tchekai704
/
src-spring-cloud-commons
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Allows more standard rsa private key for config values encryption (#323)

pull/329/head
Biju Kunjummen 7 years ago committed by Spencer Gibb
parent
fbabe7e3e9
commit
e77a3fd498
3 changed files with 53 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 37
      spring-cloud-context/src/main/java/org/springframework/cloud/context/encrypt/EncryptorFactory.java
  2. 13
      spring-cloud-context/src/test/java/org/springframework/cloud/bootstrap/encrypt/EncryptorFactoryTests.java
  3. 4
      spring-cloud-context/src/test/resources/example-test-rsa-private-key

37
spring-cloud-context/src/main/java/org/springframework/cloud/context/encrypt/EncryptorFactory.java
Unescape View File

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
/*
* Copyright 2013-2014 the original author or authors.
* Copyright 2013-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -15,13 +15,23 @@ @@ -15,13 +15,23 @@
*/
package org.springframework.cloud.context.encrypt;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.openssl.MiscPEMGenerator;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.util.io.pem.PemObjectGenerator;
import org.bouncycastle.util.io.pem.PemWriter;
import org.springframework.security.crypto.encrypt.Encryptors;
import org.springframework.security.crypto.encrypt.TextEncryptor;
import org.springframework.security.rsa.crypto.RsaSecretEncryptor;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
/**
* @author Dave Syer
*
* @author Biju Kunjummen
*/
public class EncryptorFactory {
@ -34,7 +44,8 @@ public class EncryptorFactory { @@ -34,7 +44,8 @@ public class EncryptorFactory {
if (data.contains("RSA PRIVATE KEY")) {
try {
encryptor = new RsaSecretEncryptor(data);
String normalizedPemData = normalizePem(data);
encryptor = new RsaSecretEncryptor(normalizedPemData.replaceAll("\\n", "").replaceAll("\\r", ""));
}
catch (IllegalArgumentException e) {
throw new KeyFormatException(e);
@ -51,6 +62,26 @@ public class EncryptorFactory { @@ -51,6 +62,26 @@ public class EncryptorFactory {
return encryptor;
}
private String normalizePem(String data) {
PEMParser pemParser = new PEMParser(new StringReader(data));
PEMKeyPair pemKeyPair = null;
try {
pemKeyPair = (PEMKeyPair) pemParser.readObject();
PrivateKeyInfo privateKeyInfo = pemKeyPair.getPrivateKeyInfo();
StringWriter textWriter = new StringWriter();
PemWriter pemWriter = new PemWriter(textWriter);
PemObjectGenerator pemObjectGenerator = new MiscPEMGenerator(privateKeyInfo);
pemWriter.writeObject(pemObjectGenerator);
pemWriter.flush();
return textWriter.toString();
}
catch (IOException e) {
throw new RuntimeException(e.getMessage(), e);
}
}
}

13
spring-cloud-context/src/test/java/org/springframework/cloud/bootstrap/encrypt/EncryptorFactoryTests.java
Unescape View File

@ -35,13 +35,18 @@ public class EncryptorFactoryTests { @@ -35,13 +35,18 @@ public class EncryptorFactoryTests {
String key = StreamUtils.copyToString(
new ClassPathResource("/example-test-rsa-private-key").getInputStream(),
Charset.forName("ASCII"));
//RSA private key needs to be with no new lines
//-----BEGIN RSA PRIVATE KEY-----MIIEowI....iX8htsO-----END RSA PRIVATE KEY-----
String keyNoNewLines = key.replaceAll("\\n", "");
TextEncryptor encryptor = new EncryptorFactory().create(keyNoNewLines);
TextEncryptor encryptor = new EncryptorFactory().create(key);
String toEncrypt = "sample text to encrypt";
String encrypted = encryptor.encrypt(toEncrypt);
assertEquals(toEncrypt, encryptor.decrypt(encrypted));
}
@Test(expected = RuntimeException.class)
public void testWithInvalidRsaPrivateKey() {
String key = "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIIEowIBAAKCAQEAwClFgrRa/PUHPIJr9gvIPL6g6Rjp/TVZmVNOf2fL96DYbkj5\n";
new EncryptorFactory().create(key);
}
}

4
spring-cloud-context/src/test/resources/example-test-rsa-private-key
Unescape View File

@ -1,8 +1,6 @@ @@ -1,8 +1,6 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAwClFgrRa/PUHPIJr9gvIPL6g6Rjp/TVZmVNOf2fL96DYbkj5
4YbrwfKwjoTjk1M6gLQpOA4Blocx6zN5OnICnVGlVM9xymWxTxxCfc2tE2Fai9I1
wchULCChhwm/UU5ZNi3KpXinlyamSYw+lMQkZ8gTXCgOEvs2j9E1quF4pvy1BZKv
bD8tUnUQlyiKRnI6gOxQL8B6OAYPRdaa9FVNmrs1B4eDPG918L2f1pT090P1n+tw
4YbrwfKwjoTjk1M6gLQpOA4Blocx6zN5OnICnVGlVM9xymWxTxxCfc2tE2Fai9I1wchULCChhwm/UU5ZNi3KpXinlyamSYw+lMQkZ8gTXCgOEvs2j9E1quF4pvy1BZKvbD8tUnUQlyiKRnI6gOxQL8B6OAYPRdaa9FVNmrs1B4eDPG918L2f1pT090P1n+tw
iejNgQvtSD78/A88qt89OhzscsufALTrBjycn89kkfBd0zbVLF0W6+ZVLZrf97/y
LCoGSCcZL9LFPNvNqxOnleviDco7aOs4stQ9jQIDAQABAoIBAQC1TbthyN0YUe+T
7dIDAbbZaVrU00biOtXgzjMADmTprP7Hf18UpIIIKfzfWw6FUD+gc1t4oe5pogE9

Write Preview
Loading…
Cancel
Save