HiromuHota / pdi-git-plugin

SpoonGit allows you to manage versions of local Kettle files without leaving Spoon. In addition to Git, Subversion is also supported.
Apache License 2.0
29 stars 12 forks source link

Use Apache MINA sshd instead of JSch #36

Open HiromuHota opened 5 years ago

HiromuHota commented 5 years ago

This PR will fix #35.

HiromuHota commented 5 years ago

I had to remove lib/bcprov-jdk14-138.jar and lib/bcmail-jdk14-138.jar. RSA key worked, but Ed25519 did not with the following warning at logs/spoon.log

[org.eclipse.jgit.internal.transport.sshd.CachingKeyPairProvider] java.security.NoSuchAlgorithmException: Unsupported key type (ssh-ed25519) in /home/tomcat/.ssh/id_ed25519

HiromuHota commented 5 years ago

https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927

rely on net.i2p.crypto.eddsa 0.3.0 for ed25519 support

HiromuHota commented 5 years ago

Ed25519 key still not working with an error popup "No more authentication methods available". Also at logs/spoon.log

WARN [org.eclipse.jgit.internal.transport.sshd.CachingKeyPairProvider] java.security.NoSuchAlgorithmException: Unsupported key type (ssh-ed25519) in /home/tomcat/.ssh/id_ed25519

HiromuHota commented 5 years ago

The reason is that the classloader ParallelWebappClassLoader cannot find the class for EdDSAKey.

            ClassLoader cl = ThreadUtils.resolveDefaultClassLoader(getClass());
            supported = ReflectionUtils.isClassAvailable(cl, "net.i2p.crypto.eddsa.EdDSAKey");

https://github.com/apache/mina-sshd/blob/sshd-2.2.0/sshd-common/src/main/java/org/apache/sshd/common/util/security/eddsa/EdDSASecurityProviderRegistrar.java#L98

HiromuHota commented 5 years ago

Move eddsa-0.3.0.jar to webapps/spoon/WEB-INF/lib/ solved the error and succeeded. Now is the time to test on Spoon.

HiromuHota commented 5 years ago

On Spoon, eddsa-0.3.0.jar needed to move to lib/.

HiromuHota commented 5 years ago

In summary, in order for Apache MINA sshd to work, I have to

To support Ed25519,

HiromuHota commented 5 years ago

bcmail-jdk14-1.51.jar and bcprov-jdk14-1.51.jar at lib/ did not work.

HiromuHota commented 5 years ago

So bcprov-jdk14-1.XX.jar (tested 1.38 thru 1.64) causes an error "InvalidAlgorithmParameterException: parameter object not a ECParameterSpec". bcprov-jdk15on-1.XX.jar (tested 1.51 thru 1.64) worked fine.

HiromuHota commented 5 years ago

Related issue: https://osgeo-org.atlassian.net/browse/GEOS-7642

HiromuHota commented 5 years ago

Another related issue: https://stackoverflow.com/questions/42238313/java-security-invalidalgorithmparameterexception-parameter-object-not-a-ecparam/42252911