From d6eb3cfb88bfb5a01a8234497977321d25bb866a Mon Sep 17 00:00:00 2001 From: Vojtech Juranek Date: Thu, 26 Jan 2012 16:36:38 +0100 Subject: [PATCH] Added support for ecnrypted key files --- cli/src/main/java/hudson/cli/CLI.java | 56 ++++++++++++++++++++++++--- 1 file changed, 50 insertions(+), 6 deletions(-) diff --git a/cli/src/main/java/hudson/cli/CLI.java b/cli/src/main/java/hudson/cli/CLI.java index c4861d5f92..cea479a391 100644 --- a/cli/src/main/java/hudson/cli/CLI.java +++ b/cli/src/main/java/hudson/cli/CLI.java @@ -69,6 +69,7 @@ import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; import java.util.logging.Level; import java.util.logging.Logger; +import java.io.Console; import static java.util.logging.Level.*; @@ -349,13 +350,17 @@ public class CLI { printUsage(Messages.CLI_NoSuchFileExists(f)); return -1; } + KeyPair kp = null; try { - candidateKeys.add(loadKey(f)); + kp = loadKey(f); } catch (IOException e) { - throw new Exception("Failed to load key: "+f,e); + //if the PEM file is encrypted, IOException is thrown + kp = tryEncryptedFile(f); } catch (GeneralSecurityException e) { throw new Exception("Failed to load key: "+f,e); } + if(kp != null) + candidateKeys.add(kp); args = args.subList(2,args.size()); sshAuthRequestedExplicitly = true; continue; @@ -430,19 +435,27 @@ public class CLI { /** * Loads RSA/DSA private key in a PEM format into {@link KeyPair}. */ + public static KeyPair loadKey(File f, String passwd) throws IOException, GeneralSecurityException { + return loadKey(readPemFile(f), passwd); + } + public static KeyPair loadKey(File f) throws IOException, GeneralSecurityException { + return loadKey(f, null); + } + + private static String readPemFile(File f) throws IOException{ DataInputStream dis = new DataInputStream(new FileInputStream(f)); byte[] bytes = new byte[(int) f.length()]; dis.readFully(bytes); dis.close(); - return loadKey(new String(bytes)); + return new String(bytes); } - + /** * Loads RSA/DSA private key in a PEM format into {@link KeyPair}. */ - public static KeyPair loadKey(String pemString) throws IOException, GeneralSecurityException { - Object key = PEMDecoder.decode(pemString.toCharArray(), null); + public static KeyPair loadKey(String pemString, String passwd) throws IOException, GeneralSecurityException { + Object key = PEMDecoder.decode(pemString.toCharArray(), passwd); if (key instanceof com.trilead.ssh2.signature.RSAPrivateKey) { com.trilead.ssh2.signature.RSAPrivateKey x = (com.trilead.ssh2.signature.RSAPrivateKey)key; // System.out.println("ssh-rsa " + new String(Base64.encode(RSASHA1Verify.encodeSSHRSAPublicKey(x.getPublicKey())))); @@ -462,6 +475,37 @@ public class CLI { throw new UnsupportedOperationException("Unrecognizable key format: "+key); } + public static KeyPair loadKey(String pemString) throws IOException, GeneralSecurityException { + return loadKey(pemString, null); + } + + private static KeyPair tryEncryptedFile(File f) throws IOException, GeneralSecurityException{ + KeyPair kp = null; + if(isPemEncrypted(f)){ + String passwd = askForPasswd(f.getCanonicalPath()); + kp = loadKey(f,passwd); + } + return kp; + } + + private static boolean isPemEncrypted(File f) throws IOException{ + String pemString = readPemFile(f); + //simple check if the file is encrypted + if(pemString.contains("4,ENCRYPTED")) + return true; + return false; + } + + private static String askForPasswd(String filePath){ + Console cons = System.console(); + String passwd = null; + if (cons != null){ + char[] p = cons.readPassword("%s", "Enter passphrase for "+filePath+":"); + passwd = String.valueOf(p); + } + return passwd; + } + /** * try all the default key locations */ -- GitLab