/main/java/ch/cyberduck/core/sftp/openssh/OpenSSHPrivateKeyConfigurator.java b/ssh/src/main/java/ch/cyberduck/core/sftp/openssh/OpenSSHPrivateKeyConfigurator.java index 6783ae6dc7b..94bd19ac4bb 100644 --- a/ssh/src/main/java/ch/cyberduck/core/sftp/openssh/OpenSSHPrivateKeyConfigurator.java +++ b/ssh/src/main/java/ch/cyberduck/core/sftp/openssh/OpenSSHPrivateKeyConfigurator.java @@ -64,14 +64,13 @@ public Pattern toPattern() { final KeyFormat format; try { format = KeyProviderUtil.detectKeyFileFormat( - new InputStreamReader(file.getInputStream(), StandardCharsets.UTF_8), true); + new InputStreamReader(file.getInputStream(), StandardCharsets.UTF_8), true); } catch(AccessDeniedException | IOException e) { log.debug(String.format("Ignore file %s with unknown format. %s", file, e.getMessage())); continue; } switch(format) { - case PKCS5: case PKCS8: case OpenSSH: case OpenSSHv1: