Package org.apache.sshd.openpgp

Class PGPPublicRingWatcher

java.lang.Object

org.apache.sshd.common.util.logging.AbstractLoggingBean

org.apache.sshd.common.util.io.ModifiableFileWatcher

org.apache.sshd.openpgp.PGPPublicRingWatcher

All Implemented Interfaces:

org.apache.sshd.common.config.keys.PublicKeyEntryResolver, PGPAuthorizedKeyEntriesLoader, PGPPublicKeyExtractor

public class PGPPublicRingWatcher
extends org.apache.sshd.common.util.io.ModifiableFileWatcher
implements PGPAuthorizedKeyEntriesLoader

TODO Add javadoc

Field Summary

Fields

Modifier and Type	Field	Description
static java.lang.String	GPG_V1_PUBLIC_RING_FILENAME
static java.lang.String	GPG_V2_PUBLIC_RING_FILENAME
static java.util.List<java.lang.String>	PUBLIC_RING_FILES	V1 and V2 known public ring file names in order of preference
protected java.util.concurrent.atomic.AtomicReference<java.util.NavigableMap<java.lang.String,java.security.PublicKey>>	ringKeys	Holds a Map whose key=the fingerprint (case insensitive), value=the associated PublicKey

Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher

options, STRICTLY_PROHIBITED_FILE_PERMISSION

Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean

log

Fields inherited from interface org.apache.sshd.common.config.keys.PublicKeyEntryResolver

FAILING, IGNORING, UNSUPPORTED

Constructor Summary

Constructors

Constructor	Description
PGPPublicRingWatcher(java.nio.file.Path file)

Method Summary

Modifier and Type	Method	Description
static java.nio.file.Path	detectDefaultPublicRingFilePath()
static java.nio.file.Path	detectDefaultPublicRingFilePath(java.nio.file.Path dir)	Checks if either the "pubring.gpg" or "pubring.kbx" exist as a regular file and can be read.
<K extends java.security.PublicKey> K	generatePublicKey(java.lang.String algorithm, java.lang.Class<K> keyType, java.security.spec.KeySpec keySpec)
protected java.security.KeyFactory	getKeyFactory(java.lang.String algorithm)
protected java.security.PublicKey	handleDuplicateKeyFingerprint(org.apache.sshd.common.session.SessionContext session, org.apache.sshd.common.NamedResource resourceKey, java.lang.String fingerprint, org.c02e.jpgpj.Subkey subKey, java.security.PublicKey k1, java.security.PublicKey k2)	/** Invoked if duplicate public keys found for the same fingerprint
protected java.security.PublicKey	handlePublicKeyExtractionError(org.apache.sshd.common.session.SessionContext session, org.apache.sshd.common.NamedResource resourceKey, java.lang.String fingerprint, org.c02e.jpgpj.Subkey subKey, java.lang.Throwable reason)	Invoked if failed to extract a PublicKey from a given Subkey
java.util.List<java.security.PublicKey>	loadMatchingKeyFingerprints(org.apache.sshd.common.session.SessionContext session, java.util.Collection<java.lang.String> fingerprints)
protected java.util.NavigableMap<java.lang.String,java.security.PublicKey>	reloadRingKeys(org.apache.sshd.common.session.SessionContext session, org.apache.sshd.common.NamedResource resourceKey, java.util.Collection<org.c02e.jpgpj.Key> keys)
protected java.util.NavigableMap<java.lang.String,java.security.PublicKey>	reloadRingKeys(org.apache.sshd.common.session.SessionContext session, org.apache.sshd.common.NamedResource resourceKey, org.c02e.jpgpj.Ring ring)
protected java.util.NavigableMap<java.lang.String,java.security.PublicKey>	reloadRingKeys(org.apache.sshd.common.session.SessionContext session, org.apache.sshd.common.util.io.resource.IoResource<?> resourceKey)
protected java.util.NavigableMap<java.lang.String,java.security.PublicKey>	resolveRingKeys(org.apache.sshd.common.session.SessionContext session)

Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher

checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions

Methods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean

debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warn

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.apache.sshd.openpgp.PGPAuthorizedKeyEntriesLoader

loadMatchingAuthorizedEntries, resolve, resolveAuthorizedEntries

Methods inherited from interface org.apache.sshd.openpgp.PGPPublicKeyExtractor

extractDSSPublicKey, extractECDSAPublicKey, extractECPublicKey, extractEdDSAPublicKey, extractPublicKey, extractRSAPublicKey

Field Detail

GPG_V1_PUBLIC_RING_FILENAME

public static final java.lang.String GPG_V1_PUBLIC_RING_FILENAME

See Also:

Removal of the secret keyring, Constant Field Values

GPG_V2_PUBLIC_RING_FILENAME

public static final java.lang.String GPG_V2_PUBLIC_RING_FILENAME

See Also:

Constant Field Values

PUBLIC_RING_FILES

public static final java.util.List<java.lang.String> PUBLIC_RING_FILES

V1 and V2 known public ring file names in order of preference

ringKeys

protected final java.util.concurrent.atomic.AtomicReference<java.util.NavigableMap<java.lang.String,java.security.PublicKey>> ringKeys

Holds a Map whose key=the fingerprint (case insensitive), value=the associated PublicKey

Constructor Detail

PGPPublicRingWatcher

public PGPPublicRingWatcher(java.nio.file.Path file)

Method Detail

loadMatchingKeyFingerprints

public java.util.List<java.security.PublicKey> loadMatchingKeyFingerprints(org.apache.sshd.common.session.SessionContext session,
                                                                           java.util.Collection<java.lang.String> fingerprints)
                                                                    throws java.io.IOException,
                                                                           java.security.GeneralSecurityException,
                                                                           org.bouncycastle.openpgp.PGPException

Specified by:

loadMatchingKeyFingerprints in interface PGPAuthorizedKeyEntriesLoader

Throws:

java.io.IOException

java.security.GeneralSecurityException

org.bouncycastle.openpgp.PGPException

resolveRingKeys

protected java.util.NavigableMap<java.lang.String,java.security.PublicKey> resolveRingKeys(org.apache.sshd.common.session.SessionContext session)
                                                                                          throws java.io.IOException,
                                                                                                 java.security.GeneralSecurityException,
                                                                                                 org.bouncycastle.openpgp.PGPException

Throws:

java.io.IOException

java.security.GeneralSecurityException

org.bouncycastle.openpgp.PGPException

reloadRingKeys

protected java.util.NavigableMap<java.lang.String,java.security.PublicKey> reloadRingKeys(org.apache.sshd.common.session.SessionContext session,
                                                                                                org.apache.sshd.common.util.io.resource.IoResource<?> resourceKey)
                                                                                         throws java.io.IOException,
                                                                                                java.security.GeneralSecurityException,
                                                                                                org.bouncycastle.openpgp.PGPException

Throws:

java.io.IOException

java.security.GeneralSecurityException

org.bouncycastle.openpgp.PGPException

reloadRingKeys

protected java.util.NavigableMap<java.lang.String,java.security.PublicKey> reloadRingKeys(org.apache.sshd.common.session.SessionContext session,
                                                                                                org.apache.sshd.common.NamedResource resourceKey,
                                                                                                org.c02e.jpgpj.Ring ring)
                                                                                         throws java.io.IOException,
                                                                                                java.security.GeneralSecurityException,
                                                                                                org.bouncycastle.openpgp.PGPException

Throws:

java.io.IOException

java.security.GeneralSecurityException

org.bouncycastle.openpgp.PGPException

reloadRingKeys

protected java.util.NavigableMap<java.lang.String,java.security.PublicKey> reloadRingKeys(org.apache.sshd.common.session.SessionContext session,
                                                                                                org.apache.sshd.common.NamedResource resourceKey,
                                                                                                java.util.Collection<org.c02e.jpgpj.Key> keys)
                                                                                         throws java.io.IOException,
                                                                                                java.security.GeneralSecurityException,
                                                                                                org.bouncycastle.openpgp.PGPException

Throws:

java.io.IOException

java.security.GeneralSecurityException

org.bouncycastle.openpgp.PGPException

handlePublicKeyExtractionError

protected java.security.PublicKey handlePublicKeyExtractionError(org.apache.sshd.common.session.SessionContext session,
                                                                 org.apache.sshd.common.NamedResource resourceKey,
                                                                 java.lang.String fingerprint,
                                                                 org.c02e.jpgpj.Subkey subKey,
                                                                 java.lang.Throwable reason)
                                                          throws java.io.IOException,
                                                                 java.security.GeneralSecurityException,
                                                                 org.bouncycastle.openpgp.PGPException

Invoked if failed to extract a PublicKey from a given Subkey

Parameters:

session - The SessionContext of the invocation - may be null if no session context available (e.g., offline tool invocation)

resourceKey - A key representing the resource from which the key data was read

fingerprint - The fingerprint value

subKey - The Subkey that contains the failed public key

reason - The reason for the failure

Returns:

The effective key to use - if null (default behavior) then sub-key is skipped

Throws:

java.io.IOException - If failed to process some internal data stream

java.security.GeneralSecurityException - If failed to generate a surrogate key

org.bouncycastle.openpgp.PGPException - If failed to convert PGP key to Java one

handleDuplicateKeyFingerprint

protected java.security.PublicKey handleDuplicateKeyFingerprint(org.apache.sshd.common.session.SessionContext session,
                                                                org.apache.sshd.common.NamedResource resourceKey,
                                                                java.lang.String fingerprint,
                                                                org.c02e.jpgpj.Subkey subKey,
                                                                java.security.PublicKey k1,
                                                                java.security.PublicKey k2)
                                                         throws java.io.IOException,
                                                                java.security.GeneralSecurityException,
                                                                org.bouncycastle.openpgp.PGPException

/** Invoked if duplicate public keys found for the same fingerprint

Parameters:

session - The SessionContext of the invocation - may be null if no session context available (e.g., offline tool invocation)

resourceKey - A key representing the resource from which the key data was read

fingerprint - The duplicate fingerprint

subKey - The Subkey from which the duplicate originated

k1 - The original PublicKey associated with this fingerprint

k2 - The replacing PublicKey associated for same fingerprint

Returns:

The effective key to use (default=the replacing one) - if null then associated for the specified fingerprint is nullified

Throws:

java.io.IOException - If failed to process some internal data stream

java.security.GeneralSecurityException - If failed to generate a surrogate key

org.bouncycastle.openpgp.PGPException - If failed to convert PGP key to Java one

generatePublicKey

public <K extends java.security.PublicKey> K generatePublicKey(java.lang.String algorithm,
                                                               java.lang.Class<K> keyType,
                                                               java.security.spec.KeySpec keySpec)
                                                        throws java.security.GeneralSecurityException

Specified by:

generatePublicKey in interface PGPPublicKeyExtractor

Throws:

java.security.GeneralSecurityException

getKeyFactory

protected java.security.KeyFactory getKeyFactory(java.lang.String algorithm)
                                          throws java.security.GeneralSecurityException

Throws:

java.security.GeneralSecurityException

detectDefaultPublicRingFilePath

public static java.nio.file.Path detectDefaultPublicRingFilePath()

detectDefaultPublicRingFilePath

public static java.nio.file.Path detectDefaultPublicRingFilePath(java.nio.file.Path dir)

Checks if either the "pubring.gpg" or "pubring.kbx" exist as a regular file and can be read. Note: it attempts the V2 file first.

Parameters:

dir - The directory to look into

Returns:

The resolved Path - null if none of the files exists.