Package org.apache.sshd.common.config.keys

Class PublicKeyEntry

  • All Implemented Interfaces:
    java.io.Serializable, KeyTypeIndicator
    Direct Known Subclasses:
    AuthorizedKeyEntry
    public class PublicKeyEntry
extends java.lang.Object
implements java.io.Serializable, KeyTypeIndicator

    Represents a PublicKey whose data is formatted according to the OpenSSH format: 

     <key-type> <base64-encoded-public-key-data>
    See Also:
    Serialized Form

    • Field Detail

      • COMMENT_CHAR

        public static final char COMMENT_CHAR
        Character used to denote a comment line in the keys file
        See Also:
        Constant Field Values

      • STD_KEYFILE_FOLDER_NAME

        public static final java.lang.String STD_KEYFILE_FOLDER_NAME
        Standard folder name used by OpenSSH to hold key files
        See Also:
        Constant Field Values

      • PUBKEY_FILE_SUFFIX

        public static final java.lang.String PUBKEY_FILE_SUFFIX
        Standard suffix for SSH public key files
        See Also:
        Constant Field Values

      • KEY_DATA_RESOLVERS

        private static final java.util.NavigableMap<java.lang.String,​PublicKeyEntryDataResolver> KEY_DATA_RESOLVERS

      • keyType

        private java.lang.String keyType

      • keyData

        private byte[] keyData

    • Constructor Detail

      • PublicKeyEntry

        public PublicKeyEntry()

      • PublicKeyEntry

        public PublicKeyEntry​(java.lang.String keyType,
                      byte... keyData)

    • Method Detail

      • getKeyType

        public java.lang.String getKeyType()
        Specified by:
        getKeyType in interface KeyTypeIndicator
        Returns:
        The SSH key type name - e.g., "ssh-rsa", "sshd-dss" etc.

      • setKeyType

        public void setKeyType​(java.lang.String value)

      • getKeyData

        public byte[] getKeyData()

      • setKeyData

        public void setKeyData​(byte[] value)

      • resolvePublicKey

        public java.security.PublicKey resolvePublicKey​(SessionContext session,
                                                java.util.Map<java.lang.String,​java.lang.String> headers,
                                                PublicKeyEntryResolver fallbackResolver)
                                         throws java.io.IOException,
                                                java.security.GeneralSecurityException
        Parameters:
        session - The SessionContext for invoking this load command - may be null if not invoked within a session context (e.g., offline tool or session unknown).
        headers - Any headers that may have been available when data was read
        fallbackResolver - The PublicKeyEntryResolver to consult if none of the built-in ones can be used. If null and no built-in resolver can be used then an InvalidKeySpecException is thrown.
        Returns:
        The resolved PublicKey - or null if could not be resolved. Note: may be called only after key type and data bytes have been set or exception(s) may be thrown
        Throws:
        java.io.IOException - If failed to decode the key
        java.security.GeneralSecurityException - If failed to generate the key

      • appendPublicKey

        public java.security.PublicKey appendPublicKey​(SessionContext session,
                                               java.lang.Appendable sb,
                                               PublicKeyEntryResolver fallbackResolver)
                                        throws java.io.IOException,
                                               java.security.GeneralSecurityException
        Parameters:
        session - The SessionContext for invoking this command - may be null if not invoked within a session context (e.g., offline tool or session unknown).
        sb - The Appendable instance to encode the data into
        fallbackResolver - The PublicKeyEntryResolver to consult if none of the built-in ones can be used. If null and no built-in resolver can be used then an InvalidKeySpecException is thrown.
        Returns:
        The PublicKey or null if could not resolve it
        Throws:
        java.io.IOException - If failed to decode/encode the key
        java.security.GeneralSecurityException - If failed to generate the key
        See Also:
        resolvePublicKey(SessionContext, Map, PublicKeyEntryResolver)

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.lang.Object

      • equals

        public boolean equals​(java.lang.Object obj)
        Overrides:
        equals in class java.lang.Object

      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object

      • resolvePublicKeyEntries

        public static java.util.List<java.security.PublicKey> resolvePublicKeyEntries​(SessionContext session,
                                                                              java.util.Collection<? extends PublicKeyEntry> entries,
                                                                              PublicKeyEntryResolver fallbackResolver)
                                                                       throws java.io.IOException,
                                                                              java.security.GeneralSecurityException
        Parameters:
        session - The SessionContext for invoking this command - may be null if not invoked within a session context (e.g., offline tool or session unknown).
        entries - The entries to convert - ignored if null/empty
        fallbackResolver - The PublicKeyEntryResolver to consult if none of the built-in ones can be used. If null and no built-in resolver can be used then an InvalidKeySpecException is thrown.
        Returns:
        The List of all PublicKey-s that have been resolved
        Throws:
        java.io.IOException - If failed to decode the key data
        java.security.GeneralSecurityException - If failed to generate the PublicKey from the decoded data
        See Also:
        resolvePublicKey(SessionContext, Map, PublicKeyEntryResolver)

      • registerKeyDataEntryResolver

        public static void registerKeyDataEntryResolver​(java.lang.String keyType,
                                                PublicKeyEntryDataResolver resolver)
        Registers a specialized decoder for the public key entry data bytes instead of the default one.
        Parameters:
        keyType - The key-type value (case insensitive) that will trigger the usage of this decoder - e.g., "ssh-rsa", "pgp-sign-dss", etc.
        resolver - The decoder to use

      • getKeyDataEntryResolver

        public static PublicKeyEntryDataResolver getKeyDataEntryResolver​(java.lang.String keyType)
        Parameters:
        keyType - The key-type value (case insensitive) that may have been previously registered - e.g., "ssh-rsa", "pgp-sign-dss", etc.
        Returns:
        The registered resolver instance - null if none was registered

      • unregisterKeyDataEntryResolver

        public static PublicKeyEntryDataResolver unregisterKeyDataEntryResolver​(java.lang.String keyType)
        Parameters:
        keyType - The key-type value (case insensitive) that may have been previously registered - e.g., "ssh-rsa", "pgp-sign-dss", etc.
        Returns:
        The un-registered resolver instance - null if none was registered

      • resolveKeyDataEntryResolver

        public static PublicKeyEntryDataResolver resolveKeyDataEntryResolver​(java.lang.String keyType)
        Parameters:
        keyType - keyType The key-type value (case insensitive) whose data is to be resolved - e.g., "ssh-rsa", "pgp-sign-dss", etc.
        Returns:
        If a specific resolver has been previously registered then uses it, otherwise the default one.

      • getRegisteredKeyDataEntryResolvers

        public static java.util.NavigableMap<java.lang.String,​PublicKeyEntryDataResolver> getRegisteredKeyDataEntryResolvers()
        Returns:
        A snapshot of the currently registered specialized PublicKeyEntryDataResolver-s, where key=the key-type value (case insensitive) - e.g., "ssh-rsa", "pgp-sign-dss", etc., value=the associated PublicKeyEntryDataResolver for the key type

      • parsePublicKeyEntry

        public static PublicKeyEntry parsePublicKeyEntry​(java.lang.String encData)
                                          throws java.lang.IllegalArgumentException
        Parameters:
        encData - Assumed to contain at least key-type base64-data (anything beyond the BASE64 data is ignored) - ignored if null/empty
        Returns:
        A PublicKeyEntry or null if no data
        Throws:
        java.lang.IllegalArgumentException - if bad format found
        See Also:
        parsePublicKeyEntry(String, PublicKeyEntryDataResolver)

      • parsePublicKeyEntry

        public static <E extends PublicKeyEntry> E parsePublicKeyEntry​(E entry,
                                                               java.lang.String encData)
                                                        throws java.lang.IllegalArgumentException
        Type Parameters:
        E - The generic entry type
        Parameters:
        entry - The PublicKeyEntry whose contents are to be updated - ignored if null
        encData - Assumed to contain at least key-type base64-data (anything beyond the BASE64 data is ignored) - ignored if null/empty
        Returns:
        The updated entry instance
        Throws:
        java.lang.IllegalArgumentException - if bad format found
        See Also:
        parsePublicKeyEntry(PublicKeyEntry, String, PublicKeyEntryDataResolver)

      • parsePublicKeyEntry

        public static <E extends PublicKeyEntry> E parsePublicKeyEntry​(E entry,
                                                               java.lang.String encData,
                                                               PublicKeyEntryDataResolver decoder)
                                                        throws java.lang.IllegalArgumentException
        Type Parameters:
        E - The generic entry type
        Parameters:
        entry - The PublicKeyEntry whose contents are to be updated - ignored if null
        encData - Assumed to contain at least key-type base64-data (anything beyond the BASE64 data is ignored) - ignored if null/empty
        decoder - The PublicKeyEntryDataResolver to use in order to decode the key data string into its bytes - if null then one is automatically resolved
        Returns:
        The updated entry instance
        Throws:
        java.lang.IllegalArgumentException - if bad format found

      • toString

        public static java.lang.String toString​(java.security.PublicKey key)
                                 throws java.lang.IllegalArgumentException
        Parameters:
        key - The PublicKey
        Returns:
        The OpenSSH encoded data
        Throws:
        java.lang.IllegalArgumentException - If failed to encode
        See Also:
        toString(PublicKey, PublicKeyEntryDataResolver)

      • appendPublicKeyEntry

        public static <A extends java.lang.Appendable> A appendPublicKeyEntry​(A sb,
                                                                      java.security.PublicKey key)
                                                               throws java.io.IOException
        Encodes a public key data the same way as the parsePublicKeyEntry(String) expects it
        Type Parameters:
        A - The generic appendable class
        Parameters:
        sb - The Appendable instance to encode the data into
        key - The PublicKey - ignored if null
        Returns:
        The updated appendable instance
        Throws:
        java.io.IOException - If failed to append the data
        See Also:
        appendPublicKeyEntry(Appendable, PublicKey, PublicKeyEntryDataResolver)

      • appendPublicKeyEntry

        public static <A extends java.lang.Appendable> A appendPublicKeyEntry​(A sb,
                                                                      java.security.PublicKey key,
                                                                      PublicKeyEntryDataResolver encoder)
                                                               throws java.io.IOException
        Type Parameters:
        A - The generic appendable class
        Parameters:
        sb - The Appendable instance to encode the data into
        key - The PublicKey - ignored if null
        encoder - The PublicKeyEntryDataResolver to use in order to encode the key data bytes into a string representation - if null then one is automatically resolved
        Returns:
        The updated appendable instance
        Throws:
        java.io.IOException - If failed to append the data

      • getDefaultKeysFolderPath

        public static java.nio.file.Path getDefaultKeysFolderPath()
        Returns:
        The default OpenSSH folder used to hold key files - e.g., known_hosts, authorized_keys, etc.