X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms.ssh%2Fsrc%2Forg%2Fargeo%2Fcms%2Fssh%2FSshKeyPair.java;h=f5cbb04501498c725794edcce32f173ed79e4a87;hb=dbb84b4ec2d313ec0724d035c32f482ac57974c5;hp=ed1818d407bca0838b0658f24212c1a0b59f219a;hpb=5cbd7544d8243c7f0f0f5c1a78daac979aee20e4;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms.ssh/src/org/argeo/cms/ssh/SshKeyPair.java b/org.argeo.cms.ssh/src/org/argeo/cms/ssh/SshKeyPair.java
index ed1818d40..f5cbb0450 100644
--- a/org.argeo.cms.ssh/src/org/argeo/cms/ssh/SshKeyPair.java
+++ b/org.argeo.cms.ssh/src/org/argeo/cms/ssh/SshKeyPair.java
@@ -20,9 +20,12 @@ import java.security.spec.RSAPublicKeySpec;
 import org.apache.sshd.common.config.keys.KeyUtils;
 import org.apache.sshd.common.config.keys.PublicKeyEntry;
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import org.bouncycastle.openssl.PEMDecryptorProvider;
+import org.bouncycastle.openssl.PEMEncryptedKeyPair;
 import org.bouncycastle.openssl.PEMKeyPair;
 import org.bouncycastle.openssl.PEMParser;
 import org.bouncycastle.openssl.PKCS8Generator;
+import org.bouncycastle.openssl.bc.BcPEMDecryptorProvider;
 import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
 import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
 import org.bouncycastle.openssl.jcajce.JcaPKCS8Generator;
@@ -125,12 +128,32 @@ public class SshKeyPair {
 		}
 	}
 
+	public static SshKeyPair loadDefault(char[] password) {
+		Path privateKeyPath = Paths.get(System.getProperty("user.home") + "/.ssh/id_rsa");
+		// TODO try other formats
+		return load(privateKeyPath, password);
+	}
+
+	public static SshKeyPair load(Path privateKeyPath, char[] password) {
+		try (Reader reader = Files.newBufferedReader(privateKeyPath)) {
+			return load(reader, password);
+		} catch (IOException e) {
+			throw new IllegalStateException("Cannot load private key from " + privateKeyPath, e);
+		}
+
+	}
+
 	public static SshKeyPair load(Reader reader, char[] password) {
 		try (PEMParser pemParser = new PEMParser(reader)) {
 			Object object = pemParser.readObject();
 			JcaPEMKeyConverter converter = new JcaPEMKeyConverter();// .setProvider("BC");
 			KeyPair kp;
-			if (object instanceof PKCS8EncryptedPrivateKeyInfo) {
+			if (object instanceof PEMEncryptedKeyPair) {
+				PEMEncryptedKeyPair ekp = (PEMEncryptedKeyPair) object;
+				PEMDecryptorProvider decryptorProvider = new BcPEMDecryptorProvider(password);
+				PEMKeyPair pemKp = ekp.decryptKeyPair(decryptorProvider);
+				kp = converter.getKeyPair(pemKp);
+			} else if (object instanceof PKCS8EncryptedPrivateKeyInfo) {
 				// Encrypted key - we will use provided password
 				PKCS8EncryptedPrivateKeyInfo ckp = (PKCS8EncryptedPrivateKeyInfo) object;
 //				PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(password);