Consider implementing magic-based private key file type detection, or a CLI parameter to specify the type

[AlexTMjugador]

Currently, the jsign CLI is hardcoded to infer the format of a private key file from its extension:

jsign/jsign-crypto/src/main/java/net/jsign/PrivateKeyUtils.java

Lines 66 to 74 in 6acd186

	try {
	if (file.getName().endsWith(".pvk")) {
	return PVK.parse(file, password);
	} else if (file.getName().endsWith(".pem")) {
	return readPrivateKeyPEM(file, password != null ? password.toCharArray() : null);
	}
	} catch (Exception e) {
	throw new KeyException("Failed to load the private key from " + file, e);
	}

This logic is fine in the vast majority of cases, but breaks down when private key files do not have a .pem or .pvk extension, and there is no switch to manually specify the private key file type in the CLI. PEM files in particular need not have a file extension altogether; this is common practice with SSH PEM keys, for example. And, for security reasons, strict server-side repository push hooks may deny pushes for files with such extensions in order to prevent leaking secrets by accident, forcing e.g. test keys to be marked as such by having different extensions.

It'd be great for my use cases if jsign either tried parsing the key with the supported formats in sequence until one succeeds, some magic-based format detection was made, or a CLI switch like --keytype was added to specify this.

[ebourg]

Thank you for the suggestion, detecting the type of the key is a good idea. I prefer avoiding extra command line parameters if the detection can be automated though. We could either check the first bytes or simply iterate over the key types supported until one works. Do you want to provide a PR implementing this?

[AlexTMjugador]

Sure, I could give the idea of iterating over the types until one works a try in a PR. Thank you for your prompt reply!