Class AbstractGeneratorHostKeyProvider
- java.lang.Object
-
- org.apache.sshd.common.util.logging.AbstractLoggingBean
-
- org.apache.sshd.common.keyprovider.AbstractKeyPairProvider
-
- org.apache.sshd.server.keyprovider.AbstractGeneratorHostKeyProvider
-
- All Implemented Interfaces:
AlgorithmNameProvider,KeyIdentityProvider,KeyPairProvider,KeySizeIndicator
- Direct Known Subclasses:
BouncyCastleGeneratorHostKeyProvider,SimpleGeneratorHostKeyProvider
public abstract class AbstractGeneratorHostKeyProvider extends AbstractKeyPairProvider implements AlgorithmNameProvider, KeySizeIndicator
Holds a singleKeyPairwhich is generated the 1st timeloadKeys(SessionContext)is called. If there is a file backing it up and the file exists, the key is loaded from it. Otherwise a new key pair is generated and saved (provided a path is configured andisOverwriteAllowed()
-
-
Field Summary
Fields Modifier and Type Field Description private java.lang.Stringalgorithmstatic java.lang.StringDEFAULT_ALGORITHMstatic booleanDEFAULT_ALLOWED_TO_OVERWRITEprivate booleanenforceFilePermissionsprivate java.util.concurrent.atomic.AtomicReference<java.lang.Iterable<java.security.KeyPair>>keyPairHolderprivate intkeySizeprivate java.security.spec.AlgorithmParameterSpeckeySpecprivate booleanoverwriteAllowedprivate java.nio.file.Pathpath-
Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log
-
Fields inherited from interface org.apache.sshd.common.keyprovider.KeyIdentityProvider
EMPTY_KEYS_PROVIDER
-
Fields inherited from interface org.apache.sshd.common.keyprovider.KeyPairProvider
ECDSA_SHA2_NISTP256, ECDSA_SHA2_NISTP384, ECDSA_SHA2_NISTP521, EMPTY_KEYPAIR_PROVIDER, SSH_DSS, SSH_DSS_CERT, SSH_ECDSA_SHA2_NISTP256_CERT, SSH_ECDSA_SHA2_NISTP384_CERT, SSH_ECDSA_SHA2_NISTP521_CERT, SSH_ED25519, SSH_ED25519_CERT, SSH_RSA, SSH_RSA_CERT
-
-
Constructor Summary
Constructors Modifier Constructor Description protectedAbstractGeneratorHostKeyProvider()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description voidclearLoadedKeys()protected java.lang.Iterable<java.security.KeyPair>doReadKeyPairs(SessionContext session, NamedResource resourceKey, java.io.InputStream inputStream)protected abstract voiddoWriteKeyPair(NamedResource resourceKey, java.security.KeyPair kp, java.io.OutputStream outputStream)(package private) booleanedDSAAlgorithmsMatch(java.lang.String expectedAlgorithm, java.lang.String keyAlgorithm)protected java.security.KeyPairgenerateKeyPair(java.lang.String algorithm)java.lang.StringgetAlgorithm()intgetKeySize()java.security.spec.AlgorithmParameterSpecgetKeySpec()java.nio.file.PathgetPath()booleanhasStrictFilePermissions()booleanisOverwriteAllowed()protected java.lang.Iterable<java.security.KeyPair>loadFromFile(SessionContext session, java.lang.String alg, java.nio.file.Path keyPath)java.util.List<java.security.KeyPair>loadKeys(SessionContext session)Load available keys.protected java.lang.Iterable<java.security.KeyPair>readKeyPairs(SessionContext session, java.nio.file.Path keyPath, java.nio.file.OpenOption... options)protected java.lang.Iterable<java.security.KeyPair>resolveKeyPairs(SessionContext session, java.nio.file.Path keyPath)voidsetAlgorithm(java.lang.String algorithm)protected voidsetFilePermissions(java.nio.file.Path path)Restricts the file permissions such that only the owner can access the file.voidsetKeySize(int keySize)voidsetKeySpec(java.security.spec.AlgorithmParameterSpec keySpec)voidsetOverwriteAllowed(boolean overwriteAllowed)voidsetPath(java.nio.file.Path path)voidsetStrictFilePermissions(boolean strict)Sets whether thisAbstractGeneratorHostKeyProvidershall enforce that a newly created host key file has file access permissions that allow only the owner to access it.protected voidwriteKeyPair(java.security.KeyPair kp, java.nio.file.Path keyPath)-
Methods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warn
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.sshd.common.keyprovider.KeyPairProvider
getKeyTypes, loadKey
-
-
-
-
Field Detail
-
DEFAULT_ALGORITHM
public static final java.lang.String DEFAULT_ALGORITHM
- See Also:
- Constant Field Values
-
DEFAULT_ALLOWED_TO_OVERWRITE
public static final boolean DEFAULT_ALLOWED_TO_OVERWRITE
- See Also:
- Constant Field Values
-
keyPairHolder
private final java.util.concurrent.atomic.AtomicReference<java.lang.Iterable<java.security.KeyPair>> keyPairHolder
-
path
private java.nio.file.Path path
-
algorithm
private java.lang.String algorithm
-
keySize
private int keySize
-
keySpec
private java.security.spec.AlgorithmParameterSpec keySpec
-
overwriteAllowed
private boolean overwriteAllowed
-
enforceFilePermissions
private boolean enforceFilePermissions
-
-
Method Detail
-
getPath
public java.nio.file.Path getPath()
-
setPath
public void setPath(java.nio.file.Path path)
-
getAlgorithm
public java.lang.String getAlgorithm()
- Specified by:
getAlgorithmin interfaceAlgorithmNameProvider
-
setAlgorithm
public void setAlgorithm(java.lang.String algorithm)
-
getKeySize
public int getKeySize()
- Specified by:
getKeySizein interfaceKeySizeIndicator- Returns:
- The number of bits used in the key
-
setKeySize
public void setKeySize(int keySize)
-
getKeySpec
public java.security.spec.AlgorithmParameterSpec getKeySpec()
-
setKeySpec
public void setKeySpec(java.security.spec.AlgorithmParameterSpec keySpec)
-
isOverwriteAllowed
public boolean isOverwriteAllowed()
-
setOverwriteAllowed
public void setOverwriteAllowed(boolean overwriteAllowed)
-
hasStrictFilePermissions
public boolean hasStrictFilePermissions()
-
setStrictFilePermissions
public void setStrictFilePermissions(boolean strict)
Sets whether thisAbstractGeneratorHostKeyProvidershall enforce that a newly created host key file has file access permissions that allow only the owner to access it. By defaulttrue.- Parameters:
strict- whether to restrict file permissions to owner-only access
-
clearLoadedKeys
public void clearLoadedKeys()
-
loadKeys
public java.util.List<java.security.KeyPair> loadKeys(SessionContext session)
Description copied from interface:KeyIdentityProviderLoad available keys.- Specified by:
loadKeysin interfaceKeyIdentityProvider- Parameters:
session- TheSessionContextfor invoking this load command - may benullif not invoked within a session context (e.g., offline tool or session unknown).- Returns:
- an
Iterableinstance of available keys - ignored ifnull
-
resolveKeyPairs
protected java.lang.Iterable<java.security.KeyPair> resolveKeyPairs(SessionContext session, java.nio.file.Path keyPath) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
loadFromFile
protected java.lang.Iterable<java.security.KeyPair> loadFromFile(SessionContext session, java.lang.String alg, java.nio.file.Path keyPath) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
readKeyPairs
protected java.lang.Iterable<java.security.KeyPair> readKeyPairs(SessionContext session, java.nio.file.Path keyPath, java.nio.file.OpenOption... options) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
doReadKeyPairs
protected java.lang.Iterable<java.security.KeyPair> doReadKeyPairs(SessionContext session, NamedResource resourceKey, java.io.InputStream inputStream) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
writeKeyPair
protected void writeKeyPair(java.security.KeyPair kp, java.nio.file.Path keyPath) throws java.io.IOException, java.security.GeneralSecurityException- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
setFilePermissions
protected void setFilePermissions(java.nio.file.Path path) throws java.io.IOExceptionRestricts the file permissions such that only the owner can access the file.- Parameters:
path-Pathof a newly created (empty) host key file- Throws:
java.io.IOException- on errors
-
doWriteKeyPair
protected abstract void doWriteKeyPair(NamedResource resourceKey, java.security.KeyPair kp, java.io.OutputStream outputStream) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
generateKeyPair
protected java.security.KeyPair generateKeyPair(java.lang.String algorithm) throws java.security.GeneralSecurityException- Throws:
java.security.GeneralSecurityException
-
edDSAAlgorithmsMatch
boolean edDSAAlgorithmsMatch(java.lang.String expectedAlgorithm, java.lang.String keyAlgorithm)
-
-