From cd0f21d86b2f6ffd53c88eb0831f33dc92e39a25 Mon Sep 17 00:00:00 2001 From: Ignasi Barrera Date: Tue, 1 Jul 2014 16:07:12 +0200 Subject: [PATCH] JCLOUDS-617: Use the configured JCE provider in the Cipher payloads --- .../chef/filters/SignedHeaderAuth.java | 19 ++++++++++++------- .../chef/internal/BaseChefService.java | 10 +++++++--- .../chef/filters/SignedHeaderAuthTest.java | 4 +++- .../functions/ParseClientFromJsonTest.java | 8 +++++--- 4 files changed, 27 insertions(+), 14 deletions(-) diff --git a/apis/chef/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java b/apis/chef/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java index 30b26c0804..0cab71f57a 100644 --- a/apis/chef/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java +++ b/apis/chef/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java @@ -18,6 +18,7 @@ package org.jclouds.chef.filters; import static com.google.common.base.Charsets.UTF_8; import static com.google.common.base.Preconditions.checkArgument; +import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.hash.Hashing.sha1; import static com.google.common.io.BaseEncoding.base64; import static com.google.common.io.ByteStreams.toByteArray; @@ -33,6 +34,7 @@ import javax.inject.Provider; import javax.inject.Singleton; import org.jclouds.Constants; +import org.jclouds.crypto.Crypto; import org.jclouds.date.TimeStamp; import org.jclouds.domain.Credentials; import org.jclouds.http.HttpException; @@ -50,6 +52,7 @@ import org.jclouds.logging.Logger; import org.jclouds.util.Strings2; import com.google.common.annotations.VisibleForTesting; +import com.google.common.base.Preconditions; import com.google.common.base.Predicate; import com.google.common.base.Splitter; import com.google.common.base.Supplier; @@ -74,6 +77,7 @@ public class SignedHeaderAuth implements HttpRequestFilter { private final Provider timeStampProvider; private final String emptyStringHash; private final HttpUtils utils; + private final Crypto crypto; @Resource @Named(Constants.LOGGER_SIGNATURE) @@ -81,13 +85,14 @@ public class SignedHeaderAuth implements HttpRequestFilter { @Inject public SignedHeaderAuth(SignatureWire signatureWire, @org.jclouds.location.Provider Supplier creds, - Supplier supplyKey, @TimeStamp Provider timeStampProvider, HttpUtils utils) { - this.signatureWire = signatureWire; - this.creds = creds; - this.supplyKey = supplyKey; - this.timeStampProvider = timeStampProvider; + Supplier supplyKey, @TimeStamp Provider timeStampProvider, HttpUtils utils, Crypto crypto) { + this.signatureWire = checkNotNull(signatureWire, "signatureWire"); + this.creds = checkNotNull(creds, "creds"); + this.supplyKey = checkNotNull(supplyKey, "supplyKey"); + this.timeStampProvider = checkNotNull(timeStampProvider, "timeStampProvider"); this.emptyStringHash = hashBody(Payloads.newStringPayload("")); - this.utils = utils; + this.utils = checkNotNull(utils, "utils"); + this.crypto = checkNotNull(crypto, "crypto"); } public HttpRequest filter(HttpRequest input) throws HttpException { @@ -186,7 +191,7 @@ public class SignedHeaderAuth implements HttpRequestFilter { public String sign(String toSign) { try { - byte[] encrypted = toByteArray(new RSAEncryptingPayload(Payloads.newStringPayload(toSign), supplyKey.get())); + byte[] encrypted = toByteArray(new RSAEncryptingPayload(crypto, Payloads.newStringPayload(toSign), supplyKey.get())); return base64().encode(encrypted); } catch (IOException e) { throw new HttpException("error signing request", e); diff --git a/apis/chef/src/main/java/org/jclouds/chef/internal/BaseChefService.java b/apis/chef/src/main/java/org/jclouds/chef/internal/BaseChefService.java index 9619b445ac..c22e6972d8 100644 --- a/apis/chef/src/main/java/org/jclouds/chef/internal/BaseChefService.java +++ b/apis/chef/src/main/java/org/jclouds/chef/internal/BaseChefService.java @@ -54,6 +54,7 @@ import org.jclouds.chef.strategy.ListNodesInEnvironment; import org.jclouds.chef.strategy.ListEnvironments; import org.jclouds.chef.strategy.ListNodes; import org.jclouds.chef.strategy.UpdateAutomaticAttributesOnNode; +import org.jclouds.crypto.Crypto; import org.jclouds.domain.JsonBall; import org.jclouds.io.Payloads; import org.jclouds.io.payloads.RSADecryptingPayload; @@ -90,6 +91,8 @@ public class BaseChefService implements ChefService { private final ListEnvironments listEnvironments; private final ListNodesInEnvironment listNodesInEnvironment; private final Json json; + private final Crypto crypto; + @Resource @Named(ChefProperties.CHEF_LOGGER) protected Logger logger = Logger.NULL; @@ -104,7 +107,7 @@ public class BaseChefService implements ChefService { @Named(CHEF_BOOTSTRAP_DATABAG) String databag, GroupToBootScript groupToBootScript, BootstrapConfigForGroup bootstrapConfigForGroup, RunListForGroup runListForGroup, ListEnvironments listEnvironments, ListNodesInEnvironment listNodesInEnvironment, - ListCookbookVersionsInEnvironment listCookbookVersionsInEnvironment, Json json) { + ListCookbookVersionsInEnvironment listCookbookVersionsInEnvironment, Json json, Crypto crypto) { this.chefContext = checkNotNull(chefContext, "chefContext"); this.api = checkNotNull(api, "api"); this.cleanupStaleNodesAndClients = checkNotNull(cleanupStaleNodesAndClients, "cleanupStaleNodesAndClients"); @@ -126,6 +129,7 @@ public class BaseChefService implements ChefService { this.listNodesInEnvironment = checkNotNull(listNodesInEnvironment, "listNodesInEnvironment"); this.listCookbookVersionsInEnvironment = checkNotNull(listCookbookVersionsInEnvironment, "listCookbookVersionsInEnvironment"); this.json = checkNotNull(json, "json"); + this.crypto = checkNotNull(crypto, "crypto"); } @Override @@ -135,13 +139,13 @@ public class BaseChefService implements ChefService { @Override public byte[] encrypt(InputSupplier supplier) throws IOException { - return ByteStreams.toByteArray(new RSAEncryptingPayload(Payloads.newPayload(supplier.getInput()), privateKey + return ByteStreams.toByteArray(new RSAEncryptingPayload(crypto, Payloads.newPayload(supplier.getInput()), privateKey .get())); } @Override public byte[] decrypt(InputSupplier supplier) throws IOException { - return ByteStreams.toByteArray(new RSADecryptingPayload(Payloads.newPayload(supplier.getInput()), privateKey + return ByteStreams.toByteArray(new RSADecryptingPayload(crypto, Payloads.newPayload(supplier.getInput()), privateKey .get())); } diff --git a/apis/chef/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java b/apis/chef/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java index 0e6ca4ad61..bfba190af6 100644 --- a/apis/chef/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java +++ b/apis/chef/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java @@ -28,6 +28,7 @@ import javax.ws.rs.HttpMethod; import org.jclouds.ContextBuilder; import org.jclouds.chef.ChefApiMetadata; +import org.jclouds.crypto.Crypto; import org.jclouds.domain.Credentials; import org.jclouds.http.HttpRequest; import org.jclouds.http.HttpUtils; @@ -193,6 +194,7 @@ public class SignedHeaderAuthTest { .modules(ImmutableSet. of(new MockModule(), new NullLoggingModule())).buildInjector(); HttpUtils utils = injector.getInstance(HttpUtils.class); + Crypto crypto = injector.getInstance(Crypto.class); Supplier privateKey = injector.getInstance(Key.get(new TypeLiteral>() { })); @@ -205,7 +207,7 @@ public class SignedHeaderAuthTest { return TIMESTAMP_ISO8601; } - }, utils); + }, utils, crypto); } } diff --git a/apis/chef/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java b/apis/chef/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java index 671ff93ee2..e8bebcb403 100644 --- a/apis/chef/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java +++ b/apis/chef/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java @@ -19,6 +19,7 @@ package org.jclouds.chef.functions; import static org.testng.Assert.assertEquals; import java.io.IOException; +import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; @@ -29,6 +30,7 @@ import org.jclouds.chef.config.ChefParserModule; import org.jclouds.chef.domain.Client; import org.jclouds.crypto.Crypto; import org.jclouds.crypto.Pems; +import org.jclouds.encryption.internal.JCECrypto; import org.jclouds.http.HttpResponse; import org.jclouds.http.functions.ParseJson; import org.jclouds.io.Payloads; @@ -77,16 +79,16 @@ public class ParseClientFromJsonTest { privateKey = crypto.rsaKeyFactory().generatePrivate(Pems.privateKeySpec(ByteSource.wrap(PRIVATE_KEY.getBytes(Charsets.UTF_8)))); } - public void test() throws IOException { + public void test() throws IOException, CertificateException, NoSuchAlgorithmException { Client user = Client.builder().certificate(certificate).orgname("jclouds").clientname("adriancole-jcloudstest") .name("adriancole-jcloudstest").isValidator(false).privateKey(privateKey).build(); - byte[] encrypted = ByteStreams.toByteArray(new RSAEncryptingPayload(Payloads.newPayload("fooya"), user + byte[] encrypted = ByteStreams.toByteArray(new RSAEncryptingPayload(new JCECrypto(), Payloads.newPayload("fooya"), user .getCertificate().getPublicKey())); assertEquals( - ByteStreams.toByteArray(new RSADecryptingPayload(Payloads.newPayload(encrypted), user.getPrivateKey())), + ByteStreams.toByteArray(new RSADecryptingPayload(new JCECrypto(), Payloads.newPayload(encrypted), user.getPrivateKey())), "fooya".getBytes()); assertEquals(