Merge pull request #12 from armfergom/JENKINS-35463

[JENKINS-35463] Use bouncycastle-api-plugin
jenkinsci · Jun 8, 2016 · 08cfe2e · 08cfe2e
2 parents 1b789b0 + 68628a1
commit 08cfe2e
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 58 deletions.
diff --git a/pom.xml b/pom.xml
@@ -95,11 +95,6 @@
       <artifactId>tomcat-apr</artifactId>
       <version>5.5.23</version>
     </dependency>
-    <dependency>
-      <groupId>org.bouncycastle</groupId>
-      <artifactId>bcpkix-jdk15on</artifactId>
-      <version>1.53</version>
-    </dependency>
     <dependency>
       <groupId>org.slf4j</groupId>
       <artifactId>slf4j-api</artifactId>
@@ -134,6 +129,11 @@
       <artifactId>ssh-credentials</artifactId>
       <version>1.11</version>
     </dependency>
+    <dependency>
+      <groupId>org.jenkins-ci.plugins</groupId>
+      <artifactId>bouncycastle-api</artifactId>
+      <version>1.0</version>
+    </dependency>
     <!-- jenkins dependencies -->
     <!-- test dependencies -->
     <dependency>

diff --git a/src/main/java/com/cloudbees/jenkins/plugins/sshagent/jna/JNRRemoteAgent.java b/src/main/java/com/cloudbees/jenkins/plugins/sshagent/jna/JNRRemoteAgent.java
@@ -27,17 +27,12 @@
 import com.cloudbees.jenkins.plugins.sshagent.Messages;
 import com.cloudbees.jenkins.plugins.sshagent.RemoteAgent;
 import hudson.model.TaskListener;
+import jenkins.bouncycastle.api.PEMEncodable;
+
 import java.io.File;
 import org.apache.sshd.common.util.SecurityUtils;
-import org.bouncycastle.openssl.PEMKeyPair;
-import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
-import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
-import org.bouncycastle.openssl.PEMEncryptedKeyPair;
-import org.bouncycastle.openssl.PEMDecryptorProvider;
-import org.bouncycastle.openssl.PEMParser;
 
 import java.io.IOException;
-import java.io.StringReader;
 import java.security.KeyPair;
 import javax.annotation.CheckForNull;
 
@@ -88,28 +83,8 @@ public void addIdentity(String privateKey, final String passphrase, String comme
             }
         }
         try {
-            PEMParser r = new PEMParser(new StringReader(privateKey));
+            KeyPair keyPair = PEMEncodable.decode(privateKey, passphrase == null ? null : passphrase.toCharArray()).toKeyPair();
-            JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
+            agent.getAgent().addIdentity(keyPair, comment);
-            PEMDecryptorProvider decryptionProv = new JcePEMDecryptorProviderBuilder().build(
-                passphrase == null ? null : passphrase.toCharArray());
-            try {
-                Object o = r.readObject();
-                KeyPair keyPair = null;
-
-                if (o instanceof PEMEncryptedKeyPair) {
-                    keyPair = converter.getKeyPair(
-                            ((PEMEncryptedKeyPair) o).decryptKeyPair(decryptionProv));
-                } else if (o instanceof PEMKeyPair) {
-                    keyPair = converter.getKeyPair((PEMKeyPair) o);
-                } else if (o instanceof KeyPair) {
-                    keyPair = ((KeyPair) o);
-                } else {
-                    throw new IOException(String.format("Unsupported key type: %s", o.getClass()));
-                }
-                agent.getAgent().addIdentity(keyPair, comment);
-            } finally {
-                r.close();
-            }
         } catch (Exception e) {
             listener.getLogger().println(Messages.SSHAgentBuildWrapper_UnableToReadKey(e.getMessage()));
             e.printStackTrace(listener.getLogger());

diff --git a/src/main/java/com/cloudbees/jenkins/plugins/sshagent/mina/MinaRemoteAgent.java b/src/main/java/com/cloudbees/jenkins/plugins/sshagent/mina/MinaRemoteAgent.java
@@ -27,17 +27,13 @@
 import com.cloudbees.jenkins.plugins.sshagent.Messages;
 import com.cloudbees.jenkins.plugins.sshagent.RemoteAgent;
 import hudson.model.TaskListener;
+import jenkins.bouncycastle.api.PEMEncodable;
+
 import org.apache.commons.io.IOUtils;
 import org.apache.sshd.agent.unix.AgentServer;
 import org.apache.sshd.common.util.SecurityUtils;
-import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
-import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
-import org.bouncycastle.openssl.PEMEncryptedKeyPair;
-import org.bouncycastle.openssl.PEMDecryptorProvider;
-import org.bouncycastle.openssl.PEMParser;
 
 import java.io.IOException;
-import java.io.StringReader;
 import java.security.KeyPair;
 
 /**
@@ -87,24 +83,8 @@ public void addIdentity(String privateKey, final String passphrase, String comme
             }
         }
         try {
-            PEMParser r = new PEMParser(new StringReader(privateKey));
+            KeyPair keyPair = PEMEncodable.decode(privateKey, passphrase == null ? null : passphrase.toCharArray()).toKeyPair();
-            JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
+            agent.getAgent().addIdentity(keyPair, comment);
-            PEMDecryptorProvider decryptionProv = new JcePEMDecryptorProviderBuilder().build(
-                passphrase == null ? null : passphrase.toCharArray());
-            try {
-                Object o = r.readObject();
-                KeyPair keyPair = null;
-
-                if (o instanceof PEMEncryptedKeyPair) {
-                    keyPair = converter.getKeyPair(
-                        ((PEMEncryptedKeyPair) o).decryptKeyPair(decryptionProv));
-                } else if (o instanceof KeyPair) {
-                    keyPair = ((KeyPair) o);
-                }
-                agent.getAgent().addIdentity(keyPair, comment);
-            } finally {
-                r.close();
-            }
         } catch (Exception e) {
             e.printStackTrace(listener.error(Messages.SSHAgentBuildWrapper_UnableToReadKey(e.getMessage())));
         }