From c85a282fc1b2b414ae6edc141a4ce905a78e4fdc Mon Sep 17 00:00:00 2001 From: Ivan Fernandez Calvo Date: Sat, 5 Sep 2020 17:35:36 +0200 Subject: [PATCH 1/4] fix: set Triple DES cipher name --- src/com/trilead/ssh2/crypto/PEMDecoder.java | 4 ++-- .../ssh2/crypto/cipher/JreCipherWrapperTest.java | 13 ++++++++++++- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/src/com/trilead/ssh2/crypto/PEMDecoder.java b/src/com/trilead/ssh2/crypto/PEMDecoder.java index 93d1eced..396f0295 100644 --- a/src/com/trilead/ssh2/crypto/PEMDecoder.java +++ b/src/com/trilead/ssh2/crypto/PEMDecoder.java @@ -22,7 +22,7 @@ /** * PEM Support. - * + * * @author Christian Plattner, plattner@trilead.com * @version $Id: PEMDecoder.java,v 1.2 2008/04/01 12:38:09 cplattne Exp $ */ @@ -350,7 +350,7 @@ private static void decryptPEM(PEMStructure ps, char[] pw) throws IOException switch (algo) { case "DES-EDE3-CBC": - bc = JreCipherWrapper.getInstance("PBEWithMD5AndDESede", new PBEParameterSpec(salt, 1)); + bc = JreCipherWrapper.getInstance("PBEWithMD5AndTripleDES", new PBEParameterSpec(salt, 1)); bc.init(false, new PBEKeySpec(pw, salt, 1, 24)); break; case "DES-CBC": diff --git a/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java b/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java index 97316d31..f907a26f 100644 --- a/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java +++ b/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java @@ -49,4 +49,15 @@ public void shouldMatchJreBehavior() throws Exception { } assertArrayEquals(plaintext, decrypted); } -} \ No newline at end of file + + @Test + public void testPBEWithMD5AndDESede() throws Exception { + SecureRandom rng = SecureRandom.getInstanceStrong(); + byte[] iv = new byte[16]; + rng.nextBytes(iv); + byte[] key = new byte[16]; + rng.nextBytes(key); + JreCipherWrapper cipher = JreCipherWrapper.getInstance("PBEWithMD5AndTripleDES", new IvParameterSpec(iv)); + JreCipherWrapper cipher1 = JreCipherWrapper.getInstance("DESede/CBC/PKCS5Padding", new IvParameterSpec(iv)); + } +} From 38aa6ffe7a266bd40bcd6c3660245d25d9785a86 Mon Sep 17 00:00:00 2001 From: Ivan Fernandez Calvo Date: Sun, 6 Sep 2020 21:38:11 +0200 Subject: [PATCH 2/4] fix: allow to use password encrypted keys --- src/com/trilead/ssh2/crypto/PEMDecoder.java | 137 +++++++++++------ src/com/trilead/ssh2/crypto/PEMStructure.java | 39 ++++- .../crypto/cipher/JreCipherWrapperTest.java | 143 ++++++++++++++++-- .../trilead/ssh2/crypto/cipher/aes128_cbc.pem | 42 +++++ .../trilead/ssh2/crypto/cipher/aes192_cbc.pem | 42 +++++ .../trilead/ssh2/crypto/cipher/aes256_cbc.pem | 42 +++++ .../trilead/ssh2/crypto/cipher/des_cbc.pem | 42 +++++ .../ssh2/crypto/cipher/des_ede3_cbc.pem | 42 +++++ test/com/trilead/ssh2/crypto/cipher/key.pem | 39 +++++ .../trilead/ssh2/crypto/cipher/key.pem.pub | 1 + 10 files changed, 506 insertions(+), 63 deletions(-) create mode 100644 test/com/trilead/ssh2/crypto/cipher/aes128_cbc.pem create mode 100644 test/com/trilead/ssh2/crypto/cipher/aes192_cbc.pem create mode 100644 test/com/trilead/ssh2/crypto/cipher/aes256_cbc.pem create mode 100644 test/com/trilead/ssh2/crypto/cipher/des_cbc.pem create mode 100644 test/com/trilead/ssh2/crypto/cipher/des_ede3_cbc.pem create mode 100644 test/com/trilead/ssh2/crypto/cipher/key.pem create mode 100644 test/com/trilead/ssh2/crypto/cipher/key.pem.pub diff --git a/src/com/trilead/ssh2/crypto/PEMDecoder.java b/src/com/trilead/ssh2/crypto/PEMDecoder.java index 396f0295..5c864f25 100644 --- a/src/com/trilead/ssh2/crypto/PEMDecoder.java +++ b/src/com/trilead/ssh2/crypto/PEMDecoder.java @@ -7,18 +7,29 @@ import com.trilead.ssh2.signature.KeyAlgorithmManager; import com.trilead.ssh2.signature.RSAPrivateKey; +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.PBEParameterSpec; +import javax.crypto.spec.SecretKeySpec; import java.io.BufferedReader; import java.io.CharArrayReader; import java.io.IOException; import java.math.BigInteger; +import java.nio.charset.StandardCharsets; import java.security.DigestException; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; import java.security.KeyPair; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import java.util.Base64; import java.util.logging.Level; import java.util.logging.Logger; +import java.util.stream.Collectors; /** * PEM Support. @@ -52,7 +63,7 @@ private static int hexToInt(char c) throw new IllegalArgumentException("Need hex char"); } - private static byte[] hexToByteArray(String hex) + public static byte[] hexToByteArray(String hex) { if (hex == null) throw new IllegalArgumentException("null argument"); @@ -138,7 +149,7 @@ private static byte[] removePadding(byte[] buff, int blockSize) throws IOExcepti return tmp; } - private static PEMStructure parsePEM(char[] pem) throws IOException + public static PEMStructure parsePEM(char[] pem) throws IOException { PEMStructure ps = new PEMStructure(); @@ -228,10 +239,7 @@ private static PEMStructure parsePEM(char[] pem) throws IOException line = br.readLine(); } - char[] pem_chars = new char[keyData.length()]; - keyData.getChars(0, pem_chars.length, pem_chars, 0); - - ps.data = Base64.decode(pem_chars); + ps.data = Base64.getDecoder().decode(keyData.toString().replaceAll("\\s", "")); if (ps.data.length == 0) throw new IOException("Invalid PEM structure, no data available"); @@ -250,7 +258,6 @@ private static PEMStructure parsePEM(char[] pem, CertificateDecoder certificateD BufferedReader br = new BufferedReader(new CharArrayReader(pem)); String endLine; - while (true) { line = br.readLine(); @@ -265,7 +272,6 @@ private static PEMStructure parsePEM(char[] pem, CertificateDecoder certificateD endLine = certificateDecoder.getEndLine(); break; } - } while (true) @@ -324,10 +330,7 @@ private static PEMStructure parsePEM(char[] pem, CertificateDecoder certificateD line = br.readLine(); } - char[] pem_chars = new char[keyData.length()]; - keyData.getChars(0, pem_chars.length, pem_chars, 0); - - ps.data = Base64.decode(pem_chars); + ps.data = Base64.getDecoder().decode(keyData.toString().replaceAll("\\s", "")); if (ps.data.length == 0) throw new IOException("Invalid PEM structure, no data available"); @@ -335,7 +338,7 @@ private static PEMStructure parsePEM(char[] pem, CertificateDecoder certificateD return ps; } - private static void decryptPEM(PEMStructure ps, char[] pw) throws IOException + public static void decryptPEM(PEMStructure ps, String password) throws IOException { if (ps.dekInfo == null) throw new IOException("Broken PEM, no mode and salt given, but encryption enabled"); @@ -343,54 +346,86 @@ private static void decryptPEM(PEMStructure ps, char[] pw) throws IOException if (ps.dekInfo.length != 2) throw new IOException("Broken PEM, DEK-Info is incomplete!"); - String algo = ps.dekInfo[0]; - byte[] salt = hexToByteArray(ps.dekInfo[1]); + Cipher cipher; + String transformation; + byte[] key; + SecretKeySpec secretKey; + byte[] pw = password.getBytes(StandardCharsets.UTF_8); + String encryptionAlgorithm = ps.dekInfo[0]; + byte[] iv = hexToByteArray(ps.dekInfo[1]); + + MessageDigest digest = null; + try { + digest = MessageDigest.getInstance("MD5"); + } catch (NoSuchAlgorithmException e) { + throw new IOException(e); + } + + // we need to come up with the encryption key + + // first round digest based on password and first 8-bytes of IV .. + digest.update(pw); + digest.update(iv, 0, 8); + + byte[] round1Digest = digest.digest(); // The digest is reset after this call is made. - JreCipherWrapper bc; + // second round digest based on first round digest, password, and first 8-bytes of IV ... + digest.update(round1Digest); + digest.update(pw); + digest.update(iv, 0, 8); - switch (algo) { + byte[] round2Digest = digest.digest(); + + switch (encryptionAlgorithm) { case "DES-EDE3-CBC": - bc = JreCipherWrapper.getInstance("PBEWithMD5AndTripleDES", new PBEParameterSpec(salt, 1)); - bc.init(false, new PBEKeySpec(pw, salt, 1, 24)); + transformation = "DESede/CBC/PKCS5Padding"; + key = new byte[24]; // key size of 24 bytes + System.arraycopy(round1Digest, 0, key, 0, 16); + System.arraycopy(round2Digest, 0, key, 16, 8); + secretKey = new SecretKeySpec(key, "DESede"); break; case "DES-CBC": - bc = JreCipherWrapper.getInstance("PBEWithMD5AndDES", new PBEParameterSpec(salt, 1)); - bc.init(false, new PBEKeySpec(pw, salt, 1, 8)); + transformation = "DES/CBC/PKCS5Padding"; + key = new byte[8]; // key size of 8 bytes + System.arraycopy(round1Digest, 0, key, 0, 8); + secretKey = new SecretKeySpec(key, "DES"); break; case "AES-128-CBC": - bc = JreCipherWrapper.getInstance("PBEWithMD5AndAES_128", new PBEParameterSpec(salt, 1)); - bc.init(false, new PBEKeySpec(pw, salt, 1,16)); + transformation = "AES/CBC/PKCS5Padding"; + key = new byte[16]; // 128 bit key + System.arraycopy(round1Digest, 0, key, 0, 16); + secretKey = new SecretKeySpec(key, "AES"); break; case "AES-192-CBC": - bc = JreCipherWrapper.getInstance("PBEWithMD5AndAES_192", new PBEParameterSpec(salt, 1)); - bc.init(false, new PBEKeySpec(pw, salt, 1, 24)); + transformation = "AES/CBC/PKCS5Padding"; + key = new byte[24]; // key size of 24 bytes + System.arraycopy(round1Digest, 0, key, 0, 16); + System.arraycopy(round2Digest, 0, key, 16, 8); + secretKey = new SecretKeySpec(key, "AES"); break; case "AES-256-CBC": - bc = JreCipherWrapper.getInstance("PBEWithMD5AndAES_256", new PBEParameterSpec(salt, 1)); - bc.init(false, new PBEKeySpec(pw, salt, 1, 32)); + transformation = "AES/CBC/PKCS5Padding"; + key = new byte[32]; // 256 bit key (block size still 128-bit) + System.arraycopy(round1Digest, 0, key, 0, 16); + System.arraycopy(round2Digest, 0, key, 16, 16); + secretKey = new SecretKeySpec(key, "AES"); break; default: - throw new IOException("Cannot decrypt PEM structure, unknown cipher " + algo); + throw new IOException("Cannot decrypt PEM structure, unknown cipher " + encryptionAlgorithm); } - - if ((ps.data.length % bc.getBlockSize()) != 0) - throw new IOException("Invalid PEM structure, size of encrypted block is not a multiple of " - + bc.getBlockSize()); - - /* Now decrypt the content */ - - byte[] dz = new byte[ps.data.length]; - - for (int i = 0; i < ps.data.length / bc.getBlockSize(); i++) - { - bc.transformBlock(ps.data, i * bc.getBlockSize(), dz, i * bc.getBlockSize()); + try { + cipher = Cipher.getInstance(transformation); + cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv)); + ps.data = cipher.doFinal(ps.data); + } catch (IllegalBlockSizeException + | BadPaddingException + | InvalidKeyException + | InvalidAlgorithmParameterException + | NoSuchAlgorithmException + | NoSuchPaddingException e) { + new IOException(e); } - /* Now check and remove RFC 1423/PKCS #7 padding */ - - dz = removePadding(dz, bc.getBlockSize()); - - ps.data = dz; ps.dekInfo = null; ps.procType = null; } @@ -419,7 +454,7 @@ public static Object decode(char[] pem, String password) throws IOException if (password == null) throw new IOException("PEM is encrypted, but no password was specified"); - decryptPEM(ps, password.toCharArray()); + decryptPEM(ps, password); } if (ps.pemType == PEM_DSA_PRIVATE_KEY) @@ -489,17 +524,21 @@ public static KeyPair decodeKeyPair(char[] pem, String password) throws IOExcept if (password == null) throw new IOException("PEM is encrypted, but no password was specified"); - decryptPEM(ps, password.toCharArray()); + decryptPEM(ps, password); } return decoder.createKeyPair(ps, password); } catch (IOException ex) { - LOGGER.log(Level.FINE, "Could not decode PEM Key using current decoder: " + decoder.getClass().getName(), ex); + LOGGER.log(Level.FINE, + "Could not decode PEM Key using current decoder: " + decoder.getClass().getName(), ex); // we couldn't decode the input, try another decoder } } } - throw new IOException("PEM problem: it is of unknown type"); + throw new IOException("PEM problem: it is of unknown type. Supported algorithms are :" + + KeyAlgorithmManager.getSupportedAlgorithms().stream() + .map(c -> c.getKeyFormat()) + .collect(Collectors.toList()).toString()); } } diff --git a/src/com/trilead/ssh2/crypto/PEMStructure.java b/src/com/trilead/ssh2/crypto/PEMStructure.java index 942c3d35..a35a9242 100644 --- a/src/com/trilead/ssh2/crypto/PEMStructure.java +++ b/src/com/trilead/ssh2/crypto/PEMStructure.java @@ -1,6 +1,9 @@ package com.trilead.ssh2.crypto; +import java.util.Arrays; +import java.util.Objects; + /** * Parsed PEM structure. * @@ -11,11 +14,45 @@ public class PEMStructure { int pemType; - String dekInfo[]; + public String[] dekInfo; String procType[]; byte[] data; public byte[] getData() { return data; } + + @Override + public boolean equals(Object o) { + if (this == o) + return true; + if (o == null || getClass() != o.getClass()) + return false; + PEMStructure that = (PEMStructure) o; + return pemType == that.pemType + && Arrays.equals(dekInfo, that.dekInfo) + && Arrays.equals(procType, that.procType) + && Arrays.equals(data, that.data); + } + + @Override + public int hashCode() { + int result = Objects.hash(pemType); + result = 31 * result + Arrays.hashCode(dekInfo); + result = 31 * result + Arrays.hashCode(procType); + result = 31 * result + Arrays.hashCode(data); + return result; + } + + @Override + public String toString() { + final StringBuilder sb = new StringBuilder("PEMStructure{"); + sb.append("pemType=").append(pemType); + sb.append(", dekInfo=").append(Arrays.toString(dekInfo)); + sb.append(", procType=").append(Arrays.toString(procType)); + sb.append(", data=").append(java.util.Base64.getEncoder().encodeToString(data)); + sb.append(", data.length=").append(data.length); + sb.append('}'); + return sb.toString(); + } } \ No newline at end of file diff --git a/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java b/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java index f907a26f..8e4d32f7 100644 --- a/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java +++ b/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java @@ -1,17 +1,21 @@ package com.trilead.ssh2.crypto.cipher; -import org.junit.Test; - +import java.security.SecureRandom; +import java.util.Arrays; +import java.util.logging.Logger; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; -import java.security.SecureRandom; -import java.util.Arrays; - +import com.trilead.ssh2.crypto.PEMDecoder; +import com.trilead.ssh2.crypto.PEMStructure; +import org.apache.commons.io.IOUtils; +import org.junit.Test; import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; public class JreCipherWrapperTest { + Logger LOGGER = Logger.getLogger(JreCipherWrapperTest.class.getName()); + @Test public void shouldMatchJreBehavior() throws Exception { SecureRandom rng = SecureRandom.getInstanceStrong(); @@ -51,13 +55,126 @@ public void shouldMatchJreBehavior() throws Exception { } @Test - public void testPBEWithMD5AndDESede() throws Exception { - SecureRandom rng = SecureRandom.getInstanceStrong(); - byte[] iv = new byte[16]; - rng.nextBytes(iv); - byte[] key = new byte[16]; - rng.nextBytes(key); - JreCipherWrapper cipher = JreCipherWrapper.getInstance("PBEWithMD5AndTripleDES", new IvParameterSpec(iv)); - JreCipherWrapper cipher1 = JreCipherWrapper.getInstance("DESede/CBC/PKCS5Padding", new IvParameterSpec(iv)); + public void testSupportedCiphersAvailable() throws Exception { + char[] des_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("des_cbc.pem")); + char[] des_ede3_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("des_ede3_cbc.pem")); + char[] aes128_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("aes128_cbc.pem")); + char[] aes192_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("aes192_cbc.pem")); + char[] aes256_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("aes256_cbc.pem")); + char[] unencrypted = IOUtils.toCharArray(getClass().getResourceAsStream("key.pem")); + String password = "password"; + + PEMStructure psOrg = PEMDecoder.parsePEM(unencrypted); + LOGGER.info(psOrg.toString()); + + PEMStructure ps = PEMDecoder.parsePEM(des_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(des_cbc, password); + assertEquals(psOrg, ps); + + ps = PEMDecoder.parsePEM(des_ede3_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(des_ede3_cbc, password); + assertEquals(psOrg, ps); + + ps = PEMDecoder.parsePEM(aes128_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(aes128_cbc, password); + assertEquals(psOrg, ps); + + ps = PEMDecoder.parsePEM(aes192_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(aes192_cbc, password); + assertEquals(psOrg, ps); + + ps = PEMDecoder.parsePEM(aes256_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(aes256_cbc, password); + assertEquals(psOrg, ps); + } + + @Test + public void testEncryptedKeyDES() throws Exception { + char[] des_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("des_cbc.pem")); + char[] unencrypted = IOUtils.toCharArray(getClass().getResourceAsStream("key.pem")); + String password = "password"; + + PEMStructure psOrg = PEMDecoder.parsePEM(unencrypted); + LOGGER.info(psOrg.toString()); + + PEMStructure ps = PEMDecoder.parsePEM(des_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(des_cbc, password); + assertEquals(psOrg, ps); + } + + @Test + public void testEncryptedKeyTripleDES() throws Exception { + char[] des_ede3_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("des_ede3_cbc.pem")); + char[] unencrypted = IOUtils.toCharArray(getClass().getResourceAsStream("key.pem")); + String password = "password"; + + PEMStructure psOrg = PEMDecoder.parsePEM(unencrypted); + LOGGER.info(psOrg.toString()); + + PEMStructure ps = PEMDecoder.parsePEM(des_ede3_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(des_ede3_cbc, password); + assertEquals(psOrg, ps); + } + + @Test + public void testEncryptedKeyAES128() throws Exception { + char[] aes128_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("aes128_cbc.pem")); + char[] unencrypted = IOUtils.toCharArray(getClass().getResourceAsStream("key.pem")); + String password = "password"; + + PEMStructure psOrg = PEMDecoder.parsePEM(unencrypted); + LOGGER.info(psOrg.toString()); + + PEMStructure ps = PEMDecoder.parsePEM(aes128_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(aes128_cbc, password); + assertEquals(psOrg, ps); + } + + @Test + public void testEncryptedKeyAES192() throws Exception { + char[] aes192_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("aes192_cbc.pem")); + char[] unencrypted = IOUtils.toCharArray(getClass().getResourceAsStream("key.pem")); + String password = "password"; + + PEMStructure psOrg = PEMDecoder.parsePEM(unencrypted); + LOGGER.info(psOrg.toString()); + + PEMStructure ps = PEMDecoder.parsePEM(aes192_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(aes192_cbc, password); + assertEquals(psOrg, ps); + } + + @Test + public void testEncryptedKeyAES256() throws Exception { + char[] aes256_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("aes256_cbc.pem")); + char[] unencrypted = IOUtils.toCharArray(getClass().getResourceAsStream("key.pem")); + String password = "password"; + + PEMStructure psOrg = PEMDecoder.parsePEM(unencrypted); + LOGGER.info(psOrg.toString()); + + PEMStructure ps = PEMDecoder.parsePEM(aes256_cbc); + LOGGER.info(ps.toString()); + PEMDecoder.decryptPEM(ps, password); + PEMDecoder.decodeKeyPair(aes256_cbc, password); + assertEquals(psOrg, ps); } } diff --git a/test/com/trilead/ssh2/crypto/cipher/aes128_cbc.pem b/test/com/trilead/ssh2/crypto/cipher/aes128_cbc.pem new file mode 100644 index 00000000..8d17fdde --- /dev/null +++ b/test/com/trilead/ssh2/crypto/cipher/aes128_cbc.pem @@ -0,0 +1,42 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-CBC,18AD07B8BCA0F89B291203ADF5C5473F + +fktiqJ3IO/+01DdDNDJmB9lZqX1jeh/fHOF9fUcuvRJyFygtSUUF7DYct1rgWpkY +LIMMaLRk2FyTdaeJeAVokXj5qnRYB7m4GuWmstayMxgokvl0LMgl+K+navleN1oo +gqw9iO+WpOP8VAh6LD5SX+rkk2J6GpSHwl5Wl3mmVHcq+ZMSIoOjBgIQEwl1V/kY +uNMupkvFNYfI1mZxJOO4zkSQNlpywTU8NGEsniUFNSRfABV5sxiWWUQa/ZM2ntPo +2wghES76ANSJwJYJihSMVmSwsQvLnDHuoslnnfpuWdv76u6GCmAPPUxw5yZp5AY8 +JS6IrKEFhV4KXeWo/YUnpvs053EpbSUyZZa92EkFN1W/NnGtQbwXl6JdXEyf2zqP +XJey1nKeZ077a1Iasc7lx/2qTutqYSNDtvjKqoe9m1GRG+emByl8MMhHltKAnFoG +2AUbvHCdZc9jcHRLcjdIU7JnQ/dlrXmow57QnRv7h472cnXjCARRP4o2YpDcjyMd +sz6aFOziIYC2Pgr9hlpa9fprk5jAkZpoQK+qjOV8B2zdAOReMJUvntPnhfXGoyCV +SDUBeab49bsx9Dfz42mVTJrZg8fBxOYnJXMFyFwSuXTnwj22fKyccPADgDjncWFI +jQ9tYY3xnmYtPszOPduv7REcvxsEVwovM/rcQt3wz2TfogZaaeoRFHG6QfL4WrZ7 +5VEVVSaB95REPb/B9BsW2F1w91iSt8N/oHZ2P5ncfEURuIITTFnxHUtVhwX6W+uJ +URCIHelh6Vh6C9uyHQz06MmT1ndFSPdDPsHYnsn8pPit2VP5HjivisZIzYD9NTZZ +zELMaY4Fp3Kw11+e4qdSK5D7UN62udfbbjZM7LznKni7pGNYpnYsNpCmKJWmiZaM +T4xnkynOktyT3peFfi5qK56PBqBp/Au/x9zvLRxjtZl0F71GxZPJYPFNVnmFDjA8 +LVJL9LMxmX+EfTRln/vmg/uTlrlevU4iphB4qQ5vRZMxrgDNrtfFzP0OcztrBtOs +Ur710FSHQRs/PGFZOVbXSiCFj25nQxgw0KXS8cnYj3+FHUpZWlbY2mjxaHax7GjK +sfBJnjzNHHTh/ABFrLMB3BqA0eszRy9k4JaUX92PvMOw2qoHSNW6jsCq16TvBJ2E +RZugrpIBLlJBCyqpP9HGSsZ4ee5ibGWTwiwJAqCGLUg4ZbIxy0pSNR2Nkweoo/xN +aOE7SfbIptROzeNHLQcX6ffIpTniE0Tb+QNkbei+l3IYJcH8h5zCHu6NfF7Y2D/y +9qnXqkoz3OYaxFTsnxC7eoxKi8nO+V++mXk0XLUiJurV2cfE5QvZDJ18rmYnZxEO +G7x0lbkbPf0iQhJNEU+H8HY26+F25erUpQQSv396RKe+86ujQfDCEBnj/5bWSlQ5 +5mAhE/MV1/xPvlF8/B2EX3GajQyDTACJ01HHN2wKoI9wldrg3KoDjELzsPfbhAea +kZ2zsQ81xT83cf1UPS9lGk4zz+HNXyr7v3/S4NTY4xqHpVlyAbwVbuPYo8aHUBEu +v6eWfEp7cthf5INRtzZsuHx+AcTFBynAMJh9e9fhAdFxREx3czGiHRVZ+vdr1tlc +XSHO13RWVPNU65eTxmDZkKJP7nLfswBVjLjg3in1oy1cqhdZFxmzlGuXwQivz+0t +szWFvKmm0AvoUJKBeCGRmX6lImhzropa3dE23Cl+biBDfvWUrFcFWiAvcLIcGeOO +i8wQw+nMjPjSjBL8VLqRli8XoOkx10bRRTg5B/XaioqKbPKt26ESbPUJyfXjMJEB +LHq0sSbeo0g/RgjmgEZvafJ9RuM1EHr7cqIdPfCr/ZlJbxy/20ER8zbtiZ5nKzGp +MFFkQ7Lntg+iKtM9NTLIPW5VOdsiROx41RCuwzzwiG5p+ewtFYiYMABqdTOzwlIx +8/P/UhSd4ZpiS4Z8cat/qFgfvCT043qCNejt5tU+f/YnPdRQ/yHpLb41k4QWL+Cq +kOO7m9e4e1EtuqNcIzXHWJJxUmuWRGk4ttlUfI6OZenQn3+eYi2rdOhYSM3dImXG +PH/agTIAEBKzTQeIfEY3NFOngVhsTkyTAIvIosPqGc/q/S3Aa6xNMWH255TpOq84 +7WLSF/hEqH6JzrHKCNxBx283Q0ABF0mfoVwGgA8zdHQ4HXv5mxw08cVA24RjvpZW +vGJn6AoIEJVypZWNTjk09xK8yLg5CQsNZ3sVze2O6fCylMilTw9gf+9yn+/xWo0n +dUuxQpppBLrmkRquWmVjVeHN+OUHNixcWXn6TO4BdsCGeLtbQ8MI0A0Pa+XE+4tT +AYXX1F9VwEeFUedsdHQz/pO1nj5lHqHCzVmCX+/9JBFcbVMruCQ4u25zjGu/Nnh5 +-----END RSA PRIVATE KEY----- diff --git a/test/com/trilead/ssh2/crypto/cipher/aes192_cbc.pem b/test/com/trilead/ssh2/crypto/cipher/aes192_cbc.pem new file mode 100644 index 00000000..2ea9c872 --- /dev/null +++ b/test/com/trilead/ssh2/crypto/cipher/aes192_cbc.pem @@ -0,0 +1,42 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-192-CBC,23B1FE3232AD91E486B13D2FC25E7AFE + +SKwQTmd6rDOuvlw2mYg+xdQzP3RiEYDkMk302GmR9xxGuM66/tkDBMLVLY9uY9aT +5gO4zx4lLQs13g0iiAwrCVW2APmcASnAeCbhTweZzAplu/3jJo89C9J+lKUCkku2 +tIxpcOmjwndPZYIs0TVXTwSVmjOyCT+BT/nU65xwDYJEjR4hMsDC51DsD/cQ2Anw +RfTTNqZxQgwb+rs0cuQAO8S406HfEOVkqyaffo+9K26xTWwOGvYm5n8WrKQPSPc1 +nRoyUtZWRxQeuEngdOUZhDaXA6o2vMn6SkZJexK6xxBHWIDy1QFpalGV6xqC1ih6 +cnFagufP073wakS0fEWrUhpPKyLuITHhQb+wjbMdUp/+GL+UY6H2ICdowoG9avse +Edf2oyo5zAX33uMoE8x4uhSwItUYaHTn6z0dbjR2ZOyNhNMj9mWUJoRMcUkgIkA3 +RgAY65pIe/FtFYU2u8QqsbTOy95GdvHfSAybLLGdgNlnpRsPcqjWDL5nOxpe5IYS +z6KSCLII34n51cYRumehUBm1ifTeHvY+rVoNf24GpqYj8v2cupvyLSH2kbB/+qSM +0ufYUZ0lnf6kPxJPN1ZIUiEyYQx/jYoCyJKfvRnId6uiLZ8sHhfkA01lGjuaR5jc +gJGXqvDypxDOMQwf9PzFluKHdI1l4GwPmU4i+epYf5mKKdKhF3ou/pY6JE/LKL5a +Vfmp4UiAc8BS8FKsmp9z+ZBKv0kdPVLmIr7fFnkpv6Ngv0JDbYeZt7IWNw7OU/ks +IF3R4OySzbuXLXL0fuGju8SklxmNsi2zdv8pEd4LPcrtd8PYyRRQLQ1AAFCZh3bV +D7b+LH+ALGmN06EJuUAXIp5EX9LzWX/pWqiCYSHuOQs9o7BgOrG4Qx/o3yrGA8Go +jVU54Dr6pmsuhVK86fmFR0IQB5zRv9ofNzfhkig+UfwokHtVPUt/7k1jmah+AcVS +KFG0ButHb7y5lPJdEvj+sZioUuyhxqNPzpFJns6OXOIcQ+dDOdBgmOumwPzohYmb +87tWBif6FisyfljVgPmJmvIA7CxUu+gjoC3N2dlXV6en1ZcJZGp/1qaM08YmdTPV +jZ165tX7rhLti3n6e5ijCkC00BHH7xxzCf0R0ZmJerBXNCTnDs++RSa7EGDtl4gi +1Y+3gJImQXTi5fF2qIooy9sopVjdS0exjZlr6elmPjNzcFWo3abx1EhgkOGCHijS +sdGxJ+P/j5eEjDH7HOjT1XfoqQmIz+6k1lzhNtUomwJzt/ytsfUMuMgtKmaxGtMu +nClRwKa7W0e+wNpyv8LheMP8VGs1ejdOQoS9k7KHSchPacPFlphkoP9lAP/Weh66 +Gv7/vZFxZnj8xE9Rxv0IBpH6im96yNHdhmJp0ELu/C9lcKZUU0i/7uQ+oM40xbF/ +mUnzKCCW9FzahuIiQkMQr75tvZ6yQauURnESi7U1VNPg2uOwZnsE6EsnP1HTYLmz +defuIlSJjOOFNZi9jztw91otOY/loYYsJMP4ZvZIFucFMUTu6EktujVigWZS1Fbp +ApwZKrdwlWc1kBG3ycKdOFk/msN9fbR2F0DS/Prs0SPoH/oMGJa+Opljta94pc4/ +We4sgWR0aL9BPkfXlNN1p23B13eirdus0hvRMXE0WhCILY9fWk8NT7Mt1qBmzmzM +W7ijHYzoazudbN9E4gM/2+M0uYB/8gPWzxlSniQe8bVgV7qGdjocLcJQGW0xvm6j +CLRAoSVSp96SrTcYENizZegvrVAXyqyi0qn1wItefR9DJgpgxqEuZQ1fFwapMhAN +qwqntEx4SI5aOyQn116g8BEp7xzun3dpDbKv3EVRm1Aop8f/Xnckm2DsYLs/9wdQ +MfzJ3iRVU0/nuJJcMVMTgfEyhekqOiQSH168cIbIY8mQ/BJgKzWORkfObzdlJFPz +TtR9QHFfsk3qVqT21a9doHzw5Ng3f6O+yvM+p0fqxgGfVF00EjXhs/FmK5+gGwuN +1G2ULO9h2N69dtNcy2DRZR4H+kG0DGFmXQrvOT6V5AQtjQSLbG62g5yrxkNTRCSv +kSQf3P2Y7D5pWPw9oncZBqWdgk+ZJlXidN+Szs2A5gPYAgdWEgZ6qxs4brMGYWH4 +ubyXsmw8KzUSkBYvsdluM11A9KyZjev0GVDe8cjYyWTEKgXYL/JYPg5DC30zwn4q +W2DhykoF696w277N4/flz1+tLxigcX6yFNvow/T2WFF7HdksRLbk0xKiqVVzZ4uB +IW4LilRrn1WeKxHVT68bDe6ZomX9X5R2rvAAj8tlm9mVFXDYEKXe5KYEIyElR8Ed +iyqOegJWGuvbUDyDBGPHOX6gI3BG+PuPZum3X1QdypU0OjoTtgLhIG00aEUD9z7J +-----END RSA PRIVATE KEY----- diff --git a/test/com/trilead/ssh2/crypto/cipher/aes256_cbc.pem b/test/com/trilead/ssh2/crypto/cipher/aes256_cbc.pem new file mode 100644 index 00000000..508e5155 --- /dev/null +++ b/test/com/trilead/ssh2/crypto/cipher/aes256_cbc.pem @@ -0,0 +1,42 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,6D278FC468CBC14D66A0F4E44460967F + +AQg/1YJ4uso8i18zg6KAA2GIDkezatupVhrOF/CT3GInsVNWYdxdMCkCv0acBK4R +kQkjgdIUfUzq3Qe1qOyzRBZSIrUPtP0deiW9/CkppxsKfFc0JAjG4WWIVuAYyEbN +cbbIfnRCvMZ7kYuE5lDZLx/4s0xWeQGHTTFtUcOx71RsY8I/V0KDoJ6XpVM2fWXj +uoQ6+pppfxixGhPGiO7O2PA2+/ZQlm2OKbptThCyXXRgsSBXHHM8EJE92CWi2ogC +PE9dg3dAqGUTmJOZ8oo9PucI+mp5LTsEuAJZj3lksHkk0wPaNgXmUQNh2P9qzqL7 +t/MiaHTw2pgWdh8UndGTitzktwbysQtk5dc3XKkTrSXYzEDMmdODBVguUr+LBSEj +LXmG4O0+tZp7aNy+Bq2czWwNh5bURvKjLUVSql7ICZm2s7lRwwqW0tqYnbds1ktQ +vcyQVaE5W/hIthHJdb+nClw5SqhkDaoi0GCzPVWP36IeSMf4hu/8nEb5OW/PfhLP +wRWyrsekqfRroMEElV/OYkD8ObZ6t+vGwX8hNwWqO8kjlaEdypgoBNLeRK6/uVTq +vKcMPMsyJe7cyx+dpsAmb6IrhE/DPHVmgT1DP6Pi6JrAhMugYHVGG9TSQ/6jRQtj +MZPvxLeecTXRODSHMVSEdpBAkSvLbsPc7O9EvTLWLkK2tLqSnTBVCy5ZCQC0xHqH +76+TItb7PyhsMqhBM0RpC9div+2NW0q808z90Li7mP2IocqagsMTA8mQ++pdWn2h +GR4ChC5WwCEmVsHAuXq5VL2gzDcM0LkVBrcEbnsyMuG0m/12YqoVRGOOr8E4thPe +SUXVdXEF1GOotWMXOR3v7vml/g1dNiI5b5Ru/DIp0/M8RJrVJZQqWTp2Fb+XC+qb +9+51XqZVmyKBjVEpoja8w6/IR3S6HekLiFp+6iRX8xumVpqTLcP88g7JXgTm2vww +f0edYoeTaCkYxTRfpgaeM4X1sLAMGJwf2iJwAFBGzEfbI32u0zoZeVF77ENSHvsC +lePxDrqPKQZWuo78os9IalLvBLzDtdFCOicVywdqckKPMkFk2BttK2/TX4JM6DC2 +u5xEOpMnGoaLE35xC4kvVL0f1T4ok4XZeht4M6+gaEPBoTEr7DF0Ghk4OdIIDmcq +MlTdDtmu9f30RkOJQUUCNDSgZbPg4z4j+KWGETRbaNqxQw/QT51PLGSi1HrDnmVz +NIkmFhxR4mxfOOAkDx2d9X+3HiWqGXpGEsfF3zp2wWTopoe5lnVjefPYFeHox1su +U5G+SUpQhJKZdcgZ/lriyBF/I+yLbai4C7vgBj67AFXRE6OEirbpZpRViUIDlJqj +ZYNUpsRd/SxDkWQlo3rNMaI+kTGgYns+VFBWONGbbqU8mb5CsFxdAkos93Suj9fF +QMm+taLGN5YGdhkSiJ3hk8E4oCDDbjUalhVRaW/zibomWkwASLZ7N1VMdRLk4b0W +G/LOFmMfopmfY2SkrWb65XDJTFxVatoccp3ThZHven4LyG3OxkNISimq89v56TrA +fmN1JPnAeKKPLt8oS/dhtSEvitYXOzMXjcopWlhS/ICn0Iycv0G2fABArT9BD1vc +60Rw/rC6MQEDNZp0KFNh27D7/BOqffCH3bV1vFMhMmhMxhAZ6piQe+OfFDEVsTG8 +Q0CcnpFzfboN3E4fVtJgOMu47j+qt6W6lfzqjcH2zfbBwo0ZDw8LrlQaWkpMUDqn +DbCYZgJILcUDzJ7U/rvmwu4p3l8y6OXhEqXdkCCLfXEpY4rQ3yl2LYygIXB9rw4/ +zugiHdITA25oSQ2vfSl3nSKB5IEnU627ajLgdd/7O6cj4x9BonkJEb/XIdCMrAus +TStP7cA5SDSGyisrAiX+YmNj0bSaLNj1rXsdREQMxF2vMOr3zQ01my1ZZn0RXZNE +cKJgtIMBrQUFjnoUDZ9Sjd1apUeTKkh7rq+DOOyv4eKCO1yBlIBjg7HuqpSpZ3qy +BAko7UBZByTIA7sGXosT9IFZk5sPceVVUYvMP4Z3K3Ik57412YBMN0zUWxt1BYTY +PhbOF6vi1MnkBpCcuJjZDV0YsUVsxRuFemjR7q30jwR+a1yIySlNKYxF8kVgARY0 +x0GikoPg97hYaEB0hBmEeZXe3cWNxyUxfkkUkXwnAhh061piULAVNjXLGqzqtKJX +++RDmdhYgrz2gi/UtRV9ggZUStfsO91vIZJq9pYuBA8+Onnw37QSd8hq3vgR+ZWI +ClNzk4T/esFiiM+ejteAIlaVW8RRI6oXRKayDCgaoelOiPLrf9fWIH//VdQTAzkq +xbkDsQk7BMCt6FSmJNiRTLFiXjZZ+JaO6KO+4d9cwtiTq0ubsYYDdfu1s8hZHprH +-----END RSA PRIVATE KEY----- diff --git a/test/com/trilead/ssh2/crypto/cipher/des_cbc.pem b/test/com/trilead/ssh2/crypto/cipher/des_cbc.pem new file mode 100644 index 00000000..f5cde3c0 --- /dev/null +++ b/test/com/trilead/ssh2/crypto/cipher/des_cbc.pem @@ -0,0 +1,42 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-CBC,8A9DE62E259C14CA + +EmnGxfuNOXrNA+8KllioR2AfMYIKoGiZor5K8AloF7Ji+o7KEUno9VdPMfifZste +9B+x2+ooJmDhV43y0MjyEDAsWvMld9XrVmY7ORWdT3L/8AvQiVStMCddpsE3WiXy +1DoR9L1JYs5AFszowuAI03J3rz7ibLqh3bvHaK3AOV0shd1RPBxbH174IbnDIbwb +HXhLYrAt4IWbSah8Tncr7uVzC3kgFc5BtpWlRTFoBnpmycxCgBYK9cSmB8yt/gzf +xakY1GOJopoJwfy5itCvyPDb28WoTuMsS6Tr7vaJI5ne2htWTMJBA4LGH1Q0OScH +PQr2rMBVKhq7/3sBPagZkEHhc11D7KE/gUXZFV6B5sG8Eao4ywYcQWtoNSXChPVn +XD3qmWMEKCgNVtrY67dmqjl+52vC5feCKR6KsnWt+frJtI4L70ufjMUklT2vAAzJ +WnmrYMq8u8OGgzGFg5aO1kD3Ct8Durdw8LXS2w4+KJku2/WXwlv/tzd1Qip3vs1s +mkP0YxAUp5HdML7qTWdeRW03oUJLTYI1QQzvkDCqfu0MjX3/mVJeyczYLB6KE4pu +Ntkg/QVcQMKji1yDqpO/WmtLbmSuEp0ri/+nMEykQS0qDa7Wwfx0KNFqICxXYlyC +NsyIWI54jpmSXsWielXAJ07Ehs5g7zFvXQRr6OOIJZtdWjsjBlboBQHshjwN0SJ8 +dij2paB0DwkaJASglmJ8ZfmGzFgaWZi8g3YYLJ1vbZQHLkwb7Ml+IHKw1aZLGZpL +21dJvlLC7+WB3BhVssBK+aETnFCNjv4IC40bWzDIIt59Oa0zjQC5RQYSsSrtNTtJ +5ODKGbg5tiswIRYEoeaqj6P5PqNXAPSLLfOYPS4hMvr3mEJ3e0cYXGASgdZHUm2z +OCVIhdQc9oToM3kK8NQU4wf5QObybL4ePIrtYL7zT8BfZODIDMNh7nNW07Xhnny/ +WscgQn8XQ/g+qrc4aFT1xnxwJb3DENX/drkAV7znOfZAhZhvp4l6jAA4gIwxLvAw +rwXG1oYbEHuGcClDI2otFxSre6WpJE1MtdgE2PDgw496CWv65Vg0Isxd5z6PSFwI +QpqcfXAG8ZkQ/+bF/CDVF0kc5TAZ/DZFkLcnicxz9cfbi5WXufV9PZOg4LuVIy2v +5R/W3/Cj35W20I8Q8iwZmHtxMaS/X3gKprxW1lvIJrebjSp3xhgHKLi8b3KN8q1b +8niFNmh4Fccpwje7HGS+QRkJCyeqv59yQsgtdil4DMSGyhw67jxMxHJnIwzSGf1a +lMgu7r/IPt6XBKOB29iB6+Zezf9T9m1vEnPYKPn5TrxOzKvp8/ZruXZHnVevNQwW +kxNeU5SxS/l0vC+VI81jP4HWJg8cqgPPWGmRyuE5/CNzS373aKx5hdriK8kOSNf2 +JhupnUBRfwK7zyw80WFz77UWCIoS9ltHpXIQSKCChH23HxZOIj2Fn+dq2rBQkkn/ +Qe1/4+C3+Yg7jLNoM30Eujy/yYW4kEnPBIOFeW4pxhoyh59UWAa0ibLjaiPKDcRZ +xJEv6AP6Ujd5+QiCyKtwO2jrVoDHr4+KwEIA35y6CQvXXwLuvZTnk7gh4lFWkabO +/JsZxCuN5JbgRSZx1mhgP55PS5YGJKIGDGbBSakrgoR/wFMTi5hCCz0weCp0nrrw +OwCSesiwggekl+Y01N0mNF2aKAC0R1QtK06tIzvo+jVA3PdNHXvNwWz+KZZ+oqY0 +qkDDD/AcKFLzWceP3KmMY028C0g42hqUMPe6gu5dY4CcoGLDPmQPlO0WNyoIzHBT +CqwWKPiK4gr7UvRsoR/zYlFPfA3Iz2K9/h9oMo7i4/x0kWfqG5V3wXZoCWFnA4AB +wG4OHhn/sS3W+R6GUqYKNDyQMaezI53EcqVcxkTSL1vwdlBTsWxS9wK31i14dz4R +UNNQfVd9QGHtdcDsaYCwMjjWjcihGKXb7eS7m0L2qelVUuDnNjr3KF602u0wCPop +JQRNJJ5CjLXaSmyX5L/tojjXoTfTWboolzGp6MHp5EtAcrOlamL0sn0PzmgDx3aP +2vjcsqxtAbKqEdXEAOQ0tYUWauUDkALDAY8RpP3qpMTwvlFAt0RNnisxmkjAV5mX +4YopLqn3DG2uvC44bG/Qn/0/a8r67tYfN6V8BE78/eQgQhaYG8MlAv98GiZ8S3QQ +ltPh7jWrvmu2WnugznQE1jCg3occa5ACbik43htrc+iXf9hlt6XAwMQQdOQPH7xM +oGrjJ2ikRVO71dSMakyUA37egAD2C7ygEBH4EYJI3Xna47JNt4I97uMoLHdF9Kuk +axSi0AH8Rv+CvVSWdr3V7CeoekOvCHGr4EKPL4ICsvchHB5j4SAfcBSGg/KKAIQR +-----END RSA PRIVATE KEY----- diff --git a/test/com/trilead/ssh2/crypto/cipher/des_ede3_cbc.pem b/test/com/trilead/ssh2/crypto/cipher/des_ede3_cbc.pem new file mode 100644 index 00000000..1c6ad018 --- /dev/null +++ b/test/com/trilead/ssh2/crypto/cipher/des_ede3_cbc.pem @@ -0,0 +1,42 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,9381ED9C147F8F47 + +Nr3WiY5qqFrh2cS3go+hTCrrA1fW0Fad84ftsUKYjynv8lOZ50DDEoFomNtMwoTq +CXXM3788EtZ3VjUA09YtxM300ZbDrGcWckeEt2IeJwlysdwdd2YXHv+SJ/LNzML1 +QyoKYu7DrGeN45W0knNJMAwQp8+yfws8OlZ0gGhax+f024TK6wqX6f9SCqcfX6so +ESt3MjrbX/E2GsoHME2IJWVUPueW9DywqtJbzINb6AdDU90poYY6hUTnuBWirICe +ttZ4oTHCL9x1gcQs6KCd4g/kVBYRP9kwcweE3+gdW1QBF3WhI43fw+p+mBa4K4sY +f3QOd0QLNaqwURUEMcG32lrqTkJ9HXl0TZ69mhYdG0N0/uTzZM+RhD4TFTjQuQhI +5UhC2pTFbUjH55wTUoyZDJ55Yt1Yg4X0aWSfqnlQWkxghD3Fp9j4vSnL4Fh6e3e0 +9ZoPJ1R4/Su7VD46f31C93q3+NMdzT4vB6r6iZ1C0nLM2FC2ddhwIxoRMAMSG0Bd +XqhRlWQGxQ8qRobn+PZLyVvpejOMoN0oALjfuJURVcAZngZirSI5Ojwl8Eq7kxYP +XOKm5aYpj/10aNqeCLts/VRcn0LlRAnxEJXeC37f2ZNgrYrJs+3bEtNI0usKtVmb +P9o6cCDo7CETpu2JmJfQMgJndIZM896KYebtFCsPhjcf2BwdAaGep75qG1weHgpI +WjifsxGLtQSjrncCykpmfWtQTkjOZ1fvKriS/pjn7qpU21wzKvt7kUIMjs/Dh1aL +74lwrb3yLGHONf6nnxy6qy1UmjVvVG7x/GsT69TSaMpF/ZoPGpyoD+xAuFV+/zVf +dobEvOcmQngP8tLbSOmmJDelC5THzCBMpB4YzMFFQ+duX+1ItSnnMK7sPG1eDHRF +GbjG7lWWuY79ShuOP/rPOBa6jaMp4JB7mNw5Wm1KxPgRl/YIpwQRVnKY3fxz4Qlk +lruQtELNUa2JZYg4EOkhFK+j79bSX7quwTVplACpYkubY1/V9bsYwqKlvT1lXAoD +Jjvuvo9Y8KgSUN/XKAj2mZlQMPVenQIUh8XW9JxA+1RTjM0BJMcxeKox11qxRSkt +8PSBM249hnxpKI2OgrDgRaAwRQFjA9NuAsKTne6vDgbLCrlho/kCfN1BUosaAF0G +/Rw/NiJOwrkFZr+7TzrvQ1LobWbFNCIw2c08nxEzhBjgPiUniNuqAYg3FVbE5dgm +AFW7ANmMbSfHjGqzRcBQc6RnWhfnREv4WU/1F3YklOtJ8mmlXfMq0G67kWEf0+9p +AYM0kqxSrybUQK+e65AWJiv6HNej+N40jVQk+oSQq35G2iRL+PXYVspWG6JftHVQ +77fmJKsgysejdKcMiuRD0nYuRg1U5Sil3dR5MLBlfHb7k3Y/ICrf60WQna2UIDLY +gWncyyAfcEZ93TsoSA/yR/LkanDmfGHfZkeZopQGhQ3PPJuFyk6dqntnFWEqwmbG +aPK8lfAOg8GCGgmOyImkDc/NusEgzu8+7mfXubqR9Dc9YHg6IXq5pxpyW1pRWT4y +uZpeaREHCnFym+E4pvqdaCzr2vUs8bq8JM+DKibzkdFDr0WRX/2r6pYBqwEdOmMQ +VxkI6ylD45DPtrMx82y2BhO6Z8TJAYCzL4dPDuc/em6GbVI94TiY0mEnwOqnp6tO +DheMp2vsotT/mKd4JpYpEEIuX0m9sXsEc/ilfD58WOFxlSMiFzi1T3Kn7e1aFCA/ +oOAe3anueHSzN5bg9uabLS0eje60/PGKajOndu0bwMGFyZNr9astoFZi0w60saqZ +CN1hNN1Z+/sm12oozZ7YgF+Qq6I8LKTAoKG//LOvsqF2TxTddNXst2uLuSi2+lua +0T2Eryn3NCkdRiw6JRaL3mmNLwH4Dg4/tq46e2CyV3bLhgAHxT32nAv/XRWT7Xzr +6C6fpNinRzALzRy0pcaVmHZ+Ah6KI53FJGHf8xCsQZ8P4kr45Mrr8iXXpF+ynix8 ++Fb9Fuo7tvDVs1aRNlA0eZ3X/n+tZB0Vcno0fQ+tZjMZOCGu9a6kePaxOEGPaBG9 +c3CZkzgDa1boDJi2Po2JyDLK9bIXIhwyjbS3/+d3Tt8R9suHLrOnGZPnJxIdFn4u +xU/x9GdFBnt9YSNIpPcjKNr3giMxDuzIxyNTG9ezvEdCFWhgoOmhuu+naUIl8JsU +QBw1m0b0YEQlqPCpYyAm0GO1gLh5jQxA+ODBEXOKWTY0ztYhDAYi++e91QqtZLQY +mWzKxW9+G1t2UiEBLwR5WX4uDTkWsJcvqQZS95c0yEVCc2wI8n4aLelGNvd+l6gy +LCEGYueZbUrb3E3JYYPSrN/cJ7uMvMLH13dU3bwzbpRLgD0HJqYaS5uit4xLV2hd +-----END RSA PRIVATE KEY----- diff --git a/test/com/trilead/ssh2/crypto/cipher/key.pem b/test/com/trilead/ssh2/crypto/cipher/key.pem new file mode 100644 index 00000000..3e93f5c6 --- /dev/null +++ b/test/com/trilead/ssh2/crypto/cipher/key.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEA2hbLc4WVjiMDjasN+tvKwdqq3d/xLpL9zE9jXHE22pv8Tndb +9fZdosmNAo+KZOR03QM7i2FgU9ITmDQ3siVohl/IXPhJO2mhlTi/0VPqZeQ5plVj +8Hw8hYR5vBvkGWxVImbCJS1betomFVFNOVOwCIYKGldP6995r4r5SYKxp8qro/i/ +26JVRQcDh0VystM1TzcM9bgNk+7pXaVxu/7xA/r72ZiVdSaSKfE9jxlSLBLhDaFM +xXOlFdjSaqIOUPm0h/Ss1hbB6891xdN5zOZSl+v4uLGgMePwX4qC9/R3VPueZceN +ihhpRNG6N4x9vwxYtG+QpzPHUYN645emZIbeUhO2gYHi/KcE/6p0JJRK1XPDvxsm +yXYDl8AYVh+0AUFuNs5caWJlG40BYtts4YXJwWZvUMXpmGGfIUqRsbs0PFcxAFmY +getysCva2Ip+sKs4uYoKfkWf61iiq3ybhZUHbm3Sx+kIDHChMCeWS9fywebhqNNU +upxshSjboRk/fEItAgMBAAECggGAYiNNzB85rGtfJvnpYZBUTiWLLCqgyleE89Jp +oOilSXxV7i1R6X3CpwVReeyD12Dioa3Ztp/MDAwFm0EsKvMgdQ9XB1cHBUBEYPTX +hGfhm5Y2xv236jjNtztk2FwoqbQRH1jkVnxxpPfTmVYrjPd2yG8gzreplDfM90xv +Xz/7l8jgsfm2xCvpeRVt5go/Ue8vFwVrxIrdOUuSIfzYEEPpyuO/PyylXMFNlqgj +DmjTjFe2hD6oYFXo3Mrj7O4dyRyD5t4LAsavPMo4eXJEUN32pYNGXfS8AovI0uou +Zi1XEcamGTggOkTdSC0wNSNd2+FnLxlOPBC/nkhNmE79Y3tW0cEP6iybt3jf7C6B +gkCj+SA2CV8et+ovboHG2uU46vp/bMG+oEYgKJgNsVcyzgHrNug17jUTL5oBo69A +eR+YyIKvN8aWBmZwJfwYp2ZVsI1Fjq7Uzi+taYaR3c44vJkmjpjeBmNZarRIWTFH +lNEEjH1ButId4eZrdaSQWntzqLyBAoHBAO0FmcIe4g2l8FYAy8xnv7ea/+VRaRCU +YhS+VI6usny7rNVm5Shj3oaoGaSOFWGX5rBKhcUzo1A0IFjd6ur9zc6TGXEo/MHj +5w4PRb1+G0O/+UCV+4hWpiC6Ucc8vOkRWkpBl8NPo3JdBiAKRKAYsMqGpGzgujEX +Lst+lnPYMQDxVYh7yMA6wvPYb5Aexd08OfZ41sJEVG+AJIuV7y3ChUosOtz3S9mp +joQnJA83Y9vnkUkEtrjZuHGLJV2QVlMAjQKBwQDrjR1mnEAff0iNymr127ZXUcw0 +kCifVDtBi0PSvE8rV9M3uqv9R0Y3uwP5G4f6Sz8ifx5MUiP2IUlmq3s77nOTd5I6 +eEExaHQFL5iueYiS0gzaOsIJTpfjXQ5ZhHp028Jv17sKA+0eVJo+N5z/1nynbyeA +BBxca8Uw2mGVOwJCRNR1f5OXZOrUYLHi/yBwT1p24fvmiS9HWHEH7uFf3sXRYPN6 +iScd9Jf3ny6SEu5JCUBZYoCzczqx7tLbe2KZ8CECgcEAqXlzs4V5hOC9tADlt8YH +IzVE+6b2RNCUQNjGhS8MmHto3T2xZOvj1MylaS/eweVnIW5nr9V4VISxDFnA+z12 +xtoPOwZflBNsxnTNHOzqecruYevb6mRqbMRMbPVU7iFmOeokpZZv+/nfw1EUOJTu +9CDJuMAG4cr9vqtI0JQolc/5pJk9tZVOiCSdwKMAP2ws1bsZc9Z/uSoa92PBnSqV +O6/cdtqr9XpzWLLT6b1lPXuaOmeQbyPd6fHgScJGtxqRAoHAYO14o7i4Sj2+RVp+ +GR2IMvZd6WNI1Ad9OsNr7VO/4D4LlGskSt0Bb/1s7Rz/H2fHWxKkDRPf6HBaG/2E +gGzm8k/JxHWnngU1eMzVLzajlIcK8uIq5lmI9u5b8UoqedvUbuF+/egPsuNtdRy9 +ZimEsgFzZ6JJaV6PjkLO1PGrREm+g3sz6KCGYU5I5PfHCXAd8b2cQolBA0LJgFI0 +O5cYH8idaFb32cPEpQjDySgxFazQ5fc6rp1EEeQMsHRdZqsBAoHBALcD1j0KdGwK +MUjNwrOKcJPteN1Vd5OSJHtNTW87GhYHrIIvDfZKH1q4GnKS15Hx1xFEP5uQ9xrH +MH0gGBDH4JQ2TlUzmx6ruG4aPW+nlWPepIpzNtMl3qCKIsSpUnjZF0lUxTJIXY6K +QgoJTRnqff2NxaBNVoMP01RiQnCpUBgH5brkl+XzKJueFq660PPkMci9IpOE8GAA +Icj28526EAEA7OC/pYEBICmVhme9b1Z22AQP5kBKUVIKhpZ8XzUWvw== +-----END RSA PRIVATE KEY----- diff --git a/test/com/trilead/ssh2/crypto/cipher/key.pem.pub b/test/com/trilead/ssh2/crypto/cipher/key.pem.pub new file mode 100644 index 00000000..091a5da0 --- /dev/null +++ b/test/com/trilead/ssh2/crypto/cipher/key.pem.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDaFstzhZWOIwONqw3628rB2qrd3/Eukv3MT2NccTbam/xOd1v19l2iyY0Cj4pk5HTdAzuLYWBT0hOYNDeyJWiGX8hc+Ek7aaGVOL/RU+pl5DmmVWPwfDyFhHm8G+QZbFUiZsIlLVt62iYVUU05U7AIhgoaV0/r33mvivlJgrGnyquj+L/bolVFBwOHRXKy0zVPNwz1uA2T7uldpXG7/vED+vvZmJV1JpIp8T2PGVIsEuENoUzFc6UV2NJqog5Q+bSH9KzWFsHrz3XF03nM5lKX6/i4saAx4/BfioL39HdU+55lx42KGGlE0bo3jH2/DFi0b5CnM8dRg3rjl6Zkht5SE7aBgeL8pwT/qnQklErVc8O/GybJdgOXwBhWH7QBQW42zlxpYmUbjQFi22zhhcnBZm9QxemYYZ8hSpGxuzQ8VzEAWZiB63KwK9rYin6wqzi5igp+RZ/rWKKrfJuFlQdubdLH6QgMcKEwJ5ZL1/LB5uGo01S6nGyFKNuhGT98Qi0= inifc@warhead From b999ac2ba1cc383cf24074d21c72a1347db14a6e Mon Sep 17 00:00:00 2001 From: Ivan Fernandez Calvo Date: Mon, 7 Sep 2020 00:06:09 +0200 Subject: [PATCH 3/4] chore: refactor and some javadoc --- src/com/trilead/ssh2/crypto/PEMDecoder.java | 210 ++++++------------ src/com/trilead/ssh2/crypto/PEMStructure.java | 2 +- .../crypto/cipher/JreCipherWrapperTest.java | 44 ---- 3 files changed, 71 insertions(+), 185 deletions(-) diff --git a/src/com/trilead/ssh2/crypto/PEMDecoder.java b/src/com/trilead/ssh2/crypto/PEMDecoder.java index 5c864f25..874304d4 100644 --- a/src/com/trilead/ssh2/crypto/PEMDecoder.java +++ b/src/com/trilead/ssh2/crypto/PEMDecoder.java @@ -1,7 +1,6 @@ package com.trilead.ssh2.crypto; -import com.trilead.ssh2.crypto.cipher.JreCipherWrapper; import com.trilead.ssh2.signature.DSAPrivateKey; import com.trilead.ssh2.signature.KeyAlgorithm; import com.trilead.ssh2.signature.KeyAlgorithmManager; @@ -12,15 +11,12 @@ import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.PBEKeySpec; -import javax.crypto.spec.PBEParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.io.BufferedReader; import java.io.CharArrayReader; import java.io.IOException; import java.math.BigInteger; import java.nio.charset.StandardCharsets; -import java.security.DigestException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.KeyPair; @@ -43,6 +39,11 @@ public class PEMDecoder private static final int PEM_RSA_PRIVATE_KEY = 1; private static final int PEM_DSA_PRIVATE_KEY = 2; + /** + * convert an hexadecimal digit in a char (0-9A-F) to a int. + * @param c hexadecimal digit. + * @return int value of the hexadecimal digit. + */ private static int hexToInt(char c) { if ((c >= 'a') && (c <= 'f')) @@ -63,6 +64,11 @@ private static int hexToInt(char c) throw new IllegalArgumentException("Need hex char"); } + /** + * convert an hexadecimal number in a string to its bytes. + * @param hex hexadecimal number in a string. + * @return Array of bytes. + */ public static byte[] hexToByteArray(String hex) { if (hex == null) @@ -85,70 +91,11 @@ public static byte[] hexToByteArray(String hex) } /** - * @deprecated Use PBE ciphers + * Process a PEM file and construct a PEMStructure. It works with RSA and DSA keys. + * @param pem PEM file content. + * @return PEMStructure with the PEM file data parsed. + * @throws IOException */ - public static byte[] generateKeyFromPasswordSaltWithMD5(byte[] password, byte[] salt, int keyLen) - throws IOException - { - if (salt.length < 8) - throw new IllegalArgumentException("Salt needs to be at least 8 bytes for key generation."); - - MessageDigest md5; - try { - md5 = MessageDigest.getInstance("MD5"); - } catch (NoSuchAlgorithmException e) { - throw new IllegalArgumentException(e); - } - - byte[] key = new byte[keyLen]; - byte[] tmp = new byte[md5.getDigestLength()]; - - while (true) - { - md5.update(password, 0, password.length); - md5.update(salt, 0, 8); // ARGH we only use the first 8 bytes of the - // salt in this step. - // This took me two hours until I got AES-xxx running. - - int copy = (keyLen < tmp.length) ? keyLen : tmp.length; - - try { - md5.digest(tmp, 0, tmp.length); - } catch (DigestException e) { - throw new IllegalArgumentException(e); - } - - System.arraycopy(tmp, 0, key, key.length - keyLen, copy); - - keyLen -= copy; - - if (keyLen == 0) - return key; - - md5.update(tmp, 0, tmp.length); - } - } - - private static byte[] removePadding(byte[] buff, int blockSize) throws IOException - { - /* Removes RFC 1423/PKCS #7 padding */ - - int rfc_1423_padding = buff[buff.length - 1] & 0xff; - - if ((rfc_1423_padding < 1) || (rfc_1423_padding > blockSize)) - throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?"); - - for (int i = 2; i <= rfc_1423_padding; i++) - { - if (buff[buff.length - i] != rfc_1423_padding) - throw new IOException("Decrypted PEM has wrong padding, did you specify the correct password?"); - } - - byte[] tmp = new byte[buff.length - rfc_1423_padding]; - System.arraycopy(buff, 0, tmp, 0, buff.length - rfc_1423_padding); - return tmp; - } - public static PEMStructure parsePEM(char[] pem) throws IOException { PEMStructure ps = new PEMStructure(); @@ -183,63 +130,7 @@ public static PEMStructure parsePEM(char[] pem) throws IOException } } - while (true) - { - line = br.readLine(); - - if (line == null) - throw new IOException("Invalid PEM structure, " + endLine + " missing"); - - line = line.trim(); - - int sem_idx = line.indexOf(':'); - - if (sem_idx == -1) - break; - - String name = line.substring(0, sem_idx + 1); - String value = line.substring(sem_idx + 1); - - String values[] = value.split(","); - - for (int i = 0; i < values.length; i++) - values[i] = values[i].trim(); - - // Proc-Type: 4,ENCRYPTED - // DEK-Info: DES-EDE3-CBC,579B6BE3E5C60483 - - if ("Proc-Type:".equals(name)) - { - ps.procType = values; - continue; - } - - if ("DEK-Info:".equals(name)) - { - ps.dekInfo = values; - continue; - } - /* Ignore line */ - } - - StringBuilder keyData = new StringBuilder(); - - while (true) - { - if (line == null) - throw new IOException("Invalid PEM structure, " + endLine + " missing"); - - line = line.trim(); - - if (line.startsWith(endLine)) - break; - - keyData.append(line); - - line = br.readLine(); - } - - ps.data = Base64.getDecoder().decode(keyData.toString().replaceAll("\\s", "")); + parsePEMContent(ps, br, endLine); if (ps.data.length == 0) throw new IOException("Invalid PEM structure, no data available"); @@ -247,8 +138,14 @@ public static PEMStructure parsePEM(char[] pem) throws IOException return ps; } - - + /** + * Process a PEM file and construct a PEMStructure. It works for all Key format that has a CertificateDecoder + * implemented. + * @param pem PEM file content. + * @param certificateDecoder Decoder class for the Key format. + * @return PEMStructure with the PEM file data parsed. + * @throws IOException + */ private static PEMStructure parsePEM(char[] pem, CertificateDecoder certificateDecoder) throws IOException { PEMStructure ps = new PEMStructure(); @@ -274,8 +171,24 @@ private static PEMStructure parsePEM(char[] pem, CertificateDecoder certificateD } } - while (true) - { + parsePEMContent(ps, br, endLine); + + if (ps.data.length == 0) + throw new IOException("Invalid PEM structure, no data available"); + + return ps; + } + + /** + * + * @param ps PEMStructure structure to load the PEM data. + * @param br BufferedReader from the PEM file. + * @param endLine Endline string that mark the end of the key in the PEM file ("-----END.*") + * @throws IOException + */ + private static void parsePEMContent(PEMStructure ps, BufferedReader br, String endLine) throws IOException { + String line; + while (true) { line = br.readLine(); if (line == null) @@ -299,14 +212,12 @@ private static PEMStructure parsePEM(char[] pem, CertificateDecoder certificateD // Proc-Type: 4,ENCRYPTED // DEK-Info: DES-EDE3-CBC,579B6BE3E5C60483 - if ("Proc-Type:".equals(name)) - { + if ("Proc-Type:".equals(name)) { ps.procType = values; continue; } - if ("DEK-Info:".equals(name)) - { + if ("DEK-Info:".equals(name)) { ps.dekInfo = values; continue; } @@ -315,8 +226,7 @@ private static PEMStructure parsePEM(char[] pem, CertificateDecoder certificateD StringBuilder keyData = new StringBuilder(); - while (true) - { + while (true) { if (line == null) throw new IOException("Invalid PEM structure, " + endLine + " missing"); @@ -331,13 +241,14 @@ private static PEMStructure parsePEM(char[] pem, CertificateDecoder certificateD } ps.data = Base64.getDecoder().decode(keyData.toString().replaceAll("\\s", "")); - - if (ps.data.length == 0) - throw new IOException("Invalid PEM structure, no data available"); - - return ps; } + /** + * Decrypt a key in a PEMStructure and store the unencrypted key decrypted in the PEMStructure. + * @param ps PEMStructure structure to load the PEM data. + * @param password password to decrypt the Key. + * @throws IOException + */ public static void decryptPEM(PEMStructure ps, String password) throws IOException { if (ps.dekInfo == null) @@ -430,6 +341,12 @@ public static void decryptPEM(PEMStructure ps, String password) throws IOExcepti ps.procType = null; } + /** + * Check if a Key is encrypted. + * @param ps PEMStructure structure to load the PEM data. + * @return true if it is encrypted. + * @throws IOException + */ public static boolean isPEMEncrypted(PEMStructure ps) throws IOException { if (ps.procType == null) @@ -444,9 +361,16 @@ public static boolean isPEMEncrypted(PEMStructure ps) throws IOException return ("ENCRYPTED".equals(ps.procType[1])); } + /** + * return a RSD or a DSA Key from a PEM data. + * @deprecated use PEMDecoder.decodeKeyPair + */ @Deprecated public static Object decode(char[] pem, String password) throws IOException { + LOGGER.warning("com.trilead.ssh2.cryptoPEMDecoder.decode method is deprecated, " + + "use com.trilead.ssh2" + + ".cryptoPEMDecoder.decodeKeyPair instead."); PEMStructure ps = parsePEM(pem); if (isPEMEncrypted(ps)) @@ -511,7 +435,13 @@ public static Object decode(char[] pem, String password) throws IOException throw new IOException("PEM problem: it is of unknown type"); } - + /** + * Extract a key pair from a PEM file. + * @param pem PEMStructure structure to load the PEM data. + * @param password password to decrypt the Key. + * @return keypair from the PEM file. + * @throws IOException + */ public static KeyPair decodeKeyPair(char[] pem, String password) throws IOException { diff --git a/src/com/trilead/ssh2/crypto/PEMStructure.java b/src/com/trilead/ssh2/crypto/PEMStructure.java index a35a9242..21031870 100644 --- a/src/com/trilead/ssh2/crypto/PEMStructure.java +++ b/src/com/trilead/ssh2/crypto/PEMStructure.java @@ -14,7 +14,7 @@ public class PEMStructure { int pemType; - public String[] dekInfo; + String[] dekInfo; String procType[]; byte[] data; diff --git a/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java b/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java index 8e4d32f7..77dd5a50 100644 --- a/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java +++ b/test/com/trilead/ssh2/crypto/cipher/JreCipherWrapperTest.java @@ -54,50 +54,6 @@ public void shouldMatchJreBehavior() throws Exception { assertArrayEquals(plaintext, decrypted); } - @Test - public void testSupportedCiphersAvailable() throws Exception { - char[] des_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("des_cbc.pem")); - char[] des_ede3_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("des_ede3_cbc.pem")); - char[] aes128_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("aes128_cbc.pem")); - char[] aes192_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("aes192_cbc.pem")); - char[] aes256_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("aes256_cbc.pem")); - char[] unencrypted = IOUtils.toCharArray(getClass().getResourceAsStream("key.pem")); - String password = "password"; - - PEMStructure psOrg = PEMDecoder.parsePEM(unencrypted); - LOGGER.info(psOrg.toString()); - - PEMStructure ps = PEMDecoder.parsePEM(des_cbc); - LOGGER.info(ps.toString()); - PEMDecoder.decryptPEM(ps, password); - PEMDecoder.decodeKeyPair(des_cbc, password); - assertEquals(psOrg, ps); - - ps = PEMDecoder.parsePEM(des_ede3_cbc); - LOGGER.info(ps.toString()); - PEMDecoder.decryptPEM(ps, password); - PEMDecoder.decodeKeyPair(des_ede3_cbc, password); - assertEquals(psOrg, ps); - - ps = PEMDecoder.parsePEM(aes128_cbc); - LOGGER.info(ps.toString()); - PEMDecoder.decryptPEM(ps, password); - PEMDecoder.decodeKeyPair(aes128_cbc, password); - assertEquals(psOrg, ps); - - ps = PEMDecoder.parsePEM(aes192_cbc); - LOGGER.info(ps.toString()); - PEMDecoder.decryptPEM(ps, password); - PEMDecoder.decodeKeyPair(aes192_cbc, password); - assertEquals(psOrg, ps); - - ps = PEMDecoder.parsePEM(aes256_cbc); - LOGGER.info(ps.toString()); - PEMDecoder.decryptPEM(ps, password); - PEMDecoder.decodeKeyPair(aes256_cbc, password); - assertEquals(psOrg, ps); - } - @Test public void testEncryptedKeyDES() throws Exception { char[] des_cbc = IOUtils.toCharArray(getClass().getResourceAsStream("des_cbc.pem")); From 81d60c098c8046818598b0f4f72ae47f4a9b1384 Mon Sep 17 00:00:00 2001 From: Ivan Fernandez Calvo Date: Fri, 25 Sep 2020 12:08:01 +0200 Subject: [PATCH 4/4] Update src/com/trilead/ssh2/crypto/PEMDecoder.java Co-authored-by: Matt Sicker --- src/com/trilead/ssh2/crypto/PEMDecoder.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/com/trilead/ssh2/crypto/PEMDecoder.java b/src/com/trilead/ssh2/crypto/PEMDecoder.java index 874304d4..f4ec0909 100644 --- a/src/com/trilead/ssh2/crypto/PEMDecoder.java +++ b/src/com/trilead/ssh2/crypto/PEMDecoder.java @@ -362,7 +362,7 @@ public static boolean isPEMEncrypted(PEMStructure ps) throws IOException } /** - * return a RSD or a DSA Key from a PEM data. + * return a RSA or a DSA Key from a PEM data. * @deprecated use PEMDecoder.decodeKeyPair */ @Deprecated