Refactored PKCS8 and PEM key parsing to reduce use of Bouncy Castle (#989)

- Replaced Bouncy Castle PKCS8 parsing with Java Security components and hierynomus ASN.1
- Added PEMKeyReader with separate implementation for historical OpenSSL password-based encryption using Bouncy Castle components
- Added class-based detection of support for historical encryption for optional use of Bouncy Castle components

Co-authored-by: Jeroen van Erp <[email protected]>

Author: exceptionfactory

src/main/java/com/hierynomus/sshj/common/KeyDecryptionFailedException.java

@@ -26,8 +26,12 @@ public class KeyDecryptionFailedException extends IOException {
 
     public static final String MESSAGE = "Decryption of the key failed. A supplied passphrase may be incorrect.";
 
-    public KeyDecryptionFailedException() {
-        super(MESSAGE);
+    public KeyDecryptionFailedException(final String message) {
+        super(message);
+    }
+
+    public KeyDecryptionFailedException(final String message, final Throwable cause) {
+        super(message, cause);
     }
 
     public KeyDecryptionFailedException(IOException cause) {

src/main/java/net/schmizz/sshj/userauth/keyprovider/EncryptedPEMKeyReader.java

@@ -0,0 +1,149 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package net.schmizz.sshj.userauth.keyprovider;
+
+import com.hierynomus.sshj.common.KeyDecryptionFailedException;
+import net.schmizz.sshj.userauth.password.PasswordFinder;
+import net.schmizz.sshj.userauth.password.PasswordUtils;
+import net.schmizz.sshj.userauth.password.Resource;
+import org.bouncycastle.openssl.PEMDecryptor;
+import org.bouncycastle.openssl.PEMDecryptorProvider;
+import org.bouncycastle.openssl.PEMException;
+import org.bouncycastle.openssl.bc.BcPEMDecryptorProvider;
+import org.bouncycastle.operator.OperatorCreationException;
+import org.bouncycastle.util.encoders.Hex;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.util.List;
+import java.util.Objects;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+/**
+ * PEM Key Reader implementation supporting historical password-based encryption from OpenSSL EVP_BytesToKey
+ */
+class EncryptedPEMKeyReader extends StandardPEMKeyReader {
+    private static final String PROC_TYPE_ENCRYPTED_HEADER = "Proc-Type: 4,ENCRYPTED";
+
+    private static final Pattern DEK_INFO_PATTERN = Pattern.compile("^DEK-Info: ([A-Z0-9\\-]+),([A-F0-9]{16,32})$");
+
+    private static final int DEK_INFO_ALGORITHM_GROUP = 1;
+
+    private static final int DEK_INFO_IV_GROUP = 2;
+
+    private final PasswordFinder passwordFinder;
+
+    private final Resource<?> resource;
+
+    EncryptedPEMKeyReader(final PasswordFinder passwordFinder, final Resource<?> resource) {
+        this.passwordFinder = Objects.requireNonNull(passwordFinder, "Password Finder required");
+        this.resource = Objects.requireNonNull(resource, "Resource required");
+    }
+
+    @Override
+    public PEMKey readPemKey(final BufferedReader bufferedReader) throws IOException {
+        final PEMKey pemKey = super.readPemKey(bufferedReader);
+        final List<String> headers = pemKey.getHeaders();
+
+        final PEMKey processedPemKey;
+        if (isEncrypted(headers)) {
+            processedPemKey = readEncryptedPemKey(pemKey);
+        } else {
+            processedPemKey = pemKey;
+        }
+
+        return processedPemKey;
+    }
+
+    private boolean isEncrypted(final List<String> headers) {
+        return headers.contains(PROC_TYPE_ENCRYPTED_HEADER);
+    }
+
+    private PEMKey readEncryptedPemKey(final PEMKey pemKey) throws IOException {
+        final List<String> headers = pemKey.getHeaders();
+        final DataEncryptionKeyInfo dataEncryptionKeyInfo = getDataEncryptionKeyInfo(headers);
+        final byte[] pemKeyBody = pemKey.getBody();
+
+        byte[] decryptedPemKeyBody = null;
+        char[] password = passwordFinder.reqPassword(resource);
+        while (password != null) {
+            try {
+                decryptedPemKeyBody = getDecryptedPemKeyBody(password, pemKeyBody, dataEncryptionKeyInfo);
+                break;
+            } catch (final KeyDecryptionFailedException e) {
+                if (passwordFinder.shouldRetry(resource)) {
+                    password = passwordFinder.reqPassword(resource);
+                } else {
+                    throw e;
+                }
+            }
+        }
+
+        if (decryptedPemKeyBody == null) {
+            throw new KeyDecryptionFailedException("PEM Key password-based decryption failed");
+        }
+
+        return new PEMKey(pemKey.getPemKeyType(), headers, decryptedPemKeyBody);
+    }
+
+    private byte[] getDecryptedPemKeyBody(final char[] password, final byte[] pemKeyBody, final DataEncryptionKeyInfo dataEncryptionKeyInfo) throws IOException {
+        final String algorithm = dataEncryptionKeyInfo.algorithm;
+        try {
+            final PEMDecryptorProvider pemDecryptorProvider = new BcPEMDecryptorProvider(password);
+            final PEMDecryptor pemDecryptor = pemDecryptorProvider.get(algorithm);
+            final byte[] initializationVector = dataEncryptionKeyInfo.initializationVector;
+            return pemDecryptor.decrypt(pemKeyBody, initializationVector);
+        } catch (final OperatorCreationException e) {
+            throw new IOException(String.format("PEM decryption support not found for algorithm [%s]", algorithm), e);
+        } catch (final PEMException e) {
+            throw new KeyDecryptionFailedException(String.format("PEM Key decryption failed for algorithm [%s]", algorithm), e);
+        } finally {
+            PasswordUtils.blankOut(password);
+        }
+    }
+
+    private DataEncryptionKeyInfo getDataEncryptionKeyInfo(final List<String> headers) throws IOException {
+        DataEncryptionKeyInfo dataEncryptionKeyInfo = null;
+
+        for (final String header : headers) {
+            final Matcher matcher = DEK_INFO_PATTERN.matcher(header);
+            if (matcher.matches()) {
+                final String algorithm = matcher.group(DEK_INFO_ALGORITHM_GROUP);
+                final String initializationVectorGroup = matcher.group(DEK_INFO_IV_GROUP);
+                final byte[] initializationVector = Hex.decode(initializationVectorGroup);
+                dataEncryptionKeyInfo = new DataEncryptionKeyInfo(algorithm, initializationVector);
+            }
+        }
+
+        if (dataEncryptionKeyInfo == null) {
+            throw new IOException("Data Encryption Key Information header [DEK-Info] not found");
+        }
+
+        return dataEncryptionKeyInfo;
+    }
+
+    private static class DataEncryptionKeyInfo {
+        private final String algorithm;
+
+        private final byte[] initializationVector;
+
+        private DataEncryptionKeyInfo(final String algorithm, final byte[] initializationVector) {
+            this.algorithm = algorithm;
+            this.initializationVector = initializationVector;
+        }
+    }
+}

src/main/java/net/schmizz/sshj/userauth/keyprovider/PEMKey.java

@@ -0,0 +1,75 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package net.schmizz.sshj.userauth.keyprovider;
+
+import java.util.List;
+import java.util.Objects;
+
+/**
+ * PEM Key container with identified Key Type and decoded body
+ */
+public class PEMKey {
+    private final PEMKeyType pemKeyType;
+
+    private final List<String> headers;
+
+    private final byte[] body;
+
+    PEMKey(final PEMKeyType pemKeyType, final List<String> headers, final byte[] body) {
+        this.pemKeyType = Objects.requireNonNull(pemKeyType, "PEM Key Type required");
+        this.headers = Objects.requireNonNull(headers, "Headers required");
+        this.body = Objects.requireNonNull(body, "Body required");
+    }
+
+    PEMKeyType getPemKeyType() {
+        return pemKeyType;
+    }
+
+    List<String> getHeaders() {
+        return headers;
+    }
+
+    byte[] getBody() {
+        return body.clone();
+    }
+
+    public enum PEMKeyType {
+        /** RFC 3279 Section 2.3.2 */
+        DSA("-----BEGIN DSA PRIVATE KEY-----"),
+
+        /** RFC 5915 Section 3 */
+        EC("-----BEGIN EC PRIVATE KEY-----"),
+
+        /** RFC 8017 Appendix 1.2 */
+        RSA("-----BEGIN RSA PRIVATE KEY-----"),
+
+        /** RFC 5208 Section 5 */
+        PKCS8("-----BEGIN PRIVATE KEY-----"),
+
+        /** RFC 5208 Section 6 */
+        PKCS8_ENCRYPTED("-----BEGIN ENCRYPTED PRIVATE KEY-----");
+
+        private final String header;
+
+        PEMKeyType(final String header) {
+            this.header = header;
+        }
+
+        String getHeader() {
+            return header;
+        }
+    }
+}

src/main/java/net/schmizz/sshj/userauth/keyprovider/pkcs/KeyPairConverter.java renamed to src/main/java/net/schmizz/sshj/userauth/keyprovider/PEMKeyReader.java

@@ -13,23 +13,21 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package net.schmizz.sshj.userauth.keyprovider.pkcs;
-
-import org.bouncycastle.openssl.PEMKeyPair;
+package net.schmizz.sshj.userauth.keyprovider;
 
+import java.io.BufferedReader;
 import java.io.IOException;
 
 /**
- * Converter from typed object to PEM Key Pair
- * @param <T> Object Type
+ * Abstraction for parsing and returning PEM Keys
  */
-public interface KeyPairConverter<T> {
+interface PEMKeyReader {
     /**
-     * Get PEM Key Pair from typed object
+     * Read PEM Key from buffered reader
      *
-     * @param object Typed Object
-     * @return PEM Key Pair
-     * @throws IOException Thrown on conversion failures
+     * @param bufferedReader Buffered Reader containing lines from resource reader
+     * @return PEM Key
+     * @throws IOException Thrown on failure to read PEM Key from resources
      */
-    PEMKeyPair getKeyPair(T object) throws IOException;
+    PEMKey readPemKey(BufferedReader bufferedReader) throws IOException;
 }