JCLOUDS-617: Use the configured JCE provider in the Cipher payloads
diff --git a/core/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java b/core/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java
index 30b26c0..0cab71f 100644
--- a/core/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java
+++ b/core/src/main/java/org/jclouds/chef/filters/SignedHeaderAuth.java
@@ -18,6 +18,7 @@
import static com.google.common.base.Charsets.UTF_8;
import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.hash.Hashing.sha1;
import static com.google.common.io.BaseEncoding.base64;
import static com.google.common.io.ByteStreams.toByteArray;
@@ -33,6 +34,7 @@
import javax.inject.Singleton;
import org.jclouds.Constants;
+import org.jclouds.crypto.Crypto;
import org.jclouds.date.TimeStamp;
import org.jclouds.domain.Credentials;
import org.jclouds.http.HttpException;
@@ -50,6 +52,7 @@
import org.jclouds.util.Strings2;
import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Preconditions;
import com.google.common.base.Predicate;
import com.google.common.base.Splitter;
import com.google.common.base.Supplier;
@@ -74,6 +77,7 @@
private final Provider<String> timeStampProvider;
private final String emptyStringHash;
private final HttpUtils utils;
+ private final Crypto crypto;
@Resource
@Named(Constants.LOGGER_SIGNATURE)
@@ -81,13 +85,14 @@
@Inject
public SignedHeaderAuth(SignatureWire signatureWire, @org.jclouds.location.Provider Supplier<Credentials> creds,
- Supplier<PrivateKey> supplyKey, @TimeStamp Provider<String> timeStampProvider, HttpUtils utils) {
- this.signatureWire = signatureWire;
- this.creds = creds;
- this.supplyKey = supplyKey;
- this.timeStampProvider = timeStampProvider;
+ Supplier<PrivateKey> supplyKey, @TimeStamp Provider<String> timeStampProvider, HttpUtils utils, Crypto crypto) {
+ this.signatureWire = checkNotNull(signatureWire, "signatureWire");
+ this.creds = checkNotNull(creds, "creds");
+ this.supplyKey = checkNotNull(supplyKey, "supplyKey");
+ this.timeStampProvider = checkNotNull(timeStampProvider, "timeStampProvider");
this.emptyStringHash = hashBody(Payloads.newStringPayload(""));
- this.utils = utils;
+ this.utils = checkNotNull(utils, "utils");
+ this.crypto = checkNotNull(crypto, "crypto");
}
public HttpRequest filter(HttpRequest input) throws HttpException {
@@ -186,7 +191,7 @@
public String sign(String toSign) {
try {
- byte[] encrypted = toByteArray(new RSAEncryptingPayload(Payloads.newStringPayload(toSign), supplyKey.get()));
+ byte[] encrypted = toByteArray(new RSAEncryptingPayload(crypto, Payloads.newStringPayload(toSign), supplyKey.get()));
return base64().encode(encrypted);
} catch (IOException e) {
throw new HttpException("error signing request", e);
diff --git a/core/src/main/java/org/jclouds/chef/internal/BaseChefService.java b/core/src/main/java/org/jclouds/chef/internal/BaseChefService.java
index 9619b44..c22e697 100644
--- a/core/src/main/java/org/jclouds/chef/internal/BaseChefService.java
+++ b/core/src/main/java/org/jclouds/chef/internal/BaseChefService.java
@@ -54,6 +54,7 @@
import org.jclouds.chef.strategy.ListEnvironments;
import org.jclouds.chef.strategy.ListNodes;
import org.jclouds.chef.strategy.UpdateAutomaticAttributesOnNode;
+import org.jclouds.crypto.Crypto;
import org.jclouds.domain.JsonBall;
import org.jclouds.io.Payloads;
import org.jclouds.io.payloads.RSADecryptingPayload;
@@ -90,6 +91,8 @@
private final ListEnvironments listEnvironments;
private final ListNodesInEnvironment listNodesInEnvironment;
private final Json json;
+ private final Crypto crypto;
+
@Resource
@Named(ChefProperties.CHEF_LOGGER)
protected Logger logger = Logger.NULL;
@@ -104,7 +107,7 @@
@Named(CHEF_BOOTSTRAP_DATABAG) String databag, GroupToBootScript groupToBootScript,
BootstrapConfigForGroup bootstrapConfigForGroup, RunListForGroup runListForGroup,
ListEnvironments listEnvironments, ListNodesInEnvironment listNodesInEnvironment,
- ListCookbookVersionsInEnvironment listCookbookVersionsInEnvironment, Json json) {
+ ListCookbookVersionsInEnvironment listCookbookVersionsInEnvironment, Json json, Crypto crypto) {
this.chefContext = checkNotNull(chefContext, "chefContext");
this.api = checkNotNull(api, "api");
this.cleanupStaleNodesAndClients = checkNotNull(cleanupStaleNodesAndClients, "cleanupStaleNodesAndClients");
@@ -126,6 +129,7 @@
this.listNodesInEnvironment = checkNotNull(listNodesInEnvironment, "listNodesInEnvironment");
this.listCookbookVersionsInEnvironment = checkNotNull(listCookbookVersionsInEnvironment, "listCookbookVersionsInEnvironment");
this.json = checkNotNull(json, "json");
+ this.crypto = checkNotNull(crypto, "crypto");
}
@Override
@@ -135,13 +139,13 @@
@Override
public byte[] encrypt(InputSupplier<? extends InputStream> supplier) throws IOException {
- return ByteStreams.toByteArray(new RSAEncryptingPayload(Payloads.newPayload(supplier.getInput()), privateKey
+ return ByteStreams.toByteArray(new RSAEncryptingPayload(crypto, Payloads.newPayload(supplier.getInput()), privateKey
.get()));
}
@Override
public byte[] decrypt(InputSupplier<? extends InputStream> supplier) throws IOException {
- return ByteStreams.toByteArray(new RSADecryptingPayload(Payloads.newPayload(supplier.getInput()), privateKey
+ return ByteStreams.toByteArray(new RSADecryptingPayload(crypto, Payloads.newPayload(supplier.getInput()), privateKey
.get()));
}
diff --git a/core/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java b/core/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java
index 0e6ca4a..bfba190 100644
--- a/core/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java
+++ b/core/src/test/java/org/jclouds/chef/filters/SignedHeaderAuthTest.java
@@ -28,6 +28,7 @@
import org.jclouds.ContextBuilder;
import org.jclouds.chef.ChefApiMetadata;
+import org.jclouds.crypto.Crypto;
import org.jclouds.domain.Credentials;
import org.jclouds.http.HttpRequest;
import org.jclouds.http.HttpUtils;
@@ -193,6 +194,7 @@
.modules(ImmutableSet.<Module> of(new MockModule(), new NullLoggingModule())).buildInjector();
HttpUtils utils = injector.getInstance(HttpUtils.class);
+ Crypto crypto = injector.getInstance(Crypto.class);
Supplier<PrivateKey> privateKey = injector.getInstance(Key.get(new TypeLiteral<Supplier<PrivateKey>>() {
}));
@@ -205,7 +207,7 @@
return TIMESTAMP_ISO8601;
}
- }, utils);
+ }, utils, crypto);
}
}
diff --git a/core/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java b/core/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java
index 671ff93..e8bebcb 100644
--- a/core/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java
+++ b/core/src/test/java/org/jclouds/chef/functions/ParseClientFromJsonTest.java
@@ -19,6 +19,7 @@
import static org.testng.Assert.assertEquals;
import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
@@ -29,6 +30,7 @@
import org.jclouds.chef.domain.Client;
import org.jclouds.crypto.Crypto;
import org.jclouds.crypto.Pems;
+import org.jclouds.encryption.internal.JCECrypto;
import org.jclouds.http.HttpResponse;
import org.jclouds.http.functions.ParseJson;
import org.jclouds.io.Payloads;
@@ -77,16 +79,16 @@
privateKey = crypto.rsaKeyFactory().generatePrivate(Pems.privateKeySpec(ByteSource.wrap(PRIVATE_KEY.getBytes(Charsets.UTF_8))));
}
- public void test() throws IOException {
+ public void test() throws IOException, CertificateException, NoSuchAlgorithmException {
Client user = Client.builder().certificate(certificate).orgname("jclouds").clientname("adriancole-jcloudstest")
.name("adriancole-jcloudstest").isValidator(false).privateKey(privateKey).build();
- byte[] encrypted = ByteStreams.toByteArray(new RSAEncryptingPayload(Payloads.newPayload("fooya"), user
+ byte[] encrypted = ByteStreams.toByteArray(new RSAEncryptingPayload(new JCECrypto(), Payloads.newPayload("fooya"), user
.getCertificate().getPublicKey()));
assertEquals(
- ByteStreams.toByteArray(new RSADecryptingPayload(Payloads.newPayload(encrypted), user.getPrivateKey())),
+ ByteStreams.toByteArray(new RSADecryptingPayload(new JCECrypto(), Payloads.newPayload(encrypted), user.getPrivateKey())),
"fooya".getBytes());
assertEquals(