• Home
• org.wildfly.security
• wildfly-elytron
• 1.18.1.Final
• source code
• OpenSSHKeyEncryptionContext.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.apache.sshd.common.config.keys.writer.openssh.OpenSSHKeyEncryptionContext Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.apache.sshd.common.config.keys.writer.openssh;

import org.apache.sshd.common.config.keys.loader.PrivateKeyEncryptionContext;
import org.apache.sshd.common.util.ValidateUtils;

/**
 * A {@link PrivateKeyEncryptionContext} for use with a {@link OpenSSHKeyPairResourceWriter}.
 */
public class OpenSSHKeyEncryptionContext extends PrivateKeyEncryptionContext {

    /** Default number of bcrypt KDF rounds to apply. */
    public static final int DEFAULT_KDF_ROUNDS = 16;

    public static final String AES = "AES";

    private int kdfRounds = DEFAULT_KDF_ROUNDS;

    public OpenSSHKeyEncryptionContext() {
        setCipherMode("CTR"); // Set default to CTR, as in OpenSSH
    }

    @Override
    public String getCipherName() {
        return AES;
    }

    @Override
    public void setCipherName(String value) {
        ValidateUtils.checkTrue((value != null) && value.equalsIgnoreCase(AES),
                "OpenSSHKeyEncryptionContext works only with AES encryption");
    }

    /**
     * Retrieves the number of KDF rounds to apply.
     *
     * @return the default number of KDF rounds, >= {@link #DEFAULT_KDF_ROUNDS}
     */
    public int getKdfRounds() {
        return kdfRounds;
    }

    /**
     * Sets the number of KDF rounds to apply. If smaller than the {@link #DEFAULT_KDF_ROUNDS}, set that default.
     *
     * @param rounds number of rounds to apply
     */
    public void setKdfRounds(int rounds) {
        this.kdfRounds = Math.max(DEFAULT_KDF_ROUNDS, rounds);
    }

    /**
     * @return the cipher's factory name.
     */
    protected String getCipherFactoryName() {
        return getCipherName().toLowerCase() + getCipherType() + '-' + getCipherMode().toLowerCase();
    }
}