Package org.apache.sshd.openpgp
Class PGPPublicRingWatcher
java.lang.Object
org.apache.sshd.common.util.logging.AbstractLoggingBean
org.apache.sshd.common.util.io.ModifiableFileWatcher
org.apache.sshd.openpgp.PGPPublicRingWatcher
- All Implemented Interfaces:
PublicKeyEntryResolver,PGPAuthorizedKeyEntriesLoader,PGPPublicKeyExtractor
public class PGPPublicRingWatcher
extends ModifiableFileWatcher
implements PGPAuthorizedKeyEntriesLoader
TODO Add javadoc
- Author:
- Apache MINA SSHD Project
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final StringV1 and V2 known public ring file names in order of preferenceprotected final AtomicReference<NavigableMap<String, PublicKey>> Fields inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
options, STRICTLY_PROHIBITED_FILE_PERMISSIONFields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
logFields inherited from interface org.apache.sshd.common.config.keys.PublicKeyEntryResolver
FAILING, IGNORING, UNSUPPORTED -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic Pathstatic PathChecks if either the "pubring.gpg" or "pubring.kbx" exist as a regular file and can be read.<K extends PublicKey>
KgeneratePublicKey(String algorithm, Class<K> keyType, KeySpec keySpec) protected KeyFactorygetKeyFactory(String algorithm) protected PublicKeyhandleDuplicateKeyFingerprint(SessionContext session, NamedResource resourceKey, String fingerprint, org.c02e.jpgpj.Subkey subKey, PublicKey k1, PublicKey k2) /** Invoked if duplicate public keys found for the same fingerprintprotected PublicKeyhandlePublicKeyExtractionError(SessionContext session, NamedResource resourceKey, String fingerprint, org.c02e.jpgpj.Subkey subKey, Throwable reason) Invoked if failed to extract aPublicKeyfrom a givenSubkeyloadMatchingKeyFingerprints(SessionContext session, Collection<String> fingerprints) protected NavigableMap<String, PublicKey> reloadRingKeys(SessionContext session, NamedResource resourceKey, Collection<org.c02e.jpgpj.Key> keys) protected NavigableMap<String, PublicKey> reloadRingKeys(SessionContext session, NamedResource resourceKey, org.c02e.jpgpj.Ring ring) protected NavigableMap<String, PublicKey> reloadRingKeys(SessionContext session, IoResource<?> resourceKey) protected NavigableMap<String, PublicKey> resolveRingKeys(SessionContext session) Methods inherited from class org.apache.sshd.common.util.io.ModifiableFileWatcher
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissionsMethods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warnMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface org.apache.sshd.openpgp.PGPAuthorizedKeyEntriesLoader
loadMatchingAuthorizedEntries, resolve, resolveAuthorizedEntriesMethods inherited from interface org.apache.sshd.openpgp.PGPPublicKeyExtractor
extractDSSPublicKey, extractECDSAPublicKey, extractECPublicKey, extractEdDSAPublicKey, extractPublicKey, extractRSAPublicKey
-
Field Details
-
GPG_V1_PUBLIC_RING_FILENAME
- See Also:
-
GPG_V2_PUBLIC_RING_FILENAME
- See Also:
-
PUBLIC_RING_FILES
V1 and V2 known public ring file names in order of preference -
ringKeys
-
-
Constructor Details
-
PGPPublicRingWatcher
-
-
Method Details
-
loadMatchingKeyFingerprints
public List<PublicKey> loadMatchingKeyFingerprints(SessionContext session, Collection<String> fingerprints) throws IOException, GeneralSecurityException, org.bouncycastle.openpgp.PGPException - Specified by:
loadMatchingKeyFingerprintsin interfacePGPAuthorizedKeyEntriesLoader- Throws:
IOExceptionGeneralSecurityExceptionorg.bouncycastle.openpgp.PGPException
-
resolveRingKeys
protected NavigableMap<String,PublicKey> resolveRingKeys(SessionContext session) throws IOException, GeneralSecurityException, org.bouncycastle.openpgp.PGPException - Throws:
IOExceptionGeneralSecurityExceptionorg.bouncycastle.openpgp.PGPException
-
reloadRingKeys
protected NavigableMap<String,PublicKey> reloadRingKeys(SessionContext session, IoResource<?> resourceKey) throws IOException, GeneralSecurityException, org.bouncycastle.openpgp.PGPException - Throws:
IOExceptionGeneralSecurityExceptionorg.bouncycastle.openpgp.PGPException
-
reloadRingKeys
protected NavigableMap<String,PublicKey> reloadRingKeys(SessionContext session, NamedResource resourceKey, org.c02e.jpgpj.Ring ring) throws IOException, GeneralSecurityException, org.bouncycastle.openpgp.PGPException - Throws:
IOExceptionGeneralSecurityExceptionorg.bouncycastle.openpgp.PGPException
-
reloadRingKeys
protected NavigableMap<String,PublicKey> reloadRingKeys(SessionContext session, NamedResource resourceKey, Collection<org.c02e.jpgpj.Key> keys) throws IOException, GeneralSecurityException, org.bouncycastle.openpgp.PGPException - Throws:
IOExceptionGeneralSecurityExceptionorg.bouncycastle.openpgp.PGPException
-
handlePublicKeyExtractionError
protected PublicKey handlePublicKeyExtractionError(SessionContext session, NamedResource resourceKey, String fingerprint, org.c02e.jpgpj.Subkey subKey, Throwable reason) throws IOException, GeneralSecurityException, org.bouncycastle.openpgp.PGPException Invoked if failed to extract aPublicKeyfrom a givenSubkey- Parameters:
session- TheSessionContextof the invocation - may benullif no session context available (e.g., offline tool invocation)resourceKey- A key representing the resource from which the key data was readfingerprint- The fingerprint valuesubKey- TheSubkeythat contains the failed public keyreason- The reason for the failure- Returns:
- The effective key to use - if
null(default behavior) then sub-key is skipped - Throws:
IOException- If failed to process some internal data streamGeneralSecurityException- If failed to generate a surrogate keyorg.bouncycastle.openpgp.PGPException- If failed to convert PGP key to Java one
-
handleDuplicateKeyFingerprint
protected PublicKey handleDuplicateKeyFingerprint(SessionContext session, NamedResource resourceKey, String fingerprint, org.c02e.jpgpj.Subkey subKey, PublicKey k1, PublicKey k2) throws IOException, GeneralSecurityException, org.bouncycastle.openpgp.PGPException /** Invoked if duplicate public keys found for the same fingerprint- Parameters:
session- TheSessionContextof the invocation - may benullif no session context available (e.g., offline tool invocation)resourceKey- A key representing the resource from which the key data was readfingerprint- The duplicate fingerprintsubKey- TheSubkeyfrom which the duplicate originatedk1- The originalPublicKeyassociated with this fingerprintk2- The replacingPublicKeyassociated for same fingerprint- Returns:
- The effective key to use (default=the replacing one) - if
nullthen associated for the specified fingerprint is nullified - Throws:
IOException- If failed to process some internal data streamGeneralSecurityException- If failed to generate a surrogate keyorg.bouncycastle.openpgp.PGPException- If failed to convert PGP key to Java one
-
generatePublicKey
public <K extends PublicKey> K generatePublicKey(String algorithm, Class<K> keyType, KeySpec keySpec) throws GeneralSecurityException - Specified by:
generatePublicKeyin interfacePGPPublicKeyExtractor- Throws:
GeneralSecurityException
-
getKeyFactory
- Throws:
GeneralSecurityException
-
detectDefaultPublicRingFilePath
-
detectDefaultPublicRingFilePath
Checks if either the "pubring.gpg" or "pubring.kbx" exist as a regular file and can be read. Note: it attempts the V2 file first.- Parameters:
dir- The directory to look into- Returns:
- The resolved
Path-nullif none of the files exists.
-