Camel SFTP 组件 - SSH 私钥 URI 适用于 privateKeyFile,不适用于 privateKey

2022-01-19 00:00:00 java jsch apache-camel

我有一条看起来像下一条的骆驼路线:

I have a camel route that looks like the next one:

from("direct:download")
        .pollEnrich()
        .simple("sftp://my.host:22/folder/?username=foo&fileName=${header.CamelFileName}
        &privateKeyFile=src/main/resources/privateSSHKey")
        .to("file://state/downloaded");

文件 src/main/resources/privateSSHKey 是一个 RSA 私钥.这没有问题:JSCH(Camel 用于 SFTP 端点的库)设法连接并下载所需的文件.

The file src/main/resources/privateSSHKey is an RSA private key. That works without a problem : JSCH (library used by Camel for the SFTP endpoint) manages to connect and download the desired file.

以前的设置在开发时是可以的,因为我可以在本地拥有带有密钥的文件.但是,对于 prod,我们有其他系统,我可以在其中获取包含密钥内容的字节数组.为此,我将路线更改为如下所示:

The previous setup is ok while developing, because I can have the file with the key locally. However, for prod, we have other system in which I will be able to get a byte array with the content of the key. For that, I am changing the route to look like this:

from("direct:download")
        .pollEnrich()
        .simple("sftp://my.host:22/folder/?username=foo&fileName=${header.CamelFileName}
     &privateKey=" + URLEncoder.encode(new String(sshPrivateKey), "UTF-8"))
        .to("file://state/downloaded");

...作为 sshPrivateKey 字节数组.不幸的是,我总是从 JSCH 获得auth_cancel",调试我可以看到在尝试与 SFTP 服务器握手时会发生这种情况.

...being sshPrivateKey the byte array. Unfortunately, I always get "auth_cancel" from JSCH, and debugging I can see that this happens when trying to handshake with the SFTP server.

我错过了什么吗?我很确定编码 sshPrivateKey byte[] 是可行的方法(如果我不这样做,JSCH 会抱怨错误的密钥),但我不确定我还缺少什么?

Am I missing something? I am pretty sure that encoding the sshPrivateKey byte[] is the way to go (JSCH was complaining about wrong key if I didn't do it), but I am not sure about what else I am missing?

推荐答案

问题的根源在于编码,URLEncoding、byteString可能会丢失一些字符如 +\.我设法使它与 privateKey 方法 Java DSL 的 Byte[] 参数一起工作.

The origin of the problem is the encoding, the URLEncoding, byte and String can loose some character like + or \. I managed to make it work with Byte[] parameter for privateKey method Java DSL.

例子:

String privateKeyString = Files.readString(Path.of("/.ssh/private_key_rsa"), StandardCharsets.UTF_8);
Byte[] privateKeyAsByteArray = ArrayUtils.toObject(privateKeyString.getBytes());

from("file://tmp")
.to(sftp("localhost")
        .username("test")
        .privateKey(privateKeyAsByteArray));

相关文章