Class OpenSSHKeyPairResourceWriter.KeyEncryptor
java.lang.Object
org.apache.sshd.common.config.keys.loader.AbstractPrivateKeyObfuscator
org.apache.sshd.common.config.keys.loader.AESPrivateKeyObfuscator
org.apache.sshd.common.config.keys.writer.openssh.OpenSSHKeyPairResourceWriter.KeyEncryptor
- All Implemented Interfaces:
PrivateKeyObfuscator
- Enclosing class:
- OpenSSHKeyPairResourceWriter
A key encryptor for modern-style OpenSSH private keys using the bcrypt KDF.
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final int
private byte[]
protected final OpenSSHKeyEncryptionContext
Fields inherited from class org.apache.sshd.common.config.keys.loader.AESPrivateKeyObfuscator
CIPHER_NAME, INSTANCE
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected byte[]
protected byte[]
deriveEncryptionKey
(PrivateKeyEncryptionContext context, int keyLength) Derives an encryption key and set the IV on thecontext
from the passphase provided by the context using the OpenBSDBCrypt
KDF.byte[]
Retrieves the KDF options used.Methods inherited from class org.apache.sshd.common.config.keys.loader.AESPrivateKeyObfuscator
applyPrivateKeyCipher, createCipherSelector, getAvailableKeyLengths, getSupportedKeySizes, resolveCipherInformation, resolveInitializationVectorLength, resolveKeyLength
Methods inherited from class org.apache.sshd.common.config.keys.loader.AbstractPrivateKeyObfuscator
appendPrivateKeyEncryptionContext, applyPrivateKeyCipher, generateInitializationVector, getCipherName
-
Field Details
-
BCRYPT_SALT_LENGTH
public static final int BCRYPT_SALT_LENGTH- See Also:
-
options
-
kdfOptions
private byte[] kdfOptions
-
-
Constructor Details
-
KeyEncryptor
-
-
Method Details
-
getKdfOptions
public byte[] getKdfOptions()Retrieves the KDF options used. Valid only afterderiveEncryptionKey(PrivateKeyEncryptionContext, int)
has been called.- Returns:
- the number of KDF rounds applied
-
deriveEncryptionKey
protected byte[] deriveEncryptionKey(PrivateKeyEncryptionContext context, int keyLength) throws IOException, GeneralSecurityException Derives an encryption key and set the IV on thecontext
from the passphase provided by the context using the OpenBSDBCrypt
KDF.- Overrides:
deriveEncryptionKey
in classAbstractPrivateKeyObfuscator
- Parameters:
context
- for the encryption, provides the passphrase and transports other encryption-related information including the IVkeyLength
- number of key bytes to generate- Returns:
keyLength
bytes to use as encryption key- Throws:
IOException
GeneralSecurityException
-
convert
-