[jira] [Updated] (JCLOUDS-617) Unable to use Chef API with JCE provider with default RSA transformation padding other than PKCS1

Ignasi Barrera (JIRA) Mon, 07 Jul 2014 04:28:25 -0700

     [ 
https://issues.apache.org/jira/browse/JCLOUDS-617?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ignasi Barrera updated JCLOUDS-617:
-----------------------------------

    Fix Version/s: 1.8.0

> Unable to use Chef API with JCE provider with default RSA transformation 
> padding other than PKCS1
> -------------------------------------------------------------------------------------------------
>
>                 Key: JCLOUDS-617
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-617
>             Project: jclouds
>          Issue Type: Bug
>          Components: jclouds-chef
>    Affects Versions: 1.7.2
>            Reporter: Jaroslav Kylberger
>            Assignee: Ignasi Barrera
>            Priority: Critical
>             Fix For: 1.8.0
>
>
> After adding JSafe JCE povider to java.security I get HTTP response code 401 
> and the message "Invalid signature for user or client '<chefClient>'" from 
> chef server when trying to connect using jclouds-chef api. The reason is that 
> this provider generates the signature using RSA algortihm with different mode 
> and/or padding that is used for decryption on chef server (and standard 
> SunJCE). The generated signature is then considered bad by the chef server. 
> The problem is in method org.jclouds.chef.filters.SignedHeaderAuth#sign which 
> uses org.jclouds.io.payloads.RSAEncryptingPayload from jcloud-core. This 
> class does not specify the mode and padding of RSA transformation and thus 
> provider defaults are used.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Updated] (JCLOUDS-617) Unable to use Chef API with JCE provider with default RSA transformation padding other than PKCS1

Reply via email to