JCLOUDS-617: Use the configured JCE provider in the Cipher payloads
Project: http://git-wip-us.apache.org/repos/asf/jclouds/repo Commit: http://git-wip-us.apache.org/repos/asf/jclouds/commit/73929940 Tree: http://git-wip-us.apache.org/repos/asf/jclouds/tree/73929940 Diff: http://git-wip-us.apache.org/repos/asf/jclouds/diff/73929940 Branch: refs/heads/master Commit: 73929940d90d9c530a91a23373dcad994153c49f Parents: c0d16e7 Author: Ignasi Barrera <[email protected]> Authored: Tue Jul 1 16:07:12 2014 +0200 Committer: Ignasi Barrera <[email protected]> Committed: Wed Jul 2 17:54:33 2014 +0200 ---------------------------------------------------------------------- .../jclouds/chef/filters/SignedHeaderAuth.java | 19 ++++++++++++------- .../jclouds/chef/internal/BaseChefService.java | 10 +++++++--- .../chef/filters/SignedHeaderAuthTest.java | 4 +++- .../chef/functions/ParseClientFromJsonTest.java | 8 +++++--- 4 files changed, 27 insertions(+), 14 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/jclouds/blob/73929940/apis/chef/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java ---------------------------------------------------------------------- diff --git a/apis/chef/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java b/apis/chef/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java index 30b26c0..0cab71f 100644 --- a/apis/chef/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java +++ b/apis/chef/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java @@ -18,6 +18,7 @@ package org.jclouds.chef.filters; import static com.google.common.base.Charsets.UTF_8; import static com.google.common.base.Preconditions.checkArgument; +import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.hash.Hashing.sha1; import static com.google.common.io.BaseEncoding.base64; import static com.google.common.io.ByteStreams.toByteArray; @@ -33,6 +34,7 @@ import javax.inject.Provider; import javax.inject.Singleton; import org.jclouds.Constants; +import org.jclouds.crypto.Crypto; import org.jclouds.date.TimeStamp; import org.jclouds.domain.Credentials; import org.jclouds.http.HttpException; @@ -50,6 +52,7 @@ import org.jclouds.logging.Logger; import org.jclouds.util.Strings2; import com.google.common.annotations.VisibleForTesting; +import com.google.common.base.Preconditions; import com.google.common.base.Predicate; import com.google.common.base.Splitter; import com.google.common.base.Supplier; @@ -74,6 +77,7 @@ public class SignedHeaderAuth implements HttpRequestFilter { private final Provider<String> timeStampProvider; private final String emptyStringHash; private final HttpUtils utils; + private final Crypto crypto; @Resource @Named(Constants.LOGGER_SIGNATURE) @@ -81,13 +85,14 @@ public class SignedHeaderAuth implements HttpRequestFilter { @Inject public SignedHeaderAuth(SignatureWire signatureWire, @org.jclouds.location.Provider Supplier<Credentials> creds, - Supplier<PrivateKey> supplyKey, @TimeStamp Provider<String> timeStampProvider, HttpUtils utils) { - this.signatureWire = signatureWire; - this.creds = creds; - this.supplyKey = supplyKey; - this.timeStampProvider = timeStampProvider; + Supplier<PrivateKey> supplyKey, @TimeStamp Provider<String> timeStampProvider, HttpUtils utils, Crypto crypto) { + this.signatureWire = checkNotNull(signatureWire, "signatureWire"); + this.creds = checkNotNull(creds, "creds"); + this.supplyKey = checkNotNull(supplyKey, "supplyKey"); + this.timeStampProvider = checkNotNull(timeStampProvider, "timeStampProvider"); this.emptyStringHash = hashBody(Payloads.newStringPayload("")); - this.utils = utils; + this.utils = checkNotNull(utils, "utils"); + this.crypto = checkNotNull(crypto, "crypto"); } public HttpRequest filter(HttpRequest input) throws HttpException { @@ -186,7 +191,7 @@ public class SignedHeaderAuth implements HttpRequestFilter { public String sign(String toSign) { try { - byte[] encrypted = toByteArray(new RSAEncryptingPayload(Payloads.newStringPayload(toSign), supplyKey.get())); + byte[] encrypted = toByteArray(new RSAEncryptingPayload(crypto, Payloads.newStringPayload(toSign), supplyKey.get())); return base64().encode(encrypted); } catch (IOException e) { throw new HttpException("error signing request", e); http://git-wip-us.apache.org/repos/asf/jclouds/blob/73929940/apis/chef/src/main/java/org/jclouds/chef/internal/BaseChefService.java ---------------------------------------------------------------------- diff --git a/apis/chef/src/main/java/org/jclouds/chef/internal/BaseChefService.java b/apis/chef/src/main/java/org/jclouds/chef/internal/BaseChefService.java index 9619b44..c22e697 100644 --- a/apis/chef/src/main/java/org/jclouds/chef/internal/BaseChefService.java +++ b/apis/chef/src/main/java/org/jclouds/chef/internal/BaseChefService.java @@ -54,6 +54,7 @@ import org.jclouds.chef.strategy.ListNodesInEnvironment; import org.jclouds.chef.strategy.ListEnvironments; import org.jclouds.chef.strategy.ListNodes; import org.jclouds.chef.strategy.UpdateAutomaticAttributesOnNode; +import org.jclouds.crypto.Crypto; import org.jclouds.domain.JsonBall; import org.jclouds.io.Payloads; import org.jclouds.io.payloads.RSADecryptingPayload; @@ -90,6 +91,8 @@ public class BaseChefService implements ChefService { private final ListEnvironments listEnvironments; private final ListNodesInEnvironment listNodesInEnvironment; private final Json json; + private final Crypto crypto; + @Resource @Named(ChefProperties.CHEF_LOGGER) protected Logger logger = Logger.NULL; @@ -104,7 +107,7 @@ public class BaseChefService implements ChefService { @Named(CHEF_BOOTSTRAP_DATABAG) String databag, GroupToBootScript groupToBootScript, BootstrapConfigForGroup bootstrapConfigForGroup, RunListForGroup runListForGroup, ListEnvironments listEnvironments, ListNodesInEnvironment listNodesInEnvironment, - ListCookbookVersionsInEnvironment listCookbookVersionsInEnvironment, Json json) { + ListCookbookVersionsInEnvironment listCookbookVersionsInEnvironment, Json json, Crypto crypto) { this.chefContext = checkNotNull(chefContext, "chefContext"); this.api = checkNotNull(api, "api"); this.cleanupStaleNodesAndClients = checkNotNull(cleanupStaleNodesAndClients, "cleanupStaleNodesAndClients"); @@ -126,6 +129,7 @@ public class BaseChefService implements ChefService { this.listNodesInEnvironment = checkNotNull(listNodesInEnvironment, "listNodesInEnvironment"); this.listCookbookVersionsInEnvironment = checkNotNull(listCookbookVersionsInEnvironment, "listCookbookVersionsInEnvironment"); this.json = checkNotNull(json, "json"); + this.crypto = checkNotNull(crypto, "crypto"); } @Override @@ -135,13 +139,13 @@ public class BaseChefService implements ChefService { @Override public byte[] encrypt(InputSupplier<? extends InputStream> supplier) throws IOException { - return ByteStreams.toByteArray(new RSAEncryptingPayload(Payloads.newPayload(supplier.getInput()), privateKey + return ByteStreams.toByteArray(new RSAEncryptingPayload(crypto, Payloads.newPayload(supplier.getInput()), privateKey .get())); } @Override public byte[] decrypt(InputSupplier<? extends InputStream> supplier) throws IOException { - return ByteStreams.toByteArray(new RSADecryptingPayload(Payloads.newPayload(supplier.getInput()), privateKey + return ByteStreams.toByteArray(new RSADecryptingPayload(crypto, Payloads.newPayload(supplier.getInput()), privateKey .get())); } http://git-wip-us.apache.org/repos/asf/jclouds/blob/73929940/apis/chef/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java ---------------------------------------------------------------------- diff --git a/apis/chef/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java b/apis/chef/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java index 0e6ca4a..bfba190 100644 --- a/apis/chef/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java +++ b/apis/chef/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java @@ -28,6 +28,7 @@ import javax.ws.rs.HttpMethod; import org.jclouds.ContextBuilder; import org.jclouds.chef.ChefApiMetadata; +import org.jclouds.crypto.Crypto; import org.jclouds.domain.Credentials; import org.jclouds.http.HttpRequest; import org.jclouds.http.HttpUtils; @@ -193,6 +194,7 @@ public class SignedHeaderAuthTest { .modules(ImmutableSet.<Module> of(new MockModule(), new NullLoggingModule())).buildInjector(); HttpUtils utils = injector.getInstance(HttpUtils.class); + Crypto crypto = injector.getInstance(Crypto.class); Supplier<PrivateKey> privateKey = injector.getInstance(Key.get(new TypeLiteral<Supplier<PrivateKey>>() { })); @@ -205,7 +207,7 @@ public class SignedHeaderAuthTest { return TIMESTAMP_ISO8601; } - }, utils); + }, utils, crypto); } } http://git-wip-us.apache.org/repos/asf/jclouds/blob/73929940/apis/chef/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java ---------------------------------------------------------------------- diff --git a/apis/chef/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java b/apis/chef/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java index 671ff93..e8bebcb 100644 --- a/apis/chef/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java +++ b/apis/chef/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java @@ -19,6 +19,7 @@ package org.jclouds.chef.functions; import static org.testng.Assert.assertEquals; import java.io.IOException; +import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; @@ -29,6 +30,7 @@ import org.jclouds.chef.config.ChefParserModule; import org.jclouds.chef.domain.Client; import org.jclouds.crypto.Crypto; import org.jclouds.crypto.Pems; +import org.jclouds.encryption.internal.JCECrypto; import org.jclouds.http.HttpResponse; import org.jclouds.http.functions.ParseJson; import org.jclouds.io.Payloads; @@ -77,16 +79,16 @@ public class ParseClientFromJsonTest { privateKey = crypto.rsaKeyFactory().generatePrivate(Pems.privateKeySpec(ByteSource.wrap(PRIVATE_KEY.getBytes(Charsets.UTF_8)))); } - public void test() throws IOException { + public void test() throws IOException, CertificateException, NoSuchAlgorithmException { Client user = Client.builder().certificate(certificate).orgname("jclouds").clientname("adriancole-jcloudstest") .name("adriancole-jcloudstest").isValidator(false).privateKey(privateKey).build(); - byte[] encrypted = ByteStreams.toByteArray(new RSAEncryptingPayload(Payloads.newPayload("fooya"), user + byte[] encrypted = ByteStreams.toByteArray(new RSAEncryptingPayload(new JCECrypto(), Payloads.newPayload("fooya"), user .getCertificate().getPublicKey())); assertEquals( - ByteStreams.toByteArray(new RSADecryptingPayload(Payloads.newPayload(encrypted), user.getPrivateKey())), + ByteStreams.toByteArray(new RSADecryptingPayload(new JCECrypto(), Payloads.newPayload(encrypted), user.getPrivateKey())), "fooya".getBytes()); assertEquals(
