update to latest version of bouncycastle including moving off deprecated stuff

This commit is contained in:
Adrian Cole 2012-12-20 09:50:23 -08:00
parent 8fc9a64240
commit e5e26e223d
8 changed files with 44 additions and 48 deletions

View File

@ -51,8 +51,7 @@
<!-- Required for Pems.java to read and write public and private keys -->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId>
<version>1.46</version>
<artifactId>bcpkix-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>aopalliance</groupId>

View File

@ -18,13 +18,17 @@
*/
package org.jclouds.crypto;
import static com.google.common.base.Charsets.US_ASCII;
import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.base.Preconditions.checkState;
import static com.google.common.base.Throwables.propagate;
import static com.google.common.io.Closeables.closeQuietly;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StringReader;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
@ -40,7 +44,7 @@ import java.security.spec.X509EncodedKeySpec;
import java.util.Map;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure;
import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
import org.jclouds.crypto.Pems.PemProcessor.ResultParser;
@ -52,7 +56,6 @@ import org.jclouds.javax.annotation.Nullable;
import com.google.common.annotations.Beta;
import com.google.common.base.Joiner;
import com.google.common.base.Splitter;
import com.google.common.base.Throwables;
import com.google.common.collect.ImmutableMap;
import com.google.common.io.InputSupplier;
@ -89,23 +92,21 @@ public class Pems {
@Override
public T getResult() {
PemReader reader = new PemReader(new StringReader(new String(out.toByteArray(), US_ASCII)));
try {
PemReader reader = new PemReader(new InputStreamReader(new ByteArrayInputStream(out.toByteArray())));
PemObject pem = reader.readPemObject();
byte[] bytes = pem.getContent();
// Bouncycastle removes the BEGIN and the markers when reading the
// PEM object
// Bouncycastle removes the BEGIN and the markers when reading the PEM object
String beginMarker = "-----BEGIN " + pem.getType() + "-----";
if (parsers.containsKey(beginMarker)) {
return parsers.get(beginMarker).parseResult(bytes);
} else {
throw new IOException(String.format("Invalid PEM file: no parsers for marker %s in %s", beginMarker,
parsers.keySet()));
}
checkState(parsers.containsKey(beginMarker), "Invalid PEM file: no parsers for marker %s in %s",
beginMarker, parsers.keySet());
return parsers.get(beginMarker).parseResult(bytes);
} catch (IOException e) {
throw new RuntimeException(e);
throw propagate(e);
} finally {
closeQuietly(reader);
}
}
}
@ -178,7 +179,7 @@ public class Pems {
try {
return privateKeySpec(InputSuppliers.of(pem));
} catch (IOException e) {
throw Throwables.propagate(e);
throw propagate(e);
}
}
@ -327,7 +328,7 @@ public class Pems {
// TODO find a way to do this without using bouncycastle
public static byte[] getEncoded(RSAPrivateCrtKey key) {
RSAPrivateKeyStructure keyStruct = new RSAPrivateKeyStructure(key.getModulus(), key.getPublicExponent(),
RSAPrivateKey keyStruct = new RSAPrivateKey(key.getModulus(), key.getPublicExponent(),
key.getPrivateExponent(), key.getPrimeP(), key.getPrimeQ(), key.getPrimeExponentP(),
key.getPrimeExponentQ(), key.getCrtCoefficient());
@ -338,7 +339,7 @@ public class Pems {
aOut.writeObject(keyStruct);
aOut.close();
} catch (IOException e) {
Throwables.propagate(e);
throw propagate(e);
}
return bOut.toByteArray();

View File

@ -51,7 +51,6 @@ import org.jclouds.util.Strings2;
import com.google.common.annotations.Beta;
import com.google.common.base.Joiner;
import com.google.common.base.Splitter;
import com.google.common.base.Throwables;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableMap.Builder;
import com.google.common.collect.Iterables;
@ -80,8 +79,7 @@ public class SshKeys {
try {
return publicKeySpecFromOpenSSH(InputSuppliers.of(idRsaPub));
} catch (IOException e) {
propagate(e);
return null;
throw propagate(e);
}
}
@ -142,8 +140,7 @@ public class SshKeys {
try {
return generate(KeyPairGenerator.getInstance("RSA"), new SecureRandom());
} catch (NoSuchAlgorithmException e) {
propagate(e);
return null;
throw propagate(e);
}
}
@ -167,7 +164,7 @@ public class SshKeys {
pemFormatWriter.writeObject(key);
pemFormatWriter.close();
} catch (IOException e) {
Throwables.propagate(e);
throw propagate(e);
}
return stringWriter.toString();
// TODO: understand why pem isn't passing testCanGenerate where keys are
@ -292,11 +289,9 @@ public class SshKeys {
.getEncoded()))));
return sha1;
} catch (InvalidKeySpecException e) {
propagate(e);
return null;
throw propagate(e);
} catch (NoSuchAlgorithmException e) {
propagate(e);
return null;
throw propagate(e);
}
}
@ -340,8 +335,7 @@ public class SshKeys {
writeLengthFirst(modulus.toByteArray(), out);
return out.toByteArray();
} catch (IOException e) {
propagate(e);
return null;
throw propagate(e);
}
}

View File

@ -24,9 +24,7 @@ import java.math.BigInteger;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure;
import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
/**
* PKCS#1 encoded private key spec.
@ -44,7 +42,7 @@ public class PKCS1EncodedPrivateKeySpec {
* DER encoded octet stream
* @throws IOException
*/
public PKCS1EncodedPrivateKeySpec(final byte[] keyBytes) throws IOException {
public PKCS1EncodedPrivateKeySpec(final byte[] keyBytes) {
decode(keyBytes);
}
@ -63,9 +61,8 @@ public class PKCS1EncodedPrivateKeySpec {
* @param keyBytes
* Encoded PKCS#1 rsa key.
*/
private void decode(final byte[] keyBytes) throws IOException {
ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(keyBytes);
RSAPrivateKeyStructure rsa = new RSAPrivateKeyStructure(seq);
private void decode(final byte[] keyBytes) {
RSAPrivateKey rsa = RSAPrivateKey.getInstance(keyBytes);
BigInteger mod = rsa.getModulus();
BigInteger pubExp = rsa.getPublicExponent();

View File

@ -22,9 +22,8 @@ package org.jclouds.crypto.pem;
import java.io.IOException;
import java.security.spec.RSAPublicKeySpec;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.x509.RSAPublicKeyStructure;
import org.bouncycastle.asn1.pkcs.RSAPublicKey;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
/**
@ -69,18 +68,18 @@ public class PKCS1EncodedPublicKeySpec {
* Encoded PKCS#1 rsa key.
*/
private void decode(final byte[] keyBytes) throws IOException {
RSAPublicKeyStructure pks = null;
ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(keyBytes);
RSAPublicKey pks = null;
ASN1Sequence seq = ASN1Sequence.getInstance(keyBytes);
try {
// Try to parse the public key normally. If the algorithm is not
// present in the encoded key, an IllegalArgumentException will be
// raised.
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(seq);
pks = new RSAPublicKeyStructure((ASN1Sequence) info.getPublicKey());
pks = RSAPublicKey.getInstance(info.parsePublicKey());
} catch (IllegalArgumentException ex) {
// If the algorithm is not found in the encoded key, try to extract
// just the modulus and the public exponent to build the public key.
pks = new RSAPublicKeyStructure(seq);
pks = RSAPublicKey.getInstance(seq);
}
keySpec = new RSAPublicKeySpec(pks.getModulus(), pks.getPublicExponent());
}

View File

@ -56,12 +56,12 @@ public class PemsTest {
private static final String CERTIFICATE = "-----BEGIN CERTIFICATE-----\nMIIClzCCAgCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMCVVMx\nEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFjAUBgNVBAoM\nDU9wc2NvZGUsIEluYy4xHDAaBgNVBAsME0NlcnRpZmljYXRlIFNlcnZpY2UxMjAw\nBgNVBAMMKW9wc2NvZGUuY29tL2VtYWlsQWRkcmVzcz1hdXRoQG9wc2NvZGUuY29t\nMB4XDTEwMDczMDIwNDEzMFoXDTIwMDcyNzIwNDEzMFowADCCASIwDQYJKoZIhvcN\nAQEBBQADggEPADCCAQoCggEBAMm9mSSahptCikfvJ30CTbEnfhfbVzTFewnznFuo\n7KrPBGYIlUdPYQ9SGDo+GKjNKiTjZYMoOMUVnsHUhu0Ez49ZSaVQInWvbF8tvpM8\nmoGQNQJtDmXG6m+YaHiA4HF/ng2u/bNLtA6Jo3HzvRCobxywc/szPt0Kj0ZD1fJ2\nE237Ph41c8zlOg9QdF0d/iD2WZdgJ1rNndKoZ0rR3A1L50VUND+PNmMDfVYHHjmb\naT89AwihCeU8eUk7m/JNP87f1QDB0Gny0rkDC3drOGS7jmabTf/7gLE5sYq3qnd+\n8/vGU3QWyfCxKSfogl7kn5uWlIe4sOqMb06GNgC+d/oytlECAwEAATANBgkqhkiG\n9w0BAQUFAAOBgQBftzSZxstWw60GqRTDNN/F2GnrdtnKBoXzHww3r6jtGEylYq20\n5KfKpEx+sPX0gyZuYJiXC2CkEjImAluWKcdN9ZF6VD541sheAjbiaU7q7ZsztTxF\nWUH2tCvHeDXYKPKek3QzL7bYpUhLnCN/XxEv6ibeMDwtI7f5qpk2Aspzcw==\n-----END CERTIFICATE-----\n";
@Test(expectedExceptions = IOException.class, expectedExceptionsMessageRegExp = "^Invalid PEM file: no parsers for marker -----BEGIN FOO PRIVATE KEY----- .*")
@Test(expectedExceptions = IllegalStateException.class, expectedExceptionsMessageRegExp = "^Invalid PEM file: no parsers for marker -----BEGIN FOO PRIVATE KEY----- .*")
public void testPrivateKeySpecFromPemWithInvalidMarker() throws IOException {
Pems.privateKeySpec(Payloads.newStringPayload(INVALID_PRIVATE_KEY));
}
@Test(expectedExceptions = IOException.class, expectedExceptionsMessageRegExp = "^Invalid PEM file: no parsers for marker -----BEGIN FOO PUBLIC KEY----- .*")
@Test(expectedExceptions = IllegalStateException.class, expectedExceptionsMessageRegExp = "^Invalid PEM file: no parsers for marker -----BEGIN FOO PUBLIC KEY----- .*")
public void testPublicKeySpecFromPemWithInvalidMarker() throws IOException {
Pems.publicKeySpec(Payloads.newStringPayload(INVALID_PUBLIC_KEY));
}

View File

@ -63,9 +63,7 @@
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId>
<version>1.46</version>
<scope>compile</scope>
<artifactId>bcpkix-jdk15on</artifactId>
</dependency>
</dependencies>

View File

@ -204,6 +204,11 @@
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.47</version>
</dependency>
<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId>
@ -385,6 +390,9 @@
<ignoredResource>CreateInternetService-options-test.xml</ignoredResource>
<ignoredResource>.gitattributes</ignoredResource>
<ignoredResource>OSGI-OPT/bnd.bnd</ignoredResource>
<!-- For bouncycastle -->
<ignoredResource>META-INF/BCKEY.DSA</ignoredResource>
<ignoredResource>META-INF/BCKEY.SF</ignoredResource>
</ignoredResources>
<failBuildInCaseOfConflict>true</failBuildInCaseOfConflict>
</configuration>