From 5a5d85a4a3407df5f9693ab36287e72726c512f6 Mon Sep 17 00:00:00 2001 From: Thomas Wolf Date: Sun, 26 Apr 2020 16:43:28 +0200 Subject: [PATCH] In-memory SSH keys for the "no files" sshd tests Avoid using a key written to a file. This makes it clearer that the test does not rely on files being present. Change-Id: I31cf4f404aab5b891c32fc4bda906b7f8fe03777 Signed-off-by: Thomas Wolf --- .../jgit/junit/ssh/SshTestGitServer.java | 37 ++++++++++++++++--- .../transport/sshd/NoFilesSshBuilderTest.java | 31 +++++----------- .../jgit/transport/sshd/NoFilesSshTest.java | 33 ++++++----------- 3 files changed, 52 insertions(+), 49 deletions(-) diff --git a/org.eclipse.jgit.junit.ssh/src/org/eclipse/jgit/junit/ssh/SshTestGitServer.java b/org.eclipse.jgit.junit.ssh/src/org/eclipse/jgit/junit/ssh/SshTestGitServer.java index 883ff0b8b..03e285582 100644 --- a/org.eclipse.jgit.junit.ssh/src/org/eclipse/jgit/junit/ssh/SshTestGitServer.java +++ b/org.eclipse.jgit.junit.ssh/src/org/eclipse/jgit/junit/ssh/SshTestGitServer.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018, Thomas Wolf and others + * Copyright (C) 2018, 2020 Thomas Wolf and others * * This program and the accompanying materials are made available under the * terms of the Eclipse Distribution License v. 1.0 which is available at @@ -252,11 +252,24 @@ public class SshTestGitServer { .loadKeyPairIdentities(null, NamedResource.ofName(key.toString()), in, null) .iterator().next(); - if (inFront) { - hostKeys.add(0, pair); - } else { - hostKeys.add(pair); - } + addHostKey(pair, inFront); + } + } + + /** + * Adds an additional host key to the server. + * + * @param key + * {@link KeyPair} to add + * @param inFront + * whether to add the new key before other existing keys + * @since 5.8 + */ + public void addHostKey(@NonNull KeyPair key, boolean inFront) { + if (inFront) { + hostKeys.add(0, key); + } else { + hostKeys.add(key); } } @@ -322,6 +335,18 @@ public class SshTestGitServer { .resolvePublicKey(null, PublicKeyEntryResolver.IGNORING); } + /** + * Sets the test user's public key on the server. + * + * @param key + * to set + * + * @since 5.8 + */ + public void setTestUserPublicKey(@NonNull PublicKey key) { + this.testKey = key; + } + /** * Sets the lines the server sends before its server identification in the * initial protocol version exchange. diff --git a/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/NoFilesSshBuilderTest.java b/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/NoFilesSshBuilderTest.java index 04208fef3..e35f45690 100644 --- a/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/NoFilesSshBuilderTest.java +++ b/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/NoFilesSshBuilderTest.java @@ -10,29 +10,25 @@ package org.eclipse.jgit.transport.sshd; import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertTrue; import java.io.File; import java.io.IOException; -import java.io.InputStream; import java.io.UncheckedIOException; import java.net.InetSocketAddress; import java.nio.file.Files; -import java.nio.file.Path; import java.security.GeneralSecurityException; import java.security.KeyPair; +import java.security.KeyPairGenerator; import java.security.PublicKey; import java.util.Arrays; import java.util.Collections; import java.util.Iterator; import java.util.List; -import org.apache.sshd.common.NamedResource; import org.apache.sshd.common.config.keys.KeyUtils; import org.apache.sshd.common.keyprovider.KeyIdentityProvider; import org.apache.sshd.common.session.SessionContext; import org.apache.sshd.common.util.net.SshdSocketAddress; -import org.apache.sshd.common.util.security.SecurityUtils; import org.eclipse.jgit.lib.Constants; import org.eclipse.jgit.transport.CredentialsProvider; import org.eclipse.jgit.transport.SshSessionFactory; @@ -130,27 +126,20 @@ public class NoFilesSshBuilderTest extends SshTestHarness { } } - private KeyPair load(Path path) throws Exception { - try (InputStream in = Files.newInputStream(path)) { - return SecurityUtils - .loadKeyPairIdentities(null, - NamedResource.ofName(path.toString()), in, null) - .iterator().next(); - } - } - @Test public void testCloneWithBuiltInKeys() throws Exception { // This test should fail unless our in-memory setup is taken: no - // known_hosts file, and a config that specifies a non-existing key. - File newHostKey = new File(getTemporaryDirectory(), "newhostkey"); - copyTestResource("id_ed25519", newHostKey); - server.addHostKey(newHostKey.toPath(), true); - testServerKey = load(newHostKey.toPath()).getPublic(); - assertTrue(newHostKey.delete()); - testUserKey = load(privateKey1.getAbsoluteFile().toPath()); + // known_hosts file, a config that specifies a non-existing key, + // and the test is using a newly generated KeyPairs anyway. + KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA"); + generator.initialize(2048); + testUserKey = generator.generateKeyPair(); + KeyPair hostKey = generator.generateKeyPair(); + server.addHostKey(hostKey, true); + testServerKey = hostKey.getPublic(); assertNotNull(testServerKey); assertNotNull(testUserKey); + server.setTestUserPublicKey(testUserKey.getPublic()); cloneWith( "ssh://" + TEST_USER + "@localhost:" + testPort + "/doesntmatter", diff --git a/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/NoFilesSshTest.java b/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/NoFilesSshTest.java index fa026a5c0..d9352051a 100644 --- a/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/NoFilesSshTest.java +++ b/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/NoFilesSshTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019 Thomas Wolf and others + * Copyright (C) 2019, 2020 Thomas Wolf and others * * This program and the accompanying materials are made available under the * terms of the Eclipse Distribution License v. 1.0 which is available at @@ -10,29 +10,25 @@ package org.eclipse.jgit.transport.sshd; import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertTrue; import java.io.File; import java.io.IOException; -import java.io.InputStream; import java.io.UncheckedIOException; import java.net.InetSocketAddress; import java.nio.file.Files; -import java.nio.file.Path; import java.security.GeneralSecurityException; import java.security.KeyPair; +import java.security.KeyPairGenerator; import java.security.PublicKey; import java.util.Arrays; import java.util.Collections; import java.util.Iterator; import java.util.List; -import org.apache.sshd.common.NamedResource; import org.apache.sshd.common.config.keys.KeyUtils; import org.apache.sshd.common.keyprovider.KeyIdentityProvider; import org.apache.sshd.common.session.SessionContext; import org.apache.sshd.common.util.net.SshdSocketAddress; -import org.apache.sshd.common.util.security.SecurityUtils; import org.eclipse.jgit.lib.Constants; import org.eclipse.jgit.transport.CredentialsProvider; import org.eclipse.jgit.transport.SshSessionFactory; @@ -154,27 +150,20 @@ public class NoFilesSshTest extends SshTestHarness { } } - private KeyPair load(Path path) throws Exception { - try (InputStream in = Files.newInputStream(path)) { - return SecurityUtils - .loadKeyPairIdentities(null, - NamedResource.ofName(path.toString()), in, null) - .iterator().next(); - } - } - @Test public void testCloneWithBuiltInKeys() throws Exception { // This test should fail unless our in-memory setup is taken: no - // known_hosts file, and a config that specifies a non-existing key. - File newHostKey = new File(getTemporaryDirectory(), "newhostkey"); - copyTestResource("id_ed25519", newHostKey); - server.addHostKey(newHostKey.toPath(), true); - testServerKey = load(newHostKey.toPath()).getPublic(); - assertTrue(newHostKey.delete()); - testUserKey = load(privateKey1.getAbsoluteFile().toPath()); + // known_hosts file, a config that specifies a non-existing key, + // and the test is using a newly generated KeyPairs anyway. + KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA"); + generator.initialize(2048); + testUserKey = generator.generateKeyPair(); + KeyPair hostKey = generator.generateKeyPair(); + server.addHostKey(hostKey, true); + testServerKey = hostKey.getPublic(); assertNotNull(testServerKey); assertNotNull(testUserKey); + server.setTestUserPublicKey(testUserKey.getPublic()); cloneWith( "ssh://" + TEST_USER + "@localhost:" + testPort + "/doesntmatter",