Can you remove it from your local repository and try again ? It's definitely not in maven central: https://repo1.maven.org/maven2/net/i2p/crypto/eddsa/
2017-03-10 9:01 GMT+01:00 Lyor Goldstein <lyor.goldst...@gmail.com>: > The version is 0.1.1 - I had no problem when I did the upgrade - no > special repository needed > > בתאריך 10 במרץ 2017 09:58, "Guillaume Nodet" <gno...@apache.org> כתב: > > I can't find this artifact in maven central. >> Could you add the needed repository please ? >> >> 2017-03-02 21:00 GMT+01:00 <lgoldst...@apache.org>: >> >>> Repository: mina-sshd >>> Updated Branches: >>> refs/heads/master 8e255459a -> cbb92d2a8 >>> >>> >>> [SSHD-727] Upgrade used EdDSA artifact version to 1.1 >>> >>> >>> Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo >>> Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/cbb92d2a >>> Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/cbb92d2a >>> Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/cbb92d2a >>> >>> Branch: refs/heads/master >>> Commit: cbb92d2a89600ee8a34abdf7d84cdc08291dcbf5 >>> Parents: 22dc7c3 >>> Author: Lyor Goldstein <lyor.goldst...@gmail.com> >>> Authored: Thu Mar 2 21:47:51 2017 +0200 >>> Committer: Lyor Goldstein <lyor.goldst...@gmail.com> >>> Committed: Thu Mar 2 22:01:14 2017 +0200 >>> >>> ---------------------------------------------------------------------- >>> pom.xml | 6 +- >>> .../common/util/security/SecurityUtils.java | 31 +-- >>> .../security/eddsa/EdDSASecurityProvider.java | 205 >>> ------------------- >>> .../eddsa/EdDSASecurityProviderRegistrar.java | 2 +- >>> .../eddsa/EdDSASecurityProviderUtils.java | 197 >>> ++++++++++++++++++ >>> .../OpenSSHEd25519PrivateKeyEntryDecoder.java | 2 +- >>> .../common/signature/SignaturesDevelopment.java | 6 +- >>> .../util/security/eddsa/Ed25519VectorsTest.java | 12 +- >>> .../EdDSASecurityProviderRegistrarTest.java | 2 + >>> 9 files changed, 229 insertions(+), 234 deletions(-) >>> ---------------------------------------------------------------------- >>> >>> >>> http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/cbb92d2a/pom.xml >>> ---------------------------------------------------------------------- >>> diff --git a/pom.xml b/pom.xml >>> index 806f7fb..06ec711 100644 >>> --- a/pom.xml >>> +++ b/pom.xml >>> @@ -104,7 +104,7 @@ >>> <gmaven.plugin.version>2.0</gmaven.plugin.version> >>> <groovy.major.version>2</groovy.major.version> >>> <groovy.minor.version>4</groovy.minor.version> >>> - <groovy.release.version>8</groovy.release.version> >>> + <groovy.release.version>9</groovy.release.version> >>> <groovy.compliance.level>2.0</groovy.compliance.level> >>> <groovy.version>${groovy.major.version}.${groovy.minor.vers >>> ion}.${groovy.release.version}</groovy.version> >>> >>> @@ -202,7 +202,7 @@ >>> <dependency> >>> <groupId>net.i2p.crypto</groupId> >>> <artifactId>eddsa</artifactId> >>> - <version>0.1.0</version> >>> + <version>0.1.1</version> >>> </dependency> >>> >>> <dependency> >>> @@ -594,7 +594,7 @@ >>> <dependency> >>> <groupId>com.puppycrawl.tools</groupId> >>> <artifactId>checkstyle</artifactId> >>> - <version>7.5.1</version> >>> + <version>7.6</version> >>> <exclusions> >>> <!-- MCHECKSTYLE-156 --> >>> <exclusion> >>> >>> http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/cbb92d >>> 2a/sshd-core/src/main/java/org/apache/sshd/common/util/secur >>> ity/SecurityUtils.java >>> ---------------------------------------------------------------------- >>> diff --git >>> a/sshd-core/src/main/java/org/apache/sshd/common/util/security/SecurityUtils.java >>> b/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/SecurityUtils.java >>> index 6aff088..b86bcc3 100644 >>> --- a/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/SecurityUtils.java >>> +++ b/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/SecurityUtils.java >>> @@ -73,7 +73,7 @@ import org.apache.sshd.common.util.buffer.Buffer; >>> import org.apache.sshd.common.util.security.bouncycastle.BouncyCast >>> leGeneratorHostKeyProvider; >>> import org.apache.sshd.common.util.security.bouncycastle.BouncyCast >>> leKeyPairResourceParser; >>> import org.apache.sshd.common.util.security.bouncycastle.BouncyCast >>> leRandomFactory; >>> -import org.apache.sshd.common.util.security.eddsa.EdDSASecurityProv >>> ider; >>> +import org.apache.sshd.common.util.security.eddsa.EdDSASecurityProv >>> iderUtils; >>> import org.apache.sshd.common.util.threads.ThreadUtils; >>> import org.apache.sshd.server.keyprovider.AbstractGeneratorHostKeyP >>> rovider; >>> import org.slf4j.Logger; >>> @@ -91,12 +91,13 @@ public final class SecurityUtils { >>> public static final String BOUNCY_CASTLE = "BC"; >>> >>> /** >>> - * EDDSA support >>> + * EDDSA support - should match {@code EdDSAKey.KEY_ALGORITHM} >>> */ >>> public static final String EDDSA = "EdDSA"; >>> >>> // A copy-paste from the original, but we don't want to drag the >>> classes into the classpath >>> - public static final String CURVE_ED25519_SHA512 = "ed25519-sha-512"; >>> + // See EdDSANamedCurveTable.CURVE_ED25519_SHA512 >>> + public static final String CURVE_ED25519_SHA512 = >>> "SHA512withEd25519"; >>> >>> /** >>> * System property used to configure the value for the maximum >>> supported Diffie-Hellman >>> @@ -538,7 +539,7 @@ public final class SecurityUtils { >>> throw new UnsupportedOperationException(EDDSA + " provider >>> N/A"); >>> } >>> >>> - return EdDSASecurityProvider.getEDDSAPublicKeyEntryDecoder(); >>> + return EdDSASecurityProviderUtils.get >>> EDDSAPublicKeyEntryDecoder(); >>> } >>> >>> public static PrivateKeyEntryDecoder<? extends PublicKey, ? extends >>> PrivateKey> getOpenSSHEDDSAPrivateKeyEntryDecoder() { >>> @@ -546,35 +547,35 @@ public final class SecurityUtils { >>> throw new UnsupportedOperationException(EDDSA + " provider >>> N/A"); >>> } >>> >>> - return EdDSASecurityProvider.getOpenS >>> SHEDDSAPrivateKeyEntryDecoder(); >>> + return EdDSASecurityProviderUtils.get >>> OpenSSHEDDSAPrivateKeyEntryDecoder(); >>> } >>> >>> public static org.apache.sshd.common.signature.Signature >>> getEDDSASigner() { >>> if (isEDDSACurveSupported()) { >>> - return EdDSASecurityProvider.getEDDSASignature(); >>> + return EdDSASecurityProviderUtils.getEDDSASignature(); >>> } >>> >>> throw new UnsupportedOperationException(EDDSA + " Signer not >>> available"); >>> } >>> >>> public static int getEDDSAKeySize(Key key) { >>> - return EdDSASecurityProvider.getEDDSAKeySize(key); >>> + return EdDSASecurityProviderUtils.getEDDSAKeySize(key); >>> } >>> >>> public static Class<? extends PublicKey> getEDDSAPublicKeyType() { >>> - return isEDDSACurveSupported() ? >>> EdDSASecurityProvider.getEDDSAPublicKeyType() >>> : PublicKey.class; >>> + return isEDDSACurveSupported() ? >>> EdDSASecurityProviderUtils.getEDDSAPublicKeyType() >>> : PublicKey.class; >>> } >>> >>> public static Class<? extends PrivateKey> getEDDSAPrivateKeyType() { >>> - return isEDDSACurveSupported() ? >>> EdDSASecurityProvider.getEDDSAPrivateKeyType() >>> : PrivateKey.class; >>> + return isEDDSACurveSupported() ? >>> EdDSASecurityProviderUtils.getEDDSAPrivateKeyType() >>> : PrivateKey.class; >>> } >>> >>> public static boolean compareEDDSAPPublicKeys(PublicKey k1, >>> PublicKey k2) { >>> - return isEDDSACurveSupported() ? >>> EdDSASecurityProvider.compareEDDSAPPublicKeys(k1, >>> k2) : false; >>> + return isEDDSACurveSupported() ? >>> EdDSASecurityProviderUtils.compareEDDSAPPublicKeys(k1, >>> k2) : false; >>> } >>> >>> public static boolean compareEDDSAPrivateKeys(PrivateKey k1, >>> PrivateKey k2) { >>> - return isEDDSACurveSupported() ? >>> EdDSASecurityProvider.compareEDDSAPrivateKeys(k1, >>> k2) : false; >>> + return isEDDSACurveSupported() ? >>> EdDSASecurityProviderUtils.compareEDDSAPrivateKeys(k1, >>> k2) : false; >>> } >>> >>> public static PublicKey recoverEDDSAPublicKey(PrivateKey key) >>> throws GeneralSecurityException { >>> @@ -582,7 +583,7 @@ public final class SecurityUtils { >>> throw new NoSuchAlgorithmException(EDDSA + " provider not >>> supported"); >>> } >>> >>> - return EdDSASecurityProvider.recoverEDDSAPublicKey(key); >>> + return EdDSASecurityProviderUtils.recoverEDDSAPublicKey(key); >>> } >>> >>> public static PublicKey generateEDDSAPublicKey(String keyType, >>> byte[] seed) throws GeneralSecurityException { >>> @@ -594,7 +595,7 @@ public final class SecurityUtils { >>> throw new NoSuchAlgorithmException(EDDSA + " provider not >>> supported"); >>> } >>> >>> - return EdDSASecurityProvider.generateEDDSAPublicKey(seed); >>> + return EdDSASecurityProviderUtils.generateEDDSAPublicKey(seed); >>> } >>> >>> public static <B extends Buffer> B putRawEDDSAPublicKey(B buffer, >>> PublicKey key) { >>> @@ -602,7 +603,7 @@ public final class SecurityUtils { >>> throw new UnsupportedOperationException(EDDSA + " provider >>> not supported"); >>> } >>> >>> - return EdDSASecurityProvider.putRawEDDSAPublicKey(buffer, key); >>> + return EdDSASecurityProviderUtils.putRawEDDSAPublicKey(buffer, >>> key); >>> } >>> >>> public static <B extends Buffer> B putEDDSAKeyPair(B buffer, >>> KeyPair kp) { >>> @@ -614,7 +615,7 @@ public final class SecurityUtils { >>> throw new UnsupportedOperationException(EDDSA + " provider >>> not supported"); >>> } >>> >>> - return EdDSASecurityProvider.putEDDSAKeyPair(buffer, pubKey, >>> prvKey); >>> + return EdDSASecurityProviderUtils.putEDDSAKeyPair(buffer, >>> pubKey, prvKey); >>> } >>> >>> public static KeyPair extractEDDSAKeyPair(Buffer buffer, String >>> keyType) throws GeneralSecurityException { >>> >>> http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/cbb92d >>> 2a/sshd-core/src/main/java/org/apache/sshd/common/util/secur >>> ity/eddsa/EdDSASecurityProvider.java >>> ---------------------------------------------------------------------- >>> diff --git a/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProvider.java b/sshd-core/src/main/java/org/ >>> apache/sshd/common/util/security/eddsa/EdDSASecurityProvider.java >>> deleted file mode 100644 >>> index e039547..0000000 >>> --- a/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProvider.java >>> +++ /dev/null >>> @@ -1,205 +0,0 @@ >>> -/* >>> - * Licensed to the Apache Software Foundation (ASF) under one >>> - * or more contributor license agreements. See the NOTICE file >>> - * distributed with this work for additional information >>> - * regarding copyright ownership. The ASF licenses this file >>> - * to you under the Apache License, Version 2.0 (the >>> - * "License"); you may not use this file except in compliance >>> - * with the License. You may obtain a copy of the License at >>> - * >>> - * http://www.apache.org/licenses/LICENSE-2.0 >>> - * >>> - * Unless required by applicable law or agreed to in writing, >>> - * software distributed under the License is distributed on an >>> - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY >>> - * KIND, either express or implied. See the License for the >>> - * specific language governing permissions and limitations >>> - * under the License. >>> - */ >>> -package org.apache.sshd.common.util.security.eddsa; >>> - >>> -import java.security.GeneralSecurityException; >>> -import java.security.InvalidKeyException; >>> -import java.security.Key; >>> -import java.security.KeyFactory; >>> -import java.security.NoSuchAlgorithmException; >>> -import java.security.PrivateKey; >>> -import java.security.Provider; >>> -import java.security.PublicKey; >>> -import java.util.Arrays; >>> -import java.util.Objects; >>> - >>> -import net.i2p.crypto.eddsa.EdDSAKey; >>> -import net.i2p.crypto.eddsa.EdDSAPrivateKey; >>> -import net.i2p.crypto.eddsa.EdDSAPublicKey; >>> -import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable; >>> -import net.i2p.crypto.eddsa.spec.EdDSAParameterSpec; >>> -import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec; >>> -import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec; >>> - >>> -import org.apache.sshd.common.config.keys.PrivateKeyEntryDecoder; >>> -import org.apache.sshd.common.config.keys.PublicKeyEntryDecoder; >>> -import org.apache.sshd.common.keyprovider.KeyPairProvider; >>> -import org.apache.sshd.common.util.ValidateUtils; >>> -import org.apache.sshd.common.util.buffer.Buffer; >>> -import org.apache.sshd.common.util.security.SecurityUtils; >>> - >>> -/** >>> - * @author <a href="mailto:dev@mina.apache.org";>Apache MINA SSHD >>> Project</a> >>> - */ >>> -public class EdDSASecurityProvider extends Provider { >>> - private static final long serialVersionUID = -6183277432144104981L; >>> - >>> - public EdDSASecurityProvider() { >>> - super(SecurityUtils.EDDSA, 0.1, "net.i2p security provider >>> wrapper"); >>> - >>> - // see https://docs.oracle.com/javase >>> /8/docs/technotes/guides/security/crypto/HowToImplAProvider.html >>> - put("KeyPairGenerator." + SecurityUtils.EDDSA, >>> "net.i2p.crypto.eddsa.KeyPairGenerator"); >>> - put("KeyFactory." + SecurityUtils.EDDSA, >>> "net.i2p.crypto.eddsa.KeyFactory"); >>> - put("Signature." + EdDSANamedCurveTable.CURVE_ED25519_SHA512, >>> "net.i2p.crypto.eddsa.EdDSAEngine"); >>> - } >>> - >>> - public static Class<? extends PublicKey> getEDDSAPublicKeyType() { >>> - return EdDSAPublicKey.class; >>> - } >>> - >>> - public static Class<? extends PrivateKey> getEDDSAPrivateKeyType() { >>> - return EdDSAPrivateKey.class; >>> - } >>> - >>> - public static int getEDDSAKeySize(Key key) { >>> - return (SecurityUtils.isEDDSACurveSupported() && (key >>> instanceof EdDSAKey)) ? 256 : -1; >>> - } >>> - >>> - public static boolean compareEDDSAPPublicKeys(PublicKey k1, >>> PublicKey k2) { >>> - if (!SecurityUtils.isEDDSACurveSupported()) { >>> - return false; >>> - } >>> - >>> - if ((k1 instanceof EdDSAPublicKey) && (k2 instanceof >>> EdDSAPublicKey)) { >>> - if (Objects.equals(k1, k2)) { >>> - return true; >>> - } else if (k1 == null || k2 == null) { >>> - return false; // both null is covered by >>> Objects#equals >>> - } >>> - >>> - EdDSAPublicKey ed1 = (EdDSAPublicKey) k1; >>> - EdDSAPublicKey ed2 = (EdDSAPublicKey) k2; >>> - return Arrays.equals(ed1.getAbyte(), ed2.getAbyte()) >>> - && compareEDDSAKeyParams(ed1.getParams(), >>> ed2.getParams()); >>> - } >>> - >>> - return false; >>> - } >>> - >>> - public static boolean isEDDSASignatureAlgorithm(String algorithm) { >>> - return EdDSANamedCurveTable.CURVE_ED2 >>> 5519_SHA512.equalsIgnoreCase(algorithm); >>> - } >>> - >>> - public static EdDSAPublicKey recoverEDDSAPublicKey(PrivateKey key) >>> throws GeneralSecurityException { >>> - ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> - if (!(key instanceof EdDSAPrivateKey)) { >>> - throw new InvalidKeyException("Private key is not " + >>> SecurityUtils.EDDSA); >>> - } >>> - >>> - EdDSAPrivateKey prvKey = (EdDSAPrivateKey) key; >>> - EdDSAPublicKeySpec keySpec = new >>> EdDSAPublicKeySpec(prvKey.getSeed(), >>> prvKey.getParams()); >>> - KeyFactory factory = SecurityUtils.getKeyFactory(Se >>> curityUtils.EDDSA); >>> - return EdDSAPublicKey.class.cast(fact >>> ory.generatePublic(keySpec)); >>> - } >>> - >>> - public static org.apache.sshd.common.signature.Signature >>> getEDDSASignature() { >>> - ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> - return new SignatureEd25519(); >>> - } >>> - >>> - public static boolean isEDDSAKeyFactoryAlgorithm(String algorithm) >>> { >>> - return SecurityUtils.EDDSA.equalsIgnoreCase(algorithm); >>> - } >>> - >>> - public static boolean isEDDSAKeyPairGeneratorAlgorithm(String >>> algorithm) { >>> - return SecurityUtils.EDDSA.equalsIgnoreCase(algorithm); >>> - } >>> - >>> - public static PublicKeyEntryDecoder<? extends PublicKey, ? extends >>> PrivateKey> getEDDSAPublicKeyEntryDecoder() { >>> - ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> - return Ed25519PublicKeyDecoder.INSTANCE; >>> - } >>> - >>> - public static PrivateKeyEntryDecoder<? extends PublicKey, ? extends >>> PrivateKey> getOpenSSHEDDSAPrivateKeyEntryDecoder() { >>> - ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> - return OpenSSHEd25519PrivateKeyEntryDecoder.INSTANCE; >>> - } >>> - >>> - public static boolean compareEDDSAPrivateKeys(PrivateKey k1, >>> PrivateKey k2) { >>> - if (!SecurityUtils.isEDDSACurveSupported()) { >>> - return false; >>> - } >>> - >>> - if ((k1 instanceof EdDSAPrivateKey) && (k2 instanceof >>> EdDSAPrivateKey)) { >>> - if (Objects.equals(k1, k2)) { >>> - return true; >>> - } else if (k1 == null || k2 == null) { >>> - return false; // both null is covered by >>> Objects#equals >>> - } >>> - >>> - EdDSAPrivateKey ed1 = (EdDSAPrivateKey) k1; >>> - EdDSAPrivateKey ed2 = (EdDSAPrivateKey) k2; >>> - return Arrays.equals(ed1.getSeed(), ed2.getSeed()) >>> - && compareEDDSAKeyParams(ed1.getParams(), >>> ed2.getParams()); >>> - } >>> - >>> - return false; >>> - } >>> - >>> - public static boolean compareEDDSAKeyParams(EdDSAParameterSpec s1, >>> EdDSAParameterSpec s2) { >>> - if (Objects.equals(s1, s2)) { >>> - return true; >>> - } else if (s1 == null || s2 == null) { >>> - return false; // both null is covered by Objects#equals >>> - } else { >>> - return Objects.equals(s1.getHashAlgorithm(), >>> s2.getHashAlgorithm()) >>> - && Objects.equals(s1.getCurve(), s2.getCurve()) >>> - && Objects.equals(s1.getB(), s2.getB()); >>> - } >>> - } >>> - >>> - public static PublicKey generateEDDSAPublicKey(byte[] seed) throws >>> GeneralSecurityException { >>> - if (!SecurityUtils.isEDDSACurveSupported()) { >>> - throw new NoSuchAlgorithmException(SecurityUtils.EDDSA + " >>> not supported"); >>> - } >>> - >>> - EdDSAParameterSpec params = EdDSANamedCurveTable.getByName >>> (EdDSANamedCurveTable.CURVE_ED25519_SHA512); >>> - EdDSAPublicKeySpec keySpec = new EdDSAPublicKeySpec(seed, >>> params); >>> - KeyFactory factory = SecurityUtils.getKeyFactory(Se >>> curityUtils.EDDSA); >>> - return factory.generatePublic(keySpec); >>> - } >>> - >>> - public static PrivateKey generateEDDSAPrivateKey(byte[] seed) >>> throws GeneralSecurityException { >>> - if (!SecurityUtils.isEDDSACurveSupported()) { >>> - throw new NoSuchAlgorithmException(SecurityUtils.EDDSA + " >>> not supported"); >>> - } >>> - >>> - EdDSAParameterSpec params = EdDSANamedCurveTable.getByName >>> (EdDSANamedCurveTable.CURVE_ED25519_SHA512); >>> - EdDSAPrivateKeySpec keySpec = new EdDSAPrivateKeySpec(seed, >>> params); >>> - KeyFactory factory = SecurityUtils.getKeyFactory(Se >>> curityUtils.EDDSA); >>> - return factory.generatePrivate(keySpec); >>> - } >>> - >>> - public static <B extends Buffer> B putRawEDDSAPublicKey(B buffer, >>> PublicKey key) { >>> - ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> - EdDSAPublicKey edKey = ValidateUtils.checkInstanceOf(key, >>> EdDSAPublicKey.class, "Not an EDDSA public key: %s", key); >>> - byte[] seed = Ed25519PublicKeyDecoder.getSeedValue(edKey); >>> - ValidateUtils.checkNotNull(seed, "No seed extracted from key: >>> %s", edKey.getA()); >>> - buffer.putString(KeyPairProvider.SSH_ED25519); >>> - buffer.putBytes(seed); >>> - return buffer; >>> - } >>> - >>> - public static <B extends Buffer> B putEDDSAKeyPair(B buffer, >>> PublicKey pubKey, PrivateKey prvKey) { >>> - ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> - ValidateUtils.checkInstanceOf(pubKey, EdDSAPublicKey.class, >>> "Not an EDDSA public key: %s", pubKey); >>> - ValidateUtils.checkInstanceOf(prvKey, EdDSAPrivateKey.class, >>> "Not an EDDSA private key: %s", prvKey); >>> - throw new UnsupportedOperationException("Full SSHD-440 >>> implementation N/A"); >>> - } >>> -} >>> \ No newline at end of file >>> >>> http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/cbb92d >>> 2a/sshd-core/src/main/java/org/apache/sshd/common/util/secur >>> ity/eddsa/EdDSASecurityProviderRegistrar.java >>> ---------------------------------------------------------------------- >>> diff --git a/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderRegistrar.java >>> b/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderRegistrar.java >>> index b463d27..2bb3f95 100644 >>> --- a/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderRegistrar.java >>> +++ b/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderRegistrar.java >>> @@ -36,7 +36,7 @@ import org.apache.sshd.common.util.th >>> reads.ThreadUtils; >>> * @author <a href="mailto:dev@mina.apache.org";>Apache MINA SSHD >>> Project</a> >>> */ >>> public class EdDSASecurityProviderRegistrar extends >>> AbstractSecurityProviderRegistrar { >>> - public static final String PROVIDER_CLASS = >>> "org.apache.sshd.common.util.security.eddsa.EdDSASecurityProvider"; >>> + public static final String PROVIDER_CLASS = >>> "net.i2p.crypto.eddsa.EdDSASecurityProvider"; >>> // Do not define a static registrar instance to minimize class >>> loading issues >>> private final AtomicReference<Boolean> supportHolder = new >>> AtomicReference<>(null); >>> >>> >>> http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/cbb92d >>> 2a/sshd-core/src/main/java/org/apache/sshd/common/util/secur >>> ity/eddsa/EdDSASecurityProviderUtils.java >>> ---------------------------------------------------------------------- >>> diff --git a/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderUtils.java b/sshd-core/src/main/java/org/ >>> apache/sshd/common/util/security/eddsa/EdDSASecurityProviderUtils.java >>> new file mode 100644 >>> index 0000000..b5d79f0 >>> --- /dev/null >>> +++ b/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderUtils.java >>> @@ -0,0 +1,197 @@ >>> +/* >>> + * Licensed to the Apache Software Foundation (ASF) under one >>> + * or more contributor license agreements. See the NOTICE file >>> + * distributed with this work for additional information >>> + * regarding copyright ownership. The ASF licenses this file >>> + * to you under the Apache License, Version 2.0 (the >>> + * "License"); you may not use this file except in compliance >>> + * with the License. You may obtain a copy of the License at >>> + * >>> + * http://www.apache.org/licenses/LICENSE-2.0 >>> + * >>> + * Unless required by applicable law or agreed to in writing, >>> + * software distributed under the License is distributed on an >>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY >>> + * KIND, either express or implied. See the License for the >>> + * specific language governing permissions and limitations >>> + * under the License. >>> + */ >>> +package org.apache.sshd.common.util.security.eddsa; >>> + >>> +import java.security.GeneralSecurityException; >>> +import java.security.InvalidKeyException; >>> +import java.security.Key; >>> +import java.security.KeyFactory; >>> +import java.security.NoSuchAlgorithmException; >>> +import java.security.PrivateKey; >>> +import java.security.PublicKey; >>> +import java.util.Arrays; >>> +import java.util.Objects; >>> + >>> +import net.i2p.crypto.eddsa.EdDSAKey; >>> +import net.i2p.crypto.eddsa.EdDSAPrivateKey; >>> +import net.i2p.crypto.eddsa.EdDSAPublicKey; >>> +import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable; >>> +import net.i2p.crypto.eddsa.spec.EdDSAParameterSpec; >>> +import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec; >>> +import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec; >>> + >>> +import org.apache.sshd.common.config.keys.PrivateKeyEntryDecoder; >>> +import org.apache.sshd.common.config.keys.PublicKeyEntryDecoder; >>> +import org.apache.sshd.common.keyprovider.KeyPairProvider; >>> +import org.apache.sshd.common.util.ValidateUtils; >>> +import org.apache.sshd.common.util.buffer.Buffer; >>> +import org.apache.sshd.common.util.security.SecurityUtils; >>> + >>> +/** >>> + * @author <a href="mailto:dev@mina.apache.org";>Apache MINA SSHD >>> Project</a> >>> + */ >>> +public final class EdDSASecurityProviderUtils { >>> + private EdDSASecurityProviderUtils() { >>> + throw new UnsupportedOperationException("No instance"); >>> + } >>> + >>> + public static Class<? extends PublicKey> getEDDSAPublicKeyType() { >>> + return EdDSAPublicKey.class; >>> + } >>> + >>> + public static Class<? extends PrivateKey> getEDDSAPrivateKeyType() { >>> + return EdDSAPrivateKey.class; >>> + } >>> + >>> + public static int getEDDSAKeySize(Key key) { >>> + return (SecurityUtils.isEDDSACurveSupported() && (key >>> instanceof EdDSAKey)) ? 256 : -1; >>> + } >>> + >>> + public static boolean compareEDDSAPPublicKeys(PublicKey k1, >>> PublicKey k2) { >>> + if (!SecurityUtils.isEDDSACurveSupported()) { >>> + return false; >>> + } >>> + >>> + if ((k1 instanceof EdDSAPublicKey) && (k2 instanceof >>> EdDSAPublicKey)) { >>> + if (Objects.equals(k1, k2)) { >>> + return true; >>> + } else if (k1 == null || k2 == null) { >>> + return false; // both null is covered by >>> Objects#equals >>> + } >>> + >>> + EdDSAPublicKey ed1 = (EdDSAPublicKey) k1; >>> + EdDSAPublicKey ed2 = (EdDSAPublicKey) k2; >>> + return Arrays.equals(ed1.getAbyte(), ed2.getAbyte()) >>> + && compareEDDSAKeyParams(ed1.getParams(), >>> ed2.getParams()); >>> + } >>> + >>> + return false; >>> + } >>> + >>> + public static boolean isEDDSASignatureAlgorithm(String algorithm) { >>> + return EdDSANamedCurveTable.CURVE_ED2 >>> 5519_SHA512.equalsIgnoreCase(algorithm); >>> + } >>> + >>> + public static EdDSAPublicKey recoverEDDSAPublicKey(PrivateKey key) >>> throws GeneralSecurityException { >>> + ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> + if (!(key instanceof EdDSAPrivateKey)) { >>> + throw new InvalidKeyException("Private key is not " + >>> SecurityUtils.EDDSA); >>> + } >>> + >>> + EdDSAPrivateKey prvKey = (EdDSAPrivateKey) key; >>> + EdDSAPublicKeySpec keySpec = new >>> EdDSAPublicKeySpec(prvKey.getSeed(), >>> prvKey.getParams()); >>> + KeyFactory factory = SecurityUtils.getKeyFactory(Se >>> curityUtils.EDDSA); >>> + return EdDSAPublicKey.class.cast(fact >>> ory.generatePublic(keySpec)); >>> + } >>> + >>> + public static org.apache.sshd.common.signature.Signature >>> getEDDSASignature() { >>> + ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> + return new SignatureEd25519(); >>> + } >>> + >>> + public static boolean isEDDSAKeyFactoryAlgorithm(String algorithm) >>> { >>> + return SecurityUtils.EDDSA.equalsIgnoreCase(algorithm); >>> + } >>> + >>> + public static boolean isEDDSAKeyPairGeneratorAlgorithm(String >>> algorithm) { >>> + return SecurityUtils.EDDSA.equalsIgnoreCase(algorithm); >>> + } >>> + >>> + public static PublicKeyEntryDecoder<? extends PublicKey, ? extends >>> PrivateKey> getEDDSAPublicKeyEntryDecoder() { >>> + ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> + return Ed25519PublicKeyDecoder.INSTANCE; >>> + } >>> + >>> + public static PrivateKeyEntryDecoder<? extends PublicKey, ? extends >>> PrivateKey> getOpenSSHEDDSAPrivateKeyEntryDecoder() { >>> + ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> + return OpenSSHEd25519PrivateKeyEntryDecoder.INSTANCE; >>> + } >>> + >>> + public static boolean compareEDDSAPrivateKeys(PrivateKey k1, >>> PrivateKey k2) { >>> + if (!SecurityUtils.isEDDSACurveSupported()) { >>> + return false; >>> + } >>> + >>> + if ((k1 instanceof EdDSAPrivateKey) && (k2 instanceof >>> EdDSAPrivateKey)) { >>> + if (Objects.equals(k1, k2)) { >>> + return true; >>> + } else if (k1 == null || k2 == null) { >>> + return false; // both null is covered by >>> Objects#equals >>> + } >>> + >>> + EdDSAPrivateKey ed1 = (EdDSAPrivateKey) k1; >>> + EdDSAPrivateKey ed2 = (EdDSAPrivateKey) k2; >>> + return Arrays.equals(ed1.getSeed(), ed2.getSeed()) >>> + && compareEDDSAKeyParams(ed1.getParams(), >>> ed2.getParams()); >>> + } >>> + >>> + return false; >>> + } >>> + >>> + public static boolean compareEDDSAKeyParams(EdDSAParameterSpec s1, >>> EdDSAParameterSpec s2) { >>> + if (Objects.equals(s1, s2)) { >>> + return true; >>> + } else if (s1 == null || s2 == null) { >>> + return false; // both null is covered by Objects#equals >>> + } else { >>> + return Objects.equals(s1.getHashAlgorithm(), >>> s2.getHashAlgorithm()) >>> + && Objects.equals(s1.getCurve(), s2.getCurve()) >>> + && Objects.equals(s1.getB(), s2.getB()); >>> + } >>> + } >>> + >>> + public static PublicKey generateEDDSAPublicKey(byte[] seed) throws >>> GeneralSecurityException { >>> + if (!SecurityUtils.isEDDSACurveSupported()) { >>> + throw new NoSuchAlgorithmException(SecurityUtils.EDDSA + " >>> not supported"); >>> + } >>> + >>> + EdDSAParameterSpec params = EdDSANamedCurveTable.getByName >>> (EdDSANamedCurveTable.CURVE_ED25519_SHA512); >>> + EdDSAPublicKeySpec keySpec = new EdDSAPublicKeySpec(seed, >>> params); >>> + KeyFactory factory = SecurityUtils.getKeyFactory(Se >>> curityUtils.EDDSA); >>> + return factory.generatePublic(keySpec); >>> + } >>> + >>> + public static PrivateKey generateEDDSAPrivateKey(byte[] seed) >>> throws GeneralSecurityException { >>> + if (!SecurityUtils.isEDDSACurveSupported()) { >>> + throw new NoSuchAlgorithmException(SecurityUtils.EDDSA + " >>> not supported"); >>> + } >>> + >>> + EdDSAParameterSpec params = EdDSANamedCurveTable.getByName >>> (EdDSANamedCurveTable.CURVE_ED25519_SHA512); >>> + EdDSAPrivateKeySpec keySpec = new EdDSAPrivateKeySpec(seed, >>> params); >>> + KeyFactory factory = SecurityUtils.getKeyFactory(Se >>> curityUtils.EDDSA); >>> + return factory.generatePrivate(keySpec); >>> + } >>> + >>> + public static <B extends Buffer> B putRawEDDSAPublicKey(B buffer, >>> PublicKey key) { >>> + ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> + EdDSAPublicKey edKey = ValidateUtils.checkInstanceOf(key, >>> EdDSAPublicKey.class, "Not an EDDSA public key: %s", key); >>> + byte[] seed = Ed25519PublicKeyDecoder.getSeedValue(edKey); >>> + ValidateUtils.checkNotNull(seed, "No seed extracted from key: >>> %s", edKey.getA()); >>> + buffer.putString(KeyPairProvider.SSH_ED25519); >>> + buffer.putBytes(seed); >>> + return buffer; >>> + } >>> + >>> + public static <B extends Buffer> B putEDDSAKeyPair(B buffer, >>> PublicKey pubKey, PrivateKey prvKey) { >>> + ValidateUtils.checkTrue(SecurityUtils.isEDDSACurveSupported(), >>> SecurityUtils.EDDSA + " not supported"); >>> + ValidateUtils.checkInstanceOf(pubKey, EdDSAPublicKey.class, >>> "Not an EDDSA public key: %s", pubKey); >>> + ValidateUtils.checkInstanceOf(prvKey, EdDSAPrivateKey.class, >>> "Not an EDDSA private key: %s", prvKey); >>> + throw new UnsupportedOperationException("Full SSHD-440 >>> implementation N/A"); >>> + } >>> +} >>> \ No newline at end of file >>> >>> http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/cbb92d >>> 2a/sshd-core/src/main/java/org/apache/sshd/common/util/secur >>> ity/eddsa/OpenSSHEd25519PrivateKeyEntryDecoder.java >>> ---------------------------------------------------------------------- >>> diff --git a/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/OpenSSHEd25519PrivateKeyEntryDecoder.java >>> b/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/OpenSSHEd25519PrivateKeyEntryDecoder.java >>> index b05a4cc..e5ae0ac 100644 >>> --- a/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/OpenSSHEd25519PrivateKeyEntryDecoder.java >>> +++ b/sshd-core/src/main/java/org/apache/sshd/common/util/securi >>> ty/eddsa/OpenSSHEd25519PrivateKeyEntryDecoder.java >>> @@ -98,7 +98,7 @@ public class OpenSSHEd25519PrivateKeyEntryDecoder >>> extends AbstractPrivateKeyEntr >>> >>> @Override >>> public EdDSAPublicKey recoverPublicKey(EdDSAPrivateKey prvKey) >>> throws GeneralSecurityException { >>> - return EdDSASecurityProvider.recoverEDDSAPublicKey(prvKey); >>> + return EdDSASecurityProviderUtils.rec >>> overEDDSAPublicKey(prvKey); >>> } >>> >>> @Override >>> >>> http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/cbb92d >>> 2a/sshd-core/src/test/java/org/apache/sshd/common/signature/ >>> SignaturesDevelopment.java >>> ---------------------------------------------------------------------- >>> diff --git >>> a/sshd-core/src/test/java/org/apache/sshd/common/signature/SignaturesDevelopment.java >>> b/sshd-core/src/test/java/org/apache/sshd/common/signature/S >>> ignaturesDevelopment.java >>> index 6c4929a..180e997 100644 >>> --- a/sshd-core/src/test/java/org/apache/sshd/common/signature/S >>> ignaturesDevelopment.java >>> +++ b/sshd-core/src/test/java/org/apache/sshd/common/signature/S >>> ignaturesDevelopment.java >>> @@ -25,7 +25,7 @@ import java.security.PublicKey; >>> >>> import org.apache.sshd.common.util.GenericUtils; >>> import org.apache.sshd.common.util.buffer.BufferUtils; >>> -import org.apache.sshd.common.util.security.eddsa.EdDSASecurityProv >>> ider; >>> +import org.apache.sshd.common.util.security.eddsa.EdDSASecurityProv >>> iderUtils; >>> import org.apache.sshd.util.test.BaseTestSupport; >>> >>> /** >>> @@ -64,9 +64,9 @@ public class SignaturesDevelopment extends >>> BaseTestSupport { >>> SignatureFactory factory = BuiltinSignatures.resolveFacto >>> ry(args[0]); >>> // TODO recover public/private keys according to factory name >>> byte[] publicKey = BufferUtils.decodeHex(':', args[1]); >>> - PublicKey pubKey = EdDSASecurityProvider.generate >>> EDDSAPublicKey(publicKey); >>> + PublicKey pubKey = EdDSASecurityProviderUtils.gen >>> erateEDDSAPublicKey(publicKey); >>> byte[] privateKey = BufferUtils.decodeHex(':', args[2]); >>> - PrivateKey prvKey = EdDSASecurityProvider.generate >>> EDDSAPrivateKey(privateKey); >>> + PrivateKey prvKey = EdDSASecurityProviderUtils.gen >>> erateEDDSAPrivateKey(privateKey); >>> String op = args[3]; >>> byte[] data = BufferUtils.decodeHex(':', args[4]); >>> byte[] signature = GenericUtils.EMPTY_BYTE_ARRAY; >>> >>> http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/cbb92d >>> 2a/sshd-core/src/test/java/org/apache/sshd/common/util/secur >>> ity/eddsa/Ed25519VectorsTest.java >>> ---------------------------------------------------------------------- >>> diff --git a/sshd-core/src/test/java/org/apache/sshd/common/util/securi >>> ty/eddsa/Ed25519VectorsTest.java b/sshd-core/src/test/java/org/ >>> apache/sshd/common/util/security/eddsa/Ed25519VectorsTest.java >>> index fab3294..b58aad3 100644 >>> --- a/sshd-core/src/test/java/org/apache/sshd/common/util/securi >>> ty/eddsa/Ed25519VectorsTest.java >>> +++ b/sshd-core/src/test/java/org/apache/sshd/common/util/securi >>> ty/eddsa/Ed25519VectorsTest.java >>> @@ -60,9 +60,9 @@ public class Ed25519VectorsTest extends >>> BaseTestSupport { >>> public Ed25519VectorsTest(String name, String prvKey, String >>> pubKey, String msg, String signature) >>> throws GeneralSecurityException { >>> prvBytes = BufferUtils.decodeHex(BufferUtils.EMPTY_HEX_SEPARATOR, >>> prvKey); >>> - privateKey = EdDSASecurityProvider.generate >>> EDDSAPrivateKey(prvBytes.clone()); >>> + privateKey = EdDSASecurityProviderUtils.gen >>> erateEDDSAPrivateKey(prvBytes.clone()); >>> pubBytes = BufferUtils.decodeHex(BufferUtils.EMPTY_HEX_SEPARATOR, >>> pubKey); >>> - publicKey = EdDSASecurityProvider.generate >>> EDDSAPublicKey(pubBytes.clone()); >>> + publicKey = EdDSASecurityProviderUtils.gen >>> erateEDDSAPublicKey(pubBytes.clone()); >>> msgBytes = BufferUtils.decodeHex(BufferUtils.EMPTY_HEX_SEPARATOR, >>> msg); >>> expSignature = >>> BufferUtils.decodeHex(BufferUtils.EMPTY_HEX_SEPARATOR, >>> signature); >>> } >>> @@ -200,14 +200,14 @@ public class Ed25519VectorsTest extends >>> BaseTestSupport { >>> >>> @Test >>> public void testSignature() throws Exception { >>> - Signature signer = EdDSASecurityProvider.getEDDSASignature(); >>> + Signature signer = EdDSASecurityProviderUtils.get >>> EDDSASignature(); >>> signer.initSigner(privateKey); >>> signer.update(msgBytes.clone()); >>> >>> byte[] actSignature = signer.sign(); >>> assertArrayEquals("Mismatched signature", expSignature, >>> actSignature); >>> >>> - Signature verifier = EdDSASecurityProvider.getEDDSASignature(); >>> + Signature verifier = EdDSASecurityProviderUtils.get >>> EDDSASignature(); >>> verifier.initVerifier(publicKey); >>> verifier.update(msgBytes.clone()); >>> assertTrue("Verification failed", verifier.verify(expSignature)) >>> ; >>> @@ -222,14 +222,14 @@ public class Ed25519VectorsTest extends >>> BaseTestSupport { >>> System.arraycopy(msgBytes, 0, dataBuf, offset, msgBytes.length); >>> System.arraycopy(extraData, offset, dataBuf, offset + >>> msgBytes.length, extraData.length - offset); >>> >>> - Signature signer = EdDSASecurityProvider.getEDDSASignature(); >>> + Signature signer = EdDSASecurityProviderUtils.get >>> EDDSASignature(); >>> signer.initSigner(privateKey); >>> signer.update(dataBuf.clone(), offset, msgBytes.length); >>> >>> byte[] actSignature = signer.sign(); >>> assertArrayEquals("Mismatched signature", expSignature, >>> actSignature); >>> >>> - Signature verifier = EdDSASecurityProvider.getEDDSASignature(); >>> + Signature verifier = EdDSASecurityProviderUtils.get >>> EDDSASignature(); >>> verifier.initVerifier(publicKey); >>> verifier.update(dataBuf.clone(), offset, msgBytes.length); >>> assertTrue("Verification failed", verifier.verify(expSignature)) >>> ; >>> >>> http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/cbb92d >>> 2a/sshd-core/src/test/java/org/apache/sshd/common/util/secur >>> ity/eddsa/EdDSASecurityProviderRegistrarTest.java >>> ---------------------------------------------------------------------- >>> diff --git a/sshd-core/src/test/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderRegistrarTest.java >>> b/sshd-core/src/test/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderRegistrarTest.java >>> index 9e12fab..f2c1f3f 100644 >>> --- a/sshd-core/src/test/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderRegistrarTest.java >>> +++ b/sshd-core/src/test/java/org/apache/sshd/common/util/securi >>> ty/eddsa/EdDSASecurityProviderRegistrarTest.java >>> @@ -26,6 +26,8 @@ import java.util.Arrays; >>> import java.util.Collection; >>> import java.util.HashSet; >>> >>> +import net.i2p.crypto.eddsa.EdDSASecurityProvider; >>> + >>> import org.apache.sshd.common.util.security.SecurityProviderRegistrar; >>> import org.apache.sshd.common.util.security.SecurityProviderRegistr >>> arTestSupport; >>> import org.apache.sshd.common.util.security.SecurityUtils; >>> >>> >> >> >> -- >> ------------------------ >> Guillaume Nodet >> >> -- ------------------------ Guillaume Nodet
