You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@jclouds.apache.org by "Jaroslav Kylberger (JIRA)" <ji...@apache.org> on 2014/06/26 16:36:24 UTC
[jira] [Created] (JCLOUDS-617) Unable to use Chef API with JCE
provider with default RSA transformation padding other than PKCS1
Jaroslav Kylberger created JCLOUDS-617:
------------------------------------------
Summary: Unable to use Chef API with JCE provider with default RSA transformation padding other than PKCS1
Key: JCLOUDS-617
URL: https://issues.apache.org/jira/browse/JCLOUDS-617
Project: jclouds
Issue Type: Bug
Components: jclouds-chef
Affects Versions: 1.7.2
Reporter: Jaroslav Kylberger
Priority: Critical
After adding JSafe JCE povider to java.security I get HTTP response code 401 and the message "Invalid signature for user or client '<chefClient>'" from chef server when trying to connect using jclouds-chef api. The reason is that this provider generates the signature using RSA algortihm with different mode and/or padding that is used for decryption on chef server (and standard SunJCE). The generated signature is then considered bad by the chef server. The problem is in method org.jclouds.chef.filters.SignedHeaderAuth#sign which uses org.jclouds.io.payloads.RSAEncryptingPayload from jcloud-core. This class does not specify the mode and padding of RSA transformation and thus provider defaults are used.
--
This message was sent by Atlassian JIRA
(v6.2#6252)