@Override public String call() throws Exception { KeyPair kp = SshKeyGen.generateKeyPair(); return SshKeyGen.toPEM(kp); } });
@Override public String call() throws Exception { X509Certificate cert = SshKeyGen.createRootCACert(kp); return SshKeyGen.toPEM(cert); } });
public static String[] generateKeys() throws Exception { KeyPair pair = generateKeyPair(); String publicString = sshRsaTextFormat((RSAPublicKey) pair.getPublic()); return new String[] { publicString, toPEM(pair) }; }
public String getPublicKey() { for (Map.Entry<String, PublicKey> entry : keyProvider.getPublicKeys().entrySet()) { try { return SshKeyGen.writePublicKey(entry.getValue()); } catch (Exception e) { log.error("getPublicKey: Failed to write PEM", e); } } return null; }
public String getPrivateKey() { RSAPrivateKeyHolder keyHolder = keyProvider.getPrivateKey(); if(keyHolder == null) { return null; } try { return SshKeyGen.toPEM(keyProvider.getPrivateKey().getKey()); } catch (Exception e) { log.error("getPrivateKey: Failed to write PEM", e); return null; } }
@Override public CertSet generateCertificate(String subject, String... sans) throws Exception { KeyPair caKp = getKeyPair(); X509Certificate caCert = getCACertificate(); KeyPair clientKp = SshKeyGen.generateKeyPair(); X509Certificate clientCert = SshKeyGen.generateClientCert(subject, clientKp.getPublic(), caKp.getPrivate(), caCert, sans); CertSet result = new CertSet(caCert, clientCert, clientKp.getPrivate()); return result; }
public static KeyPair generateKeyPair() throws Exception { return generateKeyPair(2048); }
@Override public X509Certificate getCACertificate() { final KeyPair kp = getKeyPair(); String encoded = dataDao.getOrCreate(CERT, false, new Callable<String>() { @Override public String call() throws Exception { X509Certificate cert = SshKeyGen.createRootCACert(kp); return SshKeyGen.toPEM(cert); } }); try { return SshKeyGen.readCACert(encoded); } catch (Exception e) { ExceptionUtils.throwRuntime("Failed to CA cert from PEM", e); /* Won't hit next line */ return null; } }
@Override public HandlerResult handle(ProcessState state, ProcessInstance process) { Credential cred = (Credential) state.getResource(); if (!CredentialConstants.KIND_SSH_KEY.equals(cred.getKind())) { return null; } if (cred.getPublicValue() != null) { return new HandlerResult(CREDENTIAL.PUBLIC_VALUE, cred.getPublicValue(), CREDENTIAL.SECRET_VALUE, cred.getSecretValue()); } String[] key; try { key = SshKeyGen.generateKeys(); } catch (Exception e) { throw new RuntimeException("Failed to generate ssh key", e); } return new HandlerResult(CREDENTIAL.PUBLIC_VALUE, key[0], CREDENTIAL.SECRET_VALUE, key[1]); }
public String getPublicKey() { for (Map.Entry<String, PublicKey> entry : keyProvider.getPublicKeys().entrySet()) { try { return SshKeyGen.writePublicKey(entry.getValue()); } catch (Exception e) { log.error("getPublicKey: Failed to write PEM", e); } } return null; }
public String getPrivateKey() { RSAPrivateKeyHolder keyHolder = keyProvider.getPrivateKey(); if(keyHolder == null) { return null; } try { return SshKeyGen.toPEM(keyProvider.getPrivateKey().getKey()); } catch (Exception e) { log.error("getPrivateKey: Failed to write PEM", e); return null; } }
protected Map<String, String> getKeys() { Map<String, String> result = new TreeMap<>(); for (Map.Entry<String, PublicKey> entry : hostApiService.getPublicKeys().entrySet()) { String key = entry.getKey(); String pem; try { pem = SshKeyGen.writePublicKey(entry.getValue()); result.put("key_" + key, pem); } catch (Exception e) { log.error("Failed to write PEM", e); } } return result; }
@Override public String decrypt(long accountId, String value) throws Exception { RSAPrivateKeyHolder holder = rsaKeyProvider.getPrivateKey(); PublicKey publicKey = rsaKeyProvider.getPublicKeys().get(holder.getKeyId()); String encoded = SshKeyGen.toPEM(publicKey); Map<String, Object> input = jsonMapper.readValue(value); input.put("rewrapKey", encoded); String encrypted = Request.Post(SECRETS_URL.get() + REWRAP) .bodyString(jsonMapper.writeValueAsString(input), ContentType.APPLICATION_JSON) .execute().handleResponse(new ResponseHandler<String>() { @Override public String handleResponse(HttpResponse response) throws ClientProtocolException, IOException { int statusCode = response.getStatusLine().getStatusCode(); if (statusCode >= 300) { throw new IOException("Failed to rewrap secret :" + response.getStatusLine().getReasonPhrase()); } return IOUtils.toString(response.getEntity().getContent()); } }); return unwrap(holder.getKey(), encrypted); }
@Override public boolean handle(ApiRequest request) throws IOException { String id = request.getId(); if (!FILENAME.equals(id)) { return false; } String pem = null; for (Map.Entry<String, PublicKey> entry : hostApiService.getPublicKeys().entrySet()) { try { pem = SshKeyGen.writePublicKey(entry.getValue()); break; } catch (Exception e) { log.error("Failed to write PEM", e); } } if (pem == null) { return false; } byte[] content = pem.getBytes("UTF-8"); HttpServletResponse response = request.getServletContext().getResponse(); response.getOutputStream().write(pem.getBytes("UTF-8")); response.setContentLength(content.length); response.setContentType("application/octet-stream"); response.setHeader("Content-Disposition", "attachment; filename=" + FILENAME); response.setHeader("Cache-Control", "private"); response.setHeader("Pragma", "private"); response.setHeader("Expires", "Wed 24 Feb 1982 18:42:00 GMT"); response.getOutputStream().write(content); return true; }