Apache
/
jclouds
mirror of https://github.com/apache/jclouds.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update to latest version of bouncycastle including moving off deprecated stuff

This commit is contained in:
Adrian Cole 2012-12-20 09:50:23 -08:00
parent 8fc9a64240
commit e5e26e223d
8 changed files with 44 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/pom.xml
View File

@ -51,8 +51,7 @@
<!-- Required for Pems.java to read and write public and private keys --> <!-- Required for Pems.java to read and write public and private keys -->
<dependency> <dependency>
<groupId>org.bouncycastle</groupId> <groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId> <artifactId>bcpkix-jdk15on</artifactId>
<version>1.46</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>aopalliance</groupId> <groupId>aopalliance</groupId>

31
core/src/main/java/org/jclouds/crypto/Pems.java
View File

@ -18,13 +18,17 @@
*/ */
package org.jclouds.crypto; package org.jclouds.crypto;
import static com.google.common.base.Charsets.US_ASCII;
import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.base.Preconditions.checkState;
import static com.google.common.base.Throwables.propagate;
import static com.google.common.io.Closeables.closeQuietly;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.io.InputStreamReader; import java.io.StringReader;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateEncodingException;
@ -40,7 +44,7 @@ import java.security.spec.X509EncodedKeySpec;
import java.util.Map; import java.util.Map;
import org.bouncycastle.asn1.ASN1OutputStream; import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure; import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
import org.bouncycastle.util.io.pem.PemObject; import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader; import org.bouncycastle.util.io.pem.PemReader;
import org.jclouds.crypto.Pems.PemProcessor.ResultParser; import org.jclouds.crypto.Pems.PemProcessor.ResultParser;
@ -52,7 +56,6 @@ import org.jclouds.javax.annotation.Nullable;
import com.google.common.annotations.Beta; import com.google.common.annotations.Beta;
import com.google.common.base.Joiner; import com.google.common.base.Joiner;
import com.google.common.base.Splitter; import com.google.common.base.Splitter;
import com.google.common.base.Throwables;
import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableMap;
import com.google.common.io.InputSupplier; import com.google.common.io.InputSupplier;
@ -89,23 +92,21 @@ public class Pems {
@Override @Override
public T getResult() { public T getResult() {
PemReader reader = new PemReader(new StringReader(new String(out.toByteArray(), US_ASCII)));
try { try {
PemReader reader = new PemReader(new InputStreamReader(new ByteArrayInputStream(out.toByteArray())));
PemObject pem = reader.readPemObject(); PemObject pem = reader.readPemObject();
byte[] bytes = pem.getContent(); byte[] bytes = pem.getContent();
// Bouncycastle removes the BEGIN and the markers when reading the // Bouncycastle removes the BEGIN and the markers when reading the PEM object
// PEM object
String beginMarker = "-----BEGIN " + pem.getType() + "-----"; String beginMarker = "-----BEGIN " + pem.getType() + "-----";
if (parsers.containsKey(beginMarker)) { checkState(parsers.containsKey(beginMarker), "Invalid PEM file: no parsers for marker %s in %s",
beginMarker, parsers.keySet());
return parsers.get(beginMarker).parseResult(bytes); return parsers.get(beginMarker).parseResult(bytes);
} else {
throw new IOException(String.format("Invalid PEM file: no parsers for marker %s in %s", beginMarker,
parsers.keySet()));
}
} catch (IOException e) { } catch (IOException e) {
throw new RuntimeException(e); throw propagate(e);
} finally {
closeQuietly(reader);
} }
} }
} }
@ -178,7 +179,7 @@ public class Pems {
try { try {
return privateKeySpec(InputSuppliers.of(pem)); return privateKeySpec(InputSuppliers.of(pem));
} catch (IOException e) { } catch (IOException e) {
throw Throwables.propagate(e); throw propagate(e);
} }
} }
@ -327,7 +328,7 @@ public class Pems {
// TODO find a way to do this without using bouncycastle // TODO find a way to do this without using bouncycastle
public static byte[] getEncoded(RSAPrivateCrtKey key) { public static byte[] getEncoded(RSAPrivateCrtKey key) {
RSAPrivateKeyStructure keyStruct = new RSAPrivateKeyStructure(key.getModulus(), key.getPublicExponent(), RSAPrivateKey keyStruct = new RSAPrivateKey(key.getModulus(), key.getPublicExponent(),
key.getPrivateExponent(), key.getPrimeP(), key.getPrimeQ(), key.getPrimeExponentP(), key.getPrivateExponent(), key.getPrimeP(), key.getPrimeQ(), key.getPrimeExponentP(),
key.getPrimeExponentQ(), key.getCrtCoefficient()); key.getPrimeExponentQ(), key.getCrtCoefficient());
@ -338,7 +339,7 @@ public class Pems {
aOut.writeObject(keyStruct); aOut.writeObject(keyStruct);
aOut.close(); aOut.close();
} catch (IOException e) { } catch (IOException e) {
Throwables.propagate(e); throw propagate(e);
} }
return bOut.toByteArray(); return bOut.toByteArray();

18
core/src/main/java/org/jclouds/crypto/SshKeys.java
View File

@ -51,7 +51,6 @@ import org.jclouds.util.Strings2;
import com.google.common.annotations.Beta; import com.google.common.annotations.Beta;
import com.google.common.base.Joiner; import com.google.common.base.Joiner;
import com.google.common.base.Splitter; import com.google.common.base.Splitter;
import com.google.common.base.Throwables;
import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableMap.Builder; import com.google.common.collect.ImmutableMap.Builder;
import com.google.common.collect.Iterables; import com.google.common.collect.Iterables;
@ -80,8 +79,7 @@ public class SshKeys {
try { try {
return publicKeySpecFromOpenSSH(InputSuppliers.of(idRsaPub)); return publicKeySpecFromOpenSSH(InputSuppliers.of(idRsaPub));
} catch (IOException e) { } catch (IOException e) {
propagate(e); throw propagate(e);
return null;
} }
} }
@ -142,8 +140,7 @@ public class SshKeys {
try { try {
return generate(KeyPairGenerator.getInstance("RSA"), new SecureRandom()); return generate(KeyPairGenerator.getInstance("RSA"), new SecureRandom());
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
propagate(e); throw propagate(e);
return null;
} }
} }
@ -167,7 +164,7 @@ public class SshKeys {
pemFormatWriter.writeObject(key); pemFormatWriter.writeObject(key);
pemFormatWriter.close(); pemFormatWriter.close();
} catch (IOException e) { } catch (IOException e) {
Throwables.propagate(e); throw propagate(e);
} }
return stringWriter.toString(); return stringWriter.toString();
// TODO: understand why pem isn't passing testCanGenerate where keys are // TODO: understand why pem isn't passing testCanGenerate where keys are
@ -292,11 +289,9 @@ public class SshKeys {
.getEncoded())))); .getEncoded()))));
return sha1; return sha1;
} catch (InvalidKeySpecException e) { } catch (InvalidKeySpecException e) {
propagate(e); throw propagate(e);
return null;
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
propagate(e); throw propagate(e);
return null;
} }
} }
@ -340,8 +335,7 @@ public class SshKeys {
writeLengthFirst(modulus.toByteArray(), out); writeLengthFirst(modulus.toByteArray(), out);
return out.toByteArray(); return out.toByteArray();
} catch (IOException e) { } catch (IOException e) {
propagate(e); throw propagate(e);
return null;
} }
} }

11
core/src/main/java/org/jclouds/crypto/pem/PKCS1EncodedPrivateKeySpec.java
View File

@ -24,9 +24,7 @@ import java.math.BigInteger;
import java.security.spec.RSAPrivateCrtKeySpec; import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec; import java.security.spec.RSAPrivateKeySpec;
import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure;
/** /**
* PKCS#1 encoded private key spec. * PKCS#1 encoded private key spec.
@ -44,7 +42,7 @@ public class PKCS1EncodedPrivateKeySpec {
* DER encoded octet stream * DER encoded octet stream
* @throws IOException * @throws IOException
*/ */
public PKCS1EncodedPrivateKeySpec(final byte[] keyBytes) throws IOException { public PKCS1EncodedPrivateKeySpec(final byte[] keyBytes) {
decode(keyBytes); decode(keyBytes);
} }
@ -63,9 +61,8 @@ public class PKCS1EncodedPrivateKeySpec {
* @param keyBytes * @param keyBytes
* Encoded PKCS#1 rsa key. * Encoded PKCS#1 rsa key.
*/ */
private void decode(final byte[] keyBytes) throws IOException { private void decode(final byte[] keyBytes) {
ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(keyBytes); RSAPrivateKey rsa = RSAPrivateKey.getInstance(keyBytes);
RSAPrivateKeyStructure rsa = new RSAPrivateKeyStructure(seq);
BigInteger mod = rsa.getModulus(); BigInteger mod = rsa.getModulus();
BigInteger pubExp = rsa.getPublicExponent(); BigInteger pubExp = rsa.getPublicExponent();

11
core/src/main/java/org/jclouds/crypto/pem/PKCS1EncodedPublicKeySpec.java
View File

@ -22,9 +22,8 @@ package org.jclouds.crypto.pem;
import java.io.IOException; import java.io.IOException;
import java.security.spec.RSAPublicKeySpec; import java.security.spec.RSAPublicKeySpec;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.x509.RSAPublicKeyStructure; import org.bouncycastle.asn1.pkcs.RSAPublicKey;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
/** /**
@ -69,18 +68,18 @@ public class PKCS1EncodedPublicKeySpec {
* Encoded PKCS#1 rsa key. * Encoded PKCS#1 rsa key.
*/ */
private void decode(final byte[] keyBytes) throws IOException { private void decode(final byte[] keyBytes) throws IOException {
RSAPublicKeyStructure pks = null; RSAPublicKey pks = null;
ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(keyBytes); ASN1Sequence seq = ASN1Sequence.getInstance(keyBytes);
try { try {
// Try to parse the public key normally. If the algorithm is not // Try to parse the public key normally. If the algorithm is not
// present in the encoded key, an IllegalArgumentException will be // present in the encoded key, an IllegalArgumentException will be
// raised. // raised.
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(seq); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(seq);
pks = new RSAPublicKeyStructure((ASN1Sequence) info.getPublicKey()); pks = RSAPublicKey.getInstance(info.parsePublicKey());
} catch (IllegalArgumentException ex) { } catch (IllegalArgumentException ex) {
// If the algorithm is not found in the encoded key, try to extract // If the algorithm is not found in the encoded key, try to extract
// just the modulus and the public exponent to build the public key. // just the modulus and the public exponent to build the public key.
pks = new RSAPublicKeyStructure(seq); pks = RSAPublicKey.getInstance(seq);
} }
keySpec = new RSAPublicKeySpec(pks.getModulus(), pks.getPublicExponent()); keySpec = new RSAPublicKeySpec(pks.getModulus(), pks.getPublicExponent());
} }

4
core/src/test/java/org/jclouds/crypto/PemsTest.java
View File

@ -56,12 +56,12 @@ public class PemsTest {
private static final String CERTIFICATE = "-----BEGIN CERTIFICATE-----\nMIIClzCCAgCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMCVVMx\nEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFjAUBgNVBAoM\nDU9wc2NvZGUsIEluYy4xHDAaBgNVBAsME0NlcnRpZmljYXRlIFNlcnZpY2UxMjAw\nBgNVBAMMKW9wc2NvZGUuY29tL2VtYWlsQWRkcmVzcz1hdXRoQG9wc2NvZGUuY29t\nMB4XDTEwMDczMDIwNDEzMFoXDTIwMDcyNzIwNDEzMFowADCCASIwDQYJKoZIhvcN\nAQEBBQADggEPADCCAQoCggEBAMm9mSSahptCikfvJ30CTbEnfhfbVzTFewnznFuo\n7KrPBGYIlUdPYQ9SGDo+GKjNKiTjZYMoOMUVnsHUhu0Ez49ZSaVQInWvbF8tvpM8\nmoGQNQJtDmXG6m+YaHiA4HF/ng2u/bNLtA6Jo3HzvRCobxywc/szPt0Kj0ZD1fJ2\nE237Ph41c8zlOg9QdF0d/iD2WZdgJ1rNndKoZ0rR3A1L50VUND+PNmMDfVYHHjmb\naT89AwihCeU8eUk7m/JNP87f1QDB0Gny0rkDC3drOGS7jmabTf/7gLE5sYq3qnd+\n8/vGU3QWyfCxKSfogl7kn5uWlIe4sOqMb06GNgC+d/oytlECAwEAATANBgkqhkiG\n9w0BAQUFAAOBgQBftzSZxstWw60GqRTDNN/F2GnrdtnKBoXzHww3r6jtGEylYq20\n5KfKpEx+sPX0gyZuYJiXC2CkEjImAluWKcdN9ZF6VD541sheAjbiaU7q7ZsztTxF\nWUH2tCvHeDXYKPKek3QzL7bYpUhLnCN/XxEv6ibeMDwtI7f5qpk2Aspzcw==\n-----END CERTIFICATE-----\n"; private static final String CERTIFICATE = "-----BEGIN CERTIFICATE-----\nMIIClzCCAgCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnjELMAkGA1UEBhMCVVMx\nEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFjAUBgNVBAoM\nDU9wc2NvZGUsIEluYy4xHDAaBgNVBAsME0NlcnRpZmljYXRlIFNlcnZpY2UxMjAw\nBgNVBAMMKW9wc2NvZGUuY29tL2VtYWlsQWRkcmVzcz1hdXRoQG9wc2NvZGUuY29t\nMB4XDTEwMDczMDIwNDEzMFoXDTIwMDcyNzIwNDEzMFowADCCASIwDQYJKoZIhvcN\nAQEBBQADggEPADCCAQoCggEBAMm9mSSahptCikfvJ30CTbEnfhfbVzTFewnznFuo\n7KrPBGYIlUdPYQ9SGDo+GKjNKiTjZYMoOMUVnsHUhu0Ez49ZSaVQInWvbF8tvpM8\nmoGQNQJtDmXG6m+YaHiA4HF/ng2u/bNLtA6Jo3HzvRCobxywc/szPt0Kj0ZD1fJ2\nE237Ph41c8zlOg9QdF0d/iD2WZdgJ1rNndKoZ0rR3A1L50VUND+PNmMDfVYHHjmb\naT89AwihCeU8eUk7m/JNP87f1QDB0Gny0rkDC3drOGS7jmabTf/7gLE5sYq3qnd+\n8/vGU3QWyfCxKSfogl7kn5uWlIe4sOqMb06GNgC+d/oytlECAwEAATANBgkqhkiG\n9w0BAQUFAAOBgQBftzSZxstWw60GqRTDNN/F2GnrdtnKBoXzHww3r6jtGEylYq20\n5KfKpEx+sPX0gyZuYJiXC2CkEjImAluWKcdN9ZF6VD541sheAjbiaU7q7ZsztTxF\nWUH2tCvHeDXYKPKek3QzL7bYpUhLnCN/XxEv6ibeMDwtI7f5qpk2Aspzcw==\n-----END CERTIFICATE-----\n";
@Test(expectedExceptions = IOException.class, expectedExceptionsMessageRegExp = "^Invalid PEM file: no parsers for marker -----BEGIN FOO PRIVATE KEY----- .*") @Test(expectedExceptions = IllegalStateException.class, expectedExceptionsMessageRegExp = "^Invalid PEM file: no parsers for marker -----BEGIN FOO PRIVATE KEY----- .*")
public void testPrivateKeySpecFromPemWithInvalidMarker() throws IOException { public void testPrivateKeySpecFromPemWithInvalidMarker() throws IOException {
Pems.privateKeySpec(Payloads.newStringPayload(INVALID_PRIVATE_KEY)); Pems.privateKeySpec(Payloads.newStringPayload(INVALID_PRIVATE_KEY));
} }
@Test(expectedExceptions = IOException.class, expectedExceptionsMessageRegExp = "^Invalid PEM file: no parsers for marker -----BEGIN FOO PUBLIC KEY----- .*") @Test(expectedExceptions = IllegalStateException.class, expectedExceptionsMessageRegExp = "^Invalid PEM file: no parsers for marker -----BEGIN FOO PUBLIC KEY----- .*")
public void testPublicKeySpecFromPemWithInvalidMarker() throws IOException { public void testPublicKeySpecFromPemWithInvalidMarker() throws IOException {
Pems.publicKeySpec(Payloads.newStringPayload(INVALID_PUBLIC_KEY)); Pems.publicKeySpec(Payloads.newStringPayload(INVALID_PUBLIC_KEY));
} }

4
drivers/bouncycastle/pom.xml
View File

@ -63,9 +63,7 @@
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.bouncycastle</groupId> <groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId> <artifactId>bcpkix-jdk15on</artifactId>
<version>1.46</version>
<scope>compile</scope>
</dependency> </dependency>
</dependencies> </dependencies>

8
project/pom.xml
View File

@ -204,6 +204,11 @@
<dependencyManagement> <dependencyManagement>
<dependencies> <dependencies>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.47</version>
</dependency>
<dependency> <dependency>
<groupId>com.jcraft</groupId> <groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId> <artifactId>jsch</artifactId>
@ -385,6 +390,9 @@
<ignoredResource>CreateInternetService-options-test.xml</ignoredResource> <ignoredResource>CreateInternetService-options-test.xml</ignoredResource>
<ignoredResource>.gitattributes</ignoredResource> <ignoredResource>.gitattributes</ignoredResource>
<ignoredResource>OSGI-OPT/bnd.bnd</ignoredResource> <ignoredResource>OSGI-OPT/bnd.bnd</ignoredResource>
<!-- For bouncycastle -->
<ignoredResource>META-INF/BCKEY.DSA</ignoredResource>
<ignoredResource>META-INF/BCKEY.SF</ignoredResource>
</ignoredResources> </ignoredResources>
<failBuildInCaseOfConflict>true</failBuildInCaseOfConflict> <failBuildInCaseOfConflict>true</failBuildInCaseOfConflict>
</configuration> </configuration>