Property type is ignored when loading encryption keystore

[bberto]

Property encrypt.key-store.type is ignored when loading encryption keystore. The keystore type is retrieved from file extension (eg: .pkcs12).

Can be easily reproduced using these settings:

encrypt:
  key-store:
    type: PKCS12
    alias: encrypt
    location: classpath:encrypt.p12
    password: 123456

That leads to this exception:

java.lang.IllegalStateException: Cannot load keys from store: class path resource [encrypt.p12]
...
Caused by: java.security.KeyStoreException: p12 not found
...
Caused by: java.security.NoSuchAlgorithmException: p12 KeyStore not available

I think the root cause is here:

spring-cloud-commons/spring-cloud-context/src/main/java/org/springframework/cloud/bootstrap/encrypt/TextEncryptorUtils.java

Line 123 in 6ed50fc

new KeyStoreKeyFactory(keyStore.getLocation(), keyStore.getPassword().toCharArray())

and can be solved using a different KeyStoreKeyFactory constructor (including type as parameter):
https://github.com/dsyer/spring-security-rsa/blob/d194f8969083af6987904f05eaf12b2dbae642a7/src/main/java/org/springframework/security/rsa/crypto/KeyStoreKeyFactory.java#L52

[ryanjbaxter]

What version of Spring Cloud?

If you have a fix, would you be interested in contributing the fix?

[spring-cloud-issues]

If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.

[bberto]

Tester with 2020.0.2 release train.

PR provided