github certificate test

Author: joebertj

pom.xml

@@ -1,14 +1,15 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>prenda</groupId>
 	<artifactId>prenda</artifactId>
 	<version>0.1.4-SNAPSHOT</version>
 	<packaging>war</packaging>
 	<properties>
-    	<spring.version>4.1.9.RELEASE</spring.version>
-    	<spring.security.version>3.2.10.RELEASE</spring.security.version>
-    </properties>
+		<spring.version>4.1.9.RELEASE</spring.version>
+		<spring.security.version>3.2.10.RELEASE</spring.security.version>
+	</properties>
 	<dependencies>
 		<dependency>
 			<groupId>org.springframework</groupId>
@@ -66,9 +67,9 @@
 			<version>${spring.version}</version>
 		</dependency>
 		<dependency>
-    		<groupId>org.springframework</groupId>
-    		<artifactId>spring-webmvc</artifactId>
-    		<version>${spring.version}</version>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-webmvc</artifactId>
+			<version>${spring.version}</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework</groupId>
@@ -231,11 +232,6 @@
 			<artifactId>dom4j</artifactId>
 			<version>1.6.1</version>
 		</dependency>
-		<dependency>
-    		<groupId>com.lowagie</groupId>
-    		<artifactId>itext</artifactId>
-   			<version>2.1.7</version>
-		</dependency>
 		<dependency>
 			<groupId>xalan</groupId>
 			<artifactId>xalan</artifactId>
@@ -261,6 +257,25 @@
 			<artifactId>jasperreports</artifactId>
 			<version>5.6.1</version>
 		</dependency>
+		<dependency>
+			<groupId>com.lowagie</groupId>
+			<artifactId>itext</artifactId>
+			<version>2.1.7</version>
+			<exclusions>
+				<exclusion>
+					<groupId>bouncycastle</groupId>
+					<artifactId>bcmail-jdk14</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>bouncycastle</groupId>
+					<artifactId>bcprov-jdk14</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bctsp-jdk14</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
 		<dependency>
 			<groupId>jfree</groupId>
 			<artifactId>jfreechart</artifactId>
@@ -298,14 +313,34 @@
 			<version>1.3.1</version>
 		</dependency>
 		<dependency>
-    		<groupId>org.json</groupId>
-    		<artifactId>json</artifactId>
-    		<version>20180130</version>
+			<groupId>org.json</groupId>
+			<artifactId>json</artifactId>
+			<version>20180130</version>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt</artifactId>
+			<version>0.9.0</version>
+		</dependency>
+		<dependency>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bcpkix-jdk15on</artifactId>
+			<version>1.59</version>
+		</dependency>
+		<dependency>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bcprov-jdk15on</artifactId>
+			<version>1.59</version>
+		</dependency>
+		<dependency>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bcmail-jdk15on</artifactId>
+			<version>1.59</version>
 		</dependency>
 		<dependency>
-   			<groupId>io.jsonwebtoken</groupId>
-    		<artifactId>jjwt</artifactId>
-    		<version>0.9.0</version>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bctsp-jdk15on</artifactId>
+			<version>1.46</version>
 		</dependency>
 	</dependencies>
 	<profiles>

src/com/prenda/helper/GithubIssue.java

@@ -7,6 +7,7 @@
 import java.net.URL;
 import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
+import java.util.Base64;
 
 import org.apache.log4j.Logger;
 import org.json.JSONArray;
@@ -16,7 +17,7 @@ public class GithubIssue {
 
 	private static Logger log = Logger.getLogger(GithubIssue.class);
 
-	public int create(String title, String body, String username, String repo, String [] labels, String [] assignees) {
+	public int create(String title, String body, String username, String repo, String [] labels, String [] assignees, String token) {
 		int issue = 0;
 		if(exists(title,username,repo)) {
 			return issue;
@@ -48,12 +49,14 @@ public int create(String title, String body, String username, String repo, Strin
 			conn.setRequestProperty("charset", "utf-8");
 			conn.setRequestProperty("Content-Length", Integer.toString(postDataLength));
 			conn.setUseCaches(false);
-			/*Personal Access Token only
-			 * String encoded = Base64.getEncoder()
+			//Personal Access Token only
+			String encoded = Base64.getEncoder()
 					.encodeToString((username + ":" + token).getBytes(StandardCharsets.UTF_8));
-			conn.setRequestProperty("Authorization", "Basic " + encoded);*/
+			conn.setRequestProperty("Authorization", "Basic " + encoded);
+			/*
 			KeyUtil ku = new KeyUtil();
 			conn.setRequestProperty("Authorization", "Bearer " + ku.getJws());
+			*/
 			DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
 			wr.write(postData);
 			int responseCode = conn.getResponseCode();

src/com/prenda/helper/KeyUtil.java

@@ -1,45 +1,47 @@
 package com.prenda.helper;
 
-import java.io.DataInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.security.KeyFactory;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.Base64;
+import java.io.FileReader;
+import java.security.Key;
+import java.security.KeyPair;
 import java.util.Date;
 import java.util.GregorianCalendar;
 import java.util.Properties;
 
+import org.apache.log4j.Logger;
+import org.bouncycastle.openssl.PEMKeyPair;
+import org.bouncycastle.openssl.PEMParser;
+import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
+
 import com.prenda.servlet.RegisterOwner;
 
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
-import io.jsonwebtoken.impl.TextCodec;
 
 public class KeyUtil {
+	
+	private static Logger log = Logger.getLogger(KeyUtil.class);
 
 	public String getJws() {
 		String jws="";
 		try {
 			Properties props = new Properties();
 			props.load(RegisterOwner.class.getResourceAsStream("/env.properties"));
-			// String token = props.getProperty("github.token");
 			String path = props.getProperty("github.pem");
 			GregorianCalendar gc = new GregorianCalendar();
 			gc.add(GregorianCalendar.MINUTE, 10);
 			jws = Jwts.builder().setIssuer("10575").setIssuedAt(new Date()).setExpiration(gc.getTime())
-					.signWith(SignatureAlgorithm.RS256, getPemPrivateKey(path, "RSA")).compact();
-			
+					.signWith(SignatureAlgorithm.RS256, getPemPrivateKey(path, "BC")).compact();
+			log.info("jws: "+ jws);
 		} catch (Exception e) {
 			e.printStackTrace();
 		}
 		return jws;
 	}
 
-	public RSAPrivateKey getPemPrivateKey(String filename, String algorithm) {
-		RSAPrivateKey rSAPrivateKey = null;
+	public Key getPemPrivateKey(String filename, String provider) { 
+		Key key = null;
 		try {
+			/* PKCS8
 			File f = new File(filename);
 			FileInputStream fis = new FileInputStream(f);
 			DataInputStream dis = new DataInputStream(fis);
@@ -48,18 +50,24 @@ public RSAPrivateKey getPemPrivateKey(String filename, String algorithm) {
 			dis.close();
 
 			String temp = new String(keyBytes);
-			String privKeyPEM = temp.replace("-----BEGIN PRIVATE KEY-----\n", "");
-			privKeyPEM = privKeyPEM.replace("-----END PRIVATE KEY-----", "");
-			// System.out.println("Private key\n"+privKeyPEM);
+			String privKeyPEM = temp.replace("-----BEGIN RSA PRIVATE KEY-----\n", ""); //PCKS1 is -----BEGIN PRIVATE KEY-----\n
+			privKeyPEM = privKeyPEM.replace("-----END RSA PRIVATE KEY-----", ""); // //PCKS1 is -----END PRIVATE KEY-----
+			log.info("Private key\n"+privKeyPEM);
 
 			byte[] decoded = Base64.getDecoder().decode(privKeyPEM); // TextCodec.BASE64.decode(privKeyPEM); //
 
-			PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(decoded);
+			/*PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(decoded);
 			KeyFactory kf = KeyFactory.getInstance(algorithm);
-			rSAPrivateKey = (RSAPrivateKey) kf.generatePrivate(spec);
+			rSAPrivateKey = (RSAPrivateKey) kf.generatePrivate(spec);*/
+			
+			PEMParser pemParser = new PEMParser(new FileReader(filename));
+			JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(provider);
+			Object object = pemParser.readObject();
+			KeyPair kp = converter.getKeyPair((PEMKeyPair) object);
+			key = (Key) kp.getPrivate();
 		} catch (Exception e) {
 			e.printStackTrace();
 		}
-		return rSAPrivateKey;
+		return key;
 	}
 }

src/com/prenda/servlet/GlobalDefaultExceptionHandler.java

@@ -20,14 +20,14 @@ public ModelAndView defaultErrorHandler(HttpServletRequest request, Exception e)
 		String url = request.getRequestURL().toString();
 		String stackTrace ="";
 		for(StackTraceElement element: e.getStackTrace()) {
-			stackTrace += element.getClassName()+" "+element.getMethodName()+" "+element.getLineNumber() +"%0a";
+			stackTrace += element.getClassName()+" "+element.getMethodName()+" "+element.getLineNumber() +"<br/>";
 		}
 		mav.addObject("exception", exception);
 		mav.addObject("url", url);
 		String [] labels = {"bug"};
 		String [] assignees = {"joebertj"};
 		GithubIssue issue = new GithubIssue();
-		issue.create(url + " " + exception, stackTrace, "joebertj", "prenda", labels, assignees);
+		issue.create(url + " " + exception, stackTrace, "joebertj", "prenda", labels, assignees, "a3afb3526bbc4a2d5873024f056059d734f8005d");
 		return mav;
 	}
 

test/unit/com/prenda/GithubIssueTest.java

@@ -14,10 +14,10 @@ public void testCreate() {
 		String body = "body";
 		String [] label = {"bug"};
 		String [] assignees = {"joebertj"};
-		Assert.assertEquals(0, create(title,body,"joebertj","prenda",label,assignees));
+		Assert.assertEquals(0, create(title,body,"joebertj","prenda",label,assignees,"a3afb3526bbc4a2d5873024f056059d734f8005d"));
 		title = CustomPasswordGenerator.getPassword(32);
-		body = CustomPasswordGenerator.getPassword(32)+"\\n"+CustomPasswordGenerator.getPassword(32)+"%0a"+CustomPasswordGenerator.getPassword(32);
-		Assert.assertEquals(1, create(title,body,"joebertj","prenda",label,assignees));
+		body = CustomPasswordGenerator.getPassword(32)+"<br/>"+CustomPasswordGenerator.getPassword(32)+"<br/>"+CustomPasswordGenerator.getPassword(32);
+		Assert.assertEquals(1, create(title,body,"joebertj","prenda",label,assignees,"a3afb3526bbc4a2d5873024f056059d734f8005d"));
 	}
 
 	@Test