Skip to content

Commit

Permalink
Merge pull request #3 from seryl/update-bouncyastle-152
Browse files Browse the repository at this point in the history 
[FIXED JENKINS-30110] Update bouncyastle 153
  • Loading branch information
@stephenc
stephenc committed Nov 3, 2015
2 parents 763d508 + ff01409 commit 2d47ae7
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 7 deletions.
4 changes: 2 additions & 2 deletions pom.xml
View file
Expand Up @@ -3,7 +3,7 @@
<parent>
<groupId>org.jenkins-ci.plugins</groupId>
<artifactId>plugin</artifactId>
<version>1.532.2</version>
<version>1.609.1</version>
</parent>

<groupId>org.jenkins-ci.modules</groupId>
Expand All @@ -29,7 +29,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.47</version>
<version>1.53</version>
</dependency>
</dependencies>
</project>
19 changes: 14 additions & 5 deletions src/main/java/org/jenkinsci/main/modules/instance_identity/InstanceIdentity.java
View file
Expand Up @@ -22,7 +22,10 @@
import jenkins.model.Jenkins;
import jenkins.security.CryptoConfidentialKey;
import org.apache.commons.io.FileUtils;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.PEMWriter;

/**
Expand Down Expand Up @@ -66,7 +69,7 @@ public InstanceIdentity(File keyFile) throws IOException {
}

private static KeyPair read(File keyFile, File oldKeyFile, KeyPairGenerator gen) throws IOException {
// a hack to work around a problem in PEMReader (or JCE, depending on how you look at it.)
// a hack to work around a problem in PEMParser (or JCE, depending on how you look at it.)
// I can't just pass in null as a provider --- JCE doesn't default to the default provider,
// but it chokes that I passed in null. Urgh.
byte[] enc;
Expand All @@ -78,7 +81,10 @@ private static KeyPair read(File keyFile, File oldKeyFile, KeyPairGenerator gen)
try {
enc = FileUtils.readFileToByteArray(keyFile);
in = new StringReader(new String(KEY.decrypt().doFinal(enc), "UTF-8"));
keyPair = (KeyPair) new PEMReader(in, null, provider).readObject();
PEMParser r = new PEMParser(in);
Object o = r.readObject();
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(provider);
keyPair = converter.getKeyPair((PEMKeyPair) o);
} catch (GeneralSecurityException x) {
LOGGER.log(Level.SEVERE, String.format("identity.key.enc is corrupted. Identity.key.enc will be deleted and a new one will be generated"), x);
return null;
Expand All @@ -88,14 +94,17 @@ private static KeyPair read(File keyFile, File oldKeyFile, KeyPairGenerator gen)
}
} else if (oldKeyFile != null) { //Get the Reader for oldKeyFile
in = new FileReader(oldKeyFile);
keyPair = (KeyPair) new PEMReader(in, null, provider).readObject();
PEMParser r = new PEMParser(in);
Object o = r.readObject();
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(provider);
keyPair = converter.getKeyPair((PEMKeyPair) o);
}
return keyPair;
}

private static void write(KeyPair keys, File keyFile) throws IOException {
StringWriter sw = new StringWriter();
PEMWriter w = new PEMWriter(sw, "SunJCE");
PEMWriter w = new PEMWriter(sw);
try {
w.writeObject(keys);
} finally {
Expand Down

0 comments on commit 2d47ae7

Please sign in to comment.